+++ /dev/null
-/* Copyright (c) 1997,2003-2006,2008,2010,2013 Apple Inc.
- *
- * cspwrap.c - wrappers to simplify access to CDSA
- *
- * Revision History
- * ----------------
- * 3 May 2000 Doug Mitchell
- * Ported to X/CDSA2.
- * 12 Aug 1997 Doug Mitchell at Apple
- * Created.
- */
-
-#include <Security/cssmapple.h>
-#include <Security/cssm.h>
-#include "cspwrap.h"
-#include "common.h"
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-/* MCF hack */
-// #include <CarbonCore/MacTypes.h>
-#include <MacTypes.h>
-/* end MCF */
-
-#ifndef NULL
-#define NULL ((void *)0)
-#endif /* NULL */
-#ifndef MAX
-#define MAX(a,b) ((a > b) ? a : b)
-#define MIN(a,b) ((a < b) ? a : b)
-#endif
-
-#pragma mark --------- Key Generation ---------
-
-/*
- * Key generation
- */
-#define FEE_PRIV_DATA_SIZE 20
-/*
- * Debug/test only. BsafeCSP only (long since disabled, in Puma).
- * This results in quicker but less secure RSA key generation.
- */
-#define RSA_WEAK_KEYS 0
-
-/*
- * Force bad data in KeyData prior to generating, deriving, or
- * wrapping key to ensure that the CSP ignores incoming
- * KeyData.
- */
-static void setBadKeyData(
- CSSM_KEY_PTR key)
-{
- key->KeyData.Data = (uint8 *)0xeaaaeaaa; // bad ptr
- key->KeyData.Length = 1; // no key can fit here
-}
-
-/*
- * Generate key pair of arbitrary algorithm.
- * FEE keys will have random private data.
- */
-CSSM_RETURN cspGenKeyPair(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm,
- const char *keyLabel,
- unsigned keyLabelLen,
- uint32 keySize, // in bits
- CSSM_KEY_PTR pubKey, // mallocd by caller
- CSSM_BOOL pubIsRef, // true - reference key, false - data
- uint32 pubKeyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- CSSM_KEYBLOB_FORMAT pubFormat, // Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
- // to get the default format.
- CSSM_KEY_PTR privKey, // mallocd by caller
- CSSM_BOOL privIsRef, // true - reference key, false - data
- uint32 privKeyUsage, // CSSM_KEYUSE_DECRYPT, etc.
- CSSM_KEYBLOB_FORMAT privFormat, // optional 0 ==> default
- CSSM_BOOL genSeed) // FEE only. True: we generate seed and CSP
- // will hash it. False: CSP generates random
- // seed.
-{
- CSSM_RETURN crtn;
- CSSM_CC_HANDLE ccHand;
- CSSM_DATA privData = {0, NULL}; // mallocd for FEE
- CSSM_CRYPTO_DATA privCData;
- CSSM_CRYPTO_DATA_PTR privCDataPtr = NULL;
- CSSM_DATA keyLabelData;
- uint32 pubAttr;
- uint32 privAttr;
- CSSM_RETURN ocrtn = CSSM_OK;
-
- if(keySize == CSP_KEY_SIZE_DEFAULT) {
- keySize = cspDefaultKeySize(algorithm);
- }
-
- /* pre-context-create algorithm-specific stuff */
- switch(algorithm) {
- case CSSM_ALGID_FEE:
- if(genSeed) {
- /* cook up random privData */
- privData.Data = (uint8 *)CSSM_MALLOC(FEE_PRIV_DATA_SIZE);
- privData.Length = FEE_PRIV_DATA_SIZE;
- appGetRandomBytes(privData.Data, FEE_PRIV_DATA_SIZE);
- privCData.Param = privData;
- privCData.Callback = NULL;
- privCDataPtr = &privCData;
- }
- /* else CSP generates random seed/key */
- break;
- case CSSM_ALGID_RSA:
- break;
- case CSSM_ALGID_DSA:
- break;
- case CSSM_ALGID_ECDSA:
- break;
- default:
- printf("cspGenKeyPair: Unknown algorithm\n");
- /* but what the hey */
- privCDataPtr = NULL;
- break;
- }
- keyLabelData.Data = (uint8 *)keyLabel,
- keyLabelData.Length = keyLabelLen;
- memset(pubKey, 0, sizeof(CSSM_KEY));
- memset(privKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(pubKey);
- setBadKeyData(privKey);
-
- crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
- algorithm,
- keySize,
- privCDataPtr, // Seed
- NULL, // Salt
- NULL, // StartDate
- NULL, // EndDate
- NULL, // Params
- &ccHand);
- if(crtn) {
- printError("CSSM_CSP_CreateKeyGenContext", crtn);
- ocrtn = crtn;
- goto abort;
- }
- /* cook up attribute bits */
- if(pubIsRef) {
- pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
- if(privIsRef) {
- privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
-
- /* post-context-create algorithm-specific stuff */
- switch(algorithm) {
- case CSSM_ALGID_RSA:
-
- #if RSA_WEAK_KEYS
- {
- /* for testing, speed up key gen by using the
- * undocumented "CUSTOM" key gen mode. This
- * results in the CSP using AI_RsaKeyGen instead of
- * AI_RSAStrongKeyGen.
- */
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_MODE,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- CSSM_ALGMODE_CUSTOM);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- return crtn;
- }
- }
- #endif // RSA_WEAK_KEYS
- break;
-
- case CSSM_ALGID_DSA:
- /*
- * extra step - generate params - this just adds some
- * info to the context
- */
- {
- CSSM_DATA dummy = {0, NULL};
- crtn = CSSM_GenerateAlgorithmParams(ccHand,
- keySize, &dummy);
- if(crtn) {
- printError("CSSM_GenerateAlgorithmParams", crtn);
- return crtn;
- }
- appFreeCssmData(&dummy, CSSM_FALSE);
- }
- break;
- default:
- break;
- }
-
- /* optional format specifiers */
- if(!pubIsRef && (pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- pubFormat);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
- return crtn;
- }
- }
- if(!privIsRef && (privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
- sizeof(uint32), // currently sizeof CSSM_DATA
- CAT_Uint32,
- NULL,
- privFormat);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
- return crtn;
- }
- }
- crtn = CSSM_GenerateKeyPair(ccHand,
- pubKeyUsage,
- pubAttr,
- &keyLabelData,
- pubKey,
- privKeyUsage,
- privAttr,
- &keyLabelData, // same labels
- NULL, // CredAndAclEntry
- privKey);
- if(crtn) {
- printError("CSSM_GenerateKeyPair", crtn);
- ocrtn = crtn;
- goto abort;
- }
- /* basic checks...*/
- if(privIsRef) {
- if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("privKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- else {
- switch(privKey->KeyHeader.BlobType) {
- case CSSM_KEYBLOB_RAW:
- break;
- default:
- printf("privKey blob type: exp raw, got %u\n",
- (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- if(pubIsRef) {
- if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("pubKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- else {
- switch(pubKey->KeyHeader.BlobType) {
- case CSSM_KEYBLOB_RAW:
- break;
- default:
- printf("pubKey blob type: exp raw or raw_berder, got %u\n",
- (unsigned)pubKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
-abort:
- if(ccHand != 0) {
- crtn = CSSM_DeleteContext(ccHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- }
- }
- if(privData.Data != NULL) {
- CSSM_FREE(privData.Data);
- }
- return ocrtn;
-}
-
-/*
- * Generate FEE key pair with optional primeType, curveType, and seed (password) data.
- */
-CSSM_RETURN cspGenFEEKeyPair(CSSM_CSP_HANDLE cspHand,
- const char *keyLabel,
- unsigned keyLabelLen,
- uint32 keySize, // in bits
- uint32 primeType, // CSSM_FEE_PRIME_TYPE_MERSENNE, etc.
- uint32 curveType, // CSSM_FEE_CURVE_TYPE_MONTGOMERY, etc.
- CSSM_KEY_PTR pubKey, // mallocd by caller
- CSSM_BOOL pubIsRef, // true - reference key, false - data
- uint32 pubKeyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- CSSM_KEYBLOB_FORMAT pubFormat, // Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
- // to get the default format.
- CSSM_KEY_PTR privKey, // mallocd by caller
- CSSM_BOOL privIsRef, // true - reference key, false - data
- uint32 privKeyUsage, // CSSM_KEYUSE_DECRYPT, etc.
- CSSM_KEYBLOB_FORMAT privFormat, // optional 0 ==> default
- const CSSM_DATA *seedData) // Present: CSP will hash this for private data.
- // NULL: CSP generates random seed.
-{
- CSSM_RETURN crtn;
- CSSM_CC_HANDLE ccHand;
- CSSM_CRYPTO_DATA privCData;
- CSSM_CRYPTO_DATA_PTR privCDataPtr = NULL;
- CSSM_DATA keyLabelData;
- uint32 pubAttr;
- uint32 privAttr;
- CSSM_RETURN ocrtn = CSSM_OK;
-
- /* pre-context-create algorithm-specific stuff */
- if(seedData) {
- privCData.Param = *((CSSM_DATA_PTR)seedData);
- privCData.Callback = NULL;
- privCDataPtr = &privCData;
- }
- /* else CSP generates random seed/key */
-
- if(keySize == CSP_KEY_SIZE_DEFAULT) {
- keySize = CSP_FEE_KEY_SIZE_DEFAULT;
- }
-
- keyLabelData.Data = (uint8 *)keyLabel,
- keyLabelData.Length = keyLabelLen;
- memset(pubKey, 0, sizeof(CSSM_KEY));
- memset(privKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(pubKey);
- setBadKeyData(privKey);
-
- crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
- CSSM_ALGID_FEE,
- keySize,
- privCDataPtr, // Seed
- NULL, // Salt
- NULL, // StartDate
- NULL, // EndDate
- NULL, // Params
- &ccHand);
- if(crtn) {
- printError("CSSM_CSP_CreateKeyGenContext", crtn);
- ocrtn = crtn;
- goto abort;
- }
- /* cook up attribute bits */
- if(pubIsRef) {
- pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
- if(privIsRef) {
- privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
-
- /* optional post-context-create stuff */
- if(primeType != CSSM_FEE_PRIME_TYPE_DEFAULT) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_FEE_PRIME_TYPE,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- primeType);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_FEE_PRIME_TYPE)", crtn);
- return crtn;
- }
- }
- if(curveType != CSSM_FEE_CURVE_TYPE_DEFAULT) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_FEE_CURVE_TYPE,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- curveType);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_FEE_CURVE_TYPE)", crtn);
- return crtn;
- }
- }
-
- if(pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- pubFormat);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
- return crtn;
- }
- }
- if(privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
- sizeof(uint32), // currently sizeof CSSM_DATA
- CAT_Uint32,
- NULL,
- pubFormat);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
- return crtn;
- }
- }
- crtn = CSSM_GenerateKeyPair(ccHand,
- pubKeyUsage,
- pubAttr,
- &keyLabelData,
- pubKey,
- privKeyUsage,
- privAttr,
- &keyLabelData, // same labels
- NULL, // CredAndAclEntry
- privKey);
- if(crtn) {
- printError("CSSM_GenerateKeyPair", crtn);
- ocrtn = crtn;
- goto abort;
- }
- /* basic checks...*/
- if(privIsRef) {
- if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("privKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- else {
- switch(privKey->KeyHeader.BlobType) {
- case CSSM_KEYBLOB_RAW:
- break;
- default:
- printf("privKey blob type: exp raw, got %u\n",
- (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- if(pubIsRef) {
- if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("pubKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- else {
- switch(pubKey->KeyHeader.BlobType) {
- case CSSM_KEYBLOB_RAW:
- break;
- default:
- printf("pubKey blob type: exp raw or raw_berder, got %u\n",
- (unsigned)pubKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
-abort:
- if(ccHand != 0) {
- crtn = CSSM_DeleteContext(ccHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- }
- }
- return ocrtn;
-}
-
-/*
- * Generate DSA key pair with optional generateAlgParams and optional
- * incoming parameters.
- */
-CSSM_RETURN cspGenDSAKeyPair(CSSM_CSP_HANDLE cspHand,
- const char *keyLabel,
- unsigned keyLabelLen,
- uint32 keySize, // in bits
- CSSM_KEY_PTR pubKey, // mallocd by caller
- CSSM_BOOL pubIsRef, // true - reference key, false - data
- uint32 pubKeyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- CSSM_KEYBLOB_FORMAT pubFormat, // Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
- // to get the default format.
- CSSM_KEY_PTR privKey, // mallocd by caller
- CSSM_BOOL privIsRef, // true - reference key, false - data
- uint32 privKeyUsage, // CSSM_KEYUSE_DECRYPT, etc.
- CSSM_KEYBLOB_FORMAT privFormat, // Optional. Specify 0 or CSSM_KEYBLOB_RAW_FORMAT_NONE
- // to get the default format.
- CSSM_BOOL genParams,
- CSSM_DATA_PTR paramData) // optional
-{
- CSSM_RETURN crtn;
- CSSM_CC_HANDLE ccHand;
- CSSM_DATA keyLabelData;
- uint32 pubAttr;
- uint32 privAttr;
- CSSM_RETURN ocrtn = CSSM_OK;
-
- if(keySize == CSP_KEY_SIZE_DEFAULT) {
- keySize = CSP_DSA_KEY_SIZE_DEFAULT;
- }
- keyLabelData.Data = (uint8 *)keyLabel,
- keyLabelData.Length = keyLabelLen;
- memset(pubKey, 0, sizeof(CSSM_KEY));
- memset(privKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(pubKey);
- setBadKeyData(privKey);
-
- crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
- CSSM_ALGID_DSA,
- keySize,
- NULL, // Seed
- NULL, // Salt
- NULL, // StartDate
- NULL, // EndDate
- paramData,
- &ccHand);
- if(crtn) {
- printError("CSSM_CSP_CreateKeyGenContext", crtn);
- ocrtn = crtn;
- goto abort;
- }
-
- /* cook up attribute bits */
- if(pubIsRef) {
- pubAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- pubAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
- if(privIsRef) {
- privAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- privAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
-
- if(genParams) {
- /*
- * extra step - generate params - this just adds some
- * info to the context
- */
- CSSM_DATA dummy = {0, NULL};
- crtn = CSSM_GenerateAlgorithmParams(ccHand,
- keySize, &dummy);
- if(crtn) {
- printError("CSSM_GenerateAlgorithmParams", crtn);
- return crtn;
- }
- appFreeCssmData(&dummy, CSSM_FALSE);
- }
-
- /* optional format specifiers */
- if(!pubIsRef && (pubFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- pubFormat);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT)", crtn);
- return crtn;
- }
- }
- if(!privIsRef && (privFormat != CSSM_KEYBLOB_RAW_FORMAT_NONE)) {
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT,
- sizeof(uint32), // currently sizeof CSSM_DATA
- CAT_Uint32,
- NULL,
- privFormat);
- if(crtn) {
- printError("AddContextAttribute(CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT)", crtn);
- return crtn;
- }
- }
-
- crtn = CSSM_GenerateKeyPair(ccHand,
- pubKeyUsage,
- pubAttr,
- &keyLabelData,
- pubKey,
- privKeyUsage,
- privAttr,
- &keyLabelData, // same labels
- NULL, // CredAndAclEntry
- privKey);
- if(crtn) {
- printError("CSSM_GenerateKeyPair", crtn);
- ocrtn = crtn;
- goto abort;
- }
- /* basic checks...*/
- if(privIsRef) {
- if(privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("privKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- else {
- switch(privKey->KeyHeader.BlobType) {
- case CSSM_KEYBLOB_RAW:
- break;
- default:
- printf("privKey blob type: exp raw, got %u\n",
- (unsigned)privKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- if(pubIsRef) {
- if(pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE) {
- printf("pubKey blob type: exp %u got %u\n",
- CSSM_KEYBLOB_REFERENCE, (unsigned)pubKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
- else {
- switch(pubKey->KeyHeader.BlobType) {
- case CSSM_KEYBLOB_RAW:
- break;
- default:
- printf("pubKey blob type: exp raw or raw_berder, got %u\n",
- (unsigned)pubKey->KeyHeader.BlobType);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- goto abort;
- }
- }
-abort:
- if(ccHand != 0) {
- crtn = CSSM_DeleteContext(ccHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = CSSM_ERRCODE_INTERNAL_ERROR;
- }
- }
- return ocrtn;
-}
-
-
-uint32 cspDefaultKeySize(uint32 alg)
-{
- uint32 keySizeInBits;
- switch(alg) {
- case CSSM_ALGID_DES:
- keySizeInBits = CSP_DES_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_3DES_3KEY:
- case CSSM_ALGID_DESX:
- keySizeInBits = CSP_DES3_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_RC2:
- keySizeInBits = CSP_RC2_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_RC4:
- keySizeInBits = CSP_RC4_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_RC5:
- keySizeInBits = CSP_RC5_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_ASC:
- keySizeInBits = CSP_ASC_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_BLOWFISH:
- keySizeInBits = CSP_BFISH_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_CAST:
- keySizeInBits = CSP_CAST_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_IDEA:
- keySizeInBits = CSP_IDEA_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_AES:
- keySizeInBits = CSP_AES_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_SHA1HMAC:
- keySizeInBits = CSP_HMAC_SHA_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_MD5HMAC:
- keySizeInBits = CSP_HMAC_MD5_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_FEE:
- keySizeInBits = CSP_FEE_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_RSA:
- keySizeInBits = CSP_RSA_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_DSA:
- keySizeInBits = CSP_DSA_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_ECDSA:
- keySizeInBits = CSP_ECDSA_KEY_SIZE_DEFAULT;
- break;
- case CSSM_ALGID_NONE:
- keySizeInBits = CSP_NULL_CRYPT_KEY_SIZE_DEF;
- break;
- default:
- printf("***cspDefaultKeySize: Unknown symmetric algorithm\n");
- keySizeInBits = 0;
- break;
- }
- return keySizeInBits;
-}
-
-/*
- * Create a random symmetric key.
- */
-CSSM_KEY_PTR cspGenSymKey(CSSM_CSP_HANDLE cspHand,
- uint32 alg,
- const char *keyLabel,
- unsigned keyLabelLen,
- uint32 keyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- uint32 keySizeInBits,
- CSSM_BOOL refKey)
-{
- CSSM_KEY_PTR symKey = (CSSM_KEY_PTR)CSSM_MALLOC(sizeof(CSSM_KEY));
- CSSM_RETURN crtn;
- CSSM_CC_HANDLE ccHand;
- uint32 keyAttr;
- CSSM_DATA dummyLabel;
-
- if(symKey == NULL) {
- printf("Insufficient heap space\n");
- return NULL;
- }
- memset(symKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(symKey);
- if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
- keySizeInBits = cspDefaultKeySize(alg);
- }
- crtn = CSSM_CSP_CreateKeyGenContext(cspHand,
- alg,
- keySizeInBits, // keySizeInBits
- NULL, // Seed
- NULL, // Salt
- NULL, // StartDate
- NULL, // EndDate
- NULL, // Params
- &ccHand);
- if(crtn) {
- printError("CSSM_CSP_CreateKeyGenContext", crtn);
- goto errorOut;
- }
- if(refKey) {
- keyAttr = CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE;
- }
- else {
- keyAttr = CSSM_KEYATTR_RETURN_DATA | CSSM_KEYATTR_EXTRACTABLE;
- }
- dummyLabel.Length = keyLabelLen;
- dummyLabel.Data = (uint8 *)keyLabel;
-
- crtn = CSSM_GenerateKey(ccHand,
- keyUsage,
- keyAttr,
- &dummyLabel,
- NULL, // ACL
- symKey);
- if(crtn) {
- printError("CSSM_GenerateKey", crtn);
- goto errorOut;
- }
- crtn = CSSM_DeleteContext(ccHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- goto errorOut;
- }
- return symKey;
-errorOut:
- CSSM_FREE(symKey);
- return NULL;
-}
-
-/*
- * Derive symmetric key.
- * Note in the X CSP, we never return an IV.
- */
-CSSM_KEY_PTR cspDeriveKey(CSSM_CSP_HANDLE cspHand,
- uint32 deriveAlg, // CSSM_ALGID_PKCS5_PBKDF2, etc.
- uint32 keyAlg, // CSSM_ALGID_RC5, etc.
- const char *keyLabel,
- unsigned keyLabelLen,
- uint32 keyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- uint32 keySizeInBits,
- CSSM_BOOL isRefKey,
- CSSM_DATA_PTR password, // in PKCS-5 lingo
- CSSM_DATA_PTR salt, // ditto
- uint32 iterationCnt, // ditto
- CSSM_DATA_PTR initVector) // mallocd & RETURNED
-{
- CSSM_KEY_PTR symKey = (CSSM_KEY_PTR)
- CSSM_MALLOC(sizeof(CSSM_KEY));
- CSSM_RETURN crtn;
- CSSM_CC_HANDLE ccHand;
- uint32 keyAttr;
- CSSM_DATA dummyLabel;
- CSSM_PKCS5_PBKDF2_PARAMS pbeParams;
- CSSM_DATA pbeData;
- CSSM_ACCESS_CREDENTIALS creds;
-
- if(symKey == NULL) {
- printf("Insufficient heap space\n");
- return NULL;
- }
- memset(symKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(symKey);
- memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
- if(keySizeInBits == CSP_KEY_SIZE_DEFAULT) {
- keySizeInBits = cspDefaultKeySize(keyAlg);
- }
- crtn = CSSM_CSP_CreateDeriveKeyContext(cspHand,
- deriveAlg,
- keyAlg,
- keySizeInBits,
- &creds,
- NULL, // BaseKey
- iterationCnt,
- salt,
- NULL, // seed
- &ccHand);
- if(crtn) {
- printError("CSSM_CSP_CreateDeriveKeyContext", crtn);
- goto errorOut;
- }
- keyAttr = CSSM_KEYATTR_EXTRACTABLE;
- if(isRefKey) {
- keyAttr |= (CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_SENSITIVE);
- }
- else {
- keyAttr |= CSSM_KEYATTR_RETURN_DATA;
- }
- dummyLabel.Length = keyLabelLen;
- dummyLabel.Data = (uint8 *)keyLabel;
-
- /* passing in password is pretty strange....*/
- pbeParams.Passphrase = *password;
- pbeParams.PseudoRandomFunction =
- CSSM_PKCS5_PBKDF2_PRF_HMAC_SHA1;
- pbeData.Data = (uint8 *)&pbeParams;
- pbeData.Length = sizeof(pbeParams);
- crtn = CSSM_DeriveKey(ccHand,
- &pbeData,
- keyUsage,
- keyAttr,
- &dummyLabel,
- NULL, // cred and acl
- symKey);
- if(crtn) {
- printError("CSSM_DeriveKey", crtn);
- goto errorOut;
- }
- /* copy IV back to caller */
- /* Nope, not supported */
- #if 0
- if(pbeParams.InitVector.Data != NULL) {
- if(initVector->Data != NULL) {
- if(initVector->Length < pbeParams.InitVector.Length) {
- printf("***Insufficient InitVector\n");
- goto errorOut;
- }
- }
- else {
- initVector->Data =
- (uint8 *)CSSM_MALLOC(pbeParams.InitVector.Length);
- }
- memmove(initVector->Data, pbeParams.InitVector.Data,
- pbeParams.InitVector.Length);
- initVector->Length = pbeParams.InitVector.Length;
- CSSM_FREE(pbeParams.InitVector.Data);
- }
- else {
- printf("***Warning: CSSM_DeriveKey, no InitVector\n");
- }
- #endif
- crtn = CSSM_DeleteContext(ccHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- goto errorOut;
- }
- return symKey;
-errorOut:
- CSSM_FREE(symKey);
- return NULL;
-}
-
-/*
- * Cook up a symmetric key with specified key bits and other
- * params. Currently the CSPDL can only deal with reference keys except when
- * doing wrap/unwrap, so we manually cook up a raw key, then we null-unwrap it.
- */
-CSSM_RETURN cspGenSymKeyWithBits(
- CSSM_CSP_HANDLE cspHand,
- CSSM_ALGORITHMS keyAlg,
- CSSM_KEYUSE keyUsage,
- const CSSM_DATA *keyBits,
- unsigned keySizeInBytes,
- CSSM_KEY_PTR refKey) // init'd and RETURNED
-{
- CSSM_KEY rawKey;
- CSSM_KEYHEADER_PTR hdr = &rawKey.KeyHeader;
- CSSM_RETURN crtn;
-
- /* set up a raw key the CSP will accept */
- memset(&rawKey, 0, sizeof(CSSM_KEY));
- hdr->HeaderVersion = CSSM_KEYHEADER_VERSION;
- hdr->BlobType = CSSM_KEYBLOB_RAW;
- hdr->Format = CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING;
- hdr->AlgorithmId = keyAlg;
- hdr->KeyClass = CSSM_KEYCLASS_SESSION_KEY;
- hdr->LogicalKeySizeInBits = keySizeInBytes * 8;
- hdr->KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
- hdr->KeyUsage = keyUsage;
- appSetupCssmData(&rawKey.KeyData, keySizeInBytes);
- memmove(rawKey.KeyData.Data, keyBits->Data, keySizeInBytes);
-
- /* convert to a ref key */
- crtn = cspRawKeyToRef(cspHand, &rawKey, refKey);
- appFreeCssmData(&rawKey.KeyData, CSSM_FALSE);
- return crtn;
-}
-
-/*
- * Free a key. This frees a CSP's resources associated with the key if
- * the key is a reference key. It also frees key->KeyData. The CSSM_KEY
- * struct itself is not freed.
- * Note this has no effect on the CSP or DL cached keys unless the incoming
- * key is a reference key.
- */
-CSSM_RETURN cspFreeKey(CSSM_CSP_HANDLE cspHand,
- CSSM_KEY_PTR key)
-{
- CSSM_RETURN crtn;
- crtn = CSSM_FreeKey(cspHand,
- NULL, // access cred
- key,
- CSSM_FALSE); // delete - OK? maybe should parameterize?
- if(crtn) {
- printError("CSSM_FreeKey", crtn);
- }
- return crtn;
-}
-
-/* generate a random and reasonable key size in bits for specified CSSM algorithm */
-uint32 randKeySizeBits(uint32 alg,
- opType op) // OT_Encrypt, etc.
-{
- uint32 minSize;
- uint32 maxSize;
- uint32 size;
-
- switch(alg) {
- case CSSM_ALGID_DES:
- return CSP_DES_KEY_SIZE_DEFAULT;
- case CSSM_ALGID_3DES_3KEY:
- case CSSM_ALGID_DESX:
- return CSP_DES3_KEY_SIZE_DEFAULT;
- case CSSM_ALGID_ASC:
- case CSSM_ALGID_RC2:
- case CSSM_ALGID_RC4:
- case CSSM_ALGID_RC5:
- minSize = 5 * 8;
- maxSize = MAX_KEY_SIZE_RC245_BYTES * 8 ; // somewhat arbitrary
- break;
- case CSSM_ALGID_BLOWFISH:
- minSize = 32;
- maxSize = 448;
- break;
- case CSSM_ALGID_CAST:
- minSize = 40;
- maxSize = 128;
- break;
- case CSSM_ALGID_IDEA:
- return CSP_IDEA_KEY_SIZE_DEFAULT;
- case CSSM_ALGID_RSA:
- minSize = CSP_RSA_KEY_SIZE_DEFAULT;
- maxSize = 1024;
- break;
- case CSSM_ALGID_DSA:
- /* signature only, no export restriction */
- minSize = 512;
- maxSize = 1024;
- break;
- case CSSM_ALGID_SHA1HMAC:
- minSize = 20 * 8;
- maxSize = 256 * 8;
- break;
- case CSSM_ALGID_MD5HMAC:
- minSize = 16 * 8;
- maxSize = 256 * 8;
- break;
- case CSSM_ALGID_FEE:
- /* FEE requires discrete sizes */
- size = genRand(1,4);
- switch(size) {
- case 1:
- return 31;
- case 2:
- if(alg == CSSM_ALGID_FEE) {
- return 127;
- }
- else {
- return 128;
- }
- case 3:
- return 161;
- case 4:
- return 192;
- default:
- printf("randKeySizeBits: internal error\n");
- return 0;
- }
- case CSSM_ALGID_ECDSA:
- case CSSM_ALGID_SHA1WithECDSA:
- /* ECDSA require discrete sizes */
- size = genRand(1,4);
- switch(size) {
- case 1:
- return 192;
- case 2:
- return 256;
- case 3:
- return 384;
- case 4:
- default:
- return 521;
- }
- case CSSM_ALGID_AES:
- size = genRand(1, 3);
- switch(size) {
- case 1:
- return 128;
- case 2:
- return 192;
- case 3:
- return 256;
- }
- case CSSM_ALGID_NONE:
- return CSP_NULL_CRYPT_KEY_SIZE_DEF;
- default:
- printf("randKeySizeBits: unknown alg\n");
- return CSP_KEY_SIZE_DEFAULT;
- }
- size = genRand(minSize, maxSize);
-
- /* per-alg postprocessing.... */
- if(alg != CSSM_ALGID_RC2) {
- size &= ~0x7;
- }
- switch(alg) {
- case CSSM_ALGID_RSA:
- // new for X - strong keys */
- size &= ~(16 - 1);
- break;
- case CSSM_ALGID_DSA:
- /* size mod 64 == 0 */
- size &= ~(64 - 1);
- break;
- default:
- break;
- }
- return size;
-}
-
-#pragma mark --------- Encrypt/Decrypt ---------
-
-/*
- * Encrypt/Decrypt
- */
-/*
- * Common routine for encrypt/decrypt - cook up an appropriate context handle
- */
-/*
- * When true, effectiveKeySizeInBits is passed down via the Params argument.
- * Otherwise, we add a customized context attribute.
- * Setting this true works with the stock Intel CSSM; this may well change.
- * Note this overloading prevent us from specifying RC5 rounds....
- */
-#define EFFECTIVE_SIZE_VIA_PARAMS 0
-CSSM_CC_HANDLE genCryptHandle(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEED, etc.
- uint32 mode, // CSSM_ALGMODE_CBC, etc. - only for symmetric algs
- CSSM_PADDING padding, // CSSM_PADDING_PKCS1, etc.
- const CSSM_KEY *key0,
- const CSSM_KEY *key1, // for CSSM_ALGID_FEED only - must be the
- // public key
- const CSSM_DATA *iv, // optional
- uint32 effectiveKeySizeInBits, // 0 means skip this attribute
- uint32 rounds) // ditto
-{
- CSSM_CC_HANDLE cryptHand = 0;
- uint32 params;
- CSSM_RETURN crtn;
- CSSM_ACCESS_CREDENTIALS creds;
-
- memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
- #if EFFECTIVE_SIZE_VIA_PARAMS
- params = effectiveKeySizeInBits;
- #else
- params = 0;
- #endif
- switch(algorithm) {
- case CSSM_ALGID_DES:
- case CSSM_ALGID_3DES_3KEY_EDE:
- case CSSM_ALGID_DESX:
- case CSSM_ALGID_ASC:
- case CSSM_ALGID_RC2:
- case CSSM_ALGID_RC4:
- case CSSM_ALGID_RC5:
- case CSSM_ALGID_AES:
- case CSSM_ALGID_BLOWFISH:
- case CSSM_ALGID_CAST:
- case CSSM_ALGID_IDEA:
- case CSSM_ALGID_NONE: // used for wrapKey()
- crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
- algorithm,
- mode,
- NULL, // access cred
- key0,
- iv, // InitVector
- padding,
- NULL, // Params
- &cryptHand);
- if(crtn) {
- printError("CSSM_CSP_CreateSymmetricContext", crtn);
- return 0;
- }
- break;
- case CSSM_ALGID_FEED:
- case CSSM_ALGID_FEEDEXP:
- case CSSM_ALGID_FEECFILE:
- case CSSM_ALGID_RSA:
- crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
- algorithm,
- &creds, // access
- key0,
- padding,
- &cryptHand);
- if(crtn) {
- printError("CSSM_CSP_CreateAsymmetricContext", crtn);
- return 0;
- }
- if(key1 != NULL) {
- /*
- * FEED, some CFILE. Add (non-standard) second key attribute.
- */
- crtn = AddContextAttribute(cryptHand,
- CSSM_ATTRIBUTE_PUBLIC_KEY,
- sizeof(CSSM_KEY), // currently sizeof CSSM_DATA
- CAT_Ptr,
- key1,
- 0);
- if(crtn) {
- printError("AddContextAttribute", crtn);
- return 0;
- }
- }
- if(mode != CSSM_ALGMODE_NONE) {
- /* special case, e.g., CSSM_ALGMODE_PUBLIC_KEY */
- crtn = AddContextAttribute(cryptHand,
- CSSM_ATTRIBUTE_MODE,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- mode);
- if(crtn) {
- printError("AddContextAttribute", crtn);
- return 0;
- }
- }
- break;
- default:
- printf("genCryptHandle: bogus algorithm\n");
- return 0;
- }
- #if !EFFECTIVE_SIZE_VIA_PARAMS
- /* add optional EffectiveKeySizeInBits and rounds attributes */
- if(effectiveKeySizeInBits != 0) {
- CSSM_CONTEXT_ATTRIBUTE attr;
- attr.AttributeType = CSSM_ATTRIBUTE_EFFECTIVE_BITS;
- attr.AttributeLength = sizeof(uint32);
- attr.Attribute.Uint32 = effectiveKeySizeInBits;
- crtn = CSSM_UpdateContextAttributes(
- cryptHand,
- 1,
- &attr);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- return crtn;
- }
- }
- #endif
-
- if(rounds != 0) {
- CSSM_CONTEXT_ATTRIBUTE attr;
- attr.AttributeType = CSSM_ATTRIBUTE_ROUNDS;
- attr.AttributeLength = sizeof(uint32);
- attr.Attribute.Uint32 = rounds;
- crtn = CSSM_UpdateContextAttributes(
- cryptHand,
- 1,
- &attr);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- return crtn;
- }
- }
-
- return cryptHand;
-}
-
-CSSM_RETURN cspEncrypt(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEED, etc.
- uint32 mode, // CSSM_ALGMODE_CBC, etc. - only for symmetric algs
- CSSM_PADDING padding, // CSSM_PADDING_PKCS1, etc.
- const CSSM_KEY *key, // public or session key
- const CSSM_KEY *pubKey, // for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
- uint32 effectiveKeySizeInBits, // 0 means skip this attribute
- uint32 rounds, // ditto
- const CSSM_DATA *iv, // init vector, optional
- const CSSM_DATA *ptext,
- CSSM_DATA_PTR ctext, // RETURNED
- CSSM_BOOL mallocCtext) // if true, and ctext empty, malloc
- // by getting size from CSP
-{
- CSSM_CC_HANDLE cryptHand;
- CSSM_RETURN crtn;
- CSSM_SIZE bytesEncrypted;
- CSSM_DATA remData = {0, NULL};
- CSSM_RETURN ocrtn = CSSM_OK;
- unsigned origCtextLen; // the amount we malloc, if any
- CSSM_RETURN savedErr = CSSM_OK;
- CSSM_BOOL restoreErr = CSSM_FALSE;
-
- cryptHand = genCryptHandle(cspHand,
- algorithm,
- mode,
- padding,
- key,
- pubKey,
- iv,
- effectiveKeySizeInBits,
- rounds);
- if(cryptHand == 0) {
- return CSSMERR_CSSM_INTERNAL_ERROR;
- }
- if(mallocCtext && (ctext->Length == 0)) {
- CSSM_QUERY_SIZE_DATA querySize;
- querySize.SizeInputBlock = ptext->Length;
- crtn = CSSM_QuerySize(cryptHand,
- CSSM_TRUE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize", crtn);
- ocrtn = crtn;
- goto abort;
- }
- if(querySize.SizeOutputBlock == 0) {
- /* CSP couldn't figure this out; skip our malloc */
- printf("***cspEncrypt: warning: cipherTextSize unknown; "
- "skipping malloc\n");
- origCtextLen = 0;
- }
- else {
- ctext->Data = (uint8 *)
- appMalloc(querySize.SizeOutputBlock, NULL);
- if(ctext->Data == NULL) {
- printf("Insufficient heap space\n");
- ocrtn = CSSM_ERRCODE_MEMORY_ERROR;
- goto abort;
- }
- ctext->Length = origCtextLen = querySize.SizeOutputBlock;
- memset(ctext->Data, 0, ctext->Length);
- }
- }
- else {
- origCtextLen = ctext->Length;
- }
- crtn = CSSM_EncryptData(cryptHand,
- ptext,
- 1,
- ctext,
- 1,
- &bytesEncrypted,
- &remData);
- if(crtn == CSSM_OK) {
- /*
- * Deal with remData - its contents are included in bytesEncrypted.
- */
- if((remData.Length != 0) && mallocCtext) {
- /* shouldn't happen - right? */
- if(bytesEncrypted > origCtextLen) {
- /* malloc and copy a new one */
- uint8 *newCdata = (uint8 *)appMalloc(bytesEncrypted, NULL);
- printf("**Warning: app malloced cipherBuf, but got nonzero "
- "remData!\n");
- if(newCdata == NULL) {
- printf("Insufficient heap space\n");
- ocrtn = CSSM_ERRCODE_MEMORY_ERROR;
- goto abort;
- }
- memmove(newCdata, ctext->Data, ctext->Length);
- memmove(newCdata+ctext->Length, remData.Data, remData.Length);
- CSSM_FREE(ctext->Data);
- ctext->Data = newCdata;
- }
- else {
- /* there's room left over */
- memmove(ctext->Data+ctext->Length, remData.Data, remData.Length);
- }
- ctext->Length = bytesEncrypted;
- }
- // NOTE: We return the proper length in ctext....
- ctext->Length = bytesEncrypted;
- }
- else {
- savedErr = crtn;
- restoreErr = CSSM_TRUE;
- printError("CSSM_EncryptData", crtn);
- }
-abort:
- crtn = CSSM_DeleteContext(cryptHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- if(restoreErr) {
- ocrtn = savedErr;
- }
- return ocrtn;
-}
-
-#define PAD_IMPLIES_RAND_PTEXTSIZE 1
-#define LOG_STAGED_OPS 0
-#if LOG_STAGED_OPS
-#define soprintf(s) printf s
-#else
-#define soprintf(s)
-#endif
-
-CSSM_RETURN cspStagedEncrypt(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEED, etc.
- uint32 mode, // CSSM_ALGMODE_CBC, etc. - only for symmetric algs
- CSSM_PADDING padding, // CSSM_PADDING_PKCS1, etc.
- const CSSM_KEY *key, // public or session key
- const CSSM_KEY *pubKey, // for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
- uint32 effectiveKeySizeInBits, // 0 means skip this attribute
- uint32 cipherBlockSize, // ditto
- uint32 rounds, // ditto
- const CSSM_DATA *iv, // init vector, optional
- const CSSM_DATA *ptext,
- CSSM_DATA_PTR ctext, // RETURNED, we malloc
- CSSM_BOOL multiUpdates) // false:single update, true:multi updates
-{
- CSSM_CC_HANDLE cryptHand;
- CSSM_RETURN crtn;
- CSSM_SIZE bytesEncrypted; // per update
- CSSM_SIZE bytesEncryptedTotal = 0;
- CSSM_RETURN ocrtn = CSSM_OK; // 'our' crtn
- unsigned toMove; // remaining
- unsigned thisMove; // bytes to encrypt on this update
- CSSM_DATA thisPtext; // running ptr into ptext
- CSSM_DATA ctextWork; // per update, mallocd by CSP
- CSSM_QUERY_SIZE_DATA querySize;
- uint8 *origCtext; // initial ctext->Data
- unsigned origCtextLen; // amount we mallocd
- CSSM_BOOL restoreErr = CSSM_FALSE;
- CSSM_RETURN savedErr = CSSM_OK;
-
-
- cryptHand = genCryptHandle(cspHand,
- algorithm,
- mode,
- padding,
- key,
- pubKey,
- iv,
- effectiveKeySizeInBits,
- rounds);
- if(cryptHand == 0) {
- return CSSMERR_CSP_INTERNAL_ERROR;
- }
- if(cipherBlockSize) {
- crtn = AddContextAttribute(cryptHand,
- CSSM_ATTRIBUTE_BLOCK_SIZE,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- cipherBlockSize);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- goto abort;
- }
- }
-
- /* obtain total required ciphertext size and block size */
- querySize.SizeInputBlock = ptext->Length;
- crtn = CSSM_QuerySize(cryptHand,
- CSSM_TRUE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize(1)", crtn);
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- if(querySize.SizeOutputBlock == 0) {
- /* CSP couldn't figure this out; skip our malloc - caller is taking its
- * chances */
- printf("***cspStagedEncrypt: warning: cipherTextSize unknown; aborting\n");
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- else {
- origCtextLen = querySize.SizeOutputBlock;
- if(algorithm == CSSM_ALGID_ASC) {
- /* ASC is weird - the more chunks we do, the bigger the
- * resulting ctext...*/
- origCtextLen *= 2;
- }
- ctext->Length = origCtextLen;
- ctext->Data = origCtext = (uint8 *)appMalloc(origCtextLen, NULL);
- if(ctext->Data == NULL) {
- printf("Insufficient heap space\n");
- ocrtn = CSSMERR_CSP_MEMORY_ERROR;
- goto abort;
- }
- memset(ctext->Data, 0, ctext->Length);
- }
-
- crtn = CSSM_EncryptDataInit(cryptHand);
- if(crtn) {
- printError("CSSM_EncryptDataInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
-
- toMove = ptext->Length;
- thisPtext.Data = ptext->Data;
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- /* just do one pass thru this loop */
- thisMove = toMove;
- }
- thisPtext.Length = thisMove;
- /* let CSP do the individual mallocs */
- ctextWork.Data = NULL;
- ctextWork.Length = 0;
- soprintf(("*** EncryptDataUpdate: ptextLen 0x%x\n", thisMove));
- crtn = CSSM_EncryptDataUpdate(cryptHand,
- &thisPtext,
- 1,
- &ctextWork,
- 1,
- &bytesEncrypted);
- if(crtn) {
- printError("CSSM_EncryptDataUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- // NOTE: We return the proper length in ctext....
- ctextWork.Length = bytesEncrypted;
- soprintf(("*** EncryptDataUpdate: ptextLen 0x%x bytesEncrypted 0x%x\n",
- thisMove, bytesEncrypted));
- thisPtext.Data += thisMove;
- toMove -= thisMove;
- if(bytesEncrypted > ctext->Length) {
- printf("cspStagedEncrypt: ctext overflow!\n");
- ocrtn = crtn;
- goto abort;
- }
- if(bytesEncrypted != 0) {
- memmove(ctext->Data, ctextWork.Data, bytesEncrypted);
- bytesEncryptedTotal += bytesEncrypted;
- ctext->Data += bytesEncrypted;
- ctext->Length -= bytesEncrypted;
- }
- if(ctextWork.Data != NULL) {
- CSSM_FREE(ctextWork.Data);
- }
- }
- /* OK, one more */
- ctextWork.Data = NULL;
- ctextWork.Length = 0;
- crtn = CSSM_EncryptDataFinal(cryptHand, &ctextWork);
- if(crtn) {
- printError("CSSM_EncryptDataFinal", crtn);
- savedErr = crtn;
- restoreErr = CSSM_TRUE;
- goto abort;
- }
- if(ctextWork.Length != 0) {
- bytesEncryptedTotal += ctextWork.Length;
- if(ctextWork.Length > ctext->Length) {
- printf("cspStagedEncrypt: ctext overflow (2)!\n");
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- memmove(ctext->Data, ctextWork.Data, ctextWork.Length);
- }
- if(ctextWork.Data) {
- /* this could have gotten mallocd and Length still be zero */
- CSSM_FREE(ctextWork.Data);
- }
-
- /* retweeze ctext */
- ctext->Data = origCtext;
- ctext->Length = bytesEncryptedTotal;
-abort:
- crtn = CSSM_DeleteContext(cryptHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- if(restoreErr) {
- /* give caller the error from the encrypt */
- ocrtn = savedErr;
- }
- return ocrtn;
-}
-
-CSSM_RETURN cspDecrypt(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEED, etc.
- uint32 mode, // CSSM_ALGMODE_CBC, etc. - only for symmetric algs
- CSSM_PADDING padding, // CSSM_PADDING_PKCS1, etc.
- const CSSM_KEY *key, // public or session key
- const CSSM_KEY *pubKey, // for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
- uint32 effectiveKeySizeInBits, // 0 means skip this attribute
- uint32 rounds, // ditto
- const CSSM_DATA *iv, // init vector, optional
- const CSSM_DATA *ctext,
- CSSM_DATA_PTR ptext, // RETURNED
- CSSM_BOOL mallocPtext) // if true and ptext->Length = 0,
- // we'll malloc
-{
- CSSM_CC_HANDLE cryptHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- CSSM_SIZE bytesDecrypted;
- CSSM_DATA remData = {0, NULL};
- unsigned origPtextLen; // the amount we malloc, if any
-
- cryptHand = genCryptHandle(cspHand,
- algorithm,
- mode,
- padding,
- key,
- pubKey,
- iv,
- effectiveKeySizeInBits,
- rounds);
- if(cryptHand == 0) {
- return CSSMERR_CSP_INTERNAL_ERROR;
- }
- if(mallocPtext && (ptext->Length == 0)) {
- CSSM_QUERY_SIZE_DATA querySize;
- querySize.SizeInputBlock = ctext->Length;
- crtn = CSSM_QuerySize(cryptHand,
- CSSM_FALSE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize", crtn);
- ocrtn = crtn;
- goto abort;
- }
- if(querySize.SizeOutputBlock == 0) {
- /* CSP couldn't figure this one out; skip our malloc */
- printf("***cspDecrypt: warning: plainTextSize unknown; "
- "skipping malloc\n");
- origPtextLen = 0;
- }
- else {
- ptext->Data =
- (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
- if(ptext->Data == NULL) {
- printf("Insufficient heap space\n");
- ocrtn = CSSMERR_CSP_MEMORY_ERROR;
- goto abort;
- }
- ptext->Length = origPtextLen = querySize.SizeOutputBlock;
- memset(ptext->Data, 0, ptext->Length);
- }
- }
- else {
- origPtextLen = ptext->Length;
- }
- crtn = CSSM_DecryptData(cryptHand,
- ctext,
- 1,
- ptext,
- 1,
- &bytesDecrypted,
- &remData);
- if(crtn == CSSM_OK) {
- /*
- * Deal with remData - its contents are included in bytesDecrypted.
- */
- if((remData.Length != 0) && mallocPtext) {
- /* shouldn't happen - right? */
- if(bytesDecrypted > origPtextLen) {
- /* malloc and copy a new one */
- uint8 *newPdata = (uint8 *)appMalloc(bytesDecrypted, NULL);
- printf("**Warning: app malloced ClearBuf, but got nonzero "
- "remData!\n");
- if(newPdata == NULL) {
- printf("Insufficient heap space\n");
- ocrtn = CSSMERR_CSP_MEMORY_ERROR;
- goto abort;
- }
- memmove(newPdata, ptext->Data, ptext->Length);
- memmove(newPdata + ptext->Length,
- remData.Data, remData.Length);
- CSSM_FREE(ptext->Data);
- ptext->Data = newPdata;
- }
- else {
- /* there's room left over */
- memmove(ptext->Data + ptext->Length,
- remData.Data, remData.Length);
- }
- ptext->Length = bytesDecrypted;
- }
- // NOTE: We return the proper length in ptext....
- ptext->Length = bytesDecrypted;
-
- // FIXME - sometimes get mallocd RemData here, but never any valid data
- // there...side effect of CSPFullPluginSession's buffer handling logic;
- // but will we ever actually see valid data in RemData? So far we never
- // have....
- if(remData.Data != NULL) {
- appFree(remData.Data, NULL);
- }
- }
- else {
- printError("CSSM_DecryptData", crtn);
- ocrtn = crtn;
- }
-abort:
- crtn = CSSM_DeleteContext(cryptHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-CSSM_RETURN cspStagedDecrypt(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEED, etc.
- uint32 mode, // CSSM_ALGMODE_CBC, etc. - only for symmetric algs
- CSSM_PADDING padding, // CSSM_PADDING_PKCS1, etc.
- const CSSM_KEY *key, // public or session key
- const CSSM_KEY *pubKey, // for CSSM_ALGID_FEED, CSSM_ALGID_FEECFILE only
- uint32 effectiveKeySizeInBits, // 0 means skip this attribute
- uint32 cipherBlockSize, // ditto
- uint32 rounds, // ditto
- const CSSM_DATA *iv, // init vector, optional
- const CSSM_DATA *ctext,
- CSSM_DATA_PTR ptext, // RETURNED, we malloc
- CSSM_BOOL multiUpdates) // false:single update, true:multi updates
-{
- CSSM_CC_HANDLE cryptHand;
- CSSM_RETURN crtn;
- CSSM_SIZE bytesDecrypted; // per update
- CSSM_SIZE bytesDecryptedTotal = 0;
- CSSM_RETURN ocrtn = CSSM_OK; // 'our' crtn
- unsigned toMove; // remaining
- unsigned thisMove; // bytes to encrypt on this update
- CSSM_DATA thisCtext; // running ptr into ptext
- CSSM_DATA ptextWork; // per update, mallocd by CSP
- CSSM_QUERY_SIZE_DATA querySize;
- uint8 *origPtext; // initial ptext->Data
- unsigned origPtextLen; // amount we mallocd
-
- cryptHand = genCryptHandle(cspHand,
- algorithm,
- mode,
- padding,
- key,
- pubKey,
- iv,
- effectiveKeySizeInBits,
- rounds);
- if(cryptHand == 0) {
- return CSSMERR_CSP_INTERNAL_ERROR;
- }
- if(cipherBlockSize) {
- crtn = AddContextAttribute(cryptHand,
- CSSM_ATTRIBUTE_BLOCK_SIZE,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- cipherBlockSize);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- goto abort;
- }
- }
-
- /* obtain total required ciphertext size and block size */
- querySize.SizeInputBlock = ctext->Length;
- crtn = CSSM_QuerySize(cryptHand,
- CSSM_FALSE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize(1)", crtn);
- ocrtn = crtn;
- goto abort;
- }
-
- /* required ptext size should be independent of number of chunks */
- if(querySize.SizeOutputBlock == 0) {
- printf("***warning: cspStagedDecrypt: plainTextSize unknown; aborting\n");
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- else {
- // until exit, ptext->Length indicates remaining bytes of usable data in
- // ptext->Data
- ptext->Length = origPtextLen = querySize.SizeOutputBlock;
- ptext->Data = origPtext =
- (uint8 *)appMalloc(origPtextLen, NULL);
- if(ptext->Data == NULL) {
- printf("Insufficient heap space\n");
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- memset(ptext->Data, 0, ptext->Length);
- }
-
- crtn = CSSM_DecryptDataInit(cryptHand);
- if(crtn) {
- printError("CSSM_DecryptDataInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
- toMove = ctext->Length;
- thisCtext.Data = ctext->Data;
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- /* just do one pass thru this loop */
- thisMove = toMove;
- }
- thisCtext.Length = thisMove;
- /* let CSP do the individual mallocs */
- ptextWork.Data = NULL;
- ptextWork.Length = 0;
- soprintf(("*** DecryptDataUpdate: ctextLen 0x%x\n", thisMove));
- crtn = CSSM_DecryptDataUpdate(cryptHand,
- &thisCtext,
- 1,
- &ptextWork,
- 1,
- &bytesDecrypted);
- if(crtn) {
- printError("CSSM_DecryptDataUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- //
- // NOTE: We return the proper length in ptext....
- ptextWork.Length = bytesDecrypted;
- thisCtext.Data += thisMove;
- toMove -= thisMove;
- if(bytesDecrypted > ptext->Length) {
- printf("cspStagedDecrypt: ptext overflow!\n");
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- if(bytesDecrypted != 0) {
- memmove(ptext->Data, ptextWork.Data, bytesDecrypted);
- bytesDecryptedTotal += bytesDecrypted;
- ptext->Data += bytesDecrypted;
- ptext->Length -= bytesDecrypted;
- }
- if(ptextWork.Data != NULL) {
- CSSM_FREE(ptextWork.Data);
- }
- }
- /* OK, one more */
- ptextWork.Data = NULL;
- ptextWork.Length = 0;
- crtn = CSSM_DecryptDataFinal(cryptHand, &ptextWork);
- if(crtn) {
- printError("CSSM_DecryptDataFinal", crtn);
- ocrtn = crtn;
- goto abort;
- }
- if(ptextWork.Length != 0) {
- bytesDecryptedTotal += ptextWork.Length;
- if(ptextWork.Length > ptext->Length) {
- printf("cspStagedDecrypt: ptext overflow (2)!\n");
- ocrtn = CSSMERR_CSP_INTERNAL_ERROR;
- goto abort;
- }
- memmove(ptext->Data, ptextWork.Data, ptextWork.Length);
- }
- if(ptextWork.Data) {
- /* this could have gotten mallocd and Length still be zero */
- CSSM_FREE(ptextWork.Data);
- }
-
- /* retweeze ptext */
- ptext->Data = origPtext;
- ptext->Length = bytesDecryptedTotal;
-abort:
- crtn = CSSM_DeleteContext(cryptHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-#pragma mark --------- sign/verify/MAC ---------
-
-/*
- * Signature routines
- * This all-in-one sign op has a special case for RSA keys. If the requested
- * alg is MD5 or SHA1, we'll do a manual digest op followed by raw RSA sign.
- * Likewise, if it's CSSM_ALGID_DSA, we'll do manual SHA1 digest followed by
- * raw DSA sign.
- */
-
-CSSM_RETURN cspSign(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // private key
- const CSSM_DATA *text,
- CSSM_DATA_PTR sig) // RETURNED
-{
- CSSM_CC_HANDLE sigHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- const CSSM_DATA *ptext;
- CSSM_DATA digest = {0, NULL};
- CSSM_ALGORITHMS digestAlg = CSSM_ALGID_NONE;
-
- /* handle special cases for raw sign */
- switch(algorithm) {
- case CSSM_ALGID_SHA1:
- digestAlg = CSSM_ALGID_SHA1;
- algorithm = CSSM_ALGID_RSA;
- break;
- case CSSM_ALGID_MD5:
- digestAlg = CSSM_ALGID_MD5;
- algorithm = CSSM_ALGID_RSA;
- break;
- case CSSM_ALGID_DSA:
- digestAlg = CSSM_ALGID_SHA1;
- algorithm = CSSM_ALGID_DSA;
- break;
- default:
- break;
- }
- if(digestAlg != CSSM_ALGID_NONE) {
- crtn = cspDigest(cspHand,
- digestAlg,
- CSSM_FALSE, // mallocDigest
- text,
- &digest);
- if(crtn) {
- return crtn;
- }
- /* sign digest with raw RSA/DSA */
- ptext = &digest;
- }
- else {
- ptext = text;
- }
- crtn = CSSM_CSP_CreateSignatureContext(cspHand,
- algorithm,
- NULL, // passPhrase
- key,
- &sigHand);
- if(crtn) {
- printError("CSSM_CSP_CreateSignatureContext (1)", crtn);
- return crtn;
- }
- crtn = CSSM_SignData(sigHand,
- ptext,
- 1,
- digestAlg,
- sig);
- if(crtn) {
- printError("CSSM_SignData", crtn);
- ocrtn = crtn;
- }
- crtn = CSSM_DeleteContext(sigHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- if(digest.Data != NULL) {
- CSSM_FREE(digest.Data);
- }
- return ocrtn;
-}
-
-/*
- * Staged sign. Each update does a random number of bytes 'till through.
- */
-CSSM_RETURN cspStagedSign(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // private key
- const CSSM_DATA *text,
- CSSM_BOOL multiUpdates, // false:single update, true:multi updates
- CSSM_DATA_PTR sig) // RETURNED
-{
- CSSM_CC_HANDLE sigHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- unsigned thisMove; // this update
- unsigned toMove; // total to go
- CSSM_DATA thisText; // actaully passed to update
- crtn = CSSM_CSP_CreateSignatureContext(cspHand,
- algorithm,
- NULL, // passPhrase
- key,
- &sigHand);
- if(crtn) {
- printError("CSSM_CSP_CreateSignatureContext (1)", crtn);
- return crtn;
- }
- crtn = CSSM_SignDataInit(sigHand);
- if(crtn) {
- printError("CSSM_SignDataInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
- toMove = text->Length;
- thisText.Data = text->Data;
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- thisMove = toMove;
- }
- thisText.Length = thisMove;
- crtn = CSSM_SignDataUpdate(sigHand,
- &thisText,
- 1);
- if(crtn) {
- printError("CSSM_SignDataUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- thisText.Data += thisMove;
- toMove -= thisMove;
- }
- crtn = CSSM_SignDataFinal(sigHand, sig);
- if(crtn) {
- printError("CSSM_SignDataFinal", crtn);
- ocrtn = crtn;
- goto abort;
- }
-abort:
- crtn = CSSM_DeleteContext(sigHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-/*
- * This all-in-one verify op has a special case for RSA keys. If the requested
- * alg is MD5 or SHA1, we'll do a manual digest op followed by raw RSA verify.
- * Likewise, if it's CSSM_ALGID_DSA, we'll do manual SHA1 digest followed by
- * raw DSA sign.
- */
-
-CSSM_RETURN cspSigVerify(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // public key
- const CSSM_DATA *text,
- const CSSM_DATA *sig,
- CSSM_RETURN expectResult) // expected result is verify failure
- // CSSM_OK - expect success
-{
- CSSM_CC_HANDLE sigHand;
- CSSM_RETURN ocrtn = CSSM_OK;
- CSSM_RETURN crtn;
- const CSSM_DATA *ptext;
- CSSM_DATA digest = {0, NULL};
- CSSM_ALGORITHMS digestAlg = CSSM_ALGID_NONE;
-
- /* handle special cases for raw sign */
- switch(algorithm) {
- case CSSM_ALGID_SHA1:
- digestAlg = CSSM_ALGID_SHA1;
- algorithm = CSSM_ALGID_RSA;
- break;
- case CSSM_ALGID_MD5:
- digestAlg = CSSM_ALGID_MD5;
- algorithm = CSSM_ALGID_RSA;
- break;
- case CSSM_ALGID_DSA:
- digestAlg = CSSM_ALGID_SHA1;
- algorithm = CSSM_ALGID_DSA;
- break;
- default:
- break;
- }
- if(digestAlg != CSSM_ALGID_NONE) {
- crtn = cspDigest(cspHand,
- digestAlg,
- CSSM_FALSE, // mallocDigest
- text,
- &digest);
- if(crtn) {
- return crtn;
- }
- /* sign digest with raw RSA/DSA */
- ptext = &digest;
- }
- else {
- ptext = text;
- }
- crtn = CSSM_CSP_CreateSignatureContext(cspHand,
- algorithm,
- NULL, // passPhrase
- key,
- &sigHand);
- if(crtn) {
- printError("CSSM_CSP_CreateSignatureContext (3)", crtn);
- return crtn;
- }
-
- crtn = CSSM_VerifyData(sigHand,
- ptext,
- 1,
- digestAlg,
- sig);
- if(crtn != expectResult) {
- if(!crtn) {
- printf("Unexpected good Sig Verify\n");
- }
- else {
- printError("CSSM_VerifyData", crtn);
- }
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- }
- crtn = CSSM_DeleteContext(sigHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- if(digest.Data != NULL) {
- CSSM_FREE(digest.Data);
- }
- return ocrtn;
-}
-
-/*
- * Staged verify. Each update does a random number of bytes 'till through.
- */
-CSSM_RETURN cspStagedSigVerify(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // private key
- const CSSM_DATA *text,
- const CSSM_DATA *sig,
- CSSM_BOOL multiUpdates, // false:single update, true:multi updates
- CSSM_RETURN expectResult) // expected result is verify failure
- // CSSM_TRUE - expect success
-{
- CSSM_CC_HANDLE sigHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- unsigned thisMove; // this update
- unsigned toMove; // total to go
- CSSM_DATA thisText; // actaully passed to update
- crtn = CSSM_CSP_CreateSignatureContext(cspHand,
- algorithm,
- NULL, // passPhrase
- key,
- &sigHand);
- if(crtn) {
- printError("CSSM_CSP_CreateSignatureContext (4)", crtn);
- return crtn;
- }
- crtn = CSSM_VerifyDataInit(sigHand);
- if(crtn) {
- printError("CSSM_VerifyDataInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
- toMove = text->Length;
- thisText.Data = text->Data;
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- thisMove = toMove;
- }
- thisText.Length = thisMove;
- crtn = CSSM_VerifyDataUpdate(sigHand,
- &thisText,
- 1);
- if(crtn) {
- printError("CSSM_VerifyDataUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- thisText.Data += thisMove;
- toMove -= thisMove;
- }
- crtn = CSSM_VerifyDataFinal(sigHand, sig);
- if(crtn != expectResult) {
- if(crtn) {
- printError("CSSM_VerifyDataFinal", crtn);
- }
- else {
- printf("Unexpected good Staged Sig Verify\n");
- }
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- }
-abort:
- crtn = CSSM_DeleteContext(sigHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-/*
- * MAC routines
- */
-CSSM_RETURN cspGenMac(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // session key
- const CSSM_DATA *text,
- CSSM_DATA_PTR mac) // RETURNED
-{
- CSSM_CC_HANDLE macHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- crtn = CSSM_CSP_CreateMacContext(cspHand,
- algorithm,
- key,
- &macHand);
- if(crtn) {
- printError("CSSM_CSP_CreateMacContext (1)", crtn);
- return crtn;
- }
- crtn = CSSM_GenerateMac(macHand,
- text,
- 1,
- mac);
- if(crtn) {
- printError("CSSM_GenerateMac", crtn);
- ocrtn = crtn;
- }
- crtn = CSSM_DeleteContext(macHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-/*
- * Staged generate mac.
- */
-CSSM_RETURN cspStagedGenMac(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // private key
- const CSSM_DATA *text,
- CSSM_BOOL mallocMac, // if true and digest->Length = 0, we'll
- // malloc
- CSSM_BOOL multiUpdates, // false:single update, true:multi updates
- CSSM_DATA_PTR mac) // RETURNED
-{
- CSSM_CC_HANDLE macHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- unsigned thisMove; // this update
- unsigned toMove; // total to go
- CSSM_DATA thisText; // actaully passed to update
-
- crtn = CSSM_CSP_CreateMacContext(cspHand,
- algorithm,
- key,
- &macHand);
- if(crtn) {
- printError("CSSM_CSP_CreateMacContext (2)", crtn);
- return crtn;
- }
-
- if(mallocMac && (mac->Length == 0)) {
- /* malloc mac - ask CSP for size */
- CSSM_QUERY_SIZE_DATA querySize = {0, 0};
- crtn = CSSM_QuerySize(macHand,
- CSSM_TRUE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize(mac)", crtn);
- ocrtn = crtn;
- goto abort;
- }
- if(querySize.SizeOutputBlock == 0) {
- printf("Unknown mac size\n");
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- goto abort;
- }
- mac->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
- if(mac->Data == NULL) {
- printf("malloc failure\n");
- ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
- goto abort;
- }
- mac->Length = querySize.SizeOutputBlock;
- }
-
- crtn = CSSM_GenerateMacInit(macHand);
- if(crtn) {
- printError("CSSM_GenerateMacInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
- toMove = text->Length;
- thisText.Data = text->Data;
-
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- thisMove = toMove;
- }
- thisText.Length = thisMove;
- crtn = CSSM_GenerateMacUpdate(macHand,
- &thisText,
- 1);
- if(crtn) {
- printError("CSSM_GenerateMacUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- thisText.Data += thisMove;
- toMove -= thisMove;
- }
- crtn = CSSM_GenerateMacFinal(macHand, mac);
- if(crtn) {
- printError("CSSM_GenerateMacFinal", crtn);
- ocrtn = crtn;
- goto abort;
- }
-abort:
- crtn = CSSM_DeleteContext(macHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-CSSM_RETURN cspMacVerify(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // public key
- const CSSM_DATA *text,
- const CSSM_DATA_PTR mac,
- CSSM_RETURN expectResult) // expected result
- // CSSM_OK - expect success
-{
- CSSM_CC_HANDLE macHand;
- CSSM_RETURN ocrtn = CSSM_OK;
- CSSM_RETURN crtn;
- crtn = CSSM_CSP_CreateMacContext(cspHand,
- algorithm,
- key,
- &macHand);
- if(crtn) {
- printError("CSSM_CSP_CreateMacContext (3)", crtn);
- return crtn;
- }
- crtn = CSSM_VerifyMac(macHand,
- text,
- 1,
- mac);
- if(crtn != expectResult) {
- if(crtn) {
- printError("CSSM_VerifyMac", crtn);
- }
- else {
- printf("Unexpected good Mac Verify\n");
- }
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- }
- crtn = CSSM_DeleteContext(macHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-/*
- * Staged mac verify. Each update does a random number of bytes 'till through.
- */
-CSSM_RETURN cspStagedMacVerify(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_FEE_MD5, etc.
- CSSM_KEY_PTR key, // private key
- const CSSM_DATA *text,
- const CSSM_DATA_PTR mac,
- CSSM_BOOL multiUpdates, // false:single update, true:multi updates
- CSSM_RETURN expectResult) // expected result is verify failure
- // CSSM_OK - expect success
-{
- CSSM_CC_HANDLE macHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- unsigned thisMove; // this update
- unsigned toMove; // total to go
- CSSM_DATA thisText; // actaully passed to update
-
- crtn = CSSM_CSP_CreateMacContext(cspHand,
- algorithm,
- key,
- &macHand);
- if(crtn) {
- printError("CSSM_CSP_CreateMacContext (4)", crtn);
- return crtn;
- }
- crtn = CSSM_VerifyMacInit(macHand);
- if(crtn) {
- printError("CSSM_VerifyMacInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
- toMove = text->Length;
- thisText.Data = text->Data;
-
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- thisMove = toMove;
- }
- thisText.Length = thisMove;
- crtn = CSSM_VerifyMacUpdate(macHand,
- &thisText,
- 1);
- if(crtn) {
- printError("CSSM_VerifyMacUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- thisText.Data += thisMove;
- toMove -= thisMove;
- }
- crtn = CSSM_VerifyMacFinal(macHand, mac);
- if(crtn != expectResult) {
- if(crtn) {
- printError("CSSM_VerifyMacFinal", crtn);
- }
- else {
- printf("Unexpected good Staged Mac Verify\n");
- }
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- }
-abort:
- crtn = CSSM_DeleteContext(macHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-#pragma mark --------- Digest ---------
-
-/*
- * Digest functions
- */
-CSSM_RETURN cspDigest(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_MD5, etc.
- CSSM_BOOL mallocDigest, // if true and digest->Length = 0, we'll malloc
- const CSSM_DATA *text,
- CSSM_DATA_PTR digest)
-{
- CSSM_CC_HANDLE digestHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
-
- crtn = CSSM_CSP_CreateDigestContext(cspHand,
- algorithm,
- &digestHand);
- if(crtn) {
- printError("CSSM_CSP_CreateDIgestContext (1)", crtn);
- return crtn;
- }
- if(mallocDigest && (digest->Length == 0)) {
- /* malloc digest - ask CSP for size */
- CSSM_QUERY_SIZE_DATA querySize = {0, 0};
- crtn = CSSM_QuerySize(digestHand,
- CSSM_FALSE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize(3)", crtn);
- ocrtn = crtn;
- goto abort;
- }
- if(querySize.SizeOutputBlock == 0) {
- printf("Unknown digest size\n");
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- goto abort;
- }
- digest->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
- if(digest->Data == NULL) {
- printf("malloc failure\n");
- ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
- goto abort;
- }
- digest->Length = querySize.SizeOutputBlock;
- }
- crtn = CSSM_DigestData(digestHand,
- text,
- 1,
- digest);
- if(crtn) {
- printError("CSSM_DigestData", crtn);
- ocrtn = crtn;
- }
-abort:
- crtn = CSSM_DeleteContext(digestHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-CSSM_RETURN cspStagedDigest(CSSM_CSP_HANDLE cspHand,
- uint32 algorithm, // CSSM_ALGID_MD5, etc.
- CSSM_BOOL mallocDigest, // if true and digest->Length = 0, we'll
- // malloc
- CSSM_BOOL multiUpdates, // false:single update, true:multi updates
- const CSSM_DATA *text,
- CSSM_DATA_PTR digest)
-{
- CSSM_CC_HANDLE digestHand;
- CSSM_RETURN crtn;
- CSSM_RETURN ocrtn = CSSM_OK;
- unsigned thisMove; // this update
- unsigned toMove; // total to go
- CSSM_DATA thisText; // actually passed to update
-
- crtn = CSSM_CSP_CreateDigestContext(cspHand,
- algorithm,
- &digestHand);
- if(crtn) {
- printError("CSSM_CSP_CreateDigestContext (2)", crtn);
- return crtn;
- }
- if(mallocDigest && (digest->Length == 0)) {
- /* malloc digest - ask CSP for size */
- CSSM_QUERY_SIZE_DATA querySize = {0, 0};
- crtn = CSSM_QuerySize(digestHand,
- CSSM_FALSE, // encrypt
- 1,
- &querySize);
- if(crtn) {
- printError("CSSM_QuerySize(4)", crtn);
- ocrtn = crtn;
- goto abort;
- }
- if(querySize.SizeOutputBlock == 0) {
- printf("Unknown digest size\n");
- ocrtn = CSSMERR_CSSM_INTERNAL_ERROR;
- goto abort;
- }
- digest->Data = (uint8 *)appMalloc(querySize.SizeOutputBlock, NULL);
- if(digest->Data == NULL) {
- printf("malloc failure\n");
- ocrtn = CSSMERR_CSSM_MEMORY_ERROR;
- goto abort;
- }
- digest->Length = querySize.SizeOutputBlock;
- }
- crtn = CSSM_DigestDataInit(digestHand);
- if(crtn) {
- printError("CSSM_DigestDataInit", crtn);
- ocrtn = crtn;
- goto abort;
- }
- toMove = text->Length;
- thisText.Data = text->Data;
- while(toMove) {
- if(multiUpdates) {
- thisMove = genRand(1, toMove);
- }
- else {
- thisMove = toMove;
- }
- thisText.Length = thisMove;
- crtn = CSSM_DigestDataUpdate(digestHand,
- &thisText,
- 1);
- if(crtn) {
- printError("CSSM_DigestDataUpdate", crtn);
- ocrtn = crtn;
- goto abort;
- }
- thisText.Data += thisMove;
- toMove -= thisMove;
- }
- crtn = CSSM_DigestDataFinal(digestHand, digest);
- if(crtn) {
- printError("CSSM_DigestDataFinal", crtn);
- ocrtn = crtn;
- goto abort;
- }
-abort:
- crtn = CSSM_DeleteContext(digestHand);
- if(crtn) {
- printError("CSSM_DeleteContext", crtn);
- ocrtn = crtn;
- }
- return ocrtn;
-}
-
-#pragma mark --------- wrap/unwrap ---------
-
-/* wrap key function. */
-CSSM_RETURN cspWrapKey(CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY *unwrappedKey,
- const CSSM_KEY *wrappingKey,
- CSSM_ALGORITHMS wrapAlg,
- CSSM_ENCRYPT_MODE wrapMode,
- CSSM_KEYBLOB_FORMAT wrapFormat, // NONE, PKCS7, PKCS8
- CSSM_PADDING wrapPad,
- CSSM_DATA_PTR initVector, // for some wrapping algs
- CSSM_DATA_PTR descrData, // optional
- CSSM_KEY_PTR wrappedKey) // RETURNED
-{
- CSSM_CC_HANDLE ccHand;
- CSSM_RETURN crtn;
- CSSM_ACCESS_CREDENTIALS creds;
-
- memset(wrappedKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(wrappedKey);
- memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
- /* special case for NULL wrap - no wrapping key */
- if((wrappingKey == NULL) ||
- (wrappingKey->KeyHeader.KeyClass == CSSM_KEYCLASS_SESSION_KEY)) {
- crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
- wrapAlg,
- wrapMode,
- &creds, // passPhrase,
- wrappingKey,
- initVector,
- wrapPad, // Padding
- 0, // Params
- &ccHand);
- }
- else {
- crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
- wrapAlg,
- &creds,
- wrappingKey,
- wrapPad, // padding
- &ccHand);
- if(crtn) {
- printError("cspWrapKey/CreateContext", crtn);
- return crtn;
- }
- if(initVector) {
- /* manually add IV for CMS. The actual low-level encrypt doesn't
- * use it (and must ignore it). */
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_INIT_VECTOR,
- sizeof(CSSM_DATA),
- CAT_Ptr,
- initVector,
- 0);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- return crtn;
- }
- }
- }
- if(crtn) {
- printError("cspWrapKey/CreateContext", crtn);
- return crtn;
- }
- if(wrapFormat != CSSM_KEYBLOB_WRAPPED_FORMAT_NONE) {
- /* only add this attribute if it's not the default */
- CSSM_CONTEXT_ATTRIBUTE attr;
- attr.AttributeType = CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT;
- attr.AttributeLength = sizeof(uint32);
- attr.Attribute.Uint32 = wrapFormat;
- crtn = CSSM_UpdateContextAttributes(
- ccHand,
- 1,
- &attr);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- return crtn;
- }
- }
- crtn = CSSM_WrapKey(ccHand,
- &creds,
- unwrappedKey,
- descrData, // DescriptiveData
- wrappedKey);
- if(crtn != CSSM_OK) {
- printError("CSSM_WrapKey", crtn);
- }
- if(CSSM_DeleteContext(ccHand)) {
- printf("CSSM_DeleteContext failure\n");
- }
- return crtn;
-}
-
-/* unwrap key function. */
-CSSM_RETURN cspUnwrapKey(CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY *wrappedKey,
- const CSSM_KEY *unwrappingKey,
- CSSM_ALGORITHMS unwrapAlg,
- CSSM_ENCRYPT_MODE unwrapMode,
- CSSM_PADDING unwrapPad,
- CSSM_DATA_PTR initVector, // for some wrapping algs
- CSSM_KEY_PTR unwrappedKey, // RETURNED
- CSSM_DATA_PTR descrData, // required
- const char *keyLabel,
- unsigned keyLabelLen)
-{
- CSSM_CC_HANDLE ccHand;
- CSSM_RETURN crtn;
- CSSM_DATA labelData;
- uint32 keyAttr;
- CSSM_ACCESS_CREDENTIALS creds;
-
- memset(unwrappedKey, 0, sizeof(CSSM_KEY));
- setBadKeyData(unwrappedKey);
- memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
- if((unwrappingKey == NULL) ||
- (unwrappingKey->KeyHeader.KeyClass == CSSM_KEYCLASS_SESSION_KEY)) {
- crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
- unwrapAlg,
- unwrapMode,
- &creds,
- unwrappingKey,
- initVector,
- unwrapPad,
- 0, // Params
- &ccHand);
- }
- else {
- crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
- unwrapAlg,
- &creds, // passPhrase,
- unwrappingKey,
- unwrapPad, // Padding
- &ccHand);
- if(crtn) {
- printError("cspUnwrapKey/CreateContext", crtn);
- return crtn;
- }
- if(initVector) {
- /* manually add IV for CMS. The actual low-level encrypt doesn't
- * use it (and must ignore it). */
- crtn = AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_INIT_VECTOR,
- sizeof(CSSM_DATA),
- CAT_Ptr,
- initVector,
- 0);
- if(crtn) {
- printError("CSSM_UpdateContextAttributes", crtn);
- return crtn;
- }
- }
- }
- if(crtn) {
- printError("cspUnwrapKey/CreateContext", crtn);
- return crtn;
- }
- labelData.Data = (uint8 *)keyLabel;
- labelData.Length = keyLabelLen;
-
- /*
- * New keyAttr - clear some old bits, make sure we ask for ref key
- */
- keyAttr = wrappedKey->KeyHeader.KeyAttr;
- keyAttr &= ~(CSSM_KEYATTR_ALWAYS_SENSITIVE | CSSM_KEYATTR_NEVER_EXTRACTABLE);
- keyAttr |= CSSM_KEYATTR_RETURN_REF;
- crtn = CSSM_UnwrapKey(ccHand,
- NULL, // PublicKey
- wrappedKey,
- wrappedKey->KeyHeader.KeyUsage,
- keyAttr,
- &labelData,
- NULL, // CredAndAclEntry
- unwrappedKey,
- descrData); // required
- if(crtn != CSSM_OK) {
- printError("CSSM_UnwrapKey", crtn);
- }
- if(CSSM_DeleteContext(ccHand)) {
- printf("CSSM_DeleteContext failure\n");
- }
- return crtn;
-}
-
-/*
- * Simple NULL wrap to convert a reference key to a raw key.
- */
-CSSM_RETURN cspRefKeyToRaw(
- CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY *refKey,
- CSSM_KEY_PTR rawKey) // init'd and RETURNED
-{
- CSSM_DATA descData = {0, 0};
-
- memset(rawKey, 0, sizeof(CSSM_KEY));
- return cspWrapKey(cspHand,
- refKey,
- NULL, // unwrappingKey
- CSSM_ALGID_NONE,
- CSSM_ALGMODE_NONE,
- CSSM_KEYBLOB_WRAPPED_FORMAT_NONE,
- CSSM_PADDING_NONE,
- NULL, // IV
- &descData,
- rawKey);
-}
-
-/*
- * Convert ref key to raw key with specified format.
- */
-CSSM_RETURN cspRefKeyToRawWithFormat(
- CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY *refKey,
- CSSM_KEYBLOB_FORMAT format,
- CSSM_KEY_PTR rawKey) // init'd and RETURNED
-{
- memset(rawKey, 0, sizeof(CSSM_KEY));
- CSSM_ATTRIBUTE_TYPE attrType;
-
- switch(refKey->KeyHeader.KeyClass) {
- case CSSM_KEYCLASS_PUBLIC_KEY:
- attrType = CSSM_ATTRIBUTE_PUBLIC_KEY_FORMAT;
- break;
- case CSSM_KEYCLASS_PRIVATE_KEY:
- attrType = CSSM_ATTRIBUTE_PRIVATE_KEY_FORMAT;
- break;
- case CSSM_KEYCLASS_SESSION_KEY:
- attrType = CSSM_ATTRIBUTE_SYMMETRIC_KEY_FORMAT;
- break;
- default:
- printf("***Unknown key class\n");
- return CSSMERR_CSP_INVALID_KEY;
- }
-
- CSSM_DATA descData = {0, 0};
- CSSM_CC_HANDLE ccHand;
- CSSM_RETURN crtn;
-// uint32 keyAttr;
- CSSM_ACCESS_CREDENTIALS creds;
-
- memset(rawKey, 0, sizeof(CSSM_KEY));
- memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
- crtn = CSSM_CSP_CreateSymmetricContext(cspHand,
- CSSM_ALGID_NONE,
- CSSM_ALGMODE_NONE,
- &creds,
- NULL, // unwrappingKey
- NULL, // initVector
- CSSM_PADDING_NONE,
- NULL, // Reserved
- &ccHand);
- if(crtn) {
- printError("cspRefKeyToRawWithFormat/CreateContext", crtn);
- return crtn;
- }
-
- /* Add the spec for the resulting format */
- crtn = AddContextAttribute(ccHand,
- attrType,
- sizeof(uint32),
- CAT_Uint32,
- NULL,
- format);
-
- crtn = CSSM_WrapKey(ccHand,
- &creds,
- refKey,
- &descData, // DescriptiveData
- rawKey);
- if(crtn != CSSM_OK) {
- printError("CSSM_WrapKey", crtn);
- }
- if(rawKey->KeyHeader.Format != format) {
- printf("***cspRefKeyToRawWithFormat format scewup\n");
- crtn = CSSMERR_CSP_INTERNAL_ERROR;
- }
- if(CSSM_DeleteContext(ccHand)) {
- printf("CSSM_DeleteContext failure\n");
- }
- return crtn;
-}
-
-/* unwrap raw key --> ref */
-CSSM_RETURN cspRawKeyToRef(
- CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY *rawKey,
- CSSM_KEY_PTR refKey) // init'd and RETURNED
-{
- CSSM_DATA descData = {0, 0};
-
- memset(refKey, 0, sizeof(CSSM_KEY));
- return cspUnwrapKey(cspHand,
- rawKey,
- NULL, // unwrappingKey
- CSSM_ALGID_NONE,
- CSSM_ALGMODE_NONE,
- CSSM_PADDING_NONE,
- NULL, // init vector
- refKey,
- &descData,
- "noLabel",
- 7);
-}
-
-
-#pragma mark --------- FEE key/curve support ---------
-
-/*
- * Generate random key size, primeType, curveType for FEE key for specified op.
- *
- * First just enumerate the curves we know about, with ECDSA-INcapable first
- */
-
-typedef struct {
- uint32 keySizeInBits;
- uint32 primeType; // CSSM_FEE_PRIME_TYPE_xxx
- uint32 curveType; // CSSM_FEE_CURVE_TYPE_xxx
-} feeCurveParams;
-
-#define FEE_PROTOTYPE_CURVES 0
-#if FEE_PROTOTYPE_CURVES
-/* obsolete as of 4/9/2001 */
-static feeCurveParams feeCurves[] = {
- { 31, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_MONTGOMERY },
- { 127, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_MONTGOMERY },
- { 127, CSSM_FEE_PRIME_TYPE_GENERAL, CSSM_FEE_CURVE_TYPE_MONTGOMERY },
- #define NUM_NON_ECDSA_CURVES 3
-
- /* start of Weierstrass, IEEE P1363-capable curves */
- { 31, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 40, CSSM_FEE_PRIME_TYPE_FEE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 127, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 160, CSSM_FEE_PRIME_TYPE_FEE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 160, CSSM_FEE_PRIME_TYPE_GENERAL, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 192, CSSM_FEE_PRIME_TYPE_FEE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
-};
-#else /* FEE_PROTOTYPE_CURVES */
-static feeCurveParams feeCurves[] = {
- { 31, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_MONTGOMERY },
- { 127, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_MONTGOMERY },
- #define NUM_NON_ECDSA_CURVES 2
-
- /* start of Weierstrass, IEEE P1363-capable curves */
- { 31, CSSM_FEE_PRIME_TYPE_MERSENNE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 128, CSSM_FEE_PRIME_TYPE_FEE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 161, CSSM_FEE_PRIME_TYPE_FEE, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 161, CSSM_FEE_PRIME_TYPE_GENERAL, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
- { 192, CSSM_FEE_PRIME_TYPE_GENERAL, CSSM_FEE_CURVE_TYPE_WEIERSTRASS },
-};
-#endif /* FEE_PROTOTYPE_CURVES */
-#define NUM_FEE_CURVES (sizeof(feeCurves) / sizeof(feeCurveParams))
-
-void randFeeKeyParams(
- CSSM_ALGORITHMS alg, // ALGID_FEED, CSSM_ALGID_FEE_MD5, etc.
- uint32 *keySizeInBits, // RETURNED
- uint32 *primeType, // CSSM_FEE_PRIME_TYPE_xxx, RETURNED
- uint32 *curveType) // CSSM_FEE_CURVE_TYPE_xxx, RETURNED
-{
- unsigned minParams;
- unsigned die;
- feeCurveParams *feeParams;
-
- switch(alg) {
- case CSSM_ALGID_SHA1WithECDSA:
- minParams = NUM_NON_ECDSA_CURVES;
- break;
- default:
- minParams = 0;
- break;
- }
- die = genRand(minParams, (NUM_FEE_CURVES - 1));
- feeParams = &feeCurves[die];
- *keySizeInBits = feeParams->keySizeInBits;
- *primeType = feeParams->primeType;
- *curveType = feeParams->curveType;
-}
-
-/*
- * Obtain strings for primeType and curveType.
- */
-const char *primeTypeStr(uint32 primeType)
-{
- const char *p;
- switch(primeType) {
- case CSSM_FEE_PRIME_TYPE_MERSENNE:
- p = "Mersenne";
- break;
- case CSSM_FEE_PRIME_TYPE_FEE:
- p = "FEE";
- break;
- case CSSM_FEE_PRIME_TYPE_GENERAL:
- p = "General";
- break;
- case CSSM_FEE_PRIME_TYPE_DEFAULT:
- p = "Default";
- break;
- default:
- p = "***UNKNOWN***";
- break;
- }
- return p;
-}
-
-const char *curveTypeStr(uint32 curveType)
-{
- const char *c;
- switch(curveType) {
- case CSSM_FEE_CURVE_TYPE_DEFAULT:
- c = "Default";
- break;
- case CSSM_FEE_CURVE_TYPE_MONTGOMERY:
- c = "Montgomery";
- break;
- case CSSM_FEE_CURVE_TYPE_WEIERSTRASS:
- c = "Weierstrass";
- break;
- default:
- c = "***UNKNOWN***";
- break;
- }
- return c;
-}
-
-/*
- * Perform FEE Key exchange via CSSM_DeriveKey.
- */
-#if 0
-/* Not implemented in OS X */
-CSSM_RETURN cspFeeKeyExchange(CSSM_CSP_HANDLE cspHand,
- CSSM_KEY_PTR privKey,
- CSSM_KEY_PTR pubKey,
- CSSM_KEY_PTR derivedKey, // mallocd by caller
-
- /* remaining fields apply to derivedKey */
- uint32 keyAlg,
- const char *keyLabel,
- unsigned keyLabelLen,
- uint32 keyUsage, // CSSM_KEYUSE_ENCRYPT, etc.
- uint32 keySizeInBits)
-{
- CSSM_CC_HANDLE dkHand;
- CSSM_RETURN crtn;
- CSSM_DATA labelData;
-
- if(derivedKey == NULL) {
- printf("cspFeeKeyExchange: no derivedKey\n");
- return CSSMERR_CSSM_INTERNAL_ERROR;
- }
- if((pubKey == NULL) ||
- (pubKey->KeyHeader.KeyClass != CSSM_KEYCLASS_PUBLIC_KEY) ||
- (pubKey->KeyHeader.BlobType != CSSM_KEYBLOB_RAW)) {
- printf("cspFeeKeyExchange: bad pubKey\n");
- return CSSMERR_CSSM_INTERNAL_ERROR;
- }
- if((privKey == NULL) ||
- (privKey->KeyHeader.KeyClass != CSSM_KEYCLASS_PRIVATE_KEY) ||
- (privKey->KeyHeader.BlobType != CSSM_KEYBLOB_REFERENCE)) {
- printf("cspFeeKeyExchange: bad privKey\n");
- return CSSMERR_CSSM_INTERNAL_ERROR;
- }
- memset(derivedKey, 0, sizeof(CSSM_KEY));
-
- crtn = CSSM_CSP_CreateDeriveKeyContext(cspHand,
- CSSM_ALGID_FEE_KEYEXCH, // AlgorithmID
- keyAlg, // alg of the derived key
- keySizeInBits,
- NULL, // access creds
- // FIXME
- 0, // IterationCount
- NULL, // Salt
- NULL, // Seed
- NULL); // PassPhrase
- if(dkHand == 0) {
- printError("CSSM_CSP_CreateDeriveKeyContext");
- return CSSM_FAIL;
- }
- labelData.Length = keyLabelLen;
- labelData.Data = (uint8 *)keyLabel;
- crtn = CSSM_DeriveKey(dkHand,
- privKey,
- &pubKey->KeyData, // Param - pub key blob
- keyUsage,
- CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_EXTRACTABLE |
- CSSM_KEYATTR_SENSITIVE,
- &labelData,
- derivedKey);
-
- /* FIXME - save/restore error */
- CSSM_DeleteContext(dkHand);
- if(crtn) {
- printError("CSSM_DeriveKey");
- }
- return crtn;
-}
-#endif
-
-#pragma mark --------- Key/DL/DB support ---------
-
-/*
- * Add a DL/DB handle to a crypto context.
- */
-CSSM_RETURN cspAddDlDbToContext(
- CSSM_CC_HANDLE ccHand,
- CSSM_DL_HANDLE dlHand,
- CSSM_DB_HANDLE dbHand)
-{
- CSSM_DL_DB_HANDLE dlDb = { dlHand, dbHand };
- return AddContextAttribute(ccHand,
- CSSM_ATTRIBUTE_DL_DB_HANDLE,
- sizeof(CSSM_ATTRIBUTE_DL_DB_HANDLE),
- CAT_Ptr,
- &dlDb,
- 0);
-}
-
-/*
- * Common routine to do a basic DB lookup by label and key type.
- * Query is aborted prior to exit.
- */
-static CSSM_DB_UNIQUE_RECORD_PTR dlLookup(
- CSSM_DL_DB_HANDLE dlDbHand,
- const CSSM_DATA *keyLabel,
- CT_KeyType keyType,
- CSSM_HANDLE *resultHand, // RETURNED
- CSSM_DATA_PTR theData, // RETURED
- CSSM_DB_RECORDTYPE *recordType) // RETURNED
-{
- CSSM_QUERY query;
- CSSM_SELECTION_PREDICATE predicate;
- CSSM_DB_UNIQUE_RECORD_PTR record = NULL;
- CSSM_RETURN crtn;
-
- switch(keyType) {
- case CKT_Public:
- query.RecordType = *recordType = CSSM_DL_DB_RECORD_PUBLIC_KEY;
- break;
- case CKT_Private:
- query.RecordType = *recordType = CSSM_DL_DB_RECORD_PRIVATE_KEY;
- break;
- case CKT_Session:
- query.RecordType = *recordType = CSSM_DL_DB_RECORD_SYMMETRIC_KEY;
- break;
- default:
- printf("Hey bozo! Give me a valid key type!\n");
- return NULL;
- }
- query.Conjunctive = CSSM_DB_NONE;
- query.NumSelectionPredicates = 1;
- predicate.DbOperator = CSSM_DB_EQUAL;
-
- predicate.Attribute.Info.AttributeNameFormat =
- CSSM_DB_ATTRIBUTE_NAME_AS_STRING;
- predicate.Attribute.Info.Label.AttributeName = (char *) "Label";
- predicate.Attribute.Info.AttributeFormat = CSSM_DB_ATTRIBUTE_FORMAT_BLOB;
- /* hope this cast is OK */
- predicate.Attribute.Value = (CSSM_DATA_PTR)keyLabel;
- query.SelectionPredicate = &predicate;
-
- query.QueryLimits.TimeLimit = 0; // FIXME - meaningful?
- query.QueryLimits.SizeLimit = 1; // FIXME - meaningful?
- query.QueryFlags = CSSM_QUERY_RETURN_DATA; // FIXME - used?
-
- crtn = CSSM_DL_DataGetFirst(dlDbHand,
- &query,
- resultHand,
- NULL,
- theData,
- &record);
- /* abort only on success */
- if(crtn == CSSM_OK) {
- crtn = CSSM_DL_DataAbortQuery(dlDbHand, *resultHand);
- if(crtn) {
- printError("CSSM_DL_AbortQuery", crtn);
- return NULL;
- }
- }
- return record;
-}
-
-/*
- * Look up a key by label and type.
- */
-CSSM_KEY_PTR cspLookUpKeyByLabel(
- CSSM_DL_HANDLE dlHand,
- CSSM_DB_HANDLE dbHand,
- const CSSM_DATA *labelData,
- CT_KeyType keyType)
-{
- CSSM_DB_UNIQUE_RECORD_PTR record;
- CSSM_HANDLE resultHand;
- CSSM_DATA theData;
- CSSM_KEY_PTR key;
- CSSM_DB_RECORDTYPE recordType;
- CSSM_DL_DB_HANDLE dlDbHand;
-
- dlDbHand.DLHandle = dlHand;
- dlDbHand.DBHandle = dbHand;
-
- theData.Length = 0;
- theData.Data = NULL;
-
- record = dlLookup(dlDbHand,
- labelData,
- keyType,
- &resultHand,
- &theData,
- &recordType);
- if(record == NULL) {
- //printf("cspLookUpKeyByLabel: key not found\n");
- return NULL;
- }
- key = (CSSM_KEY_PTR)theData.Data;
- CSSM_DL_FreeUniqueRecord(dlDbHand, record);
- return key;
-}
-
-/*
- * Delete and free a key
- */
-CSSM_RETURN cspDeleteKey(
- CSSM_CSP_HANDLE cspHand, // for free
- CSSM_DL_HANDLE dlHand, // for delete
- CSSM_DB_HANDLE dbHand, // ditto
- const CSSM_DATA *labelData,
- CSSM_KEY_PTR key)
-{
- CSSM_DB_UNIQUE_RECORD_PTR record;
- CSSM_HANDLE resultHand;
- CT_KeyType keyType;
- CSSM_RETURN crtn = CSSM_OK;
- CSSM_DB_RECORDTYPE recordType;
- CSSM_DL_DB_HANDLE dlDbHand;
-
- if(key->KeyHeader.KeyAttr & CSSM_KEYATTR_PERMANENT) {
- /* first do a lookup based in this key's fields */
- switch(key->KeyHeader.KeyClass) {
- case CSSM_KEYCLASS_PUBLIC_KEY:
- keyType = CKT_Public;
- break;
- case CSSM_KEYCLASS_PRIVATE_KEY:
- keyType = CKT_Private;
- break;
- case CSSM_KEYCLASS_SESSION_KEY:
- keyType = CKT_Session;
- break;
- default:
- printf("Hey bozo! Give me a valid key type!\n");
- return -1;
- }
-
- dlDbHand.DLHandle = dlHand;
- dlDbHand.DBHandle = dbHand;
-
- record = dlLookup(dlDbHand,
- labelData,
- keyType,
- &resultHand,
- NULL, // don't want actual data
- &recordType);
- if(record == NULL) {
- printf("cspDeleteKey: key not found in DL\n");
- return CSSMERR_DL_RECORD_NOT_FOUND;
- }
-
- /* OK, nuke it */
- crtn = CSSM_DL_DataDelete(dlDbHand, record);
- if(crtn) {
- printError("CSSM_DL_DataDelete", crtn);
- }
- CSSM_DL_FreeUniqueRecord(dlDbHand, record);
- }
-
- /* CSSM_FreeKey() should fail due to the delete, but it will
- * still free KeyData....
- * FIXME - we should be able to do this in this one single call - right?
- */
- CSSM_FreeKey(cspHand, NULL, key, CSSM_FALSE);
-
- return crtn;
-}
-
-/*
- * Given any key in either blob or reference format,
- * obtain the associated SHA-1 hash.
- */
-CSSM_RETURN cspKeyHash(
- CSSM_CSP_HANDLE cspHand,
- const CSSM_KEY_PTR key, /* public key */
- CSSM_DATA_PTR *hashData) /* hash mallocd and RETURNED here */
-{
- CSSM_CC_HANDLE ccHand;
- CSSM_RETURN crtn;
- CSSM_DATA_PTR dp;
-
- *hashData = NULL;
-
- /* validate input params */
- if((key == NULL) ||
- (hashData == NULL)) {
- printf("cspKeyHash: bogus args\n");
- return CSSMERR_CSSM_INTERNAL_ERROR;
- }
-
- /* cook up a context for a passthrough op */
- crtn = CSSM_CSP_CreatePassThroughContext(cspHand,
- key,
- &ccHand);
- if(ccHand == 0) {
- printError("CSSM_CSP_CreatePassThroughContext", crtn);
- return crtn;
- }
-
- /* now it's up to the CSP */
- crtn = CSSM_CSP_PassThrough(ccHand,
- CSSM_APPLECSP_KEYDIGEST,
- NULL,
- (void **)&dp);
- if(crtn) {
- printError("CSSM_CSP_PassThrough(PUBKEYHASH)", crtn);
- }
- else {
- *hashData = dp;
- crtn = CSSM_OK;
- }
- CSSM_DeleteContext(ccHand);
- return crtn;
-}
-
projects / apple / security.git / blobdiff