diff options
Diffstat (limited to 'src/engine/openssl')
| -rw-r--r-- | src/engine/openssl/bn_wrap.h | 3 | ||||
| -rw-r--r-- | src/engine/openssl/info.txt | 6 | ||||
| -rw-r--r-- | src/engine/openssl/openssl_engine.h | 26 | ||||
| -rw-r--r-- | src/engine/openssl/openssl_pk.cpp | 345 | ||||
| -rw-r--r-- | src/engine/openssl/ossl_dh.cpp | 60 | ||||
| -rw-r--r-- | src/engine/openssl/ossl_dsa.cpp | 126 | ||||
| -rw-r--r-- | src/engine/openssl/ossl_elg.cpp | 95 | ||||
| -rw-r--r-- | src/engine/openssl/ossl_if.cpp | 85 | ||||
| -rw-r--r-- | src/engine/openssl/ossl_nr.cpp | 113 |
9 files changed, 356 insertions, 503 deletions
diff --git a/src/engine/openssl/bn_wrap.h b/src/engine/openssl/bn_wrap.h index 0307189a9..02a229fdd 100644 --- a/src/engine/openssl/bn_wrap.h +++ b/src/engine/openssl/bn_wrap.h @@ -25,6 +25,9 @@ class OSSL_BN void encode(byte[], u32bit) const; u32bit bytes() const; + SecureVector<byte> to_bytes() const + { return BigInt::encode(to_bigint()); } + OSSL_BN& operator=(const OSSL_BN&); OSSL_BN(const OSSL_BN&); diff --git a/src/engine/openssl/info.txt b/src/engine/openssl/info.txt index c65f80a29..38322bfff 100644 --- a/src/engine/openssl/info.txt +++ b/src/engine/openssl/info.txt @@ -16,12 +16,8 @@ arc4_openssl.cpp bn_powm.cpp bn_wrap.cpp ossl_bc.cpp -ossl_dh.cpp -ossl_dsa.cpp -ossl_elg.cpp -ossl_if.cpp ossl_md.cpp -ossl_nr.cpp +openssl_pk.cpp </source> <requires> diff --git a/src/engine/openssl/openssl_engine.h b/src/engine/openssl/openssl_engine.h index 4ee2be2c0..1ee7e4c11 100644 --- a/src/engine/openssl/openssl_engine.h +++ b/src/engine/openssl/openssl_engine.h @@ -23,29 +23,17 @@ class OpenSSL_Engine : public Engine */ std::string provider_name() const { return "openssl"; } -#if defined(BOTAN_HAS_IF_PUBLIC_KEY_FAMILY) - IF_Operation* if_op(const BigInt&, const BigInt&, const BigInt&, - const BigInt&, const BigInt&, const BigInt&, - const BigInt&, const BigInt&) const; -#endif + PK_Ops::Key_Agreement* + get_key_agreement_op(const Private_Key& key) const; -#if defined(BOTAN_HAS_DSA) - DSA_Operation* dsa_op(const DL_Group&, const BigInt&, - const BigInt&) const; -#endif + PK_Ops::Signature* + get_signature_op(const Private_Key& key) const; -#if defined(BOTAN_HAS_NYBERG_RUEPPEL) - NR_Operation* nr_op(const DL_Group&, const BigInt&, const BigInt&) const; -#endif + PK_Ops::Verification* get_verify_op(const Public_Key& key) const; -#if defined(BOTAN_HAS_ELGAMAL) - ELG_Operation* elg_op(const DL_Group&, const BigInt&, - const BigInt&) const; -#endif + PK_Ops::Encryption* get_encryption_op(const Public_Key& key) const; -#if defined(BOTAN_HAS_DIFFIE_HELLMAN) - DH_Operation* dh_op(const DL_Group&, const BigInt&) const; -#endif + PK_Ops::Decryption* get_decryption_op(const Private_Key& key) const; Modular_Exponentiator* mod_exp(const BigInt&, Power_Mod::Usage_Hints) const; diff --git a/src/engine/openssl/openssl_pk.cpp b/src/engine/openssl/openssl_pk.cpp new file mode 100644 index 000000000..8b8e83ebe --- /dev/null +++ b/src/engine/openssl/openssl_pk.cpp @@ -0,0 +1,345 @@ +/* +* OpenSSL PK operations +* (C) 1999-2010 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#include <botan/internal/openssl_engine.h> +#include <botan/internal/bn_wrap.h> + +#if defined(BOTAN_HAS_RSA) + #include <botan/rsa.h> +#endif + +#if defined(BOTAN_HAS_RW) + #include <botan/rw.h> +#endif + +#if defined(BOTAN_HAS_DSA) + #include <botan/dsa.h> +#endif + +#if defined(BOTAN_HAS_ELGAMAL) + #include <botan/elgamal.h> +#endif + +#if defined(BOTAN_HAS_NYBERG_RUEPPEL) + #include <botan/nr.h> +#endif + +#if defined(BOTAN_HAS_DIFFIE_HELLMAN) + #include <botan/dh.h> +#endif + +namespace Botan { + +namespace { + +#if defined(BOTAN_HAS_DIFFIE_HELLMAN) +class OSSL_DH_KA_Operation : public PK_Ops::Key_Agreement + { + public: + OSSL_DH_KA_Operation(const DH_PrivateKey& dh) : + x(dh.get_x()), p(dh.group_p()) {} + + SecureVector<byte> agree(const byte w[], u32bit w_len) + { + OSSL_BN i(w, w_len), r; + BN_mod_exp(r.value, i.value, x.value, p.value, ctx.value); + return r.to_bytes(); + } + + private: + const OSSL_BN x, p; + OSSL_BN_CTX ctx; + }; +#endif + +#if defined(BOTAN_HAS_DSA) + +class OSSL_DSA_Signature_Operation : public PK_Ops::Signature + { + public: + OSSL_DSA_Signature_Operation(const DSA_PrivateKey& dsa) : + x(dsa.get_x()), + p(dsa.group_p()), + q(dsa.group_q()), + g(dsa.group_g()), + q_bits(dsa.group_q().bits()) {} + + u32bit message_parts() const { return 2; } + u32bit message_part_size() const { return (q_bits + 7) / 8; } + u32bit max_input_bits() const { return q_bits; } + + SecureVector<byte> sign(const byte msg[], u32bit msg_len, + RandomNumberGenerator& rng); + private: + const OSSL_BN x, p, q, g; + const OSSL_BN_CTX ctx; + u32bit q_bits; + }; + +SecureVector<byte> +OSSL_DSA_Signature_Operation::sign(const byte msg[], u32bit msg_len, + RandomNumberGenerator& rng) + { + const u32bit q_bytes = (q_bits + 7) / 8; + + rng.add_entropy(msg, msg_len); + + BigInt k_bn; + do + k_bn.randomize(rng, q_bits); + while(k_bn >= q.to_bigint()); + + OSSL_BN i(msg, msg_len); + OSSL_BN k(k_bn); + + OSSL_BN r; + BN_mod_exp(r.value, g.value, k.value, p.value, ctx.value); + BN_nnmod(r.value, r.value, q.value, ctx.value); + + BN_mod_inverse(k.value, k.value, q.value, ctx.value); + + OSSL_BN s; + BN_mul(s.value, x.value, r.value, ctx.value); + BN_add(s.value, s.value, i.value); + BN_mod_mul(s.value, s.value, k.value, q.value, ctx.value); + + if(BN_is_zero(r.value) || BN_is_zero(s.value)) + throw Internal_Error("OpenSSL_DSA_Op::sign: r or s was zero"); + + SecureVector<byte> output(2*q_bytes); + r.encode(output, q_bytes); + s.encode(output + q_bytes, q_bytes); + return output; + } + +class OSSL_DSA_Verification_Operation : public PK_Ops::Verification + { + public: + OSSL_DSA_Verification_Operation(const DSA_PublicKey& dsa) : + y(dsa.get_y()), + p(dsa.group_p()), + q(dsa.group_q()), + g(dsa.group_g()), + q_bits(dsa.group_q().bits()) {} + + u32bit message_parts() const { return 2; } + u32bit message_part_size() const { return (q_bits + 7) / 8; } + u32bit max_input_bits() const { return q_bits; } + + bool with_recovery() const { return false; } + + bool verify(const byte msg[], u32bit msg_len, + const byte sig[], u32bit sig_len); + private: + const OSSL_BN y, p, q, g; + const OSSL_BN_CTX ctx; + u32bit q_bits; + }; + +bool OSSL_DSA_Verification_Operation::verify(const byte msg[], u32bit msg_len, + const byte sig[], u32bit sig_len) + { + const u32bit q_bytes = q.bytes(); + + if(sig_len != 2*q_bytes || msg_len > q_bytes) + return false; + + OSSL_BN r(sig, q_bytes); + OSSL_BN s(sig + q_bytes, q_bytes); + OSSL_BN i(msg, msg_len); + + if(BN_is_zero(r.value) || BN_cmp(r.value, q.value) >= 0) + return false; + if(BN_is_zero(s.value) || BN_cmp(s.value, q.value) >= 0) + return false; + + if(BN_mod_inverse(s.value, s.value, q.value, ctx.value) == 0) + return false; + + OSSL_BN si; + BN_mod_mul(si.value, s.value, i.value, q.value, ctx.value); + BN_mod_exp(si.value, g.value, si.value, p.value, ctx.value); + + OSSL_BN sr; + BN_mod_mul(sr.value, s.value, r.value, q.value, ctx.value); + BN_mod_exp(sr.value, y.value, sr.value, p.value, ctx.value); + + BN_mod_mul(si.value, si.value, sr.value, p.value, ctx.value); + BN_nnmod(si.value, si.value, q.value, ctx.value); + + if(BN_cmp(si.value, r.value) == 0) + return true; + return false; + + return false; + } + +#endif + +#if defined(BOTAN_HAS_RSA) + +class OSSL_RSA_Private_Operation : public PK_Ops::Signature, + public PK_Ops::Decryption + { + public: + OSSL_RSA_Private_Operation(const RSA_PrivateKey& rsa) : + mod(rsa.get_n()), + p(rsa.get_p()), + q(rsa.get_q()), + d1(rsa.get_d1()), + d2(rsa.get_d2()), + c(rsa.get_c()), + n_bits(rsa.get_n().bits()) + {} + + u32bit max_input_bits() const { return (n_bits - 1); } + + SecureVector<byte> sign(const byte msg[], u32bit msg_len, + RandomNumberGenerator& rng) + { + BigInt m(msg, msg_len); + BigInt x = private_op(m); + return BigInt::encode_1363(x, (n_bits + 7) / 8); + } + + SecureVector<byte> decrypt(const byte msg[], u32bit msg_len) + { + BigInt m(msg, msg_len); + return BigInt::encode(private_op(m)); + } + + private: + BigInt private_op(const BigInt& m) const; + + const OSSL_BN mod, p, q, d1, d2, c; + const OSSL_BN_CTX ctx; + u32bit n_bits; + }; + +BigInt OSSL_RSA_Private_Operation::private_op(const BigInt& m) const + { + OSSL_BN j1, j2, h(m); + + BN_mod_exp(j1.value, h.value, d1.value, p.value, ctx.value); + BN_mod_exp(j2.value, h.value, d2.value, q.value, ctx.value); + BN_sub(h.value, j1.value, j2.value); + BN_mod_mul(h.value, h.value, c.value, p.value, ctx.value); + BN_mul(h.value, h.value, q.value, ctx.value); + BN_add(h.value, h.value, j2.value); + return h.to_bigint(); + } + +class OSSL_RSA_Public_Operation : public PK_Ops::Verification, + public PK_Ops::Encryption + { + public: + OSSL_RSA_Public_Operation(const RSA_PublicKey& rsa) : + n(rsa.get_n()), e(rsa.get_e()), mod(rsa.get_n()) + {} + + u32bit max_input_bits() const { return (n.bits() - 1); } + bool with_recovery() const { return true; } + + SecureVector<byte> encrypt(const byte msg[], u32bit msg_len, + RandomNumberGenerator&) + { + BigInt m(msg, msg_len); + return BigInt::encode_1363(public_op(m), n.bytes()); + } + + SecureVector<byte> verify_mr(const byte msg[], u32bit msg_len) + { + BigInt m(msg, msg_len); + return BigInt::encode(public_op(m)); + } + + private: + BigInt public_op(const BigInt& m) const + { + if(m >= n) + throw Invalid_Argument("RSA public op - input is too large"); + + OSSL_BN m_bn(m), r; + BN_mod_exp(r.value, m_bn.value, e.value, mod.value, ctx.value); + return r.to_bigint(); + } + + const BigInt& n; + const OSSL_BN e, mod; + const OSSL_BN_CTX ctx; + }; + +#endif + +} + +PK_Ops::Key_Agreement* +OpenSSL_Engine::get_key_agreement_op(const Private_Key& key) const + { +#if defined(BOTAN_HAS_DIFFIE_HELLMAN) + if(const DH_PrivateKey* dh = dynamic_cast<const DH_PrivateKey*>(&key)) + return new OSSL_DH_KA_Operation(*dh); +#endif + + return 0; + } + +PK_Ops::Signature* +OpenSSL_Engine::get_signature_op(const Private_Key& key) const + { +#if defined(BOTAN_HAS_RSA) + if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key)) + return new OSSL_RSA_Private_Operation(*s); +#endif + +#if defined(BOTAN_HAS_DSA) + if(const DSA_PrivateKey* s = dynamic_cast<const DSA_PrivateKey*>(&key)) + return new OSSL_DSA_Signature_Operation(*s); +#endif + + return 0; + } + +PK_Ops::Verification* +OpenSSL_Engine::get_verify_op(const Public_Key& key) const + { +#if defined(BOTAN_HAS_RSA) + if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key)) + return new OSSL_RSA_Public_Operation(*s); +#endif + +#if defined(BOTAN_HAS_DSA) + if(const DSA_PublicKey* s = dynamic_cast<const DSA_PublicKey*>(&key)) + return new OSSL_DSA_Verification_Operation(*s); +#endif + + return 0; + } + +PK_Ops::Encryption* +OpenSSL_Engine::get_encryption_op(const Public_Key& key) const + { +#if defined(BOTAN_HAS_RSA) + if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key)) + return new OSSL_RSA_Public_Operation(*s); +#endif + + return 0; + } + +PK_Ops::Decryption* +OpenSSL_Engine::get_decryption_op(const Private_Key& key) const + { +#if defined(BOTAN_HAS_RSA) + if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key)) + return new OSSL_RSA_Private_Operation(*s); +#endif + + return 0; + } + +} diff --git a/src/engine/openssl/ossl_dh.cpp b/src/engine/openssl/ossl_dh.cpp deleted file mode 100644 index 7cbe6477d..000000000 --- a/src/engine/openssl/ossl_dh.cpp +++ /dev/null @@ -1,60 +0,0 @@ -/* -* OpenSSL Engine -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/internal/openssl_engine.h> -#include <botan/internal/bn_wrap.h> -#include <openssl/opensslv.h> - -#if OPENSSL_VERSION_NUMBER < 0x0090700F - #error Your OpenSSL install is too old, upgrade to 0.9.7 or later -#endif - -namespace Botan { - -#if defined(BOTAN_HAS_DIFFIE_HELLMAN) - -namespace { - -/* -* OpenSSL DH Operation -*/ -class OpenSSL_DH_Op : public DH_Operation - { - public: - BigInt agree(const BigInt& i) const; - DH_Operation* clone() const { return new OpenSSL_DH_Op(*this); } - - OpenSSL_DH_Op(const DL_Group& group, const BigInt& x_bn) : - x(x_bn), p(group.get_p()) {} - private: - OSSL_BN x, p; - OSSL_BN_CTX ctx; - }; - -/* -* OpenSSL DH Key Agreement Operation -*/ -BigInt OpenSSL_DH_Op::agree(const BigInt& i_bn) const - { - OSSL_BN i(i_bn), r; - BN_mod_exp(r.value, i.value, x.value, p.value, ctx.value); - return r.to_bigint(); - } - -} - -/* -* Acquire a DH op -*/ -DH_Operation* OpenSSL_Engine::dh_op(const DL_Group& group, - const BigInt& x) const - { - return new OpenSSL_DH_Op(group, x); - } -#endif - -} diff --git a/src/engine/openssl/ossl_dsa.cpp b/src/engine/openssl/ossl_dsa.cpp deleted file mode 100644 index 66529bcec..000000000 --- a/src/engine/openssl/ossl_dsa.cpp +++ /dev/null @@ -1,126 +0,0 @@ -/* -* OpenSSL DSA Engine -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/internal/openssl_engine.h> -#include <botan/internal/bn_wrap.h> -#include <openssl/opensslv.h> - -#if OPENSSL_VERSION_NUMBER < 0x0090700F - #error Your OpenSSL install is too old, upgrade to 0.9.7 or later -#endif - -namespace Botan { - -#if defined(BOTAN_HAS_DSA) - -namespace { - -/* -* OpenSSL DSA Operation -*/ -class OpenSSL_DSA_Op : public DSA_Operation - { - public: - bool verify(const byte[], u32bit, const byte[], u32bit) const; - SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; - - DSA_Operation* clone() const { return new OpenSSL_DSA_Op(*this); } - - OpenSSL_DSA_Op(const DL_Group& group, const BigInt& y1, - const BigInt& x1) : - x(x1), y(y1), p(group.get_p()), q(group.get_q()), g(group.get_g()) {} - private: - const OSSL_BN x, y, p, q, g; - OSSL_BN_CTX ctx; - }; - -/* -* OpenSSL DSA Verify Operation -*/ -bool OpenSSL_DSA_Op::verify(const byte msg[], u32bit msg_len, - const byte sig[], u32bit sig_len) const - { - const u32bit q_bytes = q.bytes(); - - if(sig_len != 2*q_bytes || msg_len > q_bytes) - return false; - - OSSL_BN r(sig, q_bytes); - OSSL_BN s(sig + q_bytes, q_bytes); - OSSL_BN i(msg, msg_len); - - if(BN_is_zero(r.value) || BN_cmp(r.value, q.value) >= 0) - return false; - if(BN_is_zero(s.value) || BN_cmp(s.value, q.value) >= 0) - return false; - - if(BN_mod_inverse(s.value, s.value, q.value, ctx.value) == 0) - return false; - - OSSL_BN si; - BN_mod_mul(si.value, s.value, i.value, q.value, ctx.value); - BN_mod_exp(si.value, g.value, si.value, p.value, ctx.value); - - OSSL_BN sr; - BN_mod_mul(sr.value, s.value, r.value, q.value, ctx.value); - BN_mod_exp(sr.value, y.value, sr.value, p.value, ctx.value); - - BN_mod_mul(si.value, si.value, sr.value, p.value, ctx.value); - BN_nnmod(si.value, si.value, q.value, ctx.value); - - if(BN_cmp(si.value, r.value) == 0) - return true; - return false; - } - -/* -* OpenSSL DSA Sign Operation -*/ -SecureVector<byte> OpenSSL_DSA_Op::sign(const byte in[], u32bit length, - const BigInt& k_bn) const - { - if(BN_is_zero(x.value)) - throw Internal_Error("OpenSSL_DSA_Op::sign: No private key"); - - OSSL_BN i(in, length); - OSSL_BN k(k_bn); - - OSSL_BN r; - BN_mod_exp(r.value, g.value, k.value, p.value, ctx.value); - BN_nnmod(r.value, r.value, q.value, ctx.value); - - BN_mod_inverse(k.value, k.value, q.value, ctx.value); - - OSSL_BN s; - BN_mul(s.value, x.value, r.value, ctx.value); - BN_add(s.value, s.value, i.value); - BN_mod_mul(s.value, s.value, k.value, q.value, ctx.value); - - if(BN_is_zero(r.value) || BN_is_zero(s.value)) - throw Internal_Error("OpenSSL_DSA_Op::sign: r or s was zero"); - - const u32bit q_bytes = q.bytes(); - - SecureVector<byte> output(2*q_bytes); - r.encode(output, q_bytes); - s.encode(output + q_bytes, q_bytes); - return output; - } - -} - -/* -* Acquire a DSA op -*/ -DSA_Operation* OpenSSL_Engine::dsa_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new OpenSSL_DSA_Op(group, y, x); - } -#endif - -} diff --git a/src/engine/openssl/ossl_elg.cpp b/src/engine/openssl/ossl_elg.cpp deleted file mode 100644 index 35c59a7ff..000000000 --- a/src/engine/openssl/ossl_elg.cpp +++ /dev/null @@ -1,95 +0,0 @@ -/* -* OpenSSL Engine -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/internal/openssl_engine.h> -#include <botan/internal/bn_wrap.h> -#include <openssl/opensslv.h> - -#if OPENSSL_VERSION_NUMBER < 0x0090700F - #error Your OpenSSL install is too old, upgrade to 0.9.7 or later -#endif - -namespace Botan { - -#if defined(BOTAN_HAS_ELGAMAL) - -namespace { - -/* -* OpenSSL ElGamal Operation -*/ -class OpenSSL_ELG_Op : public ELG_Operation - { - public: - SecureVector<byte> encrypt(const byte[], u32bit, const BigInt&) const; - BigInt decrypt(const BigInt&, const BigInt&) const; - - ELG_Operation* clone() const { return new OpenSSL_ELG_Op(*this); } - OpenSSL_ELG_Op(const DL_Group& group, const BigInt& y1, - const BigInt& x1) : - x(x1), y(y1), g(group.get_g()), p(group.get_p()) {} - private: - OSSL_BN x, y, g, p; - OSSL_BN_CTX ctx; - }; - -/* -* OpenSSL ElGamal Encrypt Operation -*/ -SecureVector<byte> OpenSSL_ELG_Op::encrypt(const byte in[], u32bit length, - const BigInt& k_bn) const - { - OSSL_BN i(in, length); - - if(BN_cmp(i.value, p.value) >= 0) - throw Invalid_Argument("OpenSSL_ELG_Op: Input is too large"); - - OSSL_BN a, b, k(k_bn); - - BN_mod_exp(a.value, g.value, k.value, p.value, ctx.value); - BN_mod_exp(b.value, y.value, k.value, p.value, ctx.value); - BN_mod_mul(b.value, b.value, i.value, p.value, ctx.value); - - const u32bit p_bytes = p.bytes(); - SecureVector<byte> output(2*p_bytes); - a.encode(output, p_bytes); - b.encode(output + p_bytes, p_bytes); - return output; - } - -/* -* OpenSSL ElGamal Decrypt Operation -*/ -BigInt OpenSSL_ELG_Op::decrypt(const BigInt& a_bn, const BigInt& b_bn) const - { - if(BN_is_zero(x.value)) - throw Internal_Error("OpenSSL_ELG_Op::decrypt: No private key"); - - OSSL_BN a(a_bn), b(b_bn), t; - - if(BN_cmp(a.value, p.value) >= 0 || BN_cmp(b.value, p.value) >= 0) - throw Invalid_Argument("OpenSSL_ELG_Op: Invalid message"); - - BN_mod_exp(t.value, a.value, x.value, p.value, ctx.value); - BN_mod_inverse(a.value, t.value, p.value, ctx.value); - BN_mod_mul(a.value, a.value, b.value, p.value, ctx.value); - return a.to_bigint(); - } - -} - -/* -* Acquire an ElGamal op -*/ -ELG_Operation* OpenSSL_Engine::elg_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new OpenSSL_ELG_Op(group, y, x); - } -#endif - -} diff --git a/src/engine/openssl/ossl_if.cpp b/src/engine/openssl/ossl_if.cpp deleted file mode 100644 index a30a4d8b4..000000000 --- a/src/engine/openssl/ossl_if.cpp +++ /dev/null @@ -1,85 +0,0 @@ -/* -* OpenSSL IF Engine -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/internal/openssl_engine.h> -#include <botan/internal/bn_wrap.h> -#include <openssl/opensslv.h> - -#if OPENSSL_VERSION_NUMBER < 0x0090700F - #error Your OpenSSL install is too old, upgrade to 0.9.7 or later -#endif - -namespace Botan { - -#if defined(BOTAN_HAS_IF_PUBLIC_KEY_FAMILY) - -namespace { - -/* -* OpenSSL IF Operation -*/ -class OpenSSL_IF_Op : public IF_Operation - { - public: - BigInt public_op(const BigInt&) const; - BigInt private_op(const BigInt&) const; - - IF_Operation* clone() const { return new OpenSSL_IF_Op(*this); } - - OpenSSL_IF_Op(const BigInt& e_bn, const BigInt& n_bn, const BigInt&, - const BigInt& p_bn, const BigInt& q_bn, const BigInt& d1_bn, - const BigInt& d2_bn, const BigInt& c_bn) : - e(e_bn), n(n_bn), p(p_bn), q(q_bn), d1(d1_bn), d2(d2_bn), c(c_bn) {} - private: - const OSSL_BN e, n, p, q, d1, d2, c; - OSSL_BN_CTX ctx; - }; - -/* -* OpenSSL IF Public Operation -*/ -BigInt OpenSSL_IF_Op::public_op(const BigInt& i_bn) const - { - OSSL_BN i(i_bn), r; - BN_mod_exp(r.value, i.value, e.value, n.value, ctx.value); - return r.to_bigint(); - } - -/* -* OpenSSL IF Private Operation -*/ -BigInt OpenSSL_IF_Op::private_op(const BigInt& i_bn) const - { - if(BN_is_zero(p.value)) - throw Internal_Error("OpenSSL_IF_Op::private_op: No private key"); - - OSSL_BN j1, j2, h(i_bn); - - BN_mod_exp(j1.value, h.value, d1.value, p.value, ctx.value); - BN_mod_exp(j2.value, h.value, d2.value, q.value, ctx.value); - BN_sub(h.value, j1.value, j2.value); - BN_mod_mul(h.value, h.value, c.value, p.value, ctx.value); - BN_mul(h.value, h.value, q.value, ctx.value); - BN_add(h.value, h.value, j2.value); - return h.to_bigint(); - } - -} - -/* -* Acquire an IF op -*/ -IF_Operation* OpenSSL_Engine::if_op(const BigInt& e, const BigInt& n, - const BigInt& d, const BigInt& p, - const BigInt& q, const BigInt& d1, - const BigInt& d2, const BigInt& c) const - { - return new OpenSSL_IF_Op(e, n, d, p, q, d1, d2, c); - } -#endif - -} diff --git a/src/engine/openssl/ossl_nr.cpp b/src/engine/openssl/ossl_nr.cpp deleted file mode 100644 index b14ec7f8c..000000000 --- a/src/engine/openssl/ossl_nr.cpp +++ /dev/null @@ -1,113 +0,0 @@ -/* -* OpenSSL NR Engine -* (C) 1999-2007 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/internal/openssl_engine.h> -#include <botan/internal/bn_wrap.h> -#include <openssl/opensslv.h> - -#if OPENSSL_VERSION_NUMBER < 0x0090700F - #error Your OpenSSL install is too old, upgrade to 0.9.7 or later -#endif - -namespace Botan { - -#if defined(BOTAN_HAS_NYBERG_RUEPPEL) - -namespace { - -/* -* OpenSSL NR Operation -*/ -class OpenSSL_NR_Op : public NR_Operation - { - public: - SecureVector<byte> verify(const byte[], u32bit) const; - SecureVector<byte> sign(const byte[], u32bit, const BigInt&) const; - - NR_Operation* clone() const { return new OpenSSL_NR_Op(*this); } - - OpenSSL_NR_Op(const DL_Group& group, const BigInt& y1, - const BigInt& x1) : - x(x1), y(y1), p(group.get_p()), q(group.get_q()), g(group.get_g()) {} - private: - const OSSL_BN x, y, p, q, g; - OSSL_BN_CTX ctx; - }; - -/* -* OpenSSL NR Verify Operation -*/ -SecureVector<byte> OpenSSL_NR_Op::verify(const byte sig[], - u32bit sig_len) const - { - const u32bit q_bytes = q.bytes(); - - if(sig_len != 2*q_bytes) - return false; - - OSSL_BN c(sig, q_bytes); - OSSL_BN d(sig + q_bytes, q_bytes); - - if(BN_is_zero(c.value) || BN_cmp(c.value, q.value) >= 0 || - BN_cmp(d.value, q.value) >= 0) - throw Invalid_Argument("OpenSSL_NR_Op::verify: Invalid signature"); - - OSSL_BN i1, i2; - BN_mod_exp(i1.value, g.value, d.value, p.value, ctx.value); - BN_mod_exp(i2.value, y.value, c.value, p.value, ctx.value); - BN_mod_mul(i1.value, i1.value, i2.value, p.value, ctx.value); - BN_sub(i1.value, c.value, i1.value); - BN_nnmod(i1.value, i1.value, q.value, ctx.value); - return BigInt::encode(i1.to_bigint()); - } - -/* -* OpenSSL NR Sign Operation -*/ -SecureVector<byte> OpenSSL_NR_Op::sign(const byte in[], u32bit length, - const BigInt& k_bn) const - { - if(BN_is_zero(x.value)) - throw Internal_Error("OpenSSL_NR_Op::sign: No private key"); - - OSSL_BN f(in, length); - OSSL_BN k(k_bn); - - if(BN_cmp(f.value, q.value) >= 0) - throw Invalid_Argument("OpenSSL_NR_Op::sign: Input is out of range"); - - OSSL_BN c, d; - BN_mod_exp(c.value, g.value, k.value, p.value, ctx.value); - BN_add(c.value, c.value, f.value); - BN_nnmod(c.value, c.value, q.value, ctx.value); - BN_mul(d.value, x.value, c.value, ctx.value); - BN_sub(d.value, k.value, d.value); - BN_nnmod(d.value, d.value, q.value, ctx.value); - - if(BN_is_zero(c.value)) - throw Internal_Error("Default_NR_Op::sign: c was zero"); - - const u32bit q_bytes = q.bytes(); - SecureVector<byte> output(2*q_bytes); - c.encode(output, q_bytes); - d.encode(output + q_bytes, q_bytes); - return output; - } - -} - -/* -* Acquire a NR op -*/ -NR_Operation* OpenSSL_Engine::nr_op(const DL_Group& group, const BigInt& y, - const BigInt& x) const - { - return new OpenSSL_NR_Op(group, y, x); - } -#endif - -} |