1 /*
2 * Copyright (C) 2015-2016 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
3 * Copyright (C) 2020 Patrick Monnerat <patrick@monnerat.net>.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms,
7 * with or without modification, are permitted provided
8 * that the following conditions are met:
9 *
10 * Redistributions of source code must retain the above
11 * copyright notice, this list of conditions and the
12 * following disclaimer.
13 *
14 * Redistributions in binary form must reproduce the above
15 * copyright notice, this list of conditions and the following
16 * disclaimer in the documentation and/or other materials
17 * provided with the distribution.
18 *
19 * Neither the name of the copyright holder nor the names
20 * of any other contributors may be used to endorse or
21 * promote products derived from this software without
22 * specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
25 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
26 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
27 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
29 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
30 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
31 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
32 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
34 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
35 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
36 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
37 * OF SUCH DAMAGE.
38 */
39
40 #include "libssh2_priv.h"
41
42 #ifdef LIBSSH2_OS400QC3 /* compile only if we build with OS/400 QC3 library */
43
44 #ifdef HAVE_STDLIB_H
45 #include <stdlib.h>
46 #endif
47
48 #include <stdio.h>
49 #include <stdarg.h>
50 #include <alloca.h>
51 #include <sys/uio.h>
52
53 #include <arpa/inet.h>
54
55
56 #ifdef OS400_DEBUG
57 /* In debug mode, all system library errors cause an exception. */
58 #define set_EC_length(ec, length) ((ec).Bytes_Provided = \
59 (ec).Bytes_Available = 0)
60 #else
61 #define set_EC_length(ec, length) ((ec).Bytes_Provided = (length))
62 #endif
63
64
65 /* Ensure va_list operations are not on an array. */
66 typedef struct {
67 va_list list;
68 } valiststr;
69
70
71 typedef int (*loadkeyproc)(LIBSSH2_SESSION *session,
72 const unsigned char *data, unsigned int datalen,
73 const unsigned char *passphrase, void *loadkeydata);
74
75 /* Public key extraction data. */
76 typedef struct {
77 const char * method;
78 const unsigned char * data;
79 unsigned int length;
80 } loadpubkeydata;
81
82
83 /* Support for ASN.1 elements. */
84
85 typedef struct {
86 char * header; /* Pointer to header byte. */
87 char * beg; /* Pointer to element data. */
88 char * end; /* Pointer to 1st byte after element. */
89 unsigned char class; /* ASN.1 element class. */
90 unsigned char tag; /* ASN.1 element tag. */
91 unsigned char constructed; /* Element is constructed. */
92 } asn1Element;
93
94 #define ASN1_INTEGER 2
95 #define ASN1_BIT_STRING 3
96 #define ASN1_OCTET_STRING 4
97 #define ASN1_NULL 5
98 #define ASN1_OBJ_ID 6
99 #define ASN1_SEQ 16
100
101 #define ASN1_CONSTRUCTED 0x20
102
103 /* rsaEncryption OID: 1.2.840.113549.1.1.1 */
104 static unsigned char OID_rsaEncryption[] =
105 {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 1, 1};
106 static int sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
107 asn1Element *params, asn1Element *key,
108 const char *method);
109
110 #if LIBSSH2_DSA != 0
111 /* dsaEncryption OID: 1.2.840.10040.4.1 */
112 static unsigned char OID_dsaEncryption[] =
113 {7, 40 + 2, 0x86, 0x48, 0xCE, 0x38, 4, 1};
114 static int sshdsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
115 asn1Element *params, asn1Element *key,
116 const char *method);
117 #endif
118
119 static unsigned char OID_dhKeyAgreement[] =
120 {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 3, 1};
121
122
123 /* PKCS#5 support. */
124
125 typedef struct pkcs5params pkcs5params;
126 struct pkcs5params {
127 int cipher; /* Encryption cipher. */
128 int blocksize; /* Cipher block size. */
129 char mode; /* Block encryption mode. */
130 char padopt; /* Pad option. */
131 char padchar; /* Pad character. */
132 int (*kdf)(LIBSSH2_SESSION *session, char **dk,
133 const unsigned char *passphrase, pkcs5params *pkcs5);
134 int hash; /* KDF hash algorithm. */
135 size_t hashlen; /* KDF hash digest length. */
136 char * salt; /* Salt. */
137 size_t saltlen; /* Salt length. */
138 char * iv; /* Initialization vector. */
139 size_t ivlen; /* Initialization vector length. */
140 int itercount; /* KDF iteration count. */
141 int dklen; /* Derived key length (#bytes). */
142 int effkeysize; /* RC2 effective key size (#bits) or 0. */
143 };
144
145 typedef struct pkcs5algo pkcs5algo;
146 struct pkcs5algo {
147 const unsigned char * oid;
148 int (*parse)(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
149 pkcs5algo *algo, asn1Element *param);
150 int cipher; /* Encryption cipher. */
151 size_t blocksize; /* Cipher block size. */
152 char mode; /* Block encryption mode. */
153 char padopt; /* Pad option. */
154 char padchar; /* Pad character. */
155 size_t keylen; /* Key length (#bytes). */
156 int hash; /* Hash algorithm. */
157 size_t hashlen; /* Hash digest length. */
158 size_t saltlen; /* Salt length. */
159 size_t ivlen; /* Initialisation vector length. */
160 int effkeysize; /* RC2 effective key size (#bits) or 0. */
161 };
162
163 /* id-PBES2 OID: 1.2.840.113549.1.5.13 */
164 static const unsigned char OID_id_PBES2[] = {
165 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D
166 };
167 static int parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
168 pkcs5algo *algo, asn1Element *param);
169 static const pkcs5algo PBES2 = {
170 OID_id_PBES2, parse_pbes2, 0, 0, '\0', '\0', '\0', 0,
171 0, 0, 0, 0, 0
172 };
173
174 /* id-PBKDF2 OID: 1.2.840.113549.1.5.12 */
175 static const unsigned char OID_id_PBKDF2[] = {
176 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C
177 };
178 static int parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
179 pkcs5algo *algo, asn1Element *param);
180 static const pkcs5algo PBKDF2 = {
181 OID_id_PBKDF2, parse_pbkdf2, 0, 0, '\0', '\0', '\0',
182 SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0
183 };
184
185 /* id-hmacWithSHA1 OID: 1.2.840.113549.2.7 */
186 static const unsigned char OID_id_hmacWithSHA1[] = {
187 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x07
188 };
189 static int parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
190 pkcs5algo *algo, asn1Element *param);
191 static const pkcs5algo hmacWithSHA1 = {
192 OID_id_hmacWithSHA1, parse_hmacWithSHA1, 0, 0, '\0', '\0', '\0',
193 SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0
194 };
195
196 /* desCBC OID: 1.3.14.3.2.7 */
197 static const unsigned char OID_desCBC[] = {5, 40 + 3, 0x0E, 0x03, 0x02, 0x07};
198 static int parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
199 pkcs5algo *algo, asn1Element *param);
200 static const pkcs5algo desCBC = {
201 OID_desCBC, parse_iv, Qc3_DES, 8, Qc3_CBC, Qc3_Pad_Counter,
202 '\0', 8, 0, 0, 8, 8, 0
203 };
204
205 /* des-EDE3-CBC OID: 1.2.840.113549.3.7 */
206 static const unsigned char OID_des_EDE3_CBC[] = {
207 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07
208 };
209 static const pkcs5algo des_EDE3_CBC = {
210 OID_des_EDE3_CBC, parse_iv, Qc3_TDES, 8, Qc3_CBC, Qc3_Pad_Counter,
211 '\0', 24, 0, 0, 8, 8, 0
212 };
213
214 /* rc2CBC OID: 1.2.840.113549.3.2 */
215 static const unsigned char OID_rc2CBC[] = {
216 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x02
217 };
218 static int parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
219 pkcs5algo *algo, asn1Element *param);
220 static const pkcs5algo rc2CBC = {
221 OID_rc2CBC, parse_rc2, Qc3_RC2, 8, Qc3_CBC, Qc3_Pad_Counter,
222 '\0', 0, 0, 0, 8, 0, 32
223 };
224
225 /* pbeWithMD5AndDES-CBC OID: 1.2.840.113549.1.5.3 */
226 static const unsigned char OID_pbeWithMD5AndDES_CBC[] = {
227 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x03
228 };
229 static int parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
230 pkcs5algo *algo, asn1Element *param);
231 static const pkcs5algo pbeWithMD5AndDES_CBC = {
232 OID_pbeWithMD5AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC,
233 Qc3_Pad_Counter, '\0', 8, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 0
234 };
235
236 /* pbeWithMD5AndRC2-CBC OID: 1.2.840.113549.1.5.6 */
237 static const unsigned char OID_pbeWithMD5AndRC2_CBC[] = {
238 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x06
239 };
240 static const pkcs5algo pbeWithMD5AndRC2_CBC = {
241 OID_pbeWithMD5AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC,
242 Qc3_Pad_Counter, '\0', 0, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 64
243 };
244
245 /* pbeWithSHA1AndDES-CBC OID: 1.2.840.113549.1.5.10 */
246 static const unsigned char OID_pbeWithSHA1AndDES_CBC[] = {
247 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0A
248 };
249 static const pkcs5algo pbeWithSHA1AndDES_CBC = {
250 OID_pbeWithSHA1AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC,
251 Qc3_Pad_Counter, '\0', 8, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 0
252 };
253
254 /* pbeWithSHA1AndRC2-CBC OID: 1.2.840.113549.1.5.11 */
255 static const unsigned char OID_pbeWithSHA1AndRC2_CBC[] = {
256 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0B
257 };
258 static const pkcs5algo pbeWithSHA1AndRC2_CBC = {
259 OID_pbeWithSHA1AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC,
260 Qc3_Pad_Counter, '\0', 0, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 64
261 };
262
263 /* rc5-CBC-PAD OID: 1.2.840.113549.3.9: RC5 not implemented in Qc3. */
264 /* pbeWithMD2AndDES-CBC OID: 1.2.840.113549.1.5.1: MD2 not implemented. */
265 /* pbeWithMD2AndRC2-CBC OID: 1.2.840.113549.1.5.4: MD2 not implemented. */
266
267 static const pkcs5algo * pbestable[] = {
268 &pbeWithMD5AndDES_CBC,
269 &pbeWithMD5AndRC2_CBC,
270 &pbeWithSHA1AndDES_CBC,
271 &pbeWithSHA1AndRC2_CBC,
272 &PBES2,
273 NULL
274 };
275
276 static const pkcs5algo * pbkdf2table[] = {
277 &PBKDF2,
278 NULL
279 };
280
281 static const pkcs5algo * pbes2enctable[] = {
282 &desCBC,
283 &des_EDE3_CBC,
284 &rc2CBC,
285 NULL
286 };
287
288 static const pkcs5algo * kdf2prftable[] = {
289 &hmacWithSHA1,
290 NULL
291 };
292
293
294 /* Public key extraction support. */
295 static struct {
296 unsigned char *oid;
297 int (*sshpubkey)(LIBSSH2_SESSION *session, char **pubkey,
298 asn1Element *params, asn1Element *key,
299 const char *method);
300 const char * method;
301 } pka[] = {
302 #if LIBSSH2_RSA != 0
303 { OID_rsaEncryption, sshrsapubkey, "ssh-rsa" },
304 #endif
305 #if LIBSSH2_DSA != 0
306 { OID_dsaEncryption, sshdsapubkey, "ssh-dss" },
307 #endif
308 { NULL, NULL, NULL }
309 };
310
311 /* Define ASCII strings. */
312 static const char beginencprivkeyhdr[] =
313 "-----BEGIN ENCRYPTED PRIVATE KEY-----";
314 static const char endencprivkeyhdr[] = "-----END ENCRYPTED PRIVATE KEY-----";
315 static const char beginprivkeyhdr[] = "-----BEGIN PRIVATE KEY-----";
316 static const char endprivkeyhdr[] = "-----END PRIVATE KEY-----";
317 static const char beginrsaprivkeyhdr[] = "-----BEGIN RSA PRIVATE KEY-----";
318 static const char endrsaprivkeyhdr[] = "-----END RSA PRIVATE KEY-----";
319 static const char fopenrmode[] = "r";
320 static const char fopenrbmode[] = "rb";
321
322
323 /* The rest of character literals in this module are in EBCDIC. */
324 #pragma convert(37)
325
326 #include <qusec.h>
327 #include <qc3prng.h>
328 #include <qc3dtaen.h>
329 #include <qc3dtade.h>
330 #include <qc3ctx.h>
331 #include <qc3hash.h>
332 #include <qc3hmac.h>
333 #include <qc3pbext.h>
334 #include <qc3sigvr.h>
335 #include <qc3sigcl.h>
336 #include <qc3pbext.h>
337 #include <qc3dh.h>
338
339 static Qc3_Format_KEYD0100_T nulltoken = {""};
340
341 static int zero = 0;
342 static int rsaprivate[] = { Qc3_RSA_Private };
343 static char anycsp[] = { Qc3_Any_CSP };
344 static char binstring[] = { Qc3_Bin_String };
345 static char berstring[] = { Qc3_BER_String };
346 static char qc3clear[] = { Qc3_Clear };
347
348 static const Qus_EC_t ecnull = {0}; /* Error causes an exception. */
349
350 static asn1Element lastbytebitcount = {
351 (char *) &zero, NULL, (char *) &zero + 1
352 };
353
354
355 /*******************************************************************
356 *
357 * OS/400 QC3 crypto-library backend: ASN.1 support.
358 *
359 *******************************************************************/
360
361 static char *
getASN1Element(asn1Element * elem,char * beg,char * end)362 getASN1Element(asn1Element *elem, char *beg, char *end)
363 {
364 unsigned char b;
365 unsigned long len;
366 asn1Element lelem;
367
368 /* Get a single ASN.1 element into `elem', parse ASN.1 string at `beg'
369 * ending at `end'.
370 * Returns a pointer in source string after the parsed element, or NULL
371 * if an error occurs.
372 */
373
374 if(beg >= end || !*beg)
375 return NULL;
376
377 /* Process header byte. */
378 elem->header = beg;
379 b = (unsigned char) *beg++;
380 elem->constructed = (b & 0x20) != 0;
381 elem->class = (b >> 6) & 3;
382 b &= 0x1F;
383 if(b == 0x1F)
384 return NULL; /* Long tag values not supported here. */
385 elem->tag = b;
386
387 /* Process length. */
388 if(beg >= end)
389 return NULL;
390 b = (unsigned char) *beg++;
391 if(!(b & 0x80))
392 len = b;
393 else if(!(b &= 0x7F)) {
394 /* Unspecified length. Since we have all the data, we can determine the
395 * effective length by skipping element until an end element is
396 * found.
397 */
398 if(!elem->constructed)
399 return NULL;
400 elem->beg = beg;
401 while(beg < end && *beg) {
402 beg = getASN1Element(&lelem, beg, end);
403 if(!beg)
404 return NULL;
405 }
406 if(beg >= end)
407 return NULL;
408 elem->end = beg;
409 return beg + 1;
410 }
411 else if(beg + b > end)
412 return NULL; /* Does not fit in source. */
413 else {
414 /* Get long length. */
415 len = 0;
416 do {
417 if(len & 0xFF000000L)
418 return NULL; /* Lengths > 32 bits are not supported. */
419 len = (len << 8) | (unsigned char) *beg++;
420 } while(--b);
421 }
422 if((unsigned long) (end - beg) < len)
423 return NULL; /* Element data does not fit in source. */
424 elem->beg = beg;
425 elem->end = beg + len;
426 return elem->end;
427 }
428
429 static asn1Element *
asn1_new(unsigned int type,unsigned int length)430 asn1_new(unsigned int type, unsigned int length)
431 {
432 asn1Element *e;
433 unsigned int hdrl = 2;
434 unsigned int i;
435 unsigned char *buf;
436
437 e = (asn1Element *) malloc(sizeof *e);
438
439 if(e) {
440 if(length >= 0x80)
441 for(i = length; i; i >>= 8)
442 hdrl++;
443
444 buf = (unsigned char *) malloc(hdrl + length);
445
446 if(buf) {
447 e->header = buf;
448 e->beg = buf + hdrl;
449 e->end = e->beg + length;
450 e->class = (type >> 6) & 0x03;
451 e->tag = type & 0x1F;
452 e->constructed = (type >> 5) & 0x01;
453 e->header[0] = type;
454
455 if(length < 0x80)
456 e->header[1] = length;
457 else {
458 e->header[1] = (hdrl - 2) | 0x80;
459 do {
460 e->header[--hdrl] = length;
461 length >>= 8;
462 } while(length);
463 }
464 }
465 else {
466 free((char *) e);
467 e = NULL;
468 }
469 }
470
471 return e;
472 }
473
474 static asn1Element *
asn1_new_from_bytes(const unsigned char * data,unsigned int length)475 asn1_new_from_bytes(const unsigned char *data, unsigned int length)
476 {
477 asn1Element *e;
478 asn1Element te;
479
480 getASN1Element(&te,
481 (unsigned char *) data, (unsigned char *) data + length);
482 e = asn1_new(te.tag, te.end - te.beg);
483
484 if(e)
485 memcpy(e->header, data, e->end - e->header);
486
487 return e;
488 }
489
490 static void
asn1delete(asn1Element * e)491 asn1delete(asn1Element *e)
492 {
493 if(e) {
494 if(e->header)
495 free((char *) e->header);
496 free((char *) e);
497 }
498 }
499
500 static asn1Element *
asn1uint(_libssh2_bn * bn)501 asn1uint(_libssh2_bn *bn)
502 {
503 asn1Element *e;
504 int bits;
505 int length;
506 unsigned char *p;
507
508 if(!bn)
509 return NULL;
510
511 bits = _libssh2_bn_bits(bn);
512 length = (bits + 8) >> 3;
513 e = asn1_new(ASN1_INTEGER, length);
514
515 if(e) {
516 p = e->beg;
517 if(!(bits & 0x07))
518 *p++ = 0;
519 _libssh2_bn_to_bin(bn, p);
520 }
521
522 return e;
523 }
524
525 static asn1Element *
asn1containerv(unsigned int type,valiststr args)526 asn1containerv(unsigned int type, valiststr args)
527 {
528 valiststr va;
529 asn1Element *e;
530 asn1Element *p;
531 unsigned char *bp;
532 unsigned int length = 0;
533
534 memcpy((char *) &va, (char *) &args, sizeof args);
535 while((p = va_arg(va.list, asn1Element *)))
536 length += p->end - p->header;
537 va_end(va.list);
538 e = asn1_new(type, length);
539 if(e) {
540 bp = e->beg;
541 while((p = va_arg(args.list, asn1Element *))) {
542 memcpy(bp, p->header, p->end - p->header);
543 bp += p->end - p->header;
544 }
545 }
546 return e;
547 }
548
549 /* VARARGS1 */
550 static asn1Element *
asn1container(unsigned int type,...)551 asn1container(unsigned int type, ...)
552 {
553 valiststr va;
554 asn1Element *e;
555
556 va_start(va.list, type);
557 e = asn1containerv(type, va);
558 va_end(va.list);
559 return e;
560 }
561
562 static asn1Element *
asn1bytes(unsigned int type,const unsigned char * bytes,unsigned int length)563 asn1bytes(unsigned int type, const unsigned char *bytes, unsigned int length)
564 {
565 asn1Element *e;
566
567 e = asn1_new(type, length);
568 if(e && length)
569 memcpy(e->beg, bytes, length);
570 return e;
571 }
572
573 static asn1Element *
rsapublickey(_libssh2_bn * e,_libssh2_bn * m)574 rsapublickey(_libssh2_bn *e, _libssh2_bn *m)
575 {
576 asn1Element *publicexponent;
577 asn1Element *modulus;
578 asn1Element *rsapubkey;
579
580 /* Build a PKCS#1 RSAPublicKey. */
581
582 modulus = asn1uint(m);
583 publicexponent = asn1uint(e);
584 rsapubkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
585 modulus, publicexponent, NULL);
586 asn1delete(modulus);
587 asn1delete(publicexponent);
588
589 if(!modulus || !publicexponent) {
590 asn1delete(rsapubkey);
591 rsapubkey = NULL;
592 }
593
594 return rsapubkey;
595 }
596
597 static asn1Element *
rsaprivatekey(_libssh2_bn * e,_libssh2_bn * m,_libssh2_bn * d,_libssh2_bn * p,_libssh2_bn * q,_libssh2_bn * exp1,_libssh2_bn * exp2,_libssh2_bn * coeff)598 rsaprivatekey(_libssh2_bn *e, _libssh2_bn *m, _libssh2_bn *d,
599 _libssh2_bn *p, _libssh2_bn *q,
600 _libssh2_bn *exp1, _libssh2_bn *exp2, _libssh2_bn *coeff)
601 {
602 asn1Element *version;
603 asn1Element *modulus;
604 asn1Element *publicexponent;
605 asn1Element *privateexponent;
606 asn1Element *prime1;
607 asn1Element *prime2;
608 asn1Element *exponent1;
609 asn1Element *exponent2;
610 asn1Element *coefficient;
611 asn1Element *rsaprivkey;
612
613 /* Build a PKCS#1 RSAPrivateKey. */
614 version = asn1bytes(ASN1_INTEGER, "\0", 1);
615 modulus = asn1uint(m);
616 publicexponent = asn1uint(e);
617 privateexponent = asn1uint(d);
618 prime1 = asn1uint(p);
619 prime2 = asn1uint(q);
620 exponent1 = asn1uint(exp1);
621 exponent2 = asn1uint(exp2);
622 coefficient = asn1uint(coeff);
623 rsaprivkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version, modulus,
624 publicexponent, privateexponent, prime1, prime2,
625 exponent1, exponent2, coefficient, NULL);
626 asn1delete(version);
627 asn1delete(modulus);
628 asn1delete(publicexponent);
629 asn1delete(privateexponent);
630 asn1delete(prime1);
631 asn1delete(prime2);
632 asn1delete(exponent1);
633 asn1delete(exponent2);
634 asn1delete(coefficient);
635
636 if(!version || !modulus || !publicexponent || !privateexponent ||
637 !prime1 || !prime2 || !exponent1 || !exponent2 || !coefficient) {
638 asn1delete(rsaprivkey);
639 rsaprivkey = NULL;
640 }
641
642 return rsaprivkey;
643 }
644
645 static asn1Element *
subjectpublickeyinfo(asn1Element * pubkey,const unsigned char * algo,asn1Element * parameters)646 subjectpublickeyinfo(asn1Element *pubkey, const unsigned char *algo,
647 asn1Element *parameters)
648 {
649 asn1Element *subjpubkey;
650 asn1Element *algorithm;
651 asn1Element *algorithmid;
652 asn1Element *subjpubkeyinfo;
653 unsigned int algosize = *algo++;
654
655 algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize);
656 algorithmid = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
657 algorithm, parameters, NULL);
658 subjpubkey = asn1container(ASN1_BIT_STRING, &lastbytebitcount,
659 pubkey, NULL);
660 subjpubkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
661 algorithmid, subjpubkey, NULL);
662 asn1delete(algorithm);
663 asn1delete(algorithmid);
664 asn1delete(subjpubkey);
665 if(!algorithm || !algorithmid || !subjpubkey) {
666 asn1delete(subjpubkeyinfo);
667 subjpubkeyinfo = NULL;
668 }
669 return subjpubkeyinfo;
670 }
671
672 static asn1Element *
rsasubjectpublickeyinfo(asn1Element * pubkey)673 rsasubjectpublickeyinfo(asn1Element *pubkey)
674 {
675 asn1Element *parameters;
676 asn1Element *subjpubkeyinfo;
677
678 parameters = asn1bytes(ASN1_NULL, NULL, 0);
679 subjpubkeyinfo = subjectpublickeyinfo(pubkey,
680 OID_rsaEncryption, parameters);
681 asn1delete(parameters);
682 if(!parameters) {
683 asn1delete(subjpubkeyinfo);
684 subjpubkeyinfo = NULL;
685 }
686 return subjpubkeyinfo;
687 }
688
689 static asn1Element *
privatekeyinfo(asn1Element * privkey,const unsigned char * algo,asn1Element * parameters)690 privatekeyinfo(asn1Element *privkey, const unsigned char *algo,
691 asn1Element *parameters)
692 {
693 asn1Element *version;
694 asn1Element *privatekey;
695 asn1Element *algorithm;
696 asn1Element *privatekeyalgorithm;
697 asn1Element *privkeyinfo;
698 unsigned int algosize = *algo++;
699
700 /* Build a PKCS#8 PrivateKeyInfo. */
701 version = asn1bytes(ASN1_INTEGER, "\0", 1);
702 algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize);
703 privatekeyalgorithm = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
704 algorithm, parameters, NULL);
705 privatekey = asn1container(ASN1_OCTET_STRING, privkey, NULL);
706 privkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version,
707 privatekeyalgorithm, privatekey, NULL);
708 asn1delete(version);
709 asn1delete(algorithm);
710 asn1delete(privatekeyalgorithm);
711 if(!version || !algorithm || !privatekeyalgorithm) {
712 asn1delete(privkeyinfo);
713 privkeyinfo = NULL;
714 }
715 return privkeyinfo;
716 }
717
718 static asn1Element *
rsaprivatekeyinfo(asn1Element * privkey)719 rsaprivatekeyinfo(asn1Element *privkey)
720 {
721 asn1Element *parameters;
722 asn1Element *privkeyinfo;
723
724 parameters = asn1bytes(ASN1_NULL, NULL, 0);
725 privkeyinfo = privatekeyinfo(privkey, OID_rsaEncryption, parameters);
726 asn1delete(parameters);
727 if(!parameters) {
728 asn1delete(privkeyinfo);
729 privkeyinfo = NULL;
730 }
731 return privkeyinfo;
732 }
733
734 /*******************************************************************
735 *
736 * OS/400 QC3 crypto-library backend: big numbers support.
737 *
738 *******************************************************************/
739
740
741 _libssh2_bn *
_libssh2_bn_init(void)742 _libssh2_bn_init(void)
743 {
744 _libssh2_bn *bignum;
745
746 bignum = (_libssh2_bn *) malloc(sizeof *bignum);
747 if(bignum) {
748 bignum->bignum = NULL;
749 bignum->length = 0;
750 }
751
752 return bignum;
753 }
754
755 void
_libssh2_bn_free(_libssh2_bn * bn)756 _libssh2_bn_free(_libssh2_bn *bn)
757 {
758 if(bn) {
759 if(bn->bignum) {
760 #ifdef LIBSSH2_CLEAR_MEMORY
761 if(bn->length)
762 memset((char *) bn->bignum, 0, bn->length);
763 #endif
764 free(bn->bignum);
765 }
766
767 free((char *) bn);
768 }
769 }
770
771 static int
_libssh2_bn_resize(_libssh2_bn * bn,size_t newlen)772 _libssh2_bn_resize(_libssh2_bn *bn, size_t newlen)
773 {
774 unsigned char *bignum;
775
776 if(!bn)
777 return -1;
778 if(newlen == bn->length)
779 return 0;
780
781 if(!bn->bignum)
782 bignum = (unsigned char *) malloc(newlen);
783 else {
784 #ifdef LIBSSH2_CLEAR_MEMORY
785 if(newlen < bn->length)
786 memset((char *) bn->bignum + newlen, 0, bn->length - newlen);
787 #endif
788 if(!newlen) {
789 free((char *) bn->bignum);
790 bn->bignum = NULL;
791 bn->length = 0;
792 return 0;
793 }
794 bignum = (unsigned char *) realloc((char *) bn->bignum, newlen);
795 }
796
797 if(!bignum)
798 return -1;
799
800 if(newlen > bn->length)
801 memset((char *) bignum + bn->length, 0, newlen - bn->length);
802
803 bn->bignum = bignum;
804 bn->length = newlen;
805 return 0;
806 }
807
808 unsigned long
_libssh2_bn_bits(_libssh2_bn * bn)809 _libssh2_bn_bits(_libssh2_bn *bn)
810 {
811 unsigned int i;
812 unsigned char b;
813
814 if(bn && bn->bignum) {
815 for(i = bn->length; i--;)
816 b = bn->bignum[i];
817 if(b) {
818 i *= 8;
819 do {
820 i++;
821 } while(b >>= 1);
822 return i;
823 }
824 }
825
826 return 0;
827 }
828
829 int
_libssh2_bn_from_bin(_libssh2_bn * bn,int len,const unsigned char * val)830 _libssh2_bn_from_bin(_libssh2_bn *bn, int len, const unsigned char *val)
831 {
832 int i;
833
834 if(!bn || (len && !val))
835 return -1;
836
837 for(; len && !*val; len--)
838 val++;
839
840 if(_libssh2_bn_resize(bn, len))
841 return -1;
842
843 for(i = len; i--;)
844 bn->bignum[i] = *val++;
845
846 return 0;
847 }
848
849 int
_libssh2_bn_set_word(_libssh2_bn * bn,unsigned long val)850 _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val)
851 {
852 val = htonl(val);
853 return _libssh2_bn_from_bin(bn, sizeof val, (unsigned char *) &val);
854 }
855
856 int
_libssh2_bn_to_bin(_libssh2_bn * bn,unsigned char * val)857 _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val)
858 {
859 int i;
860
861 if(!bn || !val)
862 return -1;
863
864 for(i = bn->length; i--;)
865 *val++ = bn->bignum[i];
866
867 return 0;
868 }
869
870 static int
_libssh2_bn_from_bn(_libssh2_bn * to,_libssh2_bn * from)871 _libssh2_bn_from_bn(_libssh2_bn *to, _libssh2_bn *from)
872 {
873 int i;
874
875 if(!to || !from)
876 return -1;
877
878 if(_libssh2_bn_resize(to, from->length))
879 return -1;
880
881 for(i = to->length; i--;)
882 to->bignum[i] = from->bignum[i];
883
884 return 0;
885 }
886
887 void
_libssh2_random(unsigned char * buf,int len)888 _libssh2_random(unsigned char *buf, int len)
889 {
890 Qc3GenPRNs(buf, len,
891 Qc3PRN_TYPE_NORMAL, Qc3PRN_NO_PARITY, (char *) &ecnull);
892 }
893
894
895 /*******************************************************************
896 *
897 * OS/400 QC3 crypto-library backend: crypto context support.
898 *
899 *******************************************************************/
900
901 static _libssh2_os400qc3_crypto_ctx *
libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx * ctx)902 libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx *ctx)
903 {
904 if(!ctx)
905 ctx = (_libssh2_os400qc3_crypto_ctx *) malloc(sizeof *ctx);
906
907 if(ctx) {
908 memset((char *) ctx, 0, sizeof *ctx);
909 ctx->hash.Final_Op_Flag = Qc3_Continue;
910 }
911
912 return ctx;
913 }
914
915 static int
null_token(const char * token)916 null_token(const char *token)
917 {
918 return !memcmp(token, nulltoken.Key_Context_Token,
919 sizeof nulltoken.Key_Context_Token);
920 }
921
922 void
_libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx * x)923 _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x)
924 {
925 if(!x)
926 return;
927 if(!null_token(x->hash.Alg_Context_Token)) {
928 Qc3DestroyAlgorithmContext(x->hash.Alg_Context_Token,
929 (char *) &ecnull);
930 memset(x->hash.Alg_Context_Token, 0, sizeof x->hash.Alg_Context_Token);
931 }
932 if(!null_token(x->key.Key_Context_Token)) {
933 Qc3DestroyKeyContext(x->key.Key_Context_Token, (char *) &ecnull);
934 memset(x->key.Key_Context_Token, 0, sizeof x->key.Key_Context_Token);
935 }
936 if(x->kek) {
937 _libssh2_os400qc3_crypto_dtor(x->kek);
938 free((char *) x->kek);
939 x->kek = NULL;
940 }
941 }
942
943 /*******************************************************************
944 *
945 * OS/400 QC3 crypto-library backend: hash algorithms support.
946 *
947 *******************************************************************/
948
949 int
libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T * x,unsigned int algorithm)950 libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm)
951 {
952 Qc3_Format_ALGD0500_T algd;
953 Qus_EC_t errcode;
954
955 if(!x)
956 return 0;
957
958 memset((char *) x, 0, sizeof *x);
959 x->Final_Op_Flag = Qc3_Continue;
960 algd.Hash_Alg = algorithm;
961 set_EC_length(errcode, sizeof errcode);
962 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Hash,
963 x->Alg_Context_Token, &errcode);
964 return errcode.Bytes_Available? 0: 1;
965 }
966
967 void
libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T * ctx,const unsigned char * data,int len)968 libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
969 const unsigned char *data, int len)
970 {
971 char dummy[64];
972
973 ctx->Final_Op_Flag = Qc3_Continue;
974 Qc3CalculateHash((char *) data, &len, Qc3_Data, (char *) ctx,
975 Qc3_Alg_Token, anycsp, NULL, dummy, (char *) &ecnull);
976 }
977
978 void
libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T * ctx,unsigned char * out)979 libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, unsigned char *out)
980 {
981 char data;
982
983 ctx->Final_Op_Flag = Qc3_Final;
984 Qc3CalculateHash(&data, &zero, Qc3_Data, (char *) ctx, Qc3_Alg_Token,
985 anycsp, NULL, (char *) out, (char *) &ecnull);
986 Qc3DestroyAlgorithmContext(ctx->Alg_Context_Token, (char *) &ecnull);
987 memset(ctx->Alg_Context_Token, 0, sizeof ctx->Alg_Context_Token);
988 }
989
990 int
libssh2_os400qc3_hash(const unsigned char * message,unsigned long len,unsigned char * out,unsigned int algo)991 libssh2_os400qc3_hash(const unsigned char *message, unsigned long len,
992 unsigned char *out, unsigned int algo)
993 {
994 Qc3_Format_ALGD0100_T ctx;
995
996 if(!libssh2_os400qc3_hash_init(&ctx, algo))
997 return 1;
998
999 libssh2_os400qc3_hash_update(&ctx, message, len);
1000 libssh2_os400qc3_hash_final(&ctx, out);
1001 return 0;
1002 }
1003
1004 void
libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx * ctx,int algo,size_t minkeylen,void * key,int keylen)1005 libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *ctx,
1006 int algo, size_t minkeylen, void *key, int keylen)
1007 {
1008 if(keylen < minkeylen) {
1009 char *lkey = alloca(minkeylen);
1010
1011 /* Pad key with zeroes if too short. */
1012 if(!lkey)
1013 return;
1014 memcpy(lkey, (char *) key, keylen);
1015 memset(lkey + keylen, 0, minkeylen - keylen);
1016 key = (void *) lkey;
1017 keylen = minkeylen;
1018 }
1019 libssh2_os400qc3_hash_init(&ctx->hash, algo);
1020 Qc3CreateKeyContext((char *) key, &keylen, binstring, &algo, qc3clear,
1021 NULL, NULL, ctx->key.Key_Context_Token,
1022 (char *) &ecnull);
1023 }
1024
1025 void
libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx * ctx,unsigned char * data,int len)1026 libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx,
1027 unsigned char *data, int len)
1028 {
1029 char dummy[64];
1030
1031 ctx->hash.Final_Op_Flag = Qc3_Continue;
1032 Qc3CalculateHMAC((char *) data, &len, Qc3_Data, (char *) &ctx->hash,
1033 Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token,
1034 anycsp, NULL, dummy, (char *) &ecnull);
1035 }
1036
1037 void
libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx * ctx,unsigned char * out)1038 libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx,
1039 unsigned char *out)
1040 {
1041 char data;
1042
1043 ctx->hash.Final_Op_Flag = Qc3_Final;
1044 Qc3CalculateHMAC((char *) data, &zero, Qc3_Data, (char *) &ctx->hash,
1045 Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token,
1046 anycsp, NULL, (char *) out, (char *) &ecnull);
1047 }
1048
1049
1050 /*******************************************************************
1051 *
1052 * OS/400 QC3 crypto-library backend: cipher algorithms support.
1053 *
1054 *******************************************************************/
1055
1056 int
_libssh2_cipher_init(_libssh2_cipher_ctx * h,_libssh2_cipher_type (algo),unsigned char * iv,unsigned char * secret,int encrypt)1057 _libssh2_cipher_init(_libssh2_cipher_ctx *h, _libssh2_cipher_type(algo),
1058 unsigned char *iv, unsigned char *secret, int encrypt)
1059 {
1060 Qc3_Format_ALGD0200_T algd;
1061 Qus_EC_t errcode;
1062
1063 (void) encrypt;
1064
1065 if(!h)
1066 return -1;
1067
1068 libssh2_init_crypto_ctx(h);
1069 algd.Block_Cipher_Alg = algo.algo;
1070 algd.Block_Length = algo.size;
1071 algd.Mode = algo.mode;
1072 algd.Pad_Option = Qc3_No_Pad;
1073 algd.Pad_Character = 0;
1074 algd.Reserved = 0;
1075 algd.MAC_Length = 0;
1076 algd.Effective_Key_Size = 0;
1077 memset(algd.Init_Vector, 0, sizeof algd.Init_Vector);
1078 if(algo.mode != Qc3_ECB && algo.size)
1079 memcpy(algd.Init_Vector, iv, algo.size);
1080 set_EC_length(errcode, sizeof errcode);
1081 Qc3CreateAlgorithmContext((char *) &algd, algo.fmt,
1082 h->hash.Alg_Context_Token, &errcode);
1083 if(errcode.Bytes_Available)
1084 return -1;
1085 Qc3CreateKeyContext((char *) secret, &algo.keylen, binstring,
1086 &algo.algo, qc3clear, NULL, NULL,
1087 h->key.Key_Context_Token, (char *) &errcode);
1088 if(errcode.Bytes_Available) {
1089 _libssh2_os400qc3_crypto_dtor(h);
1090 return -1;
1091 }
1092
1093 return 0;
1094 }
1095
1096 int
_libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,_libssh2_cipher_type (algo),int encrypt,unsigned char * block,size_t blocksize)1097 _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx,
1098 _libssh2_cipher_type(algo),
1099 int encrypt, unsigned char *block, size_t blocksize)
1100 {
1101 Qus_EC_t errcode;
1102 int outlen;
1103 int blksize = blocksize;
1104
1105 (void) algo;
1106
1107 set_EC_length(errcode, sizeof errcode);
1108 if(encrypt)
1109 Qc3EncryptData((char *) block, &blksize, Qc3_Data,
1110 ctx->hash.Alg_Context_Token, Qc3_Alg_Token,
1111 ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL,
1112 (char *) block, &blksize, &outlen, (char *) &errcode);
1113 else
1114 Qc3DecryptData((char *) block, &blksize,
1115 ctx->hash.Alg_Context_Token, Qc3_Alg_Token,
1116 ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL,
1117 (char *) block, &blksize, &outlen, (char *) &errcode);
1118
1119 return errcode.Bytes_Available? -1: 0;
1120 }
1121
1122
1123 /*******************************************************************
1124 *
1125 * OS/400 QC3 crypto-library backend: RSA support.
1126 *
1127 *******************************************************************/
1128
1129 int
_libssh2_rsa_new(libssh2_rsa_ctx ** rsa,const unsigned char * edata,unsigned long elen,const unsigned char * ndata,unsigned long nlen,const unsigned char * ddata,unsigned long dlen,const unsigned char * pdata,unsigned long plen,const unsigned char * qdata,unsigned long qlen,const unsigned char * e1data,unsigned long e1len,const unsigned char * e2data,unsigned long e2len,const unsigned char * coeffdata,unsigned long coefflen)1130 _libssh2_rsa_new(libssh2_rsa_ctx **rsa,
1131 const unsigned char *edata, unsigned long elen,
1132 const unsigned char *ndata, unsigned long nlen,
1133 const unsigned char *ddata, unsigned long dlen,
1134 const unsigned char *pdata, unsigned long plen,
1135 const unsigned char *qdata, unsigned long qlen,
1136 const unsigned char *e1data, unsigned long e1len,
1137 const unsigned char *e2data, unsigned long e2len,
1138 const unsigned char *coeffdata, unsigned long coefflen)
1139 {
1140 libssh2_rsa_ctx *ctx;
1141 _libssh2_bn *e = _libssh2_bn_init_from_bin();
1142 _libssh2_bn *n = _libssh2_bn_init_from_bin();
1143 _libssh2_bn *d = NULL;
1144 _libssh2_bn *p = NULL;
1145 _libssh2_bn *q = NULL;
1146 _libssh2_bn *e1 = NULL;
1147 _libssh2_bn *e2 = NULL;
1148 _libssh2_bn *coeff = NULL;
1149 asn1Element *key = NULL;
1150 asn1Element *structkey = NULL;
1151 Qc3_Format_ALGD0400_T algd;
1152 Qus_EC_t errcode;
1153 int keytype;
1154 int ret = 0;
1155 int i;
1156
1157 ctx = libssh2_init_crypto_ctx(NULL);
1158 if(!ctx)
1159 ret = -1;
1160 if(!ret) {
1161 _libssh2_bn_from_bin(e, elen, edata);
1162 _libssh2_bn_from_bin(n, nlen, ndata);
1163 if(!e || !n)
1164 ret = -1;
1165 }
1166 if(!ret && ddata) {
1167 /* Private key. */
1168 d = _libssh2_bn_init_from_bin();
1169 _libssh2_bn_from_bin(d, dlen, ddata);
1170 p = _libssh2_bn_init_from_bin();
1171 _libssh2_bn_from_bin(p, plen, pdata);
1172 q = _libssh2_bn_init_from_bin();
1173 _libssh2_bn_from_bin(q, qlen, qdata);
1174 e1 = _libssh2_bn_init_from_bin();
1175 _libssh2_bn_from_bin(e1, e1len, e1data);
1176 e2 = _libssh2_bn_init_from_bin();
1177 _libssh2_bn_from_bin(e2, e2len, e2data);
1178 coeff = _libssh2_bn_init_from_bin();
1179 _libssh2_bn_from_bin(coeff, coefflen, coeffdata);
1180 if(!d || !p || !q ||!e1 || !e2 || !coeff)
1181 ret = -1;
1182
1183 if(!ret) {
1184 /* Build a PKCS#8 private key. */
1185 key = rsaprivatekey(e, n, d, p, q, e1, e2, coeff);
1186 structkey = rsaprivatekeyinfo(key);
1187 }
1188 keytype = Qc3_RSA_Private;
1189 }
1190 else if(!ret) {
1191 key = rsapublickey(e, n);
1192 structkey = rsasubjectpublickeyinfo(key);
1193 keytype = Qc3_RSA_Public;
1194 }
1195 if(!key || !structkey)
1196 ret = -1;
1197
1198 set_EC_length(errcode, sizeof errcode);
1199
1200 if(!ret) {
1201 /* Create the algorithm context. */
1202 algd.Public_Key_Alg = Qc3_RSA;
1203 algd.PKA_Block_Format = Qc3_PKCS1_01;
1204 memset(algd.Reserved, 0, sizeof algd.Reserved);
1205 algd.Signing_Hash_Alg = Qc3_SHA1;
1206 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
1207 ctx->hash.Alg_Context_Token, &errcode);
1208 if(errcode.Bytes_Available)
1209 ret = -1;
1210 ctx->hash.Final_Op_Flag = Qc3_Continue;
1211 }
1212
1213 /* Create the key context. */
1214 if(!ret) {
1215 i = structkey->end - structkey->header;
1216 Qc3CreateKeyContext(structkey->header, &i, berstring, &keytype,
1217 qc3clear, NULL, NULL, ctx->key.Key_Context_Token,
1218 (char *) &errcode);
1219 if(errcode.Bytes_Available)
1220 ret = -1;
1221 }
1222
1223 _libssh2_bn_free(e);
1224 _libssh2_bn_free(n);
1225 _libssh2_bn_free(d);
1226 _libssh2_bn_free(p);
1227 _libssh2_bn_free(q);
1228 _libssh2_bn_free(e1);
1229 _libssh2_bn_free(e2);
1230 _libssh2_bn_free(coeff);
1231 asn1delete(key);
1232 asn1delete(structkey);
1233 if(ret && ctx) {
1234 _libssh2_rsa_free(ctx);
1235 ctx = NULL;
1236 }
1237 *rsa = ctx;
1238 return ret;
1239 }
1240
1241
1242 /*******************************************************************
1243 *
1244 * OS/400 QC3 crypto-library backend: Diffie-Hellman support.
1245 *
1246 *******************************************************************/
1247
1248 void
_libssh2_os400qc3_dh_init(_libssh2_dh_ctx * dhctx)1249 _libssh2_os400qc3_dh_init(_libssh2_dh_ctx *dhctx)
1250 {
1251 memset((char *) dhctx, 0, sizeof *dhctx);
1252 }
1253
1254 int
_libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx * dhctx,_libssh2_bn * public,_libssh2_bn * g,_libssh2_bn * p,int group_order)1255 _libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public,
1256 _libssh2_bn *g, _libssh2_bn *p, int group_order)
1257 {
1258 asn1Element *prime;
1259 asn1Element *base;
1260 asn1Element *dhparameter;
1261 asn1Element *dhkeyagreement;
1262 asn1Element *pkcs3;
1263 int pkcs3len;
1264 char *pubkey;
1265 int pubkeysize;
1266 int pubkeylen;
1267 Qus_EC_t errcode;
1268
1269 (void) group_order;
1270
1271 /* Build the PKCS#3 structure. */
1272
1273 base = asn1uint(g);
1274 prime = asn1uint(p);
1275 dhparameter = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
1276 prime, base, NULL);
1277 asn1delete(base);
1278 asn1delete(prime);
1279 dhkeyagreement = asn1bytes(ASN1_OBJ_ID,
1280 OID_dhKeyAgreement + 1, OID_dhKeyAgreement[0]);
1281 pkcs3 = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
1282 dhkeyagreement, dhparameter, NULL);
1283 asn1delete(dhkeyagreement);
1284 asn1delete(dhparameter);
1285 if(!base || !prime || !dhparameter ||
1286 !dhkeyagreement || !dhparameter || !pkcs3) {
1287 asn1delete(pkcs3);
1288 return -1;
1289 }
1290 pkcs3len = pkcs3->end - pkcs3->header;
1291 pubkeysize = (_libssh2_bn_bits(p) + 7) >> 3;
1292 pubkey = alloca(pubkeysize);
1293 set_EC_length(errcode, sizeof errcode);
1294 Qc3GenDHKeyPair((char *) pkcs3->header, &pkcs3len, anycsp, NULL,
1295 dhctx->token, pubkey, &pubkeysize, &pubkeylen, &errcode);
1296 asn1delete(pkcs3);
1297 if(errcode.Bytes_Available)
1298 return -1;
1299 return _libssh2_bn_from_bin(public, pubkeylen, (unsigned char *) pubkey);
1300 }
1301
1302 int
_libssh2_os400qc3_dh_secret(_libssh2_dh_ctx * dhctx,_libssh2_bn * secret,_libssh2_bn * f,_libssh2_bn * p)1303 _libssh2_os400qc3_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret,
1304 _libssh2_bn *f, _libssh2_bn *p)
1305 {
1306 char *pubkey;
1307 int pubkeysize;
1308 char *secretbuf;
1309 int secretbufsize;
1310 int secretbuflen;
1311 Qus_EC_t errcode;
1312
1313 pubkeysize = (_libssh2_bn_bits(f) + 7) >> 3;
1314 pubkey = alloca(pubkeysize);
1315 _libssh2_bn_to_bin(f, pubkey);
1316 secretbufsize = (_libssh2_bn_bits(p) + 7) >> 3;
1317 secretbuf = alloca(pubkeysize);
1318 set_EC_length(errcode, sizeof errcode);
1319 Qc3CalculateDHSecretKey(dhctx->token, pubkey, &pubkeysize,
1320 secretbuf, &secretbufsize, &secretbuflen,
1321 &errcode);
1322 if(errcode.Bytes_Available)
1323 return -1;
1324 return _libssh2_bn_from_bin(secret,
1325 secretbuflen, (unsigned char *) secretbuf);
1326 }
1327
1328 void
_libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx * dhctx)1329 _libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx *dhctx)
1330 {
1331 if(!null_token(dhctx->token)) {
1332 Qc3DestroyAlgorithmContext(dhctx->token, (char *) &ecnull);
1333 memset((char *) dhctx, 0, sizeof *dhctx);
1334 }
1335 }
1336
1337
1338 /*******************************************************************
1339 *
1340 * OS/400 QC3 crypto-library backend: PKCS#5 supplement.
1341 *
1342 *******************************************************************/
1343
1344 static int
oidcmp(const asn1Element * e,const unsigned char * oid)1345 oidcmp(const asn1Element *e, const unsigned char *oid)
1346 {
1347 int i = e->end - e->beg - *oid++;
1348
1349 if(*e->header != ASN1_OBJ_ID)
1350 return -2;
1351 if(!i)
1352 i = memcmp(e->beg, oid, oid[-1]);
1353 return i;
1354 }
1355
1356 static int
asn1getword(asn1Element * e,unsigned long * v)1357 asn1getword(asn1Element *e, unsigned long *v)
1358 {
1359 unsigned long a;
1360 const unsigned char *cp;
1361
1362 if(*e->header != ASN1_INTEGER)
1363 return -1;
1364 for(cp = e->beg; cp < e->end && !*cp; cp++)
1365 ;
1366 if(e->end - cp > sizeof a)
1367 return -1;
1368 for(a = 0; cp < e->end; cp++)
1369 a = (a << 8) | *cp;
1370 *v = a;
1371 return 0;
1372 }
1373
1374 static int
pbkdf1(LIBSSH2_SESSION * session,char ** dk,const unsigned char * passphrase,pkcs5params * pkcs5)1375 pbkdf1(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase,
1376 pkcs5params *pkcs5)
1377 {
1378 int i;
1379 Qc3_Format_ALGD0100_T hctx;
1380 int len = pkcs5->saltlen;
1381 char *data = (char *) pkcs5->salt;
1382
1383 *dk = NULL;
1384 if(pkcs5->dklen > pkcs5->hashlen)
1385 return -1;
1386
1387 /* Allocate the derived key buffer. */
1388 *dk = LIBSSH2_ALLOC(session, pkcs5->hashlen);
1389 if(!*dk)
1390 return -1;
1391
1392 /* Initial hash. */
1393 libssh2_os400qc3_hash_init(&hctx, pkcs5->hash);
1394 libssh2_os400qc3_hash_update(&hctx, passphrase, strlen(passphrase));
1395 hctx.Final_Op_Flag = Qc3_Final;
1396 Qc3CalculateHash((char *) pkcs5->salt, &len, Qc3_Data, (char *) &hctx,
1397 Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
1398
1399 /* Iterate. */
1400 len = pkcs5->hashlen;
1401 for(i = 1; i < pkcs5->itercount; i++)
1402 Qc3CalculateHash((char *) *dk, &len, Qc3_Data, (char *) &hctx,
1403 Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
1404
1405 /* Special stuff for PBES1: split derived key into 8-byte key and 8-byte
1406 initialization vector. */
1407 pkcs5->dklen = 8;
1408 pkcs5->ivlen = 8;
1409 pkcs5->iv = *dk + 8;
1410
1411 /* Clean-up and exit. */
1412 Qc3DestroyAlgorithmContext(hctx.Alg_Context_Token, (char *) &ecnull);
1413 return 0;
1414 }
1415
1416 static int
pbkdf2(LIBSSH2_SESSION * session,char ** dk,const unsigned char * passphrase,pkcs5params * pkcs5)1417 pbkdf2(LIBSSH2_SESSION *session, char **dk, const unsigned char *passphrase,
1418 pkcs5params *pkcs5)
1419 {
1420 size_t i;
1421 size_t k;
1422 int j;
1423 int l;
1424 uint32_t ni;
1425 unsigned long long t;
1426 char *mac;
1427 char *buf;
1428 _libssh2_os400qc3_crypto_ctx hctx;
1429
1430 *dk = NULL;
1431 t = ((unsigned long long) pkcs5->dklen + pkcs5->hashlen - 1) /
1432 pkcs5->hashlen;
1433 if(t > 0xFFFFFFFF)
1434 return -1;
1435 mac = alloca(pkcs5->hashlen);
1436 if(!mac)
1437 return -1;
1438
1439 /* Allocate the derived key buffer. */
1440 l = t;
1441 buf = LIBSSH2_ALLOC(session, l * pkcs5->hashlen);
1442 if(!buf)
1443 return -1;
1444 *dk = buf;
1445
1446 /* Create an HMAC context for our computations. */
1447 libssh2_os400qc3_hmac_init(&hctx, pkcs5->hash, pkcs5->hashlen,
1448 (void *) passphrase, strlen(passphrase));
1449
1450 /* Process each hLen-size blocks. */
1451 for(i = 1; i <= l; i++) {
1452 ni = htonl(i);
1453 libssh2_os400qc3_hmac_update(&hctx, pkcs5->salt, pkcs5->saltlen);
1454 libssh2_os400qc3_hmac_update(&hctx, (char *) &ni, sizeof ni);
1455 libssh2_os400qc3_hmac_final(&hctx, mac);
1456 memcpy(buf, mac, pkcs5->hashlen);
1457 for(j = 1; j < pkcs5->itercount; j++) {
1458 libssh2_os400qc3_hmac_update(&hctx, mac, pkcs5->hashlen);
1459 libssh2_os400qc3_hmac_final(&hctx, mac);
1460 for(k = 0; k < pkcs5->hashlen; k++)
1461 buf[k] ^= mac[k];
1462 }
1463 buf += pkcs5->hashlen;
1464 }
1465
1466 /* Computation done. Release HMAC context. */
1467 _libssh2_os400qc3_crypto_dtor(&hctx);
1468 return 0;
1469 }
1470
1471 static int
parse_pkcs5_algorithm(LIBSSH2_SESSION * session,pkcs5params * pkcs5,asn1Element * algid,pkcs5algo ** algotable)1472 parse_pkcs5_algorithm(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1473 asn1Element *algid, pkcs5algo **algotable)
1474 {
1475 asn1Element oid;
1476 asn1Element param;
1477 char *cp;
1478
1479 cp = getASN1Element(&oid, algid->beg, algid->end);
1480 if(!cp || *oid.header != ASN1_OBJ_ID)
1481 return -1;
1482 param.header = NULL;
1483 if(cp < algid->end)
1484 cp = getASN1Element(¶m, cp, algid->end);
1485 if(cp != algid->end)
1486 return -1;
1487 for(; *algotable; algotable++)
1488 if(!oidcmp(&oid, (*algotable)->oid))
1489 return (*(*algotable)->parse)(session, pkcs5, *algotable,
1490 param.header? ¶m: NULL);
1491 return -1;
1492 }
1493
1494 static int
parse_pbes2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1495 parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1496 pkcs5algo *algo, asn1Element *param)
1497 {
1498 asn1Element keyDerivationFunc;
1499 asn1Element encryptionScheme;
1500 char *cp;
1501
1502 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1503 return -1;
1504 cp = getASN1Element(&keyDerivationFunc, param->beg, param->end);
1505 if(!cp || *keyDerivationFunc.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1506 return -1;
1507 if(getASN1Element(&encryptionScheme, cp, param->end) != param->end ||
1508 *encryptionScheme.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1509 return -1;
1510 if(parse_pkcs5_algorithm(session, pkcs5, &encryptionScheme, pbes2enctable))
1511 return -1;
1512 if(parse_pkcs5_algorithm(session, pkcs5, &keyDerivationFunc, pbkdf2table))
1513 return -1;
1514 return 0;
1515 }
1516
1517 static int
parse_pbkdf2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1518 parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1519 pkcs5algo *algo, asn1Element *param)
1520 {
1521 asn1Element salt;
1522 asn1Element iterationCount;
1523 asn1Element keyLength;
1524 asn1Element prf;
1525 unsigned long itercount;
1526 char *cp;
1527
1528 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1529 return -1;
1530 cp = getASN1Element(&salt, param->beg, param->end);
1531 /* otherSource not supported. */
1532 if(!cp || *salt.header != ASN1_OCTET_STRING)
1533 return -1;
1534 cp = getASN1Element(&iterationCount, cp, param->end);
1535 if(!cp || *iterationCount.header != ASN1_INTEGER)
1536 return -1;
1537 keyLength.header = prf.header = NULL;
1538 if(cp < param->end) {
1539 cp = getASN1Element(&prf, cp, param->end);
1540 if(!cp)
1541 return -1;
1542 if(*prf.header == ASN1_INTEGER) {
1543 keyLength = prf;
1544 prf.header = NULL;
1545 if(cp < param->end)
1546 cp = getASN1Element(&prf, cp, param->end);
1547 }
1548 if(cp != param->end)
1549 return -1;
1550 }
1551 pkcs5->hash = algo->hash;
1552 pkcs5->hashlen = algo->hashlen;
1553 if(prf.header) {
1554 if(*prf.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1555 return -1;
1556 if(parse_pkcs5_algorithm(session, pkcs5, &prf, kdf2prftable))
1557 return -1;
1558 }
1559 pkcs5->saltlen = salt.end - salt.beg;
1560 pkcs5->salt = salt.beg;
1561 if(asn1getword(&iterationCount, &itercount) ||
1562 !itercount || itercount > 100000)
1563 return -1;
1564 pkcs5->itercount = itercount;
1565 pkcs5->kdf = pbkdf2;
1566 return 0;
1567 }
1568
1569 static int
parse_hmacWithSHA1(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1570 parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1571 pkcs5algo *algo, asn1Element *param)
1572 {
1573 if(!param || *param->header != ASN1_NULL)
1574 return -1;
1575 pkcs5->hash = algo->hash;
1576 pkcs5->hashlen = algo->hashlen;
1577 return 0;
1578 }
1579
1580 static int
parse_iv(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1581 parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1582 pkcs5algo *algo, asn1Element *param)
1583 {
1584 if(!param || *param->header != ASN1_OCTET_STRING ||
1585 param->end - param->beg != algo->ivlen)
1586 return -1;
1587 pkcs5->cipher = algo->cipher;
1588 pkcs5->blocksize = algo->blocksize;
1589 pkcs5->mode = algo->mode;
1590 pkcs5->padopt = algo->padopt;
1591 pkcs5->padchar = algo->padchar;
1592 pkcs5->dklen = algo->keylen;
1593 pkcs5->ivlen = algo->ivlen;
1594 pkcs5->iv = param->beg;
1595 return 0;
1596 }
1597
1598 static int
parse_rc2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1599 parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1600 pkcs5algo *algo, asn1Element *param)
1601 {
1602 asn1Element iv;
1603 unsigned long effkeysize;
1604 char *cp;
1605
1606 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1607 return -1;
1608 cp = getASN1Element(&iv, param->beg, param->end);
1609 if(!cp)
1610 return -1;
1611 effkeysize = algo->effkeysize;
1612 if(*iv.header == ASN1_INTEGER) {
1613 if(asn1getword(&iv, &effkeysize) || effkeysize > 1024)
1614 return -1;
1615
1616 cp = getASN1Element(&iv, cp, param->end);
1617 if(effkeysize < 256)
1618 switch(effkeysize) {
1619 case 160:
1620 effkeysize = 40;
1621 case 120:
1622 effkeysize = 64;
1623 case 58:
1624 effkeysize = 128;
1625 break;
1626 default:
1627 return -1;
1628 }
1629 }
1630 if(effkeysize > 1024 || cp != param->end ||
1631 *iv.header != ASN1_OCTET_STRING || iv.end - iv.beg != algo->ivlen)
1632 return -1;
1633 pkcs5->cipher = algo->cipher;
1634 pkcs5->blocksize = algo->blocksize;
1635 pkcs5->mode = algo->mode;
1636 pkcs5->padopt = algo->padopt;
1637 pkcs5->padchar = algo->padchar;
1638 pkcs5->ivlen = algo->ivlen;
1639 pkcs5->iv = iv.beg;
1640 pkcs5->effkeysize = effkeysize;
1641 pkcs5->dklen = (effkeysize + 8 - 1) / 8;
1642 return 0;
1643 }
1644
1645 static int
parse_pbes1(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1646 parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1647 pkcs5algo *algo, asn1Element *param)
1648 {
1649 asn1Element salt;
1650 asn1Element iterationCount;
1651 unsigned long itercount;
1652 char *cp;
1653
1654 if(!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1655 return -1;
1656
1657 cp = getASN1Element(&salt, param->beg, param->end);
1658 if(!cp || *salt.header != ASN1_OCTET_STRING ||
1659 salt.end - salt.beg != algo->saltlen)
1660 return -1;
1661 if(getASN1Element(&iterationCount, cp, param->end) != param->end ||
1662 *iterationCount.header != ASN1_INTEGER)
1663 return -1;
1664 if(asn1getword(&iterationCount, &itercount) ||
1665 !itercount || itercount > 100000)
1666 return -1;
1667 pkcs5->cipher = algo->cipher;
1668 pkcs5->blocksize = algo->blocksize;
1669 pkcs5->mode = algo->mode;
1670 pkcs5->padopt = algo->padopt;
1671 pkcs5->padchar = algo->padchar;
1672 pkcs5->hash = algo->hash;
1673 pkcs5->hashlen = algo->hashlen;
1674 pkcs5->dklen = 16;
1675 pkcs5->saltlen = algo->saltlen;
1676 pkcs5->effkeysize = algo->effkeysize;
1677 pkcs5->salt = salt.beg;
1678 pkcs5->kdf = pbkdf1;
1679 pkcs5->itercount = itercount;
1680 return 0;
1681 }
1682
1683 static int
pkcs8kek(LIBSSH2_SESSION * session,_libssh2_os400qc3_crypto_ctx ** ctx,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,asn1Element * privkeyinfo)1684 pkcs8kek(LIBSSH2_SESSION *session, _libssh2_os400qc3_crypto_ctx **ctx,
1685 const unsigned char *data, unsigned int datalen,
1686 const unsigned char *passphrase, asn1Element *privkeyinfo)
1687 {
1688 asn1Element encprivkeyinfo;
1689 asn1Element pkcs5alg;
1690 pkcs5params pkcs5;
1691 size_t pplen;
1692 char *cp;
1693 unsigned long t;
1694 int i;
1695 char *dk = NULL;
1696 Qc3_Format_ALGD0200_T algd;
1697 Qus_EC_t errcode;
1698
1699 /* Determine if the PKCS#8 data is encrypted and, if so, set-up a
1700 key encryption key and algorithm in context.
1701 Return 1 if encrypted, 0, if not, -1 if error. */
1702
1703 *ctx = NULL;
1704 privkeyinfo->beg = (char *) data;
1705 privkeyinfo->end = privkeyinfo->beg + datalen;
1706
1707 /* If no passphrase is given, it cannot be an encrypted key. */
1708 if(!passphrase || !*passphrase)
1709 return 0;
1710
1711 /* Parse PKCS#8 data, checking if ASN.1 format is PrivateKeyInfo or
1712 EncryptedPrivateKeyInfo. */
1713 if(getASN1Element(&encprivkeyinfo, privkeyinfo->beg, privkeyinfo->end) !=
1714 (char *) data + datalen ||
1715 *encprivkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1716 return -1;
1717 cp = getASN1Element(&pkcs5alg, encprivkeyinfo.beg, encprivkeyinfo.end);
1718 if(!cp)
1719 return -1;
1720
1721 switch(*pkcs5alg.header) {
1722 case ASN1_INTEGER: /* Version. */
1723 return 0; /* This is a PrivateKeyInfo --> not encrypted. */
1724 case ASN1_SEQ | ASN1_CONSTRUCTED: /* AlgorithIdentifier. */
1725 break; /* This is an EncryptedPrivateKeyInfo --> encrypted. */
1726 default:
1727 return -1; /* Unrecognized: error. */
1728 }
1729
1730 /* Get the encrypted key data. */
1731 if(getASN1Element(privkeyinfo, cp, encprivkeyinfo.end) !=
1732 encprivkeyinfo.end || *privkeyinfo->header != ASN1_OCTET_STRING)
1733 return -1;
1734
1735 /* PKCS#5: parse the PBES AlgorithmIdentifier and recursively get all
1736 encryption parameters. */
1737 memset((char *) &pkcs5, 0, sizeof pkcs5);
1738 if(parse_pkcs5_algorithm(session, &pkcs5, &pkcs5alg, pbestable))
1739 return -1;
1740
1741 /* Compute the derived key. */
1742 if((*pkcs5.kdf)(session, &dk, passphrase, &pkcs5))
1743 return -1;
1744
1745 /* Prepare the algorithm descriptor. */
1746 memset((char *) &algd, 0, sizeof algd);
1747 algd.Block_Cipher_Alg = pkcs5.cipher;
1748 algd.Block_Length = pkcs5.blocksize;
1749 algd.Mode = pkcs5.mode;
1750 algd.Pad_Option = pkcs5.padopt;
1751 algd.Pad_Character = pkcs5.padchar;
1752 algd.Effective_Key_Size = pkcs5.effkeysize;
1753 memcpy(algd.Init_Vector, pkcs5.iv, pkcs5.ivlen);
1754
1755 /* Create the key and algorithm context tokens. */
1756 *ctx = libssh2_init_crypto_ctx(NULL);
1757 if(!*ctx) {
1758 LIBSSH2_FREE(session, dk);
1759 return -1;
1760 }
1761 libssh2_init_crypto_ctx(*ctx);
1762 set_EC_length(errcode, sizeof errcode);
1763 Qc3CreateKeyContext(dk, &pkcs5.dklen, binstring, &algd.Block_Cipher_Alg,
1764 qc3clear, NULL, NULL, (*ctx)->key.Key_Context_Token,
1765 (char *) &errcode);
1766 LIBSSH2_FREE(session, dk);
1767 if(errcode.Bytes_Available) {
1768 free((char *) *ctx);
1769 *ctx = NULL;
1770 return -1;
1771 }
1772
1773 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Block_Cipher,
1774 (*ctx)->hash.Alg_Context_Token, &errcode);
1775 if(errcode.Bytes_Available) {
1776 Qc3DestroyKeyContext((*ctx)->key.Key_Context_Token, (char *) &ecnull);
1777 free((char *) *ctx);
1778 *ctx = NULL;
1779 return -1;
1780 }
1781 return 1; /* Tell it's encrypted. */
1782 }
1783
1784 static int
rsapkcs8privkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1785 rsapkcs8privkey(LIBSSH2_SESSION *session,
1786 const unsigned char *data, unsigned int datalen,
1787 const unsigned char *passphrase, void *loadkeydata)
1788 {
1789 libssh2_rsa_ctx *ctx = (libssh2_rsa_ctx *) loadkeydata;
1790 char keyform = Qc3_Clear;
1791 char *kek = NULL;
1792 char *kea = NULL;
1793 _libssh2_os400qc3_crypto_ctx *kekctx;
1794 asn1Element pki;
1795 int pkilen;
1796 Qus_EC_t errcode;
1797
1798 switch(pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) {
1799 case 1:
1800 keyform = Qc3_Encrypted;
1801 kek = kekctx->key.Key_Context_Token;
1802 kea = kekctx->hash.Alg_Context_Token;
1803 case 0:
1804 break;
1805 default:
1806 return -1;
1807 }
1808
1809 set_EC_length(errcode, sizeof errcode);
1810 pkilen = pki.end - pki.beg;
1811 Qc3CreateKeyContext((unsigned char *) pki.beg, &pkilen, berstring,
1812 rsaprivate, &keyform, kek, kea,
1813 ctx->key.Key_Context_Token, (char *) &errcode);
1814 if(errcode.Bytes_Available) {
1815 if(kekctx)
1816 _libssh2_os400qc3_crypto_dtor(kekctx);
1817 return -1;
1818 }
1819 ctx->kek = kekctx;
1820 return 0;
1821 }
1822
1823 static char *
storewithlength(char * p,const char * data,int length)1824 storewithlength(char *p, const char *data, int length)
1825 {
1826 _libssh2_htonu32(p, length);
1827 if(length)
1828 memcpy(p + 4, data, length);
1829 return p + 4 + length;
1830 }
1831
1832 static int
sshrsapubkey(LIBSSH2_SESSION * session,char ** sshpubkey,asn1Element * params,asn1Element * key,const char * method)1833 sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
1834 asn1Element *params, asn1Element *key, const char *method)
1835 {
1836 int methlen = strlen(method);
1837 asn1Element keyseq;
1838 asn1Element m;
1839 asn1Element e;
1840 int len;
1841 char *cp;
1842
1843 if(getASN1Element(&keyseq, key->beg + 1, key->end) != key->end ||
1844 *keyseq.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1845 return -1;
1846 if(!getASN1Element(&m, keyseq.beg, keyseq.end) ||
1847 *m.header != ASN1_INTEGER)
1848 return -1;
1849 if(getASN1Element(&e, m.end, keyseq.end) != keyseq.end ||
1850 *e.header != ASN1_INTEGER)
1851 return -1;
1852 len = 4 + methlen + 4 + (e.end - e.beg) + 4 + (m.end - m.beg);
1853 cp = LIBSSH2_ALLOC(session, len);
1854 if(!cp)
1855 return -1;
1856 *sshpubkey = cp;
1857 cp = storewithlength(cp, method, methlen);
1858 cp = storewithlength(cp, e.beg, e.end - e.beg);
1859 cp = storewithlength(cp, m.beg, m.end - m.beg);
1860 return len;
1861 }
1862
1863 static int
rsapkcs8pubkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1864 rsapkcs8pubkey(LIBSSH2_SESSION *session,
1865 const unsigned char *data, unsigned int datalen,
1866 const unsigned char *passphrase, void *loadkeydata)
1867 {
1868 loadpubkeydata *p = (loadpubkeydata *) loadkeydata;
1869 char *buf;
1870 int len;
1871 char *cp;
1872 int i;
1873 char keyform = Qc3_Clear;
1874 char *kek = NULL;
1875 char *kea = NULL;
1876 _libssh2_os400qc3_crypto_ctx *kekctx;
1877 asn1Element subjpubkeyinfo;
1878 asn1Element algorithmid;
1879 asn1Element algorithm;
1880 asn1Element subjpubkey;
1881 asn1Element parameters;
1882 asn1Element pki;
1883 int pkilen;
1884 Qus_EC_t errcode;
1885
1886 buf = alloca(datalen);
1887 if(!buf)
1888 return -1;
1889
1890 switch(pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) {
1891 case 1:
1892 keyform = Qc3_Encrypted;
1893 kek = kekctx->key.Key_Context_Token;
1894 kea = kekctx->hash.Alg_Context_Token;
1895 case 0:
1896 break;
1897 default:
1898 return -1;
1899 }
1900
1901 set_EC_length(errcode, sizeof errcode);
1902 pkilen = pki.end - pki.beg;
1903 Qc3ExtractPublicKey(pki.beg, &pkilen, berstring, &keyform,
1904 kek, kea, buf, (int *) &datalen, &len, &errcode);
1905 _libssh2_os400qc3_crypto_dtor(kekctx);
1906 if(errcode.Bytes_Available)
1907 return -1;
1908 /* Get the algorithm OID and key data from SubjectPublicKeyInfo. */
1909 if(getASN1Element(&subjpubkeyinfo, buf, buf + len) != buf + len ||
1910 *subjpubkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1911 return -1;
1912 cp = getASN1Element(&algorithmid, subjpubkeyinfo.beg, subjpubkeyinfo.end);
1913 if(!cp || *algorithmid.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1914 return -1;
1915 if(!getASN1Element(&algorithm, algorithmid.beg, algorithmid.end) ||
1916 *algorithm.header != ASN1_OBJ_ID)
1917 return -1;
1918 if(getASN1Element(&subjpubkey, cp, subjpubkeyinfo.end) !=
1919 subjpubkeyinfo.end || *subjpubkey.header != ASN1_BIT_STRING)
1920 return -1;
1921 /* Check for supported algorithm. */
1922 for(i = 0; pka[i].oid; i++)
1923 if(!oidcmp(&algorithm, pka[i].oid)) {
1924 len = (*pka[i].sshpubkey)(session, &p->data, &algorithmid,
1925 &subjpubkey, pka[i].method);
1926 if(len < 0)
1927 return -1;
1928 p->length = len;
1929 p->method = pka[i].method;
1930 return 0;
1931 }
1932 return -1; /* Algorithm not supported. */
1933 }
1934
1935 static int
pkcs1topkcs8(LIBSSH2_SESSION * session,const unsigned char ** data8,unsigned int * datalen8,const unsigned char * data1,unsigned int datalen1)1936 pkcs1topkcs8(LIBSSH2_SESSION *session,
1937 const unsigned char **data8, unsigned int *datalen8,
1938 const unsigned char *data1, unsigned int datalen1)
1939 {
1940 asn1Element *prvk;
1941 asn1Element *pkcs8;
1942 unsigned char *data;
1943
1944 *data8 = NULL;
1945 *datalen8 = 0;
1946 if(datalen1 < 2)
1947 return -1;
1948 prvk = asn1_new_from_bytes(data1, datalen1);
1949 if(!prvk)
1950 return -1;
1951 pkcs8 = rsaprivatekeyinfo(prvk);
1952 asn1delete(prvk);
1953 if(!prvk) {
1954 asn1delete(pkcs8);
1955 pkcs8 = NULL;
1956 }
1957 if(!pkcs8)
1958 return -1;
1959 data = (unsigned char *) LIBSSH2_ALLOC(session,
1960 pkcs8->end - pkcs8->header);
1961 if(!data) {
1962 asn1delete(pkcs8);
1963 return -1;
1964 }
1965 *data8 = data;
1966 *datalen8 = pkcs8->end - pkcs8->header;
1967 memcpy((char *) data, (char *) pkcs8->header, *datalen8);
1968 asn1delete(pkcs8);
1969 return 0;
1970 }
1971
1972 static int
rsapkcs1privkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1973 rsapkcs1privkey(LIBSSH2_SESSION *session,
1974 const unsigned char *data, unsigned int datalen,
1975 const unsigned char *passphrase, void *loadkeydata)
1976 {
1977 const unsigned char *data8;
1978 unsigned int datalen8;
1979 int ret;
1980
1981 if(pkcs1topkcs8(session, &data8, &datalen8, data, datalen))
1982 return -1;
1983 ret = rsapkcs8privkey(session, data8, datalen8, passphrase, loadkeydata);
1984 LIBSSH2_FREE(session, (char *) data8);
1985 return ret;
1986 }
1987
1988 static int
rsapkcs1pubkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1989 rsapkcs1pubkey(LIBSSH2_SESSION *session,
1990 const unsigned char *data, unsigned int datalen,
1991 const unsigned char *passphrase, void *loadkeydata)
1992 {
1993 const unsigned char *data8;
1994 unsigned int datalen8;
1995 int ret;
1996
1997 if(pkcs1topkcs8(session, &data8, &datalen8, data, datalen))
1998 return -1;
1999 ret = rsapkcs8pubkey(session, data8, datalen8, passphrase, loadkeydata);
2000 LIBSSH2_FREE(session, (char *) data8);
2001 return ret;
2002 }
2003
2004 static int
try_pem_load(LIBSSH2_SESSION * session,FILE * fp,const unsigned char * passphrase,const char * header,const char * trailer,loadkeyproc proc,void * loadkeydata)2005 try_pem_load(LIBSSH2_SESSION *session, FILE *fp,
2006 const unsigned char *passphrase,
2007 const char *header, const char *trailer,
2008 loadkeyproc proc, void *loadkeydata)
2009 {
2010 unsigned char *data = NULL;
2011 unsigned int datalen = 0;
2012 int c;
2013 int ret;
2014
2015 fseek(fp, 0L, SEEK_SET);
2016 for(;;) {
2017 ret = _libssh2_pem_parse(session, header, trailer,
2018 passphrase,
2019 fp, &data, &datalen);
2020
2021 if(!ret) {
2022 ret = (*proc)(session, data, datalen, passphrase, loadkeydata);
2023 if(!ret)
2024 return 0;
2025 }
2026
2027 if(data) {
2028 LIBSSH2_FREE(session, data);
2029 data = NULL;
2030 }
2031 c = getc(fp);
2032
2033 if(c == EOF)
2034 break;
2035
2036 ungetc(c, fp);
2037 }
2038
2039 return -1;
2040 }
2041
2042 static int
load_rsa_private_file(LIBSSH2_SESSION * session,const char * filename,unsigned const char * passphrase,loadkeyproc proc1,loadkeyproc proc8,void * loadkeydata)2043 load_rsa_private_file(LIBSSH2_SESSION *session, const char *filename,
2044 unsigned const char *passphrase,
2045 loadkeyproc proc1, loadkeyproc proc8, void *loadkeydata)
2046 {
2047 FILE *fp = fopen(filename, fopenrmode);
2048 unsigned char *data = NULL;
2049 size_t datalen = 0;
2050 int ret;
2051 long filesize;
2052
2053 if(!fp)
2054 return -1;
2055
2056 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2057 --> PKCS#8 EncryptedPrivateKeyInfo */
2058 ret = try_pem_load(session, fp, passphrase, beginencprivkeyhdr,
2059 endencprivkeyhdr, proc8, loadkeydata);
2060
2061 /* Try with "PRIVATE KEY" PEM armor.
2062 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2063 if(ret)
2064 ret = try_pem_load(session, fp, passphrase, beginprivkeyhdr,
2065 endprivkeyhdr, proc8, loadkeydata);
2066
2067 /* Try with "RSA PRIVATE KEY" PEM armor.
2068 --> PKCS#1 RSAPrivateKey */
2069 if(ret)
2070 ret = try_pem_load(session, fp, passphrase, beginrsaprivkeyhdr,
2071 endrsaprivkeyhdr, proc1, loadkeydata);
2072 fclose(fp);
2073
2074 if(ret) {
2075 /* Try DER encoding. */
2076 fp = fopen(filename, fopenrbmode);
2077 fseek(fp, 0L, SEEK_END);
2078 filesize = ftell(fp);
2079
2080 if(filesize <= 32768) { /* Limit to a reasonable size. */
2081 datalen = filesize;
2082 data = (unsigned char *) alloca(datalen);
2083 if(data) {
2084 fseek(fp, 0L, SEEK_SET);
2085 fread(data, datalen, 1, fp);
2086
2087 /* Try as PKCS#8 DER data.
2088 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2089 ret = (*proc8)(session, data, datalen, passphrase,
2090 loadkeydata);
2091
2092 /* Try as PKCS#1 DER data.
2093 --> PKCS#1 RSAPrivateKey */
2094 if(ret)
2095 ret = (*proc1)(session, data, datalen, passphrase,
2096 loadkeydata);
2097 }
2098 }
2099 fclose(fp);
2100 }
2101
2102 return ret;
2103 }
2104
2105 int
_libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,LIBSSH2_SESSION * session,const char * filename,unsigned const char * passphrase)2106 _libssh2_rsa_new_private(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session,
2107 const char *filename, unsigned const char *passphrase)
2108 {
2109 libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL);
2110 int ret;
2111 Qc3_Format_ALGD0400_T algd;
2112 Qus_EC_t errcode;
2113
2114 if(!ctx)
2115 return -1;
2116 ret = load_rsa_private_file(session, filename, passphrase,
2117 rsapkcs1privkey, rsapkcs8privkey,
2118 (void *) ctx);
2119 if(!ret) {
2120 /* Create the algorithm context. */
2121 algd.Public_Key_Alg = Qc3_RSA;
2122 algd.PKA_Block_Format = Qc3_PKCS1_01;
2123 memset(algd.Reserved, 0, sizeof algd.Reserved);
2124 algd.Signing_Hash_Alg = Qc3_SHA1;
2125 set_EC_length(errcode, sizeof errcode);
2126 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
2127 ctx->hash.Alg_Context_Token, &errcode);
2128 if(errcode.Bytes_Available)
2129 ret = -1;
2130 }
2131 if(ret) {
2132 _libssh2_os400qc3_crypto_dtor(ctx);
2133 ctx = NULL;
2134 }
2135 *rsa = ctx;
2136 return ret;
2137 }
2138
2139 int
_libssh2_pub_priv_keyfile(LIBSSH2_SESSION * session,unsigned char ** method,size_t * method_len,unsigned char ** pubkeydata,size_t * pubkeydata_len,const char * privatekey,const char * passphrase)2140 _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
2141 unsigned char **method, size_t *method_len,
2142 unsigned char **pubkeydata, size_t *pubkeydata_len,
2143 const char *privatekey, const char *passphrase)
2144
2145 {
2146 loadpubkeydata p;
2147 int ret;
2148
2149 *method = NULL;
2150 *method_len = 0;
2151 *pubkeydata = NULL;
2152 *pubkeydata_len = 0;
2153
2154 ret = load_rsa_private_file(session, privatekey, passphrase,
2155 rsapkcs1pubkey, rsapkcs8pubkey, (void *) &p);
2156 if(!ret) {
2157 *method_len = strlen(p.method);
2158 *method = LIBSSH2_ALLOC(session, *method_len);
2159 if(*method)
2160 memcpy((char *) *method, p.method, *method_len);
2161 else
2162 ret = -1;
2163 }
2164
2165 if(ret) {
2166 if(*method)
2167 LIBSSH2_FREE(session, *method);
2168 if(p.data)
2169 LIBSSH2_FREE(session, (void *) p.data);
2170 *method = NULL;
2171 *method_len = 0;
2172 }
2173 else {
2174 *pubkeydata = (unsigned char *) p.data;
2175 *pubkeydata_len = p.length;
2176 }
2177
2178 return ret;
2179 }
2180
2181 int
_libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa,LIBSSH2_SESSION * session,const char * filedata,size_t filedata_len,unsigned const char * passphrase)2182 _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
2183 LIBSSH2_SESSION *session,
2184 const char *filedata,
2185 size_t filedata_len,
2186 unsigned const char *passphrase)
2187 {
2188 libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL);
2189 unsigned char *data = NULL;
2190 unsigned int datalen = 0;
2191 int ret;
2192 Qc3_Format_ALGD0400_T algd;
2193 Qus_EC_t errcode;
2194
2195 if(!ctx)
2196 return -1;
2197
2198 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2199 --> PKCS#8 EncryptedPrivateKeyInfo */
2200 ret = _libssh2_pem_parse_memory(session,
2201 beginencprivkeyhdr, endencprivkeyhdr,
2202 filedata, filedata_len, &data, &datalen);
2203
2204 /* Try with "PRIVATE KEY" PEM armor.
2205 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2206 if(ret)
2207 ret = _libssh2_pem_parse_memory(session,
2208 beginprivkeyhdr, endprivkeyhdr,
2209 filedata, filedata_len,
2210 &data, &datalen);
2211
2212 if(!ret) {
2213 /* Process PKCS#8. */
2214 ret = rsapkcs8privkey(session,
2215 data, datalen, passphrase, (void *) &ctx);
2216 }
2217 else {
2218 /* Try with "RSA PRIVATE KEY" PEM armor.
2219 --> PKCS#1 RSAPrivateKey */
2220 ret = _libssh2_pem_parse_memory(session,
2221 beginrsaprivkeyhdr, endrsaprivkeyhdr,
2222 filedata, filedata_len,
2223 &data, &datalen);
2224 if(!ret)
2225 ret = rsapkcs1privkey(session,
2226 data, datalen, passphrase, (void *) &ctx);
2227 }
2228
2229 if(ret) {
2230 /* Try as PKCS#8 DER data.
2231 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2232 ret = rsapkcs8privkey(session, filedata, filedata_len,
2233 passphrase, (void *) &ctx);
2234
2235 /* Try as PKCS#1 DER data.
2236 --> PKCS#1 RSAPrivateKey */
2237 if(ret)
2238 ret = rsapkcs1privkey(session, filedata, filedata_len,
2239 passphrase, (void *) &ctx);
2240 }
2241
2242 if(data)
2243 LIBSSH2_FREE(session, data);
2244
2245 if(!ret) {
2246 /* Create the algorithm context. */
2247 algd.Public_Key_Alg = Qc3_RSA;
2248 algd.PKA_Block_Format = Qc3_PKCS1_01;
2249 memset(algd.Reserved, 0, sizeof algd.Reserved);
2250 algd.Signing_Hash_Alg = Qc3_SHA1;
2251 set_EC_length(errcode, sizeof errcode);
2252 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
2253 ctx->hash.Alg_Context_Token, &errcode);
2254 if(errcode.Bytes_Available)
2255 ret = -1;
2256 }
2257
2258 if(ret) {
2259 _libssh2_os400qc3_crypto_dtor(ctx);
2260 ctx = NULL;
2261 }
2262
2263 *rsa = ctx;
2264 return ret;
2265 }
2266
2267 int
_libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION * session,unsigned char ** method,size_t * method_len,unsigned char ** pubkeydata,size_t * pubkeydata_len,const char * privatekeydata,size_t privatekeydata_len,const char * passphrase)2268 _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
2269 unsigned char **method, size_t *method_len,
2270 unsigned char **pubkeydata,
2271 size_t *pubkeydata_len,
2272 const char *privatekeydata,
2273 size_t privatekeydata_len,
2274 const char *passphrase)
2275 {
2276 loadpubkeydata p;
2277 unsigned char *data = NULL;
2278 unsigned int datalen = 0;
2279 const char *meth;
2280 int ret;
2281
2282 *method = NULL;
2283 *method_len = 0;
2284 *pubkeydata = NULL;
2285 *pubkeydata_len = 0;
2286
2287 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2288 --> PKCS#8 EncryptedPrivateKeyInfo */
2289 ret = _libssh2_pem_parse_memory(session,
2290 beginencprivkeyhdr, endencprivkeyhdr,
2291 privatekeydata, privatekeydata_len,
2292 &data, &datalen);
2293
2294 /* Try with "PRIVATE KEY" PEM armor.
2295 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2296 if(ret)
2297 ret = _libssh2_pem_parse_memory(session,
2298 beginprivkeyhdr, endprivkeyhdr,
2299 privatekeydata, privatekeydata_len,
2300 &data, &datalen);
2301
2302 if(!ret) {
2303 /* Process PKCS#8. */
2304 ret = rsapkcs8pubkey(session,
2305 data, datalen, passphrase, (void *) &p);
2306 }
2307 else {
2308 /* Try with "RSA PRIVATE KEY" PEM armor.
2309 --> PKCS#1 RSAPrivateKey */
2310 ret = _libssh2_pem_parse_memory(session,
2311 beginrsaprivkeyhdr, endrsaprivkeyhdr,
2312 privatekeydata, privatekeydata_len,
2313 &data, &datalen);
2314 if(!ret)
2315 ret = rsapkcs1pubkey(session,
2316 data, datalen, passphrase, (void *) &p);
2317 }
2318
2319 if(ret) {
2320 /* Try as PKCS#8 DER data.
2321 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2322 ret = rsapkcs8pubkey(session, privatekeydata, privatekeydata_len,
2323 passphrase, (void *) &p);
2324
2325 /* Try as PKCS#1 DER data.
2326 --> PKCS#1 RSAPrivateKey */
2327 if(ret)
2328 ret = rsapkcs1pubkey(session, privatekeydata, privatekeydata_len,
2329 passphrase, (void *) &p);
2330 }
2331
2332 if(data)
2333 LIBSSH2_FREE(session, data);
2334
2335 if(!ret) {
2336 *method_len = strlen(p.method);
2337 *method = LIBSSH2_ALLOC(session, *method_len);
2338 if(*method)
2339 memcpy((char *) *method, p.method, *method_len);
2340 else
2341 ret = -1;
2342 }
2343 if(ret) {
2344 if(*method)
2345 LIBSSH2_FREE(session, *method);
2346 if(p.data)
2347 LIBSSH2_FREE(session, (void *) p.data);
2348 *method = NULL;
2349 *method_len = 0;
2350 }
2351 else {
2352 *pubkeydata = (unsigned char *) p.data;
2353 *pubkeydata_len = p.length;
2354 }
2355
2356 return ret;
2357 }
2358
2359 int
_libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,const unsigned char * sig,unsigned long sig_len,const unsigned char * m,unsigned long m_len)2360 _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
2361 const unsigned char *sig, unsigned long sig_len,
2362 const unsigned char *m, unsigned long m_len)
2363 {
2364 Qus_EC_t errcode;
2365 int slen = sig_len;
2366 int mlen = m_len;
2367
2368 set_EC_length(errcode, sizeof errcode);
2369 Qc3VerifySignature((char *) sig, &slen, (char *) m, &mlen, Qc3_Data,
2370 rsa->hash.Alg_Context_Token, Qc3_Alg_Token,
2371 rsa->key.Key_Context_Token, Qc3_Key_Token, anycsp,
2372 NULL, (char *) &errcode);
2373 return errcode.Bytes_Available? -1: 0;
2374 }
2375
2376 int
_libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION * session,unsigned char ** signature,size_t * signature_len,int veccount,const struct iovec vector[],libssh2_rsa_ctx * ctx)2377 _libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION *session,
2378 unsigned char **signature,
2379 size_t *signature_len,
2380 int veccount,
2381 const struct iovec vector[],
2382 libssh2_rsa_ctx *ctx)
2383 {
2384 Qus_EC_t errcode;
2385 int siglen;
2386 unsigned char *sig;
2387 char sigbuf[8192];
2388 int sigbufsize = sizeof sigbuf;
2389
2390 ctx->hash.Final_Op_Flag = Qc3_Final;
2391 set_EC_length(errcode, sizeof errcode);
2392 Qc3CalculateSignature((char *) vector, &veccount, Qc3_Array,
2393 (char *) &ctx->hash, Qc3_Alg_Token,
2394 (char *) &ctx->key, Qc3_Key_Token,
2395 anycsp, NULL, sigbuf, &sigbufsize, &siglen,
2396 (char *) &errcode);
2397 ctx->hash.Final_Op_Flag = Qc3_Continue;
2398 if(errcode.Bytes_Available)
2399 return -1;
2400 sig = LIBSSH2_ALLOC(session, siglen);
2401 if(!sig)
2402 return -1;
2403 memcpy((char *) sig, sigbuf, siglen);
2404 *signature = sig;
2405 *signature_len = siglen;
2406 return 0;
2407 }
2408
2409 #endif /* LIBSSH2_OS400QC3 */
2410
2411 /* vim: set expandtab ts=4 sw=4: */
2412