PolarSSL v1.3.4
pk_wrap.c
Go to the documentation of this file.
1 /*
2  * Public Key abstraction layer: wrapper functions
3  *
4  * Copyright (C) 2006-2013, Brainspark B.V.
5  *
6  * This file is part of PolarSSL (http://www.polarssl.org)
7  * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8  *
9  * All rights reserved.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License along
22  * with this program; if not, write to the Free Software Foundation, Inc.,
23  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24  */
25 
26 #include "polarssl/config.h"
27 
28 #if defined(POLARSSL_PK_C)
29 
30 #include "polarssl/pk_wrap.h"
31 
32 /* Even if RSA not activated, for the sake of RSA-alt */
33 #include "polarssl/rsa.h"
34 
35 #if defined(POLARSSL_ECP_C)
36 #include "polarssl/ecp.h"
37 #endif
38 
39 #if defined(POLARSSL_ECDSA_C)
40 #include "polarssl/ecdsa.h"
41 #endif
42 
43 #if defined(POLARSSL_MEMORY_C)
44 #include "polarssl/memory.h"
45 #else
46 #include <stdlib.h>
47 #define polarssl_malloc malloc
48 #define polarssl_free free
49 #endif
50 
51 /* Used by RSA-alt too */
52 static int rsa_can_do( pk_type_t type )
53 {
54  return( type == POLARSSL_PK_RSA );
55 }
56 
57 #if defined(POLARSSL_RSA_C)
58 static size_t rsa_get_size( const void *ctx )
59 {
60  return( 8 * ((const rsa_context *) ctx)->len );
61 }
62 
63 static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
64  const unsigned char *hash, size_t hash_len,
65  const unsigned char *sig, size_t sig_len )
66 {
67  if( sig_len != ((rsa_context *) ctx)->len )
69 
70  return( rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
71  RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, sig ) );
72 }
73 
74 static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
75  const unsigned char *hash, size_t hash_len,
76  unsigned char *sig, size_t *sig_len,
77  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
78 {
79  *sig_len = ((rsa_context *) ctx)->len;
80 
81  return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
82  md_alg, (unsigned int) hash_len, hash, sig ) );
83 }
84 
85 static int rsa_decrypt_wrap( void *ctx,
86  const unsigned char *input, size_t ilen,
87  unsigned char *output, size_t *olen, size_t osize,
88  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
89 {
90  if( ilen != ((rsa_context *) ctx)->len )
92 
93  return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng,
94  RSA_PRIVATE, olen, input, output, osize ) );
95 }
96 
97 static int rsa_encrypt_wrap( void *ctx,
98  const unsigned char *input, size_t ilen,
99  unsigned char *output, size_t *olen, size_t osize,
100  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
101 {
102  ((void) osize);
103 
104  *olen = ((rsa_context *) ctx)->len;
105 
106  return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
107  f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
108 }
109 
110 static void *rsa_alloc_wrap( void )
111 {
112  void *ctx = polarssl_malloc( sizeof( rsa_context ) );
113 
114  if( ctx != NULL )
115  rsa_init( (rsa_context *) ctx, 0, 0 );
116 
117  return ctx;
118 }
119 
120 static void rsa_free_wrap( void *ctx )
121 {
122  rsa_free( (rsa_context *) ctx );
123  polarssl_free( ctx );
124 }
125 
126 static void rsa_debug( const void *ctx, pk_debug_item *items )
127 {
128  items->type = POLARSSL_PK_DEBUG_MPI;
129  items->name = "rsa.N";
130  items->value = &( ((rsa_context *) ctx)->N );
131 
132  items++;
133 
134  items->type = POLARSSL_PK_DEBUG_MPI;
135  items->name = "rsa.E";
136  items->value = &( ((rsa_context *) ctx)->E );
137 }
138 
139 const pk_info_t rsa_info = {
141  "RSA",
142  rsa_get_size,
143  rsa_can_do,
144  rsa_verify_wrap,
145  rsa_sign_wrap,
146  rsa_decrypt_wrap,
147  rsa_encrypt_wrap,
148  rsa_alloc_wrap,
149  rsa_free_wrap,
150  rsa_debug,
151 };
152 #endif /* POLARSSL_RSA_C */
153 
154 #if defined(POLARSSL_ECP_C)
155 /*
156  * Generic EC key
157  */
158 static int eckey_can_do( pk_type_t type )
159 {
160  return( type == POLARSSL_PK_ECKEY ||
161  type == POLARSSL_PK_ECKEY_DH ||
162  type == POLARSSL_PK_ECDSA );
163 }
164 
165 static size_t eckey_get_size( const void *ctx )
166 {
167  return( ((ecp_keypair *) ctx)->grp.pbits );
168 }
169 
170 #if defined(POLARSSL_ECDSA_C)
171 /* Forward declarations */
172 static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
173  const unsigned char *hash, size_t hash_len,
174  const unsigned char *sig, size_t sig_len );
175 
176 static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
177  const unsigned char *hash, size_t hash_len,
178  unsigned char *sig, size_t *sig_len,
179  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
180 
181 static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
182  const unsigned char *hash, size_t hash_len,
183  const unsigned char *sig, size_t sig_len )
184 {
185  int ret;
186  ecdsa_context ecdsa;
187 
188  ecdsa_init( &ecdsa );
189 
190  if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
191  ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
192 
193  ecdsa_free( &ecdsa );
194 
195  return( ret );
196 }
197 
198 static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
199  const unsigned char *hash, size_t hash_len,
200  unsigned char *sig, size_t *sig_len,
201  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
202 {
203  int ret;
204  ecdsa_context ecdsa;
205 
206  ecdsa_init( &ecdsa );
207 
208  if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
209  ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
210  f_rng, p_rng );
211 
212  ecdsa_free( &ecdsa );
213 
214  return( ret );
215 }
216 
217 #endif /* POLARSSL_ECDSA_C */
218 
219 static void *eckey_alloc_wrap( void )
220 {
221  void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
222 
223  if( ctx != NULL )
224  ecp_keypair_init( ctx );
225 
226  return( ctx );
227 }
228 
229 static void eckey_free_wrap( void *ctx )
230 {
231  ecp_keypair_free( (ecp_keypair *) ctx );
232  polarssl_free( ctx );
233 }
234 
235 static void eckey_debug( const void *ctx, pk_debug_item *items )
236 {
237  items->type = POLARSSL_PK_DEBUG_ECP;
238  items->name = "eckey.Q";
239  items->value = &( ((ecp_keypair *) ctx)->Q );
240 }
241 
242 const pk_info_t eckey_info = {
244  "EC",
245  eckey_get_size,
246  eckey_can_do,
247 #if defined(POLARSSL_ECDSA_C)
248  eckey_verify_wrap,
249  eckey_sign_wrap,
250 #else
251  NULL,
252  NULL,
253 #endif
254  NULL,
255  NULL,
256  eckey_alloc_wrap,
257  eckey_free_wrap,
258  eckey_debug,
259 };
260 
261 /*
262  * EC key resticted to ECDH
263  */
264 static int eckeydh_can_do( pk_type_t type )
265 {
266  return( type == POLARSSL_PK_ECKEY ||
267  type == POLARSSL_PK_ECKEY_DH );
268 }
269 
270 const pk_info_t eckeydh_info = {
272  "EC_DH",
273  eckey_get_size, /* Same underlying key structure */
274  eckeydh_can_do,
275  NULL,
276  NULL,
277  NULL,
278  NULL,
279  eckey_alloc_wrap, /* Same underlying key structure */
280  eckey_free_wrap, /* Same underlying key structure */
281  eckey_debug, /* Same underlying key structure */
282 };
283 #endif /* POLARSSL_ECP_C */
284 
285 #if defined(POLARSSL_ECDSA_C)
286 static int ecdsa_can_do( pk_type_t type )
287 {
288  return( type == POLARSSL_PK_ECDSA );
289 }
290 
291 static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
292  const unsigned char *hash, size_t hash_len,
293  const unsigned char *sig, size_t sig_len )
294 {
295  ((void) md_alg);
296 
297  return( ecdsa_read_signature( (ecdsa_context *) ctx,
298  hash, hash_len, sig, sig_len ) );
299 }
300 
301 static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
302  const unsigned char *hash, size_t hash_len,
303  unsigned char *sig, size_t *sig_len,
304  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
305 {
306  /* Use deterministic ECDSA by default if available */
307 #if defined(POLARSSL_ECDSA_DETERMINISTIC)
308  ((void) f_rng);
309  ((void) p_rng);
310 
311  return( ecdsa_write_signature_det( (ecdsa_context *) ctx,
312  hash, hash_len, sig, sig_len, md_alg ) );
313 #else
314  ((void) md_alg);
315 
316  return( ecdsa_write_signature( (ecdsa_context *) ctx,
317  hash, hash_len, sig, sig_len, f_rng, p_rng ) );
318 #endif
319 }
320 
321 static void *ecdsa_alloc_wrap( void )
322 {
323  void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
324 
325  if( ctx != NULL )
326  ecdsa_init( (ecdsa_context *) ctx );
327 
328  return( ctx );
329 }
330 
331 static void ecdsa_free_wrap( void *ctx )
332 {
333  ecdsa_free( (ecdsa_context *) ctx );
334  polarssl_free( ctx );
335 }
336 
337 const pk_info_t ecdsa_info = {
339  "ECDSA",
340  eckey_get_size, /* Compatible key structures */
341  ecdsa_can_do,
342  ecdsa_verify_wrap,
343  ecdsa_sign_wrap,
344  NULL,
345  NULL,
346  ecdsa_alloc_wrap,
347  ecdsa_free_wrap,
348  eckey_debug, /* Compatible key structures */
349 };
350 #endif /* POLARSSL_ECDSA_C */
351 
352 /*
353  * Support for alternative RSA-private implementations
354  */
355 
356 static size_t rsa_alt_get_size( const void *ctx )
357 {
358  const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx;
359 
360  return( rsa_alt->key_len_func( rsa_alt->key ) );
361 }
362 
363 static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
364  const unsigned char *hash, size_t hash_len,
365  unsigned char *sig, size_t *sig_len,
366  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
367 {
368  rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
369 
370  *sig_len = rsa_alt->key_len_func( rsa_alt->key );
371 
372  return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
373  md_alg, (unsigned int) hash_len, hash, sig ) );
374 }
375 
376 static int rsa_alt_decrypt_wrap( void *ctx,
377  const unsigned char *input, size_t ilen,
378  unsigned char *output, size_t *olen, size_t osize,
379  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
380 {
381  rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
382 
383  ((void) f_rng);
384  ((void) p_rng);
385 
386  if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
388 
389  return( rsa_alt->decrypt_func( rsa_alt->key,
390  RSA_PRIVATE, olen, input, output, osize ) );
391 }
392 
393 static void *rsa_alt_alloc_wrap( void )
394 {
395  void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
396 
397  if( ctx != NULL )
398  memset( ctx, 0, sizeof( rsa_alt_context ) );
399 
400  return ctx;
401 }
402 
403 static void rsa_alt_free_wrap( void *ctx )
404 {
405  polarssl_free( ctx );
406 }
407 
408 const pk_info_t rsa_alt_info = {
410  "RSA-alt",
411  rsa_alt_get_size,
412  rsa_can_do,
413  NULL,
414  rsa_alt_sign_wrap,
415  rsa_alt_decrypt_wrap,
416  NULL,
417  rsa_alt_alloc_wrap,
418  rsa_alt_free_wrap,
419  NULL,
420 };
421 
422 #endif /* POLARSSL_PK_C */
int ecdsa_from_keypair(ecdsa_context *ctx, const ecp_keypair *key)
Set an ECDSA context from an EC key pair.
void ecp_keypair_init(ecp_keypair *key)
Initialize a key pair (as an invalid one)
Memory allocation layer.
pk_rsa_alt_decrypt_func decrypt_func
Definition: pk_wrap.h:39
void *(* polarssl_malloc)(size_t len)
const pk_info_t eckeydh_info
Elliptic curves over GF(p)
int ecdsa_write_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20...
Elliptic curve DSA.
#define RSA_PUBLIC
Definition: rsa.h:55
Configuration options (set of defines)
ECP key pair structure.
Definition: ecp.h:159
int rsa_pkcs1_decrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
md_type_t
Definition: md.h:51
const char * name
Definition: pk.h:115
void rsa_free(rsa_context *ctx)
Free the components of an RSA key.
pk_debug_type type
Definition: pk.h:114
RSA context structure.
Definition: rsa.h:77
int rsa_pkcs1_encrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
Item to send to the debug module.
Definition: pk.h:112
#define RSA_PRIVATE
Definition: rsa.h:56
void(* polarssl_free)(void *ptr)
Public key information and operations.
Definition: pk.h:125
ECDSA context structure.
Definition: ecdsa.h:41
int ecdsa_read_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
Read and verify an ECDSA signature.
void ecdsa_init(ecdsa_context *ctx)
Initialize context.
pk_type_t
Public key types.
Definition: pk.h:90
int rsa_pkcs1_verify(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
Generic wrapper to perform a PKCS#1 verification using the mode from the context. ...
#define POLARSSL_ERR_RSA_VERIFY_FAILED
The PKCS#1 verification failed.
Definition: rsa.h:48
pk_rsa_alt_sign_func sign_func
Definition: pk_wrap.h:40
int rsa_pkcs1_sign(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
const pk_info_t rsa_alt_info
The RSA public-key cryptosystem.
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA
Bad input parameters to function.
Definition: rsa.h:42
const pk_info_t eckey_info
const pk_info_t rsa_info
const pk_info_t ecdsa_info
void rsa_init(rsa_context *ctx, int padding, int hash_id)
Initialize an RSA context.
void ecdsa_free(ecdsa_context *ctx)
Free context.
pk_rsa_alt_key_len_func key_len_func
Definition: pk_wrap.h:41
void * key
Definition: pk_wrap.h:38
int ecdsa_write_signature_det(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, md_type_t md_alg)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20...
void * value
Definition: pk.h:116
void ecp_keypair_free(ecp_keypair *key)
Free the components of a key pair.