]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * libopenemv - a library to work with EMV family of smart cards | |
3 | * Copyright (C) 2015 Dmitry Eremin-Solenikov | |
4 | * Copyright (C) 2017 Merlok | |
5 | * | |
6 | * This library is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU Lesser General Public | |
8 | * License as published by the Free Software Foundation; either | |
9 | * version 2.1 of the License, or (at your option) any later version. | |
10 | * | |
11 | * This library is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * Lesser General Public License for more details. | |
15 | */ | |
16 | ||
17 | #ifdef HAVE_CONFIG_H | |
18 | #include <config.h> | |
19 | #endif | |
20 | ||
21 | #include "crypto.h" | |
22 | #include "crypto_backend.h" | |
23 | ||
24 | #include <stdarg.h> | |
25 | #include <stdio.h> | |
26 | #include <stdlib.h> | |
27 | #include <string.h> | |
28 | ||
29 | #include "mbedtls/rsa.h" | |
30 | #include "mbedtls/sha1.h" | |
31 | ||
32 | struct crypto_hash_polarssl { | |
33 | struct crypto_hash ch; | |
34 | mbedtls_sha1_context ctx; | |
35 | }; | |
36 | ||
37 | static void crypto_hash_polarssl_close(struct crypto_hash *_ch) | |
38 | { | |
39 | struct crypto_hash_polarssl *ch = (struct crypto_hash_polarssl *)_ch; | |
40 | ||
41 | free(ch); | |
42 | } | |
43 | ||
44 | static void crypto_hash_polarssl_write(struct crypto_hash *_ch, const unsigned char *buf, size_t len) | |
45 | { | |
46 | struct crypto_hash_polarssl *ch = (struct crypto_hash_polarssl *)_ch; | |
47 | ||
48 | mbedtls_sha1_update(&(ch->ctx), buf, len); | |
49 | } | |
50 | ||
51 | static unsigned char *crypto_hash_polarssl_read(struct crypto_hash *_ch) | |
52 | { | |
53 | struct crypto_hash_polarssl *ch = (struct crypto_hash_polarssl *)_ch; | |
54 | ||
55 | static unsigned char sha1sum[20]; | |
56 | mbedtls_sha1_finish(&(ch->ctx), sha1sum); | |
57 | return sha1sum; | |
58 | } | |
59 | ||
60 | static size_t crypto_hash_polarssl_get_size(const struct crypto_hash *ch) | |
61 | { | |
62 | if (ch->algo == HASH_SHA_1) | |
63 | return 20; | |
64 | else | |
65 | return 0; | |
66 | } | |
67 | ||
68 | static struct crypto_hash *crypto_hash_polarssl_open(enum crypto_algo_hash hash) | |
69 | { | |
70 | if (hash != HASH_SHA_1) | |
71 | return NULL; | |
72 | ||
73 | struct crypto_hash_polarssl *ch = malloc(sizeof(*ch)); | |
74 | ||
75 | mbedtls_sha1_starts(&(ch->ctx)); | |
76 | ||
77 | ch->ch.write = crypto_hash_polarssl_write; | |
78 | ch->ch.read = crypto_hash_polarssl_read; | |
79 | ch->ch.close = crypto_hash_polarssl_close; | |
80 | ch->ch.get_size = crypto_hash_polarssl_get_size; | |
81 | ||
82 | return &ch->ch; | |
83 | } | |
84 | ||
85 | struct crypto_pk_polarssl { | |
86 | struct crypto_pk cp; | |
87 | mbedtls_rsa_context ctx; | |
88 | }; | |
89 | ||
90 | static struct crypto_pk *crypto_pk_polarssl_open_rsa(va_list vl) | |
91 | { | |
92 | struct crypto_pk_polarssl *cp = malloc(sizeof(*cp)); | |
93 | memset(cp, 0x00, sizeof(*cp)); | |
94 | ||
95 | char *mod = va_arg(vl, char *); // N | |
