1 /* Demo of how to construct your own engine and using it. The basis of this
2 engine is RSAref, an old reference of the RSA algorithm which can still
3 be found a little here and there. */
6 #include "./source/global.h"
7 #include "./source/rsaref.h"
8 #include "./source/rsa.h"
9 #include <openssl/err.h>
10 #include <openssl/bn.h>
11 #include <openssl/engine.h>
13 /* Constants used when creating the ENGINE */
14 static const char *engine_rsaref_id = "rsaref";
15 static const char *engine_rsaref_name = "RSAref engine support";
17 static int rsaref_destroy(ENGINE *e);
18 static int rsaref_init(ENGINE *e);
19 static int rsaref_finish(ENGINE *e);
21 static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
24 static int rsaref_private_decrypt(int len, const unsigned char *from,
25 unsigned char *to, RSA *rsa, int padding);
26 static int rsaref_private_encrypt(int len, const unsigned char *from,
27 unsigned char *to, RSA *rsa, int padding);
28 static int rsaref_public_encrypt(int len, const unsigned char *from,
29 unsigned char *to, RSA *rsa, int padding);
30 static int rsaref_public_decrypt(int len, const unsigned char *from,
31 unsigned char *to, RSA *rsa, int padding);
32 static int bnref_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m,
33 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
34 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
36 static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
40 static RSA_METHOD rsaref_rsa =
43 rsaref_public_encrypt,
44 rsaref_public_decrypt,
45 rsaref_private_encrypt,
46 rsaref_private_decrypt,
57 #ifndef OPENSSL_NO_ERR
58 /* Error function codes for use in rsaref operation */
59 #define RSAREF_F_BNREF_MOD_EXP 100
60 #define RSAREF_F_RSAREF_BN2BIN 101
61 #define RSAREF_F_RSA_BN2BIN 102
62 #define RSAREF_F_RSA_PRIVATE_DECRYPT 103
63 #define RSAREF_F_RSA_PRIVATE_ENCRYPT 104
64 #define RSAREF_F_RSA_PUBLIC_DECRYPT 105
65 #define RSAREF_F_RSA_PUBLIC_ENCRYPT 106
66 #define RSAREF_F_RSAREF_MOD_EXP 108
67 #define RSAREF_F_RSAREF_PRIVATE_DECRYPT 109
68 #define RSAREF_F_RSAREF_PRIVATE_ENCRYPT 110
69 #define RSAREF_F_RSAREF_PUBLIC_DECRYPT 111
70 #define RSAREF_F_RSAREF_PUBLIC_ENCRYPT 112
71 /* Error reason codes */
72 #define RSAREF_R_CONTENT_ENCODING 0x0400
73 #define RSAREF_R_DATA 0x0401
74 #define RSAREF_R_DIGEST_ALGORITHM 0x0402
75 #define RSAREF_R_ENCODING 0x0403
76 #define RSAREF_R_ENCRYPTION_ALGORITHM 0x040d
77 #define RSAREF_R_KEY 0x0404
78 #define RSAREF_R_KEY_ENCODING 0x0405
79 #define RSAREF_R_LEN 0x0406
80 #define RSAREF_R_MODULUS_LEN 0x0407
81 #define RSAREF_R_NEED_RANDOM 0x0408
82 #define RSAREF_R_PRIVATE_KEY 0x0409
83 #define RSAREF_R_PUBLIC_KEY 0x040a
84 #define RSAREF_R_SIGNATURE 0x040b
85 #define RSAREF_R_SIGNATURE_ENCODING 0x040c
87 static ERR_STRING_DATA rsaref_str_functs[] =
89 /* This first element is changed to match the dynamic 'lib' number */
90 {ERR_PACK(0,0,0), "rsaref engine code"},
91 {ERR_PACK(0,RSAREF_F_BNREF_MOD_EXP,0), "BN_REF_MOD_EXP"},
92 {ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0), "RSAREF_BN2BIN"},
93 {ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0), "RSA_BN2BIN"},
94 {ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0), "RSA_private_decrypt"},
95 {ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0), "RSA_private_encrypt"},
96 {ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0), "RSA_public_decrypt"},
97 {ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0), "RSA_public_encrypt"},
98 {ERR_PACK(0,RSAREF_F_RSAREF_MOD_EXP,0), "RSA_REF_MOD_EXP"},
99 {ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_DECRYPT,0), "RSA_REF_PRIVATE_DECRYPT"},
100 {ERR_PACK(0,RSAREF_F_RSAREF_PRIVATE_ENCRYPT,0), "RSA_REF_PRIVATE_ENCRYPT"},
