summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/rsa/rsa.h324
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c274
-rw-r--r--src/lib/libcrypto/rsa/rsa_err.c129
-rw-r--r--src/lib/libcrypto/rsa/rsa_gen.c101
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c294
-rw-r--r--src/lib/libcrypto/rsa/rsa_none.c109
-rw-r--r--src/lib/libcrypto/rsa/rsa_pk1.c233
-rw-r--r--src/lib/libcrypto/rsa/rsa_saos.c153
-rw-r--r--src/lib/libcrypto/rsa/rsa_sign.c196
-rw-r--r--src/lib/libcrypto/rsa/rsa_ssl.c153
10 files changed, 1966 insertions, 0 deletions
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
new file mode 100644
index 0000000000..aeb78ffcd3
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -0,0 +1,324 @@
1/* crypto/rsa/rsa.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_RSA_H
60#define HEADER_RSA_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#include "bn.h"
67#include "crypto.h"
68
69typedef struct rsa_meth_st
70 {
71 char *name;
72 int (*rsa_pub_enc)();
73 int (*rsa_pub_dec)();
74 int (*rsa_priv_enc)();
75 int (*rsa_priv_dec)();
76 int (*rsa_mod_exp)(); /* Can be null */
77 int (*bn_mod_exp)(); /* Can be null */
78 int (*init)(/* RSA * */); /* called at new */
79 int (*finish)(/* RSA * */); /* called at free */
80
81 int flags; /* RSA_METHOD_FLAG_* things */
82 char *app_data; /* may be needed! */
83 } RSA_METHOD;
84
85typedef struct rsa_st
86 {
87 /* The first parameter is used to pickup errors where
88 * this is passed instead of aEVP_PKEY, it is set to 0 */
89 int pad;
90 int version;
91 RSA_METHOD *meth;
92 BIGNUM *n;
93 BIGNUM *e;
94 BIGNUM *d;
95 BIGNUM *p;
96 BIGNUM *q;
97 BIGNUM *dmp1;
98 BIGNUM *dmq1;
99 BIGNUM *iqmp;
100 /* be carefull using this if the RSA structure is shared */
101 CRYPTO_EX_DATA ex_data;
102 int references;
103 int flags;
104
105 /* Normally used to cached montgomery values */
106 char *method_mod_n;
107 char *method_mod_p;
108 char *method_mod_q;
109
110 BN_BLINDING *blinding;
111 } RSA;
112
113#define RSA_3 0x3L
114#define RSA_F4 0x10001L
115
116#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */
117#define RSA_FLAG_CACHE_PUBLIC 0x02
118#define RSA_FLAG_CACHE_PRIVATE 0x04
119#define RSA_FLAG_BLINDING 0x08
120#define RSA_FLAG_THREAD_SAFE 0x10
121
122#define RSA_PKCS1_PADDING 1
123#define RSA_SSLV23_PADDING 2
124#define RSA_NO_PADDING 3
125
126#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,(char *)arg)
127#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
128
129#ifndef NOPROTO
130RSA * RSA_new(void);
131RSA * RSA_new_method(RSA_METHOD *method);
132int RSA_size(RSA *);
133RSA * RSA_generate_key(int bits, unsigned long e,void
134 (*callback)(int,int,char *),char *cb_arg);
135 /* next 4 return -1 on error */
136int RSA_public_encrypt(int flen, unsigned char *from,
137 unsigned char *to, RSA *rsa,int padding);
138int RSA_private_encrypt(int flen, unsigned char *from,
139 unsigned char *to, RSA *rsa,int padding);
140int RSA_public_decrypt(int flen, unsigned char *from,
141 unsigned char *to, RSA *rsa,int padding);
142int RSA_private_decrypt(int flen, unsigned char *from,
143 unsigned char *to, RSA *rsa,int padding);
144void RSA_free (RSA *r);
145
146int RSA_flags(RSA *r);
147
148void RSA_set_default_method(RSA_METHOD *meth);
149
150/* If you have RSAref compiled in. */
151RSA_METHOD *RSA_PKCS1_RSAref(void);
152
153/* these are the actual SSLeay RSA functions */
154RSA_METHOD *RSA_PKCS1_SSLeay(void);
155
156void ERR_load_RSA_strings(void );
157
158RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
159int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
160RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
161int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
162#ifndef NO_FP_API
163int RSA_print_fp(FILE *fp, RSA *r,int offset);
164#endif
165
166#ifdef HEADER_BIO_H
167int RSA_print(BIO *bp, RSA *r,int offset);
168#endif
169
170int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
171RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
172/* Naughty internal function required elsewhere, to handle a MS structure
173 * that is the same as the netscape one :-) */
174RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
175
176/* The following 2 functions sign and verify a X509_SIG ASN1 object
177 * inside PKCS#1 padded RSA encryption */
178int RSA_sign(int type, unsigned char *m, unsigned int m_len,
179 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
180int RSA_verify(int type, unsigned char *m, unsigned int m_len,
181 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
182
183/* The following 2 function sign and verify a ASN1_OCTET_STRING
184 * object inside PKCS#1 padded RSA encryption */
185int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
186 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
187int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
188 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
189
190int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
191void RSA_blinding_off(RSA *rsa);
192
193int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
194 unsigned char *f,int fl);
195int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
196 unsigned char *f,int fl);
197int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
198 unsigned char *f,int fl);
199int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
200 unsigned char *f,int fl);
201int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
202 unsigned char *f,int fl);
203int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
204 unsigned char *f,int fl);
205int RSA_padding_add_none(unsigned char *to,int tlen,
206 unsigned char *f,int fl);
207int RSA_padding_check_none(unsigned char *to,int tlen,
208 unsigned char *f,int fl);
209
210int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
211 int (*dup_func)(), void (*free_func)());
212int RSA_set_ex_data(RSA *r,int idx,char *arg);
213char *RSA_get_ex_data(RSA *r, int idx);
214
215#else
216
217RSA * RSA_new();
218RSA * RSA_new_method();
219int RSA_size();
220RSA * RSA_generate_key();
221int RSA_public_encrypt();
222int RSA_private_encrypt();
223int RSA_public_decrypt();
224int RSA_private_decrypt();
225void RSA_free ();
226
227int RSA_flags();
228
229void RSA_set_default_method();
230
231/* RSA_METHOD *RSA_PKCS1_RSAref(); */
232RSA_METHOD *RSA_PKCS1_SSLeay();
233
234void ERR_load_RSA_strings();
235
236RSA * d2i_RSAPublicKey();
237int i2d_RSAPublicKey();
238RSA * d2i_RSAPrivateKey();
239int i2d_RSAPrivateKey();
240#ifndef NO_FP_API
241int RSA_print_fp();
242#endif
243
244int RSA_print();
245
246int i2d_Netscape_RSA();
247RSA *d2i_Netscape_RSA();
248RSA *d2i_Netscape_RSA_2();
249
250int RSA_sign();
251int RSA_verify();
252
253int RSA_sign_ASN1_OCTET_STRING();
254int RSA_verify_ASN1_OCTET_STRING();
255int RSA_blinding_on();
256void RSA_blinding_off();
257
258int RSA_padding_add_PKCS1_type_1();
259int RSA_padding_check_PKCS1_type_1();
260int RSA_padding_add_PKCS1_type_2();
261int RSA_padding_check_PKCS1_type_2();
262int RSA_padding_add_SSLv23();
263int RSA_padding_check_SSLv23();
264int RSA_padding_add_none();
265int RSA_padding_check_none();
266
267int RSA_get_ex_new_index();
268int RSA_set_ex_data();
269char *RSA_get_ex_data();
270
271#endif
272
273/* BEGIN ERROR CODES */
274/* Error codes for the RSA functions. */
275
276/* Function codes. */
277#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100
278#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101
279#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102
280#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103
281#define RSA_F_RSA_GENERATE_KEY 104
282#define RSA_F_RSA_NEW_METHOD 105
283#define RSA_F_RSA_PADDING_ADD_NONE 106
284#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 107
285#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 108
286#define RSA_F_RSA_PADDING_ADD_SSLV23 109
287#define RSA_F_RSA_PADDING_CHECK_NONE 110
288#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 111
289#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 112
290#define RSA_F_RSA_PADDING_CHECK_SSLV23 113
291#define RSA_F_RSA_PRINT 114
292#define RSA_F_RSA_PRINT_FP 115
293#define RSA_F_RSA_SIGN 116
294#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 117
295#define RSA_F_RSA_VERIFY 118
296#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 119
297
298/* Reason codes. */
299#define RSA_R_ALGORITHM_MISMATCH 100
300#define RSA_R_BAD_E_VALUE 101
301#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
302#define RSA_R_BAD_PAD_BYTE_COUNT 103
303#define RSA_R_BAD_SIGNATURE 104
304#define RSA_R_BAD_ZERO_BYTE 105
305#define RSA_R_BLOCK_TYPE_IS_NOT_01 106
306#define RSA_R_BLOCK_TYPE_IS_NOT_02 107
307#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
308#define RSA_R_DATA_TOO_LARGE 109
309#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
310#define RSA_R_DATA_TOO_SMALL 111
311#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
312#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
313#define RSA_R_PADDING_CHECK_FAILED 114
314#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
315#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
316#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
317#define RSA_R_UNKNOWN_PADDING_TYPE 118
318#define RSA_R_WRONG_SIGNATURE_LENGTH 119
319
320#ifdef __cplusplus
321}
322#endif
323#endif
324
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
new file mode 100644
index 0000000000..42a77f11cd
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -0,0 +1,274 @@
1
2/* This file has been explicitly broken by ryker for OpenBSD, July
3 * 1, 1998. In spite of the title, there is no implementation of the
4 * RSA algorithm left in this file. All these routines will return an
5 * error and fail when called. They exist as stubs and can be
6 * ressurected from the bit bucket by someone in the free world once
7 * the RSA algorithm is no longer subject to patent problems. Eric
8 * Young's original copyright is below.
9 */
10
11/* crypto/rsa/rsa_eay.c */
12/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
13 * All rights reserved.
