diff options
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_x931.c')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_x931.c | 122 |
1 files changed, 55 insertions, 67 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_x931.c b/src/lib/libcrypto/rsa/rsa_x931.c index 6592c22ee5..f22c50ba13 100644 --- a/src/lib/libcrypto/rsa/rsa_x931.c +++ b/src/lib/libcrypto/rsa/rsa_x931.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_x931.c,v 1.2 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -63,115 +63,103 @@ | |||
| 63 | #include <openssl/rand.h> | 63 | #include <openssl/rand.h> |
| 64 | #include <openssl/objects.h> | 64 | #include <openssl/objects.h> |
| 65 | 65 | ||
| 66 | int RSA_padding_add_X931(unsigned char *to, int tlen, | 66 | int |
| 67 | const unsigned char *from, int flen) | 67 | RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *from, |
| 68 | { | 68 | int flen) |
| 69 | { | ||
| 69 | int j; | 70 | int j; |
| 70 | unsigned char *p; | 71 | unsigned char *p; |
| 71 | 72 | ||
| 72 | /* Absolute minimum amount of padding is 1 header nibble, 1 padding | 73 | /* |
| 74 | * Absolute minimum amount of padding is 1 header nibble, 1 padding | ||
| 73 | * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. | 75 | * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. |
| 74 | */ | 76 | */ |
| 75 | |||
| 76 | j = tlen - flen - 2; | 77 | j = tlen - flen - 2; |
| 77 | 78 | ||
| 78 | if (j < 0) | 79 | if (j < 0) { |
| 79 | { | 80 | RSAerr(RSA_F_RSA_PADDING_ADD_X931, |
| 80 | RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | 81 | RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); |
| 81 | return -1; | 82 | return -1; |
| 82 | } | 83 | } |
| 83 | 84 | ||
| 84 | p=(unsigned char *)to; | 85 | p = (unsigned char *)to; |
| 85 | 86 | ||
| 86 | /* If no padding start and end nibbles are in one byte */ | 87 | /* If no padding start and end nibbles are in one byte */ |
| 87 | if (j == 0) | 88 | if (j == 0) |
| 88 | *p++ = 0x6A; | 89 | *p++ = 0x6A; |
| 89 | else | 90 | else { |
| 90 | { | ||
| 91 | *p++ = 0x6B; | 91 | *p++ = 0x6B; |
| 92 | if (j > 1) | 92 | if (j > 1) { |
| 93 | { | ||
| 94 | memset(p, 0xBB, j - 1); | 93 | memset(p, 0xBB, j - 1); |
| 95 | p += j - 1; | 94 | p += j - 1; |
| 96 | } | ||
| 97 | *p++ = 0xBA; | ||
| 98 | } | 95 | } |
| 99 | memcpy(p,from,(unsigned int)flen); | 96 | *p++ = 0xBA; |
| 97 | } | ||
| 98 | memcpy(p, from, (unsigned int)flen); | ||
| 100 | p += flen; | 99 | p += flen; |
| 101 | *p = 0xCC; | 100 | *p = 0xCC; |
| 102 | return(1); | 101 | return 1; |
| 103 | } | 102 | } |
| 104 | 103 | ||
| 105 | int RSA_padding_check_X931(unsigned char *to, int tlen, | 104 | int |
| 106 | const unsigned char *from, int flen, int num) | 105 | RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from, |
| 107 | { | 106 | int flen, int num) |
| 108 | int i = 0,j; | 107 | { |
| 109 | const unsigned char *p; | 108 | int i = 0, j; |
| 110 | 109 | const unsigned char *p = from; | |
| 111 | p=from; | 110 | |
| 112 | if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) | 111 | if (num != flen || (*p != 0x6A && *p != 0x6B)) { |
| 113 | { | 112 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_HEADER); |
| 114 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER); | ||
| 115 | return -1; | 113 | return -1; |
| 116 | } | 114 | } |
| 117 | 115 | ||
| 118 | if (*p++ == 0x6B) | 116 | if (*p++ == 0x6B) { |
| 119 | { | 117 | j = flen - 3; |
| 120 | j=flen-3; | 118 | for (i = 0; i < j; i++) { |
| 121 | for (i = 0; i < j; i++) | ||
| 122 | { | ||
| 123 | unsigned char c = *p++; | 119 | unsigned char c = *p++; |
| 124 | if (c == 0xBA) | 120 | if (c == 0xBA) |
| 125 | break; | 121 | break; |
| 126 | if (c != 0xBB) | 122 | if (c != 0xBB) { |
| 127 | { | ||
| 128 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, | 123 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, |
| 129 | RSA_R_INVALID_PADDING); | 124 | RSA_R_INVALID_PADDING); |
| 130 | return -1; | 125 | return -1; |
| 131 | } | ||
| 132 | } | 126 | } |
| 127 | } | ||
| 133 | 128 | ||
| 134 | j -= i; | 129 | if (i == 0) { |
| 135 | |||
| 136 | if (i == 0) | ||
| 137 | { | ||
| 138 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); | 130 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); |
| 139 | return -1; | 131 | return -1; |
| 140 | } | ||
| 141 | |||
| 142 | } | 132 | } |
| 143 | else j = flen - 2; | ||
| 144 | 133 | ||
| 145 | if (p[j] != 0xCC) | 134 | j -= i; |
| 146 | { | 135 | } else |
| 136 | j = flen - 2; | ||
| 137 | |||
| 138 | if (p[j] != 0xCC) { | ||
| 147 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); | 139 | RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); |
| 148 | return -1; | 140 | return -1; |
| 149 | } | 141 | } |
| 150 | 142 | ||
| 151 | memcpy(to,p,(unsigned int)j); | 143 | memcpy(to, p, (unsigned int)j); |
| 152 | 144 | ||
| 153 | return(j); | 145 | return j; |
| 154 | } | 146 | } |
| 155 | 147 | ||
| 156 | /* Translate between X931 hash ids and NIDs */ | 148 | /* Translate between X931 hash ids and NIDs */ |
| 157 | 149 | ||
| 158 | int RSA_X931_hash_id(int nid) | 150 | int |
| 159 | { | 151 | RSA_X931_hash_id(int nid) |
| 160 | switch (nid) | 152 | { |
| 161 | { | 153 | switch (nid) { |
| 162 | case NID_sha1: | 154 | case NID_sha1: |
| 163 | return 0x33; | 155 | return 0x33; |
| 164 | 156 | case NID_sha256: | |
| 165 | case NID_sha256: | ||
| 166 | return 0x34; | 157 | return 0x34; |
| 167 | 158 | case NID_sha384: | |
| 168 | case NID_sha384: | ||
| 169 | return 0x36; | 159 | return 0x36; |
| 170 | 160 | case NID_sha512: | |
| 171 | case NID_sha512: | ||
| 172 | return 0x35; | 161 | return 0x35; |
| 173 | |||
| 174 | } | ||
| 175 | return -1; | ||
| 176 | } | 162 | } |
| 177 | 163 | ||
| 164 | return -1; | ||
| 165 | } | ||