r3048 - in trunk/libmcrypto: include/libmcrypto source

erik at minisip.org erik at minisip.org
Thu Dec 21 18:34:28 CET 2006 

Author: erik
Date: 2006-12-21 18:34:27 +0100 (Thu, 21 Dec 2006)
New Revision: 3048

Modified:
   trunk/libmcrypto/include/libmcrypto/SipSim.h
   trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h
   trunk/libmcrypto/source/SipSimSmartCardGD.cxx
Log:

* Made the SipSim base class contain certificates. It's a bit tricky
  how to do this - we need to get a certificate from the SIM, but
  at the same time we dont't want to return a libmcrypto "certificate"
  since that one implements crypto functions in software that the
  SIM implements in hardware.

  I put them in here as a first step, and we should use the
  sim->getSignature instead of the one in certificate.
  (SipSimSoft will call certificate->sign, and
  SipSimSmartCardGD will talk to the smart card).

  This is not a bug (but maybe not a nice design), but the certificate
  associated with a smart card does not know the private key and trying
  to do it in software will fail.

 * I made all getSignature methods take the same parameters (i.e. have the
   same signature :)

 * Added length of data to be signed, and a hash algorithm parameter.
   The signature uses the PKCS#1 (RFC3447) standard.




Modified: trunk/libmcrypto/include/libmcrypto/SipSim.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/SipSim.h	2006-12-21 16:45:52 UTC (rev 3047)
+++ trunk/libmcrypto/include/libmcrypto/SipSim.h	2006-12-21 17:34:27 UTC (rev 3048)
@@ -48,8 +48,14 @@
 				bool doHash, 
 				int hash_alg=HASH_SHA1) = 0;
 
-	virtual MRef<certificate_chain *> getCertificateChain() = 0;
-	virtual MRef<ca_db *> getCAs() = 0;
+	virtual MRef<certificate_chain *> getCertificateChain(){return certChain;}
+	virtual MRef<ca_db *> getCAs(){return ca_set;}
+	
+
+protected:
+	MRef<certificate_chain *> certChain;
+	MRef<ca_db *> ca_set;
+
 };
 
 #endif

Modified: trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h	2006-12-21 16:45:52 UTC (rev 3047)
+++ trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h	2006-12-21 17:34:27 UTC (rev 3048)
@@ -26,7 +26,6 @@
 #define SIPSIMSMARTCARDGD_H 
 
 #include <vector>
-// #include <PCSC/winscard.h>
 #include <libmcrypto/SmartCard.h>
 #include <libmcrypto/SipSim.h>
 #include <libmcrypto/SipSimDh.h>
@@ -40,7 +39,6 @@
 	
 	~SipSimSmartCardGD();
 
-
 /* select MIKEY applet APDU */
 	bool selectMikeyApp();
 
@@ -58,8 +56,8 @@
 	the randomLength is in bits*/
 	unsigned char * getRandomValue(unsigned long randomLength);    
 
-	bool getSignature(unsigned char * hashValuePtr, unsigned long & signatureLength, 
-					  unsigned char * signaturePtr);
+	bool getSignature(unsigned char * dataPtr, int dataLength, unsigned char *signaturePtr, int& signatureLength, 
+			bool doHash, int hash_alg=HASH_SHA1);
 
 /* the first one is for Diffie-Hellman key agreement whereas the second one is for Public key based key agreement*/
 	virtual bool getTekDh(unsigned char csId, unsigned long csbIdValue,

Modified: trunk/libmcrypto/source/SipSimSmartCardGD.cxx
===================================================================
--- trunk/libmcrypto/source/SipSimSmartCardGD.cxx	2006-12-21 16:45:52 UTC (rev 3047)
+++ trunk/libmcrypto/source/SipSimSmartCardGD.cxx	2006-12-21 17:34:27 UTC (rev 3048)
@@ -301,8 +301,8 @@
 		throw SmartCardException("unconnected card or the user doesn't have proper access level. Correct userPinCode is required");
 }
 
-bool SipSimSmartCardGD::getSignature(unsigned char * hashValuePtr, unsigned long & signatureLength, 
-									 unsigned char * signaturePtr)
+bool SipSimSmartCardGD::getSignature(unsigned char *dataPtr, int dataLength, unsigned char *signaturePtr, int & signatureLength, 
+									 bool doHash, int hash_alg)
 {
 	if(establishedConnection == true && verifiedCard == 1 && blockedCard ==0){	
 		sendBufferLength = 26;											// sha-1 has 20 bytes (160 bits) output as message digest
@@ -319,7 +319,8 @@
 		sendBuffer[2] = 0x10;
 		sendBuffer[3] = 0x00;
 		sendBuffer[4] = 0x14;											// sha-1 has 20 bytes (160 bits) output as message digest
-		memcpy(&sendBuffer[5], hashValuePtr, 20);
+		assert(dataLength==20); //TODO: FIXME: do not assert this - use doHash, and compute hash if necessary -EE
+		memcpy(&sendBuffer[5], dataPtr, 20);
 		sendBuffer[25] = 0x80;
 
 		transmitApdu(sendBufferLength, sendBuffer, recvBufferLength, recvBuffer);

More information about the Minisip-devel mailing list