00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022 #ifdef OPENSSL
00023 #include <config.h>
00024
00025 #ifndef USE_EVP
00026 #if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA512)
00027 #define USE_EVP 0
00028 #else
00029 #define USE_EVP 1
00030 #endif
00031 #endif
00032
00033
00034 #include <isc/entropy.h>
00035 #include <isc/md5.h>
00036 #include <isc/sha1.h>
00037 #include <isc/sha2.h>
00038 #include <isc/mem.h>
00039 #include <isc/string.h>
00040 #include <isc/util.h>
00041
00042 #include <dst/result.h>
00043
00044 #include "dst_internal.h"
00045 #include "dst_openssl.h"
00046 #include "dst_parse.h"
00047
00048 #include <openssl/err.h>
00049 #include <openssl/objects.h>
00050 #include <openssl/rsa.h>
00051 #if OPENSSL_VERSION_NUMBER > 0x00908000L
00052 #include <openssl/bn.h>
00053 #endif
00054 #ifdef USE_ENGINE
00055 #include <openssl/engine.h>
00056 #endif
00057
00058
00059
00060
00061 #ifndef RSA_MAX_PUBEXP_BITS
00062 #define RSA_MAX_PUBEXP_BITS 35
00063 #endif
00064
00065
00066
00067
00068
00069 #ifdef WIN32
00070 #if !((OPENSSL_VERSION_NUMBER >= 0x009070cfL && \
00071 OPENSSL_VERSION_NUMBER < 0x00908000L) || \
00072 OPENSSL_VERSION_NUMBER >= 0x0090804fL)
00073 #error Please upgrade OpenSSL to 0.9.8d/0.9.7l or greater.
00074 #endif
00075 #endif
00076
00077
00078
00079
00080
00081
00082
00083
00084
00085 #if 0
00086 #if OPENSSL_VERSION_NUMBER < 0x0090601fL
00087 #define SET_FLAGS(rsa) \
00088 do { \
00089 (rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \
00090 (rsa)->flags |= RSA_FLAG_BLINDING; \
00091 } while (0)
00092 #else
00093 #define SET_FLAGS(rsa) \
00094 do { \
00095 (rsa)->flags |= RSA_FLAG_BLINDING; \
00096 } while (0)
00097 #endif
00098 #endif
00099
00100 #if OPENSSL_VERSION_NUMBER < 0x0090601fL
00101 #define SET_FLAGS(rsa) \
00102 do { \
00103 (rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \
00104 (rsa)->flags &= ~RSA_FLAG_BLINDING; \
00105 } while (0)
00106 #elif defined(RSA_FLAG_NO_BLINDING)
00107 #define SET_FLAGS(rsa) \
00108 do { \
00109 (rsa)->flags &= ~RSA_FLAG_BLINDING; \
00110 (rsa)->flags |= RSA_FLAG_NO_BLINDING; \
00111 } while (0)
00112 #else
00113 #define SET_FLAGS(rsa) \
00114 do { \
00115 (rsa)->flags &= ~RSA_FLAG_BLINDING; \
00116 } while (0)
00117 #endif
00118
00119 #define DST_RET(a) {ret = a; goto err;}
00120
00121 static isc_result_t opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data);
00122
00123 static isc_result_t
00124 opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
00125 #if USE_EVP
00126 EVP_MD_CTX *evp_md_ctx;
00127 const EVP_MD *type = NULL;
00128 #endif
00129
00130 UNUSED(key);
00131 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
00132 dctx->key->key_alg == DST_ALG_RSASHA1 ||
00133 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
00134 dctx->key->key_alg == DST_ALG_RSASHA256 ||
00135 dctx->key->key_alg == DST_ALG_RSASHA512);
00136
00137 #if USE_EVP
00138 evp_md_ctx = EVP_MD_CTX_create();
00139 if (evp_md_ctx == NULL)
00140 return (ISC_R_NOMEMORY);
00141
00142 switch (dctx->key->key_alg) {
00143 case DST_ALG_RSAMD5:
00144 type = EVP_md5();
00145 break;
00146 case DST_ALG_RSASHA1:
00147 case DST_ALG_NSEC3RSASHA1:
00148 type = EVP_sha1();
00149 break;
00150 #ifdef HAVE_EVP_SHA256
00151 case DST_ALG_RSASHA256:
00152 type = EVP_sha256();
00153 break;
00154 #endif
00155 #ifdef HAVE_EVP_SHA512
00156 case DST_ALG_RSASHA512:
00157 type = EVP_sha512();
00158 break;
00159 #endif
00160 default:
00161 INSIST(0);
00162 }
00163
00164 if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) {
00165 EVP_MD_CTX_destroy(evp_md_ctx);
00166 return (dst__openssl_toresult3(dctx->category,
00167 "EVP_DigestInit_ex",
00168 ISC_R_FAILURE));
00169 }
00170 dctx->ctxdata.evp_md_ctx = evp_md_ctx;
00171 #else
00172 switch (dctx->key->key_alg) {
00173 case DST_ALG_RSAMD5:
00174 {
00175 isc_md5_t *md5ctx;
00176
00177 md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t));
00178 if (md5ctx == NULL)
00179 return (ISC_R_NOMEMORY);
00180 isc_md5_init(md5ctx);
00181 dctx->ctxdata.md5ctx = md5ctx;
00182 }
00183 break;
00184 case DST_ALG_RSASHA1:
00185 case DST_ALG_NSEC3RSASHA1:
00186 {
00187 isc_sha1_t *sha1ctx;
00188
00189 sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
00190 if (sha1ctx == NULL)
00191 return (ISC_R_NOMEMORY);
00192 isc_sha1_init(sha1ctx);
00193 dctx->ctxdata.sha1ctx = sha1ctx;
00194 }
00195 break;
00196 case DST_ALG_RSASHA256:
00197 {
00198 isc_sha256_t *sha256ctx;
00199
00200 sha256ctx = isc_mem_get(dctx->mctx,
00201 sizeof(isc_sha256_t));
00202 if (sha256ctx == NULL)
00203 return (ISC_R_NOMEMORY);
00204 isc_sha256_init(sha256ctx);
00205 dctx->ctxdata.sha256ctx = sha256ctx;
00206 }
00207 break;
00208 case DST_ALG_RSASHA512:
00209 {
00210 isc_sha512_t *sha512ctx;
00211
00212 sha512ctx = isc_mem_get(dctx->mctx,
00213 sizeof(isc_sha512_t));
00214 if (sha512ctx == NULL)
00215 return (ISC_R_NOMEMORY);
00216 isc_sha512_init(sha512ctx);
00217 dctx->ctxdata.sha512ctx = sha512ctx;
00218 }
00219 break;
00220 default:
00221 INSIST(0);
00222 }
00223 #endif
00224
00225 return (ISC_R_SUCCESS);
00226 }
00227
00228 static void
00229 opensslrsa_destroyctx(dst_context_t *dctx) {
00230 #if USE_EVP
00231 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
00232 #endif
00233
00234 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
00235 dctx->key->key_alg == DST_ALG_RSASHA1 ||
00236 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
00237 dctx->key->key_alg == DST_ALG_RSASHA256 ||
00238 dctx->key->key_alg == DST_ALG_RSASHA512);
00239
00240 #if USE_EVP
00241 if (evp_md_ctx != NULL) {
00242 EVP_MD_CTX_destroy(evp_md_ctx);
00243 dctx->ctxdata.evp_md_ctx = NULL;
00244 }
00245 #else
00246 switch (dctx->key->key_alg) {
00247 case DST_ALG_RSAMD5:
00248 {
00249 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
00250
00251 if (md5ctx != NULL) {
00252 isc_md5_invalidate(md5ctx);
00253 isc_mem_put(dctx->mctx, md5ctx,
00254 sizeof(isc_md5_t));
00255 dctx->ctxdata.md5ctx = NULL;
00256 }
00257 }
00258 break;
00259 case DST_ALG_RSASHA1:
00260 case DST_ALG_NSEC3RSASHA1:
00261 {
00262 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
00263
00264 if (sha1ctx != NULL) {
00265 isc_sha1_invalidate(sha1ctx);
00266 isc_mem_put(dctx->mctx, sha1ctx,
00267 sizeof(isc_sha1_t));
00268 dctx->ctxdata.sha1ctx = NULL;
00269 }
00270 }
00271 break;
00272 case DST_ALG_RSASHA256:
00273 {
00274 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
00275
00276 if (sha256ctx != NULL) {
00277 isc_sha256_invalidate(sha256ctx);
00278 isc_mem_put(dctx->mctx, sha256ctx,
00279 sizeof(isc_sha256_t));
00280 dctx->ctxdata.sha256ctx = NULL;
00281 }
00282 }
00283 break;
00284 case DST_ALG_RSASHA512:
00285 {
00286 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
00287
00288 if (sha512ctx != NULL) {
00289 isc_sha512_invalidate(sha512ctx);
00290 isc_mem_put(dctx->mctx, sha512ctx,
00291 sizeof(isc_sha512_t));
00292 dctx->ctxdata.sha512ctx = NULL;
00293 }
00294 }
00295 break;
00296 default:
00297 INSIST(0);
00298 }
00299 #endif
00300 }
00301
00302 static isc_result_t
00303 opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
00304 #if USE_EVP
00305 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
00306 #endif
00307
00308 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
00309 dctx->key->key_alg == DST_ALG_RSASHA1 ||
00310 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
00311 dctx->key->key_alg == DST_ALG_RSASHA256 ||
00312 dctx->key->key_alg == DST_ALG_RSASHA512);
00313
00314 #if USE_EVP
00315 if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) {
00316 return (dst__openssl_toresult3(dctx->category,
00317 "EVP_DigestUpdate",
00318 ISC_R_FAILURE));
00319 }
00320 #else
00321 switch (dctx->key->key_alg) {
00322 case DST_ALG_RSAMD5:
00323 {
00324 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
00325
00326 isc_md5_update(md5ctx, data->base, data->length);
00327 }
00328 break;
00329 case DST_ALG_RSASHA1:
00330 case DST_ALG_NSEC3RSASHA1:
00331 {
00332 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
00333
00334 isc_sha1_update(sha1ctx, data->base, data->length);
00335 }
00336 break;
00337 case DST_ALG_RSASHA256:
00338 {
00339 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
00340
00341 isc_sha256_update(sha256ctx, data->base, data->length);
00342 }
00343 break;
00344 case DST_ALG_RSASHA512:
00345 {
00346 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
00347
00348 isc_sha512_update(sha512ctx, data->base, data->length);
00349 }
00350 break;
00351 default:
00352 INSIST(0);
00353 }
00354 #endif
00355 return (ISC_R_SUCCESS);
00356 }
00357
00358 #if ! USE_EVP && OPENSSL_VERSION_NUMBER < 0x00908000L
00359
00360
00361
00362 static unsigned char sha256_prefix[] =
00363 { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48,
00364 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20};
00365 static unsigned char sha512_prefix[] =
00366 { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48,
00367 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40};
00368 #define PREFIXLEN sizeof(sha512_prefix)
00369 #else
00370 #define PREFIXLEN 0
00371 #endif
00372
00373 static isc_result_t
00374 opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
00375 dst_key_t *key = dctx->key;
00376 isc_region_t r;
00377 unsigned int siglen = 0;
00378 #if USE_EVP
00379 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
00380 EVP_PKEY *pkey = key->keydata.pkey;
00381 #else
00382 RSA *rsa = key->keydata.rsa;
00383
00384 unsigned char digest[PREFIXLEN + ISC_SHA512_DIGESTLENGTH];
00385 int status;
00386 int type = 0;
00387 unsigned int digestlen = 0;
00388 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00389 unsigned int prefixlen = 0;
00390 const unsigned char *prefix = NULL;
00391 #endif
00392 #endif
00393
00394 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
00395 dctx->key->key_alg == DST_ALG_RSASHA1 ||
00396 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
00397 dctx->key->key_alg == DST_ALG_RSASHA256 ||
00398 dctx->key->key_alg == DST_ALG_RSASHA512);
00399
00400 isc_buffer_availableregion(sig, &r);
00401
00402 #if USE_EVP
00403 if (r.length < (unsigned int) EVP_PKEY_size(pkey))
00404 return (ISC_R_NOSPACE);
00405
00406 if (!EVP_SignFinal(evp_md_ctx, r.base, &siglen, pkey)) {
00407 return (dst__openssl_toresult3(dctx->category,
00408 "EVP_SignFinal",
00409 ISC_R_FAILURE));
00410 }
00411 #else
00412 if (r.length < (unsigned int) RSA_size(rsa))
00413 return (ISC_R_NOSPACE);
00414
00415 switch (dctx->key->key_alg) {
00416 case DST_ALG_RSAMD5:
00417 {
00418 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
00419
00420 isc_md5_final(md5ctx, digest);
00421 type = NID_md5;
00422 digestlen = ISC_MD5_DIGESTLENGTH;
00423 }
00424 break;
00425 case DST_ALG_RSASHA1:
00426 case DST_ALG_NSEC3RSASHA1:
00427 {
00428 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
00429
00430 isc_sha1_final(sha1ctx, digest);
00431 type = NID_sha1;
00432 digestlen = ISC_SHA1_DIGESTLENGTH;
00433 }
00434 break;
00435 case DST_ALG_RSASHA256:
00436 {
00437 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
00438
00439 isc_sha256_final(digest, sha256ctx);
00440 digestlen = ISC_SHA256_DIGESTLENGTH;
00441 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00442 prefix = sha256_prefix;
00443 prefixlen = sizeof(sha256_prefix);
00444 #else
00445 type = NID_sha256;
00446 #endif
00447 }
00448 break;
00449 case DST_ALG_RSASHA512:
00450 {
00451 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
00452
00453 isc_sha512_final(digest, sha512ctx);
00454 digestlen = ISC_SHA512_DIGESTLENGTH;
00455 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00456 prefix = sha512_prefix;
00457 prefixlen = sizeof(sha512_prefix);
00458 #else
00459 type = NID_sha512;
00460 #endif
00461 }
00462 break;
00463 default:
00464 INSIST(0);
00465 }
00466
00467 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00468 switch (dctx->key->key_alg) {
00469 case DST_ALG_RSAMD5:
00470 case DST_ALG_RSASHA1:
00471 case DST_ALG_NSEC3RSASHA1:
00472 INSIST(type != 0);
00473 status = RSA_sign(type, digest, digestlen, r.base,
00474 &siglen, rsa);
00475 break;
00476
00477 case DST_ALG_RSASHA256:
00478 case DST_ALG_RSASHA512:
00479 INSIST(prefix != NULL);
00480 INSIST(prefixlen != 0);
00481 INSIST(prefixlen + digestlen <= sizeof(digest));
00482
00483 memmove(digest + prefixlen, digest, digestlen);
00484 memmove(digest, prefix, prefixlen);
00485 status = RSA_private_encrypt(digestlen + prefixlen,
00486 digest, r.base, rsa,
00487 RSA_PKCS1_PADDING);
00488 if (status < 0)
00489 status = 0;
00490 else
00491 siglen = status;
00492 break;
00493
00494 default:
00495 INSIST(0);
00496 }
00497 #else
00498 INSIST(type != 0);
00499 status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa);
00500 #endif
00501 if (status == 0)
00502 return (dst__openssl_toresult3(dctx->category,
00503 "RSA_sign",
00504 DST_R_OPENSSLFAILURE));
00505 #endif
00506
00507 isc_buffer_add(sig, siglen);
00508
00509 return (ISC_R_SUCCESS);
00510 }
00511
00512 static isc_result_t
00513 opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) {
00514 dst_key_t *key = dctx->key;
00515 int status = 0;
00516 #if USE_EVP
00517 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
00518 EVP_PKEY *pkey = key->keydata.pkey;
00519 RSA *rsa;
00520 int bits;
00521 #else
00522
00523 unsigned char digest[ISC_SHA512_DIGESTLENGTH];
00524 int type = 0;
00525 unsigned int digestlen = 0;
00526 RSA *rsa = key->keydata.rsa;
00527 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00528 unsigned int prefixlen = 0;
00529 const unsigned char *prefix = NULL;
00530 #endif
00531 #endif
00532
00533 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
00534 dctx->key->key_alg == DST_ALG_RSASHA1 ||
00535 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
00536 dctx->key->key_alg == DST_ALG_RSASHA256 ||
00537 dctx->key->key_alg == DST_ALG_RSASHA512);
00538
00539 #if USE_EVP
00540 rsa = EVP_PKEY_get1_RSA(pkey);
00541 if (rsa == NULL)
00542 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
00543 bits = BN_num_bits(rsa->e);
00544 RSA_free(rsa);
00545 if (bits > maxbits && maxbits != 0)
00546 return (DST_R_VERIFYFAILURE);
00547
00548 status = EVP_VerifyFinal(evp_md_ctx, sig->base, sig->length, pkey);
00549 switch (status) {
00550 case 1:
00551 return (ISC_R_SUCCESS);
00552 case 0:
00553 return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
00554 default:
00555 return (dst__openssl_toresult3(dctx->category,
00556 "EVP_VerifyFinal",
00557 DST_R_VERIFYFAILURE));
00558 }
00559 #else
00560 if (BN_num_bits(rsa->e) > maxbits && maxbits != 0)
00561 return (DST_R_VERIFYFAILURE);
00562
00563 switch (dctx->key->key_alg) {
00564 case DST_ALG_RSAMD5:
00565 {
00566 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
00567
00568 isc_md5_final(md5ctx, digest);
00569 type = NID_md5;
00570 digestlen = ISC_MD5_DIGESTLENGTH;
00571 }
00572 break;
00573 case DST_ALG_RSASHA1:
00574 case DST_ALG_NSEC3RSASHA1:
00575 {
00576 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
00577
00578 isc_sha1_final(sha1ctx, digest);
00579 type = NID_sha1;
00580 digestlen = ISC_SHA1_DIGESTLENGTH;
00581 }
00582 break;
00583 case DST_ALG_RSASHA256:
00584 {
00585 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
00586
00587 isc_sha256_final(digest, sha256ctx);
00588 digestlen = ISC_SHA256_DIGESTLENGTH;
00589 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00590 prefix = sha256_prefix;
00591 prefixlen = sizeof(sha256_prefix);
00592 #else
00593 type = NID_sha256;
00594 #endif
00595 }
00596 break;
00597 case DST_ALG_RSASHA512:
00598 {
00599 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
00600
00601 isc_sha512_final(digest, sha512ctx);
00602 digestlen = ISC_SHA512_DIGESTLENGTH;
00603 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00604 prefix = sha512_prefix;
00605 prefixlen = sizeof(sha512_prefix);
00606 #else
00607 type = NID_sha512;
00608 #endif
00609 }
00610 break;
00611 default:
00612 INSIST(0);
00613 }
00614
00615 if (sig->length != (unsigned int) RSA_size(rsa))
00616 return (DST_R_VERIFYFAILURE);
00617
00618 #if OPENSSL_VERSION_NUMBER < 0x00908000L
00619 switch (dctx->key->key_alg) {
00620 case DST_ALG_RSAMD5:
00621 case DST_ALG_RSASHA1:
00622 case DST_ALG_NSEC3RSASHA1:
00623 INSIST(type != 0);
00624 status = RSA_verify(type, digest, digestlen, sig->base,
00625 RSA_size(rsa), rsa);
00626 break;
00627
00628 case DST_ALG_RSASHA256:
00629 case DST_ALG_RSASHA512:
00630 {
00631
00632
00633
00634
00635 unsigned char original[PREFIXLEN + 1024];
00636
00637 INSIST(prefix != NULL);
00638 INSIST(prefixlen != 0U);
00639
00640 if (RSA_size(rsa) > (int)sizeof(original))
00641 return (DST_R_VERIFYFAILURE);
00642
00643 status = RSA_public_decrypt(sig->length, sig->base,
00644 original, rsa,
00645 RSA_PKCS1_PADDING);
00646 if (status <= 0)
00647 return (dst__openssl_toresult3(
00648 dctx->category,
00649 "RSA_public_decrypt",
00650 DST_R_VERIFYFAILURE));
00651 if (status != (int)(prefixlen + digestlen))
00652 return (DST_R_VERIFYFAILURE);
00653 if (memcmp(original, prefix, prefixlen))
00654 return (DST_R_VERIFYFAILURE);
00655 if (memcmp(original + prefixlen, digest, digestlen))
00656 return (DST_R_VERIFYFAILURE);
00657 status = 1;
00658 }
00659 break;
00660
00661 default:
00662 INSIST(0);
00663 }
00664 #else
00665 INSIST(type != 0);
00666 status = RSA_verify(type, digest, digestlen, sig->base,
00667 RSA_size(rsa), rsa);
00668 #endif
00669 if (status != 1)
00670 return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
00671 return (ISC_R_SUCCESS);
00672 #endif
00673 }
00674
00675 static isc_result_t
00676 opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
00677 return (opensslrsa_verify2(dctx, 0, sig));
00678 }
00679
00680 static isc_boolean_t
00681 opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
00682 int status;
00683 RSA *rsa1 = NULL, *rsa2 = NULL;
00684 #if USE_EVP
00685 EVP_PKEY *pkey1, *pkey2;
00686 #endif
00687
00688 #if USE_EVP
00689 pkey1 = key1->keydata.pkey;
00690 pkey2 = key2->keydata.pkey;
00691
00692
00693
00694
00695 if (pkey1 != NULL) {
00696 rsa1 = EVP_PKEY_get1_RSA(pkey1);
00697 RSA_free(rsa1);
00698 }
00699 if (pkey2 != NULL) {
00700 rsa2 = EVP_PKEY_get1_RSA(pkey2);
00701 RSA_free(rsa2);
00702 }
00703 #else
00704 rsa1 = key1->keydata.rsa;
00705 rsa2 = key2->keydata.rsa;
00706 #endif
00707
00708 if (rsa1 == NULL && rsa2 == NULL)
00709 return (ISC_TRUE);
00710 else if (rsa1 == NULL || rsa2 == NULL)
00711 return (ISC_FALSE);
00712
00713 status = BN_cmp(rsa1->n, rsa2->n) ||
00714 BN_cmp(rsa1->e, rsa2->e);
00715
00716 if (status != 0)
00717 return (ISC_FALSE);
00718
00719 #if USE_EVP
00720 if ((rsa1->flags & RSA_FLAG_EXT_PKEY) != 0 ||
00721 (rsa2->flags & RSA_FLAG_EXT_PKEY) != 0) {
00722 if ((rsa1->flags & RSA_FLAG_EXT_PKEY) == 0 ||
00723 (rsa2->flags & RSA_FLAG_EXT_PKEY) == 0)
00724 return (ISC_FALSE);
00725
00726
00727
00728 return (ISC_TRUE);
00729 }
00730 #endif
00731
00732 if (rsa1->d != NULL || rsa2->d != NULL) {
00733 if (rsa1->d == NULL || rsa2->d == NULL)
00734 return (ISC_FALSE);
00735 status = BN_cmp(rsa1->d, rsa2->d) ||
00736 BN_cmp(rsa1->p, rsa2->p) ||
00737 BN_cmp(rsa1->q, rsa2->q);
00738
00739 if (status != 0)
00740 return (ISC_FALSE);
00741 }
00742 return (ISC_TRUE);
00743 }
00744
00745 #if OPENSSL_VERSION_NUMBER > 0x00908000L
00746 static int
00747 progress_cb(int p, int n, BN_GENCB *cb) {
00748 union {
00749 void *dptr;
00750 void (*fptr)(int);
00751 } u;
00752
00753 UNUSED(n);
00754
00755 u.dptr = cb->arg;
00756 if (u.fptr != NULL)
00757 u.fptr(p);
00758 return (1);
00759 }
00760 #endif
00761
00762 static isc_result_t
00763 opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
00764 #if OPENSSL_VERSION_NUMBER > 0x00908000L
00765 isc_result_t ret = DST_R_OPENSSLFAILURE;
00766 BN_GENCB cb;
00767 union {
00768 void *dptr;
00769 void (*fptr)(int);
00770 } u;
00771 RSA *rsa = RSA_new();
00772 BIGNUM *e = BN_new();
00773 #if USE_EVP
00774 EVP_PKEY *pkey = EVP_PKEY_new();
00775 #endif
00776
00777 if (rsa == NULL || e == NULL)
00778 goto err;
00779 #if USE_EVP
00780 if (pkey == NULL)
00781 goto err;
00782 if (!EVP_PKEY_set1_RSA(pkey, rsa))
00783 goto err;
00784 #endif
00785
00786 if (exp == 0) {
00787
00788 BN_set_bit(e, 0);
00789 BN_set_bit(e, 16);
00790 } else {
00791
00792 BN_set_bit(e, 0);
00793 BN_set_bit(e, 32);
00794 }
00795
00796 if (callback == NULL) {
00797 BN_GENCB_set_old(&cb, NULL, NULL);
00798 } else {
00799 u.fptr = callback;
00800 BN_GENCB_set(&cb, &progress_cb, u.dptr);
00801 }
00802
00803 if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) {
00804 BN_free(e);
00805 SET_FLAGS(rsa);
00806 #if USE_EVP
00807 key->keydata.pkey = pkey;
00808
00809 RSA_free(rsa);
00810 #else
00811 key->keydata.rsa = rsa;
00812 #endif
00813 return (ISC_R_SUCCESS);
00814 }
00815 ret = dst__openssl_toresult2("RSA_generate_key_ex",
00816 DST_R_OPENSSLFAILURE);
00817
00818 err:
00819 #if USE_EVP
00820 if (pkey != NULL)
00821 EVP_PKEY_free(pkey);
00822 #endif
00823 if (e != NULL)
00824 BN_free(e);
00825 if (rsa != NULL)
00826 RSA_free(rsa);
00827 return (dst__openssl_toresult(ret));
00828 #else
00829 RSA *rsa;
00830 unsigned long e;
00831 #if USE_EVP
00832 EVP_PKEY *pkey = EVP_PKEY_new();
00833
00834 UNUSED(callback);
00835
00836 if (pkey == NULL)
00837 return (ISC_R_NOMEMORY);
00838 #else
00839 UNUSED(callback);
00840 #endif
00841
00842 if (exp == 0)
00843 e = RSA_F4;
00844 else
00845 e = 0x40000003;
00846 rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
00847 if (rsa == NULL) {
00848 #if USE_EVP
00849 EVP_PKEY_free(pkey);
00850 #endif
00851 return (dst__openssl_toresult2("RSA_generate_key",
00852 DST_R_OPENSSLFAILURE));
00853 }
00854 SET_FLAGS(rsa);
00855 #if USE_EVP
00856 if (!EVP_PKEY_set1_RSA(pkey, rsa)) {
00857 EVP_PKEY_free(pkey);
00858 RSA_free(rsa);
00859 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
00860 }
00861 key->keydata.pkey = pkey;
00862 RSA_free(rsa);
00863 #else
00864 key->keydata.rsa = rsa;
00865 #endif
00866
00867 return (ISC_R_SUCCESS);
00868 #endif
00869 }
00870
00871 static isc_boolean_t
00872 opensslrsa_isprivate(const dst_key_t *key) {
00873 #if USE_EVP
00874 RSA *rsa = EVP_PKEY_get1_RSA(key->keydata.pkey);
00875 INSIST(rsa != NULL);
00876 RSA_free(rsa);
00877
00878 #else
00879 RSA *rsa = key->keydata.rsa;
00880 #endif
00881 if (rsa != NULL && (rsa->flags & RSA_FLAG_EXT_PKEY) != 0)
00882 return (ISC_TRUE);
00883 return (ISC_TF(rsa != NULL && rsa->d != NULL));
00884 }
00885
00886 static void
00887 opensslrsa_destroy(dst_key_t *key) {
00888 #if USE_EVP
00889 EVP_PKEY *pkey = key->keydata.pkey;
00890 EVP_PKEY_free(pkey);
00891 key->keydata.pkey = NULL;
00892 #else
00893 RSA *rsa = key->keydata.rsa;
00894 RSA_free(rsa);
00895 key->keydata.rsa = NULL;
00896 #endif
00897 }
00898
00899
00900 static isc_result_t
00901 opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) {
00902 isc_region_t r;
00903 unsigned int e_bytes;
00904 unsigned int mod_bytes;
00905 isc_result_t ret;
00906 RSA *rsa;
00907 #if USE_EVP
00908 EVP_PKEY *pkey;
00909 #endif
00910
00911 #if USE_EVP
00912 REQUIRE(key->keydata.pkey != NULL);
00913 #else
00914 REQUIRE(key->keydata.rsa != NULL);
00915 #endif
00916
00917 #if USE_EVP
00918 pkey = key->keydata.pkey;
00919 rsa = EVP_PKEY_get1_RSA(pkey);
00920 if (rsa == NULL)
00921 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
00922 #else
00923 rsa = key->keydata.rsa;
00924 #endif
00925
00926 isc_buffer_availableregion(data, &r);
00927
00928 e_bytes = BN_num_bytes(rsa->e);
00929 mod_bytes = BN_num_bytes(rsa->n);
00930
00931 if (e_bytes < 256) {
00932 if (r.length < 1)
00933 DST_RET(ISC_R_NOSPACE);
00934 isc_buffer_putuint8(data, (isc_uint8_t) e_bytes);
00935 isc_region_consume(&r, 1);
00936 } else {
00937 if (r.length < 3)
00938 DST_RET(ISC_R_NOSPACE);
00939 isc_buffer_putuint8(data, 0);
00940 isc_buffer_putuint16(data, (isc_uint16_t) e_bytes);
00941 isc_region_consume(&r, 3);
00942 }
00943
00944 if (r.length < e_bytes + mod_bytes)
00945 DST_RET(ISC_R_NOSPACE);
00946
00947 BN_bn2bin(rsa->e, r.base);
00948 isc_region_consume(&r, e_bytes);
00949 BN_bn2bin(rsa->n, r.base);
00950
00951 isc_buffer_add(data, e_bytes + mod_bytes);
00952
00953 ret = ISC_R_SUCCESS;
00954 err:
00955 #if USE_EVP
00956 if (rsa != NULL)
00957 RSA_free(rsa);
00958 #endif
00959 return (ret);
00960 }
00961
00962 static isc_result_t
00963 opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
00964 RSA *rsa;
00965 isc_region_t r;
00966 unsigned int e_bytes;
00967 #if USE_EVP
00968 EVP_PKEY *pkey;
00969 #endif
00970
00971 isc_buffer_remainingregion(data, &r);
00972 if (r.length == 0)
00973 return (ISC_R_SUCCESS);
00974
00975 rsa = RSA_new();
00976 if (rsa == NULL)
00977 return (dst__openssl_toresult(ISC_R_NOMEMORY));
00978 SET_FLAGS(rsa);
00979
00980 if (r.length < 1) {
00981 RSA_free(rsa);
00982 return (DST_R_INVALIDPUBLICKEY);
00983 }
00984 e_bytes = *r.base++;
00985 r.length--;
00986
00987 if (e_bytes == 0) {
00988 if (r.length < 2) {
00989 RSA_free(rsa);
00990 return (DST_R_INVALIDPUBLICKEY);
00991 }
00992 e_bytes = ((*r.base++) << 8);
00993 e_bytes += *r.base++;
00994 r.length -= 2;
00995 }
00996
00997 if (r.length < e_bytes) {
00998 RSA_free(rsa);
00999 return (DST_R_INVALIDPUBLICKEY);
01000 }
01001 rsa->e = BN_bin2bn(r.base, e_bytes, NULL);
01002 r.base += e_bytes;
01003 r.length -= e_bytes;
01004
01005 rsa->n = BN_bin2bn(r.base, r.length, NULL);
01006
01007 key->key_size = BN_num_bits(rsa->n);
01008
01009 isc_buffer_forward(data, r.length);
01010
01011 #if USE_EVP
01012 pkey = EVP_PKEY_new();
01013 if (pkey == NULL) {
01014 RSA_free(rsa);
01015 return (ISC_R_NOMEMORY);
01016 }
01017 if (!EVP_PKEY_set1_RSA(pkey, rsa)) {
01018 EVP_PKEY_free(pkey);
01019 RSA_free(rsa);
01020 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
01021 }
01022 key->keydata.pkey = pkey;
01023 RSA_free(rsa);
01024 #else
01025 key->keydata.rsa = rsa;
01026 #endif
01027
01028 return (ISC_R_SUCCESS);
01029 }
01030
01031 static isc_result_t
01032 opensslrsa_tofile(const dst_key_t *key, const char *directory) {
01033 int i;
01034 RSA *rsa;
01035 dst_private_t priv;
01036 unsigned char *bufs[8];
01037 isc_result_t result;
01038
01039 #if USE_EVP
01040 if (key->keydata.pkey == NULL)
01041 return (DST_R_NULLKEY);
01042 rsa = EVP_PKEY_get1_RSA(key->keydata.pkey);
01043 if (rsa == NULL)
01044 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
01045 #else
01046 if (key->keydata.rsa == NULL)
01047 return (DST_R_NULLKEY);
01048 rsa = key->keydata.rsa;
01049 #endif
01050 memset(bufs, 0, sizeof(bufs));
01051
01052 if (key->external) {
01053 priv.nelements = 0;
01054 result = dst__privstruct_writefile(key, &priv, directory);
01055 goto fail;
01056 }
01057
01058 for (i = 0; i < 8; i++) {
01059 bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(rsa->n));
01060 if (bufs[i] == NULL) {
01061 result = ISC_R_NOMEMORY;
01062 goto fail;
01063 }
01064 }
01065
01066 i = 0;
01067
01068 priv.elements[i].tag = TAG_RSA_MODULUS;
01069 priv.elements[i].length = BN_num_bytes(rsa->n);
01070 BN_bn2bin(rsa->n, bufs[i]);
01071 priv.elements[i].data = bufs[i];
01072 i++;
01073
01074 priv.elements[i].tag = TAG_RSA_PUBLICEXPONENT;
01075 priv.elements[i].length = BN_num_bytes(rsa->e);
01076 BN_bn2bin(rsa->e, bufs[i]);
01077 priv.elements[i].data = bufs[i];
01078 i++;
01079
01080 if (rsa->d != NULL) {
01081 priv.elements[i].tag = TAG_RSA_PRIVATEEXPONENT;
01082 priv.elements[i].length = BN_num_bytes(rsa->d);
01083 BN_bn2bin(rsa->d, bufs[i]);
01084 priv.elements[i].data = bufs[i];
01085 i++;
01086 }
01087
01088 if (rsa->p != NULL) {
01089 priv.elements[i].tag = TAG_RSA_PRIME1;
01090 priv.elements[i].length = BN_num_bytes(rsa->p);
01091 BN_bn2bin(rsa->p, bufs[i]);
01092 priv.elements[i].data = bufs[i];
01093 i++;
01094 }
01095
01096 if (rsa->q != NULL) {
01097 priv.elements[i].tag = TAG_RSA_PRIME2;
01098 priv.elements[i].length = BN_num_bytes(rsa->q);
01099 BN_bn2bin(rsa->q, bufs[i]);
01100 priv.elements[i].data = bufs[i];
01101 i++;
01102 }
01103
01104 if (rsa->dmp1 != NULL) {
01105 priv.elements[i].tag = TAG_RSA_EXPONENT1;
01106 priv.elements[i].length = BN_num_bytes(rsa->dmp1);
01107 BN_bn2bin(rsa->dmp1, bufs[i]);
01108 priv.elements[i].data = bufs[i];
01109 i++;
01110 }
01111
01112 if (rsa->dmq1 != NULL) {
01113 priv.elements[i].tag = TAG_RSA_EXPONENT2;
01114 priv.elements[i].length = BN_num_bytes(rsa->dmq1);
01115 BN_bn2bin(rsa->dmq1, bufs[i]);
01116 priv.elements[i].data = bufs[i];
01117 i++;
01118 }
01119
01120 if (rsa->iqmp != NULL) {
01121 priv.elements[i].tag = TAG_RSA_COEFFICIENT;
01122 priv.elements[i].length = BN_num_bytes(rsa->iqmp);
01123 BN_bn2bin(rsa->iqmp, bufs[i]);
01124 priv.elements[i].data = bufs[i];
01125 i++;
01126 }
01127
01128 if (key->engine != NULL) {
01129 priv.elements[i].tag = TAG_RSA_ENGINE;
01130 priv.elements[i].length =
01131 (unsigned short)strlen(key->engine) + 1;
01132 priv.elements[i].data = (unsigned char *)key->engine;
01133 i++;
01134 }
01135
01136 if (key->label != NULL) {
01137 priv.elements[i].tag = TAG_RSA_LABEL;
01138 priv.elements[i].length =
01139 (unsigned short)strlen(key->label) + 1;
01140 priv.elements[i].data = (unsigned char *)key->label;
01141 i++;
01142 }
01143
01144
01145 priv.nelements = i;
01146 result = dst__privstruct_writefile(key, &priv, directory);
01147 fail:
01148 #if USE_EVP
01149 RSA_free(rsa);
01150 #endif
01151 for (i = 0; i < 8; i++) {
01152 if (bufs[i] == NULL)
01153 break;
01154 isc_mem_put(key->mctx, bufs[i], BN_num_bytes(rsa->n));
01155 }
01156 return (result);
01157 }
01158
01159 static isc_result_t
01160 rsa_check(RSA *rsa, RSA *pub)
01161 {
01162
01163
01164 if (pub != NULL) {
01165 if (rsa->n != NULL) {
01166 if (BN_cmp(rsa->n, pub->n) != 0)
01167 return (DST_R_INVALIDPRIVATEKEY);
01168 } else {
01169 rsa->n = pub->n;
01170 pub->n = NULL;
01171 }
01172 if (rsa->e != NULL) {
01173 if (BN_cmp(rsa->e, pub->e) != 0)
01174 return (DST_R_INVALIDPRIVATEKEY);
01175 } else {
01176 rsa->e = pub->e;
01177 pub->e = NULL;
01178 }
01179 }
01180 if (rsa->n == NULL || rsa->e == NULL)
01181 return (DST_R_INVALIDPRIVATEKEY);
01182 return (ISC_R_SUCCESS);
01183 }
01184
01185 static isc_result_t
01186 opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
01187 dst_private_t priv;
01188 isc_result_t ret;
01189 int i;
01190 RSA *rsa = NULL, *pubrsa = NULL;
01191 #ifdef USE_ENGINE
01192 ENGINE *e = NULL;
01193 #endif
01194 isc_mem_t *mctx = key->mctx;
01195 const char *engine = NULL, *label = NULL;
01196 #if defined(USE_ENGINE) || USE_EVP
01197 EVP_PKEY *pkey = NULL;
01198 #endif
01199
01200
01201 ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
01202 if (ret != ISC_R_SUCCESS)
01203 goto err;
01204
01205 if (key->external) {
01206 if (priv.nelements != 0)
01207 DST_RET(DST_R_INVALIDPRIVATEKEY);
01208 if (pub == NULL)
01209 DST_RET(DST_R_INVALIDPRIVATEKEY);
01210 key->keydata.pkey = pub->keydata.pkey;
01211 pub->keydata.pkey = NULL;
01212 key->key_size = pub->key_size;
01213 dst__privstruct_free(&priv, mctx);
01214 memset(&priv, 0, sizeof(priv));
01215 return (ISC_R_SUCCESS);
01216 }
01217
01218 #if USE_EVP
01219 if (pub != NULL && pub->keydata.pkey != NULL)
01220 pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey);
01221 #else
01222 if (pub != NULL && pub->keydata.rsa != NULL) {
01223 pubrsa = pub->keydata.rsa;
01224 pub->keydata.rsa = NULL;
01225 }
01226 #endif
01227
01228 for (i = 0; i < priv.nelements; i++) {
01229 switch (priv.elements[i].tag) {
01230 case TAG_RSA_ENGINE:
01231 engine = (char *)priv.elements[i].data;
01232 break;
01233 case TAG_RSA_LABEL:
01234 label = (char *)priv.elements[i].data;
01235 break;
01236 default:
01237 break;
01238 }
01239 }
01240
01241
01242
01243
01244
01245 if (label != NULL) {
01246 #ifdef USE_ENGINE
01247 if (engine == NULL)
01248 DST_RET(DST_R_NOENGINE);
01249 e = dst__openssl_getengine(engine);
01250 if (e == NULL)
01251 DST_RET(DST_R_NOENGINE);
01252 pkey = ENGINE_load_private_key(e, label, NULL, NULL);
01253 if (pkey == NULL)
01254 DST_RET(dst__openssl_toresult2(
01255 "ENGINE_load_private_key",
01256 ISC_R_NOTFOUND));
01257 key->engine = isc_mem_strdup(key->mctx, engine);
01258 if (key->engine == NULL)
01259 DST_RET(ISC_R_NOMEMORY);
01260 key->label = isc_mem_strdup(key->mctx, label);
01261 if (key->label == NULL)
01262 DST_RET(ISC_R_NOMEMORY);
01263 rsa = EVP_PKEY_get1_RSA(pkey);
01264 if (rsa == NULL)
01265 DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
01266 if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
01267 DST_RET(DST_R_INVALIDPRIVATEKEY);
01268 if (BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS)
01269 DST_RET(ISC_R_RANGE);
01270 if (pubrsa != NULL)
01271 RSA_free(pubrsa);
01272 key->key_size = EVP_PKEY_bits(pkey);
01273 #if USE_EVP
01274 key->keydata.pkey = pkey;
01275 RSA_free(rsa);
01276 #else
01277 key->keydata.rsa = rsa;
01278 EVP_PKEY_free(pkey);
01279 #endif
01280 dst__privstruct_free(&priv, mctx);
01281 memset(&priv, 0, sizeof(priv));
01282 return (ISC_R_SUCCESS);
01283 #else
01284 DST_RET(DST_R_NOENGINE);
01285 #endif
01286 }
01287
01288 rsa = RSA_new();
01289 if (rsa == NULL)
01290 DST_RET(ISC_R_NOMEMORY);
01291 SET_FLAGS(rsa);
01292
01293 #if USE_EVP
01294 pkey = EVP_PKEY_new();
01295 if (pkey == NULL)
01296 DST_RET(ISC_R_NOMEMORY);
01297 if (!EVP_PKEY_set1_RSA(pkey, rsa))
01298 DST_RET(ISC_R_FAILURE);
01299 key->keydata.pkey = pkey;
01300 #else
01301 key->keydata.rsa = rsa;
01302 #endif
01303
01304 for (i = 0; i < priv.nelements; i++) {
01305 BIGNUM *bn;
01306 switch (priv.elements[i].tag) {
01307 case TAG_RSA_ENGINE:
01308 continue;
01309 case TAG_RSA_LABEL:
01310 continue;
01311 default:
01312 bn = BN_bin2bn(priv.elements[i].data,
01313 priv.elements[i].length, NULL);
01314 if (bn == NULL)
01315 DST_RET(ISC_R_NOMEMORY);
01316 }
01317
01318 switch (priv.elements[i].tag) {
01319 case TAG_RSA_MODULUS:
01320 rsa->n = bn;
01321 break;
01322 case TAG_RSA_PUBLICEXPONENT:
01323 rsa->e = bn;
01324 break;
01325 case TAG_RSA_PRIVATEEXPONENT:
01326 rsa->d = bn;
01327 break;
01328 case TAG_RSA_PRIME1:
01329 rsa->p = bn;
01330 break;
01331 case TAG_RSA_PRIME2:
01332 rsa->q = bn;
01333 break;
01334 case TAG_RSA_EXPONENT1:
01335 rsa->dmp1 = bn;
01336 break;
01337 case TAG_RSA_EXPONENT2:
01338 rsa->dmq1 = bn;
01339 break;
01340 case TAG_RSA_COEFFICIENT:
01341 rsa->iqmp = bn;
01342 break;
01343 }
01344 }
01345 dst__privstruct_free(&priv, mctx);
01346 memset(&priv, 0, sizeof(priv));
01347
01348 if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
01349 DST_RET(DST_R_INVALIDPRIVATEKEY);
01350 if (BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS)
01351 DST_RET(ISC_R_RANGE);
01352 key->key_size = BN_num_bits(rsa->n);
01353 if (pubrsa != NULL)
01354 RSA_free(pubrsa);
01355 #if USE_EVP
01356 RSA_free(rsa);
01357 #endif
01358
01359 return (ISC_R_SUCCESS);
01360
01361 err:
01362 #if USE_EVP
01363 if (pkey != NULL)
01364 EVP_PKEY_free(pkey);
01365 #endif
01366 if (rsa != NULL)
01367 RSA_free(rsa);
01368 if (pubrsa != NULL)
01369 RSA_free(pubrsa);
01370 key->keydata.generic = NULL;
01371 dst__privstruct_free(&priv, mctx);
01372 memset(&priv, 0, sizeof(priv));
01373 return (ret);
01374 }
01375
01376 static isc_result_t
01377 opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
01378 const char *pin)
01379 {
01380 #ifdef USE_ENGINE
01381 ENGINE *e = NULL;
01382 isc_result_t ret;
01383 EVP_PKEY *pkey = NULL;
01384 RSA *rsa = NULL, *pubrsa = NULL;
01385 char *colon;
01386
01387 UNUSED(pin);
01388
01389 if (engine == NULL)
01390 DST_RET(DST_R_NOENGINE);
01391 e = dst__openssl_getengine(engine);
01392 if (e == NULL)
01393 DST_RET(DST_R_NOENGINE);
01394 pkey = ENGINE_load_public_key(e, label, NULL, NULL);
01395 if (pkey != NULL) {
01396 pubrsa = EVP_PKEY_get1_RSA(pkey);
01397 EVP_PKEY_free(pkey);
01398 if (pubrsa == NULL)
01399 DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
01400 }
01401 pkey = ENGINE_load_private_key(e, label, NULL, NULL);
01402 if (pkey == NULL)
01403 DST_RET(dst__openssl_toresult2("ENGINE_load_private_key",
01404 ISC_R_NOTFOUND));
01405 if (engine != NULL) {
01406 key->engine = isc_mem_strdup(key->mctx, engine);
01407 if (key->engine == NULL)
01408 DST_RET(ISC_R_NOMEMORY);
01409 } else {
01410 key->engine = isc_mem_strdup(key->mctx, label);
01411 if (key->engine == NULL)
01412 DST_RET(ISC_R_NOMEMORY);
01413 colon = strchr(key->engine, ':');
01414 if (colon != NULL)
01415 *colon = '\0';
01416 }
01417 key->label = isc_mem_strdup(key->mctx, label);
01418 if (key->label == NULL)
01419 DST_RET(ISC_R_NOMEMORY);
01420 rsa = EVP_PKEY_get1_RSA(pkey);
01421 if (rsa == NULL)
01422 DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
01423 if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
01424 DST_RET(DST_R_INVALIDPRIVATEKEY);
01425 if (BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS)
01426 DST_RET(ISC_R_RANGE);
01427 if (pubrsa != NULL)
01428 RSA_free(pubrsa);
01429 key->key_size = EVP_PKEY_bits(pkey);
01430 #if USE_EVP
01431 key->keydata.pkey = pkey;
01432 RSA_free(rsa);
01433 #else
01434 key->keydata.rsa = rsa;
01435 EVP_PKEY_free(pkey);
01436 #endif
01437 return (ISC_R_SUCCESS);
01438
01439 err:
01440 if (rsa != NULL)
01441 RSA_free(rsa);
01442 if (pubrsa != NULL)
01443 RSA_free(pubrsa);
01444 if (pkey != NULL)
01445 EVP_PKEY_free(pkey);
01446 return (ret);
01447 #else
01448 UNUSED(key);
01449 UNUSED(engine);
01450 UNUSED(label);
01451 UNUSED(pin);
01452 return(DST_R_NOENGINE);
01453 #endif
01454 }
01455
01456 static dst_func_t opensslrsa_functions = {
01457 opensslrsa_createctx,
01458 NULL,
01459 opensslrsa_destroyctx,
01460 opensslrsa_adddata,
01461 opensslrsa_sign,
01462 opensslrsa_verify,
01463 opensslrsa_verify2,
01464 NULL,
01465 opensslrsa_compare,
01466 NULL,
01467 opensslrsa_generate,
01468 opensslrsa_isprivate,
01469 opensslrsa_destroy,
01470 opensslrsa_todns,
01471 opensslrsa_fromdns,
01472 opensslrsa_tofile,
01473 opensslrsa_parse,
01474 NULL,
01475 opensslrsa_fromlabel,
01476 NULL,
01477 NULL,
01478 };
01479
01480 isc_result_t
01481 dst__opensslrsa_init(dst_func_t **funcp, unsigned char algorithm) {
01482 REQUIRE(funcp != NULL);
01483
01484 if (*funcp == NULL) {
01485 switch (algorithm) {
01486 case DST_ALG_RSASHA256:
01487 #if defined(HAVE_EVP_SHA256) || !USE_EVP
01488 *funcp = &opensslrsa_functions;
01489 #endif
01490 break;
01491 case DST_ALG_RSASHA512:
01492 #if defined(HAVE_EVP_SHA512) || !USE_EVP
01493 *funcp = &opensslrsa_functions;
01494 #endif
01495 break;
01496 default:
01497 *funcp = &opensslrsa_functions;
01498 break;
01499 }
01500 }
01501 return (ISC_R_SUCCESS);
01502 }
01503
01504 #else
01505
01506 #include <isc/util.h>
01507
01508 EMPTY_TRANSLATION_UNIT
01509
01510 #endif
01511