#include <stdlib.h>
#include <stdio.h>
#include <time.h>
#include <string.h>
#include "bsafeUtils.h"
#include <Security/cssmerr.h>
#include "common.h"
#if 0
static inline void buItemToCssmData(
const ITEM *item,
CSSM_DATA_PTR cdata)
{
cdata->Data = item->data;
cdata->Length = item->len;
}
static inline void buCssmDataToItem(
const CSSM_DATA *cdata,
ITEM *item)
{
item->data = cdata->Data;
item->len = cdata->Length;
}
B_ALGORITHM_METHOD *BSAFE_ALGORITHM_CHOOSER[] = {
&AM_SHA,
&AM_MD5,
&AM_MD2,
&AM_CBC_ENCRYPT,
&AM_CBC_DECRYPT,
&AM_ECB_ENCRYPT,
&AM_ECB_DECRYPT,
&AM_OFB_ENCRYPT,
&AM_OFB_DECRYPT,
&AM_DES_ENCRYPT,
&AM_DES_DECRYPT,
&AM_DESX_ENCRYPT,
&AM_DESX_DECRYPT,
&AM_DES_EDE_ENCRYPT,
&AM_DES_EDE_DECRYPT,
&AM_RC2_CBC_ENCRYPT,
&AM_RC2_CBC_DECRYPT,
&AM_RC2_ENCRYPT,
&AM_RC2_DECRYPT,
&AM_RC4_ENCRYPT,
&AM_RC4_DECRYPT,
&AM_RC5_ENCRYPT,
&AM_RC5_DECRYPT,
&AM_RC5_CBC_ENCRYPT,
&AM_RC5_CBC_DECRYPT,
&AM_RSA_STRONG_KEY_GEN,
&AM_RSA_KEY_GEN,
&AM_RSA_CRT_ENCRYPT_BLIND,
&AM_RSA_CRT_DECRYPT_BLIND,
&AM_RSA_ENCRYPT,
&AM_RSA_DECRYPT,
&AM_DSA_PARAM_GEN,
&AM_DSA_KEY_GEN,
&AM_DSA_SIGN,
&AM_DSA_VERIFY,
&AM_MD5_RANDOM,
&AM_SHA_RANDOM,
(B_ALGORITHM_METHOD *)NULL_PTR
};
static CSSM_RETURN buBsafeErrToCssm(
int brtn,
const char *op)
{
const char *errStr = NULL;
CSSM_RETURN crtn;
switch (brtn) {
case 0:
return CSSM_OK;
case BE_ALLOC:
crtn = CSSMERR_CSSM_MEMORY_ERROR;
errStr = "BE_ALLOC";
break;
case BE_SIGNATURE:
crtn = CSSMERR_CSP_VERIFY_FAILED;
errStr = "BE_SIGNATURE";
break;
case BE_OUTPUT_LEN:
crtn = CSSMERR_CSP_OUTPUT_LENGTH_ERROR;
errStr = "BE_OUTPUT_LEN";
break;
case BE_INPUT_LEN:
crtn = CSSMERR_CSP_INPUT_LENGTH_ERROR;
errStr = "BE_INPUT_LEN";
break;
case BE_EXPONENT_EVEN:
crtn = CSSMERR_CSP_INVALID_KEY;
errStr = "BE_EXPONENT_EVEN";
break;
case BE_EXPONENT_LEN:
crtn = CSSMERR_CSP_INVALID_KEY;
errStr = "BE_EXPONENT_LEN";
break;
case BE_EXPONENT_ONE:
crtn = CSSMERR_CSP_INVALID_KEY;
errStr = "BE_EXPONENT_ONE";
break;
case BE_DATA:
crtn = CSSMERR_CSP_INVALID_DATA;
errStr = "BE_DATA";
break;
case BE_INPUT_DATA:
crtn = CSSMERR_CSP_INVALID_DATA;
errStr = "BE_INPUT_DATA";
break;
case BE_WRONG_KEY_INFO:
crtn = CSSMERR_CSP_INVALID_KEY;
errStr = "BE_WRONG_KEY_INFO";
break;
default:
crtn = CSSM_ERRCODE_INTERNAL_ERROR;
errStr = "Other BSAFE error";
break;
}
if(op != NULL) {
printf("%s: BSAFE error %d (%s)\n", op, brtn, errStr);
}
return crtn;
}
static B_ALGORITHM_OBJ bsafeRng = NULL;
#define BSAFE_RANDSIZE 64
static B_ALGORITHM_OBJ buGetRng()
{
int brtn;
uint8 seed[BSAFE_RANDSIZE];
if(bsafeRng != NULL) {
return bsafeRng;
}
brtn = B_CreateAlgorithmObject(&bsafeRng);
if(brtn) {
buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject(&bsafeRng)");
return NULL;
}
brtn = B_SetAlgorithmInfo(bsafeRng, AI_X962Random_V0, NULL_PTR);
if(brtn) {
buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(bsafeRng)");
return NULL;
}
brtn = B_RandomInit(bsafeRng, BSAFE_ALGORITHM_CHOOSER, NULL);
if(brtn) {
buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(bsafeRng)");
return NULL;
}
appGetRandomBytes(seed, BSAFE_RANDSIZE);
brtn = B_RandomUpdate(bsafeRng, seed, BSAFE_RANDSIZE, NULL);
