10Sstevel@tonic-gate /* x_bignum.c */
20Sstevel@tonic-gate /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
30Sstevel@tonic-gate * project 2000.
40Sstevel@tonic-gate */
50Sstevel@tonic-gate /* ====================================================================
60Sstevel@tonic-gate * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * Redistribution and use in source and binary forms, with or without
90Sstevel@tonic-gate * modification, are permitted provided that the following conditions
100Sstevel@tonic-gate * are met:
110Sstevel@tonic-gate *
120Sstevel@tonic-gate * 1. Redistributions of source code must retain the above copyright
130Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer.
140Sstevel@tonic-gate *
150Sstevel@tonic-gate * 2. Redistributions in binary form must reproduce the above copyright
160Sstevel@tonic-gate * notice, this list of conditions and the following disclaimer in
170Sstevel@tonic-gate * the documentation and/or other materials provided with the
180Sstevel@tonic-gate * distribution.
190Sstevel@tonic-gate *
200Sstevel@tonic-gate * 3. All advertising materials mentioning features or use of this
210Sstevel@tonic-gate * software must display the following acknowledgment:
220Sstevel@tonic-gate * "This product includes software developed by the OpenSSL Project
230Sstevel@tonic-gate * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
240Sstevel@tonic-gate *
250Sstevel@tonic-gate * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
260Sstevel@tonic-gate * endorse or promote products derived from this software without
270Sstevel@tonic-gate * prior written permission. For written permission, please contact
280Sstevel@tonic-gate * licensing@OpenSSL.org.
290Sstevel@tonic-gate *
300Sstevel@tonic-gate * 5. Products derived from this software may not be called "OpenSSL"
310Sstevel@tonic-gate * nor may "OpenSSL" appear in their names without prior written
320Sstevel@tonic-gate * permission of the OpenSSL Project.
330Sstevel@tonic-gate *
340Sstevel@tonic-gate * 6. Redistributions of any form whatsoever must retain the following
350Sstevel@tonic-gate * acknowledgment:
360Sstevel@tonic-gate * "This product includes software developed by the OpenSSL Project
370Sstevel@tonic-gate * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
380Sstevel@tonic-gate *
390Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
400Sstevel@tonic-gate * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
410Sstevel@tonic-gate * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
420Sstevel@tonic-gate * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
430Sstevel@tonic-gate * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
440Sstevel@tonic-gate * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
450Sstevel@tonic-gate * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
460Sstevel@tonic-gate * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
470Sstevel@tonic-gate * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
480Sstevel@tonic-gate * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
490Sstevel@tonic-gate * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
500Sstevel@tonic-gate * OF THE POSSIBILITY OF SUCH DAMAGE.
510Sstevel@tonic-gate * ====================================================================
520Sstevel@tonic-gate *
530Sstevel@tonic-gate * This product includes cryptographic software written by Eric Young
540Sstevel@tonic-gate * (eay@cryptsoft.com). This product includes software written by Tim
550Sstevel@tonic-gate * Hudson (tjh@cryptsoft.com).
560Sstevel@tonic-gate *
570Sstevel@tonic-gate */
580Sstevel@tonic-gate
590Sstevel@tonic-gate #include <stdio.h>
600Sstevel@tonic-gate #include "cryptlib.h"
610Sstevel@tonic-gate #include <openssl/asn1t.h>
62*2139Sjp161948 #include <openssl/bn.h>
630Sstevel@tonic-gate
640Sstevel@tonic-gate /* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
650Sstevel@tonic-gate * BIGNUM directly. Currently it ignores the sign which isn't a problem since all
660Sstevel@tonic-gate * BIGNUMs used are non negative and anything that looks negative is normally due
670Sstevel@tonic-gate * to an encoding error.
680Sstevel@tonic-gate */
690Sstevel@tonic-gate
700Sstevel@tonic-gate #define BN_SENSITIVE 1
710Sstevel@tonic-gate
720Sstevel@tonic-gate static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
730Sstevel@tonic-gate static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
740Sstevel@tonic-gate
750Sstevel@tonic-gate static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
76*2139Sjp161948 static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
770Sstevel@tonic-gate
780Sstevel@tonic-gate static ASN1_PRIMITIVE_FUNCS bignum_pf = {
790Sstevel@tonic-gate NULL, 0,
800Sstevel@tonic-gate bn_new,
810Sstevel@tonic-gate bn_free,
820Sstevel@tonic-gate 0,
830Sstevel@tonic-gate bn_c2i,
840Sstevel@tonic-gate bn_i2c
850Sstevel@tonic-gate };
860Sstevel@tonic-gate
ASN1_ITEM_start(BIGNUM)870Sstevel@tonic-gate ASN1_ITEM_start(BIGNUM)
880Sstevel@tonic-gate ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
890Sstevel@tonic-gate ASN1_ITEM_end(BIGNUM)
900Sstevel@tonic-gate
910Sstevel@tonic-gate ASN1_ITEM_start(CBIGNUM)
920Sstevel@tonic-gate ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
930Sstevel@tonic-gate ASN1_ITEM_end(CBIGNUM)
940Sstevel@tonic-gate
950Sstevel@tonic-gate static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
960Sstevel@tonic-gate {
970Sstevel@tonic-gate *pval = (ASN1_VALUE *)BN_new();
980Sstevel@tonic-gate if(*pval) return 1;
990Sstevel@tonic-gate else return 0;
1000Sstevel@tonic-gate }
1010Sstevel@tonic-gate
bn_free(ASN1_VALUE ** pval,const ASN1_ITEM * it)1020Sstevel@tonic-gate static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
1030Sstevel@tonic-gate {
1040Sstevel@tonic-gate if(!*pval) return;
1050Sstevel@tonic-gate if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
1060Sstevel@tonic-gate else BN_free((BIGNUM *)*pval);
1070Sstevel@tonic-gate *pval = NULL;
1080Sstevel@tonic-gate }
1090Sstevel@tonic-gate
bn_i2c(ASN1_VALUE ** pval,unsigned char * cont,int * putype,const ASN1_ITEM * it)1100Sstevel@tonic-gate static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
1110Sstevel@tonic-gate {
1120Sstevel@tonic-gate BIGNUM *bn;
1130Sstevel@tonic-gate int pad;
1140Sstevel@tonic-gate if(!*pval) return -1;
1150Sstevel@tonic-gate bn = (BIGNUM *)*pval;
1160Sstevel@tonic-gate /* If MSB set in an octet we need a padding byte */
1170Sstevel@tonic-gate if(BN_num_bits(bn) & 0x7) pad = 0;
1180Sstevel@tonic-gate else pad = 1;
1190Sstevel@tonic-gate if(cont) {
1200Sstevel@tonic-gate if(pad) *cont++ = 0;
1210Sstevel@tonic-gate BN_bn2bin(bn, cont);
1220Sstevel@tonic-gate }
1230Sstevel@tonic-gate return pad + BN_num_bytes(bn);
1240Sstevel@tonic-gate }
1250Sstevel@tonic-gate
bn_c2i(ASN1_VALUE ** pval,const unsigned char * cont,int len,int utype,char * free_cont,const ASN1_ITEM * it)126*2139Sjp161948 static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
127*2139Sjp161948 int utype, char *free_cont, const ASN1_ITEM *it)
1280Sstevel@tonic-gate {
1290Sstevel@tonic-gate BIGNUM *bn;
1300Sstevel@tonic-gate if(!*pval) bn_new(pval, it);
1310Sstevel@tonic-gate bn = (BIGNUM *)*pval;
1320Sstevel@tonic-gate if(!BN_bin2bn(cont, len, bn)) {
1330Sstevel@tonic-gate bn_free(pval, it);
1340Sstevel@tonic-gate return 0;
1350Sstevel@tonic-gate }
1360Sstevel@tonic-gate return 1;
1370Sstevel@tonic-gate }
1380Sstevel@tonic-gate
1390Sstevel@tonic-gate
140