root/openpgpsdk/trunk/src/openssl_crypto.c

Revision 383 (checked in by ben, 7 years ago)

Decrypt session keys. Generalise CFB mode.

Line 
1 /** \file
2  */
3
4 #include <openpgpsdk/configure.h>
5 #include <openpgpsdk/crypto.h>
6 #include <openssl/md5.h>
7 #include <openssl/sha.h>
8 #include <openssl/dsa.h>
9 #include <openssl/rsa.h>
10 #include <openssl/err.h>
11 #include <assert.h>
12 #include <stdlib.h>
13
14 #include <openpgpsdk/final.h>
15
16 static void md5_init(ops_hash_t *hash)
17     {
18     assert(!hash->data);
19     hash->data=malloc(sizeof(MD5_CTX));
20     MD5_Init(hash->data);
21     }
22
23 static void md5_add(ops_hash_t *hash,const unsigned char *data,unsigned length)
24     {
25     MD5_Update(hash->data,data,length);
26     }
27
28 static unsigned md5_finish(ops_hash_t *hash,unsigned char *out)
29     {
30     MD5_Final(out,hash->data);
31     free(hash->data);
32     hash->data=NULL;
33     return 16;
34     }
35
36 static ops_hash_t md5={OPS_HASH_MD5,"MD5",md5_init,md5_add,md5_finish,NULL};
37
38 void ops_hash_md5(ops_hash_t *hash)
39     {
40     *hash=md5;
41     }
42
43 static void sha1_init(ops_hash_t *hash)
44     {
45     assert(!hash->data);
46     hash->data=malloc(sizeof(SHA_CTX));
47     SHA1_Init(hash->data);
48     }
49
50 static void sha1_add(ops_hash_t *hash,const unsigned char *data,
51                      unsigned length)
52     {
53     SHA1_Update(hash->data,data,length);
54     }
55
56 static unsigned sha1_finish(ops_hash_t *hash,unsigned char *out)
57     {
58     SHA1_Final(out,hash->data);
59     free(hash->data);
60     hash->data=NULL;
61     return 20;
62     }
63
64 static ops_hash_t sha1={OPS_HASH_SHA1,"SHA1",sha1_init,sha1_add,sha1_finish,
65                         NULL};
66
67 void ops_hash_sha1(ops_hash_t *hash)
68     {
69     *hash=sha1;
70     }
71
72 ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length,
73                              const ops_dsa_signature_t *sig,
74                              const ops_dsa_public_key_t *dsa)
75     {
76     DSA_SIG *osig;
77     DSA *odsa;
78     int ret;
79
80     osig=DSA_SIG_new();
81     osig->r=sig->r;
82     osig->s=sig->s;
83
84     odsa=DSA_new();
85     odsa->p=dsa->p;
86     odsa->q=dsa->q;
87     odsa->g=dsa->g;
88     odsa->pub_key=dsa->y;
89
90     ret=DSA_do_verify(hash,hash_length,osig,odsa);
91     assert(ret >= 0);
92
93     odsa->p=odsa->q=odsa->g=odsa->pub_key=NULL;
94     DSA_free(odsa);
95  
96     osig->r=osig->s=NULL;
97     DSA_SIG_free(osig);
98
99     return ret != 0;
100     }
101
102 int ops_rsa_public_decrypt(unsigned char *out,const unsigned char *in,
103                            size_t length,const ops_rsa_public_key_t *rsa)
104     {
105     RSA *orsa;
106     int n;
107
108     orsa=RSA_new();
109     orsa->n=rsa->n;
110     orsa->e=rsa->e;
111
112     n=RSA_public_decrypt(length,in,out,orsa,RSA_NO_PADDING);
113
114     orsa->n=orsa->e=NULL;
115     RSA_free(orsa);
116
117     return n;
118     }
119
120 int ops_rsa_private_encrypt(unsigned char *out,const unsigned char *in,
121                             size_t length,const ops_rsa_secret_key_t *srsa,
122                             const ops_rsa_public_key_t *rsa)
123     {
124     RSA *orsa;
125     int n;
126
127     orsa=RSA_new();
128     orsa->n=rsa->n;     // XXX: do we need n?
129     orsa->d=srsa->d;
130     orsa->p=srsa->q;
131     orsa->q=srsa->p;
132
133     /* debug */
134     orsa->e=rsa->e;
135     assert(RSA_check_key(orsa) == 1);
136     orsa->e=NULL;
137     /* end debug */
138
139     n=RSA_private_encrypt(length,in,out,orsa,RSA_NO_PADDING);
140
141     orsa->n=orsa->d=orsa->p=orsa->q=NULL;
142     RSA_free(orsa);
143
144     return n;
145     }
146
147 int ops_rsa_private_decrypt(unsigned char *out,const unsigned char *in,
148                             size_t length,const ops_rsa_secret_key_t *srsa,
149                             const ops_rsa_public_key_t *rsa)
150     {
151     RSA *orsa;
152     int n;
153
154     orsa=RSA_new();
155     orsa->n=rsa->n;     // XXX: do we need n?
156     orsa->d=srsa->d;
157     orsa->p=srsa->q;
158     orsa->q=srsa->p;
159
160     /* debug */
161     orsa->e=rsa->e;
162     assert(RSA_check_key(orsa) == 1);
163     orsa->e=NULL;
164     /* end debug */
165
166     n=RSA_private_decrypt(length,in,out,orsa,RSA_NO_PADDING);
167
168     orsa->n=orsa->d=orsa->p=orsa->q=NULL;
169     RSA_free(orsa);
170
171     return n;
172     }
173
174 void ops_crypto_init()
175     {
176 #ifdef DMALLOC
177     CRYPTO_malloc_debug_init();
178     CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
179     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
180 #endif
181     }
182
183 void ops_crypto_finish()
184     {
185     CRYPTO_cleanup_all_ex_data();
186     ERR_remove_state(0);
187 #ifdef DMALLOC
188     CRYPTO_mem_leaks_fp(stderr);
189 #endif
190     }
191
192 const char *ops_text_from_hash(ops_hash_t *hash)
193     { return hash->name; }
Note: See TracBrowser for help on using the browser.