]>
Commit | Line | Data |
---|---|---|
8efc0c15 | 1 | /* |
5260325f | 2 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
5260325f | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
4 | * All rights reserved | |
6ae2364d | 5 | * |
bcbf86ec | 6 | * As far as I am concerned, the code I have written for this software |
7 | * can be used freely for any purpose. Any derived versions of this | |
8 | * software must be clearly marked as such, and if the derived work is | |
9 | * incompatible with the protocol description in the RFC file, it must be | |
10 | * called by a name other than "ssh" or "Secure Shell". | |
11 | * | |
12 | * | |
13 | * Copyright (c) 1999 Niels Provos. All rights reserved. | |
14 | * | |
15 | * Redistribution and use in source and binary forms, with or without | |
16 | * modification, are permitted provided that the following conditions | |
17 | * are met: | |
18 | * 1. Redistributions of source code must retain the above copyright | |
19 | * notice, this list of conditions and the following disclaimer. | |
20 | * 2. Redistributions in binary form must reproduce the above copyright | |
21 | * notice, this list of conditions and the following disclaimer in the | |
22 | * documentation and/or other materials provided with the distribution. | |
6ae2364d | 23 | * |
bcbf86ec | 24 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
25 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
26 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
27 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
28 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
29 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
30 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
31 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
32 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
33 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
34 | * | |
35 | * | |
36 | * Description of the RSA algorithm can be found e.g. from the following | |
37 | * sources: | |
6ae2364d | 38 | * |
5260325f | 39 | * Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. |
6ae2364d | 40 | * |
5260325f | 41 | * Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to |
42 | * Computer Security. Prentice-Hall, 1989. | |
6ae2364d | 43 | * |
5260325f | 44 | * Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill, |
45 | * 1994. | |
6ae2364d | 46 | * |
5260325f | 47 | * R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications |
48 | * System and Method. US Patent 4,405,829, 1983. | |
6ae2364d | 49 | * |
5260325f | 50 | * Hans Riesel: Prime Numbers and Computer Methods for Factorization. |
51 | * Birkhauser, 1994. | |
6ae2364d | 52 | * |
bcbf86ec | 53 | * The RSA Frequently Asked Questions document by RSA Data Security, |
54 | * Inc., 1995. | |
6ae2364d | 55 | * |
bcbf86ec | 56 | * RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as |
57 | * included below: | |
6ae2364d | 58 | * |
5260325f | 59 | * [gone - had to be deleted - what a pity] |
bcbf86ec | 60 | */ |
8efc0c15 | 61 | |
62 | #include "includes.h" | |
bcbf86ec | 63 | RCSID("$OpenBSD: rsa.c,v 1.16 2000/09/07 20:27:53 deraadt Exp $"); |
8efc0c15 | 64 | |
65 | #include "rsa.h" | |
66 | #include "ssh.h" | |
67 | #include "xmalloc.h" | |
bfc9a610 | 68 | #include "entropy.h" |
8efc0c15 | 69 | |
70 | int rsa_verbose = 1; | |
71 | ||
72 | int | |
73 | rsa_alive() | |
74 | { | |
5260325f | 75 | RSA *key; |
8efc0c15 | 76 | |
54096dcc | 77 | seed_rng(); |
5260325f | 78 | key = RSA_generate_key(32, 3, NULL, NULL); |
79 | if (key == NULL) | |
80 | return (0); | |
81 | RSA_free(key); | |
82 | return (1); | |
8efc0c15 | 83 | } |
84 | ||
aa3378df | 85 | /* |
86 | * Generates RSA public and private keys. This initializes the data | |
87 | * structures; they should be freed with rsa_clear_private_key and | |
88 | * rsa_clear_public_key. | |
89 | */ | |
8efc0c15 | 90 | |
91 | void | |
92 | rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits) | |
93 | { | |
5260325f | 94 | RSA *key; |
95 | ||
69c76614 | 96 | seed_rng(); |
97 | ||
5260325f | 98 | if (rsa_verbose) { |
99 | printf("Generating RSA keys: "); | |
100 | fflush(stdout); | |
101 | } | |
22d89d24 | 102 | key = RSA_generate_key(bits, 35, NULL, NULL); |
5260325f | 103 | if (key == NULL) |
104 | fatal("rsa_generate_key: key generation failed."); | |
105 | ||
106 | /* Copy public key parameters */ | |
107 | pub->n = BN_new(); | |
108 | BN_copy(pub->n, key->n); | |
109 | pub->e = BN_new(); | |
110 | BN_copy(pub->e, key->e); | |
111 | ||
112 | /* Copy private key parameters */ | |
113 | prv->n = BN_new(); | |
114 | BN_copy(prv->n, key->n); | |
115 | prv->e = BN_new(); | |
116 | BN_copy(prv->e, key->e); | |
117 | prv->d = BN_new(); | |
118 | BN_copy(prv->d, key->d); | |
119 | prv->p = BN_new(); | |
120 | BN_copy(prv->p, key->p); | |
121 | prv->q = BN_new(); | |
122 | BN_copy(prv->q, key->q); | |
123 | ||
124 | prv->dmp1 = BN_new(); | |
125 | BN_copy(prv->dmp1, key->dmp1); | |
126 | ||
127 | prv->dmq1 = BN_new(); | |
128 | BN_copy(prv->dmq1, key->dmq1); | |
129 | ||
130 | prv->iqmp = BN_new(); | |
131 | BN_copy(prv->iqmp, key->iqmp); | |
132 | ||
133 | RSA_free(key); | |
134 | ||
135 | if (rsa_verbose) | |
136 | printf("Key generation complete.\n"); | |
8efc0c15 | 137 | } |
138 | ||
139 | void | |
5260325f | 140 | rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key) |
8efc0c15 | 141 | { |
610cd5c6 | 142 | unsigned char *inbuf, *outbuf; |
5260325f | 143 | int len, ilen, olen; |
8efc0c15 | 144 | |
5260325f | 145 | if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) |
146 | fatal("rsa_public_encrypt() exponent too small or not odd"); | |
8efc0c15 | 147 | |
5260325f | 148 | olen = BN_num_bytes(key->n); |
149 | outbuf = xmalloc(olen); | |
8efc0c15 | 150 | |
5260325f | 151 | ilen = BN_num_bytes(in); |
152 | inbuf = xmalloc(ilen); | |
153 | BN_bn2bin(in, inbuf); | |
8efc0c15 | 154 | |
5260325f | 155 | if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, |
c8d54615 | 156 | RSA_PKCS1_PADDING)) <= 0) |
5260325f | 157 | fatal("rsa_public_encrypt() failed"); |
8efc0c15 | 158 | |
5260325f | 159 | BN_bin2bn(outbuf, len, out); |
8efc0c15 | 160 | |
5260325f | 161 | memset(outbuf, 0, olen); |
162 | memset(inbuf, 0, ilen); | |
163 | xfree(outbuf); | |
164 | xfree(inbuf); | |
8efc0c15 | 165 | } |
166 | ||
167 | void | |
168 | rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) | |
169 | { | |
610cd5c6 | 170 | unsigned char *inbuf, *outbuf; |
5260325f | 171 | int len, ilen, olen; |
8efc0c15 | 172 | |
5260325f | 173 | olen = BN_num_bytes(key->n); |
174 | outbuf = xmalloc(olen); | |
8efc0c15 | 175 | |
5260325f | 176 | ilen = BN_num_bytes(in); |
177 | inbuf = xmalloc(ilen); | |
178 | BN_bn2bin(in, inbuf); | |
8efc0c15 | 179 | |
5260325f | 180 | if ((len = RSA_private_decrypt(ilen, inbuf, outbuf, key, |
c8d54615 | 181 | RSA_PKCS1_PADDING)) <= 0) |
5260325f | 182 | fatal("rsa_private_decrypt() failed"); |
8efc0c15 | 183 | |
5260325f | 184 | BN_bin2bn(outbuf, len, out); |
8efc0c15 | 185 | |
5260325f | 186 | memset(outbuf, 0, olen); |
187 | memset(inbuf, 0, ilen); | |
188 | xfree(outbuf); | |
189 | xfree(inbuf); | |
8efc0c15 | 190 | } |
191 | ||
192 | /* Set whether to output verbose messages during key generation. */ | |
193 | ||
194 | void | |
195 | rsa_set_verbose(int verbose) | |
196 | { | |
5260325f | 197 | rsa_verbose = verbose; |
8efc0c15 | 198 | } |