static isc_result_t
pkcs11rsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
int i;
pk11_object_t *rsa;
CK_ATTRIBUTE *attr;
isc_mem_t *mctx = key->mctx;
const char *engine = NULL, *label = NULL;
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
if (key->external) {
if (priv.nelements != 0)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pub == NULL)
DST_RET(DST_R_INVALIDPRIVATEKEY);
key->keydata.pkey = pub->keydata.pkey;
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
}
for (i = 0; i < priv.nelements; i++) {
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
engine = (char *)priv.elements[i].data;
break;
case TAG_RSA_LABEL:
label = (char *)priv.elements[i].data;
break;
default:
break;
}
}
rsa = (pk11_object_t *) isc_mem_get(key->mctx, sizeof(*rsa));
if (rsa == NULL)
DST_RET(ISC_R_NOMEMORY);
memset(rsa, 0, sizeof(*rsa));
key->keydata.pkey = rsa;
/* Is this key is stored in a HSM? See if we can fetch it. */
if ((label != NULL) || (engine != NULL)) {
ret = pkcs11rsa_fetch(key, engine, label, pub);
if (ret != ISC_R_SUCCESS)
goto err;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
rsa->repr = (CK_ATTRIBUTE *) isc_mem_get(key->mctx, sizeof(*attr) * 8);
if (rsa->repr == NULL)
DST_RET(ISC_R_NOMEMORY);
memset(rsa->repr, 0, sizeof(*attr) * 8);
rsa->attrcnt = 8;
attr = rsa->repr;
attr[0].type = CKA_MODULUS;
attr[1].type = CKA_PUBLIC_EXPONENT;
attr[2].type = CKA_PRIVATE_EXPONENT;
attr[3].type = CKA_PRIME_1;
attr[4].type = CKA_PRIME_2;
attr[5].type = CKA_EXPONENT_1;
attr[6].type = CKA_EXPONENT_2;
attr[7].type = CKA_COEFFICIENT;
for (i = 0; i < priv.nelements; i++) {
CK_BYTE *bn;
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
continue;
case TAG_RSA_LABEL:
continue;
default:
bn = isc_mem_get(key->mctx, priv.elements[i].length);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
memmove(bn, priv.elements[i].data,
priv.elements[i].length);
}
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
attr = pk11_attribute_bytype(rsa, CKA_MODULUS);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_PUBLICEXPONENT:
attr = pk11_attribute_bytype(rsa,
CKA_PUBLIC_EXPONENT);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_PRIVATEEXPONENT:
attr = pk11_attribute_bytype(rsa,
CKA_PRIVATE_EXPONENT);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_PRIME1:
attr = pk11_attribute_bytype(rsa, CKA_PRIME_1);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_PRIME2:
attr = pk11_attribute_bytype(rsa, CKA_PRIME_2);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_EXPONENT1:
attr = pk11_attribute_bytype(rsa,
CKA_EXPONENT_1);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_EXPONENT2:
attr = pk11_attribute_bytype(rsa,
CKA_EXPONENT_2);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
case TAG_RSA_COEFFICIENT:
attr = pk11_attribute_bytype(rsa,
CKA_COEFFICIENT);
INSIST(attr != NULL);
attr->pValue = bn;
attr->ulValueLen = priv.elements[i].length;
break;
}
}
if (rsa_check(rsa, pub->keydata.pkey) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
attr = pk11_attribute_bytype(rsa, CKA_MODULUS);
INSIST(attr != NULL);
key->key_size = pk11_numbits(attr->pValue, attr->ulValueLen);
attr = pk11_attribute_bytype(rsa, CKA_PUBLIC_EXPONENT);
INSIST(attr != NULL);
if (pk11_numbits(attr->pValue, attr->ulValueLen) > RSA_MAX_PUBEXP_BITS)
DST_RET(ISC_R_RANGE);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
err:
pkcs11rsa_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static isc_result_t
opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
const char *pin)
{
#ifdef USE_ENGINE
ENGINE *e = NULL;
isc_result_t ret;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL, *pubrsa = NULL;
char *colon;
UNUSED(pin);
if (engine == NULL)
DST_RET(DST_R_NOENGINE);
e = dst__openssl_getengine(engine);
if (e == NULL)
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_public_key(e, label, NULL, NULL);
if (pkey != NULL) {
pubrsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
if (pubrsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
pkey = ENGINE_load_private_key(e, label, NULL, NULL);
if (pkey == NULL)
DST_RET(dst__openssl_toresult2("ENGINE_load_private_key",
ISC_R_NOTFOUND));
if (engine != NULL) {
key->engine = isc_mem_strdup(key->mctx, engine);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
} else {
key->engine = isc_mem_strdup(key->mctx, label);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
colon = strchr(key->engine, ':');
if (colon != NULL)
*colon = '\0';
}
key->label = isc_mem_strdup(key->mctx, label);
if (key->label == NULL)
DST_RET(ISC_R_NOMEMORY);
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->key_size = EVP_PKEY_bits(pkey);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
EVP_PKEY_free(pkey);
#endif
return (ISC_R_SUCCESS);
err:
if (rsa != NULL)
RSA_free(rsa);
if (pubrsa != NULL)
RSA_free(pubrsa);
if (pkey != NULL)
EVP_PKEY_free(pkey);
return (ret);
#else
UNUSED(key);
UNUSED(engine);
UNUSED(label);
UNUSED(pin);
return(DST_R_NOENGINE);
#endif
}
int image_rsa_check(
unsigned int image_mem_addr,
unsigned int image_size,
unsigned int sig_addr,
unsigned int sig_size)
{
int ret = 0, i, j, k;
char *key = NULL;
unsigned int pub_key_addr, pub_key_size;
unsigned char out_buf[128], hash_kernel[32], hash_signature[64], tmp;
key = getenv("wmt.rsa.pem");
if (!key) {
printf("get public key fail\n");
return 1;
}
pub_key_size = strlen(key);
#ifdef DEBUG_RSA_CMD
printf("pub_key_size=0x%x, key=%s\n", pub_key_size, key);
#endif
cypher_initialization();
ret = cypher_encode(image_mem_addr, image_size, (unsigned int)hash_kernel);
cipher_release();
if (ret) {
printf("cypher decode fail\n");
return 1;
}
pub_key_addr = (u32) key;
ret = rsa_check(pub_key_addr, pub_key_size, sig_addr, sig_size, out_buf);
if (ret) {
printf("decode signature fail\n");
return 2;
}
for (i = 0, j = 0; i < 64; i=i+2,j++) {
tmp = 0;
for (k = 0; k < 2; k++) {
if (out_buf[i+k] == '0')
tmp += ((k == 0) ?(0<<4):0);
else if (out_buf[i+k] == '1')
tmp += ((k == 0) ?(1<<4):1);
else if (out_buf[i+k] == '2')
tmp += ((k == 0) ?(2<<4):2);
else if (out_buf[i+k] == '3')
tmp += ((k == 0) ?(3<<4):3);
else if (out_buf[i+k] == '4')
tmp += ((k == 0) ?(4<<4):4);
else if (out_buf[i+k] == '5')
tmp += ((k == 0) ?(5<<4):5);
else if (out_buf[i+k] == '6')
tmp += ((k == 0) ?(6<<4):6);
else if (out_buf[i+k] == '7')
tmp += ((k == 0) ?(7<<4):7);
else if (out_buf[i+k] == '8')
tmp += ((k == 0) ?(8<<4):8);
else if (out_buf[i+k] == '9')
tmp += ((k == 0) ?(9<<4):9);
else if (out_buf[i+k] == 'a')
tmp += ((k == 0) ?(0xa<<4):0xa);
else if (out_buf[i+k] == 'b')
tmp += ((k == 0) ?(0xb<<4):0xb);
else if (out_buf[i+k] == 'c')
tmp += ((k == 0) ?(0xc<<4):0xc);
else if (out_buf[i+k] == 'd')
tmp += ((k == 0) ?(0xd<<4):0xd);
else if (out_buf[i+k] == 'e')
tmp += ((k == 0) ?(0xe<<4):0xe);
else if (out_buf[i+k] == 'f')
tmp += ((k == 0) ?(0xf<<4):0xf);
else {
printf("change from character to digit fail out_buf[%d]=%c\n", i, out_buf[i]);
ret = 3;
break;
}
}
//printf("i=%d ,j=%d tmp=%x out_buf=%d%c\n", i , j, tmp, out_buf[i+1], out_buf[i]);
if (ret == 3)
break;
hash_signature[j] = tmp;
}
if (strncmp((char *)hash_signature, (char *)hash_kernel, 32) != 0) {
printf("signature decode =");
for (i = 0; i < 32; i++)
printf("%2.2x", hash_signature[i]);
printf("\nbootImage decode =");
for (i = 0; i < 32; i++)
printf("%x", hash_kernel[i]);
printf("\n sha256 cmp fail\n");
return 3;
}
return ret;
}
static isc_result_t
opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
int i;
RSA *rsa = NULL, *pubrsa = NULL;
#ifdef USE_ENGINE
ENGINE *e = NULL;
#endif
isc_mem_t *mctx = key->mctx;
const char *engine = NULL, *label = NULL;
#if defined(USE_ENGINE) || USE_EVP
EVP_PKEY *pkey = NULL;
#endif
#if USE_EVP
if (pub != NULL && pub->keydata.pkey != NULL)
pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey);
#else
if (pub != NULL && pub->keydata.rsa != NULL) {
pubrsa = pub->keydata.rsa;
pub->keydata.rsa = NULL;
}
#endif
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
goto err;
for (i = 0; i < priv.nelements; i++) {
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
engine = (char *)priv.elements[i].data;
break;
case TAG_RSA_LABEL:
label = (char *)priv.elements[i].data;
break;
default:
break;
}
}
/*
* Is this key is stored in a HSM?
* See if we can fetch it.
*/
if (label != NULL) {
#ifdef USE_ENGINE
if (engine == NULL)
DST_RET(DST_R_NOENGINE);
e = dst__openssl_getengine(engine);
if (e == NULL)
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_private_key(e, label, NULL, NULL);
if (pkey == NULL)
DST_RET(dst__openssl_toresult2(
"ENGINE_load_private_key",
ISC_R_NOTFOUND));
key->engine = isc_mem_strdup(key->mctx, engine);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
key->label = isc_mem_strdup(key->mctx, label);
if (key->label == NULL)
DST_RET(ISC_R_NOMEMORY);
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->key_size = EVP_PKEY_bits(pkey);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
EVP_PKEY_free(pkey);
#endif
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
#else
DST_RET(DST_R_NOENGINE);
#endif
}
rsa = RSA_new();
if (rsa == NULL)
DST_RET(ISC_R_NOMEMORY);
SET_FLAGS(rsa);
#if USE_EVP
pkey = EVP_PKEY_new();
if (pkey == NULL)
DST_RET(ISC_R_NOMEMORY);
if (!EVP_PKEY_set1_RSA(pkey, rsa))
DST_RET(ISC_R_FAILURE);
key->keydata.pkey = pkey;
#else
key->keydata.rsa = rsa;
#endif
for (i = 0; i < priv.nelements; i++) {
BIGNUM *bn;
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
continue;
case TAG_RSA_LABEL:
continue;
case TAG_RSA_PIN:
continue;
default:
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
}
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
rsa->n = bn;
break;
case TAG_RSA_PUBLICEXPONENT:
rsa->e = bn;
break;
case TAG_RSA_PRIVATEEXPONENT:
rsa->d = bn;
break;
case TAG_RSA_PRIME1:
rsa->p = bn;
break;
case TAG_RSA_PRIME2:
rsa->q = bn;
break;
case TAG_RSA_EXPONENT1:
rsa->dmp1 = bn;
break;
case TAG_RSA_EXPONENT2:
rsa->dmq1 = bn;
break;
case TAG_RSA_COEFFICIENT:
rsa->iqmp = bn;
break;
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
key->key_size = BN_num_bits(rsa->n);
if (pubrsa != NULL)
RSA_free(pubrsa);
#if USE_EVP
RSA_free(rsa);
#endif
return (ISC_R_SUCCESS);
err:
#if USE_EVP
if (pkey != NULL)
EVP_PKEY_free(pkey);
#endif
if (rsa != NULL)
RSA_free(rsa);
if (pubrsa != NULL)
RSA_free(pubrsa);
opensslrsa_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static isc_result_t
opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
int i;
RSA *rsa = NULL, *pubrsa = NULL;
#ifdef USE_ENGINE
ENGINE *ep = NULL;
const BIGNUM *ex = NULL;
#endif
isc_mem_t *mctx = key->mctx;
const char *engine = NULL, *label = NULL;
#if defined(USE_ENGINE) || USE_EVP
EVP_PKEY *pkey = NULL;
#endif
BIGNUM *n = NULL, *e = NULL, *d = NULL;
BIGNUM *p = NULL, *q = NULL;
BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
goto err;
if (key->external) {
if (priv.nelements != 0)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pub == NULL)
DST_RET(DST_R_INVALIDPRIVATEKEY);
key->keydata.pkey = pub->keydata.pkey;
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
}
#if USE_EVP
if (pub != NULL && pub->keydata.pkey != NULL)
pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey);
#else
if (pub != NULL && pub->keydata.rsa != NULL) {
pubrsa = pub->keydata.rsa;
pub->keydata.rsa = NULL;
}
#endif
for (i = 0; i < priv.nelements; i++) {
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
engine = (char *)priv.elements[i].data;
break;
case TAG_RSA_LABEL:
label = (char *)priv.elements[i].data;
break;
default:
break;
}
}
/*
* Is this key is stored in a HSM?
* See if we can fetch it.
*/
if (label != NULL) {
#ifdef USE_ENGINE
if (engine == NULL)
DST_RET(DST_R_NOENGINE);
ep = dst__openssl_getengine(engine);
if (ep == NULL)
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_private_key(ep, label, NULL, NULL);
if (pkey == NULL)
DST_RET(dst__openssl_toresult2(
"ENGINE_load_private_key",
ISC_R_NOTFOUND));
key->engine = isc_mem_strdup(key->mctx, engine);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
key->label = isc_mem_strdup(key->mctx, label);
if (key->label == NULL)
DST_RET(ISC_R_NOMEMORY);
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
RSA_get0_key(rsa, NULL, &ex, NULL);
if (BN_num_bits(ex) > RSA_MAX_PUBEXP_BITS)
DST_RET(ISC_R_RANGE);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->key_size = EVP_PKEY_bits(pkey);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
EVP_PKEY_free(pkey);
#endif
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
#else
DST_RET(DST_R_NOENGINE);
#endif
}
rsa = RSA_new();
if (rsa == NULL)
DST_RET(ISC_R_NOMEMORY);
SET_FLAGS(rsa);
#if USE_EVP
pkey = EVP_PKEY_new();
if (pkey == NULL)
DST_RET(ISC_R_NOMEMORY);
if (!EVP_PKEY_set1_RSA(pkey, rsa))
DST_RET(ISC_R_FAILURE);
key->keydata.pkey = pkey;
#else
key->keydata.rsa = rsa;
#endif
for (i = 0; i < priv.nelements; i++) {
BIGNUM *bn;
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
continue;
case TAG_RSA_LABEL:
continue;
default:
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
n = bn;
break;
case TAG_RSA_PUBLICEXPONENT:
e = bn;
break;
case TAG_RSA_PRIVATEEXPONENT:
d = bn;
break;
case TAG_RSA_PRIME1:
p = bn;
break;
case TAG_RSA_PRIME2:
q = bn;
break;
case TAG_RSA_EXPONENT1:
dmp1 = bn;
break;
case TAG_RSA_EXPONENT2:
dmq1 = bn;
break;
case TAG_RSA_COEFFICIENT:
iqmp = bn;
break;
}
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
if (RSA_set0_key(rsa, n, e, d) == 0) {
if (n != NULL) BN_free(n);
if (e != NULL) BN_free(e);
if (d != NULL) BN_free(d);
}
if (RSA_set0_factors(rsa, p, q) == 0) {
if (p != NULL) BN_free(p);
if (q != NULL) BN_free(q);
}
if (RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp) == 0) {
if (dmp1 != NULL) BN_free(dmp1);
if (dmq1 != NULL) BN_free(dmq1);
if (iqmp != NULL) BN_free(iqmp);
}
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (BN_num_bits(e) > RSA_MAX_PUBEXP_BITS)
DST_RET(ISC_R_RANGE);
key->key_size = BN_num_bits(n);
if (pubrsa != NULL)
RSA_free(pubrsa);
#if USE_EVP
RSA_free(rsa);
#endif
return (ISC_R_SUCCESS);
err:
#if USE_EVP
if (pkey != NULL)
EVP_PKEY_free(pkey);
#endif
if (rsa != NULL)
RSA_free(rsa);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->keydata.generic = NULL;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
