Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 1997 - 2007 Pekka Riikonen
+ Copyright (C) 1997 - 2008 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
*/
-#include "silc.h"
+#include "silccrypto.h"
#include "silcpk_i.h"
/****************************** Key generation *******************************/
int len;
/* Protocol says that at least UN and HN must be provided as identifier */
- if (!strstr(identifier, "UN=") && !strstr(identifier, "HN=")) {
+ if (!strstr(identifier, "UN=") || !strstr(identifier, "HN=")) {
SILC_LOG_DEBUG(("The public does not have the required UN= and HN= "
"identifiers"));
return FALSE;
SilcBufferStruct buf;
char *identifier;
- if (!username || !host)
+ if (!username || !host) {
+ SILC_LOG_ERROR(("Public key identifier is missing UN and/or HN"));
return NULL;
- if (strlen(username) < 3 || strlen(host) < 3)
+ }
+ if (strlen(username) < 1 || strlen(host) < 1)
return NULL;
memset(&buf, 0, sizeof(buf));
if (version) {
if (strlen(version) > 1 || !isdigit(version[0])) {
silc_buffer_spurge(stack, &buf);
+ SILC_LOG_ERROR(("Public key identifier has invalid version (V)"));
return NULL;
}
silc_buffer_sformat(stack, &buf,
/* Check start of file and remove header from the data. */
len = strlen(SILC_PKCS_PUBLIC_KEYFILE_BEGIN);
if (filedata_len < len + strlen(SILC_PKCS_PUBLIC_KEYFILE_END)) {
- SILC_LOG_ERROR(("Malformed SILC public key header"));
+ SILC_LOG_DEBUG(("Malformed SILC public key header"));
return FALSE;
}
for (i = 0; i < len; i++) {
if (*filedata != SILC_PKCS_PUBLIC_KEYFILE_BEGIN[i]) {
- SILC_LOG_ERROR(("Malformed SILC public key header"));
+ SILC_LOG_DEBUG(("Malformed SILC public key header"));
return FALSE;
}
filedata++;
break;
}
- ret = silc_pkcs_silc_import_public_key(pkcs, filedata, filedata_len,
+ ret = silc_pkcs_silc_import_public_key(pkcs, NULL, filedata, filedata_len,
ret_public_key, ret_alg);
silc_free(data);
SILC_PKCS_IMPORT_PUBLIC_KEY(silc_pkcs_silc_import_public_key)
{
- const SilcPKCSAlgorithm *alg;
SilcBufferStruct buf, alg_key;
SilcSILCPublicKey silc_pubkey = NULL;
SilcAsn1 asn1 = NULL;
/* Check start of file and remove header from the data. */
len = strlen(SILC_PKCS_PRIVATE_KEYFILE_BEGIN);
if (filedata_len < len + strlen(SILC_PKCS_PRIVATE_KEYFILE_END)) {
- SILC_LOG_ERROR(("Malformed SILC private key header"));
+ SILC_LOG_DEBUG(("Malformed SILC private key header"));
return FALSE;
}
for (i = 0; i < len; i++) {
if (*filedata != SILC_PKCS_PRIVATE_KEYFILE_BEGIN[i]) {
- SILC_LOG_ERROR(("Malformed SILC private key header"));
+ SILC_LOG_DEBUG(("Malformed SILC private key header"));
return FALSE;
}
filedata++;
}
/* Allocate HMAC */
- if (!silc_hmac_alloc("hmac-sha1-96", NULL, &sha1hmac)) {
+ if (!silc_mac_alloc("hmac-sha1-96", &sha1hmac)) {
SILC_LOG_ERROR(("Could not allocate SHA1 HMAC, probably not registered"));
silc_hash_free(sha1);
silc_cipher_free(aes);
silc_cipher_set_key(aes, keymat, 256, FALSE);
/* First, verify the MAC of the private key data */
- mac_len = silc_hmac_len(sha1hmac);
- silc_hmac_init_with_key(sha1hmac, keymat, 16);
- silc_hmac_update(sha1hmac, filedata, len - mac_len);
