Add a demo that reimplements the RSAref glue in form of a dynamically
[openssl.git] / demos / engines / rsaref / rsaref.c
1 /* Demo of how to construct your own engine and using it.  The basis of this
2    engine is RSAref, an old reference of the RSA algorithm which can still
3    be found a little here and there. */
4
5 #include <stdio.h>
6 #if 0
7 #include "./source/global.h"
8 #include "./source/rsaref.h"
9 #endif
10 #include "rsaref.h"
11 #include <openssl/err.h>
12 #include <openssl/bn.h>
13 #include <openssl/engine.h>
14
15 /* Constants used when creating the ENGINE */
16 static const char *engine_rsaref_id = "rsaref";
17 static const char *engine_rsaref_name = "RSAref engine support";
18
19 static int rsaref_destroy(ENGINE *e);
20 static int rsaref_init(ENGINE *e);
21 static int rsaref_finish(ENGINE *e);
22 #if 0
23 static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 
24 #endif
25
26 static int rsaref_private_decrypt(int len, const unsigned char *from,
27         unsigned char *to, RSA *rsa, int padding);
28 static int rsaref_private_encrypt(int len, const unsigned char *from,
29         unsigned char *to, RSA *rsa, int padding);
30 static int rsaref_public_encrypt(int len, const unsigned char *from,
31         unsigned char *to, RSA *rsa, int padding);
32 static int rsaref_public_decrypt(int len, const unsigned char *from,
33         unsigned char *to, RSA *rsa, int padding);
34 static int bnref_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
35                           BN_CTX *ctx, BN_MONT_CTX *m_ctx);
36 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
37
38 static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
39         {0, NULL, NULL, 0}
40         };
41
42 static RSA_METHOD rsaref_rsa =
43 {
44   "RSAref PKCS#1 RSA",
45   rsaref_public_encrypt,
46   rsaref_public_decrypt,
47   rsaref_private_encrypt,
48   rsaref_private_decrypt,
49   rsaref_mod_exp,
50   bnref_mod_exp,
51   NULL,
52   NULL,
53   0,
54   NULL,
55   NULL,
56   NULL
57 };
58
59 #ifndef OPENSSL_NO_ERR
60 /* Error function codes for use in rsaref operation */
61 #define RSAREF_F_BNREF_MOD_EXP                           100
62 #define RSAREF_F_RSAREF_BN2BIN                           101
63 #define RSAREF_F_RSA_BN2BIN                              102
64 #define RSAREF_F_RSA_PRIVATE_DECRYPT                     103
65 #define RSAREF_F_RSA_PRIVATE_ENCRYPT                     104
66 #define RSAREF_F_RSA_PUBLIC_DECRYPT                      105
67 #define RSAREF_F_RSA_PUBLIC_ENCRYPT                      106
68 #define RSAREF_F_RSAREF_MOD_EXP                          108
69 #define RSAREF_F_RSAREF_PRIVATE_DECRYPT                  109
70 #define RSAREF_F_RSAREF_PRIVATE_ENCRYPT                  110
71 #define RSAREF_F_RSAREF_PUBLIC_DECRYPT                   111
72 #define RSAREF_F_RSAREF_PUBLIC_ENCRYPT                   112
73 /* Error reason codes */
74 #define RSAREF_R_CONTENT_ENCODING                        0x0400
75 #define RSAREF_R_DATA                                    0x0401
76 #define RSAREF_R_DIGEST_ALGORITHM                        0x0402
77 #define RSAREF_R_ENCODING                                0x0403
78 #define RSAREF_R_ENCRYPTION_ALGORITHM                    0x040d
79 #define RSAREF_R_KEY                                     0x0404
80 #define RSAREF_R_KEY_ENCODING                            0x0405
81 #define RSAREF_R_LEN                                     0x0406
82 #define RSAREF_R_MODULUS_LEN                             0x0407
83 #define RSAREF_R_NEED_RANDOM                             0x0408
84 #define RSAREF_R_PRIVATE_KEY                             0x0409
85 #define RSAREF_R_PUBLIC_KEY                              0x040a
86 #define RSAREF_R_SIGNATURE                               0x040b
87 #define RSAREF_R_SIGNATURE_ENCODING                      0x040c
88
89 static ERR_STRING_DATA rsaref_str_functs[] =
90         {
91         /* This first element is changed to match the dynamic 'lib' number */
92 {ERR_PACK(0,0,0),                               "rsaref engine code"},
93 {ERR_PACK(0,RSAREF_F_BNREF_MOD_EXP,0),  "BN_REF_MOD_EXP"},
94 {ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0),  "RSAREF_BN2BIN"},
95 {ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0),     "RSA_BN2BIN"},
96 {ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0),    "RSA_private_decrypt"},
97 {ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0),    "RSA_private_encrypt"},
98 {ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0),     "RSA_public_decrypt"},
99 {ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0),     "RSA_public_encrypt"},
100 {ERR_PACK(0,RSAREF_F_RSAREF_MOD_EXP,0), "RSA_REF_MOD_EXP"},
101 {ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_DECRYPT,0), "RSA_REF_PRIVATE_DECRYPT"},
102 {ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_ENCRYPT,0), "RSA_REF_PRIVATE_ENCRYPT"},
103 {ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_DECRYPT,0),  "RSA_REF_PUBLIC_DECRYPT"},
104 {ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_ENCRYPT,0),  "RSA_REF_PUBLIC_ENCRYPT"},
105 {RSAREF_R_CONTENT_ENCODING               ,"content encoding"},
106 {RSAREF_R_DATA                           ,"data"},
107 {RSAREF_R_DIGEST_ALGORITHM               ,"digest algorithm"},
108 {RSAREF_R_ENCODING                       ,"encoding"},
109 {RSAREF_R_ENCRYPTION_ALGORITHM           ,"encryption algorithm"},
110 {RSAREF_R_KEY                            ,"key"},
111 {RSAREF_R_KEY_ENCODING                   ,"key encoding"},
112 {RSAREF_R_LEN                            ,"len"},
113 {RSAREF_R_MODULUS_LEN                    ,"modulus len"},
114 {RSAREF_R_NEED_RANDOM                    ,"need random"},
115 {RSAREF_R_PRIVATE_KEY                    ,"private key"},
116 {RSAREF_R_PUBLIC_KEY                     ,"public key"},
117 {RSAREF_R_SIGNATURE                      ,"signature"},
118 {RSAREF_R_SIGNATURE_ENCODING             ,"signature encoding"},
119 {0,NULL}
120         };
121 /* The library number we obtain dynamically from the ERR code */
122 static int rsaref_err_lib = -1;
123 #define RSAREFerr(f,r) ERR_PUT_error(rsaref_err_lib,(f),(r),__FILE__,__LINE__)
124 static void rsaref_load_error_strings(void)
125         {
126         if(rsaref_err_lib < 0)
127                 {
128                 if((rsaref_err_lib = ERR_get_next_error_library()) <= 0)
129                         return;
130                 rsaref_str_functs[0].error = ERR_PACK(rsaref_err_lib,0,0);
131                 ERR_load_strings(rsaref_err_lib, rsaref_str_functs);
132                 }
133         }
134 static void rsaref_unload_error_strings(void)
135         {
136         if(rsaref_err_lib >= 0)
137                 {
138                 ERR_unload_strings(rsaref_err_lib, rsaref_str_functs);
139                 rsaref_err_lib = -1;
140                 }
141         }
142 #else
143 #define RSAREFerr(f,r)                                  /* NOP */
144 static void rsaref_load_error_strings(void) { }         /* NOP */
145 static void rsaref_unload_error_strings(void) { }       /* NOP */
146 #endif
147
148 /* Now, to our own code */
149
150 static int bind_rsaref(ENGINE *e)
151         {
152         const RSA_METHOD *meth1;
153         if(!ENGINE_set_id(e, engine_rsaref_id)
154                 || !ENGINE_set_name(e, engine_rsaref_name)
155                 || !ENGINE_set_RSA(e, &rsaref_rsa)
156                 || !ENGINE_set_destroy_function(e, rsaref_destroy)
157                 || !ENGINE_set_init_function(e, rsaref_init)
158                 || !ENGINE_set_finish_function(e, rsaref_finish)
159                 /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
160                 /* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
161                 return 0;
162
163         /* Ensure the rsaref error handling is set up */
164         rsaref_load_error_strings();
165         return 1;
166         }
167
168 #ifdef ENGINE_DYNAMIC_SUPPORT
169 static int bind_helper(ENGINE *e, const char *id)
170         {
171         if(id && (strcmp(id, engine_rsaref_id) != 0))
172                 return 0;
173         if(!bind_rsaref(e))
174                 return 0;
175         return 1;
176         }       
177 IMPLEMENT_DYNAMIC_CHECK_FN()
178 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
179 #else
180 static ENGINE *engine_rsaref(void)
181         {
182         ENGINE *ret = ENGINE_new();
183         if(!ret)
184                 return NULL;
185         if(!bind_rsaref(ret))
186                 {
187                 ENGINE_free(ret);
188                 return NULL;
189                 }
190         return ret;
191         }
192
193 void ENGINE_load_rsaref(void)
194         {
195         /* Copied from eng_[openssl|dyn].c */
196         ENGINE *toadd = engine_rsaref();
197         if(!toadd) return;
198         ENGINE_add(toadd);
199         ENGINE_free(toadd);
200         ERR_clear_error();
201         }
202 #endif
203
204 /* Initiator which is only present to make sure this engine looks available */
205 static int rsaref_init(ENGINE *e)
206         {
207         return 1;
208         }
209
210 /* Finisher which is only present to make sure this engine looks available */
211 static int rsaref_finish(ENGINE *e)
212         {
213         return 1;
214         }
215
216 /* Destructor (complements the "ENGINE_ncipher()" constructor) */
217 static int rsaref_destroy(ENGINE *e)
218         {
219         rsaref_unload_error_strings();
220         return 1;
221         }
222
223 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
224         {
225         RSAREFerr(RSAREF_F_RSAREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
226         return(0);
227         }
228
229 static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
230                           const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
231         {
232         RSAREFerr(RSAREF_F_BNREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
233         return(0);
234         }
235
236 /* unsigned char *to:  [max]    */
237 static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
238         {
239         int i;
240
241         i=BN_num_bytes(from);
242         if (i > max)
243                 {
244                 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
245                 return(0);
246                 }
247
248         memset(to,0,(unsigned int)max);
249         if (!BN_bn2bin(from,&(to[max-i])))
250                 return(0);
251         return(1);
252         }
253
254 #ifdef undef
255 /* unsigned char *from:  [max]    */
256 static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
257         {
258         int i;
259         BIGNUM *ret;
260
261         for (i=0; i<max; i++)
262                 if (from[i]) break;
263
264         ret=BN_bin2bn(&(from[i]),max-i,to);
265         return(ret);
266         }
267
268 static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
269         {
270         to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
271         to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
272         if ((to->n == NULL) || (to->e == NULL)) return(0);
273         return(1);
274         }
275 #endif
276
277 static int RSAref_Public_eay2ref(RSA *from, RSArefPublicKey *to)
278         {
279         to->bits=BN_num_bits(from->n);
280         if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
281         if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
282         return(1);
283         }
284
285 #ifdef undef
286 static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
287         {
288         if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
289                 return(0);
290         if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
291                 return(0);
292         if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
293                 return(0);
294         if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
295                 return(0);
296         if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
297                 return(0);
298         if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
299                 == NULL)
300                 return(0);
301         if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
302                 == NULL)
303                 return(0);
304         if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
305                 return(0);
306         return(1);
307         }
308 #endif
309
310 static int RSAref_Private_eay2ref(RSA *from, RSArefPrivateKey *to)
311         {
312         to->bits=BN_num_bits(from->n);
313         if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
314         if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
315         if (!RSAref_bn2bin(from->d,to->d,RSAref_MAX_LEN)) return(0);
316         if (!RSAref_bn2bin(from->p,to->prime[0],RSAref_MAX_PLEN)) return(0);
317         if (!RSAref_bn2bin(from->q,to->prime[1],RSAref_MAX_PLEN)) return(0);
318         if (!RSAref_bn2bin(from->dmp1,to->pexp[0],RSAref_MAX_PLEN)) return(0);
319         if (!RSAref_bn2bin(from->dmq1,to->pexp[1],RSAref_MAX_PLEN)) return(0);
320         if (!RSAref_bn2bin(from->iqmp,to->coef,RSAref_MAX_PLEN)) return(0);
321         return(1);
322         }
323
324 static int rsaref_private_decrypt(int len, const unsigned char *from, unsigned char *to,
325              RSA *rsa, int padding)
326         {
327         int i,outlen= -1;
328         RSArefPrivateKey RSAkey;
329
330         if (!RSAref_Private_eay2ref(rsa,&RSAkey))
331                 goto err;
332         if ((i=RSAPrivateDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
333                 {
334                 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,i);
335                 outlen= -1;
336                 }
337 err:
338         memset(&RSAkey,0,sizeof(RSAkey));
339         return(outlen);
340         }
341
342 static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned char *to,
343              RSA *rsa, int padding)
344         {
345         int i,outlen= -1;
346         RSArefPrivateKey RSAkey;
347
348         if (padding != RSA_PKCS1_PADDING)
349                 {
350                 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
351                 goto err;
352         }
353         if (!RSAref_Private_eay2ref(rsa,&RSAkey))
354                 goto err;
355         if ((i=RSAPrivateEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
356                 {
357                 RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,i);
358                 outlen= -1;
359                 }
360 err:
361         memset(&RSAkey,0,sizeof(RSAkey));
362         return(outlen);
363         }
364
365 static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned char *to,
366              RSA *rsa, int padding)
367         {
368         int i,outlen= -1;
369         RSArefPublicKey RSAkey;
370
371         if (!RSAref_Public_eay2ref(rsa,&RSAkey))
372                 goto err;
373         if ((i=RSAPublicDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
374                 {
375                 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,i);
376                 outlen= -1;
377                 }
378 err:
379         memset(&RSAkey,0,sizeof(RSAkey));
380         return(outlen);
381         }
382
383 static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned char *to,
384              RSA *rsa, int padding)
385         {
386         int outlen= -1;
387         int i;
388         RSArefPublicKey RSAkey;
389         RSARandomState rnd;
390         unsigned char buf[16];
391
392         if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING) 
393                 {
394                 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
395                 goto err;
396                 }
397         
398         R_RandomInit(&rnd);
399         R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
400         while (i > 0)
401                 {
402                 if (RAND_bytes(buf,16) <= 0)
403                         goto err;
404                 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
405                 i-=16;
406                 }
407
408         if (!RSAref_Public_eay2ref(rsa,&RSAkey))
409                 goto err;
410         if ((i=RSAPublicEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
411                 {
412                 RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,i);
413                 outlen= -1;
414                 goto err;
415                 }
416 err:
417         memset(&RSAkey,0,sizeof(RSAkey));
418         R_RandomFinal(&rnd);
419         memset(&rnd,0,sizeof(rnd));
420         return(outlen);
421         }