155714Skris/* crypto/pem/pem_seal.c */
255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
355714Skris * All rights reserved.
455714Skris *
555714Skris * This package is an SSL implementation written
655714Skris * by Eric Young (eay@cryptsoft.com).
755714Skris * The implementation was written so as to conform with Netscapes SSL.
8296465Sdelphij *
955714Skris * This library is free for commercial and non-commercial use as long as
1055714Skris * the following conditions are aheared to.  The following conditions
1155714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1255714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1355714Skris * included with this distribution is covered by the same copyright terms
1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15296465Sdelphij *
1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1755714Skris * the code are not to be removed.
1855714Skris * If this package is used in a product, Eric Young should be given attribution
1955714Skris * as the author of the parts of the library used.
2055714Skris * This can be in the form of a textual message at program startup or
2155714Skris * in documentation (online or textual) provided with the package.
22296465Sdelphij *
2355714Skris * Redistribution and use in source and binary forms, with or without
2455714Skris * modification, are permitted provided that the following conditions
2555714Skris * are met:
2655714Skris * 1. Redistributions of source code must retain the copyright
2755714Skris *    notice, this list of conditions and the following disclaimer.
2855714Skris * 2. Redistributions in binary form must reproduce the above copyright
2955714Skris *    notice, this list of conditions and the following disclaimer in the
3055714Skris *    documentation and/or other materials provided with the distribution.
3155714Skris * 3. All advertising materials mentioning features or use of this software
3255714Skris *    must display the following acknowledgement:
3355714Skris *    "This product includes cryptographic software written by
3455714Skris *     Eric Young (eay@cryptsoft.com)"
3555714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3655714Skris *    being used are not cryptographic related :-).
37296465Sdelphij * 4. If you include any Windows specific code (or a derivative thereof) from
3855714Skris *    the apps directory (application code) you must include an acknowledgement:
3955714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40296465Sdelphij *
4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4455714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5155714Skris * SUCH DAMAGE.
52296465Sdelphij *
5355714Skris * The licence and distribution terms for any publically available version or
5455714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5555714Skris * copied and put under another distribution licence
5655714Skris * [including the GNU Public Licence.]
5755714Skris */
5855714Skris
59296465Sdelphij#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */
60109998Smarkm#ifndef OPENSSL_NO_RSA
61296465Sdelphij# include <stdio.h>
62296465Sdelphij# include "cryptlib.h"
63296465Sdelphij# include <openssl/evp.h>
64296465Sdelphij# include <openssl/rand.h>
65296465Sdelphij# include <openssl/objects.h>
66296465Sdelphij# include <openssl/x509.h>
67296465Sdelphij# include <openssl/pem.h>
68296465Sdelphij# include <openssl/rsa.h>
6955714Skris
7055714Skrisint PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
71296465Sdelphij                 unsigned char **ek, int *ekl, unsigned char *iv,
72296465Sdelphij                 EVP_PKEY **pubk, int npubk)
73296465Sdelphij{
74296465Sdelphij    unsigned char key[EVP_MAX_KEY_LENGTH];
75296465Sdelphij    int ret = -1;
76296465Sdelphij    int i, j, max = 0;
77296465Sdelphij    char *s = NULL;
7855714Skris
79296465Sdelphij    for (i = 0; i < npubk; i++) {
80296465Sdelphij        if (pubk[i]->type != EVP_PKEY_RSA) {
81296465Sdelphij            PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
82296465Sdelphij            goto err;
83296465Sdelphij        }
84296465Sdelphij        j = RSA_size(pubk[i]->pkey.rsa);
85296465Sdelphij        if (j > max)
