Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
Macros | Enumerations | Functions
util.h File Reference
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <stdbool.h>
#include <stdint.h>
#include <yubihsm.h>
Include dependency graph for util.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define YH_INTERNAL   __attribute__((visibility("hidden")))
 

Enumerations

enum  format_t { _base64 , _binary , _hex }
 

Functions

bool YH_INTERNAL set_component (uint8_t *in_ptr, const BIGNUM *bn, int32_t element_len)
 
bool YH_INTERNAL read_private_key (uint8_t *buf, size_t len, yh_algorithm *algo, uint8_t *bytes, size_t *bytes_len, bool internal_repr)
 
void YH_INTERNAL format_digest (uint8_t *digest, char *str, uint16_t len)
 
int YH_INTERNAL algo2nid (yh_algorithm algo)
 
bool YH_INTERNAL algo2type (yh_algorithm algorithm, yh_object_type *type)
 
void YH_INTERNAL parse_NID (uint8_t *data, uint16_t data_len, const EVP_MD **md_type, int *digestinfo_len)
 
bool YH_INTERNAL read_file (FILE *fp, uint8_t *buf, size_t *buf_len)
 
bool YH_INTERNAL write_file (const uint8_t *buf, size_t buf_len, FILE *fp, format_t format)
 
bool YH_INTERNAL read_ed25519_key (uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
 
bool YH_INTERNAL write_ed25519_key (uint8_t *buf, size_t buf_len, FILE *fp, bool b64_encode)
 
bool YH_INTERNAL base64_decode (const char *in, uint8_t *out, size_t *len)
 
bool YH_INTERNAL hex_decode (const char *in, uint8_t *out, size_t *len)
 
bool YH_INTERNAL split_hmac_key (yh_algorithm algorithm, uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
 

Macro Definition Documentation

◆ YH_INTERNAL

#define YH_INTERNAL   __attribute__((visibility("hidden")))

Definition at line 34 of file util.h.

Enumeration Type Documentation

◆ format_t

enum format_t
Enumerator
_base64 
_binary 
_hex 

Definition at line 27 of file util.h.

27 {
28 _base64,
29 _binary,
30 _hex,
31} format_t;
format_t
format_t
Definition util.h:27
_base64
@ _base64
Definition util.h:28
_binary
@ _binary
Definition util.h:29
_hex
@ _hex
Definition util.h:30

Function Documentation

◆ algo2nid()

int YH_INTERNAL algo2nid ( yh_algorithm algo)

Definition at line 335 of file util.c.

335 {
336 switch (algo) {
337 case YH_ALGO_EC_P256:
338 return NID_X9_62_prime256v1;
339
340 case YH_ALGO_EC_P384:
341 return NID_secp384r1;
342
343 case YH_ALGO_EC_P521:
344 return NID_secp521r1;
345
346 case YH_ALGO_EC_P224:
347 return NID_secp224r1;
348
349 case YH_ALGO_EC_K256:
350 return NID_secp256k1;
351
352#ifdef NID_brainpoolP256r1
353 case YH_ALGO_EC_BP256:
354 return NID_brainpoolP256r1;
355#endif
356
357#ifdef NID_brainpoolP384r1
358 case YH_ALGO_EC_BP384:
359 return NID_brainpoolP384r1;
360#endif
361
362#ifdef NID_brainpoolP512r1
363 case YH_ALGO_EC_BP512:
364 return NID_brainpoolP512r1;
365#endif
366
367 default:
368 return 0;
369 }
370
371 return 0;
372}
YH_ALGO_EC_P521
@ YH_ALGO_EC_P521
ecp521
Definition yubihsm.h:418
YH_ALGO_EC_BP384
@ YH_ALGO_EC_BP384
ecbp384
Definition yubihsm.h:424
YH_ALGO_EC_P384
@ YH_ALGO_EC_P384
ecp384
Definition yubihsm.h:416
YH_ALGO_EC_BP512
@ YH_ALGO_EC_BP512
ecbp512
Definition yubihsm.h:426
YH_ALGO_EC_BP256
@ YH_ALGO_EC_BP256
ecbp256
Definition yubihsm.h:422
YH_ALGO_EC_K256
@ YH_ALGO_EC_K256
eck256
Definition yubihsm.h:420
YH_ALGO_EC_P256
@ YH_ALGO_EC_P256
ecp256
Definition yubihsm.h:414
YH_ALGO_EC_P224
@ YH_ALGO_EC_P224
ecp224
Definition yubihsm.h:484
Here is the caller graph for this function:

◆ algo2type()

bool YH_INTERNAL algo2type ( yh_algorithm algorithm,
yh_object_type * type )

Definition at line 374 of file util.c.

374 {
375
376 switch (algorithm) {
377 case YH_ALGO_RSA_PKCS1_SHA1:
378 case YH_ALGO_RSA_PKCS1_SHA256:
379 case YH_ALGO_RSA_PKCS1_SHA384:
380 case YH_ALGO_RSA_PKCS1_SHA512:
381 case YH_ALGO_RSA_PSS_SHA1:
382 case YH_ALGO_RSA_PSS_SHA256:
383 case YH_ALGO_RSA_PSS_SHA384:
384 case YH_ALGO_RSA_PSS_SHA512:
385 case YH_ALGO_RSA_2048:
386 case YH_ALGO_RSA_3072:
387 case YH_ALGO_RSA_4096:
388 case YH_ALGO_EC_P224:
389 case YH_ALGO_EC_P256:
390 case YH_ALGO_EC_P384:
391 case YH_ALGO_EC_P521:
392 case YH_ALGO_EC_K256:
393 case YH_ALGO_EC_BP256:
394 case YH_ALGO_EC_BP384:
395 case YH_ALGO_EC_BP512:
396 case YH_ALGO_EC_ECDSA_SHA1:
397 case YH_ALGO_EC_ECDH:
398 case YH_ALGO_RSA_OAEP_SHA1:
399 case YH_ALGO_RSA_OAEP_SHA256:
400 case YH_ALGO_RSA_OAEP_SHA384:
401 case YH_ALGO_RSA_OAEP_SHA512:
402 case YH_ALGO_EC_ECDSA_SHA256:
403 case YH_ALGO_EC_ECDSA_SHA384:
404 case YH_ALGO_EC_ECDSA_SHA512:
405 case YH_ALGO_EC_ED25519:
406 *type = YH_ASYMMETRIC_KEY;
407 break;
408
409 case YH_ALGO_HMAC_SHA1:
410 case YH_ALGO_HMAC_SHA256:
411 case YH_ALGO_HMAC_SHA384:
412 case YH_ALGO_HMAC_SHA512:
413 *type = YH_HMAC_KEY;
414 break;
415
416 case YH_ALGO_AES128_CCM_WRAP:
417 case YH_ALGO_AES192_CCM_WRAP:
418 case YH_ALGO_AES256_CCM_WRAP:
419 *type = YH_WRAP_KEY;
420 break;
421
422 case YH_ALGO_OPAQUE_DATA:
423 case YH_ALGO_OPAQUE_X509_CERTIFICATE:
424 *type = YH_OPAQUE;
425 break;
426
427 case YH_ALGO_TEMPLATE_SSH:
428 *type = YH_TEMPLATE;
429 break;
430
431 case YH_ALGO_AES128_YUBICO_OTP:
432 case YH_ALGO_AES192_YUBICO_OTP:
433 case YH_ALGO_AES256_YUBICO_OTP:
434 *type = YH_OTP_AEAD_KEY;
435 break;
436
437 case YH_ALGO_AES128_YUBICO_AUTHENTICATION:
438 *type = YH_AUTHENTICATION_KEY;
439 break;
440
441 case YH_ALGO_MGF1_SHA1:
442 case YH_ALGO_MGF1_SHA256:
443 case YH_ALGO_MGF1_SHA384:
444 case YH_ALGO_MGF1_SHA512:
445 default:
446 return false;
447 }
448
449 return true;
450}
YH_OTP_AEAD_KEY
@ YH_OTP_AEAD_KEY
OTP AEAD Key is a secret key used to decrypt Yubico OTP values.
Definition yubihsm.h:376
YH_WRAP_KEY
@ YH_WRAP_KEY
Definition yubihsm.h:369
YH_OPAQUE
@ YH_OPAQUE
Definition yubihsm.h:362
YH_HMAC_KEY
@ YH_HMAC_KEY
HMAC Key is a secret key used when computing and verifying HMAC signatures.
Definition yubihsm.h:371
YH_TEMPLATE
@ YH_TEMPLATE
Definition yubihsm.h:374
YH_ASYMMETRIC_KEY
@ YH_ASYMMETRIC_KEY
Asymmetric Key is the private key of an asymmetric key-pair.
Definition yubihsm.h:366
YH_AUTHENTICATION_KEY
@ YH_AUTHENTICATION_KEY
Authentication Key is used to establish Sessions with a device.
Definition yubihsm.h:364
YH_ALGO_MGF1_SHA512
@ YH_ALGO_MGF1_SHA512
mgf1-sha512
Definition yubihsm.h:460
YH_ALGO_RSA_PSS_SHA384
@ YH_ALGO_RSA_PSS_SHA384
rsa-pss-sha384
Definition yubihsm.h:404
YH_ALGO_EC_ECDH
@ YH_ALGO_EC_ECDH
ecdh
Definition yubihsm.h:438
YH_ALGO_RSA_PKCS1_SHA256
@ YH_ALGO_RSA_PKCS1_SHA256
rsa-pkcs1-sha256
Definition yubihsm.h:394
YH_ALGO_RSA_PKCS1_SHA1
@ YH_ALGO_RSA_PKCS1_SHA1
rsa-pkcs1-sha1
Definition yubihsm.h:392
YH_ALGO_RSA_PSS_SHA512
@ YH_ALGO_RSA_PSS_SHA512
rsa-pss-sha512
Definition yubihsm.h:406
YH_ALGO_RSA_PSS_SHA1
@ YH_ALGO_RSA_PSS_SHA1
rsa-pss-sha1
Definition yubihsm.h:400
YH_ALGO_EC_ECDSA_SHA256
@ YH_ALGO_EC_ECDSA_SHA256
ecdsa-sha256
Definition yubihsm.h:476
YH_ALGO_EC_ECDSA_SHA512
@ YH_ALGO_EC_ECDSA_SHA512
ecdsa-sha512
Definition yubihsm.h:480
YH_ALGO_AES128_YUBICO_AUTHENTICATION
@ YH_ALGO_AES128_YUBICO_AUTHENTICATION
aes128-yubico-authentication
Definition yubihsm.h:466
YH_ALGO_RSA_OAEP_SHA256
@ YH_ALGO_RSA_OAEP_SHA256
rsa-oaep-sha256
Definition yubihsm.h:442
YH_ALGO_OPAQUE_X509_CERTIFICATE
@ YH_ALGO_OPAQUE_X509_CERTIFICATE
opaque-x509-certificate
Definition yubihsm.h:452
YH_ALGO_AES192_YUBICO_OTP
@ YH_ALGO_AES192_YUBICO_OTP
aes192-yubico-otp
Definition yubihsm.h:468
YH_ALGO_AES128_YUBICO_OTP
@ YH_ALGO_AES128_YUBICO_OTP
aes128-yubico-otp
Definition yubihsm.h:464
YH_ALGO_EC_ECDSA_SHA384
@ YH_ALGO_EC_ECDSA_SHA384
ecdsa-sha384
Definition yubihsm.h:478
YH_ALGO_EC_ED25519
@ YH_ALGO_EC_ED25519
ed25519
Definition yubihsm.h:482
YH_ALGO_HMAC_SHA512
@ YH_ALGO_HMAC_SHA512
hmac-sha512
Definition yubihsm.h:434
YH_ALGO_HMAC_SHA384
@ YH_ALGO_HMAC_SHA384
hmac-sha384
Definition yubihsm.h:432
YH_ALGO_MGF1_SHA384
@ YH_ALGO_MGF1_SHA384
mgf1-sha384
Definition yubihsm.h:458
YH_ALGO_RSA_PKCS1_SHA512
@ YH_ALGO_RSA_PKCS1_SHA512
rsa-pkcs1-sha512
Definition yubihsm.h:398
YH_ALGO_AES256_CCM_WRAP
@ YH_ALGO_AES256_CCM_WRAP
aes256-ccm-wrap
Definition yubihsm.h:474
YH_ALGO_HMAC_SHA1
@ YH_ALGO_HMAC_SHA1
hmac-sha1
Definition yubihsm.h:428
YH_ALGO_RSA_OAEP_SHA512
@ YH_ALGO_RSA_OAEP_SHA512
rsa-oaep-sha512
Definition yubihsm.h:446
YH_ALGO_RSA_2048
@ YH_ALGO_RSA_2048
rsa2048
Definition yubihsm.h:408
YH_ALGO_HMAC_SHA256
@ YH_ALGO_HMAC_SHA256
hmac-sha256
Definition yubihsm.h:430
YH_ALGO_RSA_OAEP_SHA384
@ YH_ALGO_RSA_OAEP_SHA384
rsa-oaep-sha384
Definition yubihsm.h:444
YH_ALGO_OPAQUE_DATA
@ YH_ALGO_OPAQUE_DATA
opaque-data
Definition yubihsm.h:450
YH_ALGO_AES192_CCM_WRAP
@ YH_ALGO_AES192_CCM_WRAP
aes192-ccm-wrap
Definition yubihsm.h:472
YH_ALGO_RSA_PSS_SHA256
@ YH_ALGO_RSA_PSS_SHA256
rsa-pss-sha256
Definition yubihsm.h:402
YH_ALGO_AES256_YUBICO_OTP
@ YH_ALGO_AES256_YUBICO_OTP
aes256-yubico-otp
Definition yubihsm.h:470
YH_ALGO_TEMPLATE_SSH
@ YH_ALGO_TEMPLATE_SSH
template-ssh
Definition yubihsm.h:462
YH_ALGO_MGF1_SHA1
@ YH_ALGO_MGF1_SHA1
mgf1-sha1
Definition yubihsm.h:454
YH_ALGO_AES128_CCM_WRAP
@ YH_ALGO_AES128_CCM_WRAP
aes128-ccm-wrap
Definition yubihsm.h:448
YH_ALGO_MGF1_SHA256
@ YH_ALGO_MGF1_SHA256
mgf1-sha256
Definition yubihsm.h:456
YH_ALGO_RSA_4096
@ YH_ALGO_RSA_4096
rsa4096
Definition yubihsm.h:412
YH_ALGO_EC_ECDSA_SHA1
@ YH_ALGO_EC_ECDSA_SHA1
ecdsa-sha1
Definition yubihsm.h:436
YH_ALGO_RSA_OAEP_SHA1
@ YH_ALGO_RSA_OAEP_SHA1
rsa-oaep-sha1
Definition yubihsm.h:440
YH_ALGO_RSA_PKCS1_SHA384
@ YH_ALGO_RSA_PKCS1_SHA384
rsa-pkcs1-sha384
Definition yubihsm.h:396
YH_ALGO_RSA_3072
@ YH_ALGO_RSA_3072
rsa3072
Definition yubihsm.h:410
algorithm
yh_algorithm algorithm
Definition yubihsm.h:619
Here is the caller graph for this function:

◆ base64_decode()

bool YH_INTERNAL base64_decode ( const char * in,
uint8_t * out,
size_t * len )

Definition at line 503 of file util.c.

503 {
504 int ret;
505 BIO *b64 = BIO_new(BIO_f_base64());
506 BIO *bio = BIO_new(BIO_s_mem());
507 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
508 BIO_push(b64, bio);
509
510 (void) BIO_write(bio, in, strlen(in));
511 (void) BIO_flush(bio);
512 ret = BIO_read(b64, out, *len);
513
514 BIO_free_all(b64);
515
516 if (ret <= 0) {
517 return false;
518 } else {
519 *len = ret;
520 return true;
521 }
522}
ret
CK_RV ret
Definition yubihsm_pkcs11.c:973
len
size_t len
Definition yubihsm_pkcs11.c:4771

◆ format_digest()

void YH_INTERNAL format_digest ( uint8_t * digest,
char * str,
uint16_t len )

Definition at line 326 of file util.c.

326 {
327
328 for (uint32_t i = 0; i < len; i++) {
329 sprintf(str + (2 * i), "%02x", digest[i]);
330 }
331
332 str[2 * len] = '\0';
333}
CLI::detail::str
return str
Definition CLI11.hpp:1359
uint32_t
unsigned int uint32_t
Definition stdint.h:126
Here is the caller graph for this function:

◆ hex_decode()

bool YH_INTERNAL hex_decode ( const char * in,
uint8_t * out,
size_t * len )

Definition at line 524 of file util.c.

524 {
525 int pos = 0;
526 size_t in_len = strlen(in);
527 if (in[in_len - 1] == '\n') {
528 in_len--;
529 }
530 if (in[in_len - 1] == '\r') {
531 in_len--;
532 }
533 if (in_len % 2 != 0) {
534 return false;
535 } else if (in_len / 2 > *len) {
536 return false;
537 }
538
539 for (size_t i = 0; i < in_len / 2; i++) {
540 char *endptr = NULL;
541 char buf[3] = {0};
542 long num;
543 errno = 0;
544
545 buf[0] = in[pos];
546 buf[1] = in[pos + 1];
547 num = strtol((const char *) buf, &endptr, 16);
548 if ((errno == ERANGE && (num < 0 || num > UCHAR_MAX)) ||
549 (errno != 0 && num == 0) || *endptr != '\0') {
550 return false;
551 }
552 out[i] = (uint8_t) num;
553 pos += 2;
554 }
555 *len = in_len / 2;
556 return true;
557}
uint8_t
unsigned char uint8_t
Definition stdint.h:124
buf
uint8_t buf[2048]
Definition yubihsm_pkcs11.c:4770
in_len
size_t in_len
Definition yubihsm_pkcs11.c:4978
Here is the caller graph for this function:

◆ parse_NID()

void YH_INTERNAL parse_NID ( uint8_t * data,
uint16_t data_len,
const EVP_MD ** md_type,
int * digestinfo_len )

Definition at line 452 of file util.c.

453 {
454 if (data_len >= sizeof(sha1oid) &&
455 memcmp(sha1oid, data, sizeof(sha1oid)) == 0) {
456 *md_type = EVP_sha1();
457 *digestinfo_len = sizeof(sha1oid);
458 } else if (data_len >= sizeof(sha256oid) &&
459 memcmp(sha256oid, data, sizeof(sha256oid)) == 0) {
460 *md_type = EVP_sha256();
461 *digestinfo_len = sizeof(sha256oid);
462 } else if (data_len >= sizeof(sha384oid) &&
463 memcmp(sha384oid, data, sizeof(sha384oid)) == 0) {
464 *md_type = EVP_sha384();
465 *digestinfo_len = sizeof(sha384oid);
466 } else if (data_len >= sizeof(sha512oid) &&
467 memcmp(sha512oid, data, sizeof(sha512oid)) == 0) {
468 *md_type = EVP_sha512();
469 *digestinfo_len = sizeof(sha512oid);
470 } else {
471 *md_type = EVP_md_null();
472 *digestinfo_len = 0;
473 }
474}
Here is the caller graph for this function:

◆ read_ed25519_key()

bool YH_INTERNAL read_ed25519_key ( uint8_t * in,
size_t in_len,
uint8_t * out,
size_t * out_len )

Definition at line 77 of file util.c.

78 {
79
80 uint8_t decoded[128];
81 size_t decoded_len = sizeof(decoded);
82
83 if (memcmp(in, PEM_private_header, 28) != 0 ||
84 memcmp(in + in_len - 26, PEM_private_trailer, 25) != 0) {
85 return false;
86 }
87
88 int ret;
89 BIO *b64 = BIO_new(BIO_f_base64());
90 BIO *bio = BIO_new(BIO_s_mem());
91 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
92 BIO_push(b64, bio);
93
94 (void) BIO_write(bio, in + 28, in_len - 28 - 25);
95 (void) BIO_flush(bio);
96 ret = BIO_read(b64, decoded, decoded_len);
97
98 BIO_free_all(b64);
99
100 if (ret <= 0 || ret != 48) {
101 return false;
102 }
103
104 if (memcmp(decoded, ed25519private_oid, sizeof(ed25519private_oid)) != 0) {
105 return false;
106 }
107
108 memcpy(out, decoded + 16, 32);
109 *out_len = 32;
110
111 insecure_memzero(decoded, 48);
112
113 return true;
114}
insecure_memzero
#define insecure_memzero(buf, len)
Definition insecure_memzero.h:31
out_len
size_t out_len
Definition yubihsm_pkcs11.c:5000
memcpy
memcpy((char *) pInfo->slotDescription, s, l)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ read_file()

bool YH_INTERNAL read_file ( FILE * fp,
uint8_t * buf,
size_t * buf_len )

Definition at line 476 of file util.c.

476 {
477 size_t n = 0;
478 size_t available = *buf_len;
479 uint8_t *p = buf;
480
481 do {
482 n = fread(p, 1, available, fp);
483 available -= n;
484 p += n;
485 } while (!feof(fp) && !ferror(fp) && available > 0);
486
487 if (ferror(fp)) {
488 return false;
489 }
490
491 if (!feof(fp) && available == 0) {
492 uint8_t b[1];
493 n = fread(b, 1, 1, fp);
494 if (!feof(fp)) {
495 return false;
496 }
497 }
498
499 *buf_len = p - buf;
500 return true;
501}
p
const mie::Vuint & p
Definition bn.cpp:27
Here is the caller graph for this function:

◆ read_private_key()

bool YH_INTERNAL read_private_key ( uint8_t * buf,
size_t len,
yh_algorithm * algo,
uint8_t * bytes,
size_t * bytes_len,
bool internal_repr )

Definition at line 116 of file util.c.

117 {
118
119 if (read_ed25519_key(buf, len, bytes, bytes_len) == true) {
120 *algo = YH_ALGO_EC_ED25519;
121 return true;
122 }
123
124 EVP_PKEY *private_key;
125
126 BIO *bio = BIO_new(BIO_s_mem());
127 if (bio == NULL) {
128 return false;
129 }
130
131 (void) BIO_write(bio, buf, len);
132
133 private_key = PEM_read_bio_PrivateKey(bio, NULL, NULL, /*password*/ NULL);
134 BIO_free_all(bio);
135 if (private_key == NULL) {
136 return false;
137 }
138
139 bool ret = false;
140
141 RSA *rsa = NULL;
142
143 BIGNUM *x = NULL;
144 BIGNUM *y = NULL;
145 EC_KEY *ec_private = NULL;
146
147 switch (EVP_PKEY_base_id(private_key)) {
148 case EVP_PKEY_RSA: {
149 rsa = EVP_PKEY_get1_RSA(private_key);
150 unsigned char e[4];
151 int size = RSA_size(rsa);
152 const BIGNUM *bn_n, *bn_e, *bn_p, *bn_q;
153
154 RSA_get0_key(rsa, &bn_n, &bn_e, NULL);
155 RSA_get0_factors(rsa, &bn_p, &bn_q);
156
157 if (set_component(e, bn_e, 3) == false ||
158 !(e[0] == 0x01 && e[1] == 0x00 && e[2] == 0x01)) {
159 goto cleanup;
160 }
161
162 if (size == 256) {
163 *algo = YH_ALGO_RSA_2048;
164 } else if (size == 384) {
165 *algo = YH_ALGO_RSA_3072;
166 } else if (size == 512) {
167 *algo = YH_ALGO_RSA_4096;
168 } else {
169 goto cleanup;
170 }
171
172 if (set_component(bytes, bn_p, size / 2) == false) {
173 goto cleanup;
174 }
175
176 if (set_component(bytes + size / 2, bn_q, size / 2) == false) {
177 goto cleanup;
178 }
179
180 if (internal_repr == true) {
181 const BIGNUM *dmp1, *dmq1, *iqmp;
182 uint8_t *ptr = bytes + size;
183
184 RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
185 if (set_component(ptr, dmp1, size / 2) == false) {
186 goto cleanup;
187 }
188 ptr += size / 2;
189
190 if (set_component(ptr, dmq1, size / 2) == false) {
191 goto cleanup;
192 }
193 ptr += size / 2;
194
195 if (set_component(ptr, iqmp, size / 2) == false) {
196 goto cleanup;
197 }
198 ptr += size / 2;
199
200 if (set_component(ptr, bn_n, size) == false) {
201 goto cleanup;
202 }
203
204 *bytes_len = (size / 2) * 7;
205 } else {
206 *bytes_len = size;
207 }
208 } break;
209
210 case EVP_PKEY_EC: {
211 ec_private = EVP_PKEY_get1_EC_KEY(private_key);
212 if (ec_private == NULL) {
213 goto cleanup;
214 }
215
216 const BIGNUM *s = EC_KEY_get0_private_key(ec_private);
217 const EC_GROUP *group = EC_KEY_get0_group(ec_private);
218 int curve = EC_GROUP_get_curve_name(group);
219 int size = 0;
220
221 if (curve == NID_X9_62_prime256v1) {
222 *algo = YH_ALGO_EC_P256;
223 size = 32;
224 } else if (curve == NID_secp384r1) {
225 *algo = YH_ALGO_EC_P384;
226 size = 48;
227 } else if (curve == NID_secp521r1) {
228 *algo = YH_ALGO_EC_P521;
229 size = 66;
230 } else if (curve == NID_secp224r1) {
231 *algo = YH_ALGO_EC_P224;
232 size = 28;
233#ifdef NID_brainpoolP256r1
234 } else if (curve == NID_brainpoolP256r1) {
235 *algo = YH_ALGO_EC_BP256;
236 size = 32;
237#endif
238#ifdef NID_brainpoolP384r1
239 } else if (curve == NID_brainpoolP384r1) {
240 *algo = YH_ALGO_EC_BP384;
241 size = 48;
242#endif
243#ifdef NID_brainpoolP512r1
244 } else if (curve == NID_brainpoolP512r1) {
245 *algo = YH_ALGO_EC_BP512;
246 size = 64;
247#endif
248 } else if (curve == NID_secp256k1) {
249 *algo = YH_ALGO_EC_K256;
250 size = 32;
251 } else {
252 goto cleanup;
253 }
254
255 if (set_component(bytes, s, size) == false) {
256 goto cleanup;
257 }
258
259 if (internal_repr == true) {
260 const EC_POINT *ec_public = EC_KEY_get0_public_key(ec_private);
261
262 x = BN_new();
263 if (x == NULL) {
264 goto cleanup;
265 }
266
267 y = BN_new();
268 if (y == NULL) {
269 goto cleanup;
270 }
271
272 if (EC_POINT_get_affine_coordinates_GFp(group, ec_public, x, y, NULL) ==
273 0) {
274 goto cleanup;
275 }
276
277 uint8_t *ptr = bytes + size;
278 if (set_component(ptr, x, size) == false) {
279 goto cleanup;
280 }
281 ptr += size;
282
283 if (set_component(ptr, y, size) == false) {
284 goto cleanup;
285 }
286
287 *bytes_len = size * 3;
288 } else {
289 *bytes_len = size;
290 }
291 } break;
292
293 default:
294 goto cleanup;
295 }
296
297 ret = true;
298
299cleanup:
300
301 if (rsa != NULL) {
302 RSA_free(rsa);
303 rsa = NULL;
304 }
305
306 if (x != NULL) {
307 BN_free(x);
308 x = NULL;
309 }
310
311 if (y != NULL) {
312 BN_free(y);
313 y = NULL;
314 }
315
316 if (ec_private != NULL) {
317 EC_KEY_free(ec_private);
318 ec_private = NULL;
319 }
320
321 EVP_PKEY_free(private_key);
322
323 return ret;
324}
BIGNUM
bignum_st BIGNUM
Definition bigint.hpp:7
fc::y
uint64_t y
Definition sha3.cpp:34
sysio::chain::bytes
vector< char > bytes
Definition types.hpp:243
RSA_get0_crt_params
void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp)
Definition openssl-compat.c:54
RSA_get0_key
void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
Definition openssl-compat.c:37
RSA_get0_factors
void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
Definition openssl-compat.c:47
read_ed25519_key
bool read_ed25519_key(uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition util.c:77
set_component
bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len)
Definition util.c:30
s
char * s
Definition yubihsm_pkcs11.c:524
Here is the call graph for this function:
Here is the caller graph for this function:

◆ set_component()

bool YH_INTERNAL set_component ( uint8_t * in_ptr,
const BIGNUM * bn,
int32_t element_len )

◆ split_hmac_key()

bool YH_INTERNAL split_hmac_key ( yh_algorithm algorithm,
uint8_t * in,
size_t in_len,
uint8_t * out,
size_t * out_len )

Definition at line 653 of file util.c.

654 {
655
656 uint8_t key[128 * 2] = {0};
657 uint8_t block_size;
658
659 switch (algorithm) {
660 case YH_ALGO_HMAC_SHA1:
661 block_size = EVP_MD_block_size(EVP_sha1());
662 break;
663
664 case YH_ALGO_HMAC_SHA256:
665 block_size = EVP_MD_block_size(EVP_sha256());
666 break;
667
668 case YH_ALGO_HMAC_SHA384:
669 block_size = EVP_MD_block_size(EVP_sha384());
670 break;
671
672 case YH_ALGO_HMAC_SHA512:
673 block_size = EVP_MD_block_size(EVP_sha512());
674 break;
675
676 default:
677 return false;
678 }
679
680 if (in_len > block_size) {
681 return false; // TODO(adma): hash the key
682 }
683
684 memcpy(key, in, in_len);
685
686 for (uint8_t i = 0; i < block_size; i++) {
687 out[i] = key[i] ^ 0x36;
688 out[i + block_size] = key[i] ^ 0x5c;
689 }
690
691 *out_len = 2 * block_size;
692
693 return true;
694}
Here is the call graph for this function:
Here is the caller graph for this function:

◆ write_ed25519_key()

bool YH_INTERNAL write_ed25519_key ( uint8_t * buf,
size_t buf_len,
FILE * fp,
bool b64_encode )

Definition at line 622 of file util.c.

623 {
624
625 if (b64_encode == true) {
626 uint8_t newline = '\n';
627 uint8_t asn1[64];
628 uint8_t padding = 0;
629
630 if ((buf[0] & 0x80) != 0) {
631 padding = 1;
632 }
633
634 memcpy(asn1, ed25519public_oid, sizeof(ed25519public_oid));
635 asn1[1] += padding;
636 memset(asn1 + sizeof(ed25519public_oid), 0, padding);
637 asn1[10] += padding;
638 memcpy(asn1 + sizeof(ed25519public_oid) + padding, buf, buf_len);
639
640 write_file((uint8_t *) PEM_public_header, sizeof(PEM_public_header) - 1, fp,
641 false);
642 write_file(asn1, sizeof(ed25519public_oid) + padding + buf_len, fp, true);
643 write_file(&newline, 1, fp, false);
644 write_file((uint8_t *) PEM_public_trailer, sizeof(PEM_public_trailer) - 1,
645 fp, false);
646 } else {
647 write_file(buf, buf_len, fp, false);
648 }
649
650 return true;
651}
write_file
bool write_file(const uint8_t *buf, size_t buf_len, FILE *fp, format_t format)
Definition util.c:559
memset
memset(pInfo->slotDescription, ' ', 64)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ write_file()

bool YH_INTERNAL write_file ( const uint8_t * buf,
size_t buf_len,
FILE * fp,
format_t format )

Definition at line 559 of file util.c.

559 {
560
561 const uint8_t *p = buf;
562 uint8_t *data = NULL;
563 size_t length = buf_len;
564 size_t written = 0;
565 BIO *b64 = NULL;
566
567 if (format == _base64) {
568 BIO *bio;
569 BUF_MEM *bufferPtr;
570
571 b64 = BIO_new(BIO_f_base64());
572 bio = BIO_new(BIO_s_mem());
573 bio = BIO_push(b64, bio);
574
575 (void) BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
576 (void) BIO_write(bio, buf, buf_len);
577 (void) BIO_flush(bio);
578 (void) BIO_get_mem_ptr(bio, &bufferPtr);
579 p = (uint8_t *) bufferPtr->data;
580 length = bufferPtr->length;
581 } else if (format == _hex) {
582 data = calloc(buf_len * 2 + 1, 1);
583 if (data == NULL) {
584 return false;
585 }
586 for (size_t i = 0; i < buf_len; i++) {
587 sprintf((char *) data + i * 2, "%02x", buf[i]);
588 }
589 p = data;
590 length = buf_len * 2;
591 }
592
593 do {
594 written = fwrite(p, 1, length, fp);
595 length -= written;
596 p += written;
597 } while (!feof(fp) && !ferror(fp) && length > 0);
598
599 if (fp == stdout || fp == stderr) {
600 fprintf(fp, "\n");
601 }
602
603 if (b64 != NULL) {
604 BIO_free_all(b64);
605 b64 = NULL;
606 }
607
608 if (data != NULL) {
609 free(data);
610 data = NULL;
611 }
612
613 if (ferror(fp) || feof(fp)) {
614 return false;
615 }
616
617 fflush(fp);
618
619 return true;
620}
format
cmd_format format
Definition yubihsm-shell.h:40
Here is the caller graph for this function: