Security/libsecurity_ssl/lib/secCrypto.c

   1 /*
   2  * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*
  25  * secCrypto.c - interface between SSL and SecKey/SecDH interfaces.
  26  */
  27
  28 #include "secCrypto.h"
  29
  30 #include <Security/Security.h>
  31 #include <Security/SecKeyPriv.h>
  32 #include <AssertMacros.h>
  33
  34 /* Private Key operations */
  35 static
  36 SecAsn1Oid oidForSSLHash(SSL_HashAlgorithm hash)
  37 {
  38     switch (hash) {
  39         case SSL_HashAlgorithmSHA1:
  40             return CSSMOID_SHA1WithRSA;
  41         case SSL_HashAlgorithmSHA256:
  42             return CSSMOID_SHA256WithRSA;
  43         case SSL_HashAlgorithmSHA384:
  44             return CSSMOID_SHA384WithRSA;
  45         default:
  46             break;
  47     }
  48     // Internal error
  49     assert(0);
  50     // This guarantee failure down the line
  51     return CSSMOID_MD5WithRSA;
  52 }
  53
  54 static
  55 int mySSLPrivKeyRSA_sign(void *key, SSL_HashAlgorithm hash, const uint8_t *plaintext, size_t plaintextLen, uint8_t *sig, size_t *sigLen)
  56 {
  57     SecKeyRef keyRef = key;
  58
  59     if(hash == SSL_HashAlgorithmNone) {
  60         return SecKeyRawSign(keyRef, kSecPaddingPKCS1, plaintext, plaintextLen, sig, sigLen);
  61     } else {
  62         SecAsn1AlgId  algId;
  63         algId.algorithm = oidForSSLHash(hash);
  64         return SecKeySignDigest(keyRef, &algId, plaintext, plaintextLen, sig, sigLen);
  65     }
  66 }
  67
  68 static
  69 int mySSLPrivKeyRSA_decrypt(void *key, const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext, size_t *plaintextLen)
  70 {
  71     SecKeyRef keyRef = key;
  72
  73     return SecKeyDecrypt(keyRef, kSecPaddingPKCS1, ciphertext, ciphertextLen, plaintext, plaintextLen);
  74 }
  75
  76
  77