| /* Copyright (C) 2006, 2007 The Written Word, Inc. All rights reserved. |
| * Author: Simon Josefsson |
| * Copyright (c) 2004-2006, Sara Golemon <sarag@libssh2.org> |
| * |
| * Redistribution and use in source and binary forms, |
| * with or without modification, are permitted provided |
| * that the following conditions are met: |
| * |
| * Redistributions of source code must retain the above |
| * copyright notice, this list of conditions and the |
| * following disclaimer. |
| * |
| * Redistributions in binary form must reproduce the above |
| * copyright notice, this list of conditions and the following |
| * disclaimer in the documentation and/or other materials |
| * provided with the distribution. |
| * |
| * Neither the name of the copyright holder nor the names |
| * of any other contributors may be used to endorse or |
| * promote products derived from this software without |
| * specific prior written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
| * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
| * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
| * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
| * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, |
| * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
| * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE |
| * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY |
| * OF SUCH DAMAGE. |
| */ |
| |
| #include "libssh2_priv.h" |
| |
| #ifndef LIBSSH2_LIBGCRYPT /* compile only if we build with OpenSSL */ |
| |
| #include <string.h> |
| |
| #ifndef EVP_MAX_BLOCK_LENGTH |
| #define EVP_MAX_BLOCK_LENGTH 32 |
| #endif |
| |
| int |
| _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, |
| const unsigned char *edata, |
| unsigned long elen, |
| const unsigned char *ndata, |
| unsigned long nlen, |
| const unsigned char *ddata, |
| unsigned long dlen, |
| const unsigned char *pdata, |
| unsigned long plen, |
| const unsigned char *qdata, |
| unsigned long qlen, |
| const unsigned char *e1data, |
| unsigned long e1len, |
| const unsigned char *e2data, |
| unsigned long e2len, |
| const unsigned char *coeffdata, unsigned long coefflen) |
| { |
| *rsa = RSA_new(); |
| |
| (*rsa)->e = BN_new(); |
| BN_bin2bn(edata, elen, (*rsa)->e); |
| |
| (*rsa)->n = BN_new(); |
| BN_bin2bn(ndata, nlen, (*rsa)->n); |
| |
| if (ddata) { |
| (*rsa)->d = BN_new(); |
| BN_bin2bn(ddata, dlen, (*rsa)->d); |
| |
| (*rsa)->p = BN_new(); |
| BN_bin2bn(pdata, plen, (*rsa)->p); |
| |
| (*rsa)->q = BN_new(); |
| BN_bin2bn(qdata, qlen, (*rsa)->q); |
| |
| (*rsa)->dmp1 = BN_new(); |
| BN_bin2bn(e1data, e1len, (*rsa)->dmp1); |
| |
| (*rsa)->dmq1 = BN_new(); |
| BN_bin2bn(e2data, e2len, (*rsa)->dmq1); |
| |
| (*rsa)->iqmp = BN_new(); |
| BN_bin2bn(coeffdata, coefflen, (*rsa)->iqmp); |
| } |
| return 0; |
| } |
| |
| int |
| _libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsactx, |
| const unsigned char *sig, |
| unsigned long sig_len, |
| const unsigned char *m, unsigned long m_len) |
| { |
| unsigned char hash[SHA_DIGEST_LENGTH]; |
| int ret; |
| |
| SHA1(m, m_len, hash); |
| ret = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH, |
| (unsigned char *) sig, sig_len, rsactx); |
| return (ret == 1) ? 0 : -1; |
| } |
| |
| int |
| _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, |
| const unsigned char *p, |
| unsigned long p_len, |
| const unsigned char *q, |
| unsigned long q_len, |
| const unsigned char *g, |
| unsigned long g_len, |
| const unsigned char *y, |
| unsigned long y_len, |
| const unsigned char *x, unsigned long x_len) |
| { |
| *dsactx = DSA_new(); |
| |
| (*dsactx)->p = BN_new(); |
| BN_bin2bn(p, p_len, (*dsactx)->p); |
| |
| (*dsactx)->q = BN_new(); |
| BN_bin2bn(q, q_len, (*dsactx)->q); |
| |
| (*dsactx)->g = BN_new(); |
| BN_bin2bn(g, g_len, (*dsactx)->g); |
| |
| (*dsactx)->pub_key = BN_new(); |
| BN_bin2bn(y, y_len, (*dsactx)->pub_key); |
| |
| if (x_len) { |
| (*dsactx)->priv_key = BN_new(); |
| BN_bin2bn(x, x_len, (*dsactx)->priv_key); |
| } |
| |
| return 0; |
| } |
| |
| int |
| _libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx, |
| const unsigned char *sig, |
| const unsigned char *m, unsigned long m_len) |
| { |
| unsigned char hash[SHA_DIGEST_LENGTH]; |
| DSA_SIG dsasig; |
| int ret; |
| |
| dsasig.r = BN_new(); |
| BN_bin2bn(sig, 20, dsasig.r); |
| dsasig.s = BN_new(); |
| BN_bin2bn(sig + 20, 20, dsasig.s); |
| |
| libssh2_sha1(m, m_len, hash); |
| ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, &dsasig, dsactx); |
| BN_clear_free(dsasig.s); |
| BN_clear_free(dsasig.r); |
| |
| return (ret == 1) ? 0 : -1; |
| } |
| |
| int |
| _libssh2_cipher_init(_libssh2_cipher_ctx * h, |
| _libssh2_cipher_type(algo), |
| unsigned char *iv, unsigned char *secret, int encrypt) |
| { |
| EVP_CIPHER_CTX_init(h); |
| EVP_CipherInit(h, algo(), secret, iv, encrypt); |
| return 0; |
| } |
| |
| int |
| _libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx, |
| _libssh2_cipher_type(algo), |
| int encrypt, unsigned char *block) |
| { |
| int blocksize = ctx->cipher->block_size; |
| unsigned char buf[EVP_MAX_BLOCK_LENGTH]; |
| int ret; |
| (void) algo; |
| (void) encrypt; |
| |
| if (blocksize == 1) { |
| /* Hack for arcfour. */ |
| blocksize = 8; |
| } |
| ret = EVP_Cipher(ctx, buf, block, blocksize); |
| if (ret == 1) { |
| memcpy(block, buf, blocksize); |
| } |
| return ret == 1 ? 0 : 1; |
| } |
| |
| /* TODO: Optionally call a passphrase callback specified by the |
| * calling program |
| */ |
| static int |
| passphrase_cb(char *buf, int size, int rwflag, char *passphrase) |
| { |
| int passphrase_len = strlen(passphrase); |
| (void) rwflag; |
| |
| if (passphrase_len > (size - 1)) { |
| passphrase_len = size - 1; |
| } |
| memcpy(buf, passphrase, passphrase_len); |
| buf[passphrase_len] = '\0'; |
| |
| return passphrase_len; |
| } |
| |
| typedef void * (*pem_read_bio_func)(BIO *, void **, pem_password_cb *, |
| void * u); |
| |
| static int |
| read_private_key_from_file(void ** key_ctx, LIBSSH2_SESSION * session, |
| pem_read_bio_func read_private_key, |
| const char * filename, |
| unsigned const char *passphrase) |
| { |
| BIO * bp; |
| |
| *key_ctx = NULL; |
| |
| bp = BIO_new_file(filename, "r"); |
| if (!bp) { |
| return -1; |
| } |
| |
| *key_ctx = read_private_key(bp, NULL, (void *) passphrase_cb, |
| (void *) passphrase); |
| |
| BIO_free(bp); |
| return (*key_ctx) ? 0 : -1; |
| } |
| |
| int |
| _libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa, |
| LIBSSH2_SESSION * session, |
| const char *filename, unsigned const char *passphrase) |
| { |
| pem_read_bio_func read_rsa = |
| (pem_read_bio_func) &PEM_read_bio_RSAPrivateKey; |
| (void) session; |
| |
| if (!EVP_get_cipherbyname("des")) { |
| /* If this cipher isn't loaded it's a pretty good indication that none are. |
| * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#( |
| * Someone buy me an OpenSSL manual and I'll read up on it. |
| */ |
| OpenSSL_add_all_ciphers(); |
| } |
| |
| return read_private_key_from_file((void **) rsa, session, read_rsa, |
| filename, passphrase); |
| } |
| |
| int |
| _libssh2_dsa_new_private(libssh2_dsa_ctx ** dsa, |
| LIBSSH2_SESSION * session, |
| const char *filename, unsigned const char *passphrase) |
| { |
| pem_read_bio_func read_dsa = |
| (pem_read_bio_func) &PEM_read_bio_DSAPrivateKey; |
| |
| if (!EVP_get_cipherbyname("des")) { |
| /* If this cipher isn't loaded it's a pretty good indication that none are. |
| * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#( |
| * Someone buy me an OpenSSL manual and I'll read up on it. |
| */ |
| OpenSSL_add_all_ciphers(); |
| } |
| |
| return read_private_key_from_file((void **) dsa, session, read_dsa, |
| filename, passphrase); |
| } |
| |
| int |
| _libssh2_rsa_sha1_sign(LIBSSH2_SESSION * session, |
| libssh2_rsa_ctx * rsactx, |
| const unsigned char *hash, |
| unsigned long hash_len, |
| unsigned char **signature, unsigned long *signature_len) |
| { |
| int ret; |
| unsigned char *sig; |
| unsigned int sig_len; |
| |
| sig_len = RSA_size(rsactx); |
| sig = LIBSSH2_ALLOC(session, sig_len); |
| |
| if (!sig) { |
| return -1; |
| } |
| |
| ret = RSA_sign(NID_sha1, hash, hash_len, sig, &sig_len, rsactx); |
| |
| if (!ret) { |
| LIBSSH2_FREE(session, sig); |
| return -1; |
| } |
| |
| *signature = sig; |
| *signature_len = sig_len; |
| |
| return 0; |
| } |
| |
| int |
| _libssh2_dsa_sha1_sign(libssh2_dsa_ctx * dsactx, |
| const unsigned char *hash, |
| unsigned long hash_len, unsigned char *signature) |
| { |
| DSA_SIG *sig; |
| int r_len, s_len, rs_pad; |
| (void) hash_len; |
| |
| sig = DSA_do_sign(hash, SHA_DIGEST_LENGTH, dsactx); |
| if (!sig) { |
| return -1; |
| } |
| |
| r_len = BN_num_bytes(sig->r); |
| s_len = BN_num_bytes(sig->s); |
| rs_pad = (2 * SHA_DIGEST_LENGTH) - (r_len + s_len); |
| if (rs_pad < 0) { |
| DSA_SIG_free(sig); |
| return -1; |
| } |
| |
| BN_bn2bin(sig->r, signature + rs_pad); |
| BN_bn2bin(sig->s, signature + rs_pad + r_len); |
| |
| DSA_SIG_free(sig); |
| |
| return 0; |
| } |
| |
| #endif /* !LIBSSH2_LIBGCRYPT */ |