aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlberto Compagno <acompagn+fdio@cisco.com>2019-02-06 12:05:58 +0100
committerAlberto Compagno <acompagn+fdio@cisco.com>2019-02-06 12:05:58 +0100
commitb77148ddc3def71e6c412c3afb5f1c20be2d77cd (patch)
tree53e6db3aa4f3fa6cb5cb5bd4e219cd0d50d7c0f4
parent4e710f08b38954194e1a67159403f31b10ad7afb (diff)
[CICN-14] Removed copy of signature in libparc. The api now accepts a pointer to a buf where it stores the computed signature
Change-Id: I4427a6399b5e74197303bade4f96ea74b370b07b Signed-off-by: Alberto Compagno <acompagn+fdio@cisco.com>
-rw-r--r--libparc/parc/security/parc_PublicKeySigner.c33
-rw-r--r--libparc/parc/security/parc_Signer.c8
-rwxr-xr-xlibparc/parc/security/parc_Signer.h10
-rw-r--r--libparc/parc/security/parc_SymmetricKeySigner.c6
4 files changed, 30 insertions, 27 deletions
diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c
index 1297611e..55404b9c 100644
--- a/libparc/parc/security/parc_PublicKeySigner.c
+++ b/libparc/parc/security/parc_PublicKeySigner.c
@@ -165,7 +165,7 @@ _GetKeyStore(PARCPublicKeySigner *signer)
return signer->keyStore;
}
-static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t ** sig, unsigned * sigLength)
+static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t * sig, uint32_t supplied_siglen, unsigned * sigLength)
{
EVP_PKEY *privateKey = NULL;
size_t keySize = parcBuffer_Remaining(privateKeyBuffer);
@@ -173,16 +173,16 @@ static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer
privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, keySize);
RSA *rsa = EVP_PKEY_get1_RSA(privateKey);
- *sig = parcMemory_Allocate(RSA_size(rsa));
+ //*sig = parcMemory_Allocate(RSA_size(rsa));
- parcAssertNotNull(*sig, "parcMemory_Allocate(%u) returned NULL", RSA_size(rsa));
+ parcAssertNotNull(sig, "Expected pointer to a memory region for storing the signature %u. Pointer is NULL", RSA_size(rsa));
*sigLength = 0;
PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign);
int result = RSA_sign(opensslDigestType,
(unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)),
(int) parcBuffer_Remaining(bb_digest),
- *sig,
+ sig,
sigLength,
rsa);
parcAssertTrue(result == 1, "Got error from RSA_sign: %d", result);
@@ -191,7 +191,7 @@ static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer
return result;
}
-static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t ** sig, unsigned * sigLength)
+static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t * sig, uint32_t supplied_siglen, unsigned * sigLength)
{
EVP_PKEY *privateKey = NULL;
size_t keySize = parcBuffer_Remaining(privateKeyBuffer);
@@ -200,15 +200,15 @@ static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffe
EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(privateKey);
- *sig = parcMemory_Allocate(ECDSA_size(ec_key));
- parcAssertNotNull(sig, "parcMemory_Allocate(%u) returned NULL", ECDSA_size(ec_key));
+ //*sig = parcMemory_Allocate(ECDSA_size(ec_key));
+ parcAssertNotNull(sig, "Expected pointer to a memory region for storing the signature %u. Pointer is NULL", ECDSA_size(ec_key));
*sigLength = 0;
PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign);
int result = ECDSA_sign(opensslDigestType,
(unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)),
(int) parcBuffer_Remaining(bb_digest),
- *sig,
+ sig,
sigLength,
ec_key);
parcAssertTrue(result == 1, "Got error from ECDSA_sign: %d", result);
@@ -217,7 +217,7 @@ static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffe
}
static PARCSignature *
-_SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign)
+_SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign, uint8_t * signature_buf, uint32_t sig_len)
{
parcSecurity_AssertIsInitialized();
@@ -229,8 +229,7 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign)
PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore);
int opensslDigestType;
- uint8_t *sig;
- unsigned sigLength;
+ unsigned signLenght;
switch (parcCryptoHash_GetDigestType(digestToSign)) {
case PARCCryptoHashType_SHA256:
@@ -246,18 +245,18 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign)
switch (signer->signingAlgorithm) {
case PARCSigningAlgorithm_RSA:
- _SignDigestRSA(digestToSign, privateKeyBuffer, opensslDigestType, &sig, &sigLength);
+ _SignDigestRSA(digestToSign, privateKeyBuffer, opensslDigestType, signature_buf, sig_len, &signLenght);
break;
case PARCSigningAlgorithm_ECDSA:
- _SignDigestECDSA(digestToSign, privateKeyBuffer, opensslDigestType, &sig, &sigLength);
+ _SignDigestECDSA(digestToSign, privateKeyBuffer, opensslDigestType, signature_buf, sig_len, &signLenght);
break;
default:
return NULL;
}
- PARCBuffer *bbSign = parcBuffer_Allocate(sigLength);
- parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig));
- parcMemory_Deallocate((void **) &sig);
+ PARCBuffer *bbSign = parcBuffer_Wrap(signature_buf, signLenght, 0, signLenght);
+ //parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig));
+ //parcMemory_Deallocate((void **) &sig);
PARCSignature *signature =
parcSignature_Create(_GetSigningAlgorithm(signer),
@@ -317,7 +316,7 @@ _GetSignatureSize(PARCPublicKeySigner *signer)
PARCSigningInterface *PARCPublicKeySignerAsSigner = &(PARCSigningInterface) {
.GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_GetCryptoHasher,
- .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_SignDigest,
+ .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *, uint8_t *, uint32_t))_SignDigest,
.GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_GetSigningAlgorithm,
.GetCryptoHashType = (PARCCryptoHashType (*)(void *))_GetCryptoHashType,
.GetKeyStore = (PARCKeyStore * (*)(void *))_GetKeyStore,
diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c
index 70b8f616..2d3c7465 100644
--- a/libparc/parc/security/parc_Signer.c
+++ b/libparc/parc/security/parc_Signer.c
@@ -108,16 +108,16 @@ parcSigner_GetCryptoHasher(const PARCSigner *signer)
}
PARCSignature *
-parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *parcDigest)
+parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *parcDigest, uint8_t * signature, uint32_t sig_len)
{
parcSigner_OptionalAssertValid(signer);
parcAssertNotNull(parcDigest, "parcDigest to sign must not be null");
- return signer->interface->SignDigest(signer->instance, parcDigest);
+ return signer->interface->SignDigest(signer->instance, parcDigest, signature, sig_len);
}
PARCSignature *
-parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer)
+parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer, uint8_t * signature_buf, uint32_t sig_len)
{
parcSigner_OptionalAssertValid(signer);
parcAssertNotNull(buffer, "buffer to sign must not be null");
@@ -129,7 +129,7 @@ parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer)
PARCCryptoHash *hash = parcCryptoHasher_Finalize(hasher);
parcCryptoHasher_Release(&hasher);
- PARCSignature *signature = parcSigner_SignDigest(signer, hash);
+ PARCSignature *signature = parcSigner_SignDigest(signer, hash, signature_buf, sig_len);
parcCryptoHash_Release(&hash);
return signature;
diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h
index bee68fd2..9bb0c6a1 100755
--- a/libparc/parc/security/parc_Signer.h
+++ b/libparc/parc/security/parc_Signer.h
@@ -84,10 +84,12 @@ typedef struct parc_signer_interface {
*
* @param [in] interfaceContextPtr A pointer to a concrete PARCSigner instance.
* @param [in] hashToSign The output of the given digest to sign
+ * @param [in] signature Portion of memory that will contain the signature (expected to be large enough to contain the signature)
+ * @param [in] sig_len Size in bytes of the supplied buffer
*
* @return A pointer to a PARCSignature instance that must be released via parcSignature_Release()
*/
- PARCSignature *(*SignDigest)(void *interfaceContext, const PARCCryptoHash * parcDigest);
+ PARCSignature *(*SignDigest)(void *interfaceContext, const PARCCryptoHash * parcDigest, uint8_t * signature, uint32_t sign_len);
/**
* Return the PARSigningAlgorithm used for signing with the given `PARCSigner`
@@ -283,6 +285,8 @@ PARCCryptoHasher *parcSigner_GetCryptoHasher(const PARCSigner *signer);
*
* @param [in] signer A pointer to a PARCSigner instance.
* @param [in] hashToSign The output of the given digest
+ * @param [in] signature Portion of memory that will contain the signature (expected to be large enough to contain the signature)
+ * @param [in] sig_len Size in bytes of the supplied buffer
*
* @return A pointer to a PARCSignature instance that must be released via parcSignature_Release()
*
@@ -300,7 +304,7 @@ PARCCryptoHasher *parcSigner_GetCryptoHasher(const PARCSigner *signer);
* }
* @endcode
*/
-PARCSignature *parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *hashToSign);
+PARCSignature *parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *hashToSign, uint8_t * signature, uint32_t sig_len);
/**
* Compute the signature of a given `PARCBuffer`.
@@ -320,7 +324,7 @@ PARCSignature *parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoH
* }
* @endcode
*/
-PARCSignature *parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer);
+PARCSignature *parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer, uint8_t * signature, uint32_t sig_len);
/**
* Return the PARSigningAlgorithm used for signing with the given `PARCSigner`
diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c
index 9f760326..5f87b945 100644
--- a/libparc/parc/security/parc_SymmetricKeySigner.c
+++ b/libparc/parc/security/parc_SymmetricKeySigner.c
@@ -261,11 +261,11 @@ _GetSignatureSize(PARCSymmetricKeySigner *signer)
* @param hashToSign is the HMAC computed by the our PARCCryptoHasher.
*/
static PARCSignature *
-_signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hashToSign)
+_signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hashToSign, uint8_t * signature, uint32_t sig_len)
{
// The digest computed via our hash function (hmac) is the actual signature.
// just need to wrap it up with the right parameters.
- PARCBuffer *signatureBits = parcBuffer_Copy(parcCryptoHash_GetDigest(hashToSign));
+ PARCBuffer *signatureBits = parcBuffer_Wrap(signature, sig_len, 0, sig_len);//parcBuffer_Copy(parcCryptoHash_GetDigest(hashToSign));
PARCSignature *result = parcSignature_Create(_getSigningAlgorithm(interfaceContext), parcCryptoHash_GetDigestType(hashToSign), signatureBits);
parcBuffer_Release(&signatureBits);
return result;
@@ -274,7 +274,7 @@ _signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hash
PARCSigningInterface *PARCSymmetricKeySignerAsSigner = &(PARCSigningInterface) {
.GetCryptoHashType = (PARCCryptoHashType (*)(void *))_getCryptoHashType,
.GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_getCryptoHasher,
- .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_signDigest,
+ .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *, uint8_t *, uint32_t))_signDigest,
.GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_getSigningAlgorithm,
.GetKeyStore = (PARCKeyStore * (*)(void *))_getKeyStore,
.GetSignatureSize = (size_t (*)(void *))_GetSignatureSize