1 /*
2 * Copyright (C) 2015-2016 Patrick Monnerat, D+H <patrick.monnerat@dh.com>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms,
6 * with or without modification, are permitted provided
7 * that the following conditions are met:
8 *
9 * Redistributions of source code must retain the above
10 * copyright notice, this list of conditions and the
11 * following disclaimer.
12 *
13 * Redistributions in binary form must reproduce the above
14 * copyright notice, this list of conditions and the following
15 * disclaimer in the documentation and/or other materials
16 * provided with the distribution.
17 *
18 * Neither the name of the copyright holder nor the names
19 * of any other contributors may be used to endorse or
20 * promote products derived from this software without
21 * specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
24 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
25 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
28 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
29 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
30 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
31 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
33 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
35 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
36 * OF SUCH DAMAGE.
37 */
38
39 #include "libssh2_priv.h"
40
41 #ifdef LIBSSH2_OS400QC3 /* compile only if we build with OS/400 QC3 library */
42
43 #ifdef HAVE_STDLIB_H
44 #include <stdlib.h>
45 #endif
46
47 #include <stdio.h>
48 #include <stdarg.h>
49 #include <alloca.h>
50 #include <sys/uio.h>
51
52 #include <arpa/inet.h>
53
54
55 #ifdef OS400_DEBUG
56 /* In debug mode, all system library errors cause an exception. */
57 #define set_EC_length(ec, length) ((ec).Bytes_Provided = \
58 (ec).Bytes_Available = 0)
59 #else
60 #define set_EC_length(ec, length) ((ec).Bytes_Provided = (length))
61 #endif
62
63
64 /* Ensure va_list operations are not on an array. */
65 typedef struct {
66 va_list list;
67 } valiststr;
68
69
70 typedef int (*loadkeyproc)(LIBSSH2_SESSION *session,
71 const unsigned char *data, unsigned int datalen,
72 const unsigned char *passphrase, void *loadkeydata);
73
74 /* Public key extraction data. */
75 typedef struct {
76 const char * method;
77 const unsigned char * data;
78 unsigned int length;
79 } loadpubkeydata;
80
81
82 /* Support for ASN.1 elements. */
83
84 typedef struct {
85 char * header; /* Pointer to header byte. */
86 char * beg; /* Pointer to element data. */
87 char * end; /* Pointer to 1st byte after element. */
88 unsigned char class; /* ASN.1 element class. */
89 unsigned char tag; /* ASN.1 element tag. */
90 unsigned char constructed; /* Element is constructed. */
91 } asn1Element;
92
93 #define ASN1_INTEGER 2
94 #define ASN1_BIT_STRING 3
95 #define ASN1_OCTET_STRING 4
96 #define ASN1_NULL 5
97 #define ASN1_OBJ_ID 6
98 #define ASN1_SEQ 16
99
100 #define ASN1_CONSTRUCTED 0x20
101
102 /* rsaEncryption OID: 1.2.840.113549.1.1.1 */
103 static unsigned char OID_rsaEncryption[] =
104 {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 1, 1};
105 static int sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
106 asn1Element *params, asn1Element *key,
107 const char *method);
108
109 #if LIBSSH2_DSA != 0
110 /* dsaEncryption OID: 1.2.840.10040.4.1 */
111 static unsigned char OID_dsaEncryption[] =
112 {7, 40 + 2, 0x86, 0x48, 0xCE, 0x38, 4, 1};
113 static int sshdsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
114 asn1Element *params, asn1Element *key,
115 const char *method);
116 #endif
117
118 static unsigned char OID_dhKeyAgreement[] =
119 {9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 1, 3, 1};
120
121
122 /* PKCS#5 support. */
123
124 typedef struct pkcs5params pkcs5params;
125 struct pkcs5params {
126 int cipher; /* Encryption cipher. */
127 int blocksize; /* Cipher block size. */
128 char mode; /* Block encryption mode. */
129 char padopt; /* Pad option. */
130 char padchar; /* Pad character. */
131 int (*kdf)(LIBSSH2_SESSION *session, char **dk,
132 const unsigned char * passphrase, pkcs5params *pkcs5);
133 int hash; /* KDF hash algorithm. */
134 size_t hashlen; /* KDF hash digest length. */
135 char * salt; /* Salt. */
136 size_t saltlen; /* Salt length. */
137 char * iv; /* Initialization vector. */
138 size_t ivlen; /* Initialization vector length. */
139 int itercount; /* KDF iteration count. */
140 int dklen; /* Derived key length (#bytes). */
141 int effkeysize; /* RC2 effective key size (#bits) or 0. */
142 };
143
144 typedef struct pkcs5algo pkcs5algo;
145 struct pkcs5algo {
146 const unsigned char * oid;
147 int (*parse)(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
148 pkcs5algo *algo, asn1Element *param);
149 int cipher; /* Encryption cipher. */
150 size_t blocksize; /* Cipher block size. */
151 char mode; /* Block encryption mode. */
152 char padopt; /* Pad option. */
153 char padchar; /* Pad character. */
154 size_t keylen; /* Key length (#bytes). */
155 int hash; /* Hash algorithm. */
156 size_t hashlen; /* Hash digest length. */
157 size_t saltlen; /* Salt length. */
158 size_t ivlen; /* Initialisation vector length. */
159 int effkeysize; /* RC2 effective key size (#bits) or 0. */
160 };
161
162 /* id-PBES2 OID: 1.2.840.113549.1.5.13 */
163 static const unsigned char OID_id_PBES2[] = {
164 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0D
165 };
166 static int parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
167 pkcs5algo *algo, asn1Element *param);
168 static const pkcs5algo PBES2 = {
169 OID_id_PBES2, parse_pbes2, 0, 0, '\0', '\0', '\0', 0,
170 0, 0, 0, 0, 0
171 };
172
173 /* id-PBKDF2 OID: 1.2.840.113549.1.5.12 */
174 static const unsigned char OID_id_PBKDF2[] = {
175 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C
176 };
177 static int parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
178 pkcs5algo *algo, asn1Element *param);
179 static const pkcs5algo PBKDF2 = {
180 OID_id_PBKDF2, parse_pbkdf2, 0, 0, '\0', '\0', '\0',
181 SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0
182 };
183
184 /* id-hmacWithSHA1 OID: 1.2.840.113549.2.7 */
185 static const unsigned char OID_id_hmacWithSHA1[] = {
186 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x07
187 };
188 static int parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
189 pkcs5algo *algo, asn1Element *param);
190 static const pkcs5algo hmacWithSHA1 = {
191 OID_id_hmacWithSHA1, parse_hmacWithSHA1, 0, 0, '\0', '\0', '\0',
192 SHA_DIGEST_LENGTH, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 8, 0
193 };
194
195 /* desCBC OID: 1.3.14.3.2.7 */
196 static const unsigned char OID_desCBC[] = {5, 40 + 3, 0x0E, 0x03, 0x02, 0x07};
197 static int parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
198 pkcs5algo *algo, asn1Element *param);
199 static const pkcs5algo desCBC = {
200 OID_desCBC, parse_iv, Qc3_DES, 8, Qc3_CBC, Qc3_Pad_Counter,
201 '\0', 8, 0, 0, 8, 8, 0
202 };
203
204 /* des-EDE3-CBC OID: 1.2.840.113549.3.7 */
205 static const unsigned char OID_des_EDE3_CBC[] = {
206 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x07
207 };
208 static const pkcs5algo des_EDE3_CBC = {
209 OID_des_EDE3_CBC, parse_iv, Qc3_TDES, 8, Qc3_CBC, Qc3_Pad_Counter,
210 '\0', 24, 0, 0, 8, 8, 0
211 };
212
213 /* rc2CBC OID: 1.2.840.113549.3.2 */
214 static const unsigned char OID_rc2CBC[] = {
215 8, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x03, 0x02
216 };
217 static int parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
218 pkcs5algo *algo, asn1Element *param);
219 static const pkcs5algo rc2CBC = {
220 OID_rc2CBC, parse_rc2, Qc3_RC2, 8, Qc3_CBC, Qc3_Pad_Counter,
221 '\0', 0, 0, 0, 8, 0, 32
222 };
223
224 /* pbeWithMD5AndDES-CBC OID: 1.2.840.113549.1.5.3 */
225 static const unsigned char OID_pbeWithMD5AndDES_CBC[] = {
226 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x03
227 };
228 static int parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
229 pkcs5algo *algo, asn1Element *param);
230 static const pkcs5algo pbeWithMD5AndDES_CBC = {
231 OID_pbeWithMD5AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC,
232 Qc3_Pad_Counter, '\0', 8, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 0
233 };
234
235 /* pbeWithMD5AndRC2-CBC OID: 1.2.840.113549.1.5.6 */
236 static const unsigned char OID_pbeWithMD5AndRC2_CBC[] = {
237 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x06
238 };
239 static const pkcs5algo pbeWithMD5AndRC2_CBC = {
240 OID_pbeWithMD5AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC,
241 Qc3_Pad_Counter, '\0', 0, Qc3_MD5, MD5_DIGEST_LENGTH, 8, 0, 64
242 };
243
244 /* pbeWithSHA1AndDES-CBC OID: 1.2.840.113549.1.5.10 */
245 static const unsigned char OID_pbeWithSHA1AndDES_CBC[] = {
246 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0A
247 };
248 static const pkcs5algo pbeWithSHA1AndDES_CBC = {
249 OID_pbeWithSHA1AndDES_CBC, parse_pbes1, Qc3_DES, 8, Qc3_CBC,
250 Qc3_Pad_Counter, '\0', 8, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 0
251 };
252
253 /* pbeWithSHA1AndRC2-CBC OID: 1.2.840.113549.1.5.11 */
254 static const unsigned char OID_pbeWithSHA1AndRC2_CBC[] = {
255 9, 40 + 2, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0B
256 };
257 static const pkcs5algo pbeWithSHA1AndRC2_CBC = {
258 OID_pbeWithSHA1AndRC2_CBC, parse_pbes1, Qc3_RC2, 8, Qc3_CBC,
259 Qc3_Pad_Counter, '\0', 0, Qc3_SHA1, SHA_DIGEST_LENGTH, 8, 0, 64
260 };
261
262 /* rc5-CBC-PAD OID: 1.2.840.113549.3.9: RC5 not implemented in Qc3. */
263 /* pbeWithMD2AndDES-CBC OID: 1.2.840.113549.1.5.1: MD2 not implemented. */
264 /* pbeWithMD2AndRC2-CBC OID: 1.2.840.113549.1.5.4: MD2 not implemented. */
265
266 static const pkcs5algo * pbestable[] = {
267 &pbeWithMD5AndDES_CBC,
268 &pbeWithMD5AndRC2_CBC,
269 &pbeWithSHA1AndDES_CBC,
270 &pbeWithSHA1AndRC2_CBC,
271 &PBES2,
272 NULL
273 };
274
275 static const pkcs5algo * pbkdf2table[] = {
276 &PBKDF2,
277 NULL
278 };
279
280 static const pkcs5algo * pbes2enctable[] = {
281 &desCBC,
282 &des_EDE3_CBC,
283 &rc2CBC,
284 NULL
285 };
286
287 static const pkcs5algo * kdf2prftable[] = {
288 &hmacWithSHA1,
289 NULL
290 };
291
292
293 /* Public key extraction support. */
294 static struct {
295 unsigned char * oid;
296 int (*sshpubkey)(LIBSSH2_SESSION *session, char **pubkey,
297 asn1Element *params, asn1Element *key,
298 const char *method);
299 const char * method;
300 } pka[] = {
301 #if LIBSSH2_RSA != 0
302 { OID_rsaEncryption, sshrsapubkey, "ssh-rsa" },
303 #endif
304 #if LIBSSH2_DSA != 0
305 { OID_dsaEncryption, sshdsapubkey, "ssh-dss" },
306 #endif
307 { NULL, NULL, NULL }
308 };
309
310 /* Define ASCII strings. */
311 static const char beginencprivkeyhdr[] =
312 "-----BEGIN ENCRYPTED PRIVATE KEY-----";
313 static const char endencprivkeyhdr[] = "-----END ENCRYPTED PRIVATE KEY-----";
314 static const char beginprivkeyhdr[] = "-----BEGIN PRIVATE KEY-----";
315 static const char endprivkeyhdr[] = "-----END PRIVATE KEY-----";
316 static const char beginrsaprivkeyhdr[] = "-----BEGIN RSA PRIVATE KEY-----";
317 static const char endrsaprivkeyhdr[] = "-----END RSA PRIVATE KEY-----";
318 static const char fopenrmode[] = "r";
319 static const char fopenrbmode[] = "rb";
320
321
322 /* The rest of character literals in this module are in EBCDIC. */
323 #pragma convert(37)
324
325 #include <qusec.h>
326 #include <qc3prng.h>
327 #include <qc3dtaen.h>
328 #include <qc3dtade.h>
329 #include <qc3ctx.h>
330 #include <qc3hash.h>
331 #include <qc3hmac.h>
332 #include <qc3pbext.h>
333 #include <qc3sigvr.h>
334 #include <qc3sigcl.h>
335 #include <qc3pbext.h>
336 #include <qc3dh.h>
337
338 static Qc3_Format_KEYD0100_T nulltoken = {""};
339
340 static int zero = 0;
341 static int rsaprivate[] = { Qc3_RSA_Private };
342 static char anycsp[] = { Qc3_Any_CSP };
343 static char binstring[] = { Qc3_Bin_String };
344 static char berstring[] = { Qc3_BER_String };
345 static char qc3clear[] = { Qc3_Clear };
346
347 static const Qus_EC_t ecnull = {0}; /* Error causes an exception. */
348
349 static asn1Element lastbytebitcount = {
350 (char *) &zero, NULL, (char *) &zero + 1
351 };
352
353
354 /*******************************************************************
355 *
356 * OS/400 QC3 crypto-library backend: ASN.1 support.
357 *
358 *******************************************************************/
359
360 static char *
getASN1Element(asn1Element * elem,char * beg,char * end)361 getASN1Element(asn1Element *elem, char *beg, char *end)
362 {
363 unsigned char b;
364 unsigned long len;
365 asn1Element lelem;
366
367 /* Get a single ASN.1 element into `elem', parse ASN.1 string at `beg'
368 * ending at `end'.
369 * Returns a pointer in source string after the parsed element, or NULL
370 * if an error occurs.
371 */
372
373 if (beg >= end || !*beg)
374 return NULL;
375
376 /* Process header byte. */
377 elem->header = beg;
378 b = (unsigned char) *beg++;
379 elem->constructed = (b & 0x20) != 0;
380 elem->class = (b >> 6) & 3;
381 b &= 0x1F;
382 if (b == 0x1F)
383 return NULL; /* Long tag values not supported here. */
384 elem->tag = b;
385
386 /* Process length. */
387 if (beg >= end)
388 return NULL;
389 b = (unsigned char) *beg++;
390 if (!(b & 0x80))
391 len = b;
392 else if (!(b &= 0x7F)) {
393 /* Unspecified length. Since we have all the data, we can determine the
394 * effective length by skipping element until an end element is
395 * found.
396 */
397 if (!elem->constructed)
398 return NULL;
399 elem->beg = beg;
400 while (beg < end && *beg) {
401 beg = getASN1Element(&lelem, beg, end);
402 if (!beg)
403 return NULL;
404 }
405 if (beg >= end)
406 return NULL;
407 elem->end = beg;
408 return beg + 1;
409 } else if (beg + b > end)
410 return NULL; /* Does not fit in source. */
411 else {
412 /* Get long length. */
413 len = 0;
414 do {
415 if (len & 0xFF000000L)
416 return NULL; /* Lengths > 32 bits are not supported. */
417 len = (len << 8) | (unsigned char) *beg++;
418 } while (--b);
419 }
420 if ((unsigned long) (end - beg) < len)
421 return NULL; /* Element data does not fit in source. */
422 elem->beg = beg;
423 elem->end = beg + len;
424 return elem->end;
425 }
426
427 static asn1Element *
asn1_new(unsigned int type,unsigned int length)428 asn1_new(unsigned int type, unsigned int length)
429 {
430 asn1Element *e;
431 unsigned int hdrl = 2;
432 unsigned int i;
433 unsigned char *buf;
434
435 e = (asn1Element *) malloc(sizeof *e);
436
437 if (e) {
438 if (length >= 0x80)
439 for (i = length; i; i >>= 8)
440 hdrl++;
441
442 buf = (unsigned char *) malloc(hdrl + length);
443
444 if (buf) {
445 e->header = buf;
446 e->beg = buf + hdrl;
447 e->end = e->beg + length;
448 e->class = (type >> 6) & 0x03;
449 e->tag = type & 0x1F;
450 e->constructed = (type >> 5) & 0x01;
451 e->header[0] = type;
452
453 if (length < 0x80)
454 e->header[1] = length;
455 else {
456 e->header[1] = (hdrl - 2) | 0x80;
457 do {
458 e->header[--hdrl] = length;
459 length >>= 8;
460 } while (length);
461 }
462 } else {
463 free((char *) e);
464 e = NULL;
465 }
466 }
467
468 return e;
469 }
470
471 static asn1Element *
asn1_new_from_bytes(const unsigned char * data,unsigned int length)472 asn1_new_from_bytes(const unsigned char *data, unsigned int length)
473 {
474 asn1Element *e;
475 asn1Element te;
476
477 getASN1Element(&te,
478 (unsigned char *) data, (unsigned char *) data + length);
479 e = asn1_new(te.tag, te.end - te.beg);
480
481 if (e)
482 memcpy(e->header, data, e->end - e->header);
483
484 return e;
485 }
486
487 static void
asn1delete(asn1Element * e)488 asn1delete(asn1Element *e)
489 {
490 if (e) {
491 if (e->header)
492 free((char *) e->header);
493 free((char *) e);
494 }
495 }
496
497 static asn1Element *
asn1uint(_libssh2_bn * bn)498 asn1uint(_libssh2_bn *bn)
499 {
500 asn1Element *e;
501 int bits;
502 int length;
503 unsigned char * p;
504
505 if (!bn)
506 return NULL;
507
508 bits = _libssh2_bn_bits(bn);
509 length = (bits + 8) >> 3;
510 e = asn1_new(ASN1_INTEGER, length);
511
512 if (e) {
513 p = e->beg;
514 if (!(bits & 0x07))
515 *p++ = 0;
516 _libssh2_bn_to_bin(bn, p);
517 }
518
519 return e;
520 }
521
522 static asn1Element *
asn1containerv(unsigned int type,valiststr args)523 asn1containerv(unsigned int type, valiststr args)
524 {
525 valiststr va;
526 asn1Element *e;
527 asn1Element *p;
528 unsigned char *bp;
529 unsigned int length = 0;
530
531 memcpy((char *) &va, (char *) &args, sizeof args);
532 while ((p = va_arg(va.list, asn1Element *)))
533 length += p->end - p->header;
534 va_end(va.list);
535 e = asn1_new(type, length);
536 if (e) {
537 bp = e->beg;
538 while ((p = va_arg(args.list, asn1Element *))) {
539 memcpy(bp, p->header, p->end - p->header);
540 bp += p->end - p->header;
541 }
542 }
543 return e;
544 }
545
546 /* VARARGS1 */
547 static asn1Element *
asn1container(unsigned int type,...)548 asn1container(unsigned int type, ...)
549 {
550 valiststr va;
551 asn1Element *e;
552
553 va_start(va.list, type);
554 e = asn1containerv(type, va);
555 va_end(va.list);
556 return e;
557 }
558
559 static asn1Element *
asn1bytes(unsigned int type,const unsigned char * bytes,unsigned int length)560 asn1bytes(unsigned int type, const unsigned char *bytes, unsigned int length)
561 {
562 asn1Element *e;
563
564 e = asn1_new(type, length);
565 if (e && length)
566 memcpy(e->beg, bytes, length);
567 return e;
568 }
569
570 static asn1Element *
rsapublickey(_libssh2_bn * e,_libssh2_bn * m)571 rsapublickey(_libssh2_bn *e, _libssh2_bn *m)
572 {
573 asn1Element *publicexponent;
574 asn1Element *modulus;
575 asn1Element *rsapubkey;
576
577 /* Build a PKCS#1 RSAPublicKey. */
578
579 modulus = asn1uint(m);
580 publicexponent = asn1uint(e);
581 rsapubkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
582 modulus, publicexponent, NULL);
583 asn1delete(modulus);
584 asn1delete(publicexponent);
585
586 if (!modulus || !publicexponent) {
587 asn1delete(rsapubkey);
588 rsapubkey = NULL;
589 }
590
591 return rsapubkey;
592 }
593
594 static asn1Element *
rsaprivatekey(_libssh2_bn * e,_libssh2_bn * m,_libssh2_bn * d,_libssh2_bn * p,_libssh2_bn * q,_libssh2_bn * exp1,_libssh2_bn * exp2,_libssh2_bn * coeff)595 rsaprivatekey(_libssh2_bn *e, _libssh2_bn *m, _libssh2_bn *d,
596 _libssh2_bn *p, _libssh2_bn *q,
597 _libssh2_bn *exp1, _libssh2_bn *exp2, _libssh2_bn *coeff)
598 {
599 asn1Element *version;
600 asn1Element *modulus;
601 asn1Element *publicexponent;
602 asn1Element *privateexponent;
603 asn1Element *prime1;
604 asn1Element *prime2;
605 asn1Element *exponent1;
606 asn1Element *exponent2;
607 asn1Element *coefficient;
608 asn1Element *rsaprivkey;
609
610 /* Build a PKCS#1 RSAPrivateKey. */
611 version = asn1bytes(ASN1_INTEGER, "\0", 1);
612 modulus = asn1uint(m);
613 publicexponent = asn1uint(e);
614 privateexponent = asn1uint(d);
615 prime1 = asn1uint(p);
616 prime2 = asn1uint(q);
617 exponent1 = asn1uint(exp1);
618 exponent2 = asn1uint(exp2);
619 coefficient = asn1uint(coeff);
620 rsaprivkey = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version, modulus,
621 publicexponent, privateexponent, prime1, prime2,
622 exponent1, exponent2, coefficient, NULL);
623 asn1delete(version);
624 asn1delete(modulus);
625 asn1delete(publicexponent);
626 asn1delete(privateexponent);
627 asn1delete(prime1);
628 asn1delete(prime2);
629 asn1delete(exponent1);
630 asn1delete(exponent2);
631 asn1delete(coefficient);
632
633 if (!version || !modulus || !publicexponent || !privateexponent ||
634 !prime1 || !prime2 || !exponent1 || !exponent2 || !coefficient) {
635 asn1delete(rsaprivkey);
636 rsaprivkey = NULL;
637 }
638
639 return rsaprivkey;
640 }
641
642 static asn1Element *
subjectpublickeyinfo(asn1Element * pubkey,const unsigned char * algo,asn1Element * parameters)643 subjectpublickeyinfo(asn1Element *pubkey, const unsigned char *algo,
644 asn1Element *parameters)
645 {
646 asn1Element *subjpubkey;
647 asn1Element *algorithm;
648 asn1Element *algorithmid;
649 asn1Element *subjpubkeyinfo;
650 unsigned int algosize = *algo++;
651
652 algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize);
653 algorithmid = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
654 algorithm, parameters, NULL);
655 subjpubkey = asn1container(ASN1_BIT_STRING, &lastbytebitcount,
656 pubkey, NULL);
657 subjpubkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
658 algorithmid, subjpubkey, NULL);
659 asn1delete(algorithm);
660 asn1delete(algorithmid);
661 asn1delete(subjpubkey);
662 if (!algorithm || !algorithmid || !subjpubkey) {
663 asn1delete(subjpubkeyinfo);
664 subjpubkeyinfo = NULL;
665 }
666 return subjpubkeyinfo;
667 }
668
669 static asn1Element *
rsasubjectpublickeyinfo(asn1Element * pubkey)670 rsasubjectpublickeyinfo(asn1Element *pubkey)
671 {
672 asn1Element *parameters;
673 asn1Element *subjpubkeyinfo;
674
675 parameters = asn1bytes(ASN1_NULL, NULL, 0);
676 subjpubkeyinfo = subjectpublickeyinfo(pubkey,
677 OID_rsaEncryption, parameters);
678 asn1delete(parameters);
679 if (!parameters) {
680 asn1delete(subjpubkeyinfo);
681 subjpubkeyinfo = NULL;
682 }
683 return subjpubkeyinfo;
684 }
685
686 static asn1Element *
privatekeyinfo(asn1Element * privkey,const unsigned char * algo,asn1Element * parameters)687 privatekeyinfo(asn1Element *privkey, const unsigned char *algo,
688 asn1Element *parameters)
689 {
690 asn1Element *version;
691 asn1Element *privatekey;
692 asn1Element *algorithm;
693 asn1Element *privatekeyalgorithm;
694 asn1Element *privkeyinfo;
695 unsigned int algosize = *algo++;
696
697 /* Build a PKCS#8 PrivateKeyInfo. */
698 version = asn1bytes(ASN1_INTEGER, "\0", 1);
699 algorithm = asn1bytes(ASN1_OBJ_ID, algo, algosize);
700 privatekeyalgorithm = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
701 algorithm, parameters, NULL);
702 privatekey = asn1container(ASN1_OCTET_STRING, privkey, NULL);
703 privkeyinfo = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED, version,
704 privatekeyalgorithm, privatekey, NULL);
705 asn1delete(version);
706 asn1delete(algorithm);
707 asn1delete(privatekeyalgorithm);
708 if (!version || !algorithm || !privatekeyalgorithm) {
709 asn1delete(privkeyinfo);
710 privkeyinfo = NULL;
711 }
712 return privkeyinfo;
713 }
714
715 static asn1Element *
rsaprivatekeyinfo(asn1Element * privkey)716 rsaprivatekeyinfo(asn1Element *privkey)
717 {
718 asn1Element *parameters;
719 asn1Element *privkeyinfo;
720
721 parameters = asn1bytes(ASN1_NULL, NULL, 0);
722 privkeyinfo = privatekeyinfo(privkey, OID_rsaEncryption, parameters);
723 asn1delete(parameters);
724 if (!parameters) {
725 asn1delete(privkeyinfo);
726 privkeyinfo = NULL;
727 }
728 return privkeyinfo;
729 }
730
731 /*******************************************************************
732 *
733 * OS/400 QC3 crypto-library backend: big numbers support.
