| version 1.1.1.2.2.3, 2005/09/03 07:03:49 |
version 1.15.4.1, 2009/02/08 18:42:15 |
|
|
| /* $NetBSD$ */ |
/* $NetBSD$ */ |
| |
|
| /* Id: crypto_openssl.c,v 1.40.4.5 2005/07/12 11:50:15 manubsd Exp */ |
/* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */ |
| |
|
| /* |
/* |
| * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
|
|
| #else |
#else |
| #include "crypto/rijndael/rijndael-api-fst.h" |
#include "crypto/rijndael/rijndael-api-fst.h" |
| #endif |
#endif |
| |
#if defined(HAVE_OPENSSL_CAMELLIA_H) |
| |
#include <openssl/camellia.h> |
| |
#endif |
| #ifdef WITH_SHA2 |
#ifdef WITH_SHA2 |
| #ifdef HAVE_OPENSSL_SHA2_H |
#ifdef HAVE_OPENSSL_SHA2_H |
| #include <openssl/sha2.h> |
#include <openssl/sha2.h> |
|
|
| #include "crypto/sha2/sha2.h" |
#include "crypto/sha2/sha2.h" |
| #endif |
#endif |
| #endif |
#endif |
| |
#include "plog.h" |
| |
|
| /* 0.9.7 stuff? */ |
/* 0.9.7 stuff? */ |
| #if OPENSSL_VERSION_NUMBER < 0x0090700fL |
#if OPENSSL_VERSION_NUMBER < 0x0090700fL |
| Line 129 eay_str2asn1dn(str, len) |
|
| Line 133 eay_str2asn1dn(str, len) |
|
| char *buf; |
char *buf; |
| char *field, *value; |
char *field, *value; |
| int i, j; |
int i, j; |
| vchar_t *ret; |
vchar_t *ret = NULL; |
| caddr_t p; |
caddr_t p; |
| |
|
| if (len == -1) |
if (len == -1) |
| Line 137 eay_str2asn1dn(str, len) |
|
| Line 141 eay_str2asn1dn(str, len) |
|
| |
|
| buf = racoon_malloc(len + 1); |
buf = racoon_malloc(len + 1); |
| if (!buf) { |
if (!buf) { |
| printf("failed to allocate buffer\n"); |
plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n"); |
| return NULL; |
return NULL; |
| } |
} |
| memcpy(buf, str, len); |
memcpy(buf, str, len); |
| Line 214 eay_str2asn1dn(str, len) |
|
| Line 218 eay_str2asn1dn(str, len) |
|
| racoon_free(buf); |
racoon_free(buf); |
| if (name) |
if (name) |
| X509_NAME_free(name); |
X509_NAME_free(name); |
| |
if (ret) |
| |
vfree(ret); |
| return NULL; |
return NULL; |
| } |
} |
| |
|
| Line 241 eay_hex2asn1dn(const char *hex, int len) |
|
| Line 247 eay_hex2asn1dn(const char *hex, int len) |
|
| binlen = BN_num_bytes(bn); |
binlen = BN_num_bytes(bn); |
| ret = vmalloc(binlen); |
ret = vmalloc(binlen); |
| if (!ret) { |
if (!ret) { |
| printf("failed to allocate buffer\n"); |
plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n"); |
| return NULL; |
return NULL; |
| } |
} |
| binbuf = ret->v; |
binbuf = ret->v; |
| Line 490 eay_check_x509cert(cert, CApath, CAfile, |
|
| Line 496 eay_check_x509cert(cert, CApath, CAfile, |
|
| |
|
| end: |
end: |
| if (error) |
if (error) |
| printf("%s\n", eay_strerror()); |
plog(LLV_WARNING, LOCATION, NULL,"%s\n", eay_strerror()); |
| if (cert_ctx != NULL) |
if (cert_ctx != NULL) |
| X509_STORE_free(cert_ctx); |
X509_STORE_free(cert_ctx); |
| if (x509 != NULL) |
if (x509 != NULL) |
| Line 594 eay_get_x509asn1subjectname(cert) |
|
| Line 600 eay_get_x509asn1subjectname(cert) |
|
| u_char *bp; |
u_char *bp; |
| vchar_t *name = NULL; |
vchar_t *name = NULL; |
| int len; |
int len; |
| int error = -1; |
|
| |
|
| bp = (unsigned char *) cert->v; |
bp = (unsigned char *) cert->v; |
| |
|
| x509 = mem2x509(cert); |
x509 = mem2x509(cert); |
| if (x509 == NULL) |
if (x509 == NULL) |
| goto end; |
goto error; |
| |
|
| /* get the length of the name */ |
/* get the length of the name */ |
| len = i2d_X509_NAME(x509->cert_info->subject, NULL); |
len = i2d_X509_NAME(x509->cert_info->subject, NULL); |
| name = vmalloc(len); |
name = vmalloc(len); |
| if (!name) |
if (!name) |
| goto end; |
goto error; |
| /* get the name */ |
/* get the name */ |
| bp = (unsigned char *) name->v; |
bp = (unsigned char *) name->v; |
| len = i2d_X509_NAME(x509->cert_info->subject, &bp); |
len = i2d_X509_NAME(x509->cert_info->subject, &bp); |
| |
|
| error = 0; |
X509_free(x509); |
| |
|
| end: |
return name; |
| if (error) { |
|
| plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); |
error: |
| if (name) { |
plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); |
| vfree(name); |
|
| name = NULL; |
if (name != NULL) |
| } |
vfree(name); |
| } |
|
| if (x509) |
if (x509 != NULL) |
| X509_free(x509); |
X509_free(x509); |
| |
|
| return name; |
return NULL; |
| } |
} |
| |
|
| /* |
/* |
| Line 671 eay_get_x509subjectaltname(cert, altname |
|
| Line 676 eay_get_x509subjectaltname(cert, altname |
|
| { |
{ |
| plog(LLV_ERROR, LOCATION, NULL, |
plog(LLV_ERROR, LOCATION, NULL, |
| "data is not terminated by NUL."); |
"data is not terminated by NUL."); |
| hexdump(gen->d.ia5->data, gen->d.ia5->length + 1); |
racoon_hexdump(gen->d.ia5->data, gen->d.ia5->length + 1); |
| goto end; |
goto end; |
| } |
} |
| |
|
| Line 1289 eay_idea_encrypt(data, key, iv) |
|
| Line 1294 eay_idea_encrypt(data, key, iv) |
|
| vchar_t *res; |
vchar_t *res; |
| IDEA_KEY_SCHEDULE ks; |
IDEA_KEY_SCHEDULE ks; |
| |
|
| idea_set_encrypt_key(key->v, &ks); |
idea_set_encrypt_key((unsigned char *)key->v, &ks); |
| |
|
| /* allocate buffer for result */ |
/* allocate buffer for result */ |
| if ((res = vmalloc(data->l)) == NULL) |
if ((res = vmalloc(data->l)) == NULL) |
| return NULL; |
return NULL; |
| |
|
| /* decryption data */ |
/* decryption data */ |
| idea_cbc_encrypt(data->v, res->v, data->l, |
idea_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l, |
| &ks, iv->v, IDEA_ENCRYPT); |
&ks, (unsigned char *)iv->v, IDEA_ENCRYPT); |
| |
|
| return res; |
return res; |
| } |
} |
| Line 1309 eay_idea_decrypt(data, key, iv) |
|
| Line 1314 eay_idea_decrypt(data, key, iv) |
|
| vchar_t *res; |
vchar_t *res; |
| IDEA_KEY_SCHEDULE ks, dks; |
IDEA_KEY_SCHEDULE ks, dks; |
| |
|
| idea_set_encrypt_key(key->v, &ks); |
idea_set_encrypt_key((unsigned char *)key->v, &ks); |
| idea_set_decrypt_key(&ks, &dks); |
idea_set_decrypt_key(&ks, &dks); |
| |
|
| /* allocate buffer for result */ |
/* allocate buffer for result */ |
| Line 1317 eay_idea_decrypt(data, key, iv) |
|
| Line 1322 eay_idea_decrypt(data, key, iv) |
|
| return NULL; |
return NULL; |
| |
|
| /* decryption data */ |
/* decryption data */ |
| idea_cbc_encrypt(data->v, res->v, data->l, |
idea_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l, |
| &dks, iv->v, IDEA_DECRYPT); |
&dks, (unsigned char *)iv->v, IDEA_DECRYPT); |
| |
|
| return res; |
return res; |
| } |
} |
| Line 1387 eay_rc5_encrypt(data, key, iv) |
|
| Line 1392 eay_rc5_encrypt(data, key, iv) |
|
| RC5_32_KEY ks; |
RC5_32_KEY ks; |
| |
|
| /* in RFC 2451, there is information about the number of round. */ |
/* in RFC 2451, there is information about the number of round. */ |
| RC5_32_set_key(&ks, key->l, key->v, 16); |
RC5_32_set_key(&ks, key->l, (unsigned char *)key->v, 16); |
| |
|
| /* allocate buffer for result */ |
/* allocate buffer for result */ |
| if ((res = vmalloc(data->l)) == NULL) |
if ((res = vmalloc(data->l)) == NULL) |
| return NULL; |
return NULL; |
| |
|
| /* decryption data */ |
/* decryption data */ |
| RC5_32_cbc_encrypt(data->v, res->v, data->l, |
RC5_32_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l, |
| &ks, iv->v, RC5_ENCRYPT); |
&ks, (unsigned char *)iv->v, RC5_ENCRYPT); |
| |
|
| return res; |
return res; |
| } |
} |
| Line 1408 eay_rc5_decrypt(data, key, iv) |
|
| Line 1413 eay_rc5_decrypt(data, key, iv) |
|
| RC5_32_KEY ks; |
RC5_32_KEY ks; |
| |
|
| /* in RFC 2451, there is information about the number of round. */ |
/* in RFC 2451, there is information about the number of round. */ |
| RC5_32_set_key(&ks, key->l, key->v, 16); |
RC5_32_set_key(&ks, key->l, (unsigned char *)key->v, 16); |
| |
|
| /* allocate buffer for result */ |
/* allocate buffer for result */ |
| if ((res = vmalloc(data->l)) == NULL) |
if ((res = vmalloc(data->l)) == NULL) |
| return NULL; |
return NULL; |
| |
|
| /* decryption data */ |
/* decryption data */ |
| RC5_32_cbc_encrypt(data->v, res->v, data->l, |
RC5_32_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l, |
| &ks, iv->v, RC5_DECRYPT); |
&ks, (unsigned char *)iv->v, RC5_DECRYPT); |
| |
|
| return res; |
return res; |
| } |
} |
| Line 1635 eay_aes_keylen(len) |
|
| Line 1640 eay_aes_keylen(len) |
|
| return len; |
return len; |
| } |
} |
| |
|
| |
#if defined(HAVE_OPENSSL_CAMELLIA_H) |
| |
/* |
| |
* CAMELLIA-CBC |
| |
*/ |
| |
static inline const EVP_CIPHER * |
| |
camellia_evp_by_keylen(int keylen) |
| |
{ |
| |
switch(keylen) { |
| |
case 16: |
| |
case 128: |
| |
return EVP_camellia_128_cbc(); |
| |
case 24: |
| |
case 192: |
| |
return EVP_camellia_192_cbc(); |
| |
case 32: |
| |
case 256: |
| |
return EVP_camellia_256_cbc(); |
| |
default: |
| |
return NULL; |
| |
} |
| |
} |
| |
|
| |
vchar_t * |
| |
eay_camellia_encrypt(data, key, iv) |
| |
vchar_t *data, *key, *iv; |
| |
{ |
| |
return evp_crypt(data, key, iv, camellia_evp_by_keylen(key->l), 1); |
| |
} |
| |
|
| |
vchar_t * |
| |
eay_camellia_decrypt(data, key, iv) |
| |
vchar_t *data, *key, *iv; |
| |
{ |
| |
return evp_crypt(data, key, iv, camellia_evp_by_keylen(key->l), 0); |
| |
} |
| |
|
| |
int |
| |
eay_camellia_weakkey(key) |
| |
vchar_t *key; |
| |
{ |
| |
return 0; |
| |
} |
| |
|
| |
int |
| |
eay_camellia_keylen(len) |
| |
int len; |
| |
{ |
| |
if (len == 0) |
| |
return 128; |
| |
if (len != 128 && len != 192 && len != 256) |
| |
return -1; |
| |
return len; |
| |
} |
| |
|
| |
#endif |
| |
|
| /* for ipsec part */ |
/* for ipsec part */ |
| int |
int |
| eay_null_hashlen() |
eay_null_hashlen() |
| Line 2439 base64_decode(char *in, long inlen) |
|
| Line 2500 base64_decode(char *in, long inlen) |
|
| { |
{ |
| BIO *bio=NULL, *b64=NULL; |
BIO *bio=NULL, *b64=NULL; |
| vchar_t *res = NULL; |
vchar_t *res = NULL; |
| char out[inlen*2]; |
char *outb; |
| long outlen; |
long outlen; |
| |
|
| |
outb = malloc(inlen * 2); |
| |
if (outb == NULL) |
| |
goto out; |
| bio = BIO_new_mem_buf(in, inlen); |
bio = BIO_new_mem_buf(in, inlen); |
| b64 = BIO_new(BIO_f_base64()); |
b64 = BIO_new(BIO_f_base64()); |
| BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); |
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); |
| bio = BIO_push(b64, bio); |
bio = BIO_push(b64, bio); |
| |
|
| outlen = BIO_read(bio, out, inlen * 2); |
outlen = BIO_read(bio, outb, inlen * 2); |
| if (outlen <= 0) { |
if (outlen <= 0) { |
| plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); |
plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror()); |
| goto out; |
goto out; |
| Line 2457 base64_decode(char *in, long inlen) |
|
| Line 2521 base64_decode(char *in, long inlen) |
|
| if (!res) |
if (!res) |
| goto out; |
goto out; |
| |
|
| memcpy(res->v, out, outlen); |
memcpy(res->v, outb, outlen); |
| |
|
| out: |
out: |
| |
if (outb) |
| |
free(outb); |
| if (bio) |
if (bio) |
| BIO_free_all(bio); |
BIO_free_all(bio); |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to crypto_openssl.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / crypto / dist / ipsec-tools / src / racoon