- silc_hmac_final(sha1hmac, tmp, NULL);
+ mac_len = silc_mac_len(sha1hmac);
+ silc_mac_init_with_key(sha1hmac, keymat, 16);
+ silc_mac_update(sha1hmac, filedata, len - mac_len);
+ silc_mac_final(sha1hmac, tmp, NULL);
if (memcmp(tmp, filedata + (len - mac_len), mac_len)) {
SILC_LOG_DEBUG(("Integrity check for private key failed"));
memset(keymat, 0, sizeof(keymat));
memset(tmp, 0, sizeof(tmp));
- silc_hmac_free(sha1hmac);
+ silc_mac_free(sha1hmac);
silc_hash_free(sha1);
silc_cipher_free(aes);
return FALSE;
SILC_LOG_DEBUG(("Bad private key length in buffer!"));
memset(keymat, 0, sizeof(keymat));
memset(tmp, 0, sizeof(tmp));
- silc_hmac_free(sha1hmac);
+ silc_mac_free(sha1hmac);
silc_hash_free(sha1);
silc_cipher_free(aes);
return FALSE;
/* Cleanup */
memset(keymat, 0, sizeof(keymat));
memset(tmp, 0, sizeof(tmp));
- silc_hmac_free(sha1hmac);
+ silc_mac_free(sha1hmac);
silc_hash_free(sha1);
silc_cipher_free(aes);
/* Import the private key */
- ret = silc_pkcs_silc_import_private_key(pkcs, filedata, len, ret_private_key,
- ret_alg);
+ ret = silc_pkcs_silc_import_private_key(pkcs, NULL, NULL, 0, filedata,
+ len, ret_private_key, ret_alg);
silc_free(data);
SILC_PKCS_IMPORT_PRIVATE_KEY(silc_pkcs_silc_import_private_key)
{
SilcBufferStruct buf;
- const SilcPKCSAlgorithm *alg;
SilcBufferStruct alg_key;
SilcSILCPrivateKey silc_privkey = NULL;
SilcAsn1 asn1 = NULL;
}
/* Allocate HMAC */
- if (!silc_hmac_alloc("hmac-sha1-96", NULL, &sha1hmac)) {
+ if (!silc_mac_alloc("hmac-sha1-96", &sha1hmac)) {
SILC_LOG_ERROR(("Could not allocate SHA1 HMAC, probably not registered"));
silc_sfree(stack, key);
silc_hash_free(sha1);
block size of the cipher. */
/* Allocate buffer for encryption */
- len = silc_hmac_len(sha1hmac);
+ len = silc_mac_len(sha1hmac);
padlen = 16 + (16 - ((key_len + 4) % blocklen));
enc = silc_buffer_salloc_size(stack, 4 + 4 + key_len + padlen + len);
if (!enc) {
silc_sfree(stack, key);
- silc_hmac_free(sha1hmac);
+ silc_mac_free(sha1hmac);
silc_hash_free(sha1);
silc_cipher_free(aes);
return FALSE;
/* Compute HMAC over the encrypted data and append the MAC to data.
The key is the first digest of the original key material. */
key_len = silc_buffer_len(enc) - len;
- silc_hmac_init_with_key(sha1hmac, keymat, 16);
- silc_hmac_update(sha1hmac, enc->data, key_len);
+ silc_mac_init_with_key(sha1hmac, keymat, 16);
+ silc_mac_update(sha1hmac, enc->data, key_len);
silc_buffer_pull(enc, key_len);
- silc_hmac_final(sha1hmac, enc->data, NULL);
+ silc_mac_final(sha1hmac, enc->data, NULL);
silc_buffer_push(enc, key_len);
/* Cleanup */
memset(keymat, 0, sizeof(keymat));
memset(tmp, 0, sizeof(tmp));
- silc_hmac_free(sha1hmac);
+ silc_mac_free(sha1hmac);
silc_hash_free(sha1);
silc_cipher_free(aes);
return silc_privkey->pkcs->sign(silc_privkey->pkcs,
silc_privkey->private_key,
src, src_len,
- compute_hash, hash,
+ compute_hash, hash, rng,
sign_cb, context);
}
return silc_pubkey->pkcs->verify(silc_pubkey->pkcs,
silc_pubkey->public_key,
signature, signature_len,
- data, data_len, hash,
+ data, data_len, hash != NULL, hash, rng,
verify_cb, context);
}
projects / crypto.git / blobdiff