YACA_KEY_CURVE_P256 = 256, /**< ECC: P-256 curve */
YACA_KEY_CURVE_P384 = 384, /**< ECC: SECP-384 curve */
YACA_KEY_UNSAFE_40BIT = 40,
- YACA_KEY_UNSAFE_56BIT = 56,
+ YACA_KEY_UNSAFE_64BIT = 64,
YACA_KEY_UNSAFE_80BIT = 80,
- YACA_KEY_UNSAFE_112BIT = 112,
YACA_KEY_UNSAFE_128BIT = 128,
YACA_KEY_192BIT = 192,
YACA_KEY_256BIT = 256,
#include <stdint.h>
#include <stdbool.h>
-#include <openssl/evp.h>
-
#include <yaca/crypto.h>
#include <yaca/error.h>
#include <yaca/key.h>
#include <openssl/rsa.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
+#include <openssl/des.h>
#include "internal.h"
goto out;
}
+ /* DES key length verification */
+ if (key_type == YACA_KEY_TYPE_DES) {
+ size_t key_bits = key_data_len * 8;
+ if (key_bits != YACA_KEY_UNSAFE_64BIT &&
+ key_bits != YACA_KEY_UNSAFE_128BIT &&
+ key_bits != YACA_KEY_192BIT) {
+ ret = YACA_ERROR_INVALID_ARGUMENT;
+ goto out;
+ }
+ }
+
nk = yaca_zalloc(sizeof(struct yaca_key_simple_s) + key_data_len);
if (nk == NULL) {
ret = YACA_ERROR_OUT_OF_MEMORY;
return 0;
}
+int gen_simple_des(struct yaca_key_simple_s **out, size_t key_bits)
+{
+ assert(out != NULL);
+
+ if (key_bits != YACA_KEY_UNSAFE_64BIT &&
+ key_bits != YACA_KEY_UNSAFE_128BIT &&
+ key_bits != YACA_KEY_192BIT)
+ return YACA_ERROR_INVALID_ARGUMENT;
+
+ int ret;
+ struct yaca_key_simple_s *nk;
+ size_t key_byte_len = key_bits / 8;
+
+ if (key_byte_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
+ return YACA_ERROR_TOO_BIG_ARGUMENT;
+
+ nk = yaca_zalloc(sizeof(struct yaca_key_simple_s) + key_byte_len);
+ if (nk == NULL)
+ return YACA_ERROR_OUT_OF_MEMORY;
+
+ DES_cblock *des_key = (DES_cblock*)nk->d;
+ if (key_byte_len >= 8) {
+ ret = DES_random_key(des_key);
+ if (ret != 1)
+ goto free_nk;
+ }
+ if (key_byte_len >= 16) {
+ ret = DES_random_key(des_key + 1);
+ if (ret != 1)
+ goto free_nk;
+ }
+ if (key_byte_len >= 24) {
+ ret = DES_random_key(des_key + 2);
+ if (ret != 1)
+ goto free_nk;
+ }
+
+ nk->bits = key_bits;
+ *out = nk;
+ return 0;
+
+free_nk:
+ yaca_free(nk);
+ ret = YACA_ERROR_INTERNAL;
+ ERROR_DUMP(ret);
+ return ret;
+}
+
int gen_evp_rsa(struct yaca_key_evp_s **out, size_t key_bits)
{
assert(out != NULL);
switch (key_type) {
case YACA_KEY_TYPE_SYMMETRIC:
+ case YACA_KEY_TYPE_DES:
case YACA_KEY_TYPE_IV:
return import_simple(key, key_type, data, data_len);
case YACA_KEY_TYPE_RSA_PUB:
case YACA_KEY_TYPE_DSA_PUB:
case YACA_KEY_TYPE_DSA_PRIV:
return import_evp(key, key_type, data, data_len);
- case YACA_KEY_TYPE_DES:
case YACA_KEY_TYPE_DH_PUB:
case YACA_KEY_TYPE_DH_PRIV:
case YACA_KEY_TYPE_ECDSA_PUB:
*key = (yaca_key_h)nk_simple;
return 0;
+ case YACA_KEY_TYPE_DES:
+ ret = gen_simple_des(&nk_simple, key_bits);
+ if (ret != 0)
+ return ret;
+
+ nk_simple->key.type = key_type;
+
+ *key = (yaca_key_h)nk_simple;
+ return 0;
+
case YACA_KEY_TYPE_RSA_PRIV:
ret = gen_evp_rsa(&nk_evp, key_bits);
if (ret != 0)
*key = (yaca_key_h)nk_evp;
return 0;
- case YACA_KEY_TYPE_DES:
case YACA_KEY_TYPE_DH_PRIV:
case YACA_KEY_TYPE_ECDSA_PRIV:
case YACA_KEY_TYPE_ECDH_PRIV:
projects / platform / core / security / yaca.git / commitdiff