📄 pgppublickey.c
字号:
passphraseLength, hashedPhrase, outRef );
error:
return err;
}
/* Version of NewPrivateKeyContext which takes passphrase options */
PGPError
PGPNewPrivateKeyContext(
PGPKeyRef privateKeyRef,
PGPPublicKeyMessageFormat messageFormat,
PGPPrivateKeyContextRef * outRef,
PGPOptionListRef firstOption,
...
)
{
PGPError error = kPGPError_NoErr;
PGPValidatePtr( outRef );
*outRef = NULL;
PGPValidateKey( privateKeyRef );
PGPValidateMessageFormat( messageFormat );
{
va_list args;
PGPContextRef context;
PGPOptionListRef optionList;
context = PGPGetKeyContext( privateKeyRef );
va_start( args, firstOption );
optionList = pgpBuildOptionListArgs( context,
FALSE, firstOption, args );
error = pgpGetOptionListError( optionList );
if( IsntPGPError( error ) )
{
error = pgpNewPrivateKeyContextInternal( privateKeyRef,
messageFormat, outRef, optionList );
}
va_end( args );
PGPFreeOptionList( optionList );
}
return( error );
}
#if 0
/* Replaced by PGPOptionList version above */
PGPError
PGPNewPrivateKeyContext(
PGPKeyRef privateKeyRef,
PGPPublicKeyMessageFormat messageFormat,
char const * passphrase,
PGPPrivateKeyContextRef * outRef )
{
PGPSize passphraseLength = 0;
PGPError err;
PGPValidatePtr( outRef );
*outRef = NULL;
PGPValidateKey( privateKeyRef );
PGPValidateMessageFormat( messageFormat );
if( IsntNull( passphrase ) )
{
PGPValidatePtr( passphrase );
passphraseLength = strlen( passphrase );
}
err = sNewPrivateKeyContext (privateKeyRef, messageFormat, passphrase,
passphraseLength, FALSE, outRef );
return err;
}
#endif
/*____________________________________________________________________________
____________________________________________________________________________*/
PGPError
PGPFreePrivateKeyContext( PGPPrivateKeyContextRef ref )
{
PGPError err = kPGPError_NoErr;
PGPContextRef context = NULL;
PGPValidatePrivateKey( ref );
context = ref->context;
if( IsntNull( ref->enckey ) )
pgpSecKeyDestroy( ref->enckey );
if( IsntNull( ref->signkey ) )
pgpSecKeyDestroy( ref->signkey );
pgpClearMemory( ref, sizeof( *ref ) );
pgpContextMemFree( context, ref );
return( err );
}
/*____________________________________________________________________________
____________________________________________________________________________*/
PGPError
PGPPrivateKeyDecrypt(
PGPPrivateKeyContextRef ref,
const void * in,
PGPSize inSize,
void * out,
PGPSize * outSize)
{
PGPSize lOutSize;
PGPEnv * env;
PGPError err = kPGPError_NoErr;
if( IsntNull( outSize ) )
{
PGPValidatePtr( outSize );
*outSize = 0;
}
PGPValidatePtr( out );
PGPValidatePrivateKey( ref );
PGPValidatePtr( in );
PGPValidateParam( inSize != 0 );
if( IsNull( ref->enckey ) )
return kPGPError_FeatureNotAvailable;
env = pgpContextGetEnvironment( ref->context );
err = pgpSecKeyDecrypt( ref->enckey, env, (const PGPByte *) in, inSize,
(PGPByte *) out, &lOutSize, NULL, 0, ref->format );
if( IsntPGPError( err ) && IsntNull( outSize ) )
{
*outSize = lOutSize;
}
return( err );
}
/*____________________________________________________________________________
____________________________________________________________________________*/
PGPError
PGPPrivateKeySign(
PGPPrivateKeyContextRef ref,
PGPHashContextRef hashContext,
void * signature,
PGPSize * signatureSize)
{
PGPRandomContext * randomContext;
PGPHashVTBL const * hashVTBL;
PGPSize hashSize;
PGPByte hashData[100];
PGPSize lSignatureSize;
PGPError err = kPGPError_NoErr;
if( IsntNull( signatureSize ) )
{
PGPValidatePtr( signatureSize );
*signatureSize = 0;
}
PGPValidatePrivateKey( ref );
PGPValidatePtr( hashContext );
PGPValidatePtr( signature );
if( IsNull( ref->signkey ) )
return kPGPError_FeatureNotAvailable;
/* Hash too big for our array? */
PGPGetHashSize( hashContext, &hashSize );
if( hashSize > sizeof(hashData) )
{
PGPFreeHashContext( hashContext );
return kPGPError_BadParams;
}
hashVTBL = pgpHashGetVTBL( hashContext );
PGPFinalizeHash( hashContext, hashData );
randomContext = pgpContextGetX9_17RandomContext( ref->context );
/* Do the signature */
err = pgpSecKeySign( ref->signkey, hashVTBL, hashData,
(PGPByte *) signature, &lSignatureSize,
randomContext, ref->format );
PGPFreeHashContext( hashContext );
if( IsntPGPError( err ) && IsntNull( signatureSize ) )
{
*signatureSize = lSignatureSize;
}
return( err );
}
/*____________________________________________________________________________
____________________________________________________________________________*/
PGPError
PGPPrivateKeySignRaw(
PGPPrivateKeyContextRef ref,
const void * signedData,
PGPSize signedDataSize,
const void * signature,
PGPSize * signatureSize)
{
PGPRandomContext * randomContext;
PGPSize lSignatureSize;
PGPHashVTBL dummyVTBL;
PGPError err = kPGPError_NoErr;
if( IsntNull( signatureSize ) )
{
PGPValidatePtr( signatureSize );
*signatureSize = 0;
}
PGPValidatePrivateKey( ref );
PGPValidatePtr( signedData );
PGPValidateParam( signedDataSize != 0 );
/* Raw mode supported only for PKCS sigs */
if( ref->format != kPGPPublicKeyMessageFormat_PKCS1 &&
ref->format != kPGPPublicKeyMessageFormat_X509 &&
ref->format != kPGPPublicKeyMessageFormat_IKE ) {
return kPGPError_BadParams;
}
PGPValidatePtr( signature );
if( IsNull( ref->signkey ) )
return kPGPError_FeatureNotAvailable;
randomContext = pgpContextGetX9_17RandomContext( ref->context );
/* Set up value for hash size used by signature function */
pgpClearMemory( &dummyVTBL, sizeof(dummyVTBL) );
dummyVTBL.hashsize = signedDataSize;
/* Do the signature */
err = pgpSecKeySign( ref->signkey, &dummyVTBL,
(const PGPByte *) signedData,
(PGPByte *) signature, &lSignatureSize,
randomContext, ref->format );
if( IsntPGPError( err ) && IsntNull( signatureSize ) )
{
*signatureSize = lSignatureSize;
}
return( err );
}
/*____________________________________________________________________________
If we have an encrypt-only or sign only key, we return zeros for the
one(s) which we don't support.
____________________________________________________________________________*/
PGPError
PGPGetPrivateKeyOperationSizes(
PGPPrivateKeyContextRef ref,
PGPSize * maxDecryptedBufferSize,
PGPSize * maxEncryptedBufferSize,
PGPSize * maxSignatureSize )
{
PGPValidatePrivateKey( ref );
if( IsntNull( maxDecryptedBufferSize ) )
PGPValidatePtr( maxDecryptedBufferSize );
if( IsntNull( maxEncryptedBufferSize ) )
PGPValidatePtr( maxEncryptedBufferSize );
if( IsntNull( maxSignatureSize ) )
PGPValidatePtr( maxSignatureSize );
if( IsntNull( maxEncryptedBufferSize ) )
{
if( IsntNull( ref->enckey ) ) {
*maxEncryptedBufferSize = pgpSecKeyMaxesk( ref->enckey,
ref->format );
} else {
*maxEncryptedBufferSize = 0;
}
}
if( IsntNull( maxDecryptedBufferSize ) )
{
if( IsntNull( ref->enckey ) )
*maxDecryptedBufferSize = pgpSecKeyMaxdecrypted( ref->enckey,
ref->format );
else
*maxDecryptedBufferSize = 0;
}
if( IsntNull( maxSignatureSize ) )
{
if( IsntNull( ref->signkey ) )
*maxSignatureSize = pgpSecKeyMaxsig( ref->signkey, ref->format );
else
*maxSignatureSize = 0;
}
return kPGPError_NoErr;
}
/*____________________________________________________________________________
Given the size of a prime modulus in bits, this returns an appropriate
size for an exponent in bits, such that the work factor to find a
discrete log modulo the modulus is approximately equal to half the
length of the exponent. This makes the exponent an appropriate size
for a subgroup in a discrete log signature scheme. For encryption
schemes, where decryption attacks can be stealthy and undetected, we
use 3/2 times the returned exponent size.
