xref: /dragonfly/usr.bin/newkey/generic.c (revision ed5d5720) 
1 /*
2  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
3  * unrestricted use provided that this legend is included on all tape
4  * media and as a part of the software program in whole or part.  Users
5  * may copy or modify Sun RPC without charge, but are not authorized
6  * to license or distribute it to anyone else except as part of a product or
7  * program developed by the user or with the express written consent of
8  * Sun Microsystems, Inc.
9  *
10  * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
11  * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
12  * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
13  *
14  * Sun RPC is provided with no support and without any obligation on the
15  * part of Sun Microsystems, Inc. to assist in its use, correction,
16  * modification or enhancement.
17  *
18  * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
19  * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
20  * OR ANY PART THEREOF.
21  *
22  * In no event will Sun Microsystems, Inc. be liable for any lost revenue
23  * or profits or other special, indirect and consequential damages, even if
24  * Sun has been advised of the possibility of such damages.
25  *
26  * Sun Microsystems, Inc.
27  * 2550 Garcia Avenue
28  * Mountain View, California  94043
29  *
30  * @(#)generic.c 1.2 91/03/11 Copyr 1986 Sun Micro
31  * $FreeBSD: src/usr.bin/newkey/generic.c,v 1.3.2.1 2001/07/04 22:32:20 kris Exp $
32  * $DragonFly: src/usr.bin/newkey/generic.c,v 1.8 2008/06/05 18:06:33 swildner Exp $
33  */
34 
35 /*
36  * Copyright (C) 1986, Sun Microsystems, Inc.
37  */
38 
39 #include <sys/file.h>
40 
41 #include <err.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 
45 #include <openssl/bn.h>
46 #include <openssl/crypto.h>
47 #include <openssl/err.h>
48 
49 #include <rpc/rpc.h>
50 #include <rpc/key_prot.h>
51 
52 #include "externs.h"
53 
54 static void	adjust(char[], char *);
55 static BIGNUM	*itobn(long i);
56 
57 /*
58  * Generate a seed
59  */
60 static void
61 getseed(char *seed, int seedsize, unsigned char *pass)
62 {
63 	int i;
64 
65 	for (i = 0; i < seedsize; i++) {
66 		seed[i] = (arc4random() & 0xff) ^ pass[i % 8];
67 	}
68 }
69 
70 static BIGNUM *
71 itobn(long i)
72 {
73 	BIGNUM *n = 0;
74 
75 	if ((n = BN_new()) == NULL)
76 		errx(1, "could not create BIGNUM: %s",
77 		     ERR_error_string(ERR_get_error(), 0));
78 	BN_init(n);
79 	if (i > 0)
80 		BN_add_word(n, (u_long)i);
81 	else
82 		BN_sub_word(n, (u_long)(-i));
83 	return(n);
84 }
85 
86 /*
87  * Generate a random public/secret key pair
88  */
89 void
90 genkeys(char *public, char *secret, char *pass)
91 {
92 #define	BASEBITS (8*sizeof (short) - 1)
93 #define	BASE (short)(1 << BASEBITS)
94 
95 	unsigned int i;
96 	short r;
97 	unsigned short seed[KEYSIZE/BASEBITS + 1];
98 	char *xkey;
99 
100 	BN_CTX *ctx;
101 	BIGNUM *pk, *sk, *tmp, *base, *root, *modulus;
102 
103 	pk = itobn(0);
104 	sk = itobn(0);
105 	tmp = itobn(0);
106 	base = itobn(BASE);
107 	root = itobn(PROOT);
108 	modulus = NULL;
109 	if (BN_hex2bn(&modulus, HEXMODULUS) == 0)
110 		errx(1, "could not convert modulus to BIGNUM: %s",
111 		     ERR_error_string(ERR_get_error(), 0));
112 
113 	if ((ctx = BN_CTX_new()) == NULL)
114 		errx(1, "could not create BN_CTX: %s",
115 		     ERR_error_string(ERR_get_error(), 0));
116 
117 	getseed((char *)seed, sizeof (seed), (u_char *)pass);
118 	for (i = 0; i < KEYSIZE/BASEBITS + 1; i++) {
119 		r = seed[i] % BASE;
120 		BN_zero(tmp);
121 		BN_add_word(tmp, r);
122 		BN_mul(sk, base, sk, ctx);
123 		BN_add(sk, tmp, sk);
124 	}
125 	BN_zero(tmp);
126 	BN_div(tmp, sk, sk, modulus, ctx);
127 	BN_mod_exp(pk, root, sk, modulus, ctx);
128 
129 	if ((xkey = BN_bn2hex(sk)) == NULL)
130 		errx(1, "could convert sk to hex: %s",
131 		     ERR_error_string(ERR_get_error(), 0));
132 	adjust(secret, xkey);
133 	OPENSSL_free(xkey);
134 
135 	if ((xkey = BN_bn2hex(pk)) == NULL)
136 		errx(1, "could convert pk to hex: %s",
137 		     ERR_error_string(ERR_get_error(), 0));
138 	adjust(public, xkey);
139 	OPENSSL_free(xkey);
140 
141 	BN_free(base);
142 	BN_free(modulus);
143 	BN_free(pk);
144 	BN_free(sk);
145 	BN_free(root);
146 	BN_free(tmp);
147 }
148 
149 /*
150  * Adjust the input key so that it is 0-filled on the left
151  */
152 static void
153 adjust(char keyout[HEXKEYBYTES+1], char *keyin)
154 {
155 	char *p;
156 	char *s;
157 
158 	for (p = keyin; *p; p++)
159 		;
160 	for (s = keyout + HEXKEYBYTES; p >= keyin; p--, s--) {
161 		*s = *p;
162 	}
163 	while (s >= keyout) {
164 		*s-- = '0';
165 	}
166 }
167