+++ /dev/null
-/* Copyright (c) 1998,2011-2012,2014 Apple Inc. All Rights Reserved.
- *
- * NOTICE: USE OF THE MATERIALS ACCOMPANYING THIS NOTICE IS SUBJECT
- * TO THE TERMS OF THE SIGNED "FAST ELLIPTIC ENCRYPTION (FEE) REFERENCE
- * SOURCE CODE EVALUATION AGREEMENT" BETWEEN APPLE, INC. AND THE
- * ORIGINAL LICENSEE THAT OBTAINED THESE MATERIALS FROM APPLE,
- * INC. ANY USE OF THESE MATERIALS NOT PERMITTED BY SUCH AGREEMENT WILL
- * EXPOSE YOU TO LIABILITY.
- ***************************************************************************
- *
- * ckutilities.c - general C routines
- *
- * Revision History
- * ----------------
- * 10/06/98 ap
- * Changed to compile with C++.
- * 08 Apr 98 at Apple
- * Mods for variable size giantDigit.
- * Rewrote serializeGiant(), deserializeGiant() to conform to IEEE P1363.
- * 23 Mar 98 at Apple
- * Added FR_WrongSignatureType, FR_BadKeyBlob to frtnStrings.
- * Added initCryptKit().
- * 19 Jan 98 at Apple
- * Added cStringToUc()
- * 09 Jan 98 at Apple
- * Added non-FEE_DEBUG version of printGiantHex()
- * 27 Jan 97 at NeXT
- * Addd serializeGiant(), deserializeGiant; Deleted data_to_giant()
- * 12 Dec 96 at NeXT
- * Added byteRepTo{int,key,giant}().
- * 2 Aug 96 at NeXT
- * Broke out from Blaine Garst's original NSCryptors.m
- */
-
-#include "ckutilities.h"
-#include "falloc.h"
-#include "feeTypes.h"
-#include "feeDebug.h"
-#include "feeFunctions.h"
-#include "byteRep.h"
-#include "platform.h"
-#include "curveParams.h"
-#include <stdlib.h>
-#ifdef NeXT
-#include <libc.h>
-#include <stdio.h>
-#include <signal.h>
-#include <sgtty.h>
-#endif // NeXT
-
-/*
- * feeReturn strings.
- */
-typedef struct {
- feeReturn frtn;
- const char *frtnString;
-} frtnItem;
-
-static const frtnItem frtnStrings[] = {
-#ifndef NDEBUG
- { FR_Success, "Success" },
- { FR_BadPubKey, "Bad Public Key" },
- { FR_BadPubKeyString, "Bad Public Key String" },
- { FR_IncompatibleKey, "Incompatible key format" },
- { FR_IllegalDepth, "Illegal Depth" },
- { FR_BadUsageName, "Bad Usage Name" },
- { FR_BadSignatureFormat, "Bad Signature Format" },
- { FR_InvalidSignature, "Invalid Signature" },
- { FR_IllegalArg, "Illegal Argument" },
- { FR_BadCipherText, "Bad Ciphertext Format" },
- { FR_Unimplemented, "Unimplemented Function" },
- { FR_BadCipherFile, "Bad CipherFile Format" },
- { FR_BadEnc64, "Bad enc64 Format" },
- { FR_WrongSignatureType, "Wrong Signature Type" },
- { FR_BadKeyBlob, "Bad Key Blob" },
- { FR_IllegalCurve, "Bad curve type" },
- { FR_Internal, "Internal Library Error" },
- { FR_Memory, "Out of Memory" },
- { FR_ShortPrivData, "Insufficient Seed Data" },
-#endif /* NDEBUG */
- { (feeReturn) 0, NULL },
-};
-
-/*
- * One-time only init of CryptKit library.
- */
-void initCryptKit(void)
-{
- #if GIANTS_VIA_STACK
- curveParamsInitGiants();
- #endif
-}
-
-/*
- * Shutdown.
- */
-void terminateCryptKit(void)
-{
- #if GIANTS_VIA_STACK
- freeGiantStacks();
- #endif
-}
-
-/*
- * Create a giant, initialized with specified char[] data.
- */
-giant giant_with_data(const unsigned char *d, int len) {
- int numDigits = BYTES_TO_GIANT_DIGITS(len);
- giant result;
-
- result = newGiant(numDigits);
- deserializeGiant(d, result, len);
- return result;
-}
-
-/*
- * Obtain a malloc'd memory chunk init'd with specified giant's data.
- * Resulting bytes are portable. Size of malloc'd memory is always zero
- * mod GIANT_BYTES_PER_DIGIT.
- *
- * Calling this function for a giant obtained by giant_with_data() yields
- * the original data, with extra byte(s) of leading zeros if the original
- * was not zero mod GIANT_BYTES_PER_DIGIT.
- */
-unsigned char *mem_from_giant(giant g,
- unsigned *memLen) /* RETURNED size of malloc'd region */
-{
- unsigned char *cp;
- unsigned numDigits = (g->sign < 0) ? -g->sign : g->sign;
-
- *memLen = numDigits * GIANT_BYTES_PER_DIGIT;
- cp = (unsigned char*) fmalloc(*memLen);
- serializeGiant(g, cp, *memLen);
- return cp;
-}
-
-extern const char *feeReturnString(feeReturn frtn)
-{
- const frtnItem *fi = frtnStrings;
-
- while(fi->frtnString) {
- if(fi->frtn == frtn) {
- return fi->frtnString;
- }
- fi++;
- }
- return "Unknown Status";
-}
-
-#if FEE_DEBUG
-void printGiant(const giant x)
-{
- int i;
-
- printf("sign=%d cap=%d n[]=", x->sign, x->capacity);
- for(i=0; i<abs(x->sign); i++) {
- printf("%u:", x->n[i]);
- }
- printf("\n");
-}
-
-void printGiantHex(const giant x)
-{
- int i;
-
- printf("sign=%d cap=%d n[]=", x->sign, x->capacity);
- for(i=0; i<abs(x->sign); i++) {
- printf("%x:", x->n[i]);
- }
- printf("\n");
-}
-
-/*
- * Print in the form
- * sign=8 cap=16 n[]=29787 + 3452 * w^1 + 55260 * w^2 + ...
- */
-void printGiantExp(const giant x)
-{
- int i;
- int size = abs(x->sign);
-
- printf("sign=%d cap=%d n[]=", x->sign, x->capacity);
- for(i=0; i<size; i++) {
- printf("%u ", x->n[i]);
- if(i > 0) {
- printf("* w^%d ", i);
- }
- if(i<(size-1)) {
- printf("+ ");
- }
- }
- printf("\n");
-}
-
-void printKey(const key k)
-{
- printf(" twist %d\n", k->twist);
- printf(" x: ");
- printGiant(k->x);
-}
-
-void printCurveParams(const curveParams *p)
-{
- const char *pt;
- const char *ct;
-
- switch(p->primeType) {
- case FPT_Mersenne:
- pt = "FPT_Mersenne";
- break;
- case FPT_FEE:
- pt = "FPT_FEE";
- break;
- case FPT_General:
- pt = "FPT_General";
- break;
- default:
- pt = "UNKNOWN!";
- break;
- }
- switch(p->curveType) {
- case FCT_Montgomery:
- ct = "FCT_Montgomery";
- break;
- case FCT_Weierstrass:
- ct = "FCT_Weierstrass";
- break;
- case FCT_General:
- ct = "FCT_General";
- break;
- default:
- ct = "UNKNOWN!";
- break;
- }
- printf(" q %d k %d primeType %s curveType %s\n",
- p->q, p->k, pt, ct);
- printf(" minBytes %d maxDigits %d\n", p->minBytes, p->maxDigits);
- printf(" a : ");
- printGiant(p->a);
- printf(" b : ");
- printGiant(p->b);
- printf(" c : ");
- printGiant(p->c);
- printf(" basePrime : ");
- printGiant(p->basePrime);
- printf(" x1Plus : ");
- printGiant(p->x1Plus);
- printf(" x1Minus : ");
- printGiant(p->x1Minus);
- printf(" cOrderPlus : ");
- printGiant(p->cOrderPlus);
- printf(" cOrderMinus : ");
- printGiant(p->cOrderMinus);
- printf(" x1OrderPlus : ");
- printGiant(p->x1OrderPlus);
- printf(" x1OrderMinus: ");
- printGiant(p->x1OrderMinus);
-}
-#else
-void printGiant(const giant x) {}
-void printGiantHex(const giant x) {}
-void printGiantExp(const giant x) {}
-void printKey(const key k) {}
-void printCurveParams(const curveParams *p) {}
-
-#endif /* FEE_DEBUG */
-
-#if defined(NeXT) && !defined(WIN32)
-
-void getpassword(const char *prompt, char *pbuf)
-{
- struct sgttyb ttyb;
- int flags;
- register char *p;
- register int c;
- FILE *fi;
- void (*sig)(int);
-
- if ((fi = fdopen(open("/dev/tty", 2, 0), "r")) == NULL)
- fi = stdin;
- else
- setbuf(fi, (char *)NULL);
- sig = signal(SIGINT, SIG_IGN);
- ioctl(fileno(fi), TIOCGETP, &ttyb);
- flags = ttyb.sg_flags;
- ttyb.sg_flags &= ~ECHO;
- ioctl(fileno(fi), TIOCSETP, &ttyb);
- fprintf(stderr, "%s", prompt); fflush(stderr);
- for (p=pbuf; (c = getc(fi))!='\n' && c!=EOF;) {
- if (p < &pbuf[PHRASELEN-1])
- *p++ = c;
- }
- *p = '\0';
- fprintf(stderr, "\n"); fflush(stderr);
- ttyb.sg_flags = flags;
- ioctl(fileno(fi), TIOCSETP, &ttyb);
- (void)signal(SIGINT, sig);
- if (fi != stdin)
- fclose(fi);
-}
-#endif // NeXT
-
-/*
- * serialize, deserialize giants's n[] to/from byte stream.
- * First byte of byte stream is the MS byte of the resulting giant,
- * regardless of the size of giantDigit.
- *
- * No assumption is made about the alignment of cp.
- *
- * As of 7 Apr 1998, these routines are in compliance with IEEE P1363,
- * section 5.5.1, for the representation of a large integer as a byte
- * stream.
- */
-void serializeGiant(giant g,
- unsigned char *cp,
- unsigned numBytes)
-{
- unsigned digitDex;
- unsigned numDigits = BYTES_TO_GIANT_DIGITS(numBytes);
- giantDigit digit;
- unsigned char *ptr;
- unsigned digitByte;
- int size = abs(g->sign);
-
- if(numBytes == 0) {
- return;
- }
- if(numBytes > (g->capacity * GIANT_BYTES_PER_DIGIT)) {
- CKRaise("serializeGiant: CAPACITY EXCEEDED!\n");
- }
-
- /*
- * note we might be asked to write more than the valid number
- * if bytes in the giant in the case if truncated sign due to
- * zero M.S. digit(s)....
- */
-
- /*
- * zero out unused digits so we can infer sign during deserialize
- */
- for(digitDex=size; digitDex<numDigits; digitDex++) {
- g->n[digitDex] = 0;
- }
-
- /*
- * Emit bytes starting from l.s. byte. L.s. byte of the outgoing
- * data stream is *last*. L.s. digit of giant's digits is *first*.
- */
- digitDex = 0;
- ptr = &cp[numBytes - 1];
- do {
- /* one loop per giant digit */
- digit = g->n[digitDex++];
- for(digitByte=0; digitByte<GIANT_BYTES_PER_DIGIT; digitByte++) {
- /* one loop per byte in the digit */
- *ptr-- = (unsigned char)digit;
- if(--numBytes == 0) {
- break;
- }
- digit >>= 8;
- }
- } while(numBytes != 0);
-
-}
-
-/*
- * Resulting sign here is always positive; leading zeroes are reflected
- * in an altered g->sign.
- */
-void deserializeGiant(const unsigned char *cp,
- giant g,
- unsigned numBytes)
-{
- unsigned numDigits;
- giantDigit digit;
- int digitDex;
- unsigned digitByte;
- const unsigned char *ptr;
-
- if(numBytes == 0) {
- g->sign = 0;
- return;
- }
- numDigits = (numBytes + GIANT_BYTES_PER_DIGIT - 1) /
- GIANT_BYTES_PER_DIGIT;
- if(numBytes > (g->capacity * GIANT_BYTES_PER_DIGIT)) {
- CKRaise("deserializeGiant: CAPACITY EXCEEDED!\n");
- }
-
- /*
- * Start at l.s. byte. That's the end of the cp[] array and
- * the beginning of the giantDigit array.
- */
- digitDex = 0;
- ptr = &cp[numBytes - 1];
- do {
- /* one loop per digit */
- digit = 0;
- for(digitByte=0; digitByte<GIANT_BYTES_PER_DIGIT; digitByte++) {
- /* one loop per byte in the digit */
- digit |= (*ptr-- << (8 * digitByte));
- /* FIXME - shouldn't we update g->n before this break? */
- if(--numBytes == 0) {
- break;
- }
- }
- g->n[digitDex++] = digit;
- } while (numBytes != 0);
-
- /*
- * Infer sign from non-zero n[] elements
- */
- g->sign = numDigits;
- gtrimSign(g);
-}
-
projects / apple / security.git / blobdiff