OLD | NEW |
1 /* crypto/rsa/rsa_lib.c */ | 1 /* crypto/rsa/rsa_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
60 #include <openssl/crypto.h> | 60 #include <openssl/crypto.h> |
61 #include "cryptlib.h" | 61 #include "cryptlib.h" |
62 #include <openssl/lhash.h> | 62 #include <openssl/lhash.h> |
63 #include <openssl/bn.h> | 63 #include <openssl/bn.h> |
64 #include <openssl/rsa.h> | 64 #include <openssl/rsa.h> |
65 #include <openssl/rand.h> | 65 #include <openssl/rand.h> |
66 #ifndef OPENSSL_NO_ENGINE | 66 #ifndef OPENSSL_NO_ENGINE |
67 #include <openssl/engine.h> | 67 #include <openssl/engine.h> |
68 #endif | 68 #endif |
69 | 69 |
| 70 const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; |
| 71 |
| 72 static const RSA_METHOD *default_RSA_meth=NULL; |
| 73 |
| 74 RSA *RSA_new(void) |
| 75 { |
| 76 RSA *r=RSA_new_method(NULL); |
| 77 |
| 78 return r; |
| 79 } |
| 80 |
| 81 void RSA_set_default_method(const RSA_METHOD *meth) |
| 82 { |
| 83 default_RSA_meth = meth; |
| 84 } |
| 85 |
| 86 const RSA_METHOD *RSA_get_default_method(void) |
| 87 { |
| 88 if (default_RSA_meth == NULL) |
| 89 { |
| 90 #ifdef RSA_NULL |
| 91 default_RSA_meth=RSA_null_method(); |
| 92 #else |
| 93 #if 0 /* was: #ifdef RSAref */ |
| 94 default_RSA_meth=RSA_PKCS1_RSAref(); |
| 95 #else |
| 96 default_RSA_meth=RSA_PKCS1_SSLeay(); |
| 97 #endif |
| 98 #endif |
| 99 } |
| 100 |
| 101 return default_RSA_meth; |
| 102 } |
| 103 |
| 104 const RSA_METHOD *RSA_get_method(const RSA *rsa) |
| 105 { |
| 106 return rsa->meth; |
| 107 } |
| 108 |
| 109 int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) |
| 110 { |
| 111 /* NB: The caller is specifically setting a method, so it's not up to us |
| 112 * to deal with which ENGINE it comes from. */ |
| 113 const RSA_METHOD *mtmp; |
| 114 mtmp = rsa->meth; |
| 115 if (mtmp->finish) mtmp->finish(rsa); |
| 116 #ifndef OPENSSL_NO_ENGINE |
| 117 if (rsa->engine) |
| 118 { |
| 119 ENGINE_finish(rsa->engine); |
| 120 rsa->engine = NULL; |
| 121 } |
| 122 #endif |
| 123 rsa->meth = meth; |
| 124 if (meth->init) meth->init(rsa); |
| 125 return 1; |
| 126 } |
| 127 |
| 128 RSA *RSA_new_method(ENGINE *engine) |
| 129 { |
| 130 RSA *ret; |
| 131 |
| 132 ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); |
| 133 if (ret == NULL) |
| 134 { |
| 135 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); |
| 136 return NULL; |
| 137 } |
| 138 |
| 139 ret->meth = RSA_get_default_method(); |
| 140 #ifndef OPENSSL_NO_ENGINE |
| 141 if (engine) |
| 142 { |
| 143 if (!ENGINE_init(engine)) |
| 144 { |
| 145 RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); |
| 146 OPENSSL_free(ret); |
| 147 return NULL; |
| 148 } |
| 149 ret->engine = engine; |
| 150 } |
| 151 else |
| 152 ret->engine = ENGINE_get_default_RSA(); |
| 153 if(ret->engine) |
| 154 { |
| 155 ret->meth = ENGINE_get_RSA(ret->engine); |
| 156 if(!ret->meth) |
| 157 { |
| 158 RSAerr(RSA_F_RSA_NEW_METHOD, |
| 159 ERR_R_ENGINE_LIB); |
| 160 ENGINE_finish(ret->engine); |
| 161 OPENSSL_free(ret); |
| 162 return NULL; |
| 163 } |
| 164 } |
| 165 #endif |
| 166 |
| 167 ret->pad=0; |
| 168 ret->version=0; |
| 169 ret->n=NULL; |
| 170 ret->e=NULL; |
| 171 ret->d=NULL; |
| 172 ret->p=NULL; |
| 173 ret->q=NULL; |
| 174 ret->dmp1=NULL; |
| 175 ret->dmq1=NULL; |
| 176 ret->iqmp=NULL; |
| 177 ret->references=1; |
| 178 ret->_method_mod_n=NULL; |
| 179 ret->_method_mod_p=NULL; |
| 180 ret->_method_mod_q=NULL; |
| 181 ret->blinding=NULL; |
| 182 ret->mt_blinding=NULL; |
| 183 ret->bignum_data=NULL; |
| 184 ret->flags=ret->meth->flags; |
| 185 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) |
| 186 { |
| 187 #ifndef OPENSSL_NO_ENGINE |
| 188 if (ret->engine) |
| 189 ENGINE_finish(ret->engine); |
| 190 #endif |
| 191 OPENSSL_free(ret); |
| 192 return(NULL); |
| 193 } |
| 194 |
| 195 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 196 { |
| 197 #ifndef OPENSSL_NO_ENGINE |
| 198 if (ret->engine) |
| 199 ENGINE_finish(ret->engine); |
| 200 #endif |
| 201 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); |
| 202 OPENSSL_free(ret); |
| 203 ret=NULL; |
| 204 } |
| 205 return(ret); |
| 206 } |
| 207 |
| 208 void RSA_free(RSA *r) |
| 209 { |
| 210 int i; |
| 211 |
| 212 if (r == NULL) return; |
| 213 |
| 214 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); |
| 215 #ifdef REF_PRINT |
| 216 REF_PRINT("RSA",r); |
| 217 #endif |
| 218 if (i > 0) return; |
| 219 #ifdef REF_CHECK |
| 220 if (i < 0) |
| 221 { |
| 222 fprintf(stderr,"RSA_free, bad reference count\n"); |
| 223 abort(); |
| 224 } |
| 225 #endif |
| 226 |
| 227 if (r->meth->finish) |
| 228 r->meth->finish(r); |
| 229 #ifndef OPENSSL_NO_ENGINE |
| 230 if (r->engine) |
| 231 ENGINE_finish(r->engine); |
| 232 #endif |
| 233 |
| 234 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); |
| 235 |
| 236 if (r->n != NULL) BN_clear_free(r->n); |
| 237 if (r->e != NULL) BN_clear_free(r->e); |
| 238 if (r->d != NULL) BN_clear_free(r->d); |
| 239 if (r->p != NULL) BN_clear_free(r->p); |
| 240 if (r->q != NULL) BN_clear_free(r->q); |
| 241 if (r->dmp1 != NULL) BN_clear_free(r->dmp1); |
| 242 if (r->dmq1 != NULL) BN_clear_free(r->dmq1); |
| 243 if (r->iqmp != NULL) BN_clear_free(r->iqmp); |
| 244 if (r->blinding != NULL) BN_BLINDING_free(r->blinding); |
| 245 if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); |
| 246 if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); |
| 247 OPENSSL_free(r); |
| 248 } |
| 249 |
| 250 int RSA_up_ref(RSA *r) |
| 251 { |
| 252 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA); |
| 253 #ifdef REF_PRINT |
| 254 REF_PRINT("RSA",r); |
| 255 #endif |
| 256 #ifdef REF_CHECK |
| 257 if (i < 2) |
| 258 { |
| 259 fprintf(stderr, "RSA_up_ref, bad reference count\n"); |
| 260 abort(); |
| 261 } |
| 262 #endif |
| 263 return ((i > 1) ? 1 : 0); |
| 264 } |
| 265 |
| 266 int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
| 267 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
| 268 { |
| 269 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, |
| 270 new_func, dup_func, free_func); |
| 271 } |
| 272 |
| 273 int RSA_set_ex_data(RSA *r, int idx, void *arg) |
| 274 { |
| 275 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); |
| 276 } |
| 277 |
| 278 void *RSA_get_ex_data(const RSA *r, int idx) |
| 279 { |
| 280 return(CRYPTO_get_ex_data(&r->ex_data,idx)); |
| 281 } |
| 282 |
| 283 int RSA_size(const RSA *r) |
| 284 { |
| 285 return(BN_num_bytes(r->n)); |
| 286 } |
| 287 |
70 int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, | 288 int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, |
71 RSA *rsa, int padding) | 289 RSA *rsa, int padding) |
72 { | 290 { |
73 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); | 291 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); |
74 } | 292 } |
75 | 293 |
76 int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, | 294 int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, |
77 RSA *rsa, int padding) | 295 RSA *rsa, int padding) |
78 { | 296 { |
79 #ifdef OPENSSL_FIPS | |
80 if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) | |
81 { | |
82 RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN
_FIPS_MODE); | |
83 return 0; | |
84 } | |
85 #endif | |
86 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); | 297 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); |
87 } | 298 } |
88 | 299 |
89 int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, | 300 int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, |
90 RSA *rsa, int padding) | 301 RSA *rsa, int padding) |
91 { | 302 { |
92 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); | 303 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); |
93 } | 304 } |
94 | 305 |
95 int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, | 306 int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, |
96 RSA *rsa, int padding) | 307 RSA *rsa, int padding) |
97 { | 308 { |
98 #ifdef OPENSSL_FIPS | |
99 if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) | |
100 { | |
101 RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_
FIPS_MODE); | |
102 return 0; | |
103 } | |
104 #endif | |
105 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); | 309 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); |
106 } | 310 } |
107 | 311 |
108 int RSA_size(const RSA *r) | 312 int RSA_flags(const RSA *r) |
109 { | 313 { |
110 » return(BN_num_bytes(r->n)); | 314 » return((r == NULL)?0:r->meth->flags); |
111 } | 315 } |
112 | 316 |
113 void RSA_blinding_off(RSA *rsa) | 317 void RSA_blinding_off(RSA *rsa) |
114 { | 318 { |
115 if (rsa->blinding != NULL) | 319 if (rsa->blinding != NULL) |
116 { | 320 { |
117 BN_BLINDING_free(rsa->blinding); | 321 BN_BLINDING_free(rsa->blinding); |
118 rsa->blinding=NULL; | 322 rsa->blinding=NULL; |
119 } | 323 } |
120 rsa->flags &= ~RSA_FLAG_BLINDING; | 324 rsa->flags &= ~RSA_FLAG_BLINDING; |
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
215 else | 419 else |
216 n = rsa->n; | 420 n = rsa->n; |
217 | 421 |
218 ret = BN_BLINDING_create_param(NULL, e, n, ctx, | 422 ret = BN_BLINDING_create_param(NULL, e, n, ctx, |
219 rsa->meth->bn_mod_exp, rsa->_method_mod_n); | 423 rsa->meth->bn_mod_exp, rsa->_method_mod_n); |
220 if (ret == NULL) | 424 if (ret == NULL) |
221 { | 425 { |
222 RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); | 426 RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB); |
223 goto err; | 427 goto err; |
224 } | 428 } |
225 » BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id()); | 429 » CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret)); |
226 err: | 430 err: |
227 BN_CTX_end(ctx); | 431 BN_CTX_end(ctx); |
228 if (in_ctx == NULL) | 432 if (in_ctx == NULL) |
229 BN_CTX_free(ctx); | 433 BN_CTX_free(ctx); |
230 if(rsa->e == NULL) | 434 if(rsa->e == NULL) |
231 BN_free(e); | 435 BN_free(e); |
232 | 436 |
233 return ret; | 437 return ret; |
234 } | 438 } |
| 439 |
| 440 int RSA_memory_lock(RSA *r) |
| 441 { |
| 442 int i,j,k,off; |
| 443 char *p; |
| 444 BIGNUM *bn,**t[6],*b; |
| 445 BN_ULONG *ul; |
| 446 |
| 447 if (r->d == NULL) return(1); |
| 448 t[0]= &r->d; |
| 449 t[1]= &r->p; |
| 450 t[2]= &r->q; |
| 451 t[3]= &r->dmp1; |
| 452 t[4]= &r->dmq1; |
| 453 t[5]= &r->iqmp; |
| 454 k=sizeof(BIGNUM)*6; |
| 455 off=k/sizeof(BN_ULONG)+1; |
| 456 j=1; |
| 457 for (i=0; i<6; i++) |
| 458 j+= (*t[i])->top; |
| 459 if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) |
| 460 { |
| 461 RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); |
| 462 return(0); |
| 463 } |
| 464 bn=(BIGNUM *)p; |
| 465 ul=(BN_ULONG *)&(p[off]); |
| 466 for (i=0; i<6; i++) |
| 467 { |
| 468 b= *(t[i]); |
| 469 *(t[i])= &(bn[i]); |
| 470 memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); |
| 471 bn[i].flags=BN_FLG_STATIC_DATA; |
| 472 bn[i].d=ul; |
| 473 memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); |
| 474 ul+=b->top; |
| 475 BN_clear_free(b); |
| 476 } |
| 477 |
| 478 /* I should fix this so it can still be done */ |
| 479 r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); |
| 480 |
| 481 r->bignum_data=p; |
| 482 return(1); |
| 483 } |
OLD | NEW |