FEESignatureObject.cpp [plain text]
#ifdef CRYPTKIT_CSP_ENABLE
#include "FEESignatureObject.h"
#include <security_cryptkit/feePublicKey.h>
#include <security_cryptkit/feeDigitalSignature.h>
#include <security_cryptkit/falloc.h>
#include <stdexcept>
#include <assert.h>
#include <security_utilities/debugging.h>
#define feeSigObjDebug(args...) secinfo("feeSig", ##args)
CryptKit::FEESigner::~FEESigner()
{
if(mWeMallocdFeeKey) {
assert(mFeeKey != NULL);
feePubKeyFree(mFeeKey);
}
}
void CryptKit::FEESigner::sigFormatFromContext(
const Context &context)
{
CSSM_PADDING padding = context.getInt(CSSM_ATTRIBUTE_PADDING);
switch(padding) {
case CSSM_PADDING_SIGRAW:
mSigFormat=FSF_RAW;
break;
default:
mSigFormat=FSF_DER;
}
}
void CryptKit::FEESigner::keyFromContext(
const Context &context)
{
if(initFlag() && (mFeeKey != NULL)) {
return;
}
CSSM_KEYCLASS keyClass;
CSSM_KEYUSE keyUse;
if(isSigning()) {
keyClass = CSSM_KEYCLASS_PRIVATE_KEY;
keyUse = CSSM_KEYUSE_SIGN;
}
else {
keyClass = CSSM_KEYCLASS_PUBLIC_KEY;
keyUse = CSSM_KEYUSE_VERIFY;
}
if(mFeeKey == NULL) {
mFeeKey = contextToFeeKey(context,
mSession,
CSSM_ATTRIBUTE_KEY,
keyClass,
keyUse,
mWeMallocdFeeKey);
}
}
void CryptKit::FEESigner::signerInit(
const Context &context,
bool isSigning)
{
setIsSigning(isSigning);
keyFromContext(context);
sigFormatFromContext(context);
setInitFlag(true);
}
void CryptKit::FEERawSigner::sign(
const void *data,
size_t dataLen,
void *sig,
size_t *sigLen)
{
feeSig fsig;
feeReturn frtn;
unsigned char *feeSig = NULL;
unsigned feeSigLen=0;
if(mFeeKey == NULL) {
throwCryptKit(FR_BadPubKey, "FEERawSigner::sign (no key)");
}
fsig = feeSigNewWithKey(mFeeKey, mRandFcn, mRandRef);
if(fsig == NULL) {
throwCryptKit(FR_BadPubKey, "FEERawSigner::sign");
}
frtn = feeSigSign(fsig,
(unsigned char *)data,
(unsigned)dataLen,
mFeeKey);
if(frtn == FR_Success) {
frtn = feeSigData(fsig, &feeSig, &feeSigLen);
}
feeSigFree(fsig);
if(frtn) {
throwCryptKit(frtn, "FEERawSigner::sign");
}
if(*sigLen < feeSigLen) {
feeSigObjDebug("FEERawSigner sign overflow\n");
ffree(feeSig);
CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
}
memmove(sig, feeSig, feeSigLen);
*sigLen = feeSigLen;
ffree(feeSig);
}
void CryptKit::FEERawSigner::verify(
const void *data,
size_t dataLen,
const void *sig,
size_t sigLen)
{
feeSig fsig;
feeReturn frtn;
if(mFeeKey == NULL) {
throwCryptKit(FR_BadPubKey, "FEERawSigner::verify (no key)");
}
frtn = feeSigParse((unsigned char *)sig, sigLen, &fsig);
if(frtn) {
throwCryptKit(frtn, "feeSigParse");
}
frtn = feeSigVerify(fsig,
(unsigned char *)data,
(unsigned int)dataLen,
mFeeKey);
feeSigFree(fsig);
if(frtn) {
throwCryptKit(frtn, NULL);
}
}
size_t CryptKit::FEERawSigner::maxSigSize()
{
unsigned rtn;
feeReturn frtn;
frtn = feeSigSize(mFeeKey, &rtn);
if(frtn) {
throwCryptKit(frtn, "feeSigSize");
}
return rtn;
}
void CryptKit::FEEECDSASigner::sign(
const void *data,
size_t dataLen,
void *sig,
size_t *sigLen)
{
unsigned char *feeSig;
unsigned feeSigLen;
feeReturn frtn;
if(mFeeKey == NULL) {
throwCryptKit(FR_BadPubKey, "FEERawSigner::sign (no key)");
}
frtn = feeECDSASign(mFeeKey,
mSigFormat,
(unsigned char *)data, (unsigned int)dataLen, mRandFcn,
mRandRef,
&feeSig,
&feeSigLen);
if(frtn) {
throwCryptKit(frtn, "feeECDSASign");
}
if(*sigLen < feeSigLen) {
feeSigObjDebug("feeECDSASign overflow\n");
ffree(feeSig);
CssmError::throwMe(CSSMERR_CSP_OUTPUT_LENGTH_ERROR);
}
memmove(sig, feeSig, feeSigLen);
*sigLen = feeSigLen;
ffree(feeSig);
}
void CryptKit::FEEECDSASigner::verify(
const void *data,
size_t dataLen,
const void *sig,
size_t sigLen)
{
feeReturn frtn;
if(mFeeKey == NULL) {
throwCryptKit(FR_BadPubKey, "FEERawSigner::verify (no key)");
}
frtn = feeECDSAVerify(
(unsigned char *)sig,
sigLen,
(unsigned char *)data,
(unsigned int)dataLen,
mFeeKey,
mSigFormat);
if(frtn) {
throwCryptKit(frtn, NULL);
}
}
size_t CryptKit::FEEECDSASigner::maxSigSize()
{
unsigned rtn;
feeReturn frtn;
frtn = feeECDSASigSize(mFeeKey, &rtn);
if(frtn) {
throwCryptKit(frtn, "feeECDSASigSize");
}
return rtn;
}
#endif