dsakgimpl.c

voltage 公司提供的一个开发Ibe的工具包

  VoltMpInt *result = (VoltMpInt *)0;
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* Build the MPInt's containing the modulus, base and exponent.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->CreateMpInt ((Pointer)mpCtx, &modulus);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->OctetStringToMpInt (0, primeP->data, primeP->len, modulus);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->CreateMpInt ((Pointer)mpCtx, &base);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->OctetStringToMpInt (0, baseG->data, baseG->len, base);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->CreateMpInt ((Pointer)mpCtx, &expo);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->OctetStringToMpInt (0, priVal, priValLen, expo);
    if (status != 0)
      break;

    /* Create an empty result MpInt.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->CreateMpInt ((Pointer)mpCtx, &result);
    if (status != 0)
      break;

    /* pubVal = (base ^ expo) mod modulus.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->ModExp (base, expo, modulus, result);
    if (status != 0)
      break;

    /* How big does the buffer need to be?
     * We're expecting a BufferTooSmall error, if we don't get it,
     * that's an error.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->MpIntToOctetString (
      result, &sign, (unsigned char *)0, 0, &bufferSize);
    if (status == 0)
      status = VT_ERROR_INVALID_PARAMS;
    if (status != VT_ERROR_BUFFER_TOO_SMALL)
      break;

    VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_MEMORY;
    buffer = (unsigned char *)Z2Malloc (bufferSize, 0);
    if (buffer == (unsigned char *)0)
      break;

    /* Now that we have a buffer, get the result.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->MpIntToOctetString
      (result, &sign, buffer, bufferSize, &bufferSize);
    if (status != 0)
      break;

    /* If everything worked, set the return values.
     */
    *pubVal = buffer;
    *pubValLen = bufferSize;

  } while (0);

  if (modulus != (VoltMpInt *)0)
    mpCtx->DestroyMpInt (&modulus);
  if (base != (VoltMpInt *)0)
    mpCtx->DestroyMpInt (&base);
  if (expo != (VoltMpInt *)0)
    mpCtx->DestroyMpInt (&expo);
  if (result != (VoltMpInt *)0)
    mpCtx->DestroyMpInt (&result);

  /* If there was no error, we're done.
   */
  if (status == 0)
    return (0);

  /* If there was an error, free the buffer that we would have returned
   * but didn't.
   */
  if (buffer != (unsigned char *)0)
    Z2Free (buffer);

  VOLT_LOG_ERROR (
    (VtLibCtx)libCtx, status, errorType, fnctLine,
    "VoltGeneratePubValAlloc", (char *)0)

  return (status);
}

void DSAKeyPairDataDestroy (
   Pointer obj,
   Pointer ctx
   )
{
  VoltLibCtx *libCtx = (VoltLibCtx *)(((VoltObject *)obj)->libraryCtx);
  VoltDsaKeyPair *theKeyPair = (VoltDsaKeyPair *)ctx;

  /* Is there anything to destroy?
   */
  if (ctx == (Pointer)0)
    return;
  if (theKeyPair->type != VOLT_KEY_TYPE_ASYM_PAIR)
    return;

  /* Destroy the contents.
   */
  if (theKeyPair->priKey != (VtKeyObject)0)
    VtDestroyKeyObject (&(theKeyPair->priKey));
  if (theKeyPair->pubKey != (VtKeyObject)0)
    VtDestroyKeyObject (&(theKeyPair->pubKey));

  /* Free up the memory that made up the context.
   */
  Z2Free (ctx);
}

static int SetPubKeyObject (
   VoltLibCtx *libCtx,
   VoltDsaKeyGenCtx *dsaGenCtx,
   unsigned char *pubVal,
   unsigned int pubValLen,
   VtKeyObject pubKey
   )
{
  int status;
  VtDSAPubKeyInfo keyInfo;
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* Fill in the keyInfo struct with the data.
     */
    keyInfo.primeP.data = dsaGenCtx->primeP.data;
    keyInfo.primeP.len = dsaGenCtx->primeP.len;
    keyInfo.subprimeQ.data = dsaGenCtx->subprimeQ.data;
    keyInfo.subprimeQ.len = dsaGenCtx->subprimeQ.len;
    keyInfo.baseG.data = dsaGenCtx->baseG.data;
    keyInfo.baseG.len = dsaGenCtx->baseG.len;
    keyInfo.pubValY.data = pubVal;
    keyInfo.pubValY.len = pubValLen;

    /* Set the object.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtSetKeyParam (pubKey, VtKeyParamDSAPublic, (Pointer)&keyInfo);

  } while (0);

  VOLT_LOG_ERROR_COMPARE (
    status, (VtLibCtx)libCtx, status, 0, fnctLine,
    "SetPubKeyObject", (char *)0)

  return (status);
}

static int SetPriKeyObject (
   VoltLibCtx *libCtx,
   VoltDsaKeyGenCtx *dsaGenCtx,
   unsigned char *priVal,
   unsigned int priValLen,
   unsigned char *pubVal,
   unsigned int pubValLen,
   VtKeyObject priKey
   )
{
  int status;
  VtDSAPriKeyInfo keyInfo;
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* Fill in the keyInfo struct with the data.
     */
    keyInfo.primeP.data = dsaGenCtx->primeP.data;
    keyInfo.primeP.len = dsaGenCtx->primeP.len;
    keyInfo.subprimeQ.data = dsaGenCtx->subprimeQ.data;
    keyInfo.subprimeQ.len = dsaGenCtx->subprimeQ.len;
    keyInfo.baseG.data = dsaGenCtx->baseG.data;
    keyInfo.baseG.len = dsaGenCtx->baseG.len;
    keyInfo.pubValY.data = pubVal;
    keyInfo.pubValY.len = pubValLen;
    keyInfo.priValX.data = priVal;
    keyInfo.priValX.len = priValLen;

    /* Set the object.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtSetKeyParam (priKey, VtKeyParamDSAPrivate, (Pointer)&keyInfo);

  } while (0);

  VOLT_LOG_ERROR_COMPARE (
    status, (VtLibCtx)libCtx, status, 0, fnctLine,
    "SetPriKeyObject", (char *)0)

  return (status);
}

int VoltTestDsaKeyPair (
   VoltLibCtx *libCtx,
   VoltSurrenderCtx *surrCtx,
   VtKeyObject pubKey,
   VtKeyObject priKey,
   VtRandomObject random
   )
{
  int status;
  unsigned int signatureLen, sigFlag, verifyResult;
  VtAlgorithmObject signer = (VtAlgorithmObject)0;
  VtAlgorithmObject verifier = (VtAlgorithmObject)0;
  VtSurrenderCallback surrenderCtx;
  unsigned char arbitraryData[20];
  unsigned char signature[56];
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* Generate arbitrary data to sign.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtGenerateRandomBytes (
      random, arbitraryData, sizeof (arbitraryData));
    if (status != 0)
      break;

    /* Sign it.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    sigFlag = VT_DSA_SIGNATURE_DER_ENCODED;
    status = VtCreateAlgorithmObject (
      (VtLibCtx)libCtx, VtAlgorithmImplDSASign, (Pointer)&sigFlag,
      &signer);
    if (status != 0)
      break;

    if (surrCtx != (VoltSurrenderCtx *)0)
    {
      /* Set the signing object with the surrender ctx, but don't copy
       * the appData, just copy a reference, so we're still using the
       * cert request object's appData.
       */
      surrenderCtx.Surrender = surrCtx->Surrender;
      surrenderCtx.appData = surrCtx->appData;
      surrenderCtx.AppDataCopy = (VtSurrenderAppDataCopy)0;
      surrenderCtx.AppDataFree = (VtSurrenderAppDataFree)0;
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtSetAlgorithmParam (
        signer, VtAlgorithmParamSurrenderCallback, (Pointer)&surrenderCtx);
      if (status != 0)
        break;
    }

    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtSign (
      signer, priKey, random, VT_DIGEST_ALG_SHA1,
      arbitraryData, sizeof (arbitraryData),
      signature, sizeof (signature), &signatureLen);
    if (status != 0)
      break;

    /* Try to verify it.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    sigFlag = VT_DSA_SIGNATURE_DER_ENCODED;
    status = VtCreateAlgorithmObject (
      (VtLibCtx)libCtx, VtAlgorithmImplDSAVerify, (Pointer)&sigFlag,
      &verifier);
    if (status != 0)
      break;

    if (surrCtx != (VoltSurrenderCtx *)0)
    {
      /* Set the verification object with the surrender ctx.
       */
      surrenderCtx.Surrender = surrCtx->Surrender;
      surrenderCtx.appData = surrCtx->appData;
      surrenderCtx.AppDataCopy = (VtSurrenderAppDataCopy)0;
      surrenderCtx.AppDataFree = (VtSurrenderAppDataFree)0;
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtSetAlgorithmParam (
        verifier, VtAlgorithmParamSurrenderCallback, (Pointer)&surrenderCtx);
      if (status != 0)
        break;
    }

    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtVerifySignature (
      verifier, pubKey, random, VT_DIGEST_ALG_SHA1,
      arbitraryData, sizeof (arbitraryData),
      signature, signatureLen, &verifyResult);
    if (status != 0)
      break;

    /* If the signature verifies, the keys are partners, if not, return
     * an error.
     */
    VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_UNMATCHED_KEY_PAIR;
    if (verifyResult == 0)
      break;

    status = 0;

  } while (0);

  Z2Memset (arbitraryData, 0, sizeof (arbitraryData));
  Z2Memset (signature, 0, sizeof (signature));

  VtDestroyAlgorithmObject (&signer);
  VtDestroyAlgorithmObject (&verifier);

  VOLT_LOG_ERROR_COMPARE (
    status, (VtLibCtx)libCtx, status, errorType, fnctLine,
    "VoltTestDsaKeyPair", (char *)0)

  return (status);
}