Update from 0.9.7-stable. Also repatch and rebuild error codes.
This commit is contained in:
Dr. Stephen Henson
parent
a28a5d9c62
commit
499fca2db3
6 changed files with 82 additions and 20 deletions
|
|
@ -148,6 +148,7 @@ int MAIN(int argc, char **argv)
|
|||
else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
|
||||
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
|
||||
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
|
||||
else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
|
||||
else if(!strcmp(*argv, "-sign")) {
|
||||
rsa_mode = RSA_SIGN;
|
||||
need_priv = 1;
|
||||
|
|
|
|||
|
|
@ -19,10 +19,10 @@ APPS=
|
|||
LIB=$(TOP)/libcrypto.a
|
||||
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
|
||||
rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
|
||||
rsa_asn1.c rsa_depr.c
|
||||
rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c
|
||||
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
|
||||
rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
|
||||
rsa_asn1.o rsa_depr.o
|
||||
rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
|
|
|
|||
|
|
@ -196,6 +196,7 @@ struct rsa_st
|
|||
#define RSA_SSLV23_PADDING 2
|
||||
#define RSA_NO_PADDING 3
|
||||
#define RSA_PKCS1_OAEP_PADDING 4
|
||||
#define RSA_X931_PADDING 5
|
||||
|
||||
#define RSA_PKCS1_PADDING_SIZE 11
|
||||
|
||||
|
|
@ -297,6 +298,8 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
|
|||
const unsigned char *f,int fl);
|
||||
int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
|
||||
const unsigned char *f,int fl,int rsa_len);
|
||||
int PKCS1_MGF1(unsigned char *mask, long len,
|
||||
const unsigned char *seed, long seedlen, const EVP_MD *dgst);
|
||||
int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
|
||||
const unsigned char *f,int fl,
|
||||
const unsigned char *p,int pl);
|
||||
|
|
@ -311,6 +314,11 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
|
|||
const unsigned char *f,int fl);
|
||||
int RSA_padding_check_none(unsigned char *to,int tlen,
|
||||
const unsigned char *f,int fl,int rsa_len);
|
||||
int RSA_padding_add_X931(unsigned char *to,int tlen,
|
||||
const unsigned char *f,int fl);
|
||||
int RSA_padding_check_X931(unsigned char *to,int tlen,
|
||||
const unsigned char *f,int fl,int rsa_len);
|
||||
int RSA_X931_hash_id(int nid);
|
||||
|
||||
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
||||
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
|
||||
|
|
@ -329,37 +337,43 @@ void ERR_load_RSA_strings(void);
|
|||
/* Error codes for the RSA functions. */
|
||||
|
||||
/* Function codes. */
|
||||
#define RSA_F_RSA_BUILTIN_KEYGEN 105
|
||||
#define RSA_F_MEMORY_LOCK 100
|
||||
#define RSA_F_RSA_BUILTIN_KEYGEN 129
|
||||
#define RSA_F_RSA_CHECK_KEY 123
|
||||
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
|
||||
#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
|
||||
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
|
||||
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
|
||||
#define RSA_F_RSA_MEMORY_LOCK 100
|
||||
#define RSA_F_RSA_GENERATE_KEY 105
|
||||
#define RSA_F_RSA_MEMORY_LOCK 130
|
||||
#define RSA_F_RSA_NEW_METHOD 106
|
||||
#define RSA_F_RSA_NULL 124
|
||||
#define RSA_F_RSA_NULL_MOD_EXP 126
|
||||
#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 127
|
||||
#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 128
|
||||
#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 129
|
||||
#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 130
|
||||
#define RSA_F_RSA_NULL_MOD_EXP 131
|
||||
#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
|
||||
#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
|
||||
#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
|
||||
#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
|
||||
#define RSA_F_RSA_PADDING_ADD_NONE 107
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
|
||||
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
|
||||
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
|
||||
#define RSA_F_RSA_PADDING_ADD_X931 127
|
||||
#define RSA_F_RSA_PADDING_CHECK_NONE 111
|
||||
#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
|
||||
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
|
||||
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
|
||||
#define RSA_F_RSA_PADDING_CHECK_SSLV23 114
|
||||
#define RSA_F_RSA_PADDING_CHECK_X931 128
|
||||
#define RSA_F_RSA_PRINT 115
|
||||
#define RSA_F_RSA_PRINT_FP 116
|
||||
#define RSA_F_RSA_SETUP_BLINDING 125
|
||||
#define RSA_F_RSA_SETUP_BLINDING 136
|
||||
#define RSA_F_RSA_SIGN 117
|
||||
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
|
||||
#define RSA_F_RSA_VERIFY 119
|
||||
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
|
||||
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
|
||||
|
||||
/* Reason codes. */
|
||||
#define RSA_R_ALGORITHM_MISMATCH 100
|
||||
|
|
@ -379,13 +393,19 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
|
||||
#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
|
||||
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
|
||||
#define RSA_R_FIRST_OCTET_INVALID 133
|
||||
#define RSA_R_INVALID_HEADER 137
|
||||
#define RSA_R_INVALID_MESSAGE_LENGTH 131
|
||||
#define RSA_R_INVALID_PADDING 138
|
||||
#define RSA_R_INVALID_TRAILER 139
|
||||
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
|
||||
#define RSA_R_KEY_SIZE_TOO_SMALL 120
|
||||
#define RSA_R_NO_PUBLIC_EXPONENT 133
|
||||
#define RSA_R_LAST_OCTET_INVALID 134
|
||||
#define RSA_R_NO_PUBLIC_EXPONENT 140
|
||||
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
|
||||
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
|
||||
#define RSA_R_OAEP_DECODING_ERROR 121
|
||||
#define RSA_R_ONE_CHECK_FAILED 135
|
||||
#define RSA_R_PADDING_CHECK_FAILED 114
|
||||
#define RSA_R_P_NOT_PRIME 128
|
||||
#define RSA_R_Q_NOT_PRIME 129
|
||||
|
|
@ -395,6 +415,7 @@ void ERR_load_RSA_strings(void);
|
|||
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
|
||||
#define RSA_R_UNKNOWN_PADDING_TYPE 118
|
||||
#define RSA_R_WRONG_SIGNATURE_LENGTH 119
|
||||
#define RSA_R_ZERO_CHECK_FAILED 136
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
|||
|
|
@ -309,7 +309,7 @@ static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f,
|
|||
static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding)
|
||||
{
|
||||
BIGNUM *f, *ret, *br;
|
||||
BIGNUM *f, *ret, *br, *res;
|
||||
int i,j,k,num=0,r= -1;
|
||||
unsigned char *buf=NULL;
|
||||
BN_CTX *ctx=NULL;
|
||||
|
|
@ -334,6 +334,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
|
|||
case RSA_PKCS1_PADDING:
|
||||
i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
|
||||
break;
|
||||
case RSA_X931_PADDING:
|
||||
i=RSA_padding_add_X931(buf,num,from,flen);
|
||||
break;
|
||||
case RSA_NO_PADDING:
|
||||
i=RSA_padding_add_none(buf,num,from,flen);
|
||||
break;
|
||||
|
|
@ -400,10 +403,21 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
|
|||
if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx))
|
||||
goto err;
|
||||
|
||||
if (padding == RSA_X931_PADDING)
|
||||
{
|
||||
BN_sub(f, rsa->n, ret);
|
||||
if (BN_cmp(ret, f))
|
||||
res = f;
|
||||
else
|
||||
res = ret;
|
||||
}
|
||||
else
|
||||
res = ret;
|
||||
|
||||
/* put in leading 0 bytes if the number is less than the
|
||||
* length of the modulus */
|
||||
j=BN_num_bytes(ret);
|
||||
i=BN_bn2bin(ret,&(to[num-j]));
|
||||
j=BN_num_bytes(res);
|
||||
i=BN_bn2bin(res,&(to[num-j]));
|
||||
for (k=0; k<(num-i); k++)
|
||||
to[k]=0;
|
||||
|
||||
|
|
@ -593,6 +607,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
|
|||
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
|
||||
rsa->_method_mod_n)) goto err;
|
||||
|
||||
if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
|
||||
BN_sub(ret, rsa->n, ret);
|
||||
|
||||
p=buf;
|
||||
i=BN_bn2bin(ret,p);
|
||||
|
||||
|
|
@ -601,6 +618,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
|
|||
case RSA_PKCS1_PADDING:
|
||||
r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
|
||||
break;
|
||||
case RSA_X931_PADDING:
|
||||
r=RSA_padding_check_X931(to,num,buf,i,num);
|
||||
break;
|
||||
case RSA_NO_PADDING:
|
||||
r=RSA_padding_check_none(to,num,buf,i,num);
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -70,12 +70,14 @@
|
|||
|
||||
static ERR_STRING_DATA RSA_str_functs[]=
|
||||
{
|
||||
{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
|
||||
{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
|
||||
{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
|
||||
{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
|
||||
{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
|
||||
{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
|
||||
|
|
@ -86,14 +88,17 @@ static ERR_STRING_DATA RSA_str_functs[]=
|
|||
{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_PADDING_ADD_PKCS1_PSS"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
|
||||
{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
|
||||
{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
|
||||
{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
|
||||
|
|
@ -101,6 +106,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
|
|||
{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
|
||||
{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
|
||||
{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
|
||||
{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_VERIFY_PKCS1_PSS"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
|
|
@ -123,13 +129,19 @@ static ERR_STRING_DATA RSA_str_reasons[]=
|
|||
{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
|
||||
{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
|
||||
{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
|
||||
{ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"},
|
||||
{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
|
||||
{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
|
||||
{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
|
||||
{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"},
|
||||
{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
|
||||
{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
|
||||
{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
|
||||
{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"},
|
||||
{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
|
||||
{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},
|
||||
{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"},
|
||||
{ERR_REASON(RSA_R_ONE_CHECK_FAILED) ,"one check failed"},
|
||||
{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"},
|
||||
{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
|
||||
{ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"},
|
||||
|
|
@ -139,6 +151,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
|
|||
{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
|
||||
{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
|
||||
{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
|
||||
{ERR_REASON(RSA_R_ZERO_CHECK_FAILED) ,"zero check failed"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -170,28 +170,30 @@ decoding_err:
|
|||
return -1;
|
||||
}
|
||||
|
||||
int MGF1(unsigned char *mask, long len,
|
||||
const unsigned char *seed, long seedlen)
|
||||
int PKCS1_MGF1(unsigned char *mask, long len,
|
||||
const unsigned char *seed, long seedlen, const EVP_MD *dgst)
|
||||
{
|
||||
long i, outlen = 0;
|
||||
unsigned char cnt[4];
|
||||
EVP_MD_CTX c;
|
||||
unsigned char md[SHA_DIGEST_LENGTH];
|
||||
unsigned char md[EVP_MAX_MD_SIZE];
|
||||
int mdlen;
|
||||
|
||||
EVP_MD_CTX_init(&c);
|
||||
mdlen = EVP_MD_size(dgst);
|
||||
for (i = 0; outlen < len; i++)
|
||||
{
|
||||
cnt[0] = (unsigned char)((i >> 24) & 255);
|
||||
cnt[1] = (unsigned char)((i >> 16) & 255);
|
||||
cnt[2] = (unsigned char)((i >> 8)) & 255;
|
||||
cnt[3] = (unsigned char)(i & 255);
|
||||
EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
|
||||
EVP_DigestInit_ex(&c,dgst, NULL);
|
||||
EVP_DigestUpdate(&c, seed, seedlen);
|
||||
EVP_DigestUpdate(&c, cnt, 4);
|
||||
if (outlen + SHA_DIGEST_LENGTH <= len)
|
||||
if (outlen + mdlen <= len)
|
||||
{
|
||||
EVP_DigestFinal_ex(&c, mask + outlen, NULL);
|
||||
outlen += SHA_DIGEST_LENGTH;
|
||||
outlen += mdlen;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -203,4 +205,9 @@ int MGF1(unsigned char *mask, long len,
|
|||
EVP_MD_CTX_cleanup(&c);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen)
|
||||
{
|
||||
return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue