2012-10-16 14:27:46 +00:00
|
|
|
/*
|
2013-01-30 14:36:03 +00:00
|
|
|
* Copyright (C) 2012-2013 Reto Buerki
|
|
|
|
* Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
|
2018-05-23 14:04:50 +00:00
|
|
|
* HSR Hochschule fuer Technik Rapperswil
|
2012-10-16 14:27:46 +00:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
|
|
* under the terms of the GNU General Public License as published by the
|
|
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
* for more details.
|
|
|
|
*/
|
|
|
|
|
2017-10-13 12:33:43 +00:00
|
|
|
#include <library.h>
|
2012-10-16 14:27:46 +00:00
|
|
|
#include <utils/debug.h>
|
|
|
|
#include <tkm/constants.h>
|
|
|
|
#include <tkm/client.h>
|
|
|
|
|
|
|
|
#include "tkm_utils.h"
|
|
|
|
#include "tkm_types.h"
|
|
|
|
#include "tkm_private_key.h"
|
|
|
|
|
|
|
|
typedef struct private_tkm_private_key_t private_tkm_private_key_t;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Private data of a tkm_private_key_t object.
|
|
|
|
*/
|
|
|
|
struct private_tkm_private_key_t {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Public interface for this signer.
|
|
|
|
*/
|
|
|
|
tkm_private_key_t public;
|
|
|
|
|
|
|
|
/**
|
2012-12-18 14:35:40 +00:00
|
|
|
* Key ID.
|
2012-10-16 14:27:46 +00:00
|
|
|
*/
|
2012-12-18 14:35:40 +00:00
|
|
|
identification_t *id;
|
2012-10-16 14:27:46 +00:00
|
|
|
|
2013-01-30 14:36:03 +00:00
|
|
|
/**
|
|
|
|
* Key type.
|
|
|
|
*/
|
|
|
|
key_type_t key_type;
|
|
|
|
|
2012-10-16 14:27:46 +00:00
|
|
|
/**
|
|
|
|
* Reference count.
|
|
|
|
*/
|
|
|
|
refcount_t ref;
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
METHOD(private_key_t, get_type, key_type_t,
|
|
|
|
private_tkm_private_key_t *this)
|
|
|
|
{
|
2013-01-30 14:36:03 +00:00
|
|
|
return this->key_type;
|
2012-10-16 14:27:46 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, sign, bool,
|
2017-09-19 15:26:58 +00:00
|
|
|
private_tkm_private_key_t *this, signature_scheme_t scheme, void *params,
|
2012-10-16 14:27:46 +00:00
|
|
|
chunk_t data, chunk_t *signature)
|
|
|
|
{
|
|
|
|
signature_type sig;
|
|
|
|
init_message_type msg;
|
2013-03-18 17:47:16 +00:00
|
|
|
sign_info_t sign;
|
|
|
|
isa_id_type isa_id;
|
2012-10-16 14:27:46 +00:00
|
|
|
|
|
|
|
if (data.ptr == NULL)
|
|
|
|
{
|
|
|
|
DBG1(DBG_LIB, "unable to get signature information");
|
|
|
|
return FALSE;
|
|
|
|
}
|
2013-03-18 17:47:16 +00:00
|
|
|
sign = *(sign_info_t *)(data.ptr);
|
2012-10-16 14:27:46 +00:00
|
|
|
|
|
|
|
chunk_to_sequence(&sign.init_message, &msg, sizeof(init_message_type));
|
2013-03-18 17:47:16 +00:00
|
|
|
isa_id = sign.isa_id;
|
2012-10-16 14:27:46 +00:00
|
|
|
chunk_free(&sign.init_message);
|
|
|
|
|
|
|
|
if (ike_isa_sign(isa_id, 1, msg, &sig) != TKM_OK)
|
|
|
|
{
|
|
|
|
DBG1(DBG_LIB, "signature operation failed");
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
sequence_to_chunk(sig.data, sig.size, signature);
|
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, decrypt, bool,
|
|
|
|
private_tkm_private_key_t *this, encryption_scheme_t scheme,
|
|
|
|
chunk_t crypto, chunk_t *plain)
|
|
|
|
{
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, get_keysize, int,
|
|
|
|
private_tkm_private_key_t *this)
|
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, get_public_key, public_key_t*,
|
|
|
|
private_tkm_private_key_t *this)
|
|
|
|
{
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, get_encoding, bool,
|
|
|
|
private_tkm_private_key_t *this, cred_encoding_type_t type,
|
|
|
|
chunk_t *encoding)
|
|
|
|
{
|
|
|
|
return FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, get_fingerprint, bool,
|
|
|
|
private_tkm_private_key_t *this, cred_encoding_type_t type, chunk_t *fp)
|
|
|
|
{
|
2012-12-18 14:35:40 +00:00
|
|
|
*fp = this->id->get_encoding(this->id);
|
2012-10-16 14:27:46 +00:00
|
|
|
return TRUE;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, get_ref, private_key_t*,
|
|
|
|
private_tkm_private_key_t *this)
|
|
|
|
{
|
|
|
|
ref_get(&this->ref);
|
|
|
|
return &this->public.key;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD(private_key_t, destroy, void,
|
|
|
|
private_tkm_private_key_t *this)
|
|
|
|
{
|
|
|
|
if (ref_put(&this->ref))
|
|
|
|
{
|
2012-12-18 14:35:40 +00:00
|
|
|
this->id->destroy(this->id);
|
2012-10-16 14:27:46 +00:00
|
|
|
free(this);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* See header.
|
|
|
|
*/
|
2012-12-18 14:35:40 +00:00
|
|
|
tkm_private_key_t *tkm_private_key_init(identification_t * const id)
|
2012-10-16 14:27:46 +00:00
|
|
|
{
|
|
|
|
private_tkm_private_key_t *this;
|
2013-03-18 17:47:16 +00:00
|
|
|
certificate_t *cert;
|
|
|
|
public_key_t *pubkey;
|
2012-10-16 14:27:46 +00:00
|
|
|
|
|
|
|
INIT(this,
|
|
|
|
.public = {
|
|
|
|
.key = {
|
|
|
|
.get_type = _get_type,
|
|
|
|
.sign = _sign,
|
|
|
|
.decrypt = _decrypt,
|
|
|
|
.get_keysize = _get_keysize,
|
|
|
|
.get_public_key = _get_public_key,
|
|
|
|
.equals = private_key_equals,
|
|
|
|
.belongs_to = private_key_belongs_to,
|
|
|
|
.get_fingerprint = _get_fingerprint,
|
|
|
|
.has_fingerprint = private_key_has_fingerprint,
|
|
|
|
.get_encoding = _get_encoding,
|
|
|
|
.get_ref = _get_ref,
|
|
|
|
.destroy = _destroy,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
.ref = 1,
|
2012-12-18 14:35:40 +00:00
|
|
|
.id = id->clone(id),
|
2012-10-16 14:27:46 +00:00
|
|
|
);
|
|
|
|
|
2013-01-30 14:36:03 +00:00
|
|
|
/* get key type from associated public key */
|
|
|
|
cert = lib->credmgr->get_cert(lib->credmgr, CERT_ANY, KEY_ANY, id, FALSE);
|
|
|
|
if (!cert)
|
|
|
|
{
|
|
|
|
destroy(this);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2013-03-18 17:47:16 +00:00
|
|
|
pubkey = cert->get_public_key(cert);
|
2013-01-30 14:36:03 +00:00
|
|
|
if (!pubkey)
|
|
|
|
{
|
|
|
|
cert->destroy(cert);
|
|
|
|
destroy(this);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
this->key_type = pubkey->get_type(pubkey);
|
|
|
|
pubkey->destroy(pubkey);
|
|
|
|
cert->destroy(cert);
|
|
|
|
|
2012-10-16 14:27:46 +00:00
|
|
|
return &this->public;
|
|
|
|
}
|