![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to r_enhanc.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [rsaref] / rsaref / source|
Return to r_enhanc.c CVS log | Up to [rsaref] / rsaref / source |
1.1 ! root 1: /* R_ENHANC.C - cryptographic enhancements for RSAREF ! 2: */ ! 3: ! 4: /* Copyright (C) 1991-2 RSA Laboratories, a division of RSA Data ! 5: Security, Inc. All rights reserved. ! 6: */ ! 7: ! 8: #include "global.h" ! 9: #include "rsaref.h" ! 10: #include "r_encode.h" ! 11: #include "r_random.h" ! 12: #include "rsa.h" ! 13: #include "md2.h" ! 14: #include "md5.h" ! 15: #include "des.h" ! 16: ! 17: /* DigestInfo encoding is DIGEST_INFO_A, then 2 or 5 (for MD2/MD5), ! 18: then DIGEST_INFO_B, then 16-byte message digest. ! 19: */ ! 20: ! 21: static char DIGEST_INFO_A[] = { ! 22: 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, ! 23: 0x0d, 0x02 ! 24: }; ! 25: #define DIGEST_INFO_A_LEN sizeof (DIGEST_INFO_A) ! 26: ! 27: static char DIGEST_INFO_B[] = { 0x05, 0x00, 0x04, 0x10 }; ! 28: #define DIGEST_INFO_B_LEN sizeof (DIGEST_INFO_B) ! 29: ! 30: #define DIGEST_INFO_LEN (DIGEST_INFO_A_LEN + 1 + DIGEST_INFO_B_LEN + 16) ! 31: ! 32: static unsigned char *PADDING[] = { ! 33: (unsigned char *)"", (unsigned char *)"\001", (unsigned char *)"\002\002", ! 34: (unsigned char *)"\003\003\003", (unsigned char *)"\004\004\004\004", ! 35: (unsigned char *)"\005\005\005\005\005", ! 36: (unsigned char *)"\006\006\006\006\006\006", ! 37: (unsigned char *)"\007\007\007\007\007\007\007", ! 38: (unsigned char *)"\010\010\010\010\010\010\010\010" ! 39: }; ! 40: ! 41: #define MAX_ENCRYPTED_KEY_LEN MAX_RSA_MODULUS_LEN ! 42: ! 43: static int R_SignBlock PROTO_LIST ! 44: ((unsigned char *, unsigned int *, unsigned char *, unsigned int, int, ! 45: R_RSA_PRIVATE_KEY *)); ! 46: static void R_EncodeDigestInfo PROTO_LIST ! 47: ((unsigned char *, int, unsigned char *)); ! 48: static void R_EncryptPEMBlock PROTO_LIST ! 49: ((unsigned char *, unsigned int *, unsigned char *, unsigned int, ! 50: unsigned char [8], unsigned char [8])); ! 51: static int R_DecryptPEMBlock PROTO_LIST ! 52: ((unsigned char *, unsigned int *, unsigned char *, unsigned int, ! 53: unsigned char [8], unsigned char [8])); ! 54: ! 55: int R_SignPEMBlock ! 56: (encodedContent, encodedContentLen, encodedSignature, encodedSignatureLen, ! 57: content, contentLen, recode, digestAlgorithm, privateKey) ! 58: unsigned char *encodedContent; /* encoded content */ ! 59: unsigned int *encodedContentLen; /* length of encoded content */ ! 60: unsigned char *encodedSignature; /* encoded signature */ ! 61: unsigned int *encodedSignatureLen; /* length of encoded signature */ ! 62: unsigned char *content; /* content */ ! 63: unsigned int contentLen; /* length of content */ ! 64: int recode; /* recoding flag */ ! 65: int digestAlgorithm; /* message-digest algorithm */ ! 66: R_RSA_PRIVATE_KEY *privateKey; /* signer's RSA private key */ ! 67: { ! 68: int status; ! 69: unsigned char signature[MAX_SIGNATURE_LEN]; ! 70: unsigned int signatureLen; ! 71: ! 72: if (status = R_SignBlock ! 73: (signature, &signatureLen, content, contentLen, digestAlgorithm, ! 74: privateKey)) ! 75: return (status); ! 76: ! 77: R_EncodePEMBlock ! 78: (encodedSignature, encodedSignatureLen, signature, signatureLen); ! 79: ! 80: if (recode) ! 81: R_EncodePEMBlock ! 82: (encodedContent, encodedContentLen, content, contentLen); ! 83: ! 84: return (0); ! 85: } ! 86: ! 87: int R_VerifyPEMSignature ! 88: (content, contentLen, encodedContent, encodedContentLen, encodedSignature, ! 89: encodedSignatureLen, recode, digestAlgorithm, publicKey) ! 90: unsigned char *content; /* content */ ! 91: unsigned int *contentLen; /* length of content */ ! 92: unsigned char *encodedContent; /* (possibly) encoded content */ ! 93: unsigned int encodedContentLen; /* length of encoded content */ ! 94: unsigned char *encodedSignature; /* encoded signature */ ! 95: unsigned int encodedSignatureLen; /* length of encoded signature */ ! 96: int recode; /* recoding flag */ ! 97: int digestAlgorithm; /* message-digest algorithm */ ! 98: R_RSA_PUBLIC_KEY *publicKey; /* signer's RSA public key */ ! 99: { ! 100: int status; ! 101: unsigned char signature[MAX_SIGNATURE_LEN]; ! 102: unsigned int signatureLen; ! 103: ! 104: if (encodedSignatureLen > MAX_PEM_SIGNATURE_LEN) ! 105: return (RE_SIGNATURE_ENCODING); ! 106: ! 107: if (recode) { ! 108: if (status = R_DecodePEMBlock ! 109: (content, contentLen, encodedContent, encodedContentLen)) ! 110: return (RE_CONTENT_ENCODING); ! 111: } ! 112: else { ! 113: content = encodedContent; ! 114: *contentLen = encodedContentLen; ! 115: } ! 116: ! 117: if (status = R_DecodePEMBlock ! 118: (signature, &signatureLen, encodedSignature, encodedSignatureLen)) ! 119: return (RE_SIGNATURE_ENCODING); ! 120: ! 121: return (R_VerifyBlockSignature ! 122: (content, *contentLen, signature, signatureLen, digestAlgorithm, ! 123: publicKey)); ! 124: } ! 125: ! 126: int R_VerifyBlockSignature ! 127: (block, blockLen, signature, signatureLen, digestAlgorithm, publicKey) ! 128: unsigned char *block; /* block */ ! 129: unsigned int blockLen; /* length of block */ ! 130: unsigned char *signature; /* signature */ ! 131: unsigned int signatureLen; /* length of signature */ ! 132: int digestAlgorithm; /* message-digest algorithm */ ! 133: R_RSA_PUBLIC_KEY *publicKey; /* signer's RSA public key */ ! 134: { ! 135: int status; ! 136: unsigned char digest[MAX_DIGEST_LEN], digestInfo[DIGEST_INFO_LEN], ! 137: originalDigestInfo[MAX_SIGNATURE_LEN]; ! 138: unsigned int digestLen, originalDigestInfoLen; ! 139: ! 140: if (signatureLen > MAX_SIGNATURE_LEN) ! 141: return (RE_SIGNATURE); ! 142: ! 143: do { ! 144: if (status = R_DigestBlock ! 145: (digest, &digestLen, block, blockLen, digestAlgorithm)) ! 146: break; ! 147: ! 148: R_EncodeDigestInfo (digestInfo, digestAlgorithm, digest); ! 149: ! 150: if (status = RSAPublicDecrypt ! 151: (originalDigestInfo, &originalDigestInfoLen, signature, signatureLen, ! 152: publicKey)) { ! 153: status = RE_PUBLIC_KEY; ! 154: break; ! 155: } ! 156: ! 157: if ((originalDigestInfoLen != DIGEST_INFO_LEN) || ! 158: (R_memcmp ! 159: ((POINTER)originalDigestInfo, (POINTER)digestInfo, ! 160: DIGEST_INFO_LEN))) { ! 161: status = RE_SIGNATURE; ! 162: break; ! 163: } ! 164: ! 165: } while (0); ! 166: ! 167: /* Zeroize potentially sensitive information. ! 168: */ ! 169: R_memset ((POINTER)digest, 0, sizeof (digest)); ! 170: R_memset ((POINTER)digestInfo, 0, sizeof (digestInfo)); ! 171: R_memset ((POINTER)originalDigestInfo, 0, sizeof (originalDigestInfo)); ! 172: ! 173: return (status); ! 174: } ! 175: ! 176: int R_SealPEMBlock ! 177: (encryptedContent, encryptedContentLen, encryptedKey, encryptedKeyLen, ! 178: encryptedSignature, encryptedSignatureLen, iv, content, contentLen, ! 179: digestAlgorithm, publicKey, privateKey, randomStruct) ! 180: unsigned char *encryptedContent; /* encoded, encrypted content */ ! 181: unsigned int *encryptedContentLen; /* length */ ! 182: unsigned char *encryptedKey; /* encoded, encrypted key */ ! 183: unsigned int *encryptedKeyLen; /* length */ ! 184: unsigned char *encryptedSignature; /* encoded, encrypted signature */ ! 185: unsigned int *encryptedSignatureLen; /* length */ ! 186: unsigned char iv[8]; /* DES initializing vector */ ! 187: unsigned char *content; /* content */ ! 188: unsigned int contentLen; /* length of content */ ! 189: int digestAlgorithm; /* message-digest algorithm */ ! 190: R_RSA_PUBLIC_KEY *publicKey; /* recipient's RSA public key */ ! 191: R_RSA_PRIVATE_KEY *privateKey; /* signer's RSA private key */ ! 192: R_RANDOM_STRUCT *randomStruct; /* random structure */ ! 193: { ! 194: int status; ! 195: unsigned char encryptedKeyBlock[MAX_ENCRYPTED_KEY_LEN], key[8], ! 196: signature[MAX_SIGNATURE_LEN]; ! 197: unsigned int encryptedKeyBlockLen, signatureLen; ! 198: ! 199: do { ! 200: if (status = R_SignBlock ! 201: (signature, &signatureLen, content, contentLen, digestAlgorithm, ! 202: privateKey)) ! 203: break; ! 204: ! 205: if ((status = R_GenerateBytes (key, 8, randomStruct)) || ! 206: (status = R_GenerateBytes (iv, 8, randomStruct))) ! 207: break; ! 208: ! 209: R_EncryptPEMBlock ! 210: (encryptedContent, encryptedContentLen, content, contentLen, key, iv); ! 211: ! 212: if (status = RSAPublicEncrypt ! 213: (encryptedKeyBlock, &encryptedKeyBlockLen, key, 8, publicKey, ! 214: randomStruct)) { ! 215: status = RE_PUBLIC_KEY; ! 216: break; ! 217: } ! 218: ! 219: R_EncodePEMBlock ! 220: (encryptedKey, encryptedKeyLen, encryptedKeyBlock, ! 221: encryptedKeyBlockLen); ! 222: ! 223: R_EncryptPEMBlock ! 224: (encryptedSignature, encryptedSignatureLen, signature, signatureLen, ! 225: key, iv); ! 226: ! 227: } while (0); ! 228: ! 229: /* Zeroize sensitive information. ! 230: */ ! 231: R_memset ((POINTER)key, 0, sizeof (key)); ! 232: R_memset ((POINTER)signature, 0, sizeof (signature)); ! 233: ! 234: return (status); ! 235: } ! 236: ! 237: int R_OpenPEMBlock ! 238: (content, contentLen, encryptedContent, encryptedContentLen, encryptedKey, ! 239: encryptedKeyLen, encryptedSignature, encryptedSignatureLen, ! 240: iv, digestAlgorithm, privateKey, publicKey) ! 241: unsigned char *content; /* content */ ! 242: unsigned int *contentLen; /* length of content */ ! 243: unsigned char *encryptedContent; /* encoded, encrypted content */ ! 244: unsigned int encryptedContentLen; /* length */ ! 245: unsigned char *encryptedKey; /* encoded, encrypted key */ ! 246: unsigned int encryptedKeyLen; /* length */ ! 247: unsigned char *encryptedSignature; /* encoded, encrypted signature */ ! 248: unsigned int encryptedSignatureLen; /* length */ ! 249: unsigned char iv[8]; /* DES initializing vector */ ! 250: int digestAlgorithm; /* message-digest algorithm */ ! 251: R_RSA_PRIVATE_KEY *privateKey; /* recipient's RSA private key */ ! 252: R_RSA_PUBLIC_KEY *publicKey; /* signer's RSA public key */ ! 253: { ! 254: int status; ! 255: unsigned char encryptedKeyBlock[MAX_ENCRYPTED_KEY_LEN], ! 256: key[MAX_ENCRYPTED_KEY_LEN], signature[MAX_SIGNATURE_LEN]; ! 257: unsigned int encryptedKeyBlockLen, keyLen, signatureLen; ! 258: ! 259: if (encryptedKeyLen > MAX_PEM_ENCRYPTED_KEY_LEN) ! 260: return (RE_KEY_ENCODING); ! 261: ! 262: if (encryptedSignatureLen > MAX_PEM_ENCRYPTED_SIGNATURE_LEN) ! 263: return (RE_SIGNATURE_ENCODING); ! 264: ! 265: do { ! 266: if (status = R_DecodePEMBlock ! 267: (encryptedKeyBlock, &encryptedKeyBlockLen, encryptedKey, ! 268: encryptedKeyLen)) { ! 269: status = RE_KEY_ENCODING; ! 270: break; ! 271: } ! 272: ! 273: if (status = RSAPrivateDecrypt ! 274: (key, &keyLen, encryptedKeyBlock, encryptedKeyBlockLen, privateKey)) { ! 275: status = RE_PRIVATE_KEY; ! 276: break; ! 277: } ! 278: ! 279: if (keyLen != 8) { ! 280: status = RE_PRIVATE_KEY; ! 281: break; ! 282: } ! 283: ! 284: if (status = R_DecryptPEMBlock ! 285: (content, contentLen, encryptedContent, encryptedContentLen, key, ! 286: iv)) { ! 287: if ((status == RE_LEN || status == RE_ENCODING)) ! 288: status = RE_CONTENT_ENCODING; ! 289: else ! 290: status = RE_KEY; ! 291: break; ! 292: } ! 293: ! 294: if (status = R_DecryptPEMBlock ! 295: (signature, &signatureLen, encryptedSignature, encryptedSignatureLen, ! 296: key, iv)) { ! 297: if ((status == RE_LEN || status == RE_ENCODING)) ! 298: status = RE_SIGNATURE_ENCODING; ! 299: else ! 300: status = RE_KEY; ! 301: } ! 302: ! 303: if (status = R_VerifyBlockSignature ! 304: (content, *contentLen, signature, signatureLen, digestAlgorithm, ! 305: publicKey)) ! 306: break; ! 307: ! 308: } while (0); ! 309: ! 310: /* Zeroize sensitive information. ! 311: */ ! 312: R_memset ((POINTER)key, 0, sizeof (key)); ! 313: R_memset ((POINTER)signature, 0, sizeof (signature)); ! 314: ! 315: return (status); ! 316: } ! 317: ! 318: static int R_SignBlock ! 319: (signature, signatureLen, block, blockLen, digestAlgorithm, privateKey) ! 320: unsigned char *signature; /* signature */ ! 321: unsigned int *signatureLen; /* length of signature */ ! 322: unsigned char *block; /* block */ ! 323: unsigned int blockLen; /* length of block */ ! 324: int digestAlgorithm; /* message-digest algorithm */ ! 325: R_RSA_PRIVATE_KEY *privateKey; /* signer's RSA private key */ ! 326: { ! 327: int status; ! 328: unsigned char digest[MAX_DIGEST_LEN], digestInfo[DIGEST_INFO_LEN]; ! 329: unsigned int digestLen; ! 330: ! 331: do { ! 332: if (status = R_DigestBlock ! 333: (digest, &digestLen, block, blockLen, digestAlgorithm)) ! 334: break; ! 335: ! 336: R_EncodeDigestInfo (digestInfo, digestAlgorithm, digest); ! 337: ! 338: if (status = RSAPrivateEncrypt ! 339: (signature, signatureLen, digestInfo, DIGEST_INFO_LEN, privateKey)) { ! 340: status = RE_PRIVATE_KEY; ! 341: break; ! 342: } ! 343: ! 344: } while (0); ! 345: ! 346: /* Zeroize potentially sensitive information. ! 347: */ ! 348: R_memset ((POINTER)digest, 0, sizeof (digest)); ! 349: R_memset ((POINTER)digestInfo, 0, sizeof (digestInfo)); ! 350: ! 351: return (status); ! 352: } ! 353: ! 354: int R_DigestBlock (digest, digestLen, block, blockLen, digestAlgorithm) ! 355: unsigned char *digest; /* message digest */ ! 356: unsigned int *digestLen; /* length of message digest */ ! 357: unsigned char *block; /* block */ ! 358: unsigned int blockLen; /* length of block */ ! 359: int digestAlgorithm; /* message-digest algorithm */ ! 360: { ! 361: MD2_CTX md2Context; ! 362: MD5_CTX md5Context; ! 363: int status; ! 364: ! 365: status = 0; ! 366: ! 367: switch (digestAlgorithm) { ! 368: case DA_MD2: ! 369: MD2Init (&md2Context); ! 370: MD2Update (&md2Context, block, blockLen); ! 371: MD2Final (digest, &md2Context); ! 372: *digestLen = 16; ! 373: break; ! 374: ! 375: case DA_MD5: ! 376: MD5Init (&md5Context); ! 377: MD5Update (&md5Context, block, blockLen); ! 378: MD5Final (digest, &md5Context); ! 379: *digestLen = 16; ! 380: break; ! 381: ! 382: default: ! 383: status = RE_DIGEST_ALGORITHM; ! 384: } ! 385: ! 386: return (status); ! 387: } ! 388: ! 389: /* Assumes digestAlgorithm is DA_MD2 or DA_MD5 and digest length is 16. ! 390: */ ! 391: static void R_EncodeDigestInfo (digestInfo, digestAlgorithm, digest) ! 392: unsigned char *digestInfo; /* DigestInfo encoding */ ! 393: int digestAlgorithm; /* message-digest algorithm */ ! 394: unsigned char *digest; /* message digest */ ! 395: { ! 396: R_memcpy ! 397: ((POINTER)digestInfo, (POINTER)DIGEST_INFO_A, DIGEST_INFO_A_LEN); ! 398: ! 399: digestInfo[DIGEST_INFO_A_LEN] = ! 400: (digestAlgorithm == DA_MD2) ? (unsigned char)2 : (unsigned char)5; ! 401: ! 402: R_memcpy ! 403: ((POINTER)&digestInfo[DIGEST_INFO_A_LEN + 1], (POINTER)DIGEST_INFO_B, ! 404: DIGEST_INFO_B_LEN); ! 405: ! 406: R_memcpy ! 407: ((POINTER)&digestInfo[DIGEST_INFO_A_LEN + 1 + DIGEST_INFO_B_LEN], ! 408: (POINTER)digest, 16); ! 409: } ! 410: ! 411: static void R_EncryptPEMBlock ! 412: (encryptedBlock, encryptedBlockLen, block, blockLen, key, iv) ! 413: unsigned char *encryptedBlock; /* encrypted, encoded block */ ! 414: unsigned int *encryptedBlockLen; /* length */ ! 415: unsigned char *block; /* block */ ! 416: unsigned int blockLen; /* length of block */ ! 417: unsigned char key[8]; /* DES key */ ! 418: unsigned char iv[8]; /* DES initialization vector */ ! 419: { ! 420: DES_CBC_CTX context; ! 421: unsigned char encryptedPart[24], lastPart[24]; ! 422: unsigned int i, lastPartLen, len, padLen; ! 423: ! 424: DES_CBCInit (&context, key, iv, 1); ! 425: ! 426: for (i = 0; i < blockLen/24; i++) { ! 427: DES_CBCUpdate (&context, encryptedPart, &block[24*i], 24); ! 428: /* len is always 32 */ ! 429: R_EncodePEMBlock (&encryptedBlock[32*i], &len, encryptedPart, 24); ! 430: } ! 431: ! 432: padLen = 8 - (blockLen % 8); ! 433: lastPartLen = blockLen - 24*i + padLen; ! 434: R_memcpy ((POINTER)lastPart, (POINTER)&block[24*i], lastPartLen - padLen); ! 435: R_memcpy ! 436: ((POINTER)&lastPart[lastPartLen - padLen], PADDING[padLen], padLen); ! 437: DES_CBCUpdate (&context, encryptedPart, lastPart, lastPartLen); ! 438: R_EncodePEMBlock ! 439: (&encryptedBlock[32*i], &len, encryptedPart, lastPartLen); ! 440: *encryptedBlockLen = 32*i + len; ! 441: ! 442: DES_CBCFinal (&context); ! 443: ! 444: /* Zeroize sensitive information. ! 445: */ ! 446: R_memset ((POINTER)lastPart, 0, sizeof (lastPart)); ! 447: } ! 448: ! 449: static int R_DecryptPEMBlock ! 450: (block, blockLen, encryptedBlock, encryptedBlockLen, key, iv) ! 451: unsigned char *block; /* block */ ! 452: unsigned int *blockLen; /* length of block */ ! 453: unsigned char *encryptedBlock; /* encrypted, encoded block */ ! 454: unsigned int encryptedBlockLen; /* length */ ! 455: unsigned char key[8]; /* DES key */ ! 456: unsigned char iv[8]; /* DES initialization vector */ ! 457: { ! 458: DES_CBC_CTX context; ! 459: int status; ! 460: unsigned char encryptedPart[24], lastPart[24]; ! 461: unsigned int i, lastPartLen, len, padLen; ! 462: ! 463: if (encryptedBlockLen < 1) ! 464: return (RE_LEN); ! 465: ! 466: DES_CBCInit (&context, key, iv, 0); ! 467: ! 468: status = 0; ! 469: ! 470: do { ! 471: for (i = 0; i < (encryptedBlockLen-1)/32; i++) { ! 472: /* len is always 24 */ ! 473: if (status = R_DecodePEMBlock ! 474: (encryptedPart, &len, &encryptedBlock[32*i], 32)) ! 475: break; ! 476: DES_CBCUpdate (&context, &block[24*i], encryptedPart, 24); ! 477: } ! 478: if (status) ! 479: break; ! 480: ! 481: len = encryptedBlockLen - 32*i; ! 482: if (status = R_DecodePEMBlock ! 483: (encryptedPart, &lastPartLen, &encryptedBlock[32*i], len)) ! 484: break; ! 485: ! 486: if (lastPartLen % 8) { ! 487: status = RE_DATA; ! 488: break; ! 489: } ! 490: ! 491: DES_CBCUpdate (&context, lastPart, encryptedPart, lastPartLen); ! 492: ! 493: padLen = lastPart[lastPartLen - 1]; ! 494: if (padLen > 8) { ! 495: status = RE_DATA; ! 496: break; ! 497: } ! 498: if (R_memcmp ! 499: ((POINTER)&lastPart[lastPartLen - padLen], PADDING[padLen], padLen)) { ! 500: status = RE_DATA; ! 501: break; ! 502: } ! 503: ! 504: R_memcpy ((POINTER)&block[24*i], (POINTER)lastPart, lastPartLen - padLen); ! 505: *blockLen = 24*i + lastPartLen - padLen; ! 506: ! 507: } while (0); ! 508: ! 509: DES_CBCFinal (&context); ! 510: ! 511: /* Zeroize sensitive information. ! 512: */ ! 513: R_memset ((POINTER)lastPart, 0, sizeof (lastPart)); ! 514: ! 515: return (status); ! 516: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.