aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/engine/openssl/bn_powm.cpp54
-rw-r--r--src/lib/engine/openssl/bn_wrap.cpp116
-rw-r--r--src/lib/engine/openssl/bn_wrap.h60
-rw-r--r--src/lib/engine/openssl/info.txt4
-rw-r--r--src/lib/engine/openssl/openssl_engine.h16
-rw-r--r--src/lib/engine/openssl/ossl_pk.cpp338
6 files changed, 0 insertions, 588 deletions
diff --git a/src/lib/engine/openssl/bn_powm.cpp b/src/lib/engine/openssl/bn_powm.cpp
deleted file mode 100644
index ac06fbe77..000000000
--- a/src/lib/engine/openssl/bn_powm.cpp
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
-* OpenSSL Modular Exponentiation
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/internal/openssl_engine.h>
-#include <botan/internal/bn_wrap.h>
-
-namespace Botan {
-
-namespace {
-
-/*
-* OpenSSL Modular Exponentiator
-*/
-class OpenSSL_Modular_Exponentiator : public Modular_Exponentiator
- {
- public:
- void set_base(const BigInt& b) { base = b; }
- void set_exponent(const BigInt& e) { exp = e; }
- BigInt execute() const;
- Modular_Exponentiator* copy() const
- { return new OpenSSL_Modular_Exponentiator(*this); }
-
- OpenSSL_Modular_Exponentiator(const BigInt& n) : mod(n) {}
- private:
- OSSL_BN base, exp, mod;
- OSSL_BN_CTX ctx;
- };
-
-/*
-* Compute the result
-*/
-BigInt OpenSSL_Modular_Exponentiator::execute() const
- {
- OSSL_BN r;
- BN_mod_exp(r.ptr(), base.ptr(), exp.ptr(), mod.ptr(), ctx.ptr());
- return r.to_bigint();
- }
-
-}
-
-/*
-* Return the OpenSSL-based modular exponentiator
-*/
-Modular_Exponentiator* OpenSSL_Engine::mod_exp(const BigInt& n,
- Power_Mod::Usage_Hints) const
- {
- return new OpenSSL_Modular_Exponentiator(n);
- }
-
-}
diff --git a/src/lib/engine/openssl/bn_wrap.cpp b/src/lib/engine/openssl/bn_wrap.cpp
deleted file mode 100644
index 0a7e42368..000000000
--- a/src/lib/engine/openssl/bn_wrap.cpp
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
-* OpenSSL BN Wrapper
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/internal/bn_wrap.h>
-
-namespace Botan {
-
-/*
-* OSSL_BN Constructor
-*/
-OSSL_BN::OSSL_BN(const BigInt& in)
- {
- m_bn = BN_new();
- secure_vector<byte> encoding = BigInt::encode_locked(in);
- if(in != 0)
- BN_bin2bn(&encoding[0], encoding.size(), m_bn);
- }
-
-/*
-* OSSL_BN Constructor
-*/
-OSSL_BN::OSSL_BN(const byte in[], size_t length)
- {
- m_bn = BN_new();
- BN_bin2bn(in, length, m_bn);
- }
-
-/*
-* OSSL_BN Copy Constructor
-*/
-OSSL_BN::OSSL_BN(const OSSL_BN& other)
- {
- m_bn = BN_dup(other.m_bn);
- }
-
-/*
-* OSSL_BN Destructor
-*/
-OSSL_BN::~OSSL_BN()
- {
- BN_clear_free(m_bn);
- }
-
-/*
-* OSSL_BN Assignment Operator
-*/
-OSSL_BN& OSSL_BN::operator=(const OSSL_BN& other)
- {
- BN_copy(m_bn, other.m_bn);
- return (*this);
- }
-
-/*
-* Export the BIGNUM as a bytestring
-*/
-void OSSL_BN::encode(byte out[], size_t length) const
- {
- BN_bn2bin(m_bn, out + (length - bytes()));
- }
-
-/*
-* Return the number of significant bytes
-*/
-size_t OSSL_BN::bytes() const
- {
- return BN_num_bytes(m_bn);
- }
-
-/*
-* OpenSSL to BigInt Conversions
-*/
-BigInt OSSL_BN::to_bigint() const
- {
- secure_vector<byte> out(bytes());
- BN_bn2bin(m_bn, &out[0]);
- return BigInt::decode(out);
- }
-
-/*
-* OSSL_BN_CTX Constructor
-*/
-OSSL_BN_CTX::OSSL_BN_CTX()
- {
- m_ctx = BN_CTX_new();
- }
-
-/*
-* OSSL_BN_CTX Copy Constructor
-*/
-OSSL_BN_CTX::OSSL_BN_CTX(const OSSL_BN_CTX&)
- {
- m_ctx = BN_CTX_new();
- }
-
-/*
-* OSSL_BN_CTX Destructor
-*/
-OSSL_BN_CTX::~OSSL_BN_CTX()
- {
- BN_CTX_free(m_ctx);
- }
-
-/*
-* OSSL_BN_CTX Assignment Operator
-*/
-OSSL_BN_CTX& OSSL_BN_CTX::operator=(const OSSL_BN_CTX&)
- {
- m_ctx = BN_CTX_new();
- return (*this);
- }
-
-}
diff --git a/src/lib/engine/openssl/bn_wrap.h b/src/lib/engine/openssl/bn_wrap.h
deleted file mode 100644
index 12bcec152..000000000
--- a/src/lib/engine/openssl/bn_wrap.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
-* OpenSSL BN Wrapper
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_OPENSSL_BN_WRAP_H__
-#define BOTAN_OPENSSL_BN_WRAP_H__
-
-#include <botan/bigint.h>
-#include <openssl/bn.h>
-
-namespace Botan {
-
-/**
-* Lightweight OpenSSL BN wrapper. For internal use only.
-*/
-class OSSL_BN
- {
- public:
- BigInt to_bigint() const;
- void encode(byte[], size_t) const;
- size_t bytes() const;
-
- secure_vector<byte> to_bytes() const
- { return BigInt::encode_locked(to_bigint()); }
-
- OSSL_BN& operator=(const OSSL_BN&);
-
- OSSL_BN(const OSSL_BN&);
- OSSL_BN(const BigInt& = 0);
- OSSL_BN(const byte[], size_t);
- ~OSSL_BN();
-
- BIGNUM* ptr() const { return m_bn; }
- private:
- BIGNUM* m_bn;
- };
-
-/**
-* Lightweight OpenSSL BN_CTX wrapper. For internal use only.
-*/
-class OSSL_BN_CTX
- {
- public:
- OSSL_BN_CTX& operator=(const OSSL_BN_CTX&);
-
- OSSL_BN_CTX();
- OSSL_BN_CTX(const OSSL_BN_CTX&);
- ~OSSL_BN_CTX();
-
- BN_CTX* ptr() const { return m_ctx; }
- private:
- BN_CTX* m_ctx;
- };
-
-}
-
-#endif
diff --git a/src/lib/engine/openssl/info.txt b/src/lib/engine/openssl/info.txt
index d500816d5..c1be7bf9b 100644
--- a/src/lib/engine/openssl/info.txt
+++ b/src/lib/engine/openssl/info.txt
@@ -8,16 +8,12 @@ all -> crypto
<header:internal>
openssl_engine.h
-bn_wrap.h
</header:internal>
<source>
-bn_powm.cpp
-bn_wrap.cpp
ossl_arc4.cpp
ossl_bc.cpp
ossl_md.cpp
-ossl_pk.cpp
</source>
<requires>
diff --git a/src/lib/engine/openssl/openssl_engine.h b/src/lib/engine/openssl/openssl_engine.h
index 5c0d1511d..a106f3d21 100644
--- a/src/lib/engine/openssl/openssl_engine.h
+++ b/src/lib/engine/openssl/openssl_engine.h
@@ -20,22 +20,6 @@ class OpenSSL_Engine : public Engine
public:
std::string provider_name() const override { return "openssl"; }
- PK_Ops::Key_Agreement*
- get_key_agreement_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
-
- PK_Ops::Signature* get_signature_op(const Private_Key& key, const std::string& emsa,
- RandomNumberGenerator& rng) const override;
-
- PK_Ops::Verification* get_verify_op(const Public_Key& key, const std::string& emsa,
- RandomNumberGenerator& rng) const override;
-
- PK_Ops::Encryption* get_encryption_op(const Public_Key& key, RandomNumberGenerator& rng) const override;
-
- PK_Ops::Decryption* get_decryption_op(const Private_Key& key, RandomNumberGenerator& rng) const override;
-
- Modular_Exponentiator* mod_exp(const BigInt&,
- Power_Mod::Usage_Hints) const override;
-
BlockCipher* find_block_cipher(const SCAN_Name&,
Algorithm_Factory&) const override;
diff --git a/src/lib/engine/openssl/ossl_pk.cpp b/src/lib/engine/openssl/ossl_pk.cpp
deleted file mode 100644
index b489ad454..000000000
--- a/src/lib/engine/openssl/ossl_pk.cpp
+++ /dev/null
@@ -1,338 +0,0 @@
-/*
-* OpenSSL PK operations
-* (C) 1999-2010 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/internal/openssl_engine.h>
-#include <botan/internal/bn_wrap.h>
-
-#if defined(BOTAN_HAS_RSA)
- #include <botan/rsa.h>
-#endif
-
-#if defined(BOTAN_HAS_DSA)
- #include <botan/dsa.h>
-#endif
-
-#if defined(BOTAN_HAS_ECDSA)
- #include <botan/ecdsa.h>
- #include <openssl/ecdsa.h>
-#endif
-
-#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
- #include <botan/dh.h>
-#endif
-
-namespace Botan {
-
-namespace {
-
-#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
-class OSSL_DH_KA_Operation : public PK_Ops::Key_Agreement
- {
- public:
- OSSL_DH_KA_Operation(const DH_PrivateKey& dh) :
- x(dh.get_x()), p(dh.group_p()) {}
-
- secure_vector<byte> agree(const byte w[], size_t w_len)
- {
- OSSL_BN i(w, w_len), r;
- BN_mod_exp(r.ptr(), i.ptr(), x.ptr(), p.ptr(), ctx.ptr());
- return r.to_bytes();
- }
-
- private:
- const OSSL_BN x, p;
- OSSL_BN_CTX ctx;
- };
-#endif
-
-#if defined(BOTAN_HAS_DSA)
-
-class OSSL_DSA_Signature_Operation : public PK_Ops::Signature
- {
- public:
- OSSL_DSA_Signature_Operation(const DSA_PrivateKey& dsa) :
- x(dsa.get_x()),
- p(dsa.group_p()),
- q(dsa.group_q()),
- g(dsa.group_g()),
- q_bits(dsa.group_q().bits()) {}
-
- size_t message_parts() const { return 2; }
- size_t message_part_size() const { return (q_bits + 7) / 8; }
- size_t max_input_bits() const { return q_bits; }
-
- secure_vector<byte> sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator& rng);
- private:
- const OSSL_BN x, p, q, g;
- const OSSL_BN_CTX ctx;
- size_t q_bits;
- };
-
-secure_vector<byte>
-OSSL_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator& rng)
- {
- const size_t q_bytes = (q_bits + 7) / 8;
-
- rng.add_entropy(msg, msg_len);
-
- BigInt k_bn;
- do
- k_bn.randomize(rng, q_bits);
- while(k_bn >= q.to_bigint());
-
- OSSL_BN i(msg, msg_len);
- OSSL_BN k(k_bn);
-
- OSSL_BN r;
- BN_mod_exp(r.ptr(), g.ptr(), k.ptr(), p.ptr(), ctx.ptr());
- BN_nnmod(r.ptr(), r.ptr(), q.ptr(), ctx.ptr());
-
- BN_mod_inverse(k.ptr(), k.ptr(), q.ptr(), ctx.ptr());
-
- OSSL_BN s;
- BN_mul(s.ptr(), x.ptr(), r.ptr(), ctx.ptr());
- BN_add(s.ptr(), s.ptr(), i.ptr());
- BN_mod_mul(s.ptr(), s.ptr(), k.ptr(), q.ptr(), ctx.ptr());
-
- if(BN_is_zero(r.ptr()) || BN_is_zero(s.ptr()))
- throw Internal_Error("OpenSSL_DSA_Op::sign: r or s was zero");
-
- secure_vector<byte> output(2*q_bytes);
- r.encode(&output[0], q_bytes);
- s.encode(&output[q_bytes], q_bytes);
- return output;
- }
-
-class OSSL_DSA_Verification_Operation : public PK_Ops::Verification
- {
- public:
- OSSL_DSA_Verification_Operation(const DSA_PublicKey& dsa) :
- y(dsa.get_y()),
- p(dsa.group_p()),
- q(dsa.group_q()),
- g(dsa.group_g()),
- q_bits(dsa.group_q().bits()) {}
-
- size_t message_parts() const { return 2; }
- size_t message_part_size() const { return (q_bits + 7) / 8; }
- size_t max_input_bits() const { return q_bits; }
-
- bool with_recovery() const { return false; }
-
- bool verify(const byte msg[], size_t msg_len,
- const byte sig[], size_t sig_len);
- private:
- const OSSL_BN y, p, q, g;
- const OSSL_BN_CTX ctx;
- size_t q_bits;
- };
-
-bool OSSL_DSA_Verification_Operation::verify(const byte msg[], size_t msg_len,
- const byte sig[], size_t sig_len)
- {
- const size_t q_bytes = q.bytes();
-
- if(sig_len != 2*q_bytes || msg_len > q_bytes)
- return false;
-
- OSSL_BN r(sig, q_bytes);
- OSSL_BN s(sig + q_bytes, q_bytes);
- OSSL_BN i(msg, msg_len);
-
- if(BN_is_zero(r.ptr()) || BN_cmp(r.ptr(), q.ptr()) >= 0)
- return false;
- if(BN_is_zero(s.ptr()) || BN_cmp(s.ptr(), q.ptr()) >= 0)
- return false;
-
- if(BN_mod_inverse(s.ptr(), s.ptr(), q.ptr(), ctx.ptr()) == 0)
- return false;
-
- OSSL_BN si;
- BN_mod_mul(si.ptr(), s.ptr(), i.ptr(), q.ptr(), ctx.ptr());
- BN_mod_exp(si.ptr(), g.ptr(), si.ptr(), p.ptr(), ctx.ptr());
-
- OSSL_BN sr;
- BN_mod_mul(sr.ptr(), s.ptr(), r.ptr(), q.ptr(), ctx.ptr());
- BN_mod_exp(sr.ptr(), y.ptr(), sr.ptr(), p.ptr(), ctx.ptr());
-
- BN_mod_mul(si.ptr(), si.ptr(), sr.ptr(), p.ptr(), ctx.ptr());
- BN_nnmod(si.ptr(), si.ptr(), q.ptr(), ctx.ptr());
-
- if(BN_cmp(si.ptr(), r.ptr()) == 0)
- return true;
- return false;
-
- return false;
- }
-
-#endif
-
-#if defined(BOTAN_HAS_RSA)
-
-class OSSL_RSA_Private_Operation : public PK_Ops::Signature,
- public PK_Ops::Decryption
- {
- public:
- OSSL_RSA_Private_Operation(const RSA_PrivateKey& rsa) :
- mod(rsa.get_n()),
- p(rsa.get_p()),
- q(rsa.get_q()),
- d1(rsa.get_d1()),
- d2(rsa.get_d2()),
- c(rsa.get_c()),
- n_bits(rsa.get_n().bits())
- {}
-
- size_t max_input_bits() const { return (n_bits - 1); }
-
- secure_vector<byte> sign(const byte msg[], size_t msg_len,
- RandomNumberGenerator&)
- {
- BigInt m(msg, msg_len);
- BigInt x = private_op(m);
- return BigInt::encode_1363(x, (n_bits + 7) / 8);
- }
-
- secure_vector<byte> decrypt(const byte msg[], size_t msg_len)
- {
- BigInt m(msg, msg_len);
- return BigInt::encode_locked(private_op(m));
- }
-
- private:
- BigInt private_op(const BigInt& m) const;
-
- const OSSL_BN mod, p, q, d1, d2, c;
- const OSSL_BN_CTX ctx;
- size_t n_bits;
- };
-
-BigInt OSSL_RSA_Private_Operation::private_op(const BigInt& m) const
- {
- OSSL_BN j1, j2, h(m);
-
- BN_mod_exp(j1.ptr(), h.ptr(), d1.ptr(), p.ptr(), ctx.ptr());
- BN_mod_exp(j2.ptr(), h.ptr(), d2.ptr(), q.ptr(), ctx.ptr());
- BN_sub(h.ptr(), j1.ptr(), j2.ptr());
- BN_mod_mul(h.ptr(), h.ptr(), c.ptr(), p.ptr(), ctx.ptr());
- BN_mul(h.ptr(), h.ptr(), q.ptr(), ctx.ptr());
- BN_add(h.ptr(), h.ptr(), j2.ptr());
- return h.to_bigint();
- }
-
-class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
- public PK_Ops::Encryption
- {
- public:
- OSSL_RSA_Public_Operation(const RSA_PublicKey& rsa) :
- n(rsa.get_n()), e(rsa.get_e()), mod(rsa.get_n())
- {}
-
- size_t max_input_bits() const { return (n.bits() - 1); }
- bool with_recovery() const { return true; }
-
- secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
- RandomNumberGenerator&)
- {
- BigInt m(msg, msg_len);
- return BigInt::encode_1363(public_op(m), n.bytes());
- }
-
- secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
- {
- BigInt m(msg, msg_len);
- return BigInt::encode_locked(public_op(m));
- }
-
- private:
- BigInt public_op(const BigInt& m) const
- {
- if(m >= n)
- throw Invalid_Argument("RSA public op - input is too large");
-
- OSSL_BN m_bn(m), r;
- BN_mod_exp(r.ptr(), m_bn.ptr(), e.ptr(), mod.ptr(), ctx.ptr());
- return r.to_bigint();
- }
-
- const BigInt& n;
- const OSSL_BN e, mod;
- const OSSL_BN_CTX ctx;
- };
-
-#endif
-
-}
-
-PK_Ops::Key_Agreement*
-OpenSSL_Engine::get_key_agreement_op(const Private_Key& key, RandomNumberGenerator&) const
- {
-#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
- if(const DH_PrivateKey* dh = dynamic_cast<const DH_PrivateKey*>(&key))
- return new OSSL_DH_KA_Operation(*dh);
-#endif
-
- return 0;
- }
-
-PK_Ops::Signature*
-OpenSSL_Engine::get_signature_op(const Private_Key& key, const std::string&, RandomNumberGenerator&) const
- {
-#if defined(BOTAN_HAS_RSA)
- if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
- return new OSSL_RSA_Private_Operation(*s);
-#endif
-
-#if defined(BOTAN_HAS_DSA)
- if(const DSA_PrivateKey* s = dynamic_cast<const DSA_PrivateKey*>(&key))
- return new OSSL_DSA_Signature_Operation(*s);
-#endif
-
- return 0;
- }
-
-PK_Ops::Verification*
-OpenSSL_Engine::get_verify_op(const Public_Key& key, const std::string&, RandomNumberGenerator&) const
- {
-#if defined(BOTAN_HAS_RSA)
- if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
- return new OSSL_RSA_Public_Operation(*s);
-#endif
-
-#if defined(BOTAN_HAS_DSA)
- if(const DSA_PublicKey* s = dynamic_cast<const DSA_PublicKey*>(&key))
- return new OSSL_DSA_Verification_Operation(*s);
-#endif
-
- return 0;
- }
-
-PK_Ops::Encryption*
-OpenSSL_Engine::get_encryption_op(const Public_Key& key, RandomNumberGenerator&) const
- {
-#if defined(BOTAN_HAS_RSA)
- if(const RSA_PublicKey* s = dynamic_cast<const RSA_PublicKey*>(&key))
- return new OSSL_RSA_Public_Operation(*s);
-#endif
-
- return 0;
- }
-
-PK_Ops::Decryption*
-OpenSSL_Engine::get_decryption_op(const Private_Key& key, RandomNumberGenerator&) const
- {
-#if defined(BOTAN_HAS_RSA)
- if(const RSA_PrivateKey* s = dynamic_cast<const RSA_PrivateKey*>(&key))
- return new OSSL_RSA_Private_Operation(*s);
-#endif
-
- return 0;
- }
-
-}