[apple/security.git] / sec / Security / vmdh.c

/*
 *  vmdh.c
 *  Security
 *
 *  Created by Michael Brouwer on 11/7/06.
 *  Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
 *
 */

/*!
	@header vmdh
	The functions provided in vmdh.h implement the crypto exchange required
    for a Diffie-Hellman voicemail exchange.
*/


#include "vmdh.h"
#include <CommonCrypto/CommonCryptor.h>
#include <utilities/debugging.h>
#include <string.h>
#include <Security/SecInternal.h>
#include <Security/SecDH.h>

vmdh_t vmdh_create(uint32_t g, const uint8_t *p, size_t p_len,
    const uint8_t *recip, size_t recip_len) {
	SecDHContext dh;
	if (SecDHCreate(g, p, p_len, 0/*l*/, recip, recip_len, &dh))
		return NULL;
	return (vmdh_t)dh;
}

bool vmdh_generate_key(vmdh_t vmdh, uint8_t *pub_key, size_t *pub_key_len) {
	return !SecDHGenerateKeypair((SecDHContext)vmdh, pub_key, pub_key_len);
}

bool vmdh_encrypt_password(vmdh_t vmdh,
	const uint8_t *pub_key, size_t pub_key_len,
    const uint8_t *pw, size_t pw_len, uint8_t *encpw, size_t *encpw_len) {
	uint8_t aes_key[kCCKeySizeAES128];
	size_t aes_key_len = kCCKeySizeAES128;

	if (SecDHComputeKey((SecDHContext)vmdh, pub_key, pub_key_len,
		aes_key, &aes_key_len)) {
		return false;
	}

    /* Use the first 16 bytes in aes_key as an AES key. */
	if (CCCrypt(kCCEncrypt, kCCAlgorithmAES128,
		kCCOptionPKCS7Padding, aes_key, kCCKeySizeAES128, NULL,
		pw, pw_len, encpw, *encpw_len, encpw_len)) {
		return false;
	}

	/* Zero out key material. */
	bzero(aes_key, kCCKeySizeAES128);

    return true;
}

void vmdh_destroy(vmdh_t vmdh) {
    return SecDHDestroy((SecDHContext)vmdh);
}
Commit	Line	Data
b1ab9ed8 A	1	/*
	2	* vmdh.c
	3	* Security
	4	*
	5	* Created by Michael Brouwer on 11/7/06.
	6	* Copyright (c) 2006-2007 Apple Inc. All Rights Reserved.
	7	*
	8	*/
	9
	10	/*!
	11	@header vmdh
	12	The functions provided in vmdh.h implement the crypto exchange required
	13	for a Diffie-Hellman voicemail exchange.
	14	*/
	15
	16
	17	#include "vmdh.h"
	18	#include <CommonCrypto/CommonCryptor.h>
427c49bc	19	#include <utilities/debugging.h>
b1ab9ed8 A	20	#include <string.h>
	21	#include <Security/SecInternal.h>
	22	#include <Security/SecDH.h>
	23
	24	vmdh_t vmdh_create(uint32_t g, const uint8_t *p, size_t p_len,
	25	const uint8_t *recip, size_t recip_len) {
	26	SecDHContext dh;
	27	if (SecDHCreate(g, p, p_len, 0/l/, recip, recip_len, &dh))
	28	return NULL;
	29	return (vmdh_t)dh;
	30	}
	31
	32	bool vmdh_generate_key(vmdh_t vmdh, uint8_t pub_key, size_t pub_key_len) {
	33	return !SecDHGenerateKeypair((SecDHContext)vmdh, pub_key, pub_key_len);
	34	}
	35
	36	bool vmdh_encrypt_password(vmdh_t vmdh,
	37	const uint8_t *pub_key, size_t pub_key_len,
	38	const uint8_t pw, size_t pw_len, uint8_t encpw, size_t *encpw_len) {
	39	uint8_t aes_key[kCCKeySizeAES128];
	40	size_t aes_key_len = kCCKeySizeAES128;
	41
	42	if (SecDHComputeKey((SecDHContext)vmdh, pub_key, pub_key_len,
	43	aes_key, &aes_key_len)) {
	44	return false;
	45	}
	46
	47	/* Use the first 16 bytes in aes_key as an AES key. */
	48	if (CCCrypt(kCCEncrypt, kCCAlgorithmAES128,
	49	kCCOptionPKCS7Padding, aes_key, kCCKeySizeAES128, NULL,
	50	pw, pw_len, encpw, *encpw_len, encpw_len)) {
	51	return false;
	52	}
	53
	54	/* Zero out key material. */
	55	bzero(aes_key, kCCKeySizeAES128);
	56
	57	return true;
	58	}
	59
	60	void vmdh_destroy(vmdh_t vmdh) {
	61	return SecDHDestroy((SecDHContext)vmdh);
	62	}