Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
L
lsh
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Model registry
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
LSH
lsh
Commits
77180ea6
Commit
77180ea6
authored
May 1, 2000
by
Niels Möller
Browse files
Options
Downloads
Patches
Plain Diff
* src/spki_commands.c (make_pkcs5_encrypt): New function.
Rev: src/spki_commands.c:1.6 Rev: src/spki_commands.h:1.4
parent
e5fa8039
No related branches found
No related tags found
No related merge requests found
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
src/spki_commands.c
+113
-1
113 additions, 1 deletion
src/spki_commands.c
src/spki_commands.h
+12
-0
12 additions, 0 deletions
src/spki_commands.h
with
125 additions
and
1 deletion
src/spki_commands.c
+
113
−
1
View file @
77180ea6
...
...
@@ -25,11 +25,17 @@
#include
"spki_commands.h"
#include
"atoms.h"
#include
"crypto.h"
#include
"format.h"
#include
"queue.h"
#include
"randomness.h"
#include
"sexp_commands.h"
#include
"werror.h"
#include
"xalloc.h"
#include
<assert.h>
/* Forward declarations */
struct
command_simple
spki_add_acl_command
;
#define SPKI_ADD_ACL (&spki_add_acl_command.super.super)
...
...
@@ -49,6 +55,7 @@ struct command_simple spki_add_userkey_command;
#include
"spki_commands.c.x"
#define SA(x) sexp_a(ATOM_##x)
/* GABA:
(class
...
...
@@ -61,7 +68,7 @@ struct command_simple spki_add_userkey_command;
/* Reading of ACL:s
* ****************/
/* Adds an ACL s-expression to an SP
I
K-context. Returns the context. */
/* Adds an ACL s-expression to an SPK
I
-context. Returns the context. */
/* ;; GABA:
(class
(name spki_add_acl_command_1)
...
...
@@ -304,3 +311,108 @@ COMMAND_SIMPLE(spki_read_userkeys_command)
return
&
make_spki_read_userkeys
(
algorithms
)
->
super
;
}
/* Encryption of private data.
* For PKCS#5 (version 2) key derivation, we use
*
* (password-encrypted LABEL (Xpkcs5v2 hmac-sha1 (salt #...#))
* ("3des-cbc" (iv #...#) (data #...#)))
*
* where the X:s will be removed when the format is more stable.
*
*/
/* GABA:
(class
(name spki_password_encrypt)
(super command)
(vars
(label string)
(method object sexp)
(algorithm_name . UINT32)
(algorithm object crypto_algorithm)
(r object randomness)
(key string)))
*/
static
void
do_spki_encrypt
(
struct
command
*
s
,
struct
lsh_object
*
a
,
struct
command_continuation
*
c
,
struct
exception_handler
*
e
UNUSED
)
{
CAST
(
spki_password_encrypt
,
self
,
s
);
CAST_SUBTYPE
(
sexp
,
expr
,
a
);
struct
lsh_string
*
iv
=
NULL
;
UINT8
noiv
[
1
]
=
{
0
};
if
(
self
->
algorithm
->
iv_size
)
{
iv
=
lsh_string_alloc
(
self
->
algorithm
->
iv_size
);
RANDOM
(
self
->
r
,
iv
->
length
,
iv
->
data
);
}
COMMAND_RETURN
(
c
,
sexp_l
(
4
,
SA
(
PASSWORD_ENCRYPTED
),
sexp_s
(
NULL
,
lsh_string_dup
(
self
->
label
)),
self
->
method
,
sexp_l
(
3
,
sexp_a
(
self
->
algorithm_name
),
sexp_l
(
2
,
SA
(
IV
),
sexp_s
(
NULL
,
iv
),
-
1
),
sexp_l
(
2
,
SA
(
DATA
),
sexp_s
(
NULL
,
crypt_string_pad
(
MAKE_ENCRYPT
(
self
->
algorithm
,
self
->
key
->
data
,
iv
?
iv
->
data
:
noiv
),
SEXP_FORMAT
(
expr
,
SEXP_CANONICAL
,
0
),
1
)),
-
1
),
-
1
),
-
1
));
}
/* Consumes the label and password arguments. */
struct
command
*
make_pkcs5_encrypt
(
struct
randomness
*
r
,
struct
lsh_string
*
label
,
UINT32
prf_name
,
struct
mac_algorithm
*
prf
,
UINT32
crypto_name
,
struct
crypto_algorithm
*
crypto
,
UINT32
salt_length
,
struct
lsh_string
*
password
,
UINT32
iterations
)
{
NEW
(
spki_password_encrypt
,
self
);
struct
lsh_string
*
key
;
struct
lsh_string
*
salt
;
assert
(
crypto
);
assert
(
prf
);
salt
=
lsh_string_alloc
(
salt_length
);
RANDOM
(
r
,
salt
->
length
,
salt
->
data
);
key
=
lsh_string_alloc
(
crypto
->
key_size
);
pkcs5_derive_key
(
prf
,
password
->
length
,
password
->
data
,
salt
->
length
,
salt
->
data
,
iterations
,
key
->
length
,
key
->
data
);
lsh_string_free
(
password
);
self
->
super
.
call
=
do_spki_encrypt
;
self
->
r
=
r
;
self
->
label
=
label
;
self
->
method
=
sexp_l
(
3
,
SA
(
XPKCS5V2
),
sexp_a
(
prf_name
),
sexp_l
(
2
,
SA
(
SALT
),
sexp_s
(
NULL
,
salt
),
-
1
),
-
1
);
self
->
algorithm_name
=
crypto_name
;
self
->
algorithm
=
crypto
;
self
->
key
=
key
;
return
&
self
->
super
;
}
This diff is collapsed.
Click to expand it.
src/spki_commands.h
+
12
−
0
View file @
77180ea6
...
...
@@ -45,4 +45,16 @@ extern struct command_simple spki_read_userkeys_command;
struct
command
*
make_spki_read_userkeys
(
struct
alist
*
algorithms
);
/* Encryption of private data. */
struct
command
*
make_pkcs5_encrypt
(
struct
randomness
*
r
,
struct
lsh_string
*
label
,
UINT32
prf_name
,
struct
mac_algorithm
*
prf
,
UINT32
crypto_name
,
struct
crypto_algorithm
*
crypto
,
UINT32
salt_length
,
struct
lsh_string
*
password
,
UINT32
iterations
);
#endif
/* LSH_SPKI_COMMANDS_H_INCLUDED */
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment