]>
Commit | Line | Data |
---|---|---|
40720ce3 MC |
1 | /* |
2 | * Demo of how to construct your own engine and using it. The basis of this | |
3 | * engine is RSAref, an old reference of the RSA algorithm which can still be | |
4 | * found a little here and there. | |
5 | */ | |
6276f1e1 RL |
6 | |
7 | #include <stdio.h> | |
bd1fb772 | 8 | #include <string.h> |
6276f1e1 RL |
9 | #include "./source/global.h" |
10 | #include "./source/rsaref.h" | |
1d46b6b3 | 11 | #include "./source/rsa.h" |
b5fe2345 | 12 | #include "./source/des.h" |
6276f1e1 | 13 | #include <openssl/err.h> |
bd1fb772 RL |
14 | #define OPENSSL_NO_MD2 |
15 | #define OPENSSL_NO_MD5 | |
b5fe2345 | 16 | #include <openssl/evp.h> |
6276f1e1 RL |
17 | #include <openssl/bn.h> |
18 | #include <openssl/engine.h> | |
19 | ||
c85a1578 RL |
20 | #define RSAREF_LIB_NAME "rsaref engine" |
21 | #include "rsaref_err.c" | |
22 | ||
b5fe2345 RL |
23 | /***************************************************************************** |
24 | *** Function declarations and global variable definitions *** | |
25 | *****************************************************************************/ | |
26 | ||
27 | /***************************************************************************** | |
28 | * Constants used when creating the ENGINE | |
29 | **/ | |
6276f1e1 RL |
30 | static const char *engine_rsaref_id = "rsaref"; |
31 | static const char *engine_rsaref_name = "RSAref engine support"; | |
32 | ||
b5fe2345 RL |
33 | /***************************************************************************** |
34 | * Functions to handle the engine | |
35 | **/ | |
6276f1e1 RL |
36 | static int rsaref_destroy(ENGINE *e); |
37 | static int rsaref_init(ENGINE *e); | |
38 | static int rsaref_finish(ENGINE *e); | |
39 | #if 0 | |
40720ce3 | 40 | static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ()); |
6276f1e1 RL |
41 | #endif |
42 | ||
b5fe2345 RL |
43 | /***************************************************************************** |
44 | * Engine commands | |
45 | **/ | |
46 | static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = { | |
40720ce3 MC |
47 | {0, NULL, NULL, 0} |
48 | }; | |
b5fe2345 RL |
49 | |
50 | /***************************************************************************** | |
51 | * RSA functions | |
52 | **/ | |
6276f1e1 | 53 | static int rsaref_private_decrypt(int len, const unsigned char *from, |
40720ce3 | 54 | unsigned char *to, RSA *rsa, int padding); |
6276f1e1 | 55 | static int rsaref_private_encrypt(int len, const unsigned char *from, |
40720ce3 | 56 | unsigned char *to, RSA *rsa, int padding); |
6276f1e1 | 57 | static int rsaref_public_encrypt(int len, const unsigned char *from, |
40720ce3 | 58 | unsigned char *to, RSA *rsa, int padding); |
6276f1e1 | 59 | static int rsaref_public_decrypt(int len, const unsigned char *from, |
40720ce3 MC |
60 | unsigned char *to, RSA *rsa, int padding); |
61 | static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |
62 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); | |
6276f1e1 RL |
63 | static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); |
64 | ||
b5fe2345 RL |
65 | /***************************************************************************** |
66 | * Our RSA method | |
67 | **/ | |
40720ce3 MC |
68 | static RSA_METHOD rsaref_rsa = { |
69 | "RSAref PKCS#1 RSA", | |
70 | rsaref_public_encrypt, | |
71 | rsaref_public_decrypt, | |
72 | rsaref_private_encrypt, | |
73 | rsaref_private_decrypt, | |
74 | rsaref_mod_exp, | |
75 | bnref_mod_exp, | |
76 | NULL, | |
77 | NULL, | |
78 | 0, | |
79 | NULL, | |
80 | NULL, | |
81 | NULL | |
6276f1e1 RL |
82 | }; |
83 | ||
b5fe2345 RL |
84 | /***************************************************************************** |
85 | * Symetric cipher and digest function registrars | |
86 | **/ | |
87 | static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
40720ce3 | 88 | const int **nids, int nid); |
b5fe2345 | 89 | static int rsaref_digests(ENGINE *e, const EVP_MD **digest, |
40720ce3 | 90 | const int **nids, int nid); |
b5fe2345 RL |
91 | |
92 | static int rsaref_cipher_nids[] = | |
40720ce3 MC |
93 | { NID_des_cbc, NID_des_ede3_cbc, NID_desx_cbc, 0 }; |
94 | static int rsaref_digest_nids[] = { NID_md2, NID_md5, 0 }; | |
b5fe2345 RL |
95 | |
96 | /***************************************************************************** | |
97 | * DES functions | |
98 | **/ | |
c0d64de6 | 99 | static int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
40720ce3 | 100 | const unsigned char *iv, int enc); |
c0d64de6 | 101 | static int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out, |
40720ce3 | 102 | const unsigned char *in, unsigned int inl); |
c0d64de6 | 103 | static int cipher_des_cbc_clean(EVP_CIPHER_CTX *); |
40720ce3 MC |
104 | static int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, |
105 | const unsigned char *key, | |
106 | const unsigned char *iv, int enc); | |
c0d64de6 | 107 | static int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out, |
40720ce3 MC |
108 | const unsigned char *in, |
109 | unsigned int inl); | |
c0d64de6 RL |
110 | static int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *); |
111 | static int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |
40720ce3 | 112 | const unsigned char *iv, int enc); |
c0d64de6 | 113 | static int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out, |
40720ce3 | 114 | const unsigned char *in, unsigned int inl); |
c0d64de6 | 115 | static int cipher_desx_cbc_clean(EVP_CIPHER_CTX *); |
b5fe2345 RL |
116 | |
117 | /***************************************************************************** | |
118 | * Our DES ciphers | |
119 | **/ | |
40720ce3 MC |
120 | static const EVP_CIPHER cipher_des_cbc = { |
121 | NID_des_cbc, | |
122 | 8, 8, 8, | |
123 | 0 | EVP_CIPH_CBC_MODE, | |
124 | cipher_des_cbc_init, | |
125 | cipher_des_cbc_code, | |
126 | cipher_des_cbc_clean, | |
127 | sizeof(DES_CBC_CTX), | |
128 | NULL, | |
129 | NULL, | |
130 | NULL, | |
131 | NULL | |
132 | }; | |
133 | ||
134 | static const EVP_CIPHER cipher_des_ede3_cbc = { | |
135 | NID_des_ede3_cbc, | |
136 | 8, 24, 8, | |
137 | 0 | EVP_CIPH_CBC_MODE, | |
138 | cipher_des_ede3_cbc_init, | |
139 | cipher_des_ede3_cbc_code, | |
140 | cipher_des_ede3_cbc_clean, | |
141 | sizeof(DES3_CBC_CTX), | |
142 | NULL, | |
143 | NULL, | |
144 | NULL, | |
145 | NULL | |
146 | }; | |
147 | ||
148 | static const EVP_CIPHER cipher_desx_cbc = { | |
149 | NID_desx_cbc, | |
150 | 8, 24, 8, | |
151 | 0 | EVP_CIPH_CBC_MODE, | |
152 | cipher_desx_cbc_init, | |
153 | cipher_desx_cbc_code, | |
154 | cipher_desx_cbc_clean, | |
155 | sizeof(DESX_CBC_CTX), | |
156 | NULL, | |
157 | NULL, | |
158 | NULL, | |
159 | NULL | |
160 | }; | |
b5fe2345 | 161 | |
6d7dbc12 RL |
162 | /***************************************************************************** |
163 | * MD functions | |
164 | **/ | |
165 | static int digest_md2_init(EVP_MD_CTX *ctx); | |
40720ce3 MC |
166 | static int digest_md2_update(EVP_MD_CTX *ctx, const void *data, |
167 | unsigned long count); | |
168 | static int digest_md2_final(EVP_MD_CTX *ctx, unsigned char *md); | |
6d7dbc12 | 169 | static int digest_md5_init(EVP_MD_CTX *ctx); |
40720ce3 MC |
170 | static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, |
171 | unsigned long count); | |
172 | static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md); | |
6d7dbc12 RL |
173 | |
174 | /***************************************************************************** | |
175 | * Our MD digests | |
176 | **/ | |
40720ce3 MC |
177 | static const EVP_MD digest_md2 = { |
178 | NID_md2, | |
179 | NID_md2WithRSAEncryption, | |
180 | 16, | |
181 | 0, | |
182 | digest_md2_init, | |
183 | digest_md2_update, | |
184 | digest_md2_final, | |
185 | NULL, | |
186 | NULL, | |
187 | EVP_PKEY_RSA_method, | |
188 | 16, | |
189 | sizeof(MD2_CTX) | |
190 | }; | |
191 | ||
192 | static const EVP_MD digest_md5 = { | |
193 | NID_md5, | |
194 | NID_md5WithRSAEncryption, | |
195 | 16, | |
196 | 0, | |
197 | digest_md5_init, | |
198 | digest_md5_update, | |
199 | digest_md5_final, | |
200 | NULL, | |
201 | NULL, | |
202 | EVP_PKEY_RSA_method, | |
203 | 64, | |
204 | sizeof(MD5_CTX) | |
205 | }; | |
6d7dbc12 | 206 | |
b5fe2345 RL |
207 | /***************************************************************************** |
208 | *** Function definitions *** | |
209 | *****************************************************************************/ | |
210 | ||
211 | /***************************************************************************** | |
212 | * Functions to handle the engine | |
213 | **/ | |
6276f1e1 RL |
214 | |
215 | static int bind_rsaref(ENGINE *e) | |
40720ce3 MC |
216 | { |
217 | const RSA_METHOD *meth1; | |
218 | if (!ENGINE_set_id(e, engine_rsaref_id) | |
219 | || !ENGINE_set_name(e, engine_rsaref_name) | |
220 | || !ENGINE_set_RSA(e, &rsaref_rsa) | |
221 | || !ENGINE_set_ciphers(e, rsaref_ciphers) | |
222 | || !ENGINE_set_digests(e, rsaref_digests) | |
223 | || !ENGINE_set_destroy_function(e, rsaref_destroy) | |
224 | || !ENGINE_set_init_function(e, rsaref_init) | |
225 | || !ENGINE_set_finish_function(e, rsaref_finish) | |
226 | /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */ | |
227 | /* | |
228 | * || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) | |
229 | */ ) | |
230 | return 0; | |
231 | ||
232 | /* Ensure the rsaref error handling is set up */ | |
233 | ERR_load_RSAREF_strings(); | |
234 | return 1; | |
235 | } | |
6276f1e1 RL |
236 | |
237 | #ifdef ENGINE_DYNAMIC_SUPPORT | |
238 | static int bind_helper(ENGINE *e, const char *id) | |
40720ce3 MC |
239 | { |
240 | if (id && (strcmp(id, engine_rsaref_id) != 0)) | |
241 | return 0; | |
242 | if (!bind_rsaref(e)) | |
243 | return 0; | |
244 | return 1; | |
245 | } | |
246 | ||
6276f1e1 | 247 | IMPLEMENT_DYNAMIC_CHECK_FN() |
40720ce3 | 248 | IMPLEMENT_DYNAMIC_BIND_FN(bind_helper) |
6276f1e1 RL |
249 | #else |
250 | static ENGINE *engine_rsaref(void) | |
40720ce3 MC |
251 | { |
252 | ENGINE *ret = ENGINE_new(); | |
253 | if (!ret) | |
254 | return NULL; | |
255 | if (!bind_rsaref(ret)) { | |
256 | ENGINE_free(ret); | |
257 | return NULL; | |
258 | } | |
259 | return ret; | |
260 | } | |
6276f1e1 RL |
261 | |
262 | void ENGINE_load_rsaref(void) | |
40720ce3 MC |
263 | { |
264 | /* Copied from eng_[openssl|dyn].c */ | |
265 | ENGINE *toadd = engine_rsaref(); | |
266 | if (!toadd) | |
267 | return; | |
268 | ENGINE_add(toadd); | |
269 | ENGINE_free(toadd); | |
270 | ERR_clear_error(); | |
271 | } | |
6276f1e1 RL |
272 | #endif |
273 | ||
274 | /* Initiator which is only present to make sure this engine looks available */ | |
275 | static int rsaref_init(ENGINE *e) | |
40720ce3 MC |
276 | { |
277 | return 1; | |
278 | } | |
6276f1e1 RL |
279 | |
280 | /* Finisher which is only present to make sure this engine looks available */ | |
281 | static int rsaref_finish(ENGINE *e) | |
40720ce3 MC |
282 | { |
283 | return 1; | |
284 | } | |
6276f1e1 RL |
285 | |
286 | /* Destructor (complements the "ENGINE_ncipher()" constructor) */ | |
287 | static int rsaref_destroy(ENGINE *e) | |
40720ce3 MC |
288 | { |
289 | ERR_unload_RSAREF_strings(); | |
290 | return 1; | |
291 | } | |
6276f1e1 | 292 | |
b5fe2345 RL |
293 | /***************************************************************************** |
294 | * RSA functions | |
295 | **/ | |
296 | ||
6276f1e1 | 297 | static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) |
40720ce3 MC |
298 | { |
299 | RSAREFerr(RSAREF_F_RSAREF_MOD_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | |
300 | return (0); | |
301 | } | |
6276f1e1 RL |
302 | |
303 | static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | |
40720ce3 MC |
304 | const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) |
305 | { | |
306 | RSAREFerr(RSAREF_F_BNREF_MOD_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | |
307 | return (0); | |
308 | } | |
6276f1e1 RL |
309 | |
310 | /* unsigned char *to: [max] */ | |
311 | static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max) | |
40720ce3 MC |
312 | { |
313 | int i; | |
314 | ||
315 | i = BN_num_bytes(from); | |
316 | if (i > max) { | |
317 | RSAREFerr(RSAREF_F_RSAREF_BN2BIN, RSAREF_R_LEN); | |
318 | return (0); | |
319 | } | |
320 | ||
321 | memset(to, 0, (unsigned int)max); | |
322 | if (!BN_bn2bin(from, &(to[max - i]))) | |
323 | return (0); | |
324 | return (1); | |
325 | } | |
6276f1e1 RL |
326 | |
327 | #ifdef undef | |
328 | /* unsigned char *from: [max] */ | |
329 | static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max) | |
40720ce3 MC |
330 | { |
331 | int i; | |
332 | BIGNUM *ret; | |
333 | ||
334 | for (i = 0; i < max; i++) | |
335 | if (from[i]) | |
336 | break; | |
337 | ||
338 | ret = BN_bin2bn(&(from[i]), max - i, to); | |
339 | return (ret); | |
340 | } | |
341 | ||
342 | static int RSAref_Public_ref2eay(RSArefPublicKey * from, RSA *to) | |
343 | { | |
344 | to->n = RSAref_bin2bn(from->m, NULL, RSAref_MAX_LEN); | |
345 | to->e = RSAref_bin2bn(from->e, NULL, RSAref_MAX_LEN); | |
346 | if ((to->n == NULL) || (to->e == NULL)) | |
347 | return (0); | |
348 | return (1); | |
349 | } | |
6276f1e1 RL |
350 | #endif |
351 | ||
40720ce3 MC |
352 | static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY * to) |
353 | { | |
354 | to->bits = BN_num_bits(from->n); | |
355 | if (!RSAref_bn2bin(from->n, to->modulus, MAX_RSA_MODULUS_LEN)) | |
356 | return (0); | |
357 | if (!RSAref_bn2bin(from->e, to->exponent, MAX_RSA_MODULUS_LEN)) | |
358 | return (0); | |
359 | return (1); | |
360 | } | |
6276f1e1 RL |
361 | |
362 | #ifdef undef | |
40720ce3 MC |
363 | static int RSAref_Private_ref2eay(RSArefPrivateKey * from, RSA *to) |
364 | { | |
365 | if ((to->n = RSAref_bin2bn(from->m, NULL, RSAref_MAX_LEN)) == NULL) | |
366 | return (0); | |
367 | if ((to->e = RSAref_bin2bn(from->e, NULL, RSAref_MAX_LEN)) == NULL) | |
368 | return (0); | |
369 | if ((to->d = RSAref_bin2bn(from->d, NULL, RSAref_MAX_LEN)) == NULL) | |
370 | return (0); | |
371 | if ((to->p = | |
372 | RSAref_bin2bn(from->prime[0], NULL, RSAref_MAX_PLEN)) == NULL) | |
373 | return (0); | |
374 | if ((to->q = | |
375 | RSAref_bin2bn(from->prime[1], NULL, RSAref_MAX_PLEN)) == NULL) | |
376 | return (0); | |
377 | if ((to->dmp1 = RSAref_bin2bn(from->pexp[0], NULL, RSAref_MAX_PLEN)) | |
378 | == NULL) | |
379 | return (0); | |
380 | if ((to->dmq1 = RSAref_bin2bn(from->pexp[1], NULL, RSAref_MAX_PLEN)) | |
381 | == NULL) | |
382 | return (0); | |
383 | if ((to->iqmp = RSAref_bin2bn(from->coef, NULL, RSAref_MAX_PLEN)) == NULL) | |
384 | return (0); | |
385 | return (1); | |
386 | } | |
6276f1e1 RL |
387 | #endif |
388 | ||
40720ce3 MC |
389 | static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY * to) |
390 | { | |
391 | to->bits = BN_num_bits(from->n); | |
392 | if (!RSAref_bn2bin(from->n, to->modulus, MAX_RSA_MODULUS_LEN)) | |
393 | return (0); | |
394 | if (!RSAref_bn2bin(from->e, to->publicExponent, MAX_RSA_MODULUS_LEN)) | |
395 | return (0); | |
396 | if (!RSAref_bn2bin(from->d, to->exponent, MAX_RSA_MODULUS_LEN)) | |
397 | return (0); | |
398 | if (!RSAref_bn2bin(from->p, to->prime[0], MAX_RSA_PRIME_LEN)) | |
399 | return (0); | |
400 | if (!RSAref_bn2bin(from->q, to->prime[1], MAX_RSA_PRIME_LEN)) | |
401 | return (0); | |
402 | if (!RSAref_bn2bin(from->dmp1, to->primeExponent[0], MAX_RSA_PRIME_LEN)) | |
403 | return (0); | |
404 | if (!RSAref_bn2bin(from->dmq1, to->primeExponent[1], MAX_RSA_PRIME_LEN)) | |
405 | return (0); | |
406 | if (!RSAref_bn2bin(from->iqmp, to->coefficient, MAX_RSA_PRIME_LEN)) | |
407 | return (0); | |
408 | return (1); | |
409 | } | |
410 | ||
411 | static int rsaref_private_decrypt(int len, const unsigned char *from, | |
412 | unsigned char *to, RSA *rsa, int padding) | |
413 | { | |
414 | int i, outlen = -1; | |
415 | R_RSA_PRIVATE_KEY RSAkey; | |
416 | ||
417 | if (!RSAref_Private_eay2ref(rsa, &RSAkey)) | |
418 | goto err; | |
419 | if ((i = | |
420 | RSAPrivateDecrypt(to, (unsigned int *)&outlen, (unsigned char *)from, | |
421 | len, &RSAkey)) != 0) { | |
422 | RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT, i); | |
423 | outlen = -1; | |
424 | } | |
425 | err: | |
426 | memset(&RSAkey, 0, sizeof(RSAkey)); | |
