Merge "Added method to retrieve the signature length from the signer. Fixed bug on parc-publickey" into cframework/master

author: Alberto Compagno <acompagn+fdio@cisco.com> 2018-04-16 15:28:53 +0000
committer: Gerrit Code Review <gerrit@fd.io> 2018-04-16 15:28:53 +0000
commit: 07d0a90b6f52fa920ab3a4a9984b0ba1fbb7f9f8 (patch)
tree: f3810af54c63c0f1bb5226e84897411c41b40d03
parent: d609ef19bac231a47b65cf5a6a797c142ebc625d (diff)
parent: 799484812a3fdd9d5d6e71c5fc4b483043347bca (diff)
10 files changed, 132 insertions, 46 deletions
diff --git a/libparc/parc/security/command-line/parc-publickey.c b/libparc/parc/security/command-line/parc-publickey.c
index e88e94b6..56d35935 100644
--- a/libparc/parc/security/command-line/parc-publickey.c
+++ b/libparc/parc/security/command-line/parc-publickey.c
@@ -36,17 +36,17 @@ parcPublicKey_Create(PARCArrayList *args)
     char *fileName = parcArrayList_Get(args, 2);
     char *password = parcArrayList_Get(args, 3);
     char *subjectName = parcArrayList_Get(args, 4);
-    PARCSigningAlgorithm signAlgo = *(int *)parcArrayList_Get(args, 5);
-    
+    PARCSigningAlgorithm signAlgo = PARCSigningAlgorithm_RSA;
+
     if (parcArrayList_Size(args) > 5) {
-        keyLength = (unsigned int) strtoul(parcArrayList_Get(args, 6), NULL, 10);
+        keyLength = (unsigned int) strtoul(parcArrayList_Get(args, 5), NULL, 10);
     }
 
     if (parcArrayList_Size(args) > 6) {
-        validityDays = (unsigned int) strtoul(parcArrayList_Get(args, 7), NULL, 10);
+        validityDays = (unsigned int) strtoul(parcArrayList_Get(args, 6), NULL, 10);
     }
 
-    bool result = parcPkcs12KeyStore_CreateFile(fileName, password, subjectName, keyLength, validityDays, signAlgo);
+    bool result = parcPkcs12KeyStore_CreateFile(fileName, password, subjectName, signAlgo, keyLength, validityDays);
     if (!result) {
         printf("Error: %s %s", fileName, strerror(errno));
         return;
diff --git a/libparc/parc/security/parc_CryptoSuite.c b/libparc/parc/security/parc_CryptoSuite.c
index 7bd0a7bf..43339121 100755
--- a/libparc/parc/security/parc_CryptoSuite.c
+++ b/libparc/parc/security/parc_CryptoSuite.c
@@ -45,30 +45,6 @@ parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite)
 }
 
 int
-parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBits)
-{
-    switch (suite) {
-        case PARCCryptoSuite_DSA_SHA256:      // fallthrough
-        case PARCCryptoSuite_RSA_SHA256:      // fallthrough
-        case PARCCryptoSuite_RSA_SHA512:
-            return keyLengthBits;
-
-        case PARCCryptoSuite_ECDSA_SHA256:
-            return keyLengthBits*2 + 64; //Overhead added by ECDSA 
-
-        case PARCCryptoSuite_HMAC_SHA256:     // fallthrough
-        case PARCCryptoSuite_HMAC_SHA512:     // fallthrough
-            return 512;
-
-        case PARCCryptoSuite_NULL_CRC32C:
-            return 32;
-
-        default:
-            trapIllegalValue(suite, "Unknown crypto suite: %d", suite);
-    }
-}
-
-int
 parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits)
 {
     int keyLengthBytes = keyLengthBits >> 3;
diff --git a/libparc/parc/security/parc_CryptoSuite.h b/libparc/parc/security/parc_CryptoSuite.h
index 0276287b..366bcb11 100755
--- a/libparc/parc/security/parc_CryptoSuite.h
+++ b/libparc/parc/security/parc_CryptoSuite.h
@@ -60,23 +60,6 @@ typedef enum {
 PARCCryptoHashType parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite);
 
 /**
- * Given a PARCCryptoSuite value and the key length, return the expected length in bits of the signature.
- * For ECDSA the result is the maximum length
- *
- * @param [in] suite A PARCCryptoSuite value.
- *
- * @return A PARCCryptoHashType value
- *
- * Example:
- * @code
- * {
- *     int bits = parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite_RSA_SHA256, 1024);
- * }
- * @endcode
- */
-int parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBits);
-
-/**
  * Given a PARCCryptoSuite value and the key length, return the expected length in bytes of the signature.
  * For ECDSA the result is the maximum length
  *
diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c
index 04b76655..4122b992 100644
--- a/libparc/parc/security/parc_PublicKeySigner.c
+++ b/libparc/parc/security/parc_PublicKeySigner.c
@@ -268,10 +268,53 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign)
     return signature;
 }
 
+static size_t
+_GetSignatureSize(PARCPublicKeySigner *signer)
+{
+  assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore");
+
+  // TODO: what is the best way to expose this?
+  PARCKeyStore *keyStore = signer->keyStore;
+  PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore);
+
+  size_t size = 0;
+  switch (signer->signingAlgorithm) {
+    case PARCSigningAlgorithm_RSA:
+      {
+        EVP_PKEY *privateKey = NULL;
+        uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, parcBuffer_Limit(privateKeyBuffer));
+        privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, parcBuffer_Limit(privateKeyBuffer));
+
+        RSA *rsa = EVP_PKEY_get1_RSA(privateKey);
+
+        size = RSA_size(rsa);
+        RSA_free(rsa);
+        break;
+      }
+    case PARCSigningAlgorithm_ECDSA:
+      {
+        EVP_PKEY *privateKey = NULL;
+        size_t keySize = parcBuffer_Remaining(privateKeyBuffer);
+        uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, keySize);
+        privateKey = d2i_PrivateKey(EVP_PKEY_EC, &privateKey, (const unsigned char **) &bytes, keySize);
+
+        EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(privateKey);
+
+        size = ECDSA_size(ec_key);
+        EC_KEY_free(ec_key);
+        break;
+      }
+  }
+  parcBuffer_Release(&privateKeyBuffer);
+
+  return size;
+}
+
 PARCSigningInterface *PARCPublicKeySignerAsSigner = &(PARCSigningInterface) {
     .GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_GetCryptoHasher,
     .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_SignDigest,
     .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_GetSigningAlgorithm,
     .GetCryptoHashType = (PARCCryptoHashType (*)(void *))_GetCryptoHashType,
     .GetKeyStore = (PARCKeyStore * (*)(void *))_GetKeyStore,
+    .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize
 };
diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c
index ec5b8a19..5287c97b 100644
--- a/libparc/parc/security/parc_Signer.c
+++ b/libparc/parc/security/parc_Signer.c
@@ -168,3 +168,11 @@ parcSigner_GetKeyStore(const PARCSigner *signer)
 
     return signer->interface->GetKeyStore(signer->instance);
 }
+
+size_t
+parcSigner_GetSignatureSize(const PARCSigner *signer)
+{
+    parcSigner_OptionalAssertValid(signer);
+
+    return signer->interface->GetSignatureSize(signer->instance);
+}
diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h
index bd69c992..1e675c50 100755
--- a/libparc/parc/security/parc_Signer.h
+++ b/libparc/parc/security/parc_Signer.h
@@ -115,6 +115,15 @@ typedef struct parc_signer_interface {
      * @return A PARCKeyStore instance.
      */
     PARCKeyStore *(*GetKeyStore)(void *interfaceContext);
+
+    /**
+     * Return the key size for this Signer.
+     *
+     * @param [in] interfaceContext A pointer to a concrete PARCSigner instance.
+     *
+     * @return A size_t
+     */
+    size_t (*GetSignatureSize)(void *interfaceContext);
 } PARCSigningInterface;
 
 /**
@@ -384,4 +393,22 @@ PARCCryptoSuite parcSigner_GetCryptoSuite(const PARCSigner *signer);
  * @endcode
  */
 PARCKeyStore *parcSigner_GetKeyStore(const PARCSigner *signer);
+
+/**
+ * Given a `PARCSigner` instance, return the expected size of the signature.
+ *
+ * @param [in] signer A pointer to a `PARCSigner` instance.
+ *
+ * @return A size_t with the size of the key.
+ *
+ * Example:
+ * @code
+ * {
+ *      PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCRSASignerAsSigner);
+ *
+ *      PARCKeyStore *keyStore = parcSigner_GetKeyStore(signer);
+ * }
+ * @endcode
+ */
+size_t parcSigner_GetSignatureSize(const PARCSigner *signer);
 #endif // libparc_parc_Signer_h
diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c
index aeacb30f..5cde896b 100644
--- a/libparc/parc/security/parc_SymmetricKeySigner.c
+++ b/libparc/parc/security/parc_SymmetricKeySigner.c
@@ -240,6 +240,18 @@ _getKeyStore(PARCSymmetricKeySigner *signer)
     return signer->generalKeyStore;
 }
 
+static size_t
+_GetSignatureSize(PARCSymmetricKeySigner *signer)
+{
+  assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore");
+
+  // TODO: what is the best way to expose this?
+  PARCSymmetricKeyStore *keyStore = signer->keyStore;
+  PARCBuffer *secretKeyBuffer = parcSymmetricKeyStore_GetKey(keyStore);
+
+  return parcBuffer_Limit(secretKeyBuffer);
+}
+
 // ==================================================
 // implementation
 
@@ -265,4 +277,5 @@ PARCSigningInterface *PARCSymmetricKeySignerAsSigner = &(PARCSigningInterface) {
     .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_signDigest,
     .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_getSigningAlgorithm,
     .GetKeyStore = (PARCKeyStore * (*)(void *))_getKeyStore,
+    .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize
 };
diff --git a/libparc/parc/security/test/test_parc_PublicKeyECSigner.c b/libparc/parc/security/test/test_parc_PublicKeyECSigner.c
index 417282a0..90ab1755 100644
--- a/libparc/parc/security/test/test_parc_PublicKeyECSigner.c
+++ b/libparc/parc/security/test/test_parc_PublicKeyECSigner.c
@@ -105,6 +105,7 @@ LONGBOW_TEST_FIXTURE(Object)
     LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_HashCode);
     LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_IsValid);
     LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_ToString);
+    LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_SignatureSize);
 }
 
 LONGBOW_TEST_FIXTURE_SETUP(Object)
@@ -485,6 +486,17 @@ LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId)
     parcSigner_Release(&signer);
 }
 
+LONGBOW_TEST_CASE(Object, parcPublicKeySigner_SignatureSize)
+{
+    PARCPublicKeySigner *publicKeySigner = _createSigner("test_key_size");
+    PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner);
+
+    assertTrue(parcSigner_GetSignatureSize(signer) == 72, "Key size unexpected %lu ", parcSigner_GetSignatureSize(signer));
+    parcPublicKeySigner_Release(&publicKeySigner);
+    parcSigner_Release(&signer);
+}
+
+
 int
 main(int argc, char *argv[argc])
 {
diff --git a/libparc/parc/security/test/test_parc_PublicKeySigner.c b/libparc/parc/security/test/test_parc_PublicKeySigner.c
index 49fd42c7..69fb7049 100644
--- a/libparc/parc/security/test/test_parc_PublicKeySigner.c
+++ b/libparc/parc/security/test/test_parc_PublicKeySigner.c
@@ -97,6 +97,7 @@ LONGBOW_TEST_FIXTURE(Object)
     LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_HashCode);
     LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_IsValid);
     LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_ToString);
+    LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_SignatureSize);
 }
 
 LONGBOW_TEST_FIXTURE_SETUP(Object)
@@ -443,6 +444,18 @@ LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId)
     parcSigner_Release(&signer);
 }
 
+LONGBOW_TEST_CASE(Object, parcPublicKeySigner_SignatureSize)
+{
+    PARCPublicKeySigner *publicKeySigner = _createSigner("test_key_size");
+    PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner);
+
+
+    assertTrue(parcSigner_GetSignatureSize(signer) == 128, "Modulus size unexpected %lu ", parcSigner_GetSignatureSize(signer));
+    parcPublicKeySigner_Release(&publicKeySigner);
+    parcSigner_Release(&signer);
+}
+
+
 int
 main(int argc, char *argv[argc])
 {
diff --git a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c
index 562ba6c6..01874e75 100644
--- a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c
+++ b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c
@@ -237,6 +237,17 @@ LONGBOW_TEST_CASE(Specialization, test_hmac_sha512)
     parcBuffer_Release(&output);
 }
 
+LONGBOW_TEST_CASE(Global, parcSymmetricSigner_SignatureSize)
+{
+    PARCSymmetricKeySigner *symmetricSigner = _createSigner();
+
+    PARCSigner *signer = parcSigner_Create(symmetricSigner, PARCSymmetricKeySignerAsSigner);
+
+    assertTrue(parcSigner_GetSignatureSize(signer) == 32, "Key size unexpected %d ", parcSigner_GetSignatureSize(signer));
+    parcSigner_Release(&signer);
+    parcSymmetricKeySigner_Release(&symmetricSigner);
+}
+
 int
 main(int argc, char *argv[argc])
 {
author	Alberto Compagno <acompagn+fdio@cisco.com>	2018-04-16 15:28:53 +0000
committer	Gerrit Code Review <gerrit@fd.io>	2018-04-16 15:28:53 +0000
commit	07d0a90b6f52fa920ab3a4a9984b0ba1fbb7f9f8 (patch)
tree	f3810af54c63c0f1bb5226e84897411c41b40d03
parent	d609ef19bac231a47b65cf5a6a797c142ebc625d (diff)
parent	799484812a3fdd9d5d6e71c5fc4b483043347bca (diff)