/* This internal function is used by ENGINE_cswift() and possibly by the * "dynamic" ENGINE support too */ static int bind_helper(ENGINE *e) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth1; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth2; #endif if(!ENGINE_set_id(e, engine_cswift_id) || !ENGINE_set_name(e, engine_cswift_name) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA(e, &cswift_rsa) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA(e, &cswift_dsa) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &cswift_dh) || #endif !ENGINE_set_RAND(e, &cswift_random) || !ENGINE_set_destroy_function(e, cswift_destroy) || !ENGINE_set_init_function(e, cswift_init) || !ENGINE_set_finish_function(e, cswift_finish) || !ENGINE_set_ctrl_function(e, cswift_ctrl) || !ENGINE_set_cmd_defns(e, cswift_cmd_defns)) return 0; #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth1 = RSA_PKCS1_SSLeay(); cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc; cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec; cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc; cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec; #endif #ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth2 = DH_OpenSSL(); cswift_dh.generate_key = meth2->generate_key; cswift_dh.compute_key = meth2->compute_key; #endif /* Ensure the cswift error handling is set up */ ERR_load_CSWIFT_strings(); return 1; }
RSA *FIPS_rsa_new(void) { RSA *ret; ret = OPENSSL_malloc(sizeof(RSA)); if (!ret) return NULL; memset(ret, 0, sizeof(RSA)); ret->meth = RSA_PKCS1_SSLeay(); if (ret->meth->init) ret->meth->init(ret); return ret; }
const RSA_METHOD *RSA_get_default_method(void) { #ifndef OPERA_SMALL_VERSION if (default_RSA_meth == NULL) { #ifdef RSA_NULL default_RSA_meth=RSA_null_method(); #else #if 0 /* was: #ifdef RSAref */ default_RSA_meth=RSA_PKCS1_RSAref(); #else default_RSA_meth=RSA_PKCS1_SSLeay(); #endif #endif } return default_RSA_meth; #else return RSA_PKCS1_SSLeay(); #endif }
const RSA_METHOD *RSA_get_default_method(void) { if (default_RSA_meth == NULL) { #ifdef RSA_NULL default_RSA_meth=RSA_null_method(); #else default_RSA_meth=RSA_PKCS1_SSLeay(); #endif } return default_RSA_meth; }
static int capi_init(ENGINE *e) { CAPI_CTX *ctx; const RSA_METHOD *ossl_rsa_meth; const DSA_METHOD *ossl_dsa_meth; capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0); ctx = capi_ctx_new(); if (!ctx || (capi_idx < 0)) goto memerr; ENGINE_set_ex_data(e, capi_idx, ctx); /* Setup RSA_METHOD */ rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0); ossl_rsa_meth = RSA_PKCS1_SSLeay(); capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc; capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec; capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp; capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp; /* Setup DSA Method */ dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0); ossl_dsa_meth = DSA_OpenSSL(); capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify; capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp; capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp; #ifdef OPENSSL_CAPIENG_DIALOG { HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL")); HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL")); if (cryptui) ctx->certselectdlg = (CERTDLG)GetProcAddress(cryptui, "CryptUIDlgSelectCertificateFromStore"); if (kernel) ctx->getconswindow = (GETCONSWIN)GetProcAddress(kernel, "GetConsoleWindow"); if (cryptui && !OPENSSL_isservice()) ctx->client_cert_select = cert_select_dialog; } #endif return 1; memerr: CAPIerr(CAPI_F_CAPI_INIT, ERR_R_MALLOC_FAILURE); return 0; return 1; }
/* * This function is aliased to mod_exp (with the mont stuff dropped). */ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { int ret = 0; /* Do in software if the key is too large for the hardware. */ if (BN_num_bits(m) > max_key_len) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ret = (*meth->bn_mod_exp) (r, a, p, m, ctx, m_ctx); } else { ret = ubsec_mod_exp(r, a, p, m, ctx); } return ret; }
static int RSA_zencod_rsa_mod_exp ( BIGNUM *r0, const BIGNUM *i, RSA *rsa ) { CHEESE () ; if ( !zencod_dso ) { ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_NOT_LOADED); return 0; } if ( !rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp ) { ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_BAD_KEY_COMPONENTS); return 0; } /* Do in software if argument is too large for hardware */ if ( RSA_size(rsa) * 8 > ZENBRIDGE_MAX_KEYSIZE_RSA_CRT ) { const RSA_METHOD *meth; meth = RSA_PKCS1_SSLeay(); return meth->rsa_mod_exp(r0, i, rsa); } else { zen_nb_t y, x, p, q, dmp1, dmq1, iqmp; if ( !bn_expand(r0, RSA_size(rsa) * 8) ) { ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_BN_EXPAND_FAIL); return 0; } r0->top = (RSA_size(rsa) * 8 + BN_BITS2 - 1) / BN_BITS2; BIGNUM2ZEN ( &x, i ) ; BIGNUM2ZEN ( &y, r0 ) ; BIGNUM2ZEN ( &p, rsa->p ) ; BIGNUM2ZEN ( &q, rsa->q ) ; BIGNUM2ZEN ( &dmp1, rsa->dmp1 ) ; BIGNUM2ZEN ( &dmq1, rsa->dmq1 ) ; BIGNUM2ZEN ( &iqmp, rsa->iqmp ) ; if ( ptr_zencod_rsa_mod_exp_crt ( &y, &x, &p, &q, &dmp1, &dmq1, &iqmp ) < 0 ) { PERROR("zenbridge_rsa_mod_exp_crt"); ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_REQUEST_FAILED); return 0; } return 1; } }
int aos_signature_init(struct aos_signature *sign) { memset(sign, 0, sizeof(struct aos_signature)); sign->rsa = RSA_new(); if(sign->rsa == NULL) return 0; RSA_set_method(sign->rsa, RSA_PKCS1_SSLeay()); sign->rsa->e = BN_new(); if(sign->rsa->e == NULL) return 0; BN_set_word(sign->rsa->e, 3); return 1; }
static int tpm_rsa_pub_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { int rv; DBG("%s", __FUNCTION__); if ((rv = RSA_PKCS1_SSLeay()->rsa_pub_dec(flen, from, to, rsa, padding)) < 0) { TSSerr(TPM_F_TPM_RSA_PUB_DEC, TPM_R_REQUEST_FAILED); return 0; } return rv; }
RSA *RSA_new_method(RSA_METHOD *meth) { RSA *ret; ret=(RSA *)rtlglue_malloc(sizeof(RSA)); if (ret == NULL) return(NULL); if (meth == NULL) { if((ret->meth=RSA_PKCS1_SSLeay()) == NULL) { rtlglue_free(ret); return NULL; } } else ret->meth=meth; meth = ret->meth; ret->pad=0; ret->version=0; ret->n=NULL; ret->e=NULL; ret->d=NULL; ret->p=NULL; ret->q=NULL; ret->dmp1=NULL; ret->dmq1=NULL; ret->iqmp=NULL; ret->references=1; ret->_method_mod_n=NULL; ret->_method_mod_p=NULL; ret->_method_mod_q=NULL; ret->blinding=NULL; ret->bignum_data=NULL; ret->flags=meth->flags; if ((meth->init != NULL) && !meth->init(ret)) { rtlglue_free(ret); ret=NULL; } return(ret); }
static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { int to_return = 0; AEP_RV rv = AEP_R_OK; if (!aep_dso) { AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_NOT_LOADED); goto err; } /*See if we have all the necessary bits for a crt*/ if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) { rv = aep_mod_exp_crt(r0,I,rsa->p,rsa->q, rsa->dmp1,rsa->dmq1,rsa->iqmp,ctx); if (rv == FAIL_TO_SW){ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); to_return = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); goto err; } else if (rv != AEP_R_OK) goto err; } else { if (!rsa->d || !rsa->n) { AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_MISSING_KEY_COMPONENTS); goto err; } rv = aep_mod_exp(r0,I,rsa->d,rsa->n,ctx); if (rv != AEP_R_OK) goto err; } to_return = 1; err: return to_return; }
static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) { BN_CTX *ctx; int to_return = 0; const RSA_METHOD * def_rsa_method; /* Try the limits of RSA (2048 bits) */ if(BN_num_bytes(rsa->p) > 128 || BN_num_bytes(rsa->q) > 128 || BN_num_bytes(rsa->dmp1) > 128 || BN_num_bytes(rsa->dmq1) > 128 || BN_num_bytes(rsa->iqmp) > 128) { #ifdef RSA_NULL def_rsa_method=RSA_null_method(); #else #if 0 def_rsa_method=RSA_PKCS1_RSAref(); #else def_rsa_method=RSA_PKCS1_SSLeay(); #endif #endif if(def_rsa_method) return def_rsa_method->rsa_mod_exp(r0, I, rsa); } if((ctx = BN_CTX_new()) == NULL) goto err; if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS); goto err; } to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1, rsa->iqmp, ctx); err: if(ctx) BN_CTX_free(ctx); return to_return; }
/* This function is aliased to RSA_mod_exp (with the mont stuff dropped). */ static int RSA_zencod_bn_mod_exp ( BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx ) { CHEESE () ; if ( !zencod_dso ) { ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_NOT_LOADED); return 0; } /* Do in software if argument is too large for hardware */ if ( BN_num_bits(m) > ZENBRIDGE_MAX_KEYSIZE_RSA ) { const RSA_METHOD *meth; meth = RSA_PKCS1_SSLeay(); return meth->bn_mod_exp(r, a, p, m, ctx, m_ctx); } else { zen_nb_t y, x, e, n; if ( !bn_expand(r, BN_num_bits(m)) ) { ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL); return 0; } r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2; BIGNUM2ZEN ( &x, a ) ; BIGNUM2ZEN ( &y, r ) ; BIGNUM2ZEN ( &e, p ) ; BIGNUM2ZEN ( &n, m ) ; if ( ptr_zencod_rsa_mod_exp ( &y, &x, &n, &e ) < 0 ) { PERROR("zenbridge_rsa_mod_exp"); ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_REQUEST_FAILED); return 0; } return 1; } }
static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { int to_return = 0; if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS); goto err; } to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1, rsa->iqmp, ctx); if (to_return == FAIL_TO_SOFTWARE) { /* * Do in software as hardware failed. */ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx); } err: return to_return; }
static CK_RV add_pubkey_info(struct gpkcs11_st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key) { switch (key_type) { case CKK_RSA: { CK_BYTE *modulus = NULL; size_t modulus_len = 0; CK_ULONG modulus_bits = 0; CK_BYTE *exponent = NULL; size_t exponent_len = 0; modulus_bits = BN_num_bits(key->pkey.rsa->n); modulus_len = BN_num_bytes(key->pkey.rsa->n); modulus = malloc(modulus_len); BN_bn2bin(key->pkey.rsa->n, modulus); exponent_len = BN_num_bytes(key->pkey.rsa->e); exponent = malloc(exponent_len); BN_bn2bin(key->pkey.rsa->e, exponent); add_object_attribute(o, 0, CKA_MODULUS, modulus, modulus_len); add_object_attribute(o, 0, CKA_MODULUS_BITS, &modulus_bits, sizeof(modulus_bits)); add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT, exponent, exponent_len); RSA_set_method(key->pkey.rsa, RSA_PKCS1_SSLeay()); free(modulus); free(exponent); } default: /* XXX */ break; } return CKR_OK; }
static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { struct crypt_kop kop; int ret = 1; if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { /* XXX 0 means failure?? */ return (0); } memset(&kop, 0, sizeof kop); kop.crk_op = CRK_MOD_EXP_CRT; /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */ if (bn2crparam(rsa->p, &kop.crk_param[0])) goto err; if (bn2crparam(rsa->q, &kop.crk_param[1])) goto err; if (bn2crparam(I, &kop.crk_param[2])) goto err; if (bn2crparam(rsa->dmp1, &kop.crk_param[3])) goto err; if (bn2crparam(rsa->dmq1, &kop.crk_param[4])) goto err; if (bn2crparam(rsa->iqmp, &kop.crk_param[5])) goto err; kop.crk_iparams = 6; if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); } err: zapparams(&kop); return (ret); }
/* This function is aliased to mod_exp (with the mont stuff dropped). */ static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { const RSA_METHOD *def_rsa_method; /* Try the limits of RSA (2048 bits) */ if (BN_num_bytes(r) > 256 || BN_num_bytes(a) > 256 || BN_num_bytes(m) > 256) { # ifdef RSA_NULL def_rsa_method = RSA_null_method(); # else # if 0 def_rsa_method = RSA_PKCS1_RSAref(); # else def_rsa_method = RSA_PKCS1_SSLeay(); # endif # endif if (def_rsa_method) return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx); } return cswift_mod_exp(r, a, p, m, ctx); }
static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { return (RSA_PKCS1_SSLeay()->rsa_mod_exp)(r0, I, rsa, ctx); }
void ENGINE_load_cryptodev(void) { ENGINE *engine = ENGINE_new(); int fd; if (engine == NULL) return; if ((fd = get_dev_crypto()) < 0) { ENGINE_free(engine); return; } /* * find out what asymmetric crypto algorithms we support */ if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) { close(fd); ENGINE_free(engine); return; } close(fd); if (!ENGINE_set_id(engine, "cryptodev") || !ENGINE_set_name(engine, "BSD cryptodev engine") || !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) || !ENGINE_set_digests(engine, cryptodev_engine_digests) || !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) || !ENGINE_set_cmd_defns(engine, cryptodev_defns)) { ENGINE_free(engine); return; } if (ENGINE_set_RSA(engine, &cryptodev_rsa)) { const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay(); cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp; cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp; cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc; cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec; cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc; cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec; if (cryptodev_asymfeat & CRF_MOD_EXP) { cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp; if (cryptodev_asymfeat & CRF_MOD_EXP_CRT) cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_mod_exp; else cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_nocrt_mod_exp; } } if (ENGINE_set_DSA(engine, &cryptodev_dsa)) { const DSA_METHOD *meth = DSA_OpenSSL(); memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD)); if (cryptodev_asymfeat & CRF_DSA_SIGN) cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign; if (cryptodev_asymfeat & CRF_MOD_EXP) { cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp; cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp; } if (cryptodev_asymfeat & CRF_DSA_VERIFY) cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify; } if (ENGINE_set_DH(engine, &cryptodev_dh)){ const DH_METHOD *dh_meth = DH_OpenSSL(); cryptodev_dh.generate_key = dh_meth->generate_key; cryptodev_dh.compute_key = dh_meth->compute_key; cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp; if (cryptodev_asymfeat & CRF_MOD_EXP) { cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh; if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY) cryptodev_dh.compute_key = cryptodev_dh_compute_key; } } ENGINE_add(engine); ENGINE_free(engine); ERR_clear_error(); }
/* * Generate key */ static int westcos_pkcs15init_generate_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_object_t *obj, sc_pkcs15_pubkey_t *pubkey) { #ifndef ENABLE_OPENSSL return SC_ERROR_NOT_SUPPORTED; #else int r = SC_ERROR_UNKNOWN; long lg; u8 *p; sc_pkcs15_prkey_info_t *key_info = (sc_pkcs15_prkey_info_t *) obj->data; RSA *rsa = NULL; BIGNUM *bn = NULL; BIO *mem = NULL; sc_file_t *prkf = NULL; if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) { return SC_ERROR_NOT_SUPPORTED; } #if OPENSSL_VERSION_NUMBER>=0x00908000L rsa = RSA_new(); bn = BN_new(); mem = BIO_new(BIO_s_mem()); if(rsa == NULL || bn == NULL || mem == NULL) { r = SC_ERROR_OUT_OF_MEMORY; goto out; } if(!BN_set_word(bn, RSA_F4) || !RSA_generate_key_ex(rsa, key_info->modulus_length, bn, NULL)) #else mem = BIO_new(BIO_s_mem()); if(mem == NULL) { r = SC_ERROR_OUT_OF_MEMORY; goto out; } rsa = RSA_generate_key(key_info->modulus_length, RSA_F4, NULL, NULL); if (!rsa) #endif { r = SC_ERROR_UNKNOWN; goto out; } rsa->meth = RSA_PKCS1_SSLeay(); if(pubkey != NULL) { if(!i2d_RSAPublicKey_bio(mem, rsa)) { r = SC_ERROR_UNKNOWN; goto out; } lg = BIO_get_mem_data(mem, &p); pubkey->algorithm = SC_ALGORITHM_RSA; r = sc_pkcs15_decode_pubkey(p15card->card->ctx, pubkey, p, lg); } (void) BIO_reset(mem); if(!i2d_RSAPrivateKey_bio(mem, rsa)) { r = SC_ERROR_UNKNOWN; goto out; } lg = BIO_get_mem_data(mem, &p); /* Get the private key file */ r = sc_profile_get_file_by_path(profile, &key_info->path, &prkf); if (r < 0) { char pbuf[SC_MAX_PATH_STRING_SIZE]; r = sc_path_print(pbuf, sizeof(pbuf), &key_info->path); if (r != SC_SUCCESS) pbuf[0] = '\0'; goto out; } prkf->size = lg; r = sc_pkcs15init_create_file(profile, p15card, prkf); if(r) goto out; r = sc_pkcs15init_update_file(profile, p15card, prkf, p, lg); if(r) goto out; out: if(mem) BIO_free(mem); if(bn) BN_free(bn); if(rsa) RSA_free(rsa); if(prkf) sc_file_free(prkf); return r; #endif }
CK_RV gpkcs11_add_credentials(char *label, const char *cert_file, const char *private_key_file, char *id, int anchor) { struct gpkcs11_st_object *o = NULL; CK_BBOOL bool_true = CK_TRUE; CK_BBOOL bool_false = CK_FALSE; CK_OBJECT_CLASS c; CK_CERTIFICATE_TYPE cert_type = CKC_X_509; CK_KEY_TYPE key_type; CK_MECHANISM_TYPE mech_type; CK_RV ret = CKR_GENERAL_ERROR; void *subject_data = NULL; size_t subject_length; X509 *cert, *proxy_cert = NULL; EVP_PKEY *public_key; FILE *f = NULL; size_t id_len = strlen(id); f = fopen(cert_file, "r"); if (f == NULL) { gpkcs11_log("failed to open file %s\n", cert_file); return CKR_GENERAL_ERROR; } while (1) { cert = PEM_read_X509(f, NULL, NULL, NULL); if (cert == NULL) { if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE) break; ret = CKR_GENERAL_ERROR; goto out; } if (proxy_cert == NULL) proxy_cert = cert; ret = gpkcs11_add_certificate(label, cert, id, anchor); if (ret) goto out; } public_key = X509_get_pubkey(proxy_cert); switch (EVP_PKEY_type(public_key->type)) { case EVP_PKEY_RSA: key_type = CKK_RSA; break; case EVP_PKEY_DSA: key_type = CKK_DSA; break; default: /* XXX */ break; } OPENSSL_ASN1_MALLOC_ENCODE(X509_NAME, subject_data, subject_length, X509_get_subject_name(proxy_cert), ret); if (ret) goto out; if (private_key_file) { CK_FLAGS flags; FILE *f; o = add_st_object(); if (o == NULL) { ret = CKR_DEVICE_MEMORY; goto out; } o->type = STO_T_PRIVATE_KEY; o->u.private_key.file = strdup(private_key_file); o->u.private_key.key = NULL; o->u.private_key.cert = proxy_cert; c = CKO_PRIVATE_KEY; add_object_attribute(o, 0, CKA_CLASS, &c, sizeof(c)); add_object_attribute(o, 0, CKA_TOKEN, &bool_true, sizeof(bool_true)); add_object_attribute(o, 0, CKA_PRIVATE, &bool_true, sizeof(bool_false)); add_object_attribute(o, 0, CKA_MODIFIABLE, &bool_false, sizeof(bool_false)); add_object_attribute(o, 0, CKA_LABEL, label, strlen(label)); add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type)); add_object_attribute(o, 0, CKA_ID, id, id_len); add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */ add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */ add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false)); add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false)); mech_type = CKM_RSA_X_509; add_object_attribute(o, 0, CKA_KEY_GEN_MECHANISM, &mech_type, sizeof(mech_type)); add_object_attribute(o, 0, CKA_SUBJECT, subject_data, subject_length); add_object_attribute(o, 0, CKA_SENSITIVE, &bool_true, sizeof(bool_true)); add_object_attribute(o, 0, CKA_SECONDARY_AUTH, &bool_false, sizeof(bool_true)); flags = 0; add_object_attribute(o, 0, CKA_AUTH_PIN_FLAGS, &flags, sizeof(flags)); add_object_attribute(o, 0, CKA_DECRYPT, &bool_true, sizeof(bool_true)); add_object_attribute(o, 0, CKA_SIGN, &bool_true, sizeof(bool_true)); add_object_attribute(o, 0, CKA_SIGN_RECOVER, &bool_false, sizeof(bool_false)); add_object_attribute(o, 0, CKA_UNWRAP, &bool_true, sizeof(bool_true)); add_object_attribute(o, 0, CKA_EXTRACTABLE, &bool_true, sizeof(bool_true)); add_object_attribute(o, 0, CKA_NEVER_EXTRACTABLE, &bool_false, sizeof(bool_false)); add_pubkey_info(o, key_type, public_key); f = fopen(private_key_file, "r"); if (f == NULL) { gpkcs11_log("failed to open private key\n"); return CKR_GENERAL_ERROR; } o->u.private_key.key = PEM_read_PrivateKey(f, NULL, pem_callback, NULL); fclose(f); if (o->u.private_key.key == NULL) { gpkcs11_log("failed to read private key a startup\n"); /* don't bother with this failure for now, fix it at C_Login time */; } else { /* XXX verify keytype */ if (key_type == CKK_RSA) RSA_set_method(o->u.private_key.key->pkey.rsa, RSA_PKCS1_SSLeay()); if (X509_check_private_key(proxy_cert, o->u.private_key.key) != 1) { EVP_PKEY_free(o->u.private_key.key); o->u.private_key.key = NULL; gpkcs11_log("private key doesn't verify\n"); } else { gpkcs11_log("private key usable\n"); gpkcs11_soft_token.flags.login_done = 1; } } } ret = CKR_OK; out: if (ret != CKR_OK) { gpkcs11_log("something went wrong when adding cert!\n"); /* XXX wack o */; } if (f) fclose(f); return ret; }
