Blame - rsa.c - platform/external/openssh

blob: 1e8c434f91df8998466a195746a934470af9d73b [file] [log] [blame]

Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1	/*
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	2	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	3	* rsa.c
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	4	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	6	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				8	* All rights reserved
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	9	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	10	* Created: Fri Mar 3 22:07:06 1995 ylo
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	11	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	12	* Description of the RSA algorithm can be found e.g. from the following sources:
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	13	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	14	* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	15	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	16	* Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to
				17	* Computer Security. Prentice-Hall, 1989.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	18	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	19	* Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill,
				20	* 1994.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	21	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	22	* R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications
				23	* System and Method. US Patent 4,405,829, 1983.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	24	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	25	* Hans Riesel: Prime Numbers and Computer Methods for Factorization.
				26	* Birkhauser, 1994.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	27	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	28	* The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995.
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	29	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	30	* RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included
				31	* below:
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	32	*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	33	* [gone - had to be deleted - what a pity]
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	34	*
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	35	*/
				36
				37	#include "includes.h"
Damien Miller	4af5130	2000-04-16 11:18:38 +1000	[diff] [blame]	38	RCSID("$Id: rsa.c,v 1.14 2000/04/16 01:18:45 damien Exp $");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	39
				40	#include "rsa.h"
				41	#include "ssh.h"
				42	#include "xmalloc.h"
Damien Miller	040f383	2000-04-03 14:50:43 +1000	[diff] [blame]	43	#include "entropy.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	44
				45	int rsa_verbose = 1;
				46
				47	int
				48	rsa_alive()
				49	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	50	RSA *key;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	51
Damien Miller	fac99cd	2000-03-05 16:10:45 +1100	[diff] [blame]	52	seed_rng();
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	53	key = RSA_generate_key(32, 3, NULL, NULL);
				54	if (key == NULL)
				55	return (0);
				56	RSA_free(key);
				57	return (1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	58	}
				59
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	60	/*
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	61	* Key generation progress meter callback
				62	*/
				63	void
				64	keygen_progress(int p, int n, void *arg)
				65	{
				66	const char progress_chars[] = ".o+O?";
				67
				68	if ((p < 0) \|\| (p > (sizeof(progress_chars) - 2)))
Damien Miller	f07390e	2000-01-29 20:40:22 +1100	[diff] [blame]	69	p = sizeof(progress_chars) - 2;
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	70
Damien Miller	f07390e	2000-01-29 20:40:22 +1100	[diff] [blame]	71	putchar(progress_chars[p]);
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	72	fflush(stdout);
				73	}
				74
				75	/*
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	76	* Generates RSA public and private keys. This initializes the data
				77	* structures; they should be freed with rsa_clear_private_key and
				78	* rsa_clear_public_key.
				79	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	80
				81	void
				82	rsa_generate_key(RSA prv, RSA pub, unsigned int bits)
				83	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	84	RSA *key;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	85
Damien Miller	f07390e	2000-01-29 20:40:22 +1100	[diff] [blame]	86	seed_rng();
				87
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	88	if (rsa_verbose) {
				89	printf("Generating RSA keys: ");
				90	fflush(stdout);
Damien Miller	fdb5f13	1999-12-17 14:02:47 +1100	[diff] [blame]	91	key = RSA_generate_key(bits, 35, keygen_progress, NULL);
				92	printf("\n");
				93	} else {
				94	key = RSA_generate_key(bits, 35, NULL, NULL);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	95	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	96	if (key == NULL)
				97	fatal("rsa_generate_key: key generation failed.");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	98
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	99	/* Copy public key parameters */
				100	pub->n = BN_new();
				101	BN_copy(pub->n, key->n);
				102	pub->e = BN_new();
				103	BN_copy(pub->e, key->e);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	104
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	105	/* Copy private key parameters */
				106	prv->n = BN_new();
				107	BN_copy(prv->n, key->n);
				108	prv->e = BN_new();
				109	BN_copy(prv->e, key->e);
				110	prv->d = BN_new();
				111	BN_copy(prv->d, key->d);
				112	prv->p = BN_new();
				113	BN_copy(prv->p, key->p);
				114	prv->q = BN_new();
				115	BN_copy(prv->q, key->q);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	116
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	117	prv->dmp1 = BN_new();
				118	BN_copy(prv->dmp1, key->dmp1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	119
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	120	prv->dmq1 = BN_new();
				121	BN_copy(prv->dmq1, key->dmq1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	122
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	123	prv->iqmp = BN_new();
				124	BN_copy(prv->iqmp, key->iqmp);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	125
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	126	RSA_free(key);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	127
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	128	if (rsa_verbose)
				129	printf("Key generation complete.\n");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	130	}
				131
				132	void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	133	rsa_public_encrypt(BIGNUM out, BIGNUM in, RSA *key)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	134	{
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	135	unsigned char inbuf, outbuf;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	136	int len, ilen, olen;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	137
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	138	if (BN_num_bits(key->e) < 2 \|\| !BN_is_odd(key->e))
				139	fatal("rsa_public_encrypt() exponent too small or not odd");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	140
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	141	olen = BN_num_bytes(key->n);
				142	outbuf = xmalloc(olen);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	143
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	144	ilen = BN_num_bytes(in);
				145	inbuf = xmalloc(ilen);
				146	BN_bn2bin(in, inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	147
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	148	if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key,
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	149	RSA_PKCS1_PADDING)) <= 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	150	fatal("rsa_public_encrypt() failed");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	151
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	152	BN_bin2bn(outbuf, len, out);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	153
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	154	memset(outbuf, 0, olen);
				155	memset(inbuf, 0, ilen);
				156	xfree(outbuf);
				157	xfree(inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	158	}
				159
				160	void
				161	rsa_private_decrypt(BIGNUM out, BIGNUM in, RSA *key)
				162	{
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	163	unsigned char inbuf, outbuf;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	164	int len, ilen, olen;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	165
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	166	olen = BN_num_bytes(key->n);
				167	outbuf = xmalloc(olen);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	168
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	169	ilen = BN_num_bytes(in);
				170	inbuf = xmalloc(ilen);
				171	BN_bn2bin(in, inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	172
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	173	if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key,
Damien Miller	98c7ad6	2000-03-09 21:27:49 +1100	[diff] [blame]	174	RSA_PKCS1_PADDING)) <= 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	175	fatal("rsa_private_decrypt() failed");
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	176
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	177	BN_bin2bn(outbuf, len, out);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	178
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	179	memset(outbuf, 0, olen);
				180	memset(inbuf, 0, ilen);
				181	xfree(outbuf);
				182	xfree(inbuf);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	183	}
				184
				185	/* Set whether to output verbose messages during key generation. */
				186
				187	void
				188	rsa_set_verbose(int verbose)
				189	{
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	190	rsa_verbose = verbose;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	191	}