Annotation of embedaddon/strongswan/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2009 Martin Willi
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include "pkcs1_encoder.h"
! 17:
! 18: #include <utils/debug.h>
! 19: #include <asn1/asn1.h>
! 20: #include <asn1/oid.h>
! 21:
! 22: /**
! 23: * Encode a public key in PKCS#1/ASN.1 DER
! 24: */
! 25: static bool build_pub(chunk_t *encoding, va_list args)
! 26: {
! 27: chunk_t n, e;
! 28:
! 29: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
! 30: CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
! 31: {
! 32: *encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
! 33: asn1_integer("c", n),
! 34: asn1_integer("c", e));
! 35: return TRUE;
! 36: }
! 37: return FALSE;
! 38: }
! 39:
! 40: /**
! 41: * Encode a public key in PKCS#1/ASN.1 DER, contained in subjectPublicKeyInfo
! 42: */
! 43: static bool build_pub_info(chunk_t *encoding, va_list args)
! 44: {
! 45: chunk_t n, e;
! 46:
! 47: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
! 48: CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
! 49: {
! 50: *encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
! 51: asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
! 52: asn1_bitstring("m",
! 53: asn1_wrap(ASN1_SEQUENCE, "mm",
! 54: asn1_integer("c", n),
! 55: asn1_integer("c", e))));
! 56: return TRUE;
! 57: }
! 58: return FALSE;
! 59: }
! 60:
! 61: /**
! 62: * Encode the RSA modulus of a public key only
! 63: */
! 64: static bool build_pub_modulus(chunk_t *encoding, va_list args)
! 65: {
! 66: chunk_t n;
! 67:
! 68: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, CRED_PART_END))
! 69: {
! 70: /* remove preceding zero bytes */
! 71: while (n.len > 0 && *n.ptr == 0x00)
! 72: {
! 73: n.ptr++;
! 74: n.len--;
! 75: }
! 76: *encoding = chunk_clone(n);
! 77: return TRUE;
! 78: }
! 79: return FALSE;
! 80: }
! 81:
! 82: /**
! 83: * Encode a private key in PKCS#1/ASN.1 DER
! 84: */
! 85: static bool build_priv(chunk_t *encoding, va_list args)
! 86: {
! 87: chunk_t n, e, d, p, q, exp1, exp2, coeff;
! 88:
! 89: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
! 90: CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
! 91: CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
! 92: CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
! 93: CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
! 94: {
! 95: *encoding = asn1_wrap(ASN1_SEQUENCE, "cmmssssss",
! 96: ASN1_INTEGER_0,
! 97: asn1_integer("c", n),
! 98: asn1_integer("c", e),
! 99: asn1_integer("c", d),
! 100: asn1_integer("c", p),
! 101: asn1_integer("c", q),
! 102: asn1_integer("c", exp1),
! 103: asn1_integer("c", exp2),
! 104: asn1_integer("c", coeff));
! 105: return TRUE;
! 106: }
! 107: return FALSE;
! 108: }
! 109:
! 110: /**
! 111: * Build the SHA1 hash of pubkey(info) ASN.1 data
! 112: */
! 113: static bool hash_pubkey(chunk_t pubkey, chunk_t *hash)
! 114: {
! 115: hasher_t *hasher;
! 116:
! 117: hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
! 118: if (!hasher || !hasher->allocate_hash(hasher, pubkey, hash))
! 119: {
! 120: DESTROY_IF(hasher);
! 121: chunk_free(&pubkey);
! 122: DBG1(DBG_LIB, "SHA1 hash algorithm not supported, "
! 123: "fingerprinting failed");
! 124: return FALSE;
! 125: }
! 126: hasher->destroy(hasher);
! 127: chunk_free(&pubkey);
! 128: return TRUE;
! 129: }
! 130:
! 131: /**
! 132: * build the fingerprint of the subjectPublicKeyInfo object
! 133: */
! 134: static bool build_info_sha1(chunk_t *encoding, va_list args)
! 135: {
! 136: chunk_t pubkey;
! 137:
! 138: if (build_pub_info(&pubkey, args))
! 139: {
! 140: return hash_pubkey(pubkey, encoding);
! 141: }
! 142: return FALSE;
! 143: }
! 144:
! 145: /**
! 146: * build the fingerprint of the subjectPublicKey object
! 147: */
! 148: static bool build_sha1(chunk_t *encoding, va_list args)
! 149: {
! 150: chunk_t pubkey;
! 151:
! 152: if (build_pub(&pubkey, args))
! 153: {
! 154: return hash_pubkey(pubkey, encoding);
! 155: }
! 156: return FALSE;
! 157: }
! 158:
! 159: /**
! 160: * See header.
! 161: */
! 162: bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
! 163: va_list args)
! 164: {
! 165: switch (type)
! 166: {
! 167: case KEYID_PUBKEY_INFO_SHA1:
! 168: return build_info_sha1(encoding, args);
! 169: case KEYID_PUBKEY_SHA1:
! 170: return build_sha1(encoding, args);
! 171: case PUBKEY_ASN1_DER:
! 172: return build_pub(encoding, args);
! 173: case PUBKEY_SPKI_ASN1_DER:
! 174: return build_pub_info(encoding, args);
! 175: case PUBKEY_RSA_MODULUS:
! 176: return build_pub_modulus(encoding, args);
! 177: case PRIVKEY_ASN1_DER:
! 178: return build_priv(encoding, args);
! 179: default:
! 180: return FALSE;
! 181: }
! 182: }
! 183:
! 184:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>