#include "ssl.h"
#include "sslMemory.h"
#include "sslDebug.h"
#include "sslBER.h"
#include "appleCdsa.h"
#include <string.h>
#include <Security/cssmdata.h>
#include <SecurityNssAsn1/SecNssCoder.h>
#include <SecurityNssAsn1/keyTemplates.h>
OSStatus sslDecodeRsaBlob(
const SSLBuffer *blob,
SSLBuffer *modulus,
SSLBuffer *exponent)
{
OSStatus srtn;
assert(blob != NULL);
assert(modulus != NULL);
assert(exponent != NULL);
NSS_RSAPublicKeyPKCS1 nssPubKey;
SecNssCoder coder;
memset(&nssPubKey, 0, sizeof(nssPubKey));
PRErrorCode perr = coder.decode(blob->data, blob->length,
NSS_RSAPublicKeyPKCS1Template, &nssPubKey);
if(perr) {
return errSSLBadCert;
}
srtn = SSLCopyBufferFromData(nssPubKey.modulus.Data,
nssPubKey.modulus.Length, *modulus);
if(srtn) {
return srtn;
}
return SSLCopyBufferFromData(nssPubKey.publicExponent.Data,
nssPubKey.publicExponent.Length, *exponent);
}
OSStatus sslEncodeRsaBlob(
const SSLBuffer *modulus,
const SSLBuffer *exponent,
SSLBuffer *blob)
{
assert((modulus != NULL) && (exponent != NULL));
blob->data = NULL;
blob->length = 0;
NSS_RSAPublicKeyPKCS1 nssPubKey;
SSLBUF_TO_CSSM(modulus, &nssPubKey.modulus);
SSLBUF_TO_CSSM(exponent, &nssPubKey.publicExponent);
SecNssCoder coder;
CSSM_DATA encBlob;
PRErrorCode perr;
perr = coder.encodeItem(&nssPubKey, NSS_RSAPublicKeyPKCS1Template, encBlob);
if(perr) {
return memFullErr;
}
return SSLCopyBufferFromData(encBlob.Data, encBlob.Length, *blob);
}
OSStatus sslDecodeDhParams(
const SSLBuffer *blob,
SSLBuffer *prime,
SSLBuffer *generator)
{
assert(blob != NULL);
assert(prime != NULL);
assert(generator != NULL);
PRErrorCode perr;
NSS_DHParameterBlock paramBlock;
SecNssCoder coder;
CSSM_DATA cblob;
memset(¶mBlock, 0, sizeof(paramBlock));
SSLBUF_TO_CSSM(blob, &cblob);
perr = coder.decodeItem(cblob, NSS_DHParameterTemplate,
¶mBlock.params);
if(perr) {
memset(¶mBlock, 0, sizeof(paramBlock));
perr = coder.decodeItem(cblob, NSS_DHParameterBlockTemplate,
¶mBlock);
if(perr) {
sslErrorLog("sslDecodeDhParams: both CDSA and openssl format"
"failed\n");
return errSSLCrypto;
}
}
NSS_DHParameter ¶m = paramBlock.params;
OSStatus ortn = SSLCopyBufferFromData(param.prime.Data,
param.prime.Length, *prime);
if(ortn) {
return ortn;
}
return SSLCopyBufferFromData(param.base.Data,
param.base.Length, *generator);
}
OSStatus sslEncodeDhParams(
const SSLBuffer *prime,
const SSLBuffer *generator,
SSLBuffer *blob)
{
assert((prime != NULL) && (generator != NULL));
blob->data = NULL;
blob->length = 0;
NSS_DHParameter dhParams;
SSLBUF_TO_CSSM(prime, &dhParams.prime);
SSLBUF_TO_CSSM(generator, &dhParams.base);
dhParams.privateValueLength.Data = NULL;
dhParams.privateValueLength.Length = 0;
SecNssCoder coder;
CSSM_DATA encBlob;
PRErrorCode perr;
perr = coder.encodeItem(&dhParams, NSS_DHParameterTemplate, encBlob);
if(perr) {
return memFullErr;
}
return SSLCopyBufferFromData(encBlob.Data, encBlob.Length, *blob);
}