static inline ccdh_full_ctx_t SecDH_priv(SecDHContext dh) { void *p = dh; cczp_t zp = { .u = p }; cc_size s = ccn_sizeof_n(cczp_n(zp)); ccdh_full_ctx_t priv = { .hdr = (struct ccdh_ctx_header *)(p+ccdh_gp_size(s)) }; return priv; } static inline size_t SecDH_context_size(size_t p_len) { cc_size n = ccn_nof_size(p_len); cc_size real_p_len = ccn_sizeof_n(n); size_t context_size = ccdh_gp_size(real_p_len)+ccdh_full_ctx_size(real_p_len); return context_size; }
/* Set DH parameters - Server only */ int tls_handshake_set_dh_parameters(tls_handshake_t filter, tls_buffer *params) { assert(filter->isServer); assert(params); const uint8_t *der, *der_end; size_t n; der = params->data; der_end = params->data + params->length; n = ccder_decode_dhparam_n(der, der_end); sslFree(filter->dhParams.gp); filter->dhParams.gp = sslMalloc(ccdh_gp_size(ccn_sizeof_n(n))); if(!filter->dhParams.gp) { return errSSLAllocate; } CCDH_GP_N(filter->dhParams) = n; der = ccder_decode_dhparams(filter->dhParams, der, der_end); if (der == NULL) { return errSSLParam; } else { return 0; } }
OSStatus SecDHCreateFromParameters(const uint8_t *params, size_t params_len, SecDHContext *pdh) { DERReturn drtn; DERItem paramItem = {(DERByte *)params, params_len}; DER_DHParams decodedParams; uint32_t l; drtn = DERParseSequence(¶mItem, DER_NumDHParamsItemSpecs, DER_DHParamsItemSpecs, &decodedParams, sizeof(decodedParams)); if(drtn) return drtn; drtn = DERParseInteger(&decodedParams.l, &l); if(drtn) return drtn; cc_size n = ccn_nof_size(decodedParams.p.length); cc_size p_len = ccn_sizeof_n(n); size_t context_size = ccdh_gp_size(p_len)+ccdh_full_ctx_size(p_len); void *context = malloc(context_size); if(context==NULL) return errSecAllocate; bzero(context, context_size); ccdh_gp_t gp; gp.gp = context; CCDH_GP_N(gp) = n; CCDH_GP_L(gp) = l; if(ccn_read_uint(n, CCDH_GP_PRIME(gp), decodedParams.p.length, decodedParams.p.data)) goto errOut; if(decodedParams.recip.length) { if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), decodedParams.recip.length, decodedParams.recip.data)) goto errOut; gp.zp.zp->mod_prime = cczp_mod; } else { cczp_init(gp.zp); }; if(ccn_read_uint(n, CCDH_GP_G(gp), decodedParams.g.length, decodedParams.g.data)) goto errOut; *pdh = (SecDHContext) context; return errSecSuccess; errOut: SecDHDestroy(context); *pdh = NULL; return errSecInvalidKey; }
static inline ccdh_full_ctx_t vmdh_priv(struct vmdh *dh) { void *p = dh; cczp_t zp = { .u = p }; cc_size s = ccn_sizeof_n(cczp_n(zp)); ccdh_full_ctx_t priv = { .hdr = (struct ccdh_ctx_header *)(p+ccdh_gp_size(s)) }; return priv; } static uint32_t param_g = 5; static const uint8_t param_p[] = { 0xED, 0x42, 0x06, 0xE1, 0xDD, 0x09, 0x93, 0xA6, 0x81, 0xAE, 0x00, 0x0D, 0xBF, 0x84, 0x7F, 0x7D, 0x87, 0x64, 0x6B, 0x77, 0x24, 0x03, 0xB8, 0xC0, 0xDC, 0xBE, 0x5B, 0x9C, 0x8E, 0x71, 0x09, 0x24, 0x53, 0x77, 0x7F, 0x5D, 0x1A, 0xAD, 0x92, 0xD8, 0xFE, 0xCD, 0x5C, 0xB4, 0xCA, 0x09, 0x17, 0x11, 0xF3, 0x82, 0x01, 0x39, 0x4A, 0x09, 0xBA, 0x29, 0x95, 0x2B, 0xC4, 0xCC, 0x56, 0x21, 0x97, 0x13 }; static const uint8_t client_priv[] = { 0x32, 0x34, 0x73, 0x16, 0x7d, 0x79, 0xde, 0x47, 0x22, 0x93, 0xf5, 0x86, 0x47, 0xf6, 0x7f, 0x7a, 0xb6, 0x30, 0x16, 0x5b, 0xbf, 0xe1, 0x36, 0x0b, 0xb4, 0xd2, 0x84, 0x3e, 0x57, 0x5f, 0xcb, 0xc6, 0x6a, 0xae, 0x5d, 0x59, 0x4b, 0x70, 0x53, 0x22, 0xb0, 0x51, 0x89, 0x30, 0x74, 0xfc, 0x95, 0x51, 0x9c, 0xc9, 0xf7, 0xac, 0x8c, 0x37, 0xfd, 0xc1, 0x0e, 0x02, 0x6e, 0x69, 0x6c, 0xca, 0x2a, 0x95 }; static const uint8_t client_pub[] = { 0x15, 0xDF, 0x17, 0x6E, 0xB4, 0x95, 0xA7, 0x92, 0x41, 0xB6, 0xF1, 0x93, 0x19, 0xDB, 0x34, 0xF1, 0xE0, 0x0D, 0x62, 0xCD, 0x55, 0xC7, 0x0B, 0x27, 0xB7, 0x53, 0x1A, 0x28, 0x65, 0x11, 0xF0, 0xF6, 0xA6, 0xE1, 0x5B, 0x86, 0x1D, 0x67, 0x85, 0x19, 0x6D, 0xD6, 0x80, 0xFF, 0x5C, 0xEB, 0xC3, 0x2D, 0xC3, 0xCB, 0xD2, 0xD4, 0x66, 0x93, 0xF4, 0xFC, 0xF1, 0xF4, 0x8B, 0x61, 0x0F, 0x02, 0xF5, 0x19 }; static const uint8_t server_pub[] = { 0x73, 0xC5, 0xF8, 0xF8, 0xB8, 0x9C, 0xB0, 0x5F, 0xD6, 0xC6, 0x49, 0x5C, 0x70, 0xF5, 0x90, 0xB3, 0x8A, 0xD3, 0xD0, 0x12, 0x99, 0x47, 0x60, 0xC2, 0x5B, 0xF7, 0x18, 0x3A, 0x19, 0xF5, 0x01, 0xA3, 0x67, 0xBF, 0x57, 0x28, 0x7E, 0x99, 0xA8, 0xDB, 0x97, 0xA4, 0xAF, 0xF2, 0x68, 0x47, 0xAB, 0x48, 0xE3, 0x4D, 0xF2, 0x94, 0xB4, 0xCC, 0xFC, 0x0C, 0x50, 0xAD, 0xEF, 0x2E, 0x80, 0xA6, 0x20, 0x29 }; static const uint8_t pw[] = { 0x31, 0x32, 0x33, 0x34 }; static const uint8_t pw_encr[] = { 0x42, 0xd7, 0xa1, 0x08, 0x15, 0x8f, 0xdd, 0xc8, 0xe8, 0x75, 0xea, 0xa2, 0xc2, 0x20, 0x28, 0xfa }; #if 0 static void hexdump(const uint8_t *bytes, size_t len) { size_t ix; for (ix = 0; ix < len; ++ix) { printf("%02X", bytes[ix]); } printf("\n"); }
OSStatus SecDHCreateFromParameters(const uint8_t *params, size_t params_len, SecDHContext *pdh) { // We support DomainParameters as specified in PKCS#3 // (http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-3-diffie-hellman-key-agreement-standar.htm) // DHParameter ::= SEQUENCE { // prime INTEGER, -- p // base INTEGER, -- g // privateValueLength INTEGER OPTIONAL } DERReturn drtn; DERItem paramItem = {(DERByte *)params, params_len}; DER_DHParams decodedParams; uint32_t l = 0; drtn = DERParseSequence(¶mItem, DER_NumDHParamsItemSpecs, DER_DHParamsItemSpecs, &decodedParams, sizeof(decodedParams)); if(drtn) return drtn; if (decodedParams.l.length > 0) { drtn = DERParseInteger(&decodedParams.l, &l); if(drtn) return drtn; } cc_size n = ccn_nof_size(decodedParams.p.length); cc_size p_len = ccn_sizeof_n(n); size_t context_size = ccdh_gp_size(p_len)+ccdh_full_ctx_size(p_len); void *context = malloc(context_size); if(context==NULL) return errSecAllocate; bzero(context, context_size); ccdh_gp_t gp; gp.gp = context; CCDH_GP_N(gp) = n; CCDH_GP_L(gp) = l; if(ccn_read_uint(n, CCDH_GP_PRIME(gp), decodedParams.p.length, decodedParams.p.data)) goto errOut; if(decodedParams.recip.length) { if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), decodedParams.recip.length, decodedParams.recip.data)) goto errOut; CCZP_MOD_PRIME(gp.zp) = cczp_mod; } else { cczp_init(gp.zp); }; if(ccn_read_uint(n, CCDH_GP_G(gp), decodedParams.g.length, decodedParams.g.data)) goto errOut; *pdh = (SecDHContext) context; return errSecSuccess; errOut: SecDHDestroy(context); *pdh = NULL; return errSecInvalidKey; }