734 *
735 *******************************************************************/
736
737
738 _libssh2_bn *
_libssh2_bn_init(void)739 _libssh2_bn_init(void)
740 {
741 _libssh2_bn *bignum;
742
743 bignum = (_libssh2_bn *) malloc(sizeof *bignum);
744 if (bignum) {
745 bignum->bignum = NULL;
746 bignum->length = 0;
747 }
748
749 return bignum;
750 }
751
752 void
_libssh2_bn_free(_libssh2_bn * bn)753 _libssh2_bn_free(_libssh2_bn *bn)
754 {
755 if (bn) {
756 if (bn->bignum) {
757 #ifdef LIBSSH2_CLEAR_MEMORY
758 if (bn->length)
759 memset((char *) bn->bignum, 0, bn->length);
760 #endif
761 free(bn->bignum);
762 }
763
764 free((char *) bn);
765 }
766 }
767
768 static int
_libssh2_bn_resize(_libssh2_bn * bn,size_t newlen)769 _libssh2_bn_resize(_libssh2_bn *bn, size_t newlen)
770 {
771 unsigned char *bignum;
772
773 if (!bn)
774 return -1;
775 if (newlen == bn->length)
776 return 0;
777
778 if (!bn->bignum)
779 bignum = (unsigned char *) malloc(newlen);
780 else {
781 #ifdef LIBSSH2_CLEAR_MEMORY
782 if (newlen < bn->length)
783 memset((char *) bn->bignum + newlen, 0, bn->length - newlen);
784 #endif
785 if (!newlen) {
786 free((char *) bn->bignum);
787 bn->bignum = NULL;
788 bn->length = 0;
789 return 0;
790 }
791 bignum = (unsigned char *) realloc((char *) bn->bignum, newlen);
792 }
793
794 if (!bignum)
795 return -1;
796
797 if (newlen > bn->length)
798 memset((char *) bignum + bn->length, 0, newlen - bn->length);
799
800 bn->bignum = bignum;
801 bn->length = newlen;
802 return 0;
803 }
804
805 unsigned long
_libssh2_bn_bits(_libssh2_bn * bn)806 _libssh2_bn_bits(_libssh2_bn *bn)
807 {
808 unsigned int i;
809 unsigned char b;
810
811 if (bn && bn->bignum) {
812 for (i = bn->length; i--;)
813 if ((b = bn->bignum[i])) {
814 i *= 8;
815 do {
816 i++;
817 } while (b >>= 1);
818 return i;
819 }
820 }
821
822 return 0;
823 }
824
825 int
_libssh2_bn_from_bin(_libssh2_bn * bn,int len,const unsigned char * val)826 _libssh2_bn_from_bin(_libssh2_bn *bn, int len, const unsigned char *val)
827 {
828 int i;
829
830 if (!bn || (len && !val))
831 return -1;
832
833 for (; len && !*val; len--)
834 val++;
835
836 if (_libssh2_bn_resize(bn, len))
837 return -1;
838
839 for (i = len; i--;)
840 bn->bignum[i] = *val++;
841
842 return 0;
843 }
844
845 int
_libssh2_bn_set_word(_libssh2_bn * bn,unsigned long val)846 _libssh2_bn_set_word(_libssh2_bn *bn, unsigned long val)
847 {
848 val = htonl(val);
849 return _libssh2_bn_from_bin(bn, sizeof val, (unsigned char *) &val);
850 }
851
852 int
_libssh2_bn_to_bin(_libssh2_bn * bn,unsigned char * val)853 _libssh2_bn_to_bin(_libssh2_bn *bn, unsigned char *val)
854 {
855 int i;
856
857 if (!bn || !val)
858 return -1;
859
860 for (i = bn->length; i--;)
861 *val++ = bn->bignum[i];
862
863 return 0;
864 }
865
866 static int
_libssh2_bn_from_bn(_libssh2_bn * to,_libssh2_bn * from)867 _libssh2_bn_from_bn(_libssh2_bn *to, _libssh2_bn *from)
868 {
869 int i;
870
871 if (!to || !from)
872 return -1;
873
874 if (_libssh2_bn_resize(to, from->length))
875 return -1;
876
877 for (i = to->length; i--;)
878 to->bignum[i] = from->bignum[i];
879
880 return 0;
881 }
882
883 void
_libssh2_random(unsigned char * buf,int len)884 _libssh2_random(unsigned char *buf, int len)
885 {
886 Qc3GenPRNs(buf, len,
887 Qc3PRN_TYPE_NORMAL, Qc3PRN_NO_PARITY, (char *) &ecnull);
888 }
889
890
891 /*******************************************************************
892 *
893 * OS/400 QC3 crypto-library backend: crypto context support.
894 *
895 *******************************************************************/
896
897 static _libssh2_os400qc3_crypto_ctx *
libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx * ctx)898 libssh2_init_crypto_ctx(_libssh2_os400qc3_crypto_ctx *ctx)
899 {
900 if (!ctx)
901 ctx = (_libssh2_os400qc3_crypto_ctx *) malloc(sizeof *ctx);
902
903 if (ctx) {
904 memset((char *) ctx, 0, sizeof *ctx);
905 ctx->hash.Final_Op_Flag = Qc3_Continue;
906 }
907
908 return ctx;
909 }
910
911 static int
null_token(const char * token)912 null_token(const char *token)
913 {
914 return !memcmp(token, nulltoken.Key_Context_Token,
915 sizeof nulltoken.Key_Context_Token);
916 }
917
918 void
_libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx * x)919 _libssh2_os400qc3_crypto_dtor(_libssh2_os400qc3_crypto_ctx *x)
920 {
921 if (!x)
922 return;
923 if (!null_token(x->hash.Alg_Context_Token)) {
924 Qc3DestroyAlgorithmContext(x->hash.Alg_Context_Token, (char *) &ecnull);
925 memset(x->hash.Alg_Context_Token, 0, sizeof x->hash.Alg_Context_Token);
926 }
927 if (!null_token(x->key.Key_Context_Token)) {
928 Qc3DestroyKeyContext(x->key.Key_Context_Token, (char *) &ecnull);
929 memset(x->key.Key_Context_Token, 0, sizeof x->key.Key_Context_Token);
930 }
931 if (x->kek) {
932 _libssh2_os400qc3_crypto_dtor(x->kek);
933 free((char *) x->kek);
934 x->kek = NULL;
935 }
936 }
937
938 /*******************************************************************
939 *
940 * OS/400 QC3 crypto-library backend: hash algorithms support.
941 *
942 *******************************************************************/
943
944 int
libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T * x,unsigned int algorithm)945 libssh2_os400qc3_hash_init(Qc3_Format_ALGD0100_T *x, unsigned int algorithm)
946 {
947 Qc3_Format_ALGD0500_T algd;
948 Qus_EC_t errcode;
949
950 if (!x)
951 return 0;
952
953 memset((char *) x, 0, sizeof *x);
954 x->Final_Op_Flag = Qc3_Continue;
955 algd.Hash_Alg = algorithm;
956 set_EC_length(errcode, sizeof errcode);
957 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Hash,
958 x->Alg_Context_Token, &errcode);
959 return errcode.Bytes_Available? 0: 1;
960 }
961
962 void
libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T * ctx,unsigned char * data,int len)963 libssh2_os400qc3_hash_update(Qc3_Format_ALGD0100_T *ctx,
964 unsigned char *data, int len)
965 {
966 char dummy[64];
967
968 ctx->Final_Op_Flag = Qc3_Continue;
969 Qc3CalculateHash((char *) data, &len, Qc3_Data, (char *) ctx,
970 Qc3_Alg_Token, anycsp, NULL, dummy, (char *) &ecnull);
971 }
972
973 void
libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T * ctx,unsigned char * out)974 libssh2_os400qc3_hash_final(Qc3_Format_ALGD0100_T *ctx, unsigned char *out)
975 {
976 char data;
977
978 ctx->Final_Op_Flag = Qc3_Final;
979 Qc3CalculateHash(&data, &zero, Qc3_Data, (char *) ctx, Qc3_Alg_Token,
980 anycsp, NULL, (char *) out, (char *) &ecnull);
981 Qc3DestroyAlgorithmContext(ctx->Alg_Context_Token, (char *) &ecnull);
982 memset(ctx->Alg_Context_Token, 0, sizeof ctx->Alg_Context_Token);
983 }
984
985 int
libssh2_os400qc3_hash(const unsigned char * message,unsigned long len,unsigned char * out,unsigned int algo)986 libssh2_os400qc3_hash(const unsigned char *message, unsigned long len,
987 unsigned char *out, unsigned int algo)
988 {
989 Qc3_Format_ALGD0100_T ctx;
990
991 if (!libssh2_os400qc3_hash_init(&ctx, algo))
992 return 1;
993
994 libssh2_os400qc3_hash_update(&ctx, (unsigned char *) message, len);
995 libssh2_os400qc3_hash_final(&ctx, out);
996 return 0;
997 }
998
999 void
libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx * ctx,int algo,size_t minkeylen,void * key,int keylen)1000 libssh2_os400qc3_hmac_init(_libssh2_os400qc3_crypto_ctx *ctx,
1001 int algo, size_t minkeylen, void *key, int keylen)
1002 {
1003 if (keylen < minkeylen) {
1004 char *lkey = alloca(minkeylen);
1005
1006 /* Pad key with zeroes if too short. */
1007 if (!lkey)
1008 return;
1009 memcpy(lkey, (char *) key, keylen);
1010 memset(lkey + keylen, 0, minkeylen - keylen);
1011 key = (void *) lkey;
1012 keylen = minkeylen;
1013 }
1014 libssh2_os400qc3_hash_init(&ctx->hash, algo);
1015 Qc3CreateKeyContext((char *) key, &keylen, binstring, &algo, qc3clear,
1016 NULL, NULL, ctx->key.Key_Context_Token,
1017 (char *) &ecnull);
1018 }
1019
1020 void
libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx * ctx,unsigned char * data,int len)1021 libssh2_os400qc3_hmac_update(_libssh2_os400qc3_crypto_ctx *ctx,
1022 unsigned char *data, int len)
1023 {
1024 char dummy[64];
1025
1026 ctx->hash.Final_Op_Flag = Qc3_Continue;
1027 Qc3CalculateHMAC((char *) data, &len, Qc3_Data, (char *) &ctx->hash,
1028 Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token,
1029 anycsp, NULL, dummy, (char *) &ecnull);
1030 }
1031
1032 void
libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx * ctx,unsigned char * out)1033 libssh2_os400qc3_hmac_final(_libssh2_os400qc3_crypto_ctx *ctx,
1034 unsigned char *out)
1035 {
1036 char data;
1037
1038 ctx->hash.Final_Op_Flag = Qc3_Final;
1039 Qc3CalculateHMAC((char *) data, &zero, Qc3_Data, (char *) &ctx->hash,
1040 Qc3_Alg_Token, ctx->key.Key_Context_Token, Qc3_Key_Token,
1041 anycsp, NULL, (char *) out, (char *) &ecnull);
1042 }
1043
1044
1045 /*******************************************************************
1046 *
1047 * OS/400 QC3 crypto-library backend: cipher algorithms support.
1048 *
1049 *******************************************************************/
1050
1051 int
_libssh2_cipher_init(_libssh2_cipher_ctx * h,_libssh2_cipher_type (algo),unsigned char * iv,unsigned char * secret,int encrypt)1052 _libssh2_cipher_init(_libssh2_cipher_ctx *h, _libssh2_cipher_type(algo),
1053 unsigned char *iv, unsigned char *secret, int encrypt)
1054 {
1055 Qc3_Format_ALGD0200_T algd;
1056 Qus_EC_t errcode;
1057
1058 (void) encrypt;
1059
1060 if (!h)
1061 return -1;
1062
1063 libssh2_init_crypto_ctx(h);
1064 algd.Block_Cipher_Alg = algo.algo;
1065 algd.Block_Length = algo.size;
1066 algd.Mode = algo.mode;
1067 algd.Pad_Option = Qc3_No_Pad;
1068 algd.Pad_Character = 0;
1069 algd.Reserved = 0;
1070 algd.MAC_Length = 0;
1071 algd.Effective_Key_Size = 0;
1072 memset(algd.Init_Vector, 0 , sizeof algd.Init_Vector);
1073 if (algo.mode != Qc3_ECB && algo.size)
1074 memcpy(algd.Init_Vector, iv, algo.size);
1075 set_EC_length(errcode, sizeof errcode);
1076 Qc3CreateAlgorithmContext((char *) &algd, algo.fmt,
1077 h->hash.Alg_Context_Token, &errcode);
1078 if (errcode.Bytes_Available)
1079 return -1;
1080 Qc3CreateKeyContext((char *) secret, &algo.keylen, binstring,
1081 &algo.algo, qc3clear, NULL, NULL,
1082 h->key.Key_Context_Token, (char *) &errcode);
1083 if (errcode.Bytes_Available) {
1084 _libssh2_os400qc3_crypto_dtor(h);
1085 return -1;
1086 }
1087
1088 return 0;
1089 }
1090
1091 int
_libssh2_cipher_crypt(_libssh2_cipher_ctx * ctx,_libssh2_cipher_type (algo),int encrypt,unsigned char * block,size_t blocksize)1092 _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx,
1093 _libssh2_cipher_type(algo),
1094 int encrypt, unsigned char *block, size_t blocksize)
1095 {
1096 Qus_EC_t errcode;
1097 int outlen;
1098 int blksize = blocksize;
1099
1100 (void) algo;
1101
1102 set_EC_length(errcode, sizeof errcode);
1103 if (encrypt)
1104 Qc3EncryptData((char *) block, &blksize, Qc3_Data,
1105 ctx->hash.Alg_Context_Token, Qc3_Alg_Token,
1106 ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL,
1107 (char *) block, &blksize, &outlen, (char *) &errcode);
1108 else
1109 Qc3DecryptData((char *) block, &blksize,
1110 ctx->hash.Alg_Context_Token, Qc3_Alg_Token,
1111 ctx->key.Key_Context_Token, Qc3_Key_Token, anycsp, NULL,
1112 (char *) block, &blksize, &outlen, (char *) &errcode);
1113
1114 return errcode.Bytes_Available? -1: 0;
1115 }
1116
1117
1118 /*******************************************************************
1119 *
1120 * OS/400 QC3 crypto-library backend: RSA support.
1121 *
1122 *******************************************************************/
1123
1124 int
_libssh2_rsa_new(libssh2_rsa_ctx ** rsa,const unsigned char * edata,unsigned long elen,const unsigned char * ndata,unsigned long nlen,const unsigned char * ddata,unsigned long dlen,const unsigned char * pdata,unsigned long plen,const unsigned char * qdata,unsigned long qlen,const unsigned char * e1data,unsigned long e1len,const unsigned char * e2data,unsigned long e2len,const unsigned char * coeffdata,unsigned long coefflen)1125 _libssh2_rsa_new(libssh2_rsa_ctx **rsa,
1126 const unsigned char *edata, unsigned long elen,
1127 const unsigned char *ndata, unsigned long nlen,
1128 const unsigned char *ddata, unsigned long dlen,
1129 const unsigned char *pdata, unsigned long plen,
1130 const unsigned char *qdata, unsigned long qlen,
1131 const unsigned char *e1data, unsigned long e1len,
1132 const unsigned char *e2data, unsigned long e2len,
1133 const unsigned char *coeffdata, unsigned long coefflen)
1134 {
1135 libssh2_rsa_ctx *ctx;
1136 _libssh2_bn *e = _libssh2_bn_init_from_bin();
1137 _libssh2_bn *n = _libssh2_bn_init_from_bin();
1138 _libssh2_bn *d = NULL;
1139 _libssh2_bn *p = NULL;
1140 _libssh2_bn *q = NULL;
1141 _libssh2_bn *e1 = NULL;
1142 _libssh2_bn *e2 = NULL;
1143 _libssh2_bn *coeff = NULL;
1144 asn1Element *key = NULL;
1145 asn1Element *structkey = NULL;
1146 Qc3_Format_ALGD0400_T algd;
1147 Qus_EC_t errcode;
1148 int keytype;
1149 int ret = 0;
1150 int i;
1151
1152 ctx = libssh2_init_crypto_ctx(NULL);
1153 if (!ctx)
1154 ret = -1;
1155 if (!ret) {
1156 _libssh2_bn_from_bin(e, elen, edata);
1157 _libssh2_bn_from_bin(n, nlen, ndata);
1158 if (!e || !n)
1159 ret = -1;
1160 }
1161 if (!ret && ddata) {
1162 /* Private key. */
1163 d = _libssh2_bn_init_from_bin();
1164 _libssh2_bn_from_bin(d, dlen, ddata);
1165 p = _libssh2_bn_init_from_bin();
1166 _libssh2_bn_from_bin(p, plen, pdata);
1167 q = _libssh2_bn_init_from_bin();
1168 _libssh2_bn_from_bin(q, qlen, qdata);
1169 e1 = _libssh2_bn_init_from_bin();
1170 _libssh2_bn_from_bin(e1, e1len, e1data);
1171 e2 = _libssh2_bn_init_from_bin();
1172 _libssh2_bn_from_bin(e2, e2len, e2data);
1173 coeff = _libssh2_bn_init_from_bin();
1174 _libssh2_bn_from_bin(coeff, coefflen, coeffdata);
1175 if (!d || !p || !q ||!e1 || !e2 || !coeff)
1176 ret = -1;
1177
1178 if (!ret) {
1179 /* Build a PKCS#8 private key. */
1180 key = rsaprivatekey(e, n, d, p, q, e1, e2, coeff);
1181 structkey = rsaprivatekeyinfo(key);
1182 }
1183 keytype = Qc3_RSA_Private;
1184 } else if (!ret) {
1185 key = rsapublickey(e, n);
1186 structkey = rsasubjectpublickeyinfo(key);
1187 keytype = Qc3_RSA_Public;
1188 }
1189 if (!key || !structkey)
1190 ret = -1;
1191
1192 set_EC_length(errcode, sizeof errcode);
1193
1194 if (!ret) {
1195 /* Create the algorithm context. */
1196 algd.Public_Key_Alg = Qc3_RSA;
1197 algd.PKA_Block_Format = Qc3_PKCS1_01;
1198 memset(algd.Reserved, 0, sizeof algd.Reserved);
1199 algd.Signing_Hash_Alg = Qc3_SHA1;
1200 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
1201 ctx->hash.Alg_Context_Token, &errcode);
1202 if (errcode.Bytes_Available)
1203 ret = -1;
1204 ctx->hash.Final_Op_Flag = Qc3_Continue;
1205 }
1206
1207 /* Create the key context. */
1208 if (!ret) {
1209 i = structkey->end - structkey->header;
1210 Qc3CreateKeyContext(structkey->header, &i, berstring, &keytype,
1211 qc3clear, NULL, NULL, ctx->key.Key_Context_Token,
1212 (char *) &errcode);
1213 if (errcode.Bytes_Available)
1214 ret = -1;
1215 }
1216
1217 _libssh2_bn_free(e);
1218 _libssh2_bn_free(n);
1219 _libssh2_bn_free(d);
1220 _libssh2_bn_free(p);
1221 _libssh2_bn_free(q);
1222 _libssh2_bn_free(e1);
1223 _libssh2_bn_free(e2);
1224 _libssh2_bn_free(coeff);
1225 asn1delete(key);
1226 asn1delete(structkey);
1227 if (ret && ctx) {
1228 _libssh2_rsa_free(ctx);
1229 ctx = NULL;
1230 }
1231 *rsa = ctx;
1232 return ret;
1233 }
1234
1235
1236 /*******************************************************************
1237 *
1238 * OS/400 QC3 crypto-library backend: Diffie-Hellman support.
