Return to pkcs1_encoder.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / pkcs1 |
1.1 misho 1: /* 2: * Copyright (C) 2009 Martin Willi 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: #include "pkcs1_encoder.h" 17: 18: #include <utils/debug.h> 19: #include <asn1/asn1.h> 20: #include <asn1/oid.h> 21: 22: /** 23: * Encode a public key in PKCS#1/ASN.1 DER 24: */ 25: static bool build_pub(chunk_t *encoding, va_list args) 26: { 27: chunk_t n, e; 28: 29: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, 30: CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END)) 31: { 32: *encoding = asn1_wrap(ASN1_SEQUENCE, "mm", 33: asn1_integer("c", n), 34: asn1_integer("c", e)); 35: return TRUE; 36: } 37: return FALSE; 38: } 39: 40: /** 41: * Encode a public key in PKCS#1/ASN.1 DER, contained in subjectPublicKeyInfo 42: */ 43: static bool build_pub_info(chunk_t *encoding, va_list args) 44: { 45: chunk_t n, e; 46: 47: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, 48: CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END)) 49: { 50: *encoding = asn1_wrap(ASN1_SEQUENCE, "mm", 51: asn1_algorithmIdentifier(OID_RSA_ENCRYPTION), 52: asn1_bitstring("m", 53: asn1_wrap(ASN1_SEQUENCE, "mm", 54: asn1_integer("c", n), 55: asn1_integer("c", e)))); 56: return TRUE; 57: } 58: return FALSE; 59: } 60: 61: /** 62: * Encode the RSA modulus of a public key only 63: */ 64: static bool build_pub_modulus(chunk_t *encoding, va_list args) 65: { 66: chunk_t n; 67: 68: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, CRED_PART_END)) 69: { 70: /* remove preceding zero bytes */ 71: while (n.len > 0 && *n.ptr == 0x00) 72: { 73: n.ptr++; 74: n.len--; 75: } 76: *encoding = chunk_clone(n); 77: return TRUE; 78: } 79: return FALSE; 80: } 81: 82: /** 83: * Encode a private key in PKCS#1/ASN.1 DER 84: */ 85: static bool build_priv(chunk_t *encoding, va_list args) 86: { 87: chunk_t n, e, d, p, q, exp1, exp2, coeff; 88: 89: if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, 90: CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d, 91: CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q, 92: CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2, 93: CRED_PART_RSA_COEFF, &coeff, CRED_PART_END)) 94: { 95: *encoding = asn1_wrap(ASN1_SEQUENCE, "cmmssssss", 96: ASN1_INTEGER_0, 97: asn1_integer("c", n), 98: asn1_integer("c", e), 99: asn1_integer("c", d), 100: asn1_integer("c", p), 101: asn1_integer("c", q), 102: asn1_integer("c", exp1), 103: asn1_integer("c", exp2), 104: asn1_integer("c", coeff)); 105: return TRUE; 106: } 107: return FALSE; 108: } 109: 110: /** 111: * Build the SHA1 hash of pubkey(info) ASN.1 data 112: */ 113: static bool hash_pubkey(chunk_t pubkey, chunk_t *hash) 114: { 115: hasher_t *hasher; 116: 117: hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); 118: if (!hasher || !hasher->allocate_hash(hasher, pubkey, hash)) 119: { 120: DESTROY_IF(hasher); 121: chunk_free(&pubkey); 122: DBG1(DBG_LIB, "SHA1 hash algorithm not supported, " 123: "fingerprinting failed"); 124: return FALSE; 125: } 126: hasher->destroy(hasher); 127: chunk_free(&pubkey); 128: return TRUE; 129: } 130: 131: /** 132: * build the fingerprint of the subjectPublicKeyInfo object 133: */ 134: static bool build_info_sha1(chunk_t *encoding, va_list args) 135: { 136: chunk_t pubkey; 137: 138: if (build_pub_info(&pubkey, args)) 139: { 140: return hash_pubkey(pubkey, encoding); 141: } 142: return FALSE; 143: } 144: 145: /** 146: * build the fingerprint of the subjectPublicKey object 147: */ 148: static bool build_sha1(chunk_t *encoding, va_list args) 149: { 150: chunk_t pubkey; 151: 152: if (build_pub(&pubkey, args)) 153: { 154: return hash_pubkey(pubkey, encoding); 155: } 156: return FALSE; 157: } 158: 159: /** 160: * See header. 161: */ 162: bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, 163: va_list args) 164: { 165: switch (type) 166: { 167: case KEYID_PUBKEY_INFO_SHA1: 168: return build_info_sha1(encoding, args); 169: case KEYID_PUBKEY_SHA1: 170: return build_sha1(encoding, args); 171: case PUBKEY_ASN1_DER: 172: return build_pub(encoding, args); 173: case PUBKEY_SPKI_ASN1_DER: 174: return build_pub_info(encoding, args); 175: case PUBKEY_RSA_MODULUS: 176: return build_pub_modulus(encoding, args); 177: case PRIVKEY_ASN1_DER: 178: return build_priv(encoding, args); 179: default: 180: return FALSE; 181: } 182: } 183: 184: