1/* 2 * Copyright (c) 2006-2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24/* 25 * secCrypto.c - interface between SSL and SecKey/SecDH interfaces. 26 */ 27 28#include "secCrypto.h" 29 30#include <Security/Security.h> 31#include <Security/SecKeyPriv.h> 32#include <AssertMacros.h> 33 34/* Private Key operations */ 35static 36SecAsn1Oid oidForSSLHash(SSL_HashAlgorithm hash) 37{ 38 switch (hash) { 39 case SSL_HashAlgorithmSHA1: 40 return CSSMOID_SHA1WithRSA; 41 case SSL_HashAlgorithmSHA256: 42 return CSSMOID_SHA256WithRSA; 43 case SSL_HashAlgorithmSHA384: 44 return CSSMOID_SHA384WithRSA; 45 default: 46 break; 47 } 48 // Internal error 49 assert(0); 50 // This guarantee failure down the line 51 return CSSMOID_MD5WithRSA; 52} 53 54static 55int mySSLPrivKeyRSA_sign(void *key, SSL_HashAlgorithm hash, const uint8_t *plaintext, size_t plaintextLen, uint8_t *sig, size_t *sigLen) 56{ 57 SecKeyRef keyRef = key; 58 59 if(hash == SSL_HashAlgorithmNone) { 60 return SecKeyRawSign(keyRef, kSecPaddingPKCS1, plaintext, plaintextLen, sig, sigLen); 61 } else { 62 SecAsn1AlgId algId; 63 algId.algorithm = oidForSSLHash(hash); 64 return SecKeySignDigest(keyRef, &algId, plaintext, plaintextLen, sig, sigLen); 65 } 66} 67 68static 69int mySSLPrivKeyRSA_decrypt(void *key, const uint8_t *ciphertext, size_t ciphertextLen, uint8_t *plaintext, size_t *plaintextLen) 70{ 71 SecKeyRef keyRef = key; 72 73 return SecKeyDecrypt(keyRef, kSecPaddingPKCS1, ciphertext, ciphertextLen, plaintext, plaintextLen); 74} 75 76 77 78