cylink_link.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* Copyright 2001-2002 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#ifdef CYLINK_DSS
static const char rcsid[] = "$Header: /proj/cvs/isc/bind8/src/lib/dst/cylink_link.c,v 1.9 2001/05/29 05:48:05 marka Exp $";
/*
* Portions Copyright (c) 1995-1998 by Trusted Information Systems, Inc.
*
* Permission to use, copy modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND TRUSTED INFORMATION SYSTEMS
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
* TRUSTED INFORMATION SYSTEMS BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
* WITH THE USE OR PERFORMANCE OF THE SOFTWARE.
*/
/*
* This file contains two components
* 1. Interface to the CYLINK library to allow compilation of Bind
* all calls to CYLINK are contained inside this file.
* 2. The glue to connvert DSA KEYS to and from external formats
*/
#include "port_before.h"
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <memory.h>
#include "dst_internal.h"
#include <toolkit.h>
#include "port_after.h"
typedef struct cylinkkey {
char *dk_signer;
} DSA_Key;
const int out_len);
const int len);
const int buff_len);
const char *buff,
const int buff_len);
static void *dst_cylink_free_key_structure(void *key);
/*
* dst_cylink_init() Function to answer set up function pointers for
* CYLINK related functions
*/
int
{
return (1);
return (0);
SetDataOrder(1);
return (1);
}
/*
* dst_cylink_sign
* Call CYLINK signing functions to sign a block of data.
* There are three steps to signing, INIT (initialize structures),
* UPDATE (hash (more) data), FINAL (generate a signature). This
* routine performs one or more of these steps.
* Parameters
* algobj structure holds context for a sign done in multiple calls.
* context the context to use for this computation
* data data to be signed.
* len length in bytes of data.
* priv_key key to use for signing.
* signature location to store signature.
* sig_len size in bytes of signature field.
* returns
* N Success on SIG_MODE_FINAL = returns signature length in bytes
* N is 41 for DNS
* 0 Success on SIG_MODE_INIT and UPDATE
* <0 Failure
*/
static int
{
int sign_len = 0;
int status;
if (mode & SIG_MODE_INIT)
else if (context)
return (-1);
if (mode & SIG_MODE_INIT)
return (SIGN_UPDATE_FAILURE);
}
if (mode & SIG_MODE_FINAL) {
return (SIGN_FINAL_FAILURE);
return (SIGN_FINAL_FAILURE);
return (-1);
if (NULL_PRIV_KEY(key))
return (-2);
return (SIGN_FINAL_FAILURE);
sign_len = 1;
sign_len += SHA_LENGTH;
sign_len += SHA_LENGTH;
}
else {
return (-1);
}
return (sign_len);
}
/*
* Dst_cylink_verify
* Calls CYLINK verification routines. There are three steps to
* verification, INIT (initialize structures), UPDATE (hash (more) data),
* FINAL (generate a signature). This routine performs one or more of
* these steps.
* Parameters
* dkey structure holds context for a verify done in multiple calls.
* context algorithm specific context for the current context processing
* data data signed.
* len length in bytes of data.
* pub_key key to use for verify.
* signature signature.
* sig_len length in bytes of signature.
* returns
* 0 Success
* <0 Failure
*/
static int
{
int status;
if (mode & SIG_MODE_INIT)
else if (context)
return (-1);
if (mode & SIG_MODE_INIT)
return (VERIFY_UPDATE_FAILURE);
}
if (mode & SIG_MODE_FINAL) {
return (-1);
if (NULL_PUB_KEY(key))
return (-2);
return (SIGN_FINAL_FAILURE);
return (SIGN_FINAL_FAILURE);
return(VERIFY_FINAL_FAILURE);
r, s, digest);
return (VERIFY_FINAL_FAILURE);
}
else {
return (-1);
}
return (0);
}
/*
* dst_cylink_to_dns_key
* Converts key from DSA to DNS distribution format
* This function gets in a pointer to the public key and a work area
* to write the key into.
* Parameters
* public KEY structure
* out_str buffer to write encoded key into
* out_len size of out_str
* Return
* N >= 0 length of encoded key
* n < 0 error
*/
static int
const int out_len)
{
int t;
return (-1);
*op++ = t;
op += SHA_LENGTH;
}
/*
* dst_cylink_from_dns_key
* Converts from a DNS KEY RR format to an RSA KEY.
* Parameters
* len Length in bytes of DNS key
* key DNS key
* name Key name
* s_key DST structure that will point to the RSA key this routine
* will build.
* Return
* 0 The input key, s_key or name was null.
* 1 Success
*/
static int
{
int t;
return (0);
if (len == 0) /* process null key */
return (1);
return (0);
t = (int) *key_ptr++; /* length of exponent in bytes */
return (0);
EREPORT(("dst_cylink_from_dns_key(): Memory allocation error 1"));
return (0);
}
return (0);
key_ptr += SHA_LENGTH;
return (0);
return (0);
return (0);
return (1);
}
/**************************************************************************
* dst_cylink_key_to_file_format
* Encodes an DSA Key into the portable file format.
* Parameters
* key DSA KEY structure
* buff output buffer
* buff_len size of output buffer
* Return
* 0 Failure - null input rkey
* -1 Failure - not enough space in output area
* N Success - Length of data returned in buff
*/
static int
const int buff_len)
{
char *bp;
return (0);
return (-1); /* no OR not enough space in output area */
/* write file header */
return (-1);
num, SHA_LENGTH)) <= 0)
return (-2);
return (-3);
num, SHA_LENGTH)) <= 0)
return (-4);
return (-4);
}
/**************************************************************************
* dst_cylink_key_from_file_format
* Converts contents of a private key file into a private DSA key.
* Parameters
* DSA_Key structure to put key into
* buff buffer containing the encoded key
* buff_len the length of the buffer
* Return
* n >= 0 Foot print of the key converted
* n < 0 Error in conversion
*/
static int
const int buff_len)
{
u_char s[DSS_LENGTH_MAX];
const char *p = buff;
return (-1);
return (-2);
}
if (!dst_s_verify_str(&p, "Prime(p): "))
return (-3);
return (-4);
return (-5);
if (dst_s_verify_str(&p, "Subprime(q): ")) {
return (-6);
return (-7);
} else if (dst_s_verify_str(&p, "Base(g): ")) {
return (-8);
== NULL)
return (-9);
} else if (dst_s_verify_str(&p, "Private_value(x): ")) {
return (-10);
return (-11);
} else if (dst_s_verify_str(&p, "Public_value(y): ")) {
return (-10);
== NULL)
return (-11);
} else {
EREPORT(("Decode_DSAKey(): Bad keyword %s\n", p));
return (-12);
}
} /* while p */
return (0);
}
/**************************************************************************
* dst_cylink_free_key_structure
* Frees all dynamicly allocated structures in DSA_Key.
*/
static void *
dst_cylink_free_key_structure(void *key)
{
}
return (NULL);
}
/**************************************************************************
* dst_cylink_generate_keypair
* Generates unique keys that are hard to predict.
* Parameters
* key generic Key structure
* exp the public exponent
* Return
* 0 Failure
* 1 Success
*/
static int
{
int status, n;
return (0);
EREPORT(("dst_cylink_generate_keypair: Memory allocation error 3"));
return (0);
}
EREPORT(("dst_cylink_generate_keypair: Memory allocation error 4"));
return (0);
}
if (n != sizeof(rand))
return (0);
return (0);
return (0);
return (1);
}
/*
* dst_cylink_compare_keys
* Compare two keys for equality.
* Return
* 0 The keys are equal
* NON-ZERO The keys are not equal
*/
static int
{
int status;
return (0);
return (2);
return(1);
return (201);
if (status)
return (status);
return (202);
} else
return (0);
}
static void *
if (n < size)
return dest;
}
#else
int
{
return (0);
}
#endif /* CYLINK */