/* Generates RSA key pair. */
-SilcBool silc_pkcs1_generate_key(SilcUInt32 keylen,
- SilcRng rng,
- void **ret_public_key,
- void **ret_private_key)
+SILC_PKCS_ALG_GENERATE_KEY(silc_pkcs1_generate_key)
{
SilcUInt32 prime_bits = keylen / 2;
SilcMPInt p, q;
/* Import PKCS #1 compliant public key */
-int silc_pkcs1_import_public_key(unsigned char *key,
- SilcUInt32 key_len,
- void **ret_public_key)
+SILC_PKCS_ALG_IMPORT_PUBLIC_KEY(silc_pkcs1_import_public_key)
{
SilcAsn1 asn1 = NULL;
SilcBufferStruct alg_key;
/* Export PKCS #1 compliant public key */
-unsigned char *silc_pkcs1_export_public_key(void *public_key,
- SilcUInt32 *ret_len)
+SILC_PKCS_ALG_EXPORT_PUBLIC_KEY(silc_pkcs1_export_public_key)
{
RsaPublicKey *key = public_key;
SilcAsn1 asn1 = NULL;
SilcBufferStruct alg_key;
unsigned char *ret;
- asn1 = silc_asn1_alloc(NULL);
+ asn1 = silc_asn1_alloc(stack);
if (!asn1)
goto err;
/* Returns key length */
-SilcUInt32 silc_pkcs1_public_key_bitlen(void *public_key)
+SILC_PKCS_ALG_PUBLIC_KEY_BITLEN(silc_pkcs1_public_key_bitlen)
{
RsaPublicKey *key = public_key;
return key->bits;
/* Copy public key */
-void *silc_pkcs1_public_key_copy(void *public_key)
+SILC_PKCS_ALG_PUBLIC_KEY_COPY(silc_pkcs1_public_key_copy)
{
RsaPublicKey *key = public_key, *new_key;
/* Compare public keys */
-SilcBool silc_pkcs1_public_key_compare(void *key1, void *key2)
+SILC_PKCS_ALG_PUBLIC_KEY_COMPARE(silc_pkcs1_public_key_compare)
{
RsaPublicKey *k1 = key1, *k2 = key2;
/* Frees public key */
-void silc_pkcs1_public_key_free(void *public_key)
+SILC_PKCS_ALG_PUBLIC_KEY_FREE(silc_pkcs1_public_key_free)
{
RsaPublicKey *key = public_key;
/* Import PKCS #1 compliant private key */
-int silc_pkcs1_import_private_key(unsigned char *key,
- SilcUInt32 key_len,
- void **ret_private_key)
+SILC_PKCS_ALG_IMPORT_PRIVATE_KEY(silc_pkcs1_import_private_key)
{
SilcAsn1 asn1;
SilcBufferStruct alg_key;
/* Export PKCS #1 compliant private key */
-unsigned char *silc_pkcs1_export_private_key(void *private_key,
- SilcUInt32 *ret_len)
+SILC_PKCS_ALG_EXPORT_PRIVATE_KEY(silc_pkcs1_export_private_key)
{
RsaPrivateKey *key = private_key;
SilcAsn1 asn1;
SilcBufferStruct alg_key;
unsigned char *ret;
- asn1 = silc_asn1_alloc(NULL);
+ asn1 = silc_asn1_alloc(stack);
if (!asn1)
return FALSE;
/* Returns key length */
-SilcUInt32 silc_pkcs1_private_key_bitlen(void *private_key)
+SILC_PKCS_ALG_PRIVATE_KEY_BITLEN(silc_pkcs1_private_key_bitlen)
{
RsaPrivateKey *key = private_key;
return key->bits;
/* Frees private key */
-void silc_pkcs1_private_key_free(void *private_key)
+SILC_PKCS_ALG_PRIVATE_KEY_FREE(silc_pkcs1_private_key_free)
{
RsaPrivateKey *key = private_key;
/* PKCS #1 RSA routines */
-SilcBool silc_pkcs1_encrypt(void *public_key,
- unsigned char *src,
- SilcUInt32 src_len,
- unsigned char *dst,
- SilcUInt32 dst_size,
- SilcUInt32 *ret_dst_len,
- SilcRng rng)
+SILC_PKCS_ALG_ENCRYPT(silc_pkcs1_encrypt)
{
RsaPublicKey *key = public_key;
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
unsigned char padded[2048 + 1];
SilcUInt32 len = (key->bits + 7) / 8;
+ SilcStack stack;
- if (sizeof(padded) < len)
- return FALSE;
- if (dst_size < len)
- return FALSE;
+ if (sizeof(padded) < len) {
+ encrypt_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
/* Pad data */
if (!silc_pkcs1_encode(SILC_PKCS1_BT_PUB, src, src_len,
- padded, len, rng))
- return FALSE;
+ padded, len, rng)) {
+ encrypt_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
+
+ stack = silc_stack_alloc(2048, silc_crypto_stack());
- silc_mp_init(&mp_tmp);
- silc_mp_init(&mp_dst);
+ silc_mp_sinit(stack, &mp_tmp);
+ silc_mp_sinit(stack, &mp_dst);
/* Data to MP */
silc_mp_bin2mp(padded, len, &mp_tmp);
silc_rsa_public_operation(key, &mp_tmp, &mp_dst);
/* MP to data */
- silc_mp_mp2bin_noalloc(&mp_dst, dst, len);
- *ret_dst_len = len;
+ silc_mp_mp2bin_noalloc(&mp_dst, padded, len);
+
+ /* Deliver result */
+ encrypt_cb(TRUE, padded, len, context);
memset(padded, 0, sizeof(padded));
- silc_mp_uninit(&mp_tmp);
- silc_mp_uninit(&mp_dst);
+ silc_mp_suninit(stack, &mp_tmp);
+ silc_mp_suninit(stack, &mp_dst);
+ silc_stack_free(stack);
- return TRUE;
+ return NULL;
}
-SilcBool silc_pkcs1_decrypt(void *private_key,
- unsigned char *src,
- SilcUInt32 src_len,
- unsigned char *dst,
- SilcUInt32 dst_size,
- SilcUInt32 *ret_dst_len)
+SILC_PKCS_ALG_DECRYPT(silc_pkcs1_decrypt)
{
RsaPrivateKey *key = private_key;
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
unsigned char *padded, unpadded[2048 + 1];
- SilcUInt32 padded_len;
+ SilcUInt32 padded_len, dst_len;
+ SilcStack stack;
- if (dst_size < (key->bits + 7) / 8)
- return FALSE;
+ if (sizeof(unpadded) < (key->bits + 7) / 8) {
+ decrypt_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
+
+ stack = silc_stack_alloc(2048, silc_crypto_stack());
- silc_mp_init(&mp_tmp);
- silc_mp_init(&mp_dst);
+ silc_mp_sinit(stack, &mp_tmp);
+ silc_mp_sinit(stack, &mp_dst);
/* Data to MP */
silc_mp_bin2mp(src, src_len, &mp_tmp);
/* Unpad data */
if (!silc_pkcs1_decode(SILC_PKCS1_BT_PUB, padded, padded_len,
- unpadded, sizeof(unpadded), ret_dst_len)) {
+ unpadded, sizeof(unpadded), &dst_len)) {
memset(padded, 0, padded_len);
silc_free(padded);
- silc_mp_uninit(&mp_tmp);
- silc_mp_uninit(&mp_dst);
- return FALSE;
+ silc_mp_suninit(stack, &mp_tmp);
+ silc_mp_suninit(stack, &mp_dst);
+ decrypt_cb(FALSE, NULL, 0, context);
+ return NULL;
}
- /* Copy to destination */
- memcpy(dst, unpadded, *ret_dst_len);
+ /* Deliver result */
+ decrypt_cb(TRUE, unpadded, dst_len, context);
memset(padded, 0, padded_len);
memset(unpadded, 0, sizeof(unpadded));
silc_free(padded);
- silc_mp_uninit(&mp_tmp);
- silc_mp_uninit(&mp_dst);
+ silc_mp_suninit(stack, &mp_tmp);
+ silc_mp_suninit(stack, &mp_dst);
+ silc_stack_free(stack);
- return TRUE;
+ return NULL;
}
/* PKCS #1 sign with appendix, hash OID included in the signature */
-SilcBool silc_pkcs1_sign(void *private_key,
- unsigned char *src,
- SilcUInt32 src_len,
- unsigned char *signature,
- SilcUInt32 signature_size,
- SilcUInt32 *ret_signature_len,
- SilcBool compute_hash,
- SilcHash hash)
+SILC_PKCS_ALG_SIGN(silc_pkcs1_sign)
{
RsaPrivateKey *key = private_key;
unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN];
SilcBufferStruct di;
SilcUInt32 len = (key->bits + 7) / 8;
const char *oid;
+ SilcStack stack;
SilcAsn1 asn1;
SILC_LOG_DEBUG(("Sign"));
- if (sizeof(padded) < len)
- return FALSE;
- if (signature_size < len)
- return FALSE;
+ if (sizeof(padded) < len) {
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
oid = silc_hash_get_oid(hash);
- if (!oid)
- return FALSE;
+ if (!oid) {
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
- asn1 = silc_asn1_alloc(NULL);
- if (!asn1)
- return FALSE;
+ stack = silc_stack_alloc(2048, silc_crypto_stack());
+
+ asn1 = silc_asn1_alloc(stack);
+ if (!asn1) {
+ silc_stack_free(stack);
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
/* Compute hash */
if (compute_hash) {
SILC_ASN1_SEQUENCE,
SILC_ASN1_SEQUENCE,
SILC_ASN1_OID(oid),
- SILC_ASN1_NULL,
+ SILC_ASN1_NULL(TRUE),
SILC_ASN1_END,
SILC_ASN1_OCTET_STRING(src, src_len),
SILC_ASN1_END, SILC_ASN1_END)) {
silc_asn1_free(asn1);
- return FALSE;
+ silc_stack_free(stack);
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
}
SILC_LOG_HEXDUMP(("DigestInfo"), silc_buffer_data(&di),
silc_buffer_len(&di));
if (!silc_pkcs1_encode(SILC_PKCS1_BT_PRV1, silc_buffer_data(&di),
silc_buffer_len(&di), padded, len, NULL)) {
silc_asn1_free(asn1);
- return FALSE;
+ silc_stack_free(stack);
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
}
- silc_mp_init(&mp_tmp);
- silc_mp_init(&mp_dst);
+ silc_mp_sinit(stack, &mp_tmp);
+ silc_mp_sinit(stack, &mp_dst);
/* Data to MP */
silc_mp_bin2mp(padded, len, &mp_tmp);
silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
/* MP to data */
- silc_mp_mp2bin_noalloc(&mp_dst, signature, len);
- *ret_signature_len = len;
+ silc_mp_mp2bin_noalloc(&mp_dst, padded, len);
+
+ /* Deliver result */
+ sign_cb(TRUE, padded, len, context);
memset(padded, 0, sizeof(padded));
- silc_mp_uninit(&mp_tmp);
- silc_mp_uninit(&mp_dst);
if (compute_hash)
memset(hashr, 0, sizeof(hashr));
+ silc_mp_suninit(stack, &mp_tmp);
+ silc_mp_suninit(stack, &mp_dst);
silc_asn1_free(asn1);
+ silc_stack_free(stack);
- return TRUE;
+ return NULL;
}
/* PKCS #1 verification with appendix. */
-SilcBool silc_pkcs1_verify(void *public_key,
- unsigned char *signature,
- SilcUInt32 signature_len,
- unsigned char *data,
- SilcUInt32 data_len,
- SilcHash hash)
+SILC_PKCS_ALG_VERIFY(silc_pkcs1_verify)
{
RsaPublicKey *key = public_key;
SilcBool ret = FALSE;
unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN];
SilcUInt32 verify_len, len = (key->bits + 7) / 8;
SilcBufferStruct di, ldi;
+ SilcBool has_null = TRUE;
SilcHash ihash = NULL;
- SilcAsn1 asn1 = NULL;
+ SilcStack stack;
+ SilcAsn1 asn1;
char *oid;
SILC_LOG_DEBUG(("Verify signature"));
- asn1 = silc_asn1_alloc(NULL);
- if (!asn1)
- return FALSE;
+ stack = silc_stack_alloc(2048, silc_crypto_stack());
- silc_mp_init(&mp_tmp2);
- silc_mp_init(&mp_dst);
+ asn1 = silc_asn1_alloc(stack);
+ if (!asn1) {
+ verify_cb(FALSE, context);
+ return NULL;
+ }
+
+ silc_mp_sinit(stack, &mp_tmp2);
+ silc_mp_sinit(stack, &mp_dst);
/* Format the signature into MP int */
silc_mp_bin2mp(signature, signature_len, &mp_tmp2);
/* If hash isn't given, allocate the one given in digest info */
if (!hash) {
+ has_null = FALSE;
+
/* Decode digest info */
if (!silc_asn1_decode(asn1, &di,
SILC_ASN1_OPTS(SILC_ASN1_ACCUMUL),
SILC_ASN1_SEQUENCE,
SILC_ASN1_SEQUENCE,
SILC_ASN1_OID(&oid),
+ SILC_ASN1_NULL_T(SILC_ASN1_OPTIONAL,
+ SILC_ASN1_TAG_NULL, &has_null),
SILC_ASN1_END,
SILC_ASN1_END, SILC_ASN1_END))
goto err;
SILC_ASN1_SEQUENCE,
SILC_ASN1_SEQUENCE,
SILC_ASN1_OID(oid),
- SILC_ASN1_NULL,
+ SILC_ASN1_NULL(has_null),
SILC_ASN1_END,
SILC_ASN1_OCTET_STRING(data, data_len),
SILC_ASN1_END, SILC_ASN1_END))
silc_buffer_len(&ldi)))
ret = TRUE;
+ /* Deliver result */
+ verify_cb(ret, context);
+
memset(verify, 0, verify_len);
memset(unpadded, 0, sizeof(unpadded));
silc_free(verify);
- silc_mp_uninit(&mp_tmp2);
- silc_mp_uninit(&mp_dst);
+ silc_mp_suninit(stack, &mp_tmp2);
+ silc_mp_suninit(stack, &mp_dst);
if (hash)
memset(hashr, 0, sizeof(hashr));
if (ihash)
silc_hash_free(ihash);
silc_asn1_free(asn1);
+ silc_stack_free(stack);
- return ret;
+ return NULL;
err:
memset(verify, 0, verify_len);
silc_free(verify);
- silc_mp_uninit(&mp_tmp2);
- silc_mp_uninit(&mp_dst);
+ silc_mp_suninit(stack, &mp_tmp2);
+ silc_mp_suninit(stack, &mp_dst);
if (ihash)
silc_hash_free(ihash);
silc_asn1_free(asn1);
- return FALSE;
+ silc_stack_free(stack);
+
+ verify_cb(FALSE, context);
+ return NULL;
}
/* PKCS #1 sign without hash oid */
-SilcBool silc_pkcs1_sign_no_oid(void *private_key,
- unsigned char *src,
- SilcUInt32 src_len,
- unsigned char *signature,
- SilcUInt32 signature_size,
- SilcUInt32 *ret_signature_len,
- SilcBool compute_hash,
- SilcHash hash)
+SILC_PKCS_ALG_SIGN(silc_pkcs1_sign_no_oid)
{
RsaPrivateKey *key = private_key;
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN];
SilcUInt32 len = (key->bits + 7) / 8;
+ SilcStack stack;
SILC_LOG_DEBUG(("Sign"));
- if (sizeof(padded) < len)
- return FALSE;
- if (signature_size < len)
- return FALSE;
+ if (sizeof(padded) < len) {
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
/* Compute hash if requested */
if (compute_hash) {
/* Pad data */
if (!silc_pkcs1_encode(SILC_PKCS1_BT_PRV1, src, src_len,
- padded, len, NULL))
- return FALSE;
+ padded, len, NULL)) {
+ sign_cb(FALSE, NULL, 0, context);
+ return NULL;
+ }
+
+ stack = silc_stack_alloc(2048, silc_crypto_stack());
- silc_mp_init(&mp_tmp);
- silc_mp_init(&mp_dst);
+ silc_mp_sinit(stack, &mp_tmp);
+ silc_mp_sinit(stack, &mp_dst);
/* Data to MP */
silc_mp_bin2mp(padded, len, &mp_tmp);
silc_rsa_private_operation(key, &mp_tmp, &mp_dst);
/* MP to data */
- silc_mp_mp2bin_noalloc(&mp_dst, signature, len);
- *ret_signature_len = len;
+ silc_mp_mp2bin_noalloc(&mp_dst, padded, len);
+
+ /* Deliver result */
+ sign_cb(TRUE, padded, len, context);
memset(padded, 0, sizeof(padded));
- silc_mp_uninit(&mp_tmp);
- silc_mp_uninit(&mp_dst);
if (compute_hash)
memset(hashr, 0, sizeof(hashr));
+ silc_mp_suninit(stack, &mp_tmp);
+ silc_mp_suninit(stack, &mp_dst);
+ silc_stack_free(stack);
- return TRUE;
+ return NULL;
}
/* PKCS #1 verify without hash oid */
-SilcBool silc_pkcs1_verify_no_oid(void *public_key,
- unsigned char *signature,
- SilcUInt32 signature_len,
- unsigned char *data,
- SilcUInt32 data_len,
- SilcHash hash)
+SILC_PKCS_ALG_VERIFY(silc_pkcs1_verify_no_oid)
{
RsaPublicKey *key = public_key;
SilcBool ret = FALSE;
SilcMPInt mp_dst;
unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN];
SilcUInt32 verify_len, len = (key->bits + 7) / 8;
+ SilcStack stack;
SILC_LOG_DEBUG(("Verify signature"));
- silc_mp_init(&mp_tmp2);
- silc_mp_init(&mp_dst);
+ stack = silc_stack_alloc(2048, silc_crypto_stack());
+
+ silc_mp_sinit(stack, &mp_tmp2);
+ silc_mp_sinit(stack, &mp_dst);
/* Format the signature into MP int */
silc_mp_bin2mp(signature, signature_len, &mp_tmp2);
unpadded, sizeof(unpadded), &len)) {
memset(verify, 0, verify_len);
silc_free(verify);
- silc_mp_uninit(&mp_tmp2);
- silc_mp_uninit(&mp_dst);
- return FALSE;
+ silc_mp_suninit(stack, &mp_tmp2);
+ silc_mp_suninit(stack, &mp_dst);
+ silc_stack_free(stack);
+ verify_cb(FALSE, context);
+ return NULL;
}
/* Hash data if requested */
if (len == data_len && !memcmp(data, unpadded, len))
ret = TRUE;
+ /* Deliver result */
+ verify_cb(ret, context);
+
memset(verify, 0, verify_len);
memset(unpadded, 0, sizeof(unpadded));
- silc_free(verify);
- silc_mp_uninit(&mp_tmp2);
- silc_mp_uninit(&mp_dst);
if (hash)
memset(hashr, 0, sizeof(hashr));
+ silc_free(verify);
+ silc_mp_suninit(stack, &mp_tmp2);
+ silc_mp_suninit(stack, &mp_dst);
+ silc_stack_free(stack);
- return ret;
+ return NULL;
}