From 690af28bdf827ab9c81648f507eb492c9076d5d3 Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Wed, 25 Oct 2000 15:23:17 +0000 Subject: This commit was manufactured by cvs2git to create branch 'OPENBSD_2_8'. --- src/lib/libcrypto/rsa/rsa.h | 338 --------------------------- src/lib/libcrypto/rsa/rsa_chk.c | 184 --------------- src/lib/libcrypto/rsa/rsa_eay.c | 491 --------------------------------------- src/lib/libcrypto/rsa/rsa_err.c | 148 ------------ src/lib/libcrypto/rsa/rsa_gen.c | 197 ---------------- src/lib/libcrypto/rsa/rsa_lib.c | 333 -------------------------- src/lib/libcrypto/rsa/rsa_none.c | 98 -------- src/lib/libcrypto/rsa/rsa_oaep.c | 163 ------------- src/lib/libcrypto/rsa/rsa_pk1.c | 224 ------------------ src/lib/libcrypto/rsa/rsa_saos.c | 144 ------------ src/lib/libcrypto/rsa/rsa_sign.c | 221 ------------------ src/lib/libcrypto/rsa/rsa_ssl.c | 154 ------------ 12 files changed, 2695 deletions(-) delete mode 100644 src/lib/libcrypto/rsa/rsa.h delete mode 100644 src/lib/libcrypto/rsa/rsa_chk.c delete mode 100644 src/lib/libcrypto/rsa/rsa_eay.c delete mode 100644 src/lib/libcrypto/rsa/rsa_err.c delete mode 100644 src/lib/libcrypto/rsa/rsa_gen.c delete mode 100644 src/lib/libcrypto/rsa/rsa_lib.c delete mode 100644 src/lib/libcrypto/rsa/rsa_none.c delete mode 100644 src/lib/libcrypto/rsa/rsa_oaep.c delete mode 100644 src/lib/libcrypto/rsa/rsa_pk1.c delete mode 100644 src/lib/libcrypto/rsa/rsa_saos.c delete mode 100644 src/lib/libcrypto/rsa/rsa_sign.c delete mode 100644 src/lib/libcrypto/rsa/rsa_ssl.c (limited to 'src/lib/libcrypto/rsa') diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h deleted file mode 100644 index f9f9b5cfe9..0000000000 --- a/src/lib/libcrypto/rsa/rsa.h +++ /dev/null @@ -1,338 +0,0 @@ -/* crypto/rsa/rsa.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RSA_H -#define HEADER_RSA_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include -#include - -#ifdef NO_RSA -#error RSA is disabled. -#endif - -typedef struct rsa_st RSA; - -typedef struct rsa_meth_st - { - const char *name; - int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ - int (*init)(RSA *rsa); /* called at new */ - int (*finish)(RSA *rsa); /* called at free */ - int flags; /* RSA_METHOD_FLAG_* things */ - char *app_data; /* may be needed! */ -/* New sign and verify functions: some libraries don't allow arbitrary data - * to be signed/verified: this allows them to be used. Note: for this to work - * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used - * RSA_sign(), RSA_verify() should be used instead. Note: for backwards - * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER - * option is set in 'flags'. - */ - int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - - } RSA_METHOD; - -struct rsa_st - { - /* The first parameter is used to pickup errors where - * this is passed instead of aEVP_PKEY, it is set to 0 */ - int pad; - int version; - RSA_METHOD *meth; - BIGNUM *n; - BIGNUM *e; - BIGNUM *d; - BIGNUM *p; - BIGNUM *q; - BIGNUM *dmp1; - BIGNUM *dmq1; - BIGNUM *iqmp; - /* be careful using this if the RSA structure is shared */ - CRYPTO_EX_DATA ex_data; - int references; - int flags; - - /* Used to cache montgomery values */ - BN_MONT_CTX *_method_mod_n; - BN_MONT_CTX *_method_mod_p; - BN_MONT_CTX *_method_mod_q; - - /* all BIGNUM values are actually in the following data, if it is not - * NULL */ - char *bignum_data; - BN_BLINDING *blinding; - }; - -#define RSA_3 0x3L -#define RSA_F4 0x10001L - -#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */ - -#define RSA_FLAG_CACHE_PUBLIC 0x02 -#define RSA_FLAG_CACHE_PRIVATE 0x04 -#define RSA_FLAG_BLINDING 0x08 -#define RSA_FLAG_THREAD_SAFE 0x10 -/* This flag means the private key operations will be handled by rsa_mod_exp - * and that they do not depend on the private key components being present: - * for example a key stored in external hardware. Without this flag bn_mod_exp - * gets called when private key components are absent. - */ -#define RSA_FLAG_EXT_PKEY 0x20 - -/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. - */ -#define RSA_FLAG_SIGN_VER 0x40 - -#define RSA_PKCS1_PADDING 1 -#define RSA_SSLV23_PADDING 2 -#define RSA_NO_PADDING 3 -#define RSA_PKCS1_OAEP_PADDING 4 - -#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) -#define RSA_get_app_data(s) RSA_get_ex_data(s,0) - -RSA * RSA_new(void); -RSA * RSA_new_method(RSA_METHOD *method); -int RSA_size(RSA *); -RSA * RSA_generate_key(int bits, unsigned long e,void - (*callback)(int,int,void *),void *cb_arg); -int RSA_check_key(RSA *); - /* next 4 return -1 on error */ -int RSA_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -int RSA_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -int RSA_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -int RSA_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -void RSA_free (RSA *r); - -int RSA_flags(RSA *r); - -void RSA_set_default_method(RSA_METHOD *meth); -RSA_METHOD *RSA_get_default_method(void); -RSA_METHOD *RSA_get_method(RSA *rsa); -RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth); - -/* This function needs the memory locking malloc callbacks to be installed */ -int RSA_memory_lock(RSA *r); - -/* If you have RSAref compiled in. */ -RSA_METHOD *RSA_PKCS1_RSAref(void); - -/* these are the actual SSLeay RSA functions */ -RSA_METHOD *RSA_PKCS1_SSLeay(void); - -RSA_METHOD *RSA_null_method(void); - -void ERR_load_RSA_strings(void ); - -RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPublicKey(RSA *a, unsigned char **pp); -RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); -#ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *r,int offset); -#endif - -#ifdef HEADER_BIO_H -int RSA_print(BIO *bp, RSA *r,int offset); -#endif - -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); -/* Naughty internal function required elsewhere, to handle a MS structure - * that is the same as the netscape one :-) */ -RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)()); - -/* The following 2 functions sign and verify a X509_SIG ASN1 object - * inside PKCS#1 padded RSA encryption */ -int RSA_sign(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -/* The following 2 function sign and verify a ASN1_OCTET_STRING - * object inside PKCS#1 padded RSA encryption */ -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); -void RSA_blinding_off(RSA *rsa); - -int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); -int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); -int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,unsigned char *p, - int pl); -int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len, - unsigned char *p,int pl); -int RSA_padding_add_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); -int RSA_padding_add_none(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_none(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int RSA_set_ex_data(RSA *r,int idx,void *arg); -void *RSA_get_ex_data(RSA *r, int idx); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the RSA functions. */ - -/* Function codes. */ -#define RSA_F_MEMORY_LOCK 100 -#define RSA_F_RSA_CHECK_KEY 123 -#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 -#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 -#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 -#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 -#define RSA_F_RSA_GENERATE_KEY 105 -#define RSA_F_RSA_NEW_METHOD 106 -#define RSA_F_RSA_NULL 124 -#define RSA_F_RSA_PADDING_ADD_NONE 107 -#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 -#define RSA_F_RSA_PADDING_ADD_SSLV23 110 -#define RSA_F_RSA_PADDING_CHECK_NONE 111 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 -#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 -#define RSA_F_RSA_PRINT 115 -#define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_SIGN 117 -#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 -#define RSA_F_RSA_VERIFY 119 -#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 - -/* Reason codes. */ -#define RSA_R_ALGORITHM_MISMATCH 100 -#define RSA_R_BAD_E_VALUE 101 -#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 -#define RSA_R_BAD_PAD_BYTE_COUNT 103 -#define RSA_R_BAD_SIGNATURE 104 -#define RSA_R_BLOCK_TYPE_IS_NOT_01 106 -#define RSA_R_BLOCK_TYPE_IS_NOT_02 107 -#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 -#define RSA_R_DATA_TOO_LARGE 109 -#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 -#define RSA_R_DATA_TOO_SMALL 111 -#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 -#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 -#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 -#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 -#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 -#define RSA_R_INVALID_MESSAGE_LENGTH 131 -#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 -#define RSA_R_KEY_SIZE_TOO_SMALL 120 -#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 -#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 -#define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_PADDING_CHECK_FAILED 114 -#define RSA_R_P_NOT_PRIME 128 -#define RSA_R_Q_NOT_PRIME 129 -#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 -#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 -#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 -#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 -#define RSA_R_UNKNOWN_PADDING_TYPE 118 -#define RSA_R_WRONG_SIGNATURE_LENGTH 119 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c deleted file mode 100644 index 91b9115798..0000000000 --- a/src/lib/libcrypto/rsa/rsa_chk.c +++ /dev/null @@ -1,184 +0,0 @@ -/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - - -int RSA_check_key(RSA *key) - { - BIGNUM *i, *j, *k, *l, *m; - BN_CTX *ctx; - int r; - int ret=1; - - i = BN_new(); - j = BN_new(); - k = BN_new(); - l = BN_new(); - m = BN_new(); - ctx = BN_CTX_new(); - if (i == NULL || j == NULL || k == NULL || l == NULL || - m == NULL || ctx == NULL) - { - ret = -1; - RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE); - goto err; - } - - /* p prime? */ - r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL); - if (r != 1) - { - ret = r; - if (r != 0) - goto err; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME); - } - - /* q prime? */ - r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL); - if (r != 1) - { - ret = r; - if (r != 0) - goto err; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME); - } - - /* n = p*q? */ - r = BN_mul(i, key->p, key->q, ctx); - if (!r) { ret = -1; goto err; } - - if (BN_cmp(i, key->n) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q); - } - - /* d*e = 1 mod lcm(p-1,q-1)? */ - - r = BN_sub(i, key->p, BN_value_one()); - if (!r) { ret = -1; goto err; } - r = BN_sub(j, key->q, BN_value_one()); - if (!r) { ret = -1; goto err; } - - /* now compute k = lcm(i,j) */ - r = BN_mul(l, i, j, ctx); - if (!r) { ret = -1; goto err; } - r = BN_gcd(m, i, j, ctx); - if (!r) { ret = -1; goto err; } - r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */ - if (!r) { ret = -1; goto err; } - - r = BN_mod_mul(i, key->d, key->e, k, ctx); - if (!r) { ret = -1; goto err; } - - if (!BN_is_one(i)) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1); - } - - if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) - { - /* dmp1 = d mod (p-1)? */ - r = BN_sub(i, key->p, BN_value_one()); - if (!r) { ret = -1; goto err; } - - r = BN_mod(j, key->d, i, ctx); - if (!r) { ret = -1; goto err; } - - if (BN_cmp(j, key->dmp1) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, - RSA_R_DMP1_NOT_CONGRUENT_TO_D); - } - - /* dmq1 = d mod (q-1)? */ - r = BN_sub(i, key->q, BN_value_one()); - if (!r) { ret = -1; goto err; } - - r = BN_mod(j, key->d, i, ctx); - if (!r) { ret = -1; goto err; } - - if (BN_cmp(j, key->dmq1) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, - RSA_R_DMQ1_NOT_CONGRUENT_TO_D); - } - - /* iqmp = q^-1 mod p? */ - if(!BN_mod_inverse(i, key->q, key->p, ctx)) - { - ret = -1; - goto err; - } - - if (BN_cmp(i, key->iqmp) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, - RSA_R_IQMP_NOT_INVERSE_OF_Q); - } - } - - err: - if (i != NULL) BN_free(i); - if (j != NULL) BN_free(j); - if (k != NULL) BN_free(k); - if (l != NULL) BN_free(l); - if (m != NULL) BN_free(m); - if (ctx != NULL) BN_CTX_free(ctx); - return (ret); - } diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c deleted file mode 100644 index b7d2460754..0000000000 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ /dev/null @@ -1,491 +0,0 @@ -/* crypto/rsa/rsa_eay.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -#ifndef RSA_NULL - -static int RSA_eay_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); -static int RSA_eay_init(RSA *rsa); -static int RSA_eay_finish(RSA *rsa); -static RSA_METHOD rsa_pkcs1_eay_meth={ - "Eric Young's PKCS#1 RSA", - RSA_eay_public_encrypt, - RSA_eay_public_decrypt, - RSA_eay_private_encrypt, - RSA_eay_private_decrypt, - RSA_eay_mod_exp, - BN_mod_exp_mont, - RSA_eay_init, - RSA_eay_finish, - 0, - NULL, - }; - -RSA_METHOD *RSA_PKCS1_SSLeay(void) - { - return(&rsa_pkcs1_eay_meth); - } - -static int RSA_eay_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int i,j,k,num=0,r= -1; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - BN_init(&f); - BN_init(&ret); - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) - { - case RSA_PKCS1_PADDING: - i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen); - break; -#ifndef NO_SHA - case RSA_PKCS1_OAEP_PADDING: - i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - i=RSA_padding_add_SSLv23(buf,num,from,flen); - break; - case RSA_NO_PADDING: - i=RSA_padding_add_none(buf,num,from,flen); - break; - default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) goto err; - - if (BN_bin2bn(buf,num,&f) == NULL) goto err; - - if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) - { - if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx)) - goto err; - } - - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, - rsa->_method_mod_n)) goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); - for (k=0; k<(num-i); k++) - to[k]=0; - - r=num; -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - memset(buf,0,num); - Free(buf); - } - return(r); - } - -static int RSA_eay_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int i,j,k,num=0,r= -1; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - BN_init(&f); - BN_init(&ret); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) - { - case RSA_PKCS1_PADDING: - i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); - break; - case RSA_NO_PADDING: - i=RSA_padding_add_none(buf,num,from,flen); - break; - case RSA_SSLV23_PADDING: - default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) goto err; - - if (BN_bin2bn(buf,num,&f) == NULL) goto err; - - if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) - RSA_blinding_on(rsa,ctx); - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; - - if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || - ((rsa->p != NULL) && - (rsa->q != NULL) && - (rsa->dmp1 != NULL) && - (rsa->dmq1 != NULL) && - (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } - else - { - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; - } - - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); - for (k=0; k<(num-i); k++) - to[k]=0; - - r=num; -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&ret); - BN_clear_free(&f); - if (buf != NULL) - { - memset(buf,0,num); - Free(buf); - } - return(r); - } - -static int RSA_eay_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int j,num=0,r= -1; - unsigned char *p; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - - if ((buf=(unsigned char *)Malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - /* make data into a big number */ - if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; - - if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) - RSA_blinding_on(rsa,ctx); - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; - - /* do the decrypt */ - if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || - ((rsa->p != NULL) && - (rsa->q != NULL) && - (rsa->dmp1 != NULL) && - (rsa->dmq1 != NULL) && - (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } - else - { - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) - goto err; - } - - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; - - p=buf; - j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ - - switch (padding) - { - case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num); - break; -#ifndef NO_SHA - case RSA_PKCS1_OAEP_PADDING: - r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - r=RSA_padding_check_SSLv23(to,num,buf,j,num); - break; - case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,j,num); - break; - default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - memset(buf,0,num); - Free(buf); - } - return(r); - } - -static int RSA_eay_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - BIGNUM f,ret; - int i,num=0,r= -1; - unsigned char *p; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - buf=(unsigned char *)Malloc(num); - if (buf == NULL) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - if (BN_bin2bn(from,flen,&f) == NULL) goto err; - /* do the decrypt */ - if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) - { - if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx)) - goto err; - } - - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, - rsa->_method_mod_n)) goto err; - - p=buf; - i=BN_bn2bin(&ret,p); - - switch (padding) - { - case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); - break; - case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,i,num); - break; - default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - memset(buf,0,num); - Free(buf); - } - return(r); - } - -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) - { - BIGNUM r1,m1; - int ret=0; - BN_CTX *ctx; - - if ((ctx=BN_CTX_new()) == NULL) goto err; - BN_init(&m1); - BN_init(&r1); - - if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) - { - if (rsa->_method_mod_p == NULL) - { - if ((rsa->_method_mod_p=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_p,rsa->p, - ctx)) - goto err; - } - if (rsa->_method_mod_q == NULL) - { - if ((rsa->_method_mod_q=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_q,rsa->q, - ctx)) - goto err; - } - } - - if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, - rsa->_method_mod_q)) goto err; - - if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, - rsa->_method_mod_p)) goto err; - - if (!BN_sub(r0,r0,&m1)) goto err; - /* This will help stop the size of r0 increasing, which does - * affect the multiply if it optimised for a power of 2 size */ - if (r0->neg) - if (!BN_add(r0,r0,rsa->p)) goto err; - - if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; - if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; - /* If p < q it is occasionally possible for the correction of - * adding 'p' if r0 is negative above to leave the result still - * negative. This can break the private key operations: the following - * second correction should *always* correct this rare occurrence. - * This will *never* happen with OpenSSL generated keys because - * they ensure p > q [steve] - */ - if (r0->neg) - if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; - if (!BN_add(r0,&r1,&m1)) goto err; - - ret=1; -err: - BN_clear_free(&m1); - BN_clear_free(&r1); - BN_CTX_free(ctx); - return(ret); - } - -static int RSA_eay_init(RSA *rsa) - { - rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; - return(1); - } - -static int RSA_eay_finish(RSA *rsa) - { - if (rsa->_method_mod_n != NULL) - BN_MONT_CTX_free(rsa->_method_mod_n); - if (rsa->_method_mod_p != NULL) - BN_MONT_CTX_free(rsa->_method_mod_p); - if (rsa->_method_mod_q != NULL) - BN_MONT_CTX_free(rsa->_method_mod_q); - return(1); - } - -#endif diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c deleted file mode 100644 index 1cde7c0da4..0000000000 --- a/src/lib/libcrypto/rsa/rsa_err.c +++ /dev/null @@ -1,148 +0,0 @@ -/* crypto/rsa/rsa_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA RSA_str_functs[]= - { -{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"}, -{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"}, -{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"}, -{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"}, -{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0), "RSA_padding_check_PKCS1_OAEP"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"}, -{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"}, -{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"}, -{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"}, -{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"}, -{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"}, -{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"}, -{0,NULL} - }; - -static ERR_STRING_DATA RSA_str_reasons[]= - { -{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"}, -{RSA_R_BAD_E_VALUE ,"bad e value"}, -{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"}, -{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"}, -{RSA_R_BAD_SIGNATURE ,"bad signature"}, -{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"}, -{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"}, -{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"}, -{RSA_R_DATA_TOO_LARGE ,"data too large"}, -{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, -{RSA_R_DATA_TOO_SMALL ,"data too small"}, -{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"}, -{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"}, -{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"}, -{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"}, -{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"}, -{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"}, -{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"}, -{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"}, -{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, -{RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"}, -{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"}, -{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"}, -{RSA_R_P_NOT_PRIME ,"p not prime"}, -{RSA_R_Q_NOT_PRIME ,"q not prime"}, -{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"}, -{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"}, -{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, -{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"}, -{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"}, -{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, -{0,NULL} - }; - -#endif - -void ERR_load_RSA_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_RSA,RSA_str_functs); - ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c deleted file mode 100644 index 95e636d3f0..0000000000 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ /dev/null @@ -1,197 +0,0 @@ -/* crypto/rsa/rsa_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -RSA *RSA_generate_key(int bits, unsigned long e_value, - void (*callback)(int,int,void *), void *cb_arg) - { - RSA *rsa=NULL; - BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; - int bitsp,bitsq,ok= -1,n=0,i; - BN_CTX *ctx=NULL,*ctx2=NULL; - - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - ctx2=BN_CTX_new(); - if (ctx2 == NULL) goto err; - BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - if (r3 == NULL) goto err; - - bitsp=(bits+1)/2; - bitsq=bits-bitsp; - rsa=RSA_new(); - if (rsa == NULL) goto err; - - /* set e */ - rsa->e=BN_new(); - if (rsa->e == NULL) goto err; - -#if 1 - /* The problem is when building with 8, 16, or 32 BN_ULONG, - * unsigned long can be larger */ - for (i=0; ie,i); - } -#else - if (!BN_set_word(rsa->e,e_value)) goto err; -#endif - - /* generate p and q */ - for (;;) - { - rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); - if (rsa->p == NULL) goto err; - if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; - if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->p); - } - if (callback != NULL) callback(3,0,cb_arg); - for (;;) - { - rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); - if (rsa->q == NULL) goto err; - if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; - if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) - break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->q); - } - if (callback != NULL) callback(3,1,cb_arg); - if (BN_cmp(rsa->p,rsa->q) < 0) - { - tmp=rsa->p; - rsa->p=rsa->q; - rsa->q=tmp; - } - - /* calculate n */ - rsa->n=BN_new(); - if (rsa->n == NULL) goto err; - if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; - - /* calculate d */ - if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ - if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ - if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ - -/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ -/* for (;;) - { - if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; - if (BN_is_one(r3)) break; - - if (1) - { - if (!BN_add_word(rsa->e,2L)) goto err; - continue; - } - RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); - goto err; - } -*/ - rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ - if (rsa->d == NULL) goto err; - - /* calculate d mod (p-1) */ - rsa->dmp1=BN_new(); - if (rsa->dmp1 == NULL) goto err; - if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; - - /* calculate d mod (q-1) */ - rsa->dmq1=BN_new(); - if (rsa->dmq1 == NULL) goto err; - if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; - - /* calculate inverse of q mod p */ - rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); - if (rsa->iqmp == NULL) goto err; - - ok=1; -err: - if (ok == -1) - { - RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); - ok=0; - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_CTX_free(ctx2); - - if (!ok) - { - if (rsa != NULL) RSA_free(rsa); - return(NULL); - } - else - return(rsa); - } - diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c deleted file mode 100644 index 074a4f5074..0000000000 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ /dev/null @@ -1,333 +0,0 @@ -/* crypto/rsa/rsa_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include - -const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; - -static RSA_METHOD *default_RSA_meth=NULL; -static int rsa_meth_num=0; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL; - -RSA *RSA_new(void) - { - return(RSA_new_method(NULL)); - } - -void RSA_set_default_method(RSA_METHOD *meth) - { - default_RSA_meth=meth; - } - -RSA_METHOD *RSA_get_default_method(void) -{ - return default_RSA_meth; -} - -RSA_METHOD *RSA_get_method(RSA *rsa) -{ - return rsa->meth; -} - -RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) -{ - RSA_METHOD *mtmp; - mtmp = rsa->meth; - if (mtmp->finish) mtmp->finish(rsa); - rsa->meth = meth; - if (meth->init) meth->init(rsa); - return mtmp; -} - -RSA *RSA_new_method(RSA_METHOD *meth) - { - RSA *ret; - - if (default_RSA_meth == NULL) - { -#ifdef RSA_NULL - default_RSA_meth=RSA_null_method(); -#else -#ifdef RSAref - default_RSA_meth=RSA_PKCS1_RSAref(); -#else - default_RSA_meth=RSA_PKCS1_SSLeay(); -#endif -#endif - } - ret=(RSA *)Malloc(sizeof(RSA)); - if (ret == NULL) - { - RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); - return(NULL); - } - - if (meth == NULL) - ret->meth=default_RSA_meth; - else - ret->meth=meth; - - ret->pad=0; - ret->version=0; - ret->n=NULL; - ret->e=NULL; - ret->d=NULL; - ret->p=NULL; - ret->q=NULL; - ret->dmp1=NULL; - ret->dmq1=NULL; - ret->iqmp=NULL; - ret->references=1; - ret->_method_mod_n=NULL; - ret->_method_mod_p=NULL; - ret->_method_mod_q=NULL; - ret->blinding=NULL; - ret->bignum_data=NULL; - ret->flags=ret->meth->flags; - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) - { - Free(ret); - ret=NULL; - } - else - CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); - return(ret); - } - -void RSA_free(RSA *r) - { - int i; - - if (r == NULL) return; - - i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); -#ifdef REF_PRINT - REF_PRINT("RSA",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"RSA_free, bad reference count\n"); - abort(); - } -#endif - - CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); - - if (r->meth->finish != NULL) - r->meth->finish(r); - - if (r->n != NULL) BN_clear_free(r->n); - if (r->e != NULL) BN_clear_free(r->e); - if (r->d != NULL) BN_clear_free(r->d); - if (r->p != NULL) BN_clear_free(r->p); - if (r->q != NULL) BN_clear_free(r->q); - if (r->dmp1 != NULL) BN_clear_free(r->dmp1); - if (r->dmq1 != NULL) BN_clear_free(r->dmq1); - if (r->iqmp != NULL) BN_clear_free(r->iqmp); - if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->bignum_data != NULL) Free_locked(r->bignum_data); - Free(r); - } - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - rsa_meth_num++; - return(CRYPTO_get_ex_new_index(rsa_meth_num-1, - &rsa_meth,argl,argp,new_func,dup_func,free_func)); - } - -int RSA_set_ex_data(RSA *r, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); - } - -void *RSA_get_ex_data(RSA *r, int idx) - { - return(CRYPTO_get_ex_data(&r->ex_data,idx)); - } - -int RSA_size(RSA *r) - { - return(BN_num_bytes(r->n)); - } - -int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); - } - -int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); - } - -int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); - } - -int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); - } - -int RSA_flags(RSA *r) - { - return((r == NULL)?0:r->meth->flags); - } - -void RSA_blinding_off(RSA *rsa) - { - if (rsa->blinding != NULL) - { - BN_BLINDING_free(rsa->blinding); - rsa->blinding=NULL; - } - rsa->flags&= ~RSA_FLAG_BLINDING; - } - -int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) - { - BIGNUM *A,*Ai; - BN_CTX *ctx; - int ret=0; - - if (p_ctx == NULL) - { - if ((ctx=BN_CTX_new()) == NULL) goto err; - } - else - ctx=p_ctx; - - if (rsa->blinding != NULL) - BN_BLINDING_free(rsa->blinding); - - BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; - if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; - - if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) - goto err; - rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); - rsa->flags|=RSA_FLAG_BLINDING; - BN_free(Ai); - ret=1; -err: - BN_CTX_end(ctx); - if (ctx != p_ctx) BN_CTX_free(ctx); - return(ret); - } - -int RSA_memory_lock(RSA *r) - { - int i,j,k,off; - char *p; - BIGNUM *bn,**t[6],*b; - BN_ULONG *ul; - - if (r->d == NULL) return(1); - t[0]= &r->d; - t[1]= &r->p; - t[2]= &r->q; - t[3]= &r->dmp1; - t[4]= &r->dmq1; - t[5]= &r->iqmp; - k=sizeof(BIGNUM)*6; - off=k/sizeof(BN_ULONG)+1; - j=1; - for (i=0; i<6; i++) - j+= (*t[i])->top; - if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) - { - RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); - return(0); - } - bn=(BIGNUM *)p; - ul=(BN_ULONG *)&(p[off]); - for (i=0; i<6; i++) - { - b= *(t[i]); - *(t[i])= &(bn[i]); - memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); - bn[i].flags=BN_FLG_STATIC_DATA; - bn[i].d=ul; - memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); - ul+=b->top; - BN_clear_free(b); - } - - /* I should fix this so it can still be done */ - r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); - - r->bignum_data=p; - return(1); - } - diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c deleted file mode 100644 index f22fce5016..0000000000 --- a/src/lib/libcrypto/rsa/rsa_none.c +++ /dev/null @@ -1,98 +0,0 @@ -/* crypto/rsa/rsa_none.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, - int flen) - { - if (flen > tlen) - { - RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - if (flen < tlen) - { - RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); - return(0); - } - - memcpy(to,from,(unsigned int)flen); - return(1); - } - -int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from, - int flen, int num) - { - - if (flen > tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE); - return(-1); - } - - memset(to,0,tlen-flen); - memcpy(to+tlen-flen,from,flen); - return(tlen); - } - diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c deleted file mode 100644 index 1465c01f4f..0000000000 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ /dev/null @@ -1,163 +0,0 @@ -/* crypto/rsa/rsa_oaep.c */ -/* Written by Ulf Moeller. This software is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ - -/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ - -#if !defined(NO_SHA) && !defined(NO_SHA1) -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen); - -int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, unsigned char *param, int plen) - { - int i, emlen = tlen - 1; - unsigned char *db, *seed; - unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH]; - - if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return (0); - } - - if (emlen < 2 * SHA_DIGEST_LENGTH + 1) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL); - return (0); - } - - dbmask = Malloc(emlen - SHA_DIGEST_LENGTH); - if (dbmask == NULL) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return (0); - } - - to[0] = 0; - seed = to + 1; - db = to + SHA_DIGEST_LENGTH + 1; - - SHA1(param, plen, db); - memset(db + SHA_DIGEST_LENGTH, 0, - emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); - db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; - memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen); - if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0) - return (0); -#ifdef PKCS_TESTVECT - memcpy(seed, - "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f", - 20); -#endif - - MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); - for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) - db[i] ^= dbmask[i]; - - MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); - for (i = 0; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= seedmask[i]; - - Free(dbmask); - return (1); - } - -int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, int num, unsigned char *param, - int plen) - { - int i, dblen, mlen = -1; - unsigned char *maskeddb; - int lzero; - unsigned char *db, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; - - if (--num < 2 * SHA_DIGEST_LENGTH + 1) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); - return (-1); - } - - dblen = num - SHA_DIGEST_LENGTH; - db = Malloc(dblen); - if (db == NULL) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return (-1); - } - - lzero = num - flen; - maskeddb = from - lzero + SHA_DIGEST_LENGTH; - - MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); - for (i = lzero; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= from[i - lzero]; - - MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); - for (i = 0; i < dblen; i++) - db[i] ^= maskeddb[i]; - - SHA1(param, plen, phash); - - if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0) - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); - else - { - for (i = SHA_DIGEST_LENGTH; i < dblen; i++) - if (db[i] != 0x00) - break; - if (db[i] != 0x01 || i++ >= dblen) - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, - RSA_R_OAEP_DECODING_ERROR); - else - { - mlen = dblen - i; - if (tlen < mlen) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); - mlen = -1; - } - else - memcpy(to, db + i, mlen); - } - } - Free(db); - return (mlen); - } - -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen) - { - long i, outlen = 0; - unsigned char cnt[4]; - SHA_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; - - for (i = 0; outlen < len; i++) - { - cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255, - cnt[2] = (i >> 8) & 255, cnt[3] = i & 255; - SHA1_Init(&c); - SHA1_Update(&c, seed, seedlen); - SHA1_Update(&c, cnt, 4); - if (outlen + SHA_DIGEST_LENGTH <= len) - { - SHA1_Final(mask + outlen, &c); - outlen += SHA_DIGEST_LENGTH; - } - else - { - SHA1_Final(md, &c); - memcpy(mask + outlen, md, len - outlen); - outlen = len; - } - } - return (0); - } -#endif diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c deleted file mode 100644 index 48a32bc264..0000000000 --- a/src/lib/libcrypto/rsa/rsa_pk1.c +++ /dev/null @@ -1,224 +0,0 @@ -/* crypto/rsa/rsa_pk1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen) - { - int j; - unsigned char *p; - - if (flen > (tlen-11)) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - p=(unsigned char *)to; - - *(p++)=0; - *(p++)=1; /* Private Key BT (Block Type) */ - - /* pad out with 0xff data */ - j=tlen-3-flen; - memset(p,0xff,j); - p+=j; - *(p++)='\0'; - memcpy(p,from,(unsigned int)flen); - return(1); - } - -int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen, int num) - { - int i,j; - unsigned char *p; - - p=from; - if ((num != (flen+1)) || (*(p++) != 01)) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01); - return(-1); - } - - /* scan over padding data */ - j=flen-1; /* one for type. */ - for (i=0; i tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE); - return(-1); - } - memcpy(to,p,(unsigned int)j); - - return(j); - } - -int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *from, int flen) - { - int i,j; - unsigned char *p; - - if (flen > (tlen-11)) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - p=(unsigned char *)to; - - *(p++)=0; - *(p++)=2; /* Public Key BT (Block Type) */ - - /* pad out with non-zero random data */ - j=tlen-3-flen; - - if (RAND_bytes(p,j) <= 0) - return(0); - for (i=0; i tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE); - return(-1); - } - memcpy(to,p,(unsigned int)j); - - return(j); - } - diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c deleted file mode 100644 index 61efb0b00f..0000000000 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ /dev/null @@ -1,144 +0,0 @@ -/* crypto/rsa/rsa_saos.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) - { - ASN1_OCTET_STRING sig; - int i,j,ret=1; - unsigned char *p,*s; - - sig.type=V_ASN1_OCTET_STRING; - sig.length=m_len; - sig.data=m; - - i=i2d_ASN1_OCTET_STRING(&sig,NULL); - j=RSA_size(rsa); - if ((i-RSA_PKCS1_PADDING) > j) - { - RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - return(0); - } - s=(unsigned char *)Malloc((unsigned int)j+1); - if (s == NULL) - { - RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); - return(0); - } - p=s; - i2d_ASN1_OCTET_STRING(&sig,&p); - i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); - if (i <= 0) - ret=0; - else - *siglen=i; - - memset(s,0,(unsigned int)j+1); - Free(s); - return(ret); - } - -int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa) - { - int i,ret=0; - unsigned char *p,*s; - ASN1_OCTET_STRING *sig=NULL; - - if (siglen != (unsigned int)RSA_size(rsa)) - { - RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH); - return(0); - } - - s=(unsigned char *)Malloc((unsigned int)siglen); - if (s == NULL) - { - RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); - goto err; - } - i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); - - if (i <= 0) goto err; - - p=s; - sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i); - if (sig == NULL) goto err; - - if ( ((unsigned int)sig->length != m_len) || - (memcmp(m,sig->data,m_len) != 0)) - { - RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE); - } - else - ret=1; -err: - if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); - memset(s,0,(unsigned int)siglen); - Free(s); - return(ret); - } - diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c deleted file mode 100644 index 05bb7fb74a..0000000000 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ /dev/null @@ -1,221 +0,0 @@ -/* crypto/rsa/rsa_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -/* Size of an SSL signature: MD5+SHA1 */ -#define SSL_SIG_LENGTH 36 - -int RSA_sign(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) - { - X509_SIG sig; - ASN1_TYPE parameter; - int i,j,ret=1; - unsigned char *p,*s = NULL; - X509_ALGOR algor; - ASN1_OCTET_STRING digest; - if(rsa->flags & RSA_FLAG_SIGN_VER) - return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); - /* Special case: SSL signature, just check the length */ - if(type == NID_md5_sha1) { - if(m_len != SSL_SIG_LENGTH) { - RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH); - return(0); - } - i = SSL_SIG_LENGTH; - s = m; - } else { - sig.algor= &algor; - sig.algor->algorithm=OBJ_nid2obj(type); - if (sig.algor->algorithm == NULL) - { - RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); - return(0); - } - if (sig.algor->algorithm->length == 0) - { - RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); - return(0); - } - parameter.type=V_ASN1_NULL; - parameter.value.ptr=NULL; - sig.algor->parameter= ¶meter; - - sig.digest= &digest; - sig.digest->data=m; - sig.digest->length=m_len; - - i=i2d_X509_SIG(&sig,NULL); - } - j=RSA_size(rsa); - if ((i-RSA_PKCS1_PADDING) > j) - { - RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - return(0); - } - if(type != NID_md5_sha1) { - s=(unsigned char *)Malloc((unsigned int)j+1); - if (s == NULL) - { - RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); - return(0); - } - p=s; - i2d_X509_SIG(&sig,&p); - } - i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); - if (i <= 0) - ret=0; - else - *siglen=i; - - if(type != NID_md5_sha1) { - memset(s,0,(unsigned int)j+1); - Free(s); - } - return(ret); - } - -int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa) - { - int i,ret=0,sigtype; - unsigned char *p,*s; - X509_SIG *sig=NULL; - - if (siglen != (unsigned int)RSA_size(rsa)) - { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); - return(0); - } - - if(rsa->flags & RSA_FLAG_SIGN_VER) - return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); - - s=(unsigned char *)Malloc((unsigned int)siglen); - if (s == NULL) - { - RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); - goto err; - } - if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); - return(0); - } - i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); - - if (i <= 0) goto err; - - /* Special case: SSL signature */ - if(dtype == NID_md5_sha1) { - if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH)) - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); - else ret = 1; - } else { - p=s; - sig=d2i_X509_SIG(NULL,&p,(long)i); - - if (sig == NULL) goto err; - sigtype=OBJ_obj2nid(sig->algor->algorithm); - - - #ifdef RSA_DEBUG - /* put a backward compatibility flag in EAY */ - fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), - OBJ_nid2ln(dtype)); - #endif - if (sigtype != dtype) - { - if (((dtype == NID_md5) && - (sigtype == NID_md5WithRSAEncryption)) || - ((dtype == NID_md2) && - (sigtype == NID_md2WithRSAEncryption))) - { - /* ok, we will let it through */ - #if !defined(NO_STDIO) && !defined(WIN16) - fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); - #endif - } - else - { - RSAerr(RSA_F_RSA_VERIFY, - RSA_R_ALGORITHM_MISMATCH); - goto err; - } - } - if ( ((unsigned int)sig->digest->length != m_len) || - (memcmp(m,sig->digest->data,m_len) != 0)) - { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); - } - else - ret=1; - } -err: - if (sig != NULL) X509_SIG_free(sig); - memset(s,0,(unsigned int)siglen); - Free(s); - return(ret); - } - diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c deleted file mode 100644 index 81a857c813..0000000000 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ /dev/null @@ -1,154 +0,0 @@ -/* crypto/rsa/rsa_ssl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, - int flen) - { - int i,j; - unsigned char *p; - - if (flen > (tlen-11)) - { - RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - p=(unsigned char *)to; - - *(p++)=0; - *(p++)=2; /* Public Key BT (Block Type) */ - - /* pad out with non-zero random data */ - j=tlen-3-8-flen; - - if (RAND_bytes(p,j) <= 0) - return(0); - for (i=0; i tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE); - return(-1); - } - memcpy(to,p,(unsigned int)j); - - return(j); - } - -- cgit v1.2.3-55-g6feb