14 *
15 * This package is an SSL implementation written
16 * by Eric Young (eay@cryptsoft.com).
17 * The implementation was written so as to conform with Netscapes SSL.
18 *
19 * This library is free for commercial and non-commercial use as long as
20 * the following conditions are aheared to. The following conditions
21 * apply to all code found in this distribution, be it the RC4, RSA,
22 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
23 * included with this distribution is covered by the same copyright terms
24 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
25 *
26 * Copyright remains Eric Young's, and as such any Copyright notices in
27 * the code are not to be removed.
28 * If this package is used in a product, Eric Young should be given attribution
29 * as the author of the parts of the library used.
30 * This can be in the form of a textual message at program startup or
31 * in documentation (online or textual) provided with the package.
32 *
33 * Redistribution and use in source and binary forms, with or without
34 * modification, are permitted provided that the following conditions
35 * are met:
36 * 1. Redistributions of source code must retain the copyright
37 * notice, this list of conditions and the following disclaimer.
38 * 2. Redistributions in binary form must reproduce the above copyright
39 * notice, this list of conditions and the following disclaimer in the
40 * documentation and/or other materials provided with the distribution.
41 * 3. All advertising materials mentioning features or use of this software
42 * must display the following acknowledgement:
43 * "This product includes cryptographic software written by
44 * Eric Young (eay@cryptsoft.com)"
45 * The word 'cryptographic' can be left out if the rouines from the library
46 * being used are not cryptographic related :-).
47 * 4. If you include any Windows specific code (or a derivative thereof) from
48 * the apps directory (application code) you must include an acknowledgement:
49 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
50 *
51 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 * SUCH DAMAGE.
62 *
63 * The licence and distribution terms for any publically available version or
64 * derivative of this code cannot be changed. i.e. this code cannot simply be
65 * copied and put under another distribution licence
66 * [including the GNU Public Licence.]
67 */
68
69#include <stdio.h>
70#include "cryptlib.h"
71#include "bn.h"
72#include "rsa.h"
73#include "rand.h"
74
75#ifndef NOPROTO
76static int RSA_eay_public_encrypt(int flen, unsigned char *from,
77 unsigned char *to, RSA *rsa,int padding);
78static int RSA_eay_private_encrypt(int flen, unsigned char *from,
79 unsigned char *to, RSA *rsa,int padding);
80static int RSA_eay_public_decrypt(int flen, unsigned char *from,
81 unsigned char *to, RSA *rsa,int padding);
82static int RSA_eay_private_decrypt(int flen, unsigned char *from,
83 unsigned char *to, RSA *rsa,int padding);
84static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
85static int RSA_eay_init(RSA *rsa);
86static int RSA_eay_finish(RSA *rsa);
87#else
88static int RSA_eay_public_encrypt();
89static int RSA_eay_private_encrypt();
90static int RSA_eay_public_decrypt();
91static int RSA_eay_private_decrypt();
92static int RSA_eay_mod_exp();
93static int RSA_eay_init();
94static int RSA_eay_finish();
95#endif
96
97static RSA_METHOD rsa_pkcs1_eay_meth={
98 "Eric Young's PKCS#1 RSA",
99 RSA_eay_public_encrypt,
100 RSA_eay_public_decrypt,
101 RSA_eay_private_encrypt,
102 RSA_eay_private_decrypt,
103 RSA_eay_mod_exp,
104 BN_mod_exp_mont,
105 RSA_eay_init,
106 RSA_eay_finish,
107 0,
108 NULL,
109 };
110
111RSA_METHOD *RSA_PKCS1_SSLeay()
112 {
113 return(&rsa_pkcs1_eay_meth);
114 }
115
116static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
117int flen;
118unsigned char *from;
119unsigned char *to;
120RSA *rsa;
121int padding;
122 {
123 BIGNUM *f=NULL,*ret=NULL;
124 int i,j,k,num=0,r= -1;
125 unsigned char *buf=NULL;
126 BN_CTX *ctx=NULL;
127
128 /* Body of this routine removed for OpenBSD - will return
129 * when the RSA patent expires
130 */
131
132err:
133 if (ctx != NULL) BN_CTX_free(ctx);
134 if (f != NULL) BN_free(f);
135 if (ret != NULL) BN_free(ret);
136 if (buf != NULL)
137 {
138 memset(buf,0,num);
139 Free(buf);
140 }
141 return(r);
142 }
143
144static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
145int flen;
146unsigned char *from;
147unsigned char *to;
148RSA *rsa;
149int padding;
150 {
151 BIGNUM *f=NULL,*ret=NULL;
152 int i,j,k,num=0,r= -1;
153 unsigned char *buf=NULL;
154 BN_CTX *ctx=NULL;
155
156 /* Body of this routine removed for OpenBSD - will return
157 * when the RSA patent expires
158 */
159
160err:
161 if (ctx != NULL) BN_CTX_free(ctx);
162 if (ret != NULL) BN_free(ret);
163 if (f != NULL) BN_free(f);
164 if (buf != NULL)
165 {
166 memset(buf,0,num);
167 Free(buf);
168 }
169 return(r);
170 }
171
172static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
173int flen;
174unsigned char *from;
175unsigned char *to;
176RSA *rsa;
177int padding;
178 {
179 BIGNUM *f=NULL,*ret=NULL;
180 int j,num=0,r= -1;
181 unsigned char *p;
182 unsigned char *buf=NULL;
183 BN_CTX *ctx=NULL;
184
185 /* Body of this routine removed for OpenBSD - will return
186 * when the RSA patent expires
187 */
188
189err:
190 if (ctx != NULL) BN_CTX_free(ctx);
191 if (f != NULL) BN_free(f);
192 if (ret != NULL) BN_free(ret);
193 if (buf != NULL)
194 {
195 memset(buf,0,num);
196 Free(buf);
197 }
198 return(r);
199 }
200
201static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
202int flen;
203unsigned char *from;
204unsigned char *to;
205RSA *rsa;
206int padding;
207 {
208 BIGNUM *f=NULL,*ret=NULL;
209 int i,num=0,r= -1;
210 unsigned char *p;
211 unsigned char *buf=NULL;
212 BN_CTX *ctx=NULL;
213
214
215 /* Body of this routine removed for OpenBSD - will return
216 * when the RSA patent expires
217 */
218
219err:
220 if (ctx != NULL) BN_CTX_free(ctx);
221 if (f != NULL) BN_free(f);
222 if (ret != NULL) BN_free(ret);
223 if (buf != NULL)
224 {
225 memset(buf,0,num);
226 Free(buf);
227 }
228 return(r);
229 }
230
231static int RSA_eay_mod_exp(r0, I, rsa)
232BIGNUM *r0;
233BIGNUM *I;
234RSA *rsa;
235 {
236 BIGNUM *r1=NULL,*m1=NULL;
237 int ret=0;
238 BN_CTX *ctx;
239
240 if ((ctx=BN_CTX_new()) == NULL) goto err;
241 m1=BN_new();
242 r1=BN_new();
243 if ((m1 == NULL) || (r1 == NULL)) goto err;
244
245 /* Body of this routine removed for OpenBSD - will return
246 * when the RSA patent expires
247 */
248err:
249 if (m1 != NULL) BN_free(m1);
250 if (r1 != NULL) BN_free(r1);
251 BN_CTX_free(ctx);
252 return(ret);
253 }
254
255static int RSA_eay_init(rsa)
256RSA *rsa;
257 {
258 rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
259 return(1);
260 }
261
262static int RSA_eay_finish(rsa)
263RSA *rsa;
264 {
265 if (rsa->method_mod_n != NULL)
266 BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_n);
267 if (rsa->method_mod_p != NULL)
268 BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_p);
269 if (rsa->method_mod_q != NULL)
270 BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_q);
271 return(1);
272 }
273
274
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c
new file mode 100644
index 0000000000..796b3afd47
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_err.c
@@ -0,0 +1,129 @@
1/* lib/rsa/rsa_err.c */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#include <stdio.h>
59#include "err.h"
60#include "rsa.h"
61
62/* BEGIN ERROR CODES */
63#ifndef NO_ERR
64static ERR_STRING_DATA RSA_str_functs[]=
65 {
66{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
67{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
68{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
69{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
70{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
71{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
72{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"},
73{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"},
74{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"},
75{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"},
76{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"},
77{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"},
78{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"},
79{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"},
80{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
81{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"},
82{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"},
83{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"},
84{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"},
85{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"},
86{0,NULL},
87 };
88
89static ERR_STRING_DATA RSA_str_reasons[]=
90 {
91{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"},
92{RSA_R_BAD_E_VALUE ,"bad e value"},
93{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"},
94{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"},
95{RSA_R_BAD_SIGNATURE ,"bad signature"},
96{RSA_R_BAD_ZERO_BYTE ,"bad zero byte"},
97{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"},
98{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"},
99{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
100{RSA_R_DATA_TOO_LARGE ,"data too large"},
101{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
102{RSA_R_DATA_TOO_SMALL ,"data too small"},
103{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
104{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
105{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
106{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
107{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
108{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
109{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"},
110{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
111{0,NULL},
112 };
113
114#endif
115
116void ERR_load_RSA_strings()
117 {
118 static int init=1;
119
120 if (init);
121 {;
122 init=0;
123#ifndef NO_ERR
124 ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
125 ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
126#endif
127
128 }
129 }
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
new file mode 100644
index 0000000000..4cbd373829
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_gen.c
@@ -0,0 +1,101 @@
1/* crypto/rsa/rsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <time.h>
61#include "cryptlib.h"
62#include "bn.h"
63#include "rsa.h"
64
65RSA *RSA_generate_key(bits, e_value, callback,cb_arg)
66int bits;
67unsigned long e_value;
68void (*callback)(P_I_I_P);
69char *cb_arg;
70 {
71 RSA *rsa=NULL;
72 BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
73 int bitsp,bitsq,ok= -1,n=0;
74 BN_CTX *ctx=NULL,*ctx2=NULL;
75
76 ctx=BN_CTX_new();
77 if (ctx == NULL) goto err;
78 ctx2=BN_CTX_new();
79 if (ctx2 == NULL) goto err;
80
81 /* Body of this routine removed for OpenBSD - will return
82 * when the RSA patent expires
83 */
84err:
85 if (ok == -1)
86 {
87 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
88 ok=0;
89 }
90 BN_CTX_free(ctx);
91 BN_CTX_free(ctx2);
92
93 if (!ok)
94 {
95 if (rsa != NULL) RSA_free(rsa);
96 return(NULL);
97 }
98 else
99 return(rsa);
100 }
101
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
new file mode 100644
index 0000000000..95a56f8a28
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -0,0 +1,294 @@
1/* crypto/rsa/rsa_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "crypto.h"
61#include "cryptlib.h"
62#include "lhash.h"
63#include "bn.h"
64#include "rsa.h"
65
66char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998";
67
68static RSA_METHOD *default_RSA_meth=NULL;
69static int rsa_meth_num=0;
70static STACK *rsa_meth=NULL;
71
72RSA *RSA_new()
73 {
74 return(RSA_new_method(NULL));
75 }
76
77void RSA_set_default_method(meth)
78RSA_METHOD *meth;
79 {
80 default_RSA_meth=meth;
81 }
82
83RSA *RSA_new_method(meth)
84RSA_METHOD *meth;
85 {
86 RSA *ret;
87
88 if (default_RSA_meth == NULL)
89 {
90#ifdef RSAref
91 default_RSA_meth=RSA_PKCS1_RSAref();
92#else
93 default_RSA_meth=RSA_PKCS1_SSLeay();
94#endif
95 }
96 ret=(RSA *)Malloc(sizeof(RSA));
97 if (ret == NULL)
98 {
99 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
100 return(NULL);
101 }
102
103 if (meth == NULL)
104 ret->meth=default_RSA_meth;
105 else
106 ret->meth=meth;
107
108 ret->pad=0;
109 ret->version=0;
110 ret->n=NULL;
111 ret->e=NULL;
112 ret->d=NULL;
113 ret->p=NULL;
114 ret->q=NULL;
115 ret->dmp1=NULL;
116 ret->dmq1=NULL;
117 ret->iqmp=NULL;
118 ret->references=1;
119 ret->method_mod_n=NULL;
120 ret->method_mod_p=NULL;
121 ret->method_mod_q=NULL;
122 ret->blinding=NULL;
123 ret->flags=ret->meth->flags;
124 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
125 {
126 Free(ret);
127 ret=NULL;
128 }
129 CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
130 return(ret);
131 }
132
133void RSA_free(r)
134RSA *r;
135 {
136 int i;
137
138 if (r == NULL) return;
139
140 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
141#ifdef REF_PRINT
142 REF_PRINT("RSA",r);
143#endif
144 if (i > 0) return;
145#ifdef REF_CHECK
146 if (i < 0)
147 {
148 fprintf(stderr,"RSA_free, bad reference count\n");
149 abort();
150 }
151#endif
152
153 CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data);
154
155 if (r->meth->finish != NULL)
156 r->meth->finish(r);
157
158 if (r->n != NULL) BN_clear_free(r->n);
159 if (r->e != NULL) BN_clear_free(r->e);
160 if (r->d != NULL) BN_clear_free(r->d);
161 if (r->p != NULL) BN_clear_free(r->p);
162 if (r->q != NULL) BN_clear_free(r->q);
163 if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
164 if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
165 if (r->iqmp != NULL) BN_clear_free(r->iqmp);
166 if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
167 Free(r);
168 }
169
170int RSA_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
171long argl;
172char *argp;
173int (*new_func)();
174int (*dup_func)();
175void (*free_func)();
176 {
177 rsa_meth_num++;
178 return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
179 &rsa_meth,argl,argp,new_func,dup_func,free_func));
180 }
181
182int RSA_set_ex_data(r,idx,arg)
183RSA *r;
184int idx;
185char *arg;
186 {
187 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
188 }
189
190char *RSA_get_ex_data(r,idx)
191RSA *r;
192int idx;
193 {
194 return(CRYPTO_get_ex_data(&r->ex_data,idx));
195 }
196
197int RSA_size(r)
198RSA *r;
199 {
200 return(BN_num_bytes(r->n));
201 }
202
203int RSA_public_encrypt(flen, from, to, rsa, padding)
204int flen;
205unsigned char *from;
206unsigned char *to;
207RSA *rsa;
208int padding;
209 {
210 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
211 }
212
213int RSA_private_encrypt(flen, from, to, rsa, padding)
214int flen;
215unsigned char *from;
216unsigned char *to;
217RSA *rsa;
218int padding;
219 {
220 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
221 }
222
223int RSA_private_decrypt(flen, from, to, rsa, padding)
224int flen;
225unsigned char *from;
226unsigned char *to;
227RSA *rsa;
228int padding;
229 {
230 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
231 }
232
233int RSA_public_decrypt(flen, from, to, rsa, padding)
234int flen;
235unsigned char *from;
236unsigned char *to;
237RSA *rsa;
238int padding;
239 {
240 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
241 }
242
243int RSA_flags(r)
244RSA *r;
245 {
246 return((r == NULL)?0:r->meth->flags);
247 }
248
249void RSA_blinding_off(rsa)
250RSA *rsa;
251 {
252 if (rsa->blinding != NULL)
253 {
254 BN_BLINDING_free(rsa->blinding);
255 rsa->blinding=NULL;
256 }
257 rsa->flags&= ~RSA_FLAG_BLINDING;
258 }
259
260int RSA_blinding_on(rsa,p_ctx)
261RSA *rsa;
262BN_CTX *p_ctx;
263 {
264 BIGNUM *A,*Ai;
265 BN_CTX *ctx;
266 int ret=0;
267
268 if (p_ctx == NULL)
269 {
270 if ((ctx=BN_CTX_new()) == NULL) goto err;
271 }
272 else
273 ctx=p_ctx;
274
275 if (rsa->blinding != NULL)
276 BN_BLINDING_free(rsa->blinding);
277
278 A=ctx->bn[0];
279 ctx->tos++;
280 if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
281 if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err;
282
283 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,
284 (char *)rsa->method_mod_n)) goto err;
285 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
286 ctx->tos--;
287 rsa->flags|=RSA_FLAG_BLINDING;
288 BN_free(Ai);
289 ret=1;
290err:
291 if (ctx != p_ctx) BN_CTX_free(ctx);
292 return(ret);
293 }
294
diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c
new file mode 100644
index 0000000000..f0dd943657
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_none.c
@@ -0,0 +1,109 @@
1/* crypto/rsa/rsa_none.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn.h"
62#include "rsa.h"
63#include "rand.h"
64
65int RSA_padding_add_none(to,tlen,from,flen)
66unsigned char *to;
67int tlen;
68unsigned char *from;
69int flen;
70 {
71 if (flen >= tlen)
72 {
73 RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
74 return(0);
75 }
76
77 *(to++)=0;
78 memcpy(to,from,(unsigned int)flen);
79 return(1);
80 }
81
82int RSA_padding_check_none(to,tlen,from,flen)
83unsigned char *to;
84int tlen;
85unsigned char *from;
86int flen;
87 {
88 int j;
89
90 from++;
91 if (flen+1 > tlen)
92 {
93 RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
94 return(-1);
95 }
96 if (*(from++) != 0)
97 {
98 RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_BAD_ZERO_BYTE);
99 return(-1);
100 }
101
102 /* scan over padding data */
103 j=flen-1; /* one for type and one for the prepended 0. */
104 memset(to,0,tlen-j);
105 to+=(tlen-j);
106 memcpy(to,from,j);
107 return(j);
108 }
109
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c
new file mode 100644
index 0000000000..2791291b94
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_pk1.c
@@ -0,0 +1,233 @@
1/* crypto/rsa/rsa_pk1.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn.h"
62#include "rsa.h"
63#include "rand.h"
64
65#ifndef NOPROTO
66int RSA_padding_add_PKCS1_type_1();
67int RSA_padding_check_PKCS1_type_1();
68int RSA_padding_add_PKCS1_type_2();
69int RSA_padding_check_PKCS1_type_2();
70int RSA_padding_add_SSLv23();
71int RSA_padding_check_SSLv23();
72int RSA_padding_add_none();
73int RSA_padding_check_none();
74
75#endif
76
77int RSA_padding_add_PKCS1_type_1(to,tlen,from,flen)
78unsigned char *to;
79int tlen;
80unsigned char *from;
81int flen;
82 {
83 int j;
84 unsigned char *p;
85
86 if (flen > (tlen-11))
87 {
88 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
89 return(0);
90 }
91
92 p=(unsigned char *)to;
93
94 *(p++)=0;
95 *(p++)=1; /* Private Key BT (Block Type) */
96
97 /* padd out with 0xff data */
98 j=tlen-3-flen;
99 memset(p,0xff,j);
100 p+=j;
101 *(p++)='\0';
102 memcpy(p,from,(unsigned int)flen);
103 return(1);
104 }
105
106int RSA_padding_check_PKCS1_type_1(to,tlen,from,flen)
107unsigned char *to;
108int tlen;
109unsigned char *from;
110int flen;
111 {
112 int i,j;
113 unsigned char *p;
114
115 p=from;
116 if (*(p++) != 01)
117 {
118 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
119 return(-1);
120 }
121
122 /* scan over padding data */
123 j=flen-1; /* one for type. */
124 for (i=0; i<j; i++)
125 {
126 if (*p != 0xff) /* should decrypt to 0xff */
127 {
128 if (*p == 0)
129 { p++; break; }
130 else {
131 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
132 return(-1);
133 }
134 }
135 p++;
136 }
137
138 if (i == j)
139 {
140 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
141 return(-1);
142 }
143
144 if (i < 8)
145 {
146 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
147 return(-1);
148 }
149 i++; /* Skip over the '\0' */
150 j-=i;
151 memcpy(to,p,(unsigned int)j);
152
153 return(j);
154 }
155
156int RSA_padding_add_PKCS1_type_2(to,tlen,from,flen)
157unsigned char *to;
158int tlen;
159unsigned char *from;
160int flen;
161 {
162 int i,j;
163 unsigned char *p;
164
165 if (flen > (tlen-11))
166 {
167 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
168 return(0);
169 }
170
171 p=(unsigned char *)to;
172
173 *(p++)=0;
174 *(p++)=2; /* Public Key BT (Block Type) */
175
176 /* pad out with non-zero random data */
177 j=tlen-3-flen;
178
179 RAND_bytes(p,j);
180 for (i=0; i<j; i++)
181 {
182 if (*p == '\0')
183 do {
184 RAND_bytes(p,1);
185 } while (*p == '\0');
186 p++;
187 }
188
189 *(p++)='\0';
190
191 memcpy(p,from,(unsigned int)flen);
192 return(1);
193 }
194
195int RSA_padding_check_PKCS1_type_2(to,tlen,from,flen)
196unsigned char *to;
197int tlen;
198unsigned char *from;
199int flen;
200 {
201 int i,j;
202 unsigned char *p;
203
204 p=from;
205 if (*(p++) != 02)
206 {
207 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
208 return(-1);
209 }
210
211 /* scan over padding data */
212 j=flen-1; /* one for type. */
213 for (i=0; i<j; i++)
214 if (*(p++) == 0) break;
215
216 if (i == j)
217 {
218 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
219 return(-1);
220 }
221
222 if (i < 8)
223 {
224 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
225 return(-1);
226 }
227 i++; /* Skip over the '\0' */
228 j-=i;
229 memcpy(to,p,(unsigned int)j);
230
231 return(j);
232 }
233
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
new file mode 100644
index 0000000000..fb0fae5a43
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_saos.c
@@ -0,0 +1,153 @@
1/* crypto/rsa/rsa_saos.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn.h"
62#include "rsa.h"
63#include "objects.h"
64#include "x509.h"
65
66int RSA_sign_ASN1_OCTET_STRING(type,m,m_len,sigret,siglen,rsa)
67int type;
68unsigned char *m;
69unsigned int m_len;
70unsigned char *sigret;
71unsigned int *siglen;
72RSA *rsa;
73 {
74 ASN1_OCTET_STRING sig;
75 int i,j,ret=1;
76 unsigned char *p,*s;
77
78 sig.type=V_ASN1_OCTET_STRING;
79 sig.length=m_len;
80 sig.data=m;
81
82 i=i2d_ASN1_OCTET_STRING(&sig,NULL);
83 j=RSA_size(rsa);
84 if ((i-RSA_PKCS1_PADDING) > j)
85 {
86 RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
87 return(0);
88 }
89 s=(unsigned char *)Malloc((unsigned int)j+1);
90 if (s == NULL)
91 {
92 RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
93 return(0);
94 }
95 p=s;
96 i2d_ASN1_OCTET_STRING(&sig,&p);
97 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
98 if (i <= 0)
99 ret=0;
100 else
101 *siglen=i;
102
103 memset(s,0,(unsigned int)j+1);
104 Free(s);
105 return(ret);
106 }
107
108int RSA_verify_ASN1_OCTET_STRING(dtype, m, m_len, sigbuf, siglen, rsa)
109int dtype;
110unsigned char *m;
111unsigned int m_len;
112unsigned char *sigbuf;
113unsigned int siglen;
114RSA *rsa;
115 {
116 int i,ret=0;
117 unsigned char *p,*s;
118 ASN1_OCTET_STRING *sig=NULL;
119
120 if (siglen != (unsigned int)RSA_size(rsa))
121 {
122 RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
123 return(0);
124 }
125
126 s=(unsigned char *)Malloc((unsigned int)siglen);
127 if (s == NULL)
128 {
129 RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
130 goto err;
131 }
132 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
133
134 if (i <= 0) goto err;
135
136 p=s;
137 sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
138 if (sig == NULL) goto err;
139
140 if ( ((unsigned int)sig->length != m_len) ||
141 (memcmp(m,sig->data,m_len) != 0))
142 {
143 RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
144 }
145 else
146 ret=1;
147err:
148 if (sig != NULL) ASN1_OCTET_STRING_free(sig);
149 memset(s,0,(unsigned int)siglen);
150 Free(s);
151 return(ret);
152 }
153
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
new file mode 100644
index 0000000000..28c5571e74
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -0,0 +1,196 @@
1/* crypto/rsa/rsa_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn.h"
62#include "rsa.h"
63#include "objects.h"
64#include "x509.h"
65
66int RSA_sign(type,m,m_len,sigret,siglen,rsa)
67int type;
68unsigned char *m;
69unsigned int m_len;
70unsigned char *sigret;
71unsigned int *siglen;
72RSA *rsa;
73 {
74 X509_SIG sig;
75 ASN1_TYPE parameter;
76 int i,j,ret=1;
