CipherKeyImpl::CipherKeyImpl(const std::string& name):
_pCipher(0),
_name(name),
_key(),
_iv()
{
// dummy access to Cipherfactory so that the EVP lib is initilaized
CipherFactory::defaultFactory();
_pCipher = EVP_get_cipherbyname(name.c_str());
if (!_pCipher)
throw Poco::NotFoundException("Cipher " + name + " was not found");
_key = ByteVec(keySize());
_iv = ByteVec(ivSize());
generateKey();
}
int QSmartCardPrivate::rsa_sign( int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, const RSA *rsa )
{
if( type != NID_md5_sha1 && m_len != 36 )
return 0;
QSmartCardPrivate *d = (QSmartCardPrivate*)RSA_get_app_data( rsa );
if ( !d )
return 0;
try
{
ByteVec vec = d->card->sign( ByteVec( m, m + m_len ), EstEidCard::SSL, EstEidCard::AUTH );
if( vec.size() == 0 )
return 0;
*siglen = (unsigned int)vec.size();
memcpy( sigret, &vec[0], vec.size() );
return 1;
}
catch( const std::runtime_error &e )
{
qDebug() << Q_FUNC_INFO << e.what();
}
return 0;
}
void EstEIDKeyHandle::generateSignature(const Context &context,
CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature) {
FLOG;
_log("EstEIDKeyHandle::generateSignature alg: %u signOnly: %u",
context.algorithm(), signOnly);
IFDUMPING("esteid.tokend", context.dump("signature context"));
if (context.type() != CSSM_ALGCLASS_SIGNATURE)
CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
if (context.algorithm() != CSSM_ALGID_RSA)
CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
if (signOnly == CSSM_ALGID_NONE) {
// Special case used by SSL it's an RSA signature, without the ASN1
// stuff
_log("SSL signature request");
}
else
CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);
#if !defined(NDEBUG)
context.dump("signature context");
#endif
uint32 padding = CSSM_PADDING_PKCS1;
context.getInt(CSSM_ATTRIBUTE_PADDING, padding);
if (padding != CSSM_PADDING_PKCS1)
CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
try {
ByteVec result = mToken.getCard().sign(ByteVec(input.Data, input.Data + input.Length), EstEIDManager::SSL, EstEIDManager::AUTH);
unsigned char *outputData = reinterpret_cast<unsigned char *>(malloc(result.size()));
memcpy(outputData, &result[0], result.size());
signature.Data = outputData;
signature.Length = result.size();
} catch(std::runtime_error &err) {
_log("exception while signing");
CssmError::throwMe(CSSMERR_CSP_FUNCTION_FAILED);
}
}