1239 *
1240 *******************************************************************/
1241
1242 void
_libssh2_os400qc3_dh_init(_libssh2_dh_ctx * dhctx)1243 _libssh2_os400qc3_dh_init(_libssh2_dh_ctx *dhctx)
1244 {
1245 memset((char *) dhctx, 0, sizeof *dhctx);
1246 }
1247
1248 int
_libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx * dhctx,_libssh2_bn * public,_libssh2_bn * g,_libssh2_bn * p,int group_order)1249 _libssh2_os400qc3_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public,
1250 _libssh2_bn *g, _libssh2_bn *p, int group_order)
1251 {
1252 asn1Element *prime;
1253 asn1Element *base;
1254 asn1Element *dhparameter;
1255 asn1Element *dhkeyagreement;
1256 asn1Element *pkcs3;
1257 int pkcs3len;
1258 char *pubkey;
1259 int pubkeysize;
1260 int pubkeylen;
1261 Qus_EC_t errcode;
1262
1263 (void) group_order;
1264
1265 /* Build the PKCS#3 structure. */
1266
1267 base = asn1uint(g);
1268 prime = asn1uint(p);
1269 dhparameter = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
1270 prime, base, NULL);
1271 asn1delete(base);
1272 asn1delete(prime);
1273 dhkeyagreement = asn1bytes(ASN1_OBJ_ID,
1274 OID_dhKeyAgreement + 1, OID_dhKeyAgreement[0]);
1275 pkcs3 = asn1container(ASN1_SEQ | ASN1_CONSTRUCTED,
1276 dhkeyagreement, dhparameter, NULL);
1277 asn1delete(dhkeyagreement);
1278 asn1delete(dhparameter);
1279 if (!base || !prime || !dhparameter ||
1280 !dhkeyagreement || !dhparameter || !pkcs3) {
1281 asn1delete(pkcs3);
1282 return -1;
1283 }
1284 pkcs3len = pkcs3->end - pkcs3->header;
1285 pubkeysize = (_libssh2_bn_bits(p) + 7) >> 3;
1286 pubkey = alloca(pubkeysize);
1287 set_EC_length(errcode, sizeof errcode);
1288 Qc3GenDHKeyPair((char *) pkcs3->header, &pkcs3len, anycsp, NULL,
1289 dhctx->token, pubkey, &pubkeysize, &pubkeylen, &errcode);
1290 asn1delete(pkcs3);
1291 if (errcode.Bytes_Available)
1292 return -1;
1293 return _libssh2_bn_from_bin(public, pubkeylen, (unsigned char *) pubkey);
1294 }
1295
1296 int
_libssh2_os400qc3_dh_secret(_libssh2_dh_ctx * dhctx,_libssh2_bn * secret,_libssh2_bn * f,_libssh2_bn * p)1297 _libssh2_os400qc3_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret,
1298 _libssh2_bn *f, _libssh2_bn *p)
1299 {
1300 char *pubkey;
1301 int pubkeysize;
1302 char *secretbuf;
1303 int secretbufsize;
1304 int secretbuflen;
1305 Qus_EC_t errcode;
1306
1307 pubkeysize = (_libssh2_bn_bits(f) + 7) >> 3;
1308 pubkey = alloca(pubkeysize);
1309 _libssh2_bn_to_bin(f, pubkey);
1310 secretbufsize = (_libssh2_bn_bits(p) + 7) >> 3;
1311 secretbuf = alloca(pubkeysize);
1312 set_EC_length(errcode, sizeof errcode);
1313 Qc3CalculateDHSecretKey(dhctx->token, pubkey, &pubkeysize,
1314 secretbuf, &secretbufsize, &secretbuflen, &errcode);
1315 if (errcode.Bytes_Available)
1316 return -1;
1317 return _libssh2_bn_from_bin(secret,
1318 secretbuflen, (unsigned char *) secretbuf);
1319 }
1320
1321 void
_libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx * dhctx)1322 _libssh2_os400qc3_dh_dtor(_libssh2_dh_ctx *dhctx)
1323 {
1324 if (!null_token(dhctx->token)) {
1325 Qc3DestroyAlgorithmContext(dhctx->token, (char *) &ecnull);
1326 memset((char *) dhctx, 0, sizeof *dhctx);
1327 }
1328 }
1329
1330
1331 /*******************************************************************
1332 *
1333 * OS/400 QC3 crypto-library backend: PKCS#5 supplement.
1334 *
1335 *******************************************************************/
1336
1337 static int
oidcmp(const asn1Element * e,const unsigned char * oid)1338 oidcmp(const asn1Element *e, const unsigned char *oid)
1339 {
1340 int i = e->end - e->beg - *oid++;
1341
1342 if (*e->header != ASN1_OBJ_ID)
1343 return -2;
1344 if (!i)
1345 i = memcmp(e->beg, oid, oid[-1]);
1346 return i;
1347 }
1348
1349 static int
asn1getword(asn1Element * e,unsigned long * v)1350 asn1getword(asn1Element *e, unsigned long *v)
1351 {
1352 unsigned long a;
1353 const unsigned char *cp;
1354
1355 if (*e->header != ASN1_INTEGER)
1356 return -1;
1357 for (cp = e->beg; cp < e->end && !*cp; cp++)
1358 ;
1359 if (e->end - cp > sizeof a)
1360 return -1;
1361 for (a = 0; cp < e->end; cp++)
1362 a = (a << 8) | *cp;
1363 *v = a;
1364 return 0;
1365 }
1366
1367 static int
pbkdf1(LIBSSH2_SESSION * session,char ** dk,const unsigned char * passphrase,pkcs5params * pkcs5)1368 pbkdf1(LIBSSH2_SESSION *session, char **dk, const unsigned char * passphrase,
1369 pkcs5params *pkcs5)
1370 {
1371 int i;
1372 Qc3_Format_ALGD0100_T hctx;
1373 int len = pkcs5->saltlen;
1374 char *data = (char *) pkcs5->salt;
1375
1376 *dk = NULL;
1377 if (pkcs5->dklen > pkcs5->hashlen)
1378 return -1;
1379
1380 /* Allocate the derived key buffer. */
1381 if (!(*dk = LIBSSH2_ALLOC(session, pkcs5->hashlen)))
1382 return -1;
1383
1384 /* Initial hash. */
1385 libssh2_os400qc3_hash_init(&hctx, pkcs5->hash);
1386 libssh2_os400qc3_hash_update(&hctx, (unsigned char *) passphrase,
1387 strlen(passphrase));
1388 hctx.Final_Op_Flag = Qc3_Final;
1389 Qc3CalculateHash((char *) pkcs5->salt, &len, Qc3_Data, (char *) &hctx,
1390 Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
1391
1392 /* Iterate. */
1393 len = pkcs5->hashlen;
1394 for (i = 1; i < pkcs5->itercount; i++)
1395 Qc3CalculateHash((char *) *dk, &len, Qc3_Data, (char *) &hctx,
1396 Qc3_Alg_Token, anycsp, NULL, *dk, (char *) &ecnull);
1397
1398 /* Special stuff for PBES1: split derived key into 8-byte key and 8-byte
1399 initialization vector. */
1400 pkcs5->dklen = 8;
1401 pkcs5->ivlen = 8;
1402 pkcs5->iv = *dk + 8;
1403
1404 /* Clean-up and exit. */
1405 Qc3DestroyAlgorithmContext(hctx.Alg_Context_Token, (char *) &ecnull);
1406 return 0;
1407 }
1408
1409 static int
pbkdf2(LIBSSH2_SESSION * session,char ** dk,const unsigned char * passphrase,pkcs5params * pkcs5)1410 pbkdf2(LIBSSH2_SESSION *session, char **dk, const unsigned char * passphrase,
1411 pkcs5params *pkcs5)
1412 {
1413 size_t i;
1414 size_t k;
1415 int j;
1416 int l;
1417 uint32_t ni;
1418 unsigned long long t;
1419 char *mac;
1420 char *buf;
1421 _libssh2_os400qc3_crypto_ctx hctx;
1422
1423 *dk = NULL;
1424 t = ((unsigned long long) pkcs5->dklen + pkcs5->hashlen - 1) /
1425 pkcs5->hashlen;
1426 if (t > 0xFFFFFFFF)
1427 return -1;
1428 mac = alloca(pkcs5->hashlen);
1429 if (!mac)
1430 return -1;
1431
1432 /* Allocate the derived key buffer. */
1433 l = t;
1434 if (!(buf = LIBSSH2_ALLOC(session, l * pkcs5->hashlen)))
1435 return -1;
1436 *dk = buf;
1437
1438 /* Create an HMAC context for our computations. */
1439 libssh2_os400qc3_hmac_init(&hctx, pkcs5->hash, pkcs5->hashlen,
1440 (void *) passphrase, strlen(passphrase));
1441
1442 /* Process each hLen-size blocks. */
1443 for (i = 1; i <= l; i++) {
1444 ni = htonl(i);
1445 libssh2_os400qc3_hmac_update(&hctx, pkcs5->salt, pkcs5->saltlen);
1446 libssh2_os400qc3_hmac_update(&hctx, (char *) &ni, sizeof ni);
1447 libssh2_os400qc3_hmac_final(&hctx, mac);
1448 memcpy(buf, mac, pkcs5->hashlen);
1449 for (j = 1; j < pkcs5->itercount; j++) {
1450 libssh2_os400qc3_hmac_update(&hctx, mac, pkcs5->hashlen);
1451 libssh2_os400qc3_hmac_final(&hctx, mac);
1452 for (k = 0; k < pkcs5->hashlen; k++)
1453 buf[k] ^= mac[k];
1454 }
1455 buf += pkcs5->hashlen;
1456 }
1457
1458 /* Computation done. Release HMAC context. */
1459 _libssh2_os400qc3_crypto_dtor(&hctx);
1460 return 0;
1461 }
1462
1463 static int
parse_pkcs5_algorithm(LIBSSH2_SESSION * session,pkcs5params * pkcs5,asn1Element * algid,pkcs5algo ** algotable)1464 parse_pkcs5_algorithm(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1465 asn1Element *algid, pkcs5algo **algotable)
1466 {
1467 asn1Element oid;
1468 asn1Element param;
1469 char *cp;
1470
1471 cp = getASN1Element(&oid, algid->beg, algid->end);
1472 if (!cp || *oid.header != ASN1_OBJ_ID)
1473 return -1;
1474 param.header = NULL;
1475 if (cp < algid->end)
1476 cp = getASN1Element(¶m, cp, algid->end);
1477 if (cp != algid->end)
1478 return -1;
1479 for (; *algotable; algotable++)
1480 if (!oidcmp(&oid, (*algotable)->oid))
1481 return (*(*algotable)->parse)(session, pkcs5, *algotable,
1482 param.header? ¶m: NULL);
1483 return -1;
1484 }
1485
1486 static int
parse_pbes2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1487 parse_pbes2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1488 pkcs5algo *algo, asn1Element *param)
1489 {
1490 asn1Element keyDerivationFunc;
1491 asn1Element encryptionScheme;
1492 char *cp;
1493
1494 if (!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1495 return -1;
1496 cp = getASN1Element(&keyDerivationFunc, param->beg, param->end);
1497 if (!cp || *keyDerivationFunc.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1498 return -1;
1499 if (getASN1Element(&encryptionScheme, cp, param->end) != param->end ||
1500 *encryptionScheme.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1501 return -1;
1502 if (parse_pkcs5_algorithm(session, pkcs5, &encryptionScheme, pbes2enctable))
1503 return -1;
1504 if (parse_pkcs5_algorithm(session, pkcs5, &keyDerivationFunc, pbkdf2table))
1505 return -1;
1506 return 0;
1507 }
1508
1509 static int
parse_pbkdf2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1510 parse_pbkdf2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1511 pkcs5algo *algo, asn1Element *param)
1512 {
1513 asn1Element salt;
1514 asn1Element iterationCount;
1515 asn1Element keyLength;
1516 asn1Element prf;
1517 unsigned long itercount;
1518 char *cp;
1519
1520 if (!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1521 return -1;
1522 cp = getASN1Element(&salt, param->beg, param->end);
1523 /* otherSource not supported. */
1524 if (!cp || *salt.header != ASN1_OCTET_STRING)
1525 return -1;
1526 cp = getASN1Element(&iterationCount, cp, param->end);
1527 if (!cp || *iterationCount.header != ASN1_INTEGER)
1528 return -1;
1529 keyLength.header = prf.header = NULL;
1530 if (cp < param->end) {
1531 cp = getASN1Element(&prf, cp, param->end);
1532 if (!cp)
1533 return -1;
1534 if (*prf.header == ASN1_INTEGER) {
1535 keyLength = prf;
1536 prf.header = NULL;
1537 if (cp < param->end)
1538 cp = getASN1Element(&prf, cp, param->end);
1539 }
1540 if (cp != param->end)
1541 return -1;
1542 }
1543 pkcs5->hash = algo->hash;
1544 pkcs5->hashlen = algo->hashlen;
1545 if (prf.header) {
1546 if (*prf.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1547 return -1;
1548 if (parse_pkcs5_algorithm(session, pkcs5, &prf, kdf2prftable))
1549 return -1;
1550 }
1551 pkcs5->saltlen = salt.end - salt.beg;
1552 pkcs5->salt = salt.beg;
1553 if (asn1getword(&iterationCount, &itercount) ||
1554 !itercount || itercount > 100000)
1555 return -1;
1556 pkcs5->itercount = itercount;
1557 pkcs5->kdf = pbkdf2;
1558 return 0;
1559 }
1560
1561 static int
parse_hmacWithSHA1(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1562 parse_hmacWithSHA1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1563 pkcs5algo *algo, asn1Element *param)
1564 {
1565 if (!param || *param->header != ASN1_NULL)
1566 return -1;
1567 pkcs5->hash = algo->hash;
1568 pkcs5->hashlen = algo->hashlen;
1569 return 0;
1570 }
1571
1572 static int
parse_iv(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1573 parse_iv(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1574 pkcs5algo *algo, asn1Element *param)
1575 {
1576 if (!param || *param->header != ASN1_OCTET_STRING ||
1577 param->end - param->beg != algo->ivlen)
1578 return -1;
1579 pkcs5->cipher = algo->cipher;
1580 pkcs5->blocksize = algo->blocksize;
1581 pkcs5->mode = algo->mode;
1582 pkcs5->padopt = algo->padopt;
1583 pkcs5->padchar = algo->padchar;
1584 pkcs5->dklen = algo->keylen;
1585 pkcs5->ivlen = algo->ivlen;
1586 pkcs5->iv = param->beg;
1587 return 0;
1588 }
1589
1590 static int
parse_rc2(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1591 parse_rc2(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1592 pkcs5algo *algo, asn1Element *param)
1593 {
1594 asn1Element iv;
1595 unsigned long effkeysize;
1596 char *cp;
1597
1598 if (!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1599 return -1;
1600 cp = getASN1Element(&iv, param->beg, param->end);
1601 if (!cp)
1602 return -1;
1603 effkeysize = algo->effkeysize;
1604 if (*iv.header == ASN1_INTEGER) {
1605 if (asn1getword(&iv, &effkeysize) || effkeysize > 1024)
1606 return -1;
1607
1608 cp = getASN1Element(&iv, cp, param->end);
1609 if (effkeysize < 256)
1610 switch (effkeysize) {
1611 case 160:
1612 effkeysize = 40;
1613 case 120:
1614 effkeysize = 64;
1615 case 58:
1616 effkeysize = 128;
1617 break;
1618 default:
1619 return -1;
1620 }
1621 }
1622 if (effkeysize > 1024 || cp != param->end ||
1623 *iv.header != ASN1_OCTET_STRING || iv.end - iv.beg != algo->ivlen)
1624 return -1;
1625 pkcs5->cipher = algo->cipher;
1626 pkcs5->blocksize = algo->blocksize;
1627 pkcs5->mode = algo->mode;
1628 pkcs5->padopt = algo->padopt;
1629 pkcs5->padchar = algo->padchar;
1630 pkcs5->ivlen = algo->ivlen;
1631 pkcs5->iv = iv.beg;
1632 pkcs5->effkeysize = effkeysize;
1633 pkcs5->dklen = (effkeysize + 8 - 1) / 8;
1634 return 0;
1635 }
1636
1637 static int
parse_pbes1(LIBSSH2_SESSION * session,pkcs5params * pkcs5,pkcs5algo * algo,asn1Element * param)1638 parse_pbes1(LIBSSH2_SESSION *session, pkcs5params *pkcs5,
1639 pkcs5algo *algo, asn1Element *param)
1640 {
1641 asn1Element salt;
1642 asn1Element iterationCount;
1643 unsigned long itercount;
1644 char *cp;
1645
1646 if (!param || *param->header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1647 return -1;
1648
1649 cp = getASN1Element(&salt, param->beg, param->end);
1650 if (!cp || *salt.header != ASN1_OCTET_STRING ||
1651 salt.end - salt.beg != algo->saltlen)
1652 return -1;
1653 if (getASN1Element(&iterationCount, cp, param->end) != param->end ||
1654 *iterationCount.header != ASN1_INTEGER)
1655 return -1;
1656 if (asn1getword(&iterationCount, &itercount) ||
1657 !itercount || itercount > 100000)
1658 return -1;
1659 pkcs5->cipher = algo->cipher;
1660 pkcs5->blocksize = algo->blocksize;
1661 pkcs5->mode = algo->mode;
1662 pkcs5->padopt = algo->padopt;
1663 pkcs5->padchar = algo->padchar;
1664 pkcs5->hash = algo->hash;
1665 pkcs5->hashlen = algo->hashlen;
1666 pkcs5->dklen = 16;
1667 pkcs5->saltlen = algo->saltlen;
1668 pkcs5->effkeysize = algo->effkeysize;
1669 pkcs5->salt = salt.beg;
1670 pkcs5->kdf = pbkdf1;
1671 pkcs5->itercount = itercount;
1672 return 0;
1673 }
1674
1675 static int
pkcs8kek(LIBSSH2_SESSION * session,_libssh2_os400qc3_crypto_ctx ** ctx,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,asn1Element * privkeyinfo)1676 pkcs8kek(LIBSSH2_SESSION *session, _libssh2_os400qc3_crypto_ctx **ctx,
1677 const unsigned char *data, unsigned int datalen,
1678 const unsigned char *passphrase, asn1Element *privkeyinfo)
1679 {
1680 asn1Element encprivkeyinfo;
1681 asn1Element pkcs5alg;
1682 pkcs5params pkcs5;
1683 size_t pplen;
1684 char *cp;
1685 unsigned long t;
1686 int i;
1687 char *dk = NULL;
1688 Qc3_Format_ALGD0200_T algd;
1689 Qus_EC_t errcode;
1690
1691 /* Determine if the PKCS#8 data is encrypted and, if so, set-up a
1692 key encryption key and algorithm in context.
1693 Return 1 if encrypted, 0, if not, -1 if error. */
1694
1695 *ctx = NULL;
1696 privkeyinfo->beg = (char *) data;
1697 privkeyinfo->end = privkeyinfo->beg + datalen;
1698
1699 /* If no passphrase is given, it cannot be an encrypted key. */
1700 if (!passphrase || !*passphrase)
1701 return 0;
1702
1703 /* Parse PKCS#8 data, checking if ASN.1 format is PrivateKeyInfo or
1704 EncryptedPrivateKeyInfo. */
1705 if (getASN1Element(&encprivkeyinfo, privkeyinfo->beg, privkeyinfo->end) !=
1706 (char *) data + datalen ||
1707 *encprivkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1708 return -1;
1709 cp = getASN1Element(&pkcs5alg, encprivkeyinfo.beg, encprivkeyinfo.end);
1710 if (!cp)
1711 return -1;
1712
1713 switch (*pkcs5alg.header) {
1714 case ASN1_INTEGER: /* Version. */
1715 return 0; /* This is a PrivateKeyInfo --> not encrypted. */
1716 case ASN1_SEQ | ASN1_CONSTRUCTED: /* AlgorithIdentifier. */
1717 break; /* This is an EncryptedPrivateKeyInfo --> encrypted. */
1718 default:
1719 return -1; /* Unrecognized: error. */
1720 }
1721
1722 /* Get the encrypted key data. */
1723 if (getASN1Element(privkeyinfo, cp, encprivkeyinfo.end) !=
1724 encprivkeyinfo.end || *privkeyinfo->header != ASN1_OCTET_STRING)
1725 return -1;
1726
1727 /* PKCS#5: parse the PBES AlgorithmIdentifier and recursively get all
1728 encryption parameters. */
1729 memset((char *) &pkcs5, 0, sizeof pkcs5);
1730 if (parse_pkcs5_algorithm(session, &pkcs5, &pkcs5alg, pbestable))
1731 return -1;
1732
1733 /* Compute the derived key. */
1734 if ((*pkcs5.kdf)(session, &dk, passphrase, &pkcs5))
1735 return -1;
1736
1737 /* Prepare the algorithm descriptor. */
1738 memset((char *) &algd, 0, sizeof algd);
1739 algd.Block_Cipher_Alg = pkcs5.cipher;
1740 algd.Block_Length = pkcs5.blocksize;
1741 algd.Mode = pkcs5.mode;
1742 algd.Pad_Option = pkcs5.padopt;
1743 algd.Pad_Character = pkcs5.padchar;
1744 algd.Effective_Key_Size = pkcs5.effkeysize;
1745 memcpy(algd.Init_Vector, pkcs5.iv, pkcs5.ivlen);
1746
1747 /* Create the key and algorithm context tokens. */
1748 *ctx = libssh2_init_crypto_ctx(NULL);
1749 if (!*ctx) {
1750 LIBSSH2_FREE(session, dk);
1751 return -1;
1752 }
1753 libssh2_init_crypto_ctx(*ctx);
1754 set_EC_length(errcode, sizeof errcode);
1755 Qc3CreateKeyContext(dk, &pkcs5.dklen, binstring, &algd.Block_Cipher_Alg,
1756 qc3clear, NULL, NULL, (*ctx)->key.Key_Context_Token,
1757 (char *) &errcode);
1758 LIBSSH2_FREE(session, dk);
1759 if (errcode.Bytes_Available) {
1760 free((char *) *ctx);
1761 *ctx = NULL;
1762 return -1;
1763 }
1764
1765 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Block_Cipher,
1766 (*ctx)->hash.Alg_Context_Token, &errcode);
1767 if (errcode.Bytes_Available) {
1768 Qc3DestroyKeyContext((*ctx)->key.Key_Context_Token, (char *) &ecnull);
1769 free((char *) *ctx);
1770 *ctx = NULL;
1771 return -1;
1772 }
1773 return 1; /* Tell it's encrypted. */
1774 }
1775
1776 static int
rsapkcs8privkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1777 rsapkcs8privkey(LIBSSH2_SESSION *session,
1778 const unsigned char *data, unsigned int datalen,
1779 const unsigned char *passphrase, void *loadkeydata)
1780 {
1781 libssh2_rsa_ctx *ctx = (libssh2_rsa_ctx *) loadkeydata;
1782 char keyform = Qc3_Clear;
1783 char *kek = NULL;
1784 char *kea = NULL;
1785 _libssh2_os400qc3_crypto_ctx *kekctx;
1786 asn1Element pki;
1787 int pkilen;
1788 Qus_EC_t errcode;
1789
1790 switch (pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) {
1791 case 1:
1792 keyform = Qc3_Encrypted;
1793 kek = kekctx->key.Key_Context_Token;