____________________________________________________________________________*/
PGPError
PGPDiscreteLogExponentBits(
PGPUInt32 modulusBits,
PGPUInt32 *exponentBits )
{
PGPValidatePtr( exponentBits );
*exponentBits = pgpDiscreteLogExponentBits( modulusBits );
return kPGPError_NoErr;
}
#if PRAGMA_MARK_SUPPORTED
#pragma mark --- Internal Routines ---
#endif
/*____________________________________________________________________________
____________________________________________________________________________*/
PGPError
sSetupPubkey( PGPPublicKeyContextRef ref )
{
RingObject * ringKey;
RingSet const * ringSet;
PGPError err = kPGPError_NoErr;
if( IsPGPError( err = pgpGetKeyRingObject( ref->key, FALSE, &ringKey ) ) )
goto error;
if( IsPGPError( err = pgpGetKeyRingSet( ref->key, FALSE, &ringSet ) ) )
goto error;
ref->enckey = ringKeyPubKey( (RingSet *)ringSet, ringKey,
PGP_PKUSE_ENCRYPT );
ref->signkey = ringKeyPubKey( (RingSet *)ringSet, ringKey,
PGP_PKUSE_SIGN );
if( IsNull( ref->enckey ) && IsNull( ref->signkey ) ) {
err = ringSetError( ringSet ) -> error;
goto error;
}
error:
return err;
}
/*____________________________________________________________________________
____________________________________________________________________________*/
PGPError
sSetupPrivkey( PGPPrivateKeyContextRef ref, char const *passphrase,
PGPSize passphraseLength, PGPBoolean hashedPhrase )
{
RingObject * ringKey;
RingSet const * ringSet;
PGPInt32 rslt;
PGPEnv * env;
PGPError err = kPGPError_NoErr;
if( IsPGPError( err = pgpGetKeyRingObject( ref->key, FALSE, &ringKey ) ) )
goto error;
if( IsPGPError( err = pgpGetKeyRingSet( ref->key, FALSE, &ringSet ) ) )
goto error;
ref->enckey = ringSecSecKey( (RingSet *)ringSet, ringKey,
PGP_PKUSE_ENCRYPT );
ref->signkey = ringSecSecKey( (RingSet *)ringSet, ringKey,
PGP_PKUSE_SIGN );
if( IsNull( ref->enckey ) && IsNull( ref->signkey ) ) {
err = ringSetError( ringSet ) -> error;
goto error;
}
env = pgpContextGetEnvironment( ref->context );
if( IsntNull( ref->enckey ) )
{
rslt = pgpSecKeyUnlock( ref->enckey, env, passphrase,
passphraseLength, hashedPhrase );
if( rslt != 1 )
{
pgpSecKeyDestroy( ref->enckey );
if( IsntNull( ref->signkey ) )
{
pgpSecKeyDestroy( ref->signkey );
}
err = kPGPError_BadPassphrase;
goto error;
}
}
if( IsntNull( ref->signkey ) )
{
rslt = pgpSecKeyUnlock( ref->signkey, env, passphrase,
passphraseLength, FALSE );
if( rslt != 1 )
{
pgpSecKeyDestroy( ref->signkey );
if( IsntNull( ref->enckey ) )
{
pgpSecKeyDestroy( ref->enckey );
}
err = kPGPError_BadPassphrase;
goto error;
}
}
error:
return err;
}
/*__Editor_settings____
Local Variables:
tab-width: 4
End:
vi: ts=4 sw=4
vim: si
_____________________*/
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -