Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
LSH
lsh
Commits
77180ea6
Commit
77180ea6
authored
May 01, 2000
by
Niels Möller
Browse files
* src/spki_commands.c (make_pkcs5_encrypt): New function.
Rev: src/spki_commands.c:1.6 Rev: src/spki_commands.h:1.4
parent
e5fa8039
Changes
2
Hide whitespace changes
Inline
Side-by-side
src/spki_commands.c
View file @
77180ea6
...
...
@@ -25,11 +25,17 @@
#include "spki_commands.h"
#include "atoms.h"
#include "crypto.h"
#include "format.h"
#include "queue.h"
#include "randomness.h"
#include "sexp_commands.h"
#include "werror.h"
#include "xalloc.h"
#include <assert.h>
/* Forward declarations */
struct
command_simple
spki_add_acl_command
;
#define SPKI_ADD_ACL (&spki_add_acl_command.super.super)
...
...
@@ -49,6 +55,7 @@ struct command_simple spki_add_userkey_command;
#include "spki_commands.c.x"
#define SA(x) sexp_a(ATOM_##x)
/* GABA:
(class
...
...
@@ -61,7 +68,7 @@ struct command_simple spki_add_userkey_command;
/* Reading of ACL:s
* ****************/
/* Adds an ACL s-expression to an SP
I
K-context. Returns the context. */
/* Adds an ACL s-expression to an SPK
I
-context. Returns the context. */
/* ;; GABA:
(class
(name spki_add_acl_command_1)
...
...
@@ -304,3 +311,108 @@ COMMAND_SIMPLE(spki_read_userkeys_command)
return
&
make_spki_read_userkeys
(
algorithms
)
->
super
;
}
/* Encryption of private data.
* For PKCS#5 (version 2) key derivation, we use
*
* (password-encrypted LABEL (Xpkcs5v2 hmac-sha1 (salt #...#))
* ("3des-cbc" (iv #...#) (data #...#)))
*
* where the X:s will be removed when the format is more stable.
*
*/
/* GABA:
(class
(name spki_password_encrypt)
(super command)
(vars
(label string)
(method object sexp)
(algorithm_name . UINT32)
(algorithm object crypto_algorithm)
(r object randomness)
(key string)))
*/
static
void
do_spki_encrypt
(
struct
command
*
s
,
struct
lsh_object
*
a
,
struct
command_continuation
*
c
,
struct
exception_handler
*
e
UNUSED
)
{
CAST
(
spki_password_encrypt
,
self
,
s
);
CAST_SUBTYPE
(
sexp
,
expr
,
a
);
struct
lsh_string
*
iv
=
NULL
;
UINT8
noiv
[
1
]
=
{
0
};
if
(
self
->
algorithm
->
iv_size
)
{
iv
=
lsh_string_alloc
(
self
->
algorithm
->
iv_size
);
RANDOM
(
self
->
r
,
iv
->
length
,
iv
->
data
);
}
COMMAND_RETURN
(
c
,
sexp_l
(
4
,
SA
(
PASSWORD_ENCRYPTED
),
sexp_s
(
NULL
,
lsh_string_dup
(
self
->
label
)),
self
->
method
,
sexp_l
(
3
,
sexp_a
(
self
->
algorithm_name
),
sexp_l
(
2
,
SA
(
IV
),
sexp_s
(
NULL
,
iv
),
-
1
),
sexp_l
(
2
,
SA
(
DATA
),
sexp_s
(
NULL
,
crypt_string_pad
(
MAKE_ENCRYPT
(
self
->
algorithm
,
self
->
key
->
data
,
iv
?
iv
->
data
:
noiv
),
SEXP_FORMAT
(
expr
,
SEXP_CANONICAL
,
0
),
1
)),
-
1
),
-
1
),
-
1
));
}
/* Consumes the label and password arguments. */
struct
command
*
make_pkcs5_encrypt
(
struct
randomness
*
r
,
struct
lsh_string
*
label
,
UINT32
prf_name
,
struct
mac_algorithm
*
prf
,
UINT32
crypto_name
,
struct
crypto_algorithm
*
crypto
,
UINT32
salt_length
,
struct
lsh_string
*
password
,
UINT32
iterations
)
{
NEW
(
spki_password_encrypt
,
self
);
struct
lsh_string
*
key
;
struct
lsh_string
*
salt
;
assert
(
crypto
);
assert
(
prf
);
salt
=
lsh_string_alloc
(
salt_length
);
RANDOM
(
r
,
salt
->
length
,
salt
->
data
);
key
=
lsh_string_alloc
(
crypto
->
key_size
);
pkcs5_derive_key
(
prf
,
password
->
length
,
password
->
data
,
salt
->
length
,
salt
->
data
,
iterations
,
key
->
length
,
key
->
data
);
lsh_string_free
(
password
);
self
->
super
.
call
=
do_spki_encrypt
;
self
->
r
=
r
;
self
->
label
=
label
;
self
->
method
=
sexp_l
(
3
,
SA
(
XPKCS5V2
),
sexp_a
(
prf_name
),
sexp_l
(
2
,
SA
(
SALT
),
sexp_s
(
NULL
,
salt
),
-
1
),
-
1
);
self
->
algorithm_name
=
crypto_name
;
self
->
algorithm
=
crypto
;
self
->
key
=
key
;
return
&
self
->
super
;
}
src/spki_commands.h
View file @
77180ea6
...
...
@@ -45,4 +45,16 @@ extern struct command_simple spki_read_userkeys_command;
struct
command
*
make_spki_read_userkeys
(
struct
alist
*
algorithms
);
/* Encryption of private data. */
struct
command
*
make_pkcs5_encrypt
(
struct
randomness
*
r
,
struct
lsh_string
*
label
,
UINT32
prf_name
,
struct
mac_algorithm
*
prf
,
UINT32
crypto_name
,
struct
crypto_algorithm
*
crypto
,
UINT32
salt_length
,
struct
lsh_string
*
password
,
UINT32
iterations
);
#endif
/* LSH_SPKI_COMMANDS_H_INCLUDED */
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment