|
1 /* rsa_x931.c */ |
|
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
|
3 * project 2005. |
|
4 */ |
|
5 /* ==================================================================== |
|
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved. |
|
7 * |
|
8 * Redistribution and use in source and binary forms, with or without |
|
9 * modification, are permitted provided that the following conditions |
|
10 * are met: |
|
11 * |
|
12 * 1. Redistributions of source code must retain the above copyright |
|
13 * notice, this list of conditions and the following disclaimer. |
|
14 * |
|
15 * 2. Redistributions in binary form must reproduce the above copyright |
|
16 * notice, this list of conditions and the following disclaimer in |
|
17 * the documentation and/or other materials provided with the |
|
18 * distribution. |
|
19 * |
|
20 * 3. All advertising materials mentioning features or use of this |
|
21 * software must display the following acknowledgment: |
|
22 * "This product includes software developed by the OpenSSL Project |
|
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
|
24 * |
|
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
26 * endorse or promote products derived from this software without |
|
27 * prior written permission. For written permission, please contact |
|
28 * licensing@OpenSSL.org. |
|
29 * |
|
30 * 5. Products derived from this software may not be called "OpenSSL" |
|
31 * nor may "OpenSSL" appear in their names without prior written |
|
32 * permission of the OpenSSL Project. |
|
33 * |
|
34 * 6. Redistributions of any form whatsoever must retain the following |
|
35 * acknowledgment: |
|
36 * "This product includes software developed by the OpenSSL Project |
|
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
|
38 * |
|
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
50 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
51 * ==================================================================== |
|
52 * |
|
53 * This product includes cryptographic software written by Eric Young |
|
54 * (eay@cryptsoft.com). This product includes software written by Tim |
|
55 * Hudson (tjh@cryptsoft.com). |
|
56 * |
|
57 */ |
|
58 |
|
59 #include <stdio.h> |
|
60 #include "cryptlib.h" |
|
61 #include <openssl/bn.h> |
|
62 #include <openssl/rsa.h> |
|
63 #include <openssl/rand.h> |
|
64 #include <openssl/objects.h> |
|
65 |
|
66 EXPORT_C int RSA_padding_add_X931(unsigned char *to, int tlen, |
|
67 const unsigned char *from, int flen) |
|
68 { |
|
69 int j; |
|
70 unsigned char *p; |
|
71 |
|
72 /* Absolute minimum amount of padding is 1 header nibble, 1 padding |
|
73 * nibble and 2 trailer bytes: but 1 hash if is already in 'from'. |
|
74 */ |
|
75 |
|
76 j = tlen - flen - 2; |
|
77 |
|
78 if (j < 0) |
|
79 { |
|
80 RSAerr(RSA_F_RSA_PADDING_ADD_X931,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); |
|
81 return -1; |
|
82 } |
|
83 |
|
84 p=(unsigned char *)to; |
|
85 |
|
86 /* If no padding start and end nibbles are in one byte */ |
|
87 if (j == 0) |
|
88 *p++ = 0x6A; |
|
89 else |
|
90 { |
|
91 *p++ = 0x6B; |
|
92 if (j > 1) |
|
93 { |
|
94 memset(p, 0xBB, j - 1); |
|
95 p += j - 1; |
|
96 } |
|
97 *p++ = 0xBA; |
|
98 } |
|
99 memcpy(p,from,(unsigned int)flen); |
|
100 p += flen; |
|
101 *p = 0xCC; |
|
102 return(1); |
|
103 } |
|
104 |
|
105 EXPORT_C int RSA_padding_check_X931(unsigned char *to, int tlen, |
|
106 const unsigned char *from, int flen, int num) |
|
107 { |
|
108 int i = 0,j; |
|
109 const unsigned char *p; |
|
110 |
|
111 p=from; |
|
112 if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) |
|
113 { |
|
114 RSAerr(RSA_F_RSA_PADDING_CHECK_X931,RSA_R_INVALID_HEADER); |
|
115 return -1; |
|
116 } |
|
117 |
|
118 if (*p++ == 0x6B) |
|
119 { |
|
120 j=flen-3; |
|
121 for (i = 0; i < j; i++) |
|
122 { |
|
123 unsigned char c = *p++; |
|
124 if (c == 0xBA) |
|
125 break; |
|
126 if (c != 0xBB) |
|
127 { |
|
128 RSAerr(RSA_F_RSA_PADDING_CHECK_X931, |
|
129 RSA_R_INVALID_PADDING); |
|
130 return -1; |
|
131 } |
|
132 } |
|
133 |
|
134 j -= i; |
|
135 |
|
136 if (i == 0) |
|
137 { |
|
138 RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING); |
|
139 return -1; |
|
140 } |
|
141 |
|
142 } |
|
143 else j = flen - 2; |
|
144 |
|
145 if (p[j] != 0xCC) |
|
146 { |
|
147 RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); |
|
148 return -1; |
|
149 } |
|
150 |
|
151 memcpy(to,p,(unsigned int)j); |
|
152 |
|
153 return(j); |
|
154 } |
|
155 |
|
156 /* Translate between X931 hash ids and NIDs */ |
|
157 |
|
158 EXPORT_C int RSA_X931_hash_id(int nid) |
|
159 { |
|
160 switch (nid) |
|
161 { |
|
162 case NID_sha1: |
|
163 return 0x33; |
|
164 |
|
165 case NID_sha256: |
|
166 return 0x34; |
|
167 |
|
168 case NID_sha384: |
|
169 return 0x36; |
|
170 |
|
171 case NID_sha512: |
|
172 return 0x35; |
|
173 |
|
174 } |
|
175 return -1; |
|
176 } |
|
177 |