/*
* Generate a key pair using the CSPDL.
*/
OSStatus generateKeyPair(
CSSM_CSP_HANDLE cspHand,
CSSM_DL_DB_HANDLE dlDbHand,
CSSM_ALGORITHMS keyAlg, // e.g., CSSM_ALGID_RSA
uint32 keySizeInBits,
const char *keyLabel, // C string
CSSM_KEY_PTR *pubKeyPtr, // mallocd, created, RETURNED
CSSM_KEY_PTR *privKeyPtr) // mallocd, created, RETURNED
{
CSSM_KEY_PTR pubKey = (CSSM_KEY_PTR)(APP_MALLOC(sizeof(CSSM_KEY)));
CSSM_KEY_PTR privKey = (CSSM_KEY_PTR)(APP_MALLOC(sizeof(CSSM_KEY)));
if((pubKey == NULL) || (privKey == NULL)) {
return memFullErr;
}
CSSM_RETURN crtn;
CSSM_KEYUSE pubKeyUse;
CSSM_KEYUSE privKeyUse;
pubKeyUse = CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_ENCRYPT |
CSSM_KEYUSE_WRAP;
privKeyUse = CSSM_KEYUSE_SIGN | CSSM_KEYUSE_DECRYPT |
CSSM_KEYUSE_UNWRAP;
crtn = srCspGenKeyPair(cspHand,
&dlDbHand,
keyAlg,
keyLabel,
(int) strlen(keyLabel) + 1,
keySizeInBits,
pubKey,
pubKeyUse,
CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_RETURN_REF,
privKey,
privKeyUse,
CSSM_KEYATTR_SENSITIVE | CSSM_KEYATTR_RETURN_REF |
CSSM_KEYATTR_PERMANENT | CSSM_KEYATTR_EXTRACTABLE);
if(crtn) {
APP_FREE(pubKey);
APP_FREE(privKey);
return paramErr;
}
/* bind private key to cert by public key hash */
crtn = setPubKeyHash(cspHand,
dlDbHand,
pubKey,
keyLabel);
if(crtn) {
sec_error("setPubKeyHash: Error setting public key hash. Continuing at peril: %s", sec_errstr(crtn));
}
*pubKeyPtr = pubKey;
*privKeyPtr = privKey;
return noErr;
}
char *cuTimeAtNowPlus(int secFromNow,
timeSpec spec)
{
struct tm utc;
char *outStr;
time_t baseTime;
pthread_mutex_lock(&timeMutex);
baseTime = time(NULL);
baseTime += (time_t)secFromNow;
utc = *gmtime(&baseTime);
pthread_mutex_unlock(&timeMutex);
outStr = (char *)APP_MALLOC(MAX_TIME_STR_LEN);
switch(spec) {
case TIME_UTC:
/* UTC - 2 year digits - code which parses this assumes that
* (2-digit) years between 0 and 49 are in century 21 */
if(utc.tm_year >= 100) {
utc.tm_year -= 100;
}
sprintf(outStr, "%02d%02d%02d%02d%02d%02dZ",
utc.tm_year /* + 1900 */, utc.tm_mon + 1,
utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec);
break;
case TIME_GEN:
sprintf(outStr, "%04d%02d%02d%02d%02d%02dZ",
/* note year is relative to 1900, hopefully it'll
* have four valid digits! */
utc.tm_year + 1900, utc.tm_mon + 1,
utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec);
break;
case TIME_CSSM:
sprintf(outStr, "%04d%02d%02d%02d%02d%02d",
/* note year is relative to 1900, hopefully it'll have
* four valid digits! */
utc.tm_year + 1900, utc.tm_mon + 1,
utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec);
break;
}
return outStr;
}
