1 /* crypto/asn1/n_pkey.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
61 #ifndef OPENSSL_NO_RSA
62 #include <openssl/rsa.h>
63 #include <openssl/objects.h>
64 #include <openssl/asn1t.h>
65 #include <openssl/asn1_mac.h>
66 #include <openssl/evp.h>
67 #include <openssl/x509.h>
70 #ifndef OPENSSL_NO_RC4
72 typedef struct netscape_pkey_st
76 ASN1_OCTET_STRING
*private_key
;
79 typedef struct netscape_encrypted_pkey_st
81 ASN1_OCTET_STRING
*os
;
82 /* This is the same structure as DigestInfo so use it:
83 * although this isn't really anything to do with
87 } NETSCAPE_ENCRYPTED_PKEY
;
90 ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY
) = {
91 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY
, os
, ASN1_OCTET_STRING
),
92 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY
, enckey
, X509_SIG
)
93 } ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY
)
95 DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY
)
96 DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY
,NETSCAPE_ENCRYPTED_PKEY
)
97 IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY
)
99 ASN1_SEQUENCE(NETSCAPE_PKEY
) = {
100 ASN1_SIMPLE(NETSCAPE_PKEY
, version
, LONG
),
101 ASN1_SIMPLE(NETSCAPE_PKEY
, algor
, X509_ALGOR
),
102 ASN1_SIMPLE(NETSCAPE_PKEY
, private_key
, ASN1_OCTET_STRING
)
103 } ASN1_SEQUENCE_END(NETSCAPE_PKEY
)
105 DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY
)
106 DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY
,NETSCAPE_PKEY
)
107 IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY
)
109 static RSA
*d2i_RSA_NET_2(RSA
**a
, ASN1_OCTET_STRING
*os
,
110 int (*cb
)(char *buf
, int len
, const char *prompt
,
114 int i2d_Netscape_RSA(const RSA
*a
, unsigned char **pp
,
115 int (*cb
)(char *buf
, int len
, const char *prompt
,
118 return i2d_RSA_NET(a
, pp
, cb
, 0);
121 int i2d_RSA_NET(const RSA
*a
, unsigned char **pp
,
122 int (*cb
)(char *buf
, int len
, const char *prompt
, int verify
),
126 int rsalen
, pkeylen
, olen
;
127 NETSCAPE_PKEY
*pkey
= NULL
;
128 NETSCAPE_ENCRYPTED_PKEY
*enckey
= NULL
;
129 unsigned char buf
[256],*zz
;
130 unsigned char key
[EVP_MAX_KEY_LENGTH
];
133 if (a
== NULL
) return(0);
135 if ((pkey
=NETSCAPE_PKEY_new()) == NULL
) goto err
;
136 if ((enckey
=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL
) goto err
;
139 pkey
->algor
->algorithm
=OBJ_nid2obj(NID_rsaEncryption
);
140 if ((pkey
->algor
->parameter
=ASN1_TYPE_new()) == NULL
) goto err
;
141 pkey
->algor
->parameter
->type
=V_ASN1_NULL
;
143 rsalen
= i2d_RSAPrivateKey(a
, NULL
);
145 /* Fake some octet strings just for the initial length
149 pkey
->private_key
->length
=rsalen
;
151 pkeylen
=i2d_NETSCAPE_PKEY(pkey
,NULL
);
153 enckey
->enckey
->digest
->length
= pkeylen
;
155 enckey
->os
->length
= 11; /* "private-key" */
157 enckey
->enckey
->algor
->algorithm
=OBJ_nid2obj(NID_rc4
);
158 if ((enckey
->enckey
->algor
->parameter
=ASN1_TYPE_new()) == NULL
) goto err
;
159 enckey
->enckey
->algor
->parameter
->type
=V_ASN1_NULL
;
163 olen
= i2d_NETSCAPE_ENCRYPTED_PKEY(enckey
, NULL
);
164 NETSCAPE_PKEY_free(pkey
);
165 NETSCAPE_ENCRYPTED_PKEY_free(enckey
);
170 /* Since its RC4 encrypted length is actual length */
171 if ((zz
=(unsigned char *)OPENSSL_malloc(rsalen
)) == NULL
)
173 ASN1err(ASN1_F_I2D_RSA_NET
,ERR_R_MALLOC_FAILURE
);
177 pkey
->private_key
->data
= zz
;
178 /* Write out private key encoding */
179 i2d_RSAPrivateKey(a
,&zz
);
181 if ((zz
=OPENSSL_malloc(pkeylen
)) == NULL
)
183 ASN1err(ASN1_F_I2D_RSA_NET
,ERR_R_MALLOC_FAILURE
);
187 if (!ASN1_STRING_set(enckey
->os
, "private-key", -1))
189 ASN1err(ASN1_F_I2D_RSA_NET
,ERR_R_MALLOC_FAILURE
);
192 enckey
->enckey
->digest
->data
= zz
;
193 i2d_NETSCAPE_PKEY(pkey
,&zz
);
195 /* Wipe the private key encoding */
196 OPENSSL_cleanse(pkey
->private_key
->data
, rsalen
);
199 cb
=EVP_read_pw_string
;
200 i
=cb((char *)buf
,256,"Enter Private Key password:",1);
203 ASN1err(ASN1_F_I2D_RSA_NET
,ASN1_R_BAD_PASSWORD_READ
);
206 i
= strlen((char *)buf
);
207 /* If the key is used for SGC the algorithm is modified a little. */
209 EVP_Digest(buf
, i
, buf
, NULL
, EVP_md5(), NULL
);
210 memcpy(buf
+ 16, "SGCKEYSALT", 10);
214 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL
,buf
,i
,1,key
,NULL
);
215 OPENSSL_cleanse(buf
,256);
217 /* Encrypt private key in place */
218 zz
= enckey
->enckey
->digest
->data
;
219 EVP_CIPHER_CTX_init(&ctx
);
220 EVP_EncryptInit_ex(&ctx
,EVP_rc4(),NULL
,key
,NULL
);
221 EVP_EncryptUpdate(&ctx
,zz
,&i
,zz
,pkeylen
);
222 EVP_EncryptFinal_ex(&ctx
,zz
+ i
,&j
);
223 EVP_CIPHER_CTX_cleanup(&ctx
);
225 ret
= i2d_NETSCAPE_ENCRYPTED_PKEY(enckey
, pp
);
227 NETSCAPE_ENCRYPTED_PKEY_free(enckey
);
228 NETSCAPE_PKEY_free(pkey
);
233 RSA
*d2i_Netscape_RSA(RSA
**a
, const unsigned char **pp
, long length
,
234 int (*cb
)(char *buf
, int len
, const char *prompt
,
237 return d2i_RSA_NET(a
, pp
, length
, cb
, 0);
240 RSA
*d2i_RSA_NET(RSA
**a
, const unsigned char **pp
, long length
,
241 int (*cb
)(char *buf
, int len
, const char *prompt
, int verify
),
245 const unsigned char *p
, *kp
;
246 NETSCAPE_ENCRYPTED_PKEY
*enckey
= NULL
;
250 enckey
= d2i_NETSCAPE_ENCRYPTED_PKEY(NULL
, &p
, length
);
252 ASN1err(ASN1_F_D2I_RSA_NET
,ASN1_R_DECODING_ERROR
);
256 if ((enckey
->os
->length
!= 11) || (strncmp("private-key",
257 (char *)enckey
->os
->data
,11) != 0))
259 ASN1err(ASN1_F_D2I_RSA_NET
,ASN1_R_PRIVATE_KEY_HEADER_MISSING
);
260 NETSCAPE_ENCRYPTED_PKEY_free(enckey
);
263 if (OBJ_obj2nid(enckey
->enckey
->algor
->algorithm
) != NID_rc4
)
265 ASN1err(ASN1_F_D2I_RSA_NET
,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM
);
268 kp
= enckey
->enckey
->digest
->data
;
270 cb
=EVP_read_pw_string
;
271 if ((ret
=d2i_RSA_NET_2(a
, enckey
->enckey
->digest
,cb
, sgckey
)) == NULL
) goto err
;
276 NETSCAPE_ENCRYPTED_PKEY_free(enckey
);
281 static RSA
*d2i_RSA_NET_2(RSA
**a
, ASN1_OCTET_STRING
*os
,
282 int (*cb
)(char *buf
, int len
, const char *prompt
,
283 int verify
), int sgckey
)
285 NETSCAPE_PKEY
*pkey
=NULL
;
288 unsigned char buf
[256];
289 const unsigned char *zz
;
290 unsigned char key
[EVP_MAX_KEY_LENGTH
];
293 i
=cb((char *)buf
,256,"Enter Private Key password:",0);
296 ASN1err(ASN1_F_D2I_RSA_NET_2
,ASN1_R_BAD_PASSWORD_READ
);
300 i
= strlen((char *)buf
);
302 EVP_Digest(buf
, i
, buf
, NULL
, EVP_md5(), NULL
);
303 memcpy(buf
+ 16, "SGCKEYSALT", 10);
307 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL
,buf
,i
,1,key
,NULL
);
308 OPENSSL_cleanse(buf
,256);
310 EVP_CIPHER_CTX_init(&ctx
);
311 EVP_DecryptInit_ex(&ctx
,EVP_rc4(),NULL
, key
,NULL
);
312 EVP_DecryptUpdate(&ctx
,os
->data
,&i
,os
->data
,os
->length
);
313 EVP_DecryptFinal_ex(&ctx
,&(os
->data
[i
]),&j
);
314 EVP_CIPHER_CTX_cleanup(&ctx
);
319 if ((pkey
=d2i_NETSCAPE_PKEY(NULL
,&zz
,os
->length
)) == NULL
)
321 ASN1err(ASN1_F_D2I_RSA_NET_2
,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY
);
325 zz
=pkey
->private_key
->data
;
326 if ((ret
=d2i_RSAPrivateKey(a
,&zz
,pkey
->private_key
->length
)) == NULL
)
328 ASN1err(ASN1_F_D2I_RSA_NET_2
,ASN1_R_UNABLE_TO_DECODE_RSA_KEY
);
332 NETSCAPE_PKEY_free(pkey
);
336 #endif /* OPENSSL_NO_RC4 */
338 #else /* !OPENSSL_NO_RSA */
341 static void *dummy
=&dummy
;