libsec: export asn1encodedigest(), asn1encodeRSApub(), asn1toRSApub(), pkcs1padbuf() and pkcs1unpadbuf()
This commit is contained in:
cinap_lenrek
parent
5f42da1535
commit
8a67560183
3 changed files with 55 additions and 21 deletions
|
|
@ -355,6 +355,7 @@ RSApriv* rsaprivalloc(void);
|
|||
void rsaprivfree(RSApriv*);
|
||||
RSApub* rsaprivtopub(RSApriv*);
|
||||
RSApub* X509toRSApub(uchar*, int, char*, int);
|
||||
RSApub* asn1toRSApub(uchar*, int);
|
||||
RSApriv* asn1toRSApriv(uchar*, int);
|
||||
void asn1dump(uchar *der, int len);
|
||||
uchar* decodePEM(char *s, char *type, int *len, char **new_s);
|
||||
|
|
@ -366,6 +367,13 @@ char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestle
|
|||
|
||||
void X509dump(uchar *cert, int ncert);
|
||||
|
||||
mpint* pkcs1padbuf(uchar *buf, int len, mpint *modulus, int blocktype);
|
||||
int pkcs1unpadbuf(uchar *buf, int len, mpint *modulus, int blocktype);
|
||||
int asn1encodeRSApub(RSApub *pk, uchar *buf, int len);
|
||||
int asn1encodedigest(DigestState* (*fun)(uchar*, ulong, uchar*, DigestState*),
|
||||
uchar *digest, uchar *buf, int len);
|
||||
|
||||
|
||||
/*
|
||||
* elgamal
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -445,11 +445,6 @@ static Ints* newints(int len);
|
|||
static void freeints(Ints* b);
|
||||
static int lookupid(Ints* b, int id);
|
||||
|
||||
/* x509.c */
|
||||
extern mpint* pkcs1padbuf(uchar *buf, int len, mpint *modulus, int blocktype);
|
||||
extern int pkcs1unpadbuf(uchar *buf, int len, mpint *modulus, int blocktype);
|
||||
extern int asn1encodedigest(DigestState* (*fun)(uchar*, ulong, uchar*, DigestState*), uchar *digest, uchar *buf, int len);
|
||||
|
||||
//================= client/server ========================
|
||||
|
||||
// push TLS onto fd, returning new (application) file descriptor
|
||||
|
|
|
|||
|
|
@ -1971,15 +1971,15 @@ errret:
|
|||
* publicExponent INTEGER
|
||||
* }
|
||||
*/
|
||||
static RSApub*
|
||||
decode_rsapubkey(Bytes* a)
|
||||
RSApub*
|
||||
asn1toRSApub(uchar *buf, int len)
|
||||
{
|
||||
Elem e;
|
||||
Elist *el;
|
||||
RSApub* key;
|
||||
|
||||
key = nil;
|
||||
if(decode(a->data, a->len, &e) != ASN_OK)
|
||||
if(decode(buf, len, &e) != ASN_OK)
|
||||
goto errret;
|
||||
if(!is_seq(&e, &el) || elistlen(el) != 2)
|
||||
goto errret;
|
||||
|
|
@ -1997,6 +1997,13 @@ errret:
|
|||
freevalfields(&e.val);
|
||||
rsapubfree(key);
|
||||
return nil;
|
||||
|
||||
}
|
||||
|
||||
static RSApub*
|
||||
decode_rsapubkey(Bytes* a)
|
||||
{
|
||||
return asn1toRSApub(a->data, a->len);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
@ -2777,12 +2784,40 @@ splitalts(char *s)
|
|||
return nil;
|
||||
}
|
||||
|
||||
static Bytes*
|
||||
encode_rsapubkey(RSApub *pk)
|
||||
{
|
||||
Bytes *b = nil;
|
||||
Elem e = mkseq(
|
||||
mkel(mkbigint(pk->n),
|
||||
mkel(mpsignif(pk->ek)<32 ? mkint(mptoi(pk->ek)) : mkbigint(pk->ek),
|
||||
nil)));
|
||||
encode(e, &b);
|
||||
freevalfields(&e.val);
|
||||
return b;
|
||||
}
|
||||
|
||||
int
|
||||
asn1encodeRSApub(RSApub *pk, uchar *buf, int len)
|
||||
{
|
||||
Bytes *b = encode_rsapubkey(pk);
|
||||
if(b == nil)
|
||||
return -1;
|
||||
if(b->len > len){
|
||||
freebytes(b);
|
||||
werrstr("buffer too small");
|
||||
return -1;
|
||||
}
|
||||
memmove(buf, b->data, len = b->len);
|
||||
freebytes(b);
|
||||
return len;
|
||||
}
|
||||
|
||||
uchar*
|
||||
X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen)
|
||||
{
|
||||
int serial = 0, sigalg = ALG_sha256WithRSAEncryption;
|
||||
uchar *cert = nil;
|
||||
RSApub *pk = rsaprivtopub(priv);
|
||||
Bytes *certbytes, *pkbytes, *certinfobytes, *sigbytes;
|
||||
Elem e, certinfo;
|
||||
DigestAlg *da;
|
||||
|
|
@ -2791,14 +2826,12 @@ X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen)
|
|||
mpint *pkcs1;
|
||||
char *alts;
|
||||
|
||||
if((pkbytes = encode_rsapubkey(&priv->pub)) == nil)
|
||||
return nil;
|
||||
|
||||
subj = estrdup(subj);
|
||||
alts = splitalts(subj);
|
||||
|
||||
e = mkseq(mkel(mkbigint(pk->n),mkel(mkint(mptoi(pk->ek)),nil)));
|
||||
if(encode(e, &pkbytes) != ASN_OK)
|
||||
goto errret;
|
||||
freevalfields(&e.val);
|
||||
|
||||
e = mkseq(
|
||||
mkel(mkcont(mkint(2), 0),
|
||||
mkel(mkint(serial),
|
||||
|
|
@ -2826,7 +2859,7 @@ X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen)
|
|||
sigbytes = encode_digest(da, digest);
|
||||
if(sigbytes == nil)
|
||||
goto errret;
|
||||
pkcs1 = pkcs1padbuf(sigbytes->data, sigbytes->len, pk->n, 1);
|
||||
pkcs1 = pkcs1padbuf(sigbytes->data, sigbytes->len, priv->pub.n, 1);
|
||||
freebytes(sigbytes);
|
||||
if(pkcs1 == nil)
|
||||
goto errret;
|
||||
|
|
@ -2860,7 +2893,6 @@ X509rsareq(RSApriv *priv, char *subj, int *certlen)
|
|||
/* RFC 2314, PKCS #10 Certification Request Syntax */
|
||||
int version = 0, sigalg = ALG_sha256WithRSAEncryption;
|
||||
uchar *cert = nil;
|
||||
RSApub *pk = rsaprivtopub(priv);
|
||||
Bytes *certbytes, *pkbytes, *certinfobytes, *sigbytes;
|
||||
Elem e, certinfo;
|
||||
DigestAlg *da;
|
||||
|
|
@ -2869,13 +2901,12 @@ X509rsareq(RSApriv *priv, char *subj, int *certlen)
|
|||
mpint *pkcs1;
|
||||
char *alts;
|
||||
|
||||
if((pkbytes = encode_rsapubkey(&priv->pub)) == nil)
|
||||
return nil;
|
||||
|
||||
subj = estrdup(subj);
|
||||
alts = splitalts(subj);
|
||||
|
||||
e = mkseq(mkel(mkbigint(pk->n),mkel(mkint(mptoi(pk->ek)),nil)));
|
||||
if(encode(e, &pkbytes) != ASN_OK)
|
||||
goto errret;
|
||||
freevalfields(&e.val);
|
||||
e = mkseq(
|
||||
mkel(mkint(version),
|
||||
mkel(mkDN(subj),
|
||||
|
|
@ -2895,7 +2926,7 @@ X509rsareq(RSApriv *priv, char *subj, int *certlen)
|
|||
sigbytes = encode_digest(da, digest);
|
||||
if(sigbytes == nil)
|
||||
goto errret;
|
||||
pkcs1 = pkcs1padbuf(sigbytes->data, sigbytes->len, pk->n, 1);
|
||||
pkcs1 = pkcs1padbuf(sigbytes->data, sigbytes->len, priv->pub.n, 1);
|
||||
freebytes(sigbytes);
|
||||
if(pkcs1 == nil)
|
||||
goto errret;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue