AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-09-22 11:19:35 +03:00
Code Releases Activity

v4.10-9472-beta

Browse Source
This commit is contained in:
dnobori
2014-07-12 02:06:20 +09:00
parent ee8d609030
commit 9f7d8578a7
558 changed files with 5801 additions and 1397 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/Mayaqua/Secure.c
View File

@ -54,10 +54,25 @@
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
// USE ONLY IN JAPAN. DO NOT USE THIS SOFTWARE IN ANOTHER COUNTRY UNLESS
// YOU HAVE A CONFIRMATION THAT THIS SOFTWARE DOES NOT VIOLATE ANY
// CRIMINAL LAWS OR CIVIL RIGHTS IN THAT PARTICULAR COUNTRY. USING THIS
// SOFTWARE IN OTHER COUNTRIES IS COMPLETELY AT YOUR OWN RISK. THE
// SOFTETHER VPN PROJECT HAS DEVELOPED AND DISTRIBUTED THIS SOFTWARE TO
// COMPLY ONLY WITH THE JAPANESE LAWS AND EXISTING CIVIL RIGHTS INCLUDING
// PATENTS WHICH ARE SUBJECTS APPLY IN JAPAN. OTHER COUNTRIES' LAWS OR
// CIVIL RIGHTS ARE NONE OF OUR CONCERNS NOR RESPONSIBILITIES. WE HAVE
// NEVER INVESTIGATED ANY CRIMINAL REGULATIONS, CIVIL LAWS OR
// INTELLECTUAL PROPERTY RIGHTS INCLUDING PATENTS IN ANY OF OTHER 200+
// COUNTRIES AND TERRITORIES. BY NATURE, THERE ARE 200+ REGIONS IN THE
// WORLD, WITH DIFFERENT LAWS. IT IS IMPOSSIBLE TO VERIFY EVERY
// COUNTRIES' LAWS, REGULATIONS AND CIVIL RIGHTS TO MAKE THE SOFTWARE
// COMPLY WITH ALL COUNTRIES' LAWS BY THE PROJECT. EVEN IF YOU WILL BE
// SUED BY A PRIVATE ENTITY OR BE DAMAGED BY A PUBLIC SERVANT IN YOUR
// COUNTRY, THE DEVELOPERS OF THIS SOFTWARE WILL NEVER BE LIABLE TO
// RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL
// RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT
// JUST A STATEMENT FOR WARNING AND DISCLAIMER.
//
//
// SOURCE CODE CONTRIBUTION
@ -466,6 +481,7 @@ bool WriteSecKey(SECURE *sec, bool private_obj, char *name, K *k)
BUF *b;
RSA *rsa;
UCHAR modules[MAX_SIZE], pub[MAX_SIZE], pri[MAX_SIZE], prime1[MAX_SIZE], prime2[MAX_SIZE];
UCHAR exp1[MAX_SIZE], exp2[MAX_SIZE], coeff[MAX_SIZE];
CK_ATTRIBUTE a[] =
{
{CKA_MODULUS, modules, 0}, // 0
@ -473,6 +489,10 @@ bool WriteSecKey(SECURE *sec, bool private_obj, char *name, K *k)
{CKA_PRIVATE_EXPONENT, pri, 0}, // 2
{CKA_PRIME_1, prime1, 0}, // 3
{CKA_PRIME_2, prime2, 0}, // 4
{CKA_EXPONENT_1, exp1, 0}, // 5
{CKA_EXPONENT_2, exp2, 0}, // 6
{CKA_COEFFICIENT, coeff, 0}, // 7
{CKA_CLASS, &obj_class, sizeof(obj_class)},
{CKA_TOKEN, &b_true, sizeof(b_true)},
{CKA_PRIVATE, &b_private_obj, sizeof(b_private_obj)},
@ -487,6 +507,7 @@ bool WriteSecKey(SECURE *sec, bool private_obj, char *name, K *k)
{CKA_EXTRACTABLE, &b_false, sizeof(b_false)},
{CKA_MODIFIABLE, &b_false, sizeof(b_false)},
};
// Validate arguments
if (sec == NULL)
{
@ -540,6 +561,21 @@ bool WriteSecKey(SECURE *sec, bool private_obj, char *name, K *k)
A_SIZE(a, 4) = b->Size;
FreeBuf(b);
b = BigNumToBuf(rsa->dmp1);
ReadBuf(b, exp1, sizeof(exp1));
A_SIZE(a, 5) = b->Size;
FreeBuf(b);
b = BigNumToBuf(rsa->dmq1);
ReadBuf(b, exp2, sizeof(exp2));
A_SIZE(a, 6) = b->Size;
FreeBuf(b);
b = BigNumToBuf(rsa->iqmp);
ReadBuf(b, coeff, sizeof(coeff));
A_SIZE(a, 7) = b->Size;
FreeBuf(b);
// Delete the old key if it exists
if (CheckSecObject(sec, name, SEC_K))
{
@ -740,6 +776,12 @@ bool WriteSecCert(SECURE *sec, bool private_obj, char *name, X *x)
UINT64ToCkDate(&start_date, SystemToLocal64(x->notBefore));
UINT64ToCkDate(&end_date, SystemToLocal64(x->notAfter));
// Workaround for Gemalto PKCS#11 API. It rejects a private certificate.
if(sec->Dev->Id == 18 || sec->Dev->Id == 19)
{
b_private_obj = false;
}
// Remove objects which have the same name
if (CheckSecObject(sec, name, SEC_X))
{
@ -2029,7 +2071,7 @@ void TestSecMain(SECURE *sec)
Print("Ok.\n");
Print("Writing Private Key...\n");
DeleteSecKey(sec, "test_key");
if (WriteSecKey(sec, true, "test_key", private_key) == false)
if (WriteSecKey(sec, false, "test_key", private_key) == false)
{
Print("WriteSecKey() Failed.\n");
}