Blame - rsa.c - platform/external/openssh

blob: 19160902a200d2b187f5c38d51fff7945b720ecd [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	2	*
				3	* rsa.c
				4	*
				5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
				6	*
				7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				8	* All rights reserved
				9	*
				10	* Created: Fri Mar 3 22:07:06 1995 ylo
				11	*
				12	* Description of the RSA algorithm can be found e.g. from the following sources:
				13	*
				14	* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994.
				15	*
				16	* Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to
				17	* Computer Security. Prentice-Hall, 1989.
				18	*
				19	* Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill,
				20	* 1994.
				21	*
				22	* R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications
				23	* System and Method. US Patent 4,405,829, 1983.
				24	*
				25	* Hans Riesel: Prime Numbers and Computer Methods for Factorization.
				26	* Birkhauser, 1994.
				27	*
				28	* The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995.
				29	*
				30	* RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included
				31	* below:
				32	*
				33	* [gone - had to be deleted - what a pity]
				34	*
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	35	*/
				36
				37	#include "includes.h"
Damien Miller	040f383	2000-04-03 14:50:43 +1000	[diff] [blame^]	38	RCSID("$Id: rsa.c,v 1.12 2000/04/03 04:50:46 damien Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	39
				40	#include "rsa.h"
				41	#include "ssh.h"
				42	#include "xmalloc.h"
Damien Miller	040f383	2000-04-03 14:50:43 +1000	[diff] [blame^]	43	#include "entropy.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44
				45	int rsa_verbose = 1;
				46
				47	int
				48	rsa_alive()
				49	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	50	RSA *key;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	51
Damien Miller	fac99cd	2000-03-05 16:10:45 +1100	[diff] [blame]	52	seed_rng();
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	53	key = RSA_generate_key(32, 3, NULL, NULL);
				54	if (key == NULL)
				55	return (0);
				56	RSA_free(key);
				57	return (1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	58	}
				59
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	60	/*
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	61	* Key generation progress meter callback
				62	*/
				63	void
				64	keygen_progress(int p, int n, void *arg)
				65	{
				66	const char progress_chars[] = ".o+O?";
				67
				68	if ((p < 0) \|\| (p > (sizeof(progress_chars) - 2)))
Damien Miller	f07390e	2000-01-29 20:40:22 +1100	[diff] [blame]	69	p = sizeof(progress_chars) - 2;
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	70
Damien Miller	f07390e	2000-01-29 20:40:22 +1100	[diff] [blame]	71	putchar(progress_chars[p]);
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	72	fflush(stdout);
				73	}
				74
				75	/*
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	76	* Generates RSA public and private keys. This initializes the data
				77	* structures; they should be freed with rsa_clear_private_key and
				78	* rsa_clear_public_key.
				79	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	80
				81	void
				82	rsa_generate_key(RSA prv, RSA pub, unsigned int bits)
				83	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	84	RSA *key;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	85
Damien Miller	f07390e	2000-01-29 20:40:22 +1100	[diff] [blame]	86	seed_rng();
				87
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	88	if (rsa_verbose) {
				89	printf("Generating RSA keys: ");
				90	fflush(stdout);
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	91	key = RSA_generate_key(bits, 35, keygen_progress, NULL);
				92	printf("\n");
				93	} else {
				94	key = RSA_generate_key(bits, 35, NULL, NULL);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	95	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	96	if (key == NULL)
				97	fatal("rsa_generate_key: key generation failed.");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	98
Damien Miller	040f383	2000-04-03 14:50:43 +1000	[diff] [blame^]	99	seed_rng();
				100
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	101	/* Copy public key parameters */
				102	pub->n = BN_new();
				103	BN_copy(pub->n, key->n);
				104	pub->e = BN_new();
				105	BN_copy(pub->e, key->e);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	106
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	107	/* Copy private key parameters */
				108	prv->n = BN_new();
				109	BN_copy(prv->n, key->n);
				110	prv->e = BN_new();
				111	BN_copy(prv->e, key->e);
				112	prv->d = BN_new();
				113	BN_copy(prv->d, key->d);
				114	prv->p = BN_new();
				115	BN_copy(prv->p, key->p);
				116	prv->q = BN_new();
				117	BN_copy(prv->q, key->q);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	118
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	119	prv->dmp1 = BN_new();
				120	BN_copy(prv->dmp1, key->dmp1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	121
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	122	prv->dmq1 = BN_new();
				123	BN_copy(prv->dmq1, key->dmq1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	124
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	125	prv->iqmp = BN_new();
				126	BN_copy(prv->iqmp, key->iqmp);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	127
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	128	RSA_free(key);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	129
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	130	if (rsa_verbose)
				131	printf("Key generation complete.\n");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	132	}
				133
				134	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	135	rsa_public_encrypt(BIGNUM out, BIGNUM in, RSA *key)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	136	{
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	137	unsigned char inbuf, outbuf;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	138	int len, ilen, olen;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	139
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	140	if (BN_num_bits(key->e) < 2 \|\| !BN_is_odd(key->e))
				141	fatal("rsa_public_encrypt() exponent too small or not odd");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	142
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	143	olen = BN_num_bytes(key->n);
				144	outbuf = xmalloc(olen);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	145
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	146	ilen = BN_num_bytes(in);
				147	inbuf = xmalloc(ilen);
				148	BN_bn2bin(in, inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	149
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	150	if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key,
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	151	RSA_PKCS1_PADDING)) <= 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	152	fatal("rsa_public_encrypt() failed");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	153
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	154	BN_bin2bn(outbuf, len, out);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	155
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	156	memset(outbuf, 0, olen);
				157	memset(inbuf, 0, ilen);
				158	xfree(outbuf);
				159	xfree(inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	160	}
				161
				162	void
				163	rsa_private_decrypt(BIGNUM out, BIGNUM in, RSA *key)
				164	{
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	165	unsigned char inbuf, outbuf;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	166	int len, ilen, olen;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	167
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	168	olen = BN_num_bytes(key->n);
				169	outbuf = xmalloc(olen);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	170
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	171	ilen = BN_num_bytes(in);
				172	inbuf = xmalloc(ilen);
				173	BN_bn2bin(in, inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	174
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	175	if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key,
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	176	RSA_PKCS1_PADDING)) <= 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	177	fatal("rsa_private_decrypt() failed");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	178
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	179	BN_bin2bn(outbuf, len, out);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	180
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	181	memset(outbuf, 0, olen);
				182	memset(inbuf, 0, ilen);
				183	xfree(outbuf);
				184	xfree(inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	185	}
				186
				187	/* Set whether to output verbose messages during key generation. */
				188
				189	void
				190	rsa_set_verbose(int verbose)
				191	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	192	rsa_verbose = verbose;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	193	}