if(brtn) {
buBsafeErrToCssm(brtn, "B_RandomUpdate");
return NULL;
}
return bsafeRng;
}
#endif
CSSM_RETURN buGenSymKey(
uint32 keySizeInBits,
const CSSM_DATA *keyData,
BU_KEY *key) {
#if 0
int brtn;
B_KEY_OBJ bkey = NULL;
ITEM item;
unsigned keyBytes = (keySizeInBits + 7) / 8;
if(keyBytes > keyData->Length) {
printf("***buGenSymKey: Insufficient keyData\n");
return CSSM_ERRCODE_INTERNAL_ERROR;
}
brtn = B_CreateKeyObject(&bkey);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateKeyObject");
}
item.data = keyData->Data;
item.len = keyBytes;
brtn = B_SetKeyInfo(bkey, KI_Item, (POINTER)&item);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_SetKeyInfo");
}
else {
*key = bkey;
return CSSM_OK;
}
#endif
return 0;
}
CSSM_RETURN buGenKeyPair(
uint32 keySizeInBits,
CSSM_ALGORITHMS keyAlg, BU_KEY *pubKey, BU_KEY *privKey) {
#if 0 // NO MORE BSAFE
int brtn;
B_KEY_OBJ bPubkey = NULL;
B_KEY_OBJ bPrivkey = NULL;
B_ALGORITHM_OBJ keypairGen = NULL;
const char *op = NULL;
A_RSA_KEY_GEN_PARAMS params;
unsigned char exp[1] = { 3 };
B_ALGORITHM_OBJ genDsaAlg = NULL;
B_ALGORITHM_OBJ dsaResult = NULL;
B_DSA_PARAM_GEN_PARAMS dsaParams;
A_DSA_PARAMS *kParams = NULL;
brtn = B_CreateAlgorithmObject(&keypairGen);
if(brtn) {
return CSSMERR_CSSM_MEMORY_ERROR;
}
brtn = B_CreateKeyObject(&bPubkey);
if(brtn) {
op ="B_CreateKeyObject";
goto abort;
}
brtn = B_CreateKeyObject(&bPrivkey);
if(brtn) {
op ="B_CreateKeyObject";
goto abort;
}
switch(keyAlg) {
case CSSM_ALGID_RSA:
{
params.modulusBits = keySizeInBits;
params.publicExponent.data = exp;
params.publicExponent.len = 1;
brtn = B_SetAlgorithmInfo(keypairGen, AI_RSAKeyGen,
(POINTER)¶ms);
if(brtn) {
op ="B_SetAlgorithmInfo(AI_RSAKeyGen)";
}
break;
}
case CSSM_ALGID_DSA:
{
brtn = B_CreateAlgorithmObject(&genDsaAlg);
if(brtn) {
op ="B_CreateAlgorithmObject";
break;
}
dsaParams.primeBits = keySizeInBits;
brtn = B_SetAlgorithmInfo(genDsaAlg, AI_DSAParamGen, (POINTER)&dsaParams);
if(brtn) {
op = "B_SetAlgorithmInfo(AI_DSAParamGen)";
break;
}
brtn = B_GenerateInit(genDsaAlg, BSAFE_ALGORITHM_CHOOSER, NULL);
if(brtn) {
op = "B_GenerateInit(AI_DSAParamGen)";
break;
}
brtn = B_CreateAlgorithmObject(&dsaResult);
if(brtn) {
op = "B_CreateAlgorithmObject";
break;
}
brtn = B_GenerateParameters(genDsaAlg, dsaResult, buGetRng(), NULL);
if(brtn) {
op = "B_GenerateParameters";
break;
}
brtn = B_GetAlgorithmInfo((POINTER *)&kParams, dsaResult, AI_DSAKeyGen);
if(brtn) {
op = "B_GetAlgorithmInfo(AI_DSAKeyGen)";
break;
}
brtn = B_SetAlgorithmInfo(keypairGen, AI_DSAKeyGen, (POINTER)kParams);
if(brtn) {
op ="B_SetAlgorithmInfo(AI_DSAKeyGen)";
}
break;
}
default:
printf("buGenKeyPair: algorithm not supported\n");
return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
}
if(brtn) {
goto abort;
}
brtn = B_GenerateInit(keypairGen,
BSAFE_ALGORITHM_CHOOSER,
(A_SURRENDER_CTX *)NULL);
if(brtn) {
op = "B_GenerateInit";
goto abort;
}
brtn = B_GenerateKeypair(keypairGen,
bPubkey,
bPrivkey,
buGetRng(),
NULL);
if(brtn) {
op = "B_GenerateInit";
}
abort:
B_DestroyAlgorithmObject(&keypairGen);
B_DestroyAlgorithmObject(&genDsaAlg);
B_DestroyAlgorithmObject(&dsaResult);
if(brtn) {
B_DestroyKeyObject(&bPubkey);
B_DestroyKeyObject(&bPrivkey);
return buBsafeErrToCssm(brtn, op);
}
else {
*pubKey = bPubkey;
*privKey = bPrivkey;
return CSSM_OK;
}
#endif
return CSSM_OK;
}
CSSM_RETURN buFreeKey(
BU_KEY key)
{
#if 0 // NO MORE BSAFE
B_KEY_OBJ bkey = (B_KEY_OBJ)key;
B_DestroyKeyObject(&bkey);
#endif
return CSSM_OK;
}
CSSM_RETURN buEncryptDecrypt(
BU_KEY key,
CSSM_BOOL forEncrypt,
CSSM_ALGORITHMS encrAlg,
CSSM_ENCRYPT_MODE mode, const CSSM_DATA *iv, uint32 effectiveKeyBits, uint32 rounds, const CSSM_DATA *inData,
CSSM_DATA_PTR outData) {
#if 0 // NO MORE BSAFE
B_ALGORITHM_OBJ alg;
int brtn;
char fbCipher = 1;
uint32 blockSize = 0;
unsigned outBufLen;
unsigned bytesMoved;
CSSM_RETURN crtn;
char useIv;
ITEM bsIv;
B_BLK_CIPHER_W_FEEDBACK_PARAMS spec;
A_RC5_PARAMS rc5Params;
A_RC2_PARAMS rc2Params;
brtn = B_CreateAlgorithmObject(&alg);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
}
switch(encrAlg) {
case CSSM_ALGID_RC4:
brtn = B_SetAlgorithmInfo(alg, AI_RC4, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
goto abort;
}
fbCipher = 0;
break;
case CSSM_ALGID_RSA:
if(forEncrypt) {
brtn = B_SetAlgorithmInfo(alg, AI_PKCS_RSAPublic, NULL);
}
else {
brtn = B_SetAlgorithmInfo(alg, AI_PKCS_RSAPrivate, NULL);
}
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo(RSA)");
goto abort;
}
blockSize = (effectiveKeyBits + 7) / 8;
fbCipher = 0;
break;
case CSSM_ALGID_DES:
spec.encryptionMethodName = (POINTER)"des";
blockSize = 8;
break;
case CSSM_ALGID_DESX:
spec.encryptionMethodName = (POINTER)"desx";
blockSize = 8;
break;
case CSSM_ALGID_3DES_3KEY_EDE:
spec.encryptionMethodName = (POINTER)"des_ede";
blockSize = 8;
break;
case CSSM_ALGID_RC5:
spec.encryptionMethodName = (POINTER)"rc5";
spec.encryptionParams = (POINTER)&rc5Params;
rc5Params.version = 0x10;
rc5Params.rounds = rounds;
rc5Params.wordSizeInBits = 32;
blockSize = 8;
break;
case CSSM_ALGID_RC2:
spec.encryptionMethodName = (POINTER)"rc2";
spec.encryptionParams = (POINTER)&rc2Params;
rc2Params.effectiveKeyBits = effectiveKeyBits;
blockSize = 8;
break;
default:
printf("buEncryptDecrypt: unknown algorithm\n");
return CSSM_ERRCODE_INTERNAL_ERROR;
}
if(fbCipher) {
useIv = 1; switch(mode) {
case CSSM_ALGMODE_CBCPadIV8:
spec.feedbackMethodName = (POINTER)"cbc";
spec.paddingMethodName = (POINTER)"pad";
break;
case CSSM_ALGMODE_CBC_IV8:
spec.feedbackMethodName = (POINTER)"cbc";
spec.paddingMethodName = (POINTER)"nopad";
break;
case CSSM_ALGMODE_OFB_IV8:
spec.feedbackMethodName = (POINTER)"cbc";
spec.paddingMethodName = (POINTER)"nopad";
break;
case CSSM_ALGMODE_ECB:
spec.feedbackMethodName = (POINTER)"ecb";
spec.paddingMethodName = (POINTER)"nopad";
break;
default:
printf("buEncryptDecrypt: unknown mode\n");
return CSSM_ERRCODE_INTERNAL_ERROR;
}
if(useIv && (iv != NULL)) {
buCssmDataToItem(iv, &bsIv);
spec.feedbackParams = (POINTER)&bsIv;
}
brtn = B_SetAlgorithmInfo(alg, AI_FeedbackCipher, (POINTER)&spec);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
goto abort;
}
}
if(forEncrypt) {
outBufLen = inData->Length + blockSize;
}
else {
outBufLen = inData->Length;
}
outData->Length = 0;
outData->Data = NULL;
crtn = appSetupCssmData(outData, outBufLen);
if(crtn) {
goto abort;
}
if(forEncrypt) {
brtn = B_EncryptInit(alg,
(B_KEY_OBJ)key,
BSAFE_ALGORITHM_CHOOSER,
(A_SURRENDER_CTX *)NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_EncryptInit");
goto abort;
}
brtn = B_EncryptUpdate(alg,
outData->Data,
&bytesMoved,
outBufLen,
inData->Data,
inData->Length,
buGetRng(), NULL); if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_EncryptInit");
goto abort;
}
outData->Length = bytesMoved;
brtn = B_EncryptFinal(alg,
outData->Data + bytesMoved,
&bytesMoved,
outBufLen - outData->Length,
buGetRng(), NULL); if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_EncryptFinal");
goto abort;
}
outData->Length += bytesMoved;
crtn = CSSM_OK;
}
else {
brtn = B_DecryptInit(alg,
(B_KEY_OBJ)key,
BSAFE_ALGORITHM_CHOOSER,
(A_SURRENDER_CTX *)NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DecryptInit");
goto abort;
}
brtn = B_DecryptUpdate(alg,
outData->Data,
&bytesMoved,
outBufLen,
inData->Data,
inData->Length,
NULL, NULL); if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DecryptUpdate");
goto abort;
}
outData->Length = bytesMoved;
brtn = B_DecryptFinal(alg,
outData->Data + bytesMoved,
&bytesMoved,
outBufLen - outData->Length,
NULL, NULL); if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DecryptFinal");
goto abort;
}
outData->Length += bytesMoved;
crtn = CSSM_OK;
}
abort:
B_DestroyAlgorithmObject(&alg);
#endif
return 0; }
#if 0
static CSSM_RETURN cssmSigAlgToInfoType(
CSSM_ALGORITHMS cssmAlg,
B_INFO_TYPE *infoType)
{
switch(cssmAlg) {
case CSSM_ALGID_SHA1WithRSA:
*infoType = AI_SHA1WithRSAEncryption;
break;
case CSSM_ALGID_MD5WithRSA:
*infoType = AI_MD5WithRSAEncryption;
break;
case CSSM_ALGID_SHA1WithDSA:
*infoType = AI_DSAWithSHA1;
break;
default:
printf("cssmSigAlgToInfoType: unknown algorithm\n");
return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
}
return CSSM_OK;
}
#endif
CSSM_RETURN buSign(
BU_KEY key,
CSSM_ALGORITHMS sigAlg,
const CSSM_DATA *ptext,
uint32 keySizeInBits, CSSM_DATA_PTR sig) {
#if 0 // NO MORE BSAFE
B_ALGORITHM_OBJ alg = NULL;
int brtn;
B_INFO_TYPE infoType;
CSSM_RETURN crtn;
unsigned sigBytes;
brtn = B_CreateAlgorithmObject(&alg);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
}
crtn = cssmSigAlgToInfoType(sigAlg, &infoType);
if(crtn) {
return crtn;
}
brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
goto abort;
}
brtn = B_SignInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SignInit");
goto abort;
}
brtn = B_SignUpdate(alg, ptext->Data, ptext->Length, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SignUpdate");
goto abort;
}
sigBytes = (keySizeInBits + 7) / 8;
sig->Data = (uint8 *)CSSM_MALLOC(sigBytes);
sig->Length = sigBytes;
brtn = B_SignFinal(alg, sig->Data, &sigBytes, sigBytes, buGetRng(), NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SignFinal");
goto abort;
}
sig->Length = sigBytes;
