Annotation of src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c, Revision 1.15
1.15 ! mgrooms 1: /* $NetBSD: crypto_openssl.c,v 1.14 2008/01/11 14:09:05 vanhu Exp $ */
1.2 manu 2:
1.8 manu 3: /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */
1.1 manu 4:
5: /*
6: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7: * All rights reserved.
8: *
9: * Redistribution and use in source and binary forms, with or without
10: * modification, are permitted provided that the following conditions
11: * are met:
12: * 1. Redistributions of source code must retain the above copyright
13: * notice, this list of conditions and the following disclaimer.
14: * 2. Redistributions in binary form must reproduce the above copyright
15: * notice, this list of conditions and the following disclaimer in the
16: * documentation and/or other materials provided with the distribution.
17: * 3. Neither the name of the project nor the names of its contributors
18: * may be used to endorse or promote products derived from this software
19: * without specific prior written permission.
20: *
21: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31: * SUCH DAMAGE.
32: */
33:
34: #include "config.h"
35:
36: #include <sys/types.h>
37: #include <sys/param.h>
38:
39: #include <stdlib.h>
40: #include <stdio.h>
41: #include <limits.h>
42: #include <string.h>
43:
44: /* get openssl/ssleay version number */
45: #include <openssl/opensslv.h>
46:
47: #if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090602fL)
48: #error OpenSSL version 0.9.6 or later required.
49: #endif
50:
51: #include <openssl/pem.h>
52: #include <openssl/evp.h>
53: #include <openssl/x509.h>
54: #include <openssl/x509v3.h>
55: #include <openssl/x509_vfy.h>
56: #include <openssl/bn.h>
57: #include <openssl/dh.h>
58: #include <openssl/md5.h>
59: #include <openssl/sha.h>
60: #include <openssl/hmac.h>
61: #include <openssl/des.h>
62: #include <openssl/crypto.h>
63: #ifdef HAVE_OPENSSL_ENGINE_H
64: #include <openssl/engine.h>
65: #endif
66: #include <openssl/blowfish.h>
67: #include <openssl/cast.h>
68: #include <openssl/err.h>
1.2 manu 69: #ifdef HAVE_OPENSSL_RC5_H
70: #include <openssl/rc5.h>
71: #endif
72: #ifdef HAVE_OPENSSL_IDEA_H
73: #include <openssl/idea.h>
74: #endif
1.1 manu 75: #if defined(HAVE_OPENSSL_AES_H)
76: #include <openssl/aes.h>
77: #elif defined(HAVE_OPENSSL_RIJNDAEL_H)
78: #include <openssl/rijndael.h>
79: #else
80: #include "crypto/rijndael/rijndael-api-fst.h"
81: #endif
1.10 manu 82: #if defined(HAVE_OPENSSL_CAMELLIA_H)
83: #include <openssl/camellia.h>
84: #endif
1.1 manu 85: #ifdef WITH_SHA2
86: #ifdef HAVE_OPENSSL_SHA2_H
87: #include <openssl/sha2.h>
88: #else
89: #include "crypto/sha2/sha2.h"
90: #endif
91: #endif
1.13 vanhu 92: #include "plog.h"
1.1 manu 93:
94: /* 0.9.7 stuff? */
95: #if OPENSSL_VERSION_NUMBER < 0x0090700fL
96: typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
97: #else
98: #define USE_NEW_DES_API
99: #endif
100:
101: #define OpenSSL_BUG() do { plog(LLV_ERROR, LOCATION, NULL, "OpenSSL function failed\n"); } while(0)
102:
103: #include "var.h"
104: #include "misc.h"
105: #include "vmbuf.h"
106: #include "plog.h"
107: #include "crypto_openssl.h"
108: #include "debug.h"
109: #include "gcmalloc.h"
110:
111: /*
112: * I hate to cast every parameter to des_xx into void *, but it is
113: * necessary for SSLeay/OpenSSL portability. It sucks.
114: */
115:
116: static int cb_check_cert_local __P((int, X509_STORE_CTX *));
117: static int cb_check_cert_remote __P((int, X509_STORE_CTX *));
118: static X509 *mem2x509 __P((vchar_t *));
119:
120: static caddr_t eay_hmac_init __P((vchar_t *, const EVP_MD *));
121:
122: /* X509 Certificate */
123: /*
124: * convert the string of the subject name into DER
125: * e.g. str = "C=JP, ST=Kanagawa";
126: */
127: vchar_t *
128: eay_str2asn1dn(str, len)
129: const char *str;
130: int len;
131: {
132: X509_NAME *name;
133: char *buf;
134: char *field, *value;
135: int i, j;
1.12 vanhu 136: vchar_t *ret = NULL;
1.1 manu 137: caddr_t p;
138:
139: if (len == -1)
140: len = strlen(str);
141:
142: buf = racoon_malloc(len + 1);
143: if (!buf) {
1.9 vanhu 144: plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n");
1.1 manu 145: return NULL;
146: }
147: memcpy(buf, str, len);
148:
149: name = X509_NAME_new();
150:
151: field = &buf[0];
152: value = NULL;
153: for (i = 0; i < len; i++) {
154: if (!value && buf[i] == '=') {
155: buf[i] = '\0';
156: value = &buf[i + 1];
157: continue;
158: } else if (buf[i] == ',' || buf[i] == '/') {
159: buf[i] = '\0';
160:
161: plog(LLV_DEBUG, LOCATION, NULL, "DN: %s=%s\n",
162: field, value);
163:
164: if (!value) goto err;
165: if (!X509_NAME_add_entry_by_txt(name, field,
166: (value[0] == '*' && value[1] == 0) ?
167: V_ASN1_PRINTABLESTRING : MBSTRING_ASC,
1.4 manu 168: (unsigned char *) value, -1, -1, 0)) {
1.1 manu 169: plog(LLV_ERROR, LOCATION, NULL,
170: "Invalid DN field: %s=%s\n",
171: field, value);
172: plog(LLV_ERROR, LOCATION, NULL,
173: "%s\n", eay_strerror());
174: goto err;
175: }
176: for (j = i + 1; j < len; j++) {
177: if (buf[j] != ' ')
178: break;
179: }
180: field = &buf[j];
181: value = NULL;
182: continue;
183: }
184: }
185: buf[len] = '\0';
186:
187: plog(LLV_DEBUG, LOCATION, NULL, "DN: %s=%s\n",
188: field, value);
189:
190: if (!value) goto err;
191: if (!X509_NAME_add_entry_by_txt(name, field,
192: (value[0] == '*' && value[1] == 0) ?
193: V_ASN1_PRINTABLESTRING : MBSTRING_ASC,
1.4 manu 194: (unsigned char *) value, -1, -1, 0)) {
1.1 manu 195: plog(LLV_ERROR, LOCATION, NULL,
196: "Invalid DN field: %s=%s\n",
197: field, value);
198: plog(LLV_ERROR, LOCATION, NULL,
199: "%s\n", eay_strerror());
200: goto err;
201: }
202:
203: i = i2d_X509_NAME(name, NULL);
204: if (!i)
205: goto err;
206: ret = vmalloc(i);
207: if (!ret)
208: goto err;
209: p = ret->v;
210: i = i2d_X509_NAME(name, (void *)&p);
211: if (!i)
212: goto err;
213:
214: return ret;
215:
216: err:
217: if (buf)
218: racoon_free(buf);
219: if (name)
220: X509_NAME_free(name);
1.12 vanhu 221: if (ret)
222: vfree(ret);
1.1 manu 223: return NULL;
224: }
225:
226: /*
227: * convert the hex string of the subject name into DER
228: */
229: vchar_t *
230: eay_hex2asn1dn(const char *hex, int len)
231: {
232: BIGNUM *bn = BN_new();
233: char *binbuf;
234: size_t binlen;
235: vchar_t *ret = NULL;
236:
237: if (len == -1)
238: len = strlen(hex);
239:
240: if (BN_hex2bn(&bn, hex) != len) {
241: plog(LLV_ERROR, LOCATION, NULL,
242: "conversion of Hex-encoded ASN1 string to binary failed: %s\n",
243: eay_strerror());
244: goto out;
245: }
246:
247: binlen = BN_num_bytes(bn);
248: ret = vmalloc(binlen);
249: if (!ret) {
1.9 vanhu 250: plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n");
1.1 manu 251: return NULL;
252: }
253: binbuf = ret->v;
254:
1.4 manu 255: BN_bn2bin(bn, (unsigned char *) binbuf);
1.1 manu 256:
257: out:
258: BN_free(bn);
259:
260: return ret;
261: }
262:
263: /*
264: * The following are derived from code in crypto/x509/x509_cmp.c
265: * in OpenSSL0.9.7c:
266: * X509_NAME_wildcmp() adds wildcard matching to the original
267: * X509_NAME_cmp(), nocase_cmp() and nocase_spacenorm_cmp() are as is.
268: */
269: #include <ctype.h>
270: /* Case insensitive string comparision */
271: static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
272: {
273: int i;
274:
275: if (a->length != b->length)
276: return (a->length - b->length);
277:
278: for (i=0; i<a->length; i++)
279: {
280: int ca, cb;
281:
282: ca = tolower(a->data[i]);
283: cb = tolower(b->data[i]);
284:
285: if (ca != cb)
286: return(ca-cb);
287: }
288: return 0;
289: }
290:
291: /* Case insensitive string comparision with space normalization
292: * Space normalization - ignore leading, trailing spaces,
293: * multiple spaces between characters are replaced by single space
294: */
295: static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
296: {
297: unsigned char *pa = NULL, *pb = NULL;
298: int la, lb;
299:
300: la = a->length;
301: lb = b->length;
302: pa = a->data;
303: pb = b->data;
304:
305: /* skip leading spaces */
306: while (la > 0 && isspace(*pa))
307: {
308: la--;
309: pa++;
310: }
311: while (lb > 0 && isspace(*pb))
312: {
313: lb--;
314: pb++;
315: }
316:
317: /* skip trailing spaces */
318: while (la > 0 && isspace(pa[la-1]))
319: la--;
320: while (lb > 0 && isspace(pb[lb-1]))
321: lb--;
322:
323: /* compare strings with space normalization */
324: while (la > 0 && lb > 0)
325: {
326: int ca, cb;
327:
328: /* compare character */
329: ca = tolower(*pa);
330: cb = tolower(*pb);
331: if (ca != cb)
332: return (ca - cb);
333:
334: pa++; pb++;
335: la--; lb--;
336:
337: if (la <= 0 || lb <= 0)
338: break;
339:
340: /* is white space next character ? */
341: if (isspace(*pa) && isspace(*pb))
342: {
343: /* skip remaining white spaces */
344: while (la > 0 && isspace(*pa))
345: {
346: la--;
347: pa++;
348: }
349: while (lb > 0 && isspace(*pb))
350: {
351: lb--;
352: pb++;
353: }
354: }
355: }
356: if (la > 0 || lb > 0)
357: return la - lb;
358:
359: return 0;
360: }
361:
362: static int X509_NAME_wildcmp(const X509_NAME *a, const X509_NAME *b)
363: {
364: int i,j;
365: X509_NAME_ENTRY *na,*nb;
366:
367: if (sk_X509_NAME_ENTRY_num(a->entries)
368: != sk_X509_NAME_ENTRY_num(b->entries))
369: return sk_X509_NAME_ENTRY_num(a->entries)
370: -sk_X509_NAME_ENTRY_num(b->entries);
371: for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
372: {
373: na=sk_X509_NAME_ENTRY_value(a->entries,i);
374: nb=sk_X509_NAME_ENTRY_value(b->entries,i);
375: j=OBJ_cmp(na->object,nb->object);
376: if (j) return(j);
377: if ((na->value->length == 1 && na->value->data[0] == '*')
378: || (nb->value->length == 1 && nb->value->data[0] == '*'))
379: continue;
380: j=na->value->type-nb->value->type;
381: if (j) return(j);
382: if (na->value->type == V_ASN1_PRINTABLESTRING)
383: j=nocase_spacenorm_cmp(na->value, nb->value);
384: else if (na->value->type == V_ASN1_IA5STRING
385: && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
386: j=nocase_cmp(na->value, nb->value);
387: else
388: {
389: j=na->value->length-nb->value->length;
390: if (j) return(j);
391: j=memcmp(na->value->data,nb->value->data,
392: na->value->length);
393: }
394: if (j) return(j);
395: j=na->set-nb->set;
396: if (j) return(j);
397: }
398:
399: return(0);
400: }
401:
402: /*
403: * compare two subjectNames.
404: * OUT: 0: equal
405: * positive:
406: * -1: other error.
407: */
408: int
409: eay_cmp_asn1dn(n1, n2)
410: vchar_t *n1, *n2;
411: {
412: X509_NAME *a = NULL, *b = NULL;
413: caddr_t p;
414: int i = -1;
415:
416: p = n1->v;
417: if (!d2i_X509_NAME(&a, (void *)&p, n1->l))
418: goto end;
419: p = n2->v;
420: if (!d2i_X509_NAME(&b, (void *)&p, n2->l))
421: goto end;
422:
423: i = X509_NAME_wildcmp(a, b);
424:
425: end:
426: if (a)
427: X509_NAME_free(a);
428: if (b)
429: X509_NAME_free(b);
430: return i;
431: }
432:
433: /*
434: * this functions is derived from apps/verify.c in OpenSSL0.9.5
435: */
436: int
437: eay_check_x509cert(cert, CApath, CAfile, local)
438: vchar_t *cert;
439: char *CApath;
440: char *CAfile;
441: int local;
442: {
443: X509_STORE *cert_ctx = NULL;
444: X509_LOOKUP *lookup = NULL;
445: X509 *x509 = NULL;
446: X509_STORE_CTX *csc;
447: int error = -1;
448:
449: cert_ctx = X509_STORE_new();
450: if (cert_ctx == NULL)
451: goto end;
452:
453: if (local)
454: X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_local);
455: else
456: X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_remote);
457:
458: lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
459: if (lookup == NULL)
460: goto end;
461:
462: X509_LOOKUP_load_file(lookup, CAfile,
463: (CAfile == NULL) ? X509_FILETYPE_DEFAULT : X509_FILETYPE_PEM);
464:
465: lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
466: if (lookup == NULL)
467: goto end;
468: error = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM);
469: if(!error) {
470: error = -1;
471: goto end;
472: }
473: error = -1; /* initialized */
474:
475: /* read the certificate to be verified */
476: x509 = mem2x509(cert);
477: if (x509 == NULL)
478: goto end;
479:
480: csc = X509_STORE_CTX_new();
481: if (csc == NULL)
482: goto end;
483: X509_STORE_CTX_init(csc, cert_ctx, x509, NULL);
484: #if OPENSSL_VERSION_NUMBER >= 0x00907000L
485: X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK);
486: X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL);
487: #endif
488: error = X509_verify_cert(csc);
489: X509_STORE_CTX_cleanup(csc);
490:
491: /*
492: * if x509_verify_cert() is successful then the value of error is
493: * set non-zero.
494: */
495: error = error ? 0 : -1;
496:
497: end:
498: if (error)
1.9 vanhu 499: plog(LLV_WARNING, LOCATION, NULL,"%s\n", eay_strerror());
1.1 manu 500: if (cert_ctx != NULL)
501: X509_STORE_free(cert_ctx);
502: if (x509 != NULL)
503: X509_free(x509);
504:
505: return(error);
506: }
507:
508: /*
509: * callback function for verifing certificate.
510: * this function is derived from cb() in openssl/apps/s_server.c
511: */
512: static int
513: cb_check_cert_local(ok, ctx)
514: int ok;
515: X509_STORE_CTX *ctx;
516: {
517: char buf[256];
518: int log_tag;
519:
520: if (!ok) {
521: X509_NAME_oneline(
522: X509_get_subject_name(ctx->current_cert),
523: buf,
524: 256);
525: /*
526: * since we are just checking the certificates, it is
527: * ok if they are self signed. But we should still warn
528: * the user.
529: */
530: switch (ctx->error) {
531: case X509_V_ERR_CERT_HAS_EXPIRED:
532: case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
533: case X509_V_ERR_INVALID_CA:
534: case X509_V_ERR_PATH_LENGTH_EXCEEDED:
535: case X509_V_ERR_INVALID_PURPOSE:
536: case X509_V_ERR_UNABLE_TO_GET_CRL:
537: ok = 1;
538: log_tag = LLV_WARNING;
539: break;
540: default:
541: log_tag = LLV_ERROR;
542: }
543: plog(log_tag, LOCATION, NULL,
544: "%s(%d) at depth:%d SubjectName:%s\n",
545: X509_verify_cert_error_string(ctx->error),
546: ctx->error,
547: ctx->error_depth,
548: buf);
549: }
550: ERR_clear_error();
551:
552: return ok;
553: }
554:
555: /*
556: * callback function for verifing remote certificates.
557: * this function is derived from cb() in openssl/apps/s_server.c
558: */
559: static int
560: cb_check_cert_remote(ok, ctx)
561: int ok;
562: X509_STORE_CTX *ctx;
563: {
564: char buf[256];
565: int log_tag;
566:
567: if (!ok) {
568: X509_NAME_oneline(
569: X509_get_subject_name(ctx->current_cert),
570: buf,
571: 256);
572: switch (ctx->error) {
573: case X509_V_ERR_UNABLE_TO_GET_CRL:
574: ok = 1;
575: log_tag = LLV_WARNING;
576: break;
577: default:
578: log_tag = LLV_ERROR;
579: }
580: plog(log_tag, LOCATION, NULL,
581: "%s(%d) at depth:%d SubjectName:%s\n",
582: X509_verify_cert_error_string(ctx->error),
583: ctx->error,
584: ctx->error_depth,
585: buf);
586: }
587: ERR_clear_error();
588:
589: return ok;
590: }
591:
592: /*
593: * get a subjectAltName from X509 certificate.
594: */
595: vchar_t *
596: eay_get_x509asn1subjectname(cert)
597: vchar_t *cert;
598: {
599: X509 *x509 = NULL;
600: u_char *bp;
601: vchar_t *name = NULL;
602: int len;
603:
1.4 manu 604: bp = (unsigned char *) cert->v;
1.1 manu 605:
606: x509 = mem2x509(cert);
607: if (x509 == NULL)
1.8 manu 608: goto error;
1.1 manu 609:
610: /* get the length of the name */
611: len = i2d_X509_NAME(x509->cert_info->subject, NULL);
612: name = vmalloc(len);
613: if (!name)
1.8 manu 614: goto error;
1.1 manu 615: /* get the name */
1.4 manu 616: bp = (unsigned char *) name->v;
1.1 manu 617: len = i2d_X509_NAME(x509->cert_info->subject, &bp);
618:
1.8 manu 619: X509_free(x509);
620:
621: return name;
622:
623: error:
624: plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
625:
626: if (name != NULL)
627: vfree(name);
1.1 manu 628:
1.8 manu 629: if (x509 != NULL)
1.1 manu 630: X509_free(x509);
631:
1.8 manu 632: return NULL;
1.1 manu 633: }
634:
635: /*
636: * get the subjectAltName from X509 certificate.
637: * the name must be terminated by '\0'.
638: */
639: int
640: eay_get_x509subjectaltname(cert, altname, type, pos)
641: vchar_t *cert;
642: char **altname;
643: int *type;
644: int pos;
645: {
646: X509 *x509 = NULL;
647: GENERAL_NAMES *gens = NULL;
648: GENERAL_NAME *gen;
649: int len;
650: int error = -1;
651:
652: *altname = NULL;
653: *type = GENT_OTHERNAME;
654:
655: x509 = mem2x509(cert);
656: if (x509 == NULL)
657: goto end;
658:
659: gens = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
660: if (gens == NULL)
661: goto end;
662:
663: /* there is no data at "pos" */
664: if (pos > sk_GENERAL_NAME_num(gens))
665: goto end;
666:
667: gen = sk_GENERAL_NAME_value(gens, pos - 1);
668:
669: /* read DNSName / Email */
670: if (gen->type == GEN_DNS ||
671: gen->type == GEN_EMAIL ||
672: gen->type == GEN_URI )
673: {
674: /* make sure if the data is terminated by '\0'. */
675: if (gen->d.ia5->data[gen->d.ia5->length] != '\0')
676: {
677: plog(LLV_ERROR, LOCATION, NULL,
678: "data is not terminated by NUL.");
1.15 ! mgrooms 679: racoon_hexdump(gen->d.ia5->data, gen->d.ia5->length + 1);
1.1 manu 680: goto end;
681: }
682:
683: len = gen->d.ia5->length + 1;
684: *altname = racoon_malloc(len);
685: if (!*altname)
686: goto end;
687:
1.4 manu 688: strlcpy(*altname, (char *) gen->d.ia5->data, len);
1.1 manu 689: *type = gen->type;
690: error = 0;
691: }
692: /* read IP address */
693: else if (gen->type == GEN_IPADD)
694: {
695: unsigned char p[5], *ip;
696: ip = p;
697:
698: /* only support IPv4 */
699: if (gen->d.ip->length != 4)
700: goto end;
701:
702: /* convert Octet String to String
703: * XXX ???????
704: */
705: /*i2d_ASN1_OCTET_STRING(gen->d.ip,&ip);*/
706: ip = gen->d.ip->data;
707:
708: /* XXX Magic, enough for an IPv4 address
709: */
710: *altname = racoon_malloc(20);
711: if (!*altname)
712: goto end;
713:
714: sprintf(*altname, "%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]);
715: *type = gen->type;
716: error = 0;
717: }
718: /* XXX other possible types ?
719: * For now, error will be -1 if unsupported type
720: */
721:
722: end:
723: if (error) {
724: if (*altname) {
725: racoon_free(*altname);
726: *altname = NULL;
727: }
728: plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
729: }
730: if (x509)
731: X509_free(x509);
732: if (gens)
733: /* free the whole stack. */
734: sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
735:
736: return error;
737: }
738:
739:
740: /*
741: * decode a X509 certificate and make a readable text terminated '\n'.
742: * return the buffer allocated, so must free it later.
743: */
744: char *
745: eay_get_x509text(cert)
746: vchar_t *cert;
747: {
748: X509 *x509 = NULL;
749: BIO *bio = NULL;
750: char *text = NULL;
751: u_char *bp = NULL;
752: int len = 0;
753: int error = -1;
754:
755: x509 = mem2x509(cert);
756: if (x509 == NULL)
757: goto end;
758:
759: bio = BIO_new(BIO_s_mem());
760: if (bio == NULL)
761: goto end;
762:
763: error = X509_print(bio, x509);
764: if (error != 1) {
765: error = -1;
766: goto end;
767: }
768:
769: len = BIO_get_mem_data(bio, &bp);
770: text = racoon_malloc(len + 1);
771: if (text == NULL)
772: goto end;
773: memcpy(text, bp, len);
774: text[len] = '\0';
775:
776: error = 0;
777:
778: end:
779: if (error) {
780: if (text) {
781: racoon_free(text);
782: text = NULL;
783: }
784: plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
785: }
786: if (bio)
787: BIO_free(bio);
788: if (x509)
789: X509_free(x509);
790:
791: return text;
792: }
793:
794: /* get X509 structure from buffer. */
795: static X509 *
796: mem2x509(cert)
797: vchar_t *cert;
798: {
799: X509 *x509;
800:
801: #ifndef EAYDEBUG
802: {
803: u_char *bp;
804:
1.4 manu 805: bp = (unsigned char *) cert->v;
1.1 manu 806:
1.4 manu 807: x509 = d2i_X509(NULL, (void *)&bp, cert->l);
1.1 manu 808: }
809: #else
810: {
811: BIO *bio;
812: int len;
813:
814: bio = BIO_new(BIO_s_mem());
815: if (bio == NULL)
816: return NULL;
817: len = BIO_write(bio, cert->v, cert->l);
818: if (len == -1)
819: return NULL;
820: x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
821: BIO_free(bio);
822: }
823: #endif
824: return x509;
825: }
826:
827: /*
828: * get a X509 certificate from local file.
829: * a certificate must be PEM format.
830: * Input:
831: * path to a certificate.
832: * Output:
833: * NULL if error occured
834: * other is the cert.
835: */
836: vchar_t *
837: eay_get_x509cert(path)
838: char *path;
839: {
840: FILE *fp;
841: X509 *x509;
842: vchar_t *cert;
843: u_char *bp;
844: int len;
845: int error;
846:
847: /* Read private key */
848: fp = fopen(path, "r");
849: if (fp == NULL)
850: return NULL;
851: x509 = PEM_read_X509(fp, NULL, NULL, NULL);
852: fclose (fp);
853:
854: if (x509 == NULL)
855: return NULL;
856:
857: len = i2d_X509(x509, NULL);
858: cert = vmalloc(len);
859: if (cert == NULL) {
860: X509_free(x509);
861: return NULL;
862: }
1.4 manu 863: bp = (unsigned char *) cert->v;
1.1 manu 864: error = i2d_X509(x509, &bp);
865: X509_free(x509);
866:
867: if (error == 0) {
868: vfree(cert);
869: return NULL;
870: }
871:
872: return cert;
873: }
874:
875: /*
876: * check a X509 signature
877: * XXX: to be get hash type from my cert ?
878: * to be handled EVP_dss().
879: * OUT: return -1 when error.
880: * 0
881: */
882: int
883: eay_check_x509sign(source, sig, cert)
884: vchar_t *source;
885: vchar_t *sig;
886: vchar_t *cert;
887: {
888: X509 *x509;
889: u_char *bp;
890: EVP_PKEY *evp;
891: int res;
892:
1.4 manu 893: bp = (unsigned char *) cert->v;
1.1 manu 894:
1.4 manu 895: x509 = d2i_X509(NULL, (void *)&bp, cert->l);
1.1 manu 896: if (x509 == NULL) {
897: plog(LLV_ERROR, LOCATION, NULL, "d2i_X509(): %s\n", eay_strerror());
898: return -1;
899: }
900:
901: evp = X509_get_pubkey(x509);
902: if (! evp) {
903: plog(LLV_ERROR, LOCATION, NULL, "X509_get_pubkey(): %s\n", eay_strerror());
904: return -1;
905: }
906:
907: res = eay_rsa_verify(source, sig, evp->pkey.rsa);
908:
909: EVP_PKEY_free(evp);
910:
911: return res;
912: }
913:
914: /*
915: * check RSA signature
916: * OUT: return -1 when error.
917: * 0 on success
918: */
919: int
920: eay_check_rsasign(source, sig, rsa)
921: vchar_t *source;
922: vchar_t *sig;
923: RSA *rsa;
924: {
925: return eay_rsa_verify(source, sig, rsa);
926: }
927:
928: /*
929: * get PKCS#1 Private Key of PEM format from local file.
930: */
931: vchar_t *
932: eay_get_pkcs1privkey(path)
933: char *path;
934: {
935: FILE *fp;
936: EVP_PKEY *evp = NULL;
937: vchar_t *pkey = NULL;
938: u_char *bp;
939: int pkeylen;
940: int error = -1;
941:
942: /* Read private key */
943: fp = fopen(path, "r");
944: if (fp == NULL)
945: return NULL;
946:
947: evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
948:
949: fclose (fp);
950:
951: if (evp == NULL)
952: return NULL;
953:
954: pkeylen = i2d_PrivateKey(evp, NULL);
955: if (pkeylen == 0)
956: goto end;
957: pkey = vmalloc(pkeylen);
958: if (pkey == NULL)
959: goto end;
1.4 manu 960: bp = (unsigned char *) pkey->v;
1.1 manu 961: pkeylen = i2d_PrivateKey(evp, &bp);
962: if (pkeylen == 0)
963: goto end;
964:
965: error = 0;
966:
967: end:
968: if (evp != NULL)
969: EVP_PKEY_free(evp);
970: if (error != 0 && pkey != NULL) {
971: vfree(pkey);
972: pkey = NULL;
973: }
974:
975: return pkey;
976: }
977:
978: /*
979: * get PKCS#1 Public Key of PEM format from local file.
