1/*
2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19/*
20 * RSA_DSA_csp.cpp - Algorithm factory for RSA/DSA
21 */
22
23#include "RSA_DSA_csp.h"
24#include "RSA_DSA_signature.h"					/* raw signer */
25#include <SHA1_MD5_Object.h>		/* raw digest */
26#include <SignatureContext.h>
27#include <security_cdsa_utilities/digestobject.h>
28#include "RSA_DSA_keys.h"
29#include "RSA_asymmetric.h"
30#include <MD2Object.h>
31#include <SHA2_Object.h>
32#include <Security/cssmapple.h>
33
34#define OPENSSL_DSA_ENABLE	1
35
36Allocator *RSA_DSA_Factory::normAllocator;
37Allocator *RSA_DSA_Factory::privAllocator;
38
39/* normally found in crypto.h, which has way too much useless cruft....move these to
40 * a local header.... */
41extern "C" {
42extern int CRYPTO_set_mem_functions(
43	void *(*m)(size_t),
44	void *(*r)(void *,size_t),
45	void (*f)(void *));
46int CRYPTO_set_locked_mem_functions(
47	void *(*m)(size_t),
48	void (*free_func)(void *));
49}
50
51/*
52 * openssl-style memory allocator callbacks
53 */
54static void *osMalloc(size_t size)
55{
56	return RSA_DSA_Factory::privAllocator->malloc(size);
57}
58static void osFree(void *data)
59{
60	RSA_DSA_Factory::privAllocator->free(data);
61}
62static void *osRealloc(void *oldPtr, size_t newSize)
63{
64	return RSA_DSA_Factory::privAllocator->realloc(oldPtr, newSize);
65}
66
67RSA_DSA_Factory::RSA_DSA_Factory(Allocator *normAlloc, Allocator *privAlloc)
68{
69	setNormAllocator(normAlloc);
70	setPrivAllocator(privAlloc);
71	/* once-per-address space */
72	CRYPTO_set_mem_functions(osMalloc, osRealloc, osFree);
73	CRYPTO_set_locked_mem_functions(osMalloc, osFree);
74	/* these should go in a lib somewhere */
75	ERR_load_RSA_strings();
76	ERR_load_BN_strings();
77	ERR_load_DSA_strings();
78}
79
80RSA_DSA_Factory::~RSA_DSA_Factory()
81{
82	// TBD terminateCryptKit();
83}
84
85bool RSA_DSA_Factory::setup(
86	AppleCSPSession &session,
87	CSPFullPluginSession::CSPContext * &cspCtx,
88	const Context &context)
89{
90	switch(context.type()) {
91		case CSSM_ALGCLASS_SIGNATURE:
92			switch(context.algorithm()) {
93				case CSSM_ALGID_SHA1WithRSA:
94					if(cspCtx == NULL) {
95						cspCtx = new SignatureContext(session,
96							*(new SHA1Object()),
97							*(new RSASigner(*privAllocator,
98								session,
99								CSSM_ALGID_SHA1)));
100					}
101					return true;
102				case CSSM_ALGID_MD5WithRSA:
103					if(cspCtx == NULL) {
104						cspCtx = new SignatureContext(session,
105							*(new MD5Object()),
106							*(new RSASigner(*privAllocator,
107								session,
108								CSSM_ALGID_MD5)));
109					}
110					return true;
111				case CSSM_ALGID_MD2WithRSA:
112					if(cspCtx == NULL) {
113						cspCtx = new SignatureContext(session,
114							*(new MD2Object()),
115							*(new RSASigner(*privAllocator,
116								session,
117								CSSM_ALGID_MD2)));
118					}
119					return true;
120				#if	OPENSSL_DSA_ENABLE
121				case CSSM_ALGID_SHA1WithDSA:
122					if(cspCtx == NULL) {
123						cspCtx = new SignatureContext(session,
124							*(new SHA1Object()),
125							*(new DSASigner(*privAllocator,
126								session,
127								CSSM_ALGID_SHA1)));
128					}
129					return true;
130				case CSSM_ALGID_DSA:
131					if(cspCtx == NULL) {
132						cspCtx = new SignatureContext(session,
133							*(new NullDigest()),
134							*(new DSASigner(*privAllocator,
135								session,
136								// set later via setDigestAlgorithm but not used by DSA
137								CSSM_ALGID_NONE)));
138					}
139					return true;
140				#endif
141				case CSSM_ALGID_RSA:
142					if(cspCtx == NULL) {
143						cspCtx = new SignatureContext(session,
144							*(new NullDigest()),
145							*(new RSASigner(*privAllocator,
146								session,
147								// set later via setDigestAlgorithm
148								CSSM_ALGID_NONE)));
149					}
150					return true;
151				case CSSM_ALGID_SHA256WithRSA:
152					if(cspCtx == NULL) {
153						cspCtx = new SignatureContext(session,
154							*(new SHA256Object()),
155							*(new RSASigner(*privAllocator,
156								session,
157								CSSM_ALGID_SHA256)));
158					}
159					return true;
160				case CSSM_ALGID_SHA224WithRSA:
161					if(cspCtx == NULL) {
162						cspCtx = new SignatureContext(session,
163							*(new SHA224Object()),
164							*(new RSASigner(*privAllocator,
165								session,
166								CSSM_ALGID_SHA224)));
167					}
168					return true;
169				case CSSM_ALGID_SHA384WithRSA:
170					if(cspCtx == NULL) {
171						cspCtx = new SignatureContext(session,
172							*(new SHA384Object()),
173							*(new RSASigner(*privAllocator,
174								session,
175								CSSM_ALGID_SHA384)));
176					}
177					return true;
178				case CSSM_ALGID_SHA512WithRSA:
179					if(cspCtx == NULL) {
180						cspCtx = new SignatureContext(session,
181							*(new SHA512Object()),
182							*(new RSASigner(*privAllocator,
183								session,
184								CSSM_ALGID_SHA512)));
185					}
186					return true;
187				default:
188					break;
189			}
190			break;
191
192		case CSSM_ALGCLASS_KEYGEN:
193			switch(context.algorithm()) {
194				case CSSM_ALGID_RSA:
195				case CSSM_ALGMODE_PKCS1_EME_OAEP:
196					if(cspCtx == NULL) {
197						cspCtx = new RSAKeyPairGenContext(session, context);
198					}
199					return true;
200				#if	OPENSSL_DSA_ENABLE
201				case CSSM_ALGID_DSA:
202					if(cspCtx == NULL) {
203						cspCtx = new DSAKeyPairGenContext(session, context);
204					}
205					return true;
206				#endif
207				default:
208					break;
209			}
210			break;
211
212		case CSSM_ALGCLASS_ASYMMETRIC:
213			switch(context.algorithm()) {
214				case CSSM_ALGID_RSA:
215				case CSSM_ALGMODE_PKCS1_EME_OAEP:
216					if(cspCtx == NULL) {
217						cspCtx = new RSA_CryptContext(session);
218					}
219					return true;
220				default:
221					break;
222			}
223			break;
224
225		/* more here - symmetric, etc. */
226		default:
227			break;
228	}
229	/* not implemented here */
230	return false;
231}
232
233
234
235