miscalgorithms.cpp [plain text]
#ifdef BSAFE_CSP_ENABLE
#include "bsafecspi.h"
#include <stdio.h> // debug
BSafe::DigestContext::DigestContext(
AppleCSPSession &session,
const Context &,
B_INFO_TYPE bAlgInfo,
size_t sz)
: BSafeContext(session)
{
mOutSize = sz;
inUpdate = B_DigestUpdate;
outFinal = B_DigestFinal;
setAlgorithm(bAlgInfo);
check(B_DigestInit(bsAlgorithm, bsKey, chooser(), bsSurrender));
initialized = true;
}
void BSafe::SigningContext::init(
const Context &context,
bool signing)
{
if (reusing(signing))
return;
setAlgorithm(algorithm, NULL);
setKeyFromContext(context);
if (signing) {
check(B_SignInit(bsAlgorithm, bsKey, chooser(), bsSurrender));
setRandom(); inUpdate = B_SignUpdate;
outFinalR = B_SignFinal;
outFinal = NULL;
} else {
check(B_VerifyInit(bsAlgorithm, bsKey, chooser(), bsSurrender));
inUpdate = B_VerifyUpdate;
inFinalR = B_VerifyFinal;
inFinal = NULL;
}
}
void BSafe::MacContext::init(
const Context &context,
bool signing)
{
if (reusing(signing))
return;
B_DIGEST_SPECIFIER digestSpec;
digestSpec.digestInfoType = algorithm;
digestSpec.digestInfoParams = NULL;
setAlgorithm(AI_HMAC, &digestSpec);
setKeyFromContext(context);
check(B_DigestInit(bsAlgorithm, bsKey, chooser(), bsSurrender));
if (signing) {
inUpdate = B_DigestUpdate;
outFinal = B_DigestFinal;
} else {
inUpdate = B_DigestUpdate;
}
}
void BSafe::MacContext::final(const CssmData &in)
{
void *digest = normAllocator->malloc(in.length());
unsigned int length;
check(B_DigestFinal(bsAlgorithm, POINTER(digest), &length, in.length(), bsSurrender));
bool verified = length == in.length() && !memcmp(digest, in.data(), in.length());
normAllocator->free(digest);
initialized = false;
if (!verified)
CssmError::throwMe(CSSMERR_CSP_VERIFY_FAILED);
}
void BSafe::RandomContext::init(const Context &context, bool)
{
reset(); setAlgorithm(algorithm, NULL); check(B_RandomInit(bsAlgorithm, chooser(), bsSurrender));
mOutSize = context.getInt(CSSM_ATTRIBUTE_OUTPUT_SIZE, CSSMERR_CSP_MISSING_ATTR_OUTPUT_SIZE);
if (const CssmCryptoData *seed = context.get<CssmCryptoData>(CSSM_ATTRIBUTE_SEED)) {
const CssmData &seedValue = (*seed)();
check(B_RandomUpdate(bsAlgorithm, POINTER(seedValue.data()), seedValue.length(), bsSurrender));
}
}
void BSafe::RandomContext::final(CssmData &data)
{
check(B_GenerateRandomBytes(bsAlgorithm, POINTER(data.data()), mOutSize, bsSurrender));
}
#endif