📄 key_wr.c
字号:
switch( formatType )
{
case KEYFORMAT_CERT:
return( writeRsaSubjectPublicKey( stream, contextInfoPtr ) );
#ifdef USE_SSH
case KEYFORMAT_SSH:
return( writeSshRsaPublicKey( stream, contextInfoPtr ) );
#endif /* USE_SSH */
#ifdef USE_SSH1
case KEYFORMAT_SSH1:
return( writeSsh1RsaPublicKey( stream, contextInfoPtr ) );
#endif /* USE_SSH1 */
#ifdef USE_PGP
case KEYFORMAT_PGP:
return( writePgpRsaPublicKey( stream, contextInfoPtr ) );
#endif /* USE_PGP */
}
retIntError();
}
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2, 4 ) ) \
static int writePublicKeyDlpFunction( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr,
IN_ENUM( KEYFORMAT ) \
const KEYFORMAT_TYPE formatType,
IN_BUFFER( accessKeyLen ) \
const char *accessKey,
IN_LENGTH_FIXED( 10 ) \
const int accessKeyLen )
{
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
assert( isReadPtr( accessKey, accessKeyLen ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
( contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DH || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DSA || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ELGAMAL ) );
REQUIRES( formatType > KEYFORMAT_NONE && formatType < KEYFORMAT_LAST );
REQUIRES( accessKeyLen == 10 );
/* Make sure that we really intended to call this function */
if( accessKeyLen != 10 || memcmp( accessKey, "public_key", 10 ) )
retIntError();
switch( formatType )
{
case KEYFORMAT_CERT:
return( writeDlpSubjectPublicKey( stream, contextInfoPtr ) );
#ifdef USE_SSH
case KEYFORMAT_SSH:
return( writeSshDlpPublicKey( stream, contextInfoPtr ) );
#endif /* USE_SSH */
#ifdef USE_SSL
case KEYFORMAT_SSL:
return( writeSslDlpPublicKey( stream, contextInfoPtr ) );
#endif /* USE_SSL */
#ifdef USE_PGP
case KEYFORMAT_PGP:
return( writePgpDlpPublicKey( stream, contextInfoPtr ) );
#endif /* USE_PGP */
}
retIntError();
}
#ifdef USE_ECC
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2, 4 ) ) \
static int writePublicKeyEccFunction( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr,
IN_ENUM( KEYFORMAT ) \
const KEYFORMAT_TYPE formatType,
IN_BUFFER( accessKeyLen ) \
const char *accessKey,
IN_LENGTH_FIXED( 10 ) \
const int accessKeyLen )
{
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
assert( isReadPtr( accessKey, accessKeyLen ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ECDSA );
REQUIRES( formatType == KEYFORMAT_CERT );
REQUIRES( accessKeyLen == 10 );
/* Make sure that we really intended to call this function */
if( accessKeyLen != 10 || memcmp( accessKey, "public_key", 10 ) || \
formatType != KEYFORMAT_CERT )
retIntError();
switch( formatType )
{
case KEYFORMAT_CERT:
return( writeEccSubjectPublicKey( stream, contextInfoPtr ) );
}
retIntError();
}
#endif /* USE_ECC */
/****************************************************************************
* *
* Write Private Keys *
* *
****************************************************************************/
/* Write private keys */
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2 ) ) \
static int writeRsaPrivateKey( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr )
{
const PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
int length = sizeofBignum( &rsaKey->rsaParam_p ) + \
sizeofBignum( &rsaKey->rsaParam_q );
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_RSA );
/* Add the length of any optional components that may be present */
if( !BN_is_zero( &rsaKey->rsaParam_exponent1 ) )
{
length += sizeofBignum( &rsaKey->rsaParam_exponent1 ) + \
