rsaref/rsaref.c

   1 /* rsaref/rsaref.c */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60 #include "cryptlib.h"
  61 #include "bn.h"
  62 #include "rsa.h"
  63 #include "rsaref.h"
  64 #include "rand.h"
  65
  66 /*
  67  * RSAREFerr(RSAREF_F_RSA_REF_BN2BIN,RSAREF_R_CONTENT_ENCODING);
  68  * RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,RSAREF_R_DATA);
  69  * RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,RSAREF_R_DIGEST_ALGORITHM);
  70  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,RSAREF_R_ENCODING);
  71  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_KEY);
  72  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_KEY_ENCODING);
  73  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_LEN);
  74  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_MODULUS_LEN);
  75  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_NEED_RANDOM);
  76  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_PRIVATE_KEY);
  77  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_PUBLIC_KEY);
  78  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_SIGNATURE);
  79  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_SIGNATURE_ENCODING);
  80  * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_ENCRYPTION_ALGORITHM);
  81  * RSAREFerr(RSAREF_F_RSAREF_BN2BIN,ERR_R_BN_LIB);
  82  */
  83
  84 #ifndef NOPROTO
  85 static int RSAref_bn2bin(BIGNUM * from, unsigned char* to, int max);
  86 #ifdef undef
  87 static BIGNUM* RSAref_bin2bn(unsigned char* from, BIGNUM * to, int max);
  88 #endif
  89 static int RSAref_Public_eay2ref(RSA * from, RSArefPublicKey * to);
  90 static int RSAref_Private_eay2ref(RSA * from, RSArefPrivateKey * to);
  91 int RSA_ref_private_decrypt(int len, unsigned char *from,
  92         unsigned char *to, RSA *rsa, int padding);
  93 int RSA_ref_private_encrypt(int len, unsigned char *from,
  94         unsigned char *to, RSA *rsa, int padding);
  95 int RSA_ref_public_encrypt(int len, unsigned char *from,
  96         unsigned char *to, RSA *rsa, int padding);
  97 int RSA_ref_public_decrypt(int len, unsigned char *from,
  98         unsigned char *to, RSA *rsa, int padding);
  99 static int BN_ref_mod_exp(BIGNUM *r,BIGNUM *a,BIGNUM *p,BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
 100 static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
 101 #else
 102
 103 static int RSAref_bn2bin();
 104 #ifdef undef
 105 static BIGNUM* RSAref_bin2bn();
 106 #endif
 107 static int RSAref_Public_eay2ref();
 108 static int RSAref_Private_eay2ref();
 109 static int BN_ref_mod_exp();
 110 static int RSA_ref_mod_exp();
 111 int RSA_ref_private_decrypt();
 112 int RSA_ref_private_encrypt();
 113 int RSA_ref_public_encrypt();
 114 int RSA_ref_public_decrypt();
 115 static int BN_ref_mod_exp();
 116 static int RSA_ref_mod_exp();
 117 #endif
 118
 119 static RSA_METHOD rsa_pkcs1_ref_meth={
 120         "RSAref PKCS#1 RSA",
 121         RSA_ref_public_encrypt,
 122         RSA_ref_public_decrypt,
 123         RSA_ref_private_encrypt,
 124         RSA_ref_private_decrypt,
 125         RSA_ref_mod_exp,
 126         BN_ref_mod_exp,
 127         NULL,
 128         NULL,
 129         0,
 130         NULL,
 131         };
 132
 133 RSA_METHOD *RSA_PKCS1_RSAref()
 134         {
 135         return(&rsa_pkcs1_ref_meth);
 136         }
 137
 138 static int RSA_ref_mod_exp(r0, I, rsa)
 139 BIGNUM *r0;
 140 BIGNUM *I;
 141 RSA *rsa;
 142         {
 143         RSAREFerr(RSAREF_F_RSA_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 144         return(0);
 145         }
 146
 147 static int BN_ref_mod_exp(r,a,p,m,ctx,m_ctx)
 148 BIGNUM *r,*a,*p,*m;
 149 BN_CTX *ctx;
 150 BN_MONT_CTX *m_ctx;
 151         {
 152         RSAREFerr(RSAREF_F_BN_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 153         return(0);
 154         }
 155
 156 static int RSAref_bn2bin(from,to,max)
 157 BIGNUM *from;
 158 unsigned char *to; /* [max] */
 159 int max;
 160         {
 161         int i;
 162
 163         i=BN_num_bytes(from);
 164         if (i > max)
 165                 {
 166                 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
 167                 return(0);
 168                 }
 169
 170         memset(to,0,(unsigned int)max);
 171         if (!BN_bn2bin(from,&(to[max-i])))
 172                 return(0);
 173         return(1);
 174         }
 175
 176 #ifdef undef
 177 static BIGNUM *RSAref_bin2bn(from,to,max)
 178 unsigned char *from; /* [max] */
 179 BIGNUM *to;
 180 int max;
 181         {
 182         int i;
 183         BIGNUM *ret;
 184
 185         for (i=0; i<max; i++)
 186                 if (from[i]) break;
 187
 188         ret=BN_bin2bn(&(from[i]),max-i,to);
 189         return(ret);
 190         }
 191
 192 static int RSAref_Public_ref2eay(from,to)
 193 RSArefPublicKey *from;
 194 RSA *to;
 195         {
 196         to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
 197         to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
 198         if ((to->n == NULL) || (to->e == NULL)) return(0);
 199         return(1);
 200         }
 201 #endif
 202
 203 static int RSAref_Public_eay2ref(from,to)
 204 RSA *from;
 205 RSArefPublicKey *to;
