1 /* Demo of how to construct your own engine and using it. The basis of this
2 engine is RSAref, an old reference of the RSA algorithm which can still
3 be found a little here and there. */
6 #include "./source/global.h"
7 #include "./source/rsaref.h"
8 #include "./source/rsa.h"
9 #include "./source/des.h"
10 #include <openssl/err.h>
11 #include <openssl/evp.h>
12 #include <openssl/bn.h>
13 #include <openssl/engine.h>
15 #define RSAREF_LIB_NAME "rsaref engine"
16 #include "rsaref_err.c"
18 /*****************************************************************************
19 *** Function declarations and global variable definitions ***
20 *****************************************************************************/
22 /*****************************************************************************
23 * Constants used when creating the ENGINE
25 static const char *engine_rsaref_id = "rsaref";
26 static const char *engine_rsaref_name = "RSAref engine support";
28 /*****************************************************************************
29 * Functions to handle the engine
31 static int rsaref_destroy(ENGINE *e);
32 static int rsaref_init(ENGINE *e);
33 static int rsaref_finish(ENGINE *e);
35 static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
38 /*****************************************************************************
41 static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
45 /*****************************************************************************
48 static int rsaref_private_decrypt(int len, const unsigned char *from,
49 unsigned char *to, RSA *rsa, int padding);
50 static int rsaref_private_encrypt(int len, const unsigned char *from,
51 unsigned char *to, RSA *rsa, int padding);
52 static int rsaref_public_encrypt(int len, const unsigned char *from,
53 unsigned char *to, RSA *rsa, int padding);
54 static int rsaref_public_decrypt(int len, const unsigned char *from,
55 unsigned char *to, RSA *rsa, int padding);
56 static int bnref_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
57 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
58 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
60 /*****************************************************************************
63 static RSA_METHOD rsaref_rsa =
66 rsaref_public_encrypt,
67 rsaref_public_decrypt,
68 rsaref_private_encrypt,
69 rsaref_private_decrypt,
80 /*****************************************************************************
81 * Symetric cipher and digest function registrars
83 static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
84 const int **nids, int nid);
85 static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
86 const int **nids, int nid);
88 static int rsaref_cipher_nids[] =
89 { NID_des_cbc, NID_des_ede3_cbc, NID_desx_cbc, 0 };
90 static int rsaref_digest_nids[] =
93 /*****************************************************************************
96 int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
97 const unsigned char *iv, int enc);
98 int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
99 const unsigned char *in, unsigned int inl);
100 int cipher_des_cbc_clean(EVP_CIPHER_CTX *);
101 int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
102 const unsigned char *iv, int enc);
103 int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
104 const unsigned char *in, unsigned int inl);
105 int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *);
106 int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
107 const unsigned char *iv, int enc);
108 int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
109 const unsigned char *in, unsigned int inl);
110 int cipher_desx_cbc_clean(EVP_CIPHER_CTX *);
112 /*****************************************************************************
115 static EVP_CIPHER cipher_des_cbc =
122 cipher_des_cbc_clean,
130 static EVP_CIPHER cipher_des_ede3_cbc =
135 cipher_des_ede3_cbc_init,
136 cipher_des_ede3_cbc_code,
137 cipher_des_ede3_cbc_clean,
138 sizeof(DES3_CBC_CTX),
145 static EVP_CIPHER cipher_desx_cbc =
150 cipher_desx_cbc_init,
151 cipher_desx_cbc_code,
152 cipher_desx_cbc_clean,
153 sizeof(DESX_CBC_CTX),
160 /*****************************************************************************
161 *** Function definitions ***
162 *****************************************************************************/
164 /*****************************************************************************
165 * Functions to handle the engine
168 static int bind_rsaref(ENGINE *e)
170 const RSA_METHOD *meth1;
171 if(!ENGINE_set_id(e, engine_rsaref_id)
172 || !ENGINE_set_name(e, engine_rsaref_name)
173 || !ENGINE_set_RSA(e, &rsaref_rsa)
174 || !ENGINE_set_ciphers(e, rsaref_ciphers)
175 || !ENGINE_set_digests(e, rsaref_digests)
176 || !ENGINE_set_destroy_function(e, rsaref_destroy)
177 || !ENGINE_set_init_function(e, rsaref_init)
178 || !ENGINE_set_finish_function(e, rsaref_finish)
179 /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
180 /* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
183 /* Ensure the rsaref error handling is set up */
184 ERR_load_RSAREF_strings();
188 #ifdef ENGINE_DYNAMIC_SUPPORT
189 static int bind_helper(ENGINE *e, const char *id)
191 if(id && (strcmp(id, engine_rsaref_id) != 0))
197 IMPLEMENT_DYNAMIC_CHECK_FN()
198 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
200 static ENGINE *engine_rsaref(void)
202 ENGINE *ret = ENGINE_new();
205 if(!bind_rsaref(ret))
213 void ENGINE_load_rsaref(void)
215 /* Copied from eng_[openssl|dyn].c */
216 ENGINE *toadd = engine_rsaref();
224 /* Initiator which is only present to make sure this engine looks available */
225 static int rsaref_init(ENGINE *e)
230 /* Finisher which is only present to make sure this engine looks available */
231 static int rsaref_finish(ENGINE *e)
236 /* Destructor (complements the "ENGINE_ncipher()" constructor) */
237 static int rsaref_destroy(ENGINE *e)
239 ERR_unload_RSAREF_strings();
243 /*****************************************************************************
247 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
249 RSAREFerr(RSAREF_F_RSAREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
253 static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
254 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
256 RSAREFerr(RSAREF_F_BNREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
260 /* unsigned char *to: [max] */
261 static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
265 i=BN_num_bytes(from);
268 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
272 memset(to,0,(unsigned int)max);
273 if (!BN_bn2bin(from,&(to[max-i])))
279 /* unsigned char *from: [max] */
280 static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
285 for (i=0; i<max; i++)
288 ret=BN_bin2bn(&(from[i]),max-i,to);
292 static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
294 to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
295 to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
296 if ((to->n == NULL) || (to->e == NULL)) return(0);
301 static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY *to)
303 to->bits=BN_num_bits(from->n);
304 if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
305 if (!RSAref_bn2bin(from->e,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
310 static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
312 if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
314 if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
316 if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
318 if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
320 if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
322 if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
325 if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
328 if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
334 static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY *to)
336 to->bits=BN_num_bits(from->n);
337 if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
338 if (!RSAref_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN)) return(0);
339 if (!RSAref_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
340 if (!RSAref_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN)) return(0);
341 if (!RSAref_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN)) return(0);
342 if (!RSAref_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN)) return(0);
343 if (!RSAref_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN)) return(0);
344 if (!RSAref_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN)) return(0);
348 static int rsaref_private_decrypt(int len, const unsigned char *from, unsigned char *to,
349 RSA *rsa, int padding)
352 R_RSA_PRIVATE_KEY RSAkey;
354 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
356 if ((i=RSAPrivateDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
358 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT,i);
362 memset(&RSAkey,0,sizeof(RSAkey));
366 static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned char *to,
367 RSA *rsa, int padding)
370 R_RSA_PRIVATE_KEY RSAkey;
372 if (padding != RSA_PKCS1_PADDING)
374 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
377 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
379 if ((i=RSAPrivateEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
381 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,i);
385 memset(&RSAkey,0,sizeof(RSAkey));
389 static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned char *to,
390 RSA *rsa, int padding)
393 R_RSA_PUBLIC_KEY RSAkey;
395 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
397 if ((i=RSAPublicDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
399 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT,i);
403 memset(&RSAkey,0,sizeof(RSAkey));
407 static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned char *to,
408 RSA *rsa, int padding)
412 R_RSA_PUBLIC_KEY RSAkey;
414 unsigned char buf[16];
416 if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING)
418 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
423 R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
426 if (RAND_bytes(buf,16) <= 0)
428 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
432 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
434 if ((i=RSAPublicEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
436 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT,i);
441 memset(&RSAkey,0,sizeof(RSAkey));
443 memset(&rnd,0,sizeof(rnd));
447 /*****************************************************************************
448 * Symetric cipher and digest function registrars
450 static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
451 const int **nids, int nid)
456 /* We are returning a list of supported nids */
457 *nids = rsaref_cipher_nids;
458 return (sizeof(rsaref_cipher_nids)-1)/sizeof(rsaref_cipher_nids[0]);
460 /* We are being asked for a specific cipher */
464 *cipher = &cipher_des_cbc; break;
465 case NID_des_ede3_cbc:
466 *cipher = &cipher_des_ede3_cbc; break;
468 *cipher = &cipher_desx_cbc; break;
476 static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
477 const int **nids, int nid)
482 /* We are returning a list of supported nids */
483 *nids = rsaref_digest_nids;
484 return (sizeof(rsaref_digest_nids)-1)/sizeof(rsaref_digest_nids[0]);
486 /* We are being asked for a specific digest */
497 /*****************************************************************************
501 #define data(ctx) ((DES_CBC_CTX *)(ctx)->cipher_data)
502 int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
503 const unsigned char *iv, int enc)
505 DES_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc);
507 int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
508 const unsigned char *in, unsigned int inl)
510 DES_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
512 int cipher_des_cbc_clean(EVP_CIPHER_CTX *ctx)
514 memset(data(ctx), 0, ctx->cipher->ctx_size);
518 #define data(ctx) ((DES3_CBC_CTX *)(ctx)->cipher_data)
519 int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
520 const unsigned char *iv, int enc)
522 DES3_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv,
525 int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
526 const unsigned char *in, unsigned int inl)
528 DES3_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
530 int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *ctx)
532 memset(data(ctx), 0, ctx->cipher->ctx_size);
536 #define data(ctx) ((DESX_CBC_CTX *)(ctx)->cipher_data)
537 int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
538 const unsigned char *iv, int enc)
540 DESX_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv,
543 int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
544 const unsigned char *in, unsigned int inl)
546 DESX_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
548 int cipher_desx_cbc_clean(EVP_CIPHER_CTX *ctx)
550 memset(data(ctx), 0, ctx->cipher->ctx_size);