X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fgcrypt%2Frsa.c;h=eb9f58dbc06eb1cb34915d2ebc242f62afcc755b;hb=f6e87ab476a0faf8b124ecaaa27f967d825e6457;hp=62a21290f28b6c302b8cd949f81e0e79b5d2c09b;hpb=108b238915c5f58b3d94ab433dc5d04e064c2b11;p=tinc diff --git a/src/gcrypt/rsa.c b/src/gcrypt/rsa.c index 62a21290..eb9f58db 100644 --- a/src/gcrypt/rsa.c +++ b/src/gcrypt/rsa.c @@ -1,6 +1,6 @@ /* rsa.c -- RSA key handling - Copyright (C) 2007 Guus Sliepen + Copyright (C) 2007-2012 Guus Sliepen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -27,28 +27,28 @@ // Base64 decoding table static const uint8_t b64d[128] = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f, - 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, - 0x3a, 0x3b, 0x3c, 0x3d, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, - 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, - 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, - 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, - 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, - 0x19, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, - 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, - 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, - 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, - 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, - 0xff, 0xff + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f, + 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, + 0x3a, 0x3b, 0x3c, 0x3d, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, + 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, + 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, + 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, + 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, + 0xff, 0xff }; // PEM encoding/decoding functions @@ -61,12 +61,15 @@ static bool pem_decode(FILE *fp, const char *header, uint8_t *buf, size_t size, size_t i, j = 0; while(!feof(fp)) { - if(!fgets(line, sizeof line, fp)) + if(!fgets(line, sizeof(line), fp)) { return false; + } if(!decode && !strncmp(line, "-----BEGIN ", 11)) { - if(!strncmp(line + 11, header, strlen(header))) + if(!strncmp(line + 11, header, strlen(header))) { decode = true; + } + continue; } @@ -74,14 +77,18 @@ static bool pem_decode(FILE *fp, const char *header, uint8_t *buf, size_t size, break; } - if(!decode) + if(!decode) { continue; + } for(i = 0; line[i] >= ' '; i++) { - if((signed char)line[i] < 0 || b64d[(int)line[i]] == 0xff) + if((signed char)line[i] < 0 || b64d[(int)line[i]] == 0xff) { break; + } + word |= b64d[(int)line[i]] << shift; shift -= 6; + if(shift <= 2) { if(j > size) { errno = ENOMEM; @@ -95,8 +102,10 @@ static bool pem_decode(FILE *fp, const char *header, uint8_t *buf, size_t size, } } - if(outsize) + if(outsize) { *outsize = j; + } + return true; } @@ -104,20 +113,25 @@ static bool pem_decode(FILE *fp, const char *header, uint8_t *buf, size_t size, // BER decoding functions static int ber_read_id(unsigned char **p, size_t *buflen) { - if(*buflen <= 0) + if(*buflen <= 0) { return -1; + } if((**p & 0x1f) == 0x1f) { int id = 0; bool more; + while(*buflen > 0) { id <<= 7; id |= **p & 0x7f; more = *(*p)++ & 0x80; (*buflen)--; - if(!more) + + if(!more) { break; + } } + return id; } else { (*buflen)--; @@ -126,15 +140,18 @@ static int ber_read_id(unsigned char **p, size_t *buflen) { } static size_t ber_read_len(unsigned char **p, size_t *buflen) { - if(*buflen <= 0) + if(*buflen <= 0) { return -1; + } if(**p & 0x80) { size_t result = 0; int len = *(*p)++ & 0x7f; (*buflen)--; - if(len > *buflen) + + if(len > *buflen) { return 0; + } while(len--) { result <<= 8; @@ -148,15 +165,17 @@ static size_t ber_read_len(unsigned char **p, size_t *buflen) { return *(*p)++; } } - + static bool ber_read_sequence(unsigned char **p, size_t *buflen, size_t *result) { int tag = ber_read_id(p, buflen); size_t len = ber_read_len(p, buflen); if(tag == 0x10) { - if(result) + if(result) { *result = len; + } + return true; } else { return false; @@ -168,12 +187,14 @@ static bool ber_read_mpi(unsigned char **p, size_t *buflen, gcry_mpi_t *mpi) { size_t len = ber_read_len(p, buflen); gcry_error_t err = 0; - if(tag != 0x02 || len > *buflen) + if(tag != 0x02 || len > *buflen) { return false; + } - if(mpi) + if(mpi) { err = gcry_mpi_scan(mpi, GCRYMPI_FMT_USG, *p, len, NULL); - + } + *p += len; *buflen -= len; @@ -184,10 +205,10 @@ bool rsa_set_hex_public_key(rsa_t *rsa, char *n, char *e) { gcry_error_t err = 0; err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, n, 0, NULL); + ? : gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, e, 0, NULL); if(err) { - logger(LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno)); return false; } @@ -198,11 +219,11 @@ bool rsa_set_hex_private_key(rsa_t *rsa, char *n, char *e, char *d) { gcry_error_t err = 0; err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, n, 0, NULL) - ?: gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX, n, 0, NULL); + ? : gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, e, 0, NULL) + ? : gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX, d, 0, NULL); if(err) { - logger(LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno)); + logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno)); return false; } @@ -215,16 +236,16 @@ bool rsa_read_pem_public_key(rsa_t *rsa, FILE *fp) { uint8_t derbuf[8096], *derp = derbuf; size_t derlen; - if(!pem_decode(fp, "RSA PUBLIC KEY", derbuf, sizeof derbuf, &derlen)) { - logger(LOG_ERR, "Unable to read RSA public key: %s", strerror(errno)); + if(!pem_decode(fp, "RSA PUBLIC KEY", derbuf, sizeof(derbuf), &derlen)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", strerror(errno)); return NULL; } if(!ber_read_sequence(&derp, &derlen, NULL) - || !ber_read_mpi(&derp, &derlen, &rsa->n) - || !ber_read_mpi(&derp, &derlen, &rsa->e) - || derlen) { - logger(LOG_ERR, "Error while decoding RSA public key"); + || !ber_read_mpi(&derp, &derlen, &rsa->n) + || !ber_read_mpi(&derp, &derlen, &rsa->e) + || derlen) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error while decoding RSA public key"); return NULL; } @@ -235,23 +256,23 @@ bool rsa_read_pem_private_key(rsa_t *rsa, FILE *fp) { uint8_t derbuf[8096], *derp = derbuf; size_t derlen; - if(!pem_decode(fp, "RSA PRIVATE KEY", derbuf, sizeof derbuf, &derlen)) { - logger(LOG_ERR, "Unable to read RSA private key: %s", strerror(errno)); + if(!pem_decode(fp, "RSA PRIVATE KEY", derbuf, sizeof(derbuf), &derlen)) { + logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA private key: %s", strerror(errno)); return NULL; } if(!ber_read_sequence(&derp, &derlen, NULL) - || !ber_read_mpi(&derp, &derlen, NULL) - || !ber_read_mpi(&derp, &derlen, &rsa->n) - || !ber_read_mpi(&derp, &derlen, &rsa->e) - || !ber_read_mpi(&derp, &derlen, &rsa->d) - || !ber_read_mpi(&derp, &derlen, NULL) // p - || !ber_read_mpi(&derp, &derlen, NULL) // q - || !ber_read_mpi(&derp, &derlen, NULL) - || !ber_read_mpi(&derp, &derlen, NULL) - || !ber_read_mpi(&derp, &derlen, NULL) // u - || derlen) { - logger(LOG_ERR, "Error while decoding RSA private key"); + || !ber_read_mpi(&derp, &derlen, NULL) + || !ber_read_mpi(&derp, &derlen, &rsa->n) + || !ber_read_mpi(&derp, &derlen, &rsa->e) + || !ber_read_mpi(&derp, &derlen, &rsa->d) + || !ber_read_mpi(&derp, &derlen, NULL) // p + || !ber_read_mpi(&derp, &derlen, NULL) // q + || !ber_read_mpi(&derp, &derlen, NULL) + || !ber_read_mpi(&derp, &derlen, NULL) + || !ber_read_mpi(&derp, &derlen, NULL) // u + || derlen) { + logger(DEBUG_ALWAYS, LOG_ERR, "Error while decoding RSA private key"); return NULL; } @@ -267,7 +288,7 @@ size_t rsa_size(rsa_t *rsa) { */ // TODO: get rid of this macro, properly clean up gcry_ structures after use -#define check(foo) { gcry_error_t err = (foo); if(err) {logger(LOG_ERR, "gcrypt error %s/%s at %s:%d\n", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }} +#define check(foo) { gcry_error_t err = (foo); if(err) {logger(DEBUG_ALWAYS, LOG_ERR, "gcrypt error %s/%s at %s:%d", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }} bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t inmpi; @@ -276,7 +297,13 @@ bool rsa_public_encrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t outmpi = gcry_mpi_new(len * 8); gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n); - check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi)); + int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8; + + while(pad--) { + *(char *)out++ = 0; + } + + check(gcry_mpi_print(GCRYMPI_FMT_USG, out, len, NULL, outmpi)); return true; } @@ -288,7 +315,13 @@ bool rsa_private_decrypt(rsa_t *rsa, void *in, size_t len, void *out) { gcry_mpi_t outmpi = gcry_mpi_new(len * 8); gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n); - check(gcry_mpi_print(GCRYMPI_FMT_USG, out,len, NULL, outmpi)); + int pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8; + + while(pad--) { + *(char *)out++ = 0; + } + + check(gcry_mpi_print(GCRYMPI_FMT_USG, out, len, NULL, outmpi)); return true; }