static inline ccdh_full_ctx_t SecDH_priv(SecDHContext dh)
{
void *p = dh;
cczp_t zp = { .u = p };
cc_size s = ccn_sizeof_n(cczp_n(zp));
ccdh_full_ctx_t priv = { .hdr = (struct ccdh_ctx_header *)(p+ccdh_gp_size(s)) };
return priv;
}
static inline size_t SecDH_context_size(size_t p_len)
{
cc_size n = ccn_nof_size(p_len);
cc_size real_p_len = ccn_sizeof_n(n);
size_t context_size = ccdh_gp_size(real_p_len)+ccdh_full_ctx_size(real_p_len);
return context_size;
}
/* Set DH parameters - Server only */
int
tls_handshake_set_dh_parameters(tls_handshake_t filter, tls_buffer *params)
{
assert(filter->isServer);
assert(params);
const uint8_t *der, *der_end;
size_t n;
der = params->data;
der_end = params->data + params->length;
n = ccder_decode_dhparam_n(der, der_end);
sslFree(filter->dhParams.gp);
filter->dhParams.gp = sslMalloc(ccdh_gp_size(ccn_sizeof_n(n)));
if(!filter->dhParams.gp) {
return errSSLAllocate;
}
CCDH_GP_N(filter->dhParams) = n;
der = ccder_decode_dhparams(filter->dhParams, der, der_end);
if (der == NULL) {
return errSSLParam;
} else {
return 0;
}
}
OSStatus SecDHCreateFromParameters(const uint8_t *params,
size_t params_len, SecDHContext *pdh)
{
DERReturn drtn;
DERItem paramItem = {(DERByte *)params, params_len};
DER_DHParams decodedParams;
uint32_t l;
drtn = DERParseSequence(¶mItem,
DER_NumDHParamsItemSpecs, DER_DHParamsItemSpecs,
&decodedParams, sizeof(decodedParams));
if(drtn)
return drtn;
drtn = DERParseInteger(&decodedParams.l, &l);
if(drtn)
return drtn;
cc_size n = ccn_nof_size(decodedParams.p.length);
cc_size p_len = ccn_sizeof_n(n);
size_t context_size = ccdh_gp_size(p_len)+ccdh_full_ctx_size(p_len);
void *context = malloc(context_size);
if(context==NULL)
return errSecAllocate;
bzero(context, context_size);
ccdh_gp_t gp;
gp.gp = context;
CCDH_GP_N(gp) = n;
CCDH_GP_L(gp) = l;
if(ccn_read_uint(n, CCDH_GP_PRIME(gp), decodedParams.p.length, decodedParams.p.data))
goto errOut;
if(decodedParams.recip.length) {
if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), decodedParams.recip.length, decodedParams.recip.data))
goto errOut;
gp.zp.zp->mod_prime = cczp_mod;
} else {
cczp_init(gp.zp);
};
if(ccn_read_uint(n, CCDH_GP_G(gp), decodedParams.g.length, decodedParams.g.data))
goto errOut;
*pdh = (SecDHContext) context;
return errSecSuccess;
errOut:
SecDHDestroy(context);
*pdh = NULL;
return errSecInvalidKey;
}
static inline ccdh_full_ctx_t vmdh_priv(struct vmdh *dh)
{
void *p = dh;
cczp_t zp = { .u = p };
cc_size s = ccn_sizeof_n(cczp_n(zp));
ccdh_full_ctx_t priv = { .hdr = (struct ccdh_ctx_header *)(p+ccdh_gp_size(s)) };
return priv;
}
static uint32_t param_g = 5;
static const uint8_t param_p[] = {
0xED, 0x42, 0x06, 0xE1, 0xDD, 0x09, 0x93, 0xA6,
0x81, 0xAE, 0x00, 0x0D, 0xBF, 0x84, 0x7F, 0x7D,
0x87, 0x64, 0x6B, 0x77, 0x24, 0x03, 0xB8, 0xC0,
0xDC, 0xBE, 0x5B, 0x9C, 0x8E, 0x71, 0x09, 0x24,
0x53, 0x77, 0x7F, 0x5D, 0x1A, 0xAD, 0x92, 0xD8,
0xFE, 0xCD, 0x5C, 0xB4, 0xCA, 0x09, 0x17, 0x11,
0xF3, 0x82, 0x01, 0x39, 0x4A, 0x09, 0xBA, 0x29,
0x95, 0x2B, 0xC4, 0xCC, 0x56, 0x21, 0x97, 0x13
};
static const uint8_t client_priv[] = {
0x32, 0x34, 0x73, 0x16, 0x7d, 0x79, 0xde, 0x47,
