]> git.saurik.com Git - apple/security.git/blob - Security/libsecurity_apple_csp/open_ssl/rsa/rsa_pk1.c
Security-57031.1.35.tar.gz
[apple/security.git] / Security / libsecurity_apple_csp / open_ssl / rsa / rsa_pk1.c
1 /*
2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /* crypto/rsa/rsa_pk1.c */
20 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
21 * All rights reserved.
22 *
23 * This package is an SSL implementation written
24 * by Eric Young (eay@cryptsoft.com).
25 * The implementation was written so as to conform with Netscapes SSL.
26 *
27 * This library is free for commercial and non-commercial use as long as
28 * the following conditions are aheared to. The following conditions
29 * apply to all code found in this distribution, be it the RC4, RSA,
30 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
31 * included with this distribution is covered by the same copyright terms
32 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
33 *
34 * Copyright remains Eric Young's, and as such any Copyright notices in
35 * the code are not to be removed.
36 * If this package is used in a product, Eric Young should be given attribution
37 * as the author of the parts of the library used.
38 * This can be in the form of a textual message at program startup or
39 * in documentation (online or textual) provided with the package.
40 *
41 * Redistribution and use in source and binary forms, with or without
42 * modification, are permitted provided that the following conditions
43 * are met:
44 * 1. Redistributions of source code must retain the copyright
45 * notice, this list of conditions and the following disclaimer.
46 * 2. Redistributions in binary form must reproduce the above copyright
47 * notice, this list of conditions and the following disclaimer in the
48 * documentation and/or other materials provided with the distribution.
49 * 3. All advertising materials mentioning features or use of this software
50 * must display the following acknowledgement:
51 * "This product includes cryptographic software written by
52 * Eric Young (eay@cryptsoft.com)"
53 * The word 'cryptographic' can be left out if the rouines from the library
54 * being used are not cryptographic related :-).
55 * 4. If you include any Windows specific code (or a derivative thereof) from
56 * the apps directory (application code) you must include an acknowledgement:
57 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
58 *
59 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
60 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
61 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
62 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
63 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
64 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
65 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
66 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
67 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
68 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
69 * SUCH DAMAGE.
70 *
71 * The licence and distribution terms for any publically available version or
72 * derivative of this code cannot be changed. i.e. this code cannot simply be
73 * copied and put under another distribution licence
74 * [including the GNU Public Licence.]
75 */
76
77 #include <stdio.h>
78 #include "cryptlib.h"
79 #include <openssl/bn.h>
80 #include <openssl/rsa.h>
81 #include <openssl/rand.h>
82
83 int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
84 unsigned char *from, int flen)
85 {
86 int j;
87 unsigned char *p;
88
89 if (flen > (tlen-11))
90 {
91 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
92 return(0);
93 }
94
95 p=(unsigned char *)to;
96
97 *(p++)=0;
98 *(p++)=1; /* Private Key BT (Block Type) */
99
100 /* pad out with 0xff data */
101 j=tlen-3-flen;
102 memset(p,0xff,j);
103 p+=j;
104 *(p++)='\0';
105 memcpy(p,from,(unsigned int)flen);
106 return(1);
107 }
108
109 int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
110 unsigned char *from, int flen, int num)
111 {
112 int i,j;
113 unsigned char *p;
114
115 p=from;
116 if ((num != (flen+1)) || (*(p++) != 01))
117 {
118 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
119 return(-1);
120 }
121
122 /* scan over padding data */
123 j=flen-1; /* one for type. */
124 for (i=0; i<j; i++)
125 {
126 if (*p != 0xff) /* should decrypt to 0xff */
127 {
128 if (*p == 0)
129 { p++; break; }
130 else {
131 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
132 return(-1);
133 }
134 }
135 p++;
136 }
137
138 if (i == j)
139 {
140 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
141 return(-1);
142 }
143
144 if (i < 8)
145 {
146 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
147 return(-1);
148 }
149 i++; /* Skip over the '\0' */
150 j-=i;
151 if (j > tlen)
152 {
153 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
154 return(-1);
155 }
156 memcpy(to,p,(unsigned int)j);
157
158 return(j);
159 }
160
161 int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
162 unsigned char *from, int flen)
163 {
164 int i,j;
165 unsigned char *p;
166
167 if (flen > (tlen-11))
168 {
169 RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
170 return(0);
171 }
172
173 p=(unsigned char *)to;
174
175 *(p++)=0;
176 *(p++)=2; /* Public Key BT (Block Type) */
177
178 /* pad out with non-zero random data */
179 j=tlen-3-flen;
180
181 if (RAND_bytes(p,j) <= 0)
182 return(0);
183 for (i=0; i<j; i++)
184 {
185 if (*p == '\0')
186 do {
187 if (RAND_bytes(p,1) <= 0)
188 return(0);
189 } while (*p == '\0');
190 p++;
191 }
192
193 *(p++)='\0';
194
195 memcpy(p,from,(unsigned int)flen);
196 return(1);
197 }
198
199 int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
200 unsigned char *from, int flen, int num)
201 {
202 int i,j;
203 unsigned char *p;
204
205 p=from;
206 if ((num != (flen+1)) || (*(p++) != 02))
207 {
208 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
209 return(-1);
210 }
211 #ifdef PKCS1_CHECK
212 return(num-11);
213 #endif
214
215 /* scan over padding data */
216 j=flen-1; /* one for type. */
217 for (i=0; i<j; i++)
218 if (*(p++) == 0) break;
219
220 if (i == j)
221 {
222 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
223 return(-1);
224 }
225
226 if (i < 8)
227 {
228 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
229 return(-1);
230 }
231 i++; /* Skip over the '\0' */
232 j-=i;
233 if (j > tlen)
234 {
235 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
236 return(-1);
237 }
238 memcpy(to,p,(unsigned int)j);
239
240 return(j);
241 }
242