From b77148ddc3def71e6c412c3afb5f1c20be2d77cd Mon Sep 17 00:00:00 2001 From: Alberto Compagno Date: Wed, 6 Feb 2019 12:05:58 +0100 Subject: [CICN-14] Removed copy of signature in libparc. The api now accepts a pointer to a buf where it stores the computed signature Change-Id: I4427a6399b5e74197303bade4f96ea74b370b07b Signed-off-by: Alberto Compagno --- libparc/parc/security/parc_PublicKeySigner.c | 33 ++++++++++++------------- libparc/parc/security/parc_Signer.c | 8 +++--- libparc/parc/security/parc_Signer.h | 10 +++++--- libparc/parc/security/parc_SymmetricKeySigner.c | 6 ++--- 4 files changed, 30 insertions(+), 27 deletions(-) diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c index 1297611e..55404b9c 100644 --- a/libparc/parc/security/parc_PublicKeySigner.c +++ b/libparc/parc/security/parc_PublicKeySigner.c @@ -165,7 +165,7 @@ _GetKeyStore(PARCPublicKeySigner *signer) return signer->keyStore; } -static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t ** sig, unsigned * sigLength) +static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t * sig, uint32_t supplied_siglen, unsigned * sigLength) { EVP_PKEY *privateKey = NULL; size_t keySize = parcBuffer_Remaining(privateKeyBuffer); @@ -173,16 +173,16 @@ static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, keySize); RSA *rsa = EVP_PKEY_get1_RSA(privateKey); - *sig = parcMemory_Allocate(RSA_size(rsa)); + //*sig = parcMemory_Allocate(RSA_size(rsa)); - parcAssertNotNull(*sig, "parcMemory_Allocate(%u) returned NULL", RSA_size(rsa)); + parcAssertNotNull(sig, "Expected pointer to a memory region for storing the signature %u. Pointer is NULL", RSA_size(rsa)); *sigLength = 0; PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign); int result = RSA_sign(opensslDigestType, (unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)), (int) parcBuffer_Remaining(bb_digest), - *sig, + sig, sigLength, rsa); parcAssertTrue(result == 1, "Got error from RSA_sign: %d", result); @@ -191,7 +191,7 @@ static inline int _SignDigestRSA(const PARCCryptoHash *digestToSign, PARCBuffer return result; } -static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t ** sig, unsigned * sigLength) +static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffer *privateKeyBuffer, int opensslDigestType, uint8_t * sig, uint32_t supplied_siglen, unsigned * sigLength) { EVP_PKEY *privateKey = NULL; size_t keySize = parcBuffer_Remaining(privateKeyBuffer); @@ -200,15 +200,15 @@ static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffe EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(privateKey); - *sig = parcMemory_Allocate(ECDSA_size(ec_key)); - parcAssertNotNull(sig, "parcMemory_Allocate(%u) returned NULL", ECDSA_size(ec_key)); + //*sig = parcMemory_Allocate(ECDSA_size(ec_key)); + parcAssertNotNull(sig, "Expected pointer to a memory region for storing the signature %u. Pointer is NULL", ECDSA_size(ec_key)); *sigLength = 0; PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign); int result = ECDSA_sign(opensslDigestType, (unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)), (int) parcBuffer_Remaining(bb_digest), - *sig, + sig, sigLength, ec_key); parcAssertTrue(result == 1, "Got error from ECDSA_sign: %d", result); @@ -217,7 +217,7 @@ static inline int _SignDigestECDSA(const PARCCryptoHash *digestToSign, PARCBuffe } static PARCSignature * -_SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign) +_SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign, uint8_t * signature_buf, uint32_t sig_len) { parcSecurity_AssertIsInitialized(); @@ -229,8 +229,7 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign) PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore); int opensslDigestType; - uint8_t *sig; - unsigned sigLength; + unsigned signLenght; switch (parcCryptoHash_GetDigestType(digestToSign)) { case PARCCryptoHashType_SHA256: @@ -246,18 +245,18 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign) switch (signer->signingAlgorithm) { case PARCSigningAlgorithm_RSA: - _SignDigestRSA(digestToSign, privateKeyBuffer, opensslDigestType, &sig, &sigLength); + _SignDigestRSA(digestToSign, privateKeyBuffer, opensslDigestType, signature_buf, sig_len, &signLenght); break; case PARCSigningAlgorithm_ECDSA: - _SignDigestECDSA(digestToSign, privateKeyBuffer, opensslDigestType, &sig, &sigLength); + _SignDigestECDSA(digestToSign, privateKeyBuffer, opensslDigestType, signature_buf, sig_len, &signLenght); break; default: return NULL; } - PARCBuffer *bbSign = parcBuffer_Allocate(sigLength); - parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig)); - parcMemory_Deallocate((void **) &sig); + PARCBuffer *bbSign = parcBuffer_Wrap(signature_buf, signLenght, 0, signLenght); + //parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig)); + //parcMemory_Deallocate((void **) &sig); PARCSignature *signature = parcSignature_Create(_GetSigningAlgorithm(signer), @@ -317,7 +316,7 @@ _GetSignatureSize(PARCPublicKeySigner *signer) PARCSigningInterface *PARCPublicKeySignerAsSigner = &(PARCSigningInterface) { .GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_GetCryptoHasher, - .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_SignDigest, + .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *, uint8_t *, uint32_t))_SignDigest, .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_GetSigningAlgorithm, .GetCryptoHashType = (PARCCryptoHashType (*)(void *))_GetCryptoHashType, .GetKeyStore = (PARCKeyStore * (*)(void *))_GetKeyStore, diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c index 70b8f616..2d3c7465 100644 --- a/libparc/parc/security/parc_Signer.c +++ b/libparc/parc/security/parc_Signer.c @@ -108,16 +108,16 @@ parcSigner_GetCryptoHasher(const PARCSigner *signer) } PARCSignature * -parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *parcDigest) +parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *parcDigest, uint8_t * signature, uint32_t sig_len) { parcSigner_OptionalAssertValid(signer); parcAssertNotNull(parcDigest, "parcDigest to sign must not be null"); - return signer->interface->SignDigest(signer->instance, parcDigest); + return signer->interface->SignDigest(signer->instance, parcDigest, signature, sig_len); } PARCSignature * -parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer) +parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer, uint8_t * signature_buf, uint32_t sig_len) { parcSigner_OptionalAssertValid(signer); parcAssertNotNull(buffer, "buffer to sign must not be null"); @@ -129,7 +129,7 @@ parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer) PARCCryptoHash *hash = parcCryptoHasher_Finalize(hasher); parcCryptoHasher_Release(&hasher); - PARCSignature *signature = parcSigner_SignDigest(signer, hash); + PARCSignature *signature = parcSigner_SignDigest(signer, hash, signature_buf, sig_len); parcCryptoHash_Release(&hash); return signature; diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h index bee68fd2..9bb0c6a1 100755 --- a/libparc/parc/security/parc_Signer.h +++ b/libparc/parc/security/parc_Signer.h @@ -84,10 +84,12 @@ typedef struct parc_signer_interface { * * @param [in] interfaceContextPtr A pointer to a concrete PARCSigner instance. * @param [in] hashToSign The output of the given digest to sign + * @param [in] signature Portion of memory that will contain the signature (expected to be large enough to contain the signature) + * @param [in] sig_len Size in bytes of the supplied buffer * * @return A pointer to a PARCSignature instance that must be released via parcSignature_Release() */ - PARCSignature *(*SignDigest)(void *interfaceContext, const PARCCryptoHash * parcDigest); + PARCSignature *(*SignDigest)(void *interfaceContext, const PARCCryptoHash * parcDigest, uint8_t * signature, uint32_t sign_len); /** * Return the PARSigningAlgorithm used for signing with the given `PARCSigner` @@ -283,6 +285,8 @@ PARCCryptoHasher *parcSigner_GetCryptoHasher(const PARCSigner *signer); * * @param [in] signer A pointer to a PARCSigner instance. * @param [in] hashToSign The output of the given digest + * @param [in] signature Portion of memory that will contain the signature (expected to be large enough to contain the signature) + * @param [in] sig_len Size in bytes of the supplied buffer * * @return A pointer to a PARCSignature instance that must be released via parcSignature_Release() * @@ -300,7 +304,7 @@ PARCCryptoHasher *parcSigner_GetCryptoHasher(const PARCSigner *signer); * } * @endcode */ -PARCSignature *parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *hashToSign); +PARCSignature *parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *hashToSign, uint8_t * signature, uint32_t sig_len); /** * Compute the signature of a given `PARCBuffer`. @@ -320,7 +324,7 @@ PARCSignature *parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoH * } * @endcode */ -PARCSignature *parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer); +PARCSignature *parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer, uint8_t * signature, uint32_t sig_len); /** * Return the PARSigningAlgorithm used for signing with the given `PARCSigner` diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c index 9f760326..5f87b945 100644 --- a/libparc/parc/security/parc_SymmetricKeySigner.c +++ b/libparc/parc/security/parc_SymmetricKeySigner.c @@ -261,11 +261,11 @@ _GetSignatureSize(PARCSymmetricKeySigner *signer) * @param hashToSign is the HMAC computed by the our PARCCryptoHasher. */ static PARCSignature * -_signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hashToSign) +_signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hashToSign, uint8_t * signature, uint32_t sig_len) { // The digest computed via our hash function (hmac) is the actual signature. // just need to wrap it up with the right parameters. - PARCBuffer *signatureBits = parcBuffer_Copy(parcCryptoHash_GetDigest(hashToSign)); + PARCBuffer *signatureBits = parcBuffer_Wrap(signature, sig_len, 0, sig_len);//parcBuffer_Copy(parcCryptoHash_GetDigest(hashToSign)); PARCSignature *result = parcSignature_Create(_getSigningAlgorithm(interfaceContext), parcCryptoHash_GetDigestType(hashToSign), signatureBits); parcBuffer_Release(&signatureBits); return result; @@ -274,7 +274,7 @@ _signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hash PARCSigningInterface *PARCSymmetricKeySignerAsSigner = &(PARCSigningInterface) { .GetCryptoHashType = (PARCCryptoHashType (*)(void *))_getCryptoHashType, .GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_getCryptoHasher, - .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_signDigest, + .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *, uint8_t *, uint32_t))_signDigest, .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_getSigningAlgorithm, .GetKeyStore = (PARCKeyStore * (*)(void *))_getKeyStore, .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize -- cgit 1.2.3-korg