1 /* Copyright (c) 2016, Art <https://github.com/wildart> 2 * All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, 5 * with or without modification, are permitted provided 6 * that the following conditions are met: 7 * 8 * Redistributions of source code must retain the above 9 * copyright notice, this list of conditions and the 10 * following disclaimer. 11 * 12 * Redistributions in binary form must reproduce the above 13 * copyright notice, this list of conditions and the following 14 * disclaimer in the documentation and/or other materials 15 * provided with the distribution. 16 * 17 * Neither the name of the copyright holder nor the names 18 * of any other contributors may be used to endorse or 19 * promote products derived from this software without 20 * specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND 23 * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, 24 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 27 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 29 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 30 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 32 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 33 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 34 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY 35 * OF SUCH DAMAGE. 36 */ 37 38 #include <stdlib.h> 39 #include <string.h> 40 41 #include <mbedtls/platform.h> 42 #include <mbedtls/md.h> 43 #include <mbedtls/rsa.h> 44 #include <mbedtls/bignum.h> 45 #include <mbedtls/cipher.h> 46 #include <mbedtls/entropy.h> 47 #include <mbedtls/ctr_drbg.h> 48 #include <mbedtls/pk.h> 49 #include <mbedtls/error.h> 50 51 /* Define which features are supported. */ 52 #define LIBSSH2_MD5 1 53 54 #define LIBSSH2_HMAC_RIPEMD 1 55 #define LIBSSH2_HMAC_SHA256 1 56 #define LIBSSH2_HMAC_SHA512 1 57 58 #define LIBSSH2_AES 1 59 #define LIBSSH2_AES_CTR 1 60 #define LIBSSH2_BLOWFISH 1 61 #define LIBSSH2_RC4 1 62 #define LIBSSH2_CAST 0 63 #define LIBSSH2_3DES 1 64 65 #define LIBSSH2_RSA 1 66 #define LIBSSH2_DSA 0 67 #define LIBSSH2_ECDSA 0 68 #define LIBSSH2_ED25519 0 69 70 #define MD5_DIGEST_LENGTH 16 71 #define SHA_DIGEST_LENGTH 20 72 #define SHA256_DIGEST_LENGTH 32 73 #define SHA384_DIGEST_LENGTH 48 74 #define SHA512_DIGEST_LENGTH 64 75 76 #define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1) 77 78 #if LIBSSH2_ECDSA 79 #else 80 #define _libssh2_ec_key void 81 #endif 82 83 /*******************************************************************/ 84 /* 85 * mbedTLS backend: Generic functions 86 */ 87 88 #define libssh2_crypto_init() \ 89 _libssh2_mbedtls_init() 90 #define libssh2_crypto_exit() \ 91 _libssh2_mbedtls_free() 92 93 #define _libssh2_random(buf, len) \ 94 _libssh2_mbedtls_random(buf, len) 95 96 #define libssh2_prepare_iovec(vec, len) /* Empty. */ 97 98 99 /*******************************************************************/ 100 /* 101 * mbedTLS backend: HMAC functions 102 */ 103 104 #define libssh2_hmac_ctx mbedtls_md_context_t 105 106 #define libssh2_hmac_ctx_init(ctx) 107 #define libssh2_hmac_cleanup(pctx) \ 108 mbedtls_md_free(pctx) 109 #define libssh2_hmac_update(ctx, data, datalen) \ 110 mbedtls_md_hmac_update(&ctx, (unsigned char *) data, datalen) 111 #define libssh2_hmac_final(ctx, hash) \ 112 mbedtls_md_hmac_finish(&ctx, hash) 113 114 #define libssh2_hmac_sha1_init(pctx, key, keylen) \ 115 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, key, keylen) 116 #define libssh2_hmac_md5_init(pctx, key, keylen) \ 117 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, key, keylen) 118 #define libssh2_hmac_ripemd160_init(pctx, key, keylen) \ 119 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_RIPEMD160, key, keylen) 120 #define libssh2_hmac_sha256_init(pctx, key, keylen) \ 121 