X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=crypt.c;h=352c5b8d8e97832ed3d782ce3ad1984890ad5cf7;hp=cf1cabecbad80cdca6d69cf2bbc2165427a84ed8;hb=8ea8abb73199b32fdd7afdf8825afa42ed8de244;hpb=3580fe47cc87b25aa0497eb54387e1165ba17407;ds=sidebyside diff --git a/crypt.c b/crypt.c index cf1cabec..352c5b8d 100644 --- a/crypt.c +++ b/crypt.c @@ -1,27 +1,69 @@ /* - * Copyright (C) 2005-2006 Andre Noll + * Copyright (C) 2005-2009 Andre Noll * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA. + * Licensed under the GPL v2. For licencing details see COPYING. */ /** \file crypt.c openssl-based RSA encryption/decryption routines */ +#include +#include +#include +#include +#include +#include +#include + #include "para.h" #include "error.h" #include "string.h" #include "crypt.h" +#include "fd.h" +/** + * Fill a buffer with random content. + * + * \param buf The buffer to fill. + * \param num The size of \a buf in bytes. + * + * This function puts \a num cryptographically strong pseudo-random bytes into + * buf. If libssl can not guarantee an unpredictable byte sequence (for example + * because the PRNG has not been seeded with enough randomness) the function + * logs an error message and calls exit(). + */ +void get_random_bytes_or_die(unsigned char *buf, int num) +{ + unsigned long err; + + /* RAND_bytes() returns 1 on success, 0 otherwise. */ + if (RAND_bytes(buf, num) == 1) + return; + err = ERR_get_error(); + PARA_EMERG_LOG("%s\n", ERR_reason_error_string(err)); + exit(EXIT_FAILURE); +} + +/** + * Seed pseudo random number generators. + * + * This function reads 64 bytes from /dev/urandom and adds them to the SSL + * PRNG. It also seeds the PRNG used by random() with a random seed obtained + * from SSL. If /dev/random could not be read, an error message is logged and + * the function calls exit(). + * + * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3), + * random(3), \ref para_random(). + */ +void init_random_seed_or_die(void) +{ + int seed, ret = RAND_load_file("/dev/urandom", 64); + + if (ret != 64) { + PARA_EMERG_LOG("could not seed PRNG (ret = %d)\n", ret); + exit(EXIT_FAILURE); + } + get_random_bytes_or_die((unsigned char *)&seed, sizeof(seed)); + srandom(seed); +} static EVP_PKEY *load_key(const char *file, int private) { @@ -41,13 +83,24 @@ static EVP_PKEY *load_key(const char *file, int private) return pkey; } - +/** + * read an RSA key from a file + * + * \param key_file the file containing the key + * \param rsa RSA structure is returned here + * \param private if non-zero, read the private key, otherwise the public key + * + * \return The size of the RSA key on success, negative on errors. + * + * \sa openssl(1), rsa(1). + */ int get_rsa_key(char *key_file, RSA **rsa, int private) { EVP_PKEY *key = load_key(key_file, private); if (!key) - return (private == LOAD_PRIVATE_KEY)? -E_PRIVATE_KEY : -E_PUBLIC_KEY; + return (private == LOAD_PRIVATE_KEY)? -E_PRIVATE_KEY + : -E_PUBLIC_KEY; *rsa = EVP_PKEY_get1_RSA(key); EVP_PKEY_free(key); if (!*rsa) @@ -55,6 +108,19 @@ int get_rsa_key(char *key_file, RSA **rsa, int private) return RSA_size(*rsa); } +/** + * free an RSA structure + * + * \param rsa pointer to the RSA struct to free + * + * This must be called for any key obtained by get_rsa_key(). + */ +void rsa_free(RSA *rsa) +{ + if (rsa) + RSA_free(rsa); +} + /** * decrypt a buffer using an RSA key * @@ -70,84 +136,148 @@ int get_rsa_key(char *key_file, RSA **rsa, int private) * \sa RSA_private_decrypt(3) **/ int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *inbuf, - int rsa_inlen) + unsigned rsa_inlen) { RSA *rsa; - int ret = get_rsa_key(key_file, &rsa, LOAD_PRIVATE_KEY); + int ret, inlen = rsa_inlen; + if (inlen < 0) + return -E_RSA; + ret = get_rsa_key(key_file, &rsa, LOAD_PRIVATE_KEY); if (ret < 0) return ret; - ret = RSA_private_decrypt(rsa_inlen, inbuf, outbuf, rsa, RSA_PKCS1_PADDING); + ret = RSA_private_decrypt(inlen, inbuf, outbuf, rsa, RSA_PKCS1_OAEP_PADDING); + rsa_free(rsa); return (ret > 0)? ret : -E_DECRYPT; } /** - * decrypt the challenge number sent by para_server + * encrypt a buffer using an RSA key * - * \param key_file full path of the rsa key - * \param challenge_nr result is stored here + * \param rsa: public rsa key * \param inbuf the input buffer - * \param rsa_inlen the length of \a inbuf + * \param len the length of \a inbuf + * \param outbuf the output buffer + * + * \return The size of the encrypted data on success, negative on errors + * + * \sa RSA_public_encrypt(3) + */ +int para_encrypt_buffer(RSA *rsa, unsigned char *inbuf, + unsigned len, unsigned char *outbuf) +{ + int ret, flen = len; /* RSA_public_encrypt expects a signed int */ + + if (flen < 0) + return -E_ENCRYPT; + ret = RSA_public_encrypt(flen, inbuf, outbuf, rsa, RSA_PKCS1_OAEP_PADDING); + return ret < 0? -E_ENCRYPT : ret; +} + +/** + * Encrypt and send a buffer. * - * \return positive on success, negative on errors + * \param rc4c The rc4 crypt context. + * \param buf The buffer to send. + * \param len The size of \a buf in bytes. * - * \sa para_decrypt_buffer() + * \return The return value of the underyling call to write_all(). + * + * \sa \ref write_all(), RC4(3). */ -int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr, - unsigned char *inbuf, int rsa_inlen) +int rc4_send_bin_buffer(struct rc4_context *rc4c, const char *buf, size_t len) { - unsigned char *rsa_out = OPENSSL_malloc(rsa_inlen + 1); - int ret = para_decrypt_buffer(key_file, rsa_out, inbuf, rsa_inlen); + int ret; + unsigned char *tmp; - if (ret >= 0) { - rsa_out[ret] = '\0'; - ret = sscanf((char *)rsa_out, "%lu", challenge_nr) == 1? - 1 : -E_CHALLENGE; - } - OPENSSL_free(rsa_out); + assert(len); + tmp = para_malloc(len); + RC4(&rc4c->send_key, len, (const unsigned char *)buf, tmp); + ret = write_all(rc4c->fd, (char *)tmp, &len); + free(tmp); return ret; } /** - * encrypt a buffer using an RSA key - * - * \param rsa: public rsa key - * \param inbuf the input buffer - * \param len the length of \a inbuf - * \param outbuf the output buffer + * Encrypt and send a \p NULL-terminated buffer. * - * \return The size of the encrypted data on success, negative on errors + * \param rc4c The rc4 crypt context. + * \param buf The buffer to send. * - * \sa RSA_public_encrypt(3) + * \return The return value of the underyling call to rc4_send_bin_buffer(). */ -int para_encrypt_buffer(RSA *rsa, unsigned char *inbuf, - const unsigned len, unsigned char *outbuf) +int rc4_send_buffer(struct rc4_context *rc4c, const char *buf) { - int ret = RSA_public_encrypt(len, inbuf, outbuf, rsa, - RSA_PKCS1_PADDING); - return ret < 0? -E_ENCRYPT : ret; + return rc4_send_bin_buffer(rc4c, buf, strlen(buf)); } /** - * encrypt the given challenge number + * Format, encrypt and send a buffer. * - * \param rsa: public rsa key - * \param challenge_nr the number to be encrypted - * \param outbuf the output buffer + * \param rc4c The rc4 crypt context. + * \param fmt A format string. * - * \a outbuf must be at least 64 bytes long + * \return The return value of the underyling call to rc4_send_buffer(). + */ +__printf_2_3 int rc4_send_va_buffer(struct rc4_context *rc4c, const char *fmt, ...) +{ + char *msg; + int ret; + + PARA_VSPRINTF(fmt, msg); + ret = rc4_send_buffer(rc4c, msg); + free(msg); + return ret; +} + +/** + * Receive a buffer and decrypt it. * - * \return The size of the encrypted data on success, negative on errors + * \param rc4c The rc4 crypt context. + * \param buf The buffer to write the decrypted data to. + * \param size The size of \a buf. * - * \sa para_encrypt_buffer() + * \return The number of bytes received on success, negative on errors, zero if + * the peer has performed an orderly shutdown. * + * \sa recv(2), RC4(3). */ -int para_encrypt_challenge(RSA* rsa, long unsigned challenge_nr, - unsigned char *outbuf) +int rc4_recv_bin_buffer(struct rc4_context *rc4c, char *buf, size_t size) { - unsigned char *inbuf = (unsigned char*) make_message("%lu", challenge_nr); - int ret = para_encrypt_buffer(rsa, inbuf, strlen((char *)inbuf), outbuf); - free(inbuf); + unsigned char *tmp = para_malloc(size); + ssize_t ret = recv(rc4c->fd, tmp, size, 0); + + if (ret > 0) + RC4(&rc4c->recv_key, ret, tmp, (unsigned char *)buf); + else if (ret < 0) + ret = -ERRNO_TO_PARA_ERROR(errno); + free(tmp); return ret; } +/** + * Receive a buffer, decrypt it and write terminating NULL byte. + * + * \param rc4c The rc4 crypt context. + * \param buf The buffer to write the decrypted data to. + * \param size The size of \a buf. + * + * Read at most \a size - 1 bytes from file descriptor given by \a rc4c, + * decrypt the received data and write a NULL byte at the end of the decrypted + * data. + * + * \return The return value of the underlying call to \ref + * rc4_recv_bin_buffer(). + */ +int rc4_recv_buffer(struct rc4_context *rc4c, char *buf, size_t size) +{ + int n; + + assert(size); + n = rc4_recv_bin_buffer(rc4c, buf, size - 1); + if (n >= 0) + buf[n] = '\0'; + else + *buf = '\0'; + return n; +}