980: */
981: vchar_t *
982: eay_get_pkcs1pubkey(path)
983: char *path;
984: {
985: FILE *fp;
986: EVP_PKEY *evp = NULL;
987: vchar_t *pkey = NULL;
988: X509 *x509 = NULL;
989: u_char *bp;
990: int pkeylen;
991: int error = -1;
992:
993: /* Read private key */
994: fp = fopen(path, "r");
995: if (fp == NULL)
996: return NULL;
997:
998: x509 = PEM_read_X509(fp, NULL, NULL, NULL);
999:
1000: fclose (fp);
1001:
1002: if (x509 == NULL)
1003: return NULL;
1004:
1005: /* Get public key - eay */
1006: evp = X509_get_pubkey(x509);
1007: if (evp == NULL)
1008: return NULL;
1009:
1010: pkeylen = i2d_PublicKey(evp, NULL);
1011: if (pkeylen == 0)
1012: goto end;
1013: pkey = vmalloc(pkeylen);
1014: if (pkey == NULL)
1015: goto end;
1.4 manu 1016: bp = (unsigned char *) pkey->v;
1.1 manu 1017: pkeylen = i2d_PublicKey(evp, &bp);
1018: if (pkeylen == 0)
1019: goto end;
1020:
1021: error = 0;
1022: end:
1023: if (evp != NULL)
1024: EVP_PKEY_free(evp);
1025: if (error != 0 && pkey != NULL) {
1026: vfree(pkey);
1027: pkey = NULL;
1028: }
1029:
1030: return pkey;
1031: }
1032:
1033: vchar_t *
1034: eay_get_x509sign(src, privkey)
1035: vchar_t *src, *privkey;
1036: {
1037: EVP_PKEY *evp;
1.4 manu 1038: u_char *bp = (unsigned char *) privkey->v;
1.1 manu 1039: vchar_t *sig = NULL;
1040: int len;
1041: int pad = RSA_PKCS1_PADDING;
1042:
1043: /* XXX to be handled EVP_PKEY_DSA */
1.4 manu 1044: evp = d2i_PrivateKey(EVP_PKEY_RSA, NULL, (void *)&bp, privkey->l);
1.1 manu 1045: if (evp == NULL)
1046: return NULL;
1047:
1048: sig = eay_rsa_sign(src, evp->pkey.rsa);
1049:
1050: EVP_PKEY_free(evp);
1051:
1052: return sig;
1053: }
1054:
1055: vchar_t *
1056: eay_get_rsasign(src, rsa)
1057: vchar_t *src;
1058: RSA *rsa;
1059: {
1060: return eay_rsa_sign(src, rsa);
1061: }
1062:
1063: vchar_t *
1064: eay_rsa_sign(vchar_t *src, RSA *rsa)
1065: {
1066: int len;
1067: vchar_t *sig = NULL;
1068: int pad = RSA_PKCS1_PADDING;
1069:
1070: len = RSA_size(rsa);
1071:
1072: sig = vmalloc(len);
1073: if (sig == NULL)
1074: return NULL;
1075:
1.4 manu 1076: len = RSA_private_encrypt(src->l, (unsigned char *) src->v,
1077: (unsigned char *) sig->v, rsa, pad);
1.1 manu 1078:
1079: if (len == 0 || len != sig->l) {
1080: vfree(sig);
1081: sig = NULL;
1082: }
1083:
1084: return sig;
1085: }
1086:
1087: int
1088: eay_rsa_verify(src, sig, rsa)
1089: vchar_t *src, *sig;
1090: RSA *rsa;
1091: {
1092: vchar_t *xbuf = NULL;
1093: int pad = RSA_PKCS1_PADDING;
1094: int len = 0;
1095: int error;
1096:
1097: len = RSA_size(rsa);
1098: xbuf = vmalloc(len);
1099: if (xbuf == NULL) {
1100: plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
1101: return -1;
1102: }
1103:
1.4 manu 1104: len = RSA_public_decrypt(sig->l, (unsigned char *) sig->v,
1105: (unsigned char *) xbuf->v, rsa, pad);
1.1 manu 1106: if (len == 0 || len != src->l) {
1107: plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
1108: vfree(xbuf);
1109: return -1;
1110: }
1111:
1112: error = memcmp(src->v, xbuf->v, src->l);
1113: vfree(xbuf);
1114: if (error != 0)
1115: return -1;
1116:
1117: return 0;
1118: }
1119:
1120: /*
1121: * get error string
1122: * MUST load ERR_load_crypto_strings() first.
1123: */
1124: char *
1125: eay_strerror()
1126: {
1127: static char ebuf[512];
1128: int len = 0, n;
1129: unsigned long l;
1130: char buf[200];
1131: const char *file, *data;
1132: int line, flags;
1133: unsigned long es;
1134:
1135: es = CRYPTO_thread_id();
1136:
1137: while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){
1138: n = snprintf(ebuf + len, sizeof(ebuf) - len,
1139: "%lu:%s:%s:%d:%s ",
1140: es, ERR_error_string(l, buf), file, line,
1141: (flags & ERR_TXT_STRING) ? data : "");
1142: if (n < 0 || n >= sizeof(ebuf) - len)
1143: break;
1144: len += n;
1145: if (sizeof(ebuf) < len)
1146: break;
1147: }
1148:
1149: return ebuf;
1150: }
1151:
1152: vchar_t *
1153: evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc)
1154: {
1155: vchar_t *res;
1156: EVP_CIPHER_CTX ctx;
1157:
1158: if (!e)
1159: return NULL;
1160:
1161: if (data->l % EVP_CIPHER_block_size(e))
1162: return NULL;
1163:
1164: if ((res = vmalloc(data->l)) == NULL)
1165: return NULL;
1166:
1167: EVP_CIPHER_CTX_init(&ctx);
1168:
1.4 manu 1169: switch(EVP_CIPHER_nid(e)){
1170: case NID_bf_cbc:
1171: case NID_bf_ecb:
1172: case NID_bf_cfb64:
1173: case NID_bf_ofb64:
1174: case NID_cast5_cbc:
1175: case NID_cast5_ecb:
1176: case NID_cast5_cfb64:
1177: case NID_cast5_ofb64:
1178: /* XXX: can we do that also for algos with a fixed key size ?
1179: */
1180: /* init context without key/iv
1181: */
1182: if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc))
1183: {
1184: OpenSSL_BUG();
1185: vfree(res);
1186: return NULL;
1187: }
1188:
1189: /* update key size
1190: */
1191: if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l))
1192: {
1193: OpenSSL_BUG();
1194: vfree(res);
1195: return NULL;
1196: }
1197:
1198: /* finalize context init with desired key size
1199: */
1200: if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v,
1201: (u_char *) iv->v, enc))
1202: {
1203: OpenSSL_BUG();
1204: vfree(res);
1205: return NULL;
1206: }
1207: break;
1208: default:
1209: if (!EVP_CipherInit(&ctx, e, (u_char *) key->v,
1210: (u_char *) iv->v, enc)) {
1211: OpenSSL_BUG();
1212: vfree(res);
1213: return NULL;
1214: }
1.1 manu 1215: }
1.4 manu 1216:
1217: /* disable openssl padding */
1218: EVP_CIPHER_CTX_set_padding(&ctx, 0);
1.1 manu 1219:
1.4 manu 1220: if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) {
1.1 manu 1221: OpenSSL_BUG();
1222: vfree(res);
1223: return NULL;
1224: }
1225:
1226: EVP_CIPHER_CTX_cleanup(&ctx);
1227:
1228: return res;
1229: }
1230:
1231: int
1232: evp_weakkey(vchar_t *key, const EVP_CIPHER *e)
1233: {
1234: return 0;
1235: }
1236:
1237: int
1238: evp_keylen(int len, const EVP_CIPHER *e)
1239: {
1240: if (!e)
1241: return -1;
1.2 manu 1242: /* EVP functions return lengths in bytes, ipsec-tools
1243: * uses lengths in bits, therefore conversion is required. --AK
1244: */
1245: if (len != 0 && len != (EVP_CIPHER_key_length(e) << 3))
1.1 manu 1246: return -1;
1247:
1.2 manu 1248: return EVP_CIPHER_key_length(e) << 3;
1.1 manu 1249: }
1250:
1251: /*
1252: * DES-CBC
1253: */
1254: vchar_t *
1255: eay_des_encrypt(data, key, iv)
1256: vchar_t *data, *key, *iv;
1257: {
1258: return evp_crypt(data, key, iv, EVP_des_cbc(), 1);
1259: }
1260:
1261: vchar_t *
1262: eay_des_decrypt(data, key, iv)
1263: vchar_t *data, *key, *iv;
1264: {
1265: return evp_crypt(data, key, iv, EVP_des_cbc(), 0);
1266: }
1267:
1268: int
1269: eay_des_weakkey(key)
1270: vchar_t *key;
1271: {
1272: #ifdef USE_NEW_DES_API
1273: return DES_is_weak_key((void *)key->v);
1274: #else
1275: return des_is_weak_key((void *)key->v);
1276: #endif
1277: }
1278:
1279: int
1280: eay_des_keylen(len)
1281: int len;
1282: {
1283: return evp_keylen(len, EVP_des_cbc());
1284: }
1285:
1.2 manu 1286: #ifdef HAVE_OPENSSL_IDEA_H
1287: /*
1288: * IDEA-CBC
1289: */
1290: vchar_t *
1291: eay_idea_encrypt(data, key, iv)
1292: vchar_t *data, *key, *iv;
1293: {
1294: vchar_t *res;
1295: IDEA_KEY_SCHEDULE ks;
1296:
1.14 vanhu 1297: idea_set_encrypt_key((unsigned char *)key->v, &ks);
1.2 manu 1298:
1299: /* allocate buffer for result */
1300: if ((res = vmalloc(data->l)) == NULL)
1301: return NULL;
1302:
1303: /* decryption data */
1.14 vanhu 1304: idea_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
1305: &ks, (unsigned char *)iv->v, IDEA_ENCRYPT);
1.2 manu 1306:
1307: return res;
1308: }
1309:
1310: vchar_t *
1311: eay_idea_decrypt(data, key, iv)
1312: vchar_t *data, *key, *iv;
1313: {
1314: vchar_t *res;
1315: IDEA_KEY_SCHEDULE ks, dks;
1316:
1.14 vanhu 1317: idea_set_encrypt_key((unsigned char *)key->v, &ks);
1.2 manu 1318: idea_set_decrypt_key(&ks, &dks);
1319:
1320: /* allocate buffer for result */
1321: if ((res = vmalloc(data->l)) == NULL)
1322: return NULL;
1323:
1324: /* decryption data */
1.14 vanhu 1325: idea_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
1326: &dks, (unsigned char *)iv->v, IDEA_DECRYPT);
1.2 manu 1327:
1328: return res;
1329: }
1330:
1331: int
1332: eay_idea_weakkey(key)
1333: vchar_t *key;
1334: {
1335: return 0; /* XXX */
1336: }
1337:
1338: int
1339: eay_idea_keylen(len)
1340: int len;
1341: {
1342: if (len != 0 && len != 128)
1343: return -1;
1344: return 128;
1345: }
1346: #endif
1347:
1.1 manu 1348: /*
1349: * BLOWFISH-CBC
1350: */
1351: vchar_t *
1352: eay_bf_encrypt(data, key, iv)
1353: vchar_t *data, *key, *iv;
1354: {
1355: return evp_crypt(data, key, iv, EVP_bf_cbc(), 1);
1356: }
1357:
1358: vchar_t *
1359: eay_bf_decrypt(data, key, iv)
1360: vchar_t *data, *key, *iv;
1361: {
1362: return evp_crypt(data, key, iv, EVP_bf_cbc(), 0);
1363: }
1364:
1365: int
1366: eay_bf_weakkey(key)
1367: vchar_t *key;
1368: {
1369: return 0; /* XXX to be done. refer to RFC 2451 */
1370: }
1371:
1372: int
1373: eay_bf_keylen(len)
1374: int len;
1375: {
1376: if (len == 0)
1377: return 448;
1378: if (len < 40 || len > 448)
1379: return -1;
1380: return len;
1381: }
1382:
1.2 manu 1383: #ifdef HAVE_OPENSSL_RC5_H
1384: /*
1385: * RC5-CBC
1386: */
1387: vchar_t *
1388: eay_rc5_encrypt(data, key, iv)
1389: vchar_t *data, *key, *iv;
1390: {
1391: vchar_t *res;
1392: RC5_32_KEY ks;
1393:
1394: /* in RFC 2451, there is information about the number of round. */
1.14 vanhu 1395: RC5_32_set_key(&ks, key->l, (unsigned char *)key->v, 16);
1.2 manu 1396:
1397: /* allocate buffer for result */
1398: if ((res = vmalloc(data->l)) == NULL)
1399: return NULL;
1400:
1401: /* decryption data */
1.14 vanhu 1402: RC5_32_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
1403: &ks, (unsigned char *)iv->v, RC5_ENCRYPT);
1.2 manu 1404:
1405: return res;
1406: }
1407:
1408: vchar_t *
1409: eay_rc5_decrypt(data, key, iv)
1410: vchar_t *data, *key, *iv;
1411: {
1412: vchar_t *res;
1413: RC5_32_KEY ks;
1414:
1415: /* in RFC 2451, there is information about the number of round. */
1.14 vanhu 1416: RC5_32_set_key(&ks, key->l, (unsigned char *)key->v, 16);
1.2 manu 1417:
1418: /* allocate buffer for result */
1419: if ((res = vmalloc(data->l)) == NULL)
1420: return NULL;
1421:
1422: /* decryption data */
1.14 vanhu 1423: RC5_32_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
1424: &ks, (unsigned char *)iv->v, RC5_DECRYPT);
1.2 manu 1425:
1426: return res;
1427: }
1428:
1429: int
1430: eay_rc5_weakkey(key)
1431: vchar_t *key;
1432: {
1433: return 0; /* No known weak keys when used with 16 rounds. */
1434:
1435: }
1436:
1437: int
1438: eay_rc5_keylen(len)
1439: int len;
1440: {
1441: if (len == 0)
1442: return 128;
1443: if (len < 40 || len > 2040)
1444: return -1;
1445: return len;
1446: }
1447: #endif
1448:
1.1 manu 1449: /*
1450: * 3DES-CBC
1451: */
1452: vchar_t *
1453: eay_3des_encrypt(data, key, iv)
1454: vchar_t *data, *key, *iv;
1455: {
1456: return evp_crypt(data, key, iv, EVP_des_ede3_cbc(), 1);
1457: }
1458:
1459: vchar_t *
1460: eay_3des_decrypt(data, key, iv)
1461: vchar_t *data, *key, *iv;
1462: {
1463: return evp_crypt(data, key, iv, EVP_des_ede3_cbc(), 0);
1464: }
1465:
1466: int
1467: eay_3des_weakkey(key)
1468: vchar_t *key;
1469: {
1470: #ifdef USE_NEW_DES_API
1471: return (DES_is_weak_key((void *)key->v) ||
1472: DES_is_weak_key((void *)(key->v + 8)) ||
1473: DES_is_weak_key((void *)(key->v + 16)));
1474: #else
1475: if (key->l < 24)
1476: return 0;
1477:
1478: return (des_is_weak_key((void *)key->v) ||
1479: des_is_weak_key((void *)(key->v + 8)) ||
1480: des_is_weak_key((void *)(key->v + 16)));
1481: #endif
1482: }
1483:
1484: int
1485: eay_3des_keylen(len)
1486: int len;
1487: {
1488: if (len != 0 && len != 192)
1489: return -1;
1490: return 192;
1491: }
1492:
1493: /*
1494: * CAST-CBC
1495: */
1496: vchar_t *
1497: eay_cast_encrypt(data, key, iv)
1498: vchar_t *data, *key, *iv;
1499: {
1500: return evp_crypt(data, key, iv, EVP_cast5_cbc(), 1);
1501: }
1502:
1503: vchar_t *
1504: eay_cast_decrypt(data, key, iv)
1505: vchar_t *data, *key, *iv;
1506: {
1507: return evp_crypt(data, key, iv, EVP_cast5_cbc(), 0);
1508: }
1509:
1510: int
1511: eay_cast_weakkey(key)
1512: vchar_t *key;
1513: {
1514: return 0; /* No known weak keys. */
1515: }
1516:
1517: int
1518: eay_cast_keylen(len)
1519: int len;
1520: {
1521: if (len == 0)
1522: return 128;
1523: if (len < 40 || len > 128)
1524: return -1;
1525: return len;
1526: }
1527:
1528: /*
1529: * AES(RIJNDAEL)-CBC
1530: */
1531: #ifndef HAVE_OPENSSL_AES_H
1532: vchar_t *
1533: eay_aes_encrypt(data, key, iv)
1534: vchar_t *data, *key, *iv;
1535: {
1536: vchar_t *res;
1537: keyInstance k;
1538: cipherInstance c;
1539:
1540: memset(&k, 0, sizeof(k));
1541: if (rijndael_makeKey(&k, DIR_ENCRYPT, key->l << 3, key->v) < 0)
1542: return NULL;
1543:
1544: /* allocate buffer for result */
1545: if ((res = vmalloc(data->l)) == NULL)
1546: return NULL;
1547:
1548: /* encryption data */
1549: memset(&c, 0, sizeof(c));
1550: if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0){
1551: vfree(res);
1552: return NULL;
1553: }
1554: if (rijndael_blockEncrypt(&c, &k, data->v, data->l << 3, res->v) < 0){
1555: vfree(res);
1556: return NULL;
1557: }
1558:
1559: return res;
1560: }
1561:
1562: vchar_t *
1563: eay_aes_decrypt(data, key, iv)
1564: vchar_t *data, *key, *iv;
1565: {
1566: vchar_t *res;
1567: keyInstance k;
1568: cipherInstance c;
1569:
1570: memset(&k, 0, sizeof(k));
1571: if (rijndael_makeKey(&k, DIR_DECRYPT, key->l << 3, key->v) < 0)
1572: return NULL;
1573:
1574: /* allocate buffer for result */
1575: if ((res = vmalloc(data->l)) == NULL)
1576: return NULL;
1577:
1578: /* decryption data */
1579: memset(&c, 0, sizeof(c));
1580: if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0){
1581: vfree(res);
1582: return NULL;
1583: }
1584: if (rijndael_blockDecrypt(&c, &k, data->v, data->l << 3, res->v) < 0){
1585: vfree(res);
1586: return NULL;
1587: }
1588:
1589: return res;
1590: }
1591: #else
1592: static inline const EVP_CIPHER *
1593: aes_evp_by_keylen(int keylen)
1594: {
1595: switch(keylen) {
1596: case 16:
1597: case 128:
1598: return EVP_aes_128_cbc();
1599: case 24:
1600: case 192:
1601: return EVP_aes_192_cbc();
1602: case 32:
1603: case 256:
1604: return EVP_aes_256_cbc();
1605: default:
1606: return NULL;
1607: }
1608: }
1609:
1610: vchar_t *
1611: eay_aes_encrypt(data, key, iv)
1612: vchar_t *data, *key, *iv;
1613: {
1614: return evp_crypt(data, key, iv, aes_evp_by_keylen(key->l), 1);
1615: }
1616:
1617: vchar_t *
1618: eay_aes_decrypt(data, key, iv)
1619: vchar_t *data, *key, *iv;
1620: {
1621: return evp_crypt(data, key, iv, aes_evp_by_keylen(key->l), 0);
1622: }
1623: #endif
1624:
1625: int
1626: eay_aes_weakkey(key)
1627: vchar_t *key;
1628: {
1629: return 0;
1630: }
1631:
1632: int
1633: eay_aes_keylen(len)
1634: int len;
1635: {
1636: if (len == 0)
1637: return 128;
1638: if (len != 128 && len != 192 && len != 256)
1639: return -1;
1640: return len;
1641: }
1642:
1.10 manu 1643: #if defined(HAVE_OPENSSL_CAMELLIA_H)
1644: /*
1645: * CAMELLIA-CBC
1646: */
1647: static inline const EVP_CIPHER *
1648: camellia_evp_by_keylen(int keylen)
1649: {
1650: switch(keylen) {
1651: case 16:
1652: case 128:
1653: return EVP_camellia_128_cbc();
1654: case 24:
1655: case 192:
1656: return EVP_camellia_192_cbc();
1657: case 32:
1658: case 256:
1659: return EVP_camellia_256_cbc();
1660: default:
1661: return NULL;
1662: }
1663: }
1664:
1665: vchar_t *
1666: eay_camellia_encrypt(data, key, iv)
1667: vchar_t *data, *key, *iv;
1668: {
1669: return evp_crypt(data, key, iv, camellia_evp_by_keylen(key->l), 1);
1670: }
1671:
1672: vchar_t *
1673: eay_camellia_decrypt(data, key, iv)
1674: vchar_t *data, *key, *iv;
1675: {
1676: return evp_crypt(data, key, iv, camellia_evp_by_keylen(key->l), 0);
1677: }
1678:
1679: int
1680: eay_camellia_weakkey(key)
1681: vchar_t *key;
1682: {
1683: return 0;
1684: }
1685:
1686: int
1687: eay_camellia_keylen(len)
1688: int len;
1689: {
1690: if (len == 0)
1691: return 128;
1692: if (len != 128 && len != 192 && len != 256)
1693: return -1;
1694: return len;
1695: }
1696:
1697: #endif
1698:
1.1 manu 1699: /* for ipsec part */
1700: int
1701: eay_null_hashlen()
1702: {
1703: return 0;
1704: }
1705:
1706: int
1707: eay_kpdk_hashlen()
1708: {
1709: return 0;
1710: }
1711:
1712: int
1713: eay_twofish_keylen(len)
1714: int len;
1715: {
1716: if (len < 0 || len > 256)
1717: return -1;
1718: return len;
1719: }
1720:
1721: int
1722: eay_null_keylen(len)
1723: int len;
1724: {
1725: return 0;
1726: }
1727:
1728: /*
1729: * HMAC functions
1730: */
1731: static caddr_t
1732: eay_hmac_init(key, md)
1733: vchar_t *key;
1734: const EVP_MD *md;
1735: {
1736: HMAC_CTX *c = racoon_malloc(sizeof(*c));
1737:
1738: HMAC_Init(c, key->v, key->l, md);
1739:
1740: return (caddr_t)c;
1741: }
1742:
1743: #ifdef WITH_SHA2
1744: /*
1745: * HMAC SHA2-512
1746: */
1747: vchar_t *
1748: eay_hmacsha2_512_one(key, data)
1749: vchar_t *key, *data;
1750: {
1751: vchar_t *res;
1752: caddr_t ctx;
1753:
1754: ctx = eay_hmacsha2_512_init(key);
1755: eay_hmacsha2_512_update(ctx, data);
1756: res = eay_hmacsha2_512_final(ctx);
1757:
1758: return(res);
1759: }
1760:
1761: caddr_t
1762: eay_hmacsha2_512_init(key)
1763: vchar_t *key;
1764: {
1765: return eay_hmac_init(key, EVP_sha2_512());
1766: }
1767:
1768: void
1769: eay_hmacsha2_512_update(c, data)
1770: caddr_t c;
1771: vchar_t *data;
1772: {
1.4 manu 1773: HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 1774: }
1775:
1776: vchar_t *
1777: eay_hmacsha2_512_final(c)
1778: caddr_t c;
1779: {
1780: vchar_t *res;
1781: unsigned int l;
1782:
1783: if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0)
1784: return NULL;
1785:
1.4 manu 1786: HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1 manu 1787: res->l = l;
1788: HMAC_cleanup((HMAC_CTX *)c);
1789: (void)racoon_free(c);
1790:
1791: if (SHA512_DIGEST_LENGTH != res->l) {
1792: plog(LLV_ERROR, LOCATION, NULL,
1793: "hmac sha2_512 length mismatch %zd.\n", res->l);
1794: vfree(res);
1795: return NULL;
1796: }
1797:
1798: return(res);
1799: }
1800:
1801: /*
1802: * HMAC SHA2-384
1803: */
1804: vchar_t *
1805: eay_hmacsha2_384_one(key, data)
1806: vchar_t *key, *data;
1807: {
1808: vchar_t *res;
1809: caddr_t ctx;
1810:
1811: ctx = eay_hmacsha2_384_init(key);
1812: eay_hmacsha2_384_update(ctx, data);
1813: res = eay_hmacsha2_384_final(ctx);
1814:
1815: return(res);
1816: }
1817:
1818: caddr_t
1819: eay_hmacsha2_384_init(key)
1820: vchar_t *key;
1821: {
1822: return eay_hmac_init(key, EVP_sha2_384());
1823: }
1824:
1825: void
1826: eay_hmacsha2_384_update(c, data)
1827: caddr_t c;
1828: vchar_t *data;
1829: {
1.4 manu 1830: HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 1831: }
1832:
1833: vchar_t *
1834: eay_hmacsha2_384_final(c)
1835: caddr_t c;
1836: {
1837: vchar_t *res;
1838: unsigned int l;
1839:
1840: if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0)
1841: return NULL;
1842:
1.4 manu 1843: HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1 manu 1844: res->l = l;
1845: HMAC_cleanup((HMAC_CTX *)c);
1846: (void)racoon_free(c);
1847:
1848: if (SHA384_DIGEST_LENGTH != res->l) {
1849: plog(LLV_ERROR, LOCATION, NULL,
1850: "hmac sha2_384 length mismatch %zd.\n", res->l);
1851: vfree(res);
1852: return NULL;
1853: }
1854:
1855: return(res);
1856: }
1857:
1858: /*
1859: * HMAC SHA2-256
1860: */
1861: vchar_t *
1862: eay_hmacsha2_256_one(key, data)
1863: vchar_t *key, *data;
1864: {
1865: vchar_t *res;
1866: caddr_t ctx;
1867:
1868: ctx = eay_hmacsha2_256_init(key);
1869: eay_hmacsha2_256_update(ctx, data);
1870: res = eay_hmacsha2_256_final(ctx);
1871:
1872: return(res);
1873: }
1874:
1875: caddr_t
1876: eay_hmacsha2_256_init(key)
1877: vchar_t *key;
1878: {
1879: return eay_hmac_init(key, EVP_sha2_256());
1880: }
1881:
1882: void
1883: eay_hmacsha2_256_update(c, data)
1884: caddr_t c;
1885: vchar_t *data;
1886: {
1.4 manu 1887: HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 1888: }
1889:
1890: vchar_t *
1891: eay_hmacsha2_256_final(c)
1892: caddr_t c;
1893: {
1894: vchar_t *res;
1895: unsigned int l;
1896:
1897: if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0)
1898: return NULL;
1899:
1.4 manu 1900: HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1 manu 1901: res->l = l;
1902: HMAC_cleanup((HMAC_CTX *)c);
1903: (void)racoon_free(c);
1904:
1905: if (SHA256_DIGEST_LENGTH != res->l) {
1906: plog(LLV_ERROR, LOCATION, NULL,
1907: "hmac sha2_256 length mismatch %zd.\n", res->l);
1908: vfree(res);
1909: return NULL;
1910: }
1911:
1912: return(res);
1913: }
1914: #endif /* WITH_SHA2 */
1915:
1916: /*
1917: * HMAC SHA1
1918: */
1919: vchar_t *
1920: eay_hmacsha1_one(key, data)
1921: vchar_t *key, *data;
1922: {
1923: vchar_t *res;
1924: caddr_t ctx;
1925:
1926: ctx = eay_hmacsha1_init(key);
1927: eay_hmacsha1_update(ctx, data);
1928: res = eay_hmacsha1_final(ctx);
1929:
1930: return(res);
1931: }
1932:
1933: caddr_t
1934: eay_hmacsha1_init(key)
1935: vchar_t *key;
1936: {
1937: return eay_hmac_init(key, EVP_sha1());
1938: }
1939:
1940: void
1941: eay_hmacsha1_update(c, data)
1942: caddr_t c;
1943: vchar_t *data;
1944: {
1.4 manu 1945: HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 1946: }
1947:
1948: vchar_t *
1949: eay_hmacsha1_final(c)
1950: caddr_t c;
1951: {
1952: vchar_t *res;
1953: unsigned int l;
1954:
1955: if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0)
1956: return NULL;
1957:
1.4 manu 1958: HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1 manu 1959: res->l = l;
1960: HMAC_cleanup((HMAC_CTX *)c);
1961: (void)racoon_free(c);
1962:
1963: if (SHA_DIGEST_LENGTH != res->l) {
1964: plog(LLV_ERROR, LOCATION, NULL,
1965: "hmac sha1 length mismatch %zd.\n", res->l);
1966: vfree(res);
1967: return NULL;
1968: }
1969:
1970: return(res);
1971: }
1972:
1973: /*
1974: * HMAC MD5
1975: */
1976: vchar_t *
1977: eay_hmacmd5_one(key, data)
1978: vchar_t *key, *data;
1979: {
1980: vchar_t *res;
1981: caddr_t ctx;
1982:
1983: ctx = eay_hmacmd5_init(key);
1984: eay_hmacmd5_update(ctx, data);
1985: res = eay_hmacmd5_final(ctx);
1986:
1987: return(res);
1988: }
1989:
1990: caddr_t
1991: eay_hmacmd5_init(key)
1992: vchar_t *key;
1993: {
1994: return eay_hmac_init(key, EVP_md5());
1995: }
1996:
1997: void
1998: eay_hmacmd5_update(c, data)
1999: caddr_t c;
2000: vchar_t *data;
2001: {
1.4 manu 2002: HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 2003: }
2004:
2005: vchar_t *
2006: eay_hmacmd5_final(c)
2007: caddr_t c;
2008: {
2009: vchar_t *res;
2010: unsigned int l;
2011:
2012: if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0)
2013: return NULL;
2014:
1.4 manu 2015: HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1 manu 2016: res->l = l;
2017: HMAC_cleanup((HMAC_CTX *)c);
2018: (void)racoon_free(c);
2019:
2020: if (MD5_DIGEST_LENGTH != res->l) {
2021: plog(LLV_ERROR, LOCATION, NULL,
2022: "hmac md5 length mismatch %zd.\n", res->l);
2023: vfree(res);
2024: return NULL;
2025: }
2026:
2027: return(res);
2028: }
2029:
2030: #ifdef WITH_SHA2
2031: /*
2032: * SHA2-512 functions
2033: */
2034: caddr_t
2035: eay_sha2_512_init()
2036: {
2037: SHA512_CTX *c = racoon_malloc(sizeof(*c));
2038:
2039: SHA512_Init(c);
2040:
2041: return((caddr_t)c);
2042: }
2043:
2044: void
2045: eay_sha2_512_update(c, data)
2046: caddr_t c;
2047: vchar_t *data;
2048: {
1.4 manu 2049: SHA512_Update((SHA512_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 2050:
2051: return;
2052: }
2053:
2054: vchar_t *
2055: eay_sha2_512_final(c)
2056: caddr_t c;
2057: {
2058: vchar_t *res;
2059:
2060: if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0)
2061: return(0);
2062:
1.4 manu 2063: SHA512_Final((unsigned char *) res->v, (SHA512_CTX *)c);
1.1 manu 2064: (void)racoon_free(c);
2065:
2066: return(res);
2067: }
2068:
2069: vchar_t *
2070: eay_sha2_512_one(data)
2071: vchar_t *data;
2072: {
2073: caddr_t ctx;
2074: vchar_t *res;
2075:
2076: ctx = eay_sha2_512_init();
2077: eay_sha2_512_update(ctx, data);
2078: res = eay_sha2_512_final(ctx);
2079:
2080: return(res);
2081: }
2082:
2083: int
2084: eay_sha2_512_hashlen()
2085: {
2086: return SHA512_DIGEST_LENGTH << 3;
2087: }
2088: #endif
2089:
2090: #ifdef WITH_SHA2
2091: /*
2092: * SHA2-384 functions
2093: */
2094: caddr_t
2095: eay_sha2_384_init()
2096: {
2097: SHA384_CTX *c = racoon_malloc(sizeof(*c));
2098:
2099: SHA384_Init(c);
2100:
2101: return((caddr_t)c);
2102: }
2103:
2104: void
2105: eay_sha2_384_update(c, data)
2106: caddr_t c;
2107: vchar_t *data;
2108: {
1.4 manu 2109: SHA384_Update((SHA384_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 2110:
2111: return;
2112: }
2113:
2114: vchar_t *
2115: eay_sha2_384_final(c)
2116: caddr_t c;
2117: {
2118: vchar_t *res;
2119:
2120: if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0)
2121: return(0);
2122:
1.4 manu 2123: SHA384_Final((unsigned char *) res->v, (SHA384_CTX *)c);
1.1 manu 2124: (void)racoon_free(c);
2125:
2126: return(res);
2127: }
2128:
2129: vchar_t *
2130: eay_sha2_384_one(data)
2131: vchar_t *data;
2132: {
2133: caddr_t ctx;
2134: vchar_t *res;
2135:
2136: ctx = eay_sha2_384_init();
2137: eay_sha2_384_update(ctx, data);
2138: res = eay_sha2_384_final(ctx);
2139:
2140: return(res);
2141: }
2142:
2143: int
2144: eay_sha2_384_hashlen()
2145: {
2146: return SHA384_DIGEST_LENGTH << 3;
2147: }
2148: #endif
2149:
2150: #ifdef WITH_SHA2
2151: /*
2152: * SHA2-256 functions
2153: */
2154: caddr_t
2155: eay_sha2_256_init()
2156: {
2157: SHA256_CTX *c = racoon_malloc(sizeof(*c));
2158:
2159: SHA256_Init(c);
2160:
2161: return((caddr_t)c);
2162: }
2163:
2164: void
2165: eay_sha2_256_update(c, data)
2166: caddr_t c;
2167: vchar_t *data;
2168: {
1.4 manu 2169: SHA256_Update((SHA256_CTX *)c, (unsigned char *) data->v, data->l);
1.1 manu 2170:
2171: return;
2172: }
2173:
2174: vchar_t *
2175: eay_sha2_256_final(c)
2176: caddr_t c;
2177: {
2178: vchar_t *res;
2179:
2180: if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0)
2181: return(0);
2182:
1.4 manu 2183: SHA256_Final((unsigned char *) res->v, (SHA256_CTX *)c);
1.1 manu 2184: (void)racoon_free(c);
2185:
2186: return(res);
2187: }
2188:
2189: vchar_t *
2190: eay_sha2_256_one(data)
2191: vchar_t *data;
2192: {
2193: caddr_t ctx;
2194: vchar_t *res;
2195:
2196: ctx = eay_sha2_256_init();
2197: eay_sha2_256_update(ctx, data);
2198: res = eay_sha2_256_final(ctx);
2199:
2200: return(res);
2201: }
2202:
2203: int
2204: eay_sha2_256_hashlen()
2205: {
2206: return SHA256_DIGEST_LENGTH << 3;
2207: }
2208: #endif
2209:
2210: /*
2211: * SHA functions
2212: */
2213: caddr_t
2214: eay_sha1_init()
2215: {
2216: SHA_CTX *c = racoon_malloc(sizeof(*c));
2217:
2218: SHA1_Init(c);
2219:
2220: return((caddr_t)c);
2221: }
2222:
2223: void
2224: eay_sha1_update(c, data)
2225: caddr_t c;
2226: vchar_t *data;
2227: {
2228: SHA1_Update((SHA_CTX *)c, data->v, data->l);
2229:
2230: return;
2231: }
2232:
2233: vchar_t *
2234: eay_sha1_final(c)
2235: caddr_t c;
2236: {
2237: vchar_t *res;
2238:
2239: if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0)
2240: return(0);
2241:
1.4 manu 2242: SHA1_Final((unsigned char *) res->v, (SHA_CTX *)c);
1.1 manu 2243: (void)racoon_free(c);
2244:
2245: return(res);
2246: }
2247:
2248: vchar_t *
2249: eay_sha1_one(data)
2250: vchar_t *data;
2251: {
2252: caddr_t ctx;
2253: vchar_t *res;
2254:
2255: ctx = eay_sha1_init();
2256: eay_sha1_update(ctx, data);
2257: res = eay_sha1_final(ctx);
2258:
2259: return(res);
2260: }
2261:
2262: int
2263: eay_sha1_hashlen()
2264: {
2265: return SHA_DIGEST_LENGTH << 3;
2266: }
2267:
2268: /*
2269: * MD5 functions
2270: */
2271: caddr_t
2272: eay_md5_init()
2273: {
2274: MD5_CTX *c = racoon_malloc(sizeof(*c));
2275:
2276: MD5_Init(c);
2277:
2278: return((caddr_t)c);
2279: }
2280:
2281: void
2282: eay_md5_update(c, data)
2283: caddr_t c;
2284: vchar_t *data;
2285: {
2286: MD5_Update((MD5_CTX *)c, data->v, data->l);
2287:
2288: return;
2289: }
2290:
2291: vchar_t *
2292: eay_md5_final(c)
2293: caddr_t c;
2294: {
2295: vchar_t *res;
2296:
2297: if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0)
2298: return(0);
2299:
1.4 manu 2300: MD5_Final((unsigned char *) res->v, (MD5_CTX *)c);
1.1 manu 2301: (void)racoon_free(c);
2302:
2303: return(res);
2304: }
2305:
2306: vchar_t *
2307: eay_md5_one(data)
2308: vchar_t *data;
2309: {
2310: caddr_t ctx;
2311: vchar_t *res;
2312:
2313: ctx = eay_md5_init();
2314: eay_md5_update(ctx, data);
2315: res = eay_md5_final(ctx);
2316:
2317: return(res);
2318: }
2319:
2320: int
2321: eay_md5_hashlen()
2322: {
2323: return MD5_DIGEST_LENGTH << 3;
2324: }
2325:
2326: /*
2327: * eay_set_random
2328: * size: number of bytes.
2329: */
2330: vchar_t *
2331: eay_set_random(size)
2332: u_int32_t size;
2333: {
2334: BIGNUM *r = NULL;
2335: vchar_t *res = 0;
2336:
2337: if ((r = BN_new()) == NULL)
2338: goto end;
2339: BN_rand(r, size * 8, 0, 0);
2340: eay_bn2v(&res, r);
2341:
2342: end:
2343: if (r)
2344: BN_free(r);
2345: return(res);
2346: }
2347:
2348: /* DH */
2349: int
2350: eay_dh_generate(prime, g, publen, pub, priv)
2351: vchar_t *prime, **pub, **priv;
2352: u_int publen;
2353: u_int32_t g;
2354: {
2355: BIGNUM *p = NULL;
2356: DH *dh = NULL;
2357: int error = -1;
2358:
2359: /* initialize */
2360: /* pre-process to generate number */
2361: if (eay_v2bn(&p, prime) < 0)
2362: goto end;
2363:
2364: if ((dh = DH_new()) == NULL)
2365: goto end;
2366: dh->p = p;
2367: p = NULL; /* p is now part of dh structure */
2368: dh->g = NULL;
2369: if ((dh->g = BN_new()) == NULL)
2370: goto end;
2371: if (!BN_set_word(dh->g, g))
2372: goto end;
2373:
2374: if (publen != 0)
2375: dh->length = publen;
2376:
2377: /* generate public and private number */
2378: if (!DH_generate_key(dh))
2379: goto end;
2380:
2381: /* copy results to buffers */
2382: if (eay_bn2v(pub, dh->pub_key) < 0)
2383: goto end;
2384: if (eay_bn2v(priv, dh->priv_key) < 0) {
2385: vfree(*pub);
2386: goto end;
2387: }
2388:
2389: error = 0;
2390:
2391: end:
2392: if (dh != NULL)
2393: DH_free(dh);
2394: if (p != 0)
2395: BN_free(p);
2396: return(error);
2397: }
2398:
2399: int
2400: eay_dh_compute(prime, g, pub, priv, pub2, key)
2401: vchar_t *prime, *pub, *priv, *pub2, **key;
2402: u_int32_t g;
2403: {
2404: BIGNUM *dh_pub = NULL;
2405: DH *dh = NULL;
2406: int l;
1.4 manu 2407: unsigned char *v = NULL;
1.1 manu 2408: int error = -1;
2409:
2410: /* make public number to compute */
2411: if (eay_v2bn(&dh_pub, pub2) < 0)
2412: goto end;
2413:
2414: /* make DH structure */
2415: if ((dh = DH_new()) == NULL)
2416: goto end;
2417: if (eay_v2bn(&dh->p, prime) < 0)
2418: goto end;
2419: if (eay_v2bn(&dh->pub_key, pub) < 0)
2420: goto end;
2421: if (eay_v2bn(&dh->priv_key, priv) < 0)
2422: goto end;
2423: dh->length = pub2->l * 8;
2424:
2425: dh->g = NULL;
2426: if ((dh->g = BN_new()) == NULL)
2427: goto end;
2428: if (!BN_set_word(dh->g, g))
2429: goto end;
2430:
1.4 manu 2431: if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL)
1.1 manu 2432: goto end;
2433: if ((l = DH_compute_key(v, dh_pub, dh)) == -1)
2434: goto end;
2435: memcpy((*key)->v + (prime->l - l), v, l);
2436:
2437: error = 0;
2438:
2439: end:
2440: if (dh_pub != NULL)
2441: BN_free(dh_pub);
2442: if (dh != NULL)
2443: DH_free(dh);
2444: if (v != NULL)
2445: racoon_free(v);
2446: return(error);
2447: }
2448:
2449: /*
2450: * convert vchar_t <-> BIGNUM.
2451: *
2452: * vchar_t: unit is u_char, network endian, most significant byte first.
2453: * BIGNUM: unit is BN_ULONG, each of BN_ULONG is in host endian,
2454: * least significant BN_ULONG must come first.
2455: *
2456: * hex value of "0x3ffe050104" is represented as follows:
2457: * vchar_t: 3f fe 05 01 04
2458: * BIGNUM (BN_ULONG = u_int8_t): 04 01 05 fe 3f
2459: * BIGNUM (BN_ULONG = u_int16_t): 0x0104 0xfe05 0x003f
2460: * BIGNUM (BN_ULONG = u_int32_t_t): 0xfe050104 0x0000003f
2461: */
2462: int
2463: eay_v2bn(bn, var)
2464: BIGNUM **bn;
2465: vchar_t *var;
2466: {
1.4 manu 2467: if ((*bn = BN_bin2bn((unsigned char *) var->v, var->l, NULL)) == NULL)
1.1 manu 2468: return -1;
2469:
2470: return 0;
2471: }
2472:
2473: int
2474: eay_bn2v(var, bn)
2475: vchar_t **var;
2476: BIGNUM *bn;
2477: {
2478: *var = vmalloc(bn->top * BN_BYTES);
2479: if (*var == NULL)
2480: return(-1);
2481:
1.4 manu 2482: (*var)->l = BN_bn2bin(bn, (unsigned char *) (*var)->v);
1.1 manu 2483:
2484: return 0;
2485: }
2486:
2487: void
2488: eay_init()
2489: {
2490: OpenSSL_add_all_algorithms();
2491: ERR_load_crypto_strings();
2492: #ifdef HAVE_OPENSSL_ENGINE_H
2493: ENGINE_load_builtin_engines();
2494: ENGINE_register_all_complete();
2495: #endif
2496: }
2497:
2498: vchar_t *
2499: base64_decode(char *in, long inlen)
2500: {
2501: BIO *bio=NULL, *b64=NULL;
2502: vchar_t *res = NULL;
1.11 christos 2503: char *outb;
1.1 manu 2504: long outlen;
2505:
1.11 christos 2506: outb = malloc(inlen * 2);
2507: if (outb == NULL)
2508: goto out;
1.1 manu 2509: bio = BIO_new_mem_buf(in, inlen);
2510: b64 = BIO_new(BIO_f_base64());
2511: BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
2512: bio = BIO_push(b64, bio);
2513:
1.11 christos 2514: outlen = BIO_read(bio, outb, inlen * 2);
1.1 manu 2515: if (outlen <= 0) {
2516: plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
2517: goto out;
2518: }
2519:
2520: res = vmalloc(outlen);
2521: if (!res)
2522: goto out;
2523:
1.11 christos 2524: memcpy(res->v, outb, outlen);
1.1 manu 2525:
2526: out:
1.11 christos 2527: if (outb)
2528: free(outb);
1.1 manu 2529: if (bio)
2530: BIO_free_all(bio);
2531:
2532: return res;
2533: }
2534:
2535: vchar_t *
2536: base64_encode(char *in, long inlen)
2537: {
2538: BIO *bio=NULL, *b64=NULL;
2539: char *ptr;
2540: long plen = -1;
2541: vchar_t *res = NULL;
2542:
2543: bio = BIO_new(BIO_s_mem());
2544: b64 = BIO_new(BIO_f_base64());
2545: BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
2546: bio = BIO_push(b64, bio);
2547:
2548: BIO_write(bio, in, inlen);
2549: BIO_flush(bio);
2550:
2551: plen = BIO_get_mem_data(bio, &ptr);
2552: res = vmalloc(plen+1);
2553: if (!res)
2554: goto out;
2555:
2556: memcpy (res->v, ptr, plen);
2557: res->v[plen] = '\0';
2558:
2559: out:
2560: if (bio)
2561: BIO_free_all(bio);
2562:
2563: return res;
2564: }
2565:
2566: static RSA *
2567: binbuf_pubkey2rsa(vchar_t *binbuf)
2568: {
2569: BIGNUM *exp, *mod;
2570: RSA *rsa_pub = NULL;
2571:
2572: if (binbuf->v[0] > binbuf->l - 1) {
2573: plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: decoded string doesn't make sense.\n");
2574: goto out;
2575: }
2576:
1.4 manu 2577: exp = BN_bin2bn((unsigned char *) (binbuf->v + 1), binbuf->v[0], NULL);
2578: mod = BN_bin2bn((unsigned char *) (binbuf->v + binbuf->v[0] + 1),
2579: binbuf->l - binbuf->v[0] - 1, NULL);
1.1 manu 2580: rsa_pub = RSA_new();
2581:
2582: if (!exp || !mod || !rsa_pub) {
2583: plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey parsing error: %s\n", eay_strerror());
2584: if (exp)
2585: BN_free(exp);
2586: if (mod)
2587: BN_free(exp);
2588: if (rsa_pub)
2589: RSA_free(rsa_pub);
2590: rsa_pub = NULL;
2591: goto out;
2592: }
2593:
2594: rsa_pub->n = mod;
2595: rsa_pub->e = exp;
2596:
2597: out:
2598: return rsa_pub;
2599: }
2600:
2601: RSA *
2602: base64_pubkey2rsa(char *in)
2603: {
2604: BIGNUM *exp, *mod;
2605: RSA *rsa_pub = NULL;
2606: vchar_t *binbuf;
2607:
2608: if (strncmp(in, "0s", 2) != 0) {
2609: plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: doesn't start with '0s'\n");
2610: return NULL;
2611: }
2612:
2613: binbuf = base64_decode(in + 2, strlen(in + 2));
2614: if (!binbuf) {
2615: plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: Base64 decoding failed.\n");
2616: return NULL;
2617: }
2618:
2619: if (binbuf->v[0] > binbuf->l - 1) {
2620: plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: decoded string doesn't make sense.\n");
2621: goto out;
2622: }
2623:
2624: rsa_pub = binbuf_pubkey2rsa(binbuf);
2625:
2626: out:
2627: if (binbuf)
2628: vfree(binbuf);
2629:
2630: return rsa_pub;
2631: }
2632:
2633: RSA *
2634: bignum_pubkey2rsa(BIGNUM *in)
2635: {
2636: RSA *rsa_pub = NULL;
2637: vchar_t *binbuf;
2638:
2639: binbuf = vmalloc(BN_num_bytes(in));
2640: if (!binbuf) {
2641: plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey conversion: memory allocation failed..\n");
2642: return NULL;
2643: }
2644:
1.4 manu 2645: BN_bn2bin(in, (unsigned char *) binbuf->v);
1.1 manu 2646:
2647: rsa_pub = binbuf_pubkey2rsa(binbuf);
2648:
2649: out:
2650: if (binbuf)
2651: vfree(binbuf);
2652:
2653: return rsa_pub;
2654: }
2655:
2656: u_int32_t
2657: eay_random()
2658: {
2659: u_int32_t result;
2660: vchar_t *vrand;
2661:
2662: vrand = eay_set_random(sizeof(result));
2663: memcpy(&result, vrand->v, sizeof(result));
2664: vfree(vrand);
2665:
2666: return result;
2667: }
2668:
2669: const char *
2670: eay_version()
2671: {
2672: return SSLeay_version(SSLEAY_VERSION);
2673: }
CVSweb <webmaster@jp.NetBSD.org>