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, key, keylen) 122 #define libssh2_hmac_sha384_init(pctx, key, keylen) \ 123 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, key, keylen) 124 #define libssh2_hmac_sha512_init(pctx, key, keylen) \ 125 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, key, keylen) 126 127 128 /*******************************************************************/ 129 /* 130 * mbedTLS backend: SHA1 functions 131 */ 132 133 #define libssh2_sha1_ctx mbedtls_md_context_t 134 135 #define libssh2_sha1_init(pctx) \ 136 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, NULL, 0) 137 #define libssh2_sha1_update(ctx, data, datalen) \ 138 mbedtls_md_update(&ctx, (unsigned char *) data, datalen) 139 #define libssh2_sha1_final(ctx, hash) \ 140 _libssh2_mbedtls_hash_final(&ctx, hash) 141 #define libssh2_sha1(data, datalen, hash) \ 142 _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA1, hash) 143 144 /*******************************************************************/ 145 /* 146 * mbedTLS backend: SHA256 functions 147 */ 148 149 #define libssh2_sha256_ctx mbedtls_md_context_t 150 151 #define libssh2_sha256_init(pctx) \ 152 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA256, NULL, 0) 153 #define libssh2_sha256_update(ctx, data, datalen) \ 154 mbedtls_md_update(&ctx, (unsigned char *) data, datalen) 155 #define libssh2_sha256_final(ctx, hash) \ 156 _libssh2_mbedtls_hash_final(&ctx, hash) 157 #define libssh2_sha256(data, datalen, hash) \ 158 _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA256, hash) 159 160 161 /*******************************************************************/ 162 /* 163 * mbedTLS backend: SHA384 functions 164 */ 165 166 #define libssh2_sha384_ctx mbedtls_md_context_t 167 168 #define libssh2_sha384_init(pctx) \ 169 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA384, NULL, 0) 170 #define libssh2_sha384_update(ctx, data, datalen) \ 171 mbedtls_md_update(&ctx, (unsigned char *) data, datalen) 172 #define libssh2_sha384_final(ctx, hash) \ 173 _libssh2_mbedtls_hash_final(&ctx, hash) 174 #define libssh2_sha384(data, datalen, hash) \ 175 _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA384, hash) 176 177 178 /*******************************************************************/ 179 /* 180 * mbedTLS backend: SHA512 functions 181 */ 182 183 #define libssh2_sha512_ctx mbedtls_md_context_t 184 185 #define libssh2_sha512_init(pctx) \ 186 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA512, NULL, 0) 187 #define libssh2_sha512_update(ctx, data, datalen) \ 188 mbedtls_md_update(&ctx, (unsigned char *) data, datalen) 189 #define libssh2_sha512_final(ctx, hash) \ 190 _libssh2_mbedtls_hash_final(&ctx, hash) 191 #define libssh2_sha512(data, datalen, hash) \ 192 _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_SHA512, hash) 193 194 195 /*******************************************************************/ 196 /* 197 * mbedTLS backend: MD5 functions 198 */ 199 200 #define libssh2_md5_ctx mbedtls_md_context_t 201 202 #define libssh2_md5_init(pctx) \ 203 _libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, NULL, 0) 204 #define libssh2_md5_update(ctx, data, datalen) \ 205 mbedtls_md_update(&ctx, (unsigned char *) data, datalen) 206 #define libssh2_md5_final(ctx, hash) \ 207 _libssh2_mbedtls_hash_final(&ctx, hash) 208 #define libssh2_md5(data, datalen, hash) \ 209 _libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_MD5, hash) 210 211 /*******************************************************************/ 212 /* 213 * mbedTLS backend: RSA structure 214 */ 215 216 #define libssh2_rsa_ctx mbedtls_rsa_context 217 218 #define _libssh2_rsa_new(rsactx, e, e_len, n, n_len, \ 219 d, d_len, p, p_len, q, q_len, \ 220 e1, e1_len, e2, e2_len, c, c_len) \ 221 _libssh2_mbedtls_rsa_new(rsactx, e, e_len, n, n_len, \ 222 d, d_len, p, p_len, q, q_len, \ 223 e1, e1_len, e2, e2_len, c, c_len) 224 225 #define _libssh2_rsa_new_private(rsactx, s, filename, passphrase) \ 226 _libssh2_mbedtls_rsa_new_private(rsactx, s, filename, passphrase) 227 228 #define _libssh2_rsa_new_private_frommemory(rsactx, s, filedata, \ 229 filedata_len, passphrase) \ 230 _libssh2_mbedtls_rsa_new_private_frommemory(rsactx, s, filedata, \ 231 filedata_len, passphrase) 232 233 #define _libssh2_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) \ 234 _libssh2_mbedtls_rsa_sha1_sign(s, rsactx, hash, hash_len, sig, sig_len) 235 236 #define _libssh2_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) \ 237 _libssh2_mbedtls_rsa_sha1_verify(rsactx, sig, sig_len, m, m_len) 238 239 #define _libssh2_rsa_free(rsactx) \ 240 _libssh2_mbedtls_rsa_free(rsactx) 241 242 /* 243 * mbedTLS backend: Key functions 244 */ 245 246 #define _libssh2_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) \ 247 _libssh2_mbedtls_pub_priv_keyfile(s, m, m_len, p, p_len, pk, pw) 248 #define _libssh2_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ 249 pk, pk_len, pw) \ 250 _libssh2_mbedtls_pub_priv_keyfilememory(s, m, m_len, p, p_len, \ 251 pk, pk_len, pw) 252 253 254 /*******************************************************************/ 255 /* 256 * mbedTLS backend: Cipher Context structure 257 */ 258 #define _libssh2_cipher_ctx mbedtls_cipher_context_t 259 260 #define _libssh2_cipher_type(algo) mbedtls_cipher_type_t algo 261 262 #define _libssh2_cipher_aes256ctr MBEDTLS_CIPHER_AES_256_CTR 263 #define _libssh2_cipher_aes192ctr MBEDTLS_CIPHER_AES_192_CTR 264 #define _libssh2_cipher_aes128ctr MBEDTLS_CIPHER_AES_128_CTR 265 #define _libssh2_cipher_aes256 MBEDTLS_CIPHER_AES_256_CBC 266 #define _libssh2_cipher_aes192 MBEDTLS_CIPHER_AES_192_CBC 267 #define _libssh2_cipher_aes128 MBEDTLS_CIPHER_AES_128_CBC 268 #define _libssh2_cipher_blowfish MBEDTLS_CIPHER_BLOWFISH_CBC 269 #define _libssh2_cipher_arcfour MBEDTLS_CIPHER_ARC4_128 270 #define _libssh2_cipher_cast5 MBEDTLS_CIPHER_NULL 271 #define _libssh2_cipher_3des MBEDTLS_CIPHER_DES_EDE3_CBC 272 273 /* 274 * mbedTLS backend: Cipher functions 275 */ 276 277 #define _libssh2_cipher_init(ctx, type, iv, secret, encrypt) \ 278 _libssh2_mbedtls_cipher_init(ctx, type, iv, secret, encrypt) 279 #define _libssh2_cipher_crypt(ctx, type, encrypt, block, blocklen) \ 280 _libssh2_mbedtls_cipher_crypt(ctx, type, encrypt, block, blocklen) 281 #define _libssh2_cipher_dtor(ctx) \ 282 _libssh2_mbedtls_cipher_dtor(ctx) 283 284 285 /*******************************************************************/ 286 /* 287 * mbedTLS backend: BigNumber Support 288 */ 289 290 #define _libssh2_bn_ctx int /* not used */ 291 #define _libssh2_bn_ctx_new() 0 /* not used */ 292 #define _libssh2_bn_ctx_free(bnctx) ((void)0) /* not used */ 293 294 #define _libssh2_bn mbedtls_mpi 295 296 #define _libssh2_bn_init() \ 297 _libssh2_mbedtls_bignum_init() 298 #define _libssh2_bn_init_from_bin() \ 299 _libssh2_mbedtls_bignum_init() 300 #define _libssh2_bn_set_word(bn, word) \ 301 mbedtls_mpi_lset(bn, word) 302 #define _libssh2_bn_from_bin(bn, len, bin) \ 303 mbedtls_mpi_read_binary(bn, bin, len) 304 #define _libssh2_bn_to_bin(bn, bin) \ 305 mbedtls_mpi_write_binary(bn, bin, mbedtls_mpi_size(bn)) 306 #define _libssh2_bn_bytes(bn) \ 307 mbedtls_mpi_size(bn) 308 #define _libssh2_bn_bits(bn) \ 309 mbedtls_mpi_bitlen(bn) 310 #define _libssh2_bn_free(bn) \ 311 _libssh2_mbedtls_bignum_free(bn) 312 313 314 /*******************************************************************/ 315 /* 316 * mbedTLS backend: Diffie-Hellman support. 317 */ 318 319 #define _libssh2_dh_ctx mbedtls_mpi * 320 #define libssh2_dh_init(dhctx) _libssh2_dh_init(dhctx) 321 #define libssh2_dh_key_pair(dhctx, public, g, p, group_order, bnctx) \ 322 _libssh2_dh_key_pair(dhctx, public, g, p, group_order) 323 #define libssh2_dh_secret(dhctx, secret, f, p, bnctx) \ 324 _libssh2_dh_secret(dhctx, secret, f, p) 325 #define libssh2_dh_dtor(dhctx) _libssh2_dh_dtor(dhctx) 326 327 328 /*******************************************************************/ 329 /* 330 * mbedTLS backend: forward declarations 331 */ 332 void 333 _libssh2_mbedtls_init(void); 334 335 void 336 _libssh2_mbedtls_free(void); 337 338 int 339 _libssh2_mbedtls_random(unsigned char *buf, int len); 340 341 int 342 _libssh2_mbedtls_cipher_init(_libssh2_cipher_ctx *ctx, 343 _libssh2_cipher_type(type), 344 unsigned char *iv, 345 unsigned char *secret, 346 int encrypt); 347 int 348 _libssh2_mbedtls_cipher_crypt(_libssh2_cipher_ctx *ctx, 349 _libssh2_cipher_type(type), 350 int encrypt, 351 unsigned char *block, 352 size_t blocklen); 353 void 354 _libssh2_mbedtls_cipher_dtor(_libssh2_cipher_ctx *ctx); 355 356 int 357 _libssh2_mbedtls_hash_init(mbedtls_md_context_t *ctx, 358 mbedtls_md_type_t mdtype, 359 const unsigned char *key, unsigned long keylen); 360 361 int 362 _libssh2_mbedtls_hash_final(mbedtls_md_context_t *ctx, unsigned char *hash); 363 int 364 _libssh2_mbedtls_hash(const unsigned char *data, unsigned long datalen, 365 mbedtls_md_type_t mdtype, unsigned char *hash); 366 367 _libssh2_bn * 368 _libssh2_mbedtls_bignum_init(void); 369 370 void 371 _libssh2_mbedtls_bignum_free(_libssh2_bn *bn); 372 373 int 374 _libssh2_mbedtls_rsa_new(libssh2_rsa_ctx **rsa, 375 const unsigned char *edata, 376 unsigned long elen, 377 const unsigned char *ndata, 378 unsigned long nlen, 379 const unsigned char *ddata, 380 unsigned long dlen, 381 const unsigned char *pdata, 382 unsigned long plen, 383 const unsigned char *qdata, 384 unsigned long qlen, 385 const unsigned char *e1data, 386 unsigned long e1len, 387 const unsigned char *e2data, 388 unsigned long e2len, 389 const unsigned char *coeffdata, 390 unsigned long coefflen); 391 392 int 393 _libssh2_mbedtls_rsa_new_private(libssh2_rsa_ctx **rsa, 394 LIBSSH2_SESSION *session, 395 const char *filename, 396 const unsigned char *passphrase); 397 398 int 399 _libssh2_mbedtls_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, 400 LIBSSH2_SESSION *session, 401 const char *filedata, 402 size_t filedata_len, 403 unsigned const char *passphrase); 404 int 405 _libssh2_mbedtls_rsa_sha1_verify(libssh2_rsa_ctx *rsa, 406 const unsigned char *sig, 407 unsigned long sig_len, 408 const unsigned char *m, 409 unsigned long m_len); 410 int 411 _libssh2_mbedtls_rsa_sha1_sign(LIBSSH2_SESSION *session, 412 libssh2_rsa_ctx *rsa, 413 const unsigned char *hash, 414 size_t hash_len, 415 unsigned char **signature, 416 size_t *signature_len); 417 void 418 _libssh2_mbedtls_rsa_free(libssh2_rsa_ctx *rsa); 419 420 int 421 _libssh2_mbedtls_pub_priv_keyfile(LIBSSH2_SESSION *session, 422 unsigned char **method, 423 size_t *method_len, 424 unsigned char **pubkeydata, 425 size_t *pubkeydata_len, 426 const char *privatekey, 427 const char *passphrase); 428 int 429 _libssh2_mbedtls_pub_priv_keyfilememory(LIBSSH2_SESSION *session, 430 unsigned char **method, 431 size_t *method_len, 432 unsigned char **pubkeydata, 433 size_t *pubkeydata_len, 434 const char *privatekeydata, 435 size_t privatekeydata_len, 436 const char *passphrase); 437 438 extern void 439 _libssh2_dh_init(_libssh2_dh_ctx *dhctx); 440 extern int 441 _libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public, 442 _libssh2_bn *g, _libssh2_bn *p, int group_order); 443 extern int 444 _libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret, 445 _libssh2_bn *f, _libssh2_bn *p); 446 extern void 447 _libssh2_dh_dtor(_libssh2_dh_ctx *dhctx); 448