197b2ed56SKris Kennaway /* crypto/rsa/rsa_saos.c */ 297b2ed56SKris Kennaway /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 397b2ed56SKris Kennaway * All rights reserved. 497b2ed56SKris Kennaway * 597b2ed56SKris Kennaway * This package is an SSL implementation written 697b2ed56SKris Kennaway * by Eric Young (eay@cryptsoft.com). 797b2ed56SKris Kennaway * The implementation was written so as to conform with Netscapes SSL. 897b2ed56SKris Kennaway * 997b2ed56SKris Kennaway * This library is free for commercial and non-commercial use as long as 1097b2ed56SKris Kennaway * the following conditions are aheared to. The following conditions 1197b2ed56SKris Kennaway * apply to all code found in this distribution, be it the RC4, RSA, 1297b2ed56SKris Kennaway * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1397b2ed56SKris Kennaway * included with this distribution is covered by the same copyright terms 1497b2ed56SKris Kennaway * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1597b2ed56SKris Kennaway * 1697b2ed56SKris Kennaway * Copyright remains Eric Young's, and as such any Copyright notices in 1797b2ed56SKris Kennaway * the code are not to be removed. 1897b2ed56SKris Kennaway * If this package is used in a product, Eric Young should be given attribution 1997b2ed56SKris Kennaway * as the author of the parts of the library used. 2097b2ed56SKris Kennaway * This can be in the form of a textual message at program startup or 2197b2ed56SKris Kennaway * in documentation (online or textual) provided with the package. 2297b2ed56SKris Kennaway * 2397b2ed56SKris Kennaway * Redistribution and use in source and binary forms, with or without 2497b2ed56SKris Kennaway * modification, are permitted provided that the following conditions 2597b2ed56SKris Kennaway * are met: 2697b2ed56SKris Kennaway * 1. Redistributions of source code must retain the copyright 2797b2ed56SKris Kennaway * notice, this list of conditions and the following disclaimer. 2897b2ed56SKris Kennaway * 2. Redistributions in binary form must reproduce the above copyright 2997b2ed56SKris Kennaway * notice, this list of conditions and the following disclaimer in the 3097b2ed56SKris Kennaway * documentation and/or other materials provided with the distribution. 3197b2ed56SKris Kennaway * 3. All advertising materials mentioning features or use of this software 3297b2ed56SKris Kennaway * must display the following acknowledgement: 3397b2ed56SKris Kennaway * "This product includes cryptographic software written by 3497b2ed56SKris Kennaway * Eric Young (eay@cryptsoft.com)" 3597b2ed56SKris Kennaway * The word 'cryptographic' can be left out if the rouines from the library 3697b2ed56SKris Kennaway * being used are not cryptographic related :-). 3797b2ed56SKris Kennaway * 4. If you include any Windows specific code (or a derivative thereof) from 3897b2ed56SKris Kennaway * the apps directory (application code) you must include an acknowledgement: 3997b2ed56SKris Kennaway * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4097b2ed56SKris Kennaway * 4197b2ed56SKris Kennaway * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4297b2ed56SKris Kennaway * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4397b2ed56SKris Kennaway * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4497b2ed56SKris Kennaway * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4597b2ed56SKris Kennaway * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4697b2ed56SKris Kennaway * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4797b2ed56SKris Kennaway * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4897b2ed56SKris Kennaway * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4997b2ed56SKris Kennaway * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5097b2ed56SKris Kennaway * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5197b2ed56SKris Kennaway * SUCH DAMAGE. 5297b2ed56SKris Kennaway * 5397b2ed56SKris Kennaway * The licence and distribution terms for any publically available version or 5497b2ed56SKris Kennaway * derivative of this code cannot be changed. i.e. this code cannot simply be 5597b2ed56SKris Kennaway * copied and put under another distribution licence 5697b2ed56SKris Kennaway * [including the GNU Public Licence.] 5797b2ed56SKris Kennaway */ 5897b2ed56SKris Kennaway 5997b2ed56SKris Kennaway #include <stdio.h> 6097b2ed56SKris Kennaway #include "cryptlib.h" 6197b2ed56SKris Kennaway #include <openssl/bn.h> 6297b2ed56SKris Kennaway #include <openssl/rsa.h> 6397b2ed56SKris Kennaway #include <openssl/objects.h> 6497b2ed56SKris Kennaway #include <openssl/x509.h> 6597b2ed56SKris Kennaway 665c87c606SMark Murray int RSA_sign_ASN1_OCTET_STRING(int type, 675c87c606SMark Murray const unsigned char *m, unsigned int m_len, 686f9291ceSJung-uk Kim unsigned char *sigret, unsigned int *siglen, 696f9291ceSJung-uk Kim RSA *rsa) 7097b2ed56SKris Kennaway { 7197b2ed56SKris Kennaway ASN1_OCTET_STRING sig; 7297b2ed56SKris Kennaway int i, j, ret = 1; 7397b2ed56SKris Kennaway unsigned char *p, *s; 7497b2ed56SKris Kennaway 7597b2ed56SKris Kennaway sig.type = V_ASN1_OCTET_STRING; 7697b2ed56SKris Kennaway sig.length = m_len; 775c87c606SMark Murray sig.data = (unsigned char *)m; 7897b2ed56SKris Kennaway 7997b2ed56SKris Kennaway i = i2d_ASN1_OCTET_STRING(&sig, NULL); 8097b2ed56SKris Kennaway j = RSA_size(rsa); 816f9291ceSJung-uk Kim if (i > (j - RSA_PKCS1_PADDING_SIZE)) { 826f9291ceSJung-uk Kim RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 836f9291ceSJung-uk Kim RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); 8497b2ed56SKris Kennaway return (0); 8597b2ed56SKris Kennaway } 86ddd58736SKris Kennaway s = (unsigned char *)OPENSSL_malloc((unsigned int)j + 1); 876f9291ceSJung-uk Kim if (s == NULL) { 8897b2ed56SKris Kennaway RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE); 8997b2ed56SKris Kennaway return (0); 9097b2ed56SKris Kennaway } 9197b2ed56SKris Kennaway p = s; 9297b2ed56SKris Kennaway i2d_ASN1_OCTET_STRING(&sig, &p); 9397b2ed56SKris Kennaway i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING); 9497b2ed56SKris Kennaway if (i <= 0) 9597b2ed56SKris Kennaway ret = 0; 9697b2ed56SKris Kennaway else 9797b2ed56SKris Kennaway *siglen = i; 9897b2ed56SKris Kennaway 995c87c606SMark Murray OPENSSL_cleanse(s, (unsigned int)j + 1); 100ddd58736SKris Kennaway OPENSSL_free(s); 10197b2ed56SKris Kennaway return (ret); 10297b2ed56SKris Kennaway } 10397b2ed56SKris Kennaway 1045c87c606SMark Murray int RSA_verify_ASN1_OCTET_STRING(int dtype, 1055c87c606SMark Murray const unsigned char *m, 1066f9291ceSJung-uk Kim unsigned int m_len, unsigned char *sigbuf, 1076f9291ceSJung-uk Kim unsigned int siglen, RSA *rsa) 10897b2ed56SKris Kennaway { 10997b2ed56SKris Kennaway int i, ret = 0; 1103b4e3dcbSSimon L. B. Nielsen unsigned char *s; 1113b4e3dcbSSimon L. B. Nielsen const unsigned char *p; 11297b2ed56SKris Kennaway ASN1_OCTET_STRING *sig = NULL; 11397b2ed56SKris Kennaway 1146f9291ceSJung-uk Kim if (siglen != (unsigned int)RSA_size(rsa)) { 1156f9291ceSJung-uk Kim RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, 1166f9291ceSJung-uk Kim RSA_R_WRONG_SIGNATURE_LENGTH); 11797b2ed56SKris Kennaway return (0); 11897b2ed56SKris Kennaway } 11997b2ed56SKris Kennaway 120ddd58736SKris Kennaway s = (unsigned char *)OPENSSL_malloc((unsigned int)siglen); 1216f9291ceSJung-uk Kim if (s == NULL) { 12297b2ed56SKris Kennaway RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE); 12397b2ed56SKris Kennaway goto err; 12497b2ed56SKris Kennaway } 12597b2ed56SKris Kennaway i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING); 12697b2ed56SKris Kennaway 1276f9291ceSJung-uk Kim if (i <= 0) 1286f9291ceSJung-uk Kim goto err; 12997b2ed56SKris Kennaway 13097b2ed56SKris Kennaway p = s; 13197b2ed56SKris Kennaway sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i); 1326f9291ceSJung-uk Kim if (sig == NULL) 1336f9291ceSJung-uk Kim goto err; 13497b2ed56SKris Kennaway 13597b2ed56SKris Kennaway if (((unsigned int)sig->length != m_len) || 1366f9291ceSJung-uk Kim (memcmp(m, sig->data, m_len) != 0)) { 13797b2ed56SKris Kennaway RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, RSA_R_BAD_SIGNATURE); 1386f9291ceSJung-uk Kim } else 13997b2ed56SKris Kennaway ret = 1; 14097b2ed56SKris Kennaway err: 1416f9291ceSJung-uk Kim if (sig != NULL) 1426f9291ceSJung-uk Kim M_ASN1_OCTET_STRING_free(sig); 1436f9291ceSJung-uk Kim if (s != NULL) { 1445c87c606SMark Murray OPENSSL_cleanse(s, (unsigned int)siglen); 145ddd58736SKris Kennaway OPENSSL_free(s); 1463b4e3dcbSSimon L. B. Nielsen } 14797b2ed56SKris Kennaway return (ret); 14897b2ed56SKris Kennaway } 149