77 unsigned char *p,*s;
78 X509_ALGOR algor;
79 ASN1_OCTET_STRING digest;
80
81 sig.algor= &algor;
82 sig.algor->algorithm=OBJ_nid2obj(type);
83 if (sig.algor->algorithm == NULL)
84 {
85 RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
86 return(0);
87 }
88 if (sig.algor->algorithm->length == 0)
89 {
90 RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
91 return(0);
92 }
93 parameter.type=V_ASN1_NULL;
94 parameter.value.ptr=NULL;
95 sig.algor->parameter= &parameter;
96
97 sig.digest= &digest;
98 sig.digest->data=m;
99 sig.digest->length=m_len;
100
101 i=i2d_X509_SIG(&sig,NULL);
102 j=RSA_size(rsa);
103 if ((i-RSA_PKCS1_PADDING) > j)
104 {
105 RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
106 return(0);
107 }
108 s=(unsigned char *)Malloc((unsigned int)j+1);
109 if (s == NULL)
110 {
111 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
112 return(0);
113 }
114 p=s;
115 i2d_X509_SIG(&sig,&p);
116 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
117 if (i <= 0)
118 ret=0;
119 else
120 *siglen=i;
121
122 memset(s,0,(unsigned int)j+1);
123 Free(s);
124 return(ret);
125 }
126
127int RSA_verify(dtype, m, m_len, sigbuf, siglen, rsa)
128int dtype;
129unsigned char *m;
130unsigned int m_len;
131unsigned char *sigbuf;
132unsigned int siglen;
133RSA *rsa;
134 {
135 int i,ret=0,sigtype;
136 unsigned char *p,*s;
137 X509_SIG *sig=NULL;
138
139 if (siglen != (unsigned int)RSA_size(rsa))
140 {
141 RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
142 return(0);
143 }
144
145 s=(unsigned char *)Malloc((unsigned int)siglen);
146 if (s == NULL)
147 {
148 RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
149 goto err;
150 }
151 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
152
153 if (i <= 0) goto err;
154
155 p=s;
156 sig=d2i_X509_SIG(NULL,&p,(long)i);
157 if (sig == NULL) goto err;
158 sigtype=OBJ_obj2nid(sig->algor->algorithm);
159
160#ifdef RSA_DEBUG
161 /* put a backward compatability flag in EAY */
162 fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
163 OBJ_nid2ln(dtype));
164#endif
165 if (sigtype != dtype)
166 {
167 if (((dtype == NID_md5) &&
168 (sigtype == NID_md5WithRSAEncryption)) ||
169 ((dtype == NID_md2) &&
170 (sigtype == NID_md2WithRSAEncryption)))
171 {
172 /* ok, we will let it through */
173#if !defined(NO_STDIO) && !defined(WIN16)
174 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
175#endif
176 }
177 else
178 {
179 RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);
180 goto err;
181 }
182 }
183 if ( ((unsigned int)sig->digest->length != m_len) ||
184 (memcmp(m,sig->digest->data,m_len) != 0))
185 {
186 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
187 }
188 else
189 ret=1;
190err:
191 if (sig != NULL) X509_SIG_free(sig);
192 memset(s,0,(unsigned int)siglen);
193 Free(s);
194 return(ret);
195 }
196
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c
new file mode 100644
index 0000000000..9bcd4b2c03
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_ssl.c
@@ -0,0 +1,153 @@
1/* crypto/rsa/rsa_ssl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "bn.h"
62#include "rsa.h"
63#include "rand.h"
64
65int RSA_padding_add_SSLv23(to,tlen,from,flen)
66unsigned char *to;
67int tlen;
68unsigned char *from;
69int flen;
70 {
71 int i,j;
72 unsigned char *p;
73
74 if (flen > (tlen-11))
75 {
76 RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
77 return(0);
78 }
79
80 p=(unsigned char *)to;
81
82 *(p++)=0;
83 *(p++)=2; /* Public Key BT (Block Type) */
84
85 /* pad out with non-zero random data */
86 j=tlen-3-8-flen;
87
88 RAND_bytes(p,j);
89 for (i=0; i<j; i++)
90 {
91 if (*p == '\0')
92 do {
93 RAND_bytes(p,1);
94 } while (*p == '\0');
95 p++;
96 }
97
98 memset(p,3,8);
99 p+=8;
100 *(p++)='\0';
101
102 memcpy(p,from,(unsigned int)flen);
103 return(1);
104 }
105
106int RSA_padding_check_SSLv23(to,tlen,from,flen)
107unsigned char *to;
108int tlen;
109unsigned char *from;
110int flen;
111 {
112 int i,j,k;
113 unsigned char *p;
114
115 p=from;
116 if (flen < 10)
117 {
118 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
119 return(-1);
120 }
121 if (*(p++) != 02)
122 {
123 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
124 return(-1);
125 }
126
127 /* scan over padding data */
128 j=flen-1; /* one for type */
129 for (i=0; i<j; i++)
130 if (*(p++) == 0) break;
131
132 if ((i == j) || (i < 8))
133 {
134 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
135 return(-1);
136 }
137 for (k= -8; k<0; k++)
138 {
139 if (p[k] != 0x03) break;
140 }
141 if (k == 0)
142 {
143 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
144 return(-1);
145 }
146
147 i++; /* Skip over the '\0' */
148 j-=i;
149 memcpy(to,p,(unsigned int)j);
150
151 return(j);
152 }
153
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-27 19:41:10 +0000