86296465Sdelphij            max = j;
87296465Sdelphij    }
88296465Sdelphij    s = (char *)OPENSSL_malloc(max * 2);
89296465Sdelphij    if (s == NULL) {
90296465Sdelphij        PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
91296465Sdelphij        goto err;
92296465Sdelphij    }
9355714Skris
94296465Sdelphij    EVP_EncodeInit(&ctx->encode);
9555714Skris
96296465Sdelphij    EVP_MD_CTX_init(&ctx->md);
97296465Sdelphij    EVP_SignInit(&ctx->md, md_type);
98109998Smarkm
99296465Sdelphij    EVP_CIPHER_CTX_init(&ctx->cipher);
100296465Sdelphij    ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
101296465Sdelphij    if (ret <= 0)
102296465Sdelphij        goto err;
10355714Skris
104296465Sdelphij    /* base64 encode the keys */
105296465Sdelphij    for (i = 0; i < npubk; i++) {
106296465Sdelphij        j = EVP_EncodeBlock((unsigned char *)s, ek[i],
107296465Sdelphij                            RSA_size(pubk[i]->pkey.rsa));
108296465Sdelphij        ekl[i] = j;
109296465Sdelphij        memcpy(ek[i], s, j + 1);
110296465Sdelphij    }
11155714Skris
112296465Sdelphij    ret = npubk;
113296465Sdelphij err:
114296465Sdelphij    if (s != NULL)
115296465Sdelphij        OPENSSL_free(s);
116296465Sdelphij    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
117296465Sdelphij    return (ret);
118296465Sdelphij}
11955714Skris
12055714Skrisvoid PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
121296465Sdelphij                    unsigned char *in, int inl)
122296465Sdelphij{
123296465Sdelphij    unsigned char buffer[1600];
124296465Sdelphij    int i, j;
12555714Skris
126296465Sdelphij    *outl = 0;
127296465Sdelphij    EVP_SignUpdate(&ctx->md, in, inl);
128296465Sdelphij    for (;;) {
129296465Sdelphij        if (inl <= 0)
130296465Sdelphij            break;
131296465Sdelphij        if (inl > 1200)
132296465Sdelphij            i = 1200;
133296465Sdelphij        else
134296465Sdelphij            i = inl;
135296465Sdelphij        EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
136296465Sdelphij        EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
137296465Sdelphij        *outl += j;
138296465Sdelphij        out += j;
139296465Sdelphij        in += i;
140296465Sdelphij        inl -= i;
141296465Sdelphij    }
142296465Sdelphij}
14355714Skris
14455714Skrisint PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
145296465Sdelphij                  unsigned char *out, int *outl, EVP_PKEY *priv)
146296465Sdelphij{
147296465Sdelphij    unsigned char *s = NULL;
148296465Sdelphij    int ret = 0, j;
149296465Sdelphij    unsigned int i;
15055714Skris
151296465Sdelphij    if (priv->type != EVP_PKEY_RSA) {
152296465Sdelphij        PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
153296465Sdelphij        goto err;
154296465Sdelphij    }
155296465Sdelphij    i = RSA_size(priv->pkey.rsa);
156296465Sdelphij    if (i < 100)
157296465Sdelphij        i = 100;
158296465Sdelphij    s = (unsigned char *)OPENSSL_malloc(i * 2);
159296465Sdelphij    if (s == NULL) {
160296465Sdelphij        PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
161296465Sdelphij        goto err;
162296465Sdelphij    }
16355714Skris
164296465Sdelphij    EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i);
165296465Sdelphij    EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
166296465Sdelphij    *outl = j;
167296465Sdelphij    out += j;
168296465Sdelphij    EVP_EncodeFinal(&ctx->encode, out, &j);
169296465Sdelphij    *outl += j;
17055714Skris
171296465Sdelphij    if (!EVP_SignFinal(&ctx->md, s, &i, priv))
172296465Sdelphij        goto err;
173296465Sdelphij    *sigl = EVP_EncodeBlock(sig, s, i);
17455714Skris
175296465Sdelphij    ret = 1;
176296465Sdelphij err:
177296465Sdelphij    EVP_MD_CTX_cleanup(&ctx->md);
178296465Sdelphij    EVP_CIPHER_CTX_cleanup(&ctx->cipher);
179296465Sdelphij    if (s != NULL)
180296465Sdelphij        OPENSSL_free(s);
181296465Sdelphij    return (ret);
182296465Sdelphij}
183296465Sdelphij#else                           /* !OPENSSL_NO_RSA */
18459191Skris
18559191Skris# if PEDANTIC
186296465Sdelphijstatic void *dummy = &dummy;
18759191Skris# endif
18859191Skris
18955714Skris#endif
190