10 #if defined( INC_ALL )
49 #define hasReversedParams( cryptAlgo ) \
50 ( ( cryptAlgo ) == CRYPT_ALGO_DH || \
51 ( cryptAlgo ) == CRYPT_ALGO_ELGAMAL )
69 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
74 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
107 readSequence( stream, NULL );
108 status = readBignumChecked( stream, &rsaKey->rsaParam_n,
111 status =
readBignum( stream, &rsaKey->rsaParam_e,
113 &rsaKey->rsaParam_n );
118 static
int readDlpSubjectPublicKey(
INOUT STREAM *stream,
122 PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
128 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
131 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH || \
140 readGenericHole( stream, NULL,
143 status = readAlgoIDparam( stream, &cryptAlgo, &extraLength,
147 if( extraLength <= 0 )
149 if( contextInfoPtr->capabilityInfo->cryptAlgo != cryptAlgo )
153 readSequence( stream, NULL );
154 status = readBignumChecked( stream, &dlpKey->dlpParam_p,
199 return( readBignumChecked( stream, &dlpKey->dlpParam_y,
201 &dlpKey->dlpParam_p ) );
204 #if defined( USE_ECDH ) || defined( USE_ECDSA )
217 { NULL, 0 }, { NULL, 0 }
225 assert(
isWritePtr( noOidTblEntries,
sizeof(
int ) ) );
227 *oidTblPtr = eccOIDinfo;
234 static
int readEccSubjectPublicKey(
INOUT STREAM *stream,
238 PKC_INFO *eccKey = contextInfoPtr->ctxPKC;
247 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
261 readGenericHole( stream, NULL,
264 status = readAlgoIDparam( stream, &cryptAlgo, &length,
269 contextInfoPtr->capabilityInfo->cryptAlgo != cryptAlgo )
277 status = getECCOidTbl( &oidTbl, &oidTblSize );
279 status = readOID( stream, oidTbl, oidTblSize, &selectionID );
281 status = getECCFieldSize( selectionID, &fieldSize );
284 eccKey->curveType = selectionID;
303 status = readBitStringHole( stream, &length,
310 status = sread( stream, buffer, length );
313 status = importECCPoint( &eccKey->eccParam_qx, &eccKey->eccParam_qy,
331 static
int readSsh1RsaPublicKey(
INOUT STREAM *stream,
335 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
340 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
349 status = length = readUint32( stream );
362 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_e,
367 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_n,
396 static
int readSshRsaPublicKey(
INOUT STREAM *stream,
400 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
401 char buffer[ 16 + 8 ];
406 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
415 readUint32( stream );
416 status = readString32( stream, buffer, 7, &length );
419 if( length != 7 || memcmp( buffer,
"ssh-rsa", 7 ) )
428 status = readBignumInteger32( stream, &rsaKey->rsaParam_e,
432 status = readBignumInteger32Checked( stream, &rsaKey->rsaParam_n,
438 static
int readSshDlpPublicKey(
INOUT STREAM *stream,
442 PKC_INFO *dsaKey = contextInfoPtr->ctxPKC;
444 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH );
445 char buffer[ 16 + 8 ];
450 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
453 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH || \
462 readUint32( stream );
465 status = readString32( stream, buffer, 6, &length );
468 if( length != 6 || memcmp( buffer,
"ssh-dh", 6 ) )
481 status = readBignumInteger32Checked( stream, &dsaKey->dlpParam_p,
484 status = readBignumInteger32( stream, &dsaKey->dlpParam_g,
486 &dsaKey->dlpParam_p );
492 status = readString32( stream, buffer, 7, &length );
495 if( length != 7 || memcmp( buffer,
"ssh-dss", 7 ) )
504 status = readBignumInteger32Checked( stream, &dsaKey->dlpParam_p,
507 status = readBignumInteger32( stream, &dsaKey->dlpParam_q,
509 &dsaKey->dlpParam_p );
511 status = readBignumInteger32( stream, &dsaKey->dlpParam_g,
513 &dsaKey->dlpParam_p );
515 status = readBignumInteger32( stream, &dsaKey->dlpParam_y,
517 &dsaKey->dlpParam_p );
521 #if defined( USE_ECDH ) || defined( USE_ECDSA )
524 static
int readSshEccPublicKey(
INOUT STREAM *stream,
528 PKC_INFO *eccKey = contextInfoPtr->ctxPKC;
536 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
566 readUint32( stream );
574 if( memcmp( buffer,
"ecdh-sha2-", 10 ) )
579 if( memcmp( buffer,
"ecdsa-sha2-", 11 ) )
591 if( !memcmp( buffer,
"nistp256", 8 ) )
595 if( !memcmp( buffer,
"nistp384", 8 ) )
599 if( !memcmp( buffer,
"nistp521", 8 ) )
605 status = getECCFieldSize( eccKey->curveType, &fieldSize );
618 status = importECCPoint( &eccKey->eccParam_qx, &eccKey->eccParam_qy,
652 static
int readSslDlpPublicKey(
INOUT STREAM *stream,
656 PKC_INFO *dhKey = contextInfoPtr->ctxPKC;
661 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
664 contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH );
679 status = readBignumInteger16UChecked( stream, &dhKey->dlpParam_p,
682 status = readBignumInteger16U( stream, &dhKey->dlpParam_g,
684 &dhKey->dlpParam_p );
688 #if defined( USE_ECDH )
690 static const MAP_TABLE sslCurveInfo[] = {
701 static
int getEccSslInfoTbl(
OUT const MAP_TABLE **sslInfoTblPtr,
705 assert(
isWritePtr( noSslInfoTblEntries,
sizeof(
int ) ) );
707 *sslInfoTblPtr = sslCurveInfo;
714 static
int readSslEccPublicKey(
INOUT STREAM *stream,
718 PKC_INFO *eccKey = contextInfoPtr->ctxPKC;
724 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
742 status = value = sgetc( stream );
747 status = value = readUint16( stream );
752 status = getEccSslInfoTbl( &sslCurveInfoPtr, &sslCurveInfoNoEntries );
755 status = mapValue( value, &curveID, sslCurveInfoPtr,
756 sslCurveInfoNoEntries );
759 eccKey->curveType = curveID;
780 static
int readPgpRsaPublicKey(
INOUT STREAM *stream,
784 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
790 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
799 status = value = sgetc( stream );
805 status = readUint32Time( stream, &creationTime );
808 rsaKey->pgpCreationTime = creationTime;
821 status = value = sgetc( stream );
846 status = readBignumInteger16UbitsChecked( stream, &rsaKey->rsaParam_n,
850 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_e,
853 &rsaKey->rsaParam_n );
858 static
int readPgpDlpPublicKey(
INOUT STREAM *stream,
862 PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
868 assert(
isWritePtr( actionFlags,
sizeof(
int ) ) );
871 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DSA || \
878 status = value = sgetc( stream );
883 status = readUint32Time( stream, &creationTime );
886 dlpKey->pgpCreationTime = creationTime;
893 status = value = sgetc( stream );
914 status = readBignumInteger16UbitsChecked( stream, &dlpKey->dlpParam_p,
918 status = readBignumInteger16Ubits( stream, &dlpKey->dlpParam_q,
921 &dlpKey->dlpParam_p );
923 status = readBignumInteger16Ubits( stream, &dlpKey->dlpParam_g,
926 &dlpKey->dlpParam_p );
928 status = readBignumInteger16Ubits( stream, &dlpKey->dlpParam_y,
931 &dlpKey->dlpParam_p );
940 IN_FLAGS( ACTION_PERM )
const int actionFlags )
956 CRYPT_IATTRIBUTE_ACTIONPERMS ) );
960 static
int readPublicKeyRsaFunction(
INOUT STREAM *stream,
977 status = readRsaSubjectPublicKey( stream, contextInfoPtr,
983 status = readSsh1RsaPublicKey( stream, contextInfoPtr,
990 status = readSshRsaPublicKey( stream, contextInfoPtr,
997 status = readPgpRsaPublicKey( stream, contextInfoPtr,
1007 return( completePubkeyRead( contextInfoPtr, actionFlags ) );
1011 static
int readPublicKeyDlpFunction(
INOUT STREAM *stream,
1022 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH || \
1027 switch( formatType )
1030 status = readDlpSubjectPublicKey( stream, contextInfoPtr,
1036 status = readSshDlpPublicKey( stream, contextInfoPtr,
1043 status = readSslDlpPublicKey( stream, contextInfoPtr,
1050 status = readPgpDlpPublicKey( stream, contextInfoPtr,
1060 return( completePubkeyRead( contextInfoPtr, actionFlags ) );
1063 #if defined( USE_ECDH ) || defined( USE_ECDSA )
1066 static
int readPublicKeyEccFunction(
INOUT STREAM *stream,
1082 switch( formatType )
1085 status = readEccSubjectPublicKey( stream, contextInfoPtr,
1091 status = readSslEccPublicKey( stream, contextInfoPtr,
1098 status = readSshEccPublicKey( stream, contextInfoPtr,
1108 return( completePubkeyRead( contextInfoPtr, actionFlags ) );
1122 static
int readRsaPrivateKey(
INOUT STREAM *stream,
1125 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
1135 status = readSequence( stream, NULL );
1140 status = readConstructed( stream, NULL, 0 );
1154 status = readBignumTag( stream, &rsaKey->rsaParam_n,
1159 status = readBignumTag( stream, &rsaKey->rsaParam_e,
1161 &rsaKey->rsaParam_n, 1 );
1169 readUniversal( stream );
1170 status = readUniversal( stream );
1176 status = readBignumTag( stream, &rsaKey->rsaParam_d,
1178 &rsaKey->rsaParam_n, 2 );
1180 status = readBignumTag( stream, &rsaKey->rsaParam_p,
1182 &rsaKey->rsaParam_n, 3 );
1184 status = readBignumTag( stream, &rsaKey->rsaParam_q,
1186 &rsaKey->rsaParam_n, 4 );
1191 status = readBignumTag( stream, &rsaKey->rsaParam_exponent1,
1193 &rsaKey->rsaParam_n, 5 );
1195 status = readBignumTag( stream, &rsaKey->rsaParam_exponent2,
1197 &rsaKey->rsaParam_n, 6 );
1199 status = readBignumTag( stream, &rsaKey->rsaParam_u,
1201 &rsaKey->rsaParam_n, 7 );
1208 #define OID_X509_KEYUSAGE MKOID( "\x06\x03\x55\x1D\x0F" )
1211 static
int readRsaPrivateKeyOld(
INOUT STREAM *stream,
1214 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
1215 const int startPos = stell( stream );
1228 readSequence( stream, &length );
1230 readUniversal( stream );
1231 status = readOctetStringHole( stream, NULL,
1239 readSequence( stream, NULL );
1241 status = readBignumChecked( stream, &rsaKey->rsaParam_n,
1245 status =
readBignum( stream, &rsaKey->rsaParam_e,
1247 &rsaKey->rsaParam_n );
1249 status =
readBignum( stream, &rsaKey->rsaParam_d,
1251 &rsaKey->rsaParam_n );
1253 status =
readBignum( stream, &rsaKey->rsaParam_p,
1255 &rsaKey->rsaParam_n );
1257 status =
readBignum( stream, &rsaKey->rsaParam_q,
1259 &rsaKey->rsaParam_n );
1261 status =
readBignum( stream, &rsaKey->rsaParam_exponent1,
1263 &rsaKey->rsaParam_n );
1265 status =
readBignum( stream, &rsaKey->rsaParam_exponent2,
1267 &rsaKey->rsaParam_n );
1269 status =
readBignum( stream, &rsaKey->rsaParam_u,
1271 &rsaKey->rsaParam_n );
1276 if( stell( stream ) >= startPos + length )
1280 status = readConstructed( stream, &length, 0 );
1283 endPos = stell( stream ) +
length;
1291 for( iterationCount = 0;
1292 stell( stream ) < endPos && \
1302 readSequence( stream, NULL );
1303 status = readEncodedOID( stream, oid,
MAX_OID_SIZE, &oidLength,
1309 if( oidLength !=
sizeofOID( OID_X509_KEYUSAGE ) || \
1310 memcmp( oid, OID_X509_KEYUSAGE, oidLength ) )
1312 status = readUniversal( stream );
1320 readSet( stream, NULL );
1343 CRYPT_IATTRIBUTE_ACTIONPERMS );
1347 ENSURES( iterationCount < FAILSAFE_ITERATIONS_MED );
1354 static
int readDlpPrivateKey(
INOUT STREAM *stream,
1357 PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
1363 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH || \
1371 readSequence( stream, NULL );
1372 return( readBignumTag( stream, &dlpKey->dlpParam_x,
1374 &dlpKey->dlpParam_p, 0 ) );
1376 return(
readBignum( stream, &dlpKey->dlpParam_x,
1378 &dlpKey->dlpParam_p ) );
1381 #if defined( USE_ECDH ) || defined( USE_ECDSA )
1384 static
int readEccPrivateKey(
INOUT STREAM *stream,
1387 PKC_INFO *eccKey = contextInfoPtr->ctxPKC;
1398 return(
readBignum( stream, &eccKey->eccParam_d,
1409 static
int readPgpRsaPrivateKey(
INOUT STREAM *stream,
1412 PKC_INFO *rsaKey = contextInfoPtr->ctxPKC;
1422 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_d,
1425 &rsaKey->rsaParam_n );
1427 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_p,
1430 &rsaKey->rsaParam_n );
1432 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_q,
1435 &rsaKey->rsaParam_n );
1437 status = readBignumInteger16Ubits( stream, &rsaKey->rsaParam_u,
1440 &rsaKey->rsaParam_n );
1445 static
int readPgpDlpPrivateKey(
INOUT STREAM *stream,
1448 PKC_INFO *dlpKey = contextInfoPtr->ctxPKC;
1454 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DSA || \
1458 return( readBignumInteger16Ubits( stream, &dlpKey->dlpParam_x,
1461 &dlpKey->dlpParam_p ) );
1468 static
int readPrivateKeyRsaFunction(
INOUT STREAM *stream,
1480 switch( formatType )
1483 return( readRsaPrivateKey( stream, contextInfoPtr ) );
1487 return( readRsaPrivateKeyOld( stream, contextInfoPtr ) );
1492 return( readPgpRsaPrivateKey( stream, contextInfoPtr ) );
1500 static
int readPrivateKeyDlpFunction(
INOUT STREAM *stream,
1509 ( contextInfoPtr->capabilityInfo->cryptAlgo ==
CRYPT_ALGO_DH || \
1514 switch( formatType )
1517 return( readDlpPrivateKey( stream, contextInfoPtr ) );
1521 return( readPgpDlpPrivateKey( stream, contextInfoPtr ) );
1528 #if defined( USE_ECDH ) || defined( USE_ECDSA )
1531 static
int readPrivateKeyEccFunction(
INOUT STREAM *stream,
1543 switch( formatType )
1546 return( readEccPrivateKey( stream, contextInfoPtr ) );
1586 sMemConnect( &stream, buffer, bufSize );
1593 switch( formatType )
1596 readSequence( &stream, NULL );
1607 status = readBignumInteger16Ubits( &stream, value1,
1613 status = readBignumInteger16Ubits( &stream, value2,
1621 case CRYPT_IFORMAT_SSH:
1636 sMemDisconnect( &stream );
1641 static
int decodeECDLValuesFunction(
IN_BUFFER( bufSize )
const BYTE *buffer,
1665 if( formatType != CRYPT_IFORMAT_SSH )
1667 return( decodeDLValuesFunction( buffer, bufSize, value1, value2,
1668 maxRange, formatType ) );
1670 sMemConnect( &stream, buffer, bufSize );
1678 sMemDisconnect( &stream );
1691 const CRYPT_ALGO_TYPE cryptAlgo = contextInfoPtr->capabilityInfo->cryptAlgo;
1692 PKC_INFO *pkcInfo = contextInfoPtr->ctxPKC;
1701 pkcInfo->readPublicKeyFunction = readPublicKeyDlpFunction;
1702 pkcInfo->readPrivateKeyFunction = readPrivateKeyDlpFunction;
1703 pkcInfo->decodeDLValuesFunction = decodeDLValuesFunction;
1707 #if defined( USE_ECDH ) || defined( USE_ECDSA )
1710 pkcInfo->readPublicKeyFunction = readPublicKeyEccFunction;
1711 pkcInfo->readPrivateKeyFunction = readPrivateKeyEccFunction;
1712 pkcInfo->decodeDLValuesFunction = decodeECDLValuesFunction;
1717 pkcInfo->readPublicKeyFunction = readPublicKeyRsaFunction;
1718 pkcInfo->readPrivateKeyFunction = readPrivateKeyRsaFunction;