kris
/
boringssl
1
0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2017 Комити
12 Гране
38 MiB
 
 
 
 
 
 
Дрво: 7104cc96b7
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from '7104cc96b7'
${ noResults }
boringssl/ssl/ssl_rsa.c

409 lines
12 KiB
Датотека Blame Историја 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/ssl.h>

  58. 

  59. #include <openssl/err.h>

  60. #include <openssl/evp.h>

  61. #include <openssl/mem.h>

  62. #include <openssl/x509.h>

  63. 

  64. #include "internal.h"

  65. 

  66. 

  67. static int ssl_set_cert(CERT *c, X509 *x509);

  68. static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);

  69. 

  70. static int is_key_type_supported(int key_type) {

  71.   return key_type == EVP_PKEY_RSA || key_type == EVP_PKEY_EC;

  72. }

  73. 

  74. int SSL_use_certificate(SSL *ssl, X509 *x) {

  75.   if (x == NULL) {

  76.     OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);

  77.     return 0;

  78.   }

  79.   return ssl_set_cert(ssl->cert, x);

  80. }

  81. 

  82. int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *d, int len) {

  83.   X509 *x;

  84.   int ret;

  85. 

  86.   x = d2i_X509(NULL, &d, (long)len);

  87.   if (x == NULL) {

  88.     OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);

  89.     return 0;

  90.   }

  91. 

  92.   ret = SSL_use_certificate(ssl, x);

  93.   X509_free(x);

  94.   return ret;

  95. }

  96. 

  97. int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) {

  98.   EVP_PKEY *pkey;

  99.   int ret;

  100. 

  101.   if (rsa == NULL) {

  102.     OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);

  103.     return 0;

  104.   }

  105. 

  106.   pkey = EVP_PKEY_new();

  107.   if (pkey == NULL) {

  108.     OPENSSL_PUT_ERROR(SSL, ERR_R_EVP_LIB);

  109.     return 0;

  110.   }

  111. 

  112.   RSA_up_ref(rsa);

  113.   EVP_PKEY_assign_RSA(pkey, rsa);

  114. 

  115.   ret = ssl_set_pkey(ssl->cert, pkey);

  116.   EVP_PKEY_free(pkey);

  117. 

  118.   return ret;

  119. }

  120. 

  121. static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) {

  122.   if (!is_key_type_supported(pkey->type)) {

  123.     OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);

  124.     return 0;

  125.   }

  126. 

  127.   if (c->x509 != NULL) {

  128.     /* Sanity-check that the private key and the certificate match, unless the

  129.      * key is opaque (in case of, say, a smartcard). */

  130.     if (!EVP_PKEY_is_opaque(pkey) &&

  131.         !X509_check_private_key(c->x509, pkey)) {

  132.       X509_free(c->x509);

  133.       c->x509 = NULL;

  134.       return 0;

  135.     }

  136.   }

  137. 

  138.   EVP_PKEY_free(c->privatekey);

  139.   c->privatekey = EVP_PKEY_up_ref(pkey);

  140. 

  141.   return 1;

  142. }

  143. 

  144. int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) {

  145.   RSA *rsa = RSA_private_key_from_bytes(der, der_len);

  146.   if (rsa == NULL) {

  147.     OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);

  148.     return 0;

  149.   }

  150. 

  151.   int ret = SSL_use_RSAPrivateKey(ssl, rsa);

  152.   RSA_free(rsa);

  153.   return ret;

  154. }

  155. 

  156. int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) {

  157.   int ret;

  158. 

  159.   if (pkey == NULL) {

  160.     OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);

  161.     return 0;

  162.   }

  163. 

  164.   ret = ssl_set_pkey(ssl->cert, pkey);

  165.   return ret;

  166. }

  167. 

  168. int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const uint8_t *d, long len) {

  169.   int ret;

  170.   const uint8_t *p;

  171.   EVP_PKEY *pkey;

  172. 

  173.   p = d;

  174.   pkey = d2i_PrivateKey(type, NULL, &p, (long)len);

  175.   if (pkey == NULL) {

  176.     OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);

  177.     return 0;

  178.   }

  179. 

  180.   ret = SSL_use_PrivateKey(ssl, pkey);

  181.   EVP_PKEY_free(pkey);

  182.   return ret;

  183. }

  184. 

  185. int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) {

  186.   if (x == NULL) {

  187.     OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);

  188.     return 0;

  189.   }

  190. 

  191.   return ssl_set_cert(ctx->cert, x);

  192. }

  193. 

  194. static int ssl_set_cert(CERT *c, X509 *x) {

  195.   EVP_PKEY *pkey = X509_get_pubkey(x);

  196.   if (pkey == NULL) {

  197.     OPENSSL_PUT_ERROR(SSL, SSL_R_X509_LIB);

  198.     return 0;

  199.   }

  200. 

  201.   if (!is_key_type_supported(pkey->type)) {

  202.     OPENSSL_PUT_ERROR(SSL, SSL_R_UNKNOWN_CERTIFICATE_TYPE);

  203.     EVP_PKEY_free(pkey);

  204.     return 0;

  205.   }

  206. 

  207.   if (c->privatekey != NULL) {

  208.     /* Sanity-check that the private key and the certificate match, unless the

  209.      * key is opaque (in case of, say, a smartcard). */

  210.     if (!EVP_PKEY_is_opaque(c->privatekey) &&

  211.         !X509_check_private_key(x, c->privatekey)) {

  212.       /* don't fail for a cert/key mismatch, just free current private key

  213.        * (when switching to a different cert & key, first this function should

  214.        * be used, then ssl_set_pkey */

  215.       EVP_PKEY_free(c->privatekey);

  216.       c->privatekey = NULL;

  217.       /* clear error queue */

  218.       ERR_clear_error();

  219.     }

  220.   }

  221. 

  222.   EVP_PKEY_free(pkey);

  223. 

  224.   X509_free(c->x509);

  225.   c->x509 = X509_up_ref(x);

  226. 

  227.   return 1;

  228. }

  229. 

  230. int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const uint8_t *d) {

  231.   X509 *x;

  232.   int ret;

  233. 

  234.   x = d2i_X509(NULL, &d, (long)len);

  235.   if (x == NULL) {

  236.     OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);

  237.     return 0;

  238.   }

  239. 

  240.   ret = SSL_CTX_use_certificate(ctx, x);

  241.   X509_free(x);

  242.   return ret;

  243. }

  244. 

  245. int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) {

  246.   int ret;

  247.   EVP_PKEY *pkey;

  248. 

  249.   if (rsa == NULL) {

  250.     OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);

  251.     return 0;

  252.   }

  253. 

  254.   pkey = EVP_PKEY_new();

  255.   if (pkey == NULL) {

  256.     OPENSSL_PUT_ERROR(SSL, ERR_R_EVP_LIB);

  257.     return 0;

  258.   }

  259. 

  260.   RSA_up_ref(rsa);

  261.   EVP_PKEY_assign_RSA(pkey, rsa);

  262. 

  263.   ret = ssl_set_pkey(ctx->cert, pkey);

  264.   EVP_PKEY_free(pkey);

  265.   return ret;

  266. }

  267. 

  268. int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const uint8_t *der,

  269.                                    size_t der_len) {

  270.   RSA *rsa = RSA_private_key_from_bytes(der, der_len);

  271.   if (rsa == NULL) {

  272.     OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);

  273.     return 0;

  274.   }

  275. 

  276.   int ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);

  277.   RSA_free(rsa);

  278.   return ret;

  279. }

  280. 

  281. int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) {

  282.   if (pkey == NULL) {

  283.     OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);

  284.     return 0;

  285.   }

  286. 

  287.   return ssl_set_pkey(ctx->cert, pkey);

  288. }

  289. 

  290. int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const uint8_t *d,

  291.                                 long len) {

  292.   int ret;

  293.   const uint8_t *p;

  294.   EVP_PKEY *pkey;

  295. 

  296.   p = d;

  297.   pkey = d2i_PrivateKey(type, NULL, &p, (long)len);

  298.   if (pkey == NULL) {

  299.     OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB);

  300.     return 0;

  301.   }

  302. 

  303.   ret = SSL_CTX_use_PrivateKey(ctx, pkey);

  304.   EVP_PKEY_free(pkey);

  305.   return ret;

  306. }

  307. 

  308. void SSL_set_private_key_method(SSL *ssl,

  309.                                 const SSL_PRIVATE_KEY_METHOD *key_method) {

  310.   ssl->cert->key_method = key_method;

  311. }

  312. 

  313. int SSL_set_private_key_digest_prefs(SSL *ssl, const int *digest_nids,

  314.                                      size_t num_digests) {

  315.   OPENSSL_free(ssl->cert->digest_nids);

  316. 

  317.   ssl->cert->num_digest_nids = 0;

  318.   ssl->cert->digest_nids = BUF_memdup(digest_nids, num_digests*sizeof(int));

  319.   if (ssl->cert->digest_nids == NULL) {

  320.     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);

  321.     return 0;

  322.   }

  323. 

  324.   ssl->cert->num_digest_nids = num_digests;

  325.   return 1;

  326. }

  327. 

  328. int ssl_has_private_key(SSL *ssl) {

  329.   return ssl->cert->privatekey != NULL || ssl->cert->key_method != NULL;

  330. }

  331. 

  332. int ssl_private_key_type(SSL *ssl) {

  333.   if (ssl->cert->key_method != NULL) {

  334.     return ssl->cert->key_method->type(ssl);

  335.   }

  336.   return EVP_PKEY_id(ssl->cert->privatekey);

  337. }

  338. 

  339. size_t ssl_private_key_max_signature_len(SSL *ssl) {

  340.   if (ssl->cert->key_method != NULL) {

  341.     return ssl->cert->key_method->max_signature_len(ssl);

  342.   }

  343.   return EVP_PKEY_size(ssl->cert->privatekey);

  344. }

  345. 

  346. enum ssl_private_key_result_t ssl_private_key_sign(

  347.     SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out, const EVP_MD *md,

  348.     const uint8_t *in, size_t in_len) {

  349.   if (ssl->cert->key_method != NULL) {

  350.     return ssl->cert->key_method->sign(ssl, out, out_len, max_out, md, in,

  351.                                        in_len);

  352.   }

  353. 

  354.   enum ssl_private_key_result_t ret = ssl_private_key_failure;

  355.   EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(ssl->cert->privatekey, NULL);

  356.   if (ctx == NULL) {

  357.     goto end;

  358.   }

  359. 

  360.   size_t len = max_out;

  361.   if (!EVP_PKEY_sign_init(ctx) ||

  362.       !EVP_PKEY_CTX_set_signature_md(ctx, md) ||

  363.       !EVP_PKEY_sign(ctx, out, &len, in, in_len)) {

  364.     goto end;

  365.   }

  366.   *out_len = len;

  367.   ret = ssl_private_key_success;

  368. 

  369. end:

  370.   EVP_PKEY_CTX_free(ctx);

  371.   return ret;

  372. }

  373. 

  374. enum ssl_private_key_result_t ssl_private_key_sign_complete(

  375.     SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out) {

  376.   /* Only custom keys may be asynchronous. */

  377.   return ssl->cert->key_method->sign_complete(ssl, out, out_len, max_out);

  378. }

  379. 

  380. enum ssl_private_key_result_t ssl_private_key_decrypt(

  381.     SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,

  382.     const uint8_t *in, size_t in_len) {

  383.   if (ssl->cert->key_method != NULL) {

  384.     return ssl->cert->key_method->decrypt(ssl, out, out_len, max_out, in,

  385.                                           in_len);

  386.   }

  387. 

  388.   if (ssl_private_key_type(ssl) != EVP_PKEY_RSA) {

  389.     /* Decrypt operations are only supported for RSA keys. */

  390.     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);

  391.     return ssl_private_key_failure;

  392.   }

  393. 

  394.   enum ssl_private_key_result_t ret = ssl_private_key_failure;

  395.   RSA *rsa = ssl->cert->privatekey->pkey.rsa;

  396.   /* Decrypt with no padding. PKCS#1 padding will be removed as part

  397.    * of the timing-sensitive code by the caller. */

  398.   if (RSA_decrypt(rsa, out_len, out, max_out, in, in_len, RSA_NO_PADDING)) {

  399.     ret = ssl_private_key_success;

  400.   }

  401.   return ret;

  402. }

  403. 

  404. enum ssl_private_key_result_t ssl_private_key_decrypt_complete(

  405.     SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out) {

  406.   /* Only custom keys may be asynchronous. */

  407.   return ssl->cert->key_method->decrypt_complete(ssl, out, out_len, max_out);

  408. }