r3100 - in trunk: libmcrypto/include/libmcrypto libmcrypto/source
libmcrypto/source/openssl libmikey/keyagreement
xuan at minisip.org
xuan at minisip.org
Tue Jan 9 11:36:38 CET 2007
Author: xuan
Date: 2007-01-09 11:36:37 +0100 (Tue, 09 Jan 2007)
New Revision: 3100
Added:
trunk/libmcrypto/include/libmcrypto/sha1.h
trunk/libmcrypto/source/openssl/sha1.cxx
Modified:
trunk/libmcrypto/include/libmcrypto/Makefile.am
trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h
trunk/libmcrypto/source/SipSimSmartCardGD.cxx
trunk/libmcrypto/source/openssl/Makefile.am
trunk/libmcrypto/source/openssl/cert.cxx
trunk/libmikey/keyagreement/keyagreement_dh.cxx
Log:
added the message digest calculation for the raw data message using SHA1.
added the setCertificateChain and setCA functions in order to temporarily get
user certificate and CA certificate locally. When the new set of APDUs
for handling those functions are implemented in the future, minisip should be
able to get them in smart cards.
Modified: trunk/libmcrypto/include/libmcrypto/Makefile.am
===================================================================
--- trunk/libmcrypto/include/libmcrypto/Makefile.am 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/include/libmcrypto/Makefile.am 2007-01-09 10:36:37 UTC (rev 3100)
@@ -30,6 +30,7 @@
hmac.h \
OakleyDH.h \
rand.h \
+ sha1.h \
uuid.h \
config.h \
TLSException.h \
Modified: trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/include/libmcrypto/SipSimSmartCardGD.h 2007-01-09 10:36:37 UTC (rev 3100)
@@ -39,6 +39,9 @@
~SipSimSmartCardGD();
+ void setCertificateChain(MRef<certificate_chain*> c);
+ void setCA(MRef<ca_db *> ca);
+
/* select MIKEY applet APDU */
bool selectMikeyApp();
Added: trunk/libmcrypto/include/libmcrypto/sha1.h
===================================================================
--- trunk/libmcrypto/include/libmcrypto/sha1.h 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/include/libmcrypto/sha1.h 2007-01-09 10:36:37 UTC (rev 3100)
@@ -0,0 +1,49 @@
+/*
+ Copyright (C) 2006 Werner Dittmann
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
+
+/*
+ * Authors: Erik Eliasson <eliasson at it.kth.se>
+ * Pan Xuan <xuan at kth.se>
+ */
+
+#ifndef _SHA1_H
+#define _SHA1_H
+
+#include <libmcrypto/config.h>
+
+
+/**
+ * Compute SHA1 digest.
+ *
+ * This functions takes one data chunk and computes its SHA1 digest. It uses
+ * the openSSL SHA1 implementation.
+ *
+ * @param data
+ * Points to the data chunk.
+ * @param data_length
+ * Length of the data in bytes
+ * @param digest
+ * Points to a buffer that receives the computed digest. This
+ * buffer must have a size of at least 32 bytes (SHA256_DIGEST_LENGTH).
+ */
+LIBMCRYPTO_API void sha1(unsigned char * data,
+ unsigned int data_length,
+ unsigned char * digest);
+
+#endif
+
Modified: trunk/libmcrypto/source/SipSimSmartCardGD.cxx
===================================================================
--- trunk/libmcrypto/source/SipSimSmartCardGD.cxx 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/source/SipSimSmartCardGD.cxx 2007-01-09 10:36:37 UTC (rev 3100)
@@ -23,6 +23,7 @@
#include <libmcrypto/SipSimSmartCardGD.h>
#include <libmcrypto/SmartCardException.h>
+#include <libmcrypto/sha1.h>
using namespace std;
@@ -63,6 +64,14 @@
}
}
+void SipSimSmartCardGD::setCertificateChain(MRef<certificate_chain *> c){
+ certChain = c;
+}
+
+void SipSimSmartCardGD::setCA(MRef<ca_db *> ca){
+ ca_set = ca;
+}
+
bool SipSimSmartCardGD::selectMikeyApp(){
sendBufferLength = 17;
recvBufferLength = 2;
@@ -312,7 +321,14 @@
bool doHash, int hash_alg)
{
if(establishedConnection == true && verifiedCard == 1 && blockedCard ==0){
- sendBufferLength = 26; // sha-1 has 20 bytes (160 bits) output as message digest
+ unsigned char * messageDigestPtr = NULL;
+ unsigned long messageDigestLengh = 20;
+ if (doHash){
+ messageDigestPtr = new unsigned char[20];
+ sha1(dataPtr, dataLength, messageDigestPtr);
+ }
+
+ sendBufferLength = 26;
recvBufferLength = 130; // this time we don't know the size of the receive buffer. Assume 128 is big enough and we
// send the reference of recvBufferLength to this function and get that actual size from it
clearBuffer();
@@ -326,14 +342,11 @@
sendBuffer[2] = 0x10;
sendBuffer[3] = 0x00;
sendBuffer[4] = 0x14; // sha-1 has 20 bytes (160 bits) output as message digest
- memcpy(&sendBuffer[5], dataPtr, 20);
+ memcpy(&sendBuffer[5], messageDigestPtr, 20);
sendBuffer[25] = 0x80;
- // sendBuffer[13] = 0x00;
//assert(dataLength==20); //TODO: FIXME: do not assert this - use doHash, and compute hash if necessary -EE
- //memcpy(&sendBuffer[5], dataPtr, 20);
-
transmitApdu(sendBufferLength, sendBuffer, recvBufferLength, recvBuffer);
sw_1_2 = recvBuffer[recvBufferLength - 2] << 8 | recvBuffer[recvBufferLength - 1];
@@ -342,14 +355,19 @@
break;
case 0x6004:
clearBuffer();
- throw SmartCardException("failed to sign the message digest on the smart card");
+ return false;
+ //throw SmartCardException("failed to sign the message digest on the smart card");
default:
clearBuffer();
- throw SmartCardException("Unknown state value was returned when signing the message digest");
+ return false;
+ //throw SmartCardException("Unknown state value was returned when signing the message digest");
}
signatureLength = recvBufferLength - 2;
memcpy(signaturePtr, recvBuffer, signatureLength);
clearBuffer();
+ if (messageDigestPtr)
+ delete [] messageDigestPtr;
+
return true;
}
else
Modified: trunk/libmcrypto/source/openssl/Makefile.am
===================================================================
--- trunk/libmcrypto/source/openssl/Makefile.am 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/source/openssl/Makefile.am 2007-01-09 10:36:37 UTC (rev 3100)
@@ -16,6 +16,7 @@
ZrtpDH.cxx \
hmac.cxx \
rand.cxx \
+ sha1.cxx \
TLSException.cxx \
TLSServerSocket.cxx \
TLSSocket.cxx \
Modified: trunk/libmcrypto/source/openssl/cert.cxx
===================================================================
--- trunk/libmcrypto/source/openssl/cert.cxx 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/source/openssl/cert.cxx 2007-01-09 10:36:37 UTC (rev 3100)
@@ -361,7 +361,7 @@
ERR_error_string_n( err, buf, sizeof(buf) );
cerr << "RSA_private_decrypt: " << buf << endl;
- cerr << binToHex( data, size ) << endl;
+ //cerr << binToHex( data, size ) << endl;
return false;
}
@@ -396,7 +396,7 @@
ERR_error_string_n( err, buf, sizeof(buf) );
cerr << "RSA_public_encrypt: " << buf << endl;
- cerr << binToHex( data, size ) << endl;
+ //cerr << binToHex( data, size ) << endl;
return false;
}
Added: trunk/libmcrypto/source/openssl/sha1.cxx
===================================================================
--- trunk/libmcrypto/source/openssl/sha1.cxx 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmcrypto/source/openssl/sha1.cxx 2007-01-09 10:36:37 UTC (rev 3100)
@@ -0,0 +1,37 @@
+/*
+ Copyright (C) 2005, 2004 Erik Eliasson, Johan Bilien
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
+
+/*
+ * Authors: Erik Eliasson <eliasson at it.kth.se>
+ * Pan Xuan <xuan at kth.se>
+*/
+
+#include<config.h>
+
+#include <libmcrypto/sha1.h>
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+
+void sha1(unsigned char * data, unsigned int data_length,
+ unsigned char * digest ){
+ SHA1(data, (unsigned long)data_length, digest);
+}
Modified: trunk/libmikey/keyagreement/keyagreement_dh.cxx
===================================================================
--- trunk/libmikey/keyagreement/keyagreement_dh.cxx 2007-01-08 17:35:13 UTC (rev 3099)
+++ trunk/libmikey/keyagreement/keyagreement_dh.cxx 2007-01-09 10:36:37 UTC (rev 3100)
@@ -95,11 +95,11 @@
}
KeyAgreementDH::KeyAgreementDH( MRef<SipSim*> s ):
- KeyAgreementDHBase(),
PeerCertificates( s->getCertificateChain(), s->getCAs() ),
useSim(true),
sim(s)
{
+
}
KeyAgreementDH::~KeyAgreementDH(){
More information about the Minisip-devel
mailing list