87e86ddc28c47829ff99e3b6d51725c1d4b5a0f4
1 /* Copyright (C) 2006, 2007 The Written Word, Inc. All rights reserved.
2 * Author: Simon Josefsson
3 * Copyright (c) 2004-2006, Sara Golemon <sarag@libssh2.org>
5 * Redistribution and use in source and binary forms,
6 * with or without modification, are permitted provided
7 * that the following conditions are met:
9 * Redistributions of source code must retain the above
10 * copyright notice, this list of conditions and the
11 * following disclaimer.
13 * Redistributions in binary form must reproduce the above
14 * copyright notice, this list of conditions and the following
15 * disclaimer in the documentation and/or other materials
16 * provided with the distribution.
18 * Neither the name of the copyright holder nor the names
19 * of any other contributors may be used to endorse or
20 * promote products derived from this software without
21 * specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
24 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
25 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
28 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
29 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
30 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
31 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
33 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
35 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
39 #include "libssh2_priv.h"
42 #ifndef EVP_MAX_BLOCK_LENGTH
43 #define EVP_MAX_BLOCK_LENGTH 32
47 _libssh2_rsa_new(libssh2_rsa_ctx
** rsa
,
48 const unsigned char *edata
,
50 const unsigned char *ndata
,
52 const unsigned char *ddata
,
54 const unsigned char *pdata
,
56 const unsigned char *qdata
,
58 const unsigned char *e1data
,
60 const unsigned char *e2data
,
62 const unsigned char *coeffdata
, unsigned long coefflen
)
67 BN_bin2bn(edata
, elen
, (*rsa
)->e
);
70 BN_bin2bn(ndata
, nlen
, (*rsa
)->n
);
74 BN_bin2bn(ddata
, dlen
, (*rsa
)->d
);
77 BN_bin2bn(pdata
, plen
, (*rsa
)->p
);
80 BN_bin2bn(qdata
, qlen
, (*rsa
)->q
);
82 (*rsa
)->dmp1
= BN_new();
83 BN_bin2bn(e1data
, e1len
, (*rsa
)->dmp1
);
85 (*rsa
)->dmq1
= BN_new();
86 BN_bin2bn(e2data
, e2len
, (*rsa
)->dmq1
);
88 (*rsa
)->iqmp
= BN_new();
89 BN_bin2bn(coeffdata
, coefflen
, (*rsa
)->iqmp
);
95 _libssh2_rsa_sha1_verify(libssh2_rsa_ctx
* rsactx
,
96 const unsigned char *sig
,
97 unsigned long sig_len
,
98 const unsigned char *m
, unsigned long m_len
)
100 unsigned char hash
[SHA_DIGEST_LENGTH
];
103 SHA1(m
, m_len
, hash
);
104 ret
= RSA_verify(NID_sha1
, hash
, SHA_DIGEST_LENGTH
,
105 (unsigned char *) sig
, sig_len
, rsactx
);
106 return (ret
== 1) ?
0 : -1;
110 _libssh2_dsa_new(libssh2_dsa_ctx
** dsactx
,
111 const unsigned char *p
,
113 const unsigned char *q
,
115 const unsigned char *g
,
117 const unsigned char *y
,
119 const unsigned char *x
, unsigned long x_len
)
123 (*dsactx
)->p
= BN_new();
124 BN_bin2bn(p
, p_len
, (*dsactx
)->p
);
126 (*dsactx
)->q
= BN_new();
127 BN_bin2bn(q
, q_len
, (*dsactx
)->q
);
129 (*dsactx
)->g
= BN_new();
130 BN_bin2bn(g
, g_len
, (*dsactx
)->g
);
132 (*dsactx
)->pub_key
= BN_new();
133 BN_bin2bn(y
, y_len
, (*dsactx
)->pub_key
);
136 (*dsactx
)->priv_key
= BN_new();
137 BN_bin2bn(x
, x_len
, (*dsactx
)->priv_key
);
144 _libssh2_dsa_sha1_verify(libssh2_dsa_ctx
* dsactx
,
145 const unsigned char *sig
,
146 const unsigned char *m
, unsigned long m_len
)
148 unsigned char hash
[SHA_DIGEST_LENGTH
];
153 BN_bin2bn(sig
, 20, dsasig
.r
);
155 BN_bin2bn(sig
+ 20, 20, dsasig
.s
);
157 libssh2_sha1(m
, m_len
, hash
);
158 ret
= DSA_do_verify(hash
, SHA_DIGEST_LENGTH
, &dsasig
, dsactx
);
159 BN_clear_free(dsasig
.s
);
160 BN_clear_free(dsasig
.r
);
162 return (ret
== 1) ?
0 : -1;
166 _libssh2_cipher_init(_libssh2_cipher_ctx
* h
,
167 _libssh2_cipher_type(algo
),
168 unsigned char *iv
, unsigned char *secret
, int encrypt
)
170 EVP_CIPHER_CTX_init(h
);
171 EVP_CipherInit(h
, algo(), secret
, iv
, encrypt
);
176 _libssh2_cipher_crypt(_libssh2_cipher_ctx
* ctx
,
177 _libssh2_cipher_type(algo
),
178 int encrypt
, unsigned char *block
)
180 int blocksize
= ctx
->cipher
->block_size
;
181 unsigned char buf
[EVP_MAX_BLOCK_LENGTH
];
186 if (blocksize
== 1) {
187 /* Hack for arcfour. */
190 ret
= EVP_Cipher(ctx
, buf
, block
, blocksize
);
192 memcpy(block
, buf
, blocksize
);
194 return ret
== 1 ?
0 : 1;
197 /* TODO: Optionally call a passphrase callback specified by the
201 passphrase_cb(char *buf
, int size
, int rwflag
, char *passphrase
)
203 int passphrase_len
= strlen(passphrase
);
206 if (passphrase_len
> (size
- 1)) {
207 passphrase_len
= size
- 1;
209 memcpy(buf
, passphrase
, passphrase_len
);
210 buf
[passphrase_len
] = '\0';
212 return passphrase_len
;
216 _libssh2_rsa_new_private(libssh2_rsa_ctx
** rsa
,
217 LIBSSH2_SESSION
* session
,
218 FILE * fp
, unsigned const char *passphrase
)
221 if (!EVP_get_cipherbyname("des")) {
222 /* If this cipher isn't loaded it's a pretty good indication that none are.
223 * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#(
224 * Someone buy me an OpenSSL manual and I'll read up on it.
226 OpenSSL_add_all_ciphers();
228 *rsa
= PEM_read_RSAPrivateKey(fp
, NULL
, (void *) passphrase_cb
,
229 (void *) passphrase
);
237 _libssh2_dsa_new_private(libssh2_dsa_ctx
** dsa
,
238 LIBSSH2_SESSION
* session
,
239 FILE * fp
, unsigned const char *passphrase
)
242 if (!EVP_get_cipherbyname("des")) {
243 /* If this cipher isn't loaded it's a pretty good indication that none are.
244 * I have *NO DOUBT* that there's a better way to deal with this ($#&%#$(%$#(
245 * Someone buy me an OpenSSL manual and I'll read up on it.
247 OpenSSL_add_all_ciphers();
249 *dsa
= PEM_read_DSAPrivateKey(fp
, NULL
, (void *) passphrase_cb
,
250 (void *) passphrase
);
258 _libssh2_rsa_sha1_sign(LIBSSH2_SESSION
* session
,
259 libssh2_rsa_ctx
* rsactx
,
260 const unsigned char *hash
,
261 unsigned long hash_len
,
262 unsigned char **signature
, unsigned long *signature_len
)
266 unsigned int sig_len
;
268 sig_len
= RSA_size(rsactx
);
269 sig
= LIBSSH2_ALLOC(session
, sig_len
);
275 ret
= RSA_sign(NID_sha1
, hash
, hash_len
, sig
, &sig_len
, rsactx
);
278 LIBSSH2_FREE(session
, sig
);
283 *signature_len
= sig_len
;
289 _libssh2_dsa_sha1_sign(libssh2_dsa_ctx
* dsactx
,
290 const unsigned char *hash
,
291 unsigned long hash_len
, unsigned char *signature
)
294 int r_len
, s_len
, rs_pad
;
297 sig
= DSA_do_sign(hash
, SHA_DIGEST_LENGTH
, dsactx
);
302 r_len
= BN_num_bytes(sig
->r
);
303 s_len
= BN_num_bytes(sig
->s
);
304 rs_pad
= (2 * SHA_DIGEST_LENGTH
) - (r_len
+ s_len
);
310 BN_bn2bin(sig
->r
, signature
+ rs_pad
);
311 BN_bn2bin(sig
->s
, signature
+ rs_pad
+ r_len
);