96 | int modlen = va_arg(vl, size_t); | |
97 | char *exp = va_arg(vl, char *); // E | |
98 | int explen = va_arg(vl, size_t); | |
99 | ||
100 | mbedtls_rsa_init(&cp->ctx, MBEDTLS_RSA_PKCS_V15, 0); | |
101 | ||
102 | cp->ctx.len = modlen; // size(N) in bytes | |
103 | mbedtls_mpi_read_binary(&cp->ctx.N, (const unsigned char *)mod, modlen); | |
104 | mbedtls_mpi_read_binary(&cp->ctx.E, (const unsigned char *)exp, explen); | |
105 | ||
106 | int res = mbedtls_rsa_check_pubkey(&cp->ctx); | |
107 | if(res != 0) { | |
108 | fprintf(stderr, "PolarSSL public key error res=%x exp=%d mod=%d.\n", res * -1, explen, modlen); | |
109 | free(cp); | |
110 | return NULL; | |
111 | } | |
112 | ||
113 | return &cp->cp; | |
114 | } | |
115 | ||
116 | static struct crypto_pk *crypto_pk_polarssl_open_priv_rsa(va_list vl) | |
117 | { | |
118 | struct crypto_pk_polarssl *cp = malloc(sizeof(*cp)); | |
119 | memset(cp, 0x00, sizeof(*cp)); | |
120 | char *mod = va_arg(vl, char *); | |
121 | int modlen = va_arg(vl, size_t); | |
122 | char *exp = va_arg(vl, char *); | |
123 | int explen = va_arg(vl, size_t); | |
124 | char *d = va_arg(vl, char *); | |
125 | int dlen = va_arg(vl, size_t); | |
126 | char *p = va_arg(vl, char *); | |
127 | int plen = va_arg(vl, size_t); | |
128 | char *q = va_arg(vl, char *); | |
129 | int qlen = va_arg(vl, size_t); | |
130 | char *dp = va_arg(vl, char *); | |
131 | int dplen = va_arg(vl, size_t); | |
132 | char *dq = va_arg(vl, char *); | |
133 | int dqlen = va_arg(vl, size_t); | |
134 | // calc QP via Q and P | |
135 | // char *inv = va_arg(vl, char *); | |
136 | // int invlen = va_arg(vl, size_t); | |
137 | ||
138 | mbedtls_rsa_init(&cp->ctx, MBEDTLS_RSA_PKCS_V15, 0); | |
139 | ||
140 | cp->ctx.len = modlen; // size(N) in bytes | |
141 | mbedtls_mpi_read_binary(&cp->ctx.N, (const unsigned char *)mod, modlen); | |
142 | mbedtls_mpi_read_binary(&cp->ctx.E, (const unsigned char *)exp, explen); | |
143 | ||
144 | mbedtls_mpi_read_binary(&cp->ctx.D, (const unsigned char *)d, dlen); | |
145 | mbedtls_mpi_read_binary(&cp->ctx.P, (const unsigned char *)p, plen); | |
146 | mbedtls_mpi_read_binary(&cp->ctx.Q, (const unsigned char *)q, qlen); | |
147 | mbedtls_mpi_read_binary(&cp->ctx.DP, (const unsigned char *)dp, dplen); | |
148 | mbedtls_mpi_read_binary(&cp->ctx.DQ, (const unsigned char *)dq, dqlen); | |
149 | mbedtls_mpi_inv_mod(&cp->ctx.QP, &cp->ctx.Q, &cp->ctx.P); | |
150 | ||
151 | int res = mbedtls_rsa_check_privkey(&cp->ctx); | |
152 | if(res != 0) { | |
153 | fprintf(stderr, "PolarSSL private key error res=%x exp=%d mod=%d.\n", res * -1, explen, modlen); | |
154 | free(cp); | |
155 | return NULL; | |
156 | } | |
157 | ||
158 | return &cp->cp; | |
159 | } | |
160 | ||
161 | static int myrand(void *rng_state, unsigned char *output, size_t len) { | |
162 | size_t i; | |
163 | ||
164 | if(rng_state != NULL) | |
165 | rng_state = NULL; | |
166 | ||
167 | for( i = 0; i < len; ++i ) | |
168 | output[i] = rand(); | |
169 | ||
170 | return 0; | |
171 | } | |
172 | ||
173 | ||
174 | static struct crypto_pk *crypto_pk_polarssl_genkey_rsa(va_list vl) | |
175 | { | |
176 | struct crypto_pk_polarssl *cp = malloc(sizeof(*cp)); | |
177 | memset(cp, 0x00, sizeof(*cp)); | |
178 | ||
179 | int transient = va_arg(vl, int); | |
180 | unsigned int nbits = va_arg(vl, unsigned int); | |
181 | unsigned int exp = va_arg(vl, unsigned int); | |
182 | ||
183 | if (transient) { | |
184 | } | |
185 | ||
186 | int res = mbedtls_rsa_gen_key(&cp->ctx, &myrand, NULL, nbits, exp); | |
187 | if (res) { | |
188 | fprintf(stderr, "PolarSSL private key generation error res=%x exp=%d nbits=%d.\n", res * -1, exp, nbits); | |
189 | free(cp); | |
190 | return NULL; | |
191 | } | |
192 | ||
193 | return &cp->cp; | |
194 | } | |
195 | ||
196 | static void crypto_pk_polarssl_close(struct crypto_pk *_cp) | |
197 | { | |
198 | struct crypto_pk_polarssl *cp = (struct crypto_pk_polarssl *)_cp; | |
199 | ||
200 | mbedtls_rsa_free(&cp->ctx); | |
201 | free(cp); | |
202 | } | |
203 | ||
204 | static unsigned char *crypto_pk_polarssl_encrypt(const struct crypto_pk *_cp, const unsigned char *buf, size_t len, size_t *clen) | |
205 | { | |
206 | struct crypto_pk_polarssl *cp = (struct crypto_pk_polarssl *)_cp; | |
207 | int res; | |
208 | unsigned char *result; | |
209 | ||
210 | *clen = 0; | |
211 | size_t keylen = mbedtls_mpi_size(&cp->ctx.N); | |
212 | ||
213 | result = malloc(keylen); | |
214 | if (!result) { | |
215 | printf("RSA encrypt failed. Can't allocate result memory.\n"); | |
216 | return NULL; | |
217 | } | |
218 | ||
219 | res = mbedtls_rsa_public(&cp->ctx, buf, result); | |
220 | if(res) { | |
221 | printf("RSA encrypt failed. Error: %x data len: %zd key len: %zd\n", res * -1, len, keylen); | |
222 | free(result); | |
223 | return NULL; | |
224 | } | |
225 | ||
226 | *clen = keylen; | |
227 | ||
228 | return result; | |
229 | } | |
230 | ||
231 | static unsigned char *crypto_pk_polarssl_decrypt(const struct crypto_pk *_cp, const unsigned char *buf, size_t len, size_t *clen) | |
232 | { | |
233 | struct crypto_pk_polarssl *cp = (struct crypto_pk_polarssl *)_cp; | |
234 | int res; | |
235 | unsigned char *result; | |
236 | ||
237 | *clen = 0; | |
238 | size_t keylen = mbedtls_mpi_size(&cp->ctx.N); | |
239 | ||
240 | result = malloc(keylen); | |
241 | if (!result) { | |
242 | printf("RSA encrypt failed. Can't allocate result memory.\n"); | |
243 | return NULL; | |
244 | } | |
245 | ||
246 | res = mbedtls_rsa_private(&cp->ctx, NULL, NULL, buf, result); // CHECK??? | |
247 | if(res) { | |
248 | printf("RSA decrypt failed. Error: %x data len: %zd key len: %zd\n", res * -1, len, keylen); | |
249 | free(result); | |
250 | return NULL; | |
251 | } | |
252 | ||
253 | *clen = keylen; | |
254 | ||
255 | return result; | |
256 | } | |
257 | ||
258 | static size_t crypto_pk_polarssl_get_nbits(const struct crypto_pk *_cp) | |
259 | { | |
260 | struct crypto_pk_polarssl *cp = (struct crypto_pk_polarssl *)_cp; | |
261 | ||
262 | return cp->ctx.len * 8; | |
263 | return 0; | |
264 | } | |
265 | ||
266 | static unsigned char *crypto_pk_polarssl_get_parameter(const struct crypto_pk *_cp, unsigned param, size_t *plen) | |
267 | { | |
268 | struct crypto_pk_polarssl *cp = (struct crypto_pk_polarssl *)_cp; | |
269 | unsigned char *result = NULL; | |
270 | switch(param){ | |
271 | // mod | |
272 | case 0: | |
273 | *plen = mbedtls_mpi_size(&cp->ctx.N); | |
274 | result = malloc(*plen); | |
275 | memset(result, 0x00, *plen); | |
276 | mbedtls_mpi_write_binary(&cp->ctx.N, result, *plen); | |
277 | break; | |
278 | // exp | |
279 | case 1: | |
280 | *plen = mbedtls_mpi_size(&cp->ctx.E); | |
281 | result = malloc(*plen); | |
282 | memset(result, 0x00, *plen); | |
283 | mbedtls_mpi_write_binary(&cp->ctx.E, result, *plen); | |
284 | break; | |
285 | default: | |
286 | printf("Error get parameter. Param=%d", param); | |
287 | break; | |
288 | } | |
289 | ||
290 | return result; | |
291 | } | |
292 | ||
293 | static struct crypto_pk *crypto_pk_polarssl_open(enum crypto_algo_pk pk, va_list vl) | |
294 | { | |
295 | struct crypto_pk *cp; | |
296 | ||
297 | if (pk == PK_RSA) | |
298 | cp = crypto_pk_polarssl_open_rsa(vl); | |
299 | else | |
300 | return NULL; | |
301 | ||
302 | cp->close = crypto_pk_polarssl_close; | |
303 | cp->encrypt = crypto_pk_polarssl_encrypt; | |
304 | cp->get_parameter = crypto_pk_polarssl_get_parameter; | |
305 | cp->get_nbits = crypto_pk_polarssl_get_nbits; | |
306 | ||
307 | return cp; | |
308 | } | |
309 | ||
310 | static struct crypto_pk *crypto_pk_polarssl_open_priv(enum crypto_algo_pk pk, va_list vl) | |
311 | { | |
312 | struct crypto_pk *cp; | |
313 | ||
314 | if (pk == PK_RSA) | |
315 | cp = crypto_pk_polarssl_open_priv_rsa(vl); | |
316 | else | |
317 | return NULL; | |
318 | ||
319 | cp->close = crypto_pk_polarssl_close; | |
320 | cp->encrypt = crypto_pk_polarssl_encrypt; | |
321 | cp->decrypt = crypto_pk_polarssl_decrypt; | |
322 | cp->get_parameter = crypto_pk_polarssl_get_parameter; | |
323 | cp->get_nbits = crypto_pk_polarssl_get_nbits; | |
324 | ||
325 | return cp; | |
326 | } | |
327 | ||
328 | static struct crypto_pk *crypto_pk_polarssl_genkey(enum crypto_algo_pk pk, va_list vl) | |
329 | { | |
330 | struct crypto_pk *cp; | |
331 | ||
332 | if (pk == PK_RSA) | |
333 | cp = crypto_pk_polarssl_genkey_rsa(vl); | |
334 | else | |
335 | return NULL; | |
336 | ||
337 | cp->close = crypto_pk_polarssl_close; | |
338 | cp->encrypt = crypto_pk_polarssl_encrypt; | |
339 | cp->decrypt = crypto_pk_polarssl_decrypt; | |
340 | cp->get_parameter = crypto_pk_polarssl_get_parameter; | |
341 | cp->get_nbits = crypto_pk_polarssl_get_nbits; | |
342 | ||
343 | return cp; | |
344 | } | |
345 | ||
346 | static struct crypto_backend crypto_polarssl_backend = { | |
347 | .hash_open = crypto_hash_polarssl_open, | |
348 | .pk_open = crypto_pk_polarssl_open, | |
349 | .pk_open_priv = crypto_pk_polarssl_open_priv, | |
350 | .pk_genkey = crypto_pk_polarssl_genkey, | |
351 | }; | |
352 | ||
353 | struct crypto_backend *crypto_polarssl_init(void) | |
354 | { | |
355 | return &crypto_polarssl_backend; | |
356 | } |