427 | return (outlen); | |
428 | } | |
429 | ||
430 | static int rsaref_private_encrypt(int len, const unsigned char *from, | |
431 | unsigned char *to, RSA *rsa, int padding) | |
432 | { | |
433 | int i, outlen = -1; | |
434 | R_RSA_PRIVATE_KEY RSAkey; | |
435 | ||
436 | if (padding != RSA_PKCS1_PADDING) { | |
437 | RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, | |
438 | RSA_R_UNKNOWN_PADDING_TYPE); | |
439 | goto err; | |
440 | } | |
441 | if (!RSAref_Private_eay2ref(rsa, &RSAkey)) | |
442 | goto err; | |
443 | if ((i = | |
444 | RSAPrivateEncrypt(to, (unsigned int *)&outlen, (unsigned char *)from, | |
445 | len, &RSAkey)) != 0) { | |
446 | RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, i); | |
447 | outlen = -1; | |
448 | } | |
449 | err: | |
450 | memset(&RSAkey, 0, sizeof(RSAkey)); | |
451 | return (outlen); | |
452 | } | |
453 | ||
454 | static int rsaref_public_decrypt(int len, const unsigned char *from, | |
455 | unsigned char *to, RSA *rsa, int padding) | |
456 | { | |
457 | int i, outlen = -1; | |
458 | R_RSA_PUBLIC_KEY RSAkey; | |
459 | ||
460 | if (!RSAref_Public_eay2ref(rsa, &RSAkey)) | |
461 | goto err; | |
462 | if ((i = | |
463 | RSAPublicDecrypt(to, (unsigned int *)&outlen, (unsigned char *)from, | |
464 | len, &RSAkey)) != 0) { | |
465 | RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT, i); | |
466 | outlen = -1; | |
467 | } | |
468 | err: | |
469 | memset(&RSAkey, 0, sizeof(RSAkey)); | |
470 | return (outlen); | |
471 | } | |
472 | ||
473 | static int rsaref_public_encrypt(int len, const unsigned char *from, | |
474 | unsigned char *to, RSA *rsa, int padding) | |
475 | { | |
476 | int outlen = -1; | |
477 | int i; | |
478 | R_RSA_PUBLIC_KEY RSAkey; | |
479 | R_RANDOM_STRUCT rnd; | |
480 | unsigned char buf[16]; | |
481 | ||
482 | if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING) { | |
483 | RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE); | |
484 | goto err; | |
485 | } | |
486 | ||
487 | R_RandomInit(&rnd); | |
488 | R_GetRandomBytesNeeded((unsigned int *)&i, &rnd); | |
489 | while (i > 0) { | |
490 | if (RAND_bytes(buf, 16) <= 0) | |
491 | goto err; | |
492 | R_RandomUpdate(&rnd, buf, (unsigned int)((i > 16) ? 16 : i)); | |
493 | i -= 16; | |
494 | } | |
495 | ||
496 | if (!RSAref_Public_eay2ref(rsa, &RSAkey)) | |
497 | goto err; | |
498 | if ((i = | |
499 | RSAPublicEncrypt(to, (unsigned int *)&outlen, (unsigned char *)from, | |
500 | len, &RSAkey, &rnd)) != 0) { | |
501 | RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, i); | |
502 | outlen = -1; | |
503 | goto err; | |
504 | } | |
505 | err: | |
506 | memset(&RSAkey, 0, sizeof(RSAkey)); | |
507 | R_RandomFinal(&rnd); | |
508 | memset(&rnd, 0, sizeof(rnd)); | |
509 | return (outlen); | |
510 | } | |
b5fe2345 RL |
511 | |
512 | /***************************************************************************** | |
513 | * Symetric cipher and digest function registrars | |
514 | **/ | |
515 | static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher, | |
40720ce3 MC |
516 | const int **nids, int nid) |
517 | { | |
518 | int ok = 1; | |
519 | if (!cipher) { | |
520 | /* We are returning a list of supported nids */ | |
521 | *nids = rsaref_cipher_nids; | |
522 | return (sizeof(rsaref_cipher_nids) - | |
523 | 1) / sizeof(rsaref_cipher_nids[0]); | |
524 | } | |
525 | /* We are being asked for a specific cipher */ | |
526 | switch (nid) { | |
527 | case NID_des_cbc: | |
528 | *cipher = &cipher_des_cbc; | |
529 | break; | |
530 | case NID_des_ede3_cbc: | |
531 | *cipher = &cipher_des_ede3_cbc; | |
532 | break; | |
533 | case NID_desx_cbc: | |
534 | *cipher = &cipher_desx_cbc; | |
535 | break; | |
536 | default: | |
537 | ok = 0; | |
538 | *cipher = NULL; | |
539 | break; | |
540 | } | |
541 | return ok; | |
542 | } | |
543 | ||
b5fe2345 | 544 | static int rsaref_digests(ENGINE *e, const EVP_MD **digest, |
40720ce3 MC |
545 | const int **nids, int nid) |
546 | { | |
547 | int ok = 1; | |
548 | if (!digest) { | |
549 | /* We are returning a list of supported nids */ | |
550 | *nids = rsaref_digest_nids; | |
551 | return (sizeof(rsaref_digest_nids) - | |
552 | 1) / sizeof(rsaref_digest_nids[0]); | |
553 | } | |
554 | /* We are being asked for a specific digest */ | |
555 | switch (nid) { | |
556 | case NID_md2: | |
557 | *digest = &digest_md2; | |
558 | break; | |
559 | case NID_md5: | |
560 | *digest = &digest_md5; | |
561 | break; | |
562 | default: | |
563 | ok = 0; | |
564 | *digest = NULL; | |
565 | break; | |
566 | } | |
567 | return ok; | |
568 | } | |
b5fe2345 RL |
569 | |
570 | /***************************************************************************** | |
571 | * DES functions | |
572 | **/ | |
573 | #undef data | |
574 | #define data(ctx) ((DES_CBC_CTX *)(ctx)->cipher_data) | |
c0d64de6 | 575 | static int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
40720ce3 MC |
576 | const unsigned char *iv, int enc) |
577 | { | |
578 | DES_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc); | |
579 | return 1; | |
580 | } | |
581 | ||
c0d64de6 | 582 | static int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out, |
40720ce3 MC |
583 | const unsigned char *in, unsigned int inl) |
584 | { | |
585 | int ret = DES_CBCUpdate(data(ctx), out, (unsigned char *)in, inl); | |
586 | switch (ret) { | |
587 | case RE_LEN: | |
588 | RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, | |
589 | RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED); | |
590 | break; | |
591 | case 0: | |
592 | break; | |
593 | default: | |
594 | RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, RSAREF_R_UNKNOWN_FAULT); | |
595 | } | |
596 | return !ret; | |
597 | } | |
598 | ||
c0d64de6 | 599 | static int cipher_des_cbc_clean(EVP_CIPHER_CTX *ctx) |
40720ce3 MC |
600 | { |
601 | memset(data(ctx), 0, ctx->cipher->ctx_size); | |
602 | return 1; | |
603 | } | |
b5fe2345 RL |
604 | |
605 | #undef data | |
606 | #define data(ctx) ((DES3_CBC_CTX *)(ctx)->cipher_data) | |
40720ce3 MC |
607 | static int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, |
608 | const unsigned char *key, | |
609 | const unsigned char *iv, int enc) | |
610 | { | |
611 | DES3_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc); | |
612 | return 1; | |
613 | } | |
614 | ||
c0d64de6 | 615 | static int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out, |
40720ce3 MC |
616 | const unsigned char *in, unsigned int inl) |
617 | { | |
618 | int ret = DES3_CBCUpdate(data(ctx), out, (unsigned char *)in, inl); | |
619 | switch (ret) { | |
620 | case RE_LEN: | |
621 | RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, | |
622 | RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED); | |
623 | break; | |
624 | case 0: | |
625 | break; | |
626 | default: | |
627 | RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, RSAREF_R_UNKNOWN_FAULT); | |
628 | } | |
629 | return !ret; | |
630 | } | |
631 | ||
c0d64de6 | 632 | static int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *ctx) |
40720ce3 MC |
633 | { |
634 | memset(data(ctx), 0, ctx->cipher->ctx_size); | |
635 | return 1; | |
636 | } | |
b5fe2345 RL |
637 | |
638 | #undef data | |
639 | #define data(ctx) ((DESX_CBC_CTX *)(ctx)->cipher_data) | |
c0d64de6 | 640 | static int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
40720ce3 MC |
641 | const unsigned char *iv, int enc) |
642 | { | |
643 | DESX_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc); | |
644 | return 1; | |
645 | } | |
646 | ||
c0d64de6 | 647 | static int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out, |
40720ce3 MC |
648 | const unsigned char *in, unsigned int inl) |
649 | { | |
650 | int ret = DESX_CBCUpdate(data(ctx), out, (unsigned char *)in, inl); | |
651 | switch (ret) { | |
652 | case RE_LEN: | |
653 | RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, | |
654 | RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED); | |
655 | break; | |
656 | case 0: | |
657 | break; | |
658 | default: | |
659 | RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, RSAREF_R_UNKNOWN_FAULT); | |
660 | } | |
661 | return !ret; | |
662 | } | |
663 | ||
c0d64de6 | 664 | static int cipher_desx_cbc_clean(EVP_CIPHER_CTX *ctx) |
40720ce3 MC |
665 | { |
666 | memset(data(ctx), 0, ctx->cipher->ctx_size); | |
667 | return 1; | |
668 | } | |
6d7dbc12 RL |
669 | |
670 | /***************************************************************************** | |
671 | * MD functions | |
672 | **/ | |
673 | #undef data | |
674 | #define data(ctx) ((MD2_CTX *)(ctx)->md_data) | |
675 | static int digest_md2_init(EVP_MD_CTX *ctx) | |
40720ce3 MC |
676 | { |
677 | MD2Init(data(ctx)); | |
678 | return 1; | |
679 | } | |
680 | ||
681 | static int digest_md2_update(EVP_MD_CTX *ctx, const void *data, | |
682 | unsigned long count) | |
683 | { | |
684 | MD2Update(data(ctx), (unsigned char *)data, (unsigned int)count); | |
685 | return 1; | |
686 | } | |
687 | ||
688 | static int digest_md2_final(EVP_MD_CTX *ctx, unsigned char *md) | |
689 | { | |
690 | MD2Final(md, data(ctx)); | |
691 | return 1; | |
692 | } | |
6d7dbc12 RL |
693 | |
694 | #undef data | |
695 | #define data(ctx) ((MD5_CTX *)(ctx)->md_data) | |
696 | static int digest_md5_init(EVP_MD_CTX *ctx) | |
40720ce3 MC |
697 | { |
698 | MD5Init(data(ctx)); | |
699 | return 1; | |
700 | } | |
701 | ||
702 | static int digest_md5_update(EVP_MD_CTX *ctx, const void *data, | |
703 | unsigned long count) | |
704 | { | |
705 | MD5Update(data(ctx), (unsigned char *)data, (unsigned int)count); | |
706 | return 1; | |
707 | } | |
708 | ||
709 | static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md) | |
710 | { | |
711 | MD5Final(md, data(ctx)); | |
712 | return 1; | |
713 | } |