[BACK]Return to crypto_openssl.c CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / crypto / dist / ipsec-tools / src / racoon

Annotation of src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c, Revision 1.16.2.1

1.16.2.1! jym         1: /*     $NetBSD: crypto_openssl.c,v 1.19 2009/04/29 10:50:01 tteras Exp $       */
1.2       manu        2:
1.8       manu        3: /* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */
1.1       manu        4:
                      5: /*
                      6:  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
                      7:  * All rights reserved.
                      8:  *
                      9:  * Redistribution and use in source and binary forms, with or without
                     10:  * modification, are permitted provided that the following conditions
                     11:  * are met:
                     12:  * 1. Redistributions of source code must retain the above copyright
                     13:  *    notice, this list of conditions and the following disclaimer.
                     14:  * 2. Redistributions in binary form must reproduce the above copyright
                     15:  *    notice, this list of conditions and the following disclaimer in the
                     16:  *    documentation and/or other materials provided with the distribution.
                     17:  * 3. Neither the name of the project nor the names of its contributors
                     18:  *    may be used to endorse or promote products derived from this software
                     19:  *    without specific prior written permission.
                     20:  *
                     21:  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
                     22:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
                     23:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
                     24:  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
                     25:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
                     26:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
                     27:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
                     28:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
                     29:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
                     30:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
                     31:  * SUCH DAMAGE.
                     32:  */
                     33:
                     34: #include "config.h"
                     35:
                     36: #include <sys/types.h>
                     37: #include <sys/param.h>
                     38:
                     39: #include <stdlib.h>
                     40: #include <stdio.h>
                     41: #include <limits.h>
                     42: #include <string.h>
                     43:
                     44: /* get openssl/ssleay version number */
                     45: #include <openssl/opensslv.h>
                     46:
                     47: #if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090602fL)
                     48: #error OpenSSL version 0.9.6 or later required.
                     49: #endif
                     50:
                     51: #include <openssl/pem.h>
                     52: #include <openssl/evp.h>
                     53: #include <openssl/x509.h>
                     54: #include <openssl/x509v3.h>
                     55: #include <openssl/x509_vfy.h>
                     56: #include <openssl/bn.h>
                     57: #include <openssl/dh.h>
                     58: #include <openssl/md5.h>
                     59: #include <openssl/sha.h>
                     60: #include <openssl/hmac.h>
                     61: #include <openssl/des.h>
                     62: #include <openssl/crypto.h>
                     63: #ifdef HAVE_OPENSSL_ENGINE_H
                     64: #include <openssl/engine.h>
                     65: #endif
                     66: #include <openssl/blowfish.h>
                     67: #include <openssl/cast.h>
                     68: #include <openssl/err.h>
1.2       manu       69: #ifdef HAVE_OPENSSL_RC5_H
                     70: #include <openssl/rc5.h>
                     71: #endif
                     72: #ifdef HAVE_OPENSSL_IDEA_H
                     73: #include <openssl/idea.h>
                     74: #endif
1.1       manu       75: #if defined(HAVE_OPENSSL_AES_H)
                     76: #include <openssl/aes.h>
                     77: #elif defined(HAVE_OPENSSL_RIJNDAEL_H)
                     78: #include <openssl/rijndael.h>
                     79: #else
                     80: #include "crypto/rijndael/rijndael-api-fst.h"
                     81: #endif
1.10      manu       82: #if defined(HAVE_OPENSSL_CAMELLIA_H)
                     83: #include <openssl/camellia.h>
                     84: #endif
1.1       manu       85: #ifdef WITH_SHA2
                     86: #ifdef HAVE_OPENSSL_SHA2_H
                     87: #include <openssl/sha2.h>
                     88: #else
                     89: #include "crypto/sha2/sha2.h"
                     90: #endif
                     91: #endif
1.13      vanhu      92: #include "plog.h"
1.1       manu       93:
                     94: /* 0.9.7 stuff? */
                     95: #if OPENSSL_VERSION_NUMBER < 0x0090700fL
                     96: typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
                     97: #else
                     98: #define USE_NEW_DES_API
                     99: #endif
                    100:
                    101: #define OpenSSL_BUG()  do { plog(LLV_ERROR, LOCATION, NULL, "OpenSSL function failed\n"); } while(0)
                    102:
                    103: #include "var.h"
                    104: #include "misc.h"
                    105: #include "vmbuf.h"
                    106: #include "plog.h"
                    107: #include "crypto_openssl.h"
                    108: #include "debug.h"
                    109: #include "gcmalloc.h"
1.16.2.1! jym       110: #include "isakmp.h"
1.1       manu      111:
                    112: /*
                    113:  * I hate to cast every parameter to des_xx into void *, but it is
                    114:  * necessary for SSLeay/OpenSSL portability.  It sucks.
                    115:  */
                    116:
                    117: static int cb_check_cert_local __P((int, X509_STORE_CTX *));
                    118: static int cb_check_cert_remote __P((int, X509_STORE_CTX *));
                    119: static X509 *mem2x509 __P((vchar_t *));
                    120:
                    121: static caddr_t eay_hmac_init __P((vchar_t *, const EVP_MD *));
                    122:
                    123: /* X509 Certificate */
                    124: /*
                    125:  * convert the string of the subject name into DER
                    126:  * e.g. str = "C=JP, ST=Kanagawa";
                    127:  */
                    128: vchar_t *
                    129: eay_str2asn1dn(str, len)
                    130:        const char *str;
                    131:        int len;
                    132: {
                    133:        X509_NAME *name;
1.16      tteras    134:        char *buf, *dst;
1.1       manu      135:        char *field, *value;
1.16      tteras    136:        int i;
1.12      vanhu     137:        vchar_t *ret = NULL;
1.1       manu      138:        caddr_t p;
                    139:
                    140:        if (len == -1)
                    141:                len = strlen(str);
                    142:
                    143:        buf = racoon_malloc(len + 1);
                    144:        if (!buf) {
1.9       vanhu     145:                plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n");
1.1       manu      146:                return NULL;
                    147:        }
                    148:        memcpy(buf, str, len);
                    149:
                    150:        name = X509_NAME_new();
                    151:
1.16      tteras    152:        dst = field = &buf[0];
1.1       manu      153:        value = NULL;
                    154:        for (i = 0; i < len; i++) {
1.16      tteras    155:                if (buf[i] == '\\') {
                    156:                        /* Escape characters specified in RFC 2253 */
                    157:                        if (i < len - 1 &&
                    158:                            strchr("\\,=+<>#;", buf[i+1]) != NULL) {
                    159:                                *dst++ = buf[++i];
                    160:                                continue;
                    161:                        } else if (i < len - 2) {
                    162:                                /* RFC 2253 hexpair character escape */
                    163:                                long u;
                    164:                                char esc_str[3];
                    165:                                char *endptr;
                    166:
                    167:                                esc_str[0] = buf[++i];
                    168:                                esc_str[1] = buf[++i];
                    169:                                esc_str[2] = '\0';
                    170:                                u = strtol(esc_str, &endptr, 16);
                    171:                                if (*endptr != '\0' || u < 0 || u > 255)
                    172:                                        goto err;
                    173:                                *dst++ = u;
                    174:                                continue;
                    175:                        } else
                    176:                                goto err;
                    177:                }
1.1       manu      178:                if (!value && buf[i] == '=') {
1.16      tteras    179:                        *dst = '\0';
                    180:                        dst = value = &buf[i + 1];
1.1       manu      181:                        continue;
                    182:                } else if (buf[i] == ',' || buf[i] == '/') {
1.16      tteras    183:                        *dst = '\0';
1.1       manu      184:
                    185:                        plog(LLV_DEBUG, LOCATION, NULL, "DN: %s=%s\n",
                    186:                             field, value);
                    187:
                    188:                        if (!value) goto err;
                    189:                        if (!X509_NAME_add_entry_by_txt(name, field,
                    190:                                        (value[0] == '*' && value[1] == 0) ?
                    191:                                                V_ASN1_PRINTABLESTRING : MBSTRING_ASC,
1.4       manu      192:                                        (unsigned char *) value, -1, -1, 0)) {
1.1       manu      193:                                plog(LLV_ERROR, LOCATION, NULL,
                    194:                                     "Invalid DN field: %s=%s\n",
                    195:                                     field, value);
                    196:                                plog(LLV_ERROR, LOCATION, NULL,
                    197:                                     "%s\n", eay_strerror());
                    198:                                goto err;
                    199:                        }
1.16      tteras    200:
                    201:                        while (i + 1 < len && buf[i + 1] == ' ') i++;
                    202:                        dst = field = &buf[i + 1];
1.1       manu      203:                        value = NULL;
                    204:                        continue;
1.16      tteras    205:                } else {
                    206:                        *dst++  = buf[i];
1.1       manu      207:                }
                    208:        }
1.16      tteras    209:        *dst = '\0';
1.1       manu      210:
                    211:        plog(LLV_DEBUG, LOCATION, NULL, "DN: %s=%s\n",
                    212:             field, value);
                    213:
                    214:        if (!value) goto err;
                    215:        if (!X509_NAME_add_entry_by_txt(name, field,
                    216:                        (value[0] == '*' && value[1] == 0) ?
                    217:                                V_ASN1_PRINTABLESTRING : MBSTRING_ASC,
1.4       manu      218:                        (unsigned char *) value, -1, -1, 0)) {
1.1       manu      219:                plog(LLV_ERROR, LOCATION, NULL,
                    220:                     "Invalid DN field: %s=%s\n",
                    221:                     field, value);
                    222:                plog(LLV_ERROR, LOCATION, NULL,
                    223:                     "%s\n", eay_strerror());
                    224:                goto err;
                    225:        }
                    226:
                    227:        i = i2d_X509_NAME(name, NULL);
                    228:        if (!i)
                    229:                goto err;
                    230:        ret = vmalloc(i);
                    231:        if (!ret)
                    232:                goto err;
                    233:        p = ret->v;
                    234:        i = i2d_X509_NAME(name, (void *)&p);
                    235:        if (!i)
                    236:                goto err;
                    237:
                    238:        return ret;
                    239:
                    240:     err:
                    241:        if (buf)
                    242:                racoon_free(buf);
                    243:        if (name)
                    244:                X509_NAME_free(name);
1.12      vanhu     245:        if (ret)
                    246:                vfree(ret);
1.1       manu      247:        return NULL;
                    248: }
                    249:
                    250: /*
                    251:  * convert the hex string of the subject name into DER
                    252:  */
                    253: vchar_t *
                    254: eay_hex2asn1dn(const char *hex, int len)
                    255: {
                    256:        BIGNUM *bn = BN_new();
                    257:        char *binbuf;
                    258:        size_t binlen;
                    259:        vchar_t *ret = NULL;
                    260:
                    261:        if (len == -1)
                    262:                len = strlen(hex);
                    263:
                    264:        if (BN_hex2bn(&bn, hex) != len) {
                    265:                plog(LLV_ERROR, LOCATION, NULL,
                    266:                     "conversion of Hex-encoded ASN1 string to binary failed: %s\n",
                    267:                     eay_strerror());
                    268:                goto out;
                    269:        }
                    270:
                    271:        binlen = BN_num_bytes(bn);
                    272:        ret = vmalloc(binlen);
                    273:        if (!ret) {
1.9       vanhu     274:                plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n");
1.1       manu      275:                return NULL;
                    276:        }
                    277:        binbuf = ret->v;
                    278:
1.4       manu      279:        BN_bn2bin(bn, (unsigned char *) binbuf);
1.1       manu      280:
                    281: out:
                    282:        BN_free(bn);
                    283:
                    284:        return ret;
                    285: }
                    286:
                    287: /*
                    288:  * The following are derived from code in crypto/x509/x509_cmp.c
                    289:  * in OpenSSL0.9.7c:
                    290:  * X509_NAME_wildcmp() adds wildcard matching to the original
                    291:  * X509_NAME_cmp(), nocase_cmp() and nocase_spacenorm_cmp() are as is.
                    292:  */
                    293: #include <ctype.h>
                    294: /* Case insensitive string comparision */
                    295: static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
                    296: {
                    297:        int i;
                    298:
                    299:        if (a->length != b->length)
                    300:                return (a->length - b->length);
                    301:
                    302:        for (i=0; i<a->length; i++)
                    303:        {
                    304:                int ca, cb;
                    305:
                    306:                ca = tolower(a->data[i]);
                    307:                cb = tolower(b->data[i]);
                    308:
                    309:                if (ca != cb)
                    310:                        return(ca-cb);
                    311:        }
                    312:        return 0;
                    313: }
                    314:
                    315: /* Case insensitive string comparision with space normalization
                    316:  * Space normalization - ignore leading, trailing spaces,
                    317:  *       multiple spaces between characters are replaced by single space
                    318:  */
                    319: static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
                    320: {
                    321:        unsigned char *pa = NULL, *pb = NULL;
                    322:        int la, lb;
                    323:
                    324:        la = a->length;
                    325:        lb = b->length;
                    326:        pa = a->data;
                    327:        pb = b->data;
                    328:
                    329:        /* skip leading spaces */
                    330:        while (la > 0 && isspace(*pa))
                    331:        {
                    332:                la--;
                    333:                pa++;
                    334:        }
                    335:        while (lb > 0 && isspace(*pb))
                    336:        {
                    337:                lb--;
                    338:                pb++;
                    339:        }
                    340:
                    341:        /* skip trailing spaces */
                    342:        while (la > 0 && isspace(pa[la-1]))
                    343:                la--;
                    344:        while (lb > 0 && isspace(pb[lb-1]))
                    345:                lb--;
                    346:
                    347:        /* compare strings with space normalization */
                    348:        while (la > 0 && lb > 0)
                    349:        {
                    350:                int ca, cb;
                    351:
                    352:                /* compare character */
                    353:                ca = tolower(*pa);
                    354:                cb = tolower(*pb);
                    355:                if (ca != cb)
                    356:                        return (ca - cb);
                    357:
                    358:                pa++; pb++;
                    359:                la--; lb--;
                    360:
                    361:                if (la <= 0 || lb <= 0)
                    362:                        break;
                    363:
                    364:                /* is white space next character ? */
                    365:                if (isspace(*pa) && isspace(*pb))
                    366:                {
                    367:                        /* skip remaining white spaces */
                    368:                        while (la > 0 && isspace(*pa))
                    369:                        {
                    370:                                la--;
                    371:                                pa++;
                    372:                        }
                    373:                        while (lb > 0 && isspace(*pb))
                    374:                        {
                    375:                                lb--;
                    376:                                pb++;
                    377:                        }
                    378:                }
                    379:        }
                    380:        if (la > 0 || lb > 0)
                    381:                return la - lb;
                    382:
                    383:        return 0;
                    384: }
                    385:
                    386: static int X509_NAME_wildcmp(const X509_NAME *a, const X509_NAME *b)
                    387: {
                    388:     int i,j;
                    389:     X509_NAME_ENTRY *na,*nb;
                    390:
                    391:     if (sk_X509_NAME_ENTRY_num(a->entries)
                    392:        != sk_X509_NAME_ENTRY_num(b->entries))
                    393:            return sk_X509_NAME_ENTRY_num(a->entries)
                    394:              -sk_X509_NAME_ENTRY_num(b->entries);
                    395:     for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
                    396:     {
                    397:            na=sk_X509_NAME_ENTRY_value(a->entries,i);
                    398:            nb=sk_X509_NAME_ENTRY_value(b->entries,i);
                    399:            j=OBJ_cmp(na->object,nb->object);
                    400:            if (j) return(j);
                    401:            if ((na->value->length == 1 && na->value->data[0] == '*')
                    402:             || (nb->value->length == 1 && nb->value->data[0] == '*'))
                    403:                    continue;
                    404:            j=na->value->type-nb->value->type;
                    405:            if (j) return(j);
                    406:            if (na->value->type == V_ASN1_PRINTABLESTRING)
                    407:                    j=nocase_spacenorm_cmp(na->value, nb->value);
                    408:            else if (na->value->type == V_ASN1_IA5STRING
                    409:                    && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
                    410:                    j=nocase_cmp(na->value, nb->value);
                    411:            else
                    412:                    {
                    413:                    j=na->value->length-nb->value->length;
                    414:                    if (j) return(j);
                    415:                    j=memcmp(na->value->data,nb->value->data,
                    416:                            na->value->length);
                    417:                    }
                    418:            if (j) return(j);
                    419:            j=na->set-nb->set;
                    420:            if (j) return(j);
                    421:     }
                    422:
                    423:     return(0);
                    424: }
                    425:
                    426: /*
                    427:  * compare two subjectNames.
                    428:  * OUT:        0: equal
                    429:  *     positive:
                    430:  *           -1: other error.
                    431:  */
                    432: int
                    433: eay_cmp_asn1dn(n1, n2)
                    434:        vchar_t *n1, *n2;
                    435: {
                    436:        X509_NAME *a = NULL, *b = NULL;
                    437:        caddr_t p;
                    438:        int i = -1;
                    439:
                    440:        p = n1->v;
                    441:        if (!d2i_X509_NAME(&a, (void *)&p, n1->l))
                    442:                goto end;
                    443:        p = n2->v;
                    444:        if (!d2i_X509_NAME(&b, (void *)&p, n2->l))
                    445:                goto end;
                    446:
                    447:        i = X509_NAME_wildcmp(a, b);
                    448:
                    449:     end:
                    450:        if (a)
                    451:                X509_NAME_free(a);
                    452:        if (b)
                    453:                X509_NAME_free(b);
                    454:        return i;
                    455: }
                    456:
                    457: /*
                    458:  * this functions is derived from apps/verify.c in OpenSSL0.9.5
                    459:  */
                    460: int
                    461: eay_check_x509cert(cert, CApath, CAfile, local)
                    462:        vchar_t *cert;
                    463:        char *CApath;
                    464:        char *CAfile;
                    465:        int local;
                    466: {
                    467:        X509_STORE *cert_ctx = NULL;
                    468:        X509_LOOKUP *lookup = NULL;
                    469:        X509 *x509 = NULL;
                    470:        X509_STORE_CTX *csc;
                    471:        int error = -1;
                    472:
                    473:        cert_ctx = X509_STORE_new();
                    474:        if (cert_ctx == NULL)
                    475:                goto end;
                    476:
                    477:        if (local)
                    478:                X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_local);
                    479:        else
                    480:                X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_remote);
                    481:
                    482:        lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
                    483:        if (lookup == NULL)
                    484:                goto end;
                    485:
                    486:        X509_LOOKUP_load_file(lookup, CAfile,
                    487:            (CAfile == NULL) ? X509_FILETYPE_DEFAULT : X509_FILETYPE_PEM);
                    488:
                    489:        lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
                    490:        if (lookup == NULL)
                    491:                goto end;
                    492:        error = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM);
                    493:        if(!error) {
                    494:                error = -1;
                    495:                goto end;
                    496:        }
                    497:        error = -1;     /* initialized */
                    498:
                    499:        /* read the certificate to be verified */
                    500:        x509 = mem2x509(cert);
                    501:        if (x509 == NULL)
                    502:                goto end;
                    503:
                    504:        csc = X509_STORE_CTX_new();
                    505:        if (csc == NULL)
                    506:                goto end;
                    507:        X509_STORE_CTX_init(csc, cert_ctx, x509, NULL);
                    508: #if OPENSSL_VERSION_NUMBER >= 0x00907000L
                    509:        X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK);
                    510:        X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL);
                    511: #endif
                    512:        error = X509_verify_cert(csc);
1.16.2.1! jym       513:        X509_STORE_CTX_free(csc);
1.1       manu      514:
                    515:        /*
                    516:         * if x509_verify_cert() is successful then the value of error is
                    517:         * set non-zero.
                    518:         */
                    519:        error = error ? 0 : -1;
                    520:
                    521: end:
                    522:        if (error)
1.9       vanhu     523:                plog(LLV_WARNING, LOCATION, NULL,"%s\n", eay_strerror());
1.1       manu      524:        if (cert_ctx != NULL)
                    525:                X509_STORE_free(cert_ctx);
                    526:        if (x509 != NULL)
                    527:                X509_free(x509);
                    528:
                    529:        return(error);
                    530: }
                    531:
                    532: /*
                    533:  * callback function for verifing certificate.
                    534:  * this function is derived from cb() in openssl/apps/s_server.c
                    535:  */
                    536: static int
                    537: cb_check_cert_local(ok, ctx)
                    538:        int ok;
                    539:        X509_STORE_CTX *ctx;
                    540: {
                    541:        char buf[256];
                    542:        int log_tag;
                    543:
                    544:        if (!ok) {
                    545:                X509_NAME_oneline(
                    546:                                X509_get_subject_name(ctx->current_cert),
                    547:                                buf,
                    548:                                256);
                    549:                /*
                    550:                 * since we are just checking the certificates, it is
                    551:                 * ok if they are self signed. But we should still warn
                    552:                 * the user.
                    553:                 */
                    554:                switch (ctx->error) {
                    555:                case X509_V_ERR_CERT_HAS_EXPIRED:
                    556:                case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
                    557:                case X509_V_ERR_INVALID_CA:
                    558:                case X509_V_ERR_PATH_LENGTH_EXCEEDED:
                    559:                case X509_V_ERR_INVALID_PURPOSE:
                    560:                case X509_V_ERR_UNABLE_TO_GET_CRL:
                    561:                        ok = 1;
                    562:                        log_tag = LLV_WARNING;
                    563:                        break;
                    564:                default:
                    565:                        log_tag = LLV_ERROR;
                    566:                }
                    567:                plog(log_tag, LOCATION, NULL,
                    568:                        "%s(%d) at depth:%d SubjectName:%s\n",
                    569:                        X509_verify_cert_error_string(ctx->error),
                    570:                        ctx->error,
                    571:                        ctx->error_depth,
                    572:                        buf);
                    573:        }
                    574:        ERR_clear_error();
                    575:
                    576:        return ok;
                    577: }
                    578:
                    579: /*
                    580:  * callback function for verifing remote certificates.
                    581:  * this function is derived from cb() in openssl/apps/s_server.c
                    582:  */
                    583: static int
                    584: cb_check_cert_remote(ok, ctx)
                    585:        int ok;
                    586:        X509_STORE_CTX *ctx;
                    587: {
                    588:        char buf[256];
                    589:        int log_tag;
                    590:
                    591:        if (!ok) {
                    592:                X509_NAME_oneline(
                    593:                                X509_get_subject_name(ctx->current_cert),
                    594:                                buf,
                    595:                                256);
                    596:                switch (ctx->error) {
                    597:                case X509_V_ERR_UNABLE_TO_GET_CRL:
                    598:                        ok = 1;
                    599:                        log_tag = LLV_WARNING;
                    600:                        break;
                    601:                default:
                    602:                        log_tag = LLV_ERROR;
                    603:                }
                    604:                plog(log_tag, LOCATION, NULL,
                    605:                        "%s(%d) at depth:%d SubjectName:%s\n",
                    606:                        X509_verify_cert_error_string(ctx->error),
                    607:                        ctx->error,
                    608:                        ctx->error_depth,
                    609:                        buf);
                    610:        }
                    611:        ERR_clear_error();
                    612:
                    613:        return ok;
                    614: }
                    615:
                    616: /*
1.16.2.1! jym       617:  * get a subjectName from X509 certificate.
1.1       manu      618:  */
                    619: vchar_t *
                    620: eay_get_x509asn1subjectname(cert)
                    621:        vchar_t *cert;
                    622: {
                    623:        X509 *x509 = NULL;
                    624:        u_char *bp;
                    625:        vchar_t *name = NULL;
                    626:        int len;
                    627:
                    628:        x509 = mem2x509(cert);
                    629:        if (x509 == NULL)
1.8       manu      630:                goto error;
1.1       manu      631:
                    632:        /* get the length of the name */
                    633:        len = i2d_X509_NAME(x509->cert_info->subject, NULL);
                    634:        name = vmalloc(len);
                    635:        if (!name)
1.8       manu      636:                goto error;
1.1       manu      637:        /* get the name */
1.4       manu      638:        bp = (unsigned char *) name->v;
1.1       manu      639:        len = i2d_X509_NAME(x509->cert_info->subject, &bp);
                    640:
1.8       manu      641:        X509_free(x509);
                    642:
                    643:        return name;
                    644:
                    645: error:
                    646:        plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
                    647:
                    648:        if (name != NULL)
                    649:                vfree(name);
1.1       manu      650:
1.8       manu      651:        if (x509 != NULL)
1.1       manu      652:                X509_free(x509);
                    653:
1.8       manu      654:        return NULL;
1.1       manu      655: }
                    656:
                    657: /*
                    658:  * get the subjectAltName from X509 certificate.
                    659:  * the name must be terminated by '\0'.
                    660:  */
                    661: int
                    662: eay_get_x509subjectaltname(cert, altname, type, pos)
                    663:        vchar_t *cert;
                    664:        char **altname;
                    665:        int *type;
                    666:        int pos;
                    667: {
                    668:        X509 *x509 = NULL;
                    669:        GENERAL_NAMES *gens = NULL;
                    670:        GENERAL_NAME *gen;
                    671:        int len;
                    672:        int error = -1;
                    673:
                    674:        *altname = NULL;
                    675:        *type = GENT_OTHERNAME;
                    676:
                    677:        x509 = mem2x509(cert);
                    678:        if (x509 == NULL)
                    679:                goto end;
                    680:
                    681:        gens = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
                    682:        if (gens == NULL)
                    683:                goto end;
                    684:
                    685:        /* there is no data at "pos" */
                    686:        if (pos > sk_GENERAL_NAME_num(gens))
                    687:                goto end;
                    688:
                    689:        gen = sk_GENERAL_NAME_value(gens, pos - 1);
                    690:
                    691:        /* read DNSName / Email */
                    692:        if (gen->type == GEN_DNS        ||
                    693:                gen->type == GEN_EMAIL  ||
                    694:                gen->type == GEN_URI )
                    695:        {
                    696:                /* make sure if the data is terminated by '\0'. */
                    697:                if (gen->d.ia5->data[gen->d.ia5->length] != '\0')
                    698:                {
                    699:                        plog(LLV_ERROR, LOCATION, NULL,
                    700:                                 "data is not terminated by NUL.");
1.15      mgrooms   701:                        racoon_hexdump(gen->d.ia5->data, gen->d.ia5->length + 1);
1.1       manu      702:                        goto end;
                    703:                }
                    704:
                    705:                len = gen->d.ia5->length + 1;
                    706:                *altname = racoon_malloc(len);
                    707:                if (!*altname)
                    708:                        goto end;
                    709:
1.4       manu      710:                strlcpy(*altname, (char *) gen->d.ia5->data, len);
1.1       manu      711:                *type = gen->type;
                    712:                error = 0;
                    713:        }
                    714:        /* read IP address */
                    715:        else if (gen->type == GEN_IPADD)
                    716:        {
                    717:                unsigned char p[5], *ip;
                    718:                ip = p;
                    719:
                    720:                /* only support IPv4 */
                    721:                if (gen->d.ip->length != 4)
                    722:                        goto end;
                    723:
                    724:                /* convert Octet String to String
                    725:                 * XXX ???????
                    726:                 */
                    727:                /*i2d_ASN1_OCTET_STRING(gen->d.ip,&ip);*/
                    728:                ip = gen->d.ip->data;
                    729:
                    730:                /* XXX Magic, enough for an IPv4 address
                    731:                 */
                    732:                *altname = racoon_malloc(20);
                    733:                if (!*altname)
                    734:                        goto end;
                    735:
                    736:                sprintf(*altname, "%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]);
                    737:                *type = gen->type;
                    738:                error = 0;
                    739:        }
                    740:        /* XXX other possible types ?
                    741:         * For now, error will be -1 if unsupported type
                    742:         */
                    743:
                    744: end:
                    745:        if (error) {
                    746:                if (*altname) {
                    747:                        racoon_free(*altname);
                    748:                        *altname = NULL;
                    749:                }
                    750:                plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
                    751:        }
                    752:        if (x509)
                    753:                X509_free(x509);
                    754:        if (gens)
                    755:                /* free the whole stack. */
                    756:                sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
                    757:
                    758:        return error;
                    759: }
                    760:
1.16.2.1! jym       761: /*
        !           762:  * get a issuerName from X509 certificate.
        !           763:  */
        !           764: vchar_t *
        !           765: eay_get_x509asn1issuername(cert)
        !           766:        vchar_t *cert;
        !           767: {
        !           768:        X509 *x509 = NULL;
        !           769:        u_char *bp;
        !           770:        vchar_t *name = NULL;
        !           771:        int len;
        !           772:
        !           773:        x509 = mem2x509(cert);
        !           774:        if (x509 == NULL)
        !           775:                goto error;
        !           776:
        !           777:        /* get the length of the name */
        !           778:        len = i2d_X509_NAME(x509->cert_info->issuer, NULL);
        !           779:        name = vmalloc(len);
        !           780:        if (name == NULL)
        !           781:                goto error;
        !           782:
        !           783:        /* get the name */
        !           784:        bp = (unsigned char *) name->v;
        !           785:        len = i2d_X509_NAME(x509->cert_info->issuer, &bp);
        !           786:
        !           787:        X509_free(x509);
        !           788:
        !           789:        return name;
        !           790:
        !           791: error:
        !           792:        plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
        !           793:
        !           794:        if (name != NULL)
        !           795:                vfree(name);
        !           796:        if (x509 != NULL)
        !           797:                X509_free(x509);
        !           798:
        !           799:        return NULL;
        !           800: }
1.1       manu      801:
                    802: /*
                    803:  * decode a X509 certificate and make a readable text terminated '\n'.
                    804:  * return the buffer allocated, so must free it later.
                    805:  */
                    806: char *
                    807: eay_get_x509text(cert)
                    808:        vchar_t *cert;
                    809: {
                    810:        X509 *x509 = NULL;
                    811:        BIO *bio = NULL;
                    812:        char *text = NULL;
                    813:        u_char *bp = NULL;
                    814:        int len = 0;
                    815:        int error = -1;
                    816:
                    817:        x509 = mem2x509(cert);
                    818:        if (x509 == NULL)
                    819:                goto end;
                    820:
                    821:        bio = BIO_new(BIO_s_mem());
                    822:        if (bio == NULL)
                    823:                goto end;
                    824:
                    825:        error = X509_print(bio, x509);
                    826:        if (error != 1) {
                    827:                error = -1;
                    828:                goto end;
                    829:        }
                    830:
                    831:        len = BIO_get_mem_data(bio, &bp);
                    832:        text = racoon_malloc(len + 1);
                    833:        if (text == NULL)
                    834:                goto end;
                    835:        memcpy(text, bp, len);
                    836:        text[len] = '\0';
                    837:
                    838:        error = 0;
                    839:
                    840:     end:
                    841:        if (error) {
                    842:                if (text) {
                    843:                        racoon_free(text);
                    844:                        text = NULL;
                    845:                }
                    846:                plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
                    847:        }
                    848:        if (bio)
                    849:                BIO_free(bio);
                    850:        if (x509)
                    851:                X509_free(x509);
                    852:
                    853:        return text;
                    854: }
                    855:
                    856: /* get X509 structure from buffer. */
                    857: static X509 *
                    858: mem2x509(cert)
                    859:        vchar_t *cert;
                    860: {
                    861:        X509 *x509;
                    862:
                    863: #ifndef EAYDEBUG
                    864:     {
                    865:        u_char *bp;
                    866:
1.16.2.1! jym       867:        bp = (unsigned char *) cert->v + 1;
1.1       manu      868:
1.16.2.1! jym       869:        x509 = d2i_X509(NULL, (void *)&bp, cert->l - 1);
1.1       manu      870:     }
                    871: #else
                    872:     {
                    873:        BIO *bio;
                    874:        int len;
                    875:
                    876:        bio = BIO_new(BIO_s_mem());
                    877:        if (bio == NULL)
                    878:                return NULL;
1.16.2.1! jym       879:        len = BIO_write(bio, cert->v + 1, cert->l - 1);
1.1       manu      880:        if (len == -1)
                    881:                return NULL;
                    882:        x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
                    883:        BIO_free(bio);
                    884:     }
                    885: #endif
                    886:        return x509;
                    887: }
                    888:
                    889: /*
                    890:  * get a X509 certificate from local file.
                    891:  * a certificate must be PEM format.
                    892:  * Input:
                    893:  *     path to a certificate.
                    894:  * Output:
                    895:  *     NULL if error occured
                    896:  *     other is the cert.
                    897:  */
                    898: vchar_t *
                    899: eay_get_x509cert(path)
                    900:        char *path;
                    901: {
                    902:        FILE *fp;
                    903:        X509 *x509;
                    904:        vchar_t *cert;
                    905:        u_char *bp;
                    906:        int len;
                    907:        int error;
                    908:
                    909:        /* Read private key */
                    910:        fp = fopen(path, "r");
                    911:        if (fp == NULL)
                    912:                return NULL;
                    913:        x509 = PEM_read_X509(fp, NULL, NULL, NULL);
                    914:        fclose (fp);
                    915:
                    916:        if (x509 == NULL)
                    917:                return NULL;
                    918:
                    919:        len = i2d_X509(x509, NULL);
1.16.2.1! jym       920:        cert = vmalloc(len + 1);
1.1       manu      921:        if (cert == NULL) {
                    922:                X509_free(x509);
                    923:                return NULL;
                    924:        }
1.16.2.1! jym       925:        cert->v[0] = ISAKMP_CERT_X509SIGN;
        !           926:        bp = (unsigned char *) &cert->v[1];
1.1       manu      927:        error = i2d_X509(x509, &bp);
                    928:        X509_free(x509);
                    929:
                    930:        if (error == 0) {
                    931:                vfree(cert);
                    932:                return NULL;
                    933:        }
                    934:
                    935:        return cert;
                    936: }
                    937:
                    938: /*
                    939:  * check a X509 signature
                    940:  *     XXX: to be get hash type from my cert ?
                    941:  *             to be handled EVP_dss().
                    942:  * OUT: return -1 when error.
                    943:  *     0
                    944:  */
                    945: int
                    946: eay_check_x509sign(source, sig, cert)
                    947:        vchar_t *source;
                    948:        vchar_t *sig;
                    949:        vchar_t *cert;
                    950: {
                    951:        X509 *x509;
                    952:        EVP_PKEY *evp;
                    953:        int res;
                    954:
1.16.2.1! jym       955:        x509 = mem2x509(cert);
        !           956:        if (x509 == NULL)
1.1       manu      957:                return -1;
                    958:
                    959:        evp = X509_get_pubkey(x509);
                    960:        if (! evp) {
                    961:                plog(LLV_ERROR, LOCATION, NULL, "X509_get_pubkey(): %s\n", eay_strerror());
1.16.2.1! jym       962:                X509_free(x509);
1.1       manu      963:                return -1;
                    964:        }
                    965:
                    966:        res = eay_rsa_verify(source, sig, evp->pkey.rsa);
                    967:
                    968:        EVP_PKEY_free(evp);
1.16.2.1! jym       969:        X509_free(x509);
1.1       manu      970:
                    971:        return res;
                    972: }
                    973:
                    974: /*
                    975:  * check RSA signature
                    976:  * OUT: return -1 when error.
                    977:  *     0 on success
                    978:  */
                    979: int
                    980: eay_check_rsasign(source, sig, rsa)
                    981:        vchar_t *source;
                    982:        vchar_t *sig;
                    983:        RSA *rsa;
                    984: {
                    985:        return eay_rsa_verify(source, sig, rsa);
                    986: }
                    987:
                    988: /*
                    989:  * get PKCS#1 Private Key of PEM format from local file.
                    990:  */
                    991: vchar_t *
                    992: eay_get_pkcs1privkey(path)
                    993:        char *path;
                    994: {
                    995:        FILE *fp;
                    996:        EVP_PKEY *evp = NULL;
                    997:        vchar_t *pkey = NULL;
                    998:        u_char *bp;
                    999:        int pkeylen;
                   1000:        int error = -1;
                   1001:
                   1002:        /* Read private key */
                   1003:        fp = fopen(path, "r");
                   1004:        if (fp == NULL)
                   1005:                return NULL;
                   1006:
                   1007:        evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
                   1008:
                   1009:        fclose (fp);
                   1010:
                   1011:        if (evp == NULL)
                   1012:                return NULL;
                   1013:
                   1014:        pkeylen = i2d_PrivateKey(evp, NULL);
                   1015:        if (pkeylen == 0)
                   1016:                goto end;
                   1017:        pkey = vmalloc(pkeylen);
                   1018:        if (pkey == NULL)
                   1019:                goto end;
1.4       manu     1020:        bp = (unsigned char *) pkey->v;
1.1       manu     1021:        pkeylen = i2d_PrivateKey(evp, &bp);
                   1022:        if (pkeylen == 0)
                   1023:                goto end;
                   1024:
                   1025:        error = 0;
                   1026:
                   1027: end:
                   1028:        if (evp != NULL)
                   1029:                EVP_PKEY_free(evp);
                   1030:        if (error != 0 && pkey != NULL) {
                   1031:                vfree(pkey);
                   1032:                pkey = NULL;
                   1033:        }
                   1034:
                   1035:        return pkey;
                   1036: }
                   1037:
                   1038: /*
                   1039:  * get PKCS#1 Public Key of PEM format from local file.
                   1040:  */
                   1041: vchar_t *
                   1042: eay_get_pkcs1pubkey(path)
                   1043:        char *path;
                   1044: {
                   1045:        FILE *fp;
                   1046:        EVP_PKEY *evp = NULL;
                   1047:        vchar_t *pkey = NULL;
                   1048:        X509 *x509 = NULL;
                   1049:        u_char *bp;
                   1050:        int pkeylen;
                   1051:        int error = -1;
                   1052:
                   1053:        /* Read private key */
                   1054:        fp = fopen(path, "r");
                   1055:        if (fp == NULL)
                   1056:                return NULL;
                   1057:
                   1058:        x509 = PEM_read_X509(fp, NULL, NULL, NULL);
                   1059:
                   1060:        fclose (fp);
                   1061:
                   1062:        if (x509 == NULL)
                   1063:                return NULL;
                   1064:
                   1065:        /* Get public key - eay */
                   1066:        evp = X509_get_pubkey(x509);
                   1067:        if (evp == NULL)
                   1068:                return NULL;
                   1069:
                   1070:        pkeylen = i2d_PublicKey(evp, NULL);
                   1071:        if (pkeylen == 0)
                   1072:                goto end;
                   1073:        pkey = vmalloc(pkeylen);
                   1074:        if (pkey == NULL)
                   1075:                goto end;
1.4       manu     1076:        bp = (unsigned char *) pkey->v;
1.1       manu     1077:        pkeylen = i2d_PublicKey(evp, &bp);
                   1078:        if (pkeylen == 0)
                   1079:                goto end;
                   1080:
                   1081:        error = 0;
                   1082: end:
                   1083:        if (evp != NULL)
                   1084:                EVP_PKEY_free(evp);
                   1085:        if (error != 0 && pkey != NULL) {
                   1086:                vfree(pkey);
                   1087:                pkey = NULL;
                   1088:        }
                   1089:
                   1090:        return pkey;
                   1091: }
                   1092:
                   1093: vchar_t *
                   1094: eay_get_x509sign(src, privkey)
                   1095:        vchar_t *src, *privkey;
                   1096: {
                   1097:        EVP_PKEY *evp;
1.4       manu     1098:        u_char *bp = (unsigned char *) privkey->v;
1.1       manu     1099:        vchar_t *sig = NULL;
                   1100:        int len;
                   1101:        int pad = RSA_PKCS1_PADDING;
                   1102:
                   1103:        /* XXX to be handled EVP_PKEY_DSA */
1.4       manu     1104:        evp = d2i_PrivateKey(EVP_PKEY_RSA, NULL, (void *)&bp, privkey->l);
1.1       manu     1105:        if (evp == NULL)
                   1106:                return NULL;
                   1107:
                   1108:        sig = eay_rsa_sign(src, evp->pkey.rsa);
                   1109:
                   1110:        EVP_PKEY_free(evp);
                   1111:
                   1112:        return sig;
                   1113: }
                   1114:
                   1115: vchar_t *
                   1116: eay_get_rsasign(src, rsa)
                   1117:        vchar_t *src;
                   1118:        RSA *rsa;
                   1119: {
                   1120:        return eay_rsa_sign(src, rsa);
                   1121: }
                   1122:
                   1123: vchar_t *
                   1124: eay_rsa_sign(vchar_t *src, RSA *rsa)
                   1125: {
                   1126:        int len;
                   1127:        vchar_t *sig = NULL;
                   1128:        int pad = RSA_PKCS1_PADDING;
                   1129:
                   1130:        len = RSA_size(rsa);
                   1131:
                   1132:        sig = vmalloc(len);
                   1133:        if (sig == NULL)
                   1134:                return NULL;
                   1135:
1.4       manu     1136:        len = RSA_private_encrypt(src->l, (unsigned char *) src->v,
                   1137:                        (unsigned char *) sig->v, rsa, pad);
1.1       manu     1138:
                   1139:        if (len == 0 || len != sig->l) {
                   1140:                vfree(sig);
                   1141:                sig = NULL;
                   1142:        }
                   1143:
                   1144:        return sig;
                   1145: }
                   1146:
                   1147: int
                   1148: eay_rsa_verify(src, sig, rsa)
                   1149:        vchar_t *src, *sig;
                   1150:        RSA *rsa;
                   1151: {
                   1152:        vchar_t *xbuf = NULL;
                   1153:        int pad = RSA_PKCS1_PADDING;
                   1154:        int len = 0;
                   1155:        int error;
                   1156:
                   1157:        len = RSA_size(rsa);
                   1158:        xbuf = vmalloc(len);
                   1159:        if (xbuf == NULL) {
                   1160:                plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
                   1161:                return -1;
                   1162:        }
                   1163:
1.4       manu     1164:        len = RSA_public_decrypt(sig->l, (unsigned char *) sig->v,
                   1165:                        (unsigned char *) xbuf->v, rsa, pad);
1.1       manu     1166:        if (len == 0 || len != src->l) {
                   1167:                plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
                   1168:                vfree(xbuf);
                   1169:                return -1;
                   1170:        }
                   1171:
                   1172:        error = memcmp(src->v, xbuf->v, src->l);
                   1173:        vfree(xbuf);
                   1174:        if (error != 0)
                   1175:                return -1;
                   1176:
                   1177:        return 0;
                   1178: }
                   1179:
                   1180: /*
                   1181:  * get error string
                   1182:  * MUST load ERR_load_crypto_strings() first.
                   1183:  */
                   1184: char *
                   1185: eay_strerror()
                   1186: {
                   1187:        static char ebuf[512];
                   1188:        int len = 0, n;
                   1189:        unsigned long l;
                   1190:        char buf[200];
                   1191:        const char *file, *data;
                   1192:        int line, flags;
                   1193:        unsigned long es;
                   1194:
                   1195:        es = CRYPTO_thread_id();
                   1196:
                   1197:        while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){
                   1198:                n = snprintf(ebuf + len, sizeof(ebuf) - len,
                   1199:                                "%lu:%s:%s:%d:%s ",
                   1200:                                es, ERR_error_string(l, buf), file, line,
                   1201:                                (flags & ERR_TXT_STRING) ? data : "");
                   1202:                if (n < 0 || n >= sizeof(ebuf) - len)
                   1203:                        break;
                   1204:                len += n;
                   1205:                if (sizeof(ebuf) < len)
                   1206:                        break;
                   1207:        }
                   1208:
                   1209:        return ebuf;
                   1210: }
                   1211:
                   1212: vchar_t *
                   1213: evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc)
                   1214: {
                   1215:        vchar_t *res;
                   1216:        EVP_CIPHER_CTX ctx;
                   1217:
                   1218:        if (!e)
                   1219:                return NULL;
                   1220:
                   1221:        if (data->l % EVP_CIPHER_block_size(e))
                   1222:                return NULL;
                   1223:
                   1224:        if ((res = vmalloc(data->l)) == NULL)
                   1225:                return NULL;
                   1226:
                   1227:        EVP_CIPHER_CTX_init(&ctx);
                   1228:
1.4       manu     1229:        switch(EVP_CIPHER_nid(e)){
                   1230:        case NID_bf_cbc:
                   1231:        case NID_bf_ecb:
                   1232:        case NID_bf_cfb64:
                   1233:        case NID_bf_ofb64:
                   1234:        case NID_cast5_cbc:
                   1235:        case NID_cast5_ecb:
                   1236:        case NID_cast5_cfb64:
                   1237:        case NID_cast5_ofb64:
                   1238:                /* XXX: can we do that also for algos with a fixed key size ?
                   1239:                 */
                   1240:                /* init context without key/iv
                   1241:          */
                   1242:         if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc))
                   1243:         {
                   1244:             OpenSSL_BUG();
                   1245:             vfree(res);
                   1246:             return NULL;
                   1247:         }
                   1248:
                   1249:         /* update key size
                   1250:          */
                   1251:         if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l))
                   1252:         {
                   1253:             OpenSSL_BUG();
                   1254:             vfree(res);
                   1255:             return NULL;
                   1256:         }
                   1257:
                   1258:         /* finalize context init with desired key size
                   1259:          */
                   1260:         if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v,
                   1261:                                                        (u_char *) iv->v, enc))
                   1262:         {
                   1263:             OpenSSL_BUG();
                   1264:             vfree(res);
                   1265:             return NULL;
                   1266:                }
                   1267:                break;
                   1268:        default:
                   1269:                if (!EVP_CipherInit(&ctx, e, (u_char *) key->v,
                   1270:                                                        (u_char *) iv->v, enc)) {
                   1271:                        OpenSSL_BUG();
                   1272:                        vfree(res);
                   1273:                        return NULL;
                   1274:                }
1.1       manu     1275:        }
1.4       manu     1276:
                   1277:        /* disable openssl padding */
                   1278:        EVP_CIPHER_CTX_set_padding(&ctx, 0);
1.1       manu     1279:
1.4       manu     1280:        if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) {
1.1       manu     1281:                OpenSSL_BUG();
                   1282:                vfree(res);
                   1283:                return NULL;
                   1284:        }
                   1285:
                   1286:        EVP_CIPHER_CTX_cleanup(&ctx);
                   1287:
                   1288:        return res;
                   1289: }
                   1290:
                   1291: int
                   1292: evp_weakkey(vchar_t *key, const EVP_CIPHER *e)
                   1293: {
                   1294:        return 0;
                   1295: }
                   1296:
                   1297: int
                   1298: evp_keylen(int len, const EVP_CIPHER *e)
                   1299: {
                   1300:        if (!e)
                   1301:                return -1;
1.2       manu     1302:        /* EVP functions return lengths in bytes, ipsec-tools
                   1303:         * uses lengths in bits, therefore conversion is required. --AK
                   1304:         */
                   1305:        if (len != 0 && len != (EVP_CIPHER_key_length(e) << 3))
1.1       manu     1306:                return -1;
                   1307:
1.2       manu     1308:        return EVP_CIPHER_key_length(e) << 3;
1.1       manu     1309: }
                   1310:
                   1311: /*
                   1312:  * DES-CBC
                   1313:  */
                   1314: vchar_t *
                   1315: eay_des_encrypt(data, key, iv)
                   1316:        vchar_t *data, *key, *iv;
                   1317: {
                   1318:        return evp_crypt(data, key, iv, EVP_des_cbc(), 1);
                   1319: }
                   1320:
                   1321: vchar_t *
                   1322: eay_des_decrypt(data, key, iv)
                   1323:        vchar_t *data, *key, *iv;
                   1324: {
                   1325:        return evp_crypt(data, key, iv, EVP_des_cbc(), 0);
                   1326: }
                   1327:
                   1328: int
                   1329: eay_des_weakkey(key)
                   1330:        vchar_t *key;
                   1331: {
                   1332: #ifdef USE_NEW_DES_API
                   1333:        return DES_is_weak_key((void *)key->v);
                   1334: #else
                   1335:        return des_is_weak_key((void *)key->v);
                   1336: #endif
                   1337: }
                   1338:
                   1339: int
                   1340: eay_des_keylen(len)
                   1341:        int len;
                   1342: {
                   1343:        return evp_keylen(len, EVP_des_cbc());
                   1344: }
                   1345:
1.2       manu     1346: #ifdef HAVE_OPENSSL_IDEA_H
                   1347: /*
                   1348:  * IDEA-CBC
                   1349:  */
                   1350: vchar_t *
                   1351: eay_idea_encrypt(data, key, iv)
                   1352:        vchar_t *data, *key, *iv;
                   1353: {
                   1354:        vchar_t *res;
                   1355:        IDEA_KEY_SCHEDULE ks;
                   1356:
1.14      vanhu    1357:        idea_set_encrypt_key((unsigned char *)key->v, &ks);
1.2       manu     1358:
                   1359:        /* allocate buffer for result */
                   1360:        if ((res = vmalloc(data->l)) == NULL)
                   1361:                return NULL;
                   1362:
                   1363:        /* decryption data */
1.14      vanhu    1364:        idea_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
                   1365:                        &ks, (unsigned char *)iv->v, IDEA_ENCRYPT);
1.2       manu     1366:
                   1367:        return res;
                   1368: }
                   1369:
                   1370: vchar_t *
                   1371: eay_idea_decrypt(data, key, iv)
                   1372:        vchar_t *data, *key, *iv;
                   1373: {
                   1374:        vchar_t *res;
                   1375:        IDEA_KEY_SCHEDULE ks, dks;
                   1376:
1.14      vanhu    1377:        idea_set_encrypt_key((unsigned char *)key->v, &ks);
1.2       manu     1378:        idea_set_decrypt_key(&ks, &dks);
                   1379:
                   1380:        /* allocate buffer for result */
                   1381:        if ((res = vmalloc(data->l)) == NULL)
                   1382:                return NULL;
                   1383:
                   1384:        /* decryption data */
1.14      vanhu    1385:        idea_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
                   1386:                        &dks, (unsigned char *)iv->v, IDEA_DECRYPT);
1.2       manu     1387:
                   1388:        return res;
                   1389: }
                   1390:
                   1391: int
                   1392: eay_idea_weakkey(key)
                   1393:        vchar_t *key;
                   1394: {
                   1395:        return 0;       /* XXX */
                   1396: }
                   1397:
                   1398: int
                   1399: eay_idea_keylen(len)
                   1400:        int len;
                   1401: {
                   1402:        if (len != 0 && len != 128)
                   1403:                return -1;
                   1404:        return 128;
                   1405: }
                   1406: #endif
                   1407:
1.1       manu     1408: /*
                   1409:  * BLOWFISH-CBC
                   1410:  */
                   1411: vchar_t *
                   1412: eay_bf_encrypt(data, key, iv)
                   1413:        vchar_t *data, *key, *iv;
                   1414: {
                   1415:        return evp_crypt(data, key, iv, EVP_bf_cbc(), 1);
                   1416: }
                   1417:
                   1418: vchar_t *
                   1419: eay_bf_decrypt(data, key, iv)
                   1420:        vchar_t *data, *key, *iv;
                   1421: {
                   1422:        return evp_crypt(data, key, iv, EVP_bf_cbc(), 0);
                   1423: }
                   1424:
                   1425: int
                   1426: eay_bf_weakkey(key)
                   1427:        vchar_t *key;
                   1428: {
                   1429:        return 0;       /* XXX to be done. refer to RFC 2451 */
                   1430: }
                   1431:
                   1432: int
                   1433: eay_bf_keylen(len)
                   1434:        int len;
                   1435: {
                   1436:        if (len == 0)
                   1437:                return 448;
                   1438:        if (len < 40 || len > 448)
                   1439:                return -1;
                   1440:        return len;
                   1441: }
                   1442:
1.2       manu     1443: #ifdef HAVE_OPENSSL_RC5_H
                   1444: /*
                   1445:  * RC5-CBC
                   1446:  */
                   1447: vchar_t *
                   1448: eay_rc5_encrypt(data, key, iv)
                   1449:        vchar_t *data, *key, *iv;
                   1450: {
                   1451:        vchar_t *res;
                   1452:        RC5_32_KEY ks;
                   1453:
                   1454:        /* in RFC 2451, there is information about the number of round. */
1.14      vanhu    1455:        RC5_32_set_key(&ks, key->l, (unsigned char *)key->v, 16);
1.2       manu     1456:
                   1457:        /* allocate buffer for result */
                   1458:        if ((res = vmalloc(data->l)) == NULL)
                   1459:                return NULL;
                   1460:
                   1461:        /* decryption data */
1.14      vanhu    1462:        RC5_32_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
                   1463:                &ks, (unsigned char *)iv->v, RC5_ENCRYPT);
1.2       manu     1464:
                   1465:        return res;
                   1466: }
                   1467:
                   1468: vchar_t *
                   1469: eay_rc5_decrypt(data, key, iv)
                   1470:        vchar_t *data, *key, *iv;
                   1471: {
                   1472:        vchar_t *res;
                   1473:        RC5_32_KEY ks;
                   1474:
                   1475:        /* in RFC 2451, there is information about the number of round. */
1.14      vanhu    1476:        RC5_32_set_key(&ks, key->l, (unsigned char *)key->v, 16);
1.2       manu     1477:
                   1478:        /* allocate buffer for result */
                   1479:        if ((res = vmalloc(data->l)) == NULL)
                   1480:                return NULL;
                   1481:
                   1482:        /* decryption data */
1.14      vanhu    1483:        RC5_32_cbc_encrypt((unsigned char *)data->v, (unsigned char *)res->v, data->l,
                   1484:                &ks, (unsigned char *)iv->v, RC5_DECRYPT);
1.2       manu     1485:
                   1486:        return res;
                   1487: }
                   1488:
                   1489: int
                   1490: eay_rc5_weakkey(key)
                   1491:        vchar_t *key;
                   1492: {
                   1493:        return 0;       /* No known weak keys when used with 16 rounds. */
                   1494:
                   1495: }
                   1496:
                   1497: int
                   1498: eay_rc5_keylen(len)
                   1499:        int len;
                   1500: {
                   1501:        if (len == 0)
                   1502:                return 128;
                   1503:        if (len < 40 || len > 2040)
                   1504:                return -1;
                   1505:        return len;
                   1506: }
                   1507: #endif
                   1508:
1.1       manu     1509: /*
                   1510:  * 3DES-CBC
                   1511:  */
                   1512: vchar_t *
                   1513: eay_3des_encrypt(data, key, iv)
                   1514:        vchar_t *data, *key, *iv;
                   1515: {
                   1516:        return evp_crypt(data, key, iv, EVP_des_ede3_cbc(), 1);
                   1517: }
                   1518:
                   1519: vchar_t *
                   1520: eay_3des_decrypt(data, key, iv)
                   1521:        vchar_t *data, *key, *iv;
                   1522: {
                   1523:        return evp_crypt(data, key, iv, EVP_des_ede3_cbc(), 0);
                   1524: }
                   1525:
                   1526: int
                   1527: eay_3des_weakkey(key)
                   1528:        vchar_t *key;
                   1529: {
                   1530: #ifdef USE_NEW_DES_API
                   1531:        return (DES_is_weak_key((void *)key->v) ||
                   1532:            DES_is_weak_key((void *)(key->v + 8)) ||
                   1533:            DES_is_weak_key((void *)(key->v + 16)));
                   1534: #else
                   1535:        if (key->l < 24)
                   1536:                return 0;
                   1537:
                   1538:        return (des_is_weak_key((void *)key->v) ||
                   1539:            des_is_weak_key((void *)(key->v + 8)) ||
                   1540:            des_is_weak_key((void *)(key->v + 16)));
                   1541: #endif
                   1542: }
                   1543:
                   1544: int
                   1545: eay_3des_keylen(len)
                   1546:        int len;
                   1547: {
                   1548:        if (len != 0 && len != 192)
                   1549:                return -1;
                   1550:        return 192;
                   1551: }
                   1552:
                   1553: /*
                   1554:  * CAST-CBC
                   1555:  */
                   1556: vchar_t *
                   1557: eay_cast_encrypt(data, key, iv)
                   1558:        vchar_t *data, *key, *iv;
                   1559: {
                   1560:        return evp_crypt(data, key, iv, EVP_cast5_cbc(), 1);
                   1561: }
                   1562:
                   1563: vchar_t *
                   1564: eay_cast_decrypt(data, key, iv)
                   1565:        vchar_t *data, *key, *iv;
                   1566: {
                   1567:        return evp_crypt(data, key, iv, EVP_cast5_cbc(), 0);
                   1568: }
                   1569:
                   1570: int
                   1571: eay_cast_weakkey(key)
                   1572:        vchar_t *key;
                   1573: {
                   1574:        return 0;       /* No known weak keys. */
                   1575: }
                   1576:
                   1577: int
                   1578: eay_cast_keylen(len)
                   1579:        int len;
                   1580: {
                   1581:        if (len == 0)
                   1582:                return 128;
                   1583:        if (len < 40 || len > 128)
                   1584:                return -1;
                   1585:        return len;
                   1586: }
                   1587:
                   1588: /*
                   1589:  * AES(RIJNDAEL)-CBC
                   1590:  */
                   1591: #ifndef HAVE_OPENSSL_AES_H
                   1592: vchar_t *
                   1593: eay_aes_encrypt(data, key, iv)
                   1594:        vchar_t *data, *key, *iv;
                   1595: {
                   1596:        vchar_t *res;
                   1597:        keyInstance k;
                   1598:        cipherInstance c;
                   1599:
                   1600:        memset(&k, 0, sizeof(k));
                   1601:        if (rijndael_makeKey(&k, DIR_ENCRYPT, key->l << 3, key->v) < 0)
                   1602:                return NULL;
                   1603:
                   1604:        /* allocate buffer for result */
                   1605:        if ((res = vmalloc(data->l)) == NULL)
                   1606:                return NULL;
                   1607:
                   1608:        /* encryption data */
                   1609:        memset(&c, 0, sizeof(c));
                   1610:        if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0){
                   1611:                vfree(res);
                   1612:                return NULL;
                   1613:        }
                   1614:        if (rijndael_blockEncrypt(&c, &k, data->v, data->l << 3, res->v) < 0){
                   1615:                vfree(res);
                   1616:                return NULL;
                   1617:        }
                   1618:
                   1619:        return res;
                   1620: }
                   1621:
                   1622: vchar_t *
                   1623: eay_aes_decrypt(data, key, iv)
                   1624:        vchar_t *data, *key, *iv;
                   1625: {
                   1626:        vchar_t *res;
                   1627:        keyInstance k;
                   1628:        cipherInstance c;
                   1629:
                   1630:        memset(&k, 0, sizeof(k));
                   1631:        if (rijndael_makeKey(&k, DIR_DECRYPT, key->l << 3, key->v) < 0)
                   1632:                return NULL;
                   1633:
                   1634:        /* allocate buffer for result */
                   1635:        if ((res = vmalloc(data->l)) == NULL)
                   1636:                return NULL;
                   1637:
                   1638:        /* decryption data */
                   1639:        memset(&c, 0, sizeof(c));
                   1640:        if (rijndael_cipherInit(&c, MODE_CBC, iv->v) < 0){
                   1641:                vfree(res);
                   1642:                return NULL;
                   1643:        }
                   1644:        if (rijndael_blockDecrypt(&c, &k, data->v, data->l << 3, res->v) < 0){
                   1645:                vfree(res);
                   1646:                return NULL;
                   1647:        }
                   1648:
                   1649:        return res;
                   1650: }
                   1651: #else
                   1652: static inline const EVP_CIPHER *
                   1653: aes_evp_by_keylen(int keylen)
                   1654: {
                   1655:        switch(keylen) {
                   1656:                case 16:
                   1657:                case 128:
                   1658:                        return EVP_aes_128_cbc();
                   1659:                case 24:
                   1660:                case 192:
                   1661:                        return EVP_aes_192_cbc();
                   1662:                case 32:
                   1663:                case 256:
                   1664:                        return EVP_aes_256_cbc();
                   1665:                default:
                   1666:                        return NULL;
                   1667:        }
                   1668: }
                   1669:
                   1670: vchar_t *
                   1671: eay_aes_encrypt(data, key, iv)
                   1672:        vchar_t *data, *key, *iv;
                   1673: {
                   1674:        return evp_crypt(data, key, iv, aes_evp_by_keylen(key->l), 1);
                   1675: }
                   1676:
                   1677: vchar_t *
                   1678: eay_aes_decrypt(data, key, iv)
                   1679:        vchar_t *data, *key, *iv;
                   1680: {
                   1681:        return evp_crypt(data, key, iv, aes_evp_by_keylen(key->l), 0);
                   1682: }
                   1683: #endif
                   1684:
                   1685: int
                   1686: eay_aes_weakkey(key)
                   1687:        vchar_t *key;
                   1688: {
                   1689:        return 0;
                   1690: }
                   1691:
                   1692: int
                   1693: eay_aes_keylen(len)
                   1694:        int len;
                   1695: {
                   1696:        if (len == 0)
                   1697:                return 128;
                   1698:        if (len != 128 && len != 192 && len != 256)
                   1699:                return -1;
                   1700:        return len;
                   1701: }
                   1702:
1.10      manu     1703: #if defined(HAVE_OPENSSL_CAMELLIA_H)
                   1704: /*
                   1705:  * CAMELLIA-CBC
                   1706:  */
                   1707: static inline const EVP_CIPHER *
                   1708: camellia_evp_by_keylen(int keylen)
                   1709: {
                   1710:        switch(keylen) {
                   1711:                case 16:
                   1712:                case 128:
                   1713:                        return EVP_camellia_128_cbc();
                   1714:                case 24:
                   1715:                case 192:
                   1716:                        return EVP_camellia_192_cbc();
                   1717:                case 32:
                   1718:                case 256:
                   1719:                        return EVP_camellia_256_cbc();
                   1720:                default:
                   1721:                        return NULL;
                   1722:        }
                   1723: }
                   1724:
                   1725: vchar_t *
                   1726: eay_camellia_encrypt(data, key, iv)
                   1727:        vchar_t *data, *key, *iv;
                   1728: {
                   1729:        return evp_crypt(data, key, iv, camellia_evp_by_keylen(key->l), 1);
                   1730: }
                   1731:
                   1732: vchar_t *
                   1733: eay_camellia_decrypt(data, key, iv)
                   1734:        vchar_t *data, *key, *iv;
                   1735: {
                   1736:        return evp_crypt(data, key, iv, camellia_evp_by_keylen(key->l), 0);
                   1737: }
                   1738:
                   1739: int
                   1740: eay_camellia_weakkey(key)
                   1741:        vchar_t *key;
                   1742: {
                   1743:        return 0;
                   1744: }
                   1745:
                   1746: int
                   1747: eay_camellia_keylen(len)
                   1748:        int len;
                   1749: {
                   1750:        if (len == 0)
                   1751:                return 128;
                   1752:        if (len != 128 && len != 192 && len != 256)
                   1753:                return -1;
                   1754:        return len;
                   1755: }
                   1756:
                   1757: #endif
                   1758:
1.1       manu     1759: /* for ipsec part */
                   1760: int
                   1761: eay_null_hashlen()
                   1762: {
                   1763:        return 0;
                   1764: }
                   1765:
                   1766: int
                   1767: eay_kpdk_hashlen()
                   1768: {
                   1769:        return 0;
                   1770: }
                   1771:
                   1772: int
                   1773: eay_twofish_keylen(len)
                   1774:        int len;
                   1775: {
                   1776:        if (len < 0 || len > 256)
                   1777:                return -1;
                   1778:        return len;
                   1779: }
                   1780:
                   1781: int
                   1782: eay_null_keylen(len)
                   1783:        int len;
                   1784: {
                   1785:        return 0;
                   1786: }
                   1787:
                   1788: /*
                   1789:  * HMAC functions
                   1790:  */
                   1791: static caddr_t
                   1792: eay_hmac_init(key, md)
                   1793:        vchar_t *key;
                   1794:        const EVP_MD *md;
                   1795: {
                   1796:        HMAC_CTX *c = racoon_malloc(sizeof(*c));
                   1797:
                   1798:        HMAC_Init(c, key->v, key->l, md);
                   1799:
                   1800:        return (caddr_t)c;
                   1801: }
                   1802:
                   1803: #ifdef WITH_SHA2
                   1804: /*
                   1805:  * HMAC SHA2-512
                   1806:  */
                   1807: vchar_t *
                   1808: eay_hmacsha2_512_one(key, data)
                   1809:        vchar_t *key, *data;
                   1810: {
                   1811:        vchar_t *res;
                   1812:        caddr_t ctx;
                   1813:
                   1814:        ctx = eay_hmacsha2_512_init(key);
                   1815:        eay_hmacsha2_512_update(ctx, data);
                   1816:        res = eay_hmacsha2_512_final(ctx);
                   1817:
                   1818:        return(res);
                   1819: }
                   1820:
                   1821: caddr_t
                   1822: eay_hmacsha2_512_init(key)
                   1823:        vchar_t *key;
                   1824: {
                   1825:        return eay_hmac_init(key, EVP_sha2_512());
                   1826: }
                   1827:
                   1828: void
                   1829: eay_hmacsha2_512_update(c, data)
                   1830:        caddr_t c;
                   1831:        vchar_t *data;
                   1832: {
1.4       manu     1833:        HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     1834: }
                   1835:
                   1836: vchar_t *
                   1837: eay_hmacsha2_512_final(c)
                   1838:        caddr_t c;
                   1839: {
                   1840:        vchar_t *res;
                   1841:        unsigned int l;
                   1842:
                   1843:        if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0)
                   1844:                return NULL;
                   1845:
1.4       manu     1846:        HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1       manu     1847:        res->l = l;
                   1848:        HMAC_cleanup((HMAC_CTX *)c);
                   1849:        (void)racoon_free(c);
                   1850:
                   1851:        if (SHA512_DIGEST_LENGTH != res->l) {
                   1852:                plog(LLV_ERROR, LOCATION, NULL,
                   1853:                        "hmac sha2_512 length mismatch %zd.\n", res->l);
                   1854:                vfree(res);
                   1855:                return NULL;
                   1856:        }
                   1857:
                   1858:        return(res);
                   1859: }
                   1860:
                   1861: /*
                   1862:  * HMAC SHA2-384
                   1863:  */
                   1864: vchar_t *
                   1865: eay_hmacsha2_384_one(key, data)
                   1866:        vchar_t *key, *data;
                   1867: {
                   1868:        vchar_t *res;
                   1869:        caddr_t ctx;
                   1870:
                   1871:        ctx = eay_hmacsha2_384_init(key);
                   1872:        eay_hmacsha2_384_update(ctx, data);
                   1873:        res = eay_hmacsha2_384_final(ctx);
                   1874:
                   1875:        return(res);
                   1876: }
                   1877:
                   1878: caddr_t
                   1879: eay_hmacsha2_384_init(key)
                   1880:        vchar_t *key;
                   1881: {
                   1882:        return eay_hmac_init(key, EVP_sha2_384());
                   1883: }
                   1884:
                   1885: void
                   1886: eay_hmacsha2_384_update(c, data)
                   1887:        caddr_t c;
                   1888:        vchar_t *data;
                   1889: {
1.4       manu     1890:        HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     1891: }
                   1892:
                   1893: vchar_t *
                   1894: eay_hmacsha2_384_final(c)
                   1895:        caddr_t c;
                   1896: {
                   1897:        vchar_t *res;
                   1898:        unsigned int l;
                   1899:
                   1900:        if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0)
                   1901:                return NULL;
                   1902:
1.4       manu     1903:        HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1       manu     1904:        res->l = l;
                   1905:        HMAC_cleanup((HMAC_CTX *)c);
                   1906:        (void)racoon_free(c);
                   1907:
                   1908:        if (SHA384_DIGEST_LENGTH != res->l) {
                   1909:                plog(LLV_ERROR, LOCATION, NULL,
                   1910:                        "hmac sha2_384 length mismatch %zd.\n", res->l);
                   1911:                vfree(res);
                   1912:                return NULL;
                   1913:        }
                   1914:
                   1915:        return(res);
                   1916: }
                   1917:
                   1918: /*
                   1919:  * HMAC SHA2-256
                   1920:  */
                   1921: vchar_t *
                   1922: eay_hmacsha2_256_one(key, data)
                   1923:        vchar_t *key, *data;
                   1924: {
                   1925:        vchar_t *res;
                   1926:        caddr_t ctx;
                   1927:
                   1928:        ctx = eay_hmacsha2_256_init(key);
                   1929:        eay_hmacsha2_256_update(ctx, data);
                   1930:        res = eay_hmacsha2_256_final(ctx);
                   1931:
                   1932:        return(res);
                   1933: }
                   1934:
                   1935: caddr_t
                   1936: eay_hmacsha2_256_init(key)
                   1937:        vchar_t *key;
                   1938: {
                   1939:        return eay_hmac_init(key, EVP_sha2_256());
                   1940: }
                   1941:
                   1942: void
                   1943: eay_hmacsha2_256_update(c, data)
                   1944:        caddr_t c;
                   1945:        vchar_t *data;
                   1946: {
1.4       manu     1947:        HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     1948: }
                   1949:
                   1950: vchar_t *
                   1951: eay_hmacsha2_256_final(c)
                   1952:        caddr_t c;
                   1953: {
                   1954:        vchar_t *res;
                   1955:        unsigned int l;
                   1956:
                   1957:        if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0)
                   1958:                return NULL;
                   1959:
1.4       manu     1960:        HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1       manu     1961:        res->l = l;
                   1962:        HMAC_cleanup((HMAC_CTX *)c);
                   1963:        (void)racoon_free(c);
                   1964:
                   1965:        if (SHA256_DIGEST_LENGTH != res->l) {
                   1966:                plog(LLV_ERROR, LOCATION, NULL,
                   1967:                        "hmac sha2_256 length mismatch %zd.\n", res->l);
                   1968:                vfree(res);
                   1969:                return NULL;
                   1970:        }
                   1971:
                   1972:        return(res);
                   1973: }
                   1974: #endif /* WITH_SHA2 */
                   1975:
                   1976: /*
                   1977:  * HMAC SHA1
                   1978:  */
                   1979: vchar_t *
                   1980: eay_hmacsha1_one(key, data)
                   1981:        vchar_t *key, *data;
                   1982: {
                   1983:        vchar_t *res;
                   1984:        caddr_t ctx;
                   1985:
                   1986:        ctx = eay_hmacsha1_init(key);
                   1987:        eay_hmacsha1_update(ctx, data);
                   1988:        res = eay_hmacsha1_final(ctx);
                   1989:
                   1990:        return(res);
                   1991: }
                   1992:
                   1993: caddr_t
                   1994: eay_hmacsha1_init(key)
                   1995:        vchar_t *key;
                   1996: {
                   1997:        return eay_hmac_init(key, EVP_sha1());
                   1998: }
                   1999:
                   2000: void
                   2001: eay_hmacsha1_update(c, data)
                   2002:        caddr_t c;
                   2003:        vchar_t *data;
                   2004: {
1.4       manu     2005:        HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     2006: }
                   2007:
                   2008: vchar_t *
                   2009: eay_hmacsha1_final(c)
                   2010:        caddr_t c;
                   2011: {
                   2012:        vchar_t *res;
                   2013:        unsigned int l;
                   2014:
                   2015:        if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0)
                   2016:                return NULL;
                   2017:
1.4       manu     2018:        HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1       manu     2019:        res->l = l;
                   2020:        HMAC_cleanup((HMAC_CTX *)c);
                   2021:        (void)racoon_free(c);
                   2022:
                   2023:        if (SHA_DIGEST_LENGTH != res->l) {
                   2024:                plog(LLV_ERROR, LOCATION, NULL,
                   2025:                        "hmac sha1 length mismatch %zd.\n", res->l);
                   2026:                vfree(res);
                   2027:                return NULL;
                   2028:        }
                   2029:
                   2030:        return(res);
                   2031: }
                   2032:
                   2033: /*
                   2034:  * HMAC MD5
                   2035:  */
                   2036: vchar_t *
                   2037: eay_hmacmd5_one(key, data)
                   2038:        vchar_t *key, *data;
                   2039: {
                   2040:        vchar_t *res;
                   2041:        caddr_t ctx;
                   2042:
                   2043:        ctx = eay_hmacmd5_init(key);
                   2044:        eay_hmacmd5_update(ctx, data);
                   2045:        res = eay_hmacmd5_final(ctx);
                   2046:
                   2047:        return(res);
                   2048: }
                   2049:
                   2050: caddr_t
                   2051: eay_hmacmd5_init(key)
                   2052:        vchar_t *key;
                   2053: {
                   2054:        return eay_hmac_init(key, EVP_md5());
                   2055: }
                   2056:
                   2057: void
                   2058: eay_hmacmd5_update(c, data)
                   2059:        caddr_t c;
                   2060:        vchar_t *data;
                   2061: {
1.4       manu     2062:        HMAC_Update((HMAC_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     2063: }
                   2064:
                   2065: vchar_t *
                   2066: eay_hmacmd5_final(c)
                   2067:        caddr_t c;
                   2068: {
                   2069:        vchar_t *res;
                   2070:        unsigned int l;
                   2071:
                   2072:        if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0)
                   2073:                return NULL;
                   2074:
1.4       manu     2075:        HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
1.1       manu     2076:        res->l = l;
                   2077:        HMAC_cleanup((HMAC_CTX *)c);
                   2078:        (void)racoon_free(c);
                   2079:
                   2080:        if (MD5_DIGEST_LENGTH != res->l) {
                   2081:                plog(LLV_ERROR, LOCATION, NULL,
                   2082:                        "hmac md5 length mismatch %zd.\n", res->l);
                   2083:                vfree(res);
                   2084:                return NULL;
                   2085:        }
                   2086:
                   2087:        return(res);
                   2088: }
                   2089:
                   2090: #ifdef WITH_SHA2
                   2091: /*
                   2092:  * SHA2-512 functions
                   2093:  */
                   2094: caddr_t
                   2095: eay_sha2_512_init()
                   2096: {
                   2097:        SHA512_CTX *c = racoon_malloc(sizeof(*c));
                   2098:
                   2099:        SHA512_Init(c);
                   2100:
                   2101:        return((caddr_t)c);
                   2102: }
                   2103:
                   2104: void
                   2105: eay_sha2_512_update(c, data)
                   2106:        caddr_t c;
                   2107:        vchar_t *data;
                   2108: {
1.4       manu     2109:        SHA512_Update((SHA512_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     2110:
                   2111:        return;
                   2112: }
                   2113:
                   2114: vchar_t *
                   2115: eay_sha2_512_final(c)
                   2116:        caddr_t c;
                   2117: {
                   2118:        vchar_t *res;
                   2119:
                   2120:        if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0)
                   2121:                return(0);
                   2122:
1.4       manu     2123:        SHA512_Final((unsigned char *) res->v, (SHA512_CTX *)c);
1.1       manu     2124:        (void)racoon_free(c);
                   2125:
                   2126:        return(res);
                   2127: }
                   2128:
                   2129: vchar_t *
                   2130: eay_sha2_512_one(data)
                   2131:        vchar_t *data;
                   2132: {
                   2133:        caddr_t ctx;
                   2134:        vchar_t *res;
                   2135:
                   2136:        ctx = eay_sha2_512_init();
                   2137:        eay_sha2_512_update(ctx, data);
                   2138:        res = eay_sha2_512_final(ctx);
                   2139:
                   2140:        return(res);
                   2141: }
                   2142:
                   2143: int
                   2144: eay_sha2_512_hashlen()
                   2145: {
                   2146:        return SHA512_DIGEST_LENGTH << 3;
                   2147: }
                   2148: #endif
                   2149:
                   2150: #ifdef WITH_SHA2
                   2151: /*
                   2152:  * SHA2-384 functions
                   2153:  */
                   2154: caddr_t
                   2155: eay_sha2_384_init()
                   2156: {
                   2157:        SHA384_CTX *c = racoon_malloc(sizeof(*c));
                   2158:
                   2159:        SHA384_Init(c);
                   2160:
                   2161:        return((caddr_t)c);
                   2162: }
                   2163:
                   2164: void
                   2165: eay_sha2_384_update(c, data)
                   2166:        caddr_t c;
                   2167:        vchar_t *data;
                   2168: {
1.4       manu     2169:        SHA384_Update((SHA384_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     2170:
                   2171:        return;
                   2172: }
                   2173:
                   2174: vchar_t *
                   2175: eay_sha2_384_final(c)
                   2176:        caddr_t c;
                   2177: {
                   2178:        vchar_t *res;
                   2179:
                   2180:        if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0)
                   2181:                return(0);
                   2182:
1.4       manu     2183:        SHA384_Final((unsigned char *) res->v, (SHA384_CTX *)c);
1.1       manu     2184:        (void)racoon_free(c);
                   2185:
                   2186:        return(res);
                   2187: }
                   2188:
                   2189: vchar_t *
                   2190: eay_sha2_384_one(data)
                   2191:        vchar_t *data;
                   2192: {
                   2193:        caddr_t ctx;
                   2194:        vchar_t *res;
                   2195:
                   2196:        ctx = eay_sha2_384_init();
                   2197:        eay_sha2_384_update(ctx, data);
                   2198:        res = eay_sha2_384_final(ctx);
                   2199:
                   2200:        return(res);
                   2201: }
                   2202:
                   2203: int
                   2204: eay_sha2_384_hashlen()
                   2205: {
                   2206:        return SHA384_DIGEST_LENGTH << 3;
                   2207: }
                   2208: #endif
                   2209:
                   2210: #ifdef WITH_SHA2
                   2211: /*
                   2212:  * SHA2-256 functions
                   2213:  */
                   2214: caddr_t
                   2215: eay_sha2_256_init()
                   2216: {
                   2217:        SHA256_CTX *c = racoon_malloc(sizeof(*c));
                   2218:
                   2219:        SHA256_Init(c);
                   2220:
                   2221:        return((caddr_t)c);
                   2222: }
                   2223:
                   2224: void
                   2225: eay_sha2_256_update(c, data)
                   2226:        caddr_t c;
                   2227:        vchar_t *data;
                   2228: {
1.4       manu     2229:        SHA256_Update((SHA256_CTX *)c, (unsigned char *) data->v, data->l);
1.1       manu     2230:
                   2231:        return;
                   2232: }
                   2233:
                   2234: vchar_t *
                   2235: eay_sha2_256_final(c)
                   2236:        caddr_t c;
                   2237: {
                   2238:        vchar_t *res;
                   2239:
                   2240:        if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0)
                   2241:                return(0);
                   2242:
1.4       manu     2243:        SHA256_Final((unsigned char *) res->v, (SHA256_CTX *)c);
1.1       manu     2244:        (void)racoon_free(c);
                   2245:
                   2246:        return(res);
                   2247: }
                   2248:
                   2249: vchar_t *
                   2250: eay_sha2_256_one(data)
                   2251:        vchar_t *data;
                   2252: {
                   2253:        caddr_t ctx;
                   2254:        vchar_t *res;
                   2255:
                   2256:        ctx = eay_sha2_256_init();
                   2257:        eay_sha2_256_update(ctx, data);
                   2258:        res = eay_sha2_256_final(ctx);
                   2259:
                   2260:        return(res);
                   2261: }
                   2262:
                   2263: int
                   2264: eay_sha2_256_hashlen()
                   2265: {
                   2266:        return SHA256_DIGEST_LENGTH << 3;
                   2267: }
                   2268: #endif
                   2269:
                   2270: /*
                   2271:  * SHA functions
                   2272:  */
                   2273: caddr_t
                   2274: eay_sha1_init()
                   2275: {
                   2276:        SHA_CTX *c = racoon_malloc(sizeof(*c));
                   2277:
                   2278:        SHA1_Init(c);
                   2279:
                   2280:        return((caddr_t)c);
                   2281: }
                   2282:
                   2283: void
                   2284: eay_sha1_update(c, data)
                   2285:        caddr_t c;
                   2286:        vchar_t *data;
                   2287: {
                   2288:        SHA1_Update((SHA_CTX *)c, data->v, data->l);
                   2289:
                   2290:        return;
                   2291: }
                   2292:
                   2293: vchar_t *
                   2294: eay_sha1_final(c)
                   2295:        caddr_t c;
                   2296: {
                   2297:        vchar_t *res;
                   2298:
                   2299:        if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0)
                   2300:                return(0);
                   2301:
1.4       manu     2302:        SHA1_Final((unsigned char *) res->v, (SHA_CTX *)c);
1.1       manu     2303:        (void)racoon_free(c);
                   2304:
                   2305:        return(res);
                   2306: }
                   2307:
                   2308: vchar_t *
                   2309: eay_sha1_one(data)
                   2310:        vchar_t *data;
                   2311: {
                   2312:        caddr_t ctx;
                   2313:        vchar_t *res;
                   2314:
                   2315:        ctx = eay_sha1_init();
                   2316:        eay_sha1_update(ctx, data);
                   2317:        res = eay_sha1_final(ctx);
                   2318:
                   2319:        return(res);
                   2320: }
                   2321:
                   2322: int
                   2323: eay_sha1_hashlen()
                   2324: {
                   2325:        return SHA_DIGEST_LENGTH << 3;
                   2326: }
                   2327:
                   2328: /*
                   2329:  * MD5 functions
                   2330:  */
                   2331: caddr_t
                   2332: eay_md5_init()
                   2333: {
                   2334:        MD5_CTX *c = racoon_malloc(sizeof(*c));
                   2335:
                   2336:        MD5_Init(c);
                   2337:
                   2338:        return((caddr_t)c);
                   2339: }
                   2340:
                   2341: void
                   2342: eay_md5_update(c, data)
                   2343:        caddr_t c;
                   2344:        vchar_t *data;
                   2345: {
                   2346:        MD5_Update((MD5_CTX *)c, data->v, data->l);
                   2347:
                   2348:        return;
                   2349: }
                   2350:
                   2351: vchar_t *
                   2352: eay_md5_final(c)
                   2353:        caddr_t c;
                   2354: {
                   2355:        vchar_t *res;
                   2356:
                   2357:        if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0)
                   2358:                return(0);
                   2359:
1.4       manu     2360:        MD5_Final((unsigned char *) res->v, (MD5_CTX *)c);
1.1       manu     2361:        (void)racoon_free(c);
                   2362:
                   2363:        return(res);
                   2364: }
                   2365:
                   2366: vchar_t *
                   2367: eay_md5_one(data)
                   2368:        vchar_t *data;
                   2369: {
                   2370:        caddr_t ctx;
                   2371:        vchar_t *res;
                   2372:
                   2373:        ctx = eay_md5_init();
                   2374:        eay_md5_update(ctx, data);
                   2375:        res = eay_md5_final(ctx);
                   2376:
                   2377:        return(res);
                   2378: }
                   2379:
                   2380: int
                   2381: eay_md5_hashlen()
                   2382: {
                   2383:        return MD5_DIGEST_LENGTH << 3;
                   2384: }
                   2385:
                   2386: /*
                   2387:  * eay_set_random
                   2388:  *   size: number of bytes.
                   2389:  */
                   2390: vchar_t *
                   2391: eay_set_random(size)
                   2392:        u_int32_t size;
                   2393: {
                   2394:        BIGNUM *r = NULL;
                   2395:        vchar_t *res = 0;
                   2396:
                   2397:        if ((r = BN_new()) == NULL)
                   2398:                goto end;
                   2399:        BN_rand(r, size * 8, 0, 0);
                   2400:        eay_bn2v(&res, r);
                   2401:
                   2402: end:
                   2403:        if (r)
                   2404:                BN_free(r);
                   2405:        return(res);
                   2406: }
                   2407:
                   2408: /* DH */
                   2409: int
                   2410: eay_dh_generate(prime, g, publen, pub, priv)
                   2411:        vchar_t *prime, **pub, **priv;
                   2412:        u_int publen;
                   2413:        u_int32_t g;
                   2414: {
                   2415:        BIGNUM *p = NULL;
                   2416:        DH *dh = NULL;
                   2417:        int error = -1;
                   2418:
                   2419:        /* initialize */
                   2420:        /* pre-process to generate number */
                   2421:        if (eay_v2bn(&p, prime) < 0)
                   2422:                goto end;
                   2423:
                   2424:        if ((dh = DH_new()) == NULL)
                   2425:                goto end;
                   2426:        dh->p = p;
                   2427:        p = NULL;       /* p is now part of dh structure */
                   2428:        dh->g = NULL;
                   2429:        if ((dh->g = BN_new()) == NULL)
                   2430:                goto end;
                   2431:        if (!BN_set_word(dh->g, g))
                   2432:                goto end;
                   2433:
                   2434:        if (publen != 0)
                   2435:                dh->length = publen;
                   2436:
                   2437:        /* generate public and private number */
                   2438:        if (!DH_generate_key(dh))
                   2439:                goto end;
                   2440:
                   2441:        /* copy results to buffers */
                   2442:        if (eay_bn2v(pub, dh->pub_key) < 0)
                   2443:                goto end;
                   2444:        if (eay_bn2v(priv, dh->priv_key) < 0) {
                   2445:                vfree(*pub);
                   2446:                goto end;
                   2447:        }
                   2448:
                   2449:        error = 0;
                   2450:
                   2451: end:
                   2452:        if (dh != NULL)
                   2453:                DH_free(dh);
                   2454:        if (p != 0)
                   2455:                BN_free(p);
                   2456:        return(error);
                   2457: }
                   2458:
                   2459: int
                   2460: eay_dh_compute(prime, g, pub, priv, pub2, key)
                   2461:        vchar_t *prime, *pub, *priv, *pub2, **key;
                   2462:        u_int32_t g;
                   2463: {
                   2464:        BIGNUM *dh_pub = NULL;
                   2465:        DH *dh = NULL;
                   2466:        int l;
1.4       manu     2467:        unsigned char *v = NULL;
1.1       manu     2468:        int error = -1;
                   2469:
                   2470:        /* make public number to compute */
                   2471:        if (eay_v2bn(&dh_pub, pub2) < 0)
                   2472:                goto end;
                   2473:
                   2474:        /* make DH structure */
                   2475:        if ((dh = DH_new()) == NULL)
                   2476:                goto end;
                   2477:        if (eay_v2bn(&dh->p, prime) < 0)
                   2478:                goto end;
                   2479:        if (eay_v2bn(&dh->pub_key, pub) < 0)
                   2480:                goto end;
                   2481:        if (eay_v2bn(&dh->priv_key, priv) < 0)
                   2482:                goto end;
                   2483:        dh->length = pub2->l * 8;
                   2484:
                   2485:        dh->g = NULL;
                   2486:        if ((dh->g = BN_new()) == NULL)
                   2487:                goto end;
                   2488:        if (!BN_set_word(dh->g, g))
                   2489:                goto end;
                   2490:
1.4       manu     2491:        if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL)
1.1       manu     2492:                goto end;
                   2493:        if ((l = DH_compute_key(v, dh_pub, dh)) == -1)
                   2494:                goto end;
                   2495:        memcpy((*key)->v + (prime->l - l), v, l);
                   2496:
                   2497:        error = 0;
                   2498:
                   2499: end:
                   2500:        if (dh_pub != NULL)
                   2501:                BN_free(dh_pub);
                   2502:        if (dh != NULL)
                   2503:                DH_free(dh);
                   2504:        if (v != NULL)
                   2505:                racoon_free(v);
                   2506:        return(error);
                   2507: }
                   2508:
                   2509: /*
                   2510:  * convert vchar_t <-> BIGNUM.
                   2511:  *
                   2512:  * vchar_t: unit is u_char, network endian, most significant byte first.
                   2513:  * BIGNUM: unit is BN_ULONG, each of BN_ULONG is in host endian,
                   2514:  *     least significant BN_ULONG must come first.
                   2515:  *
                   2516:  * hex value of "0x3ffe050104" is represented as follows:
                   2517:  *     vchar_t: 3f fe 05 01 04
                   2518:  *     BIGNUM (BN_ULONG = u_int8_t): 04 01 05 fe 3f
                   2519:  *     BIGNUM (BN_ULONG = u_int16_t): 0x0104 0xfe05 0x003f
                   2520:  *     BIGNUM (BN_ULONG = u_int32_t_t): 0xfe050104 0x0000003f
                   2521:  */
                   2522: int
                   2523: eay_v2bn(bn, var)
                   2524:        BIGNUM **bn;
                   2525:        vchar_t *var;
                   2526: {
1.4       manu     2527:        if ((*bn = BN_bin2bn((unsigned char *) var->v, var->l, NULL)) == NULL)
1.1       manu     2528:                return -1;
                   2529:
                   2530:        return 0;
                   2531: }
                   2532:
                   2533: int
                   2534: eay_bn2v(var, bn)
                   2535:        vchar_t **var;
                   2536:        BIGNUM *bn;
                   2537: {
                   2538:        *var = vmalloc(bn->top * BN_BYTES);
                   2539:        if (*var == NULL)
                   2540:                return(-1);
                   2541:
1.4       manu     2542:        (*var)->l = BN_bn2bin(bn, (unsigned char *) (*var)->v);
1.1       manu     2543:
                   2544:        return 0;
                   2545: }
                   2546:
                   2547: void
                   2548: eay_init()
                   2549: {
                   2550:        OpenSSL_add_all_algorithms();
                   2551:        ERR_load_crypto_strings();
                   2552: #ifdef HAVE_OPENSSL_ENGINE_H
                   2553:        ENGINE_load_builtin_engines();
                   2554:        ENGINE_register_all_complete();
                   2555: #endif
                   2556: }
                   2557:
                   2558: vchar_t *
                   2559: base64_decode(char *in, long inlen)
                   2560: {
                   2561:        BIO *bio=NULL, *b64=NULL;
                   2562:        vchar_t *res = NULL;
1.11      christos 2563:        char *outb;
1.1       manu     2564:        long outlen;
                   2565:
1.11      christos 2566:        outb = malloc(inlen * 2);
                   2567:        if (outb == NULL)
                   2568:                goto out;
1.1       manu     2569:        bio = BIO_new_mem_buf(in, inlen);
                   2570:        b64 = BIO_new(BIO_f_base64());
                   2571:        BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
                   2572:        bio = BIO_push(b64, bio);
                   2573:
1.11      christos 2574:        outlen = BIO_read(bio, outb, inlen * 2);
1.1       manu     2575:        if (outlen <= 0) {
                   2576:                plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
                   2577:                goto out;
                   2578:        }
                   2579:
                   2580:        res = vmalloc(outlen);
                   2581:        if (!res)
                   2582:                goto out;
                   2583:
1.11      christos 2584:        memcpy(res->v, outb, outlen);
1.1       manu     2585:
                   2586: out:
1.11      christos 2587:        if (outb)
                   2588:                free(outb);
1.1       manu     2589:        if (bio)
                   2590:                BIO_free_all(bio);
                   2591:
                   2592:        return res;
                   2593: }
                   2594:
                   2595: vchar_t *
                   2596: base64_encode(char *in, long inlen)
                   2597: {
                   2598:        BIO *bio=NULL, *b64=NULL;
                   2599:        char *ptr;
                   2600:        long plen = -1;
                   2601:        vchar_t *res = NULL;
                   2602:
                   2603:        bio = BIO_new(BIO_s_mem());
                   2604:        b64 = BIO_new(BIO_f_base64());
                   2605:        BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
                   2606:        bio = BIO_push(b64, bio);
                   2607:
                   2608:        BIO_write(bio, in, inlen);
                   2609:        BIO_flush(bio);
                   2610:
                   2611:        plen = BIO_get_mem_data(bio, &ptr);
                   2612:        res = vmalloc(plen+1);
                   2613:        if (!res)
                   2614:                goto out;
                   2615:
                   2616:        memcpy (res->v, ptr, plen);
                   2617:        res->v[plen] = '\0';
                   2618:
                   2619: out:
                   2620:        if (bio)
                   2621:                BIO_free_all(bio);
                   2622:
                   2623:        return res;
                   2624: }
                   2625:
                   2626: static RSA *
                   2627: binbuf_pubkey2rsa(vchar_t *binbuf)
                   2628: {
                   2629:        BIGNUM *exp, *mod;
                   2630:        RSA *rsa_pub = NULL;
                   2631:
                   2632:        if (binbuf->v[0] > binbuf->l - 1) {
                   2633:                plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: decoded string doesn't make sense.\n");
                   2634:                goto out;
                   2635:        }
                   2636:
1.4       manu     2637:        exp = BN_bin2bn((unsigned char *) (binbuf->v + 1), binbuf->v[0], NULL);
                   2638:        mod = BN_bin2bn((unsigned char *) (binbuf->v + binbuf->v[0] + 1),
                   2639:                        binbuf->l - binbuf->v[0] - 1, NULL);
1.1       manu     2640:        rsa_pub = RSA_new();
                   2641:
                   2642:        if (!exp || !mod || !rsa_pub) {
                   2643:                plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey parsing error: %s\n", eay_strerror());
                   2644:                if (exp)
                   2645:                        BN_free(exp);
                   2646:                if (mod)
                   2647:                        BN_free(exp);
                   2648:                if (rsa_pub)
                   2649:                        RSA_free(rsa_pub);
                   2650:                rsa_pub = NULL;
                   2651:                goto out;
                   2652:        }
                   2653:
                   2654:        rsa_pub->n = mod;
                   2655:        rsa_pub->e = exp;
                   2656:
                   2657: out:
                   2658:        return rsa_pub;
                   2659: }
                   2660:
                   2661: RSA *
                   2662: base64_pubkey2rsa(char *in)
                   2663: {
                   2664:        BIGNUM *exp, *mod;
                   2665:        RSA *rsa_pub = NULL;
                   2666:        vchar_t *binbuf;
                   2667:
                   2668:        if (strncmp(in, "0s", 2) != 0) {
                   2669:                plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: doesn't start with '0s'\n");
                   2670:                return NULL;
                   2671:        }
                   2672:
                   2673:        binbuf = base64_decode(in + 2, strlen(in + 2));
                   2674:        if (!binbuf) {
                   2675:                plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: Base64 decoding failed.\n");
                   2676:                return NULL;
                   2677:        }
                   2678:
                   2679:        if (binbuf->v[0] > binbuf->l - 1) {
                   2680:                plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: decoded string doesn't make sense.\n");
                   2681:                goto out;
                   2682:        }
                   2683:
                   2684:        rsa_pub = binbuf_pubkey2rsa(binbuf);
                   2685:
                   2686: out:
                   2687:        if (binbuf)
                   2688:                vfree(binbuf);
                   2689:
                   2690:        return rsa_pub;
                   2691: }
                   2692:
                   2693: RSA *
                   2694: bignum_pubkey2rsa(BIGNUM *in)
                   2695: {
                   2696:        RSA *rsa_pub = NULL;
                   2697:        vchar_t *binbuf;
                   2698:
                   2699:        binbuf = vmalloc(BN_num_bytes(in));
                   2700:        if (!binbuf) {
                   2701:                plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey conversion: memory allocation failed..\n");
                   2702:                return NULL;
                   2703:        }
                   2704:
1.4       manu     2705:        BN_bn2bin(in, (unsigned char *) binbuf->v);
1.1       manu     2706:
                   2707:        rsa_pub = binbuf_pubkey2rsa(binbuf);
                   2708:
                   2709: out:
                   2710:        if (binbuf)
                   2711:                vfree(binbuf);
                   2712:
                   2713:        return rsa_pub;
                   2714: }
                   2715:
                   2716: u_int32_t
                   2717: eay_random()
                   2718: {
                   2719:        u_int32_t result;
                   2720:        vchar_t *vrand;
                   2721:
                   2722:        vrand = eay_set_random(sizeof(result));
                   2723:        memcpy(&result, vrand->v, sizeof(result));
                   2724:        vfree(vrand);
                   2725:
                   2726:        return result;
                   2727: }
                   2728:
                   2729: const char *
                   2730: eay_version()
                   2731: {
                   2732:        return SSLeay_version(SSLEAY_VERSION);
                   2733: }

CVSweb <webmaster@jp.NetBSD.org>