Make use of RSAref's header files instead of EAY's crafted rsaref.h.
[openssl.git] / demos / engines / rsaref / rsaref.c
1 /* Demo of how to construct your own engine and using it.  The basis of this
2    engine is RSAref, an old reference of the RSA algorithm which can still
3    be found a little here and there. */
4
5 #include <stdio.h>
6 #include "./source/global.h"
7 #include "./source/rsaref.h"
8 #include "./source/rsa.h"
9 #include <openssl/err.h>
10 #include <openssl/bn.h>
11 #include <openssl/engine.h>
12
13 /* Constants used when creating the ENGINE */
14 static const char *engine_rsaref_id = "rsaref";
15 static const char *engine_rsaref_name = "RSAref engine support";
16
17 static int rsaref_destroy(ENGINE *e);
18 static int rsaref_init(ENGINE *e);
19 static int rsaref_finish(ENGINE *e);
20 #if 0
21 static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); 
22 #endif
23
24 static int rsaref_private_decrypt(int len, const unsigned char *from,
25         unsigned char *to, RSA *rsa, int padding);
26 static int rsaref_private_encrypt(int len, const unsigned char *from,
27         unsigned char *to, RSA *rsa, int padding);
28 static int rsaref_public_encrypt(int len, const unsigned char *from,
29         unsigned char *to, RSA *rsa, int padding);
30 static int rsaref_public_decrypt(int len, const unsigned char *from,
31         unsigned char *to, RSA *rsa, int padding);
32 static int bnref_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
33                           BN_CTX *ctx, BN_MONT_CTX *m_ctx);
34 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
35
36 static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
37         {0, NULL, NULL, 0}
38         };
39
40 static RSA_METHOD rsaref_rsa =
41 {
42   "RSAref PKCS#1 RSA",
43   rsaref_public_encrypt,
44   rsaref_public_decrypt,
45   rsaref_private_encrypt,
46   rsaref_private_decrypt,
47   rsaref_mod_exp,
48   bnref_mod_exp,
49   NULL,
50   NULL,
51   0,
52   NULL,
53   NULL,
54   NULL
55 };
56
57 #ifndef OPENSSL_NO_ERR
58 /* Error function codes for use in rsaref operation */
59 #define RSAREF_F_BNREF_MOD_EXP                           100
60 #define RSAREF_F_RSAREF_BN2BIN                           101
61 #define RSAREF_F_RSA_BN2BIN                              102
62 #define RSAREF_F_RSA_PRIVATE_DECRYPT                     103
63 #define RSAREF_F_RSA_PRIVATE_ENCRYPT                     104
64 #define RSAREF_F_RSA_PUBLIC_DECRYPT                      105
65 #define RSAREF_F_RSA_PUBLIC_ENCRYPT                      106
66 #define RSAREF_F_RSAREF_MOD_EXP                          108
67 #define RSAREF_F_RSAREF_PRIVATE_DECRYPT                  109
68 #define RSAREF_F_RSAREF_PRIVATE_ENCRYPT                  110
69 #define RSAREF_F_RSAREF_PUBLIC_DECRYPT                   111
70 #define RSAREF_F_RSAREF_PUBLIC_ENCRYPT                   112
71 /* Error reason codes */
72 #define RSAREF_R_CONTENT_ENCODING                        0x0400
73 #define RSAREF_R_DATA                                    0x0401
74 #define RSAREF_R_DIGEST_ALGORITHM                        0x0402
75 #define RSAREF_R_ENCODING                                0x0403
76 #define RSAREF_R_ENCRYPTION_ALGORITHM                    0x040d
77 #define RSAREF_R_KEY                                     0x0404
78 #define RSAREF_R_KEY_ENCODING                            0x0405
79 #define RSAREF_R_LEN                                     0x0406
80 #define RSAREF_R_MODULUS_LEN                             0x0407
81 #define RSAREF_R_NEED_RANDOM                             0x0408
82 #define RSAREF_R_PRIVATE_KEY                             0x0409
83 #define RSAREF_R_PUBLIC_KEY                              0x040a
84 #define RSAREF_R_SIGNATURE                               0x040b
85 #define RSAREF_R_SIGNATURE_ENCODING                      0x040c
86
87 static ERR_STRING_DATA rsaref_str_functs[] =
88         {
89         /* This first element is changed to match the dynamic 'lib' number */
90 {ERR_PACK(0,0,0),                               "rsaref engine code"},
91 {ERR_PACK(0,RSAREF_F_BNREF_MOD_EXP,0),  "BN_REF_MOD_EXP"},
92 {ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0),  "RSAREF_BN2BIN"},
93 {ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0),     "RSA_BN2BIN"},
94 {ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0),    "RSA_private_decrypt"},
95 {ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0),    "RSA_private_encrypt"},
96 {ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0),     "RSA_public_decrypt"},
97 {ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0),     "RSA_public_encrypt"},
98 {ERR_PACK(0,RSAREF_F_RSAREF_MOD_EXP,0), "RSA_REF_MOD_EXP"},
99 {ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_DECRYPT,0), "RSA_REF_PRIVATE_DECRYPT"},
100 {ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_ENCRYPT,0), "RSA_REF_PRIVATE_ENCRYPT"},
101 {ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_DECRYPT,0),  "RSA_REF_PUBLIC_DECRYPT"},
102 {ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_ENCRYPT,0),  "RSA_REF_PUBLIC_ENCRYPT"},
103 {RSAREF_R_CONTENT_ENCODING               ,"content encoding"},
104 {RSAREF_R_DATA                           ,"data"},
105 {RSAREF_R_DIGEST_ALGORITHM               ,"digest algorithm"},
106 {RSAREF_R_ENCODING                       ,"encoding"},
107 {RSAREF_R_ENCRYPTION_ALGORITHM           ,"encryption algorithm"},
108 {RSAREF_R_KEY                            ,"key"},
109 {RSAREF_R_KEY_ENCODING                   ,"key encoding"},
110 {RSAREF_R_LEN                            ,"len"},
111 {RSAREF_R_MODULUS_LEN                    ,"modulus len"},
112 {RSAREF_R_NEED_RANDOM                    ,"need random"},
113 {RSAREF_R_PRIVATE_KEY                    ,"private key"},
114 {RSAREF_R_PUBLIC_KEY                     ,"public key"},
115 {RSAREF_R_SIGNATURE                      ,"signature"},
116 {RSAREF_R_SIGNATURE_ENCODING             ,"signature encoding"},
117 {0,NULL}
118         };
119 /* The library number we obtain dynamically from the ERR code */
120 static int rsaref_err_lib = -1;
121 #define RSAREFerr(f,r) ERR_PUT_error(rsaref_err_lib,(f),(r),__FILE__,__LINE__)
122 static void rsaref_load_error_strings(void)
123         {
124         if(rsaref_err_lib < 0)
125                 {
126                 if((rsaref_err_lib = ERR_get_next_error_library()) <= 0)
127                         return;
128                 rsaref_str_functs[0].error = ERR_PACK(rsaref_err_lib,0,0);
129                 ERR_load_strings(rsaref_err_lib, rsaref_str_functs);
130                 }
131         }
132 static void rsaref_unload_error_strings(void)
133         {
134         if(rsaref_err_lib >= 0)
135                 {
136                 ERR_unload_strings(rsaref_err_lib, rsaref_str_functs);
137                 rsaref_err_lib = -1;
138                 }
139         }
140 #else
141 #define RSAREFerr(f,r)                                  /* NOP */
142 static void rsaref_load_error_strings(void) { }         /* NOP */
143 static void rsaref_unload_error_strings(void) { }       /* NOP */
144 #endif
145
146 /* Now, to our own code */
147
148 static int bind_rsaref(ENGINE *e)
149         {
150         const RSA_METHOD *meth1;
151         if(!ENGINE_set_id(e, engine_rsaref_id)
152                 || !ENGINE_set_name(e, engine_rsaref_name)
153                 || !ENGINE_set_RSA(e, &rsaref_rsa)
154                 || !ENGINE_set_destroy_function(e, rsaref_destroy)
155                 || !ENGINE_set_init_function(e, rsaref_init)
156                 || !ENGINE_set_finish_function(e, rsaref_finish)
157                 /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
158                 /* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
159                 return 0;
160
161         /* Ensure the rsaref error handling is set up */
162         rsaref_load_error_strings();
163         return 1;
164         }
165
166 #ifdef ENGINE_DYNAMIC_SUPPORT
167 static int bind_helper(ENGINE *e, const char *id)
168         {
169         if(id && (strcmp(id, engine_rsaref_id) != 0))
170                 return 0;
171         if(!bind_rsaref(e))
172                 return 0;
173         return 1;
174         }       
175 IMPLEMENT_DYNAMIC_CHECK_FN()
176 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
177 #else
178 static ENGINE *engine_rsaref(void)
179         {
180         ENGINE *ret = ENGINE_new();
181         if(!ret)
182                 return NULL;
183         if(!bind_rsaref(ret))
184                 {
185                 ENGINE_free(ret);
186                 return NULL;
187                 }
188         return ret;
189         }
190
191 void ENGINE_load_rsaref(void)
192         {
193         /* Copied from eng_[openssl|dyn].c */
194         ENGINE *toadd = engine_rsaref();
195         if(!toadd) return;
196         ENGINE_add(toadd);
197         ENGINE_free(toadd);
198         ERR_clear_error();
199         }
200 #endif
201
202 /* Initiator which is only present to make sure this engine looks available */
203 static int rsaref_init(ENGINE *e)
204         {
205         return 1;
206         }
207
208 /* Finisher which is only present to make sure this engine looks available */
209 static int rsaref_finish(ENGINE *e)
210         {
211         return 1;
212         }
213
214 /* Destructor (complements the "ENGINE_ncipher()" constructor) */
215 static int rsaref_destroy(ENGINE *e)
216         {
217         rsaref_unload_error_strings();
218         return 1;
219         }
220
221 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
222         {
223         RSAREFerr(RSAREF_F_RSAREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
224         return(0);
225         }
226
227 static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
228                           const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
229         {
230         RSAREFerr(RSAREF_F_BNREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
231         return(0);
232         }
233
234 /* unsigned char *to:  [max]    */
235 static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
236         {
237         int i;
238
239         i=BN_num_bytes(from);
240         if (i > max)
241                 {
242                 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
243                 return(0);
244                 }
245
246         memset(to,0,(unsigned int)max);
247         if (!BN_bn2bin(from,&(to[max-i])))
248                 return(0);
249         return(1);
250         }
251
252 #ifdef undef
253 /* unsigned char *from:  [max]    */
254 static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
255         {
256         int i;
257         BIGNUM *ret;
258
259         for (i=0; i<max; i++)
260                 if (from[i]) break;
261
262         ret=BN_bin2bn(&(from[i]),max-i,to);
263         return(ret);
264         }
265
266 static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
267         {
268         to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
269         to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
270         if ((to->n == NULL) || (to->e == NULL)) return(0);
271         return(1);
272         }
273 #endif
274
275 static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY *to)
276         {
277         to->bits=BN_num_bits(from->n);
278         if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
279         if (!RSAref_bn2bin(from->e,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
280         return(1);
281         }
282
283 #ifdef undef
284 static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
285         {
286         if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
287                 return(0);
288         if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
289                 return(0);
290         if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
291                 return(0);
292         if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
293                 return(0);
294         if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
295                 return(0);
296         if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
297                 == NULL)
298                 return(0);
299         if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
300                 == NULL)
301                 return(0);
302         if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
303                 return(0);
304         return(1);
305         }
306 #endif
307
308 static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY *to)
309         {
310         to->bits=BN_num_bits(from->n);
311         if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
312         if (!RSAref_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN)) return(0);
313         if (!RSAref_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
314         if (!RSAref_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN)) return(0);
315         if (!RSAref_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN)) return(0);
316         if (!RSAref_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN)) return(0);
317         if (!RSAref_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN)) return(0);
318         if (!RSAref_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN)) return(0);
319         return(1);
320         }
321
322 static int rsaref_private_decrypt(int len, const unsigned char *from, unsigned char *to,
323              RSA *rsa, int padding)
324         {
325         int i,outlen= -1;
326         R_RSA_PRIVATE_KEY RSAkey;
327
328         if (!RSAref_Private_eay2ref(rsa,&RSAkey))
329                 goto err;
330         if ((i=RSAPrivateDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
331                 {
332                 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT,i);
333                 outlen= -1;
334                 }
335 err:
336         memset(&RSAkey,0,sizeof(RSAkey));
337         return(outlen);
338         }
339
340 static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned char *to,
341              RSA *rsa, int padding)
342         {
343         int i,outlen= -1;
344         R_RSA_PRIVATE_KEY RSAkey;
345
346         if (padding != RSA_PKCS1_PADDING)
347                 {
348                 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
349                 goto err;
350         }
351         if (!RSAref_Private_eay2ref(rsa,&RSAkey))
352                 goto err;
353         if ((i=RSAPrivateEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
354                 {
355                 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,i);
356                 outlen= -1;
357                 }
358 err:
359         memset(&RSAkey,0,sizeof(RSAkey));
360         return(outlen);
361         }
362
363 static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned char *to,
364              RSA *rsa, int padding)
365         {
366         int i,outlen= -1;
367         R_RSA_PUBLIC_KEY RSAkey;
368
369         if (!RSAref_Public_eay2ref(rsa,&RSAkey))
370                 goto err;
371         if ((i=RSAPublicDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
372                 {
373                 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT,i);
374                 outlen= -1;
375                 }
376 err:
377         memset(&RSAkey,0,sizeof(RSAkey));
378         return(outlen);
379         }
380
381 static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned char *to,
382              RSA *rsa, int padding)
383         {
384         int outlen= -1;
385         int i;
386         R_RSA_PUBLIC_KEY RSAkey;
387         R_RANDOM_STRUCT rnd;
388         unsigned char buf[16];
389
390         if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING) 
391                 {
392                 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
393                 goto err;
394                 }
395         
396         R_RandomInit(&rnd);
397         R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
398         while (i > 0)
399                 {
400                 if (RAND_bytes(buf,16) <= 0)
401                         goto err;
402                 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
403                 i-=16;
404                 }
405
406         if (!RSAref_Public_eay2ref(rsa,&RSAkey))
407                 goto err;
408         if ((i=RSAPublicEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
409                 {
410                 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT,i);
411                 outlen= -1;
412                 goto err;
413                 }
414 err:
415         memset(&RSAkey,0,sizeof(RSAkey));
416         R_RandomFinal(&rnd);
417         memset(&rnd,0,sizeof(rnd));
418         return(outlen);
419         }