dsakgimpl.c

IBE是一种非对称密码技术

/* Copyright 2003-2006, Voltage Security, all rights reserved.
 */

#include "vibecrypto.h"
#include "environment.h"
#include "base.h"
#include "libctx.h"
#include "keyobj.h"
#include "dsa.h"
#include "mpint.h"
#include "prime.h"
#include "fipsmodule.h"
#include "surrender.h"
#include "errorctx.h"

/* Set the given public key object with the info given. Use the params
 * in the dsaGenCtx and the public value supplied.
 * <p>This function does no arg checking, it is the responsibility of
 * the caller not to make mistakes.
 *
 * @param libCtx The library context to use.
 * @param dsaGenCtx The Key Gen context, contains the params.
 * @param pubVal The public value.
 * @param pubValLen The length, in bytes, of the public value.
 * @param pubKey The created but empty object to set.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
static int VOLT_CALLING_CONV SetPubKeyObject VOLT_PROTO_LIST ((
   VoltLibCtx *libCtx,
   VoltDsaKeyGenCtx *dsaGenCtx,
   unsigned char *pubVal,
   unsigned int pubValLen,
   VtKeyObject pubKey
));

/* Set the given private key object with the info given. Use the params
 * in the dsaGenCtx along with the public and private values supplied.
 * <p>This function does no arg checking, it is the responsibility of
 * the caller not to make mistakes.
 *
 * @param libCtx The library context to use.
 * @param dsaGenCtx The Key Gen context, contains the params.
 * @param priVal The private value.
 * @param priValLen The length, in bytes, of the private value.
 * @param pubVal The public value.
 * @param pubValLen The length, in bytes, of the public value.
 * @param priKey The created but empty object to set.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
static int VOLT_CALLING_CONV SetPriKeyObject VOLT_PROTO_LIST ((
   VoltLibCtx *libCtx,
   VoltDsaKeyGenCtx *dsaGenCtx,
   unsigned char *priVal,
   unsigned int priValLen,
   unsigned char *pubVal,
   unsigned int pubValLen,
   VtKeyObject priKey
));

int DSAGenerateKeyPair (
   VtKeyObject priKey,
   VtKeyObject pubKey,
   VtRandomObject random
   )
{
  int status;
  unsigned int pubValLen;
  VoltKeyObject *priObj = (VoltKeyObject *)priKey;
  VoltKeyObject *pubObj = (VoltKeyObject *)pubKey;
  VoltLibCtx *libCtx = (VoltLibCtx *)(priObj->voltObject.libraryCtx);
  VtRandomObject rand = (VtRandomObject)0;
  VtRandomObject randomToUse;
  VoltDsaKeyGenCtx *dsaGenCtx = (VoltDsaKeyGenCtx *)(priObj->localGenerateCtx);
  VtParameterObject paramGen = (VtParameterObject)0;
  VtDSAParamInfo *getParams;
  VtFips186PrngInfo randInfo;
  VoltSurrenderCtx *surrCtx = (VoltSurrenderCtx *)0;
  unsigned char *pubVal = (unsigned char *)0;
  unsigned char xkey[VOLT_DSA_XKEY_LEN];
  unsigned char xseed[VOLT_DSA_XSEED_LEN];
  unsigned char priValBuf[VOLT_DSA_PRI_VAL_LEN];
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* If there's no random object, get one from the libCtx.
     */
    VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_NO_RANDOM_OBJECT;
    randomToUse = random;
    if (random == (VtRandomObject)0)
    {
      randomToUse = (VtRandomObject)VoltGetLibCtxInfo (
        (VtLibCtx)libCtx, VOLT_LIB_CTX_INFO_TYPE_RANDOM);

      if (randomToUse == (VtRandomObject)0)
        break;
    }

    /* Make sure the random object is valid.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_INVALID_RANDOM_OBJ;
    if (VOLT_OBJECT_TYPE_NOT_EQUAL (randomToUse, VOLT_OBJECT_TYPE_RANDOM))
      break;

    /* If there's a surrender ctx, call the Surrender function.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_GET_OBJECT_SURR_CTX (surrCtx, priObj);
    /* If the surrenderCallback was not in the private key, is it in
     * the public key?
     */
    if (surrCtx == (VoltSurrenderCtx *)0)
    {
      VOLT_GET_OBJECT_SURR_CTX (surrCtx, pubObj);
    }
    VOLT_CALL_SURRENDER (surrCtx, VT_SURRENDER_FNCT_DSA_KEY_GEN, 0, 1)

    /* If we don't have params yet, generate them.
     */
    if (dsaGenCtx->primeP.data[0] == 0)
    {
      /* Create the DSA param object.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtCreateParameterObject (
        priObj->voltObject.libraryCtx, VtParameterImplMpCtx,
        (Pointer)(pubKey->mpCtx), &paramGen);
      if (status != 0)
        break;

      /* Set the parameter object with the surrender ctx.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VoltSetObjectSurrenderCtx ((VoltObject *)paramGen, surrCtx);
      if (status != 0)
        break;

      /* Generate. Use pubValLen as a temp variable.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      pubValLen = 1024;
      status = VtGenerateParameters (
        VtParamGenImplDSAParams, (Pointer)&pubValLen, randomToUse, paramGen);
      if (status != 0)
        break;

      /* Get the params.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtGetParameterParam (
        paramGen, VtParameterParamDSAParams, (Pointer *)&getParams);
      if (status != 0)
        break;

      /* Copy them into the key gen ctx.
       */
      Z2Memcpy (
        dsaGenCtx->primeP.data, getParams->primeP.data,
        getParams->primeP.len);
      dsaGenCtx->primeP.len = getParams->primeP.len;
      Z2Memcpy (
        dsaGenCtx->subprimeQ.data, getParams->subprimeQ.data,
        getParams->subprimeQ.len);
      dsaGenCtx->subprimeQ.len = getParams->subprimeQ.len;
      Z2Memcpy (
        dsaGenCtx->baseG.data, getParams->baseG.data,
        getParams->baseG.len);
      dsaGenCtx->baseG.len = getParams->baseG.len;
    }

    /* Generate XKEY and XSEED.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtGenerateRandomBytes (randomToUse, xkey, VOLT_DSA_XKEY_LEN);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtGenerateRandomBytes (randomToUse, xseed, VOLT_DSA_XSEED_LEN);
    if (status != 0)
      break;

    /* Build a random object that will generate the random x in a FIPS
     * prescibed manner.
     */
    randInfo.variation = FIPS_186_PRNG_3_1_CERTIFY;
    randInfo.mpCtx = (VtMpIntCtx)(priObj->mpCtx);
    randInfo.primeQ.data = dsaGenCtx->subprimeQ.data;
    randInfo.primeQ.len = dsaGenCtx->subprimeQ.len;
    randInfo.XKEY.data = xkey;
    randInfo.XKEY.len = VOLT_DSA_XKEY_LEN;
    
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtCreateRandomObject (
      priObj->voltObject.libraryCtx, VtRandomImplFips186Prng,
      (Pointer)&randInfo, &rand);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtSeedRandom (rand, xseed, VOLT_DSA_XSEED_LEN);
    if (status != 0)
      break;

    /* Generate the random x.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtGenerateRandomBytes (rand, priValBuf, VOLT_DSA_PRI_VAL_LEN);
    if (status != 0)
      break;

    VOLT_CALL_SURRENDER (surrCtx, VT_SURRENDER_FNCT_DSA_KEY_GEN, 0, 2)

    /* Generate the public value from the private value.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VoltGeneratePubValAlloc (
      libCtx, dsaGenCtx->mpCtx, &(dsaGenCtx->primeP), &(dsaGenCtx->baseG),
      priValBuf, VOLT_DSA_PRI_VAL_LEN, &pubVal, &pubValLen);
    if (status != 0)
      break;

    /* Build the public key object of the pair.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = SetPubKeyObject (
      libCtx, dsaGenCtx, pubVal, pubValLen, pubKey);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = SetPriKeyObject (
      libCtx, dsaGenCtx, priValBuf, VOLT_DSA_PRI_VAL_LEN,
      pubVal, pubValLen, priKey);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)
    status = VoltTestDsaKeyPair (
      libCtx, surrCtx, pubKey, priKey, randomToUse);

  /* If we're building this for the FIPS shared library, we want to set
   * the FIPS error.
   */
#if VOLT_BUILD == VOLT_BUILD_FIPS_SHARED
    if (status == VT_ERROR_UNMATCHED_KEY_PAIR)
    {
      VoltSetFipsError (VT_ERROR_FIPS_DSA_PAIR_GEN);
      status = VT_ERROR_FIPS_DSA_PAIR_GEN;
    }
#endif  /* VOLT_BUILD == VOLT_BUILD_FIPS_SHARED */
    if (status != 0)
      break;

    VOLT_CALL_SURRENDER (surrCtx, VT_SURRENDER_FNCT_DSA_KEY_GEN, 0, 0)

  } while (0);

  VtDestroyParameterObject (&paramGen);
  VtDestroyRandomObject (&rand);

  if (pubVal != (unsigned char *)0)
    Z2Free (pubVal);

  Z2Memset (priValBuf, 0, VOLT_DSA_PRI_VAL_LEN);
  Z2Memset (xkey, 0, VOLT_DSA_XKEY_LEN);
  Z2Memset (xseed, 0, VOLT_DSA_XSEED_LEN);

  VOLT_LOG_ERROR_COMPARE (
    status, (VtLibCtx)libCtx, status, errorType, fnctLine,
    "DSAGenerateKeyPair", (char *)0)

  return (status);
}

int VoltGeneratePubValAlloc (
   VoltLibCtx *libCtx,
   VoltMpIntCtx *mpCtx,
   VtItem *primeP,
   VtItem *baseG,
   unsigned char *priVal,
   unsigned int priValLen,
   unsigned char **pubVal,
   unsigned int *pubValLen
   )
{
  int status;
  unsigned int sign, bufferSize;
  unsigned char *buffer = (unsigned char *)0;
  VoltMpInt *modulus = (VoltMpInt *)0;
  VoltMpInt *base = (VoltMpInt *)0;
  VoltMpInt *expo = (VoltMpInt *)0;
  VoltMpInt *result = (VoltMpInt *)0;
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* Build the MPInt's containing the modulus, base and exponent.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = mpCtx->CreateMpInt ((Pointer)mpCtx, &modulus);
    if (status != 0)
      break;

    VOLT_SET_FNCT_LINE (fnctLine)