static CFDataRef SecRSAPublicKeyCreatePKCS1(CFAllocatorRef allocator, ccrsa_pub_ctx_t pubkey)
{
size_t m_size = ccn_write_int_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey));
size_t e_size = ccn_write_int_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_e(pubkey));
const size_t seq_size = DERLengthOfItem(ASN1_INTEGER, m_size) +
DERLengthOfItem(ASN1_INTEGER, e_size);
const size_t result_size = DERLengthOfItem(ASN1_SEQUENCE, seq_size);
CFMutableDataRef pkcs1 = CFDataCreateMutable(allocator, result_size);
if (pkcs1 == NULL)
return NULL;
CFDataSetLength(pkcs1, result_size);
uint8_t *bytes = CFDataGetMutableBytePtr(pkcs1);
*bytes++ = ASN1_CONSTR_SEQUENCE;
DERSize itemLength = 4;
DEREncodeLength(seq_size, bytes, &itemLength);
bytes += itemLength;
ccasn_encode_int(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey), m_size, &bytes);
ccasn_encode_int(ccrsa_ctx_n(pubkey), ccrsa_ctx_e(pubkey), e_size, &bytes);
return pkcs1;
}
CCCryptorStatus
CCRSACryptorCreateFromData( CCRSAKeyType keyType, uint8_t *modulus, size_t modulusLength,
uint8_t *exponent, size_t exponentLength,
uint8_t *p, size_t pLength, uint8_t *q, size_t qLength,
CCRSACryptorRef *ref)
{
CCCryptorStatus retval = kCCSuccess;
CCRSACryptor *rsaKey = NULL;
size_t n = ccn_nof_size(modulusLength);
cc_unit m[n];
CC_DEBUG_LOG(ASL_LEVEL_ERR, "Entering\n");
__Require_Action(ccn_read_uint(n, m, modulusLength, modulus) == 0, errOut, retval = kCCParamError);
size_t nbits = ccn_bitlen(n, m);
__Require_Action((rsaKey = ccMallocRSACryptor(nbits, keyType)) != NULL, errOut, retval = kCCMemoryFailure);
__Require_Action(ccn_read_uint(n, ccrsa_ctx_m(rsaKey->fk), modulusLength, modulus) == 0, errOut, retval = kCCParamError);
__Require_Action(ccn_read_uint(n, ccrsa_ctx_e(rsaKey->fk), exponentLength, exponent) == 0, errOut, retval = kCCParamError);
cczp_init(ccrsa_ctx_zm(rsaKey->fk));
rsaKey->keySize = ccn_bitlen(n, ccrsa_ctx_m(rsaKey->fk));
switch(keyType) {
case ccRSAKeyPublic:
rsaKey->keyType = ccRSAKeyPublic;
break;
case ccRSAKeyPrivate: {
ccrsa_priv_ctx_t privk = ccrsa_ctx_private(rsaKey->fk);
size_t psize = ccn_nof_size(pLength);
size_t qsize = ccn_nof_size(qLength);
CCZP_N(ccrsa_ctx_private_zp(privk)) = psize;
__Require_Action(ccn_read_uint(psize, CCZP_PRIME(ccrsa_ctx_private_zp(privk)), pLength, p) == 0, errOut, retval = kCCParamError);
CCZP_N(ccrsa_ctx_private_zq(privk)) = qsize;
__Require_Action(ccn_read_uint(qsize, CCZP_PRIME(ccrsa_ctx_private_zq(privk)), qLength, q) == 0, errOut, retval = kCCParamError);
ccrsa_crt_makekey(ccrsa_ctx_zm(rsaKey->fk), ccrsa_ctx_e(rsaKey->fk), ccrsa_ctx_d(rsaKey->fk),
ccrsa_ctx_private_zp(privk),
ccrsa_ctx_private_dp(privk), ccrsa_ctx_private_qinv(privk),
ccrsa_ctx_private_zq(privk), ccrsa_ctx_private_dq(privk));
rsaKey->keyType = ccRSAKeyPrivate;
break;
}
default:
retval = kCCParamError;
goto errOut;
}
*ref = rsaKey;
return kCCSuccess;
errOut:
if(rsaKey) ccRSACryptorClear(rsaKey);
return retval;
}
void ccrsa_dump_public_key(ccrsa_pub_ctx_t key) {
ccn_cprint(ccrsa_ctx_n(key), "uint8_t m[] = ", ccrsa_ctx_m(key));
ccn_cprint(ccrsa_ctx_n(key) + 1, "uint8_t rm[] = ", cczp_recip(ccrsa_ctx_zm(key)));
ccn_cprint(ccrsa_ctx_n(key), "uint8_t e[] = ", ccrsa_ctx_e(key));
printf("--\n");
}
size_t ccder_encode_rsa_priv_size(const ccrsa_full_ctx_t key) {
ccrsa_priv_ctx_t privk = ccrsa_ctx_private(key);
cc_size n = ccrsa_ctx_n(key);
cc_unit version_0[ccn_nof(1)] = {0x00};
return ccder_sizeof(CCDER_CONSTRUCTED_SEQUENCE,
ccder_sizeof_integer(ccn_nof(1), version_0) +
ccder_sizeof_integer(n, ccrsa_ctx_m(key)) +
ccder_sizeof_integer(n, ccrsa_ctx_e(key)) +
ccder_sizeof_integer(n, ccrsa_ctx_d(key)) +
ccder_sizeof_integer(cczp_n(ccrsa_ctx_private_zp(privk)), cczp_prime(ccrsa_ctx_private_zp(privk))) +
ccder_sizeof_integer(cczp_n(ccrsa_ctx_private_zq(privk)), cczp_prime(ccrsa_ctx_private_zq(privk))) +
ccder_sizeof_integer(cczp_n(ccrsa_ctx_private_zp(privk)), ccrsa_ctx_private_dp(privk)) +
ccder_sizeof_integer(cczp_n(ccrsa_ctx_private_zq(privk)), ccrsa_ctx_private_dq(privk)) +
ccder_sizeof_integer(cczp_n(ccrsa_ctx_private_zp(privk)), ccrsa_ctx_private_qinv(privk))
);
}
//
// pubkey is initilaized with an n which is the maximum it can hold
// We set the n to its correct value given m.
//
static int ccrsa_pub_init(ccrsa_pub_ctx_t pubkey,
size_t m_size, const uint8_t* m,
size_t e_size, const uint8_t* e)
{
cc_skip_zeros(m_size, m);
cc_size nm = ccn_nof_size(m_size);
if (nm > ccrsa_ctx_n(pubkey))
return -1;
ccrsa_ctx_n(pubkey) = nm;
ccn_read_uint(nm, ccrsa_ctx_m(pubkey), m_size, m);
cczp_init(ccrsa_ctx_zm(pubkey));
return ccn_read_uint(nm, ccrsa_ctx_e(pubkey), e_size, e);
}
CFDataRef SecKeyCopyExponent(SecKeyRef key) {
ccrsa_pub_ctx_t pubkey;
pubkey.pub = key->key;
size_t e_size = ccn_write_uint_size(ccrsa_ctx_n(pubkey), ccrsa_ctx_e(pubkey));
CFAllocatorRef allocator = CFGetAllocator(key);
CFMutableDataRef exponentData = CFDataCreateMutable(allocator, e_size);
if (exponentData == NULL)
return NULL;
CFDataSetLength(exponentData, e_size);
ccn_write_uint(ccrsa_ctx_n(pubkey), ccrsa_ctx_m(pubkey), e_size, CFDataGetMutableBytePtr(exponentData));
return exponentData;
}
void ccrsa_dump_full_key(ccrsa_full_ctx_t key) {
ccn_cprint(ccrsa_ctx_n(key), "uint8_t m[] = ", ccrsa_ctx_m(key));
ccn_cprint(ccrsa_ctx_n(key) + 1, "uint8_t rm[] = ", cczp_recip(ccrsa_ctx_zm(key)));
ccn_cprint(ccrsa_ctx_n(key), "uint8_t e[] = ", ccrsa_ctx_e(key));
ccn_cprint(ccrsa_ctx_n(key), "uint8_t d[] = ", ccrsa_ctx_d(key));
printf("cc_size np = %lu;\n", cczp_n(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))));
ccn_cprint(cczp_n(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))), "uint8_t p[] = ",
cczp_prime(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))));
ccn_cprint(cczp_n(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))) + 1, "uint8_t rp[] = ",
cczp_recip(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))));
printf("cc_size nq = %lu;\n", cczp_n(ccrsa_ctx_private_zq(ccrsa_ctx_private(key))));
ccn_cprint(cczp_n(ccrsa_ctx_private_zq(ccrsa_ctx_private(key))), "uint8_t q[] = ",
cczp_prime(ccrsa_ctx_private_zq(ccrsa_ctx_private(key))));
ccn_cprint(cczp_n(ccrsa_ctx_private_zq(ccrsa_ctx_private(key))) + 1, "uint8_t rq[] = ",
cczp_recip(ccrsa_ctx_private_zq(ccrsa_ctx_private(key))));
ccn_cprint(cczp_n(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))), "uint8_t dp[] = ",
ccrsa_ctx_private_dp(ccrsa_ctx_private(key)));
ccn_cprint(cczp_n(ccrsa_ctx_private_zq(ccrsa_ctx_private(key))), "uint8_t dq[] = ",
ccrsa_ctx_private_dq(ccrsa_ctx_private(key)));
ccn_cprint(cczp_n(ccrsa_ctx_private_zp(ccrsa_ctx_private(key))), "uint8_t qinv[] = ",
ccrsa_ctx_private_qinv(ccrsa_ctx_private(key)));
printf("--\n");
}
static CFDataRef SecRSAPrivateKeyCreatePKCS1(CFAllocatorRef allocator, ccrsa_full_ctx_t fullkey)
{
ccrsa_priv_ctx_t privkey = ccrsa_ctx_private(fullkey);
const cc_size np = cczp_n(ccrsa_ctx_private_zp(privkey));
const cc_size nq = cczp_n(ccrsa_ctx_private_zq(privkey));
size_t m_size = ccn_write_int_size(ccrsa_ctx_n(fullkey), ccrsa_ctx_m(fullkey));
size_t e_size = ccn_write_int_size(ccrsa_ctx_n(fullkey), ccrsa_ctx_e(fullkey));
size_t d_size = ccn_write_int_size(ccrsa_ctx_n(fullkey), ccrsa_ctx_d(fullkey));
size_t p_size = ccn_write_int_size(np, cczp_prime(ccrsa_ctx_private_zp(privkey)));
size_t q_size = ccn_write_int_size(nq, cczp_prime(ccrsa_ctx_private_zq(privkey)));
size_t dp_size = ccn_write_int_size(np, ccrsa_ctx_private_dp(privkey));
size_t dq_size = ccn_write_int_size(nq, ccrsa_ctx_private_dq(privkey));
size_t qinv_size = ccn_write_int_size(np, ccrsa_ctx_private_qinv(privkey));
const size_t seq_size = 3 +
DERLengthOfItem(ASN1_INTEGER, m_size) +
DERLengthOfItem(ASN1_INTEGER, e_size) +
DERLengthOfItem(ASN1_INTEGER, d_size) +
DERLengthOfItem(ASN1_INTEGER, p_size) +
DERLengthOfItem(ASN1_INTEGER, q_size) +
DERLengthOfItem(ASN1_INTEGER, dp_size) +
DERLengthOfItem(ASN1_INTEGER, dq_size) +
DERLengthOfItem(ASN1_INTEGER, qinv_size);
const size_t result_size = DERLengthOfItem(ASN1_SEQUENCE, seq_size);
CFMutableDataRef pkcs1 = CFDataCreateMutable(allocator, result_size);
if (pkcs1 == NULL)
return NULL;
CFDataSetLength(pkcs1, result_size);
uint8_t *bytes = CFDataGetMutableBytePtr(pkcs1);
*bytes++ = ASN1_CONSTR_SEQUENCE;
DERSize itemLength = 4;
DEREncodeLength(seq_size, bytes, &itemLength);
bytes += itemLength;
*bytes++ = ASN1_INTEGER;
*bytes++ = 0x01;
*bytes++ = 0x00;
ccasn_encode_int(ccrsa_ctx_n(fullkey), ccrsa_ctx_m(fullkey), m_size, &bytes);
ccasn_encode_int(ccrsa_ctx_n(fullkey), ccrsa_ctx_e(fullkey), e_size, &bytes);
ccasn_encode_int(ccrsa_ctx_n(fullkey), ccrsa_ctx_d(fullkey), d_size, &bytes);
ccasn_encode_int(np, cczp_prime(ccrsa_ctx_private_zp(privkey)), p_size, &bytes);
ccasn_encode_int(nq, cczp_prime(ccrsa_ctx_private_zq(privkey)), q_size, &bytes);
ccasn_encode_int(np, ccrsa_ctx_private_dp(privkey), dp_size, &bytes);
ccasn_encode_int(nq, ccrsa_ctx_private_dq(privkey), dq_size, &bytes);
ccasn_encode_int(np, ccrsa_ctx_private_qinv(privkey), qinv_size, &bytes);
return pkcs1;
}
CCRSACryptorRef CCRSACryptorGetPublicKeyFromPrivateKey(CCRSACryptorRef privateCryptorRef)
{
CCRSACryptor *publicCryptor = NULL, *privateCryptor = privateCryptorRef;
CC_DEBUG_LOG(ASL_LEVEL_ERR, "Entering\n");
if((publicCryptor = ccMallocRSACryptor(privateCryptor->keySize, ccRSAKeyPublic)) == NULL) return NULL;
ccrsa_init_pub(ccrsa_ctx_public(publicCryptor->fk), ccrsa_ctx_m(privateCryptor->fk), ccrsa_ctx_e(privateCryptor->fk));
publicCryptor->keyType = ccRSAKeyPublic;
return publicCryptor;
}
