/* * Generate a key pair using the CSPDL. */ OSStatus generateKeyPair( CSSM_CSP_HANDLE cspHand, CSSM_DL_DB_HANDLE dlDbHand, CSSM_ALGORITHMS keyAlg, // e.g., CSSM_ALGID_RSA uint32 keySizeInBits, const char *keyLabel, // C string CSSM_KEY_PTR *pubKeyPtr, // mallocd, created, RETURNED CSSM_KEY_PTR *privKeyPtr) // mallocd, created, RETURNED { CSSM_KEY_PTR pubKey = (CSSM_KEY_PTR)(APP_MALLOC(sizeof(CSSM_KEY))); CSSM_KEY_PTR privKey = (CSSM_KEY_PTR)(APP_MALLOC(sizeof(CSSM_KEY))); if((pubKey == NULL) || (privKey == NULL)) { return memFullErr; } CSSM_RETURN crtn; CSSM_KEYUSE pubKeyUse; CSSM_KEYUSE privKeyUse; pubKeyUse = CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_WRAP; privKeyUse = CSSM_KEYUSE_SIGN | CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_UNWRAP; crtn = srCspGenKeyPair(cspHand, &dlDbHand, keyAlg, keyLabel, (int) strlen(keyLabel) + 1, keySizeInBits, pubKey, pubKeyUse, CSSM_KEYATTR_EXTRACTABLE | CSSM_KEYATTR_RETURN_REF, privKey, privKeyUse, CSSM_KEYATTR_SENSITIVE | CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_PERMANENT | CSSM_KEYATTR_EXTRACTABLE); if(crtn) { APP_FREE(pubKey); APP_FREE(privKey); return paramErr; } /* bind private key to cert by public key hash */ crtn = setPubKeyHash(cspHand, dlDbHand, pubKey, keyLabel); if(crtn) { sec_error("setPubKeyHash: Error setting public key hash. Continuing at peril: %s", sec_errstr(crtn)); } *pubKeyPtr = pubKey; *privKeyPtr = privKey; return noErr; }
char *cuTimeAtNowPlus(int secFromNow, timeSpec spec) { struct tm utc; char *outStr; time_t baseTime; pthread_mutex_lock(&timeMutex); baseTime = time(NULL); baseTime += (time_t)secFromNow; utc = *gmtime(&baseTime); pthread_mutex_unlock(&timeMutex); outStr = (char *)APP_MALLOC(MAX_TIME_STR_LEN); switch(spec) { case TIME_UTC: /* UTC - 2 year digits - code which parses this assumes that * (2-digit) years between 0 and 49 are in century 21 */ if(utc.tm_year >= 100) { utc.tm_year -= 100; } sprintf(outStr, "%02d%02d%02d%02d%02d%02dZ", utc.tm_year /* + 1900 */, utc.tm_mon + 1, utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec); break; case TIME_GEN: sprintf(outStr, "%04d%02d%02d%02d%02d%02dZ", /* note year is relative to 1900, hopefully it'll * have four valid digits! */ utc.tm_year + 1900, utc.tm_mon + 1, utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec); break; case TIME_CSSM: sprintf(outStr, "%04d%02d%02d%02d%02d%02d", /* note year is relative to 1900, hopefully it'll have * four valid digits! */ utc.tm_year + 1900, utc.tm_mon + 1, utc.tm_mday, utc.tm_hour, utc.tm_min, utc.tm_sec); break; } return outStr; }