void BSafe::BSafeBinaryKey::generateKeyBlob(
Allocator &allocator,
CssmData &blob,
CSSM_KEYBLOB_FORMAT &format, // input val ignored for now
AppleCSPSession &session,
const CssmKey *paramKey, // optional, unused here
CSSM_KEYATTR_FLAGS &attrFlags) // IN/OUT
{
assert(mBsKey != NULL);
B_INFO_TYPE bsType;
if(!bsafeAlgToInfoType(mAlg, mIsPublic, bsType, format)) {
CssmError::throwMe(CSSMERR_CSP_INTERNAL_ERROR);
}
if(format == CSSM_KEYBLOB_RAW_FORMAT_PKCS1) {
/* special case, encode the PKCS1 format blob */
CssmRemoteData rData(
Allocator::standard(Allocator::sensitive), blob);
BS_GetKeyPkcs1(mBsKey, rData);
rData.release();
}
else {
BSafeItem *info;
BSafe::check(
B_GetKeyInfo((POINTER *)&info, mBsKey, bsType), true);
blob = info->copy<CssmData>(allocator);
}
}
void
write_keyfile (void)
{
/* read the public keys from secring.mix... */
FILE *privring, *privlock;
FILE *keyfile, *keylock, *keyinfo;
BUFFER *b1, *buff, *header;
#ifdef NEW
BUFFER *signature;
#endif
char line[1024], IDstr[80];
long pos;
int i, len;
byte tmpbyte;
PRIVATE_KEY privkey;
unsigned char ID[16];
char abilities[256] = "";
#ifndef USE_RSAREF
A_PKCS_RSA_PRIVATE_KEY *pkinfo;
#endif
our_abilities (abilities);
mix_lock ("secring", &privlock);
if ((privring = open_mix_file (SECRING, "r+")) == NULL)
{
mix_unlock ("secring", privlock);
return;
}
buff = new_buffer ();
#ifdef NEW
str_to_buffer (buff, begin_signed);
str_to_buffer (buff, "\n");
#endif
while ((pos = next_key (privring)) != -1)
{
header = new_buffer ();
for (;;) /* copy the header and to a buffer */
{
getline (line, sizeof (line), privring);
if (!strstr (line, ": "))
break;
str_to_buffer (header, line);
}
if (read_priv_key (privring, &privkey, ID) != 0)
break;
encode_ID (IDstr, ID);
if (memcmp (line, IDstr, 32) != 0)
{
fprintf (errlog, "Error: Private Key IDs do not match! Bad passphrase?\n");
fclose (privring);
mix_unlock ("secring", privlock);
exit (-1);
}
/* write key to buff */
if (header->length == 0)
{ /* old format */
sprintf (line, "%s %s ", SHORTNAME, REMAILERADDR);
str_to_buffer (buff, line);
str_to_buffer (buff, IDstr);
str_to_buffer (buff, " ");
str_to_buffer (buff, mixmaster_protocol);
str_to_buffer (buff, VERSION);
str_to_buffer (buff, " ");
str_to_buffer (buff, abilities);
str_to_buffer (buff, "\n\n");
str_to_buffer (buff, begin_key);
str_to_buffer (buff, "\n");
}
else
{
str_to_buffer (buff, begin_key);
str_to_buffer (buff, "\n");
add_to_buffer (buff, header->message, header->length);
}
str_to_buffer (buff, IDstr);
str_to_buffer (buff, "\n");
free_buffer (header);
/* Armor pubkey */
b1 = new_buffer ();
#ifdef USE_RSAREF
/* Convert pubkey.bits to two bytes */
i = privkey.bits;
#else
B_GetKeyInfo ((POINTER *) & pkinfo, privkey, KI_PKCS_RSAPrivate);
i = pkinfo->modulus.len * 8;
#endif
tmpbyte = i & 0xFF;
add_to_buffer (b1, &tmpbyte, 1); /* low byte of bits */
i = i / 256;
tmpbyte = i & 0xFF;
add_to_buffer (b1, &tmpbyte, 1); /* high byte of bits */
#ifdef USE_RSAREF
add_to_buffer (b1, privkey.modulus, MAX_RSA_MODULUS_LEN);
add_to_buffer (b1, privkey.publicExponent, MAX_RSA_MODULUS_LEN);
#else
add_to_buffer (b1, pkinfo->modulus.data, pkinfo->modulus.len);
if (pkinfo->publicExponent.len < pkinfo->modulus.len)
add_to_buffer (b1, NULL,
pkinfo->modulus.len - pkinfo->publicExponent.len);
add_to_buffer (b1, pkinfo->publicExponent.data,
pkinfo->publicExponent.len);
#endif
len = b1->length;
while ((b1->length % 3) != 0)
str_to_buffer (b1, "X");
sprintf (line, "%d\n", len);
str_to_buffer (buff, line);
armor (b1);
add_to_buffer (buff, b1->message, b1->length);
free_buffer (b1);
str_to_buffer (buff, end_key);
str_to_buffer (buff, "\n");
}
fclose (privring);
mix_unlock ("secring", privlock);
#ifdef NEW
str_to_buffer (buff, begin_cfg);
sprintf (line, "\n%s%s\n", KEY_VERSION, VERSION);
str_to_buffer (buff, line);
sprintf (line, "%s%s\n", CFG_REMAILER, SHORTNAME);
str_to_buffer (buff, line);
sprintf (line, "%s%s\n", CFG_ADDRESS, REMAILERADDR);
str_to_buffer (buff, line);
sprintf (line, "%s%s\n", CFG_ABILITIES, abilities);
str_to_buffer (buff, line);
sprintf (line, "%s%lu\n", CFG_DATE, (unsigned long) time (NULL));
str_to_buffer (buff, line);
str_to_buffer (buff, end_cfg);
signature = new_buffer ();
create_sig (buff, signature);
armor (signature);
str_to_buffer (buff, "\n");
str_to_buffer (buff, begin_signature);
str_to_buffer (buff, "\n");
add_to_buffer (buff, signature->message, signature->length);
str_to_buffer (buff, end_signature);
#endif
mix_lock ("key", &keylock);
if ((keyinfo = open_mix_file (KEYINFO, "r")) == NULL ||
(keyfile = open_mix_file (KEYFILE, "w")) == NULL)
{
mix_unlock ("key", keylock);
return;
}
while (getline (line, sizeof (line), keyinfo) != NULL)
fprintf (keyfile, "%s\n", line);
fclose (keyinfo);
write_buffer (buff, keyfile);
fclose (keyfile);
mix_unlock ("key", keylock);
free_buffer (buff);
}
int
generate_key (const char *header)
{
PUBLIC_KEY pubkey;
PRIVATE_KEY privkey;
unsigned char line[1024];
int i, err, len;
unsigned char iv[8];
byte digest[16], ID[16], tmpbyte;
byte des3key[24];
BUFFER *b1, *encrypted_key;
FILE *privring, *privlock;
#ifdef USE_RSAREF
R_DIGEST_CTX digest_context;
DES3_CBC_CTX context;
R_RSA_PROTO_KEY protokey;
#else
B_ALGORITHM_OBJ digest_obj;
B_ALGORITHM_OBJ des_obj;
B_ALGORITHM_OBJ gen_obj;
B_KEY_OBJ key_obj;
A_RSA_KEY_GEN_PARAMS keypar;
A_PKCS_RSA_PRIVATE_KEY *keyinfo;
unsigned char pubexpt[] =
{1, 0, 1};
#endif
#ifdef DEBUG
printf ("Generating key:\n%s", header);
#endif
/* Generate a 1024 bit key with pub exponent = 65537 */
#ifdef USE_RSAREF
protokey.bits = MIX_RSA_MOD;
protokey.useFermat4 = 1;
err = R_GeneratePEMKeys (&pubkey, &privkey, &protokey, &random_obj);
#else
B_CreateAlgorithmObject (&gen_obj);
/* Generate a 1024 bit key with pub exponent = 65537 */
keypar.modulusBits = 1024;
keypar.publicExponent.data = pubexpt;
keypar.publicExponent.len = sizeof (pubexpt);
B_SetAlgorithmInfo (gen_obj, AI_RSAKeyGen, (POINTER) & keypar);
B_GenerateInit (gen_obj, CHOOSER, NULL);
B_CreateKeyObject (&pubkey);
B_CreateKeyObject (&privkey);
err = (B_GenerateKeypair (gen_obj, pubkey, privkey, random_obj, NULL));
#endif
if (err != 0)
{
fprintf (errlog, "Key generation error.\n");
return (-1);
}
#ifdef DEBUG
printf ("Done.\n");
#endif
/* put private key in a buffer */
b1 = new_buffer ();
#ifdef USE_RSAREF
/* Convert privkey.bits to two bytes */
i = privkey.bits;
#else
B_GetKeyInfo ((POINTER *) & keyinfo, privkey, KI_PKCS_RSAPrivate);
i = keyinfo->modulus.len * 8;
#endif
tmpbyte = i & 0xFF;
add_to_buffer (b1, &tmpbyte, 1); /* low byte of bits */
tmpbyte = (i / 256) & 0xFF;
add_to_buffer (b1, &tmpbyte, 1); /* high byte of bits */
#ifdef USE_RSAREF
add_to_buffer (b1, privkey.modulus, MAX_RSA_MODULUS_LEN);
add_to_buffer (b1, privkey.publicExponent, MAX_RSA_MODULUS_LEN);
/* Make Key ID */
R_DigestInit (&digest_context, DA_MD5);
R_DigestUpdate (&digest_context, pubkey.modulus, MAX_RSA_MODULUS_LEN);
R_DigestUpdate (&digest_context, pubkey.exponent, MAX_RSA_MODULUS_LEN);
R_DigestFinal (&digest_context, ID, &i);
add_to_buffer (b1, privkey.exponent, MAX_RSA_MODULUS_LEN);
add_to_buffer (b1, privkey.prime[0], MAX_RSA_PRIME_LEN);
add_to_buffer (b1, privkey.prime[1], MAX_RSA_PRIME_LEN);
add_to_buffer (b1, privkey.primeExponent[0], MAX_RSA_PRIME_LEN);
add_to_buffer (b1, privkey.primeExponent[1], MAX_RSA_PRIME_LEN);
add_to_buffer (b1, privkey.coefficient, MAX_RSA_PRIME_LEN);
#else
i = (i + 7) / 8;
/* Make Key ID */
B_CreateAlgorithmObject (&digest_obj);
B_SetAlgorithmInfo (digest_obj, AI_MD5, NULL);
B_DigestInit (digest_obj, NULL, CHOOSER, NULL);
add_to_buffer (b1, keyinfo->modulus.data, i);
if (keyinfo->publicExponent.len < i)
add_to_buffer (b1, NULL,
i - keyinfo->publicExponent.len);
add_to_buffer (b1, keyinfo->publicExponent.data,
keyinfo->publicExponent.len);
B_DigestUpdate (digest_obj, b1->message + 2,
2 * i,
NULL);
B_DigestFinal (digest_obj, ID, &i, 16, NULL);
B_DestroyAlgorithmObject (&digest_obj);
if (keyinfo->privateExponent.len < i)
add_to_buffer (b1, NULL,
i - keyinfo->privateExponent.len);
add_to_buffer (b1, keyinfo->privateExponent.data,
keyinfo->privateExponent.len);
i = (i + 1) / 2;
if (keyinfo->prime[0].len < i)
add_to_buffer (b1, NULL,
i - keyinfo->prime[0].len);
add_to_buffer (b1, keyinfo->prime[0].data, keyinfo->prime[0].len);
if (keyinfo->prime[1].len < i)
add_to_buffer (b1, NULL,
i - keyinfo->prime[1].len);
add_to_buffer (b1, keyinfo->prime[1].data, keyinfo->prime[1].len);
if (keyinfo->primeExponent[0].len < i)