sizeofBignum( &rsaKey->rsaParam_exponent2 ) + \
sizeofBignum( &rsaKey->rsaParam_u );
}
/* Write the the PKC fields */
writeSequence( stream, length );
writeBignumTag( stream, &rsaKey->rsaParam_p, 3 );
if( BN_is_zero( &rsaKey->rsaParam_exponent1 ) )
return( writeBignumTag( stream, &rsaKey->rsaParam_q, 4 ) );
writeBignumTag( stream, &rsaKey->rsaParam_q, 4 );
writeBignumTag( stream, &rsaKey->rsaParam_exponent1, 5 );
writeBignumTag( stream, &rsaKey->rsaParam_exponent2, 6 );
return( writeBignumTag( stream, &rsaKey->rsaParam_u, 7 ) );
}
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2 ) ) \
static int writeRsaPrivateKeyOld( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr )
{
const PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
const int length = sizeofShortInteger( 0 ) + \
sizeofBignum( &rsaKey->rsaParam_n ) + \
sizeofBignum( &rsaKey->rsaParam_e ) + \
sizeofBignum( &rsaKey->rsaParam_d ) + \
sizeofBignum( &rsaKey->rsaParam_p ) + \
sizeofBignum( &rsaKey->rsaParam_q ) + \
sizeofBignum( &rsaKey->rsaParam_exponent1 ) + \
sizeofBignum( &rsaKey->rsaParam_exponent2 ) + \
sizeofBignum( &rsaKey->rsaParam_u );
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_RSA );
/* The older format is somewhat restricted in terms of what can be
written since all components must be present, even the ones that are
never used. If anything is missing we can't write the key since
nothing would be able to read it */
if( BN_is_zero( &rsaKey->rsaParam_n ) || \
BN_is_zero( &rsaKey->rsaParam_d ) || \
BN_is_zero( &rsaKey->rsaParam_p ) || \
BN_is_zero( &rsaKey->rsaParam_exponent1 ) )
return( CRYPT_ERROR_NOTAVAIL );
/* Write the the PKC fields */
writeSequence( stream, sizeofShortInteger( 0 ) + \
sizeofAlgoID( CRYPT_ALGO_RSA ) + \
( int ) sizeofObject( \
sizeofObject( length ) ) );
writeShortInteger( stream, 0, DEFAULT_TAG );
writeAlgoID( stream, CRYPT_ALGO_RSA );
writeOctetStringHole( stream, ( int ) sizeofObject( length ),
DEFAULT_TAG );
writeSequence( stream, length );
writeShortInteger( stream, 0, DEFAULT_TAG );
writeBignum( stream, &rsaKey->rsaParam_n );
writeBignum( stream, &rsaKey->rsaParam_e );
writeBignum( stream, &rsaKey->rsaParam_d );
writeBignum( stream, &rsaKey->rsaParam_p );
writeBignum( stream, &rsaKey->rsaParam_q );
writeBignum( stream, &rsaKey->rsaParam_exponent1 );
writeBignum( stream, &rsaKey->rsaParam_exponent2 );
return( writeBignum( stream, &rsaKey->rsaParam_u ) );
}
/* Umbrella private-key write functions */
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2, 4 ) ) \
static int writePrivateKeyRsaFunction( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr,
IN_ENUM( KEYFORMAT ) \
const KEYFORMAT_TYPE formatType,
IN_BUFFER( accessKeyLen ) \
const char *accessKey,
IN_LENGTH_FIXED( 11 ) \
const int accessKeyLen )
{
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
assert( isReadPtr( accessKey, accessKeyLen ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_RSA );
REQUIRES( formatType > KEYFORMAT_NONE && formatType < KEYFORMAT_LAST );
REQUIRES( accessKeyLen == 11 );
/* Make sure that we really intended to call this function */
if( accessKeyLen != 11 || memcmp( accessKey, "private_key", 11 ) || \
( formatType != KEYFORMAT_PRIVATE && \
formatType != KEYFORMAT_PRIVATE_OLD ) )
retIntError();
switch( formatType )
{
case KEYFORMAT_PRIVATE:
return( writeRsaPrivateKey( stream, contextInfoPtr ) );
case KEYFORMAT_PRIVATE_OLD:
return( writeRsaPrivateKeyOld( stream, contextInfoPtr ) );
}
retIntError();
}
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2, 4 ) ) \
static int writePrivateKeyDlpFunction( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr,
IN_ENUM( KEYFORMAT ) \
const KEYFORMAT_TYPE formatType,
IN_BUFFER( accessKeyLen ) \
const char *accessKey,
IN_LENGTH_FIXED( 11 ) \
const int accessKeyLen )
{
const PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
assert( isReadPtr( accessKey, accessKeyLen ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
( contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DH || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_DSA || \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ELGAMAL ) );
REQUIRES( formatType > KEYFORMAT_NONE && formatType < KEYFORMAT_LAST );
REQUIRES( accessKeyLen == 11 );
/* Make sure that we really intended to call this function */
if( accessKeyLen != 11 || memcmp( accessKey, "private_key", 11 ) || \
formatType != KEYFORMAT_PRIVATE )
retIntError();
/* When we're generating a DH key ID only p, q, and g are initialised so
we write a special-case zero y value. This is a somewhat ugly side-
effect of the odd way in which DH "public keys" work */
if( BN_is_zero( &dlpKey->dlpParam_y ) )
return( writeShortInteger( stream, 0, DEFAULT_TAG ) );
/* Write the key components */
return( writeBignum( stream, &dlpKey->dlpParam_x ) );
}
#ifdef USE_ECC
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2, 4 ) ) \
static int writePrivateKeyEccFunction( INOUT STREAM *stream,
const CONTEXT_INFO *contextInfoPtr,
IN_ENUM( KEYFORMAT ) \
const KEYFORMAT_TYPE formatType,
IN_BUFFER( accessKeyLen ) \
const char *accessKey,
IN_LENGTH_FIXED( 11 ) \
const int accessKeyLen )
{
const PKC_INFO *eccKey = contextInfoPtr->ctxPKC;
assert( isWritePtr( stream, sizeof( STREAM ) ) );
assert( isReadPtr( contextInfoPtr, sizeof( CONTEXT_INFO ) ) );
assert( isReadPtr( accessKey, accessKeyLen ) );
REQUIRES( contextInfoPtr->type == CONTEXT_PKC && \
contextInfoPtr->capabilityInfo->cryptAlgo == CRYPT_ALGO_ECDSA );
REQUIRES( formatType > KEYFORMAT_NONE && formatType < KEYFORMAT_LAST );
REQUIRES( accessKeyLen == 11 );
/* Make sure that we really intended to call this function */
if( accessKeyLen != 11 || memcmp( accessKey, "private_key", 11 ) || \
formatType != KEYFORMAT_PRIVATE )
retIntError();
/* Write the key components */
return( writeBignum( stream, &dlpKey->eccParam_x ) );
}
#endif /* USE_ECC */
/****************************************************************************
* *
* Write Flat Public Key Data *
* *
****************************************************************************/
#ifdef USE_KEA
/* Generate KEA domain parameters from flat-format values */
CHECK_RETVAL STDC_NONNULL_ARG( ( 1, 2, 4, 6 ) ) \
static int generateDomainParameters( OUT_BUFFER_FIXED( 10 ) BYTE *domainParameters,
IN_BUFFER( pLength ) const void *p,
IN_LENGTH_PKC const int pLength,
IN_BUFFER( qLength ) const void *q,
IN_LENGTH_PKC const int qLength,
IN_BUFFER( gLength ) const void *g,
IN_LENGTH_PKC const int gLength )
{
STREAM stream;
BYTE hash[ CRYPT_MAX_HASHSIZE + 8 ];
BYTE dataBuffer[ 16 + ( CRYPT_MAX_PKCSIZE * 3 ) + 8 ];
HASHFUNCTION hashFunction;
const int pSize = sizeofInteger( p, pLength );
const int qSize = sizeofInteger( q, qLength );
const int gSize = sizeofInteger( g, gLength );
int hashSize, dataSize, i, status;
assert( isWritePtr( domainParameters, CRYPT_MAX_HASHSIZE ) );
assert( isReadPtr( p, pLength ) );
assert( isReadPtr( q, qLength ) );
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -