+++ /dev/null
-/*
- * Copyright (c) 2013-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-
-#include <Security/SecureObjectSync/SOSUserKeygen.h>
-#include <stdio.h>
-#include <corecrypto/ccrng.h>
-#include <corecrypto/ccrng_pbkdf2_prng.h>
-#include <corecrypto/ccec.h>
-#include <corecrypto/ccdigest.h>
-#include <corecrypto/ccsha2.h>
-#include <CommonCrypto/CommonRandomSPI.h>
-#include <Security/SecKey.h>
-#include <Security/SecKeyPriv.h>
-#include <Security/SecFramework.h>
-#include <utilities/SecCFWrappers.h>
-#include <utilities/SecCFRelease.h>
-#include <utilities/debugging.h>
-#include <Security/SecureObjectSync/SOSCloudCircle.h>
-#include <Security/SecureObjectSync/SOSInternal.h>
-#include <Security/SecureObjectSync/SOSAccount.h>
-#include <Security/SecFramework.h>
-#include <Security/SecItem.h>
-#include <utilities/der_plist.h>
-#include <utilities/der_plist_internal.h>
-
-#include <corecrypto/ccder.h>
-#include <Security/oidsalg.h>
-
-// A.2 PBKDF2
-//
-// The object identifier id-PBKDF2 identifies the PBKDF2 key derivation
-// function (Section 5.2).
-//
-// id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12}
-//
-// The parameters field associated with this OID in an
-// AlgorithmIdentifier shall have type PBKDF2-params:
-//
-// PBKDF2-params ::= SEQUENCE {
-// salt CHOICE {
-// specified OCTET STRING,
-// otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
-// },
-// iterationCount INTEGER (1..MAX),
-// keyLength INTEGER (1..MAX) OPTIONAL,
-// prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
-// algid-hmacWithSHA1 }
-//
-// The fields of type PKDF2-params have the following meanings:
-
-
-static size_t der_sizeof_SecAsn1Oid(const SecAsn1Oid* secasn_oid)
-{
- return ccder_sizeof(CCDER_OBJECT_IDENTIFIER, secasn_oid->Length);
-}
-
-static uint8_t *der_encode_SecAsn1Oid(const SecAsn1Oid* secasn_oid, const uint8_t *der, uint8_t *der_end)
-{
- return ccder_encode_tl(CCDER_OBJECT_IDENTIFIER, secasn_oid->Length, der,
- ccder_encode_body(secasn_oid->Length, secasn_oid->Data, der, der_end));
-}
-
-static const uint8_t *der_expect_SecAsn1Oid(const SecAsn1Oid* secasn_oid, const uint8_t *der, const uint8_t *der_end)
-{
- size_t len = 0;
- der = ccder_decode_tl(CCDER_OBJECT_IDENTIFIER, &len,
- der, der_end);
-
- if (secasn_oid->Length != len || memcmp(secasn_oid->Data, der, len) != 0)
- der = NULL;
- else
- der += len;
-
- return der;
-}
-
-static size_t der_sizeof_pbkdf2_params(size_t saltLen, const uint8_t *salt,
- unsigned long iterationCount,
- unsigned long keyLength)
-{
- size_t body_size = ccder_sizeof_raw_octet_string(saltLen)
- + ccder_sizeof_uint64(iterationCount)
- + ccder_sizeof_uint64(keyLength)
- + der_sizeof_SecAsn1Oid(&CSSMOID_PKCS5_HMAC_SHA1);
-
- return ccder_sizeof(CCDER_CONSTRUCTED_SEQUENCE, body_size);
-}
-
-static uint8_t *der_encode_pbkdf2_params(size_t saltLen, const uint8_t *salt,
- unsigned long iterationCount,
- unsigned long keyLength,
- const uint8_t *der, uint8_t *der_end)
-{
- uint8_t* original_der_end = der_end;
-
- return ccder_encode_constructed_tl(CCDER_CONSTRUCTED_SEQUENCE, original_der_end, der,
- ccder_encode_raw_octet_string(saltLen, salt, der,
- ccder_encode_uint64(iterationCount, der,
- ccder_encode_uint64(keyLength, der,
- der_encode_SecAsn1Oid(&CSSMOID_PKCS5_HMAC_SHA1, der, der_end)))));
-}
-
-static const uint8_t *der_decode_pbkdf2_params(size_t *saltLen, const uint8_t **salt,
- unsigned long *iterationCount,
- unsigned long *keyLength,
- const uint8_t *der, const uint8_t *der_end)
-{
- const uint8_t * body_end = NULL;
- der = ccder_decode_constructed_tl(CCDER_CONSTRUCTED_SEQUENCE, &body_end, der, der_end);
-
- if (body_end != der_end)
- der = NULL;
-
- size_t salt_size = 0;
- const uint8_t *salt_bytes = NULL;
-
- der = ccder_decode_tl(CCDER_OCTET_STRING, &salt_size, der, body_end);
- salt_bytes = der;
- der += salt_size;
-
- uint64_t iteration_count = 0;
- uint64_t key_len = 0;
- der = ccder_decode_uint64(&iteration_count, der, body_end);
- if (iteration_count > UINT32_MAX)
- der = NULL;
-
- der = ccder_decode_uint64(&key_len, der, body_end);
- if (key_len > UINT32_MAX)
- der = NULL;
-
- der = der_expect_SecAsn1Oid(&CSSMOID_PKCS5_HMAC_SHA1, der, body_end);
-
- if (der) {
- if (salt)
- *salt = salt_bytes;
- if (saltLen)
- *saltLen = salt_size;
- if (iterationCount)
- *iterationCount = (unsigned long)iteration_count;
- if (keyLength)
- *keyLength = (unsigned long) key_len;
- }
-
- return der;
-}
-
-
-static SecKeyRef ccec2SecKey(ccec_full_ctx_t fk)
-{
- size_t export_size = ccec_x963_export_size(1, fk);
- uint8_t export_keybytes[export_size];
- ccec_x963_export(1, export_keybytes, fk);
- CFDataRef exportedkey = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, export_keybytes, export_size, kCFAllocatorNull);
-
- CFDictionaryRef keyattributes = CFDictionaryCreateForCFTypes(kCFAllocatorDefault,
- kSecValueData, exportedkey,
- kSecAttrKeyType, kSecAttrKeyTypeEC,
- kSecAttrKeyClass, kSecAttrKeyClassPrivate,
- NULL);
-
- SecKeyRef retval = SecKeyCreateFromAttributeDictionary(keyattributes);
-
- CFRelease(keyattributes);
- CFRelease(exportedkey);
- bzero(export_keybytes, 0);
- return retval;
-}
-
-#define SALTMAX 16
-#define ITERATIONMIN 50000
-
-CFDataRef SOSUserKeyCreateGenerateParameters(CFErrorRef *error) {
- size_t saltlen = SALTMAX;
- uint8_t salt[saltlen];
-
- size_t iterations = ITERATIONMIN;
- size_t keysize = 256;
-
- if(CCRandomCopyBytes(kCCRandomDefault, salt, sizeof(salt)) != kCCSuccess) {
- SOSCreateError(kSOSErrorProcessingFailure, CFSTR("CCRandomCopyBytes failed"), NULL, error);
- return NULL;
- }
-
- CFMutableDataRef result = CFDataCreateMutable(kCFAllocatorDefault, 0);
- CFDataSetLength(result, der_sizeof_pbkdf2_params(saltlen, salt, iterations, keysize));
-
- uint8_t * encode = der_encode_pbkdf2_params(saltlen, salt, iterations, keysize,
- CFDataGetBytePtr(result),
- CFDataGetMutableBytePtr(result) + CFDataGetLength(result));
-
- if (!encode)
- CFReleaseNull(result);
-
- if (result) {
- secnotice("keygen", "Created new parameters: iterations %zd, keysize %zd: %@", iterations, keysize, result);
- }
-
- return result;
-}
-
-SecKeyRef SOSUserKeygen(CFDataRef password, CFDataRef parameters, CFErrorRef *error)
-{
- size_t saltlen;
- const uint8_t *salt = NULL;
-
- size_t iterations = 0;
- size_t keysize = 0;
-
- const uint8_t *der = CFDataGetBytePtr(parameters);
- const uint8_t *der_end = der + CFDataGetLength(parameters);
-
- der = der_decode_pbkdf2_params(&saltlen, &salt, &iterations, &keysize, der, der_end);
-
- if (der == NULL) {
- SOSCreateErrorWithFormat(kSOSErrorDecodeFailure, NULL, error, NULL,
- CFSTR("Bad paramter encoding, got: %@"), parameters);
- return NULL;
- }
- if (keysize != 256) {
- SOSCreateErrorWithFormat(kSOSErrorUnsupported, NULL, error, NULL,
- CFSTR("Key size not supported, requested %zd."), keysize);
- return NULL;
- }
- if (saltlen < 4) {
- SOSCreateErrorWithFormat(kSOSErrorUnsupported, NULL, error, NULL,
- CFSTR("Salt length not supported, requested %zd."), saltlen);
- return NULL;
- }
- if (iterations < ITERATIONMIN) {
- SOSCreateErrorWithFormat(kSOSErrorUnsupported, NULL, error, NULL,
- CFSTR("Too few iterations, params suggested %zd."), iterations);
- return NULL;
- }
-
- debugDumpUserParameters(CFSTR("params-keygen"), parameters);
-
-
- const uint8_t *password_bytes = CFDataGetBytePtr(password);
- size_t password_length = CFDataGetLength(password);
-
- const size_t maxbytes = 128;
-
- ccec_const_cp_t cp = ccec_get_cp(keysize);
- struct ccrng_pbkdf2_prng_state pbkdf2_prng;
-
- ccec_full_ctx_decl_cp(cp, tmpkey);
-
- secnotice("keygen", "Generating key for: iterations %zd, keysize %zd: %@", iterations, keysize, parameters);
-
- if (ccrng_pbkdf2_prng_init(&pbkdf2_prng, maxbytes,
- password_length, password_bytes,
- saltlen, salt,
- iterations)) {
- SOSCreateError(kSOSErrorProcessingFailure, CFSTR("prng init failed"), NULL, error);
- return NULL;
- }
-
- if (ccec_generate_key_legacy(cp, (struct ccrng_state *)&pbkdf2_prng, tmpkey)) {
- SOSCreateError(kSOSErrorProcessingFailure, CFSTR("Keygen failed"), NULL, error);
- return NULL;
- }
-
- return ccec2SecKey(tmpkey);
-}
-
-void debugDumpUserParameters(CFStringRef message, CFDataRef parameters)
-{
- size_t saltlen = 0;
- const uint8_t *salt = NULL;
-
- size_t iterations = 0;
- size_t keysize = 0;
-
- const uint8_t *der = CFDataGetBytePtr(parameters);
- const uint8_t *der_end = der + CFDataGetLength(parameters);
-
- der = der_decode_pbkdf2_params(&saltlen, &salt, &iterations, &keysize, der, der_end);
- if (der == NULL) {
- secnotice("keygen", "failed to decode pbkdf2 params");
- return;
- }
-
- BufferPerformWithHexString(salt, saltlen, ^(CFStringRef saltHex) {
- CFDataPerformWithHexString(parameters, ^(CFStringRef parametersHex) {
- secnotice("keygen", "%@ <Params: count: %zd, keysize: %zd, salt: %@, raw: %@>]", message, iterations, keysize, saltHex, parametersHex);
- });
- });
-}
-
-CF_RETURNS_RETAINED CFStringRef UserParametersDescription(CFDataRef parameters){
-
- __block CFStringRef description = NULL;
- CFErrorRef error = NULL;
- CFDataRef newParameters = NULL;
- SecKeyRef newKey = NULL;
-
- const uint8_t *parse_end = der_decode_cloud_parameters(kCFAllocatorDefault, kSecECDSAAlgorithmID,
- &newKey, &newParameters, &error,
- CFDataGetBytePtr(parameters), CFDataGetPastEndPtr(parameters));
-
- if (parse_end != CFDataGetPastEndPtr(parameters)){
- secnotice("keygen", "failed to decode cloud parameters");
- return NULL;
- }
-
- size_t saltlen = 0;
- const uint8_t *salt = NULL;
-
- size_t iterations = 0;
- size_t keysize = 0;
-
- const uint8_t *der = CFDataGetBytePtr(newParameters);
- const uint8_t *der_end = der + CFDataGetLength(newParameters);
-
- der = der_decode_pbkdf2_params(&saltlen, &salt, &iterations, &keysize, der, der_end);
- if (der == NULL) {
- secnotice("keygen", "failed to decode pbkdf2 params");
- return NULL;
- }
-
- BufferPerformWithHexString(salt, saltlen, ^(CFStringRef saltHex) {
- CFDataPerformWithHexString(newParameters, ^(CFStringRef parametersHex) {
- description = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("<Params: count: %zd, keysize: %zd, salt: %@, key: %@>"), iterations, keysize, saltHex, newKey);
- });
- });
-
- return description;
-}
-
projects / apple / security.git / blobdiff