X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=openssl.c;h=5f04c845c6ec1e8b5d837f827233df425033fad4;hp=99b3f7a6c3258bc5ef9981f062388a5a7d2854ba;hb=HEAD;hpb=5f20d9afde364f9ce51aa7841ebe513028a65e81 diff --git a/openssl.c b/openssl.c index 99b3f7a6..f696cd9e 100644 --- a/openssl.c +++ b/openssl.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "para.h" #include "error.h" @@ -36,12 +37,8 @@ void get_random_bytes_or_die(unsigned char *buf, int num) } /* - * Read 64 bytes from /dev/urandom and add them to the SSL PRNG. Seed the PRNG - * used by random(3) with a random seed obtained from SSL. If /dev/urandom is - * not readable, the function calls exit(). - * - * \sa RAND_load_file(3), \ref get_random_bytes_or_die(), srandom(3), - * random(3), \ref para_random(). + * Read 64 bytes from /dev/urandom and add them to the SSL PRNG. Then seed the + * PRNG used by random(3) with a random seed obtained from SSL. */ void crypt_init(void) { @@ -55,24 +52,17 @@ void crypt_init(void) srandom(seed); } -static int get_private_key(const char *path, RSA **rsa) +void crypt_shutdown(void) { - EVP_PKEY *pkey; - BIO *bio = BIO_new(BIO_s_file()); - - *rsa = NULL; - if (!bio) - return -E_PRIVATE_KEY; - if (BIO_read_filename(bio, path) <= 0) - goto bio_free; - pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); - if (!pkey) - goto bio_free; - *rsa = EVP_PKEY_get1_RSA(pkey); - EVP_PKEY_free(pkey); -bio_free: - BIO_free(bio); - return *rsa? RSA_size(*rsa) : -E_PRIVATE_KEY; +#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA + CRYPTO_cleanup_all_ex_data(); +#endif +#ifdef HAVE_OPENSSL_THREAD_STOP /* openssl-1.1 or later */ + OPENSSL_thread_stop(); +#else /* openssl-1.0 */ + ERR_remove_thread_state(NULL); +#endif + EVP_cleanup(); } /* @@ -107,7 +97,7 @@ static int read_bignum(const unsigned char *buf, size_t len, BIGNUM **result) return bnsize + 4; } -static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result) +static int read_public_key(const unsigned char *blob, int blen, RSA **result) { int ret; RSA *rsa; @@ -119,11 +109,11 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result) return -E_BIGNUM; ret = read_bignum(p, end - p, &e); if (ret < 0) - goto fail; + goto free_rsa; p += ret; ret = read_bignum(p, end - p, &n); if (ret < 0) - goto fail; + goto free_e; #ifdef HAVE_RSA_SET0_KEY RSA_set0_key(rsa, n, e, NULL); #else @@ -132,47 +122,195 @@ static int read_rsa_bignums(const unsigned char *blob, int blen, RSA **result) #endif *result = rsa; return 1; -fail: +free_e: + BN_free(e); +free_rsa: RSA_free(rsa); return ret; } -int get_public_key(const char *key_file, struct asymmetric_key **result) +static int read_pem_private_key(const char *path, RSA **rsa) +{ + EVP_PKEY *pkey; + BIO *bio = BIO_new(BIO_s_file()); + + *rsa = NULL; + if (!bio) + return -E_PRIVATE_KEY; + if (BIO_read_filename(bio, path) <= 0) + goto bio_free; + pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); + if (!pkey) + goto bio_free; + *rsa = EVP_PKEY_get1_RSA(pkey); + EVP_PKEY_free(pkey); +bio_free: + BIO_free(bio); + return *rsa? RSA_size(*rsa) : -E_PRIVATE_KEY; +} + +static int read_openssh_private_key(const unsigned char *blob, + const unsigned char *end, RSA **result) +{ + int ret; + RSA *rsa; + BN_CTX *ctx; + BIGNUM *n, *e, *d, *iqmp, *p, *q; /* stored in the key file */ + BIGNUM *dmp1, *dmq1; /* these will be computed */ + BIGNUM *tmp; + const unsigned char *cp = blob; + + rsa = RSA_new(); + if (!rsa) + return -E_BIGNUM; + ret = -E_BIGNUM; + tmp = BN_new(); + if (!tmp) + goto free_rsa; + ctx = BN_CTX_new(); + if (!ctx) + goto free_tmp; + dmp1 = BN_new(); + if (!dmp1) + goto free_ctx; + dmq1 = BN_new(); + if (!dmq1) + goto free_dmp1; + ret = read_bignum(cp, end - cp, &n); + if (ret < 0) + goto free_dmq1; + cp += ret; + ret = read_bignum(cp, end - cp, &e); + if (ret < 0) + goto free_n; + cp += ret; + ret = read_bignum(cp, end - cp, &d); + if (ret < 0) + goto free_e; + cp += ret; + ret = read_bignum(cp, end - cp, &iqmp); + if (ret < 0) + goto free_d; + cp += ret; + ret = read_bignum(cp, end - cp, &p); + if (ret < 0) + goto free_iqmp; + cp += ret; + ret = read_bignum(cp, end - cp, &q); + if (ret < 0) + goto free_p; + ret = -E_BIGNUM; + if (!BN_sub(tmp, q, BN_value_one())) + goto free_q; + if (!BN_mod(dmp1, d, tmp, ctx)) + goto free_q; + if (!BN_sub(tmp, q, BN_value_one())) + goto free_q; + if (!BN_mod(dmq1, d, tmp, ctx)) + goto free_q; +#ifdef HAVE_RSA_SET0_KEY + RSA_set0_key(rsa, n, e, d); + RSA_set0_factors(rsa, p, q); + RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp); +#else + rsa->n = n; + rsa->e = e; + rsa->d = d; + rsa->iqmp = iqmp; + rsa->p = p; + rsa->q = q; + rsa->dmp1 = dmp1; + rsa->dmq1 = dmq1; +#endif + *result = rsa; + ret = 1; + goto free_ctx; +free_q: + BN_clear_free(q); +free_p: + BN_clear_free(p); +free_iqmp: + BN_clear_free(iqmp); +free_d: + BN_clear_free(d); +free_e: + BN_free(e); +free_n: + BN_free(n); +free_dmq1: + BN_clear_free(dmq1); +free_dmp1: + BN_clear_free(dmp1); +free_ctx: + BN_CTX_free(ctx); +free_tmp: + BN_clear_free(tmp); +free_rsa: + if (ret < 0) + RSA_free(rsa); + return ret; +} + +static int get_private_key(const char *path, RSA **rsa) +{ + int ret; + unsigned char *blob, *end; + size_t blob_size; + + *rsa = NULL; + ret = decode_private_key(path, &blob, &blob_size); + if (ret < 0) + return ret; + end = blob + blob_size; + if (ret == PKT_OPENSSH) { + ret = find_openssh_bignum_offset(blob, blob_size); + if (ret < 0) + goto free_blob; + PARA_INFO_LOG("reading RSA params at offset %d\n", ret); + ret = read_openssh_private_key(blob + ret, end, rsa); + } else + ret = read_pem_private_key(path, rsa); +free_blob: + free(blob); + return ret; +} + +int apc_get_pubkey(const char *key_file, struct asymmetric_key **result) { unsigned char *blob; size_t decoded_size; int ret; - struct asymmetric_key *key = para_malloc(sizeof(*key)); + struct asymmetric_key *pub = alloc(sizeof(*pub)); - ret = decode_ssh_key(key_file, &blob, &decoded_size); + ret = decode_public_key(key_file, &blob, &decoded_size); if (ret < 0) goto out; - ret = read_rsa_bignums(blob + ret, decoded_size - ret, &key->rsa); + ret = read_public_key(blob + ret, decoded_size - ret, &pub->rsa); if (ret < 0) goto free_blob; - ret = RSA_size(key->rsa); + ret = RSA_size(pub->rsa); assert(ret > 0); - *result = key; + *result = pub; free_blob: free(blob); out: if (ret < 0) { - free(key); + free(pub); *result = NULL; PARA_ERROR_LOG("can not load key %s\n", key_file); } return ret; } -void free_public_key(struct asymmetric_key *key) +void apc_free_pubkey(struct asymmetric_key *pub) { - if (!key) + if (!pub) return; - RSA_free(key->rsa); - free(key); + RSA_free(pub->rsa); + free(pub); } -int priv_decrypt(const char *key_file, unsigned char *outbuf, +int apc_priv_decrypt(const char *key_file, unsigned char *outbuf, unsigned char *inbuf, int inlen) { struct asymmetric_key *priv; @@ -183,7 +321,7 @@ int priv_decrypt(const char *key_file, unsigned char *outbuf, return ret; if (inlen < 0) return -E_RSA; - priv = para_malloc(sizeof(*priv)); + priv = alloc(sizeof(*priv)); ret = get_private_key(key_file, &priv->rsa); if (ret < 0) { free(priv); @@ -207,7 +345,7 @@ out: return ret; } -int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, +int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, unsigned len, unsigned char *outbuf) { int ret, flen = len; /* RSA_public_encrypt expects a signed int */ @@ -225,7 +363,7 @@ struct stream_cipher { struct stream_cipher *sc_new(const unsigned char *data, int len) { - struct stream_cipher *sc = para_malloc(sizeof(*sc)); + struct stream_cipher *sc = alloc(sizeof(*sc)); assert(len >= 2 * AES_CRT128_BLOCK_SIZE); sc->aes = EVP_CIPHER_CTX_new(); @@ -249,7 +387,7 @@ static void aes_ctr128_crypt(EVP_CIPHER_CTX *ctx, struct iovec *src, *dst = (typeof(*dst)) { /* Add one for the terminating zero byte. */ - .iov_base = para_malloc(inlen + 1), + .iov_base = alloc(inlen + 1), .iov_len = inlen }; ret = EVP_EncryptUpdate(ctx, dst->iov_base, &outlen, src->iov_base, inlen); @@ -268,8 +406,24 @@ void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst) void hash_function(const char *data, unsigned long len, unsigned char *hash) { - SHA_CTX c; - SHA1_Init(&c); - SHA1_Update(&c, data, len); - SHA1_Final(hash, &c); + EVP_MD_CTX *c = EVP_MD_CTX_new(); + int ret = EVP_DigestInit_ex(c, EVP_sha1(), NULL); + assert(ret != 0); + ret = EVP_DigestUpdate(c, data, len); + assert(ret != 0); + ret = EVP_DigestFinal_ex(c, hash, NULL); + assert(ret != 0); + EVP_MD_CTX_free(c); +} + +void hash2_function(const char *data, unsigned long len, unsigned char *hash) +{ + EVP_MD_CTX *c = EVP_MD_CTX_new(); + int ret = EVP_DigestInit_ex(c, EVP_sha256(), NULL); + assert(ret != 0); + ret = EVP_DigestUpdate(c, data, len); + assert(ret != 0); + ret = EVP_DigestFinal_ex(c, hash, NULL); + assert(ret != 0); + EVP_MD_CTX_free(c); }