1 /* Demo of how to construct your own engine and using it. The basis of this
2 engine is RSAref, an old reference of the RSA algorithm which can still
3 be found a little here and there. */
6 #include "./source/global.h"
7 #include "./source/rsaref.h"
8 #include "./source/rsa.h"
9 #include "./source/des.h"
10 #include <openssl/err.h>
11 #include <openssl/evp.h>
12 #include <openssl/bn.h>
13 #include <openssl/engine.h>
15 #define RSAREF_LIB_NAME "rsaref engine"
16 #include "rsaref_err.c"
18 /*****************************************************************************
19 *** Function declarations and global variable definitions ***
20 *****************************************************************************/
22 /*****************************************************************************
23 * Constants used when creating the ENGINE
25 static const char *engine_rsaref_id = "rsaref";
26 static const char *engine_rsaref_name = "RSAref engine support";
28 /*****************************************************************************
29 * Functions to handle the engine
31 static int rsaref_destroy(ENGINE *e);
32 static int rsaref_init(ENGINE *e);
33 static int rsaref_finish(ENGINE *e);
35 static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
38 /*****************************************************************************
41 static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
45 /*****************************************************************************
48 static int rsaref_private_decrypt(int len, const unsigned char *from,
49 unsigned char *to, RSA *rsa, int padding);
50 static int rsaref_private_encrypt(int len, const unsigned char *from,
51 unsigned char *to, RSA *rsa, int padding);
52 static int rsaref_public_encrypt(int len, const unsigned char *from,
53 unsigned char *to, RSA *rsa, int padding);
54 static int rsaref_public_decrypt(int len, const unsigned char *from,
55 unsigned char *to, RSA *rsa, int padding);
56 static int bnref_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
57 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
58 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
60 /*****************************************************************************
63 static RSA_METHOD rsaref_rsa =
66 rsaref_public_encrypt,
67 rsaref_public_decrypt,
68 rsaref_private_encrypt,
69 rsaref_private_decrypt,
80 /*****************************************************************************
81 * Symetric cipher and digest function registrars
83 static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
84 const int **nids, int nid);
85 static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
86 const int **nids, int nid);
88 static int rsaref_cipher_nids[] =
89 { NID_des_cbc, NID_des_ede3_cbc, NID_desx_cbc, 0 };
90 static int rsaref_digest_nids[] =
91 { NID_md2, NID_md5, 0 };
93 /*****************************************************************************
96 int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
97 const unsigned char *iv, int enc);
98 int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
99 const unsigned char *in, unsigned int inl);
100 int cipher_des_cbc_clean(EVP_CIPHER_CTX *);
101 int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
102 const unsigned char *iv, int enc);
103 int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
104 const unsigned char *in, unsigned int inl);
105 int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *);
106 int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
107 const unsigned char *iv, int enc);
108 int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
109 const unsigned char *in, unsigned int inl);
110 int cipher_desx_cbc_clean(EVP_CIPHER_CTX *);
112 /*****************************************************************************
115 static const EVP_CIPHER cipher_des_cbc =
122 cipher_des_cbc_clean,
130 static const EVP_CIPHER cipher_des_ede3_cbc =
135 cipher_des_ede3_cbc_init,
136 cipher_des_ede3_cbc_code,
137 cipher_des_ede3_cbc_clean,
138 sizeof(DES3_CBC_CTX),
145 static const EVP_CIPHER cipher_desx_cbc =
150 cipher_desx_cbc_init,
151 cipher_desx_cbc_code,
152 cipher_desx_cbc_clean,
153 sizeof(DESX_CBC_CTX),
160 /*****************************************************************************
163 static int digest_md2_init(EVP_MD_CTX *ctx);
164 static int digest_md2_update(EVP_MD_CTX *ctx,const void *data,
165 unsigned long count);
166 static int digest_md2_final(EVP_MD_CTX *ctx,unsigned char *md);
167 static int digest_md5_init(EVP_MD_CTX *ctx);
168 static int digest_md5_update(EVP_MD_CTX *ctx,const void *data,
169 unsigned long count);
170 static int digest_md5_final(EVP_MD_CTX *ctx,unsigned char *md);
172 /*****************************************************************************
175 static const EVP_MD digest_md2 =
178 NID_md2WithRSAEncryption,
191 static const EVP_MD digest_md5 =
194 NID_md5WithRSAEncryption,
207 /*****************************************************************************
208 *** Function definitions ***
209 *****************************************************************************/
211 /*****************************************************************************
212 * Functions to handle the engine
215 static int bind_rsaref(ENGINE *e)
217 const RSA_METHOD *meth1;
218 if(!ENGINE_set_id(e, engine_rsaref_id)
219 || !ENGINE_set_name(e, engine_rsaref_name)
220 || !ENGINE_set_RSA(e, &rsaref_rsa)
221 || !ENGINE_set_ciphers(e, rsaref_ciphers)
222 || !ENGINE_set_digests(e, rsaref_digests)
223 || !ENGINE_set_destroy_function(e, rsaref_destroy)
224 || !ENGINE_set_init_function(e, rsaref_init)
225 || !ENGINE_set_finish_function(e, rsaref_finish)
226 /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
227 /* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
230 /* Ensure the rsaref error handling is set up */
231 ERR_load_RSAREF_strings();
235 #ifdef ENGINE_DYNAMIC_SUPPORT
236 static int bind_helper(ENGINE *e, const char *id)
238 if(id && (strcmp(id, engine_rsaref_id) != 0))
244 IMPLEMENT_DYNAMIC_CHECK_FN()
245 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
247 static ENGINE *engine_rsaref(void)
249 ENGINE *ret = ENGINE_new();
252 if(!bind_rsaref(ret))
260 void ENGINE_load_rsaref(void)
262 /* Copied from eng_[openssl|dyn].c */
263 ENGINE *toadd = engine_rsaref();
271 /* Initiator which is only present to make sure this engine looks available */
272 static int rsaref_init(ENGINE *e)
277 /* Finisher which is only present to make sure this engine looks available */
278 static int rsaref_finish(ENGINE *e)
283 /* Destructor (complements the "ENGINE_ncipher()" constructor) */
284 static int rsaref_destroy(ENGINE *e)
286 ERR_unload_RSAREF_strings();
290 /*****************************************************************************
294 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
296 RSAREFerr(RSAREF_F_RSAREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
300 static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
301 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
303 RSAREFerr(RSAREF_F_BNREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
307 /* unsigned char *to: [max] */
308 static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
312 i=BN_num_bytes(from);
315 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
319 memset(to,0,(unsigned int)max);
320 if (!BN_bn2bin(from,&(to[max-i])))
326 /* unsigned char *from: [max] */
327 static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
332 for (i=0; i<max; i++)
335 ret=BN_bin2bn(&(from[i]),max-i,to);
339 static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
341 to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
342 to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
343 if ((to->n == NULL) || (to->e == NULL)) return(0);
348 static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY *to)
350 to->bits=BN_num_bits(from->n);
351 if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
352 if (!RSAref_bn2bin(from->e,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
357 static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
359 if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
361 if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
363 if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
365 if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
367 if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
369 if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
372 if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
375 if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
381 static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY *to)
383 to->bits=BN_num_bits(from->n);
384 if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
385 if (!RSAref_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN)) return(0);
386 if (!RSAref_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
387 if (!RSAref_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN)) return(0);
388 if (!RSAref_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN)) return(0);
389 if (!RSAref_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN)) return(0);
390 if (!RSAref_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN)) return(0);
391 if (!RSAref_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN)) return(0);
395 static int rsaref_private_decrypt(int len, const unsigned char *from, unsigned char *to,
396 RSA *rsa, int padding)
399 R_RSA_PRIVATE_KEY RSAkey;
401 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
403 if ((i=RSAPrivateDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
405 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT,i);
409 memset(&RSAkey,0,sizeof(RSAkey));
413 static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned char *to,
414 RSA *rsa, int padding)
417 R_RSA_PRIVATE_KEY RSAkey;
419 if (padding != RSA_PKCS1_PADDING)
421 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
424 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
426 if ((i=RSAPrivateEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
428 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,i);
432 memset(&RSAkey,0,sizeof(RSAkey));
436 static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned char *to,
437 RSA *rsa, int padding)
440 R_RSA_PUBLIC_KEY RSAkey;
442 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
444 if ((i=RSAPublicDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
446 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT,i);
450 memset(&RSAkey,0,sizeof(RSAkey));
454 static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned char *to,
455 RSA *rsa, int padding)
459 R_RSA_PUBLIC_KEY RSAkey;
461 unsigned char buf[16];
463 if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING)
465 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
470 R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
473 if (RAND_bytes(buf,16) <= 0)
475 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
479 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
481 if ((i=RSAPublicEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
483 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT,i);
488 memset(&RSAkey,0,sizeof(RSAkey));
490 memset(&rnd,0,sizeof(rnd));
494 /*****************************************************************************
495 * Symetric cipher and digest function registrars
497 static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
498 const int **nids, int nid)
503 /* We are returning a list of supported nids */
504 *nids = rsaref_cipher_nids;
505 return (sizeof(rsaref_cipher_nids)-1)/sizeof(rsaref_cipher_nids[0]);
507 /* We are being asked for a specific cipher */
511 *cipher = &cipher_des_cbc; break;
512 case NID_des_ede3_cbc:
513 *cipher = &cipher_des_ede3_cbc; break;
515 *cipher = &cipher_desx_cbc; break;
523 static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
524 const int **nids, int nid)
529 /* We are returning a list of supported nids */
530 *nids = rsaref_digest_nids;
531 return (sizeof(rsaref_digest_nids)-1)/sizeof(rsaref_digest_nids[0]);
533 /* We are being asked for a specific digest */
537 *digest = &digest_md2; break;
539 *digest = &digest_md5; break;
548 /*****************************************************************************
552 #define data(ctx) ((DES_CBC_CTX *)(ctx)->cipher_data)
553 int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
554 const unsigned char *iv, int enc)
556 DES_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc);
559 int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
560 const unsigned char *in, unsigned int inl)
562 int ret = DES_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
566 RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
571 RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_UNKNOWN_FAULT);
575 int cipher_des_cbc_clean(EVP_CIPHER_CTX *ctx)
577 memset(data(ctx), 0, ctx->cipher->ctx_size);
582 #define data(ctx) ((DES3_CBC_CTX *)(ctx)->cipher_data)
583 int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
584 const unsigned char *iv, int enc)
586 DES3_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv,
590 int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
591 const unsigned char *in, unsigned int inl)
593 int ret = DES3_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
597 RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
602 RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_UNKNOWN_FAULT);
606 int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *ctx)
608 memset(data(ctx), 0, ctx->cipher->ctx_size);
613 #define data(ctx) ((DESX_CBC_CTX *)(ctx)->cipher_data)
614 int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
615 const unsigned char *iv, int enc)
617 DESX_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv,
621 int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
622 const unsigned char *in, unsigned int inl)
624 int ret = DESX_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
628 RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
633 RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,RSAREF_R_UNKNOWN_FAULT);
637 int cipher_desx_cbc_clean(EVP_CIPHER_CTX *ctx)
639 memset(data(ctx), 0, ctx->cipher->ctx_size);
643 /*****************************************************************************
647 #define data(ctx) ((MD2_CTX *)(ctx)->md_data)
648 static int digest_md2_init(EVP_MD_CTX *ctx)
653 static int digest_md2_update(EVP_MD_CTX *ctx,const void *data,
656 MD2Update(data(ctx), (unsigned char *)data, (unsigned int)count);
659 static int digest_md2_final(EVP_MD_CTX *ctx,unsigned char *md)
661 MD2Final(md, data(ctx));
666 #define data(ctx) ((MD5_CTX *)(ctx)->md_data)
667 static int digest_md5_init(EVP_MD_CTX *ctx)
672 static int digest_md5_update(EVP_MD_CTX *ctx,const void *data,
675 MD5Update(data(ctx), (unsigned char *)data, (unsigned int)count);
678 static int digest_md5_final(EVP_MD_CTX *ctx,unsigned char *md)
680 MD5Final(md, data(ctx));