1 /*
2 * Copyright (C) 2015-2016 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
3 * Copyright (C) 2020 Patrick Monnerat <patrick@monnerat.net>.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms,
7 * with or without modification, are permitted provided
8 * that the following conditions are met:
9 *
10 * Redistributions of source code must retain the above
11 * copyright notice, this list of conditions and the
12 * following disclaimer.
13 *
14 * Redistributions in binary form must reproduce the above
15 * copyright notice, this list of conditions and the following
16 * disclaimer in the documentation and/or other materials
17 * provided with the distribution.
18 *
19 * Neither the name of the copyright holder nor the names
20 * of any other contributors may be used to endorse or
21 * promote products derived from this software without
22 * specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
25 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
26 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
27 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
29 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
31 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
32 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
34 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
35 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
36 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
37 * OF SUCH DAMAGE.
38 */
39
40 #include "libssh2_priv.h"
41
42 #ifdef LIBSSH2_OS400QC3 /* compile only if we build with OS/400 QC3 library */
43
44 #ifdef HAVE_STDLIB_H
45 #include <stdlib.h>
46 #endif
47
48 #include <stdio.h>
49 #include <stdarg.h>
50 #include <alloca.h>
51 #include <sys/uio.h>
52
53 #include <arpa/inet.h>
54
55
56 #ifdef OS400_DEBUG
57 /* In debug mode, all system library errors cause an exception. */
58 #define set_EC_length(ec, length) ((ec).Bytes_Provided = \
59 (ec).Bytes_Available = 0)
60 #else
61 #define set_EC_length(ec, length) ((ec).Bytes_Provided = (length))
62 #endif
63
64
65 /* Ensure va_list operations are not on an array. */
66 typedef struct {
67 va_list list;
68 } valiststr;
69
70
71 typedef int (*loadkeyproc)(LIBSSH2_SESSION *session,
72 const unsigned char *data, unsigned int datalen,
73 const unsigned char *passphrase, void *loadkeydata);
74
75 /* Public key extraction data. */
76 typedef struct {
77 const char * method;
78 const unsigned char * data;
79 unsigned int length;
80 } loadpubkeydata;
81
82
83 /* Support for ASN.1 elements. */
84
85 typedef struct {
86 char * header; /* Pointer to header byte. */
87 char * beg; /* Pointer to element data. */
88 char * end; /* Pointer to 1st byte after element. */
89 unsigned char class; /* ASN.1 element class. */
90 unsigned char tag; /* ASN.1 element tag. */
91 unsigned char constructed; /* Element is constructed. */
92 } asn1Element;
93
94 #define ASN1_INTEGER 2
95 #define ASN1_BIT_STRING 3
96 #define ASN1_OCTET_STRING 4
97 #define ASN1_NULL 5
98 #define ASN1_OBJ_ID 6
99 #define ASN1_SEQ 16
100
101 #define ASN1_CONSTRUCTED 0x20
102
103 /* rsaEncryption OID: 1.2.840.113549.1.1.1 */
104 static unsigned char OID_rsaEncryption[] =
105 {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 1, 1};
106 static int sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
107 asn1Element *params, asn1Element *key,
108 const char *method);
109
110 #if LIBSSH2_DSA != 0
111 /* dsaEncryption OID: 1.2.840.10040.4.1 */
112 static unsigned char OID_dsaEncryption[] =
113 {7, 40 + 2, 0x86, 0x48, 0xCE, 0x38, 4, 1};
114 static int sshdsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
115 asn1Element *params, asn1Element *key,
116 const char *method);
117 #endif
118
119 static unsigned char OID_dhKeyAgreement[] =
120 {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 3, 1};
121
122
123 /* PKCS#5 support. */
124
125 typedef struct pkcs5params pkcs5params;
126 struct pkcs5params {
127 int cipher; /* Encryption cipher. */
128 int blocksize; /* Cipher block size. */
129 char mode; /* Block encryption mode. */
130 char padopt; /* Pad option. */
131 char padchar; /* Pad character. */
132 int (*kdf)(LIBSSH2_SESSION *session, char **dk,
133 const unsigned char *passphrase, pkcs5params *pkcs5);
134 int hash; /* KDF hash algorithm. */
135 size_t hashlen; /* KDF hash digest length. */
136 char * salt; /* Salt. */
137 size_t saltlen; /* Salt length. */
138 char * iv; /* Initialization vector. */
139 size_t ivlen; /* Initialization vector length. */
140 int itercount; /* KDF iteration count. */
141 int dklen; /* Derived key length (#bytes). */
142 int effkeysize; /* RC2 effective key size (#bits) or 0. */
143 };
144
145 typedef struct pkcs5algo pkcs5algo;
146 struct pkcs5algo {
147 const unsigned char * oid;
148 int (*parse)(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
149 pkcs5algo *algo, asn1Element *param);
150 int cipher; /* Encryption cipher. */
151 size_t blocksize; /* Cipher block size. */
152 char mode; /* Block encryption mode. */
153 char padopt; /* Pad option. */
154 char padchar; /* Pad character. */
155 size_t keylen; /* Key length (#bytes). */
156 int hash; /* Hash algorithm. */
157 size_t hashlen; /* Hash digest length. */
158 size_t saltlen; /* Salt length. */
159 size_t ivlen; /* Initialisation vector length. */
160 int effkeysize; /* RC2 effective key size (#bits) or 0. */
161 };
162
163 /* id-PBES2 OID: 1.2.840.113549.1.5.13 */
164 static const unsigned char OID_id_PBES2[] = {
165 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D
166 };
167 static int parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
168 pkcs5algo *algo, asn1Element *param);
169 static const pkcs5algo PBES2 = {
170 OID_id_PBES2, parse_pbes2, 0, 0, '\0', '\0', '\0', 0,
171 0, 0, 0, 0, 0
172 };
173
174 /* id-PBKDF2 OID: 1.2.840.113549.1.5.12 */
175 static const unsigned char OID_id_PBKDF2[] = {
176 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C
177 };
178 static int parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
179 pkcs5algo *algo, asn1Element *param);
180 static const pkcs5algo PBKDF2 = {
181 OID_id_PBKDF2, parse_pbkdf2, 0, 0, '\0', '\0', '\0',
182 SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0
183 };
184
185 /* id-hmacWithSHA1 OID: 1.2.840.113549.2.7 */
186 static const unsigned char OID_id_hmacWithSHA1[] = {
187 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x07
188 };
189 static int parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
190 pkcs5algo *algo, asn1Element *param);
191 static const pkcs5algo hmacWithSHA1 = {
192 OID_id_hmacWithSHA1, parse_hmacWithSHA1, 0, 0, '\0', '\0', '\0',
193 SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0
194 };
195
196 /* desCBC OID: 1.3.14.3.2.7 */
197 static const unsigned char OID_desCBC[] = {5, 40 + 3, 0x0E, 0x03, 0x02, 0x07};
198 static int parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
199 pkcs5algo *algo, asn1Element *param);
200 static const pkcs5algo desCBC = {
201 OID_desCBC, parse_iv, Qc3_DES, 8, Qc3_CBC, Qc3_Pad_Counter,
202 '\0', 8, 0, 0, 8, 8, 0
203 };
204
205 /* des-EDE3-CBC OID: 1.2.840.113549.3.7 */
206 static const unsigned char OID_des_EDE3_CBC[] = {
207 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07
208 };
209 static const pkcs5algo des_EDE3_CBC = {
210 OID_des_EDE3_CBC, parse_iv, Qc3_TDES, 8, Qc3_CBC, Qc3_Pad_Counter,
211 '\0', 24, 0, 0, 8, 8, 0
212 };
213
214 /* rc2CBC OID: 1.2.840.113549.3.2 */
215 static const unsigned char OID_rc2CBC[] = {
216 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x02
217 };
218 static int parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
219 pkcs5algo *algo, asn1Element *param);
220 static const pkcs5algo rc2CBC = {
221 OID_rc2CBC, parse_rc2, Qc3_RC2, 8, Qc3_CBC, Qc3_Pad_Counter,
222 '\0', 0, 0, 0, 8, 0, 32
223 };
224
225 /* pbeWithMD5AndDES-CBC OID: 1.2.840.113549.1.5.3 */
226 static const unsigned char OID_pbeWithMD5AndDES_CBC[] = {
227 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x03
228 };
229 static int parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
230 pkcs5algo *algo, asn1Element *param);
231 static const pkcs5algo pbeWithMD5AndDES_CBC = {
232 OID_pbeWithMD5AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC,
233 Qc3_Pad_Counter, '\0', 8, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 0
234 };
235
236 /* pbeWithMD5AndRC2-CBC OID: 1.2.840.113549.1.5.6 */
237 static const unsigned char OID_pbeWithMD5AndRC2_CBC[] = {
238 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x06
239 };
240 static const pkcs5algo pbeWithMD5AndRC2_CBC = {
241 OID_pbeWithMD5AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC,
242 Qc3_Pad_Counter, '\0', 0, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 64
243 };
244
245 /* pbeWithSHA1AndDES-CBC OID: 1.2.840.113549.1.5.10 */
246 static const unsigned char OID_pbeWithSHA1AndDES_CBC[] = {
247 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0A
248 };
249 static const pkcs5algo pbeWithSHA1AndDES_CBC = {
250 OID_pbeWithSHA1AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC,
251 Qc3_Pad_Counter, '\0', 8, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 0
252 };
253
254 /* pbeWithSHA1AndRC2-CBC OID: 1.2.840.113549.1.5.11 */
255 static const unsigned char OID_pbeWithSHA1AndRC2_CBC[] = {
256 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0B
257 };
258 static const pkcs5algo pbeWithSHA1AndRC2_CBC = {
259 OID_pbeWithSHA1AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC,
260 Qc3_Pad_Counter, '\0', 0, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 64
261 };
262
263 /* rc5-CBC-PAD OID: 1.2.840.113549.3.9: RC5 not implemented in Qc3. */
264 /* pbeWithMD2AndDES-CBC OID: 1.2.840.113549.1.5.1: MD2 not implemented. */
265 /* pbeWithMD2AndRC2-CBC OID: 1.2.840.113549.1.5.4: MD2 not implemented. */
266
267 static const pkcs5algo * pbestable[] = {
268 &pbeWithMD5AndDES_CBC,
269 &pbeWithMD5AndRC2_CBC,
270 &pbeWithSHA1AndDES_CBC,
271 &pbeWithSHA1AndRC2_CBC,
272 &PBES2,
273 NULL
274 };
275
276 static const pkcs5algo * pbkdf2table[] = {
277 &PBKDF2,
278 NULL
279 };
280
281 static const pkcs5algo * pbes2enctable[] = {
282 &desCBC,
283 &des_EDE3_CBC,
284 &rc2CBC,
285 NULL
286 };
287
288 static const pkcs5algo * kdf2prftable[] = {
289 &hmacWithSHA1,
290 NULL
291 };
292
293
294 /* Public key extraction support. */
295 static struct {
296 unsigned char *oid;
297 int (*sshpubkey)(LIBSSH2_SESSION *session, char **pubkey,
298 asn1Element *params, asn1Element *key,
299 const char *method);
300 const char * method;
301 } pka[] = {
302 #if LIBSSH2_RSA != 0
303 { OID_rsaEncryption, sshrsapubkey, "ssh-rsa" },
304 #endif
305 #if LIBSSH2_DSA != 0
306 { OID_dsaEncryption, sshdsapubkey, "ssh-dss" },
307 #endif
308 { NULL, NULL, NULL }
309 };
310
311 /* Define ASCII strings. */
312 static const char beginencprivkeyhdr[] =
313 "-----BEGIN ENCRYPTED PRIVATE KEY-----";
314 static const char endencprivkeyhdr[] = "-----END ENCRYPTED PRIVATE KEY-----";
315 static const char beginprivkeyhdr[] = "-----BEGIN PRIVATE KEY-----";
316 static const char endprivkeyhdr[] = "-----END PRIVATE KEY-----";
317 static const char beginrsaprivkeyhdr[] = "-----BEGIN RSA PRIVATE KEY-----";
318 static const char endrsaprivkeyhdr[] = "-----END RSA PRIVATE KEY-----";
319 static const char fopenrmode[] = "r";
320 static const char fopenrbmode[] = "rb";
321
322
323 /* The rest of character literals in this module are in EBCDIC. */
324 #pragma convert(37)
325
326 #include <qusec.h>
327 #include <qc3prng.h>
328 #include <qc3dtaen.h>
329 #include <qc3dtade.h>
330 #include <qc3ctx.h>
331 #include <qc3hash.h>
332 #include <qc3hmac.h>
333 #include <qc3pbext.h>
334 #include <qc3sigvr.h>
335 #include <qc3sigcl.h>
336 #include <qc3pbext.h>
337 #include <qc3dh.h>
338
339 static Qc3_Format_KEYD0100_T nulltoken = {""};
340
341 static int zero = 0;
342 static int rsaprivate[] = { Qc3_RSA_Private };
343 static char anycsp[] = { Qc3_Any_CSP };
344 static char binstring[] = { Qc3_Bin_String };
345 static char berstring[] = { Qc3_BER_String };
346 static char qc3clear[] = { Qc3_Clear };
347
348 static const Qus_EC_t ecnull = {0}; /* Error causes an exception. */
349
350 static asn1Element lastbytebitcount = {
351 (char *) &zero, NULL, (char *) &zero + 1
352 };
353
354
355 /*******************************************************************
356 *
357 * OS/400 QC3 crypto-library backend: ASN.1 support.
358 *
359 *******************************************************************/
360
361 static char *
getASN1Element(asn1Element * elem,char * beg,char * end)362 getASN1Element(asn1Element *elem, char *beg, char *end)
363 {
364 unsigned char b;
365 unsigned long len;
366 asn1Element lelem;
367
368 /* Get a single ASN.1 element into `elem', parse ASN.1 string at `beg'
369 * ending at `end'.
370 * Returns a pointer in source string after the parsed element, or NULL
371 * if an error occurs.
372 */
373
374 if(beg >= end || !*beg)
375 return NULL;
376
377 /* Process header byte. */
378 elem->header = beg;
379 b = (unsigned char) *beg++;
380 elem->constructed = (b & 0x20) != 0;
381 elem->class = (b >> 6) & 3;
382 b &= 0x1F;
383 if(b == 0x1F)
384 return NULL; /* Long tag values not supported here. */
385 elem->tag = b;
386
387 /* Process length. */
388 if(beg >= end)
389 return NULL;
390 b = (unsigned char) *beg++;
391 if(!(b & 0x80))
392 len = b;
393 else if(!(b &= 0x7F)) {
394 /* Unspecified length. Since we have all the data, we can determine the
395 * effective length by skipping element until an end element is
396 * found.
397 */
398 if(!elem->constructed)
399 return NULL;
400 elem->beg = beg;
401 while(beg < end && *beg) {
402 beg = getASN1Element(&lelem, beg, end);
403 if(!beg)
404 return NULL;
405 }
406 if(beg >= end)
407 return NULL;
408 elem->end = beg;
409 return beg + 1;
410 }
411 else if(beg + b > end)
412 return NULL; /* Does not fit in source. */
413 else {
414 /* Get long length. */
415 len = 0;
416 do {
417 if(len & 0xFF000000L)
418 return NULL; /* Lengths > 32 bits are not supported. */
419 len = (len << 8) | (unsigned char) *beg++;
420 } while(--b);
421 }
422 if((unsigned long) (end - beg) < len)
423 return NULL; /* Element data does not fit in source. */
424 elem->beg = beg;
425 elem->end = beg + len;
426 return elem->end;
427 }
428
429 static asn1Element *
asn1_new(unsigned int type,unsigned int length)430 asn1_new(unsigned int type, unsigned int length)
431 {
432 asn1Element *e;
433 unsigned int hdrl = 2;
434 unsigned int i;
435 unsigned char *buf;
436
437 e = (asn1Element *) malloc(sizeof *e);
438
439 if(e) {
440 if(length >= 0x80)
441 for(i = length; i; i >>= 8)
442 hdrl++;
443
444 buf = (unsigned char *) malloc(hdrl + length);
445
446 if(buf) {
447 e->header = buf;
448 e->beg = buf + hdrl;
449 e->end = e->beg + length;
450 e->class = (type >> 6) & 0x03;
451 e->tag = type & 0x1F;
452 e->constructed = (type >> 5) & 0x01;
453 e->header[0] = type;
454
455 if(length < 0x80)
456 e->header[1] = length;
457 else {
458 e->header[1] = (hdrl - 2) | 0x80;
459 do {
460 e->header[--hdrl] = length;
461 length >>= 8;
462 } while(length);
463 }
464 }
465 else {
466 free((char *) e);
467 e = NULL;
468 }
469 }
470
471 return e;
472 }
473
474 static asn1Element *
asn1_new_from_bytes(const unsigned char * data,unsigned int length)475 asn1_new_from_bytes(const unsigned char *data, unsigned int length)
476 {
477 asn1Element *e;
478 asn1Element te;
479
480 getASN1Element(&te,
481 (unsigned char *) data, (unsigned char *) data + length);
482 e = asn1_new(te.tag, te.end - te.beg);
483
484 if(e)
485 memcpy(e->header, data, e->end - e->header);
486
487 return e;
488 }
489
490 static void
asn1delete(asn1Element * e)491 asn1delete(asn1Element *e)
492 {
493 if(e) {
494 if(e->header)
495 free((char *) e->header);
496 free((char *) e);
497 }
498 }
499
500 static asn1Element *
asn1uint(_libssh2_bn * bn)501 asn1uint(_libssh2_bn *bn)
502 {
503 asn1Element *e;
504 int bits;
505 int length;
506 unsigned char *p;
507
508 if(!bn)
509 return NULL;
510
511 bits = _libssh2_bn_bits(bn);
512 length = (bits + 8) >> 3;
513 e = asn1_new(ASN1_INTEGER, length);
514
515 if(e) {
516 p = e->beg;
517 if(!(bits & 0x07))
518 *p++ = 0;
519 _libssh2_bn_to_bin(bn, p);
520 }
521
522 return e;
523 }
524
525 static asn1Element *
asn1containerv(unsigned int type,valiststr args)526 asn1containerv(unsigned int type, valiststr args)
527 {
528 valiststr va;
529 asn1Element *e;
530 asn1Element *p;
531 unsigned char *bp;
532 unsigned int length = 0;
533
534 memcpy((char *) &va, (char *) &args, sizeof args);
535 while((p = va_arg(va.list, asn1Element *)))
536 length += p->end - p->header;
537 va_end(va.list);
538 e = asn1_new(type, length);
539 if(e) {
540 bp = e->beg;
541 while((p = va_arg(args.list, asn1Element *))) {
542 memcpy(bp, p->header, p->end - p->header);
543 bp += p->end - p->header;
544 }
545 }
546 return e;
547 }
548
549 /* VARARGS1 */
550 static asn1Element *
asn1container(unsigned int type,...)551 asn1container(unsigned int type, ...)
552 {
553 valiststr va;
554 asn1Element *e;
555
556 va_start(va.list, type);
557 e = asn1containerv(type, va);
558 va_end(va.list);
559 return e;
560 }
561
562 static asn1Element *
asn1bytes(unsigned int type,const unsigned char * bytes,unsigned int length)563 asn1bytes(unsigned int type, const unsigned char *bytes, unsigned int length)
564 {
565 asn1Element *e;
566
567 e = asn1_new(type, length);
568 if(e && length)
569 memcpy(e->beg, bytes, length);
570 return e;
571 }
572
573 static asn1Element *
rsapublickey(_libssh2_bn * e,_libssh2_bn * m)574 rsapublickey(_libssh2_bn *e, _libssh2_bn *m)
575 {
576 asn1Element *publicexponent;
577 asn1Element *modulus;
578 asn1Element *rsapubkey;
579
580 /* Build a PKCS#1 RSAPublicKey. */
581
582 modulus = asn1uint(m);
583 publicexponent = asn1uint(e);
584 rsapubkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
585 modulus, publicexponent, NULL);
586 asn1delete(modulus);
587 asn1delete(publicexponent);
588
589 if(!modulus || !publicexponent) {
590 asn1delete(rsapubkey);
591 rsapubkey = NULL;
592 }
593
594 return rsapubkey;
595 }
596
597 static asn1Element *
rsaprivatekey(_libssh2_bn * e,_libssh2_bn * m,_libssh2_bn * d,_libssh2_bn * p,_libssh2_bn * q,_libssh2_bn * exp1,_libssh2_bn * exp2,_libssh2_bn * coeff)598 rsaprivatekey(_libssh2_bn *e, _libssh2_bn *m, _libssh2_bn *d,
599 _libssh2_bn *p, _libssh2_bn *q,
600 _libssh2_bn *exp1, _libssh2_bn *exp2, _libssh2_bn *coeff)
601 {
602 asn1Element *version;
603 asn1Element *modulus;
604 asn1Element *publicexponent;
605 asn1Element *privateexponent;
606 asn1Element *prime1;
607 asn1Element *prime2;
608 asn1Element *exponent1;
609 asn1Element *exponent2;
610 asn1Element *coefficient;
611 asn1Element *rsaprivkey;
612
613 /* Build a PKCS#1 RSAPrivateKey. */
614 version = asn1bytes(ASN1_INTEGER, "\0", 1);
615 modulus = asn1uint(m);
616 publicexponent = asn1uint(e);
617 privateexponent = asn1uint(d);
618 prime1 = asn1uint(p);
619 prime2 = asn1uint(q);
620 exponent1 = asn1uint(exp1);
621 exponent2 = asn1uint(exp2);
622 coefficient = asn1uint(coeff);
623 rsaprivkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version, modulus,
624 publicexponent, privateexponent, prime1, prime2,
625 exponent1, exponent2, coefficient, NULL);
626 asn1delete(version);
627 asn1delete(modulus);
628 asn1delete(publicexponent);
629 asn1delete(privateexponent);
630 asn1delete(prime1);
631 asn1delete(prime2);
632 asn1delete(exponent1);
633 asn1delete(exponent2);
634 asn1delete(coefficient);
635
636 if(!version || !modulus || !publicexponent || !privateexponent ||
637 !prime1 || !prime2 || !exponent1 || !exponent2 || !coefficient) {
638 asn1delete(rsaprivkey);
639 rsaprivkey = NULL;
640 }
641
642 return rsaprivkey;
643 }
644
645 static asn1Element *
subjectpublickeyinfo(asn1Element * pubkey,const unsigned char * algo,asn1Element * parameters)646 subjectpublickeyinfo(asn1Element *pubkey, const unsigned char *algo,
647 asn1Element *parameters)
648 {
649 asn1Element *subjpubkey;
650 asn1Element *algorithm;
651 asn1Element *algorithmid;
652 asn1Element *subjpubkeyinfo;
653 unsigned int algosize = *algo++;
654
655 algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize);
656 algorithmid = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
657 algorithm, parameters, NULL);
658 subjpubkey = asn1container(ASN1_BIT_STRING, &lastbytebitcount,
659 pubkey, NULL);
660 subjpubkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
661 algorithmid, subjpubkey, NULL);
662 asn1delete(algorithm);
663 asn1delete(algorithmid);
664 asn1delete(subjpubkey);
665 if(!algorithm || !algorithmid || !subjpubkey) {
666 asn1delete(subjpubkeyinfo);
667 subjpubkeyinfo = NULL;
668 }
669 return subjpubkeyinfo;
670 }
671
672 static asn1Element *
rsasubjectpublickeyinfo(asn1Element * pubkey)673 rsasubjectpublickeyinfo(asn1Element *pubkey)
674 {
675 asn1Element *parameters;
676 asn1Element *subjpubkeyinfo;
677
678 parameters = asn1bytes(ASN1_NULL, NULL, 0);
679 subjpubkeyinfo = subjectpublickeyinfo(pubkey,
680 OID_rsaEncryption, parameters);
681 asn1delete(parameters);
682 if(!parameters) {
683 asn1delete(subjpubkeyinfo);
684 subjpubkeyinfo = NULL;
685 }
686 return subjpubkeyinfo;
687 }
688
689 static asn1Element *
privatekeyinfo(asn1Element * privkey,const unsigned char * algo,asn1Element * parameters)690 privatekeyinfo(asn1Element *privkey, const unsigned char *algo,
691 asn1Element *parameters)
692 {
693 asn1Element *version;
694 asn1Element *privatekey;
695 asn1Element *algorithm;
696 asn1Element *privatekeyalgorithm;
697 asn1Element *privkeyinfo;
698 unsigned int algosize = *algo++;
699
700 /* Build a PKCS#8 PrivateKeyInfo. */
701 version = asn1bytes(ASN1_INTEGER, "\0", 1);
702 algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize);
703 privatekeyalgorithm = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
704 algorithm, parameters, NULL);
705 privatekey = asn1container(ASN1_OCTET_STRING, privkey, NULL);
706 privkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version,
707 privatekeyalgorithm, privatekey, NULL);
708 asn1delete(version);
709 asn1delete(algorithm);
710 asn1delete(privatekeyalgorithm);
711 if(!version || !algorithm || !privatekeyalgorithm) {
712 asn1delete(privkeyinfo);
713 privkeyinfo = NULL;
714 }
715 return privkeyinfo;
716 }
717
718 static asn1Element *
rsaprivatekeyinfo(asn1Element * privkey)719 rsaprivatekeyinfo(asn1Element *privkey)
720 {
721 asn1Element *parameters;
722 asn1Element *privkeyinfo;
723
724 parameters = asn1bytes(ASN1_NULL, NULL, 0);
725 privkeyinfo = privatekeyinfo(privkey, OID_rsaEncryption, parameters);
726 asn1delete(parameters);
727 if(!parameters) {
728 asn1delete(privkeyinfo);
729 privkeyinfo = NULL;
730 }
731 return privkeyinfo;
732 }
733
734 /*******************************************************************
735 *
736 * OS/400 QC3 crypto-library backend: big numbers support.
737 *
738 *******************************************************************/
739
740
741 _libssh2_bn *
_libssh2_bn_init(void)742 _libssh2_bn_init(void)
743 {
744 _libssh2_bn *bignum;
745
746 bignum = (_libssh2_bn *) malloc(sizeof *bignum);
747 if(bignum) {
748 bignum->bignum = NULL;
749 bignum->length = 0;
750 }
751
752 return bignum;
753 }
754
755 void
_libssh2_bn_free(_libssh2_bn * bn)756 _libssh2_bn_free(_libssh2_bn *bn)
757 {
758 if(bn) {
759 if(bn->bignum) {
760 #ifdef LIBSSH2_CLEAR_MEMORY
761 if(bn->length)
762 memset((char *) bn->bignum, 0, bn->length);
763 #endif
764 free(bn->bignum);
765 }
766
767 free((char *) bn);
768 }
769 }
770
771 static int
_libssh2_bn_resize(_libssh2_bn * bn,size_t newlen)772 _libssh2_bn_resize(_libssh2_bn *bn, size_t newlen)
773 {
774 unsigned char *bignum;
775
776 if(!bn)
777 return -1;
778 if(newlen == bn->length)
779 return 0;
780
781 if(!bn->bignum)
782 bignum = (unsigned char *) malloc(newlen);
783 else {
784 #ifdef LIBSSH2_CLEAR_MEMORY
785 if(newlen < bn->length)
786 memset((char *) bn->bignum + newlen, 0, bn->length - newlen);
787 #endif
788 if(!newlen) {
789 free((char *) bn->bignum);
790 bn->bignum = NULL;
791 bn->length = 0;
792 return 0;
793 }
794 bignum = (unsigned char *) realloc((char *) bn->bignum, newlen);
795 }
796
797 if(!bignum)
798 return -1;
799
800 if(newlen > bn->length)
801 memset((char *) bignum + bn->length, 0, newlen - bn->length);
802
803 bn->bignum = bignum;
804 bn->length = newlen;
805 return 0;
806 }
807
808 unsigned long
_libssh2_bn_bits(_libssh2_bn * bn)809 _libssh2_bn_bits(_libssh2_bn *bn)
810 {
811 unsigned int i;
812 unsigned char b;
813
814 if(bn && bn->bignum) {
815 for(i = bn->length; i--;)
816 b = bn->bignum[i];
817 if(b) {
818 i *= 8;
819 do {
820 i++;
821 } while(b >>= 1);
822 return i;
823 }
824 }
825
826 return 0;
827 }
828
829 int
_libssh2_bn_from_bin(_libssh2_bn * bn,int len,const unsigned char * val)830 _libssh2_bn_from_bin(_libssh2_bn *bn, int len, const unsigned char *val)
831 {
832 int i;
833
834 if(!bn || (len && !val))
835 return -1;
836
837 for(; len && !*val; len--)
838 val++;
839
840 if(_libssh2_bn_resize(bn, len))
841 return -1;
842
843 for(i = len; i--;)
844 bn->bignum[i] = *val++;
845
846 return 0;
847 }
848
849 int
_libssh2_bn_set_word(_libssh2_bn * bn,unsigned long val)850 _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val)
851 {
852 val = htonl(val);
853 return _libssh2_bn_from_bin(bn, sizeof val, (unsigned char *) &val);
854 }
855
856 int
_libssh2_bn_to_bin(_libssh2_bn * bn,unsigned char * val)857 _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val)
858 {
859 int i;
860
861 if(!bn || !val)
862 return -1;
863
864 for(i = bn->length; i--;)
865 *val++ = bn->bignum[i];
866
867 return 0;
868 }
869
870 static int
_libssh2_bn_from_bn(_libssh2_bn * to,_libssh2_bn * from)871 _libssh2_bn_from_bn(_libssh2_bn *to, _libssh2_bn *from)
872 {
873 int i;
874
875 if(!to || !from)
876 return -1;
877
878 if(_libssh2_bn_resize(to, from->length))
879 return -1;
880
881 for(i = to->length; i--;)
882 to->bignum[i] = from->bignum[i];
883
884 return 0;
885 }
886
887 int
_libssh2_random(unsigned char * buf,int len)888 _libssh2_random(unsigned char *buf, int len)
889 {
890 Qc3GenPRNs(buf, len,
891 Qc3PRN_TYPE_NORMAL, Qc3PRN_NO_PARITY, (char *) &ecnull);
892 /* FIXME: any error is silently discarded! But Qc3GenPRNs could fail,
893 including if "The system seed digest is not ready" dixit IBM doc. */
894 return 0;
895 }
896
897
898 /*******************************************************************
899 *
900 * OS/400 QC3 crypto-library backend: crypto context support.
901 *
902 *******************************************************************/
903
904 static _libssh2_os400qc3_crypto_ctx *
libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx * ctx)905 libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx *ctx)
906 {
907 if(!ctx)
908 ctx = (_libssh2_os400qc3_crypto_ctx *) malloc(sizeof *ctx);
909
910 if(ctx) {
911 memset((char *) ctx, 0, sizeof *ctx);
912 ctx->hash.Final_Op_Flag = Qc3_Continue;
913 }
914
915 return ctx;
916 }
917
918 static int
null_token(const char * token)919 null_token(const char *token)
920 {
921 return !memcmp(token, nulltoken.Key_Context_Token,
922 sizeof nulltoken.Key_Context_Token);
923 }
924
925 void
_libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx * x)926 _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x)
927 {
928 if(!x)
929 return;
930 if(!null_token(x->hash.Alg_Context_Token)) {
931 Qc3DestroyAlgorithmContext(x->hash.Alg_Context_Token,
932 (char *) &ecnull);
933 memset(x->hash.Alg_Context_Token, 0, sizeof x->hash.Alg_Context_Token);
934 }
935 if(!null_token(x->key.Key_Context_Token)) {
936 Qc3DestroyKeyContext(x->key.Key_Context_Token, (char *) &ecnull);
937 memset(x->key.Key_Context_Token, 0, sizeof x->key.Key_Context_Token);
938 }
939 if(x->kek) {
940 _libssh2_os400qc3_crypto_dtor(x->kek);
941 free((char *) x->kek);
942 x->kek = NULL;
943 }
944 }
945
946 /*******************************************************************
947 *
948 * OS/400 QC3 crypto-library backend: hash algorithms support.
949 *
950 *******************************************************************/
951
952 int
libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T * x,unsigned int algorithm)953 libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm)
954 {
955 Qc3_Format_ALGD0500_T algd;
956 Qus_EC_t errcode;
957
958 if(!x)
959 return 0;
960
961 memset((char *) x, 0, sizeof *x);
962 x->Final_Op_Flag = Qc3_Continue;
963 algd.Hash_Alg = algorithm;
964 set_EC_length(errcode, sizeof errcode);
965 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Hash,
966 x->Alg_Context_Token, &errcode);
967 return errcode.Bytes_Available? 0: 1;
968 }
969
970 void
libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T * ctx,const unsigned char * data,int len)971 libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
972 const unsigned char *data, int len)
973 {
974 char dummy[64];
975
976 ctx->Final_Op_Flag = Qc3_Continue;
977 Qc3CalculateHash((char *) data, &len, Qc3_Data, (char *) ctx,
978 Qc3_Alg_Token, anycsp, NULL, dummy, (char *) &ecnull);
979 }
980
981 void
libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T * ctx,unsigned char * out)982 libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, unsigned char *out)
983 {
984 char data;
985
986 ctx->Final_Op_Flag = Qc3_Final;
987 Qc3CalculateHash(&data, &zero, Qc3_Data, (char *) ctx, Qc3_Alg_Token,
988 anycsp, NULL, (char *) out, (char *) &ecnull);
989 Qc3DestroyAlgorithmContext(ctx->Alg_Context_Token, (char *) &ecnull);
990 memset(ctx->Alg_Context_Token, 0, sizeof ctx->Alg_Context_Token);
991 }
992
993 int
libssh2_os400qc3_hash(const unsigned char * message,unsigned long len,unsigned char * out,unsigned int algo)994 libssh2_os400qc3_hash(const unsigned char *message, unsigned long len,
995 unsigned char *out, unsigned int algo)
996 {
997 Qc3_Format_ALGD0100_T ctx;
998
999 if(!libssh2_os400qc3_hash_init(&ctx, algo))
1000 return 1;
1001
1002 libssh2_os400qc3_hash_update(&ctx, message, len);
1003 libssh2_os400qc3_hash_final(&ctx, out);
1004 return 0;
1005 }
1006
1007 void
libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx * ctx,int algo,size_t minkeylen,void * key,int keylen)1008 libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *ctx,
1009 int algo, size_t minkeylen, void *key, int keylen)
1010 {
1011 if(keylen < minkeylen) {
1012 char *lkey = alloca(minkeylen);
1013
1014 /* Pad key with zeroes if too short. */
1015 if(!lkey)
1016 return;
1017 memcpy(lkey, (char *) key, keylen);
1018 memset(lkey + keylen, 0, minkeylen - keylen);
1019 key = (void *) lkey;
1020 keylen = minkeylen;
1021 }
1022 libssh2_os400qc3_hash_init(&ctx->hash, algo);
1023 Qc3CreateKeyContext((char *) key, &keylen, binstring, &algo, qc3clear,
1024 NULL, NULL, ctx->key.Key_Context_Token,
1025 (char *) &ecnull);
1026 }
1027
1028 void
libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx * ctx,unsigned char * data,int len)1029 libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx,
1030 unsigned char *data, int len)
1031 {
1032 char dummy[64];
1033
1034 ctx->hash.Final_Op_Flag = Qc3_Continue;
1035 Qc3CalculateHMAC((char *) data, &len, Qc3_Data, (char *) &ctx->hash,
1036 Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token,
1037 anycsp, NULL, dummy, (char *) &ecnull);
1038 }
1039
1040 void
libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx * ctx,unsigned char * out)1041 libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx,
1042 unsigned char *out)
1043 {
1044 char data;
1045
1046 ctx->hash.Final_Op_Flag = Qc3_Final;
1047 Qc3CalculateHMAC((char *) data, &zero, Qc3_Data, (char *) &ctx->hash,
1048 Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token,
1049 anycsp, NULL, (char *) out, (char *) &ecnull);
1050 }
1051
1052
1053 /*******************************************************************
1054 *
1055 * OS/400 QC3 crypto-library backend: cipher algorithms support.
1056 *
1057 *******************************************************************/
1058
1059 int
_libssh2_cipher_init(_libssh2_cipher_ctx * h,_libssh2_cipher_type (algo),unsigned char * iv,unsigned char * secret,int encrypt)1060 _libssh2_cipher_init(_libssh2_cipher_ctx *h, _libssh2_cipher_type(algo),
1061 unsigned char *iv, unsigned char *secret, int encrypt)
1062 {
1063 Qc3_Format_ALGD0200_T algd;
1064 Qus_EC_t errcode;
1065
1066 (void) encrypt;
1067
1068 if(!h)
1069 return -1;
1070
1071 libssh2_init_crypto_ctx(h);
1072 algd.Block_Cipher_Alg = algo.algo;
1073 algd.Block_Length = algo.size;
1074 algd.Mode = algo.mode;
1075 algd.Pad_Option = Qc3_No_Pad;
1076 algd.Pad_Character = 0;
1077 algd.Reserved = 0;
1078 algd.MAC_Length = 0;
1079 algd.Effective_Key_Size = 0;
1080 memset(algd.Init_Vector, 0, sizeof algd.Init_Vector);
1081 if(algo.mode != Qc3_ECB && algo.size)
1082 memcpy(algd.Init_Vector, iv, algo.size);
1083 set_EC_length(errcode, sizeof errcode);
1084 Qc3CreateAlgorithmContext((char *) &algd, algo.fmt,
1085 h->hash.Alg_Context_Token, &errcode);
1086 if(errcode.Bytes_Available)
1087 return -1;
1088 Qc3CreateKeyContext((char *) secret, &algo.keylen, binstring,
1089 &algo.algo, qc3clear, NULL, NULL,
1090 h->key.Key_Context_Token, (char *) &errcode);
1091 if(errcode.Bytes_Available) {
1092 _libssh2_os400qc3_crypto_dtor(h);
1093 return -1;
1094 }
1095
1096 return 0;
1097 }
1098
1099 int
_libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,_libssh2_cipher_type (algo),int encrypt,unsigned char * block,size_t blocksize)1100 _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx,
1101 _libssh2_cipher_type(algo),
1102 int encrypt, unsigned char *block, size_t blocksize)
1103 {
1104 Qus_EC_t errcode;
1105 int outlen;
1106 int blksize = blocksize;
1107
1108 (void) algo;
1109
1110 set_EC_length(errcode, sizeof errcode);
1111 if(encrypt)
1112 Qc3EncryptData((char *) block, &blksize, Qc3_Data,
1113 ctx->hash.Alg_Context_Token, Qc3_Alg_Token,
1114 ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL,
1115 (char *) block, &blksize, &outlen, (char *) &errcode);
1116 else
1117 Qc3DecryptData((char *) block, &blksize,
1118 ctx->hash.Alg_Context_Token, Qc3_Alg_Token,
1119 ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL,
1120 (char *) block, &blksize, &outlen, (char *) &errcode);
1121
1122 return errcode.Bytes_Available? -1: 0;
1123 }
1124
1125
1126 /*******************************************************************
1127 *
1128 * OS/400 QC3 crypto-library backend: RSA support.
1129 *
1130 *******************************************************************/
1131
1132 int
_libssh2_rsa_new(libssh2_rsa_ctx ** rsa,const unsigned char * edata,unsigned long elen,const unsigned char * ndata,unsigned long nlen,const unsigned char * ddata,unsigned long dlen,const unsigned char * pdata,unsigned long plen,const unsigned char * qdata,unsigned long qlen,const unsigned char * e1data,unsigned long e1len,const unsigned char * e2data,unsigned long e2len,const unsigned char * coeffdata,unsigned long coefflen)1133 _libssh2_rsa_new(libssh2_rsa_ctx **rsa,
1134 const unsigned char *edata, unsigned long elen,
1135 const unsigned char *ndata, unsigned long nlen,
1136 const unsigned char *ddata, unsigned long dlen,
1137 const unsigned char *pdata, unsigned long plen,
1138 const unsigned char *qdata, unsigned long qlen,
1139 const unsigned char *e1data, unsigned long e1len,
1140 const unsigned char *e2data, unsigned long e2len,
1141 const unsigned char *coeffdata, unsigned long coefflen)
1142 {
1143 libssh2_rsa_ctx *ctx;
1144 _libssh2_bn *e = _libssh2_bn_init_from_bin();
1145 _libssh2_bn *n = _libssh2_bn_init_from_bin();
1146 _libssh2_bn *d = NULL;
1147 _libssh2_bn *p = NULL;
1148 _libssh2_bn *q = NULL;
1149 _libssh2_bn *e1 = NULL;
1150 _libssh2_bn *e2 = NULL;
1151 _libssh2_bn *coeff = NULL;
1152 asn1Element *key = NULL;
1153 asn1Element *structkey = NULL;
1154 Qc3_Format_ALGD0400_T algd;
1155 Qus_EC_t errcode;
1156 int keytype;
1157 int ret = 0;
1158 int i;
1159
1160 ctx = libssh2_init_crypto_ctx(NULL);
1161 if(!ctx)
1162 ret = -1;
1163 if(!ret) {
1164 _libssh2_bn_from_bin(e, elen, edata);
1165 _libssh2_bn_from_bin(n, nlen, ndata);
1166 if(!e || !n)
1167 ret = -1;
1168 }
1169 if(!ret && ddata) {
1170 /* Private key. */
1171 d = _libssh2_bn_init_from_bin();
1172 _libssh2_bn_from_bin(d, dlen, ddata);
1173 p = _libssh2_bn_init_from_bin();
1174 _libssh2_bn_from_bin(p, plen, pdata);
1175 q = _libssh2_bn_init_from_bin();
1176 _libssh2_bn_from_bin(q, qlen, qdata);
1177 e1 = _libssh2_bn_init_from_bin();
1178 _libssh2_bn_from_bin(e1, e1len, e1data);
1179 e2 = _libssh2_bn_init_from_bin();
1180 _libssh2_bn_from_bin(e2, e2len, e2data);
1181 coeff = _libssh2_bn_init_from_bin();
1182 _libssh2_bn_from_bin(coeff, coefflen, coeffdata);
1183 if(!d || !p || !q ||!e1 || !e2 || !coeff)
1184 ret = -1;
1185
1186 if(!ret) {
1187 /* Build a PKCS#8 private key. */
1188 key = rsaprivatekey(e, n, d, p, q, e1, e2, coeff);
1189 structkey = rsaprivatekeyinfo(key);
1190 }
1191 keytype = Qc3_RSA_Private;
1192 }
1193 else if(!ret) {
1194 key = rsapublickey(e, n);
1195 structkey = rsasubjectpublickeyinfo(key);
1196 keytype = Qc3_RSA_Public;
1197 }
1198 if(!key || !structkey)
1199 ret = -1;
1200
1201 set_EC_length(errcode, sizeof errcode);
1202
1203 if(!ret) {
1204 /* Create the algorithm context. */
1205 algd.Public_Key_Alg = Qc3_RSA;
1206 algd.PKA_Block_Format = Qc3_PKCS1_01;
1207 memset(algd.Reserved, 0, sizeof algd.Reserved);
1208 algd.Signing_Hash_Alg = Qc3_SHA1;
1209 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
1210 ctx->hash.Alg_Context_Token, &errcode);
1211 if(errcode.Bytes_Available)
1212 ret = -1;
1213 ctx->hash.Final_Op_Flag = Qc3_Continue;
1214 }
1215
1216 /* Create the key context. */
1217 if(!ret) {
1218 i = structkey->end - structkey->header;
1219 Qc3CreateKeyContext(structkey->header, &i, berstring, &keytype,
1220 qc3clear, NULL, NULL, ctx->key.Key_Context_Token,
1221 (char *) &errcode);
1222 if(errcode.Bytes_Available)
1223 ret = -1;
1224 }
1225
1226 _libssh2_bn_free(e);
1227 _libssh2_bn_free(n);
1228 _libssh2_bn_free(d);
1229 _libssh2_bn_free(p);
1230 _libssh2_bn_free(q);
1231 _libssh2_bn_free(e1);
1232 _libssh2_bn_free(e2);
1233 _libssh2_bn_free(coeff);
1234 asn1delete(key);
1235 asn1delete(structkey);
1236 if(ret && ctx) {
1237 _libssh2_rsa_free(ctx);
1238 ctx = NULL;
1239 }
1240 *rsa = ctx;
1241 return ret;
1242 }
1243
1244
1245 /*******************************************************************
1246 *
1247 * OS/400 QC3 crypto-library backend: Diffie-Hellman support.
1248 *
1249 *******************************************************************/
1250
1251 void
_libssh2_os400qc3_dh_init(_libssh2_dh_ctx * dhctx)1252 _libssh2_os400qc3_dh_init(_libssh2_dh_ctx *dhctx)
1253 {
1254 memset((char *) dhctx, 0, sizeof *dhctx);
1255 }
1256
1257 int
_libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx * dhctx,_libssh2_bn * public,_libssh2_bn * g,_libssh2_bn * p,int group_order)1258 _libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public,
1259 _libssh2_bn *g, _libssh2_bn *p, int group_order)
1260 {
1261 asn1Element *prime;
1262 asn1Element *base;
1263 asn1Element *dhparameter;
1264 asn1Element *dhkeyagreement;
1265 asn1Element *pkcs3;
1266 int pkcs3len;
1267 char *pubkey;
1268 int pubkeysize;
1269 int pubkeylen;
1270 Qus_EC_t errcode;
1271
1272 (void) group_order;
1273
1274 /* Build the PKCS#3 structure. */
1275
1276 base = asn1uint(g);
1277 prime = asn1uint(p);
1278 dhparameter = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
1279 prime, base, NULL);
1280 asn1delete(base);
1281 asn1delete(prime);
1282 dhkeyagreement = asn1bytes(ASN1_OBJ_ID,
1283 OID_dhKeyAgreement + 1, OID_dhKeyAgreement[0]);
1284 pkcs3 = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
1285 dhkeyagreement, dhparameter, NULL);
1286 asn1delete(dhkeyagreement);
1287 asn1delete(dhparameter);
1288 if(!base || !prime || !dhparameter ||
1289 !dhkeyagreement || !dhparameter || !pkcs3) {
1290 asn1delete(pkcs3);
1291 return -1;
1292 }
1293 pkcs3len = pkcs3->end - pkcs3->header;
1294 pubkeysize = (_libssh2_bn_bits(p) + 7) >> 3;
1295 pubkey = alloca(pubkeysize);
1296 set_EC_length(errcode, sizeof errcode);
1297 Qc3GenDHKeyPair((char *) pkcs3->header, &pkcs3len, anycsp, NULL,
1298 dhctx->token, pubkey, &pubkeysize, &pubkeylen, &errcode);
1299 asn1delete(pkcs3);
1300 if(errcode.Bytes_Available)
1301 return -1;
1302 return _libssh2_bn_from_bin(public, pubkeylen, (unsigned char *) pubkey);
1303 }
1304
1305 int
_libssh2_os400qc3_dh_secret(_libssh2_dh_ctx * dhctx,_libssh2_bn * secret,_libssh2_bn * f,_libssh2_bn * p)1306 _libssh2_os400qc3_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret,
1307 _libssh2_bn *f, _libssh2_bn *p)
1308 {
1309 char *pubkey;
1310 int pubkeysize;
1311 char *secretbuf;
1312 int secretbufsize;
1313 int secretbuflen;
1314 Qus_EC_t errcode;
1315
1316 pubkeysize = (_libssh2_bn_bits(f) + 7) >> 3;
1317 pubkey = alloca(pubkeysize);
1318 _libssh2_bn_to_bin(f, pubkey);
1319 secretbufsize = (_libssh2_bn_bits(p) + 7) >> 3;
1320 secretbuf = alloca(pubkeysize);
1321 set_EC_length(errcode, sizeof errcode);
1322 Qc3CalculateDHSecretKey(dhctx->token, pubkey, &pubkeysize,
1323 secretbuf, &secretbufsize, &secretbuflen,
1324 &errcode);
1325 if(errcode.Bytes_Available)
1326 return -1;
1327 return _libssh2_bn_from_bin(secret,
1328 secretbuflen, (unsigned char *) secretbuf);
1329 }
1330
1331 void
_libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx * dhctx)1332 _libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx *dhctx)
1333 {
1334 if(!null_token(dhctx->token)) {
1335 Qc3DestroyAlgorithmContext(dhctx->token, (char *) &ecnull);
1336 memset((char *) dhctx, 0, sizeof *dhctx);
1337 }
1338 }
1339
1340
1341 /*******************************************************************
1342 *
1343 * OS/400 QC3 crypto-library backend: PKCS#5 supplement.
1344 *
1345 *******************************************************************/
1346
1347 static int
oidcmp(const asn1Element * e,const unsigned char * oid)1348 oidcmp(const asn1Element *e, const unsigned char *oid)
1349 {
1350 int i = e->end - e->beg - *oid++;
1351
1352 if(*e->header != ASN1_OBJ_ID)
1353 return -2;
1354 if(!i)
1355 i = memcmp(e->beg, oid, oid[-1]);
1356 return i;
1357 }
1358
1359 static int
asn1getword(asn1Element * e,unsigned long * v)1360 asn1getword(asn1Element *e, unsigned long *v)
1361 {
1362 unsigned long a;
1363 const unsigned char *cp;
1364
1365 if(*e->header != ASN1_INTEGER)
1366 return -1;
1367 for(cp = e->beg; cp < e->end && !*cp; cp++)
1368 ;
1369 if(e->end - cp > sizeof a)
1370 return -1;
1371 for(a = 0; cp < e->end; cp++)
1372 a = (a << 8) | *cp;
1373 *v = a;
1374 return 0;
1375 }
1376
1377 static int
pbkdf1(LIBSSH2_SESSION * session,char ** dk,const unsigned char * passphrase,pkcs5params * pkcs5)1378 pbkdf1(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase,
1379 pkcs5params *pkcs5)
1380 {
1381 int i;
1382 Qc3_Format_ALGD0100_T hctx;
1383 int len = pkcs5->saltlen;
1384 char *data = (char *) pkcs5->salt;
1385
1386 *dk = NULL;
1387 if(pkcs5->dklen > pkcs5->hashlen)
1388 return -1;
1389
1390 /* Allocate the derived key buffer. */
1391 *dk = LIBSSH2_ALLOC(session, pkcs5->hashlen);
1392 if(!*dk)
1393 return -1;
1394
1395 /* Initial hash. */
1396 libssh2_os400qc3_hash_init(&hctx, pkcs5->hash);
1397 libssh2_os400qc3_hash_update(&hctx, passphrase, strlen(passphrase));
1398 hctx.Final_Op_Flag = Qc3_Final;
1399 Qc3CalculateHash((char *) pkcs5->salt, &len, Qc3_Data, (char *) &hctx,
1400 Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
1401
1402 /* Iterate. */
1403 len = pkcs5->hashlen;
1404 for(i = 1; i < pkcs5->itercount; i++)
1405 Qc3CalculateHash((char *) *dk, &len, Qc3_Data, (char *) &hctx,
1406 Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
1407
1408 /* Special stuff for PBES1: split derived key into 8-byte key and 8-byte
1409 initialization vector. */
1410 pkcs5->dklen = 8;
1411 pkcs5->ivlen = 8;
1412 pkcs5->iv = *dk + 8;
1413
1414 /* Clean-up and exit. */
1415 Qc3DestroyAlgorithmContext(hctx.Alg_Context_Token, (char *) &ecnull);
1416 return 0;
1417 }
1418
1419 static int
pbkdf2(LIBSSH2_SESSION * session,char ** dk,const unsigned char * passphrase,pkcs5params * pkcs5)1420 pbkdf2(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase,
1421 pkcs5params *pkcs5)
1422 {
1423 size_t i;
1424 size_t k;
1425 int j;
1426 int l;
1427 uint32_t ni;
1428 unsigned long long t;
1429 char *mac;
1430 char *buf;
1431 _libssh2_os400qc3_crypto_ctx hctx;
1432
1433 *dk = NULL;
1434 t = ((unsigned long long) pkcs5->dklen + pkcs5->hashlen - 1) /
1435 pkcs5->hashlen;
1436 if(t > 0xFFFFFFFF)
1437 return -1;
1438 mac = alloca(pkcs5->hashlen);
1439 if(!mac)
1440 return -1;
1441
1442 /* Allocate the derived key buffer. */
1443 l = t;
1444 buf = LIBSSH2_ALLOC(session, l * pkcs5->hashlen);
1445 if(!buf)
1446 return -1;
1447 *dk = buf;
1448
1449 /* Create an HMAC context for our computations. */
1450 libssh2_os400qc3_hmac_init(&hctx, pkcs5->hash, pkcs5->hashlen,
1451 (void *) passphrase, strlen(passphrase));
1452
1453 /* Process each hLen-size blocks. */
1454 for(i = 1; i <= l; i++) {
1455 ni = htonl(i);
1456 libssh2_os400qc3_hmac_update(&hctx, pkcs5->salt, pkcs5->saltlen);
1457 libssh2_os400qc3_hmac_update(&hctx, (char *) &ni, sizeof ni);
1458 libssh2_os400qc3_hmac_final(&hctx, mac);
1459 memcpy(buf, mac, pkcs5->hashlen);
1460 for(j = 1; j < pkcs5->itercount; j++) {
1461 libssh2_os400qc3_hmac_update(&hctx, mac, pkcs5->hashlen);
1462 libssh2_os400qc3_hmac_final(&hctx, mac);
1463 for(k = 0; k < pkcs5->hashlen; k++)
1464 buf[k] ^= mac[k];
1465 }
1466 buf += pkcs5->hashlen;
1467 }
1468
1469 /* Computation done. Release HMAC context. */
1470 _libssh2_os400qc3_crypto_dtor(&hctx);
1471 return 0;
1472 }
1473
1474 static int
parse_pkcs5_algorithm(LIBSSH2_SESSION * session,pkcs5params * pkcs5,asn1Element * algid,pkcs5algo ** algotable)1475 parse_pkcs5_algorithm(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1476 asn1Element *algid, pkcs5algo **algotable)
1477 {
1478 asn1Element oid;
1479 asn1Element param;
1480 char *cp;
1481
1482 cp = getASN1Element(&oid, algid->beg, algid->end);
1483 if(!cp || *oid.header != ASN1_OBJ_ID)
1484 return -1;
1485 param.header = NULL;
1486 if(cp < algid->end)
1487 cp = getASN1Element(¶m, cp, algid->end);
1488 if(cp != algid->end)
1489 return -1;
1490 for(; *algotable; algotable++)
1491 if(!oidcmp(&oid, (*algotable)->oid))
1492 return (*(*algotable)->parse)(session, pkcs5, *algotable,
1493 param.header? ¶m: NULL);
1494 return -1;
1495 }
1496
1497 static int
parse_pbes2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1498 parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1499 pkcs5algo *algo, asn1Element *param)
1500 {
1501 asn1Element keyDerivationFunc;
1502 asn1Element encryptionScheme;
1503 char *cp;
1504
1505 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1506 return -1;
1507 cp = getASN1Element(&keyDerivationFunc, param->beg, param->end);
1508 if(!cp || *keyDerivationFunc.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1509 return -1;
1510 if(getASN1Element(&encryptionScheme, cp, param->end) != param->end ||
1511 *encryptionScheme.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1512 return -1;
1513 if(parse_pkcs5_algorithm(session, pkcs5, &encryptionScheme, pbes2enctable))
1514 return -1;
1515 if(parse_pkcs5_algorithm(session, pkcs5, &keyDerivationFunc, pbkdf2table))
1516 return -1;
1517 return 0;
1518 }
1519
1520 static int
parse_pbkdf2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1521 parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1522 pkcs5algo *algo, asn1Element *param)
1523 {
1524 asn1Element salt;
1525 asn1Element iterationCount;
1526 asn1Element keyLength;
1527 asn1Element prf;
1528 unsigned long itercount;
1529 char *cp;
1530
1531 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1532 return -1;
1533 cp = getASN1Element(&salt, param->beg, param->end);
1534 /* otherSource not supported. */
1535 if(!cp || *salt.header != ASN1_OCTET_STRING)
1536 return -1;
1537 cp = getASN1Element(&iterationCount, cp, param->end);
1538 if(!cp || *iterationCount.header != ASN1_INTEGER)
1539 return -1;
1540 keyLength.header = prf.header = NULL;
1541 if(cp < param->end) {
1542 cp = getASN1Element(&prf, cp, param->end);
1543 if(!cp)
1544 return -1;
1545 if(*prf.header == ASN1_INTEGER) {
1546 keyLength = prf;
1547 prf.header = NULL;
1548 if(cp < param->end)
1549 cp = getASN1Element(&prf, cp, param->end);
1550 }
1551 if(cp != param->end)
1552 return -1;
1553 }
1554 pkcs5->hash = algo->hash;
1555 pkcs5->hashlen = algo->hashlen;
1556 if(prf.header) {
1557 if(*prf.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1558 return -1;
1559 if(parse_pkcs5_algorithm(session, pkcs5, &prf, kdf2prftable))
1560 return -1;
1561 }
1562 pkcs5->saltlen = salt.end - salt.beg;
1563 pkcs5->salt = salt.beg;
1564 if(asn1getword(&iterationCount, &itercount) ||
1565 !itercount || itercount > 100000)
1566 return -1;
1567 pkcs5->itercount = itercount;
1568 pkcs5->kdf = pbkdf2;
1569 return 0;
1570 }
1571
1572 static int
parse_hmacWithSHA1(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1573 parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1574 pkcs5algo *algo, asn1Element *param)
1575 {
1576 if(!param || *param->header != ASN1_NULL)
1577 return -1;
1578 pkcs5->hash = algo->hash;
1579 pkcs5->hashlen = algo->hashlen;
1580 return 0;
1581 }
1582
1583 static int
parse_iv(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1584 parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1585 pkcs5algo *algo, asn1Element *param)
1586 {
1587 if(!param || *param->header != ASN1_OCTET_STRING ||
1588 param->end - param->beg != algo->ivlen)
1589 return -1;
1590 pkcs5->cipher = algo->cipher;
1591 pkcs5->blocksize = algo->blocksize;
1592 pkcs5->mode = algo->mode;
1593 pkcs5->padopt = algo->padopt;
1594 pkcs5->padchar = algo->padchar;
1595 pkcs5->dklen = algo->keylen;
1596 pkcs5->ivlen = algo->ivlen;
1597 pkcs5->iv = param->beg;
1598 return 0;
1599 }
1600
1601 static int
parse_rc2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1602 parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1603 pkcs5algo *algo, asn1Element *param)
1604 {
1605 asn1Element iv;
1606 unsigned long effkeysize;
1607 char *cp;
1608
1609 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1610 return -1;
1611 cp = getASN1Element(&iv, param->beg, param->end);
1612 if(!cp)
1613 return -1;
1614 effkeysize = algo->effkeysize;
1615 if(*iv.header == ASN1_INTEGER) {
1616 if(asn1getword(&iv, &effkeysize) || effkeysize > 1024)
1617 return -1;
1618
1619 cp = getASN1Element(&iv, cp, param->end);
1620 if(effkeysize < 256)
1621 switch(effkeysize) {
1622 case 160:
1623 effkeysize = 40;
1624 case 120:
1625 effkeysize = 64;
1626 case 58:
1627 effkeysize = 128;
1628 break;
1629 default:
1630 return -1;
1631 }
1632 }
1633 if(effkeysize > 1024 || cp != param->end ||
1634 *iv.header != ASN1_OCTET_STRING || iv.end - iv.beg != algo->ivlen)
1635 return -1;
1636 pkcs5->cipher = algo->cipher;
1637 pkcs5->blocksize = algo->blocksize;
1638 pkcs5->mode = algo->mode;
1639 pkcs5->padopt = algo->padopt;
1640 pkcs5->padchar = algo->padchar;
1641 pkcs5->ivlen = algo->ivlen;
1642 pkcs5->iv = iv.beg;
1643 pkcs5->effkeysize = effkeysize;
1644 pkcs5->dklen = (effkeysize + 8 - 1) / 8;
1645 return 0;
1646 }
1647
1648 static int
parse_pbes1(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1649 parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1650 pkcs5algo *algo, asn1Element *param)
1651 {
1652 asn1Element salt;
1653 asn1Element iterationCount;
1654 unsigned long itercount;
1655 char *cp;
1656
1657 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1658 return -1;
1659
1660 cp = getASN1Element(&salt, param->beg, param->end);
1661 if(!cp || *salt.header != ASN1_OCTET_STRING ||
1662 salt.end - salt.beg != algo->saltlen)
1663 return -1;
1664 if(getASN1Element(&iterationCount, cp, param->end) != param->end ||
1665 *iterationCount.header != ASN1_INTEGER)
1666 return -1;
1667 if(asn1getword(&iterationCount, &itercount) ||
1668 !itercount || itercount > 100000)
1669 return -1;
1670 pkcs5->cipher = algo->cipher;
1671 pkcs5->blocksize = algo->blocksize;
1672 pkcs5->mode = algo->mode;
1673 pkcs5->padopt = algo->padopt;
1674 pkcs5->padchar = algo->padchar;
1675 pkcs5->hash = algo->hash;
1676 pkcs5->hashlen = algo->hashlen;
1677 pkcs5->dklen = 16;
1678 pkcs5->saltlen = algo->saltlen;
1679 pkcs5->effkeysize = algo->effkeysize;
1680 pkcs5->salt = salt.beg;
1681 pkcs5->kdf = pbkdf1;
1682 pkcs5->itercount = itercount;
1683 return 0;
1684 }
1685
1686 static int
pkcs8kek(LIBSSH2_SESSION * session,_libssh2_os400qc3_crypto_ctx ** ctx,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,asn1Element * privkeyinfo)1687 pkcs8kek(LIBSSH2_SESSION *session, _libssh2_os400qc3_crypto_ctx **ctx,
1688 const unsigned char *data, unsigned int datalen,
1689 const unsigned char *passphrase, asn1Element *privkeyinfo)
1690 {
1691 asn1Element encprivkeyinfo;
1692 asn1Element pkcs5alg;
1693 pkcs5params pkcs5;
1694 size_t pplen;
1695 char *cp;
1696 unsigned long t;
1697 int i;
1698 char *dk = NULL;
1699 Qc3_Format_ALGD0200_T algd;
1700 Qus_EC_t errcode;
1701
1702 /* Determine if the PKCS#8 data is encrypted and, if so, set-up a
1703 key encryption key and algorithm in context.
1704 Return 1 if encrypted, 0, if not, -1 if error. */
1705
1706 *ctx = NULL;
1707 privkeyinfo->beg = (char *) data;
1708 privkeyinfo->end = privkeyinfo->beg + datalen;
1709
1710 /* If no passphrase is given, it cannot be an encrypted key. */
1711 if(!passphrase || !*passphrase)
1712 return 0;
1713
1714 /* Parse PKCS#8 data, checking if ASN.1 format is PrivateKeyInfo or
1715 EncryptedPrivateKeyInfo. */
1716 if(getASN1Element(&encprivkeyinfo, privkeyinfo->beg, privkeyinfo->end) !=
1717 (char *) data + datalen ||
1718 *encprivkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1719 return -1;
1720 cp = getASN1Element(&pkcs5alg, encprivkeyinfo.beg, encprivkeyinfo.end);
1721 if(!cp)
1722 return -1;
1723
1724 switch(*pkcs5alg.header) {
1725 case ASN1_INTEGER: /* Version. */
1726 return 0; /* This is a PrivateKeyInfo --> not encrypted. */
1727 case ASN1_SEQ | ASN1_CONSTRUCTED: /* AlgorithIdentifier. */
1728 break; /* This is an EncryptedPrivateKeyInfo --> encrypted. */
1729 default:
1730 return -1; /* Unrecognized: error. */
1731 }
1732
1733 /* Get the encrypted key data. */
1734 if(getASN1Element(privkeyinfo, cp, encprivkeyinfo.end) !=
1735 encprivkeyinfo.end || *privkeyinfo->header != ASN1_OCTET_STRING)
1736 return -1;
1737
1738 /* PKCS#5: parse the PBES AlgorithmIdentifier and recursively get all
1739 encryption parameters. */
1740 memset((char *) &pkcs5, 0, sizeof pkcs5);
1741 if(parse_pkcs5_algorithm(session, &pkcs5, &pkcs5alg, pbestable))
1742 return -1;
1743
1744 /* Compute the derived key. */
1745 if((*pkcs5.kdf)(session, &dk, passphrase, &pkcs5))
1746 return -1;
1747
1748 /* Prepare the algorithm descriptor. */
1749 memset((char *) &algd, 0, sizeof algd);
1750 algd.Block_Cipher_Alg = pkcs5.cipher;
1751 algd.Block_Length = pkcs5.blocksize;
1752 algd.Mode = pkcs5.mode;
1753 algd.Pad_Option = pkcs5.padopt;
1754 algd.Pad_Character = pkcs5.padchar;
1755 algd.Effective_Key_Size = pkcs5.effkeysize;
1756 memcpy(algd.Init_Vector, pkcs5.iv, pkcs5.ivlen);
1757
1758 /* Create the key and algorithm context tokens. */
1759 *ctx = libssh2_init_crypto_ctx(NULL);
1760 if(!*ctx) {
1761 LIBSSH2_FREE(session, dk);
1762 return -1;
1763 }
1764 libssh2_init_crypto_ctx(*ctx);
1765 set_EC_length(errcode, sizeof errcode);
1766 Qc3CreateKeyContext(dk, &pkcs5.dklen, binstring, &algd.Block_Cipher_Alg,
1767 qc3clear, NULL, NULL, (*ctx)->key.Key_Context_Token,
1768 (char *) &errcode);
1769 LIBSSH2_FREE(session, dk);
1770 if(errcode.Bytes_Available) {
1771 free((char *) *ctx);
1772 *ctx = NULL;
1773 return -1;
1774 }
1775
1776 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Block_Cipher,
1777 (*ctx)->hash.Alg_Context_Token, &errcode);
1778 if(errcode.Bytes_Available) {
1779 Qc3DestroyKeyContext((*ctx)->key.Key_Context_Token, (char *) &ecnull);
1780 free((char *) *ctx);
1781 *ctx = NULL;
1782 return -1;
1783 }
1784 return 1; /* Tell it's encrypted. */
1785 }
1786
1787 static int
rsapkcs8privkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1788 rsapkcs8privkey(LIBSSH2_SESSION *session,
1789 const unsigned char *data, unsigned int datalen,
1790 const unsigned char *passphrase, void *loadkeydata)
1791 {
1792 libssh2_rsa_ctx *ctx = (libssh2_rsa_ctx *) loadkeydata;
1793 char keyform = Qc3_Clear;
1794 char *kek = NULL;
1795 char *kea = NULL;
1796 _libssh2_os400qc3_crypto_ctx *kekctx;
1797 asn1Element pki;
1798 int pkilen;
1799 Qus_EC_t errcode;
1800
1801 switch(pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) {
1802 case 1:
1803 keyform = Qc3_Encrypted;
1804 kek = kekctx->key.Key_Context_Token;
1805 kea = kekctx->hash.Alg_Context_Token;
1806 case 0:
1807 break;
1808 default:
1809 return -1;
1810 }
1811
1812 set_EC_length(errcode, sizeof errcode);
1813 pkilen = pki.end - pki.beg;
1814 Qc3CreateKeyContext((unsigned char *) pki.beg, &pkilen, berstring,
1815 rsaprivate, &keyform, kek, kea,
1816 ctx->key.Key_Context_Token, (char *) &errcode);
1817 if(errcode.Bytes_Available) {
1818 if(kekctx)
1819 _libssh2_os400qc3_crypto_dtor(kekctx);
1820 return -1;
1821 }
1822 ctx->kek = kekctx;
1823 return 0;
1824 }
1825
1826 static char *
storewithlength(char * p,const char * data,int length)1827 storewithlength(char *p, const char *data, int length)
1828 {
1829 _libssh2_htonu32(p, length);
1830 if(length)
1831 memcpy(p + 4, data, length);
1832 return p + 4 + length;
1833 }
1834
1835 static int
sshrsapubkey(LIBSSH2_SESSION * session,char ** sshpubkey,asn1Element * params,asn1Element * key,const char * method)1836 sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
1837 asn1Element *params, asn1Element *key, const char *method)
1838 {
1839 int methlen = strlen(method);
1840 asn1Element keyseq;
1841 asn1Element m;
1842 asn1Element e;
1843 int len;
1844 char *cp;
1845
1846 if(getASN1Element(&keyseq, key->beg + 1, key->end) != key->end ||
1847 *keyseq.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1848 return -1;
1849 if(!getASN1Element(&m, keyseq.beg, keyseq.end) ||
1850 *m.header != ASN1_INTEGER)
1851 return -1;
1852 if(getASN1Element(&e, m.end, keyseq.end) != keyseq.end ||
1853 *e.header != ASN1_INTEGER)
1854 return -1;
1855 len = 4 + methlen + 4 + (e.end - e.beg) + 4 + (m.end - m.beg);
1856 cp = LIBSSH2_ALLOC(session, len);
1857 if(!cp)
1858 return -1;
1859 *sshpubkey = cp;
1860 cp = storewithlength(cp, method, methlen);
1861 cp = storewithlength(cp, e.beg, e.end - e.beg);
1862 cp = storewithlength(cp, m.beg, m.end - m.beg);
1863 return len;
1864 }
1865
1866 static int
rsapkcs8pubkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1867 rsapkcs8pubkey(LIBSSH2_SESSION *session,
1868 const unsigned char *data, unsigned int datalen,
1869 const unsigned char *passphrase, void *loadkeydata)
1870 {
1871 loadpubkeydata *p = (loadpubkeydata *) loadkeydata;
1872 char *buf;
1873 int len;
1874 char *cp;
1875 int i;
1876 char keyform = Qc3_Clear;
1877 char *kek = NULL;
1878 char *kea = NULL;
1879 _libssh2_os400qc3_crypto_ctx *kekctx;
1880 asn1Element subjpubkeyinfo;
1881 asn1Element algorithmid;
1882 asn1Element algorithm;
1883 asn1Element subjpubkey;
1884 asn1Element parameters;
1885 asn1Element pki;
1886 int pkilen;
1887 Qus_EC_t errcode;
1888
1889 buf = alloca(datalen);
1890 if(!buf)
1891 return -1;
1892
1893 switch(pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) {
1894 case 1:
1895 keyform = Qc3_Encrypted;
1896 kek = kekctx->key.Key_Context_Token;
1897 kea = kekctx->hash.Alg_Context_Token;
1898 case 0:
1899 break;
1900 default:
1901 return -1;
1902 }
1903
1904 set_EC_length(errcode, sizeof errcode);
1905 pkilen = pki.end - pki.beg;
1906 Qc3ExtractPublicKey(pki.beg, &pkilen, berstring, &keyform,
1907 kek, kea, buf, (int *) &datalen, &len, &errcode);
1908 _libssh2_os400qc3_crypto_dtor(kekctx);
1909 if(errcode.Bytes_Available)
1910 return -1;
1911 /* Get the algorithm OID and key data from SubjectPublicKeyInfo. */
1912 if(getASN1Element(&subjpubkeyinfo, buf, buf + len) != buf + len ||
1913 *subjpubkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1914 return -1;
1915 cp = getASN1Element(&algorithmid, subjpubkeyinfo.beg, subjpubkeyinfo.end);
1916 if(!cp || *algorithmid.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1917 return -1;
1918 if(!getASN1Element(&algorithm, algorithmid.beg, algorithmid.end) ||
1919 *algorithm.header != ASN1_OBJ_ID)
1920 return -1;
1921 if(getASN1Element(&subjpubkey, cp, subjpubkeyinfo.end) !=
1922 subjpubkeyinfo.end || *subjpubkey.header != ASN1_BIT_STRING)
1923 return -1;
1924 /* Check for supported algorithm. */
1925 for(i = 0; pka[i].oid; i++)
1926 if(!oidcmp(&algorithm, pka[i].oid)) {
1927 len = (*pka[i].sshpubkey)(session, &p->data, &algorithmid,
1928 &subjpubkey, pka[i].method);
1929 if(len < 0)
1930 return -1;
1931 p->length = len;
1932 p->method = pka[i].method;
1933 return 0;
1934 }
1935 return -1; /* Algorithm not supported. */
1936 }
1937
1938 static int
pkcs1topkcs8(LIBSSH2_SESSION * session,const unsigned char ** data8,unsigned int * datalen8,const unsigned char * data1,unsigned int datalen1)1939 pkcs1topkcs8(LIBSSH2_SESSION *session,
1940 const unsigned char **data8, unsigned int *datalen8,
1941 const unsigned char *data1, unsigned int datalen1)
1942 {
1943 asn1Element *prvk;
1944 asn1Element *pkcs8;
1945 unsigned char *data;
1946
1947 *data8 = NULL;
1948 *datalen8 = 0;
1949 if(datalen1 < 2)
1950 return -1;
1951 prvk = asn1_new_from_bytes(data1, datalen1);
1952 if(!prvk)
1953 return -1;
1954 pkcs8 = rsaprivatekeyinfo(prvk);
1955 asn1delete(prvk);
1956 if(!prvk) {
1957 asn1delete(pkcs8);
1958 pkcs8 = NULL;
1959 }
1960 if(!pkcs8)
1961 return -1;
1962 data = (unsigned char *) LIBSSH2_ALLOC(session,
1963 pkcs8->end - pkcs8->header);
1964 if(!data) {
1965 asn1delete(pkcs8);
1966 return -1;
1967 }
1968 *data8 = data;
1969 *datalen8 = pkcs8->end - pkcs8->header;
1970 memcpy((char *) data, (char *) pkcs8->header, *datalen8);
1971 asn1delete(pkcs8);
1972 return 0;
1973 }
1974
1975 static int
rsapkcs1privkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1976 rsapkcs1privkey(LIBSSH2_SESSION *session,
1977 const unsigned char *data, unsigned int datalen,
1978 const unsigned char *passphrase, void *loadkeydata)
1979 {
1980 const unsigned char *data8;
1981 unsigned int datalen8;
1982 int ret;
1983
1984 if(pkcs1topkcs8(session, &data8, &datalen8, data, datalen))
1985 return -1;
1986 ret = rsapkcs8privkey(session, data8, datalen8, passphrase, loadkeydata);
1987 LIBSSH2_FREE(session, (char *) data8);
1988 return ret;
1989 }
1990
1991 static int
rsapkcs1pubkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1992 rsapkcs1pubkey(LIBSSH2_SESSION *session,
1993 const unsigned char *data, unsigned int datalen,
1994 const unsigned char *passphrase, void *loadkeydata)
1995 {
1996 const unsigned char *data8;
1997 unsigned int datalen8;
1998 int ret;
1999
2000 if(pkcs1topkcs8(session, &data8, &datalen8, data, datalen))
2001 return -1;
2002 ret = rsapkcs8pubkey(session, data8, datalen8, passphrase, loadkeydata);
2003 LIBSSH2_FREE(session, (char *) data8);
2004 return ret;
2005 }
2006
2007 static int
try_pem_load(LIBSSH2_SESSION * session,FILE * fp,const unsigned char * passphrase,const char * header,const char * trailer,loadkeyproc proc,void * loadkeydata)2008 try_pem_load(LIBSSH2_SESSION *session, FILE *fp,
2009 const unsigned char *passphrase,
2010 const char *header, const char *trailer,
2011 loadkeyproc proc, void *loadkeydata)
2012 {
2013 unsigned char *data = NULL;
2014 unsigned int datalen = 0;
2015 int c;
2016 int ret;
2017
2018 fseek(fp, 0L, SEEK_SET);
2019 for(;;) {
2020 ret = _libssh2_pem_parse(session, header, trailer,
2021 passphrase,
2022 fp, &data, &datalen);
2023
2024 if(!ret) {
2025 ret = (*proc)(session, data, datalen, passphrase, loadkeydata);
2026 if(!ret)
2027 return 0;
2028 }
2029
2030 if(data) {
2031 LIBSSH2_FREE(session, data);
2032 data = NULL;
2033 }
2034 c = getc(fp);
2035
2036 if(c == EOF)
2037 break;
2038
2039 ungetc(c, fp);
2040 }
2041
2042 return -1;
2043 }
2044
2045 static int
load_rsa_private_file(LIBSSH2_SESSION * session,const char * filename,unsigned const char * passphrase,loadkeyproc proc1,loadkeyproc proc8,void * loadkeydata)2046 load_rsa_private_file(LIBSSH2_SESSION *session, const char *filename,
2047 unsigned const char *passphrase,
2048 loadkeyproc proc1, loadkeyproc proc8, void *loadkeydata)
2049 {
2050 FILE *fp = fopen(filename, fopenrmode);
2051 unsigned char *data = NULL;
2052 size_t datalen = 0;
2053 int ret;
2054 long filesize;
2055
2056 if(!fp)
2057 return -1;
2058
2059 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2060 --> PKCS#8 EncryptedPrivateKeyInfo */
2061 ret = try_pem_load(session, fp, passphrase, beginencprivkeyhdr,
2062 endencprivkeyhdr, proc8, loadkeydata);
2063
2064 /* Try with "PRIVATE KEY" PEM armor.
2065 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2066 if(ret)
2067 ret = try_pem_load(session, fp, passphrase, beginprivkeyhdr,
2068 endprivkeyhdr, proc8, loadkeydata);
2069
2070 /* Try with "RSA PRIVATE KEY" PEM armor.
2071 --> PKCS#1 RSAPrivateKey */
2072 if(ret)
2073 ret = try_pem_load(session, fp, passphrase, beginrsaprivkeyhdr,
2074 endrsaprivkeyhdr, proc1, loadkeydata);
2075 fclose(fp);
2076
2077 if(ret) {
2078 /* Try DER encoding. */
2079 fp = fopen(filename, fopenrbmode);
2080 fseek(fp, 0L, SEEK_END);
2081 filesize = ftell(fp);
2082
2083 if(filesize <= 32768) { /* Limit to a reasonable size. */
2084 datalen = filesize;
2085 data = (unsigned char *) alloca(datalen);
2086 if(data) {
2087 fseek(fp, 0L, SEEK_SET);
2088 fread(data, datalen, 1, fp);
2089
2090 /* Try as PKCS#8 DER data.
2091 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2092 ret = (*proc8)(session, data, datalen, passphrase,
2093 loadkeydata);
2094
2095 /* Try as PKCS#1 DER data.
2096 --> PKCS#1 RSAPrivateKey */
2097 if(ret)
2098 ret = (*proc1)(session, data, datalen, passphrase,
2099 loadkeydata);
2100 }
2101 }
2102 fclose(fp);
2103 }
2104
2105 return ret;
2106 }
2107
2108 int
_libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,LIBSSH2_SESSION * session,const char * filename,unsigned const char * passphrase)2109 _libssh2_rsa_new_private(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session,
2110 const char *filename, unsigned const char *passphrase)
2111 {
2112 libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL);
2113 int ret;
2114 Qc3_Format_ALGD0400_T algd;
2115 Qus_EC_t errcode;
2116
2117 if(!ctx)
2118 return -1;
2119 ret = load_rsa_private_file(session, filename, passphrase,
2120 rsapkcs1privkey, rsapkcs8privkey,
2121 (void *) ctx);
2122 if(!ret) {
2123 /* Create the algorithm context. */
2124 algd.Public_Key_Alg = Qc3_RSA;
2125 algd.PKA_Block_Format = Qc3_PKCS1_01;
2126 memset(algd.Reserved, 0, sizeof algd.Reserved);
2127 algd.Signing_Hash_Alg = Qc3_SHA1;
2128 set_EC_length(errcode, sizeof errcode);
2129 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
2130 ctx->hash.Alg_Context_Token, &errcode);
2131 if(errcode.Bytes_Available)
2132 ret = -1;
2133 }
2134 if(ret) {
2135 _libssh2_os400qc3_crypto_dtor(ctx);
2136 ctx = NULL;
2137 }
2138 *rsa = ctx;
2139 return ret;
2140 }
2141
2142 int
_libssh2_pub_priv_keyfile(LIBSSH2_SESSION * session,unsigned char ** method,size_t * method_len,unsigned char ** pubkeydata,size_t * pubkeydata_len,const char * privatekey,const char * passphrase)2143 _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
2144 unsigned char **method, size_t *method_len,
2145 unsigned char **pubkeydata, size_t *pubkeydata_len,
2146 const char *privatekey, const char *passphrase)
2147
2148 {
2149 loadpubkeydata p;
2150 int ret;
2151
2152 *method = NULL;
2153 *method_len = 0;
2154 *pubkeydata = NULL;
2155 *pubkeydata_len = 0;
2156
2157 ret = load_rsa_private_file(session, privatekey, passphrase,
2158 rsapkcs1pubkey, rsapkcs8pubkey, (void *) &p);
2159 if(!ret) {
2160 *method_len = strlen(p.method);
2161 *method = LIBSSH2_ALLOC(session, *method_len);
2162 if(*method)
2163 memcpy((char *) *method, p.method, *method_len);
2164 else
2165 ret = -1;
2166 }
2167
2168 if(ret) {
2169 if(*method)
2170 LIBSSH2_FREE(session, *method);
2171 if(p.data)
2172 LIBSSH2_FREE(session, (void *) p.data);
2173 *method = NULL;
2174 *method_len = 0;
2175 }
2176 else {
2177 *pubkeydata = (unsigned char *) p.data;
2178 *pubkeydata_len = p.length;
2179 }
2180
2181 return ret;
2182 }
2183
2184 int
_libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa,LIBSSH2_SESSION * session,const char * filedata,size_t filedata_len,unsigned const char * passphrase)2185 _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
2186 LIBSSH2_SESSION *session,
2187 const char *filedata,
2188 size_t filedata_len,
2189 unsigned const char *passphrase)
2190 {
2191 libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL);
2192 unsigned char *data = NULL;
2193 unsigned int datalen = 0;
2194 int ret;
2195 Qc3_Format_ALGD0400_T algd;
2196 Qus_EC_t errcode;
2197
2198 if(!ctx)
2199 return -1;
2200
2201 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2202 --> PKCS#8 EncryptedPrivateKeyInfo */
2203 ret = _libssh2_pem_parse_memory(session,
2204 beginencprivkeyhdr, endencprivkeyhdr,
2205 filedata, filedata_len, &data, &datalen);
2206
2207 /* Try with "PRIVATE KEY" PEM armor.
2208 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2209 if(ret)
2210 ret = _libssh2_pem_parse_memory(session,
2211 beginprivkeyhdr, endprivkeyhdr,
2212 filedata, filedata_len,
2213 &data, &datalen);
2214
2215 if(!ret) {
2216 /* Process PKCS#8. */
2217 ret = rsapkcs8privkey(session,
2218 data, datalen, passphrase, (void *) &ctx);
2219 }
2220 else {
2221 /* Try with "RSA PRIVATE KEY" PEM armor.
2222 --> PKCS#1 RSAPrivateKey */
2223 ret = _libssh2_pem_parse_memory(session,
2224 beginrsaprivkeyhdr, endrsaprivkeyhdr,
2225 filedata, filedata_len,
2226 &data, &datalen);
2227 if(!ret)
2228 ret = rsapkcs1privkey(session,
2229 data, datalen, passphrase, (void *) &ctx);
2230 }
2231
2232 if(ret) {
2233 /* Try as PKCS#8 DER data.
2234 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2235 ret = rsapkcs8privkey(session, filedata, filedata_len,
2236 passphrase, (void *) &ctx);
2237
2238 /* Try as PKCS#1 DER data.
2239 --> PKCS#1 RSAPrivateKey */
2240 if(ret)
2241 ret = rsapkcs1privkey(session, filedata, filedata_len,
2242 passphrase, (void *) &ctx);
2243 }
2244
2245 if(data)
2246 LIBSSH2_FREE(session, data);
2247
2248 if(!ret) {
2249 /* Create the algorithm context. */
2250 algd.Public_Key_Alg = Qc3_RSA;
2251 algd.PKA_Block_Format = Qc3_PKCS1_01;
2252 memset(algd.Reserved, 0, sizeof algd.Reserved);
2253 algd.Signing_Hash_Alg = Qc3_SHA1;
2254 set_EC_length(errcode, sizeof errcode);
2255 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
2256 ctx->hash.Alg_Context_Token, &errcode);
2257 if(errcode.Bytes_Available)
2258 ret = -1;
2259 }
2260
2261 if(ret) {
2262 _libssh2_os400qc3_crypto_dtor(ctx);
2263 ctx = NULL;
2264 }
2265
2266 *rsa = ctx;
2267 return ret;
2268 }
2269
2270 int
_libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION * session,unsigned char ** method,size_t * method_len,unsigned char ** pubkeydata,size_t * pubkeydata_len,const char * privatekeydata,size_t privatekeydata_len,const char * passphrase)2271 _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
2272 unsigned char **method, size_t *method_len,
2273 unsigned char **pubkeydata,
2274 size_t *pubkeydata_len,
2275 const char *privatekeydata,
2276 size_t privatekeydata_len,
2277 const char *passphrase)
2278 {
2279 loadpubkeydata p;
2280 unsigned char *data = NULL;
2281 unsigned int datalen = 0;
2282 const char *meth;
2283 int ret;
2284
2285 *method = NULL;
2286 *method_len = 0;
2287 *pubkeydata = NULL;
2288 *pubkeydata_len = 0;
2289
2290 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2291 --> PKCS#8 EncryptedPrivateKeyInfo */
2292 ret = _libssh2_pem_parse_memory(session,
2293 beginencprivkeyhdr, endencprivkeyhdr,
2294 privatekeydata, privatekeydata_len,
2295 &data, &datalen);
2296
2297 /* Try with "PRIVATE KEY" PEM armor.
2298 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2299 if(ret)
2300 ret = _libssh2_pem_parse_memory(session,
2301 beginprivkeyhdr, endprivkeyhdr,
2302 privatekeydata, privatekeydata_len,
2303 &data, &datalen);
2304
2305 if(!ret) {
2306 /* Process PKCS#8. */
2307 ret = rsapkcs8pubkey(session,
2308 data, datalen, passphrase, (void *) &p);
2309 }
2310 else {
2311 /* Try with "RSA PRIVATE KEY" PEM armor.
2312 --> PKCS#1 RSAPrivateKey */
2313 ret = _libssh2_pem_parse_memory(session,
2314 beginrsaprivkeyhdr, endrsaprivkeyhdr,
2315 privatekeydata, privatekeydata_len,
2316 &data, &datalen);
2317 if(!ret)
2318 ret = rsapkcs1pubkey(session,
2319 data, datalen, passphrase, (void *) &p);
2320 }
2321
2322 if(ret) {
2323 /* Try as PKCS#8 DER data.
2324 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2325 ret = rsapkcs8pubkey(session, privatekeydata, privatekeydata_len,
2326 passphrase, (void *) &p);
2327
2328 /* Try as PKCS#1 DER data.
2329 --> PKCS#1 RSAPrivateKey */
2330 if(ret)
2331 ret = rsapkcs1pubkey(session, privatekeydata, privatekeydata_len,
2332 passphrase, (void *) &p);
2333 }
2334
2335 if(data)
2336 LIBSSH2_FREE(session, data);
2337
2338 if(!ret) {
2339 *method_len = strlen(p.method);
2340 *method = LIBSSH2_ALLOC(session, *method_len);
2341 if(*method)
2342 memcpy((char *) *method, p.method, *method_len);
2343 else
2344 ret = -1;
2345 }
2346 if(ret) {
2347 if(*method)
2348 LIBSSH2_FREE(session, *method);
2349 if(p.data)
2350 LIBSSH2_FREE(session, (void *) p.data);
2351 *method = NULL;
2352 *method_len = 0;
2353 }
2354 else {
2355 *pubkeydata = (unsigned char *) p.data;
2356 *pubkeydata_len = p.length;
2357 }
2358
2359 return ret;
2360 }
2361
2362 int
_libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,const unsigned char * sig,unsigned long sig_len,const unsigned char * m,unsigned long m_len)2363 _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
2364 const unsigned char *sig, unsigned long sig_len,
2365 const unsigned char *m, unsigned long m_len)
2366 {
2367 Qus_EC_t errcode;
2368 int slen = sig_len;
2369 int mlen = m_len;
2370
2371 set_EC_length(errcode, sizeof errcode);
2372 Qc3VerifySignature((char *) sig, &slen, (char *) m, &mlen, Qc3_Data,
2373 rsa->hash.Alg_Context_Token, Qc3_Alg_Token,
2374 rsa->key.Key_Context_Token, Qc3_Key_Token, anycsp,
2375 NULL, (char *) &errcode);
2376 return errcode.Bytes_Available? -1: 0;
2377 }
2378
2379 int
_libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION * session,unsigned char ** signature,size_t * signature_len,int veccount,const struct iovec vector[],libssh2_rsa_ctx * ctx)2380 _libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION *session,
2381 unsigned char **signature,
2382 size_t *signature_len,
2383 int veccount,
2384 const struct iovec vector[],
2385 libssh2_rsa_ctx *ctx)
2386 {
2387 Qus_EC_t errcode;
2388 int siglen;
2389 unsigned char *sig;
2390 char sigbuf[8192];
2391 int sigbufsize = sizeof sigbuf;
2392
2393 ctx->hash.Final_Op_Flag = Qc3_Final;
2394 set_EC_length(errcode, sizeof errcode);
2395 Qc3CalculateSignature((char *) vector, &veccount, Qc3_Array,
2396 (char *) &ctx->hash, Qc3_Alg_Token,
2397 (char *) &ctx->key, Qc3_Key_Token,
2398 anycsp, NULL, sigbuf, &sigbufsize, &siglen,
2399 (char *) &errcode);
2400 ctx->hash.Final_Op_Flag = Qc3_Continue;
2401 if(errcode.Bytes_Available)
2402 return -1;
2403 sig = LIBSSH2_ALLOC(session, siglen);
2404 if(!sig)
2405 return -1;
2406 memcpy((char *) sig, sigbuf, siglen);
2407 *signature = sig;
2408 *signature_len = siglen;
2409 return 0;
2410 }
2411
2412 #endif /* LIBSSH2_OS400QC3 */
2413
2414 /* vim: set expandtab ts=4 sw=4: */
2415