 206         {
 207         to->bits=BN_num_bits(from->n);
 208         if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
 209         if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
 210         return(1);
 211         }
 212
 213 #ifdef undef
 214 static int RSAref_Private_ref2eay(from,to)
 215 RSArefPrivateKey *from;
 216 RSA *to;
 217         {
 218         if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
 219                 return(0);
 220         if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
 221                 return(0);
 222         if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
 223                 return(0);
 224         if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
 225                 return(0);
 226         if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
 227                 return(0);
 228         if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
 229                 == NULL)
 230                 return(0);
 231         if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
 232                 == NULL)
 233                 return(0);
 234         if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
 235                 return(0);
 236         return(1);
 237         }
 238 #endif
 239
 240 static int RSAref_Private_eay2ref(from,to)
 241 RSA *from;
 242 RSArefPrivateKey *to;
 243         {
 244         to->bits=BN_num_bits(from->n);
 245         if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
 246         if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
 247         if (!RSAref_bn2bin(from->d,to->d,RSAref_MAX_LEN)) return(0);
 248         if (!RSAref_bn2bin(from->p,to->prime[0],RSAref_MAX_PLEN)) return(0);
 249         if (!RSAref_bn2bin(from->q,to->prime[1],RSAref_MAX_PLEN)) return(0);
 250         if (!RSAref_bn2bin(from->dmp1,to->pexp[0],RSAref_MAX_PLEN)) return(0);
 251         if (!RSAref_bn2bin(from->dmq1,to->pexp[1],RSAref_MAX_PLEN)) return(0);
 252         if (!RSAref_bn2bin(from->iqmp,to->coef,RSAref_MAX_PLEN)) return(0);
 253         return(1);
 254         }
 255
 256 int RSA_ref_private_decrypt(len,from,to,rsa,padding)
 257 int len;
 258 unsigned char *from,*to;
 259 RSA *rsa;
 260 int padding;
 261         {
 262         int i,outlen= -1;
 263         RSArefPrivateKey RSAkey;
 264
 265         if (!RSAref_Private_eay2ref(rsa,&RSAkey))
 266                 goto err;
 267         if ((i=RSAPrivateDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
 268                 {
 269                 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,i);
 270                 outlen= -1;
 271                 }
 272 err:
 273         memset(&RSAkey,0,sizeof(RSAkey));
 274         return(outlen);
 275         }
 276
 277 int RSA_ref_private_encrypt(len,from,to,rsa,padding)
 278 int len;
 279 unsigned char *from,*to;
 280 RSA *rsa;
 281 int padding;
 282         {
 283         int i,outlen= -1;
 284         RSArefPrivateKey RSAkey;
 285
 286         if (!RSAref_Private_eay2ref(rsa,&RSAkey))
 287                 goto err;
 288         if ((i=RSAPrivateEncrypt(to,&outlen,from,len,&RSAkey)) != 0)
 289                 {
 290                 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,i);
 291                 outlen= -1;
 292                 }
 293 err:
 294         memset(&RSAkey,0,sizeof(RSAkey));
 295         return(outlen);
 296         }
 297
 298 int RSA_ref_public_decrypt(len,from,to,rsa,padding)
 299 int len;
 300 unsigned char *from,*to;
 301 RSA *rsa;
 302 int padding;
 303         {
 304         int i,outlen= -1;
 305         RSArefPublicKey RSAkey;
 306
 307         if (!RSAref_Public_eay2ref(rsa,&RSAkey))
 308                 goto err;
 309         if ((i=RSAPublicDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
 310                 {
 311                 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,i);
 312                 outlen= -1;
 313                 }
 314 err:
 315         memset(&RSAkey,0,sizeof(RSAkey));
 316         return(outlen);
 317         }
 318
 319 int RSA_ref_public_encrypt(len,from,to,rsa,padding)
 320 int len;
 321 unsigned char *from,*to;
 322 RSA *rsa;
 323 int padding;
 324         {
 325         int outlen= -1;
 326         int i;
 327         RSArefPublicKey RSAkey;
 328         RSARandomState rnd;
 329         unsigned char buf[16];
 330
 331         R_RandomInit(&rnd);
 332         R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
 333         while (i > 0)
 334                 {
 335                 RAND_bytes(buf,16);
 336                 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
 337                 i-=16;
 338                 }
 339
 340         if (!RSAref_Public_eay2ref(rsa,&RSAkey))
 341                 goto err;
 342         if ((i=RSAPublicEncrypt(to,&outlen,from,len,&RSAkey,&rnd)) != 0)
 343                 {
 344                 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,i);
 345                 outlen= -1;
 346                 goto err;
 347                 }
 348 err:
 349         memset(&RSAkey,0,sizeof(RSAkey));
 350         R_RandomFinal(&rnd);
 351         memset(&rnd,0,sizeof(rnd));
 352         return(outlen);
 353         }
 354