101 {ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_DECRYPT,0), "RSA_REF_PUBLIC_DECRYPT"},
102 {ERR_PACK(0,RSAREF_F_RSAREF_PUBLIC_ENCRYPT,0), "RSA_REF_PUBLIC_ENCRYPT"},
103 {RSAREF_R_CONTENT_ENCODING ,"content encoding"},
104 {RSAREF_R_DATA ,"data"},
105 {RSAREF_R_DIGEST_ALGORITHM ,"digest algorithm"},
106 {RSAREF_R_ENCODING ,"encoding"},
107 {RSAREF_R_ENCRYPTION_ALGORITHM ,"encryption algorithm"},
108 {RSAREF_R_KEY ,"key"},
109 {RSAREF_R_KEY_ENCODING ,"key encoding"},
110 {RSAREF_R_LEN ,"len"},
111 {RSAREF_R_MODULUS_LEN ,"modulus len"},
112 {RSAREF_R_NEED_RANDOM ,"need random"},
113 {RSAREF_R_PRIVATE_KEY ,"private key"},
114 {RSAREF_R_PUBLIC_KEY ,"public key"},
115 {RSAREF_R_SIGNATURE ,"signature"},
116 {RSAREF_R_SIGNATURE_ENCODING ,"signature encoding"},
119 /* The library number we obtain dynamically from the ERR code */
120 static int rsaref_err_lib = -1;
121 #define RSAREFerr(f,r) ERR_PUT_error(rsaref_err_lib,(f),(r),__FILE__,__LINE__)
122 static void rsaref_load_error_strings(void)
124 if(rsaref_err_lib < 0)
126 if((rsaref_err_lib = ERR_get_next_error_library()) <= 0)
128 rsaref_str_functs[0].error = ERR_PACK(rsaref_err_lib,0,0);
129 ERR_load_strings(rsaref_err_lib, rsaref_str_functs);
132 static void rsaref_unload_error_strings(void)
134 if(rsaref_err_lib >= 0)
136 ERR_unload_strings(rsaref_err_lib, rsaref_str_functs);
141 #define RSAREFerr(f,r) /* NOP */
142 static void rsaref_load_error_strings(void) { } /* NOP */
143 static void rsaref_unload_error_strings(void) { } /* NOP */
146 /* Now, to our own code */
148 static int bind_rsaref(ENGINE *e)
150 const RSA_METHOD *meth1;
151 if(!ENGINE_set_id(e, engine_rsaref_id)
152 || !ENGINE_set_name(e, engine_rsaref_name)
153 || !ENGINE_set_RSA(e, &rsaref_rsa)
154 || !ENGINE_set_destroy_function(e, rsaref_destroy)
155 || !ENGINE_set_init_function(e, rsaref_init)
156 || !ENGINE_set_finish_function(e, rsaref_finish)
157 /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
158 /* || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns) */)
161 /* Ensure the rsaref error handling is set up */
162 rsaref_load_error_strings();
166 #ifdef ENGINE_DYNAMIC_SUPPORT
167 static int bind_helper(ENGINE *e, const char *id)
169 if(id && (strcmp(id, engine_rsaref_id) != 0))
175 IMPLEMENT_DYNAMIC_CHECK_FN()
176 IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
178 static ENGINE *engine_rsaref(void)
180 ENGINE *ret = ENGINE_new();
183 if(!bind_rsaref(ret))
191 void ENGINE_load_rsaref(void)
193 /* Copied from eng_[openssl|dyn].c */
194 ENGINE *toadd = engine_rsaref();
202 /* Initiator which is only present to make sure this engine looks available */
203 static int rsaref_init(ENGINE *e)
208 /* Finisher which is only present to make sure this engine looks available */
209 static int rsaref_finish(ENGINE *e)
214 /* Destructor (complements the "ENGINE_ncipher()" constructor) */
215 static int rsaref_destroy(ENGINE *e)
217 rsaref_unload_error_strings();
221 static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
223 RSAREFerr(RSAREF_F_RSAREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
227 static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
228 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
230 RSAREFerr(RSAREF_F_BNREF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
234 /* unsigned char *to: [max] */
235 static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
239 i=BN_num_bytes(from);
242 RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
246 memset(to,0,(unsigned int)max);
247 if (!BN_bn2bin(from,&(to[max-i])))
253 /* unsigned char *from: [max] */
254 static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
259 for (i=0; i<max; i++)
262 ret=BN_bin2bn(&(from[i]),max-i,to);
266 static int RSAref_Public_ref2eay(RSArefPublicKey *from, RSA *to)
268 to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
269 to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
270 if ((to->n == NULL) || (to->e == NULL)) return(0);
275 static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY *to)
277 to->bits=BN_num_bits(from->n);
278 if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
279 if (!RSAref_bn2bin(from->e,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
284 static int RSAref_Private_ref2eay(RSArefPrivateKey *from, RSA *to)
286 if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
288 if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
290 if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
292 if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
294 if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
296 if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
299 if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
302 if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
308 static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY *to)
310 to->bits=BN_num_bits(from->n);
311 if (!RSAref_bn2bin(from->n,to->modulus,MAX_RSA_MODULUS_LEN)) return(0);
312 if (!RSAref_bn2bin(from->e,to->publicExponent,MAX_RSA_MODULUS_LEN)) return(0);
313 if (!RSAref_bn2bin(from->d,to->exponent,MAX_RSA_MODULUS_LEN)) return(0);
314 if (!RSAref_bn2bin(from->p,to->prime[0],MAX_RSA_PRIME_LEN)) return(0);
315 if (!RSAref_bn2bin(from->q,to->prime[1],MAX_RSA_PRIME_LEN)) return(0);
316 if (!RSAref_bn2bin(from->dmp1,to->primeExponent[0],MAX_RSA_PRIME_LEN)) return(0);
317 if (!RSAref_bn2bin(from->dmq1,to->primeExponent[1],MAX_RSA_PRIME_LEN)) return(0);
318 if (!RSAref_bn2bin(from->iqmp,to->coefficient,MAX_RSA_PRIME_LEN)) return(0);
322 static int rsaref_private_decrypt(int len, const unsigned char *from, unsigned char *to,
323 RSA *rsa, int padding)
326 R_RSA_PRIVATE_KEY RSAkey;
328 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
330 if ((i=RSAPrivateDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
332 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT,i);
336 memset(&RSAkey,0,sizeof(RSAkey));
340 static int rsaref_private_encrypt(int len, const unsigned char *from, unsigned char *to,
341 RSA *rsa, int padding)
344 R_RSA_PRIVATE_KEY RSAkey;
346 if (padding != RSA_PKCS1_PADDING)
348 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
351 if (!RSAref_Private_eay2ref(rsa,&RSAkey))
353 if ((i=RSAPrivateEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
355 RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,i);
359 memset(&RSAkey,0,sizeof(RSAkey));
363 static int rsaref_public_decrypt(int len, const unsigned char *from, unsigned char *to,
364 RSA *rsa, int padding)
367 R_RSA_PUBLIC_KEY RSAkey;
369 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
371 if ((i=RSAPublicDecrypt(to,&outlen,(unsigned char *)from,len,&RSAkey)) != 0)
373 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT,i);
377 memset(&RSAkey,0,sizeof(RSAkey));
381 static int rsaref_public_encrypt(int len, const unsigned char *from, unsigned char *to,
382 RSA *rsa, int padding)
386 R_RSA_PUBLIC_KEY RSAkey;
388 unsigned char buf[16];
390 if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING)
392 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
397 R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
400 if (RAND_bytes(buf,16) <= 0)
402 R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
406 if (!RSAref_Public_eay2ref(rsa,&RSAkey))
408 if ((i=RSAPublicEncrypt(to,&outlen,(unsigned char *)from,len,&RSAkey,&rnd)) != 0)
410 RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT,i);
415 memset(&RSAkey,0,sizeof(RSAkey));
417 memset(&rnd,0,sizeof(rnd));