0x22, 0x93, 0xf5, 0x86, 0x47, 0xf6, 0x7f, 0x7a,
0xb6, 0x30, 0x16, 0x5b, 0xbf, 0xe1, 0x36, 0x0b,
0xb4, 0xd2, 0x84, 0x3e, 0x57, 0x5f, 0xcb, 0xc6,
0x6a, 0xae, 0x5d, 0x59, 0x4b, 0x70, 0x53, 0x22,
0xb0, 0x51, 0x89, 0x30, 0x74, 0xfc, 0x95, 0x51,
0x9c, 0xc9, 0xf7, 0xac, 0x8c, 0x37, 0xfd, 0xc1,
0x0e, 0x02, 0x6e, 0x69, 0x6c, 0xca, 0x2a, 0x95
};
static const uint8_t client_pub[] = {
0x15, 0xDF, 0x17, 0x6E, 0xB4, 0x95, 0xA7, 0x92,
0x41, 0xB6, 0xF1, 0x93, 0x19, 0xDB, 0x34, 0xF1,
0xE0, 0x0D, 0x62, 0xCD, 0x55, 0xC7, 0x0B, 0x27,
0xB7, 0x53, 0x1A, 0x28, 0x65, 0x11, 0xF0, 0xF6,
0xA6, 0xE1, 0x5B, 0x86, 0x1D, 0x67, 0x85, 0x19,
0x6D, 0xD6, 0x80, 0xFF, 0x5C, 0xEB, 0xC3, 0x2D,
0xC3, 0xCB, 0xD2, 0xD4, 0x66, 0x93, 0xF4, 0xFC,
0xF1, 0xF4, 0x8B, 0x61, 0x0F, 0x02, 0xF5, 0x19
};
static const uint8_t server_pub[] = {
0x73, 0xC5, 0xF8, 0xF8, 0xB8, 0x9C, 0xB0, 0x5F,
0xD6, 0xC6, 0x49, 0x5C, 0x70, 0xF5, 0x90, 0xB3,
0x8A, 0xD3, 0xD0, 0x12, 0x99, 0x47, 0x60, 0xC2,
0x5B, 0xF7, 0x18, 0x3A, 0x19, 0xF5, 0x01, 0xA3,
0x67, 0xBF, 0x57, 0x28, 0x7E, 0x99, 0xA8, 0xDB,
0x97, 0xA4, 0xAF, 0xF2, 0x68, 0x47, 0xAB, 0x48,
0xE3, 0x4D, 0xF2, 0x94, 0xB4, 0xCC, 0xFC, 0x0C,
0x50, 0xAD, 0xEF, 0x2E, 0x80, 0xA6, 0x20, 0x29
};
static const uint8_t pw[] = {
0x31, 0x32, 0x33, 0x34
};
static const uint8_t pw_encr[] = {
0x42, 0xd7, 0xa1, 0x08, 0x15, 0x8f, 0xdd, 0xc8,
0xe8, 0x75, 0xea, 0xa2, 0xc2, 0x20, 0x28, 0xfa
};
#if 0
static void hexdump(const uint8_t *bytes, size_t len) {
size_t ix;
for (ix = 0; ix < len; ++ix) {
printf("%02X", bytes[ix]);
}
printf("\n");
}
OSStatus SecDHCreateFromParameters(const uint8_t *params,
size_t params_len, SecDHContext *pdh)
{
// We support DomainParameters as specified in PKCS#3
// (http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-3-diffie-hellman-key-agreement-standar.htm)
// DHParameter ::= SEQUENCE {
// prime INTEGER, -- p
// base INTEGER, -- g
// privateValueLength INTEGER OPTIONAL }
DERReturn drtn;
DERItem paramItem = {(DERByte *)params, params_len};
DER_DHParams decodedParams;
uint32_t l = 0;
drtn = DERParseSequence(¶mItem,
DER_NumDHParamsItemSpecs, DER_DHParamsItemSpecs,
&decodedParams, sizeof(decodedParams));
if(drtn)
return drtn;
if (decodedParams.l.length > 0) {
drtn = DERParseInteger(&decodedParams.l, &l);
if(drtn)
return drtn;
}
cc_size n = ccn_nof_size(decodedParams.p.length);
cc_size p_len = ccn_sizeof_n(n);
size_t context_size = ccdh_gp_size(p_len)+ccdh_full_ctx_size(p_len);
void *context = malloc(context_size);
if(context==NULL)
return errSecAllocate;
bzero(context, context_size);
ccdh_gp_t gp;
gp.gp = context;
CCDH_GP_N(gp) = n;
CCDH_GP_L(gp) = l;
if(ccn_read_uint(n, CCDH_GP_PRIME(gp), decodedParams.p.length, decodedParams.p.data))
goto errOut;
if(decodedParams.recip.length) {
if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), decodedParams.recip.length, decodedParams.recip.data))
goto errOut;
CCZP_MOD_PRIME(gp.zp) = cczp_mod;
} else {
cczp_init(gp.zp);
};
if(ccn_read_uint(n, CCDH_GP_G(gp), decodedParams.g.length, decodedParams.g.data))
goto errOut;
*pdh = (SecDHContext) context;
return errSecSuccess;
errOut:
SecDHDestroy(context);
*pdh = NULL;
return errSecInvalidKey;
}
