📄 cryptctx.c
字号:
CRYPT_CTXINFO_KEYING_ITERATIONS ) );
*valuePtr = value;
return( CRYPT_OK );
case CRYPT_IATTRIBUTE_KEYFEATURES:
assert( contextType == CONTEXT_PKC );
*valuePtr = ( contextInfoPtr->flags & CONTEXT_PBO ) ? 1 : 0;
#ifdef USE_DEVICES
*valuePtr |= ( contextInfoPtr->deviceObject > 0 ) ? 2 : 0;
#endif /* USE_DEVICES */
return( CRYPT_OK );
case CRYPT_IATTRIBUTE_DEVICEOBJECT:
#ifdef USE_DEVICES
if( contextInfoPtr->deviceObject < 0 )
return( CRYPT_ERROR_NOTFOUND );
*valuePtr = ( int ) contextInfoPtr->deviceObject;
return( CRYPT_OK );
#else
return( CRYPT_ERROR_NOTFOUND );
#endif /* USE_DEVICES */
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
}
static int processGetAttributeS( CONTEXT_INFO *contextInfoPtr,
void *messageDataPtr, const int messageValue )
{
const CAPABILITY_INFO *capabilityInfoPtr = contextInfoPtr->capabilityInfo;
const CONTEXT_TYPE contextType = contextInfoPtr->type;
RESOURCE_DATA *msgData = ( RESOURCE_DATA * ) messageDataPtr;
int status;
switch( messageValue )
{
case CRYPT_CTXINFO_NAME_ALGO:
return( attributeCopy( msgData, capabilityInfoPtr->algoName,
strlen( capabilityInfoPtr->algoName ) ) );
case CRYPT_CTXINFO_NAME_MODE:
assert( contextType == CONTEXT_CONV );
switch( contextInfoPtr->ctxConv->mode )
{
case CRYPT_MODE_ECB:
return( attributeCopy( msgData, "ECB", 3 ) );
case CRYPT_MODE_CBC:
return( attributeCopy( msgData, "CBC", 3 ) );
case CRYPT_MODE_CFB:
return( attributeCopy( msgData, "CFB", 3 ) );
case CRYPT_MODE_OFB:
return( attributeCopy( msgData, "OFB", 3 ) );
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
case CRYPT_CTXINFO_KEYING_SALT:
assert( contextType == CONTEXT_CONV || \
contextType == CONTEXT_MAC );
if( contextType == CONTEXT_CONV )
{
if( contextInfoPtr->ctxConv->saltLength <= 0 )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYING_SALT ) );
return( attributeCopy( msgData, contextInfoPtr->ctxConv->salt,
contextInfoPtr->ctxConv->saltLength ) );
}
if( contextInfoPtr->ctxMAC->saltLength <= 0 )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYING_SALT ) );
return( attributeCopy( msgData, contextInfoPtr->ctxMAC->salt,
contextInfoPtr->ctxMAC->saltLength ) );
case CRYPT_CTXINFO_IV:
assert( contextType == CONTEXT_CONV );
if( !needsIV( contextInfoPtr->ctxConv->mode ) || \
isStreamCipher( contextInfoPtr->capabilityInfo->cryptAlgo ) )
return( CRYPT_ERROR_NOTAVAIL );
if( !( contextInfoPtr->flags & CONTEXT_IV_SET ) )
return( exitErrorNotInited( contextInfoPtr, CRYPT_CTXINFO_IV ) );
return( attributeCopy( msgData, contextInfoPtr->ctxConv->iv,
contextInfoPtr->ctxConv->ivLength ) );
case CRYPT_CTXINFO_HASHVALUE:
assert( contextType == CONTEXT_HASH || \
contextType == CONTEXT_MAC );
if( !( contextInfoPtr->flags & CONTEXT_HASH_INITED ) )
return( CRYPT_ERROR_NOTINITED );
if( !( contextInfoPtr->flags & CONTEXT_HASH_DONE ) )
return( CRYPT_ERROR_INCOMPLETE );
return( attributeCopy( msgData, ( contextType == CONTEXT_HASH ) ? \
contextInfoPtr->ctxHash->hash : \
contextInfoPtr->ctxMAC->mac,
capabilityInfoPtr->blockSize ) );
case CRYPT_CTXINFO_LABEL:
if( contextInfoPtr->labelSize <= 0 )
return( exitErrorNotInited( contextInfoPtr,
CRYPT_CTXINFO_LABEL ) );
return( attributeCopy( msgData, contextInfoPtr->label,
contextInfoPtr->labelSize ) );
case CRYPT_IATTRIBUTE_KEYID:
assert( contextType == CONTEXT_PKC );
return( attributeCopy( msgData, contextInfoPtr->ctxPKC->keyID,
KEYID_SIZE ) );
case CRYPT_IATTRIBUTE_KEYID_PGP:
assert( contextType == CONTEXT_PKC );
if( contextInfoPtr->capabilityInfo->cryptAlgo != CRYPT_ALGO_RSA )
return( CRYPT_ERROR_NOTFOUND );
return( attributeCopy( msgData, contextInfoPtr->ctxPKC->pgpKeyID,
PGP_KEYID_SIZE ) );
