1 /***************************************************************************
2 begin : Mon Mar 01 2004
3 copyright : (C) 2004 by Martin Preuss
4 email : martin@libchipcard.de
5
6 ***************************************************************************
7 * Please see toplevel file COPYING for license details *
8 ***************************************************************************/
9
10
11 #ifdef HAVE_CONFIG_H
12 # include <config.h>
13 #endif
14
15 #include "keys.h"
16 #include "xml.h"
17
18 #include <gwenhywfar/debug.h>
19 #include <gwenhywfar/base64.h>
20 #include <gwenhywfar/text.h>
21 #include <gwenhywfar/cryptkeyrsa.h>
22 #include <gwenhywfar/mdigest.h>
23
24 #include <ctype.h>
25
26
27
28
EB_Key_toBin(const GWEN_CRYPT_KEY * k,const char * userId,const char * version,int keySize,GWEN_BUFFER * buf)29 EB_RC EB_Key_toBin(const GWEN_CRYPT_KEY *k,
30 const char *userId,
31 const char *version,
32 int keySize,
33 GWEN_BUFFER *buf)
34 {
35 int i;
36 char numbuf[32];
37 int rv;
38 uint8_t kbuf[300];
39 uint32_t klen;
40
41 if (strlen(version)!=4) {
42 DBG_ERROR(AQEBICS_LOGDOMAIN, "Invalid version \"%s\"", version);
43 return EB_RC_KEYMGMT_UNSUPPORTED_VERSION_SIGNATURE;
44 }
45
46 if (!userId || !*userId) {
47 DBG_ERROR(AQEBICS_LOGDOMAIN, "Missing key owner");
48 return EB_RC_INVALID_REQUEST;
49 }
50 GWEN_Buffer_AppendString(buf, version);
51 i=(int)strlen(userId);
52 if (i>8) {
53 DBG_ERROR(AQEBICS_LOGDOMAIN, "User id too long");
54 return EB_RC_INVALID_REQUEST;
55 }
56 GWEN_Buffer_AppendString(buf, userId);
57 if (i<8)
58 GWEN_Buffer_FillWithBytes(buf, ' ', (uint32_t)(8-i));
59
60 /* get exponent */
61 klen=sizeof(kbuf);
62 rv=GWEN_Crypt_KeyRsa_GetExponent(k, kbuf, &klen);
63 if (rv<0) {
64 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
65 return EB_RC_INVALID_REQUEST;
66 }
67 snprintf(numbuf, sizeof(numbuf), "%04d", keySize);
68 GWEN_Buffer_AppendString(buf, numbuf);
69 if (klen<128)
70 GWEN_Buffer_FillWithBytes(buf, 0, 128-klen);
71 GWEN_Buffer_AppendBytes(buf, (const char *)kbuf, klen);
72
73 /* get modulus */
74 klen=sizeof(kbuf);
75 rv=GWEN_Crypt_KeyRsa_GetModulus(k, kbuf, &klen);
76 if (rv<0) {
77 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
78 return EB_RC_INVALID_REQUEST;
79 }
80 snprintf(numbuf, sizeof(numbuf), "%04d", keySize);
81 GWEN_Buffer_AppendString(buf, numbuf);
82 if (klen<128)
83 GWEN_Buffer_FillWithBytes(buf, 0, 128-klen);
84 GWEN_Buffer_AppendBytes(buf, (const char *)kbuf, klen);
85
86
87 GWEN_Buffer_FillWithBytes(buf, ' ', 236);
88
89 return 0;
90 }
91
92
93
EB_Key_fromBin(GWEN_CRYPT_KEY ** k,const char * version,char * bufUserId,unsigned int lenUserId,const char * p,unsigned int bsize)94 EB_RC EB_Key_fromBin(GWEN_CRYPT_KEY **k,
95 const char *version,
96 char *bufUserId,
97 unsigned int lenUserId,
98 const char *p, unsigned int bsize)
99 {
100 GWEN_CRYPT_KEY *key;
101 char tmpbuf[32];
102 const char *t;
103 char *d;
104 uint32_t nsize;
105 int i;
106 const uint8_t *mPtr;
107 uint32_t mLen;
108 const uint8_t *ePtr;
109 uint32_t eLen;
110 uint32_t keySize;
111
112 if (bsize<512) {
113 DBG_ERROR(AQEBICS_LOGDOMAIN, "Too few bytes (%d)", bsize);
114 return EB_RC_INVALID_REQUEST;
115 }
116
117 if (strlen(version)!=4) {
118 DBG_ERROR(AQEBICS_LOGDOMAIN, "Invalid version \"%s\"", version);
119 return EB_RC_INVALID_REQUEST;
120 }
121
122 /* compare version */
123 if (strncasecmp(p, version, 4)!=0) {
124 DBG_ERROR(AQEBICS_LOGDOMAIN, "Unexpected version [%s]", p);
125 return EB_RC_KEYMGMT_UNSUPPORTED_VERSION_SIGNATURE;
126 }
127 t=p+4;
128
129 /* copy user id */
130 d=bufUserId;
131 i=0;
132 while (t[i] && t[i]!=' ' && (unsigned int)i<(lenUserId-1) && i<8)
133 *(d++)=t[i++];
134 *d=0;
135 t+=8;
136
137 /* get LExponent */
138 d=tmpbuf;
139 i=0;
140 while (isdigit(t[i]) && i<4)
141 *(d++)=t[i++];
142 *d=0;
143 i=0;
144 sscanf(tmpbuf, "%d", &i);
145 t+=4;
146 nsize=(i+7)/8;
147
148 /* get Exponent */
149 ePtr=(const uint8_t *)(t+(128-nsize));
150 eLen=nsize;
151 t+=128;
152
153 /* get LModulus */
154 d=tmpbuf;
155 i=0;
156 while (t[i] && t[i]!=' ' && i<4)
157 *(d++)=t[i++];
158 *d=0;
159 i=0;
160 sscanf(tmpbuf, "%d", &i);
161 t+=4;
162
163 /* calculate number of bits/bytes */
164 nsize=i;
165 if (nsize>2048)
