Add TKM public key implementation
The key unconditionally returns TRUE for the verify operation if it is called with a supported signature algorithm. All such verification operations are performed by the TKM (e.g. trustchain or auth octets verification) anyway, so this is safe.
This commit is contained in:
parent
832488b14a
commit
9a5c51c44f
|
@ -0,0 +1,167 @@
|
|||
/*
|
||||
* Copyright (C) 2012 Reto Buerki
|
||||
* Copyright (C) 2012 Adrian-Ken Rueegsegger
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#include <utils/debug.h>
|
||||
|
||||
#include "tkm_public_key.h"
|
||||
|
||||
typedef struct private_tkm_public_key_t private_tkm_public_key_t;
|
||||
|
||||
/**
|
||||
* Private data of tkm_public_key_t object.
|
||||
*/
|
||||
struct private_tkm_public_key_t {
|
||||
|
||||
/**
|
||||
* Public interface for this signer.
|
||||
*/
|
||||
tkm_public_key_t public;
|
||||
|
||||
/**
|
||||
* Public modulus.
|
||||
*/
|
||||
chunk_t n;
|
||||
|
||||
/**
|
||||
* Public exponent.
|
||||
*/
|
||||
chunk_t e;
|
||||
|
||||
/**
|
||||
* Reference count.
|
||||
*/
|
||||
refcount_t ref;
|
||||
};
|
||||
|
||||
METHOD(public_key_t, get_type, key_type_t,
|
||||
private_tkm_public_key_t *this)
|
||||
{
|
||||
return KEY_RSA;
|
||||
}
|
||||
|
||||
METHOD(public_key_t, verify, bool,
|
||||
private_tkm_public_key_t *this, signature_scheme_t scheme,
|
||||
chunk_t data, chunk_t signature)
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
METHOD(public_key_t, encrypt_, bool,
|
||||
private_tkm_public_key_t *this, encryption_scheme_t scheme,
|
||||
chunk_t plain, chunk_t *crypto)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
METHOD(public_key_t, get_keysize, int,
|
||||
private_tkm_public_key_t *this)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
METHOD(public_key_t, get_encoding, bool,
|
||||
private_tkm_public_key_t *this, cred_encoding_type_t type,
|
||||
chunk_t *encoding)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
METHOD(public_key_t, get_fingerprint, bool,
|
||||
private_tkm_public_key_t *this, cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
if (lib->encoding->get_cache(lib->encoding, type, this, fp))
|
||||
{
|
||||
return TRUE;
|
||||
}
|
||||
return lib->encoding->encode(lib->encoding, type, this, fp,
|
||||
CRED_PART_RSA_MODULUS, this->n,
|
||||
CRED_PART_RSA_PUB_EXP, this->e,
|
||||
CRED_PART_END);
|
||||
}
|
||||
|
||||
METHOD(public_key_t, get_ref, public_key_t*,
|
||||
private_tkm_public_key_t *this)
|
||||
{
|
||||
ref_get(&this->ref);
|
||||
return &this->public.key;
|
||||
}
|
||||
|
||||
METHOD(public_key_t, destroy, void,
|
||||
private_tkm_public_key_t *this)
|
||||
{
|
||||
if (ref_put(&this->ref))
|
||||
{
|
||||
lib->encoding->clear_cache(lib->encoding, this);
|
||||
chunk_free(&this->n);
|
||||
chunk_free(&this->e);
|
||||
free(this);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* See header.
|
||||
*/
|
||||
tkm_public_key_t *tkm_public_key_load(key_type_t type, va_list args)
|
||||
{
|
||||
private_tkm_public_key_t *this;
|
||||
chunk_t n, e;
|
||||
|
||||
n = e = chunk_empty;
|
||||
while (TRUE)
|
||||
{
|
||||
switch (va_arg(args, builder_part_t))
|
||||
{
|
||||
case BUILD_RSA_MODULUS:
|
||||
n = va_arg(args, chunk_t);
|
||||
continue;
|
||||
case BUILD_RSA_PUB_EXP:
|
||||
e = va_arg(args, chunk_t);
|
||||
continue;
|
||||
case BUILD_END:
|
||||
break;
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
if (!e.ptr || !n.ptr)
|
||||
{
|
||||
return NULL;
|
||||
}
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
||||
.key = {
|
||||
.get_type = _get_type,
|
||||
.verify = _verify,
|
||||
.encrypt = _encrypt_,
|
||||
.equals = public_key_equals,
|
||||
.get_keysize = _get_keysize,
|
||||
.get_fingerprint = _get_fingerprint,
|
||||
.has_fingerprint = public_key_has_fingerprint,
|
||||
.get_encoding = _get_encoding,
|
||||
.get_ref = _get_ref,
|
||||
.destroy = _destroy,
|
||||
},
|
||||
},
|
||||
.ref = 1,
|
||||
.n = chunk_clone(n),
|
||||
.e = chunk_clone(e),
|
||||
);
|
||||
|
||||
return &this->public;
|
||||
}
|
|
@ -0,0 +1,46 @@
|
|||
/*
|
||||
* Copyright (C) 2012 Reto Buerki
|
||||
* Copyright (C) 2012 Adrian-Ken Rueegsegger
|
||||
* Hochschule fuer Technik Rapperswil
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify it
|
||||
* under the terms of the GNU General Public License as published by the
|
||||
* Free Software Foundation; either version 2 of the License, or (at your
|
||||
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||
* for more details.
|
||||
*/
|
||||
|
||||
#ifndef TKM_PUBLIC_KEY_H_
|
||||
#define TKM_PUBLIC_KEY_H_
|
||||
|
||||
#include <credentials/keys/public_key.h>
|
||||
|
||||
typedef struct tkm_public_key_t tkm_public_key_t;
|
||||
|
||||
/**
|
||||
* TKM public_key_t implementation.
|
||||
*/
|
||||
struct tkm_public_key_t {
|
||||
|
||||
/**
|
||||
* Implements the public_key_t interface
|
||||
*/
|
||||
public_key_t key;
|
||||
};
|
||||
|
||||
/**
|
||||
* Load a TKM public key.
|
||||
*
|
||||
* Accepts BUILD_RSA_* components.
|
||||
*
|
||||
* @param type type of the key, must be KEY_RSA
|
||||
* @param args builder_part_t argument list
|
||||
* @return loaded key, NULL on failure
|
||||
*/
|
||||
tkm_public_key_t *tkm_public_key_load(key_type_t type, va_list args);
|
||||
|
||||
#endif /** TKM_PUBLIC_KEY_H_ @}*/
|
Loading…
Reference in New Issue