ospcryptowrap.c

mgcp协议源代码。支持多种编码：g711

/*
*########################################################################
*########################################################################
*########################################################################
*                                                               
*   COPYRIGHT (c) 1998, 1999 by TransNexus, LLC                          
*                                                                    
*   This software contains proprietary and confidential information  
*   of TransNexus, LLC. Except as may be set forth in the license    
*   agreement under which this software is supplied, use, disclosure, 
*   or reproduction is prohibited without the prior, express, written
*   consent of TransNexus, LLC.                                      
*                                     
*
*
*
*
*
*
*#########################################################################
*#########################################################################
*#########################################################################
*/

#include <malloc.h>
#include <stdio.h>
#include "aglobal.h"
#include "bsafe.h"

#include "osp.h"
#include "ospcryptowrap.h"
#include "osptnlog.h"
#include "osperrno.h"

#ifdef  OSPC_HWE_CRYPTOSWIFT
#include    "bswift.h"
#endif


static B_ALGORITHM_METHOD *Chooser[] = 
{

#ifdef  OSPC_HWE_CRYPTOSWIFT
    &AM_SwiftDH_KEY_AGREE,
    &AM_SwiftRSA_CRT_DECRYPT,
    &AM_SwiftRSA_CRT_ENCRYPT,
    &AM_SwiftRSA_DECRYPT,
    &AM_SwiftRSA_ENCRYPT,
    &AM_SwiftDSA_SIGN,
    &AM_SwiftDSA_VERIFY,
#endif

    &AM_RSA_CRT_ENCRYPT,
    &AM_RSA_ENCRYPT,
    &AM_RSA_DECRYPT,
    &AM_RSA_CRT_DECRYPT,
    &AM_MD5,
    &AM_SHA,
    (B_ALGORITHM_METHOD *)NULL
};


int 
OSPPCryptoWrapDigest(
        unsigned char   *ospvDigest,
        unsigned        *ospvDigestLength,
        unsigned char   *ospvBERAlgorithm,
        unsigned        ospvBERAlgorithmLength,
        unsigned char   *ospvData,
        unsigned        ospvDataLength,
        unsigned char   ospvFlags)
{
    int errorcode = 0;
    unsigned char digestedData[OSPC_CRYPTO_DIGEST_BUFFER_MAXLENGTH];    
    /* MD5 needs 16, SHA1 needs 20 */
    unsigned int digestedDataLength = 0;
    char errmsg[100];

    ITEM algorithmItem;

    B_ALGORITHM_OBJ digester = (B_ALGORITHM_OBJ) NULL;

    OSPTNLOGDUMP(ospvBERAlgorithm, ospvBERAlgorithmLength, "DIGEST: ospvBERAlgorithm");
    OSPTNLOGDUMP(ospvData, ospvDataLength, "DIGEST: ospvData");

    /* Create an algorithm object */
    errorcode = B_CreateAlgorithmObject(&digester);
    if (errorcode)
    {
        sprintf(errmsg, 
            "B-SAFE error %d occurred in Digest", errorcode);
        errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
        OSPM_DBGERRORLOG(errorcode, errmsg);
    }

    if (errorcode == 0)
    {
        /* Setup the algorithm object */    

        algorithmItem.data = ospvBERAlgorithm;
        algorithmItem.len = ospvBERAlgorithmLength;
        if (ospvFlags & OSPC_CRYPTO_FLAG_USE_BER_ALGORITHM)
        {
            /* Try using MD5 first */
            errorcode = B_SetAlgorithmInfo(digester, AI_MD5_BER, 
                (POINTER) &algorithmItem);
            if (errorcode != OSPC_ERR_NO_ERROR)
            {
                /* Algorithm specified was not MD5, try SHA1 */
                errorcode = B_SetAlgorithmInfo(digester, AI_SHA1_BER, 
                    (POINTER) &algorithmItem);
                if (errorcode)
                {
                    sprintf(errmsg, 
                        "B-SAFE error %d occurred in Digest", errorcode);
                    errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
                    OSPM_DBGERRORLOG(errorcode, errmsg);
                }
            }
        }
        else
        {
            if (ospvFlags & OSPC_CRYPTO_FLAG_USE_SHA1_DIGEST)
            {
                errorcode = B_SetAlgorithmInfo(digester, AI_SHA1, 
                    (POINTER) NULL);
            }
            else
            {
                errorcode = B_SetAlgorithmInfo(digester, AI_MD5, 
                    (POINTER) NULL);
            }
        }
    }


    if (errorcode == 0)
    {
        /* Initialize */    
        errorcode = B_DigestInit(digester, (B_KEY_OBJ) NULL,
            Chooser, (A_SURRENDER_CTX *)NULL);
        if (errorcode)
        {
            sprintf(errmsg, 
                "B-SAFE error %d occurred in Digest", errorcode);
            errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
            OSPM_DBGERRORLOG(errorcode, errmsg);
        }
    }

    if (errorcode == 0)
    {
        errorcode = B_DigestUpdate(digester, ospvData, ospvDataLength, 
            (A_SURRENDER_CTX *) NULL);
        if (errorcode)
        {
            sprintf(errmsg, 
                "B-SAFE error %d occurred in Digest", errorcode);
            errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
            OSPM_DBGERRORLOG(errorcode, errmsg);
        }
    }

    if (errorcode == 0)
    {
        errorcode = B_DigestFinal(digester, 
            digestedData, &digestedDataLength, 
            sizeof(digestedData),
            (A_SURRENDER_CTX *) NULL);
        if (errorcode)
        {
            sprintf(errmsg, 
                "B-SAFE error %d occurred in Digest", errorcode);
            errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
            OSPM_DBGERRORLOG(errorcode, errmsg);
        }
    }

    if (errorcode == 0)
    {

        if (ospvDigest == NULL)
        {
            errorcode = OSPC_ERR_CRYPTO_INVALID_POINTER;
            OSPM_DBGERRORLOG(errorcode, 
                "Error allocating space for message digest");
        }

        if (*ospvDigestLength < digestedDataLength)
        {
            errorcode = OSPC_ERR_CRYPTO_NOT_ENOUGH_SPACE;
            OSPM_DBGERRORLOG(errorcode,
                "Not enough space for digest");
        }

        if (errorcode == 0)
        {
            memcpy(ospvDigest, 
                digestedData, digestedDataLength);

            *ospvDigestLength = digestedDataLength;
            OSPTNLOGDUMP(ospvDigest, *ospvDigestLength, "DIGEST: ospvDigest");
        }
    }

    B_DestroyAlgorithmObject(&digester);

    return errorcode;
}


/* This routine only supports RSA Encryption. It assumes Private Key
encryption, but will try the public key algorithm if the private key
algorithm doesn't match the Algorithm Information supplied */
int 
OSPPCryptoWrapEncrypt(
        unsigned char   *ospvEncryptedData,
        unsigned        *ospvEncryptedDataLength,
        unsigned char   *ospvBERAlgorithm,
        unsigned        ospvBERAlgorithmLength,
        unsigned char   *ospvData,
        unsigned        ospvDataLength,
        unsigned char   *ospvBERSignerKey,
        unsigned        ospvBERSignerKeyLength,
        unsigned char   ospvFlags)
{
    int errorcode = 0;
    unsigned char encryptedData[OSPC_CRYPTO_ENCRYPT_BUFFER_MAXLENGTH];      
    unsigned int encryptedDataLength = 0;
    unsigned int updateLength = 0;
    unsigned int finalLength = 0;
    char errmsg[100];

    ITEM algorithmItem;
    ITEM keyItem;

    B_INFO_TYPE keyType = (B_INFO_TYPE)OSPC_OSNULL;

    B_KEY_OBJ signerKey = (B_KEY_OBJ)OSPC_OSNULL;

    B_ALGORITHM_OBJ rsaEncrypter    = (B_ALGORITHM_OBJ) NULL;
    B_ALGORITHM_OBJ randomAlgorithm = (B_ALGORITHM_OBJ) NULL;

    OSPTNLOGDUMP(ospvData, ospvDataLength, "ENCRYPT: ospvData");
    OSPTNLOGDUMP(ospvBERSignerKey, ospvBERSignerKeyLength, "ENCRYPT: ospvBERSignerKey");

    /* Create an algorithm object */
    errorcode = B_CreateAlgorithmObject(&rsaEncrypter);
    if (errorcode)
    {
        sprintf(errmsg, 
            "B-SAFE error %d occurred in Encrypt", errorcode);
        errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
        OSPM_DBGERRORLOG(errorcode, errmsg);
    }


    if (errorcode == 0)
    {
        /* Setup the algorithm object */    

        algorithmItem.data = ospvBERAlgorithm;
        algorithmItem.len = ospvBERAlgorithmLength;



        if (ospvFlags & OSPC_CRYPTO_FLAG_USE_BER_ALGORITHM)
        {
            keyType = KI_PKCS_RSAPrivateBER;
            errorcode = B_SetAlgorithmInfo(rsaEncrypter, AI_PKCS_RSAPrivateBER, 
                (POINTER) &algorithmItem);
            if (errorcode != OSPC_ERR_NO_ERROR)
            {
                /* Maybe the algorithm doesn't match BER because BER is for
                Encryption using Public key. */

                /* Maybe this is a public key encryption request */
                OSPM_DBGERRORLOG(0, "RSAPrivate algorithm not specified for "
                    "Encrypt - trying RSAPublic algorithm");

                keyType = KI_RSAPublicBER;
                errorcode = B_SetAlgorithmInfo(rsaEncrypter, 
                    AI_PKCS_RSAPublicBER, 
                    (POINTER) &algorithmItem);
            }

        }
        else
        {
            if (!(ospvFlags & OSPC_CRYPTO_FLAG_ENCRYPTED_WITH_PUBLIC_KEY))
            {
                /* Normally encrypt using private key */
                keyType = KI_PKCS_RSAPrivateBER;
                errorcode = B_SetAlgorithmInfo(rsaEncrypter, 
                    AI_PKCS_RSAPrivate, 
                    (POINTER) NULL);
            }
            else
            {
                /* This is alternative to encrypt for receiver only */
                keyType = KI_RSAPublicBER;
                errorcode = B_SetAlgorithmInfo(rsaEncrypter, 
                    AI_PKCS_RSAPublic, 
                    (POINTER) NULL);
            }
        }

        if (errorcode == 0)
        {
            /* Create a random algorithm object - need one for public
                key encryption. */
            errorcode = B_CreateAlgorithmObject(&randomAlgorithm);
            if (errorcode)
            {
                sprintf(errmsg, 
                    "B-SAFE error %d occurred in Encrypt", errorcode);
                errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
                OSPM_DBGERRORLOG(errorcode, errmsg);
            }
        }   

        if (errorcode == 0)
        {
            /* Set the random algorithm object */
            errorcode = B_SetAlgorithmInfo(randomAlgorithm, AI_MD5Random,
                (POINTER) NULL);
            if (errorcode)
            {
                sprintf(errmsg, 
                    "B-SAFE error %d occurred in Encrypt", errorcode);
                errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
                OSPM_DBGERRORLOG(errorcode, errmsg);
            }
        }
    }

    if (errorcode == 0)
    {
        errorcode = B_CreateKeyObject(&signerKey);
        if (errorcode)
        {
            sprintf(errmsg, 
                "B-SAFE error %d occurred in Encrypt", errorcode);
            errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
            OSPM_DBGERRORLOG(errorcode, errmsg);
        }

        if (errorcode == 0)
        {
            keyItem.data = ospvBERSignerKey;
            keyItem.len = ospvBERSignerKeyLength;

            errorcode = B_SetKeyInfo(signerKey, keyType, 
                (POINTER) &keyItem); 
            if (errorcode)
            {
                sprintf(errmsg, 
                    "B-SAFE error %d occurred in Encrypt", errorcode);
                errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
                OSPM_DBGERRORLOG(errorcode, errmsg);
            }
        }
    }

    if (errorcode == 0)
    {

        /* Initialize */    
        errorcode = B_EncryptInit(rsaEncrypter, (B_KEY_OBJ) signerKey,
            Chooser, (A_SURRENDER_CTX *)NULL);
        if (errorcode)
        {
            sprintf(errmsg, 
                "B-SAFE error %d occurred in Encrypt", errorcode);
            errorcode = OSPC_ERR_CRYPTO_IMPLEMENTATION_SPECIFIC_ERROR;
            OSPM_DBGERRORLOG(errorcode, errmsg);
        }
    }

    if (errorcode == 0)
    {
        errorcode = B_EncryptUpdate(rsaEncrypter, encryptedData, &updateLength,
            OSPC_CRYPTO_ENCRYPT_BUFFER_MAXLENGTH, 
            ospvData, ospvDataLength, randomAlgorithm, 
            (A_SURRENDER_CTX *) NULL);

        if (errorcode)
        {
            sprintf(errmsg, 
                "B-SAFE error %d occurred in Encrypt", errorcode);