SM: common SM 'increase-sequence-counter' procedure
This commit is contained in:
parent
6a4de6d551
commit
d30cd83ad4
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* sm-common.c: Common cryptographic procedures related to
|
||||
* Secure Messaging
|
||||
* Secure Messaging
|
||||
*
|
||||
* Copyright (C) 2010 Viktor Tarasov <vtarasov@opentrust.com>
|
||||
* OpenTrust <www.opentrust.com>
|
||||
|
@ -48,6 +48,7 @@
|
|||
#include "libopensc/log.h"
|
||||
|
||||
#include "sm-common.h"
|
||||
|
||||
/*
|
||||
* From crypto/des/des_locl.h of OpenSSL .
|
||||
*/
|
||||
|
@ -97,11 +98,11 @@ DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
|
|||
(unsigned char*)output,l8,ks2,iv,!enc);
|
||||
DES_cbc_encrypt((unsigned char*)output,
|
||||
(unsigned char*)output,l8,ks1,iv,enc);
|
||||
if (length >= sizeof(DES_cblock))
|
||||
if ((unsigned)length >= sizeof(DES_cblock))
|
||||
memcpy(icv_out,output[off],sizeof(DES_cblock));
|
||||
}
|
||||
else {
|
||||
if (length >= sizeof(DES_cblock))
|
||||
if ((unsigned)length >= sizeof(DES_cblock))
|
||||
memcpy(icv_out,input[off],sizeof(DES_cblock));
|
||||
DES_cbc_encrypt((unsigned char*)input,
|
||||
(unsigned char*)output,l8,ks1,iv,enc);
|
||||
|
@ -325,14 +326,8 @@ sm_encrypt_des_cbc3(struct sc_context *ctx, unsigned char *key,
|
|||
memcpy(data, in, in_len);
|
||||
|
||||
memcpy(data + in_len, "\x80\0\0\0\0\0\0\0", 8);
|
||||
if (not_force_pad) {
|
||||
data_len = in_len + 7;
|
||||
data_len -= (data_len%8);
|
||||
}
|
||||
else {
|
||||
data_len = in_len + 8;
|
||||
data_len -= (data_len%8);
|
||||
}
|
||||
data_len = in_len + (not_force_pad ? 7 : 8);
|
||||
data_len -= (data_len%8);
|
||||
sc_log(ctx, "SM encrypt_des_cbc3: data to encrypt (len:%i,%s)", data_len, sc_dump_hex(data, data_len));
|
||||
|
||||
*out_len = data_len;
|
||||
|
@ -352,3 +347,19 @@ sm_encrypt_des_cbc3(struct sc_context *ctx, unsigned char *key,
|
|||
free(data);
|
||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
sm_incr_ssc(unsigned char *ssc, size_t ssc_len)
|
||||
{
|
||||
int ii;
|
||||
|
||||
if (!ssc)
|
||||
return;
|
||||
|
||||
for (ii = ssc_len - 1;ii >= 0; ii++) {
|
||||
*(ssc + ii) += 1;
|
||||
if (*(ssc + ii) != 0)
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -43,6 +43,7 @@ int sm_encrypt_des_cbc3(struct sc_context *ctx, unsigned char *key,
|
|||
not_force_pad);
|
||||
int sm_decrypt_des_cbc3(struct sc_context *ctx, unsigned char *key,
|
||||
unsigned char *data, size_t data_len, unsigned char **out, size_t *out_len);
|
||||
void sm_incr_ssc(unsigned char *ssc, size_t ssc_len);
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -229,22 +229,6 @@ sm_cwa_init_session_keys(struct sc_context *ctx, struct sm_cwa_session *session_
|
|||
}
|
||||
|
||||
|
||||
void
|
||||
sm_cwa_incr_ssc(struct sm_cwa_session *session_data)
|
||||
{
|
||||
int ii;
|
||||
|
||||
if (!session_data)
|
||||
return;
|
||||
|
||||
for (ii=7; ii>=0; ii--) {
|
||||
session_data->ssc[ii] += 1;
|
||||
if (session_data->ssc[ii])
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
sm_cwa_initialize(struct sc_context *ctx, struct sm_info *sm_info, struct sc_remote_data *rdata)
|
||||
{
|
||||
|
@ -335,7 +319,7 @@ sm_cwa_securize_apdu(struct sc_context *ctx, struct sm_info *sm_info, struct sc_
|
|||
sc_log(ctx, "securize APDU (cla:%X,ins:%X,p1:%X,p2:%X,data(%i):%p)",
|
||||
apdu->cla, apdu->ins, apdu->p1, apdu->p2, apdu->datalen, apdu->data);
|
||||
|
||||
sm_cwa_incr_ssc(session_data);
|
||||
sm_incr_ssc(session_data->ssc, sizeof(session_data->ssc));
|
||||
|
||||
rv = sm_encrypt_des_cbc3(ctx, session_data->session_enc, apdu->data, apdu->datalen, &encrypted, &encrypted_len, 0);
|
||||
LOG_TEST_RET(ctx, rv, "securize APDU: DES CBC3 encryption failed");
|
||||
|
@ -419,7 +403,7 @@ sm_cwa_securize_apdu(struct sc_context *ctx, struct sm_info *sm_info, struct sc_
|
|||
apdu->datalen = offs;
|
||||
memcpy((unsigned char *)apdu->data, sbuf, offs);
|
||||
|
||||
sm_cwa_incr_ssc(session_data);
|
||||
sm_incr_ssc(session_data->ssc, sizeof(session_data->ssc));
|
||||
|
||||
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue