PolarSSL v1.3.2
pk_wrap.c
Go to the documentation of this file.
1 /*
2  * Public Key abstraction layer: wrapper functions
3  *
4  * Copyright (C) 2006-2013, Brainspark B.V.
5  *
6  * This file is part of PolarSSL (http://www.polarssl.org)
7  * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8  *
9  * All rights reserved.
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2 of the License, or
14  * (at your option) any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License along
22  * with this program; if not, write to the Free Software Foundation, Inc.,
23  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24  */
25 
26 #include "polarssl/config.h"
27 
28 #if defined(POLARSSL_PK_C)
29 
30 #include "polarssl/pk_wrap.h"
31 
32 /* Even if RSA not activated, for the sake of RSA-alt */
33 #include "polarssl/rsa.h"
34 
35 #if defined(POLARSSL_ECP_C)
36 #include "polarssl/ecp.h"
37 #endif
38 
39 #if defined(POLARSSL_ECDSA_C)
40 #include "polarssl/ecdsa.h"
41 #endif
42 
43 #if defined(POLARSSL_MEMORY_C)
44 #include "polarssl/memory.h"
45 #else
46 #include <stdlib.h>
47 #define polarssl_malloc malloc
48 #define polarssl_free free
49 #endif
50 
51 /* Used by RSA-alt too */
52 static int rsa_can_do( pk_type_t type )
53 {
54  return( type == POLARSSL_PK_RSA );
55 }
56 
57 #if defined(POLARSSL_RSA_C)
58 static size_t rsa_get_size( const void *ctx )
59 {
60  return( 8 * ((rsa_context *) ctx)->len );
61 }
62 
63 static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
64  const unsigned char *hash, size_t hash_len,
65  const unsigned char *sig, size_t sig_len )
66 {
67  if( sig_len != ((rsa_context *) ctx)->len )
69 
70  return( rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
71  RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, sig ) );
72 }
73 
74 static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
75  const unsigned char *hash, size_t hash_len,
76  unsigned char *sig, size_t *sig_len,
77  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
78 {
79  *sig_len = ((rsa_context *) ctx)->len;
80 
81  return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
82  md_alg, (unsigned int) hash_len, hash, sig ) );
83 }
84 
85 static int rsa_decrypt_wrap( void *ctx,
86  const unsigned char *input, size_t ilen,
87  unsigned char *output, size_t *olen, size_t osize,
88  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
89 {
90  if( ilen != ((rsa_context *) ctx)->len )
92 
93  return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng,
94  RSA_PRIVATE, olen, input, output, osize ) );
95 }
96 
97 static int rsa_encrypt_wrap( void *ctx,
98  const unsigned char *input, size_t ilen,
99  unsigned char *output, size_t *olen, size_t osize,
100  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
101 {
102  ((void) osize);
103 
104  *olen = ((rsa_context *) ctx)->len;
105 
106  return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
107  f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
108 }
109 
110 static void *rsa_alloc_wrap( void )
111 {
112  void *ctx = polarssl_malloc( sizeof( rsa_context ) );
113 
114  if( ctx != NULL )
115  rsa_init( (rsa_context *) ctx, 0, 0 );
116 
117  return ctx;
118 }
119 
120 static void rsa_free_wrap( void *ctx )
121 {
122  rsa_free( (rsa_context *) ctx );
123  polarssl_free( ctx );
124 }
125 
126 static void rsa_debug( const void *ctx, pk_debug_item *items )
127 {
128  items->type = POLARSSL_PK_DEBUG_MPI;
129  items->name = "rsa.N";
130  items->value = &( ((rsa_context *) ctx)->N );
131 
132  items++;
133 
134  items->type = POLARSSL_PK_DEBUG_MPI;
135  items->name = "rsa.E";
136  items->value = &( ((rsa_context *) ctx)->E );
137 }
138 
139 const pk_info_t rsa_info = {
141  "RSA",
142  rsa_get_size,
143  rsa_can_do,
144  rsa_verify_wrap,
145  rsa_sign_wrap,
146  rsa_decrypt_wrap,
147  rsa_encrypt_wrap,
148  rsa_alloc_wrap,
149  rsa_free_wrap,
150  rsa_debug,
151 };
152 #endif /* POLARSSL_RSA_C */
153 
154 #if defined(POLARSSL_ECP_C)
155 /*
156  * Generic EC key
157  */
158 static int eckey_can_do( pk_type_t type )
159 {
160  return( type == POLARSSL_PK_ECKEY ||
161  type == POLARSSL_PK_ECKEY_DH ||
162  type == POLARSSL_PK_ECDSA );
163 }
164 
165 static size_t eckey_get_size( const void *ctx )
166 {
167  return( ((ecp_keypair *) ctx)->grp.pbits );
168 }
169 
170 #if defined(POLARSSL_ECDSA_C)
171 /* Forward declarations */
172 static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
173  const unsigned char *hash, size_t hash_len,
174  const unsigned char *sig, size_t sig_len );
175 
176 static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
177  const unsigned char *hash, size_t hash_len,
178  unsigned char *sig, size_t *sig_len,
179  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
180 
181 static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
182  const unsigned char *hash, size_t hash_len,
183  const unsigned char *sig, size_t sig_len )
184 {
185  int ret;
186  ecdsa_context ecdsa;
187 
188  ecdsa_init( &ecdsa );
189 
190  if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
191  ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
192 
193  ecdsa_free( &ecdsa );
194 
195  return( ret );
196 }
197 
198 static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
199  const unsigned char *hash, size_t hash_len,
200  unsigned char *sig, size_t *sig_len,
201  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
202 {
203  int ret;
204  ecdsa_context ecdsa;
205 
206  ecdsa_init( &ecdsa );
207 
208  if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
209  ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
210  f_rng, p_rng );
211 
212  ecdsa_free( &ecdsa );
213 
214  return( ret );
215 }
216 
217 #endif /* POLARSSL_ECDSA_C */
218 
219 static void *eckey_alloc_wrap( void )
220 {
221  void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
222 
223  if( ctx != NULL )
224  ecp_keypair_init( ctx );
225 
226  return( ctx );
227 }
228 
229 static void eckey_free_wrap( void *ctx )
230 {
231  ecp_keypair_free( (ecp_keypair *) ctx );
232  polarssl_free( ctx );
233 }
234 
235 static void eckey_debug( const void *ctx, pk_debug_item *items )
236 {
237  items->type = POLARSSL_PK_DEBUG_ECP;
238  items->name = "eckey.Q";
239  items->value = &( ((ecp_keypair *) ctx)->Q );
240 }
241 
242 const pk_info_t eckey_info = {
244  "EC",
245  eckey_get_size,
246  eckey_can_do,
247 #if defined(POLARSSL_ECDSA_C)
248  eckey_verify_wrap,
249  eckey_sign_wrap,
250 #else
251  NULL,
252  NULL,
253 #endif
254  NULL,
255  NULL,
256  eckey_alloc_wrap,
257  eckey_free_wrap,
258  eckey_debug,
259 };
260 
261 /*
262  * EC key resticted to ECDH
263  */
264 static int eckeydh_can_do( pk_type_t type )
265 {
266  return( type == POLARSSL_PK_ECKEY ||
267  type == POLARSSL_PK_ECKEY_DH );
268 }
269 
270 const pk_info_t eckeydh_info = {
272  "EC_DH",
273  eckey_get_size, /* Same underlying key structure */
274  eckeydh_can_do,
275  NULL,
276  NULL,
277  NULL,
278  NULL,
279  eckey_alloc_wrap, /* Same underlying key structure */
280  eckey_free_wrap, /* Same underlying key structure */
281  eckey_debug, /* Same underlying key structure */
282 };
283 #endif /* POLARSSL_ECP_C */
284 
285 #if defined(POLARSSL_ECDSA_C)
286 static int ecdsa_can_do( pk_type_t type )
287 {
288  return( type == POLARSSL_PK_ECDSA );
289 }
290 
291 static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
292  const unsigned char *hash, size_t hash_len,
293  const unsigned char *sig, size_t sig_len )
294 {
295  ((void) md_alg);
296 
297  return( ecdsa_read_signature( (ecdsa_context *) ctx,
298  hash, hash_len, sig, sig_len ) );
299 }
300 
301 static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
302  const unsigned char *hash, size_t hash_len,
303  unsigned char *sig, size_t *sig_len,
304  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
305 {
306  ((void) md_alg);
307 
308  return( ecdsa_write_signature( (ecdsa_context *) ctx,
309  hash, hash_len, sig, sig_len, f_rng, p_rng ) );
310 }
311 
312 static void *ecdsa_alloc_wrap( void )
313 {
314  void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
315 
316  if( ctx != NULL )
317  ecdsa_init( (ecdsa_context *) ctx );
318 
319  return( ctx );
320 }
321 
322 static void ecdsa_free_wrap( void *ctx )
323 {
324  ecdsa_free( (ecdsa_context *) ctx );
325  polarssl_free( ctx );
326 }
327 
328 const pk_info_t ecdsa_info = {
330  "ECDSA",
331  eckey_get_size, /* Compatible key structures */
332  ecdsa_can_do,
333  ecdsa_verify_wrap,
334  ecdsa_sign_wrap,
335  NULL,
336  NULL,
337  ecdsa_alloc_wrap,
338  ecdsa_free_wrap,
339  eckey_debug, /* Compatible key structures */
340 };
341 #endif /* POLARSSL_ECDSA_C */
342 
343 /*
344  * Support for alternative RSA-private implementations
345  */
346 
347 static size_t rsa_alt_get_size( const void *ctx )
348 {
349  rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
350 
351  return( rsa_alt->key_len_func( rsa_alt->key ) );
352 }
353 
354 static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
355  const unsigned char *hash, size_t hash_len,
356  unsigned char *sig, size_t *sig_len,
357  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
358 {
359  rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
360 
361  *sig_len = rsa_alt->key_len_func( rsa_alt->key );
362 
363  return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
364  md_alg, (unsigned int) hash_len, hash, sig ) );
365 }
366 
367 static int rsa_alt_decrypt_wrap( void *ctx,
368  const unsigned char *input, size_t ilen,
369  unsigned char *output, size_t *olen, size_t osize,
370  int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
371 {
372  rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
373 
374  ((void) f_rng);
375  ((void) p_rng);
376 
377  if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
379 
380  return( rsa_alt->decrypt_func( rsa_alt->key,
381  RSA_PRIVATE, olen, input, output, osize ) );
382 }
383 
384 static void *rsa_alt_alloc_wrap( void )
385 {
386  void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
387 
388  if( ctx != NULL )
389  memset( ctx, 0, sizeof( rsa_alt_context ) );
390 
391  return ctx;
392 }
393 
394 static void rsa_alt_free_wrap( void *ctx )
395 {
396  polarssl_free( ctx );
397 }
398 
399 const pk_info_t rsa_alt_info = {
401  "RSA-alt",
402  rsa_alt_get_size,
403  rsa_can_do,
404  NULL,
405  rsa_alt_sign_wrap,
406  rsa_alt_decrypt_wrap,
407  NULL,
408  rsa_alt_alloc_wrap,
409  rsa_alt_free_wrap,
410  NULL,
411 };
412 
413 #endif /* POLARSSL_PK_C */
int ecdsa_from_keypair(ecdsa_context *ctx, const ecp_keypair *key)
Set an ECDSA context from an EC key pair.
void ecp_keypair_init(ecp_keypair *key)
Initialize a key pair (as an invalid one)
Memory allocation layer.
pk_rsa_alt_decrypt_func decrypt_func
Definition: pk_wrap.h:39
void *(* polarssl_malloc)(size_t len)
const pk_info_t eckeydh_info
Elliptic curves over GF(p)
int ecdsa_write_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Compute ECDSA signature and write it to buffer, serialized as defined in RFC 4492 page 20...
Elliptic curve DSA.
#define RSA_PUBLIC
Definition: rsa.h:55
Configuration options (set of defines)
ECP key pair structure.
Definition: ecp.h:144
int rsa_pkcs1_decrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len)
Generic wrapper to perform a PKCS#1 decryption using the mode from the context.
md_type_t
Definition: md.h:51
const char * name
Definition: pk.h:115
void rsa_free(rsa_context *ctx)
Free the components of an RSA key.
pk_debug_type type
Definition: pk.h:114
RSA context structure.
Definition: rsa.h:77
int rsa_pkcs1_encrypt(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, size_t ilen, const unsigned char *input, unsigned char *output)
Generic wrapper to perform a PKCS#1 encryption using the mode from the context.
Item to send to the debug module.
Definition: pk.h:112
#define RSA_PRIVATE
Definition: rsa.h:56
void(* polarssl_free)(void *ptr)
Public key information and operations.
Definition: pk.h:125
ECDSA context structure.
Definition: ecdsa.h:37
int ecdsa_read_signature(ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen)
Read and verify an ECDSA signature.
void ecdsa_init(ecdsa_context *ctx)
Initialize context.
pk_type_t
Public key types.
Definition: pk.h:90
int rsa_pkcs1_verify(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig)
Generic wrapper to perform a PKCS#1 verification using the mode from the context. ...
#define POLARSSL_ERR_RSA_VERIFY_FAILED
The PKCS#1 verification failed.
Definition: rsa.h:48
pk_rsa_alt_sign_func sign_func
Definition: pk_wrap.h:40
int rsa_pkcs1_sign(rsa_context *ctx, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig)
Generic wrapper to perform a PKCS#1 signature using the mode from the context.
const pk_info_t rsa_alt_info
The RSA public-key cryptosystem.
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA
Bad input parameters to function.
Definition: rsa.h:42
const pk_info_t eckey_info
const pk_info_t rsa_info
const pk_info_t ecdsa_info
void rsa_init(rsa_context *ctx, int padding, int hash_id)
Initialize an RSA context.
void ecdsa_free(ecdsa_context *ctx)
Free context.
pk_rsa_alt_key_len_func key_len_func
Definition: pk_wrap.h:41
void * key
Definition: pk_wrap.h:38
void * value
Definition: pk.h:116
void ecp_keypair_free(ecp_keypair *key)
Free the components of a key pair.