use constants for algorithm ids

This commit is contained in:
Klas Lindfors
2014-06-18 13:21:05 +02:00
parent b82e64362c
commit 3c557ebbea
+14 -14
View File
@@ -134,13 +134,13 @@ static bool generate_key(ykpiv_state *state, const char *slot,
in_data[3] = 1;
switch(algorithm) {
case algorithm_arg_RSA2048:
in_data[4] = 0x07;
in_data[4] = YKPIV_ALGO_RSA2048;
break;
case algorithm_arg_RSA1024:
in_data[4] = 0x06;
in_data[4] = YKPIV_ALGO_RSA1024;
break;
case algorithm_arg_ECCP256:
in_data[4] = 0x11;
in_data[4] = YKPIV_ALGO_ECCP256;
break;
case algorithm__NULL:
default:
@@ -344,7 +344,7 @@ static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
unsigned char *in_ptr = in_data;
unsigned char templ[] = {0, 0xfe, algorithm, key};
int sw;
if(algorithm == 0x06 || algorithm == 0x07) {
if(algorithm == YKPIV_ALGO_RSA1024 || algorithm == YKPIV_ALGO_RSA2048) {
RSA *rsa_private_key = EVP_PKEY_get1_RSA(private_key);
*in_ptr++ = 0x01;
@@ -366,7 +366,7 @@ static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
*in_ptr++ = 0x05;
in_ptr += set_length(in_ptr, BN_num_bytes(rsa_private_key->iqmp));
in_ptr += BN_bn2bin(rsa_private_key->iqmp, in_ptr);
} else if(algorithm == 0x11) {
} else if(algorithm == YKPIV_ALGO_ECCP256) {
EC_KEY *ec = EVP_PKEY_get1_EC_KEY(private_key);
const BIGNUM *s = EC_KEY_get0_private_key(ec);
@@ -606,16 +606,16 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
}
switch(algorithm) {
case 0x6:
case YKPIV_ALGO_RSA1024:
len = 128;
case 0x7:
case YKPIV_ALGO_RSA2048:
if(len == 0) {
len = 256;
}
RSA_padding_add_PKCS1_type_1(signinput, len, digest, sizeof(digest));
req->sig_alg->algorithm = OBJ_nid2obj(NID_sha256WithRSAEncryption);
break;
case 0x11:
case YKPIV_ALGO_ECCP256:
req->sig_alg->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA256);
len = DIGEST_LEN;
memcpy(signinput, digest + sizeof(sha256oid), DIGEST_LEN);
@@ -742,16 +742,16 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
goto selfsign_out;
}
switch(algorithm) {
case 0x6:
case YKPIV_ALGO_RSA1024:
len = 128;
case 0x7:
case YKPIV_ALGO_RSA2048:
if(len == 0) {
len = 256;
}
RSA_padding_add_PKCS1_type_1(signinput, len, digest, sizeof(digest));
x509->sig_alg->algorithm = OBJ_nid2obj(NID_sha256WithRSAEncryption);
break;
case 0x11:
case YKPIV_ALGO_ECCP256:
x509->sig_alg->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA256);
len = DIGEST_LEN;
memcpy(signinput, digest + sizeof(sha256oid), DIGEST_LEN);
@@ -937,9 +937,9 @@ static unsigned char get_algorithm(EVP_PKEY *key) {
RSA *rsa = EVP_PKEY_get1_RSA(key);
int size = RSA_size(rsa);
if(size == 256) {
return 0x7;
return YKPIV_ALGO_RSA2048;
} else if(size == 128) {
return 0x6;
return YKPIV_ALGO_RSA1024;
} else {
fprintf(stderr, "Unuseable key of %d bits, only 1024 and 2048 is supported.\n", size * 8);
return 0;
@@ -951,7 +951,7 @@ static unsigned char get_algorithm(EVP_PKEY *key) {
const EC_GROUP *group = EC_KEY_get0_group(ec);
int curve = EC_GROUP_get_curve_name(group);
if(curve == NID_X9_62_prime256v1) {
return 0x11;
return YKPIV_ALGO_ECCP256;
} else {
fprintf(stderr, "Unknown EC curve %d\n", curve);
return 0;