Commit d255141d authored by filatov's avatar filatov
Browse files

Fis tbsData hash compilation by asn1c

parent 347a9d99
......@@ -22,6 +22,7 @@ static const char * _decriptionKey = NULL;
static const char * _keyPath = NULL;
static int _force = 0;
static const char * _cfgFile = NULL;
static int _debug = 0;
static const char _sha256_emptyString[] = {
0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
......@@ -73,9 +74,12 @@ static copt_t _options [] = {
{ "v", "vkey", COPT_STR, (void*)&_verificationKey, "Verification public key (generate key pair by default)" },
{ "e", "ekey", COPT_STR, (void*)&_decriptionKey, "Encription public key (generate key pair if neccessary)" },
{ "s", "signer", COPT_STR, (void*)&_signerName, "Signer certificate name [take from profile by default]" },
{ "D", "debug", COPT_BOOL, (void*)&_debug, "Dump hashes and other values [false]" },
{ NULL, NULL, COPT_END, NULL, NULL }
};
char * _bin2hex(char * hex, size_t hlen, const char * bin, size_t blen);
static int is_CurvePoint_empty(EccP256CurvePoint_t* point);
static void fill_curve_point_eccP256(EccP256CurvePoint_t* point, ecc_curve_id curveType, char * keyPath);
......@@ -104,10 +108,12 @@ static asn_dec_rval_t IssuerIdentifier_xer_decoder(const asn_codec_ctx_t *opt_co
return CHOICE_decode_xer(opt_codec_ctx, td, struct_ptr, opt_mname, buf_ptr, size);
}
typedef struct enc_to_buf_arg {
typedef struct overrun_encoder_key {
void *buffer;
size_t left;
} enc_to_buf_arg;
size_t buffer_size;
size_t computed_size;
}overrun_encoder_key;
static asn_enc_rval_t ToBeSignedCertificate_oer_encoder(const asn_TYPE_descriptor_t *td,
const asn_oer_constraints_t *constraints, const void *sptr,
......@@ -115,18 +121,24 @@ static asn_enc_rval_t ToBeSignedCertificate_oer_encoder(const asn_TYPE_descripto
{
asn_enc_rval_t rc;
ToBeSignedCertificate_t * tbs = (ToBeSignedCertificate_t*)sptr;
enc_to_buf_arg *a = (enc_to_buf_arg*)app_key;
overrun_encoder_key *a = (overrun_encoder_key*)app_key;
const char * oer = ((const char*)a->buffer) + a->computed_size;
rc = SEQUENCE_encode_oer(td, constraints, sptr, cb, app_key);
if (rc.encoded > 0){
if(_debug){
char hex[257*2];
*_bin2hex(hex, sizeof(hex)-1, oer, ((rc.encoded>256)?256:rc.encoded)) = 0;
fprintf(stderr, "DEBUG: ToBeSigned OER[%ld]=%s\n", rc.encoded, hex);
}
// calculate hash
if (tbs->verifyKeyIndicator.present == VerificationKeyIndicator_PR_verificationKey &&
tbs->verifyKeyIndicator.choice.verificationKey.present == PublicVerificationKey_PR_ecdsaBrainpoolP384r1) {
_tbsHashLength = 48;
sha384_calculate(_tbsHash, (const char*)a->buffer, rc.encoded);
sha384_calculate(_tbsHash, (const char*)oer, rc.encoded);
}
else{
_tbsHashLength = 32;
sha256_calculate(_tbsHash, (const char*)a->buffer, rc.encoded);
sha256_calculate(_tbsHash, (const char*)oer, rc.encoded);
}
}
return rc;
......@@ -178,6 +190,18 @@ static asn_enc_rval_t Signature_oer_encoder(const asn_TYPE_descriptor_t *td,
hl = sha384_hash_size;
break;
}
if (_debug){
char hex[48*3+1];
*_bin2hex(hex, sizeof(hex), _tbsHash, _tbsHashLength) = 0;
fprintf(stderr, "DEBUG: ToBeSignedHash[%d]=%s\n", _tbsHashLength, hex);
*_bin2hex(hex, sizeof(hex), _signerHash, _signerHashLength) = 0;
fprintf(stderr, "DEBUG: SignerHash[%d]=%s\n", _signerHashLength, hex);
*_bin2hex(hex, sizeof(hex), h, hl) = 0;
fprintf(stderr, "DEBUG: JoinedHash[%d]=%s\n",hl, hex);
}
// initialize buffers
OCTET_STRING_fromBuf(&s->choice.ecdsaNistP256Signature.rSig.choice.x_only, h, hl);
OCTET_STRING_fromBuf(&s->choice.ecdsaNistP256Signature.sSig, h, hl);
......@@ -437,60 +461,41 @@ static int is_CurvePoint_empty(EccP256CurvePoint_t* point)
}
static void fill_curve_point_eccP256(EccP256CurvePoint_t* point, ecc_curve_id curveType, char * keyPath)
{
void * key;
char x[32], y[32];
int compressed_y;
key = ecc_key_private_load(keyPath, curveType);
if (key == NULL){
key = ecc_key_gen(curveType);
ecc_key_private_save(key, keyPath, _outKeyFormat);
strcat(keyPath, EXT_PUB);
ecc_key_public_save(key, keyPath, _outKeyFormat);
}
ecc_key_public(key, x, y, &compressed_y);
OCTET_STRING_fromBuf(&point->choice.x_only, x, 32);
if (point->present == EccP256CurvePoint_PR_uncompressedP256){
OCTET_STRING_fromBuf(&point->choice.uncompressedP256.y, y, 32);
}
else if (point->present == EccP256CurvePoint_PR_compressed_y_0 || point->present == EccP256CurvePoint_PR_compressed_y_1){
point->present = compressed_y ? EccP256CurvePoint_PR_compressed_y_1 : EccP256CurvePoint_PR_compressed_y_0;
}
ecc_key_free(key);
fill_curve_point_eccP384((EccP384CurvePoint_t*)point, curveType, keyPath);
}
/*
static int is_P384CurvePoint_empty(EccP384CurvePoint_t* point){
switch (point->present){
case EccP256CurvePoint_PR_x_only:
case EccP256CurvePoint_PR_compressed_y_0:
case EccP256CurvePoint_PR_compressed_y_1:
return point->choice.x_only.size < 48;
case EccP256CurvePoint_PR_uncompressedP256:
return point->choice.uncompressedP384.x.size < 48 || point->choice.uncompressedP384.y.size < 48;
default:
break;
}
return 1;
}
*/
static void fill_curve_point_eccP384(EccP384CurvePoint_t* point, ecc_curve_id curveType, char * keyPath)
{
void * key;
char x[48], y[48];
int compressed_y;
int fsize;
key = ecc_key_private_load(keyPath, curveType);
if (key == NULL){
if (_debug){
fprintf(stderr, "DEBUG: generate key %s\n", keyPath);
}
key = ecc_key_gen(curveType);
ecc_key_private_save(key, keyPath, _outKeyFormat);
strcat(keyPath, EXT_PUB);
ecc_key_public_save(key, keyPath, _outKeyFormat);
}
ecc_key_public(key, x, y, &compressed_y);
OCTET_STRING_fromBuf(&point->choice.x_only, x, 48);
if (point->present == EccP384CurvePoint_PR_uncompressedP384){
OCTET_STRING_fromBuf(&point->choice.uncompressedP384.y, y, 48);
}
else if (point->present == EccP256CurvePoint_PR_compressed_y_0 || point->present == EccP256CurvePoint_PR_compressed_y_1){
point->present = compressed_y ? EccP256CurvePoint_PR_compressed_y_1 : EccP256CurvePoint_PR_compressed_y_0;
fsize = ecc_key_public(key, x, y, &compressed_y);
if (fsize > 0){
OCTET_STRING_fromBuf(&point->choice.x_only, x, fsize);
if (point->present == EccP384CurvePoint_PR_uncompressedP384){
OCTET_STRING_fromBuf(&point->choice.uncompressedP384.y, y, fsize);
}
else if (point->present == EccP384CurvePoint_PR_compressed_y_0 || point->present == EccP384CurvePoint_PR_compressed_y_1){
point->present = compressed_y ? EccP384CurvePoint_PR_compressed_y_1 : EccP384CurvePoint_PR_compressed_y_0;
}
if (_debug){
char hex [256];
*_bin2hex(hex, sizeof(hex), x, fsize) = 0;
fprintf(stderr, "DEBUG: %s_pub.x=%s\n", keyPath, hex);
*_bin2hex(hex, sizeof(hex), y, fsize) = 0;
fprintf(stderr, "DEBUG: %s_pub.y=%s\n", keyPath, hex);
}
}
ecc_key_free(key);
}
......@@ -24,7 +24,7 @@
#define ARRAYSIZE(A) (sizeof(A)/sizeof(A[0]))
static char * _bin2hex(char * hex, size_t hlen, const char * bin, size_t blen);
char * _bin2hex(char * hex, size_t hlen, const char * bin, size_t blen);
typedef struct {
int nid;
......@@ -138,7 +138,7 @@ int ecc_key_public(void* key, char * px, char * py, int * psign)
const EC_POINT * ecpoint;
const EC_KEY * eckey = (EC_KEY*)key;
BIGNUM *x, *y;
int fsize, bcount = -1;
int fsize = -1, bcount = -1;
if( key && px && py ) {
ecgroup = EC_KEY_get0_group(eckey);
......@@ -162,7 +162,7 @@ int ecc_key_public(void* key, char * px, char * py, int * psign)
}
BN_clear_free(x); BN_clear_free(y);
}
return bcount;
return fsize;
}
static int _pass_cb(char *buf, int size, int rwflag, void *u)
......@@ -450,7 +450,7 @@ int ecc_sign(void * key, const char * hash, int hlength, char *r, char *s)
static const char* _hexDigits = "0123456789ABCDEF";
static char * _bin2hex(char * hex, size_t hlen, const char * bin, size_t blen)
char * _bin2hex(char * hex, size_t hlen, const char * bin, size_t blen)
{
const unsigned char *b, *e;
char * s;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment