1 /* crypto/rsa/rsa_lib.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 #include "crypto.h" 61 #include "cryptlib.h" 62 #include "lhash.h" 63 #include "bn.h" 64 #include "rsa.h" 65 66 char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998"; 67 68 static RSA_METHOD *default_RSA_meth=NULL; 69 static int rsa_meth_num=0; 70 static STACK *rsa_meth=NULL; 71 72 RSA *RSA_new() 73 { 74 return(RSA_new_method(NULL)); 75 } 76 77 void RSA_set_default_method(meth) 78 RSA_METHOD *meth; 79 { 80 default_RSA_meth=meth; 81 } 82 83 RSA *RSA_new_method(meth) 84 RSA_METHOD *meth; 85 { 86 RSA *ret; 87 88 if (default_RSA_meth == NULL) 89 { 90 #ifdef RSAref 91 default_RSA_meth=RSA_PKCS1_RSAref(); 92 #else 93 default_RSA_meth=RSA_PKCS1_SSLeay(); 94 #endif 95 } 96 ret=(RSA *)Malloc(sizeof(RSA)); 97 if (ret == NULL) 98 { 99 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); 100 return(NULL); 101 } 102 103 if (meth == NULL) 104 ret->meth=default_RSA_meth; 105 else 106 ret->meth=meth; 107 108 ret->pad=0; 109 ret->version=0; 110 ret->n=NULL; 111 ret->e=NULL; 112 ret->d=NULL; 113 ret->p=NULL; 114 ret->q=NULL; 115 ret->dmp1=NULL; 116 ret->dmq1=NULL; 117 ret->iqmp=NULL; 118 ret->references=1; 119 ret->method_mod_n=NULL; 120 ret->method_mod_p=NULL; 121 ret->method_mod_q=NULL; 122 ret->blinding=NULL; 123 ret->flags=ret->meth->flags; 124 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) 125 { 126 Free(ret); 127 ret=NULL; 128 } 129 CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); 130 return(ret); 131 } 132 133 void RSA_free(r) 134 RSA *r; 135 { 136 int i; 137 138 if (r == NULL) return; 139 140 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); 141 #ifdef REF_PRINT 142 REF_PRINT("RSA",r); 143 #endif 144 if (i > 0) return; 145 #ifdef REF_CHECK 146 if (i < 0) 147 { 148 fprintf(stderr,"RSA_free, bad reference count\n"); 149 abort(); 150 } 151 #endif 152 153 CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data); 154 155 if (r->meth->finish != NULL) 156 r->meth->finish(r); 157 158 if (r->n != NULL) BN_clear_free(r->n); 159 if (r->e != NULL) BN_clear_free(r->e); 160 if (r->d != NULL) BN_clear_free(r->d); 161 if (r->p != NULL) BN_clear_free(r->p); 162 if (r->q != NULL) BN_clear_free(r->q); 163 if (r->dmp1 != NULL) BN_clear_free(r->dmp1); 164 if (r->dmq1 != NULL) BN_clear_free(r->dmq1); 165 if (r->iqmp != NULL) BN_clear_free(r->iqmp); 166 if (r->blinding != NULL) BN_BLINDING_free(r->blinding); 167 Free(r); 168 } 169 170 int RSA_get_ex_new_index(argl,argp,new_func,dup_func,free_func) 171 long argl; 172 char *argp; 173 int (*new_func)(); 174 int (*dup_func)(); 175 void (*free_func)(); 176 { 177 rsa_meth_num++; 178 return(CRYPTO_get_ex_new_index(rsa_meth_num-1, 179 &rsa_meth,argl,argp,new_func,dup_func,free_func)); 180 } 181 182 int RSA_set_ex_data(r,idx,arg) 183 RSA *r; 184 int idx; 185 char *arg; 186 { 187 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); 188 } 189 190 char *RSA_get_ex_data(r,idx) 191 RSA *r; 192 int idx; 193 { 194 return(CRYPTO_get_ex_data(&r->ex_data,idx)); 195 } 196 197 int RSA_size(r) 198 RSA *r; 199 { 200 return(BN_num_bytes(r->n)); 201 } 202 203 int RSA_public_encrypt(flen, from, to, rsa, padding) 204 int flen; 205 unsigned char *from; 206 unsigned char *to; 207 RSA *rsa; 208 int padding; 209 { 210 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); 211 } 212 213 int RSA_private_encrypt(flen, from, to, rsa, padding) 214 int flen; 215 unsigned char *from; 216 unsigned char *to; 217 RSA *rsa; 218 int padding; 219 { 220 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); 221 } 222 223 int RSA_private_decrypt(flen, from, to, rsa, padding) 224 int flen; 225 unsigned char *from; 226 unsigned char *to; 227 RSA *rsa; 228 int padding; 229 { 230 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); 231 } 232 233 int RSA_public_decrypt(flen, from, to, rsa, padding) 234 int flen; 235 unsigned char *from; 236 unsigned char *to; 237 RSA *rsa; 238 int padding; 239 { 240 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); 241 } 242 243 int RSA_flags(r) 244 RSA *r; 245 { 246 return((r == NULL)?0:r->meth->flags); 247 } 248 249 void RSA_blinding_off(rsa) 250 RSA *rsa; 251 { 252 if (rsa->blinding != NULL) 253 { 254 BN_BLINDING_free(rsa->blinding); 255 rsa->blinding=NULL; 256 } 257 rsa->flags&= ~RSA_FLAG_BLINDING; 258 } 259 260 int RSA_blinding_on(rsa,p_ctx) 261 RSA *rsa; 262 BN_CTX *p_ctx; 263 { 264 BIGNUM *A,*Ai; 265 BN_CTX *ctx; 266 int ret=0; 267 268 if (p_ctx == NULL) 269 { 270 if ((ctx=BN_CTX_new()) == NULL) goto err; 271 } 272 else 273 ctx=p_ctx; 274 275 if (rsa->blinding != NULL) 276 BN_BLINDING_free(rsa->blinding); 277 278 A=ctx->bn[0]; 279 ctx->tos++; 280 if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; 281 if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err; 282 283 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx, 284 (char *)rsa->method_mod_n)) goto err; 285 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); 286 ctx->tos--; 287 rsa->flags|=RSA_FLAG_BLINDING; 288 BN_free(Ai); 289 ret=1; 290 err: 291 if (ctx != p_ctx) BN_CTX_free(ctx); 292 return(ret); 293 } 294 295