#include "secCrypto.h"
#include <Security/Security.h>
#include <Security/SecKeyPriv.h>
#include <AssertMacros.h>
static
SecAsn1Oid oidForSSLHash(SSL_HashAlgorithm hash)
{
switch (hash) {
case SSL_HashAlgorithmSHA1:
return CSSMOID_SHA1WithRSA;
case SSL_HashAlgorithmSHA256:
return CSSMOID_SHA256WithRSA;
case SSL_HashAlgorithmSHA384:
return CSSMOID_SHA384WithRSA;
default:
break;
}
assert(0);
return CSSMOID_MD5WithRSA;
}
static
int mySSLPrivKeyRSA_sign(void *key, SSL_HashAlgorithm hash, const uint8_t *plaintext, size_t plaintextLen, uint8_t *sig, size_t *sigLen)
{
SecKeyRef keyRef = key;
if(hash == SSL_HashAlgorithmNone) {
return SecKeyRawSign(keyRef, kSecPaddingPKCS1, plaintext, plaintextLen, sig, sigLen);
} else {
SecAsn1AlgId algId;
algId.algorithm = oidForSSLHash(hash);
return SecKeySignDigest(keyRef, &algId, plaintext, plaintextLen, sig, sigLen);
}
}
static
int mySSLPrivKeyRSA_decrypt(void *key, const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext, size_t *plaintextLen)
{
SecKeyRef keyRef = key;
return SecKeyDecrypt(keyRef, kSecPaddingPKCS1, ciphertext, ciphertextLen, plaintext, plaintextLen);
}