static int ccrsa_priv_init(ccrsa_priv_ctx_t privkey,
size_t p_size, const uint8_t* p,
size_t q_size, const uint8_t* q,
size_t dp_size, const uint8_t* dp,
size_t dq_size, const uint8_t* dq,
size_t qinv_size, const uint8_t* qinv)
{
int result = -1;
const cc_size np = cczp_n(ccrsa_ctx_private_zp(privkey));
cc_size nq = cczp_n(ccrsa_ctx_private_zq(privkey));
if (ccn_read_uint(np, CCZP_PRIME(ccrsa_ctx_private_zp(privkey)), p_size, p))
goto errOut;
cczp_init(ccrsa_ctx_private_zp(privkey));
if (ccn_read_uint(np, ccrsa_ctx_private_dp(privkey), dp_size, dp))
goto errOut;
if (ccn_read_uint(np, ccrsa_ctx_private_qinv(privkey), qinv_size, qinv))
goto errOut;
if (ccn_read_uint(nq, CCZP_PRIME(ccrsa_ctx_private_zq(privkey)), q_size, q))
goto errOut;
nq = ccn_n(nq, cczp_prime(ccrsa_ctx_private_zq(privkey)));
CCZP_N(ccrsa_ctx_private_zq(privkey)) = nq;
cczp_init(ccrsa_ctx_private_zq(privkey));
if (ccn_read_uint(nq, ccrsa_ctx_private_dq(privkey), dq_size, dq))
goto errOut;
result = 0;
errOut:
return result;
}
OSStatus SecDHCreate(uint32_t g, const uint8_t *p, size_t p_len,
uint32_t l, const uint8_t *recip, size_t recip_len, SecDHContext *pdh)
{
cc_size n = ccn_nof_size(p_len);
size_t context_size = SecDH_context_size(p_len);
void *context = malloc(context_size);
bzero(context, context_size);
ccdh_gp_t gp;
gp.gp = context;
CCDH_GP_N(gp) = n;
CCDH_GP_L(gp) = l;
if(ccn_read_uint(n, CCDH_GP_PRIME(gp), p_len, p))
goto errOut;
if(recip) {
if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), recip_len, recip))
goto errOut;
CCZP_MOD_PRIME(gp.zp) = cczp_mod;
} else {
cczp_init(gp.zp);
};
ccn_seti(n, CCDH_GP_G(gp), g);
*pdh = (SecDHContext) context;
return errSecSuccess;
errOut:
SecDHDestroy(context);
*pdh = NULL;
return errSecInternal;
}
static inline int cczp_read_uint(cczp_t r, size_t data_size, const uint8_t *data)
{
if(ccn_read_uint(ccn_nof_size(data_size), CCZP_PRIME(r), data_size, data) != 0) return -1;
CCZP_N(r) = ccn_nof_size(data_size);
cczp_init(r);
return 0;
}
CCCryptorStatus
CCRSACryptorCreateFromData( CCRSAKeyType keyType, uint8_t *modulus, size_t modulusLength,
uint8_t *exponent, size_t exponentLength,
uint8_t *p, size_t pLength, uint8_t *q, size_t qLength,
CCRSACryptorRef *ref)
{
CCCryptorStatus retval = kCCSuccess;
CCRSACryptor *rsaKey = NULL;
size_t n = ccn_nof_size(modulusLength);
cc_unit m[n];
CC_DEBUG_LOG(ASL_LEVEL_ERR, "Entering\n");
__Require_Action(ccn_read_uint(n, m, modulusLength, modulus) == 0, errOut, retval = kCCParamError);
size_t nbits = ccn_bitlen(n, m);
__Require_Action((rsaKey = ccMallocRSACryptor(nbits, keyType)) != NULL, errOut, retval = kCCMemoryFailure);
__Require_Action(ccn_read_uint(n, ccrsa_ctx_m(rsaKey->fk), modulusLength, modulus) == 0, errOut, retval = kCCParamError);
__Require_Action(ccn_read_uint(n, ccrsa_ctx_e(rsaKey->fk), exponentLength, exponent) == 0, errOut, retval = kCCParamError);
cczp_init(ccrsa_ctx_zm(rsaKey->fk));
rsaKey->keySize = ccn_bitlen(n, ccrsa_ctx_m(rsaKey->fk));
switch(keyType) {
case ccRSAKeyPublic:
rsaKey->keyType = ccRSAKeyPublic;
break;
case ccRSAKeyPrivate: {
ccrsa_priv_ctx_t privk = ccrsa_ctx_private(rsaKey->fk);
size_t psize = ccn_nof_size(pLength);
size_t qsize = ccn_nof_size(qLength);
CCZP_N(ccrsa_ctx_private_zp(privk)) = psize;
__Require_Action(ccn_read_uint(psize, CCZP_PRIME(ccrsa_ctx_private_zp(privk)), pLength, p) == 0, errOut, retval = kCCParamError);
CCZP_N(ccrsa_ctx_private_zq(privk)) = qsize;
__Require_Action(ccn_read_uint(qsize, CCZP_PRIME(ccrsa_ctx_private_zq(privk)), qLength, q) == 0, errOut, retval = kCCParamError);
ccrsa_crt_makekey(ccrsa_ctx_zm(rsaKey->fk), ccrsa_ctx_e(rsaKey->fk), ccrsa_ctx_d(rsaKey->fk),
ccrsa_ctx_private_zp(privk),
ccrsa_ctx_private_dp(privk), ccrsa_ctx_private_qinv(privk),
ccrsa_ctx_private_zq(privk), ccrsa_ctx_private_dq(privk));
rsaKey->keyType = ccRSAKeyPrivate;
break;
}
default:
retval = kCCParamError;
goto errOut;
}
*ref = rsaKey;
return kCCSuccess;
errOut:
if(rsaKey) ccRSACryptorClear(rsaKey);
return retval;
}
OSStatus SecDHCreateFromParameters(const uint8_t *params,
size_t params_len, SecDHContext *pdh)
{
DERReturn drtn;
DERItem paramItem = {(DERByte *)params, params_len};
DER_DHParams decodedParams;
uint32_t l;
drtn = DERParseSequence(¶mItem,
DER_NumDHParamsItemSpecs, DER_DHParamsItemSpecs,
&decodedParams, sizeof(decodedParams));
if(drtn)
return drtn;
drtn = DERParseInteger(&decodedParams.l, &l);
if(drtn)
return drtn;
cc_size n = ccn_nof_size(decodedParams.p.length);
cc_size p_len = ccn_sizeof_n(n);
size_t context_size = ccdh_gp_size(p_len)+ccdh_full_ctx_size(p_len);
void *context = malloc(context_size);
if(context==NULL)
return errSecAllocate;
bzero(context, context_size);
ccdh_gp_t gp;
gp.gp = context;
CCDH_GP_N(gp) = n;
CCDH_GP_L(gp) = l;
if(ccn_read_uint(n, CCDH_GP_PRIME(gp), decodedParams.p.length, decodedParams.p.data))
goto errOut;
if(decodedParams.recip.length) {
if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), decodedParams.recip.length, decodedParams.recip.data))
goto errOut;
gp.zp.zp->mod_prime = cczp_mod;
} else {
cczp_init(gp.zp);
};
if(ccn_read_uint(n, CCDH_GP_G(gp), decodedParams.g.length, decodedParams.g.data))
goto errOut;
*pdh = (SecDHContext) context;
return errSecSuccess;
errOut:
SecDHDestroy(context);
*pdh = NULL;
return errSecInvalidKey;
}
//
// pubkey is initilaized with an n which is the maximum it can hold
// We set the n to its correct value given m.
//
static int ccrsa_pub_init(ccrsa_pub_ctx_t pubkey,
size_t m_size, const uint8_t* m,
size_t e_size, const uint8_t* e)
{
cc_skip_zeros(m_size, m);
cc_size nm = ccn_nof_size(m_size);
if (nm > ccrsa_ctx_n(pubkey))
return -1;
ccrsa_ctx_n(pubkey) = nm;
ccn_read_uint(nm, ccrsa_ctx_m(pubkey), m_size, m);
cczp_init(ccrsa_ctx_zm(pubkey));
return ccn_read_uint(nm, ccrsa_ctx_e(pubkey), e_size, e);
}
OSStatus SecDHCreateFromParameters(const uint8_t *params,
size_t params_len, SecDHContext *pdh)
{
// We support DomainParameters as specified in PKCS#3
// (http://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-3-diffie-hellman-key-agreement-standar.htm)
// DHParameter ::= SEQUENCE {
// prime INTEGER, -- p
// base INTEGER, -- g
// privateValueLength INTEGER OPTIONAL }
DERReturn drtn;
DERItem paramItem = {(DERByte *)params, params_len};
DER_DHParams decodedParams;
uint32_t l = 0;
drtn = DERParseSequence(¶mItem,
DER_NumDHParamsItemSpecs, DER_DHParamsItemSpecs,
&decodedParams, sizeof(decodedParams));
if(drtn)
return drtn;
if (decodedParams.l.length > 0) {
drtn = DERParseInteger(&decodedParams.l, &l);
if(drtn)
return drtn;
}
cc_size n = ccn_nof_size(decodedParams.p.length);
cc_size p_len = ccn_sizeof_n(n);
size_t context_size = ccdh_gp_size(p_len)+ccdh_full_ctx_size(p_len);
void *context = malloc(context_size);
if(context==NULL)
return errSecAllocate;
bzero(context, context_size);
ccdh_gp_t gp;
gp.gp = context;
CCDH_GP_N(gp) = n;
CCDH_GP_L(gp) = l;
if(ccn_read_uint(n, CCDH_GP_PRIME(gp), decodedParams.p.length, decodedParams.p.data))
goto errOut;
if(decodedParams.recip.length) {
if(ccn_read_uint(n+1, CCDH_GP_RECIP(gp), decodedParams.recip.length, decodedParams.recip.data))
goto errOut;
CCZP_MOD_PRIME(gp.zp) = cczp_mod;
} else {
cczp_init(gp.zp);
};
if(ccn_read_uint(n, CCDH_GP_G(gp), decodedParams.g.length, decodedParams.g.data))
goto errOut;
*pdh = (SecDHContext) context;
return errSecSuccess;
errOut:
SecDHDestroy(context);
*pdh = NULL;
return errSecInvalidKey;
}
