ibeprider.c

IBE是一种非对称密码技术

/* Copyright 2003-2006, Voltage Security, all rights reserved.
 */
#include "vibe.h"
#include "environment.h"
#include "base.h"
#include "libctx.h"
#include "keyobj.h"
#include "distobj.h"
#include "oidlist.h"
#include "algid.h"
#include "ibe.h"
#include "ibekeyber.h"
#include "prikeyder.h"
#include "errorctx.h"

/* Create and set a param object from the encoding. If the params are
 * encoded in the algorithm ID, use them. If not, get the district name
 * from the identity and obtain the params using the storage provider,
 * policy ctx and transport ctx.
 * <p>The identity is in the public key portion of the private key.
 * That is an optional ASN.1 field. If params are not in the algID and
 * the identity is missing, this function will not be able to build the
 * parameter object.
 * <p>This function will create the parameter object. It is the
 * responsibiity of the caller to destroy it.
 *
 * @param libCtx The library context to use.
 * @param mpCtx
 * @param algIdParams The params that were part of the algID in the
 * encoding. If the algID contained the IBE params, this is the BER of
 * the params.
 * @param algIdParamsLen The length, in bytes, of the algIdParams.
 * @param encodedId The identity associated with the key.
 * @param encodedIdLen The length, in bytes, of the encodedId.
 * @param setBerInfo The struct containing the caller-supplied info
 * that includes the stoage provider, transport ctx and so on.
 * @param paramObj The address where this function will deposit the
 * created object.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
static int VOLT_CALLING_CONV ParamObjectFromEncodingCreate VOLT_PROTO_LIST ((
   VoltLibCtx *libCtx,
   VtMpIntCtx mpCtx,
   unsigned char *algIdParams,
   unsigned int algIdParamsLen,
   unsigned char *encodedId,
   unsigned int encodedIdLen,
   VtSetKeyBerInfo *setBerInfo,
   VtParameterObject *paramObj
));

int VtDerCoderBFType1IBEPrivateKey (
   VtDerCoderInfo *coderInfo,
   Pointer object,
   unsigned int flag
   )
{
  int status;
  unsigned int bufferSize, encodedIdLen, ibeParamsDerLen;
  VoltLibCtx *libCtx;
  VoltKeyObject *obj = (VoltKeyObject *)object;
  VtParameterObject paramObj = (VtParameterObject)0;
  VoltDerCoderEncodeData *encodeData = &(coderInfo->info.encodeData);
  VoltDerCoderGetAlgData *getAlgData = &(coderInfo->info.getAlgData);
  VoltDerCoderDecodeData *decodeData = &(coderInfo->info.decodeData);
  VoltIBEPriKeyData *keyData;
  Asn1PrivateKeyInfo *priKeyInfo;
  Asn1IBEPrivateKey *ibeKey = (Asn1IBEPrivateKey *)0;
  VtSetKeyBerInfo *setBerInfo;
  VtBFType1IBEPoint *ibePoint = (VtBFType1IBEPoint *)0;
  VtBFType1IBEPriKeyInfo ibeKeyInfo;
  unsigned char *encodedId;
  unsigned char ibePriKeyOid[VoltIBET1PriKeyOidBytesLen] = 
    { VoltIBET1PriKeyOidBytes };
  unsigned char *ibeParamsDer = (unsigned char *)0;
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  switch (flag)
  {
    default:
      VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_INVALID_TYPE;
      break;

    case VOLT_DER_TYPE_ENCODE_FLAG:
      /* If the flag is ENCODE, return the IBE Private Key inside a
       * PKCS #8 PrivateKeyInfo.
       */

      /* Check the args.
       */
      VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_NON_NULL_ARG;
      if (object != (Pointer)0)
        break;

      /* We need a place to drop the length.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_NULL_ARG;
      if (encodeData->encodingLen == (unsigned int *)0)
        break;

      /* The IBE key info should be a key object.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_NULL_ARG;
      if (encodeData->info == (Pointer)0)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_INVALID_PRI_KEY_OBJ;
      obj = (VoltKeyObject *)(encodeData->info);
      if (VOLT_OBJECT_TYPE_NOT_EQUAL (obj, VOLT_OBJECT_TYPE_KEY))
        break;      
      if ((obj->keyType & VOLT_KEY_TYPE_MASK_ASYM_ALG) !=
          VOLT_KEY_ALG_IBE_TYPE_1)
        break;
      if ((obj->keyType & VOLT_KEY_TYPE_PRIVATE) == 0)
        break;

      libCtx = (VoltLibCtx *)(obj->voltObject.libraryCtx);

      /* We need the key data.
       */
      keyData = (VoltIBEPriKeyData *)(obj->keyData);
      if ((obj->keyType & VOLT_KEY_TYPE_MASK_DATA) != VOLT_KEY_TYPE_DATA)
      {
        VOLT_SET_FNCT_LINE (fnctLine)
        if (obj->GetKeyData == (VGetKeyData)0)
          break;

        VOLT_SET_ERROR_TYPE (errorType, 0)
        VOLT_SET_FNCT_LINE (fnctLine)
        status = obj->GetKeyData ((VtKeyObject)obj, (Pointer *)&keyData);
        if (status != 0)
          break;
      }

      /* Encode the IBE parameters for the P8's algId params.
       */
      VOLT_SET_ERROR_TYPE (errorType, 0)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtDerEncodeParams (
        (VtLibCtx)libCtx, VtDerCoderBFType1IBEParams,
        (Pointer)(keyData->bfKeyInfo.ibeParams), (unsigned char *)0, 0,
        &bufferSize);
      if (status == 0)
        status = VT_ERROR_GENERAL;
      if (status != VT_ERROR_BUFFER_TOO_SMALL)
        break;

      VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_MEMORY;
      ibeParamsDer = (unsigned char *)Z2Malloc (bufferSize, 0);
      if (ibeParamsDer == (unsigned char *)0)
        break;

      VOLT_SET_ERROR_TYPE (errorType, 0)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtDerEncodeParams (
        (VtLibCtx)libCtx, VtDerCoderBFType1IBEParams,
        (Pointer)(keyData->bfKeyInfo.ibeParams), ibeParamsDer, bufferSize,
        &ibeParamsDerLen);
      if (status != 0)
        break;

      bufferSize = encodeData->bufferSize;
      if (encodeData->encoding == (unsigned char *)0)
        bufferSize = 0;

      /* Create the encoding of the actual key data.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VoltEncodeIBEPrivateKeyData (obj, keyData);
      if (status != 0)
        break;

      /* Now build PrivateKeyInfo.
       */
      libCtx = (VoltLibCtx *)(obj->voltObject.libraryCtx);
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VoltEncodePrivateKeyInfoDer (
        libCtx, ibePriKeyOid, VoltIBET1PriKeyOidBytesLen,
        ibeParamsDer, ibeParamsDerLen, obj->keyDer.data, obj->keyDer.len,
        encodeData->encoding, bufferSize, encodeData->encodingLen);

      break;

    case VOLT_DER_TYPE_DECODE_FLAG:
      /* If the flag is decode, set the key object with the private key
       * info.
       */

      /* Check the args, the type should be VOLT_DER_TYPE_PRI_KEY_FLAG.
       */
      VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_UNKNOWN_BER;
      if (decodeData->type != VOLT_DER_TYPE_PRI_KEY_FLAG)
        break;

      /* Make sure this is the algId for IBE private key.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      priKeyInfo = (Asn1PrivateKeyInfo *)(decodeData->asn1Object);
      if (priKeyInfo->algId->oid->base.length != VoltIBET1PriKeyOidBytesLen)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      libCtx = (VoltLibCtx *)(obj->voltObject.libraryCtx);
      if (Z2Memcmp (
        priKeyInfo->algId->oid->base.data, ibePriKeyOid,
        VoltIBET1PriKeyOidBytesLen) != 0)
        break;

      /* Decode the key data.
       */
      VOLT_SET_ERROR_TYPE (errorType, 0)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VoltDecodeIBEPriKeyDataCreate (
        libCtx, priKeyInfo->encodedKey->data,
        priKeyInfo->encodedKey->length, &ibeKey);
      if (status != 0)
        break;

      setBerInfo = (VtSetKeyBerInfo *)(decodeData->info);
      encodedId = (unsigned char *)0;
      encodedIdLen = 0;
      /* If the pri key has an encoded id, use it.
       */
      if (ibeKey->pubKey != (Asn1Encoded *)0)
      {
        // Add code to differentiate between v1 and v2 (v2 is EXPLICIT)
        encodedId = ibeKey->pubKey->base.data;
        encodedIdLen = ibeKey->pubKey->base.length;
      }

      /* To set a key object we'll need a param object.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = ParamObjectFromEncodingCreate (
        libCtx, (VtMpIntCtx)(obj->mpCtx),
        priKeyInfo->algId->params->base.data,
        priKeyInfo->algId->params->base.length,
        encodedId, encodedIdLen, setBerInfo, &paramObj);
      if (status != 0)
        break;

      /* We'll also need the private point. The encoding is an OCTET
       * STRING, call this routine to get it as a pair of coordinates.
       */
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VoltIBEPriPointFromEncodingAlloc (
        libCtx, (VoltParameterObject *)paramObj, ibeKey->privateData,
        &ibePoint);
      if (status != 0)
        break;

      ibeKeyInfo.ibeParams = paramObj;
      // Add code to differentiate between v1 and v2 (v2 is EXPLICIT)
      ibeKeyInfo.encodedId.data = ibeKey->pubKey->base.data;
      ibeKeyInfo.encodedId.len = ibeKey->pubKey->base.length;
      ibeKeyInfo.privatePoint.isInfinity = 0;
      ibeKeyInfo.privatePoint.xCoord.data = ibePoint->xCoord.data;
      ibeKeyInfo.privatePoint.xCoord.len = ibePoint->xCoord.len;
      ibeKeyInfo.privatePoint.yCoord.data = ibePoint->yCoord.data;
      ibeKeyInfo.privatePoint.yCoord.len = ibePoint->yCoord.len;

      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtSetKeyParam (
        (VtKeyObject)obj, VtKeyParamBFType1IBEPrivate,
        (Pointer)&ibeKeyInfo);

      break;

    case VOLT_DER_TYPE_GET_ALG_FLAG:
      /* If the flag is get alg, check the input to see if it's the
       * IBE encryption OID.
       */

      /* Check the args.
       */
      VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_NON_NULL_ARG;
      if (object != (Pointer)0)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_NULL_ARG;
      if ( (getAlgData->algorithm == (unsigned int *)0) ||
           (getAlgData->oid == (unsigned char *)0) )
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      status = VT_ERROR_UNKNOWN_BER;
      if (getAlgData->oidLen != VoltIBET1PriKeyOidBytesLen)
        break;

      VOLT_SET_FNCT_LINE (fnctLine)
      libCtx = getAlgData->libCtx;
      if (Z2Memcmp (
        getAlgData->oid, ibePriKeyOid, VoltIBET1PriKeyOidBytesLen) != 0)
        break;

      /* The OID matches, the algorithm is IBE private key.
       */
      *(getAlgData->algorithm) = VT_KEY_BER_BF_TYPE1_IBE_PRI;

      status = 0;
  }

  if (ibeParamsDer != (unsigned char *)0)
    Z2Free (ibeParamsDer);
  if (ibePoint != (VtBFType1IBEPoint *)0)
    Z2Free (ibePoint);
  if (ibeKey != (Asn1IBEPrivateKey *)0)
    Asn1IBEPrivateKey_free (ibeKey);
  if (paramObj != (VtParameterObject)0)
    VtDestroyParameterObject (&paramObj);

  VOLT_LOG_ERROR_INFO_COMPARE (
    status, 0, object, status, 0, errorType,
    (char *)0, "VtDerCoderBFType1IBEPrivateKey", fnctLine, (char *)0)

  return (status);
}

static int ParamObjectFromEncodingCreate (
   VoltLibCtx *libCtx,
   VtMpIntCtx mpCtx,
   unsigned char *algIdParams,
   unsigned int algIdParamsLen,
   unsigned char *encodedId,
   unsigned int encodedIdLen,
   VtSetKeyBerInfo *setBerInfo,
   VtParameterObject *paramObj
   )
{
  int status, dRet;
  VtParameterObject newObj = (VtParameterObject)0;
  VoltDistrictObject *dObj = (VoltDistrictObject *)0;
  VtSetParamBerInfo berInfo;
  VtDerCoder *derCoders[1] = { VtDerCoderBFType1IBEParams };
  VOLT_DECLARE_ERROR_TYPE (errorType)
  VOLT_DECLARE_FNCT_LINE (fnctLine)

  do
  {
    /* If we have the params encoded in the algIdParams, use them.
     */
    if ( (algIdParams != (unsigned char *)0) && (algIdParamsLen > 2) )
    {
      /* Create the object and set it using BER.
       */
      VOLT_SET_ERROR_TYPE (errorType, 0)
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtCreateParameterObject (
        (VtLibCtx)libCtx, VtParameterImplMpCtx, (Pointer)mpCtx, &newObj);
      if (status != 0)
        break;

      berInfo.derCoders = derCoders;
      berInfo.derCoderCount = 1;
      berInfo.berEncoding = algIdParams;
      berInfo.maxEncodingLen = algIdParamsLen;
      VOLT_SET_FNCT_LINE (fnctLine)
      status = VtSetParameterParam (
        newObj, VtParameterParamBer, (Pointer)&berInfo);

      /* If successful, we're done.
       */
      if (status == 0)
      {
        *paramObj = newObj;
        break;
      }
      VtDestroyParameterObject (&newObj);
    }

    /* If we can't build using algID params, obtain them using the
     * encoded ID.
     */
    VOLT_SET_ERROR_TYPE (errorType, VT_ERROR_TYPE_PRIMARY)
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VT_ERROR_UNKNOWN_BER;
    if ( (encodedId == (unsigned char *)0) || (encodedIdLen == 0) )
      break;

    /* Get the district name out of the identity.
     * First, how much space do we need. We're expecting
     * BUFFER_TOO_SMALL, anything else give up.
     */
    VOLT_SET_ERROR_TYPE (errorType, 0)
    VOLT_SET_FNCT_LINE (fnctLine)
    dRet = VoltDistrictObjectFromId (
      (VtLibCtx)libCtx, mpCtx, encodedId, encodedIdLen,
      (VtDistrictObject *)&dObj);
    if (dRet != 0)
      break;

    /* We can now obtain the parameters.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtObtainIBEParams (
      (VtDistrictObject)dObj, setBerInfo->policyCtx,
      setBerInfo->storageCtx, setBerInfo->transportCtx);
    if (status != 0)
      break;

    /* If that worked, the district object possesses a param object.
     * Clone it.
     */
    VOLT_SET_FNCT_LINE (fnctLine)
    status = VtCloneObject (
      (Pointer)(dObj->paramObj), (Pointer *)&newObj);
    if (status != 0)
      break;

    *paramObj = newObj;

  } while (0);

  if (dObj != (VoltDistrictObject *)0)
    VtDestroyDistrictObject ((VtDistrictObject *)&dObj);

  /* If success, we're done.
   */
  if (status == 0)
    return (0);

  /* If error, destroy what we created.
   */
  VtDestroyParameterObject (&newObj);

  VOLT_LOG_ERROR_INFO (
    libCtx, 0, status, 0, errorType,
    (char *)0, "ParamObjectFromEncodingCreate", fnctLine, (char *)0)

  return (status);
}