blapi_bsf.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 2,087 行 · 第 1/5 页

	}

	if ((status = B_CreateAlgorithmObject(&keypairGenerator)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if (publicExponent == NULL) publicExponent = &defaultPublicExponent;
	keygenParams.modulusBits = keySizeInBits;
	keygenParams.publicExponent.data = publicExponent->data;
	keygenParams.publicExponent.len = publicExponent->len;

	if ((status = B_SetAlgorithmInfo(keypairGenerator, AI_RSAKeyGen,
	                                 (POINTER)&keygenParams)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_GenerateInit(keypairGenerator, rsa_alg_chooser,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	if ((status = B_GenerateKeypair(keypairGenerator, publicKeyObj,
	                                privateKeyObj, randomAlgorithm,
	                                (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj,
	                           KI_PKCS_RSAPrivate)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	/*  Convert the BSAFE key info to an RSAPrivateKey.  */
	if ((status = rsaConvertKeyInfoToBLKey(privateKeyInfo, privateKey)) != 0) {
		goto loser;
	}

	B_DestroyAlgorithmObject(&publicKeyObj);
	B_DestroyKeyObject(&publicKeyObj);
	B_DestroyKeyObject(&privateKeyObj);
	rsaZFreePrivateKeyInfo(privateKeyInfo);
	B_DestroyAlgorithmObject(&randomAlgorithm);
	return privateKey;

loser:
	if (keypairGenerator != NULL_PTR)
		B_DestroyAlgorithmObject(&keypairGenerator);
	if (publicKeyObj != NULL_PTR)
		B_DestroyKeyObject(&publicKeyObj);
	if (privateKeyObj != NULL_PTR)
		B_DestroyKeyObject(&privateKeyObj);
	if (privateKeyInfo != (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR)
		rsaZFreePrivateKeyInfo(privateKeyInfo);
	if (randomAlgorithm != NULL_PTR)
		B_DestroyAlgorithmObject(&randomAlgorithm);
	PORT_FreeArena(arena, PR_TRUE);
	return NULL;
}

static unsigned int
rsa_modulusLen(SECItem *modulus)
{
	unsigned char byteZero = modulus->data[0];
	unsigned int modLen = modulus->len - !byteZero;
	return modLen;
}

SECStatus 
RSA_PublicKeyOp(RSAPublicKey *   key,
                unsigned char *  output,
                unsigned char *  input)
{
	B_ALGORITHM_OBJ rsaPubKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR;
	B_KEY_OBJ       publicKeyObj = (B_KEY_OBJ)NULL_PTR;
	A_RSA_KEY       pubKeyInfo;
	unsigned int outputLenUpdate;
	unsigned int modulusLen;
	int status;

	PORT_Assert(key != NULL);
	if (key == NULL) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}

	if ((status = B_CreateAlgorithmObject(&rsaPubKeyAlg)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_SetAlgorithmInfo(rsaPubKeyAlg, AI_RSAPublic,
	                                 NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	modulusLen = rsa_modulusLen(&key->modulus);
	pubKeyInfo.modulus.len = key->modulus.len;
	pubKeyInfo.modulus.data = key->modulus.data;
	pubKeyInfo.exponent.len = key->publicExponent.len;
	pubKeyInfo.exponent.data = key->publicExponent.data;

	if ((status = B_SetKeyInfo(publicKeyObj, KI_RSAPublic, 
	                           (POINTER)&pubKeyInfo)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_EncryptInit(rsaPubKeyAlg, publicKeyObj, rsa_alg_chooser,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}
	if ((status = B_EncryptUpdate(rsaPubKeyAlg,
	                              output, 
	                              &outputLenUpdate,
	                              modulusLen, 
	                              input, 
	                              modulusLen,
	                              (B_ALGORITHM_OBJ)NULL_PTR,
	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}
	if ((status = B_EncryptFinal(rsaPubKeyAlg,
	                             output + outputLenUpdate,
	                             &outputLenUpdate, 
	                             modulusLen - outputLenUpdate,
	                             (B_ALGORITHM_OBJ)NULL_PTR,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}

	B_DestroyAlgorithmObject(&rsaPubKeyAlg);
	B_DestroyAlgorithmObject(&publicKeyObj);
	/*  Don't delete pubKeyInfo data -- it was a shallow copy.  */
	return SECSuccess;

loser:
	if (rsaPubKeyAlg != NULL_PTR)
		B_DestroyAlgorithmObject(&rsaPubKeyAlg);
	if (publicKeyObj != NULL_PTR)
		B_DestroyAlgorithmObject(&publicKeyObj);
	return SECFailure;
}

SECStatus 
RSA_PrivateKeyOp(RSAPrivateKey *  key,
                 unsigned char *  output,
                 unsigned char *  input)
{
	A_PKCS_RSA_PRIVATE_KEY privKeyInfo;
	B_ALGORITHM_OBJ        rsaPrivKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR;
	B_KEY_OBJ              privateKeyObj = (B_KEY_OBJ)NULL_PTR;
	unsigned int outputLenUpdate;
	unsigned int modulusLen;
	int status;

	if ((status = B_CreateAlgorithmObject(&rsaPrivKeyAlg)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_SetAlgorithmInfo(rsaPrivKeyAlg, AI_RSAPrivate,
	                                 NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	if ((status = rsaConvertBLKeyToKeyInfo(key, &privKeyInfo)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_SetKeyInfo(privateKeyObj, KI_PKCS_RSAPrivate,
	                           (POINTER)&privKeyInfo)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	modulusLen = rsa_modulusLen(&key->modulus);

	if ((status = B_DecryptInit(rsaPrivKeyAlg, privateKeyObj, rsa_alg_chooser,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}
	if ((status = B_DecryptUpdate(rsaPrivKeyAlg,
	                              output, 
	                              &outputLenUpdate,
	                              modulusLen, 
	                              input, 
	                              modulusLen,
	                              (B_ALGORITHM_OBJ)NULL_PTR,
	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}
	if ((status = B_DecryptFinal(rsaPrivKeyAlg,
	                             output + outputLenUpdate,
	                             &outputLenUpdate, 
	                             modulusLen - outputLenUpdate,
	                             (B_ALGORITHM_OBJ)NULL_PTR,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}

	B_DestroyAlgorithmObject(&rsaPrivKeyAlg);
	B_DestroyAlgorithmObject(&privateKeyObj);
	/*  Don't delete privKeyInfo data -- it was a shallow copy.  */
	return SECSuccess;

loser:
	if (rsaPrivKeyAlg != NULL_PTR)
		B_DestroyAlgorithmObject(&rsaPrivKeyAlg);
	if (privateKeyObj != NULL_PTR)
		B_DestroyAlgorithmObject(&privateKeyObj);
	return SECFailure;
}

/*****************************************************************************
** BLAPI implementation of DSA
******************************************************************************/

static const B_ALGORITHM_METHOD *dsa_pk_gen_chooser[] = {
	&AM_SHA_RANDOM,
	&AM_DSA_PARAM_GEN,
	&AM_DSA_KEY_GEN,
	(B_ALGORITHM_METHOD *)NULL_PTR
};

static SECStatus
dsaConvertKeyInfoToBLKey(A_DSA_PRIVATE_KEY *privateKeyInfo, 
                         A_DSA_PUBLIC_KEY *publicKeyInfo, 
                         DSAPrivateKey *privateKey)
{
	PRArenaPool *arena;
	SECItem tmp;

	arena = privateKey->params.arena;
	SECITEMFROMITEM(arena, privateKey->params.prime, 
	                       privateKeyInfo->params.prime);
	SECITEMFROMITEM(arena, privateKey->params.subPrime, 
	                       privateKeyInfo->params.subPrime);
	SECITEMFROMITEM(arena, privateKey->params.base, 
	                       privateKeyInfo->params.base);
	SECITEMFROMITEM(arena, privateKey->privateValue,
	                       privateKeyInfo->x);
	SECITEMFROMITEM(arena, privateKey->publicValue,
	                       publicKeyInfo->y);

	return SECSuccess;

loser:
	PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
	return SECFailure;
}

static SECStatus
dsaConvertBLKeyToPrKeyInfo(DSAPrivateKey *privateKey,
                           A_DSA_PRIVATE_KEY *privateKeyInfo)
{
	ITEMFROMSECITEM(privateKeyInfo->params.prime, privateKey->params.prime)
	ITEMFROMSECITEM(privateKeyInfo->params.subPrime,
	                privateKey->params.subPrime);
	ITEMFROMSECITEM(privateKeyInfo->params.base, privateKey->params.base);
	ITEMFROMSECITEM(privateKeyInfo->x, privateKey->privateValue);
	return SECSuccess;
}

static SECStatus
dsaConvertBLKeyToPubKeyInfo(DSAPublicKey *publicKey,
                            A_DSA_PUBLIC_KEY *publicKeyInfo)
{
	ITEMFROMSECITEM(publicKeyInfo->params.prime, publicKey->params.prime)
	ITEMFROMSECITEM(publicKeyInfo->params.subPrime,
	                publicKey->params.subPrime);
	ITEMFROMSECITEM(publicKeyInfo->params.base, publicKey->params.base);
	ITEMFROMSECITEM(publicKeyInfo->y, publicKey->publicValue);
	return SECSuccess;
}

static SECStatus
dsaZFreeKeyInfoParams(A_DSA_PARAMS *params)
{
	PORT_ZFree(params->prime.data, 
	           params->prime.len);
	PORT_ZFree(params->subPrime.data, 
	           params->subPrime.len);
	PORT_ZFree(params->base.data, 
	           params->base.len);
	return SECSuccess;
}

static SECStatus
dsaZFreePrivateKeyInfo(A_DSA_PRIVATE_KEY *privateKeyInfo)
{
	dsaZFreeKeyInfoParams(&privateKeyInfo->params);
	PORT_ZFree(privateKeyInfo->x.data,
	           privateKeyInfo->x.len);
	return SECSuccess;
}

static SECStatus
dsaZFreePublicKeyInfo(A_DSA_PUBLIC_KEY *publicKeyInfo)
{
	dsaZFreeKeyInfoParams(&publicKeyInfo->params);
	PORT_ZFree(publicKeyInfo->y.data,
	           publicKeyInfo->y.len);
	return SECSuccess;
}

SECStatus 
DSA_NewKey(PQGParams *           params, 
           DSAPrivateKey **      privKey)
{
	return DSA_NewKeyFromSeed(params, NULL, privKey);
}

SECStatus 
DSA_SignDigest(DSAPrivateKey *   key,
               SECItem *         signature,
               SECItem *         digest)
{
	return DSA_SignDigestWithSeed(key, signature, digest, NULL);
}

SECStatus 
DSA_VerifyDigest(DSAPublicKey *  key,
                 SECItem *       signature,
                 SECItem *       digest)
{
	B_ALGORITHM_OBJ           dsaVerifier = (B_ALGORITHM_OBJ)NULL_PTR;
	B_KEY_OBJ                 publicKeyObj = (B_KEY_OBJ)NULL_PTR;
	A_DSA_PUBLIC_KEY          publicKeyInfo;
	const B_ALGORITHM_METHOD *dsa_verify_chooser[] = {
	                            &AM_DSA_VERIFY,
	                            (B_ALGORITHM_METHOD *)NULL_PTR
	};
	int status;

	if ((status = B_CreateAlgorithmObject(&dsaVerifier)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = dsaConvertBLKeyToPubKeyInfo(key, &publicKeyInfo)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_SetKeyInfo(publicKeyObj, KI_DSAPublic, 
	                           (POINTER)&publicKeyInfo)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_SetAlgorithmInfo(dsaVerifier, AI_DSA, NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	if ((status = B_VerifyInit(dsaVerifier, publicKeyObj, dsa_verify_chooser,
	                           (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	if ((status = B_VerifyUpdate(dsaVerifier, digest->data, digest->len,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}

	if ((status = B_VerifyFinal(dsaVerifier, signature->data, signature->len,
	                            (B_ALGORITHM_OBJ)NULL_PTR,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		if (status == BE_SIGNATURE) {
			PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
		} else {
			PORT_SetError(SEC_ERROR_BAD_DATA);
			goto loser;
		}
	}

	B_DestroyAlgorithmObject(&dsaVerifier);