1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/libcrypto/src/crypto/rsa/rsa_pk1.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,224 @@
1.4 +/* crypto/rsa/rsa_pk1.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <stdio.h>
1.63 +#include "cryptlib.h"
1.64 +#include <openssl/bn.h>
1.65 +#include <openssl/rsa.h>
1.66 +#include <openssl/rand.h>
1.67 +
1.68 +EXPORT_C int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
1.69 + const unsigned char *from, int flen)
1.70 + {
1.71 + int j;
1.72 + unsigned char *p;
1.73 +
1.74 + if (flen > (tlen-RSA_PKCS1_PADDING_SIZE))
1.75 + {
1.76 + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
1.77 + return(0);
1.78 + }
1.79 +
1.80 + p=(unsigned char *)to;
1.81 +
1.82 + *(p++)=0;
1.83 + *(p++)=1; /* Private Key BT (Block Type) */
1.84 +
1.85 + /* pad out with 0xff data */
1.86 + j=tlen-3-flen;
1.87 + memset(p,0xff,j);
1.88 + p+=j;
1.89 + *(p++)='\0';
1.90 + memcpy(p,from,(unsigned int)flen);
1.91 + return(1);
1.92 + }
1.93 +
1.94 +EXPORT_C int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
1.95 + const unsigned char *from, int flen, int num)
1.96 + {
1.97 + int i,j;
1.98 + const unsigned char *p;
1.99 +
1.100 + p=from;
1.101 + if ((num != (flen+1)) || (*(p++) != 01))
1.102 + {
1.103 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
1.104 + return(-1);
1.105 + }
1.106 +
1.107 + /* scan over padding data */
1.108 + j=flen-1; /* one for type. */
1.109 + for (i=0; i<j; i++)
1.110 + {
1.111 + if (*p != 0xff) /* should decrypt to 0xff */
1.112 + {
1.113 + if (*p == 0)
1.114 + { p++; break; }
1.115 + else {
1.116 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
1.117 + return(-1);
1.118 + }
1.119 + }
1.120 + p++;
1.121 + }
1.122 +
1.123 + if (i == j)
1.124 + {
1.125 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
1.126 + return(-1);
1.127 + }
1.128 +
1.129 + if (i < 8)
1.130 + {
1.131 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
1.132 + return(-1);
1.133 + }
1.134 + i++; /* Skip over the '\0' */
1.135 + j-=i;
1.136 + if (j > tlen)
1.137 + {
1.138 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
1.139 + return(-1);
1.140 + }
1.141 + memcpy(to,p,(unsigned int)j);
1.142 +
1.143 + return(j);
1.144 + }
1.145 +
1.146 +EXPORT_C int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
1.147 + const unsigned char *from, int flen)
1.148 + {
1.149 + int i,j;
1.150 + unsigned char *p;
1.151 +
1.152 + if (flen > (tlen-11))
1.153 + {
1.154 + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
1.155 + return(0);
1.156 + }
1.157 +
1.158 + p=(unsigned char *)to;
1.159 +
1.160 + *(p++)=0;
1.161 + *(p++)=2; /* Public Key BT (Block Type) */
1.162 +
1.163 + /* pad out with non-zero random data */
1.164 + j=tlen-3-flen;
1.165 +
1.166 + if (RAND_bytes(p,j) <= 0)
1.167 + return(0);
1.168 + for (i=0; i<j; i++)
1.169 + {
1.170 + if (*p == '\0')
1.171 + do {
1.172 + if (RAND_bytes(p,1) <= 0)
1.173 + return(0);
1.174 + } while (*p == '\0');
1.175 + p++;
1.176 + }
1.177 +
1.178 + *(p++)='\0';
1.179 +
1.180 + memcpy(p,from,(unsigned int)flen);
1.181 + return(1);
1.182 + }
1.183 +
1.184 +EXPORT_C int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
1.185 + const unsigned char *from, int flen, int num)
1.186 + {
1.187 + int i,j;
1.188 + const unsigned char *p;
1.189 +
1.190 + p=from;
1.191 + if ((num != (flen+1)) || (*(p++) != 02))
1.192 + {
1.193 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
1.194 + return(-1);
1.195 + }
1.196 +#ifdef PKCS1_CHECK
1.197 + return(num-11);
1.198 +#endif
1.199 +
1.200 + /* scan over padding data */
1.201 + j=flen-1; /* one for type. */
1.202 + for (i=0; i<j; i++)
1.203 + if (*(p++) == 0) break;
1.204 +
1.205 + if (i == j)
1.206 + {
1.207 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
1.208 + return(-1);
1.209 + }
1.210 +
1.211 + if (i < 8)
1.212 + {
1.213 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
1.214 + return(-1);
1.215 + }
1.216 + i++; /* Skip over the '\0' */
1.217 + j-=i;
1.218 + if (j > tlen)
1.219 + {
1.220 + RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
1.221 + return(-1);
1.222 + }
1.223 + memcpy(to,p,(unsigned int)j);
1.224 +
1.225 + return(j);
1.226 + }
1.227 +