Merge 42531fb into 1017afc

cose-wg · May 7, 2020 · ed13086 · ed13086
2 parents 1017afc + 42531fb
commit ed13086
Show file tree

Hide file tree

Showing 14 changed files with 491 additions and 107 deletions.
diff --git a/include/cose/cose.h b/include/cose/cose.h
@@ -3,6 +3,9 @@
 #include <stdbool.h>
 #include <cn-cbor/cn-cbor.h>
 #include "cose/cose_configure.h"
+#ifdef COSE_C_USE_OPENSSL
+#include <openssl/evp.h>
+#endif
 
 #ifdef __cplusplus
 extern "C" {
@@ -21,6 +24,7 @@ typedef struct _cose_mac* HCOSE_MAC;
 typedef struct _cose_mac0* HCOSE_MAC0;
 typedef struct _cose_counterSignature* HCOSE_COUNTERSIGN;
 typedef struct _cose_counterSignature1* HCOSE_COUNTERSIGN1;
+typedef struct _cose_key* HCOSE_KEY;
 
 /**
  * All of the different kinds of errors
@@ -209,6 +213,19 @@ typedef enum {
 	COSE_Curve_Ed448 = 7,
 } COSE_Curves;
 
+/*
+ * Functions dealing with keys
+ */
+
+HCOSE_KEY COSE_KEY_FromCbor(cn_cbor* pcborKey,
+	CBOR_CONTEXT_COMMA cose_errback* perror);
+bool COSE_KEY_Free(HCOSE_KEY h);
+#ifdef COSE_C_USE_OPENSSL
+HCOSE_KEY COSE_KEY_FromEVP(EVP_PKEY* opensslKey,
+	cn_cbor* pcborKey,
+	CBOR_CONTEXT_COMMA cose_errback* perror);
+#endif
+
 /*
  *  messages dealing with the Enveloped message type
  */
@@ -288,11 +305,20 @@ bool COSE_Recipient_SetKey_secret(HCOSE_RECIPIENT h,
 bool COSE_Recipient_SetKey(HCOSE_RECIPIENT h,
 	const cn_cbor* pKey,
 	cose_errback* perror);
+bool COSE_Recipient_SetKey2(HCOSE_RECIPIENT h,
+	HCOSE_KEY hKey,
+	cose_errback* perror);
+
 bool COSE_Recipient_SetSenderKey(HCOSE_RECIPIENT h,
 	const cn_cbor* pKey,
 	int destination,
 	cose_errback* perror);
-bool COSE_Recipient_SetExternal(HCOSE_RECIPIENT hcose,
+bool COSE_Recipient_SetSenderKey2(HCOSE_RECIPIENT h,
+	HCOSE_KEY hKey,
+	int destintion,
+	cose_errback* perror);
+
+	bool COSE_Recipient_SetExternal(HCOSE_RECIPIENT hcose,
 	const byte* pbExternalData,
 	size_t cbExternalData,
 	cose_errback* perr);
@@ -480,6 +506,9 @@ bool COSE_Signer_Free(HCOSE_SIGNER cose);
 bool COSE_Signer_SetKey(HCOSE_SIGNER hSigner,
 	const cn_cbor* pkey,
 	cose_errback* perr);
+bool COSE_Signer_SetKey2(HCOSE_SIGNER hSigner,
+	HCOSE_KEY pkey,
+	cose_errback* perr);
 cn_cbor* COSE_Signer_map_get_int(HCOSE_SIGNER h,
 	int key,
 	int flags,
@@ -525,9 +554,13 @@ bool COSE_Sign1_SetExternal(HCOSE_SIGN1 hcose,
 	cose_errback* perr);
 
 bool COSE_Sign1_Sign(HCOSE_SIGN1 h, const cn_cbor* pkey, cose_errback* perr);
+bool COSE_Sign1_Sign2(HCOSE_SIGN1 h, HCOSE_KEY pkey, cose_errback* perr);
 bool COSE_Sign1_validate(HCOSE_SIGN1 hSign,
 	const cn_cbor* pkey,
 	cose_errback* perr);
+bool COSE_Sign1_validate2(HCOSE_SIGN1 hSign,
+	HCOSE_KEY pkey,
+	cose_errback* perr);
 cn_cbor* COSE_Sign1_map_get_int(HCOSE_SIGN1 h,
 	int key,
 	int flags,
@@ -560,6 +593,9 @@ bool COSE_CounterSign_SetExternal(HCOSE_COUNTERSIGN cose, const byte* pbExternal
 bool COSE_CounterSign_SetKey(HCOSE_COUNTERSIGN,
 	const cn_cbor* pkey,
 	cose_errback* perr);
+bool COSE_CounterSign_SetKey2(HCOSE_COUNTERSIGN,
+	HCOSE_KEY pkey,
+	cose_errback* perr);
 
 
 HCOSE_COUNTERSIGN COSE_Signer_add_countersignature(HCOSE_SIGNER hSigner, HCOSE_COUNTERSIGN hCountersignature, cose_errback* perr);

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
@@ -39,6 +39,7 @@ set(cose_sources
     cose_crypto.h
     cose_int.h
     Cose.c
+    CoseKey.c
     CounterSign.c
     CounterSign0.c
     MacMessage.c

diff --git a/src/Cose.c b/src/Cose.c
@@ -55,6 +55,7 @@ bool _COSE_Init(COSE_INIT_FLAGS flags,
 	pcose->m_unprotectMap =
 		cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & errState);
 	CHECK_CONDITION_CBOR(pcose->m_unprotectMap != NULL, errState);
+	pcose->m_ownUnprotectedMap = true;
 	CHECK_CONDITION_CBOR(
 		_COSE_array_replace(pcose, pcose->m_unprotectMap, INDEX_UNPROTECTED,
 			CBOR_CONTEXT_PARAM_COMMA & errState),

diff --git a/src/CoseKey.c b/src/CoseKey.c
@@ -0,0 +1,131 @@
+#include <stdlib.h>
+
+#include "cose/cose.h"
+#include "cose/cose_configure.h"
+#include "cose_int.h"
+#include "cose_crypto.h"
+
+COSE_KEY *KeysRoot = NULL;
+
+/*! \private
+ * @brief Test if a HCOSE_ENVELOPED handle is valid
+ *
+ *  Internal function to test if a enveloped message handle is valid.
+ *  This will start returning invalid results and cause the code to
+ *  crash if handles are not released before the memory that underlies them
+ *  is deallocated.  This is an issue of a block allocator is used since
+ *  in that case it is common to allocate memory but never to de-allocate it
+ *  and just do that in a single big block.
+ *
+ *  @param h handle to be validated
+ *  @returns result of check
+ */
+
+bool IsValidKeyHandle(HCOSE_KEY h)
+{
+	COSE_KEY *p = (COSE_KEY*)h;
+	if (KeysRoot == NULL) {
+		return false;
+	}
+	if (p == NULL) {
+		return false;
+	}
+
+	for (const COSE_KEY *walk = KeysRoot; walk != NULL; walk = walk->m_nextKey) {
+		if (walk == p) {
+			return true;
+		}
+	}
+	return false;
+}
+
+HCOSE_KEY COSE_KEY_FromCbor(cn_cbor *pcborKey,
+	CBOR_CONTEXT_COMMA cose_errback *perror)
+{
+	COSE_KEY *pkey = NULL;
+
+	pkey = (COSE_KEY *)COSE_CALLOC(1, sizeof(COSE_KEY), context);
+
+	if (pkey == NULL) {
+		if (perror != NULL) {
+			perror->err = COSE_ERR_OUT_OF_MEMORY;
+		}
+		return NULL;
+	}
+
+#ifdef USE_CBOR_CONTEXT
+	if (context != NULL) {
+		pkey->m_allocContext = *context;
+	}
+#endif
+
+	pkey->m_refCount = 1;
+	pkey->m_cborKey = pcborKey;
+
+	pkey->m_nextKey = KeysRoot;
+	KeysRoot = pkey;
+
+	return (HCOSE_KEY)pkey;
+}
+
+bool COSE_KEY_Free(HCOSE_KEY h)
+{
+	COSE_KEY *p = (COSE_KEY *)h;
+	if (!IsValidKeyHandle(h)) {
+		return false;	
+	}
+
+	if (p->m_refCount > 1) {
+		p->m_refCount--;
+		return true;
+	}
+
+	if (KeysRoot == p) {
+		KeysRoot = p->m_nextKey;
+		p->m_nextKey = NULL;;
+	}
+	else {
+		for (COSE_KEY *walk = KeysRoot; walk->m_nextKey != NULL;
+			 walk = walk->m_nextKey) {
+			if (walk->m_nextKey == p) {
+				walk->m_nextKey = p->m_nextKey;
+				p->m_nextKey = NULL;
+				break;
+			}
+		}
+	}
+
+	COSE_FREE(p, &p->m_allocContext);
+
+	return true;
+}
+
+#if defined(COSE_C_USE_OPENSSL) && (OPENSSL_VERSION_NUMBER > 0x10100000L)
+HCOSE_KEY COSE_KEY_FromEVP(EVP_PKEY * opensslKey, cn_cbor * pcborKey, CBOR_CONTEXT_COMMA cose_errback* perror)
+{
+	COSE_KEY *pkey = NULL;
+
+	pkey = (COSE_KEY *)COSE_CALLOC(1, sizeof(COSE_KEY), context);
+
+	if (pkey == NULL) {
+		perror->err = COSE_ERR_OUT_OF_MEMORY;
+		return NULL;
+	}
+
+#ifdef USE_CBOR_CONTEXT
+	if (context != NULL) {
+		pkey->m_allocContext = *context;
+	}
+#endif
+
+	pkey->m_refCount = 1;
+	pkey->m_cborKey = pcborKey;
+	pkey->m_opensslKey = opensslKey;
+	EVP_PKEY_up_ref(opensslKey);
+
+	pkey->m_nextKey = KeysRoot;
+	KeysRoot = pkey;
+
+	return (HCOSE_KEY)pkey;
+}
+#endif
diff --git a/src/CounterSign.c b/src/CounterSign.c
@@ -230,17 +230,44 @@ bool COSE_CounterSign_SetKey(HCOSE_COUNTERSIGN h,
 	cose_errback* perr)
 {
 	bool fRet = false;
-	CHECK_CONDITION(IsValidCounterSignHandle(h), COSE_ERR_INVALID_HANDLE);
+	HCOSE_KEY coseKey = NULL;
+#ifdef USE_CBOR_CONTEXT
+	cn_cbor_context* context = NULL;
+#endif
+
 	CHECK_CONDITION(pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+	coseKey = COSE_KEY_FromCbor((cn_cbor*) pkey, CBOR_CONTEXT_PARAM_COMMA perr);
+	CHECK_CONDITION(coseKey != NULL, COSE_ERR_OUT_OF_MEMORY);
 
-	COSE_CounterSign* p = (COSE_CounterSign*)h;
-	if (p->m_signer.m_pkey != NULL) {
-		CN_CBOR_FREE(p->m_signer.m_pkey, &p->m_signer.m_message.m_allocContext);
+	fRet = COSE_CounterSign_SetKey2(h, coseKey, perr);
+
+errorReturn:
+	if (coseKey != NULL) {
+		COSE_KEY_Free(coseKey);
 	}
-	p->m_signer.m_pkey = (cn_cbor *) pkey;
+	return fRet;
+}
+
+bool COSE_CounterSign_SetKey2(HCOSE_COUNTERSIGN hSigner, HCOSE_KEY hKey, cose_errback* perr)
+{
+	bool fRet = false;
+	COSE_CounterSign* pSigner = (COSE_CounterSign*)hSigner;
 
+	CHECK_CONDITION(IsValidCounterSignHandle(hSigner), COSE_ERR_INVALID_HANDLE);
+	CHECK_CONDITION(IsValidKeyHandle(hKey), COSE_ERR_INVALID_HANDLE);
+
+	if (pSigner->m_signer.m_pkey != NULL) {
+		COSE_KEY_Free((HCOSE_KEY) pSigner->m_signer.m_pkey);
+	}
+	COSE_KEY* pKey = (COSE_KEY*)hKey;
+
+	pSigner->m_signer.m_pkey = pKey;
+	if (hKey != NULL) {
+		pKey->m_refCount += 1;
+	}
 	fRet = true;
-errorReturn:
+
+	errorReturn:
 	return fRet;
 }