case CRYPT_IATTRIBUTE_KEYID_OPENPGP:
assert( contextType == CONTEXT_PKC );
assert( contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_RSA || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DSA || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ELGAMAL );
return( attributeCopy( msgData, contextInfoPtr->ctxPKC->openPgpKeyID,
PGP_KEYID_SIZE ) );
#ifdef USE_KEA
case CRYPT_IATTRIBUTE_KEY_KEADOMAINPARAMS:
assert( contextType == CONTEXT_PKC );
return( attributeCopy( msgData, contextInfoPtr->ctxPKC->domainParamPtr,
contextInfoPtr->ctxPKC->domainParamSize ) );
case CRYPT_IATTRIBUTE_KEY_KEAPUBLICVALUE:
assert( contextType == CONTEXT_PKC );
return( attributeCopy( msgData, contextInfoPtr->ctxPKC->publicValuePtr,
contextInfoPtr->ctxPKC->publicValueSize ) );
#else
case CRYPT_IATTRIBUTE_KEY_KEADOMAINPARAMS:
case CRYPT_IATTRIBUTE_KEY_KEAPUBLICVALUE:
return( CRYPT_ERROR_NOTFOUND );
#endif /* USE_KEA */
case CRYPT_IATTRIBUTE_KEY_SPKI:
assert( contextType == CONTEXT_PKC );
assert( contextInfoPtr->flags & CONTEXT_KEY_SET );
if( contextInfoPtr->ctxPKC->publicKeyInfo != NULL )
/* If the data is available in pre-encoded form, copy it
out */
return( attributeCopy( msgData, contextInfoPtr->ctxPKC->publicKeyInfo,
contextInfoPtr->ctxPKC->publicKeyInfoSize ) );
/* Drop through */
case CRYPT_IATTRIBUTE_KEY_SSH1:
case CRYPT_IATTRIBUTE_KEY_SSH2:
case CRYPT_IATTRIBUTE_KEY_SSL:
{
STREAM stream;
assert( contextType == CONTEXT_PKC );
assert( contextInfoPtr->flags & CONTEXT_KEY_SET );
/* Write the appropriately-formatted key data from the context */
sMemOpen( &stream, msgData->data, msgData->length );
status = contextInfoPtr->ctxPKC->writePublicKeyFunction( &stream,
contextInfoPtr,
attributeToFormatType( messageValue ), "public" );
if( cryptStatusOK( status ) )
msgData->length = stell( &stream );
sMemDisconnect( &stream );
return( status );
}
case CRYPT_IATTRIBUTE_PGPVALIDITY:
assert( contextType == CONTEXT_PKC );
*( ( time_t * ) msgData->data ) = \
contextInfoPtr->ctxPKC->pgpCreationTime;
return( CRYPT_OK );
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
}
static int processSetAttribute( CONTEXT_INFO *contextInfoPtr,
void *messageDataPtr, const int messageValue )
{
const CAPABILITY_INFO *capabilityInfoPtr = contextInfoPtr->capabilityInfo;
const CONTEXT_TYPE contextType = contextInfoPtr->type;
const int value = *( ( int * ) messageDataPtr );
int *valuePtr;
int status;
switch( messageValue )
{
case CRYPT_OPTION_MISC_SIDECHANNELPROTECTION:
if( value )
contextInfoPtr->flags |= CONTEXT_SIDECHANNELPROTECTION;
else
contextInfoPtr->flags &= ~CONTEXT_SIDECHANNELPROTECTION;
return( CRYPT_OK );
case CRYPT_CTXINFO_MODE:
assert( contextType == CONTEXT_CONV );
/* If the mode isn't set to the initial default, it's already
been explicitly set and we can't change it again */
if( contextInfoPtr->ctxConv->mode != \
( isStreamCipher( capabilityInfoPtr->cryptAlgo ) ? \
CRYPT_MODE_OFB : CRYPT_MODE_CBC ) )
return( exitErrorInited( contextInfoPtr, CRYPT_CTXINFO_MODE ) );
/* Set the en/decryption mode */
assert( capabilityInfoPtr->initKeyParamsFunction != NULL );
return( capabilityInfoPtr->initKeyParamsFunction( contextInfoPtr,
NULL, 0, value ) );
case CRYPT_CTXINFO_KEYSIZE:
assert( capabilityInfoPtr->getInfoFunction != NULL );
switch( contextType )
{
case CONTEXT_CONV:
valuePtr = &contextInfoPtr->ctxConv->userKeyLength;
break;
case CONTEXT_PKC:
valuePtr = &contextInfoPtr->ctxPKC->keySizeBits;
break;
case CONTEXT_MAC:
valuePtr = &contextInfoPtr->ctxMAC->userKeyLength;
break;
default:
assert( NOTREACHED );
return( CRYPT_ERROR );
}
if( *valuePtr )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYSIZE ) );
/* Trim the user-supplied value to the correct shape, taking
into account various issues such as limitations with the
underlying crypto code/hardware and the (in)ability to export
overly long keys using short public keys */
status = capabilityInfoPtr->getInfoFunction( CAPABILITY_INFO_KEYSIZE,
contextInfoPtr, value );
if( cryptStatusError( status ) )
return( status );
*valuePtr = ( contextType == CONTEXT_PKC ) ? \
bytesToBits( status ) : status;
return( CRYPT_OK );
case CRYPT_CTXINFO_KEYING_ALGO:
case CRYPT_OPTION_KEYING_ALGO:
{
CRYPT_ALGO_TYPE *algoValuePtr;
assert( contextType == CONTEXT_CONV || \
contextType == CONTEXT_MAC );
algoValuePtr = ( contextType == CONTEXT_CONV ) ? \
&contextInfoPtr->ctxConv->keySetupAlgorithm : \
&contextInfoPtr->ctxMAC->keySetupAlgorithm;
if( *algoValuePtr != CRYPT_ALGO_NONE )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYING_ALGO ) );
*algoValuePtr = value;
return( CRYPT_OK );
}
case CRYPT_CTXINFO_KEYING_ITERATIONS:
case CRYPT_OPTION_KEYING_ITERATIONS:
assert( contextType == CONTEXT_CONV || \
contextType == CONTEXT_MAC );
valuePtr = ( contextType == CONTEXT_CONV ) ? \
&contextInfoPtr->ctxConv->keySetupIterations : \
&contextInfoPtr->ctxMAC->keySetupIterations;
if( *valuePtr )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYING_ITERATIONS ) );
*valuePtr = value;
return( CRYPT_OK );
case CRYPT_IATTRIBUTE_INITIALISED:
return( CRYPT_OK );
case CRYPT_IATTRIBUTE_KEYSIZE:
/* If the key is held outside the context (e.g. in a device), we
need to manually supply the key-related information needed by
the context, which in this case is the key size. Once this
is set, there is (effectively) a key loaded, although the
actual keying values are held anderswhere */
switch( contextType )
{
case CONTEXT_CONV:
contextInfoPtr->ctxConv->userKeyLength = value;
break;
case CONTEXT_PKC:
if( contextInfoPtr->labelSize <= 0 )
/* PKC context must have a key label set */
return( exitErrorNotInited( contextInfoPtr,
CRYPT_CTXINFO_LABEL ) );
contextInfoPtr->ctxPKC->keySizeBits = bytesToBits( value );
break;
case CONTEXT_MAC:
contextInfoPtr->ctxMAC->userKeyLength = value;
break;
default:
assert( NOTREACHED );
return( CRYPT_ERROR );
}
contextInfoPtr->flags |= CONTEXT_KEY_SET;
return( CRYPT_OK );
case CRYPT_IATTRIBUTE_DEVICEOBJECT:
#ifdef USE_DEVICES
contextInfoPtr->deviceObject = value;
#endif /* USE_DEVICES */
return( CRYPT_OK );
}
assert( NOTREACHED );
return( CRYPT_ERROR ); /* Get rid of compiler warning */
}
static int processSetAttributeS( CONTEXT_INFO *contextInfoPtr,
void *messageDataPtr, const int messageValue )
{
const CAPABILITY_INFO *capabilityInfoPtr = contextInfoPtr->capabilityInfo;
const CONTEXT_TYPE contextType = contextInfoPtr->type;
const RESOURCE_DATA *msgData = ( RESOURCE_DATA * ) messageDataPtr;
int status;
switch( messageValue )
{
case CRYPT_CTXINFO_KEYING_SALT:
assert( contextType == CONTEXT_CONV || \
contextType == CONTEXT_MAC );
if( contextType == CONTEXT_CONV )
{
if( contextInfoPtr->ctxConv->saltLength > 0 )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYING_SALT ) );
memcpy( contextInfoPtr->ctxConv->salt, msgData->data,
msgData->length );
contextInfoPtr->ctxConv->saltLength = msgData->length;
return( CRYPT_OK );
}
if( contextInfoPtr->ctxMAC->saltLength > 0 )
return( exitErrorInited( contextInfoPtr,
CRYPT_CTXINFO_KEYING_SALT ) );
memcpy( contextInfoPtr->ctxMAC->salt, msgData->data,
msgData->length );
contextInfoPtr->ctxMAC->saltLength = msgData->length;
return( CRYPT_OK );
case CRYPT_CTXINFO_KEYING_VALUE:
return( deriveKey( contextInfoPtr, msgData->data,
msgData->length ) );
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -