diff options
author | Mauro Sardara <msardara+fdio@cisco.com> | 2018-04-14 21:15:13 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@fd.io> | 2018-04-14 21:15:13 +0000 |
commit | e4fcd260cb99434033a8ccfba12eee12dab190b9 (patch) | |
tree | 62747658a0b72bcb7a58ca6144394d047cf99e31 /libparc/parc/security | |
parent | cd6bef4b0a73e151f9c891428bc5335cb0ef477e (diff) | |
parent | f1a29ee82f6f6adf439064e1247d00168b579585 (diff) |
Merge "Added method to retrieve a PARCCryptoSuite from a PARCSigningAlgorithm and a PARCCryptoHashType" into cframework/master
Diffstat (limited to 'libparc/parc/security')
-rwxr-xr-x | libparc/parc/security/parc_CryptoSuite.c | 42 | ||||
-rwxr-xr-x | libparc/parc/security/parc_CryptoSuite.h | 46 | ||||
-rw-r--r-- | libparc/parc/security/parc_IdentityFile.c | 2 | ||||
-rwxr-xr-x | libparc/parc/security/parc_KeyStore.c | 2 | ||||
-rw-r--r-- | libparc/parc/security/parc_PublicKeySigner.c | 3 | ||||
-rw-r--r-- | libparc/parc/security/parc_PublicKeySigner.h | 1 | ||||
-rw-r--r-- | libparc/parc/security/parc_Signer.c | 10 | ||||
-rwxr-xr-x | libparc/parc/security/parc_Signer.h | 19 | ||||
-rwxr-xr-x | libparc/parc/security/parc_SigningAlgorithm.c | 27 | ||||
-rw-r--r-- | libparc/parc/security/parc_SigningAlgorithm.h | 26 | ||||
-rw-r--r-- | libparc/parc/security/parc_Verifier.h | 1 | ||||
-rwxr-xr-x | libparc/parc/security/test/test_parc_SigningAlgorithm.c | 17 |
12 files changed, 132 insertions, 64 deletions
diff --git a/libparc/parc/security/parc_CryptoSuite.c b/libparc/parc/security/parc_CryptoSuite.c index c807f9aa..32b1431e 100755 --- a/libparc/parc/security/parc_CryptoSuite.c +++ b/libparc/parc/security/parc_CryptoSuite.c @@ -20,6 +20,7 @@ #include <LongBow/runtime.h> #include <parc/security/parc_CryptoSuite.h> +#include <parc/security/parc_SigningAlgorithm.h> PARCCryptoHashType parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite) @@ -91,3 +92,44 @@ parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits) trapIllegalValue(suite, "Unknown crypto suite: %d", suite); } } + +PARCCryptoSuite parcCryptoSuite_GetFromSigningHash(PARCSigningAlgorithm signAlgo, PARCCryptoHashType hash) { + + switch (signAlgo) { + case PARCSigningAlgorithm_DSA: + return PARCCryptoSuite_DSA_SHA256 + hash -1; + case PARCSigningAlgorithm_RSA: + return PARCCryptoSuite_RSA_SHA256 + hash -1; + case PARCSigningAlgorithm_ECDSA: + return PARCCryptoSuite_ECDSA_SHA256 + hash -1; + case PARCSigningAlgorithm_NULL: + return PARCCryptoSuite_NULL_CRC32C; + default: + trapIllegalValue(suite, "Unknown signing algorithm suite: %d", signAlgo); + } +} + +PARCSigningAlgorithm +parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite suite) +{ + switch (suite) { + case PARCCryptoSuite_DSA_SHA256: + return PARCSigningAlgorithm_DSA; + + case PARCCryptoSuite_RSA_SHA256: // fallthrough + case PARCCryptoSuite_RSA_SHA512: + return PARCSigningAlgorithm_RSA; + + case PARCCryptoSuite_HMAC_SHA256: // fallthrough + case PARCCryptoSuite_HMAC_SHA512: + return PARCSigningAlgorithm_HMAC; + + case PARCCryptoSuite_ECDSA_SHA256: + return PARCSigningAlgorithm_ECDSA; + case PARCCryptoSuite_NULL_CRC32C: + return PARCSigningAlgorithm_NULL; + + default: + trapIllegalValue(suit, "Unknown crypto suite: %d", suite); + } +} diff --git a/libparc/parc/security/parc_CryptoSuite.h b/libparc/parc/security/parc_CryptoSuite.h index a8e07f02..0276287b 100755 --- a/libparc/parc/security/parc_CryptoSuite.h +++ b/libparc/parc/security/parc_CryptoSuite.h @@ -28,15 +28,18 @@ #define libparc_parc_CryptoSuite_h #include <parc/security/parc_CryptoHashType.h> +#include <parc/security/parc_SigningAlgorithm.h> typedef enum { - PARCCryptoSuite_RSA_SHA256, PARCCryptoSuite_DSA_SHA256, + PARCCryptoSuite_DSA_SHA512, + PARCCryptoSuite_RSA_SHA256, PARCCryptoSuite_RSA_SHA512, PARCCryptoSuite_HMAC_SHA256, PARCCryptoSuite_HMAC_SHA512, - PARCCryptoSuite_NULL_CRC32C, PARCCryptoSuite_ECDSA_SHA256, + PARCCryptoSuite_ECDSA_SHA512, + PARCCryptoSuite_NULL_CRC32C, PARCCryptoSuite_UNKNOWN } PARCCryptoSuite; @@ -90,4 +93,43 @@ int parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBit */ int parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits); +/** + * Given a PARCSigningAlgorithm value and a PARCCryptoHashType value, return the corresponding `PARCCryptoSuite`. + * + * @param [in] suite A PARCSigningAlgorithm value and a PARCCryptoHashType value + * + * @return A PARCCryptoSuite value + * + * Example: + * @code + * { + * PARCryptoSuite suite = parcCryptoSuite_GetFromSigningHash(PARCSigningAlgorihtm_RSA, PARCCryptoHashType_SHA256); + * } + * @endcode + */ +PARCCryptoSuite parcCryptoSuite_GetFromSigningHash(PARCSigningAlgorithm signAlgo, PARCCryptoHashType hash); + +/** + * Get the `PARCSigningAlgorithm` type associated with the specified `PARCCryptoSuite` type. + * + * PARCCryptoSuite types combine hash and signing algorithms to be used to signature and/or MAC generation. + * Therefore, a PARCCryptoSuite type of PARCCryptoSuite_DSA_SHA256, for example, uses the + * PARCSigningAlgorithm_DSA type of signing algorithm. This function serves to determine the + * signing algorithm type from the suite. + * + * @param [in] suite The type of cryptographic suite used for signature and/or MAC generation. + * @return A valid `PARCSigningAlgorithm` enum associated with the specified `PARCCryptoSuite` type. + * + * Example: + * @code + * { + * PARCCryptoSuite suite = PARCCryptoSuite_RSA_SHA256; + * PARCSigningAlgorithm alg = parcSigningAlgorithm_GetSigningAlgorithm(suite); + * // do something with alg + * } + * @endcode + */ +PARCSigningAlgorithm parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite suite); + + #endif // libparc_parc_CryptoSuite_h diff --git a/libparc/parc/security/parc_IdentityFile.c b/libparc/parc/security/parc_IdentityFile.c index 972c8d05..38d3637c 100644 --- a/libparc/parc/security/parc_IdentityFile.c +++ b/libparc/parc/security/parc_IdentityFile.c @@ -112,7 +112,7 @@ parcIdentityFile_CreateSigner(const PARCIdentityFile *identity, PARCCryptoSuite PARCSigningAlgorithm signAlgo = parcKeyStore_getSigningAlgorithm(publicKeyStore); - if (signAlgo != parcSigningAlgorithm_GetSigningAlgorithm(suite)) + if (signAlgo != parcCryptoSuite_GetSigningAlgorithm(suite)) return NULL; PARCPublicKeySigner *signer = parcPublicKeySigner_Create(publicKeyStore, suite); diff --git a/libparc/parc/security/parc_KeyStore.c b/libparc/parc/security/parc_KeyStore.c index 00fac015..753fe118 100755 --- a/libparc/parc/security/parc_KeyStore.c +++ b/libparc/parc/security/parc_KeyStore.c @@ -109,5 +109,5 @@ parcKeyStore_getSigningAlgorithm(const PARCKeyStore *interfaceContext) if (interfaceContext->interface != NULL) { return interfaceContext->interface->getSigningAlgorithm(interfaceContext->instance); } - return PARCSigningAlgortihm_NULL; + return PARCSigningAlgorithm_NULL; } diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c index 0f11b957..04b76655 100644 --- a/libparc/parc/security/parc_PublicKeySigner.c +++ b/libparc/parc/security/parc_PublicKeySigner.c @@ -24,6 +24,7 @@ #include <parc/security/parc_PublicKeySigner.h> #include <parc/security/parc_Pkcs12KeyStore.h> #include <parc/security/parc_CryptoHash.h> +#include <parc/security/parc_CryptoSuite.h> #include <parc/security/parc_Security.h> #include <openssl/pkcs12.h> @@ -122,7 +123,7 @@ parcPublicKeySigner_Create(PARCKeyStore *keyStore, PARCCryptoSuite suite) { PARCPublicKeySigner *result = parcObject_CreateInstance(PARCPublicKeySigner); - PARCSigningAlgorithm signAlgo = parcSigningAlgorithm_GetSigningAlgorithm(suite); + PARCSigningAlgorithm signAlgo = parcCryptoSuite_GetSigningAlgorithm(suite); PARCCryptoHashType hashType = parcCryptoSuite_GetCryptoHash(suite); diff --git a/libparc/parc/security/parc_PublicKeySigner.h b/libparc/parc/security/parc_PublicKeySigner.h index 99aa14fa..ed98a39e 100644 --- a/libparc/parc/security/parc_PublicKeySigner.h +++ b/libparc/parc/security/parc_PublicKeySigner.h @@ -28,6 +28,7 @@ #include <parc/security/parc_KeyStore.h> #include <parc/security/parc_CryptoHash.h> +#include <parc/security/parc_CryptoSuite.h> #include <parc/security/parc_SigningAlgorithm.h> #include <parc/security/parc_Signer.h> diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c index 2135070c..ec5b8a19 100644 --- a/libparc/parc/security/parc_Signer.c +++ b/libparc/parc/security/parc_Signer.c @@ -151,6 +151,16 @@ parcSigner_GetCryptoHashType(const PARCSigner *signer) return signer->interface->GetCryptoHashType(signer->instance); } +PARCCryptoSuite +parcSigner_GetCryptoSuite(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + PARCCryptoHashType hash = signer->interface->GetCryptoHashType(signer->instance); + PARCSigningAlgorithm signAlgo = signer->interface->GetSigningAlgorithm(signer->instance); + return parcCryptoSuite_GetFromSigningHash(signAlgo, hash); +} + PARCKeyStore * parcSigner_GetKeyStore(const PARCSigner *signer) { diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h index 1c967b75..bd69c992 100755 --- a/libparc/parc/security/parc_Signer.h +++ b/libparc/parc/security/parc_Signer.h @@ -27,6 +27,7 @@ #include <parc/algol/parc_Object.h> #include <parc/algol/parc_Buffer.h> #include <parc/security/parc_CryptoHasher.h> +#include <parc/security/parc_CryptoSuite.h> #include <parc/security/parc_Signature.h> #include <parc/security/parc_CryptoHashType.h> #include <parc/security/parc_Key.h> @@ -349,6 +350,24 @@ PARCSigningAlgorithm parcSigner_GetSigningAlgorithm(PARCSigner *signer); PARCCryptoHashType parcSigner_GetCryptoHashType(const PARCSigner *signer); /** + * Return the crypto suite used by the Signer + * + * @param [in] signer A pointer to a PARCSigner instance. + * + * @return A PARCCryptoSuite value. + * + * Example: + * @code + * { + * PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCRSASignerAsSigner); + * + * PARCCryptoSuite suite = parcSigner_GetCryptoSuite(signer); + * } + * @endcode + */ +PARCCryptoSuite parcSigner_GetCryptoSuite(const PARCSigner *signer); + +/** * Given a `PARCSigner` instance, return the `PARCKeyStore` containing its public key information. * * @param [in] signer A pointer to a `PARCSigner` instance. diff --git a/libparc/parc/security/parc_SigningAlgorithm.c b/libparc/parc/security/parc_SigningAlgorithm.c index 1e800a6a..5803f675 100755 --- a/libparc/parc/security/parc_SigningAlgorithm.c +++ b/libparc/parc/security/parc_SigningAlgorithm.c @@ -28,7 +28,7 @@ static struct { PARCSigningAlgorithm alg; char *name; } _signingAlgorithm_ToString[] = { - { PARCSigningAlgortihm_NULL, "PARCSigningAlgortihm_NULL" }, + { PARCSigningAlgorithm_NULL, "PARCSigningAlgorithm_NULL" }, { PARCSigningAlgorithm_RSA, "PARCSigningAlgorithm_RSA" }, { PARCSigningAlgorithm_DSA, "PARCSigningAlgorithm_DSA" }, { PARCSigningAlgorithm_HMAC, "PARCSigningAlgorithm_HMAC" }, @@ -57,28 +57,3 @@ parcSigningAlgorithm_FromString(const char *name) } return PARCSigningAlgorithm_UNKNOWN; } - -PARCSigningAlgorithm -parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite suite) -{ - switch (suite) { - case PARCCryptoSuite_DSA_SHA256: - return PARCSigningAlgorithm_DSA; - - case PARCCryptoSuite_RSA_SHA256: // fallthrough - case PARCCryptoSuite_RSA_SHA512: - return PARCSigningAlgorithm_RSA; - - case PARCCryptoSuite_HMAC_SHA256: // fallthrough - case PARCCryptoSuite_HMAC_SHA512: - return PARCSigningAlgorithm_HMAC; - - case PARCCryptoSuite_ECDSA_SHA256: - return PARCSigningAlgorithm_ECDSA; - case PARCCryptoSuite_NULL_CRC32C: - return PARCSigningAlgortihm_NULL; - - default: - trapIllegalValue(suit, "Unknown crypto suite: %d", suite); - } -} diff --git a/libparc/parc/security/parc_SigningAlgorithm.h b/libparc/parc/security/parc_SigningAlgorithm.h index ae5fc252..12265c8a 100644 --- a/libparc/parc/security/parc_SigningAlgorithm.h +++ b/libparc/parc/security/parc_SigningAlgorithm.h @@ -26,16 +26,13 @@ #ifndef libparc_parc_SigningAlgorithm_h #define libparc_parc_SigningAlgorithm_h -#include <parc/security/parc_CryptoHashType.h> -#include <parc/security/parc_CryptoSuite.h> - typedef enum { PARCSigningAlgorithm_UNKNOWN = -1, PARCSigningAlgorithm_RSA = 1, PARCSigningAlgorithm_DSA = 2, PARCSigningAlgorithm_HMAC = 3, PARCSigningAlgorithm_ECDSA = 4, - PARCSigningAlgortihm_NULL = 5, + PARCSigningAlgorithm_NULL = 5, } PARCSigningAlgorithm; /** @@ -77,25 +74,4 @@ const char *parcSigningAlgorithm_ToString(PARCSigningAlgorithm algorithm); */ PARCSigningAlgorithm parcSigningAlgorithm_FromString(const char *name); -/** - * Get the `PARCSigningAlgorithm` type associated with the specified `PARCCryptoSuite` type. - * - * PARCCryptoSuite types combine hash and signing algorithms to be used to signature and/or MAC generation. - * Therefore, a PARCCryptoSuite type of PARCCryptoSuite_DSA_SHA256, for example, uses the - * PARCSigningAlgorithm_DSA type of signing algorithm. This function serves to determine the - * signing algorithm type from the suite. - * - * @param [in] suite The type of cryptographic suite used for signature and/or MAC generation. - * @return A valid `PARCSigningAlgorithm` enum associated with the specified `PARCCryptoSuite` type. - * - * Example: - * @code - * { - * PARCCryptoSuite suite = PARCCryptoSuite_RSA_SHA256; - * PARCSigningAlgorithm alg = parcSigningAlgorithm_GetSigningAlgorithm(suite); - * // do something with alg - * } - * @endcode - */ -PARCSigningAlgorithm parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite suite); #endif // libparc_parc_SigningAlgorithm_h diff --git a/libparc/parc/security/parc_Verifier.h b/libparc/parc/security/parc_Verifier.h index b08f608e..09e3640f 100644 --- a/libparc/parc/security/parc_Verifier.h +++ b/libparc/parc/security/parc_Verifier.h @@ -28,6 +28,7 @@ #include <parc/security/parc_Signature.h> #include <parc/security/parc_CryptoHashType.h> #include <parc/security/parc_Key.h> +#include <parc/security/parc_CryptoSuite.h> struct parc_verifier; typedef struct parc_verifier PARCVerifier; diff --git a/libparc/parc/security/test/test_parc_SigningAlgorithm.c b/libparc/parc/security/test/test_parc_SigningAlgorithm.c index e8f8581a..12e50956 100755 --- a/libparc/parc/security/test/test_parc_SigningAlgorithm.c +++ b/libparc/parc/security/test/test_parc_SigningAlgorithm.c @@ -18,6 +18,7 @@ // Include the file(s) containing the functions to be tested. // This permits internal static functions to be visible to this Test Framework. #include "../parc_SigningAlgorithm.c" +#include <parc/security/parc_CryptoSuite.h> #include <LongBow/testing.h> #include <LongBow/debugging.h> @@ -91,28 +92,28 @@ LONGBOW_TEST_CASE(Global, parcSigningAlgorithm_FromString_NotFound) LONGBOW_TEST_CASE(Global, parcSigningAlgorithm_GetSigningAlgorithm) { - PARCSigningAlgorithm actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_DSA_SHA256); + PARCSigningAlgorithm actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_DSA_SHA256); assertTrue(PARCSigningAlgorithm_DSA == actual, "Expected %d, actual %d", PARCSigningAlgorithm_DSA, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA256); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA256); assertTrue(PARCSigningAlgorithm_RSA == actual, "Expected %d, actual %d", PARCSigningAlgorithm_RSA, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA512); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA512); assertTrue(PARCSigningAlgorithm_RSA == actual, "Expected %d, actual %d", PARCSigningAlgorithm_RSA, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA256); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA256); assertTrue(PARCSigningAlgorithm_HMAC == actual, "Expected %d, actual %d", PARCSigningAlgorithm_HMAC, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA512); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA512); assertTrue(PARCSigningAlgorithm_HMAC == actual, "Expected %d, actual %d", PARCSigningAlgorithm_HMAC, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_NULL_CRC32C); - assertTrue(PARCSigningAlgortihm_NULL == actual, "Expected %d, actual %d", PARCSigningAlgortihm_NULL, actual); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_NULL_CRC32C); + assertTrue(PARCSigningAlgorithm_NULL == actual, "Expected %d, actual %d", PARCSigningAlgorithm_NULL, actual); } LONGBOW_TEST_CASE_EXPECTS(Global, parcSigningAlgorithm_GetSigningAlgorithm_BadAlgorithm, .event = &LongBowTrapIllegalValue) { - parcSigningAlgorithm_GetSigningAlgorithm(-1); + parcCryptoSuite_GetSigningAlgorithm(-1); } int |