crtn = CSSM_OK;
abort:
B_DestroyAlgorithmObject(&alg);
#endif
return 0;}
CSSM_RETURN buVerify(
BU_KEY key,
CSSM_ALGORITHMS sigAlg,
const CSSM_DATA *ptext,
const CSSM_DATA *sig) {
#if 0 // NO MORE BSAFE
B_ALGORITHM_OBJ alg = NULL;
int brtn;
B_INFO_TYPE infoType;
CSSM_RETURN crtn;
brtn = B_CreateAlgorithmObject(&alg);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
}
crtn = cssmSigAlgToInfoType(sigAlg, &infoType);
if(crtn) {
return crtn;
}
brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
goto abort;
}
brtn = B_VerifyInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_VerifyInit");
goto abort;
}
brtn = B_VerifyUpdate(alg, ptext->Data, ptext->Length, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_VerifyUpdate");
goto abort;
}
brtn = B_VerifyFinal(alg, sig->Data, sig->Length, buGetRng(), NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_VerifyFinal");
goto abort;
}
crtn = CSSM_OK;
abort:
B_DestroyAlgorithmObject(&alg);
return crtn;
#endif
return 0;
}
#define MAX_MAC_SIZE 20
CSSM_RETURN buGenMac(
BU_KEY key, CSSM_ALGORITHMS macAlg, const CSSM_DATA *ptext,
unsigned *updateSizes, CSSM_DATA_PTR mac) {
#if 0 // NO MORE BSAFE
B_ALGORITHM_OBJ alg = NULL;
int brtn;
CSSM_RETURN crtn;
B_DIGEST_SPECIFIER digestInfo;
B_INFO_TYPE infoType;
unsigned macBytes;
brtn = B_CreateAlgorithmObject(&alg);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
}
switch(macAlg) {
case CSSM_ALGID_SHA1HMAC:
case CSSM_ALGID_SHA1HMAC_LEGACY:
digestInfo.digestInfoType = AI_SHA1;
infoType = AI_HMAC;
break;
default:
printf("buGenMac: alg not supported\n");
return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
}
digestInfo.digestInfoParams = NULL;
brtn = B_SetAlgorithmInfo(alg, infoType, (POINTER)&digestInfo);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
goto abort;
}
brtn = B_DigestInit(alg, (B_KEY_OBJ)key, BSAFE_ALGORITHM_CHOOSER, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestInit");
goto abort;
}
if(updateSizes) {
uint8 *currData = ptext->Data;
while(*updateSizes) {
brtn = B_DigestUpdate(alg, currData, *updateSizes, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
goto abort;
}
currData += *updateSizes;
updateSizes++;
}
}
else {
brtn = B_DigestUpdate(alg, ptext->Data, ptext->Length, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
goto abort;
}
}
macBytes = MAX_MAC_SIZE;
mac->Data = (uint8 *)CSSM_MALLOC(macBytes);
mac->Length = macBytes;
brtn = B_DigestFinal(alg, mac->Data, &macBytes, macBytes, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestFinal");
goto abort;
}
mac->Length = macBytes;
crtn = CSSM_OK;
abort:
B_DestroyAlgorithmObject(&alg);
return crtn;
#endif
return 0;
}
#define MAX_DIGEST_SIZE 20
CSSM_RETURN buGenDigest(
CSSM_ALGORITHMS macAlg, const CSSM_DATA *ptext,
CSSM_DATA_PTR digest) {
#if 0 // NO MORE BSAFE
B_ALGORITHM_OBJ alg = NULL;
int brtn;
CSSM_RETURN crtn;
B_INFO_TYPE infoType;
unsigned hashBytes;
brtn = B_CreateAlgorithmObject(&alg);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateAlgorithmObject");
}
switch(macAlg) {
case CSSM_ALGID_SHA1:
infoType = AI_SHA1;
break;
case CSSM_ALGID_MD5:
infoType = AI_MD5;
break;
case CSSM_ALGID_MD2:
infoType = AI_MD2;
break;
default:
printf("buGenDigest: alg not supported\n");
return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
}
brtn = B_SetAlgorithmInfo(alg, infoType, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_SetAlgorithmInfo");
goto abort;
}
brtn = B_DigestInit(alg, NULL, BSAFE_ALGORITHM_CHOOSER, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestInit");
goto abort;
}
brtn = B_DigestUpdate(alg, ptext->Data, ptext->Length, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestUpdate");
goto abort;
}
hashBytes = MAX_DIGEST_SIZE;
digest->Data = (uint8 *)CSSM_MALLOC(hashBytes);
digest->Length = hashBytes;
brtn = B_DigestFinal(alg, digest->Data, &hashBytes, hashBytes, NULL);
if(brtn) {
crtn = buBsafeErrToCssm(brtn, "B_DigestFinal");
goto abort;
}
digest->Length = hashBytes;
crtn = CSSM_OK;
abort:
B_DestroyAlgorithmObject(&alg);
return crtn;
#else
return 0;
#endif
}
CSSM_RETURN buBsafePrivKeyToCdsa(
CSSM_ALGORITHMS keyAlg,
uint32 keySizeInBits,
BU_KEY bsafePrivKey,
CSSM_KEY_PTR cdsaPrivKey)
{
#if 0 // NO MORE BSAFE
B_INFO_TYPE infoType;
ITEM *keyBlob;
int brtn;
CSSM_KEYBLOB_FORMAT format;
CSSM_KEYHEADER_PTR hdr = &cdsaPrivKey->KeyHeader;
switch(keyAlg) {
case CSSM_ALGID_RSA:
infoType = KI_PKCS_RSAPrivateBER;
format = CSSM_KEYBLOB_RAW_FORMAT_PKCS8;
break;
case CSSM_ALGID_DSA:
infoType = KI_DSAPrivateBER;
format = CSSM_KEYBLOB_RAW_FORMAT_FIPS186;
break;
default:
printf("***buBsafePrivKeyToCdsa: bogus keyAlg\n");
return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
}
brtn = B_GetKeyInfo((POINTER *)&keyBlob,
(B_KEY_OBJ)bsafePrivKey,
infoType);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_GetKeyInfo");
}
cdsaPrivKey->KeyData.Data = (uint8 *)CSSM_MALLOC(keyBlob->len);
cdsaPrivKey->KeyData.Length = keyBlob->len;
memmove(cdsaPrivKey->KeyData.Data, keyBlob->data, keyBlob->len);
memset(hdr, 0, sizeof(CSSM_KEYHEADER));
hdr->HeaderVersion = CSSM_KEYHEADER_VERSION;
hdr->BlobType = CSSM_KEYBLOB_RAW;
hdr->Format = format;
hdr->AlgorithmId = keyAlg;
hdr->KeyClass = CSSM_KEYCLASS_PRIVATE_KEY;
hdr->LogicalKeySizeInBits = keySizeInBits;
hdr->KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
hdr->KeyUsage = CSSM_KEYUSE_ANY;
#endif
return CSSM_OK;
}
CSSM_RETURN buCdsaPrivKeyToBsafe(
CSSM_KEY_PTR cdsaPrivKey,
BU_KEY *bsafePrivKey)
{
#if 0 // NO MORE BSAFE
int brtn;
B_KEY_OBJ privKey = NULL;
ITEM keyBlob;
B_INFO_TYPE infoType;
switch(cdsaPrivKey->KeyHeader.AlgorithmId) {
case CSSM_ALGID_RSA:
infoType = KI_PKCS_RSAPrivateBER;
break;
case CSSM_ALGID_DSA:
infoType = KI_DSAPrivateBER;
break;
default:
printf("***buCdsaPrivKeyToCssm: bogus keyAlg\n");
return CSSMERR_CSSM_FUNCTION_NOT_IMPLEMENTED;
}
brtn = B_CreateKeyObject(&privKey);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_CreateKeyObject");
}
buCssmDataToItem(&cdsaPrivKey->KeyData, &keyBlob);
brtn = B_SetKeyInfo(privKey, infoType, (POINTER)&keyBlob);
if(brtn) {
return buBsafeErrToCssm(brtn, "B_SetKeyInfo");
}
*bsafePrivKey = privKey;
#endif
return CSSM_OK;
}