+++ /dev/null
-/*
- * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
- *
- * The contents of this file constitute Original Code as defined in and are
- * subject to the Apple Public Source License Version 1.2 (the 'License').
- * You may not use this file except in compliance with the License. Please obtain
- * a copy of the License at http://www.apple.com/publicsource and read it before
- * using this file.
- *
- * This Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
- * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
- * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
- * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
- * specific language governing rights and limitations under the License.
- */
-
-
-/*
- * DH_exchange.cp - Diffie-Hellman key exchange
- */
-
-#include "DH_exchange.h"
-#include <Security/cssmerr.h>
-#include "DH_utils.h"
-#include "DH_keys.h"
-#include <strings.h>
-#include <opensslUtils/opensslUtils.h>
-
-void DeriveKey_DH (
- const Context &context,
- const CssmData &Param, // other's public key. may be empty
- CSSM_DATA *keyData, // mallocd by caller
- // we fill in keyData->Length bytes
- AppleCSPSession &session)
-{
- bool mallocdPrivKey;
- size_t privSize;
-
- /* private DH key from context - required */
- DH *privKey = contextToDhKey(context, session, CSSM_ATTRIBUTE_KEY,
- CSSM_KEYCLASS_PRIVATE_KEY, CSSM_KEYUSE_DERIVE, mallocdPrivKey);
- if(privKey == NULL) {
- CssmError::throwMe(CSSMERR_CSP_MISSING_ATTR_KEY);
- }
- cspDhDebug("DeriveKey_DH, privKey %p", privKey);
- privSize = DH_size(privKey);
- if(privSize < keyData->Length) {
- /* we've been asked for more bits than this key can generate */
- CssmError::throwMe(CSSMERR_CSP_UNSUPPORTED_KEY_SIZE);
- }
-
- /*
- * Public key ("their" key) can come from two places:
- * -- in the context as a CSSM_ATTRIBUTE_PUBLIC_KEY. This is how
- * public keys in X509 format must be used in this function
- * -- in the incoming Param, the raw unformatted (PKCS3) form
- */
- bool mallocdPubKey = false;
- BIGNUM *pubKeyBn = NULL;
- bool allocdPubKeyBn = false;
- DH *pubKey = contextToDhKey(context, session, CSSM_ATTRIBUTE_PUBLIC_KEY,
- CSSM_KEYCLASS_PUBLIC_KEY, CSSM_KEYUSE_DERIVE, mallocdPubKey);
- if(pubKey != NULL) {
- if(pubKey->pub_key == NULL) {
- errorLog0("DeriveKey_DH: public key in context with no pub_key\n");
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
- }
- pubKeyBn = pubKey->pub_key;
- cspDhDebug("DeriveKey_DH, pubKey from context %p", pubKey);
- }
- else {
- if((Param.Data == NULL) || (Param.Length == 0)) {
- errorLog0("DeriveKey_DH: no pub_key, no Param\n");
- CssmError::throwMe(CSSMERR_CSP_INVALID_KEY);
- }
- pubKeyBn = BN_bin2bn(Param.Data, (int)Param.Length, NULL);
- if(pubKeyBn == NULL) {
- CssmError::throwMe(CSSMERR_CSP_MEMORY_ERROR);
- }
- allocdPubKeyBn = true;
- cspDhDebug("DeriveKey_DH, no pubKey in context");
- }
- unsigned char *buf = (unsigned char *)session.malloc(privSize);
- int rtn = DH_compute_key(buf, pubKeyBn, privKey);
- if(rtn > 0) {
- /*
- * FIXME : I have not found a specification describing *which*
- * bytes of the value we just computed we are supposed to
- * use as the actual key bytes. We use the M.S. bytes.
- *
- * Note that due to modulo arithmetic, we may have gotten fewer
- * bytes than we asked for. If so, the caller will have
- * to deal with that if they really need privSize bytes.
- */
- assert((uint32)rtn <= privSize);
- CSSM_SIZE toMove = keyData->Length;
- if((uint32)rtn < toMove) {
- toMove = (uint32)rtn;
- }
- memmove(keyData->Data, buf, toMove);
- keyData->Length = toMove;
- }
- if(mallocdPrivKey) {
- DH_free(privKey);
- }
- if(mallocdPubKey) {
- DH_free(pubKey);
- }
- if(allocdPubKeyBn) {
- BN_free(pubKeyBn);
- }
- session.free(buf);
- if(rtn <= 0) {
- throwRsaDsa("DH_compute_key");
- }
-}
-
projects / apple / security.git / blobdiff