xref: /openbsd-src/lib/libkeynote/signature.c (revision 50b7afb2c2c0993b0894d4e34bf857cb13ed9c80) 
1 /* $OpenBSD: signature.c,v 1.19 2013/11/13 16:28:17 deraadt Exp $ */
2 /*
3  * The author of this code is Angelos D. Keromytis (angelos@dsl.cis.upenn.edu)
4  *
5  * This code was written by Angelos D. Keromytis in Philadelphia, PA, USA,
6  * in April-May 1998
7  *
8  * Copyright (C) 1998, 1999 by Angelos D. Keromytis.
9  *
10  * Permission to use, copy, and modify this software with or without fee
11  * is hereby granted, provided that this entire notice is included in
12  * all copies of any software which is or includes a copy or
13  * modification of this software.
14  *
15  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
16  * IMPLIED WARRANTY. IN PARTICULAR, THE AUTHORS MAKES NO
17  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
18  * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
19  * PURPOSE.
20  */
21 
22 /*
23  * Support for X509 keys and signing added by Ben Laurie <ben@algroup.co.uk>
24  * 3 May 1999
25  */
26 
27 #include <sys/types.h>
28 
29 #include <limits.h>
30 #include <regex.h>
31 #include <stdlib.h>
32 #include <stdio.h>
33 #include <string.h>
34 
35 #include <openssl/dsa.h>
36 #include <openssl/md5.h>
37 #include <openssl/pem.h>
38 #include <openssl/rsa.h>
39 #include <openssl/sha.h>
40 #include <openssl/x509.h>
41 
42 #include "keynote.h"
43 #include "assertion.h"
44 #include "signature.h"
45 
46 static const char hextab[] = {
47      '0', '1', '2', '3', '4', '5', '6', '7',
48      '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
49 };
50 
51 /*
52  * Actual conversion to hex.
53  */
54 static void
55 bin2hex(unsigned char *data, unsigned char *buffer, int len)
56 {
57     int off = 0;
58 
59     while(len > 0)
60     {
61 	buffer[off++] = hextab[*data >> 4];
62 	buffer[off++] = hextab[*data & 0xF];
63 	data++;
64 	len--;
65     }
66 }
67 
68 /*
69  * Encode a binary string with hex encoding. Return 0 on success.
70  */
71 int
72 kn_encode_hex(unsigned char *buf, char **dest, int len)
73 {
74     keynote_errno = 0;
75     if (dest == (char **) NULL)
76     {
77 	keynote_errno = ERROR_SYNTAX;
78 	return -1;
79     }
80 
81     *dest = (char *) calloc(2 * len + 1, sizeof(char));
82     if (*dest == (char *) NULL)
83     {
84 	keynote_errno = ERROR_MEMORY;
85 	return -1;
86     }
87 
88     bin2hex(buf, *dest, len);
89     return 0;
90 }
91 
92 /*
93  * Decode a hex encoding. Return 0 on success. The second argument
94  * will be half as large as the first.
95  */
96 int
97 kn_decode_hex(char *hex, char **dest)
98 {
99     int i, decodedlen;
100     char ptr[3];
101 
102     keynote_errno = 0;
103     if (dest == (char **) NULL)
104     {
105 	keynote_errno = ERROR_SYNTAX;
106 	return -1;
107     }
108 
109     if (strlen(hex) % 2)			/* Should be even */
110     {
111 	keynote_errno = ERROR_SYNTAX;
112 	return -1;
113     }
114 
115     decodedlen = strlen(hex) / 2;
116     *dest = (char *) calloc(decodedlen, sizeof(char));
117     if (*dest == (char *) NULL)
118     {
119 	keynote_errno = ERROR_MEMORY;
120 	return -1;
121     }
122 
123     ptr[2] = '\0';
124     for (i = 0; i < decodedlen; i++)
125     {
126 	ptr[0] = hex[2 * i];
127 	ptr[1] = hex[(2 * i) + 1];
128       	(*dest)[i] = (unsigned char) strtoul(ptr, (char **) NULL, 16);
129     }
130 
131     return 0;
132 }
133 
134 void
135 keynote_free_key(void *key, int type)
136 {
137     if (key == (void *) NULL)
138       return;
139 
140     /* DSA keys */
141     if (type == KEYNOTE_ALGORITHM_DSA)
142     {
143 	DSA_free(key);
144 	return;
145     }
146 
147     /* RSA keys */
148     if (type == KEYNOTE_ALGORITHM_RSA)
149     {
150 	RSA_free(key);
151 	return;
152     }
153 
154     /* X509 keys */
155     if (type == KEYNOTE_ALGORITHM_X509)
156     {
157 	RSA_free(key); /* RSA-specific */
158 	return;
159     }
160 
161     /* BINARY keys */
162     if (type == KEYNOTE_ALGORITHM_BINARY)
163     {
164 	free(((struct keynote_binary *) key)->bn_key);
165 	free(key);
166 	return;
167     }
168 
169     /* Catch-all case */
170     if (type == KEYNOTE_ALGORITHM_NONE)
171       free(key);
172 }
173 
174 /*
175  * Map a signature to an algorithm. Return algorithm number (defined in
176  * keynote.h), or KEYNOTE_ALGORITHM_NONE if unknown.
177  * Also return in the second, third and fourth arguments the digest
178  * algorithm, ASCII and internal encodings respectively.
179  */
180 static int
181 keynote_get_sig_algorithm(char *sig, int *hash, int *enc, int *internal)
182 {
183     if (sig == (char *) NULL)
184       return KEYNOTE_ALGORITHM_NONE;
185 
186     if (!strncasecmp(SIG_DSA_SHA1_HEX, sig, SIG_DSA_SHA1_HEX_LEN))
187     {
188 	*hash = KEYNOTE_HASH_SHA1;
189 	*enc = ENCODING_HEX;
190 	*internal = INTERNAL_ENC_ASN1;
191 	return KEYNOTE_ALGORITHM_DSA;
192     }
193 
194     if (!strncasecmp(SIG_DSA_SHA1_BASE64, sig, SIG_DSA_SHA1_BASE64_LEN))
195     {
196 	*hash = KEYNOTE_HASH_SHA1;
197 	*enc = ENCODING_BASE64;
198 	*internal = INTERNAL_ENC_ASN1;
199 	return KEYNOTE_ALGORITHM_DSA;
200     }
201 
202     if (!strncasecmp(SIG_RSA_MD5_PKCS1_HEX, sig, SIG_RSA_MD5_PKCS1_HEX_LEN))
203     {
204 	*hash = KEYNOTE_HASH_MD5;
205 	*enc = ENCODING_HEX;
206 	*internal = INTERNAL_ENC_PKCS1;
207 	return KEYNOTE_ALGORITHM_RSA;
208     }
209 
210     if (!strncasecmp(SIG_RSA_SHA1_PKCS1_HEX, sig, SIG_RSA_SHA1_PKCS1_HEX_LEN))
211     {
212 	*hash = KEYNOTE_HASH_SHA1;
213 	*enc = ENCODING_HEX;
214 	*internal = INTERNAL_ENC_PKCS1;
215 	return KEYNOTE_ALGORITHM_RSA;
216     }
217 
218     if (!strncasecmp(SIG_RSA_MD5_PKCS1_BASE64, sig,
219                      SIG_RSA_MD5_PKCS1_BASE64_LEN))
220     {
221 	*hash = KEYNOTE_HASH_MD5;
222 	*enc = ENCODING_BASE64;
223 	*internal = INTERNAL_ENC_PKCS1;
224 	return KEYNOTE_ALGORITHM_RSA;
225     }
226 
227     if (!strncasecmp(SIG_RSA_SHA1_PKCS1_BASE64, sig,
228                      SIG_RSA_SHA1_PKCS1_BASE64_LEN))
229     {
230 	*hash = KEYNOTE_HASH_SHA1;
231 	*enc = ENCODING_BASE64;
232 	*internal = INTERNAL_ENC_PKCS1;
233 	return KEYNOTE_ALGORITHM_RSA;
234     }
235 
236     if (!strncasecmp(SIG_X509_SHA1_BASE64, sig, SIG_X509_SHA1_BASE64_LEN))
237     {
238 	*hash = KEYNOTE_HASH_SHA1;
239 	*enc = ENCODING_BASE64;
240 	*internal = INTERNAL_ENC_ASN1;
241 	return KEYNOTE_ALGORITHM_X509;
242     }
243 
244     if (!strncasecmp(SIG_X509_SHA1_HEX, sig, SIG_X509_SHA1_HEX_LEN))
245     {
246 	*hash = KEYNOTE_HASH_SHA1;
247 	*enc = ENCODING_HEX;
248 	*internal = INTERNAL_ENC_ASN1;
249 	return KEYNOTE_ALGORITHM_X509;
250     }
251 
252 #if 0 /* Not supported yet */
253     if (!strncasecmp(SIG_ELGAMAL_SHA1_HEX, sig, SIG_ELGAMAL_SHA1_HEX_LEN))
254     {
255 	*hash = KEYNOTE_HASH_SHA1;
256 	*enc = ENCODING_HEX;
257 	*internal = INTERNAL_ENC_ASN1;
258 	return KEYNOTE_ALGORITHM_ELGAMAL;
259     }
260 
261     if (!strncasecmp(SIG_ELGAMAL_SHA1_BASE64, sig,
262 		     SIG_ELGAMAL_SHA1_BASE64_LEN))
263     {
264 	*hash = KEYNOTE_HASH_SHA1;
265 	*enc = ENCODING_BASE64;
266 	*internal = INTERNAL_ENC_ASN1;
267 	return KEYNOTE_ALGORITHM_ELGAMAL;
268     }
269 #endif /* 0 */
270 
271     *hash = KEYNOTE_HASH_NONE;
272     *enc = ENCODING_NONE;
273     *internal = INTERNAL_ENC_NONE;
274     return KEYNOTE_ALGORITHM_NONE;
275 }
276 
277 /*
278  * Map a key to an algorithm. Return algorithm number (defined in
279  * keynote.h), or KEYNOTE_ALGORITHM_NONE if unknown.
280  * This latter is also a valid algorithm (for logical tags). Also return
281  * in the second and third arguments the ASCII and internal encodings.
282  */
283 int
284 keynote_get_key_algorithm(char *key, int *encoding, int *internalencoding)
285 {
286     if (!strncasecmp(DSA_HEX, key, DSA_HEX_LEN))
287     {
288 	*internalencoding = INTERNAL_ENC_ASN1;
289 	*encoding = ENCODING_HEX;
290 	return KEYNOTE_ALGORITHM_DSA;
291     }
292 
293     if (!strncasecmp(DSA_BASE64, key, DSA_BASE64_LEN))
294     {
295 	*internalencoding = INTERNAL_ENC_ASN1;
296 	*encoding = ENCODING_BASE64;
297 	return KEYNOTE_ALGORITHM_DSA;
298     }
299 
300     if (!strncasecmp(RSA_PKCS1_HEX, key, RSA_PKCS1_HEX_LEN))
301     {
302 	*internalencoding = INTERNAL_ENC_PKCS1;
303 	*encoding = ENCODING_HEX;
304 	return KEYNOTE_ALGORITHM_RSA;
305     }
306 
307     if (!strncasecmp(RSA_PKCS1_BASE64, key, RSA_PKCS1_BASE64_LEN))
308     {
309 	*internalencoding = INTERNAL_ENC_PKCS1;
310 	*encoding = ENCODING_BASE64;
311 	return KEYNOTE_ALGORITHM_RSA;
312     }
313 
314     if (!strncasecmp(X509_BASE64, key, X509_BASE64_LEN))
315     {
316 	*internalencoding = INTERNAL_ENC_ASN1;
317 	*encoding = ENCODING_BASE64;
318 	return KEYNOTE_ALGORITHM_X509;
319     }
320 
321     if (!strncasecmp(X509_HEX, key, X509_HEX_LEN))
322     {
323 	*internalencoding = INTERNAL_ENC_ASN1;
324 	*encoding = ENCODING_HEX;
325 	return KEYNOTE_ALGORITHM_X509;
326     }
327 
328 #if 0 /* Not supported yet */
329     if (!strncasecmp(ELGAMAL_HEX, key, ELGAMAL_HEX_LEN))
330     {
331 	*internalencoding = INTERNAL_ENC_ASN1;
332 	*encoding = ENCODING_HEX;
333 	return KEYNOTE_ALGORITHM_ELGAMAL;
334     }
335 
336     if (!strncasecmp(ELGAMAL_BASE64, key, ELGAMAL_BASE64_LEN))
337     {
338 	*internalencoding = INTERNAL_ENC_ASN1;
339 	*encoding = ENCODING_BASE64;
340 	return KEYNOTE_ALGORITHM_ELGAMAL;
341     }
342 #endif /* 0 */
343 
344     if (!strncasecmp(BINARY_HEX, key, BINARY_HEX_LEN))
345     {
346 	*internalencoding = INTERNAL_ENC_NONE;
347 	*encoding = ENCODING_HEX;
348 	return KEYNOTE_ALGORITHM_BINARY;
349     }
350 
351     if (!strncasecmp(BINARY_BASE64, key, BINARY_BASE64_LEN))
352     {
353 	*internalencoding = INTERNAL_ENC_NONE;
354 	*encoding = ENCODING_BASE64;
355 	return KEYNOTE_ALGORITHM_BINARY;
356     }
357 
358     *internalencoding = INTERNAL_ENC_NONE;
359     *encoding = ENCODING_NONE;
360     return KEYNOTE_ALGORITHM_NONE;
361 }
362 
363 /*
364  * Same as keynote_get_key_algorithm(), only verify that this is
365  * a private key (just look at the prefix).
366  */
367 static int
368 keynote_get_private_key_algorithm(char *key, int *encoding,
369 				  int *internalencoding)
370 {
371     if (strncasecmp(KEYNOTE_PRIVATE_KEY_PREFIX, key,
372 		    KEYNOTE_PRIVATE_KEY_PREFIX_LEN))
373     {
374 	*internalencoding = INTERNAL_ENC_NONE;
375 	*encoding = ENCODING_NONE;
376 	return KEYNOTE_ALGORITHM_NONE;
377     }
378 
379     return keynote_get_key_algorithm(key + KEYNOTE_PRIVATE_KEY_PREFIX_LEN,
380 				     encoding, internalencoding);
381 }
382 
383 /*
384  * Decode a string to a key. Return 0 on success.
385  */
386 int
387 kn_decode_key(struct keynote_deckey *dc, char *key, int keytype)
388 {
389     void *kk = (void *) NULL;
390     X509 *px509Cert;
391     EVP_PKEY *pPublicKey;
392     unsigned char *ptr = NULL, *decoded = NULL;
393     int encoding, internalencoding;
394     long len = 0;
395 
396     keynote_errno = 0;
397     if (keytype == KEYNOTE_PRIVATE_KEY)
398       dc->dec_algorithm = keynote_get_private_key_algorithm(key, &encoding,
399 							    &internalencoding);
400     else
401       dc->dec_algorithm = keynote_get_key_algorithm(key, &encoding,
402 						    &internalencoding);
403     if (dc->dec_algorithm == KEYNOTE_ALGORITHM_NONE)
404     {
405 	dc->dec_key = (void *) strdup(key);
406 	if (dc->dec_key == (void *) NULL)
407 	{
408 	    keynote_errno = ERROR_MEMORY;
409 	    return -1;
410 	}
411 
412 	return 0;
413     }
414 
415     key = strchr(key, ':'); /* Move forward, to the Encoding. We're guaranteed
416 			    * to have a ':' character, since this is a key */
417     key++;
418 
419     /* Remove ASCII encoding */
420     switch (encoding)
421     {
422 	case ENCODING_NONE:
423 	    break;
424 
425 	case ENCODING_HEX:
426             len = strlen(key) / 2;
427 	    if (kn_decode_hex(key, (char **) &decoded) != 0)
428 	      return -1;
429 	    ptr = decoded;
430 	    break;
431 
432 	case ENCODING_BASE64:
433 	    len = strlen(key);
434 	    if (len % 4)  /* Base64 encoding must be a multiple of 4 */
435 	    {
436 		keynote_errno = ERROR_SYNTAX;
437 		return -1;
438 	    }
439 
440 	    len = 3 * (len / 4);
441 	    decoded = (unsigned char *) calloc(len, sizeof(unsigned char));
442 	    ptr = decoded;
443 	    if (decoded == (unsigned char *) NULL)
444 	    {
445 		keynote_errno = ERROR_MEMORY;
446 		return -1;
447 	    }
448 
449 	    if ((len = kn_decode_base64(key, decoded, len)) == -1)
450 	      return -1;
451 	    break;
452 
453 	case ENCODING_NATIVE:
454 	    decoded = strdup(key);
455 	    if (decoded == (unsigned char *) NULL)
456 	    {
457 		keynote_errno = ERROR_MEMORY;
458 		return -1;
459 	    }
460 	    len = strlen(key);
461 	    ptr = decoded;
462 	    break;
463 
464 	default:
465 	    keynote_errno = ERROR_SYNTAX;
466 	    return -1;
467     }
468 
469     /* DSA-HEX */
470     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_DSA) &&
471 	(internalencoding == INTERNAL_ENC_ASN1))
472     {
473 	dc->dec_key = DSA_new();
474 	if (dc->dec_key == (DSA *) NULL)
475 	{
476 	    keynote_errno = ERROR_MEMORY;
477 	    return -1;
478 	}
479 
480 	kk = dc->dec_key;
481 	if (keytype == KEYNOTE_PRIVATE_KEY)
482 	{
483 	    if (d2i_DSAPrivateKey((DSA **) &kk,(const unsigned char **) &decoded, len) == (DSA *) NULL)
484 	    {
485 		if (ptr != (unsigned char *) NULL)
486 		  free(ptr);
487 		DSA_free(kk);
488 		keynote_errno = ERROR_SYNTAX; /* Could be a memory error */
489 		return -1;
490 	    }
491 	}
492 	else
493 	{
494 	    if (d2i_DSAPublicKey((DSA **) &kk, (const unsigned char **) &decoded, len) == (DSA *) NULL)
495 	    {
496 		if (ptr != (unsigned char *) NULL)
497 		  free(ptr);
498 		DSA_free(kk);
499 		keynote_errno = ERROR_SYNTAX; /* Could be a memory error */
500 		return -1;
501 	    }
502 	}
503 
504 	if (ptr != (unsigned char *) NULL)
505 	  free(ptr);
506 
507 	return 0;
508     }
509 
510     /* RSA-PKCS1-HEX */
511     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_RSA) &&
512         (internalencoding == INTERNAL_ENC_PKCS1))
513     {
514         dc->dec_key = RSA_new();
515         if (dc->dec_key == (RSA *) NULL)
516         {
517             keynote_errno = ERROR_MEMORY;
518             return -1;
519         }
520 
521         kk = dc->dec_key;
522         if (keytype == KEYNOTE_PRIVATE_KEY)
523         {
524             if (d2i_RSAPrivateKey((RSA **) &kk, (const unsigned char **) &decoded, len) == (RSA *) NULL)
525             {
526                 if (ptr != (unsigned char *) NULL)
527                   free(ptr);
528                 RSA_free(kk);
529                 keynote_errno = ERROR_SYNTAX; /* Could be a memory error */
530                 return -1;
531             }
532 	    if (RSA_blinding_on ((RSA *) kk, NULL) != 1)
533 	    {
534                 if (ptr != (unsigned char *) NULL)
535                   free(ptr);
536                 RSA_free(kk);
537                 keynote_errno = ERROR_MEMORY;
538                 return -1;
539 	    }
540         }
541         else
542         {
543             if (d2i_RSAPublicKey((RSA **) &kk, (const unsigned char **) &decoded, len) == (RSA *) NULL)
544             {
545                 if (ptr != (unsigned char *) NULL)
546                   free(ptr);
547                 RSA_free(kk);
548                 keynote_errno = ERROR_SYNTAX; /* Could be a memory error */
549                 return -1;
550             }
551         }
552 
553         if (ptr != (unsigned char *) NULL)
554           free(ptr);
555 
556         return 0;
557     }
558 
559     /* X509 Cert */
560     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_X509) &&
561 	(internalencoding == INTERNAL_ENC_ASN1) &&
562 	(keytype == KEYNOTE_PUBLIC_KEY))
563     {
564 	if ((px509Cert = X509_new()) == (X509 *) NULL)
565 	{
566 	    if (ptr)
567 	      free(ptr);
568 	    keynote_errno = ERROR_MEMORY;
569 	    return -1;
570 	}
571 
572 	if(d2i_X509(&px509Cert, (const unsigned char **)&decoded, len) == NULL)
573 	{
574 	    if (ptr)
575 	      free(ptr);
576 	    X509_free(px509Cert);
577 	    keynote_errno = ERROR_SYNTAX;
578 	    return -1;
579 	}
580 
581 	if ((pPublicKey = X509_get_pubkey(px509Cert)) == (EVP_PKEY *) NULL)
582 	{
583 	    if (ptr)
584 	      free(ptr);
585 	    X509_free(px509Cert);
586 	    keynote_errno = ERROR_SYNTAX;
587 	    return -1;
588 	}
589 
590 	/* RSA-specific */
591 	dc->dec_key = pPublicKey->pkey.rsa;
592 
593 	if(ptr)
594 	  free(ptr);
595 	return 0;
596     }
597 
598     /* BINARY keys */
599     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_BINARY) &&
600 	(internalencoding == INTERNAL_ENC_NONE))
601     {
602 	dc->dec_key = (void *) calloc(1, sizeof(struct keynote_binary));
603 	if (dc->dec_key == (struct keynote_binary *) NULL)
604 	{
605 	    keynote_errno = ERROR_MEMORY;
606 	    return -1;
607 	}
608 
609 	((struct keynote_binary *) dc->dec_key)->bn_key = decoded;
610 	((struct keynote_binary *) dc->dec_key)->bn_len = len;
611 	return RESULT_TRUE;
612     }
613 
614     /* Add support for more algorithms here */
615 
616     if (ptr != (unsigned char *) NULL)
617       free(ptr);
618 
619     /* This shouldn't ever be reached really */
620     keynote_errno = ERROR_SYNTAX;
621     return -1;
622 }
623 
624 /*
625  * Compare two keys for equality. Return RESULT_TRUE if equal,
626  * RESULT_FALSE otherwise.
627  */
628 int
629 kn_keycompare(void *key1, void *key2, int algorithm)
630 {
631     DSA *p1, *p2;
632     RSA *p3, *p4;
633     struct keynote_binary *bn1, *bn2;
634 
635     if ((key1 == (void *) NULL) ||
636 	(key2 == (void *) NULL))
637       return RESULT_FALSE;
638 
639     switch (algorithm)
640     {
641 	case KEYNOTE_ALGORITHM_NONE:
642 	    if  (!strcmp((char *) key1, (char *) key2))
643 	      return RESULT_TRUE;
644 	    else
645 	      return RESULT_FALSE;
646 
647 	case KEYNOTE_ALGORITHM_DSA:
648 	    p1 = (DSA *) key1;
649 	    p2 = (DSA *) key2;
650 	    if (!BN_cmp(p1->p, p2->p) &&
651 		!BN_cmp(p1->q, p2->q) &&
652 		!BN_cmp(p1->g, p2->g) &&
653 		!BN_cmp(p1->pub_key, p2->pub_key))
654 	      return RESULT_TRUE;
655 	    else
656 	      return RESULT_FALSE;
657 
658 	case KEYNOTE_ALGORITHM_X509:
659             p3 = (RSA *) key1;
660             p4 = (RSA *) key2;
661             if (!BN_cmp(p3->n, p4->n) &&
662                 !BN_cmp(p3->e, p4->e))
663               return RESULT_TRUE;
664             else
665 	      return RESULT_FALSE;
666 
667 	case KEYNOTE_ALGORITHM_RSA:
668             p3 = (RSA *) key1;
669             p4 = (RSA *) key2;
670             if (!BN_cmp(p3->n, p4->n) &&
671                 !BN_cmp(p3->e, p4->e))
672               return RESULT_TRUE;
673             else
674 	      return RESULT_FALSE;
675 
676 	case KEYNOTE_ALGORITHM_ELGAMAL:
677 	    /* Not supported yet */
678 	    return RESULT_FALSE;
679 
680 	case KEYNOTE_ALGORITHM_PGP:
681 	    /* Not supported yet */
682 	    return RESULT_FALSE;
683 
684 	case KEYNOTE_ALGORITHM_BINARY:
685 	    bn1 = (struct keynote_binary *) key1;
686 	    bn2 = (struct keynote_binary *) key2;
687 	    if ((bn1->bn_len == bn2->bn_len) &&
688 		!memcmp(bn1->bn_key, bn2->bn_key, bn1->bn_len))
689 	      return RESULT_TRUE;
690 	    else
691 	      return RESULT_FALSE;
692 
693 	default:
694 	    return RESULT_FALSE;
695     }
696 }
697 
698 /*
699  * Verify the signature on an assertion; return SIGRESULT_TRUE is
700  * success, SIGRESULT_FALSE otherwise.
701  */
702 int
703 keynote_sigverify_assertion(struct assertion *as)
704 {
705     int hashtype, enc, intenc, alg = KEYNOTE_ALGORITHM_NONE, hashlen = 0;
706     unsigned char *sig, *decoded = (char *) NULL, *ptr;
707     unsigned char res2[20];
708     SHA_CTX shscontext;
709     MD5_CTX md5context;
710     int len = 0;
711     DSA *dsa;
712     RSA *rsa;
713     if ((as->as_signature == (char *) NULL) ||
714 	(as->as_startofsignature == (char *) NULL) ||
715 	(as->as_allbutsignature == (char *) NULL) ||
716 	(as->as_allbutsignature - as->as_startofsignature <= 0))
717       return SIGRESULT_FALSE;
718 
719     alg = keynote_get_sig_algorithm(as->as_signature, &hashtype, &enc,
720 				    &intenc);
721     if (alg == KEYNOTE_ALGORITHM_NONE)
722       return SIGRESULT_FALSE;
723 
724     /* Check for matching algorithms */
725     if ((alg != as->as_signeralgorithm) &&
726 	!((alg == KEYNOTE_ALGORITHM_RSA) &&
727 	  (as->as_signeralgorithm == KEYNOTE_ALGORITHM_X509)) &&
728 	!((alg == KEYNOTE_ALGORITHM_X509) &&
729 	  (as->as_signeralgorithm == KEYNOTE_ALGORITHM_RSA)))
730       return SIGRESULT_FALSE;
731 
732     sig = strchr(as->as_signature, ':');   /* Move forward to the Encoding. We
733 					   * are guaranteed to have a ':'
734 					   * character, since this is a valid
735 					   * signature */
736     sig++;
737 
738     switch (hashtype)
739     {
740 	case KEYNOTE_HASH_SHA1:
741 	    hashlen = 20;
742 	    memset(res2, 0, hashlen);
743 	    SHA1_Init(&shscontext);
744 	    SHA1_Update(&shscontext, as->as_startofsignature,
745 			as->as_allbutsignature - as->as_startofsignature);
746 	    SHA1_Update(&shscontext, as->as_signature,
747 			(char *) sig - as->as_signature);
748 	    SHA1_Final(res2, &shscontext);
749 	    break;
750 
751 	case KEYNOTE_HASH_MD5:
752 	    hashlen = 16;
753 	    memset(res2, 0, hashlen);
754 	    MD5_Init(&md5context);
755 	    MD5_Update(&md5context, as->as_startofsignature,
756 		       as->as_allbutsignature - as->as_startofsignature);
757 	    MD5_Update(&md5context, as->as_signature,
758 		       (char *) sig - as->as_signature);
759 	    MD5_Final(res2, &md5context);
760 	    break;
761 
762 	case KEYNOTE_HASH_NONE:
763 	    break;
764     }
765 
766     /* Remove ASCII encoding */
767     switch (enc)
768     {
769 	case ENCODING_NONE:
770 	    ptr = (char *) NULL;
771 	    break;
772 
773 	case ENCODING_HEX:
774 	    len = strlen(sig) / 2;
775 	    if (kn_decode_hex(sig, (char **) &decoded) != 0)
776 	      return -1;
777 	    ptr = decoded;
778 	    break;
779 
780 	case ENCODING_BASE64:
781 	    len = strlen(sig);
782 	    if (len % 4)  /* Base64 encoding must be a multiple of 4 */
783 	    {
784 		keynote_errno = ERROR_SYNTAX;
785 		return -1;
786 	    }
787 
788 	    len = 3 * (len / 4);
789 	    decoded = (unsigned char *) calloc(len, sizeof(unsigned char));
790 	    ptr = decoded;
791 	    if (decoded == (unsigned char *) NULL)
792 	    {
793 		keynote_errno = ERROR_MEMORY;
794 		return -1;
795 	    }
796 
797 	    len = kn_decode_base64(sig, decoded, len);
798 	    if ((len == -1) || (len == 0) || (len == 1))
799 	      return -1;
800 	    break;
801 
802 	case ENCODING_NATIVE:
803 	    decoded = (unsigned char *) strdup(sig);
804 	    if (decoded == (unsigned char *) NULL)
805 	    {
806 		keynote_errno = ERROR_MEMORY;
807 		return -1;
808 	    }
809 	    len = strlen(sig);
810 	    ptr = decoded;
811 	    break;
812 
813 	default:
814 	    keynote_errno = ERROR_SYNTAX;
815 	    return -1;
816     }
817 
818     /* DSA */
819     if ((alg == KEYNOTE_ALGORITHM_DSA) && (intenc == INTERNAL_ENC_ASN1))
820     {
821 	dsa = (DSA *) as->as_authorizer;
822 	if (DSA_verify(0, res2, hashlen, decoded, len, dsa) == 1)
823 	{
824 	    if (ptr != (unsigned char *) NULL)
825 	      free(ptr);
826 	    return SIGRESULT_TRUE;
827 	}
828     }
829     else /* RSA */
830       if ((alg == KEYNOTE_ALGORITHM_RSA) && (intenc == INTERNAL_ENC_PKCS1))
831       {
832           rsa = (RSA *) as->as_authorizer;
833           if (RSA_verify_ASN1_OCTET_STRING(RSA_PKCS1_PADDING, res2, hashlen,
834 					   decoded, len, rsa) == 1)
835           {
836               if (ptr != (unsigned char *) NULL)
837                 free(ptr);
838               return SIGRESULT_TRUE;
839           }
840       }
841       else
842 	if ((alg == KEYNOTE_ALGORITHM_X509) && (intenc == INTERNAL_ENC_ASN1))
843 	{
844 	    /* RSA-specific */
845 	    rsa = (RSA *) as->as_authorizer;
846 	    if (RSA_verify(NID_shaWithRSAEncryption, res2, hashlen, decoded,
847 			   len, rsa) == 1)
848 	    {
849 		if (ptr != (unsigned char *) NULL)
850 		  free(ptr);
851 		return SIGRESULT_TRUE;
852 	    }
853 	}
854 
855     /* Handle more algorithms here */
856 
857     if (ptr != (unsigned char *) NULL)
858       free(ptr);
859 
860     return SIGRESULT_FALSE;
861 }
862 
863 /*
864  * Sign an assertion.
865  */
866 static char *
867 keynote_sign_assertion(struct assertion *as, char *sigalg, void *key,
868 		       int keyalg, int verifyflag)
869 {
870     int slen, i, hashlen = 0, hashtype, alg, encoding, internalenc;
871     unsigned char *sig = (char *) NULL, *finalbuf = (char *) NULL;
872     unsigned char res2[LARGEST_HASH_SIZE], *sbuf = (char *) NULL;
873     BIO *biokey = (BIO *) NULL;
874     DSA *dsa = (DSA *) NULL;
875     RSA *rsa = (RSA *) NULL;
876     SHA_CTX shscontext;
877     MD5_CTX md5context;
878     int len;
879 
880     if ((as->as_signature_string_s == (char *) NULL) ||
881 	(as->as_startofsignature == (char *) NULL) ||
882 	(as->as_allbutsignature == (char *) NULL) ||
883 	(as->as_allbutsignature - as->as_startofsignature <= 0) ||
884 	(as->as_authorizer == (void *) NULL) ||
885 	(key == (void *) NULL) ||
886 	(as->as_signeralgorithm == KEYNOTE_ALGORITHM_NONE))
887     {
888 	keynote_errno = ERROR_SYNTAX;
889 	return (char *) NULL;
890     }
891 
892     alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding,
893 				    &internalenc);
894     if (((alg != as->as_signeralgorithm) &&
895 	 !((alg == KEYNOTE_ALGORITHM_RSA) &&
896 	   (as->as_signeralgorithm == KEYNOTE_ALGORITHM_X509)) &&
897 	 !((alg == KEYNOTE_ALGORITHM_X509) &&
898 	   (as->as_signeralgorithm == KEYNOTE_ALGORITHM_RSA))) ||
899         ((alg != keyalg) &&
900 	 !((alg == KEYNOTE_ALGORITHM_RSA) &&
901 	   (keyalg == KEYNOTE_ALGORITHM_X509)) &&
902 	 !((alg == KEYNOTE_ALGORITHM_X509) &&
903 	   (keyalg == KEYNOTE_ALGORITHM_RSA))))
904     {
905 	keynote_errno = ERROR_SYNTAX;
906 	return (char *) NULL;
907     }
908 
909     sig = strchr(sigalg, ':');
910     if (sig == (unsigned char *) NULL)
911     {
912 	keynote_errno = ERROR_SYNTAX;
913 	return (char *) NULL;
914     }
915 
916     sig++;
917 
918     switch (hashtype)
919     {
920 	case KEYNOTE_HASH_SHA1:
921     	    hashlen = 20;
922 	    memset(res2, 0, hashlen);
923 	    SHA1_Init(&shscontext);
924 	    SHA1_Update(&shscontext, as->as_startofsignature,
925 			as->as_allbutsignature - as->as_startofsignature);
926 	    SHA1_Update(&shscontext, sigalg, (char *) sig - sigalg);
927 	    SHA1_Final(res2, &shscontext);
928 	    break;
929 
930 	case KEYNOTE_HASH_MD5:
931 	    hashlen = 16;
932 	    memset(res2, 0, hashlen);
933 	    MD5_Init(&md5context);
934 	    MD5_Update(&md5context, as->as_startofsignature,
935 		       as->as_allbutsignature - as->as_startofsignature);
936 	    MD5_Update(&md5context, sigalg, (char *) sig - sigalg);
937 	    MD5_Final(res2, &md5context);
938 	    break;
939 
940 	case KEYNOTE_HASH_NONE:
941 	    break;
942     }
943 
944     if ((alg == KEYNOTE_ALGORITHM_DSA) &&
945 	(hashtype == KEYNOTE_HASH_SHA1) &&
946 	(internalenc == INTERNAL_ENC_ASN1) &&
947 	((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64)))
948     {
949 	dsa = (DSA *) key;
950 	sbuf = (unsigned char *) calloc(DSA_size(dsa), sizeof(unsigned char));
951 	if (sbuf == (unsigned char *) NULL)
952 	{
953 	    keynote_errno = ERROR_MEMORY;
954 	    return (char *) NULL;
955 	}
956 
957 	if (DSA_sign(0, res2, hashlen, sbuf, &slen, dsa) <= 0)
958 	{
959 	    free(sbuf);
960 	    keynote_errno = ERROR_SYNTAX;
961 	    return (char *) NULL;
962 	}
963     }
964     else
965       if ((alg == KEYNOTE_ALGORITHM_RSA) &&
966           ((hashtype == KEYNOTE_HASH_SHA1) ||
967            (hashtype == KEYNOTE_HASH_MD5)) &&
968           (internalenc == INTERNAL_ENC_PKCS1) &&
969           ((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64)))
970       {
971           rsa = (RSA *) key;
972           sbuf = (unsigned char *) calloc(RSA_size(rsa),
973                                           sizeof(unsigned char));
974           if (sbuf == (unsigned char *) NULL)
975           {
976               keynote_errno = ERROR_MEMORY;
977               return (char *) NULL;
978           }
979 
980           if (RSA_sign_ASN1_OCTET_STRING(RSA_PKCS1_PADDING, res2, hashlen,
981 					 sbuf, &slen, rsa) <= 0)
982           {
983               free(sbuf);
984               keynote_errno = ERROR_SYNTAX;
985               return (char *) NULL;
986           }
987       }
988     else
989       if ((alg == KEYNOTE_ALGORITHM_X509) &&
990 	  (hashtype == KEYNOTE_HASH_SHA1) &&
991 	  (internalenc == INTERNAL_ENC_ASN1))
992       {
993 	  if ((biokey = BIO_new(BIO_s_mem())) == (BIO *) NULL)
994 	  {
995 	      keynote_errno = ERROR_SYNTAX;
996 	      return (char *) NULL;
997 	  }
998 
999 	  if (BIO_write(biokey, key, strlen(key) + 1) <= 0)
1000 	  {
1001 	      BIO_free(biokey);
1002 	      keynote_errno = ERROR_SYNTAX;
1003 	      return (char *) NULL;
1004 	  }
1005 
1006 	  /* RSA-specific */
1007 	  rsa = (RSA *) PEM_read_bio_RSAPrivateKey(biokey, NULL, NULL, NULL);
1008 	  if (rsa == (RSA *) NULL)
1009 	  {
1010 	      BIO_free(biokey);
1011 	      keynote_errno = ERROR_SYNTAX;
1012 	      return (char *) NULL;
1013 	  }
1014 
1015 	  sbuf = calloc(RSA_size(rsa), sizeof(char));
1016 	  if (sbuf == (unsigned char *) NULL)
1017 	  {
1018 	      BIO_free(biokey);
1019 	      RSA_free(rsa);
1020 	      keynote_errno = ERROR_MEMORY;
1021 	      return (char *) NULL;
1022 	  }
1023 
1024 	  if (RSA_sign(NID_shaWithRSAEncryption, res2, hashlen, sbuf, &slen,
1025 		       rsa) <= 0)
1026           {
1027 	      BIO_free(biokey);
1028 	      RSA_free(rsa);
1029 	      free(sbuf);
1030 	      keynote_errno = ERROR_SIGN_FAILURE;
1031 	      return NULL;
1032 	  }
1033 
1034 	  BIO_free(biokey);
1035 	  RSA_free(rsa);
1036       }
1037       else /* Other algorithms here */
1038       {
1039 	  keynote_errno = ERROR_SYNTAX;
1040 	  return (char *) NULL;
1041       }
1042 
1043     /* ASCII encoding */
1044     switch (encoding)
1045     {
1046 	case ENCODING_HEX:
1047 	    i = kn_encode_hex(sbuf, (char **) &finalbuf, slen);
1048 	    free(sbuf);
1049 	    if (i != 0)
1050 	      return (char *) NULL;
1051 	    break;
1052 
1053 	case ENCODING_BASE64:
1054 	    finalbuf = (unsigned char *) calloc(2 * slen,
1055 						sizeof(unsigned char));
1056 	    if (finalbuf == (unsigned char *) NULL)
1057 	    {
1058 		keynote_errno = ERROR_MEMORY;
1059 		free(sbuf);
1060 		return (char *) NULL;
1061 	    }
1062 
1063 	    if ((slen = kn_encode_base64(sbuf, slen, finalbuf,
1064 					 2 * slen)) == -1)
1065 	    {
1066 		free(sbuf);
1067 		return (char *) NULL;
1068 	    }
1069 	    break;
1070 
1071 	default:
1072 	    free(sbuf);
1073 	    keynote_errno = ERROR_SYNTAX;
1074 	    return (char *) NULL;
1075     }
1076 
1077     /* Replace as->as_signature */
1078     len = strlen(sigalg) + strlen(finalbuf) + 1;
1079     as->as_signature = (char *) calloc(len, sizeof(char));
1080     if (as->as_signature == (char *) NULL)
1081     {
1082 	free(finalbuf);
1083 	keynote_errno = ERROR_MEMORY;
1084 	return (char *) NULL;
1085     }
1086 
1087     /* Concatenate algorithm name and signature value */
1088     snprintf(as->as_signature, len, "%s%s", sigalg, finalbuf);
1089     free(finalbuf);
1090     finalbuf = as->as_signature;
1091 
1092     /* Verify the newly-created signature if requested */
1093     if (verifyflag)
1094     {
1095 	/* Do the signature verification */
1096 	if (keynote_sigverify_assertion(as) != SIGRESULT_TRUE)
1097 	{
1098 	    as->as_signature = (char *) NULL;
1099 	    free(finalbuf);
1100 	    if (keynote_errno == 0)
1101 	      keynote_errno = ERROR_SYNTAX;
1102 	    return (char *) NULL;
1103 	}
1104 
1105 	as->as_signature = (char *) NULL;
1106     }
1107     else
1108       as->as_signature = (char *) NULL;
1109 
1110     /* Everything ok */
1111     return (char *) finalbuf;
1112 }
1113 
1114 /*
1115  * Verify the signature on an assertion.
1116  */
1117 int
1118 kn_verify_assertion(char *buf, int len)
1119 {
1120     struct assertion *as;
1121     int res;
1122 
1123     keynote_errno = 0;
1124     as = keynote_parse_assertion(buf, len, ASSERT_FLAG_SIGVER);
1125     if (as == (struct assertion *) NULL)
1126       return -1;
1127 
1128     res = keynote_sigverify_assertion(as);
1129     keynote_free_assertion(as);
1130     return res;
1131 }
1132 
1133 /*
1134  * Produce the signature for an assertion.
1135  */
1136 char *
1137 kn_sign_assertion(char *buf, int buflen, char *key, char *sigalg, int vflag)
1138 {
1139     int i, alg, hashtype, encoding, internalenc;
1140     struct keynote_deckey dc;
1141     struct assertion *as;
1142     char *s, *sig;
1143 
1144     keynote_errno = 0;
1145     s = (char *) NULL;
1146 
1147     if ((sigalg == (char *) NULL) || (buf == (char *) NULL) ||
1148 	(key == (char *) NULL))
1149     {
1150 	keynote_errno = ERROR_NOTFOUND;
1151 	return (char *) NULL;
1152     }
1153 
1154     if (sigalg[0] == '\0' || sigalg[strlen(sigalg) - 1] != ':')
1155     {
1156 	keynote_errno = ERROR_SYNTAX;
1157 	return (char *) NULL;
1158     }
1159 
1160     /* We're using a different format for X509 private keys, so... */
1161     alg = keynote_get_sig_algorithm(sigalg, &hashtype, &encoding,
1162 				    &internalenc);
1163     if (alg != KEYNOTE_ALGORITHM_X509)
1164     {
1165 	/* Parse the private key */
1166 	s = keynote_get_private_key(key);
1167 	if (s == (char *) NULL)
1168 	  return (char *) NULL;
1169 
1170 	/* Decode private key */
1171 	i = kn_decode_key(&dc, s, KEYNOTE_PRIVATE_KEY);
1172 	if (i == -1)
1173 	{
1174 	    free(s);
1175 	    return (char *) NULL;
1176 	}
1177     }
1178     else /* X509 private key */
1179     {
1180 	dc.dec_key = key;
1181 	dc.dec_algorithm = alg;
1182     }
1183 
1184     as = keynote_parse_assertion(buf, buflen, ASSERT_FLAG_SIGGEN);
1185     if (as == (struct assertion *) NULL)
1186     {
1187 	if (alg != KEYNOTE_ALGORITHM_X509)
1188 	{
1189 	    keynote_free_key(dc.dec_key, dc.dec_algorithm);
1190 	    free(s);
1191 	}
1192 	return (char *) NULL;
1193     }
1194 
1195     sig = keynote_sign_assertion(as, sigalg, dc.dec_key, dc.dec_algorithm,
1196 				 vflag);
1197     if (alg != KEYNOTE_ALGORITHM_X509)
1198       keynote_free_key(dc.dec_key, dc.dec_algorithm);
1199     keynote_free_assertion(as);
1200     if (s != (char *) NULL)
1201       free(s);
1202     return sig;
1203 }
1204 
1205 /*
1206  * ASCII-encode a key.
1207  */
1208 char *
1209 kn_encode_key(struct keynote_deckey *dc, int iencoding,
1210 	      int encoding, int keytype)
1211 {
1212     char *foo, *ptr;
1213     DSA *dsa;
1214     RSA *rsa;
1215     int i;
1216     struct keynote_binary *bn;
1217     char *s;
1218 
1219     keynote_errno = 0;
1220     if ((dc == (struct keynote_deckey *) NULL) ||
1221 	(dc->dec_key == (void *) NULL))
1222     {
1223 	keynote_errno = ERROR_NOTFOUND;
1224 	return (char *) NULL;
1225     }
1226 
1227     /* DSA keys */
1228     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_DSA) &&
1229 	(iencoding == INTERNAL_ENC_ASN1) &&
1230 	((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64)))
1231     {
1232 	dsa = (DSA *) dc->dec_key;
1233 	if (keytype == KEYNOTE_PUBLIC_KEY)
1234 	  i = i2d_DSAPublicKey(dsa, NULL);
1235 	else
1236 	  i = i2d_DSAPrivateKey(dsa, NULL);
1237 
1238 	if (i <= 0)
1239 	{
1240 	    keynote_errno = ERROR_SYNTAX;
1241 	    return (char *) NULL;
1242 	}
1243 
1244  	ptr = foo = (char *) calloc(i, sizeof(char));
1245 	if (foo == (char *) NULL)
1246 	{
1247 	    keynote_errno = ERROR_MEMORY;
1248 	    return (char *) NULL;
1249 	}
1250 
1251 	dsa->write_params = 1;
1252 	if (keytype == KEYNOTE_PUBLIC_KEY)
1253 	  i2d_DSAPublicKey(dsa, (unsigned char **) &foo);
1254 	else
1255 	  i2d_DSAPrivateKey(dsa, (unsigned char **) &foo);
1256 
1257 	if (encoding == ENCODING_HEX)
1258 	{
1259 	    if (kn_encode_hex(ptr, &s, i) != 0)
1260 	    {
1261 		free(ptr);
1262 		return (char *) NULL;
1263 	    }
1264 
1265 	    free(ptr);
1266 	    return s;
1267 	}
1268 	else
1269 	  if (encoding == ENCODING_BASE64)
1270 	  {
1271 	      s = (char *) calloc(2 * i, sizeof(char));
1272 	      if (s == (char *) NULL)
1273 	      {
1274 		  free(ptr);
1275 		  keynote_errno = ERROR_MEMORY;
1276 		  return (char *) NULL;
1277 	      }
1278 
1279 	      if (kn_encode_base64(ptr, i, s, 2 * i) == -1)
1280 	      {
1281 		  free(s);
1282 		  free(ptr);
1283 		  return (char *) NULL;
1284 	      }
1285 
1286 	      free(ptr);
1287 	      return s;
1288 	  }
1289     }
1290 
1291     /* RSA keys */
1292     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_RSA) &&
1293 	(iencoding == INTERNAL_ENC_PKCS1) &&
1294 	((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64)))
1295     {
1296 	rsa = (RSA *) dc->dec_key;
1297 	if (keytype == KEYNOTE_PUBLIC_KEY)
1298 	  i = i2d_RSAPublicKey(rsa, NULL);
1299 	else
1300 	  i = i2d_RSAPrivateKey(rsa, NULL);
1301 
1302 	if (i <= 0)
1303 	{
1304 	    keynote_errno = ERROR_SYNTAX;
1305 	    return (char *) NULL;
1306 	}
1307 
1308 	ptr = foo = (char *) calloc(i, sizeof(char));
1309 	if (foo == (char *) NULL)
1310 	{
1311 	    keynote_errno = ERROR_MEMORY;
1312 	    return (char *) NULL;
1313 	}
1314 
1315 	if (keytype == KEYNOTE_PUBLIC_KEY)
1316 	  i2d_RSAPublicKey(rsa, (unsigned char **) &foo);
1317 	else
1318 	  i2d_RSAPrivateKey(rsa, (unsigned char **) &foo);
1319 
1320 	if (encoding == ENCODING_HEX)
1321 	{
1322 	    if (kn_encode_hex(ptr, &s, i) != 0)
1323 	    {
1324 		free(ptr);
1325 		return (char *) NULL;
1326 	    }
1327 
1328 	    free(ptr);
1329 	    return s;
1330 	}
1331 	else
1332 	  if (encoding == ENCODING_BASE64)
1333 	  {
1334 	      s = (char *) calloc(2 * i, sizeof(char));
1335 	      if (s == (char *) NULL)
1336 	      {
1337 		  free(ptr);
1338 		  keynote_errno = ERROR_MEMORY;
1339 		  return (char *) NULL;
1340 	      }
1341 
1342 	      if (kn_encode_base64(ptr, i, s, 2 * i) == -1)
1343 	      {
1344 		  free(s);
1345 		  free(ptr);
1346 		  return (char *) NULL;
1347 	      }
1348 
1349 	      free(ptr);
1350 	      return s;
1351 	  }
1352     }
1353 
1354     /* BINARY keys */
1355     if ((dc->dec_algorithm == KEYNOTE_ALGORITHM_BINARY) &&
1356 	(iencoding == INTERNAL_ENC_NONE) &&
1357 	((encoding == ENCODING_HEX) || (encoding == ENCODING_BASE64)))
1358     {
1359 	bn = (struct keynote_binary *) dc->dec_key;
1360 
1361 	if (encoding == ENCODING_HEX)
1362 	{
1363 	    if (kn_encode_hex(bn->bn_key, &s, bn->bn_len) != 0)
1364 	      return (char *) NULL;
1365 
1366 	    return s;
1367 	}
1368 	else
1369 	  if (encoding == ENCODING_BASE64)
1370 	  {
1371 	      s = (char *) calloc(2 * bn->bn_len, sizeof(char));
1372 	      if (s == (char *) NULL)
1373 	      {
1374 		  keynote_errno = ERROR_MEMORY;
1375 		  return (char *) NULL;
1376 	      }
1377 
1378 	      if (kn_encode_base64(bn->bn_key, bn->bn_len, s,
1379 				   2 * bn->bn_len) == -1)
1380 	      {
1381 		  free(s);
1382 		  return (char *) NULL;
1383 	      }
1384 
1385 	      return s;
1386 	  }
1387     }
1388 
1389     keynote_errno = ERROR_NOTFOUND;
1390     return (char *) NULL;
1391 }
1392