xref: /openbsd-src/lib/libcrypto/rsa/rsa_eay.c (revision f1aa834436a332b72c5f52f80a4e9123b95001c1) 
1 
2 /* This file has been explicitly broken by ryker for OpenBSD, July
3  * 1, 1998. In spite of the title, there is no implementation of the
4  * RSA algorithm left in this file. All these routines will return an
5  * error and fail when called. They exist as stubs and can be
6  * ressurected from the bit bucket by someone in the free world once
7  * the RSA algorithm is no longer subject to patent problems. Eric
8  * Young's original copyright is below.
9  */
10 
11 /* crypto/rsa/rsa_eay.c */
12 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
13  * All rights reserved.
14  *
15  * This package is an SSL implementation written
16  * by Eric Young (eay@cryptsoft.com).
17  * The implementation was written so as to conform with Netscapes SSL.
18  *
19  * This library is free for commercial and non-commercial use as long as
20  * the following conditions are aheared to.  The following conditions
21  * apply to all code found in this distribution, be it the RC4, RSA,
22  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
23  * included with this distribution is covered by the same copyright terms
24  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
25  *
26  * Copyright remains Eric Young's, and as such any Copyright notices in
27  * the code are not to be removed.
28  * If this package is used in a product, Eric Young should be given attribution
29  * as the author of the parts of the library used.
30  * This can be in the form of a textual message at program startup or
31  * in documentation (online or textual) provided with the package.
32  *
33  * Redistribution and use in source and binary forms, with or without
34  * modification, are permitted provided that the following conditions
35  * are met:
36  * 1. Redistributions of source code must retain the copyright
37  *    notice, this list of conditions and the following disclaimer.
38  * 2. Redistributions in binary form must reproduce the above copyright
39  *    notice, this list of conditions and the following disclaimer in the
40  *    documentation and/or other materials provided with the distribution.
41  * 3. All advertising materials mentioning features or use of this software
42  *    must display the following acknowledgement:
43  *    "This product includes cryptographic software written by
44  *     Eric Young (eay@cryptsoft.com)"
45  *    The word 'cryptographic' can be left out if the rouines from the library
46  *    being used are not cryptographic related :-).
47  * 4. If you include any Windows specific code (or a derivative thereof) from
48  *    the apps directory (application code) you must include an acknowledgement:
49  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
50  *
51  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
52  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
55  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61  * SUCH DAMAGE.
62  *
63  * The licence and distribution terms for any publically available version or
64  * derivative of this code cannot be changed.  i.e. this code cannot simply be
65  * copied and put under another distribution licence
66  * [including the GNU Public Licence.]
67  */
68 
69 #include <stdio.h>
70 #include "cryptlib.h"
71 #include <openssl/bn.h>
72 #include <openssl/rsa.h>
73 #include <openssl/rand.h>
74 
75 #ifndef RSA_NULL
76 
77 static int RSA_eay_public_encrypt(int flen, unsigned char *from,
78 		unsigned char *to, RSA *rsa,int padding);
79 static int RSA_eay_private_encrypt(int flen, unsigned char *from,
80 		unsigned char *to, RSA *rsa,int padding);
81 static int RSA_eay_public_decrypt(int flen, unsigned char *from,
82 		unsigned char *to, RSA *rsa,int padding);
83 static int RSA_eay_private_decrypt(int flen, unsigned char *from,
84 		unsigned char *to, RSA *rsa,int padding);
85 static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
86 static int RSA_eay_init(RSA *rsa);
87 static int RSA_eay_finish(RSA *rsa);
88 static RSA_METHOD rsa_pkcs1_eay_meth={
89 	"Eric Young's PKCS#1 RSA",
90 	RSA_eay_public_encrypt,
91 	RSA_eay_public_decrypt,
92 	RSA_eay_private_encrypt,
93 	RSA_eay_private_decrypt,
94 	RSA_eay_mod_exp,
95 	BN_mod_exp_mont,
96 	RSA_eay_init,
97 	RSA_eay_finish,
98 	0,
99 	NULL,
100 	};
101 
102 RSA_METHOD *RSA_PKCS1_SSLeay(void)
103 	{
104 	return(&rsa_pkcs1_eay_meth);
105 	}
106 
107 static int RSA_eay_public_encrypt(int flen, unsigned char *from,
108 	     unsigned char *to, RSA *rsa, int padding)
109 	{
110 	BIGNUM f,ret;
111 	int i,j,k,num=0,r= -1;
112 	unsigned char *buf=NULL;
113 	BN_CTX *ctx=NULL;
114 
115 	BN_init(&f);
116 	BN_init(&ret);
117 	if ((ctx=BN_CTX_new()) == NULL) goto err;
118 	num=BN_num_bytes(rsa->n);
119 	if ((buf=(unsigned char *)Malloc(num)) == NULL)
120 		{
121 		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
122 		goto err;
123 		}
124 
125 	switch (padding)
126 		{
127 	case RSA_PKCS1_PADDING:
128 		i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
129 		break;
130 #ifndef NO_SHA
131 	case RSA_PKCS1_OAEP_PADDING:
132 	        i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
133 		break;
134 #endif
135 	case RSA_SSLV23_PADDING:
136 		i=RSA_padding_add_SSLv23(buf,num,from,flen);
137 		break;
138 	case RSA_NO_PADDING:
139 		i=RSA_padding_add_none(buf,num,from,flen);
140 		break;
141 	default:
142 		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
143 		goto err;
144 		}
145 	if (i <= 0) goto err;
146 
147 	if (BN_bin2bn(buf,num,&f) == NULL) goto err;
148 
149 	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
150 		{
151 		if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
152 			if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
153 			    goto err;
154 		}
155 
156 	if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
157 		rsa->_method_mod_n)) goto err;
158 
159 	/* put in leading 0 bytes if the number is less than the
160 	 * length of the modulus */
161 	j=BN_num_bytes(&ret);
162 	i=BN_bn2bin(&ret,&(to[num-j]));
163 	for (k=0; k<(num-i); k++)
164 		to[k]=0;
165 
166 	r=num;
167 err:
168 	if (ctx != NULL) BN_CTX_free(ctx);
169 	BN_clear_free(&f);
170 	BN_clear_free(&ret);
171 	if (buf != NULL)
172 		{
173 		memset(buf,0,num);
174 		Free(buf);
175 		}
176 	return(r);
177 	}
178 
179 static int RSA_eay_private_encrypt(int flen, unsigned char *from,
180 	     unsigned char *to, RSA *rsa, int padding)
181 	{
182 	BIGNUM f,ret;
183 	int i,j,k,num=0,r= -1;
184 	unsigned char *buf=NULL;
185 	BN_CTX *ctx=NULL;
186 
187         BN_init(&f);
188         BN_init(&ret);
189 
190 	/* Body of this routine removed for OpenBSD - will return
191 	 * when the RSA patent expires
192 	 */
193 
194 err:
195 	if (ctx != NULL) BN_CTX_free(ctx);
196 	BN_clear_free(&ret);
197 	BN_clear_free(&f);
198 	if (buf != NULL)
199 		{
200 		memset(buf,0,num);
201 		Free(buf);
202 		}
203 	return(r);
204 	}
205 
206 static int RSA_eay_private_decrypt(int flen, unsigned char *from,
207 	     unsigned char *to, RSA *rsa, int padding)
208 	{
209 	BIGNUM f,ret;
210 	int j,num=0,r= -1;
211 	unsigned char *p;
212 	unsigned char *buf=NULL;
213 	BN_CTX *ctx=NULL;
214 
215         BN_init(&f);
216         BN_init(&ret);
217 
218 	/* Body of this routine removed for OpenBSD - will return
219 	 * when the RSA patent expires
220 	 */
221 
222 err:
223 	if (ctx != NULL) BN_CTX_free(ctx);
224 	BN_clear_free(&f);
225 	BN_clear_free(&ret);
226 	if (buf != NULL)
227 		{
228 		memset(buf,0,num);
229 		Free(buf);
230 		}
231 	return(r);
232 	}
233 
234 static int RSA_eay_public_decrypt(int flen, unsigned char *from,
235 	     unsigned char *to, RSA *rsa, int padding)
236 	{
237 	BIGNUM f,ret;
238 	int i,num=0,r= -1;
239 	unsigned char *p;
240 	unsigned char *buf=NULL;
241 	BN_CTX *ctx=NULL;
242 
243         BN_init(&f);
244         BN_init(&ret);
245 
246 	/* Body of this routine removed for OpenBSD - will return
247 	 * when the RSA patent expires
248 	 */
249 
250 err:
251 	if (ctx != NULL) BN_CTX_free(ctx);
252 	BN_clear_free(&f);
253 	BN_clear_free(&ret);
254 	if (buf != NULL)
255 		{
256 		memset(buf,0,num);
257 		Free(buf);
258 		}
259 	return(r);
260 	}
261 
262 static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
263 	{
264 	BIGNUM r1,m1;
265 	int ret=0;
266 	BN_CTX *ctx = NULL;
267 
268 	BN_init(&m1);
269 	BN_init(&r1);
270 	if ((ctx=BN_CTX_new()) == NULL) goto err;
271 
272 	/* Body of this routine removed for OpenBSD - will return
273 	 * when the RSA patent expires
274 	 */
275 err:
276 	BN_clear_free(&m1);
277 	BN_clear_free(&r1);
278 	BN_CTX_free(ctx);
279 	return(ret);
280 	}
281 
282 static int RSA_eay_init(RSA *rsa)
283 	{
284 	rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
285 	return(1);
286 	}
287 
288 static int RSA_eay_finish(RSA *rsa)
289 	{
290 	if (rsa->_method_mod_n != NULL)
291 		BN_MONT_CTX_free(rsa->_method_mod_n);
292 	if (rsa->_method_mod_p != NULL)
293 		BN_MONT_CTX_free(rsa->_method_mod_p);
294 	if (rsa->_method_mod_q != NULL)
295 		BN_MONT_CTX_free(rsa->_method_mod_q);
296 	return(1);
297 	}
298 
299 #endif
300