add_to_buffer (b1, NULL,
i - keyinfo->primeExponent[0].len);
add_to_buffer (b1, keyinfo->primeExponent[0].data,
keyinfo->primeExponent[0].len);
if (keyinfo->primeExponent[1].len < i)
add_to_buffer (b1, NULL,
i - keyinfo->primeExponent[1].len);
add_to_buffer (b1, keyinfo->primeExponent[1].data,
keyinfo->primeExponent[1].len);
if (keyinfo->coefficient.len < i)
add_to_buffer (b1, NULL,
i - keyinfo->coefficient.len);
add_to_buffer (b1, keyinfo->coefficient.data, keyinfo->coefficient.len);
#endif
/* Encrypt the secret key */
encrypted_key = new_buffer ();
len = b1->length;
if (len % 8 != 0) /* ensure length is mult of 8 */
len += 8 - len % 8;
add_to_buffer (encrypted_key, malloc (len), len);
our_randombytes (iv, 8);
#ifdef USE_RSAREF
R_DigestInit (&digest_context, DA_MD5);
R_DigestUpdate (&digest_context, PASSPHRASE, strlen (PASSPHRASE));
R_DigestFinal (&digest_context, digest, &i);
memcpy (des3key, digest, 16); /* set first 2 keys */
memcpy (des3key + 16, digest, 8); /* third key = first key */
DES3_CBCInit (&context, des3key, iv, 1);
if (DES3_CBCUpdate (&context, encrypted_key->message, b1->message,
encrypted_key->length))
{
printf ("Error: Problem encrypting key\n");
return (-1);
}
#else
B_CreateAlgorithmObject (&digest_obj);
B_SetAlgorithmInfo (digest_obj, AI_MD5, NULL);
B_DigestInit (digest_obj, NULL, CHOOSER, NULL);
B_DigestUpdate (digest_obj, PASSPHRASE, strlen (PASSPHRASE), NULL);
B_DigestFinal (digest_obj, digest, &i, 16, NULL);
B_DestroyAlgorithmObject (&digest_obj);
memcpy (des3key, digest, 16); /* set first 2 keys */
memcpy (des3key + 16, digest, 8); /* third key = first key */
B_CreateAlgorithmObject (&des_obj);
B_SetAlgorithmInfo (des_obj, AI_DES_EDE3_CBC_IV8, iv);
B_CreateKeyObject (&key_obj);
B_SetKeyInfo (key_obj, KI_DES24Strong, des3key);
B_EncryptInit (des_obj, key_obj, CHOOSER, NULL);
B_EncryptUpdate (des_obj, encrypted_key->message, &len,
encrypted_key->length,
b1->message, b1->length, random_obj, NULL);
B_EncryptFinal (des_obj, encrypted_key->message + len,
&len, encrypted_key->length - len, random_obj, NULL);
/* err? XXX */
#endif
memset ((void *) digest, 0, 16); /* zero password */
mix_lock ("secring", &privlock);
if ((privring = open_mix_file (SECRING, "a+")) == NULL)
{
mix_unlock ("secring", privlock);
return (-1);
}
fprintf (privring, "%s\n", begin_key);
if (strlen (header) > 0)
{
fprintf (privring, KEY_VERSION "%s\n", VERSION);
fprintf (privring, "%s", header);
}
print_ID (privring, ID);
fprintf (privring, "%d\n", len);
encode_block (line, &i, iv, 8);
fwrite (line, 1, i, privring);
fprintf (privring, "\n");
/* Armor privkey */
armor (encrypted_key);
write_buffer (encrypted_key, privring);
free_buffer (encrypted_key);
fprintf (privring, "%s\n", end_key);
fclose (privring);
mix_unlock ("secring", privlock);
return 0;
}