1794 kea = kekctx->hash.Alg_Context_Token;
1795 case 0:
1796 break;
1797 default:
1798 return -1;
1799 }
1800
1801 set_EC_length(errcode, sizeof errcode);
1802 pkilen = pki.end - pki.beg;
1803 Qc3CreateKeyContext((unsigned char *) pki.beg, &pkilen, berstring,
1804 rsaprivate, &keyform, kek, kea,
1805 ctx->key.Key_Context_Token, (char *) &errcode);
1806 if (errcode.Bytes_Available) {
1807 if (kekctx)
1808 _libssh2_os400qc3_crypto_dtor(kekctx);
1809 return -1;
1810 }
1811 ctx->kek = kekctx;
1812 return 0;
1813 }
1814
1815 static char *
storewithlength(char * p,const char * data,int length)1816 storewithlength(char *p, const char *data, int length)
1817 {
1818 _libssh2_htonu32(p, length);
1819 if (length)
1820 memcpy(p + 4, data, length);
1821 return p + 4 + length;
1822 }
1823
1824 static int
sshrsapubkey(LIBSSH2_SESSION * session,char ** sshpubkey,asn1Element * params,asn1Element * key,const char * method)1825 sshrsapubkey(LIBSSH2_SESSION *session, char **sshpubkey,
1826 asn1Element *params, asn1Element *key, const char *method)
1827 {
1828 int methlen = strlen(method);
1829 asn1Element keyseq;
1830 asn1Element m;
1831 asn1Element e;
1832 int len;
1833 char *cp;
1834
1835 if (getASN1Element(&keyseq, key->beg + 1, key->end) != key->end ||
1836 *keyseq.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1837 return -1;
1838 if (!getASN1Element(&m, keyseq.beg, keyseq.end) ||
1839 *m.header != ASN1_INTEGER)
1840 return -1;
1841 if (getASN1Element(&e, m.end, keyseq.end) != keyseq.end ||
1842 *e.header != ASN1_INTEGER)
1843 return -1;
1844 len = 4 + methlen + 4 + (e.end - e.beg) + 4 + (m.end - m.beg);
1845 cp = LIBSSH2_ALLOC(session, len);
1846 if (!cp)
1847 return -1;
1848 *sshpubkey = cp;
1849 cp = storewithlength(cp, method, methlen);
1850 cp = storewithlength(cp, e.beg, e.end - e.beg);
1851 cp = storewithlength(cp, m.beg, m.end - m.beg);
1852 return len;
1853 }
1854
1855 static int
rsapkcs8pubkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1856 rsapkcs8pubkey(LIBSSH2_SESSION *session,
1857 const unsigned char *data, unsigned int datalen,
1858 const unsigned char *passphrase, void *loadkeydata)
1859 {
1860 loadpubkeydata *p = (loadpubkeydata *) loadkeydata;
1861 char *buf;
1862 int len;
1863 char *cp;
1864 int i;
1865 char keyform = Qc3_Clear;
1866 char *kek = NULL;
1867 char *kea = NULL;
1868 _libssh2_os400qc3_crypto_ctx *kekctx;
1869 asn1Element subjpubkeyinfo;
1870 asn1Element algorithmid;
1871 asn1Element algorithm;
1872 asn1Element subjpubkey;
1873 asn1Element parameters;
1874 asn1Element pki;
1875 int pkilen;
1876 Qus_EC_t errcode;
1877
1878 if (!(buf = alloca(datalen)))
1879 return -1;
1880
1881 switch (pkcs8kek(session, &kekctx, data, datalen, passphrase, &pki)) {
1882 case 1:
1883 keyform = Qc3_Encrypted;
1884 kek = kekctx->key.Key_Context_Token;
1885 kea = kekctx->hash.Alg_Context_Token;
1886 case 0:
1887 break;
1888 default:
1889 return -1;
1890 }
1891
1892 set_EC_length(errcode, sizeof errcode);
1893 pkilen = pki.end - pki.beg;
1894 Qc3ExtractPublicKey(pki.beg, &pkilen, berstring, &keyform,
1895 kek, kea, buf, (int *) &datalen, &len, &errcode);
1896 _libssh2_os400qc3_crypto_dtor(kekctx);
1897 if (errcode.Bytes_Available)
1898 return -1;
1899 /* Get the algorithm OID and key data from SubjectPublicKeyInfo. */
1900 if (getASN1Element(&subjpubkeyinfo, buf, buf + len) != buf + len ||
1901 *subjpubkeyinfo.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1902 return -1;
1903 cp = getASN1Element(&algorithmid, subjpubkeyinfo.beg, subjpubkeyinfo.end);
1904 if (!cp || *algorithmid.header != (ASN1_SEQ | ASN1_CONSTRUCTED))
1905 return -1;
1906 if (!getASN1Element(&algorithm, algorithmid.beg, algorithmid.end) ||
1907 *algorithm.header != ASN1_OBJ_ID)
1908 return -1;
1909 if (getASN1Element(&subjpubkey, cp, subjpubkeyinfo.end) !=
1910 subjpubkeyinfo.end || *subjpubkey.header != ASN1_BIT_STRING)
1911 return -1;
1912 /* Check for supported algorithm. */
1913 for (i = 0; pka[i].oid; i++)
1914 if (!oidcmp(&algorithm, pka[i].oid)) {
1915 len = (*pka[i].sshpubkey)(session, &p->data, &algorithmid,
1916 &subjpubkey, pka[i].method);
1917 if (len < 0)
1918 return -1;
1919 p->length = len;
1920 p->method = pka[i].method;
1921 return 0;
1922 }
1923 return -1; /* Algorithm not supported. */
1924 }
1925
1926 static int
pkcs1topkcs8(LIBSSH2_SESSION * session,const unsigned char ** data8,unsigned int * datalen8,const unsigned char * data1,unsigned int datalen1)1927 pkcs1topkcs8(LIBSSH2_SESSION *session,
1928 const unsigned char **data8, unsigned int *datalen8,
1929 const unsigned char *data1, unsigned int datalen1)
1930 {
1931 asn1Element *prvk;
1932 asn1Element *pkcs8;
1933 unsigned char *data;
1934
1935 *data8 = NULL;
1936 *datalen8 = 0;
1937 if (datalen1 < 2)
1938 return -1;
1939 prvk = asn1_new_from_bytes(data1, datalen1);
1940 if (!prvk)
1941 return -1;
1942 pkcs8 = rsaprivatekeyinfo(prvk);
1943 asn1delete(prvk);
1944 if (!prvk) {
1945 asn1delete(pkcs8);
1946 pkcs8 = NULL;
1947 }
1948 if (!pkcs8)
1949 return -1;
1950 data = (unsigned char *) LIBSSH2_ALLOC(session, pkcs8->end - pkcs8->header);
1951 if (!data) {
1952 asn1delete(pkcs8);
1953 return -1;
1954 }
1955 *data8 = data;
1956 *datalen8 = pkcs8->end - pkcs8->header;
1957 memcpy((char *) data, (char *) pkcs8->header, *datalen8);
1958 asn1delete(pkcs8);
1959 return 0;
1960 }
1961
1962 static int
rsapkcs1privkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1963 rsapkcs1privkey(LIBSSH2_SESSION *session,
1964 const unsigned char *data, unsigned int datalen,
1965 const unsigned char *passphrase, void *loadkeydata)
1966 {
1967 const unsigned char *data8;
1968 unsigned int datalen8;
1969 int ret;
1970
1971 if (pkcs1topkcs8(session, &data8, &datalen8, data, datalen))
1972 return -1;
1973 ret = rsapkcs8privkey(session, data8, datalen8, passphrase, loadkeydata);
1974 LIBSSH2_FREE(session, (char *) data8);
1975 return ret;
1976 }
1977
1978 static int
rsapkcs1pubkey(LIBSSH2_SESSION * session,const unsigned char * data,unsigned int datalen,const unsigned char * passphrase,void * loadkeydata)1979 rsapkcs1pubkey(LIBSSH2_SESSION *session,
1980 const unsigned char *data, unsigned int datalen,
1981 const unsigned char *passphrase, void *loadkeydata)
1982 {
1983 const unsigned char *data8;
1984 unsigned int datalen8;
1985 int ret;
1986
1987 if (pkcs1topkcs8(session, &data8, &datalen8, data, datalen))
1988 return -1;
1989 ret = rsapkcs8pubkey(session, data8, datalen8, passphrase, loadkeydata);
1990 LIBSSH2_FREE(session, (char *) data8);
1991 return ret;
1992 }
1993
1994 static int
try_pem_load(LIBSSH2_SESSION * session,FILE * fp,const unsigned char * passphrase,const char * header,const char * trailer,loadkeyproc proc,void * loadkeydata)1995 try_pem_load(LIBSSH2_SESSION *session, FILE *fp,
1996 const unsigned char *passphrase,
1997 const char *header, const char *trailer,
1998 loadkeyproc proc, void *loadkeydata)
1999 {
2000 unsigned char *data = NULL;
2001 unsigned int datalen = 0;
2002 int c;
2003 int ret;
2004
2005 fseek(fp, 0L, SEEK_SET);
2006 for (;;) {
2007 ret = _libssh2_pem_parse(session, header, trailer,
2008 passphrase,
2009 fp, &data, &datalen);
2010
2011 if (!ret) {
2012 ret = (*proc)(session, data, datalen, passphrase, loadkeydata);
2013 if (!ret)
2014 return 0;
2015 }
2016
2017 if (data) {
2018 LIBSSH2_FREE(session, data);
2019 data = NULL;
2020 }
2021 c = getc(fp);
2022
2023 if (c == EOF)
2024 break;
2025
2026 ungetc(c, fp);
2027 }
2028
2029 return -1;
2030 }
2031
2032 static int
load_rsa_private_file(LIBSSH2_SESSION * session,const char * filename,unsigned const char * passphrase,loadkeyproc proc1,loadkeyproc proc8,void * loadkeydata)2033 load_rsa_private_file(LIBSSH2_SESSION *session, const char *filename,
2034 unsigned const char *passphrase,
2035 loadkeyproc proc1, loadkeyproc proc8, void *loadkeydata)
2036 {
2037 FILE *fp = fopen(filename, fopenrmode);
2038 unsigned char *data = NULL;
2039 size_t datalen = 0;
2040 int ret;
2041 long filesize;
2042
2043 if (!fp)
2044 return -1;
2045
2046 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2047 --> PKCS#8 EncryptedPrivateKeyInfo */
2048 ret = try_pem_load(session, fp, passphrase, beginencprivkeyhdr,
2049 endencprivkeyhdr, proc8, loadkeydata);
2050
2051 /* Try with "PRIVATE KEY" PEM armor.
2052 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2053 if (ret)
2054 ret = try_pem_load(session, fp, passphrase, beginprivkeyhdr,
2055 endprivkeyhdr, proc8, loadkeydata);
2056
2057 /* Try with "RSA PRIVATE KEY" PEM armor.
2058 --> PKCS#1 RSAPrivateKey */
2059 if (ret)
2060 ret = try_pem_load(session, fp, passphrase, beginrsaprivkeyhdr,
2061 endrsaprivkeyhdr, proc1, loadkeydata);
2062 fclose(fp);
2063
2064 if (ret) {
2065 /* Try DER encoding. */
2066 fp = fopen(filename, fopenrbmode);
2067 fseek(fp, 0L, SEEK_END);
2068 filesize = ftell(fp);
2069
2070 if (filesize <= 32768) { /* Limit to a reasonable size. */
2071 datalen = filesize;
2072 data = (unsigned char *) alloca(datalen);
2073 if (data) {
2074 fseek(fp, 0L, SEEK_SET);
2075 fread(data, datalen, 1, fp);
2076
2077 /* Try as PKCS#8 DER data.
2078 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2079 ret = (*proc8)(session, data, datalen, passphrase,
2080 loadkeydata);
2081
2082 /* Try as PKCS#1 DER data.
2083 --> PKCS#1 RSAPrivateKey */
2084 if (ret)
2085 ret = (*proc1)(session, data, datalen, passphrase,
2086 loadkeydata);
2087 }
2088 }
2089 fclose(fp);
2090 }
2091
2092 return ret;
2093 }
2094
2095 int
_libssh2_rsa_new_private(libssh2_rsa_ctx ** rsa,LIBSSH2_SESSION * session,const char * filename,unsigned const char * passphrase)2096 _libssh2_rsa_new_private(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session,
2097 const char *filename, unsigned const char *passphrase)
2098 {
2099 libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL);
2100 int ret;
2101 Qc3_Format_ALGD0400_T algd;
2102 Qus_EC_t errcode;
2103
2104 if (!ctx)
2105 return -1;
2106 ret = load_rsa_private_file(session, filename, passphrase,
2107 rsapkcs1privkey, rsapkcs8privkey, (void *) ctx);
2108 if (!ret) {
2109 /* Create the algorithm context. */
2110 algd.Public_Key_Alg = Qc3_RSA;
2111 algd.PKA_Block_Format = Qc3_PKCS1_01;
2112 memset(algd.Reserved, 0, sizeof algd.Reserved);
2113 algd.Signing_Hash_Alg = Qc3_SHA1;
2114 set_EC_length(errcode, sizeof errcode);
2115 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
2116 ctx->hash.Alg_Context_Token, &errcode);
2117 if (errcode.Bytes_Available)
2118 ret = -1;
2119 }
2120 if (ret) {
2121 _libssh2_os400qc3_crypto_dtor(ctx);
2122 ctx = NULL;
2123 }
2124 *rsa = ctx;
2125 return ret;
2126 }
2127
2128 int
_libssh2_pub_priv_keyfile(LIBSSH2_SESSION * session,unsigned char ** method,size_t * method_len,unsigned char ** pubkeydata,size_t * pubkeydata_len,const char * privatekey,const char * passphrase)2129 _libssh2_pub_priv_keyfile(LIBSSH2_SESSION *session,
2130 unsigned char **method, size_t *method_len,
2131 unsigned char **pubkeydata, size_t *pubkeydata_len,
2132 const char *privatekey, const char *passphrase)
2133
2134 {
2135 loadpubkeydata p;
2136 int ret;
2137
2138 *method = NULL;
2139 *method_len = 0;
2140 *pubkeydata = NULL;
2141 *pubkeydata_len = 0;
2142
2143 ret = load_rsa_private_file(session, privatekey, passphrase,
2144 rsapkcs1pubkey, rsapkcs8pubkey, (void *) &p);
2145 if (!ret) {
2146 *method_len = strlen(p.method);
2147 if ((*method = LIBSSH2_ALLOC(session, *method_len)))
2148 memcpy((char *) *method, p.method, *method_len);
2149 else
2150 ret = -1;
2151 }
2152
2153 if (ret) {
2154 if (*method)
2155 LIBSSH2_FREE(session, *method);
2156 if (p.data)
2157 LIBSSH2_FREE(session, (void *) p.data);
2158 *method = NULL;
2159 *method_len = 0;
2160 } else {
2161 *pubkeydata = (unsigned char *) p.data;
2162 *pubkeydata_len = p.length;
2163 }
2164
2165 return ret;
2166 }
2167
2168 int
_libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx ** rsa,LIBSSH2_SESSION * session,const char * filedata,size_t filedata_len,unsigned const char * passphrase)2169 _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa,
2170 LIBSSH2_SESSION *session,
2171 const char *filedata,
2172 size_t filedata_len,
2173 unsigned const char *passphrase)
2174 {
2175 libssh2_rsa_ctx *ctx = libssh2_init_crypto_ctx(NULL);
2176 unsigned char *data = NULL;
2177 unsigned int datalen = 0;
2178 int ret;
2179 Qc3_Format_ALGD0400_T algd;
2180 Qus_EC_t errcode;
2181
2182 if (!ctx)
2183 return -1;
2184
2185 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2186 --> PKCS#8 EncryptedPrivateKeyInfo */
2187 ret = _libssh2_pem_parse_memory(session,
2188 beginencprivkeyhdr, endencprivkeyhdr,
2189 filedata, filedata_len, &data, &datalen);
2190
2191 /* Try with "PRIVATE KEY" PEM armor.
2192 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2193 if (ret)
2194 ret = _libssh2_pem_parse_memory(session,
2195 beginprivkeyhdr, endprivkeyhdr,
2196 filedata, filedata_len,
2197 &data, &datalen);
2198
2199 if (!ret) {
2200 /* Process PKCS#8. */
2201 ret = rsapkcs8privkey(session,
2202 data, datalen, passphrase, (void *) &ctx);
2203 } else {
2204 /* Try with "RSA PRIVATE KEY" PEM armor.
2205 --> PKCS#1 RSAPrivateKey */
2206 ret = _libssh2_pem_parse_memory(session,
2207 beginrsaprivkeyhdr, endrsaprivkeyhdr,
2208 filedata, filedata_len,
2209 &data, &datalen);
2210 if (!ret)
2211 ret = rsapkcs1privkey(session,
2212 data, datalen, passphrase, (void *) &ctx);
2213 }
2214
2215 if (ret) {
2216 /* Try as PKCS#8 DER data.
2217 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2218 ret = rsapkcs8privkey(session, filedata, filedata_len,
2219 passphrase, (void *) &ctx);
2220
2221 /* Try as PKCS#1 DER data.
2222 --> PKCS#1 RSAPrivateKey */
2223 if (ret)
2224 ret = rsapkcs1privkey(session, filedata, filedata_len,
2225 passphrase, (void *) &ctx);
2226 }
2227
2228 if (data)
2229 LIBSSH2_FREE(session, data);
2230
2231 if (!ret) {
2232 /* Create the algorithm context. */
2233 algd.Public_Key_Alg = Qc3_RSA;
2234 algd.PKA_Block_Format = Qc3_PKCS1_01;
2235 memset(algd.Reserved, 0, sizeof algd.Reserved);
2236 algd.Signing_Hash_Alg = Qc3_SHA1;
2237 set_EC_length(errcode, sizeof errcode);
2238 Qc3CreateAlgorithmContext((char *) &algd, Qc3_Alg_Public_Key,
2239 ctx->hash.Alg_Context_Token, &errcode);
2240 if (errcode.Bytes_Available)
2241 ret = -1;
2242 }
2243
2244 if (ret) {
2245 _libssh2_os400qc3_crypto_dtor(ctx);
2246 ctx = NULL;
2247 }
2248
2249 *rsa = ctx;
2250 return ret;
2251 }
2252
2253 int
_libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION * session,unsigned char ** method,size_t * method_len,unsigned char ** pubkeydata,size_t * pubkeydata_len,const char * privatekeydata,size_t privatekeydata_len,const char * passphrase)2254 _libssh2_pub_priv_keyfilememory(LIBSSH2_SESSION *session,
2255 unsigned char **method, size_t *method_len,
2256 unsigned char **pubkeydata,
2257 size_t *pubkeydata_len,
2258 const char *privatekeydata,
2259 size_t privatekeydata_len,
2260 const char *passphrase)
2261 {
2262 loadpubkeydata p;
2263 unsigned char *data = NULL;
2264 unsigned int datalen = 0;
2265 const char *meth;
2266 int ret;
2267
2268 *method = NULL;
2269 *method_len = 0;
2270 *pubkeydata = NULL;
2271 *pubkeydata_len = 0;
2272
2273 /* Try with "ENCRYPTED PRIVATE KEY" PEM armor.
2274 --> PKCS#8 EncryptedPrivateKeyInfo */
2275 ret = _libssh2_pem_parse_memory(session,
2276 beginencprivkeyhdr, endencprivkeyhdr,
2277 privatekeydata, privatekeydata_len,
2278 &data, &datalen);
2279
2280 /* Try with "PRIVATE KEY" PEM armor.
2281 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2282 if (ret)
2283 ret = _libssh2_pem_parse_memory(session,
2284 beginprivkeyhdr, endprivkeyhdr,
2285 privatekeydata, privatekeydata_len,
2286 &data, &datalen);
2287
2288 if (!ret) {
2289 /* Process PKCS#8. */
2290 ret = rsapkcs8pubkey(session,
2291 data, datalen, passphrase, (void *) &p);
2292 } else {
2293 /* Try with "RSA PRIVATE KEY" PEM armor.
2294 --> PKCS#1 RSAPrivateKey */
2295 ret = _libssh2_pem_parse_memory(session,
2296 beginrsaprivkeyhdr, endrsaprivkeyhdr,
2297 privatekeydata, privatekeydata_len,
2298 &data, &datalen);
2299 if (!ret)
2300 ret = rsapkcs1pubkey(session,
2301 data, datalen, passphrase, (void *) &p);
2302 }
2303
2304 if (ret) {
2305 /* Try as PKCS#8 DER data.
2306 --> PKCS#8 PrivateKeyInfo or EncryptedPrivateKeyInfo */
2307 ret = rsapkcs8pubkey(session, privatekeydata, privatekeydata_len,
2308 passphrase, (void *) &p);
2309
2310 /* Try as PKCS#1 DER data.
2311 --> PKCS#1 RSAPrivateKey */
2312 if (ret)
2313 ret = rsapkcs1pubkey(session, privatekeydata, privatekeydata_len,
2314 passphrase, (void *) &p);
2315 }
2316
2317 if (data)
2318 LIBSSH2_FREE(session, data);
2319
2320 if (!ret) {
2321 *method_len = strlen(p.method);
2322 if ((*method = LIBSSH2_ALLOC(session, *method_len)))
2323 memcpy((char *) *method, p.method, *method_len);
2324 else
2325 ret = -1;
2326 }
2327 if (ret) {
2328 if (*method)
2329 LIBSSH2_FREE(session, *method);
2330 if (p.data)
2331 LIBSSH2_FREE(session, (void *) p.data);
2332 *method = NULL;
2333 *method_len = 0;
2334 } else {
2335 *pubkeydata = (unsigned char *) p.data;
2336 *pubkeydata_len = p.length;
2337 }
2338
2339 return ret;
2340 }
2341
2342 int
_libssh2_rsa_sha1_verify(libssh2_rsa_ctx * rsa,const unsigned char * sig,unsigned long sig_len,const unsigned char * m,unsigned long m_len)2343 _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa,
2344 const unsigned char *sig, unsigned long sig_len,
2345 const unsigned char *m, unsigned long m_len)
2346 {
2347 Qus_EC_t errcode;
2348 int slen = sig_len;
2349 int mlen = m_len;
2350
2351 set_EC_length(errcode, sizeof errcode);
2352 Qc3VerifySignature((char *) sig, &slen, (char *) m, &mlen, Qc3_Data,
2353 rsa->hash.Alg_Context_Token, Qc3_Alg_Token,
2354 rsa->key.Key_Context_Token, Qc3_Key_Token, anycsp,
2355 NULL, (char *) &errcode);
2356 return errcode.Bytes_Available? -1: 0;
2357 }
2358
2359 int
_libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION * session,unsigned char ** signature,size_t * signature_len,int veccount,const struct iovec vector[],libssh2_rsa_ctx * ctx)2360 _libssh2_os400qc3_rsa_sha1_signv(LIBSSH2_SESSION *session,
2361 unsigned char **signature,
2362 size_t *signature_len,
2363 int veccount,
2364 const struct iovec vector[],
2365 libssh2_rsa_ctx *ctx)
2366 {
2367 Qus_EC_t errcode;
2368 int siglen;
2369 unsigned char *sig;
2370 char sigbuf[8192];
2371 int sigbufsize = sizeof sigbuf;
2372
2373 ctx->hash.Final_Op_Flag = Qc3_Final;
2374 set_EC_length(errcode, sizeof errcode);
2375 Qc3CalculateSignature((char *) vector, &veccount, Qc3_Array,
2376 (char *) &ctx->hash, Qc3_Alg_Token,
2377 (char *) &ctx->key, Qc3_Key_Token,
2378 anycsp, NULL, sigbuf, &sigbufsize, &siglen,
2379 (char *) &errcode);
2380 ctx->hash.Final_Op_Flag = Qc3_Continue;
2381 if (errcode.Bytes_Available)
2382 return -1;
2383 sig = LIBSSH2_ALLOC(session, siglen);
2384 if (!sig)
2385 return -1;
2386 memcpy((char *) sig, sigbuf, siglen);
2387 *signature = sig;
2388 *signature_len = siglen;
2389 return 0;
2390 }
2391
2392 void
_libssh2_init_aes_ctr(void)2393 _libssh2_init_aes_ctr(void)
2394 {
2395 }
2396
2397 #endif /* LIBSSH2_OS400QC3 */
2398
2399 /* vim: set expandtab ts=4 sw=4: */
2400