From ec688b4723a041044226358bcd4dd6e2da39da49 Mon Sep 17 00:00:00 2001 From: Luca Muscariello Date: Thu, 23 Feb 2017 17:01:02 +0100 Subject: Initial commit: cframework. Longbow and Libparc Change-Id: I90378dbd30da6033b20fb1f829b3b822cf366c59 Signed-off-by: Luca Muscariello --- libparc/parc/security/parc_SymmetricKeySigner.c | 268 ++++++++++++++++++++++++ 1 file changed, 268 insertions(+) create mode 100644 libparc/parc/security/parc_SymmetricKeySigner.c (limited to 'libparc/parc/security/parc_SymmetricKeySigner.c') diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c new file mode 100644 index 00000000..aeacb30f --- /dev/null +++ b/libparc/parc/security/parc_SymmetricKeySigner.c @@ -0,0 +1,268 @@ +/* + * Copyright (c) 2017 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +/** + */ +#include + +#include +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define AES_KEYSTORE_VERSION 1L +#define IV_SIZE 16 +#define AES_MAX_DIGEST_SIZE 128 +#define AES_DEFAULT_DIGEST_ALGORITHM "SHA256" + +struct PARCSymmetricKeySigner { + PARCSymmetricKeyStore *keyStore; + PARCKeyStore *generalKeyStore; + + PARCCryptoHash *secretKeyHash; + PARCCryptoHasher *hasher; + PARCCryptoHasherInterface hasherFunctor; + PARCCryptoHashType hashType; + + unsigned hashLength; + const EVP_MD *opensslMd; +}; + +// ================================================== +// HMAC implementation + +static void * +_hmacCreate(void *env) +{ + PARCSymmetricKeySigner *signer = (PARCSymmetricKeySigner *) env; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + HMAC_CTX *ctx = HMAC_CTX_new(); + HMAC_CTX_reset(ctx); +#else + // HMAC_Init_ex seems to overrun the size of HMAC_CTX, so make it bigger + HMAC_CTX *ctx = parcMemory_Allocate(sizeof(HMAC_CTX) * 2); + assertNotNull(ctx, "parcMemory_Allocate(%zu) returned NULL for HMAC_CTX", sizeof(HMAC_CTX) * 2); + HMAC_CTX_init(ctx); +#endif + + // Now initialize it with our digest and key, so in hmac_init we can avoid using those + PARCBuffer *secretKey = parcSymmetricKeyStore_GetKey(signer->keyStore); + assertTrue(parcBuffer_Remaining(secretKey) < 512, "The keystore secret key cannot be longer than %d", 512); + + HMAC_Init_ex(ctx, parcByteArray_Array(parcBuffer_Array(secretKey)), (int) parcBuffer_Remaining(secretKey), signer->opensslMd, NULL); + + return ctx; +} + +static int +_hmacInit(void *ctx) +{ + // reset the HMAC state with NULLs, so we'll re-use the values we had from setup. + HMAC_Init_ex((HMAC_CTX *) ctx, NULL, 0, NULL, NULL); + return 0; +} + +static int +_hmacUpdate(void *ctx, const void *buffer, size_t length) +{ + HMAC_Update(ctx, buffer, length); + return 0; +} + +static PARCBuffer* +_hmacFinalize(void *ctx) +{ + uint8_t buffer[EVP_MAX_MD_SIZE]; + unsigned length; + HMAC_Final(ctx, buffer, &length); + + PARCBuffer *output = parcBuffer_Allocate(length); + parcBuffer_PutArray(output, length, buffer); + + return output; +} + +static void +_hmacDestroy(void **ctxPtr) +{ +#if (OPENSSL_VERSION_NUMBER >= 0x1010003fL) + HMAC_CTX_free(*ctxPtr); +#else + HMAC_CTX_cleanup(*ctxPtr); +#endif + parcMemory_Deallocate((void **) ctxPtr); + *ctxPtr = NULL; +} + +static PARCCryptoHasherInterface functor_hmac = { + .functor_env = NULL, + .hasher_setup = _hmacCreate, + .hasher_init = _hmacInit, + .hasher_update = _hmacUpdate, + .hasher_finalize = _hmacFinalize, + .hasher_destroy = _hmacDestroy +}; + +static bool +_parcSymmetricKeySigner_Finalize(PARCSymmetricKeySigner **instancePtr) +{ + assertNotNull(instancePtr, "Parameter must be a non-null pointer to a PARCSymmetricKeySigner pointer."); + PARCSymmetricKeySigner *signer = (PARCSymmetricKeySigner *) *instancePtr; + if (signer->secretKeyHash != NULL) { + parcCryptoHash_Release(&signer->secretKeyHash); + } + if (signer->hasher != NULL) { + parcCryptoHasher_Release(&signer->hasher); + } + + if (signer->keyStore != NULL) { + parcSymmetricKeyStore_Release(&signer->keyStore); + } + if (signer->generalKeyStore != NULL) { + parcKeyStore_Release(&signer->generalKeyStore); + } + + return true; +} + +parcObject_ImplementAcquire(parcSymmetricKeySigner, PARCSymmetricKeySigner); +parcObject_ImplementRelease(parcSymmetricKeySigner, PARCSymmetricKeySigner); + +parcObject_Override(PARCSymmetricKeySigner, PARCObject, + .destructor = (PARCObjectDestructor *) _parcSymmetricKeySigner_Finalize); + +void +parcSymmetricKeySigner_AssertValid(const PARCSymmetricKeySigner *instance) +{ + assertTrue(parcSymmetricKeySigner_IsValid(instance), + "PARCSymmetricKeySigner is not valid."); +} + +PARCSymmetricKeySigner * +parcSymmetricKeySigner_Create(PARCSymmetricKeyStore *keyStore, PARCCryptoHashType hmacHashType) +{ + PARCSymmetricKeySigner *result = parcObject_CreateInstance(PARCSymmetricKeySigner); + + if (result != NULL) { + result->hashType = hmacHashType; + switch (hmacHashType) { + case PARCCryptoHashType_SHA256: + result->hashLength = SHA256_DIGEST_LENGTH; + result->opensslMd = EVP_sha256(); + break; + + case PARCCryptoHashType_SHA512: + result->hashLength = SHA512_DIGEST_LENGTH; + result->opensslMd = EVP_sha512(); + break; + + default: + parcObject_Release((void **) &result); + trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType); + } + + // the signer key digest is SHA256, independent of the HMAC digest + result->secretKeyHash = parcSymmetricKeyStore_GetVerifierKeyDigest(keyStore); + result->keyStore = parcSymmetricKeyStore_Acquire(keyStore); + result->generalKeyStore = parcKeyStore_Create(result->keyStore, PARCSymmetricKeyStoreAsKeyStore); + + // create the functor from the template then specialize it to this keystore. + // This depends on keystore->secret_key being set. It will cause a callback + // into hmac_setup() + result->hasherFunctor = functor_hmac; + result->hasherFunctor.functor_env = result; + result->hasher = parcCryptoHasher_CustomHasher(hmacHashType, result->hasherFunctor); + } + + return result; +} + +bool +parcSymmetricKeySigner_IsValid(const PARCSymmetricKeySigner *instance) +{ + bool result = false; + + if (instance != NULL) { + result = true; + } + + return result; +} + +static PARCSigningAlgorithm +_getSigningAlgorithm(PARCSymmetricKeySigner *signer) +{ + return PARCSigningAlgorithm_HMAC; +} + +static PARCCryptoHashType +_getCryptoHashType(PARCSymmetricKeySigner *signer) +{ + return signer->hashType; +} + +static PARCCryptoHasher * +_getCryptoHasher(PARCSymmetricKeySigner *signer) +{ + return signer->hasher; +} + +static PARCKeyStore * +_getKeyStore(PARCSymmetricKeySigner *signer) +{ + return signer->generalKeyStore; +} + +// ================================================== +// implementation + +/** + * wrap the HMAC in digestToSign in a PARCSignature + * + * @param hashToSign is the HMAC computed by the our PARCCryptoHasher. + */ +static PARCSignature * +_signDigest(PARCSymmetricKeySigner *interfaceContext, const PARCCryptoHash *hashToSign) +{ + // The digest computed via our hash function (hmac) is the actual signature. + // just need to wrap it up with the right parameters. + PARCBuffer *signatureBits = parcBuffer_Copy(parcCryptoHash_GetDigest(hashToSign)); + PARCSignature *result = parcSignature_Create(_getSigningAlgorithm(interfaceContext), parcCryptoHash_GetDigestType(hashToSign), signatureBits); + parcBuffer_Release(&signatureBits); + return result; +} + +PARCSigningInterface *PARCSymmetricKeySignerAsSigner = &(PARCSigningInterface) { + .GetCryptoHashType = (PARCCryptoHashType (*)(void *))_getCryptoHashType, + .GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_getCryptoHasher, + .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_signDigest, + .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_getSigningAlgorithm, + .GetKeyStore = (PARCKeyStore * (*)(void *))_getKeyStore, +}; -- cgit 1.2.3-korg From 799484812a3fdd9d5d6e71c5fc4b483043347bca Mon Sep 17 00:00:00 2001 From: Devel Date: Mon, 16 Apr 2018 16:52:31 +0200 Subject: Added method to retrieve the signature length from the signer. Fixed bug on parc-publickey Change-Id: If188601e83d0cebf42d2e868e1dce430eabfa1f2 Signed-off-by: Devel --- .../parc/security/command-line/parc-publickey.c | 10 ++--- libparc/parc/security/parc_CryptoSuite.c | 24 ------------ libparc/parc/security/parc_CryptoSuite.h | 17 --------- libparc/parc/security/parc_PublicKeySigner.c | 43 ++++++++++++++++++++++ libparc/parc/security/parc_Signer.c | 8 ++++ libparc/parc/security/parc_Signer.h | 27 ++++++++++++++ libparc/parc/security/parc_SymmetricKeySigner.c | 13 +++++++ .../security/test/test_parc_PublicKeyECSigner.c | 12 ++++++ .../parc/security/test/test_parc_PublicKeySigner.c | 13 +++++++ .../security/test/test_parc_SymmetricKeySigner.c | 11 ++++++ 10 files changed, 132 insertions(+), 46 deletions(-) (limited to 'libparc/parc/security/parc_SymmetricKeySigner.c') diff --git a/libparc/parc/security/command-line/parc-publickey.c b/libparc/parc/security/command-line/parc-publickey.c index e88e94b6..56d35935 100644 --- a/libparc/parc/security/command-line/parc-publickey.c +++ b/libparc/parc/security/command-line/parc-publickey.c @@ -36,17 +36,17 @@ parcPublicKey_Create(PARCArrayList *args) char *fileName = parcArrayList_Get(args, 2); char *password = parcArrayList_Get(args, 3); char *subjectName = parcArrayList_Get(args, 4); - PARCSigningAlgorithm signAlgo = *(int *)parcArrayList_Get(args, 5); - + PARCSigningAlgorithm signAlgo = PARCSigningAlgorithm_RSA; + if (parcArrayList_Size(args) > 5) { - keyLength = (unsigned int) strtoul(parcArrayList_Get(args, 6), NULL, 10); + keyLength = (unsigned int) strtoul(parcArrayList_Get(args, 5), NULL, 10); } if (parcArrayList_Size(args) > 6) { - validityDays = (unsigned int) strtoul(parcArrayList_Get(args, 7), NULL, 10); + validityDays = (unsigned int) strtoul(parcArrayList_Get(args, 6), NULL, 10); } - bool result = parcPkcs12KeyStore_CreateFile(fileName, password, subjectName, keyLength, validityDays, signAlgo); + bool result = parcPkcs12KeyStore_CreateFile(fileName, password, subjectName, signAlgo, keyLength, validityDays); if (!result) { printf("Error: %s %s", fileName, strerror(errno)); return; diff --git a/libparc/parc/security/parc_CryptoSuite.c b/libparc/parc/security/parc_CryptoSuite.c index 32b1431e..9925c4e6 100755 --- a/libparc/parc/security/parc_CryptoSuite.c +++ b/libparc/parc/security/parc_CryptoSuite.c @@ -44,30 +44,6 @@ parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite) } } -int -parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBits) -{ - switch (suite) { - case PARCCryptoSuite_DSA_SHA256: // fallthrough - case PARCCryptoSuite_RSA_SHA256: // fallthrough - case PARCCryptoSuite_RSA_SHA512: - return keyLengthBits; - - case PARCCryptoSuite_ECDSA_SHA256: - return keyLengthBits*2 + 64; //Overhead added by ECDSA - - case PARCCryptoSuite_HMAC_SHA256: // fallthrough - case PARCCryptoSuite_HMAC_SHA512: // fallthrough - return 512; - - case PARCCryptoSuite_NULL_CRC32C: - return 32; - - default: - trapIllegalValue(suite, "Unknown crypto suite: %d", suite); - } -} - int parcCryptoSuite_GetSignatureSizeBytes(PARCCryptoSuite suite, int keyLengthBits) { diff --git a/libparc/parc/security/parc_CryptoSuite.h b/libparc/parc/security/parc_CryptoSuite.h index 0276287b..366bcb11 100755 --- a/libparc/parc/security/parc_CryptoSuite.h +++ b/libparc/parc/security/parc_CryptoSuite.h @@ -59,23 +59,6 @@ typedef enum { */ PARCCryptoHashType parcCryptoSuite_GetCryptoHash(PARCCryptoSuite suite); -/** - * Given a PARCCryptoSuite value and the key length, return the expected length in bits of the signature. - * For ECDSA the result is the maximum length - * - * @param [in] suite A PARCCryptoSuite value. - * - * @return A PARCCryptoHashType value - * - * Example: - * @code - * { - * int bits = parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite_RSA_SHA256, 1024); - * } - * @endcode - */ -int parcCryptoSuite_GetSignatureSizeBits(PARCCryptoSuite suite, int keyLengthBits); - /** * Given a PARCCryptoSuite value and the key length, return the expected length in bytes of the signature. * For ECDSA the result is the maximum length diff --git a/libparc/parc/security/parc_PublicKeySigner.c b/libparc/parc/security/parc_PublicKeySigner.c index 04b76655..4122b992 100644 --- a/libparc/parc/security/parc_PublicKeySigner.c +++ b/libparc/parc/security/parc_PublicKeySigner.c @@ -268,10 +268,53 @@ _SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign) return signature; } +static size_t +_GetSignatureSize(PARCPublicKeySigner *signer) +{ + assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore"); + + // TODO: what is the best way to expose this? + PARCKeyStore *keyStore = signer->keyStore; + PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore); + + size_t size = 0; + switch (signer->signingAlgorithm) { + case PARCSigningAlgorithm_RSA: + { + EVP_PKEY *privateKey = NULL; + uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, parcBuffer_Limit(privateKeyBuffer)); + privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, parcBuffer_Limit(privateKeyBuffer)); + + RSA *rsa = EVP_PKEY_get1_RSA(privateKey); + + size = RSA_size(rsa); + RSA_free(rsa); + break; + } + case PARCSigningAlgorithm_ECDSA: + { + EVP_PKEY *privateKey = NULL; + size_t keySize = parcBuffer_Remaining(privateKeyBuffer); + uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, keySize); + privateKey = d2i_PrivateKey(EVP_PKEY_EC, &privateKey, (const unsigned char **) &bytes, keySize); + + EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(privateKey); + + size = ECDSA_size(ec_key); + EC_KEY_free(ec_key); + break; + } + } + parcBuffer_Release(&privateKeyBuffer); + + return size; +} + PARCSigningInterface *PARCPublicKeySignerAsSigner = &(PARCSigningInterface) { .GetCryptoHasher = (PARCCryptoHasher * (*)(void *))_GetCryptoHasher, .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_SignDigest, .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_GetSigningAlgorithm, .GetCryptoHashType = (PARCCryptoHashType (*)(void *))_GetCryptoHashType, .GetKeyStore = (PARCKeyStore * (*)(void *))_GetKeyStore, + .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize }; diff --git a/libparc/parc/security/parc_Signer.c b/libparc/parc/security/parc_Signer.c index ec5b8a19..5287c97b 100644 --- a/libparc/parc/security/parc_Signer.c +++ b/libparc/parc/security/parc_Signer.c @@ -168,3 +168,11 @@ parcSigner_GetKeyStore(const PARCSigner *signer) return signer->interface->GetKeyStore(signer->instance); } + +size_t +parcSigner_GetSignatureSize(const PARCSigner *signer) +{ + parcSigner_OptionalAssertValid(signer); + + return signer->interface->GetSignatureSize(signer->instance); +} diff --git a/libparc/parc/security/parc_Signer.h b/libparc/parc/security/parc_Signer.h index bd69c992..1e675c50 100755 --- a/libparc/parc/security/parc_Signer.h +++ b/libparc/parc/security/parc_Signer.h @@ -115,6 +115,15 @@ typedef struct parc_signer_interface { * @return A PARCKeyStore instance. */ PARCKeyStore *(*GetKeyStore)(void *interfaceContext); + + /** + * Return the key size for this Signer. + * + * @param [in] interfaceContext A pointer to a concrete PARCSigner instance. + * + * @return A size_t + */ + size_t (*GetSignatureSize)(void *interfaceContext); } PARCSigningInterface; /** @@ -384,4 +393,22 @@ PARCCryptoSuite parcSigner_GetCryptoSuite(const PARCSigner *signer); * @endcode */ PARCKeyStore *parcSigner_GetKeyStore(const PARCSigner *signer); + +/** + * Given a `PARCSigner` instance, return the expected size of the signature. + * + * @param [in] signer A pointer to a `PARCSigner` instance. + * + * @return A size_t with the size of the key. + * + * Example: + * @code + * { + * PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCRSASignerAsSigner); + * + * PARCKeyStore *keyStore = parcSigner_GetKeyStore(signer); + * } + * @endcode + */ +size_t parcSigner_GetSignatureSize(const PARCSigner *signer); #endif // libparc_parc_Signer_h diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c index aeacb30f..5cde896b 100644 --- a/libparc/parc/security/parc_SymmetricKeySigner.c +++ b/libparc/parc/security/parc_SymmetricKeySigner.c @@ -240,6 +240,18 @@ _getKeyStore(PARCSymmetricKeySigner *signer) return signer->generalKeyStore; } +static size_t +_GetSignatureSize(PARCSymmetricKeySigner *signer) +{ + assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore"); + + // TODO: what is the best way to expose this? + PARCSymmetricKeyStore *keyStore = signer->keyStore; + PARCBuffer *secretKeyBuffer = parcSymmetricKeyStore_GetKey(keyStore); + + return parcBuffer_Limit(secretKeyBuffer); +} + // ================================================== // implementation @@ -265,4 +277,5 @@ PARCSigningInterface *PARCSymmetricKeySignerAsSigner = &(PARCSigningInterface) { .SignDigest = (PARCSignature * (*)(void *, const PARCCryptoHash *))_signDigest, .GetSigningAlgorithm = (PARCSigningAlgorithm (*)(void *))_getSigningAlgorithm, .GetKeyStore = (PARCKeyStore * (*)(void *))_getKeyStore, + .GetSignatureSize = (size_t (*)(void *))_GetSignatureSize }; diff --git a/libparc/parc/security/test/test_parc_PublicKeyECSigner.c b/libparc/parc/security/test/test_parc_PublicKeyECSigner.c index 417282a0..90ab1755 100644 --- a/libparc/parc/security/test/test_parc_PublicKeyECSigner.c +++ b/libparc/parc/security/test/test_parc_PublicKeyECSigner.c @@ -105,6 +105,7 @@ LONGBOW_TEST_FIXTURE(Object) LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_HashCode); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_IsValid); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_ToString); + LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_SignatureSize); } LONGBOW_TEST_FIXTURE_SETUP(Object) @@ -485,6 +486,17 @@ LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId) parcSigner_Release(&signer); } +LONGBOW_TEST_CASE(Object, parcPublicKeySigner_SignatureSize) +{ + PARCPublicKeySigner *publicKeySigner = _createSigner("test_key_size"); + PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner); + + assertTrue(parcSigner_GetSignatureSize(signer) == 72, "Key size unexpected %lu ", parcSigner_GetSignatureSize(signer)); + parcPublicKeySigner_Release(&publicKeySigner); + parcSigner_Release(&signer); +} + + int main(int argc, char *argv[argc]) { diff --git a/libparc/parc/security/test/test_parc_PublicKeySigner.c b/libparc/parc/security/test/test_parc_PublicKeySigner.c index 49fd42c7..69fb7049 100644 --- a/libparc/parc/security/test/test_parc_PublicKeySigner.c +++ b/libparc/parc/security/test/test_parc_PublicKeySigner.c @@ -97,6 +97,7 @@ LONGBOW_TEST_FIXTURE(Object) LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_HashCode); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_IsValid); LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_ToString); + LONGBOW_RUN_TEST_CASE(Object, parcPublicKeySigner_SignatureSize); } LONGBOW_TEST_FIXTURE_SETUP(Object) @@ -443,6 +444,18 @@ LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId) parcSigner_Release(&signer); } +LONGBOW_TEST_CASE(Object, parcPublicKeySigner_SignatureSize) +{ + PARCPublicKeySigner *publicKeySigner = _createSigner("test_key_size"); + PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner); + + + assertTrue(parcSigner_GetSignatureSize(signer) == 128, "Modulus size unexpected %lu ", parcSigner_GetSignatureSize(signer)); + parcPublicKeySigner_Release(&publicKeySigner); + parcSigner_Release(&signer); +} + + int main(int argc, char *argv[argc]) { diff --git a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c index 562ba6c6..01874e75 100644 --- a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c +++ b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c @@ -237,6 +237,17 @@ LONGBOW_TEST_CASE(Specialization, test_hmac_sha512) parcBuffer_Release(&output); } +LONGBOW_TEST_CASE(Global, parcSymmetricSigner_SignatureSize) +{ + PARCSymmetricKeySigner *symmetricSigner = _createSigner(); + + PARCSigner *signer = parcSigner_Create(symmetricSigner, PARCSymmetricKeySignerAsSigner); + + assertTrue(parcSigner_GetSignatureSize(signer) == 32, "Key size unexpected %d ", parcSigner_GetSignatureSize(signer)); + parcSigner_Release(&signer); + parcSymmetricKeySigner_Release(&symmetricSigner); +} + int main(int argc, char *argv[argc]) { -- cgit 1.2.3-korg From 7f560eb2b8af423ae1f0f0de1ef5d043f93eaa08 Mon Sep 17 00:00:00 2001 From: Alberto Compagno Date: Mon, 26 Nov 2018 16:13:10 +0100 Subject: Added support for openssl 1.1.1 Change-Id: I596fd56152c32106c5279fc3033d48164328a903 Signed-off-by: Alberto Compagno --- libparc/parc/security/parc_Pkcs12KeyStore.c | 6 +++++- libparc/parc/security/parc_SymmetricKeySigner.c | 2 +- libparc/parc/security/test/test_parc_SymmetricKeySigner.c | 7 +++++-- 3 files changed, 11 insertions(+), 4 deletions(-) (limited to 'libparc/parc/security/parc_SymmetricKeySigner.c') diff --git a/libparc/parc/security/parc_Pkcs12KeyStore.c b/libparc/parc/security/parc_Pkcs12KeyStore.c index 392c9d34..c0d673c4 100644 --- a/libparc/parc/security/parc_Pkcs12KeyStore.c +++ b/libparc/parc/security/parc_Pkcs12KeyStore.c @@ -127,7 +127,11 @@ _parcPkcs12KeyStore_ParseFile(PARCPkcs12KeyStore *keystore, const char *filename keystore->public_key = X509_get_pubkey(keystore->x509_cert); if (keystore->public_key) { - switch (keystore->public_key->type) { +#if OPENSSL_VERSION_NUMBER >= 0X10100000L + switch (EVP_PKEY_id(keystore->public_key)) { +#else + switch (keystore->public_key->type) { +#endif case EVP_PKEY_RSA: keystore->signAlgo = PARCSigningAlgorithm_RSA; break; diff --git a/libparc/parc/security/parc_SymmetricKeySigner.c b/libparc/parc/security/parc_SymmetricKeySigner.c index 5cde896b..b06389dd 100644 --- a/libparc/parc/security/parc_SymmetricKeySigner.c +++ b/libparc/parc/security/parc_SymmetricKeySigner.c @@ -116,8 +116,8 @@ _hmacDestroy(void **ctxPtr) HMAC_CTX_free(*ctxPtr); #else HMAC_CTX_cleanup(*ctxPtr); -#endif parcMemory_Deallocate((void **) ctxPtr); +#endif *ctxPtr = NULL; } diff --git a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c index 01874e75..44b169eb 100644 --- a/libparc/parc/security/test/test_parc_SymmetricKeySigner.c +++ b/libparc/parc/security/test/test_parc_SymmetricKeySigner.c @@ -155,11 +155,12 @@ LONGBOW_TEST_CASE(Specialization, test_hmac_sha256) #if OPENSSL_VERSION_NUMBER >= 0x10100000L _hmacInit(ctx); _hmacUpdate(ctx, to_digest_buffer, to_digest_length); + PARCBuffer *output = _hmacFinalize(ctx); #else _hmacInit(&ctx); _hmacUpdate(&ctx, to_digest_buffer, to_digest_length); -#endif PARCBuffer *output = _hmacFinalize(&ctx); +#endif assertTrue(parcBuffer_Position(output) == true_hmac_length, "hmac wrong length, expected %zu got %zu", @@ -168,6 +169,7 @@ LONGBOW_TEST_CASE(Specialization, test_hmac_sha256) assertTrue(memcmp(parcByteArray_Array(parcBuffer_Array(output)), true_hmac_buffer, true_hmac_length) == 0, "hmac values did not match"); + #if OPENSSL_VERSION_NUMBER >= 0x10100000L HMAC_CTX_free(ctx); #else @@ -214,11 +216,12 @@ LONGBOW_TEST_CASE(Specialization, test_hmac_sha512) #if OPENSSL_VERSION_NUMBER >= 0x10100000L _hmacInit(ctx); _hmacUpdate(ctx, to_digest_buffer, to_digest_length); + PARCBuffer *output = _hmacFinalize(ctx); #else _hmacInit(&ctx); _hmacUpdate(&ctx, to_digest_buffer, to_digest_length); -#endif PARCBuffer *output = _hmacFinalize(&ctx); +#endif assertTrue(parcBuffer_Position(output) == true_hmac_length, "hmac wrong length, expected %zu got %zu", -- cgit 1.2.3-korg