From ec688b4723a041044226358bcd4dd6e2da39da49 Mon Sep 17 00:00:00 2001 From: Luca Muscariello Date: Thu, 23 Feb 2017 17:01:02 +0100 Subject: Initial commit: cframework. Longbow and Libparc Change-Id: I90378dbd30da6033b20fb1f829b3b822cf366c59 Signed-off-by: Luca Muscariello --- libparc/parc/security/parc_Signer.c | 160 ++++++++++++++++++++++++++++++++++++ 1 file changed, 160 insertions(+) create mode 100644 libparc/parc/security/parc_Signer.c (limited to 'libparc/parc/security/parc_Signer.c') diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c new file mode 100644 index 00000000..2135070c --- /dev/null +++ b/libparc/parc/security/parc_Signer.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 2017 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + */ +#include +#include + +#include + +#include +#include + +#include +#include + +struct parc_signer { + PARCObject *instance; + PARCSigningInterface *interface; +}; + +static bool +_parcSigner_FinalRelease(PARCSigner **signerPtr) +{ + PARCSigner *signer = *signerPtr; + if (signer->instance != NULL) { + parcObject_Release(&(signer->instance)); + } + return true; +} + +void +parcSigner_AssertValid(const PARCSigner *signer) +{ + assertNotNull(signer, "Parameter must be non-null PARCSigner"); +} + +parcObject_ImplementAcquire(parcSigner, PARCSigner); +parcObject_ImplementRelease(parcSigner, PARCSigner); + +parcObject_Override(PARCSigner, PARCObject, + .destructor = (PARCObjectDestructor *) _parcSigner_FinalRelease); + +PARCSigner * +parcSigner_Create(PARCObject *instance, PARCSigningInterface *interfaceContext) +{ + assertNotNull(interfaceContext, "Parameter must be non-null implementation pointer"); + + PARCSigner *signer = parcObject_CreateInstance(PARCSigner); + if (signer != NULL) { + signer->instance = parcObject_Acquire(instance); + signer->interface = interfaceContext; + } + return signer; +} + +PARCKey * +parcSigner_CreatePublicKey(PARCSigner *signer) +{ + PARCKeyStore *keyStore = parcSigner_GetKeyStore(signer); + + PARCCryptoHash *hash = parcKeyStore_GetVerifierKeyDigest(keyStore); + + PARCKeyId *keyid = parcKeyId_Create(parcCryptoHash_GetDigest(hash)); + parcCryptoHash_Release(&hash); + + PARCBuffer *derEncodedKey = parcKeyStore_GetDEREncodedPublicKey(keyStore); + + PARCKey *key = parcKey_CreateFromDerEncodedPublicKey(keyid, + parcSigner_GetSigningAlgorithm(signer), + derEncodedKey); + + parcBuffer_Release(&derEncodedKey); + parcKeyId_Release(&keyid); + + return key; +} + +PARCKeyId * +parcSigner_CreateKeyId(const PARCSigner *signer) +{ + PARCCryptoHash *hash = parcKeyStore_GetVerifierKeyDigest(parcSigner_GetKeyStore(signer)); + PARCBuffer *keyidBytes = parcCryptoHash_GetDigest(hash); + PARCKeyId *result = parcKeyId_Create(keyidBytes); + + parcCryptoHash_Release(&hash); + return result; +} + +PARCCryptoHasher * +parcSigner_GetCryptoHasher(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + return signer->interface->GetCryptoHasher(signer->instance); +} + +PARCSignature * +parcSigner_SignDigest(const PARCSigner *signer, const PARCCryptoHash *parcDigest) +{ + parcSigner_OptionalAssertValid(signer); + + assertNotNull(parcDigest, "parcDigest to sign must not be null"); + return signer->interface->SignDigest(signer->instance, parcDigest); +} + +PARCSignature * +parcSigner_SignBuffer(const PARCSigner *signer, const PARCBuffer *buffer) +{ + parcSigner_OptionalAssertValid(signer); + assertNotNull(buffer, "buffer to sign must not be null"); + + PARCCryptoHashType hashType = parcSigner_GetCryptoHashType(signer); + PARCCryptoHasher *hasher = parcCryptoHasher_Create(hashType); + parcCryptoHasher_Init(hasher); + parcCryptoHasher_UpdateBuffer(hasher, buffer); + PARCCryptoHash *hash = parcCryptoHasher_Finalize(hasher); + parcCryptoHasher_Release(&hasher); + + PARCSignature *signature = parcSigner_SignDigest(signer, hash); + parcCryptoHash_Release(&hash); + + return signature; +} + +PARCSigningAlgorithm +parcSigner_GetSigningAlgorithm(PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + return signer->interface->GetSigningAlgorithm(signer->instance); +} + +PARCCryptoHashType +parcSigner_GetCryptoHashType(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + return signer->interface->GetCryptoHashType(signer->instance); +} + +PARCKeyStore * +parcSigner_GetKeyStore(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + return signer->interface->GetKeyStore(signer->instance); +} -- cgit 1.2.3-korg From f1a29ee82f6f6adf439064e1247d00168b579585 Mon Sep 17 00:00:00 2001 From: Devel Date: Sat, 14 Apr 2018 16:22:36 +0200 Subject: Added method to retrieve a PARCCryptoSuite from a PARCSigningAlgorithm and a PARCCryptoHashType Change-Id: I98124a9315470ec2335dbc9dc079575c67f239c1 Signed-off-by: Devel --- libparc/parc/security/parc_CryptoSuite.c | 42 ++++++++++++++++++++ libparc/parc/security/parc_CryptoSuite.h | 46 +++++++++++++++++++++- libparc/parc/security/parc_IdentityFile.c | 2 +- libparc/parc/security/parc_KeyStore.c | 2 +- libparc/parc/security/parc_PublicKeySigner.c | 3 +- libparc/parc/security/parc_PublicKeySigner.h | 1 + libparc/parc/security/parc_Signer.c | 10 +++++ libparc/parc/security/parc_Signer.h | 19 +++++++++ libparc/parc/security/parc_SigningAlgorithm.c | 27 +------------ libparc/parc/security/parc_SigningAlgorithm.h | 26 +----------- libparc/parc/security/parc_Verifier.h | 1 + .../security/test/test_parc_SigningAlgorithm.c | 17 ++++---- 12 files changed, 132 insertions(+), 64 deletions(-) (limited to 'libparc/parc/security/parc_Signer.c') diff --git a/libparc/parc/security/parc_CryptoSuite.c b/libparc/parc/security/parc_CryptoSuite.c index c807f9aa..32b1431e 100755 --- a/libparc/parc/security/parc_CryptoSuite.c +++ b/libparc/parc/security/parc_CryptoSuite.c @@ -20,6 +20,7 @@ #include #include +#include PARCCryptoHashType parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite) @@ -91,3 +92,44 @@ parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits) trapIllegalValue(suite, "Unknown crypto suite: %d", suite); } } + +PARCCryptoSuite parcCryptoSuite_GetFromSigningHash(PARCSigningAlgorithm signAlgo, PARCCryptoHashType hash) { + + switch (signAlgo) { + case PARCSigningAlgorithm_DSA: + return PARCCryptoSuite_DSA_SHA256 + hash -1; + case PARCSigningAlgorithm_RSA: + return PARCCryptoSuite_RSA_SHA256 + hash -1; + case PARCSigningAlgorithm_ECDSA: + return PARCCryptoSuite_ECDSA_SHA256 + hash -1; + case PARCSigningAlgorithm_NULL: + return PARCCryptoSuite_NULL_CRC32C; + default: + trapIllegalValue(suite, "Unknown signing algorithm suite: %d", signAlgo); + } +} + +PARCSigningAlgorithm +parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite suite) +{ + switch (suite) { + case PARCCryptoSuite_DSA_SHA256: + return PARCSigningAlgorithm_DSA; + + case PARCCryptoSuite_RSA_SHA256: // fallthrough + case PARCCryptoSuite_RSA_SHA512: + return PARCSigningAlgorithm_RSA; + + case PARCCryptoSuite_HMAC_SHA256: // fallthrough + case PARCCryptoSuite_HMAC_SHA512: + return PARCSigningAlgorithm_HMAC; + + case PARCCryptoSuite_ECDSA_SHA256: + return PARCSigningAlgorithm_ECDSA; + case PARCCryptoSuite_NULL_CRC32C: + return PARCSigningAlgorithm_NULL; + + default: + trapIllegalValue(suit, "Unknown crypto suite: %d", suite); + } +} diff --git a/libparc/parc/security/parc_CryptoSuite.h b/libparc/parc/security/parc_CryptoSuite.h index a8e07f02..0276287b 100755 --- a/libparc/parc/security/parc_CryptoSuite.h +++ b/libparc/parc/security/parc_CryptoSuite.h @@ -28,15 +28,18 @@ #define libparc_parc_CryptoSuite_h #include +#include typedef enum { - PARCCryptoSuite_RSA_SHA256, PARCCryptoSuite_DSA_SHA256, + PARCCryptoSuite_DSA_SHA512, + PARCCryptoSuite_RSA_SHA256, PARCCryptoSuite_RSA_SHA512, PARCCryptoSuite_HMAC_SHA256, PARCCryptoSuite_HMAC_SHA512, - PARCCryptoSuite_NULL_CRC32C, PARCCryptoSuite_ECDSA_SHA256, + PARCCryptoSuite_ECDSA_SHA512, + PARCCryptoSuite_NULL_CRC32C, PARCCryptoSuite_UNKNOWN } PARCCryptoSuite; @@ -90,4 +93,43 @@ int parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBit */ int parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits); +/** + * Given a PARCSigningAlgorithm value and a PARCCryptoHashType value, return the corresponding `PARCCryptoSuite`. + * + * @param [in] suite A PARCSigningAlgorithm value and a PARCCryptoHashType value + * + * @return A PARCCryptoSuite value + * + * Example: + * @code + * { + * PARCryptoSuite suite = parcCryptoSuite_GetFromSigningHash(PARCSigningAlgorihtm_RSA, PARCCryptoHashType_SHA256); + * } + * @endcode + */ +PARCCryptoSuite parcCryptoSuite_GetFromSigningHash(PARCSigningAlgorithm signAlgo, PARCCryptoHashType hash); + +/** + * Get the `PARCSigningAlgorithm` type associated with the specified `PARCCryptoSuite` type. + * + * PARCCryptoSuite types combine hash and signing algorithms to be used to signature and/or MAC generation. + * Therefore, a PARCCryptoSuite type of PARCCryptoSuite_DSA_SHA256, for example, uses the + * PARCSigningAlgorithm_DSA type of signing algorithm. This function serves to determine the + * signing algorithm type from the suite. + * + * @param [in] suite The type of cryptographic suite used for signature and/or MAC generation. + * @return A valid `PARCSigningAlgorithm` enum associated with the specified `PARCCryptoSuite` type. + * + * Example: + * @code + * { + * PARCCryptoSuite suite = PARCCryptoSuite_RSA_SHA256; + * PARCSigningAlgorithm alg = parcSigningAlgorithm_GetSigningAlgorithm(suite); + * // do something with alg + * } + * @endcode + */ +PARCSigningAlgorithm parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite suite); + + #endif // libparc_parc_CryptoSuite_h diff --git a/libparc/parc/security/parc_IdentityFile.c b/libparc/parc/security/parc_IdentityFile.c index 972c8d05..38d3637c 100644 --- a/libparc/parc/security/parc_IdentityFile.c +++ b/libparc/parc/security/parc_IdentityFile.c @@ -112,7 +112,7 @@ parcIdentityFile_CreateSigner(const PARCIdentityFile *identity, PARCCryptoSuite PARCSigningAlgorithm signAlgo = parcKeyStore_getSigningAlgorithm(publicKeyStore); - if (signAlgo != parcSigningAlgorithm_GetSigningAlgorithm(suite)) + if (signAlgo != parcCryptoSuite_GetSigningAlgorithm(suite)) return NULL; PARCPublicKeySigner *signer = parcPublicKeySigner_Create(publicKeyStore, suite); diff --git a/libparc/parc/security/parc_KeyStore.c b/libparc/parc/security/parc_KeyStore.c index 00fac015..753fe118 100755 --- a/libparc/parc/security/parc_KeyStore.c +++ b/libparc/parc/security/parc_KeyStore.c @@ -109,5 +109,5 @@ parcKeyStore_getSigningAlgorithm(const PARCKeyStore *interfaceContext) if (interfaceContext->interface != NULL) { return interfaceContext->interface->getSigningAlgorithm(interfaceContext->instance); } - return PARCSigningAlgortihm_NULL; + return PARCSigningAlgorithm_NULL; } diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c index 0f11b957..04b76655 100644 --- a/libparc/parc/security/parc_PublicKeySigner.c +++ b/libparc/parc/security/parc_PublicKeySigner.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -122,7 +123,7 @@ parcPublicKeySigner_Create(PARCKeyStore *keyStore, PARCCryptoSuite suite) { PARCPublicKeySigner *result = parcObject_CreateInstance(PARCPublicKeySigner); - PARCSigningAlgorithm signAlgo = parcSigningAlgorithm_GetSigningAlgorithm(suite); + PARCSigningAlgorithm signAlgo = parcCryptoSuite_GetSigningAlgorithm(suite); PARCCryptoHashType hashType = parcCryptoSuite_GetCryptoHash(suite); diff --git a/libparc/parc/security/parc_PublicKeySigner.h b/libparc/parc/security/parc_PublicKeySigner.h index 99aa14fa..ed98a39e 100644 --- a/libparc/parc/security/parc_PublicKeySigner.h +++ b/libparc/parc/security/parc_PublicKeySigner.h @@ -28,6 +28,7 @@ #include #include +#include #include #include diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c index 2135070c..ec5b8a19 100644 --- a/libparc/parc/security/parc_Signer.c +++ b/libparc/parc/security/parc_Signer.c @@ -151,6 +151,16 @@ parcSigner_GetCryptoHashType(const PARCSigner *signer) return signer->interface->GetCryptoHashType(signer->instance); } +PARCCryptoSuite +parcSigner_GetCryptoSuite(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + PARCCryptoHashType hash = signer->interface->GetCryptoHashType(signer->instance); + PARCSigningAlgorithm signAlgo = signer->interface->GetSigningAlgorithm(signer->instance); + return parcCryptoSuite_GetFromSigningHash(signAlgo, hash); +} + PARCKeyStore * parcSigner_GetKeyStore(const PARCSigner *signer) { diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h index 1c967b75..bd69c992 100755 --- a/libparc/parc/security/parc_Signer.h +++ b/libparc/parc/security/parc_Signer.h @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -348,6 +349,24 @@ PARCSigningAlgorithm parcSigner_GetSigningAlgorithm(PARCSigner *signer); */ PARCCryptoHashType parcSigner_GetCryptoHashType(const PARCSigner *signer); +/** + * Return the crypto suite used by the Signer + * + * @param [in] signer A pointer to a PARCSigner instance. + * + * @return A PARCCryptoSuite value. + * + * Example: + * @code + * { + * PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCRSASignerAsSigner); + * + * PARCCryptoSuite suite = parcSigner_GetCryptoSuite(signer); + * } + * @endcode + */ +PARCCryptoSuite parcSigner_GetCryptoSuite(const PARCSigner *signer); + /** * Given a `PARCSigner` instance, return the `PARCKeyStore` containing its public key information. * diff --git a/libparc/parc/security/parc_SigningAlgorithm.c b/libparc/parc/security/parc_SigningAlgorithm.c index 1e800a6a..5803f675 100755 --- a/libparc/parc/security/parc_SigningAlgorithm.c +++ b/libparc/parc/security/parc_SigningAlgorithm.c @@ -28,7 +28,7 @@ static struct { PARCSigningAlgorithm alg; char *name; } _signingAlgorithm_ToString[] = { - { PARCSigningAlgortihm_NULL, "PARCSigningAlgortihm_NULL" }, + { PARCSigningAlgorithm_NULL, "PARCSigningAlgorithm_NULL" }, { PARCSigningAlgorithm_RSA, "PARCSigningAlgorithm_RSA" }, { PARCSigningAlgorithm_DSA, "PARCSigningAlgorithm_DSA" }, { PARCSigningAlgorithm_HMAC, "PARCSigningAlgorithm_HMAC" }, @@ -57,28 +57,3 @@ parcSigningAlgorithm_FromString(const char *name) } return PARCSigningAlgorithm_UNKNOWN; } - -PARCSigningAlgorithm -parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite suite) -{ - switch (suite) { - case PARCCryptoSuite_DSA_SHA256: - return PARCSigningAlgorithm_DSA; - - case PARCCryptoSuite_RSA_SHA256: // fallthrough - case PARCCryptoSuite_RSA_SHA512: - return PARCSigningAlgorithm_RSA; - - case PARCCryptoSuite_HMAC_SHA256: // fallthrough - case PARCCryptoSuite_HMAC_SHA512: - return PARCSigningAlgorithm_HMAC; - - case PARCCryptoSuite_ECDSA_SHA256: - return PARCSigningAlgorithm_ECDSA; - case PARCCryptoSuite_NULL_CRC32C: - return PARCSigningAlgortihm_NULL; - - default: - trapIllegalValue(suit, "Unknown crypto suite: %d", suite); - } -} diff --git a/libparc/parc/security/parc_SigningAlgorithm.h b/libparc/parc/security/parc_SigningAlgorithm.h index ae5fc252..12265c8a 100644 --- a/libparc/parc/security/parc_SigningAlgorithm.h +++ b/libparc/parc/security/parc_SigningAlgorithm.h @@ -26,16 +26,13 @@ #ifndef libparc_parc_SigningAlgorithm_h #define libparc_parc_SigningAlgorithm_h -#include -#include - typedef enum { PARCSigningAlgorithm_UNKNOWN = -1, PARCSigningAlgorithm_RSA = 1, PARCSigningAlgorithm_DSA = 2, PARCSigningAlgorithm_HMAC = 3, PARCSigningAlgorithm_ECDSA = 4, - PARCSigningAlgortihm_NULL = 5, + PARCSigningAlgorithm_NULL = 5, } PARCSigningAlgorithm; /** @@ -77,25 +74,4 @@ const char *parcSigningAlgorithm_ToString(PARCSigningAlgorithm algorithm); */ PARCSigningAlgorithm parcSigningAlgorithm_FromString(const char *name); -/** - * Get the `PARCSigningAlgorithm` type associated with the specified `PARCCryptoSuite` type. - * - * PARCCryptoSuite types combine hash and signing algorithms to be used to signature and/or MAC generation. - * Therefore, a PARCCryptoSuite type of PARCCryptoSuite_DSA_SHA256, for example, uses the - * PARCSigningAlgorithm_DSA type of signing algorithm. This function serves to determine the - * signing algorithm type from the suite. - * - * @param [in] suite The type of cryptographic suite used for signature and/or MAC generation. - * @return A valid `PARCSigningAlgorithm` enum associated with the specified `PARCCryptoSuite` type. - * - * Example: - * @code - * { - * PARCCryptoSuite suite = PARCCryptoSuite_RSA_SHA256; - * PARCSigningAlgorithm alg = parcSigningAlgorithm_GetSigningAlgorithm(suite); - * // do something with alg - * } - * @endcode - */ -PARCSigningAlgorithm parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite suite); #endif // libparc_parc_SigningAlgorithm_h diff --git a/libparc/parc/security/parc_Verifier.h b/libparc/parc/security/parc_Verifier.h index b08f608e..09e3640f 100644 --- a/libparc/parc/security/parc_Verifier.h +++ b/libparc/parc/security/parc_Verifier.h @@ -28,6 +28,7 @@ #include #include #include +#include struct parc_verifier; typedef struct parc_verifier PARCVerifier; diff --git a/libparc/parc/security/test/test_parc_SigningAlgorithm.c b/libparc/parc/security/test/test_parc_SigningAlgorithm.c index e8f8581a..12e50956 100755 --- a/libparc/parc/security/test/test_parc_SigningAlgorithm.c +++ b/libparc/parc/security/test/test_parc_SigningAlgorithm.c @@ -18,6 +18,7 @@ // Include the file(s) containing the functions to be tested. // This permits internal static functions to be visible to this Test Framework. #include "../parc_SigningAlgorithm.c" +#include #include #include @@ -91,28 +92,28 @@ LONGBOW_TEST_CASE(Global, parcSigningAlgorithm_FromString_NotFound) LONGBOW_TEST_CASE(Global, parcSigningAlgorithm_GetSigningAlgorithm) { - PARCSigningAlgorithm actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_DSA_SHA256); + PARCSigningAlgorithm actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_DSA_SHA256); assertTrue(PARCSigningAlgorithm_DSA == actual, "Expected %d, actual %d", PARCSigningAlgorithm_DSA, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA256); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA256); assertTrue(PARCSigningAlgorithm_RSA == actual, "Expected %d, actual %d", PARCSigningAlgorithm_RSA, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA512); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_RSA_SHA512); assertTrue(PARCSigningAlgorithm_RSA == actual, "Expected %d, actual %d", PARCSigningAlgorithm_RSA, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA256); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA256); assertTrue(PARCSigningAlgorithm_HMAC == actual, "Expected %d, actual %d", PARCSigningAlgorithm_HMAC, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA512); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_HMAC_SHA512); assertTrue(PARCSigningAlgorithm_HMAC == actual, "Expected %d, actual %d", PARCSigningAlgorithm_HMAC, actual); - actual = parcSigningAlgorithm_GetSigningAlgorithm(PARCCryptoSuite_NULL_CRC32C); - assertTrue(PARCSigningAlgortihm_NULL == actual, "Expected %d, actual %d", PARCSigningAlgortihm_NULL, actual); + actual = parcCryptoSuite_GetSigningAlgorithm(PARCCryptoSuite_NULL_CRC32C); + assertTrue(PARCSigningAlgorithm_NULL == actual, "Expected %d, actual %d", PARCSigningAlgorithm_NULL, actual); } LONGBOW_TEST_CASE_EXPECTS(Global, parcSigningAlgorithm_GetSigningAlgorithm_BadAlgorithm, .event = &LongBowTrapIllegalValue) { - parcSigningAlgorithm_GetSigningAlgorithm(-1); + parcCryptoSuite_GetSigningAlgorithm(-1); } int -- cgit 1.2.3-korg From 799484812a3fdd9d5d6e71c5fc4b483043347bca Mon Sep 17 00:00:00 2001 From: Devel Date: Mon, 16 Apr 2018 16:52:31 +0200 Subject: Added method to retrieve the signature length from the signer. Fixed bug on parc-publickey Change-Id: If188601e83d0cebf42d2e868e1dce430eabfa1f2 Signed-off-by: Devel --- .../parc/security/command-line/parc-publickey.c | 10 ++--- libparc/parc/security/parc_CryptoSuite.c | 24 ------------ libparc/parc/security/parc_CryptoSuite.h | 17 --------- libparc/parc/security/parc_PublicKeySigner.c | 43 ++++++++++++++++++++++ libparc/parc/security/parc_Signer.c | 8 ++++ libparc/parc/security/parc_Signer.h | 27 ++++++++++++++ libparc/parc/security/parc_SymmetricKeySigner.c | 13 +++++++ .../security/test/test_parc_PublicKeyECSigner.c | 12 ++++++ .../parc/security/test/test_parc_PublicKeySigner.c | 13 +++++++ .../security/test/test_parc_SymmetricKeySigner.c | 11 ++++++ 10 files changed, 132 insertions(+), 46 deletions(-) (limited to 'libparc/parc/security/parc_Signer.c') diff --git a/libparc/parc/security/command-line/parc-publickey.c b/libparc/parc/security/command-line/parc-publickey.c index e88e94b6..56d35935 100644 --- a/libparc/parc/security/command-line/parc-publickey.c +++ b/libparc/parc/security/command-line/parc-publickey.c @@ -36,17 +36,17 @@ parcPublicKey_Create(PARCArrayList *args) char *fileName = parcArrayList_Get(args, 2); char *password = parcArrayList_Get(args, 3); char *subjectName = parcArrayList_Get(args, 4); - PARCSigningAlgorithm signAlgo = *(int *)parcArrayList_Get(args, 5); - + PARCSigningAlgorithm signAlgo = PARCSigningAlgorithm_RSA; + if (parcArrayList_Size(args) > 5) { - keyLength = (unsigned int) strtoul(parcArrayList_Get(args, 6), NULL, 10); + keyLength = (unsigned int) strtoul(parcArrayList_Get(args, 5), NULL, 10); } if (parcArrayList_Size(args) > 6) { - validityDays = (unsigned int) strtoul(parcArrayList_Get(args, 7), NULL, 10); + validityDays = (unsigned int) strtoul(parcArrayList_Get(args, 6), NULL, 10); } - bool result = parcPkcs12KeyStore_CreateFile(fileName, password, subjectName, keyLength, validityDays, signAlgo); + bool result = parcPkcs12KeyStore_CreateFile(fileName, password, subjectName, signAlgo, keyLength, validityDays); if (!result) { printf("Error: %s %s", fileName, strerror(errno)); return; diff --git a/libparc/parc/security/parc_CryptoSuite.c b/libparc/parc/security/parc_CryptoSuite.c index 32b1431e..9925c4e6 100755 --- a/libparc/parc/security/parc_CryptoSuite.c +++ b/libparc/parc/security/parc_CryptoSuite.c @@ -44,30 +44,6 @@ parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite) } } -int -parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBits) -{ - switch (suite) { - case PARCCryptoSuite_DSA_SHA256: // fallthrough - case PARCCryptoSuite_RSA_SHA256: // fallthrough - case PARCCryptoSuite_RSA_SHA512: - return keyLengthBits; - - case PARCCryptoSuite_ECDSA_SHA256: - return keyLengthBits*2 + 64; //Overhead added by ECDSA - - case PARCCryptoSuite_HMAC_SHA256: // fallthrough - case PARCCryptoSuite_HMAC_SHA512: // fallthrough - return 512; - - case PARCCryptoSuite_NULL_CRC32C: - return 32; - - default: - trapIllegalValue(suite, "Unknown crypto suite: %d", suite); - } -} - int parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits) { diff --git a/libparc/parc/security/parc_CryptoSuite.h b/libparc/parc/security/parc_CryptoSuite.h index 0276287b..366bcb11 100755 --- a/libparc/parc/security/parc_CryptoSuite.h +++ b/libparc/parc/security/parc_CryptoSuite.h @@ -59,23 +59,6 @@ typedef enum { */ PARCCryptoHashType parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite); -/** - * Given a PARCCryptoSuite value and the key length, return the expected length in bits of the signature. - * For ECDSA the result is the maximum length - * - * @param [in] suite A PARCCryptoSuite value. - * - * @return A PARCCryptoHashType value - * - * Example: - * @code - * { - * int bits = parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite_RSA_SHA256, 1024); - * } - * @endcode - */ -int parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBits); - /** * Given a PARCCryptoSuite value and the key length, return the expected length in bytes of the signature. * For ECDSA the result is the maximum length diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c index 04b76655..4122b992 100644 --- a/libparc/parc/security/parc_PublicKeySigner.c +++ b/libparc/parc/security/parc_PublicKeySigner.c @@ -268,10 +268,53 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign) return signature; } +static size_t +_GetSignatureSize(PARCPublicKeySigner *signer) +{ + assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore"); + + // TODO: what is the best way to expose this? + PARCKeyStore *keyStore = signer->keyStore; + PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore); + + size_t size = 0; + switch (signer->signingAlgorithm) { + case PARCSigningAlgorithm_RSA: + { + EVP_PKEY *privateKey = NULL; + uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, parcBuffer_Limit(privateKeyBuffer)); + privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, parcBuffer_Limit(privateKeyBuffer)); + + RSA *rsa = EVP_PKEY_get1_RSA(privateKey); + + size = RSA_size(rsa); + RSA_free(rsa); + break; + } + case PARCSigningAlgorithm_ECDSA: + { + EVP_PKEY *privateKey = NULL; + size_t keySize = parcBuffer_Remaining(privateKeyBuffer); + uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, keySize); + privateKey = d2i_PrivateKey(EVP_PKEY_EC, &privateKey, (const unsigned char **) &bytes, keySize); + + EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(privateKey); + + size = ECDSA_size(ec_key); + EC_KEY_free(ec_key); + break; + } + } + parcBuffer_Release(&privateKeyBuffer); + + return size; +} + PARCSigningInterface *PARCPublicKeySignerAsSigner = &(PARCSigningInterface) { .GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_GetCryptoHasher, .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_SignDigest, .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_GetSigningAlgorithm, .GetCryptoHashType = (PARCCryptoHashType (*)(void *))_GetCryptoHashType, .GetKeyStore = (PARCKeyStore * (*)(void *))_GetKeyStore, + .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize }; diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c index ec5b8a19..5287c97b 100644 --- a/libparc/parc/security/parc_Signer.c +++ b/libparc/parc/security/parc_Signer.c @@ -168,3 +168,11 @@ parcSigner_GetKeyStore(const PARCSigner *signer) return signer->interface->GetKeyStore(signer->instance); } + +size_t +parcSigner_GetSignatureSize(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + return signer->interface->GetSignatureSize(signer->instance); +} diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h index bd69c992..1e675c50 100755 --- a/libparc/parc/security/parc_Signer.h +++ b/libparc/parc/security/parc_Signer.h @@ -115,6 +115,15 @@ typedef struct parc_signer_interface { * @return A PARCKeyStore instance. */ PARCKeyStore *(*GetKeyStore)(void *interfaceContext); + + /** + * Return the key size for this Signer. + * + * @param [in] interfaceContext A pointer to a concrete PARCSigner instance. + * + * @return A size_t + */ + size_t (*GetSignatureSize)(void *interfaceContext); } PARCSigningInterface; /** @@ -384,4 +393,22 @@ PARCCryptoSuite parcSigner_GetCryptoSuite(const PARCSigner *signer); * @endcode */ PARCKeyStore *parcSigner_GetKeyStore(const PARCSigner *signer); + +/** + * Given a `PARCSigner` instance, return the expected size of the signature. + * + * @param [in] signer A pointer to a `PARCSigner` instance. + * + * @return A size_t with the size of the key. + * + * Example: + * @code + * { + * PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCRSASignerAsSigner); + * + * PARCKeyStore *keyStore = parcSigner_GetKeyStore(signer); + * } + * @endcode + */ +size_t parcSigner_GetSignatureSize(const PARCSigner *signer); #endif // libparc_parc_Signer_h diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c index aeacb30f..5cde896b 100644 --- a/libparc/parc/security/parc_SymmetricKeySigner.c +++ b/libparc/parc/security/parc_SymmetricKeySigner.c @@ -240,6 +240,18 @@ _getKeyStore(PARCSymmetricKeySigner *signer) return signer->generalKeyStore; } +static size_t +_GetSignatureSize(PARCSymmetricKeySigner *signer) +{ + assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore"); + + // TODO: what is the best way to expose this? + PARCSymmetricKeyStore *keyStore = signer->keyStore; + PARCBuffer *secretKeyBuffer = parcSymmetricKeyStore_GetKey(keyStore); + + return parcBuffer_Limit(secretKeyBuffer); +} + // ================================================== // implementation @@ -265,4 +277,5 @@ PARCSigningInterface *PARCSymmetricKeySignerAsSigner = &(PARCSigningInterface) { .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_signDigest, .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_getSigningAlgorithm, .GetKeyStore = (PARCKeyStore * (*)(void *))_getKeyStore, + .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize }; diff --git a/libparc/parc/security/test/test_parc_PublicKeyECSigner.c b/libparc/parc/security/test/test_parc_PublicKeyECSigner.c index 417282a0..90ab1755 100644 --- a/libparc/parc/security/test/test_parc_PublicKeyECSigner.c +++ b/libparc/parc/security/test/test_parc_PublicKeyECSigner.c @@ -105,6 +105,7 @@ LONGBOW_TEST_FIXTURE(Object) LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_HashCode); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_IsValid); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_ToString); + LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_SignatureSize); } LONGBOW_TEST_FIXTURE_SETUP(Object) @@ -485,6 +486,17 @@ LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId) parcSigner_Release(&signer); } +LONGBOW_TEST_CASE(Object, parcPublicKeySigner_SignatureSize) +{ + PARCPublicKeySigner *publicKeySigner = _createSigner("test_key_size"); + PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner); + + assertTrue(parcSigner_GetSignatureSize(signer) == 72, "Key size unexpected %lu ", parcSigner_GetSignatureSize(signer)); + parcPublicKeySigner_Release(&publicKeySigner); + parcSigner_Release(&signer); +} + + int main(int argc, char *argv[argc]) { diff --git a/libparc/parc/security/test/test_parc_PublicKeySigner.c b/libparc/parc/security/test/test_parc_PublicKeySigner.c index 49fd42c7..69fb7049 100644 --- a/libparc/parc/security/test/test_parc_PublicKeySigner.c +++ b/libparc/parc/security/test/test_parc_PublicKeySigner.c @@ -97,6 +97,7 @@ LONGBOW_TEST_FIXTURE(Object) LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_HashCode); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_IsValid); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_ToString); + LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_SignatureSize); } LONGBOW_TEST_FIXTURE_SETUP(Object) @@ -443,6 +444,18 @@ LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId) parcSigner_Release(&signer); } +LONGBOW_TEST_CASE(Object, parcPublicKeySigner_SignatureSize) +{ + PARCPublicKeySigner *publicKeySigner = _createSigner("test_key_size"); + PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner); + + + assertTrue(parcSigner_GetSignatureSize(signer) == 128, "Modulus size unexpected %lu ", parcSigner_GetSignatureSize(signer)); + parcPublicKeySigner_Release(&publicKeySigner); + parcSigner_Release(&signer); +} + + int main(int argc, char *argv[argc]) { diff --git a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c index 562ba6c6..01874e75 100644 --- a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c +++ b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c @@ -237,6 +237,17 @@ LONGBOW_TEST_CASE(Specialization, test_hmac_sha512) parcBuffer_Release(&output); } +LONGBOW_TEST_CASE(Global, parcSymmetricSigner_SignatureSize) +{ + PARCSymmetricKeySigner *symmetricSigner = _createSigner(); + + PARCSigner *signer = parcSigner_Create(symmetricSigner, PARCSymmetricKeySignerAsSigner); + + assertTrue(parcSigner_GetSignatureSize(signer) == 32, "Key size unexpected %d ", parcSigner_GetSignatureSize(signer)); + parcSigner_Release(&signer); + parcSymmetricKeySigner_Release(&symmetricSigner); +} + int main(int argc, char *argv[argc]) { -- cgit 1.2.3-korg