Commit 9bef175a authored by Niels Möller's avatar Niels Möller
Browse files

(spki_sexp2signer_command): Deleted command,

replaced with function spki_sexp_to_signer.
(make_pkcs5_encrypt): Deleted, replaced with spki_pkcs5_encrypt
function.

Rev: src/spki_commands.c:1.26
parent 241c9ea1
......@@ -86,39 +86,6 @@ DEFINE_COMMAND(spki_verifier2public)
/* Reading keys */
/* (sexp2signed algorithms sexp) -> signer */
DEFINE_COMMAND2(spki_sexp2signer_command)
(struct command_2 *s UNUSED,
struct lsh_object *a1,
struct lsh_object *a2,
struct command_continuation *c,
struct exception_handler *e)
{
CAST_SUBTYPE(alist, algorithms, a1);
CAST_SUBTYPE(sexp, key, a2);
struct sexp_iterator *i;
if ((i = sexp_check_type(key, ATOM_PRIVATE_KEY)))
{
struct sexp *expr = SEXP_GET(i);
struct signer *s;
if (!expr)
SPKI_ERROR(e, "spki.c: Invalid key.", key);
s = spki_make_signer(algorithms, expr, NULL);
if (s)
/* Test key here? */
COMMAND_RETURN(c, s);
else
SPKI_ERROR(e, "spki.c: Invalid key.", expr);
}
else
SPKI_ERROR(e, "spki.c: Expected private-key expression.", key);
}
/* FIXME: Ued only by sexp2keypair, move code there? */
static void
parse_private_key(struct alist *algorithms,
......@@ -507,100 +474,6 @@ make_spki_read_userkeys(struct alist *algorithms,
*
*/
/* GABA:
(class
(name spki_password_encrypt)
(super command)
(vars
(label string)
(method object sexp)
(algorithm_name . int)
(algorithm object crypto_algorithm)
(r object randomness)
(key string)))
*/
static void
do_spki_encrypt(struct command *s,
struct lsh_object *a,
struct command_continuation *c,
struct exception_handler *e UNUSED)
{
CAST(spki_password_encrypt, self, s);
CAST_SUBTYPE(sexp, expr, a);
struct lsh_string *iv = NULL;
if (self->algorithm->iv_size)
{
iv = lsh_string_alloc(self->algorithm->iv_size);
RANDOM(self->r, iv->length, iv->data);
}
COMMAND_RETURN(c,
sexp_l(4,
SA(PASSWORD_ENCRYPTED),
sexp_s(NULL, lsh_string_dup(self->label)),
self->method,
sexp_l(3,
sexp_a(self->algorithm_name),
sexp_l(2, SA(IV), sexp_s(NULL, iv), -1),
sexp_l(2, SA(DATA),
sexp_s(NULL, crypt_string_pad
(MAKE_ENCRYPT(self->algorithm,
self->key->data, iv ? iv->data : NULL),
sexp_format(expr, SEXP_CANONICAL, 0), 1)),
-1),
-1),
-1));
}
/* Consumes the label and password arguments. */
struct command *
make_pkcs5_encrypt(struct randomness *r,
struct lsh_string *label,
UINT32 prf_name,
struct mac_algorithm *prf,
int crypto_name,
struct crypto_algorithm *crypto,
UINT32 salt_length,
struct lsh_string *password,
UINT32 iterations)
{
NEW(spki_password_encrypt, self);
struct lsh_string *key;
struct lsh_string *salt;
assert(crypto);
assert(prf);
salt = lsh_string_alloc(salt_length);
RANDOM(r, salt->length, salt->data);
key = lsh_string_alloc(crypto->key_size);
pkcs5_derive_key(prf,
password->length, password->data,
salt->length, salt->data,
iterations,
key->length, key->data);
lsh_string_free(password);
self->super.call = do_spki_encrypt;
self->r = r;
self->label = label;
self->method = sexp_l(4, SA(XPKCS5V2), sexp_a(prf_name),
sexp_l(2, SA(ITERATIONS), sexp_uint32(iterations), -1),
sexp_l(2, SA(SALT), sexp_s(NULL, salt), -1), -1);
self->algorithm_name = crypto_name;
self->algorithm = crypto;
self->key = key;
return &self->super;
}
/* GABA:
(class
(name spki_password_decrypt)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment