]> git.saurik.com Git - apple/ipsec.git/blame - ipsec-tools/racoon/crypto_openssl.c
projects / apple / ipsec.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipsec-146.3.tar.gz
[apple/ipsec.git] / ipsec-tools / racoon / crypto_openssl.c
CommitLineData
d1e348cf
A		 1/* $NetBSD: crypto_openssl.c,v 1.11.6.1 2006/12/18 10:18:10 vanhu Exp $ */
2
3/* Id: crypto_openssl.c,v 1.47 2006/05/06 20:42:09 manubsd Exp */
52b7d2ce
A		 4
5/*
6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the project nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include "config.h"
35
52b7d2ce 36#define COMMON_DIGEST_FOR_OPENSSL 1
52b7d2ce
A		 37
38#include <sys/types.h>
39#include <sys/param.h>
40
41#include <stdlib.h>
42#include <stdio.h>
43#include <limits.h>
44#include <string.h>
45
e8d9021d 46#ifdef HAVE_OPENSSL
52b7d2ce
A		 47/* get openssl/ssleay version number */
48#include <openssl/opensslv.h>
49
50#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090602fL)
51#error OpenSSL version 0.9.6 or later required.
52#endif
52b7d2ce
A		 53#include <openssl/pem.h>
54#include <openssl/evp.h>
55#include <openssl/x509.h>
56#include <openssl/x509v3.h>
57#include <openssl/x509_vfy.h>
58#include <openssl/bn.h>
59#include <openssl/dh.h>
52b7d2ce
A		 60#include <openssl/des.h>
61#include <openssl/crypto.h>
62#ifdef HAVE_OPENSSL_ENGINE_H
63#include <openssl/engine.h>
64#endif
65#include <openssl/blowfish.h>
66#include <openssl/cast.h>
67#include <openssl/err.h>
68#ifdef HAVE_OPENSSL_RC5_H
69#include <openssl/rc5.h>
70#endif
71#ifdef HAVE_OPENSSL_IDEA_H
72#include <openssl/idea.h>
73#endif
74#if defined(HAVE_OPENSSL_AES_H)
75#include <openssl/aes.h>
76#elif defined(HAVE_OPENSSL_RIJNDAEL_H)
77#include <openssl/rijndael.h>
52b7d2ce 78#endif
e8d9021d
A		 79#else /* HAVE_OPENSSL */
80#include <Security/SecDH.h>
81#include <Security/SecRandom.h>
82#endif /* HAVE_OPENSSL */
83
84#include <CommonCrypto/CommonDigest.h>
85#include <CommonCrypto/CommonHMAC.h>
86#include <CommonCrypto/CommonCryptor.h>
52b7d2ce 87
e8d9021d 88#ifdef HAVE_OPENSSL
52b7d2ce
A		 89/* 0.9.7 stuff? */
90#if OPENSSL_VERSION_NUMBER < 0x0090700fL
91typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
92#else
93#define USE_NEW_DES_API
94#endif
95
96#define OpenSSL_BUG() do { plog(LLV_ERROR, LOCATION, NULL, "OpenSSL function failed\n"); } while(0)
e8d9021d 97#endif
52b7d2ce 98
e8d9021d 99#include "crypto_openssl.h"
52b7d2ce
A		 100#include "var.h"
101#include "misc.h"
102#include "vmbuf.h"
103#include "plog.h"
52b7d2ce
A		 104#include "debug.h"
105#include "gcmalloc.h"
106
107
108/*
109 * I hate to cast every parameter to des_xx into void *, but it is
110 * necessary for SSLeay/OpenSSL portability. It sucks.
111 */
112
e8d9021d 113#ifdef HAVE_OPENSSL
52b7d2ce
A		 114static int cb_check_cert_local __P((int, X509_STORE_CTX *));
115static int cb_check_cert_remote __P((int, X509_STORE_CTX *));
116static X509 *mem2x509 __P((vchar_t *));
52b7d2ce 117#endif
e8d9021d
A		 118static caddr_t eay_hmac_init __P((vchar_t *, CCHmacAlgorithm));
119
52b7d2ce 120
e8d9021d 121#ifdef HAVE_OPENSSL
52b7d2ce
A		 122/* X509 Certificate */
123/*
124 * convert the string of the subject name into DER
125 * e.g. str = "C=JP, ST=Kanagawa";
126 */
127vchar_t *
128eay_str2asn1dn(str, len)
129 const char *str;
130 int len;
131{
132 X509_NAME *name;
133 char *buf;
134 char *field, *value;
135 int i, j;
d1e348cf 136 vchar_t *ret = NULL;
52b7d2ce
A		 137 caddr_t p;
138
139 if (len == -1)
140 len = strlen(str);
141
142 buf = racoon_malloc(len + 1);
143 if (!buf) {
d1e348cf 144 plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n");
52b7d2ce
A		 145 return NULL;
146 }
147 memcpy(buf, str, len);
148
149 name = X509_NAME_new();
150
151 field = &buf[0];
152 value = NULL;
153 for (i = 0; i < len; i++) {
154 if (!value && buf[i] == '=') {
155 buf[i] = '\0';
156 value = &buf[i + 1];
157 continue;
158 } else if (buf[i] == ',' || buf[i] == '/') {
159 buf[i] = '\0';
160
161 plog(LLV_DEBUG, LOCATION, NULL, "DN: %s=%s\n",
162 field, value);
163
164 if (!value) goto err;
165 if (!X509_NAME_add_entry_by_txt(name, field,
166 (value[0] == '*' && value[1] == 0) ?
167 V_ASN1_PRINTABLESTRING : MBSTRING_ASC,
168 (unsigned char *) value, -1, -1, 0)) {
169 plog(LLV_ERROR, LOCATION, NULL,
170 "Invalid DN field: %s=%s\n",
171 field, value);
172 plog(LLV_ERROR, LOCATION, NULL,
173 "%s\n", eay_strerror());
174 goto err;
175 }
176 for (j = i + 1; j < len; j++) {
177 if (buf[j] != ' ')
178 break;
179 }
180 field = &buf[j];
181 value = NULL;
182 continue;
183 }
184 }
185 buf[len] = '\0';
186
187 plog(LLV_DEBUG, LOCATION, NULL, "DN: %s=%s\n",
188 field, value);
189
190 if (!value) goto err;
191 if (!X509_NAME_add_entry_by_txt(name, field,
192 (value[0] == '*' && value[1] == 0) ?
193 V_ASN1_PRINTABLESTRING : MBSTRING_ASC,
194 (unsigned char *) value, -1, -1, 0)) {
195 plog(LLV_ERROR, LOCATION, NULL,
196 "Invalid DN field: %s=%s\n",
197 field, value);
198 plog(LLV_ERROR, LOCATION, NULL,
199 "%s\n", eay_strerror());
200 goto err;
201 }
202
203 i = i2d_X509_NAME(name, NULL);
204 if (!i)
205 goto err;
206 ret = vmalloc(i);
207 if (!ret)
208 goto err;
209 p = ret->v;
210 i = i2d_X509_NAME(name, (void *)&p);
211 if (!i)
212 goto err;
213
214 return ret;
215
216 err:
217 if (buf)
218 racoon_free(buf);
219 if (name)
220 X509_NAME_free(name);
d1e348cf
A		 221 if (ret)
222 vfree(ret);
52b7d2ce
A		 223 return NULL;
224}
225
226/*
227 * convert the hex string of the subject name into DER
228 */
229vchar_t *
230eay_hex2asn1dn(const char *hex, int len)
231{
232 BIGNUM *bn = BN_new();
233 char *binbuf;
234 size_t binlen;
235 vchar_t *ret = NULL;
236
237 if (len == -1)
238 len = strlen(hex);
239
240 if (BN_hex2bn(&bn, hex) != len) {
241 plog(LLV_ERROR, LOCATION, NULL,
242 "conversion of Hex-encoded ASN1 string to binary failed: %s\n",
243 eay_strerror());
244 goto out;
245 }
246
247 binlen = BN_num_bytes(bn);
248 ret = vmalloc(binlen);
249 if (!ret) {
d1e348cf 250 plog(LLV_WARNING, LOCATION, NULL,"failed to allocate buffer\n");
52b7d2ce
A		 251 return NULL;
252 }
253 binbuf = ret->v;
254
255 BN_bn2bin(bn, (unsigned char *) binbuf);
256
257out:
258 BN_free(bn);
259
260 return ret;
261}
262
263/*
264 * The following are derived from code in crypto/x509/x509_cmp.c
265 * in OpenSSL0.9.7c:
266 * X509_NAME_wildcmp() adds wildcard matching to the original
267 * X509_NAME_cmp(), nocase_cmp() and nocase_spacenorm_cmp() are as is.
268 */
269#include <ctype.h>
270/* Case insensitive string comparision */
271static int nocase_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
272{
273 int i;
274
275 if (a->length != b->length)
276 return (a->length - b->length);
277
278 for (i=0; i<a->length; i++)
279 {
280 int ca, cb;
281
282 ca = tolower(a->data[i]);
283 cb = tolower(b->data[i]);
284
285 if (ca != cb)
286 return(ca-cb);
287 }
288 return 0;
289}
290
291/* Case insensitive string comparision with space normalization
292 * Space normalization - ignore leading, trailing spaces,
293 * multiple spaces between characters are replaced by single space
294 */
295static int nocase_spacenorm_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
296{
297 unsigned char *pa = NULL, *pb = NULL;
298 int la, lb;
299
300 la = a->length;
301 lb = b->length;
302 pa = a->data;
303 pb = b->data;
304
305 /* skip leading spaces */
306 while (la > 0 && isspace(*pa))
307 {
308 la--;
309 pa++;
310 }
311 while (lb > 0 && isspace(*pb))
312 {
313 lb--;
314 pb++;
315 }
316
317 /* skip trailing spaces */
318 while (la > 0 && isspace(pa[la-1]))
319 la--;
320 while (lb > 0 && isspace(pb[lb-1]))
321 lb--;
322
323 /* compare strings with space normalization */
324 while (la > 0 && lb > 0)
325 {
326 int ca, cb;
327
328 /* compare character */
329 ca = tolower(*pa);
330 cb = tolower(*pb);
331 if (ca != cb)
332 return (ca - cb);
333
334 pa++; pb++;
335 la--; lb--;
336
337 if (la <= 0 || lb <= 0)
338 break;
339
340 /* is white space next character ? */
341 if (isspace(*pa) && isspace(*pb))
342 {
343 /* skip remaining white spaces */
344 while (la > 0 && isspace(*pa))
345 {
346 la--;
347 pa++;
348 }
349 while (lb > 0 && isspace(*pb))
350 {
351 lb--;
352 pb++;
353 }
354 }
355 }
356 if (la > 0 || lb > 0)
357 return la - lb;
358
359 return 0;
360}
361
362static int X509_NAME_wildcmp(const X509_NAME *a, const X509_NAME *b)
363{
364 int i,j;
365 X509_NAME_ENTRY *na,*nb;
366
367 if (sk_X509_NAME_ENTRY_num(a->entries)
368 != sk_X509_NAME_ENTRY_num(b->entries))
369 return sk_X509_NAME_ENTRY_num(a->entries)
370 -sk_X509_NAME_ENTRY_num(b->entries);
371 for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
372 {
373 na=sk_X509_NAME_ENTRY_value(a->entries,i);
374 nb=sk_X509_NAME_ENTRY_value(b->entries,i);
375 j=OBJ_cmp(na->object,nb->object);
376 if (j) return(j);
377 if ((na->value->length == 1 && na->value->data[0] == '*')
378 || (nb->value->length == 1 && nb->value->data[0] == '*'))
379 continue;
380 j=na->value->type-nb->value->type;
381 if (j) return(j);
382 if (na->value->type == V_ASN1_PRINTABLESTRING)
383 j=nocase_spacenorm_cmp(na->value, nb->value);
384 else if (na->value->type == V_ASN1_IA5STRING
385 && OBJ_obj2nid(na->object) == NID_pkcs9_emailAddress)
386 j=nocase_cmp(na->value, nb->value);
387 else
388 {
389 j=na->value->length-nb->value->length;
390 if (j) return(j);
391 j=memcmp(na->value->data,nb->value->data,
392 na->value->length);
393 }
394 if (j) return(j);
395 j=na->set-nb->set;
396 if (j) return(j);
397 }
398
399 return(0);
400}
401
402/*
403 * compare two subjectNames.
404 * OUT: 0: equal
405 * positive:
406 * -1: other error.
407 */
408int
409eay_cmp_asn1dn(n1, n2)
410 vchar_t *n1, *n2;
411{
412 X509_NAME *a = NULL, *b = NULL;
413 caddr_t p;
414 int i = -1;
415
416 p = n1->v;
417 if (!d2i_X509_NAME(&a, (void *)&p, n1->l))
418 goto end;
419 p = n2->v;
420 if (!d2i_X509_NAME(&b, (void *)&p, n2->l))
421 goto end;
422
423 i = X509_NAME_wildcmp(a, b);
424
425 end:
426 if (a)
427 X509_NAME_free(a);
428 if (b)
429 X509_NAME_free(b);
430 return i;
431}
432
433/*
434 * this functions is derived from apps/verify.c in OpenSSL0.9.5
435 */
436int
437eay_check_x509cert(cert, CApath, CAfile, local)
438 vchar_t *cert;
439 char *CApath;
440 char *CAfile;
441 int local;
442{
443 X509_STORE *cert_ctx = NULL;
444 X509_LOOKUP *lookup = NULL;
445 X509 *x509 = NULL;
446 X509_STORE_CTX *csc;
447 int error = -1;
448
449 cert_ctx = X509_STORE_new();
450 if (cert_ctx == NULL)
451 goto end;
452
453 if (local)
454 X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_local);
455 else
456 X509_STORE_set_verify_cb_func(cert_ctx, cb_check_cert_remote);
457
458 lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
459 if (lookup == NULL)
460 goto end;
461
462 X509_LOOKUP_load_file(lookup, CAfile,
463 (CAfile == NULL) ? X509_FILETYPE_DEFAULT : X509_FILETYPE_PEM);
464
465 lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
466 if (lookup == NULL)
467 goto end;
468 error = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM);
469 if(!error) {
470 error = -1;
471 goto end;
472 }
473 error = -1; /* initialized */
474
475 /* read the certificate to be verified */
476 x509 = mem2x509(cert);
477 if (x509 == NULL)
478 goto end;
479
480 csc = X509_STORE_CTX_new();
481 if (csc == NULL)
482 goto end;
483 X509_STORE_CTX_init(csc, cert_ctx, x509, NULL);
484#if OPENSSL_VERSION_NUMBER >= 0x00907000L
485 X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK);
486 X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL);
487#endif
488 error = X509_verify_cert(csc);
47612122 489 X509_STORE_CTX_free(csc);
52b7d2ce
A		 490
491 /*
492 * if x509_verify_cert() is successful then the value of error is
493 * set non-zero.
494 */
495 error = error ? 0 : -1;
496
497end:
498 if (error)
d1e348cf 499 plog(LLV_WARNING, LOCATION, NULL,"%s\n", eay_strerror());
52b7d2ce
A		 500 if (cert_ctx != NULL)
501 X509_STORE_free(cert_ctx);
502 if (x509 != NULL)
503 X509_free(x509);
504
505 return(error);
506}
507
508/*
509 * callback function for verifing certificate.
510 * this function is derived from cb() in openssl/apps/s_server.c
511 */
512static int
513cb_check_cert_local(ok, ctx)
514 int ok;
515 X509_STORE_CTX *ctx;
516{
517 char buf[256];
518 int log_tag;
519
520 if (!ok) {
521 X509_NAME_oneline(
522 X509_get_subject_name(ctx->current_cert),
523 buf,
524 256);
525 /*
526 * since we are just checking the certificates, it is
527 * ok if they are self signed. But we should still warn
528 * the user.
529 */
530 switch (ctx->error) {
531 case X509_V_ERR_CERT_HAS_EXPIRED:
532 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
533 case X509_V_ERR_INVALID_CA:
534 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
535 case X509_V_ERR_INVALID_PURPOSE:
536 case X509_V_ERR_UNABLE_TO_GET_CRL:
537 ok = 1;
538 log_tag = LLV_WARNING;
539 break;
540 default:
541 log_tag = LLV_ERROR;
542 }
543 plog(log_tag, LOCATION, NULL,
544 "%s(%d) at depth:%d SubjectName:%s\n",
545 X509_verify_cert_error_string(ctx->error),
546 ctx->error,
547 ctx->error_depth,
548 buf);
549 }
550 ERR_clear_error();
551
552 return ok;
553}
554
555/*
556 * callback function for verifing remote certificates.
557 * this function is derived from cb() in openssl/apps/s_server.c
558 */
559static int
560cb_check_cert_remote(ok, ctx)
561 int ok;
562 X509_STORE_CTX *ctx;
563{
564 char buf[256];
565 int log_tag;
566
567 if (!ok) {
568 X509_NAME_oneline(
569 X509_get_subject_name(ctx->current_cert),
570 buf,
571 256);
572 switch (ctx->error) {
573 case X509_V_ERR_UNABLE_TO_GET_CRL:
574 ok = 1;
575 log_tag = LLV_WARNING;
576 break;
577 default:
578 log_tag = LLV_ERROR;
579 }
580 plog(log_tag, LOCATION, NULL,
581 "%s(%d) at depth:%d SubjectName:%s\n",
582 X509_verify_cert_error_string(ctx->error),
583 ctx->error,
584 ctx->error_depth,
585 buf);
586 }
587 ERR_clear_error();
588
589 return ok;
590}
591
592/*
593 * get a subjectAltName from X509 certificate.
594 */
595vchar_t *
596eay_get_x509asn1subjectname(cert)
597 vchar_t *cert;
598{
599 X509 *x509 = NULL;
600 u_char *bp;
601 vchar_t *name = NULL;
602 int len;
52b7d2ce
A		 603
604 bp = (unsigned char *) cert->v;
605
606 x509 = mem2x509(cert);
607 if (x509 == NULL)
d1e348cf 608 goto error;
52b7d2ce
A		 609
610 /* get the length of the name */
611 len = i2d_X509_NAME(x509->cert_info->subject, NULL);
612 name = vmalloc(len);
613 if (!name)
d1e348cf 614 goto error;
52b7d2ce
A		 615 /* get the name */
616 bp = (unsigned char *) name->v;
617 len = i2d_X509_NAME(x509->cert_info->subject, &bp);
618
d1e348cf 619 X509_free(x509);
52b7d2ce 620
d1e348cf
A		 621 return name;
622
623error:
624 plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
625
626 if (name != NULL)
627 vfree(name);
628
629 if (x509 != NULL)
52b7d2ce
A		 630 X509_free(x509);
631
d1e348cf 632 return NULL;
52b7d2ce
A		 633}
634
52b7d2ce
A		 635/*
636 * Get the common name from a cert
637 */
638#define EAY_MAX_CN_LEN 256
639vchar_t *
640eay_get_x509_common_name(cert)
641 vchar_t *cert;
642{
643 X509 *x509 = NULL;
644 X509_NAME *name;
645 vchar_t *commonName = NULL;
646
647 commonName = vmalloc(EAY_MAX_CN_LEN);
648 if (commonName == NULL) {
649 plog(LLV_ERROR, LOCATION, NULL, "no memory\n");
650 return NULL;
651 }
652
653 x509 = mem2x509(cert);
654 if (x509 == NULL) {
655 vfree(commonName);
656 return NULL;
657 }
658
659 name = X509_get_subject_name(x509);
660 X509_NAME_get_text_by_NID(name, NID_commonName, commonName->v, EAY_MAX_CN_LEN);
661
662 commonName->l = strlen(commonName->v);
663
664 if (x509)
665 X509_free(x509);
666 return commonName;
667}
668
669/*
670 * get the subjectAltName from X509 certificate.
671 * the name must be terminated by '\0'.
672 */
673int
674eay_get_x509subjectaltname(cert, altname, type, pos, len)
675 vchar_t *cert;
676 char **altname;
677 int *type;
678 int pos;
679 int *len;
680{
681 X509 *x509 = NULL;
682 int i;
d1e348cf 683 GENERAL_NAMES *gens = NULL;
52b7d2ce
A		 684 GENERAL_NAME *gen;
685 int error = -1;
686
687 *altname = NULL;
688 *type = GENT_OTHERNAME;
689
690 x509 = mem2x509(cert);
691 if (x509 == NULL)
692 goto end;
693
694 gens = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
695 if (gens == NULL)
696 goto end;
697
698 for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
699 if (i + 1 != pos)
700 continue;
701 break;
702 }
703
704 /* there is no data at "pos" */
705 if (i == sk_GENERAL_NAME_num(gens))
706 goto end;
707
708 gen = sk_GENERAL_NAME_value(gens, i);
709
710 /* make sure the data is terminated by '\0'. */
711 if (gen->d.ia5->data[gen->d.ia5->length] != '\0') {
712 plog(LLV_ERROR, LOCATION, NULL,
713 "data is not terminated by 0.");
714 hexdump(gen->d.ia5->data, gen->d.ia5->length + 1);
715 goto end;
716 }
717
718 /* read DNSName / Email */
719 if (gen->type == GEN_DNS ||
720 gen->type == GEN_EMAIL ||
721 gen->type == GEN_URI) {
722
723 *len = gen->d.ia5->length + 1;
724 *altname = racoon_malloc(*len);
725 if (!*altname)
726 goto end;
727
728 strlcpy(*altname, (const char *)gen->d.ia5->data, *len);
729 *type = gen->type;
730
731 error = 0;
732 } else if (gen->type == GEN_IPADD) {
733
734 *len = gen->d.ia5->length + 1;
735 *altname = racoon_malloc(*len);
736 if (!*altname)
737 goto end;
738
739 memcpy(*altname, (const char *)gen->d.ia5->data, *len);
740 *type = gen->type;
741
742 error = 0;
743 }
744
745 end:
746 if (error) {
747 if (*altname) {
748 racoon_free(*altname);
749 *altname = NULL;
750 }
751#ifndef EAYDEBUG
752 plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
753#else
754 printf("%s\n", eay_strerror());
755#endif
756 }
d1e348cf
A		 757 if (gens)
758 /* free the whole stack. */
759 sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
52b7d2ce
A		 760 if (x509)
761 X509_free(x509);
762
763 return error;
764}
765
52b7d2ce
A		 766/*
767 * decode a X509 certificate and make a readable text terminated '\n'.
768 * return the buffer allocated, so must free it later.
769 */
770char *
771eay_get_x509text(cert)
772 vchar_t *cert;
773{
774 X509 *x509 = NULL;
775 BIO *bio = NULL;
776 char *text = NULL;
777 u_char *bp = NULL;
778 int len = 0;
779 int error = -1;
780
781 x509 = mem2x509(cert);
782 if (x509 == NULL)
783 goto end;
784
785 bio = BIO_new(BIO_s_mem());
786 if (bio == NULL)
787 goto end;
788
789 error = X509_print(bio, x509);
790 if (error != 1) {
791 error = -1;
792 goto end;
793 }
794
795 len = BIO_get_mem_data(bio, &bp);
796 text = racoon_malloc(len + 1);
797 if (text == NULL)
798 goto end;
799 memcpy(text, bp, len);
800 text[len] = '\0';
801
802 error = 0;
803
804 end:
805 if (error) {
806 if (text) {
807 racoon_free(text);
808 text = NULL;
809 }
810 plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
811 }
812 if (bio)
813 BIO_free(bio);
814 if (x509)
815 X509_free(x509);
816
817 return text;
818}
819
820/* get X509 structure from buffer. */
821static X509 *
822mem2x509(cert)
823 vchar_t *cert;
824{
825 X509 *x509;
826
827#ifndef EAYDEBUG
828 {
829 u_char *bp;
830
831 bp = (unsigned char *) cert->v;
832
833 x509 = d2i_X509(NULL, (void *)&bp, cert->l);
834 }
835#else
836 {
837 BIO *bio;
838 int len;
839
840 bio = BIO_new(BIO_s_mem());
841 if (bio == NULL)
842 return NULL;
843 len = BIO_write(bio, cert->v, cert->l);
844 if (len == -1)
845 return NULL;
846 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
847 BIO_free(bio);
848 }
849#endif
850 return x509;
851}
852
853/*
854 * get a X509 certificate from local file.
855 * a certificate must be PEM format.
856 * Input:
857 * path to a certificate.
858 * Output:
859 * NULL if error occured
860 * other is the cert.
861 */
862vchar_t *
863eay_get_x509cert(path)
864 char *path;
865{
866 FILE *fp;
867 X509 *x509;
868 vchar_t *cert;
869 u_char *bp;
870 int len;
871 int error;
872
873 /* Read private key */
874 fp = fopen(path, "r");
875 if (fp == NULL)
876 return NULL;
877 x509 = PEM_read_X509(fp, NULL, NULL, NULL);
878 fclose (fp);
879
880 if (x509 == NULL)
881 return NULL;
882
883 len = i2d_X509(x509, NULL);
884 cert = vmalloc(len);
885 if (cert == NULL) {
886 X509_free(x509);
887 return NULL;
888 }
889 bp = (unsigned char *) cert->v;
890 error = i2d_X509(x509, &bp);
891 X509_free(x509);
892
893 if (error == 0) {
894 vfree(cert);
895 return NULL;
896 }
897
898 return cert;
899}
900
901/*
902 * check a X509 signature
903 * XXX: to be get hash type from my cert ?
904 * to be handled EVP_dss().
905 * OUT: return -1 when error.
906 * 0
907 */
908int
909eay_check_x509sign(source, sig, cert)
910 vchar_t *source;
911 vchar_t *sig;
912 vchar_t *cert;
913{
914 X509 *x509;
915 u_char *bp;
916 EVP_PKEY *evp;
917 int res;
918
919 bp = (unsigned char *) cert->v;
920
921 x509 = d2i_X509(NULL, (void *)&bp, cert->l);
922 if (x509 == NULL) {
923 plog(LLV_ERROR, LOCATION, NULL, "d2i_X509(): %s\n", eay_strerror());
924 return -1;
925 }
926
927 evp = X509_get_pubkey(x509);
928 if (! evp) {
929 plog(LLV_ERROR, LOCATION, NULL, "X509_get_pubkey(): %s\n", eay_strerror());
d1e348cf 930 X509_free(x509);
52b7d2ce
A		 931 return -1;
932 }
933
934 res = eay_rsa_verify(source, sig, evp->pkey.rsa);
935
936 EVP_PKEY_free(evp);
d1e348cf 937 X509_free(x509);
52b7d2ce
A		 938
939 return res;
940}
941
942/*
943 * check RSA signature
944 * OUT: return -1 when error.
945 * 0 on success
946 */
947int
948eay_check_rsasign(source, sig, rsa)
949 vchar_t *source;
950 vchar_t *sig;
951 RSA *rsa;
952{
953 return eay_rsa_verify(source, sig, rsa);
954}
955
956/*
957 * get PKCS#1 Private Key of PEM format from local file.
958 */
959vchar_t *
960eay_get_pkcs1privkey(path)
961 char *path;
962{
963 FILE *fp;
964 EVP_PKEY *evp = NULL;
965 vchar_t *pkey = NULL;
966 u_char *bp;
967 int pkeylen;
968 int error = -1;
969
970 /* Read private key */
971 fp = fopen(path, "r");
972 if (fp == NULL)
973 return NULL;
974
975 evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
976
977 fclose (fp);
978
979 if (evp == NULL)
980 return NULL;
981
982 pkeylen = i2d_PrivateKey(evp, NULL);
983 if (pkeylen == 0)
984 goto end;
985 pkey = vmalloc(pkeylen);
986 if (pkey == NULL)
987 goto end;
988 bp = (unsigned char *) pkey->v;
989 pkeylen = i2d_PrivateKey(evp, &bp);
990 if (pkeylen == 0)
991 goto end;
992
993 error = 0;
994
995end:
996 if (evp != NULL)
997 EVP_PKEY_free(evp);
998 if (error != 0 && pkey != NULL) {
999 vfree(pkey);
1000 pkey = NULL;
1001 }
1002
1003 return pkey;
1004}
1005
1006/*
1007 * get PKCS#1 Public Key of PEM format from local file.
1008 */
1009vchar_t *
1010eay_get_pkcs1pubkey(path)
1011 char *path;
1012{
1013 FILE *fp;
1014 EVP_PKEY *evp = NULL;
1015 vchar_t *pkey = NULL;
1016 X509 *x509 = NULL;
1017 u_char *bp;
1018 int pkeylen;
1019 int error = -1;
1020
1021 /* Read private key */
1022 fp = fopen(path, "r");
1023 if (fp == NULL)
1024 return NULL;
1025
1026 x509 = PEM_read_X509(fp, NULL, NULL, NULL);
1027
1028 fclose (fp);
1029
1030 if (x509 == NULL)
1031 return NULL;
1032
1033 /* Get public key - eay */
1034 evp = X509_get_pubkey(x509);
1035 if (evp == NULL)
1036 return NULL;
1037
1038 pkeylen = i2d_PublicKey(evp, NULL);
1039 if (pkeylen == 0)
1040 goto end;
1041 pkey = vmalloc(pkeylen);
1042 if (pkey == NULL)
1043 goto end;
1044 bp = (unsigned char *) pkey->v;
1045 pkeylen = i2d_PublicKey(evp, &bp);
1046 if (pkeylen == 0)
1047 goto end;
1048
1049 error = 0;
1050end:
1051 if (evp != NULL)
1052 EVP_PKEY_free(evp);
1053 if (error != 0 && pkey != NULL) {
1054 vfree(pkey);
1055 pkey = NULL;
1056 }
1057
1058 return pkey;
1059}
1060
1061vchar_t *
1062eay_get_x509sign(src, privkey)
1063 vchar_t *src, *privkey;
1064{
1065 EVP_PKEY *evp;
1066 u_char *bp = (unsigned char *) privkey->v;
1067 vchar_t *sig = NULL;
1068 int len;
1069 int pad = RSA_PKCS1_PADDING;
1070
1071 /* XXX to be handled EVP_PKEY_DSA */
1072 evp = d2i_PrivateKey(EVP_PKEY_RSA, NULL, (void *)&bp, privkey->l);
1073 if (evp == NULL)
1074 return NULL;
1075
1076 sig = eay_rsa_sign(src, evp->pkey.rsa);
1077
1078 EVP_PKEY_free(evp);
1079
1080 return sig;
1081}
1082
1083vchar_t *
1084eay_get_rsasign(src, rsa)
1085 vchar_t *src;
1086 RSA *rsa;
1087{
1088 return eay_rsa_sign(src, rsa);
1089}
1090
1091vchar_t *
1092eay_rsa_sign(vchar_t *src, RSA *rsa)
1093{
1094 int len;
1095 vchar_t *sig = NULL;
1096 int pad = RSA_PKCS1_PADDING;
1097
1098 len = RSA_size(rsa);
1099
1100 sig = vmalloc(len);
1101 if (sig == NULL)
1102 return NULL;
1103
1104 len = RSA_private_encrypt(src->l, (unsigned char *) src->v,
1105 (unsigned char *) sig->v, rsa, pad);
1106
1107 if (len == 0 || len != sig->l) {
1108 vfree(sig);
1109 sig = NULL;
1110 }
1111
1112 return sig;
1113}
1114
1115int
1116eay_rsa_verify(src, sig, rsa)
1117 vchar_t *src, *sig;
1118 RSA *rsa;
1119{
1120 vchar_t *xbuf = NULL;
1121 int pad = RSA_PKCS1_PADDING;
1122 int len = 0;
1123 int error;
1124
1125 len = RSA_size(rsa);
1126 xbuf = vmalloc(len);
1127 if (xbuf == NULL) {
1128 plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
1129 return -1;
1130 }
1131
1132 len = RSA_public_decrypt(sig->l, (unsigned char *) sig->v,
1133 (unsigned char *) xbuf->v, rsa, pad);
1134 if (len == 0 || len != src->l) {
1135 plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
1136 vfree(xbuf);
1137 return -1;
1138 }
1139
1140 error = memcmp(src->v, xbuf->v, src->l);
1141 vfree(xbuf);
1142 if (error != 0)
1143 return -1;
1144
1145 return 0;
1146}
1147
1148/*
1149 * get error string
1150 * MUST load ERR_load_crypto_strings() first.
1151 */
1152char *
1153eay_strerror()
1154{
1155 static char ebuf[512];
1156 int len = 0, n;
1157 unsigned long l;
1158 char buf[200];
1159 const char *file, *data;
1160 int line, flags;
1161 unsigned long es;
1162
1163 es = CRYPTO_thread_id();
1164
1165 while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){
1166 n = snprintf(ebuf + len, sizeof(ebuf) - len,
1167 "%lu:%s:%s:%d:%s ",
1168 es, ERR_error_string(l, buf), file, line,
1169 (flags & ERR_TXT_STRING) ? data : "");
1170 if (n < 0 || n >= sizeof(ebuf) - len)
1171 break;
1172 len += n;
1173 if (sizeof(ebuf) < len)
1174 break;
1175 }
1176
1177 return ebuf;
1178}
1179
1180vchar_t *
1181evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc)
1182{
1183 vchar_t *res;
1184 EVP_CIPHER_CTX ctx;
1185
1186 if (!e)
1187 return NULL;
1188
1189 if (data->l % EVP_CIPHER_block_size(e))
1190 return NULL;
1191
1192 if ((res = vmalloc(data->l)) == NULL)
1193 return NULL;
1194
1195 EVP_CIPHER_CTX_init(&ctx);
1196
1197 switch(EVP_CIPHER_nid(e)){
1198 case NID_bf_cbc:
1199 case NID_bf_ecb:
1200 case NID_bf_cfb64:
1201 case NID_bf_ofb64:
1202 case NID_cast5_cbc:
1203 case NID_cast5_ecb:
1204 case NID_cast5_cfb64:
1205 case NID_cast5_ofb64:
1206 /* XXX: can we do that also for algos with a fixed key size ?
1207 */
1208 /* init context without key/iv
1209 */
1210 if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc))
1211 {
1212 OpenSSL_BUG();
1213 vfree(res);
1214 return NULL;
1215 }
1216
1217 /* update key size
1218 */
1219 if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l))
1220 {
1221 OpenSSL_BUG();
1222 vfree(res);
1223 return NULL;
1224 }
1225
1226 /* finalize context init with desired key size
1227 */
1228 if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v,
1229 (u_char *) iv->v, enc))
1230 {
1231 OpenSSL_BUG();
1232 vfree(res);
1233 return NULL;
1234 }
1235 break;
1236 default:
1237 if (!EVP_CipherInit(&ctx, e, (u_char *) key->v,
1238 (u_char *) iv->v, enc)) {
1239 OpenSSL_BUG();
1240 vfree(res);
1241 return NULL;
1242 }
1243 }
1244
1245 /* disable openssl padding */
1246 EVP_CIPHER_CTX_set_padding(&ctx, 0);
1247
1248 if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) {
1249 OpenSSL_BUG();
1250 vfree(res);
1251 return NULL;
1252 }
1253
1254 EVP_CIPHER_CTX_cleanup(&ctx);
1255
1256 return res;
1257}
1258
1259int
1260evp_weakkey(vchar_t *key, const EVP_CIPHER *e)
1261{
1262 return 0;
1263}
1264
1265int
1266evp_keylen(int len, const EVP_CIPHER *e)
1267{
1268 if (!e)
1269 return -1;
1270 /* EVP functions return lengths in bytes, ipsec-tools
1271 * uses lengths in bits, therefore conversion is required. --AK
1272 */
1273 if (len != 0 && len != (EVP_CIPHER_key_length(e) << 3))
1274 return -1;
1275
1276 return EVP_CIPHER_key_length(e) << 3;
1277}
e8d9021d 1278#endif /* HAVE_OPENSSL */
52b7d2ce 1279
d1e348cf
A		 1280vchar_t *
1281eay_CCCrypt(CCOperation oper,
1282 CCAlgorithm algo,
1283 CCOptions opts,
1284 vchar_t *data,
1285 vchar_t *key,
1286 vchar_t *iv)
1287{
1288 vchar_t *res;
1289 size_t res_len = 0;
1290 CCCryptorStatus status;
1291
1292 /* allocate buffer for result */
1293 if ((res = vmalloc(data->l)) == NULL)
1294 return NULL;
1295
1296 status = CCCrypt(oper,
1297 algo,
1298 opts,
1299 key->v, key->l,
1300 iv->v,
1301 data->v, data->l,
1302 res->v, res->l, &res_len);
1303 if (status == kCCSuccess) {
1304 if (res->l != res_len) {
1305 plog(LLV_ERROR, LOCATION, NULL,
1306 "crypt %d %d length mismatch. expected: %zd. got: %zd.\n",
1307 oper, algo, res->l, res_len);
1308 }
1309 return res;
1310 } else {
1311 plog(LLV_ERROR, LOCATION, NULL,
1312 "crypt %d %d error. status %d.\n",
1313 oper, algo, (int)status);
1314 }
1315 vfree(res);
1316 return NULL;
1317}
1318
52b7d2ce
A		 1319/*
1320 * DES-CBC
1321 */
1322vchar_t *
1323eay_des_encrypt(data, key, iv)
1324 vchar_t *data, *key, *iv;
1325{
d1e348cf 1326 return(eay_CCCrypt(kCCEncrypt, kCCAlgorithmDES, 0 /* CBC */, data, key, iv));
52b7d2ce
A		 1327}
1328
1329vchar_t *
1330eay_des_decrypt(data, key, iv)
1331 vchar_t *data, *key, *iv;
1332{
d1e348cf 1333 return(eay_CCCrypt(kCCDecrypt, kCCAlgorithmDES, 0 /* CBC */, data, key, iv));
52b7d2ce
A		 1334}
1335
1336int
1337eay_des_weakkey(key)
1338 vchar_t *key;
1339{
e8d9021d 1340#ifdef HAVE_OPENSSL
52b7d2ce
A		 1341#ifdef USE_NEW_DES_API
1342 return DES_is_weak_key((void *)key->v);
1343#else
1344 return des_is_weak_key((void *)key->v);
1345#endif
e8d9021d
A		 1346#else
1347 return 0;
1348#endif
52b7d2ce
A		 1349}
1350
1351int
1352eay_des_keylen(len)
1353 int len;
1354{
d1e348cf
A		 1355 /* CommonCrypto return lengths in bytes, ipsec-tools
1356 * uses lengths in bits, therefore conversion is required.
1357 */
1358 if (len != 0 && len != (kCCKeySizeDES << 3))
1359 return -1;
1360
1361 return kCCKeySizeDES << 3;
52b7d2ce
A		 1362}
1363
1364#ifdef HAVE_OPENSSL_IDEA_H
1365/*
1366 * IDEA-CBC
1367 */
1368vchar_t *
1369eay_idea_encrypt(data, key, iv)
1370 vchar_t *data, *key, *iv;
1371{
1372 vchar_t *res;
1373 IDEA_KEY_SCHEDULE ks;
1374
1375 idea_set_encrypt_key(key->v, &ks);
1376
1377 /* allocate buffer for result */
1378 if ((res = vmalloc(data->l)) == NULL)
1379 return NULL;
1380
1381 /* decryption data */
1382 idea_cbc_encrypt(data->v, res->v, data->l,
1383 &ks, iv->v, IDEA_ENCRYPT);
1384
1385 return res;
1386}
1387
1388vchar_t *
1389eay_idea_decrypt(data, key, iv)
1390 vchar_t *data, *key, *iv;
1391{
1392 vchar_t *res;
1393 IDEA_KEY_SCHEDULE ks, dks;
1394
1395 idea_set_encrypt_key(key->v, &ks);
1396 idea_set_decrypt_key(&ks, &dks);
1397
1398 /* allocate buffer for result */
1399 if ((res = vmalloc(data->l)) == NULL)
1400 return NULL;
1401
1402 /* decryption data */
1403 idea_cbc_encrypt(data->v, res->v, data->l,
1404 &dks, iv->v, IDEA_DECRYPT);
1405
1406 return res;
1407}
1408
1409int
1410eay_idea_weakkey(key)
1411 vchar_t *key;
1412{
1413 return 0; /* XXX */
1414}
1415
1416int
1417eay_idea_keylen(len)
1418 int len;
1419{
1420 if (len != 0 && len != 128)
1421 return -1;
1422 return 128;
1423}
1424#endif
1425
e8d9021d 1426#ifdef HAVE_OPENSSL
52b7d2ce
A		 1427/*
1428 * BLOWFISH-CBC
1429 */
1430vchar_t *
1431eay_bf_encrypt(data, key, iv)
1432 vchar_t *data, *key, *iv;
1433{
1434 return evp_crypt(data, key, iv, EVP_bf_cbc(), 1);
1435}
1436
1437vchar_t *
1438eay_bf_decrypt(data, key, iv)
1439 vchar_t *data, *key, *iv;
1440{
1441 return evp_crypt(data, key, iv, EVP_bf_cbc(), 0);
1442}
1443
1444int
1445eay_bf_weakkey(key)
1446 vchar_t *key;
1447{
1448 return 0; /* XXX to be done. refer to RFC 2451 */
1449}
1450
1451int
1452eay_bf_keylen(len)
1453 int len;
1454{
1455 if (len == 0)
1456 return 448;
1457 if (len < 40 || len > 448)
1458 return -1;
1459 return len;
1460}
e8d9021d 1461#endif
52b7d2ce
A		 1462
1463#ifdef HAVE_OPENSSL_RC5_H
1464/*
1465 * RC5-CBC
1466 */
1467vchar_t *
1468eay_rc5_encrypt(data, key, iv)
1469 vchar_t *data, *key, *iv;
1470{
1471 vchar_t *res;
1472 RC5_32_KEY ks;
1473
1474 /* in RFC 2451, there is information about the number of round. */
1475 RC5_32_set_key(&ks, key->l, key->v, 16);
1476
1477 /* allocate buffer for result */
1478 if ((res = vmalloc(data->l)) == NULL)
1479 return NULL;
1480
1481 /* decryption data */
1482 RC5_32_cbc_encrypt(data->v, res->v, data->l,
1483 &ks, iv->v, RC5_ENCRYPT);
1484
1485 return res;
1486}
1487
1488vchar_t *
1489eay_rc5_decrypt(data, key, iv)
1490 vchar_t *data, *key, *iv;
1491{
1492 vchar_t *res;
1493 RC5_32_KEY ks;
1494
1495 /* in RFC 2451, there is information about the number of round. */
1496 RC5_32_set_key(&ks, key->l, key->v, 16);
1497
1498 /* allocate buffer for result */
1499 if ((res = vmalloc(data->l)) == NULL)
1500 return NULL;
1501
1502 /* decryption data */
1503 RC5_32_cbc_encrypt(data->v, res->v, data->l,
1504 &ks, iv->v, RC5_DECRYPT);
1505
1506 return res;
1507}
1508
1509int
1510eay_rc5_weakkey(key)
1511 vchar_t *key;
1512{
1513 return 0; /* No known weak keys when used with 16 rounds. */
1514
1515}
1516
1517int
1518eay_rc5_keylen(len)
1519 int len;
1520{
1521 if (len == 0)
1522 return 128;
1523 if (len < 40 || len > 2040)
1524 return -1;
1525 return len;
1526}
1527#endif
1528
1529/*
1530 * 3DES-CBC
1531 */
1532vchar_t *
1533eay_3des_encrypt(data, key, iv)
1534 vchar_t *data, *key, *iv;
1535{
d1e348cf 1536 return(eay_CCCrypt(kCCEncrypt, kCCAlgorithm3DES, 0 /* CBC */, data, key, iv));
52b7d2ce
A		 1537}
1538
1539vchar_t *
1540eay_3des_decrypt(data, key, iv)
1541 vchar_t *data, *key, *iv;
1542{
d1e348cf 1543 return(eay_CCCrypt(kCCDecrypt, kCCAlgorithm3DES, 0 /* CBC */, data, key, iv));
52b7d2ce
A		 1544}
1545
1546int
1547eay_3des_weakkey(key)
1548 vchar_t *key;
1549{
e8d9021d 1550#ifdef HAVE_OPENSSL
52b7d2ce
A		 1551#ifdef USE_NEW_DES_API
1552 return (DES_is_weak_key((void *)key->v) ||
1553 DES_is_weak_key((void *)(key->v + 8)) ||
1554 DES_is_weak_key((void *)(key->v + 16)));
1555#else
1556 if (key->l < 24)
1557 return 0;
1558
1559 return (des_is_weak_key((void *)key->v) ||
1560 des_is_weak_key((void *)(key->v + 8)) ||
1561 des_is_weak_key((void *)(key->v + 16)));
1562#endif
e8d9021d
A		 1563#else /* HAVE_OPENSSL */
1564 return 0;
1565#endif
1566
52b7d2ce
A		 1567}
1568
1569int
1570eay_3des_keylen(len)
1571 int len;
1572{
d1e348cf
A		 1573 /* CommonCrypto return lengths in bytes, ipsec-tools
1574 * uses lengths in bits, therefore conversion is required.
1575 */
1576 if (len != 0 && len != (kCCKeySize3DES << 3))
1577 return -1;
1578
1579 return kCCKeySize3DES << 3;
52b7d2ce
A		 1580}
1581
e8d9021d 1582#ifdef HAVE_OPENSSL
52b7d2ce
A		 1583/*
1584 * CAST-CBC
1585 */
1586vchar_t *
1587eay_cast_encrypt(data, key, iv)
1588 vchar_t *data, *key, *iv;
1589{
1590 return evp_crypt(data, key, iv, EVP_cast5_cbc(), 1);
1591}
1592
1593vchar_t *
1594eay_cast_decrypt(data, key, iv)
1595 vchar_t *data, *key, *iv;
1596{
1597 return evp_crypt(data, key, iv, EVP_cast5_cbc(), 0);
1598}
1599
1600int
1601eay_cast_weakkey(key)
1602 vchar_t *key;
1603{
1604 return 0; /* No known weak keys. */
1605}
1606
1607int
1608eay_cast_keylen(len)
1609 int len;
1610{
1611 if (len == 0)
1612 return 128;
1613 if (len < 40 || len > 128)
1614 return -1;
1615 return len;
1616}
e8d9021d 1617#endif
52b7d2ce
A		 1618
1619/*
1620 * AES(RIJNDAEL)-CBC
1621 */
d1e348cf
A		 1622vchar_t *
1623eay_aes_encrypt(data, key, iv)
1624vchar_t *data, *key, *iv;
1625{
1626 return(eay_CCCrypt(kCCEncrypt, kCCAlgorithmAES128 /* adapts to AES-192, or AES-256 depending on the key size*/, 0 /* CBC */, data, key, iv));
1627}
1628
1629vchar_t *
1630eay_aes_decrypt(data, key, iv)
1631vchar_t *data, *key, *iv;
1632{
1633 return(eay_CCCrypt(kCCDecrypt, kCCAlgorithmAES128 /* adapts to AES-192, or AES-256 depending on the key size*/, 0 /* CBC */, data, key, iv));
1634}
1635
1636int
1637eay_aes_keylen(len)
1638int len;
1639{
1640 /* CommonCrypto return lengths in bytes, ipsec-tools
1641 * uses lengths in bits, therefore conversion is required.
1642 */
1643 if (len != 0) {
1644 if (len != (kCCKeySizeAES128 << 3) &&
1645 len != (kCCKeySizeAES192 << 3) &&
1646 len != (kCCKeySizeAES256 << 3))
1647 return -1;
1648 } else {
1649 return kCCKeySizeAES128 << 3;
1650 }
1651 return len;
1652}
1653
d1e348cf
A		 1654
1655int
1656eay_aes_weakkey(key)
1657 vchar_t *key;
1658{
1659 return 0;
1660}
52b7d2ce
A		 1661
1662/* for ipsec part */
1663int
1664eay_null_hashlen()
1665{
1666 return 0;
1667}
1668
e8d9021d 1669#ifdef HAVE_OPENSSL
52b7d2ce
A		 1670int
1671eay_kpdk_hashlen()
1672{
1673 return 0;
1674}
1675
1676int
1677eay_twofish_keylen(len)
1678 int len;
1679{
1680 if (len < 0 || len > 256)
1681 return -1;
1682 return len;
1683}
e8d9021d 1684#endif
52b7d2ce
A		 1685
1686int
1687eay_null_keylen(len)
1688 int len;
1689{
1690 return 0;
1691}
1692
1693/*
1694 * HMAC functions
1695 */
52b7d2ce
A		 1696static caddr_t
1697eay_hmac_init(key, algorithm)
1698 vchar_t *key;
1699 CCHmacAlgorithm algorithm;
1700{
1701 CCHmacContext *c = racoon_malloc(sizeof(*c));
1702
1703 CCHmacInit(c, algorithm, key->v, key->l);
1704
1705 return (caddr_t)c;
1706}
52b7d2ce
A		 1707
1708#ifdef WITH_SHA2
1709/*
1710 * HMAC SHA2-512
1711 */
1712vchar_t *
1713eay_hmacsha2_512_one(key, data)
1714 vchar_t *key, *data;
1715{
1716 vchar_t *res;
1717 caddr_t ctx;
1718
1719 ctx = eay_hmacsha2_512_init(key);
1720 eay_hmacsha2_512_update(ctx, data);
1721 res = eay_hmacsha2_512_final(ctx);
1722
1723 return(res);
1724}
1725
1726caddr_t
1727eay_hmacsha2_512_init(key)
1728 vchar_t *key;
1729{
52b7d2ce 1730 return eay_hmac_init(key, kCCHmacAlgSHA512);
52b7d2ce
A		 1731}
1732
1733void
1734eay_hmacsha2_512_update(c, data)
1735 caddr_t c;
1736 vchar_t *data;
1737{
52b7d2ce 1738 CCHmacUpdate((CCHmacContext *)c, data->v, data->l);
52b7d2ce
A		 1739}
1740
52b7d2ce
A		 1741vchar_t *
1742eay_hmacsha2_512_final(c)
1743 caddr_t c;
1744{
1745 vchar_t *res;
1746
1747 if ((res = vmalloc(CC_SHA512_DIGEST_LENGTH)) == 0)
1748 return NULL;
1749
1750 CCHmacFinal((CCHmacContext *)c, res->v);
1751 res->l = CC_SHA512_DIGEST_LENGTH;
1752
1753 (void)racoon_free(c);
1754 return(res);
1755}
52b7d2ce
A		 1756
1757/*
1758 * HMAC SHA2-384
1759 */
1760vchar_t *
1761eay_hmacsha2_384_one(key, data)
1762 vchar_t *key, *data;
1763{
1764 vchar_t *res;
1765 caddr_t ctx;
1766
1767 ctx = eay_hmacsha2_384_init(key);
1768 eay_hmacsha2_384_update(ctx, data);
1769 res = eay_hmacsha2_384_final(ctx);
1770
1771 return(res);
1772}
1773
1774caddr_t
1775eay_hmacsha2_384_init(key)
1776 vchar_t *key;
1777{
52b7d2ce 1778 return eay_hmac_init(key, kCCHmacAlgSHA384);
52b7d2ce
A		 1779}
1780
1781void
1782eay_hmacsha2_384_update(c, data)
1783 caddr_t c;
1784 vchar_t *data;
1785{
52b7d2ce 1786 CCHmacUpdate((CCHmacContext *)c, data->v, data->l);
52b7d2ce
A		 1787}
1788
52b7d2ce
A		 1789vchar_t *
1790eay_hmacsha2_384_final(c)
1791 caddr_t c;
1792{
1793 vchar_t *res;
1794
1795 if ((res = vmalloc(CC_SHA384_DIGEST_LENGTH)) == 0)
1796 return NULL;
1797
1798 CCHmacFinal((CCHmacContext *)c, res->v);
1799 res->l = CC_SHA384_DIGEST_LENGTH;
1800
1801 (void)racoon_free(c);
1802 return(res);
1803}
52b7d2ce
A		 1804
1805/*
1806 * HMAC SHA2-256
1807 */
1808vchar_t *
1809eay_hmacsha2_256_one(key, data)
1810 vchar_t *key, *data;
1811{
1812 vchar_t *res;
1813 caddr_t ctx;
1814
1815 ctx = eay_hmacsha2_256_init(key);
1816 eay_hmacsha2_256_update(ctx, data);
1817 res = eay_hmacsha2_256_final(ctx);
1818
1819 return(res);
1820}
1821
1822caddr_t
1823eay_hmacsha2_256_init(key)
1824 vchar_t *key;
1825{
52b7d2ce 1826 return eay_hmac_init(key, kCCHmacAlgSHA256);
52b7d2ce
A		 1827}
1828
1829void
1830eay_hmacsha2_256_update(c, data)
1831 caddr_t c;
1832 vchar_t *data;
1833{
52b7d2ce 1834 CCHmacUpdate((CCHmacContext *)c, data->v, data->l);
52b7d2ce
A		 1835}
1836
52b7d2ce
A		 1837vchar_t *
1838eay_hmacsha2_256_final(c)
1839 caddr_t c;
1840{
1841 vchar_t *res;
1842
1843 if ((res = vmalloc(CC_SHA256_DIGEST_LENGTH)) == 0)
1844 return NULL;
1845
1846 CCHmacFinal((CCHmacContext *)c, res->v);
1847 res->l = CC_SHA256_DIGEST_LENGTH;
1848
1849 (void)racoon_free(c);
1850 return(res);
1851}
52b7d2ce
A		 1852#endif /* WITH_SHA2 */
1853
1854/*
1855 * HMAC SHA1
1856 */
1857vchar_t *
1858eay_hmacsha1_one(key, data)
1859 vchar_t *key, *data;
1860{
1861 vchar_t *res;
1862 caddr_t ctx;
1863
1864 ctx = eay_hmacsha1_init(key);
1865 eay_hmacsha1_update(ctx, data);
1866 res = eay_hmacsha1_final(ctx);
1867
1868 return(res);
1869}
1870
1871caddr_t
1872eay_hmacsha1_init(key)
1873 vchar_t *key;
1874{
52b7d2ce 1875 return eay_hmac_init(key, kCCHmacAlgSHA1);
52b7d2ce
A		 1876}
1877
1878void
1879eay_hmacsha1_update(c, data)
1880 caddr_t c;
1881 vchar_t *data;
1882{
52b7d2ce 1883 CCHmacUpdate((CCHmacContext *)c, data->v, data->l);
52b7d2ce
A		 1884}
1885
52b7d2ce
A		 1886vchar_t *
1887eay_hmacsha1_final(c)
1888 caddr_t c;
1889{
1890 vchar_t *res;
1891
1892 if ((res = vmalloc(CC_SHA1_DIGEST_LENGTH)) == 0)
1893 return NULL;
1894
1895 CCHmacFinal((CCHmacContext *)c, res->v);
1896 res->l = CC_SHA1_DIGEST_LENGTH;
1897
1898 (void)racoon_free(c);
1899 return(res);
1900}
52b7d2ce
A		 1901
1902/*
1903 * HMAC MD5
1904 */
1905vchar_t *
1906eay_hmacmd5_one(key, data)
1907 vchar_t *key, *data;
1908{
1909 vchar_t *res;
1910 caddr_t ctx;
1911
1912 ctx = eay_hmacmd5_init(key);
1913 eay_hmacmd5_update(ctx, data);
1914 res = eay_hmacmd5_final(ctx);
1915
1916 return(res);
1917}
1918
1919caddr_t
1920eay_hmacmd5_init(key)
1921 vchar_t *key;
1922{
52b7d2ce 1923 return eay_hmac_init(key, kCCHmacAlgMD5);
52b7d2ce
A		 1924}
1925
1926void
1927eay_hmacmd5_update(c, data)
1928 caddr_t c;
1929 vchar_t *data;
1930{
52b7d2ce 1931 CCHmacUpdate((CCHmacContext *)c, data->v, data->l);
52b7d2ce
A		 1932}
1933
52b7d2ce
A		 1934vchar_t *
1935eay_hmacmd5_final(c)
1936 caddr_t c;
1937{
1938 vchar_t *res;
1939
1940 if ((res = vmalloc(CC_MD5_DIGEST_LENGTH)) == 0)
1941 return NULL;
1942
1943 CCHmacFinal((CCHmacContext *)c, res->v);
1944 res->l = CC_MD5_DIGEST_LENGTH;
1945 (void)racoon_free(c);
1946
1947 return(res);
1948}
52b7d2ce 1949
52b7d2ce
A		 1950
1951#ifdef WITH_SHA2
1952/*
1953 * SHA2-512 functions
1954 */
1955caddr_t
1956eay_sha2_512_init()
1957{
1958 SHA512_CTX *c = racoon_malloc(sizeof(*c));
1959
1960 SHA512_Init(c);
1961
1962 return((caddr_t)c);
1963}
1964
1965void
1966eay_sha2_512_update(c, data)
1967 caddr_t c;
1968 vchar_t *data;
1969{
1970 SHA512_Update((SHA512_CTX *)c, (unsigned char *) data->v, data->l);
1971
1972 return;
1973}
1974
1975vchar_t *
1976eay_sha2_512_final(c)
1977 caddr_t c;
1978{
1979 vchar_t *res;
1980
1981 if ((res = vmalloc(SHA512_DIGEST_LENGTH)) == 0)
1982 return(0);
1983
1984 SHA512_Final((unsigned char *) res->v, (SHA512_CTX *)c);
1985 (void)racoon_free(c);
1986
1987 return(res);
1988}
1989
1990vchar_t *
1991eay_sha2_512_one(data)
1992 vchar_t *data;
1993{
1994 caddr_t ctx;
1995 vchar_t *res;
1996
1997 ctx = eay_sha2_512_init();
1998 eay_sha2_512_update(ctx, data);
1999 res = eay_sha2_512_final(ctx);
2000
2001 return(res);
2002}
2003
2004int
2005eay_sha2_512_hashlen()
2006{
2007 return SHA512_DIGEST_LENGTH << 3;
2008}
2009#endif
2010
2011#ifdef WITH_SHA2
2012/*
2013 * SHA2-384 functions
2014 */
2015
52b7d2ce 2016typedef SHA512_CTX SHA384_CTX;
52b7d2ce
A		 2017
2018caddr_t
2019eay_sha2_384_init()
2020{
2021 SHA384_CTX *c = racoon_malloc(sizeof(*c));
2022
2023 SHA384_Init(c);
2024
2025 return((caddr_t)c);
2026}
2027
2028void
2029eay_sha2_384_update(c, data)
2030 caddr_t c;
2031 vchar_t *data;
2032{
2033 SHA384_Update((SHA384_CTX *)c, (unsigned char *) data->v, data->l);
2034
2035 return;
2036}
2037
2038vchar_t *
2039eay_sha2_384_final(c)
2040 caddr_t c;
2041{
2042 vchar_t *res;
2043
2044 if ((res = vmalloc(SHA384_DIGEST_LENGTH)) == 0)
2045 return(0);
2046
2047 SHA384_Final((unsigned char *) res->v, (SHA384_CTX *)c);
2048 (void)racoon_free(c);
2049
2050 return(res);
2051}
2052
2053vchar_t *
2054eay_sha2_384_one(data)
2055 vchar_t *data;
2056{
2057 caddr_t ctx;
2058 vchar_t *res;
2059
2060 ctx = eay_sha2_384_init();
2061 eay_sha2_384_update(ctx, data);
2062 res = eay_sha2_384_final(ctx);
2063
2064 return(res);
2065}
2066
2067int
2068eay_sha2_384_hashlen()
2069{
2070 return SHA384_DIGEST_LENGTH << 3;
2071}
2072#endif
2073
2074#ifdef WITH_SHA2
2075/*
2076 * SHA2-256 functions
2077 */
2078caddr_t
2079eay_sha2_256_init()
2080{
2081 SHA256_CTX *c = racoon_malloc(sizeof(*c));
2082
2083 SHA256_Init(c);
2084
2085 return((caddr_t)c);
2086}
2087
2088void
2089eay_sha2_256_update(c, data)
2090 caddr_t c;
2091 vchar_t *data;
2092{
2093 SHA256_Update((SHA256_CTX *)c, (unsigned char *) data->v, data->l);
2094
2095 return;
2096}
2097
2098vchar_t *
2099eay_sha2_256_final(c)
2100 caddr_t c;
2101{
2102 vchar_t *res;
2103
2104 if ((res = vmalloc(SHA256_DIGEST_LENGTH)) == 0)
2105 return(0);
2106
2107 SHA256_Final((unsigned char *) res->v, (SHA256_CTX *)c);
2108 (void)racoon_free(c);
2109
2110 return(res);
2111}
2112
2113vchar_t *
2114eay_sha2_256_one(data)
2115 vchar_t *data;
2116{
2117 caddr_t ctx;
2118 vchar_t *res;
2119
2120 ctx = eay_sha2_256_init();
2121 eay_sha2_256_update(ctx, data);
2122 res = eay_sha2_256_final(ctx);
2123
2124 return(res);
2125}
2126
2127int
2128eay_sha2_256_hashlen()
2129{
2130 return SHA256_DIGEST_LENGTH << 3;
2131}
2132#endif
2133
2134/*
2135 * SHA functions
2136 */
2137caddr_t
2138eay_sha1_init()
2139{
2140 SHA_CTX *c = racoon_malloc(sizeof(*c));
2141
2142 SHA1_Init(c);
2143
2144 return((caddr_t)c);
2145}
2146
2147void
2148eay_sha1_update(c, data)
2149 caddr_t c;
2150 vchar_t *data;
2151{
2152 SHA1_Update((SHA_CTX *)c, data->v, data->l);
2153
2154 return;
2155}
2156
2157vchar_t *
2158eay_sha1_final(c)
2159 caddr_t c;
2160{
2161 vchar_t *res;
2162
2163 if ((res = vmalloc(SHA_DIGEST_LENGTH)) == 0)
2164 return(0);
2165
2166 SHA1_Final((unsigned char *) res->v, (SHA_CTX *)c);
2167 (void)racoon_free(c);
2168
2169 return(res);
2170}
2171
2172vchar_t *
2173eay_sha1_one(data)
2174 vchar_t *data;
2175{
2176 caddr_t ctx;
2177 vchar_t *res;
2178
2179 ctx = eay_sha1_init();
2180 eay_sha1_update(ctx, data);
2181 res = eay_sha1_final(ctx);
2182
2183 return(res);
2184}
2185
2186int
2187eay_sha1_hashlen()
2188{
2189 return SHA_DIGEST_LENGTH << 3;
2190}
2191
2192/*
2193 * MD5 functions
2194 */
2195caddr_t
2196eay_md5_init()
2197{
2198 MD5_CTX *c = racoon_malloc(sizeof(*c));
2199
2200 MD5_Init(c);
2201
2202 return((caddr_t)c);
2203}
2204
2205void
2206eay_md5_update(c, data)
2207 caddr_t c;
2208 vchar_t *data;
2209{
2210 MD5_Update((MD5_CTX *)c, data->v, data->l);
2211
2212 return;
2213}
2214
2215vchar_t *
2216eay_md5_final(c)
2217 caddr_t c;
2218{
2219 vchar_t *res;
2220
2221 if ((res = vmalloc(MD5_DIGEST_LENGTH)) == 0)
2222 return(0);
2223
2224 MD5_Final((unsigned char *) res->v, (MD5_CTX *)c);
2225 (void)racoon_free(c);
2226
2227 return(res);
2228}
2229
2230vchar_t *
2231eay_md5_one(data)
2232 vchar_t *data;
2233{
2234 caddr_t ctx;
2235 vchar_t *res;
2236
2237 ctx = eay_md5_init();
2238 eay_md5_update(ctx, data);
2239 res = eay_md5_final(ctx);
2240
2241 return(res);
2242}
2243
2244int
2245eay_md5_hashlen()
2246{
2247 return MD5_DIGEST_LENGTH << 3;
2248}
2249
e8d9021d
A		 2250
2251#ifdef HAVE_OPENSSL
52b7d2ce
A		 2252/*
2253 * eay_set_random
2254 * size: number of bytes.
2255 */
2256vchar_t *
2257eay_set_random(size)
2258 u_int32_t size;
2259{
2260 BIGNUM *r = NULL;
2261 vchar_t *res = 0;
2262
2263 if ((r = BN_new()) == NULL)
2264 goto end;
2265 BN_rand(r, size * 8, 0, 0);
2266 eay_bn2v(&res, r);
2267
2268end:
2269 if (r)
2270 BN_free(r);
2271 return(res);
2272}
e8d9021d
A		 2273#else
2274vchar_t *
2275eay_set_random(u_int32_t size)
2276{
2277 vchar_t *res = vmalloc(size);
2278
2279 if (res == NULL)
2280 return NULL;
2281
2282 if (SecRandomCopyBytes(kSecRandomDefault, size, res->v)) {
2283 vfree(res);
2284 return NULL;
2285 }
2286
2287 return res;
2288}
2289#endif
52b7d2ce 2290
e8d9021d 2291#ifdef HAVE_OPENSSL
52b7d2ce
A		 2292/* DH */
2293int
2294eay_dh_generate(prime, g, publen, pub, priv)
2295 vchar_t *prime, **pub, **priv;
2296 u_int publen;
2297 u_int32_t g;
2298{
2299 BIGNUM *p = NULL;
2300 DH *dh = NULL;
2301 int error = -1;
2302
2303 /* initialize */
2304 /* pre-process to generate number */
2305 if (eay_v2bn(&p, prime) < 0)
2306 goto end;
2307
2308 if ((dh = DH_new()) == NULL)
2309 goto end;
2310 dh->p = p;
2311 p = NULL; /* p is now part of dh structure */
2312 dh->g = NULL;
2313 if ((dh->g = BN_new()) == NULL)
2314 goto end;
2315 if (!BN_set_word(dh->g, g))
2316 goto end;
2317
2318 if (publen != 0)
2319 dh->length = publen;
2320
2321 /* generate public and private number */
2322 if (!DH_generate_key(dh))
2323 goto end;
2324
2325 /* copy results to buffers */
2326 if (eay_bn2v(pub, dh->pub_key) < 0)
2327 goto end;
2328 if (eay_bn2v(priv, dh->priv_key) < 0) {
2329 vfree(*pub);
2330 goto end;
2331 }
2332
2333 error = 0;
2334
2335end:
2336 if (dh != NULL)
2337 DH_free(dh);
2338 if (p != 0)
2339 BN_free(p);
2340 return(error);
2341}
2342
2343int
2344eay_dh_compute(prime, g, pub, priv, pub2, key)
2345 vchar_t *prime, *pub, *priv, *pub2, **key;
2346 u_int32_t g;
2347{
2348 BIGNUM *dh_pub = NULL;
2349 DH *dh = NULL;
2350 int l;
2351 unsigned char *v = NULL;
2352 int error = -1;
2353
2354 /* make public number to compute */
2355 if (eay_v2bn(&dh_pub, pub2) < 0)
2356 goto end;
2357
2358 /* make DH structure */
2359 if ((dh = DH_new()) == NULL)
2360 goto end;
2361 if (eay_v2bn(&dh->p, prime) < 0)
2362 goto end;
2363 if (eay_v2bn(&dh->pub_key, pub) < 0)
2364 goto end;
2365 if (eay_v2bn(&dh->priv_key, priv) < 0)
2366 goto end;
2367 dh->length = pub2->l * 8;
2368
2369 dh->g = NULL;
2370 if ((dh->g = BN_new()) == NULL)
2371 goto end;
2372 if (!BN_set_word(dh->g, g))
2373 goto end;
2374
2375 if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL)
2376 goto end;
2377 if ((l = DH_compute_key(v, dh_pub, dh)) == -1)
2378 goto end;
2379 memcpy((*key)->v + (prime->l - l), v, l);
2380
2381 error = 0;
2382
2383end:
2384 if (dh_pub != NULL)
2385 BN_free(dh_pub);
2386 if (dh != NULL)
2387 DH_free(dh);
2388 if (v != NULL)
2389 racoon_free(v);
2390 return(error);
2391}
2392
2393/*
2394 * convert vchar_t <-> BIGNUM.
2395 *
2396 * vchar_t: unit is u_char, network endian, most significant byte first.
2397 * BIGNUM: unit is BN_ULONG, each of BN_ULONG is in host endian,
2398 * least significant BN_ULONG must come first.
2399 *
2400 * hex value of "0x3ffe050104" is represented as follows:
2401 * vchar_t: 3f fe 05 01 04
2402 * BIGNUM (BN_ULONG = u_int8_t): 04 01 05 fe 3f
2403 * BIGNUM (BN_ULONG = u_int16_t): 0x0104 0xfe05 0x003f
2404 * BIGNUM (BN_ULONG = u_int32_t_t): 0xfe050104 0x0000003f
2405 */
2406int
2407eay_v2bn(bn, var)
2408 BIGNUM **bn;
2409 vchar_t *var;
2410{
2411 if ((*bn = BN_bin2bn((unsigned char *) var->v, var->l, NULL)) == NULL)
2412 return -1;
2413
2414 return 0;
2415}
2416
2417int
2418eay_bn2v(var, bn)
2419 vchar_t **var;
2420 BIGNUM *bn;
2421{
2422 *var = vmalloc(bn->top * BN_BYTES);
2423 if (*var == NULL)
2424 return(-1);
2425
2426 (*var)->l = BN_bn2bin(bn, (unsigned char *) (*var)->v);
2427
2428 return 0;
2429}
2430
2431void
2432eay_init()
2433{
2434 OpenSSL_add_all_algorithms();
2435 ERR_load_crypto_strings();
2436#ifdef HAVE_OPENSSL_ENGINE_H
2437 ENGINE_load_builtin_engines();
2438 ENGINE_register_all_complete();
2439#endif
2440}
2441
2442vchar_t *
2443base64_decode(char *in, long inlen)
2444{
2445 BIO *bio=NULL, *b64=NULL;
2446 vchar_t *res = NULL;
d1e348cf 2447 char *outb;
52b7d2ce
A		 2448 long outlen;
2449
d1e348cf
A		 2450 outb = malloc(inlen * 2);
2451 if (outb == NULL)
2452 goto out;
52b7d2ce
A		 2453 bio = BIO_new_mem_buf(in, inlen);
2454 b64 = BIO_new(BIO_f_base64());
2455 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
2456 bio = BIO_push(b64, bio);
2457
d1e348cf 2458 outlen = BIO_read(bio, outb, inlen * 2);
52b7d2ce
A		 2459 if (outlen <= 0) {
2460 plog(LLV_ERROR, LOCATION, NULL, "%s\n", eay_strerror());
2461 goto out;
2462 }
2463
2464 res = vmalloc(outlen);
2465 if (!res)
2466 goto out;
2467
d1e348cf 2468 memcpy(res->v, outb, outlen);
52b7d2ce
A		 2469
2470out:
d1e348cf
A		 2471 if (outb)
2472 free(outb);
52b7d2ce
A		 2473 if (bio)
2474 BIO_free_all(bio);
2475
2476 return res;
2477}
2478
2479vchar_t *
2480base64_encode(char *in, long inlen)
2481{
2482 BIO *bio=NULL, *b64=NULL;
2483 char *ptr;
2484 long plen = -1;
2485 vchar_t *res = NULL;
2486
2487 bio = BIO_new(BIO_s_mem());
2488 b64 = BIO_new(BIO_f_base64());
2489 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
2490 bio = BIO_push(b64, bio);
2491
2492 BIO_write(bio, in, inlen);
2493 BIO_flush(bio);
2494
2495 plen = BIO_get_mem_data(bio, &ptr);
2496 res = vmalloc(plen+1);
2497 if (!res)
2498 goto out;
2499
2500 memcpy (res->v, ptr, plen);
2501 res->v[plen] = '\0';
2502
2503out:
2504 if (bio)
2505 BIO_free_all(bio);
2506
2507 return res;
2508}
2509
2510static RSA *
2511binbuf_pubkey2rsa(vchar_t *binbuf)
2512{
2513 BIGNUM *exp, *mod;
2514 RSA *rsa_pub = NULL;
2515
2516 if (binbuf->v[0] > binbuf->l - 1) {
2517 plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: decoded string doesn't make sense.\n");
2518 goto out;
2519 }
2520
2521 exp = BN_bin2bn((unsigned char *) (binbuf->v + 1), binbuf->v[0], NULL);
2522 mod = BN_bin2bn((unsigned char *) (binbuf->v + binbuf->v[0] + 1),
2523 binbuf->l - binbuf->v[0] - 1, NULL);
2524 rsa_pub = RSA_new();
2525
2526 if (!exp || !mod || !rsa_pub) {
2527 plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey parsing error: %s\n", eay_strerror());
2528 if (exp)
2529 BN_free(exp);
2530 if (mod)
2531 BN_free(exp);
2532 if (rsa_pub)
2533 RSA_free(rsa_pub);
2534 rsa_pub = NULL;
2535 goto out;
2536 }
2537
2538 rsa_pub->n = mod;
2539 rsa_pub->e = exp;
2540
2541out:
2542 return rsa_pub;
2543}
2544
2545RSA *
2546base64_pubkey2rsa(char *in)
2547{
2548 BIGNUM *exp, *mod;
2549 RSA *rsa_pub = NULL;
2550 vchar_t *binbuf;
2551
2552 if (strncmp(in, "0s", 2) != 0) {
2553 plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: doesn't start with '0s'\n");
2554 return NULL;
2555 }
2556
2557 binbuf = base64_decode(in + 2, strlen(in + 2));
2558 if (!binbuf) {
2559 plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: Base64 decoding failed.\n");
2560 return NULL;
2561 }
2562
2563 if (binbuf->v[0] > binbuf->l - 1) {
2564 plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey format error: decoded string doesn't make sense.\n");
2565 goto out;
2566 }
2567
2568 rsa_pub = binbuf_pubkey2rsa(binbuf);
2569
2570out:
2571 if (binbuf)
2572 vfree(binbuf);
2573
2574 return rsa_pub;
2575}
2576
2577RSA *
2578bignum_pubkey2rsa(BIGNUM *in)
2579{
2580 RSA *rsa_pub = NULL;
2581 vchar_t *binbuf;
2582
2583 binbuf = vmalloc(BN_num_bytes(in));
2584 if (!binbuf) {
2585 plog(LLV_ERROR, LOCATION, NULL, "Plain RSA pubkey conversion: memory allocation failed..\n");
2586 return NULL;
2587 }
2588
2589 BN_bn2bin(in, (unsigned char *) binbuf->v);
2590
2591 rsa_pub = binbuf_pubkey2rsa(binbuf);
2592
2593out:
2594 if (binbuf)
2595 vfree(binbuf);
2596
2597 return rsa_pub;
2598}
e8d9021d 2599#endif /* HAVE_OPENSSL */
52b7d2ce
A		 2600
2601u_int32_t
2602eay_random()
2603{
2604 u_int32_t result;
2605 vchar_t *vrand;
2606
2607 vrand = eay_set_random(sizeof(result));
2608 memcpy(&result, vrand->v, sizeof(result));
2609 vfree(vrand);
2610
2611 return result;
2612}
2613
e8d9021d 2614#ifdef HAVE_OPENSSL
52b7d2ce
A		 2615const char *
2616eay_version()
2617{
2618 return SSLeay_version(SSLEAY_VERSION);
2619}
e8d9021d 2620#endif
mirror of ipsec