static int tpm_rsa_pub_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { struct rsa_app_data *app_data = RSA_get_ex_data(rsa, ex_app_data); TSS_RESULT result; UINT32 out_len, in_len; BYTE *out; int rv; DBG("%s", __FUNCTION__); if (!app_data) { DBG("No app data found for RSA object %p. Calling software.", rsa); if ((rv = RSA_PKCS1_SSLeay()->rsa_pub_enc(flen, from, to, rsa, padding)) < 0) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_REQUEST_FAILED); } return rv; } if (app_data->hKey == NULL_HKEY) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_INVALID_KEY); return 0; } if (app_data->hEncData == NULL_HENCDATA) { if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_ENCDATA, TSS_ENCDATA_BIND, &app_data->hEncData))) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_REQUEST_FAILED); return 0; } DBG("Setting hEncData(0x%x) in RSA object", app_data->hEncData); } DBG("flen is %d", flen); if (padding == RSA_PKCS1_PADDING) { if (app_data->encScheme != TSS_ES_RSAESPKCSV15) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_INVALID_PADDING_TYPE); DBG("encScheme(0x%x) in RSA object", app_data->encScheme); return 0; } if (flen > (RSA_size(rsa) - RSA_PKCS1_PADDING_SIZE)) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } } else if (padding == RSA_PKCS1_OAEP_PADDING) { if (app_data->encScheme != TSS_ES_RSAESOAEP_SHA1_MGF1) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_INVALID_PADDING_TYPE); DBG("encScheme(0x%x) in RSA object", app_data->encScheme); return 0; } /* subtract an extra 5 for the TCPA_BOUND_DATA structure */ if (flen > (RSA_size(rsa) - RSA_PKCS1_PADDING_SIZE - 5)) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); return 0; } } else { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_INVALID_ENC_SCHEME); return 0; } in_len = flen; DBG("Bind: hKey(0x%x) hEncData(0x%x) in_len(%u)", app_data->hKey, app_data->hEncData, in_len); if ((result = Tspi_Data_Bind(app_data->hEncData, app_data->hKey, in_len, from))) { TSSerr(TPM_F_TPM_RSA_PUB_ENC, TPM_R_REQUEST_FAILED); DBG("result = 0x%x (%s)", result, Trspi_Error_String(result)); return 0; } /* pull out the bound data and return it */ if ((result = Tspi_GetAttribData(app_data->hEncData, TSS_TSPATTRIB_ENCDATA_BLOB, TSS_TSPATTRIB_ENCDATABLOB_BLOB, &out_len, &out))) { TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_REQUEST_FAILED); return 0; } DBG("%s: writing out %d bytes as bound data", __FUNCTION__, out_len); memcpy(to, out, out_len); Tspi_Context_FreeMemory(hContext, out); return out_len; }
static int tpm_rsa_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { struct rsa_app_data *app_data = RSA_get_ex_data(rsa, ex_app_data); TSS_RESULT result; UINT32 out_len, in_len; BYTE *out; int rv; DBG("%s", __FUNCTION__); if (!app_data) { DBG("No app data found for RSA object %p. Calling software.", rsa); if ((rv = RSA_PKCS1_SSLeay()->rsa_priv_dec(flen, from, to, rsa, padding)) < 0) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_REQUEST_FAILED); } return rv; } if (app_data->hKey == NULL_HKEY) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_INVALID_KEY); return 0; } if (app_data->hEncData == NULL_HENCDATA) { if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_ENCDATA, TSS_ENCDATA_BIND, &app_data->hEncData))) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_REQUEST_FAILED); return 0; } } if (padding == RSA_PKCS1_PADDING && app_data->encScheme != TSS_ES_RSAESPKCSV15) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_INVALID_PADDING_TYPE); DBG("encScheme(0x%x) in RSA object", app_data->encScheme); return 0; } else if (padding == RSA_PKCS1_OAEP_PADDING && app_data->encScheme != TSS_ES_RSAESOAEP_SHA1_MGF1) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_INVALID_PADDING_TYPE); DBG("encScheme(0x%x) in RSA object", app_data->encScheme); return 0; } in_len = flen; if ((result = Tspi_SetAttribData(app_data->hEncData, TSS_TSPATTRIB_ENCDATA_BLOB, TSS_TSPATTRIB_ENCDATABLOB_BLOB, in_len, from))) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_REQUEST_FAILED); return 0; } if ((result = Tspi_Data_Unbind(app_data->hEncData, app_data->hKey, &out_len, &out))) { TSSerr(TPM_F_TPM_RSA_PRIV_DEC, TPM_R_REQUEST_FAILED); return 0; } DBG("%s: writing out %d bytes as a signature", __FUNCTION__, out_len); memcpy(to, out, out_len); Tspi_Context_FreeMemory(hContext, out); return out_len; }
/* initialisation function */ static int tpm_engine_init(ENGINE * e) { TSS_RESULT result; DBG("%s", __FUNCTION__); #ifdef DLOPEN_TSPI if (tpm_dso != NULL) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_ALREADY_LOADED); return 1; } if ((tpm_dso = DSO_load(NULL, TPM_LIBNAME, NULL, 0)) == NULL) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE); goto err; } #define bind_tspi_func(dso, func) (p_tspi_##func = (void *)DSO_bind_func(dso, "Tspi_" #func)) if (!bind_tspi_func(tpm_dso, Context_Create) || !bind_tspi_func(tpm_dso, Context_Close) || !bind_tspi_func(tpm_dso, Context_Connect) || !bind_tspi_func(tpm_dso, TPM_GetRandom) || !bind_tspi_func(tpm_dso, Key_CreateKey) || !bind_tspi_func(tpm_dso, Data_Bind) || !bind_tspi_func(tpm_dso, Data_Unbind) || !bind_tspi_func(tpm_dso, Context_CreateObject) || !bind_tspi_func(tpm_dso, Context_FreeMemory) || !bind_tspi_func(tpm_dso, Key_LoadKey) || !bind_tspi_func(tpm_dso, Context_LoadKeyByUUID) || !bind_tspi_func(tpm_dso, GetAttribData) || !bind_tspi_func(tpm_dso, Hash_Sign) || !bind_tspi_func(tpm_dso, Context_CloseObject) || !bind_tspi_func(tpm_dso, Hash_SetHashValue) || !bind_tspi_func(tpm_dso, SetAttribUint32) || !bind_tspi_func(tpm_dso, GetPolicyObject) || !bind_tspi_func(tpm_dso, Policy_SetSecret) || !bind_tspi_func(tpm_dso, TPM_StirRandom) || !bind_tspi_func(tpm_dso, Context_LoadKeyByBlob) || !bind_tspi_func(tpm_dso, Context_GetTpmObject) || !bind_tspi_func(tpm_dso, GetAttribUint32) || !bind_tspi_func(tpm_dso, SetAttribData) || !bind_tspi_func(tpm_dso, Policy_AssignToObject) ) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE); goto err; } #endif /* DLOPEN_TSPI */ if ((result = Tspi_Context_Create(&hContext))) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE); goto err; } /* XXX allow dest to be specified through pre commands */ if ((result = Tspi_Context_Connect(hContext, NULL))) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE); goto err; } if ((result = Tspi_Context_GetTpmObject(hContext, &hTPM))) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE); goto err; } tpm_rsa.rsa_mod_exp = RSA_PKCS1_SSLeay()->rsa_mod_exp; return 1; err: if (hContext != NULL_HCONTEXT) { Tspi_Context_Close(hContext); hContext = NULL_HCONTEXT; hTPM = NULL_HTPM; } #ifdef DLOPEN_TSPI if (tpm_dso) { DSO_free(tpm_dso); tpm_dso = NULL; } p_tspi_Context_Create = NULL; p_tspi_Context_Close = NULL; p_tspi_Context_Connect = NULL; p_tspi_Context_FreeMemory = NULL; p_tspi_Context_LoadKeyByBlob = NULL; p_tspi_Context_LoadKeyByUUID = NULL; p_tspi_Context_GetTpmObject = NULL; p_tspi_Context_CloseObject = NULL; p_tspi_Key_CreateKey = NULL; p_tspi_Key_LoadKey = NULL; p_tspi_Data_Bind = NULL; p_tspi_Data_Unbind = NULL; p_tspi_Hash_SetHashValue = NULL; p_tspi_Hash_Sign = NULL; p_tspi_GetAttribData = NULL; p_tspi_SetAttribData = NULL; p_tspi_GetAttribUint32 = NULL; p_tspi_SetAttribUint32 = NULL; p_tspi_GetPolicyObject = NULL; p_tspi_Policy_SetSecret = NULL; p_tspi_Policy_AssignToObject = NULL; p_tspi_TPM_StirRandom = NULL; p_tspi_TPM_GetRandom = NULL; #endif return 0; }
/* This internal function is used by ENGINE_aep() and possibly by the * "dynamic" ENGINE support too */ static int bind_aep(ENGINE *e) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth1; #endif #ifndef OPENSSL_NO_DSA const DSA_METHOD *meth2; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth3; #endif if(!ENGINE_set_id(e, engine_aep_id) || !ENGINE_set_name(e, engine_aep_name) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA(e, &aep_rsa) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA(e, &aep_dsa) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &aep_dh) || #endif #ifdef AEPRAND !ENGINE_set_RAND(e, &aep_random) || #endif !ENGINE_set_init_function(e, aep_init) || !ENGINE_set_destroy_function(e, aep_destroy) || !ENGINE_set_finish_function(e, aep_finish) || !ENGINE_set_ctrl_function(e, aep_ctrl) || !ENGINE_set_cmd_defns(e, aep_cmd_defns)) return 0; #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the aep-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth1 = RSA_PKCS1_SSLeay(); aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc; aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec; aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc; aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec; #endif #ifndef OPENSSL_NO_DSA /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish * bits. */ meth2 = DSA_OpenSSL(); aep_dsa.dsa_do_sign = meth2->dsa_do_sign; aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup; aep_dsa.dsa_do_verify = meth2->dsa_do_verify; aep_dsa = *DSA_get_default_method(); aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; aep_dsa.bn_mod_exp = aep_mod_exp_dsa; #endif #ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth3 = DH_OpenSSL(); aep_dh.generate_key = meth3->generate_key; aep_dh.compute_key = meth3->compute_key; aep_dh.bn_mod_exp = meth3->bn_mod_exp; #endif /* Ensure the aep error handling is set up */ ERR_load_AEPHK_strings(); return 1; }
/* * This internal function is used by ENGINE_nuron() and possibly by the * "dynamic" ENGINE support too */ static int bind_helper(ENGINE *e) { # ifndef OPENSSL_NO_RSA const RSA_METHOD *meth1; # endif # ifndef OPENSSL_NO_DSA const DSA_METHOD *meth2; # endif # ifndef OPENSSL_NO_DH const DH_METHOD *meth3; # endif if (!ENGINE_set_id(e, engine_nuron_id) || !ENGINE_set_name(e, engine_nuron_name) || # ifndef OPENSSL_NO_RSA !ENGINE_set_RSA(e, &nuron_rsa) || # endif # ifndef OPENSSL_NO_DSA !ENGINE_set_DSA(e, &nuron_dsa) || # endif # ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &nuron_dh) || # endif !ENGINE_set_destroy_function(e, nuron_destroy) || !ENGINE_set_init_function(e, nuron_init) || !ENGINE_set_finish_function(e, nuron_finish) || !ENGINE_set_ctrl_function(e, nuron_ctrl) || !ENGINE_set_cmd_defns(e, nuron_cmd_defns)) return 0; # ifndef OPENSSL_NO_RSA /* * We know that the "PKCS1_SSLeay()" functions hook properly to the * nuron-specific mod_exp and mod_exp_crt so we use those functions. NB: * We don't use ENGINE_openssl() or anything "more generic" because * something like the RSAref code may not hook properly, and if you own * one of these cards then you have the right to do RSA operations on it * anyway! */ meth1 = RSA_PKCS1_SSLeay(); nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc; nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec; nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc; nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec; # endif # ifndef OPENSSL_NO_DSA /* * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits. */ meth2 = DSA_OpenSSL(); nuron_dsa.dsa_do_sign = meth2->dsa_do_sign; nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup; nuron_dsa.dsa_do_verify = meth2->dsa_do_verify; # endif # ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth3 = DH_OpenSSL(); nuron_dh.generate_key = meth3->generate_key; nuron_dh.compute_key = meth3->compute_key; # endif /* Ensure the nuron error handling is set up */ ERR_load_NURON_strings(); return 1; }
/* As this is only ever called once, there's no need for locking * (indeed - the lock will already be held by our caller!!!) */ static int bind_sureware(ENGINE *e) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth1; #endif #ifndef OPENSSL_NO_DSA const DSA_METHOD *meth2; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth3; #endif if(!ENGINE_set_id(e, engine_sureware_id) || !ENGINE_set_name(e, engine_sureware_name) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA(e, &surewarehk_rsa) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA(e, &surewarehk_dsa) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &surewarehk_dh) || #endif !ENGINE_set_RAND(e, &surewarehk_rand) || !ENGINE_set_destroy_function(e, surewarehk_destroy) || !ENGINE_set_init_function(e, surewarehk_init) || !ENGINE_set_finish_function(e, surewarehk_finish) || !ENGINE_set_ctrl_function(e, (ENGINE_CTRL_FUNC_PTR)surewarehk_ctrl) || !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) || !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey)) return 0; #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the cswift-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth1 = RSA_PKCS1_SSLeay(); if (meth1) { surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc; surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec; } #endif #ifndef OPENSSL_NO_DSA /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish * bits. */ meth2 = DSA_OpenSSL(); if (meth2) { surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify; } #endif #ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth3 = DH_OpenSSL(); if (meth3) { surewarehk_dh.generate_key = meth3->generate_key; surewarehk_dh.compute_key = meth3->compute_key; } #endif /* Ensure the sureware error handling is set up */ ERR_load_SUREWARE_strings(); return 1; }
static int tpm_rsa_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { struct rsa_app_data *app_data = RSA_get_ex_data(rsa, ex_app_data); TSS_RESULT result; UINT32 sig_len; BYTE *sig; int rv; DBG("%s", __FUNCTION__); if (!app_data) { DBG("No app data found for RSA object %p. Calling software.", rsa); if ((rv = RSA_PKCS1_SSLeay()->rsa_priv_enc(flen, from, to, rsa, padding)) < 0) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_REQUEST_FAILED); } return rv; } if (padding != RSA_PKCS1_PADDING) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_INVALID_PADDING_TYPE); return 0; } if (app_data->hKey == NULL_HKEY) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_INVALID_KEY); return 0; } if (app_data->hHash == NULL_HHASH) { if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_OTHER, &app_data->hHash))) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_REQUEST_FAILED); return 0; } } if (app_data->sigScheme == TSS_SS_RSASSAPKCS1V15_SHA1) { if (flen != SHA_DIGEST_LENGTH) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_INVALID_MSG_SIZE); return 0; } } else if (app_data->sigScheme == TSS_SS_RSASSAPKCS1V15_DER) { if (flen > (RSA_size(rsa) - RSA_PKCS1_PADDING_SIZE)) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_INVALID_MSG_SIZE); return 0; } } else { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_INVALID_ENC_SCHEME); return 0; } if ((result = Tspi_Hash_SetHashValue(app_data->hHash, flen, from))) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_REQUEST_FAILED); return 0; } if ((result = Tspi_Hash_Sign(app_data->hHash, app_data->hKey, &sig_len, &sig))) { TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_REQUEST_FAILED); DBG("result = 0x%x (%s)", result, Trspi_Error_String(result)); return 0; } DBG("%s: writing out %d bytes as a signature", __FUNCTION__, sig_len); memcpy(to, sig, sig_len); Tspi_Context_FreeMemory(hContext, sig); return sig_len; }
int neverbleed_init(neverbleed_t *nb, char *errbuf) { int pipe_fds[2] = {-1, -1}, listen_fd = -1; char *tempdir = NULL; const RSA_METHOD *default_method = RSA_PKCS1_SSLeay(); rsa_method.rsa_pub_enc = default_method->rsa_pub_enc; rsa_method.rsa_pub_dec = default_method->rsa_pub_dec; rsa_method.rsa_verify = default_method->rsa_verify; /* setup the daemon */ if (pipe(pipe_fds) != 0) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "pipe(2) failed:%s", strerror(errno)); goto Fail; } fcntl(pipe_fds[1], F_SETFD, O_CLOEXEC); if ((tempdir = strdup("/tmp/openssl-privsep.XXXXXX")) == NULL) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "no memory"); goto Fail; } if (mkdtemp(tempdir) == NULL) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "failed to create temporary directory under /tmp:%s", strerror(errno)); goto Fail; } memset(&nb->sun_, 0, sizeof(nb->sun_)); nb->sun_.sun_family = AF_UNIX; snprintf(nb->sun_.sun_path, sizeof(nb->sun_.sun_path), "%s/_", tempdir); RAND_bytes(nb->auth_token, sizeof(nb->auth_token)); if ((listen_fd = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "socket(2) failed:%s", strerror(errno)); goto Fail; } if (bind(listen_fd, (void *)&nb->sun_, sizeof(nb->sun_)) != 0) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "failed to bind to %s:%s", nb->sun_.sun_path, strerror(errno)); goto Fail; } if (listen(listen_fd, SOMAXCONN) != 0) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "listen(2) failed:%s", strerror(errno)); goto Fail; } switch (fork()) { case -1: snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "fork(2) failed:%s", strerror(errno)); goto Fail; case 0: close(pipe_fds[1]); #ifdef __linux__ prctl(PR_SET_DUMPABLE, 0, 0, 0, 0); #endif memcpy(daemon_auth_token, nb->auth_token, NEVERBLEED_AUTH_TOKEN_SIZE); daemon_main(listen_fd, pipe_fds[0], tempdir); break; default: break; } close(listen_fd); listen_fd = -1; close(pipe_fds[0]); pipe_fds[0] = -1; /* setup engine */ if ((nb->engine = ENGINE_new()) == NULL || !ENGINE_set_id(nb->engine, "neverbleed") || !ENGINE_set_name(nb->engine, "privilege separation software engine") || !ENGINE_set_RSA(nb->engine, &rsa_method)) { snprintf(errbuf, NEVERBLEED_ERRBUF_SIZE, "failed to initialize the OpenSSL engine"); goto Fail; } ENGINE_add(nb->engine); /* setup thread key */ pthread_key_create(&nb->thread_key, dispose_thread_data); free(tempdir); return 0; Fail: if (pipe_fds[0] != -1) close(pipe_fds[0]); if (pipe_fds[1] != -1) close(pipe_fds[1]); if (tempdir != NULL) { unlink_dir(tempdir); free(tempdir); } if (listen_fd != -1) close(listen_fd); if (nb->engine != NULL) { ENGINE_free(nb->engine); nb->engine = NULL; } return -1; }
/* This internal function is used by ENGINE_zencod () and possibly by the * "dynamic" ENGINE support too ;-) */ static int bind_helper ( ENGINE *e ) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth_rsa ; #endif #ifndef OPENSSL_NO_DSA const DSA_METHOD *meth_dsa ; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth_dh ; #endif const RAND_METHOD *meth_rand ; if ( !ENGINE_set_id ( e, engine_zencod_id ) || !ENGINE_set_name ( e, engine_zencod_name ) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA ( e, &zencod_rsa ) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA ( e, &zencod_dsa ) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH ( e, &zencod_dh ) || #endif !ENGINE_set_RAND ( e, &zencod_rand ) || !ENGINE_set_destroy_function ( e, zencod_destroy ) || !ENGINE_set_init_function ( e, zencod_init ) || !ENGINE_set_finish_function ( e, zencod_finish ) || !ENGINE_set_ctrl_function ( e, zencod_ctrl ) || !ENGINE_set_cmd_defns ( e, zencod_cmd_defns ) || !ENGINE_set_digests ( e, engine_digests ) || !ENGINE_set_ciphers ( e, engine_ciphers ) ) { return 0 ; } #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the Zencod-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth_rsa = RSA_PKCS1_SSLeay () ; zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc ; zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec ; zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc ; zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec ; /* meth_rsa->rsa_mod_exp */ /* meth_rsa->bn_mod_exp */ zencod_rsa.init = meth_rsa->init ; zencod_rsa.finish = meth_rsa->finish ; #endif #ifndef OPENSSL_NO_DSA /* We use OpenSSL meth to supply what we don't provide ;-*) */ meth_dsa = DSA_OpenSSL () ; /* meth_dsa->dsa_do_sign */ zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup ; /* meth_dsa->dsa_do_verify */ zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp ; /* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */ zencod_dsa.init = meth_dsa->init ; zencod_dsa.finish = meth_dsa->finish ; #endif #ifndef OPENSSL_NO_DH /* We use OpenSSL meth to supply what we don't provide ;-*) */ meth_dh = DH_OpenSSL () ; /* zencod_dh.generate_key = meth_dh->generate_key ; */ /* zencod_dh.compute_key = meth_dh->compute_key ; */ /* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */ zencod_dh.init = meth_dh->init ; zencod_dh.finish = meth_dh->finish ; #endif /* We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*) */ meth_rand = RAND_SSLeay () ; /* meth_rand->seed ; */ /* zencod_rand.seed = meth_rand->seed ; */ /* meth_rand->bytes ; */ /* zencod_rand.bytes = meth_rand->bytes ; */ zencod_rand.cleanup = meth_rand->cleanup ; zencod_rand.add = meth_rand->add ; /* meth_rand->pseudorand ; */ /* zencod_rand.pseudorand = meth_rand->pseudorand ; */ /* zencod_rand.status = meth_rand->status ; */ /* meth_rand->status ; */ /* Ensure the zencod error handling is set up */ ERR_load_ZENCOD_strings () ; return 1 ; }