155714Skris/* crypto/pem/pem_seal.c */
255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
355714Skris * All rights reserved.
455714Skris *
555714Skris * This package is an SSL implementation written
655714Skris * by Eric Young (eay@cryptsoft.com).
755714Skris * The implementation was written so as to conform with Netscapes SSL.
8296341Sdelphij *
955714Skris * This library is free for commercial and non-commercial use as long as
1055714Skris * the following conditions are aheared to.  The following conditions
1155714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1255714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1355714Skris * included with this distribution is covered by the same copyright terms
1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15296341Sdelphij *
1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1755714Skris * the code are not to be removed.
1855714Skris * If this package is used in a product, Eric Young should be given attribution
1955714Skris * as the author of the parts of the library used.
2055714Skris * This can be in the form of a textual message at program startup or
2155714Skris * in documentation (online or textual) provided with the package.
22296341Sdelphij *
2355714Skris * Redistribution and use in source and binary forms, with or without
2455714Skris * modification, are permitted provided that the following conditions
2555714Skris * are met:
2655714Skris * 1. Redistributions of source code must retain the copyright
2755714Skris *    notice, this list of conditions and the following disclaimer.
2855714Skris * 2. Redistributions in binary form must reproduce the above copyright
2955714Skris *    notice, this list of conditions and the following disclaimer in the
3055714Skris *    documentation and/or other materials provided with the distribution.
3155714Skris * 3. All advertising materials mentioning features or use of this software
3255714Skris *    must display the following acknowledgement:
3355714Skris *    "This product includes cryptographic software written by
3455714Skris *     Eric Young (eay@cryptsoft.com)"
3555714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3655714Skris *    being used are not cryptographic related :-).
37296341Sdelphij * 4. If you include any Windows specific code (or a derivative thereof) from
3855714Skris *    the apps directory (application code) you must include an acknowledgement:
3955714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40296341Sdelphij *
4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4455714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5155714Skris * SUCH DAMAGE.
52296341Sdelphij *
5355714Skris * The licence and distribution terms for any publically available version or
5455714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5555714Skris * copied and put under another distribution licence
5655714Skris * [including the GNU Public Licence.]
5755714Skris */
5855714Skris
59296341Sdelphij#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */
60109998Smarkm#ifndef OPENSSL_NO_RSA
61296341Sdelphij# include <stdio.h>
62296341Sdelphij# include "cryptlib.h"
63296341Sdelphij# include <openssl/evp.h>
64296341Sdelphij# include <openssl/rand.h>
65296341Sdelphij# include <openssl/objects.h>
66296341Sdelphij# include <openssl/x509.h>
67296341Sdelphij# include <openssl/pem.h>
68296341Sdelphij# include <openssl/rsa.h>
6955714Skris
7055714Skrisint PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
71296341Sdelphij                 unsigned char **ek, int *ekl, unsigned char *iv,
72296341Sdelphij                 EVP_PKEY **pubk, int npubk)
73296341Sdelphij{
74296341Sdelphij    unsigned char key[EVP_MAX_KEY_LENGTH];
75296341Sdelphij    int ret = -1;
76296341Sdelphij    int i, j, max = 0;
77296341Sdelphij    char *s = NULL;
7855714Skris
79296341Sdelphij    for (i = 0; i < npubk; i++) {
80296341Sdelphij        if (pubk[i]->type != EVP_PKEY_RSA) {
81296341Sdelphij            PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
82296341Sdelphij            goto err;
83296341Sdelphij        }
84296341Sdelphij        j = RSA_size(pubk[i]->pkey.rsa);
85296341Sdelphij        if (j > max)
86296341Sdelphij            max = j;
87296341Sdelphij    }
88296341Sdelphij    s = (char *)OPENSSL_malloc(max * 2);
89296341Sdelphij    if (s == NULL) {
90296341Sdelphij        PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
91296341Sdelphij        goto err;
92296341Sdelphij    }
9355714Skris
94296341Sdelphij    EVP_EncodeInit(&ctx->encode);
9555714Skris
96296341Sdelphij    EVP_MD_CTX_init(&ctx->md);
97296341Sdelphij    if (!EVP_SignInit(&ctx->md, md_type))
98296341Sdelphij        goto err;
99109998Smarkm
100296341Sdelphij    EVP_CIPHER_CTX_init(&ctx->cipher);
101296341Sdelphij    ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
102296341Sdelphij    if (ret <= 0)
103296341Sdelphij        goto err;
10455714Skris
105296341Sdelphij    /* base64 encode the keys */
106296341Sdelphij    for (i = 0; i < npubk; i++) {
107296341Sdelphij        j = EVP_EncodeBlock((unsigned char *)s, ek[i],
108296341Sdelphij                            RSA_size(pubk[i]->pkey.rsa));
109296341Sdelphij        ekl[i] = j;
110296341Sdelphij        memcpy(ek[i], s, j + 1);
111296341Sdelphij    }
11255714Skris
113296341Sdelphij    ret = npubk;
114296341Sdelphij err:
115296341Sdelphij    if (s != NULL)
116296341Sdelphij        OPENSSL_free(s);
117296341Sdelphij    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
118296341Sdelphij    return (ret);
119296341Sdelphij}
12055714Skris
12155714Skrisvoid PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
122296341Sdelphij                    unsigned char *in, int inl)
123296341Sdelphij{
124296341Sdelphij    unsigned char buffer[1600];
125296341Sdelphij    int i, j;
12655714Skris
127296341Sdelphij    *outl = 0;
128296341Sdelphij    EVP_SignUpdate(&ctx->md, in, inl);
129296341Sdelphij    for (;;) {
130296341Sdelphij        if (inl <= 0)
131296341Sdelphij            break;
132296341Sdelphij        if (inl > 1200)
133296341Sdelphij            i = 1200;
134296341Sdelphij        else
135296341Sdelphij            i = inl;
136296341Sdelphij        EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
137296341Sdelphij        EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
138296341Sdelphij        *outl += j;
139296341Sdelphij        out += j;
140296341Sdelphij        in += i;
141296341Sdelphij        inl -= i;
142296341Sdelphij    }
143296341Sdelphij}
14455714Skris
14555714Skrisint PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
146296341Sdelphij                  unsigned char *out, int *outl, EVP_PKEY *priv)
147296341Sdelphij{
148296341Sdelphij    unsigned char *s = NULL;
149296341Sdelphij    int ret = 0, j;
150296341Sdelphij    unsigned int i;
15155714Skris
152296341Sdelphij    if (priv->type != EVP_PKEY_RSA) {
153296341Sdelphij        PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
154296341Sdelphij        goto err;
155296341Sdelphij    }
156296341Sdelphij    i = RSA_size(priv->pkey.rsa);
157296341Sdelphij    if (i < 100)
158296341Sdelphij        i = 100;
159296341Sdelphij    s = (unsigned char *)OPENSSL_malloc(i * 2);
160296341Sdelphij    if (s == NULL) {
161296341Sdelphij        PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
162296341Sdelphij        goto err;
163296341Sdelphij    }
16455714Skris
165296341Sdelphij    if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
166296341Sdelphij        goto err;
167296341Sdelphij    EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
168296341Sdelphij    *outl = j;
169296341Sdelphij    out += j;
170296341Sdelphij    EVP_EncodeFinal(&ctx->encode, out, &j);
171296341Sdelphij    *outl += j;
17255714Skris
173296341Sdelphij    if (!EVP_SignFinal(&ctx->md, s, &i, priv))
174296341Sdelphij        goto err;
175296341Sdelphij    *sigl = EVP_EncodeBlock(sig, s, i);
17655714Skris
177296341Sdelphij    ret = 1;
178296341Sdelphij err:
179296341Sdelphij    EVP_MD_CTX_cleanup(&ctx->md);
180296341Sdelphij    EVP_CIPHER_CTX_cleanup(&ctx->cipher);
181296341Sdelphij    if (s != NULL)
182296341Sdelphij        OPENSSL_free(s);
183296341Sdelphij    return (ret);
184296341Sdelphij}
185296341Sdelphij#else                           /* !OPENSSL_NO_RSA */
18659191Skris
18759191Skris# if PEDANTIC
188296341Sdelphijstatic void *dummy = &dummy;
18959191Skris# endif
19059191Skris
19155714Skris#endif
192