crypto/asn1/n_pkey.c

   1 /* crypto/asn1/n_pkey.c */
   2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
   3  * All rights reserved.
   4  *
   5  * This package is an SSL implementation written
   6  * by Eric Young (eay@cryptsoft.com).
   7  * The implementation was written so as to conform with Netscapes SSL.
   8  *
   9  * This library is free for commercial and non-commercial use as long as
  10  * the following conditions are aheared to.  The following conditions
  11  * apply to all code found in this distribution, be it the RC4, RSA,
  12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  13  * included with this distribution is covered by the same copyright terms
  14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15  *
  16  * Copyright remains Eric Young's, and as such any Copyright notices in
  17  * the code are not to be removed.
  18  * If this package is used in a product, Eric Young should be given attribution
  19  * as the author of the parts of the library used.
  20  * This can be in the form of a textual message at program startup or
  21  * in documentation (online or textual) provided with the package.
  22  *
  23  * Redistribution and use in source and binary forms, with or without
  24  * modification, are permitted provided that the following conditions
  25  * are met:
  26  * 1. Redistributions of source code must retain the copyright
  27  *    notice, this list of conditions and the following disclaimer.
  28  * 2. Redistributions in binary form must reproduce the above copyright
  29  *    notice, this list of conditions and the following disclaimer in the
  30  *    documentation and/or other materials provided with the distribution.
  31  * 3. All advertising materials mentioning features or use of this software
  32  *    must display the following acknowledgement:
  33  *    "This product includes cryptographic software written by
  34  *     Eric Young (eay@cryptsoft.com)"
  35  *    The word 'cryptographic' can be left out if the rouines from the library
  36  *    being used are not cryptographic related :-).
  37  * 4. If you include any Windows specific code (or a derivative thereof) from
  38  *    the apps directory (application code) you must include an acknowledgement:
  39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40  *
  41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51  * SUCH DAMAGE.
  52  *
  53  * The licence and distribution terms for any publically available version or
  54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  55  * copied and put under another distribution licence
  56  * [including the GNU Public Licence.]
  57  */
  58
  59 #include <stdio.h>
  60 #include "cryptlib.h"
  61 #include "rsa.h"
  62 #include "objects.h"
  63 #include "asn1_mac.h"
  64 #include "evp.h"
  65 #include "x509.h"
  66
  67
  68 #ifndef NO_RC4
  69
  70 typedef struct netscape_pkey_st
  71         {
  72         ASN1_INTEGER *version;
  73         X509_ALGOR *algor;
  74         ASN1_OCTET_STRING *private_key;
  75         } NETSCAPE_PKEY;
  76
  77 /*
  78  * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ERR_R_ASN1_LENGTH_MISMATCH);
  79  * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
  80  * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR);
  81  * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
  82  */
  83 #ifndef NOPROTO
  84 static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
  85 static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
  86 static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
  87 static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
  88 #else
  89 static int i2d_NETSCAPE_PKEY();
  90 static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY();
  91 static NETSCAPE_PKEY *NETSCAPE_PKEY_new();
  92 static void NETSCAPE_PKEY_free();
  93 #endif
  94
  95 int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)())
  96         {
  97         int i,j,l[6];
  98         NETSCAPE_PKEY *pkey;
  99         unsigned char buf[256],*zz;
 100         unsigned char key[EVP_MAX_KEY_LENGTH];
 101         EVP_CIPHER_CTX ctx;
 102         X509_ALGOR *alg=NULL;
 103         ASN1_OCTET_STRING os,os2;
 104         M_ASN1_I2D_vars(a);
 105
 106         if (a == NULL) return(0);
 107
 108 #ifdef WIN32
 109         r=r; /* shut the damn compiler up :-) */
 110 #endif
 111
 112         os.data=os2.data=NULL;
 113         if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
 114         if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
 115
 116         if (pkey->algor->algorithm != NULL)
 117                 ASN1_OBJECT_free(pkey->algor->algorithm);
 118         pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
 119         if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
 120         pkey->algor->parameter->type=V_ASN1_NULL;
 121
 122         l[0]=i2d_RSAPrivateKey(a,NULL);
 123         pkey->private_key->length=l[0];
 124
 125         os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
 126         l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
 127
 128         if ((alg=X509_ALGOR_new()) == NULL) goto err;
 129         if (alg->algorithm != NULL)
 130                 ASN1_OBJECT_free(alg->algorithm);
 131         alg->algorithm=OBJ_nid2obj(NID_rc4);
 132         if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
 133         alg->parameter->type=V_ASN1_NULL;
 134
 135         l[2]=i2d_X509_ALGOR(alg,NULL);
 136         l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
 137
 138 #ifndef CONST_STRICT
 139         os.data=(unsigned char *)"private-key";
 140 #endif
 141         os.length=11;
 142         l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
 143
 144         l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
 145
 146         if (pp == NULL)
 147                 {
 148                 if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
 149                 if (alg != NULL) X509_ALGOR_free(alg);
 150                 return(l[5]);
 151                 }
 152
 153         if (pkey->private_key->data != NULL)
 154                 Free((char *)pkey->private_key->data);
 155         if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL)
 156                 {
 157                 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
 158                 goto err;
 159                 }
 160         zz=pkey->private_key->data;
 161         i2d_RSAPrivateKey(a,&zz);
 162
 163         if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL)
 164                 {
 165                 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
 166                 goto err;
 167                 }
 168         zz=os2.data;
 169         i2d_NETSCAPE_PKEY(pkey,&zz);
 170
 171         if (cb == NULL)
 172                 cb=EVP_read_pw_string;
 173         i=cb(buf,256,"Enter Private Key password:",1);
 174         if (i != 0)
 175                 {
 176                 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
 177                 goto err;
 178                 }
 179         EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
 180                 strlen((char *)buf),1,key,NULL);
 181         memset(buf,0,256);
 182
 183         EVP_CIPHER_CTX_init(&ctx);
 184         EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
 185         EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
 186         EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
 187         EVP_CIPHER_CTX_cleanup(&ctx);
 188
 189         p= *pp;
 190         ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
 191         i2d_ASN1_OCTET_STRING(&os,&p);
 192         ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
 193         i2d_X509_ALGOR(alg,&p);
 194         i2d_ASN1_OCTET_STRING(&os2,&p);
 195         ret=l[5];
 196 err:
 197         if (os2.data != NULL) Free(os2.data);
 198         if (alg != NULL) X509_ALGOR_free(alg);
 199         if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
 200         r=r;
 201         return(ret);
 202         }
 203
 204 RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)())
 205         {
 206         RSA *ret=NULL;
 207         ASN1_OCTET_STRING *os=NULL;
 208         ASN1_CTX c;
 209
 210         c.pp=pp;
 211         c.error=ASN1_R_DECODING_ERROR;
 212
 213         M_ASN1_D2I_Init();
 214         M_ASN1_D2I_start_sequence();
 215         M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
 216         if ((os->length != 11) || (strncmp("private-key",
 217                 (char *)os->data,os->length) != 0))
 218                 {
 219                 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
 220                 ASN1_BIT_STRING_free(os);
 221                 goto err;
 222                 }
 223         ASN1_BIT_STRING_free(os);
 224         c.q=c.p;
 225         if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err;
 226         c.slen-=(c.p-c.q);
 227
 228         M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
 229         }
 230
 231 RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
 232              int (*cb)())
 233         {
 234         NETSCAPE_PKEY *pkey=NULL;
 235         RSA *ret=NULL;
 236         int i,j;
 237         unsigned char buf[256],*zz;
 238         unsigned char key[EVP_MAX_KEY_LENGTH];
 239         EVP_CIPHER_CTX ctx;
 240         X509_ALGOR *alg=NULL;
 241         ASN1_OCTET_STRING *os=NULL;
 242         ASN1_CTX c;
 243
 244         c.error=ERR_R_NESTED_ASN1_ERROR;
 245         c.pp=pp;
 246
 247         M_ASN1_D2I_Init();
 248         M_ASN1_D2I_start_sequence();
 249         M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
 250         if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
 251                 {
 252                 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
 253                 goto err;
 254                 }
 255         M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
 256         if (cb == NULL)
 257                 cb=EVP_read_pw_string;
 258         i=cb(buf,256,"Enter Private Key password:",0);
 259         if (i != 0)
 260                 {
 261                 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
 262                 goto err;
 263                 }
 264
 265         EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
 266                 strlen((char *)buf),1,key,NULL);
 267         memset(buf,0,256);
 268
 269         EVP_CIPHER_CTX_init(&ctx);
 270         EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
 271         EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
 272         EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
 273         EVP_CIPHER_CTX_cleanup(&ctx);
 274         os->length=i+j;
 275
 276         zz=os->data;
 277
 278         if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
 279                 {
 280                 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
 281                 goto err;
 282                 }
 283
 284         zz=pkey->private_key->data;
 285         if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
 286                 {
 287                 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
 288                 goto err;
 289                 }
 290         if (!asn1_Finish(&c)) goto err;
 291         *pp=c.p;
 292 err:
 293         if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
 294         if (os != NULL) ASN1_BIT_STRING_free(os);
 295         if (alg != NULL) X509_ALGOR_free(alg);
 296         return(ret);
 297         }
 298
 299 static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp)
 300         {
 301         M_ASN1_I2D_vars(a);
 302
 303
 304         M_ASN1_I2D_len(a->version,      i2d_ASN1_INTEGER);
 305         M_ASN1_I2D_len(a->algor,        i2d_X509_ALGOR);
 306         M_ASN1_I2D_len(a->private_key,  i2d_ASN1_OCTET_STRING);
 307
 308         M_ASN1_I2D_seq_total();
 309
 310         M_ASN1_I2D_put(a->version,      i2d_ASN1_INTEGER);
 311         M_ASN1_I2D_put(a->algor,        i2d_X509_ALGOR);
 312         M_ASN1_I2D_put(a->private_key,  i2d_ASN1_OCTET_STRING);
 313
 314         M_ASN1_I2D_finish();
 315         }
 316
 317 static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp,
 318              long length)
 319         {
 320         M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
 321
 322         M_ASN1_D2I_Init();
 323         M_ASN1_D2I_start_sequence();
 324         M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
 325         M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
 326         M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
 327         M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
 328         }
 329
 330 static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void)
 331         {
 332         NETSCAPE_PKEY *ret=NULL;
 333         ASN1_CTX c;
 334
 335         M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
 336         M_ASN1_New(ret->version,ASN1_INTEGER_new);
 337         M_ASN1_New(ret->algor,X509_ALGOR_new);
 338         M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
 339         return(ret);
 340         M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
 341         }
 342
 343 static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
 344         {
 345         if (a == NULL) return;
 346         ASN1_INTEGER_free(a->version);
 347         X509_ALGOR_free(a->algor);
 348         ASN1_OCTET_STRING_free(a->private_key);
 349         Free((char *)a);
 350         }
 351
 352 #endif /* NO_RC4 */
 353