BOOLEAN
AnscAsn1PKCS10SignWithKeyParam
(
ANSC_HANDLE hThisObject,
PKI_KEY_TYPE keyType,
ANSC_HANDLE hKeyPairHandle
)
{
PANSC_ASN1_CERTIFICATEREQUEST pThisObject = (PANSC_ASN1_CERTIFICATEREQUEST)hThisObject;
PANSC_ASN1_PRIVATEKEYINFO pKeyInfo;
BOOLEAN bResult;
pKeyInfo = (PANSC_ASN1_PRIVATEKEYINFO)
AnscAsn1CreatePrivateKeyInfoWithKey(NULL, keyType, hKeyPairHandle);
if( pKeyInfo == NULL)
{
return FALSE;
}
bResult =
pThisObject->SignWithPrivateKeyInfo
(
pThisObject,
pKeyInfo
);
pKeyInfo->AsnFree(pKeyInfo);
return bResult;
}
/*************************************************************************
*
* This is the reverse api of above, with the given key type and KeyGenParams,
* generate the private key info encoding;
*
*************************************************************************/
PUCHAR
PKIUtilityGetPrivateKeyInfoEncoding
(
ANSC_HANDLE hKeyGenParams,
PKI_KEY_TYPE keyType,
PULONG pLength
)
{
PANSC_ASN1_PRIVATEKEYINFO pKeyInfo;
PUCHAR pEncoding;
if( hKeyGenParams == NULL || pLength == NULL)
{
return NULL;
}
pKeyInfo = (PANSC_ASN1_PRIVATEKEYINFO)
AnscAsn1CreatePrivateKeyInfo(NULL);
if( pKeyInfo == NULL)
{
return NULL;
}
if( !pKeyInfo->InitKey(pKeyInfo, keyType, hKeyGenParams))
{
pKeyInfo->AsnFree(pKeyInfo);
return NULL;
}
pEncoding = pKeyInfo->GetEncodedData(pKeyInfo, pLength);
pKeyInfo->AsnFree(pKeyInfo);
return pEncoding;
}
/*************************************************************************
*
* This is the api to init the KeyGenParams from the given certificate
* and private key info
*
*************************************************************************/
ANSC_STATUS
PKIUtilityInitKeyGenParams
(
ANSC_HANDLE hSSLCrypto,
PANSC_ASN1_CERTIFICATE pCert,
PANSC_ASN1_PRIVATEKEYINFO pKeyInfo,
ANSC_HANDLE hKeyGenParams
)
{
PANSC_CRYPTO_PUB_KEY_GEN_PARAMS pKeyGenParams = (PANSC_CRYPTO_PUB_KEY_GEN_PARAMS)hKeyGenParams;
PANSC_CRYPTO_PUB_SSLEAY_OBJECT pSSLCrypto = (PANSC_CRYPTO_PUB_SSLEAY_OBJECT)hSSLCrypto;
BOOLEAN bKeyPair = TRUE;
PKI_KEY_TYPE keyType;
if( pCert == NULL || pKeyInfo == NULL || hKeyGenParams == NULL)
{
return ANSC_STATUS_FAILURE;
}
keyType = pCert->GetKeyType(pCert);
if( keyType != PKI_RSA_KEY && keyType != PKI_DSA_KEY)
{
return ANSC_STATUS_FAILURE;
}
if( keyType != pKeyInfo->GetKeyType(pKeyInfo))
{
AnscTrace("The key pair is not in the same key type.\n");
return ANSC_STATUS_FAILURE;
}
/* init the public key */
if( ANSC_STATUS_SUCCESS !=
pCert->ExportPublicKey
(
pCert,
hKeyGenParams
))
{
return ANSC_STATUS_FAILURE;
}
/* init the private key */
if( ANSC_STATUS_SUCCESS !=
pKeyInfo->ExportKey
(
pKeyInfo,
hKeyGenParams
))
{
return ANSC_STATUS_FAILURE;
}
/* verify the key pair */
if( pSSLCrypto != NULL)
{
if( keyType == PKI_RSA_KEY)
{
bKeyPair =
pSSLCrypto->KeyPairMatch
(
pSSLCrypto,
ANSC_CRYPTO_PUB_KEY_RSA,
&pKeyGenParams->PublicKey.RSA,
&pKeyGenParams->PrivateKey.RSA
);
}
else
{
bKeyPair =
pSSLCrypto->KeyPairMatch
(
pSSLCrypto,
ANSC_CRYPTO_PUB_KEY_DSA,
&pKeyGenParams->PublicKey.DSA,
&pKeyGenParams->PrivateKey.DSA
);
}
}
if( bKeyPair)
{
return ANSC_STATUS_SUCCESS;
}
else
{
return ANSC_STATUS_FAILURE;
}
}
BOOLEAN
AnscAsn1PKCS10SignWithPrivateKeyInfo
(
ANSC_HANDLE hThisObject,
ANSC_HANDLE hPrivateKeyInfo
)
{
PANSC_ASN1_CERTIFICATEREQUEST pThisObject = (PANSC_ASN1_CERTIFICATEREQUEST)hThisObject;
PANSC_ASN1_PRIVATEKEYINFO pKeyInfo = (PANSC_ASN1_PRIVATEKEYINFO)hPrivateKeyInfo;
PUCHAR pSignature;
ULONG uSignLength = 1024;
PANSC_ASN1_BITSTRING pStringObject;
PANSC_ASN1_CERTIFICATIONREQUESTINFO
pInfo;
if( pThisObject == NULL)
{
return FALSE;
}
pInfo = (PANSC_ASN1_CERTIFICATIONREQUESTINFO)
pThisObject->GetCertificateRequestInfo(pThisObject);
if( pInfo == NULL)
{
return FALSE;
}
/* check the signed data */
if( pThisObject->pSignedData == NULL || pThisObject->uSignedLength == 0)
{
pThisObject->pSignedData =
pInfo->GetEncodedData(pInfo, &pThisObject->uSignedLength);
}
if( pThisObject->pSignedData == NULL)
{
return FALSE;
}
/* create the buffer to get the signature; */
pSignature = (PUCHAR)AnscAllocateMemory(uSignLength);
if( pSignature == NULL)
{
return FALSE;
}
if(ANSC_STATUS_SUCCESS !=
pKeyInfo->SignData
(
pKeyInfo,
pThisObject->pSignedData,
pThisObject->uSignedLength,
pThisObject->GetSignatureType(pThisObject),
pSignature,
&uSignLength
))
{
AnscFreeMemory(pSignature);
return FALSE;
}
pStringObject = (PANSC_ASN1_BITSTRING)pThisObject->GetSignature(pThisObject);
pStringObject->SetStringValue(pStringObject, pSignature, uSignLength);
AnscFreeMemory(pSignature);
return TRUE;
}
BOOLEAN
AnscAsn1PKCS10InitKeyPair
(
ANSC_HANDLE hThisObject,
PKI_KEY_TYPE keyType,
ANSC_HANDLE hKeyPairHandle
)
{
PANSC_ASN1_CERTIFICATEREQUEST pThisObject = (PANSC_ASN1_CERTIFICATEREQUEST)hThisObject;
PANSC_ASN1_SUBJECTPUBLICKEYINFO pPublicKeyInfo;
PANSC_ASN1_CERTIFICATIONREQUESTINFO
pInfo;
PANSC_ASN1_PRIVATEKEYINFO pKeyInfo;
BOOLEAN bResult;
if( pThisObject == NULL || hKeyPairHandle == NULL)
{
return FALSE;
}
pInfo = (PANSC_ASN1_CERTIFICATIONREQUESTINFO)
pThisObject->GetCertificateRequestInfo(pThisObject);
if( pInfo == NULL)
{
return FALSE;
}
pPublicKeyInfo = (PANSC_ASN1_SUBJECTPUBLICKEYINFO)
pInfo->GetChildByIndex(pInfo,2);
if( pPublicKeyInfo == NULL)
{
return FALSE;
}
if(!pPublicKeyInfo->GenerateKey
(
pPublicKeyInfo,
keyType,
hKeyPairHandle
))
{
AnscTrace("Failed to set the public key.\n");
return FALSE;
}
pKeyInfo = (PANSC_ASN1_PRIVATEKEYINFO)
AnscAsn1CreatePrivateKeyInfoWithKey(NULL, keyType,hKeyPairHandle);
if( pKeyInfo == NULL)
{
return FALSE;
}
bResult =
pThisObject->SignWithPrivateKeyInfo
(
pThisObject,
pKeyInfo
);
pKeyInfo->AsnFree(pKeyInfo);
return bResult;
}