166 nsize=4096;
167 else if (nsize>1024)
168 nsize=2048;
169 else if (nsize>768)
170 nsize=1024;
171 else
172 nsize=768;
173 keySize=(nsize+7)/8;
174
175 /* calculate real size of modulus */
176 nsize=(i+7)/8;
177
178 /* get Modulus */
179 mPtr=(const uint8_t *)(t+(128-nsize));
180 mLen=nsize;
181 t+=128;
182
183 /* create key */
184 key=GWEN_Crypt_KeyRsa_fromModExp(keySize,
185 mPtr, mLen,
186 ePtr, eLen);
187 if (!key) {
188 DBG_ERROR(AQEBICS_LOGDOMAIN,
189 "Could not create RSA key");
190 return EB_RC_INTERNAL_ERROR;
191 }
192 *k=key;
193
194 return 0;
195 }
196
197
198
EB_Key_toXml(GWEN_CRYPT_KEY * k,xmlNodePtr node)199 EB_RC EB_Key_toXml(GWEN_CRYPT_KEY *k, xmlNodePtr node)
200 {
201 int rv;
202 uint8_t kbuf[300];
203 uint32_t klen;
204
205 /* get modulus */
206 klen=sizeof(kbuf);
207 rv=GWEN_Crypt_KeyRsa_GetModulus(k, kbuf, &klen);
208 if (rv<0) {
209 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
210 return EB_RC_INVALID_REQUEST;
211 }
212 else {
213 GWEN_BUFFER *b64buf;
214
215 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
216 if (GWEN_Base64_Encode(kbuf, klen, b64buf, 0)) {
217 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data");
218 GWEN_Buffer_free(b64buf);
219 return EB_RC_INTERNAL_ERROR;
220 }
221 EB_Xml_SetCharValue(node,
222 "PubKeyValue/ds:RSAKeyValue/Modulus",
223 GWEN_Buffer_GetStart(b64buf));
224 GWEN_Buffer_free(b64buf);
225 }
226
227
228 /* get exponent */
229 klen=sizeof(kbuf);
230 rv=GWEN_Crypt_KeyRsa_GetExponent(k, kbuf, &klen);
231 if (rv<0) {
232 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
233 return EB_RC_INVALID_REQUEST;
234 }
235 else {
236 GWEN_BUFFER *b64buf;
237
238 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
239 if (GWEN_Base64_Encode(kbuf, klen, b64buf, 0)) {
240 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data");
241 GWEN_Buffer_free(b64buf);
242 return EB_RC_INVALID_REQUEST;
243 }
244 EB_Xml_SetCharValue(node,
245 "PubKeyValue/ds:RSAKeyValue/Exponent",
246 GWEN_Buffer_GetStart(b64buf));
247 GWEN_Buffer_free(b64buf);
248 }
249
250 return 0;
251 }
252
253
254
EB_Key_fromXml(GWEN_CRYPT_KEY ** k,xmlNodePtr node)255 EB_RC EB_Key_fromXml(GWEN_CRYPT_KEY **k, xmlNodePtr node)
256 {
257 const char *s;
258 GWEN_CRYPT_KEY *key;
259 uint8_t eBuf[512];
260 uint32_t eLen;
261 uint8_t mBuf[512];
262 uint32_t mLen;
263
264 s=EB_Xml_GetCharValue(node, "PubKeyValue/ds:RSAKeyValue/Modulus", 0);
265 if (s) {
266 GWEN_BUFFER *b64buf;
267 const uint8_t *p;
268
269 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
270 if (GWEN_Base64_Decode((const unsigned char *) s, 0, b64buf)) {
271 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not decode data");
272 GWEN_Buffer_free(b64buf);
273 return EB_RC_INVALID_REQUEST;
274 }
275
276 if (GWEN_Buffer_GetUsedBytes(b64buf)>sizeof(mBuf)) {
277 DBG_ERROR(AQEBICS_LOGDOMAIN, "Modulus too long");
278 GWEN_Buffer_free(b64buf);
279 return EB_RC_INVALID_REQUEST;
280 }
281
282 /* correctly calculate key length */
283 mLen=GWEN_Buffer_GetUsedBytes(b64buf);
284 p=(const uint8_t *)GWEN_Buffer_GetStart(b64buf);
285 while (mLen && *p==0) {
286 mLen--;
287 p++;
288 }
289 DBG_ERROR(0, "Real key size is: %d (from %d)",
290 mLen, GWEN_Buffer_GetUsedBytes(b64buf));
291 memmove(mBuf, p, mLen);
292 GWEN_Buffer_free(b64buf);
293 }
294 else {
295 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key data (%s)",
296 node->name);
297 return EB_RC_INVALID_REQUEST;
298 }
299
300 s=EB_Xml_GetCharValue(node, "PubKeyValue/ds:RSAKeyValue/Exponent", 0);
301 if (s) {
302 GWEN_BUFFER *b64buf;
303
304 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
305 if (GWEN_Base64_Decode((const unsigned char *) s, 0, b64buf)) {
306 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not decode data");
307 GWEN_Buffer_free(b64buf);
308 return EB_RC_INVALID_REQUEST;
309 }
310
311 if (GWEN_Buffer_GetUsedBytes(b64buf)>sizeof(eBuf)) {
312 DBG_ERROR(AQEBICS_LOGDOMAIN, "Exponent too long");
313 GWEN_Buffer_free(b64buf);
314 return EB_RC_INVALID_REQUEST;
315 }
316
317 memmove(eBuf,
318 GWEN_Buffer_GetStart(b64buf),
319 GWEN_Buffer_GetUsedBytes(b64buf));
320 eLen=GWEN_Buffer_GetUsedBytes(b64buf);
321 GWEN_Buffer_free(b64buf);
322 }
323 else {
324 DBG_ERROR(AQEBICS_LOGDOMAIN, "No exponent in key data");
325 return EB_RC_INVALID_REQUEST;
326 }
327
328 /* create key */
329 key=GWEN_Crypt_KeyRsa_fromModExp(mLen,
330 mBuf, mLen,
331 eBuf, eLen);
332 if (!key) {
333 DBG_ERROR(AQEBICS_LOGDOMAIN,
334 "Could not create RSA key");
335 return EB_RC_INTERNAL_ERROR;
336 }
337 *k=key;
338
339 return 0;
340 }
341
342
343
EB_Key_BuildHashSha1(const GWEN_CRYPT_KEY * k,GWEN_BUFFER * hbuf,int encode64)344 int EB_Key_BuildHashSha1(const GWEN_CRYPT_KEY *k, GWEN_BUFFER *hbuf, int encode64)
345 {
346 GWEN_BUFFER *buf1;
347 GWEN_BUFFER *buf2;
348 char *s;
349 int rv;
350 uint8_t kbuf[300];
351 uint32_t klen;
352 GWEN_MDIGEST *md;
353
354 buf1=GWEN_Buffer_new(0, 256, 0, 1);
355 buf2=GWEN_Buffer_new(0, 520, 0, 1);
356
357 /* get exponent */
358 klen=sizeof(kbuf);
359 rv=GWEN_Crypt_KeyRsa_GetExponent(k, kbuf, &klen);
360 if (rv<0) {
361 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
362 GWEN_Buffer_free(buf2);
363 GWEN_Buffer_free(buf1);
364 return EB_RC_INVALID_REQUEST;
365 }
366
367 rv=GWEN_Text_ToHexBuffer((const char *)kbuf, klen, buf1, 0, 0, 0);
368 if (rv) {
369 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
370 GWEN_Buffer_free(buf2);
371 GWEN_Buffer_free(buf1);
372 return EB_RC_INTERNAL_ERROR;
373 }
374
375 s=GWEN_Buffer_GetStart(buf1);
376 while (*s=='0')
377 s++;
378 GWEN_Buffer_AppendString(buf2, s);
379 GWEN_Buffer_AppendString(buf2, " ");
380 GWEN_Buffer_Reset(buf1);
381
382 /* get modulus */
383 klen=sizeof(kbuf);
384 rv=GWEN_Crypt_KeyRsa_GetModulus(k, kbuf, &klen);
385 if (rv<0) {
386 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
387 GWEN_Buffer_free(buf2);
388 GWEN_Buffer_free(buf1);
389 return EB_RC_INVALID_REQUEST;
390 }
391
392 rv=GWEN_Text_ToHexBuffer((const char *)kbuf, klen, buf1, 0, 0, 0);
393 if (rv) {
394 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
395 GWEN_Buffer_free(buf2);
396 GWEN_Buffer_free(buf1);
397 return EB_RC_INTERNAL_ERROR;
398 }
399
400 s=GWEN_Buffer_GetStart(buf1);
401 while (*s=='0')
402 s++;
403 GWEN_Buffer_AppendString(buf2, s);
404
405 GWEN_Buffer_free(buf1);
406
407 /* convert to lower case */
408 s=GWEN_Buffer_GetStart(buf2);
409 while (*s) {
410 *s=(char)tolower(*s);
411 s++;
412 }
413
414 /* hash it */
415 md=GWEN_MDigest_Sha1_new();
416
417 /* begin */
418 rv=GWEN_MDigest_Begin(md);
419 if (rv<0) {
420 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
421 GWEN_MDigest_free(md);
422 GWEN_Buffer_free(buf2);
423 return EB_RC_INTERNAL_ERROR;
424 }
425
426 /* update */
427 rv=GWEN_MDigest_Update(md,
428 (const uint8_t *) GWEN_Buffer_GetStart(buf2),
429 GWEN_Buffer_GetUsedBytes(buf2));
430 if (rv<0) {
431 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
432 GWEN_MDigest_free(md);
433 GWEN_Buffer_free(buf2);
434 return EB_RC_INTERNAL_ERROR;
435 }
436
437 /* end */
438 rv=GWEN_MDigest_End(md);
439 if (rv<0) {
440 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
441 GWEN_MDigest_free(md);
442 GWEN_Buffer_free(buf2);
443 return EB_RC_INTERNAL_ERROR;
444 }
445
446 if (encode64) {
447 if (GWEN_Base64_Encode(GWEN_MDigest_GetDigestPtr(md),
448 GWEN_MDigest_GetDigestSize(md),
449 hbuf, 0)) {
450 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data");
451 GWEN_MDigest_free(md);
452 GWEN_Buffer_free(buf2);
453 return EB_RC_INTERNAL_ERROR;
454 }
455 }
456 else
457 GWEN_Buffer_AppendBytes(hbuf,
458 (const char *)GWEN_MDigest_GetDigestPtr(md),
459 GWEN_MDigest_GetDigestSize(md));
460 GWEN_MDigest_free(md);
461
462 /* cleanup */
463 GWEN_Buffer_free(buf2);
464
465 return 0;
466 }
467
468
469
EB_Key_BuildHashSha256(const GWEN_CRYPT_KEY * k,GWEN_BUFFER * hbuf,int encode64)470 int EB_Key_BuildHashSha256(const GWEN_CRYPT_KEY *k, GWEN_BUFFER *hbuf, int encode64)
471 {
472 GWEN_BUFFER *buf1;
473 GWEN_BUFFER *buf2;
474 char *s;
475 int rv;
476 uint8_t kbuf[300];
477 uint32_t klen;
478 GWEN_MDIGEST *md;
479
480 buf1=GWEN_Buffer_new(0, 256, 0, 1);
481 buf2=GWEN_Buffer_new(0, 520, 0, 1);
482
483 /* get exponent */
484 klen=sizeof(kbuf);
485 rv=GWEN_Crypt_KeyRsa_GetExponent(k, kbuf, &klen);
486 if (rv<0) {
487 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
488 GWEN_Buffer_free(buf2);
489 GWEN_Buffer_free(buf1);
490 return EB_RC_INVALID_REQUEST;
491 }
492
493 rv=GWEN_Text_ToHexBuffer((const char *)kbuf, klen, buf1, 0, 0, 0);
494 if (rv) {
495 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
496 GWEN_Buffer_free(buf2);
497 GWEN_Buffer_free(buf1);
498 return EB_RC_INTERNAL_ERROR;
499 }
500
501 s=GWEN_Buffer_GetStart(buf1);
502 while (*s=='0')
503 s++;
504 GWEN_Buffer_AppendString(buf2, s);
505 GWEN_Buffer_AppendString(buf2, " ");
506 GWEN_Buffer_Reset(buf1);
507
508 /* get modulus */
509 klen=sizeof(kbuf);
510 rv=GWEN_Crypt_KeyRsa_GetModulus(k, kbuf, &klen);
511 if (rv<0) {
512 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
513 GWEN_Buffer_free(buf2);
514 GWEN_Buffer_free(buf1);
515 return EB_RC_INVALID_REQUEST;
516 }
517
518 rv=GWEN_Text_ToHexBuffer((const char *)kbuf, klen, buf1, 0, 0, 0);
519 if (rv) {
520 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
521 GWEN_Buffer_free(buf2);
522 GWEN_Buffer_free(buf1);
523 return EB_RC_INTERNAL_ERROR;
524 }
525
526 s=GWEN_Buffer_GetStart(buf1);
527 while (*s=='0')
528 s++;
529 GWEN_Buffer_AppendString(buf2, s);
530
531 GWEN_Buffer_free(buf1);
532
533 /* convert to lower case */
534 s=GWEN_Buffer_GetStart(buf2);
535 while (*s) {
536 *s=(char)tolower(*s);
537 s++;
538 }
539
540 /* hash it */
541 md=GWEN_MDigest_Sha256_new();
542
543 /* begin */
544 rv=GWEN_MDigest_Begin(md);
545 if (rv<0) {
546 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
547 GWEN_MDigest_free(md);
548 GWEN_Buffer_free(buf2);
549 return EB_RC_INTERNAL_ERROR;
550 }
551
552 /* update */
553 rv=GWEN_MDigest_Update(md,
554 (const uint8_t *) GWEN_Buffer_GetStart(buf2),
555 GWEN_Buffer_GetUsedBytes(buf2));
556 if (rv<0) {
557 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
558 GWEN_MDigest_free(md);
559 GWEN_Buffer_free(buf2);
560 return EB_RC_INTERNAL_ERROR;
561 }
562
563 /* end */
564 rv=GWEN_MDigest_End(md);
565 if (rv<0) {
566 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
567 GWEN_MDigest_free(md);
568 GWEN_Buffer_free(buf2);
569 return EB_RC_INTERNAL_ERROR;
570 }
571
572 if (encode64) {
573 if (GWEN_Base64_Encode(GWEN_MDigest_GetDigestPtr(md),
574 GWEN_MDigest_GetDigestSize(md),
575 hbuf, 0)) {
576 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data");
577 GWEN_MDigest_free(md);
578 GWEN_Buffer_free(buf2);
579 return EB_RC_INTERNAL_ERROR;
580 }
581 }
582 else
583 GWEN_Buffer_AppendBytes(hbuf,
584 (const char *)GWEN_MDigest_GetDigestPtr(md),
585 GWEN_MDigest_GetDigestSize(md));
586 GWEN_MDigest_free(md);
587
588 /* cleanup */
589 GWEN_Buffer_free(buf2);
590
591 return 0;
592 }
593
594
595
EB_Key_Info_BuildHashSha1(const GWEN_CRYPT_TOKEN_KEYINFO * ki,GWEN_BUFFER * hbuf,int encode64)596 int EB_Key_Info_BuildHashSha1(const GWEN_CRYPT_TOKEN_KEYINFO *ki,
597 GWEN_BUFFER *hbuf,
598 int encode64)
599 {
600 GWEN_BUFFER *buf1;
601 GWEN_BUFFER *buf2;
602 char *s;
603 int rv;
604 GWEN_MDIGEST *md;
605 const uint8_t *p;
606 uint32_t len;
607
608 buf1=GWEN_Buffer_new(0, 256, 0, 1);
609 buf2=GWEN_Buffer_new(0, 520, 0, 1);
610
611 /* get exponent */
612 p=GWEN_Crypt_Token_KeyInfo_GetExponentData(ki);
613 len=GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki);
614 if (p==NULL || len==0) {
615 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
616 GWEN_Buffer_free(buf2);
617 GWEN_Buffer_free(buf1);
618 return GWEN_ERROR_NO_DATA;
619 }
620
621 rv=GWEN_Text_ToHexBuffer((const char *)p, len, buf1, 0, 0, 0);
622 if (rv) {
623 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
624 GWEN_Buffer_free(buf2);
625 GWEN_Buffer_free(buf1);
626 return EB_RC_INTERNAL_ERROR;
627 }
628 s=GWEN_Buffer_GetStart(buf1);
629 while (*s=='0')
630 s++;
631 GWEN_Buffer_AppendString(buf2, s);
632
633 GWEN_Buffer_AppendString(buf2, " ");
634 GWEN_Buffer_Reset(buf1);
635
636 /* get modulus */
637 p=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
638 len=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
639 if (p==NULL || len==0) {
640 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
641 GWEN_Buffer_free(buf2);
642 GWEN_Buffer_free(buf1);
643 return EB_RC_INVALID_REQUEST;
644 }
645 rv=GWEN_Text_ToHexBuffer((const char *)p, len, buf1, 0, 0, 0);
646 if (rv) {
647 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
648 GWEN_Buffer_free(buf2);
649 GWEN_Buffer_free(buf1);
650 return EB_RC_INTERNAL_ERROR;
651 }
652
653 s=GWEN_Buffer_GetStart(buf1);
654 while (*s=='0')
655 s++;
656 GWEN_Buffer_AppendString(buf2, s);
657
658 GWEN_Buffer_free(buf1);
659
660 /* convert to lower case */
661 s=GWEN_Buffer_GetStart(buf2);
662 while (*s) {
663 *s=(char)tolower(*s);
664 s++;
665 }
666
667 /* hash it */
668 md=GWEN_MDigest_Sha1_new();
669
670 /* begin */
671 rv=GWEN_MDigest_Begin(md);
672 if (rv<0) {
673 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
674 GWEN_MDigest_free(md);
675 GWEN_Buffer_free(buf2);
676 return EB_RC_INTERNAL_ERROR;
677 }
678
679 /* update */
680 rv=GWEN_MDigest_Update(md,
681 (const uint8_t *) GWEN_Buffer_GetStart(buf2),
682 GWEN_Buffer_GetUsedBytes(buf2));
683 if (rv<0) {
684 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
685 GWEN_MDigest_free(md);
686 GWEN_Buffer_free(buf2);
687 return EB_RC_INTERNAL_ERROR;
688 }
689
690 /* end */
691 rv=GWEN_MDigest_End(md);
692 if (rv<0) {
693 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
694 GWEN_MDigest_free(md);
695 GWEN_Buffer_free(buf2);
696 return EB_RC_INTERNAL_ERROR;
697 }
698
699 if (encode64) {
700 if (GWEN_Base64_Encode(GWEN_MDigest_GetDigestPtr(md),
701 GWEN_MDigest_GetDigestSize(md),
702 hbuf, 0)) {
703 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data");
704 GWEN_MDigest_free(md);
705 GWEN_Buffer_free(buf2);
706 return EB_RC_INTERNAL_ERROR;
707 }
708 }
709 else
710 GWEN_Buffer_AppendBytes(hbuf,
711 (const char *)GWEN_MDigest_GetDigestPtr(md),
712 GWEN_MDigest_GetDigestSize(md));
713 GWEN_MDigest_free(md);
714
715 /* cleanup */
716 GWEN_Buffer_free(buf2);
717
718 return 0;
719 }
720
721
722
EB_Key_Info_BuildHashSha256(const GWEN_CRYPT_TOKEN_KEYINFO * ki,GWEN_BUFFER * hbuf,int encode64)723 int EB_Key_Info_BuildHashSha256(const GWEN_CRYPT_TOKEN_KEYINFO *ki,
724 GWEN_BUFFER *hbuf,
725 int encode64)
726 {
727 GWEN_BUFFER *buf1;
728 GWEN_BUFFER *buf2;
729 char *s;
730 int rv;
731 GWEN_MDIGEST *md;
732 const uint8_t *p;
733 uint32_t len;
734
735 buf1=GWEN_Buffer_new(0, 256, 0, 1);
736 buf2=GWEN_Buffer_new(0, 520, 0, 1);
737
738 /* get exponent */
739 p=GWEN_Crypt_Token_KeyInfo_GetExponentData(ki);
740 len=GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki);
741 if (p==NULL || len==0) {
742 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
743 GWEN_Buffer_free(buf2);
744 GWEN_Buffer_free(buf1);
745 return GWEN_ERROR_NO_DATA;
746 }
747
748 rv=GWEN_Text_ToHexBuffer((const char *)p, len, buf1, 0, 0, 0);
749 if (rv) {
750 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
751 GWEN_Buffer_free(buf2);
752 GWEN_Buffer_free(buf1);
753 return EB_RC_INTERNAL_ERROR;
754 }
755 s=GWEN_Buffer_GetStart(buf1);
756 while (*s=='0')
757 s++;
758 GWEN_Buffer_AppendString(buf2, s);
759
760 GWEN_Buffer_AppendString(buf2, " ");
761 GWEN_Buffer_Reset(buf1);
762
763 /* get modulus */
764 p=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
765 len=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
766 if (p==NULL || len==0) {
767 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
768 GWEN_Buffer_free(buf2);
769 GWEN_Buffer_free(buf1);
770 return EB_RC_INVALID_REQUEST;
771 }
772 rv=GWEN_Text_ToHexBuffer((const char *)p, len, buf1, 0, 0, 0);
773 if (rv) {
774 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key");
775 GWEN_Buffer_free(buf2);
776 GWEN_Buffer_free(buf1);
777 return EB_RC_INTERNAL_ERROR;
778 }
779
780 s=GWEN_Buffer_GetStart(buf1);
781 while (*s=='0')
782 s++;
783 GWEN_Buffer_AppendString(buf2, s);
784
785 GWEN_Buffer_free(buf1);
786
787 /* convert to lower case */
788 s=GWEN_Buffer_GetStart(buf2);
789 while (*s) {
790 *s=(char)tolower(*s);
791 s++;
792 }
793
794 /* hash it */
795 md=GWEN_MDigest_Sha256_new();
796
797 /* begin */
798 rv=GWEN_MDigest_Begin(md);
799 if (rv<0) {
800 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
801 GWEN_MDigest_free(md);
802 GWEN_Buffer_free(buf2);
803 return EB_RC_INTERNAL_ERROR;
804 }
805
806 /* update */
807 rv=GWEN_MDigest_Update(md,
808 (const uint8_t *) GWEN_Buffer_GetStart(buf2),
809 GWEN_Buffer_GetUsedBytes(buf2));
810 if (rv<0) {
811 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
812 GWEN_MDigest_free(md);
813 GWEN_Buffer_free(buf2);
814 return EB_RC_INTERNAL_ERROR;
815 }
816
817 /* end */
818 rv=GWEN_MDigest_End(md);
819 if (rv<0) {
820 DBG_ERROR(AQEBICS_LOGDOMAIN, "here (%d)", rv);
821 GWEN_MDigest_free(md);
822 GWEN_Buffer_free(buf2);
823 return EB_RC_INTERNAL_ERROR;
824 }
825
826 if (encode64) {
827 if (GWEN_Base64_Encode(GWEN_MDigest_GetDigestPtr(md),
828 GWEN_MDigest_GetDigestSize(md),
829 hbuf, 0)) {
830 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data");
831 GWEN_MDigest_free(md);
832 GWEN_Buffer_free(buf2);
833 return EB_RC_INTERNAL_ERROR;
834 }
835 }
836 else
837 GWEN_Buffer_AppendBytes(hbuf,
838 (const char *)GWEN_MDigest_GetDigestPtr(md),
839 GWEN_MDigest_GetDigestSize(md));
840 GWEN_MDigest_free(md);
841
842 /* cleanup */
843 GWEN_Buffer_free(buf2);
844
845 return 0;
846 }
847
848
849
EB_Key_Info_BuildSigHash_Rmd160(const GWEN_CRYPT_TOKEN_KEYINFO * ki,GWEN_BUFFER * hbuf)850 int EB_Key_Info_BuildSigHash_Rmd160(const GWEN_CRYPT_TOKEN_KEYINFO *ki,
851 GWEN_BUFFER *hbuf)
852 {
853 const uint8_t *p;
854 uint32_t len;
855 GWEN_BUFFER *bbuf;
856 GWEN_MDIGEST *md;
857 int rv;
858
859 bbuf=GWEN_Buffer_new(0, 256, 0, 1);
860
861 /* get exponent */
862 p=GWEN_Crypt_Token_KeyInfo_GetExponentData(ki);
863 len=GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki);
864 if (p==NULL || len==0) {
865 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
866 GWEN_Buffer_free(bbuf);
867 return GWEN_ERROR_NO_DATA;
868 }
869 if (len<128)
870 GWEN_Buffer_FillWithBytes(bbuf, 0, 128-len);
871 GWEN_Buffer_AppendBytes(bbuf, (const char *)p, len);
872
873 /* get modulus */
874 p=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
875 len=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
876 if (p==NULL || len==0) {
877 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
878 GWEN_Buffer_free(bbuf);
879 return GWEN_ERROR_NO_DATA;
880 }
881 if (len<128)
882 GWEN_Buffer_FillWithBytes(bbuf, 0, 128-len);
883 GWEN_Buffer_AppendBytes(bbuf, (const char *)p, len);
884
885 /* hash */
886 md=GWEN_MDigest_Rmd160_new();
887 assert(md);
888 rv=GWEN_MDigest_Begin(md);
889 if (rv<0) {
890 GWEN_MDigest_free(md);
891 GWEN_Buffer_free(bbuf);
892 return rv;
893 }
894 rv=GWEN_MDigest_Update(md,
895 (const uint8_t *)GWEN_Buffer_GetStart(bbuf),
896 GWEN_Buffer_GetUsedBytes(bbuf));
897 if (rv<0) {
898 GWEN_MDigest_free(md);
899 GWEN_Buffer_free(bbuf);
900 return rv;
901 }
902 rv=GWEN_MDigest_End(md);
903 if (rv<0) {
904 GWEN_MDigest_free(md);
905 GWEN_Buffer_free(bbuf);
906 return rv;
907 }
908 GWEN_Buffer_free(bbuf);
909
910 /* add hash to buffer */
911 GWEN_Buffer_AppendBytes(hbuf,
912 (const char *)GWEN_MDigest_GetDigestPtr(md),
913 GWEN_MDigest_GetDigestSize(md));
914 GWEN_MDigest_free(md);
915
916 return 0;
917 }
918
919
920
EB_Key_Info_BuildSigHash_Sha256(const GWEN_CRYPT_TOKEN_KEYINFO * ki,GWEN_BUFFER * hbuf)921 int EB_Key_Info_BuildSigHash_Sha256(const GWEN_CRYPT_TOKEN_KEYINFO *ki, GWEN_BUFFER *hbuf)
922 {
923 const uint8_t *p;
924 char *t;
925 uint32_t len;
926 GWEN_BUFFER *bbuf;
927 GWEN_BUFFER *xbuf;
928 GWEN_MDIGEST *md;
929 int rv;
930
931 bbuf=GWEN_Buffer_new(0, 256, 0, 1);
932 xbuf=GWEN_Buffer_new(0, 256, 0, 1);
933
934 /* get exponent */
935 p=GWEN_Crypt_Token_KeyInfo_GetExponentData(ki);
936 len=GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki);
937 if (p==NULL || len==0) {
938 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
939 GWEN_Buffer_free(xbuf);
940 GWEN_Buffer_free(bbuf);
941 return GWEN_ERROR_NO_DATA;
942 }
943 rv=GWEN_Text_ToHexBuffer((const char *)p, len, bbuf, 0, 0, 0);
944 if (rv<0) {
945 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
946 GWEN_Buffer_free(xbuf);
947 GWEN_Buffer_free(bbuf);
948 return GWEN_ERROR_NO_DATA;
949 }
950
951 p=(const uint8_t *)GWEN_Buffer_GetStart(bbuf);
952 while (*p=='0')
953 p++;
954 GWEN_Buffer_AppendString(xbuf, (const char *)p);
955 GWEN_Buffer_AppendByte(xbuf, ' ');
956 GWEN_Buffer_Reset(bbuf);
957
958 /* get modulus */
959 p=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
960 len=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
961 if (p==NULL || len==0) {
962 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
963 GWEN_Buffer_free(xbuf);
964 GWEN_Buffer_free(bbuf);
965 return GWEN_ERROR_NO_DATA;
966 }
967
968 rv=GWEN_Text_ToHexBuffer((const char *) p, len, bbuf, 0, 0, 0);
969 if (rv<0) {
970 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
971 GWEN_Buffer_free(xbuf);
972 GWEN_Buffer_free(bbuf);
973 return GWEN_ERROR_NO_DATA;
974 }
975
976 p=(const uint8_t *)GWEN_Buffer_GetStart(bbuf);
977 while (*p=='0')
978 p++;
979 GWEN_Buffer_AppendString(xbuf, (const char *) p);
980 GWEN_Buffer_free(bbuf);
981
982 /* lowercase */
983 t=GWEN_Buffer_GetStart(xbuf);
984 while (*t) {
985 *t=tolower(*t);
986 t++;
987 }
988
989 /* hash */
990 md=GWEN_MDigest_Sha256_new();
991 assert(md);
992 rv=GWEN_MDigest_Begin(md);
993 if (rv<0) {
994 GWEN_MDigest_free(md);
995 GWEN_Buffer_free(xbuf);
996 return rv;
997 }
998 rv=GWEN_MDigest_Update(md,
999 (const uint8_t *)GWEN_Buffer_GetStart(xbuf),
1000 GWEN_Buffer_GetUsedBytes(xbuf));
1001 if (rv<0) {
1002 GWEN_MDigest_free(md);
1003 GWEN_Buffer_free(xbuf);
1004 return rv;
1005 }
1006 rv=GWEN_MDigest_End(md);
1007 if (rv<0) {
1008 GWEN_MDigest_free(md);
1009 GWEN_Buffer_free(xbuf);
1010 return rv;
1011 }
1012 GWEN_Buffer_free(xbuf);
1013
1014 /* add hash to buffer */
1015 GWEN_Buffer_AppendBytes(hbuf,
1016 (const char *)GWEN_MDigest_GetDigestPtr(md),
1017 GWEN_MDigest_GetDigestSize(md));
1018 GWEN_MDigest_free(md);
1019
1020 return 0;
1021 }
1022
1023
1024
EB_Key_Info_ReadXml(GWEN_CRYPT_TOKEN_KEYINFO * ki,xmlNodePtr node)1025 EB_RC EB_Key_Info_ReadXml(GWEN_CRYPT_TOKEN_KEYINFO *ki, xmlNodePtr node)
1026 {
1027 const char *s;
1028 uint8_t eBuf[512];
1029 uint32_t eLen;
1030 uint8_t mBuf[512];
1031 uint32_t mLen;
1032 uint32_t keySize;
1033
1034 s=EB_Xml_GetCharValue(node, "PubKeyValue/RSAKeyValue/Modulus", 0);
1035 if (s) {
1036 GWEN_BUFFER *b64buf;
1037 unsigned int nsize;
1038 const uint8_t *p;
1039
1040 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
1041 if (GWEN_Base64_Decode((const unsigned char *) s, 0, b64buf)) {
1042 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not decode data");
1043 GWEN_Buffer_free(b64buf);
1044 return EB_RC_INVALID_REQUEST;
1045 }
1046
1047 if (GWEN_Buffer_GetUsedBytes(b64buf)>sizeof(mBuf)) {
1048 DBG_ERROR(AQEBICS_LOGDOMAIN, "Modulus too long");
1049 GWEN_Buffer_free(b64buf);
1050 return EB_RC_INVALID_REQUEST;
1051 }
1052
1053 /* correctly calculate key length */
1054 nsize=GWEN_Buffer_GetUsedBytes(b64buf);
1055 p=(const uint8_t *)GWEN_Buffer_GetStart(b64buf);
1056 while (nsize && *p==0) {
1057 nsize--;
1058 p++;
1059 }
1060 DBG_INFO(AQEBICS_LOGDOMAIN, "Real key size is: %d/%d (from %d)",
1061 nsize, nsize*8, GWEN_Buffer_GetUsedBytes(b64buf));
1062 nsize*=8;
1063
1064 if (nsize>2048)
1065 nsize=4096;
1066 else if (nsize>1024)
1067 nsize=2048;
1068 else if (nsize>768)
1069 nsize=1024;
1070 else
1071 nsize=768;
1072 keySize=(nsize+7)/8;
1073
1074 DBG_INFO(AQEBICS_LOGDOMAIN, "Adjusted key size is: %d", keySize);
1075 memmove(mBuf, p, keySize);
1076 mLen=keySize;
1077 GWEN_Buffer_free(b64buf);
1078 }
1079 else {
1080 DBG_ERROR(AQEBICS_LOGDOMAIN, "No modulus in key data (%s)",
1081 node->name);
1082 return EB_RC_INVALID_REQUEST;
1083 }
1084
1085 s=EB_Xml_GetCharValue(node, "PubKeyValue/RSAKeyValue/Exponent", 0);
1086 if (s) {
1087 GWEN_BUFFER *b64buf;
1088
1089 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
1090 if (GWEN_Base64_Decode((const unsigned char *) s, 0, b64buf)) {
1091 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not decode data");
1092 GWEN_Buffer_free(b64buf);
1093 return EB_RC_INVALID_REQUEST;
1094 }
1095
1096 if (GWEN_Buffer_GetUsedBytes(b64buf)>sizeof(eBuf)) {
1097 DBG_ERROR(AQEBICS_LOGDOMAIN, "Exponent too long");
1098 GWEN_Buffer_free(b64buf);
1099 return EB_RC_INVALID_REQUEST;
1100 }
1101
1102 memmove(eBuf,
1103 GWEN_Buffer_GetStart(b64buf),
1104 GWEN_Buffer_GetUsedBytes(b64buf));
1105 eLen=GWEN_Buffer_GetUsedBytes(b64buf);
1106 GWEN_Buffer_free(b64buf);
1107 }
1108 else {
1109 DBG_ERROR(AQEBICS_LOGDOMAIN, "No exponent in key data");
1110 return EB_RC_INVALID_REQUEST;
1111 }
1112
1113 /* store info */
1114 GWEN_Crypt_Token_KeyInfo_SetKeySize(ki, keySize);
1115 GWEN_Crypt_Token_KeyInfo_SetModulus(ki, mBuf, mLen);
1116 GWEN_Crypt_Token_KeyInfo_SetExponent(ki, eBuf, eLen);
1117 GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
1118 GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
1119 GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT);
1120 return 0;
1121 }
1122
1123
1124
EB_Key_Info_toXml(const GWEN_CRYPT_TOKEN_KEYINFO * ki,xmlNodePtr node)1125 int EB_Key_Info_toXml(const GWEN_CRYPT_TOKEN_KEYINFO *ki, xmlNodePtr node)
1126 {
1127 int rv;
1128 const uint8_t *p;
1129 uint32_t len;
1130
1131 /* get modulus */
1132 p=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
1133 len=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
1134 if (p==NULL || len==0) {
1135 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
1136 return GWEN_ERROR_NO_DATA;
1137 }
1138 else {
1139 GWEN_BUFFER *b64buf;
1140 GWEN_BUFFER *tmpbuf=NULL;
1141 #if 0
1142 if (*p!=0) {
1143 tmpbuf=GWEN_Buffer_new(0, len+1, 0, 1);
1144 GWEN_Buffer_AppendByte(tmpbuf, 0);
1145 GWEN_Buffer_AppendBytes(tmpbuf, (const char *)p, len);
1146 p=(const uint8_t *)GWEN_Buffer_GetStart(tmpbuf);
1147 len++;
1148 }
1149 #endif
1150 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
1151 rv=GWEN_Base64_Encode(p, len, b64buf, 0);
1152 GWEN_Buffer_free(tmpbuf);
1153 tmpbuf=NULL;
1154 if (rv<0) {
1155 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data (%d)", rv);
1156 GWEN_Buffer_free(b64buf);
1157 return EB_RC_INTERNAL_ERROR;
1158 }
1159 EB_Xml_SetCharValue(node,
1160 "PubKeyValue/ds:RSAKeyValue/Modulus",
1161 GWEN_Buffer_GetStart(b64buf));
1162 GWEN_Buffer_free(b64buf);
1163 }
1164
1165
1166 /* get exponent */
1167 p=GWEN_Crypt_Token_KeyInfo_GetExponentData(ki);
1168 len=GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki);
1169 if (p==NULL || len==0) {
1170 DBG_INFO(AQEBICS_LOGDOMAIN, "here (%d)", rv);
1171 return GWEN_ERROR_NO_DATA;
1172 }
1173 else {
1174 GWEN_BUFFER *b64buf;
1175
1176 b64buf=GWEN_Buffer_new(0, 256, 0, 1);
1177 rv=GWEN_Base64_Encode(p, len, b64buf, 0);
1178 if (rv<0) {
1179 DBG_ERROR(AQEBICS_LOGDOMAIN, "Could not encode data (%d)", rv);
1180 GWEN_Buffer_free(b64buf);
1181 return EB_RC_INTERNAL_ERROR;
1182 }
1183 EB_Xml_SetCharValue(node,
1184 "PubKeyValue/ds:RSAKeyValue/Exponent",
1185 GWEN_Buffer_GetStart(b64buf));
1186 GWEN_Buffer_free(b64buf);
1187 }
1188
1189 return 0;
1190 }
1191
1192
1193
EB_Key_Info_toBin(const GWEN_CRYPT_TOKEN_KEYINFO * ki,const char * userId,const char * version,int keySize,GWEN_BUFFER * buf)1194 EB_RC EB_Key_Info_toBin(const GWEN_CRYPT_TOKEN_KEYINFO *ki,
1195 const char *userId,
1196 const char *version,
1197 int keySize,
1198 GWEN_BUFFER *buf)
1199 {
1200 int i;
1201 char numbuf[32];
1202 const uint8_t *p;
1203 uint32_t len;
1204
1205 if (strlen(version)!=4) {
1206 DBG_ERROR(AQEBICS_LOGDOMAIN, "Invalid version \"%s\"", version);
1207 return EB_RC_KEYMGMT_UNSUPPORTED_VERSION_SIGNATURE;
1208 }
1209
1210 if (!userId || !*userId) {
1211 DBG_ERROR(AQEBICS_LOGDOMAIN, "Missing key owner");
1212 return EB_RC_INVALID_REQUEST;
1213 }
1214 GWEN_Buffer_AppendString(buf, version);
1215 i=(int)strlen(userId);
1216 if (i>8) {
1217 DBG_ERROR(AQEBICS_LOGDOMAIN, "User id too long");
1218 return EB_RC_INVALID_REQUEST;
1219 }
1220 GWEN_Buffer_AppendString(buf, userId);
1221 if (i<8)
1222 GWEN_Buffer_FillWithBytes(buf, ' ', 8-i);
1223
1224 /* get exponent */
1225 p=GWEN_Crypt_Token_KeyInfo_GetExponentData(ki);
1226 len=GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki);
1227 if (p==NULL || len==0) {
1228 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
1229 return EB_RC_INVALID_REQUEST;
1230 }
1231
1232 snprintf(numbuf, sizeof(numbuf), "%04d", keySize);
1233 GWEN_Buffer_AppendString(buf, numbuf);
1234 if (len<128)
1235 GWEN_Buffer_FillWithBytes(buf, 0, 128-len);
1236 GWEN_Buffer_AppendBytes(buf, (const char *)p, len);
1237
1238 /* get modulus */
1239 p=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
1240 len=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
1241 if (p==NULL || len==0) {
1242 DBG_INFO(AQEBICS_LOGDOMAIN, "here");
1243 return EB_RC_INVALID_REQUEST;
1244 }
1245 snprintf(numbuf, sizeof(numbuf), "%04d", keySize);
1246 GWEN_Buffer_AppendString(buf, numbuf);
1247 if (len<128)
1248 GWEN_Buffer_FillWithBytes(buf, 0, 128-len);
1249 GWEN_Buffer_AppendBytes(buf, (const char *)p, len);
1250
1251 GWEN_Buffer_FillWithBytes(buf, ' ', 236);
1252
1253 return 0;
1254 }
1255
1256
1257
1258
1259