From da00ff6db5e68773996ec79d711c45fb3444c580 Mon Sep 17 00:00:00 2001 From: NingSun Date: Wed, 14 Mar 2018 16:35:31 -0700 Subject: Remove win32 support in SoftHSMv2 Due to license issue, we have to remove win32 support in SoftHSMv2. Issue-ID: AAF-151 Change-Id: I31dda45ed84065819e26be8205747dd096a37432 Signed-off-by: NingSun --- SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp | 93 +++++++++++++++++++++++- 1 file changed, 89 insertions(+), 4 deletions(-) (limited to 'SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp') diff --git a/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp b/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp index 890f135..e5bb3b4 100644 --- a/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp +++ b/SoftHSMv2/src/lib/crypto/BotanGOSTPrivateKey.cpp @@ -38,6 +38,12 @@ #include "BotanRNG.h" #include "BotanUtil.h" #include +#include +#include +#include +#include +#include +#include // Constructors BotanGOSTPrivateKey::BotanGOSTPrivateKey() @@ -151,14 +157,93 @@ bool BotanGOSTPrivateKey::deserialise(ByteString& serialised) ByteString BotanGOSTPrivateKey::PKCS8Encode() { ByteString der; - // TODO - return der; + createBotanKey(); + if (eckey == NULL) return der; + // Force EC_DOMPAR_ENC_OID + const size_t PKCS8_VERSION = 0; +#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(2,0,0) + const std::vector parameters = eckey->domain().DER_encode(Botan::EC_DOMPAR_ENC_OID); + const Botan::AlgorithmIdentifier alg_id(eckey->get_oid(), parameters); + const Botan::secure_vector ber = + Botan::DER_Encoder() + .start_cons(Botan::SEQUENCE) + .encode(PKCS8_VERSION) + .encode(alg_id) + .encode(eckey->private_key_bits(), Botan::OCTET_STRING) + .end_cons() + .get_contents(); +#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0) + const std::vector parameters = eckey->domain().DER_encode(Botan::EC_DOMPAR_ENC_OID); + const Botan::AlgorithmIdentifier alg_id(eckey->get_oid(), parameters); + const Botan::secure_vector ber = + Botan::DER_Encoder() + .start_cons(Botan::SEQUENCE) + .encode(PKCS8_VERSION) + .encode(alg_id) + .encode(eckey->pkcs8_private_key(), Botan::OCTET_STRING) + .end_cons() + .get_contents(); +#else + const Botan::MemoryVector parameters = eckey->domain().DER_encode(Botan::EC_DOMPAR_ENC_OID); + const Botan::AlgorithmIdentifier alg_id(eckey->get_oid(), parameters); + const Botan::SecureVector ber = + Botan::DER_Encoder() + .start_cons(Botan::SEQUENCE) + .encode(PKCS8_VERSION) + .encode(alg_id) + .encode(eckey->pkcs8_private_key(), Botan::OCTET_STRING) + .end_cons() + .get_contents(); +#endif + der.resize(ber.size()); + memcpy(&der[0], &ber[0], ber.size()); + return der; } // Decode from PKCS#8 BER -bool BotanGOSTPrivateKey::PKCS8Decode(const ByteString& /*ber*/) +bool BotanGOSTPrivateKey::PKCS8Decode(const ByteString& ber) { - return false; + Botan::DataSource_Memory source(ber.const_byte_str(), ber.size()); + if (source.end_of_data()) return false; +#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,0) + Botan::secure_vector keydata; +#else + Botan::SecureVector keydata; +#endif + Botan::AlgorithmIdentifier alg_id; + Botan::GOST_3410_PrivateKey* key = NULL; + try + { + Botan::BER_Decoder(source) + .start_cons(Botan::SEQUENCE) + .decode_and_check(0, "Unknown PKCS #8 version number") + .decode(alg_id) + .decode(keydata, Botan::OCTET_STRING) + .discard_remaining() + .end_cons(); + if (keydata.empty()) + throw Botan::Decoding_Error("PKCS #8 private key decoding failed"); + if (Botan::OIDS::lookup(alg_id.oid).compare("GOST-34.10")) + { + ERROR_MSG("Decoded private key not GOST-34.10"); + + return false; + } + key = new Botan::GOST_3410_PrivateKey(alg_id, keydata); + if (key == NULL) return false; + + setFromBotan(key); + + delete key; + } + catch (std::exception& e) + { + ERROR_MSG("Decode failed on %s", e.what()); + + return false; + } + + return true; } // Retrieve the Botan representation of the key -- cgit 1.2.3-korg