Cryptography Reference
In-Depth Information
static unsigned char OID_RSAPrivateKey [] =
{ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01 };
int parse_pkcs8_private_key( rsa_key *privkey,
const unsigned char *buffer,
const int buffer_length,
const unsigned char *passphrase )
{
struct asn1struct pkcs8_key;
struct asn1struct private_key;
struct asn1struct *encryptionId;
struct asn1struct *salt;
struct asn1struct *iteration_count;
struct asn1struct *encrypted_key;
struct asn1struct *key_type_oid;
struct asn1struct *priv_key_data;
digest_ctx initial_hash;
int counter;
unsigned char passphrase_hash_in[ MD5_RESULT_SIZE * sizeof( int ) ];
unsigned char passphrase_hash_out[ MD5_RESULT_SIZE * sizeof( int ) ];
unsigned char *decrypted_key;
asn1parse( buffer, buffer_length, &pkcs8_key );
encryptionId = pkcs8_key.children->children;
if ( memcmp( OID_pbeWithMD5andDES_CBC, encryptionId->data,
encryptionId->length ) )
{
fprintf( stderr, “Unsupported key encryption algorithm\n” );
asn1free( &pkcs8_key );
return 1;
}
// TODO support more algorithms
salt = encryptionId->next->children;
iteration_count = salt->next;
encrypted_key = pkcs8_key.children->next;
// ugly typecasting
counter = ntohs( *iteration_count->data );
new_md5_digest( &initial_hash );
update_digest( &initial_hash, passphrase, strlen( passphrase ) );
update_digest( &initial_hash, salt->data, salt->length );
finalize_digest( &initial_hash );
memcpy( passphrase_hash_out, initial_hash.hash,
initial_hash.hash_len * sizeof( int ) );
while ( --counter )
{
memcpy( passphrase_hash_in, passphrase_hash_out,
sizeof( int ) * MD5_RESULT_SIZE );
(Continued)
Search WWH ::
Custom Search