aboutsummaryrefslogtreecommitdiffstats
path: root/Source/charon/transforms/rsa
diff options
context:
space:
mode:
Diffstat (limited to 'Source/charon/transforms/rsa')
-rw-r--r--Source/charon/transforms/rsa/Makefile.rsa23
-rw-r--r--Source/charon/transforms/rsa/rsa_private_key.c597
-rw-r--r--Source/charon/transforms/rsa/rsa_private_key.h185
-rw-r--r--Source/charon/transforms/rsa/rsa_public_key.c468
-rw-r--r--Source/charon/transforms/rsa/rsa_public_key.h153
5 files changed, 0 insertions, 1426 deletions
diff --git a/Source/charon/transforms/rsa/Makefile.rsa b/Source/charon/transforms/rsa/Makefile.rsa
deleted file mode 100644
index 4afe373e7..000000000
--- a/Source/charon/transforms/rsa/Makefile.rsa
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-RSA_DIR= $(TRANSFORMS_DIR)rsa/
-
-OBJS+= $(BUILD_DIR)rsa_private_key.o
-$(BUILD_DIR)rsa_private_key.o : $(RSA_DIR)rsa_private_key.c $(RSA_DIR)rsa_private_key.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-OBJS+= $(BUILD_DIR)rsa_public_key.o
-$(BUILD_DIR)rsa_public_key.o : $(RSA_DIR)rsa_public_key.c $(RSA_DIR)rsa_public_key.h
- $(CC) $(CFLAGS) -c -o $@ $< \ No newline at end of file
diff --git a/Source/charon/transforms/rsa/rsa_private_key.c b/Source/charon/transforms/rsa/rsa_private_key.c
deleted file mode 100644
index 231aee962..000000000
--- a/Source/charon/transforms/rsa/rsa_private_key.c
+++ /dev/null
@@ -1,597 +0,0 @@
-/**
- * @file rsa_private_key.c
- *
- * @brief Implementation of rsa_private_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <gmp.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "rsa_private_key.h"
-
-#include <daemon.h>
-#include <utils/allocator.h>
-#include <asn1/der_decoder.h>
-
-
-/*
- * Oids for hash algorithms are defined in
- * rsa_public_key.c.
- */
-extern u_int8_t md2_oid[18];
-extern u_int8_t md5_oid[18];
-extern u_int8_t sha1_oid[15];
-extern u_int8_t sha256_oid[19];
-extern u_int8_t sha384_oid[19];
-extern u_int8_t sha512_oid[19];
-
-
-/**
- * Public exponent to use for key generation.
- */
-#define PUBLIC_EXPONENT 0x10001
-
-
-typedef struct private_rsa_private_key_t private_rsa_private_key_t;
-
-/**
- * Private data of a rsa_private_key_t object.
- */
-struct private_rsa_private_key_t {
- /**
- * Public interface for this signer.
- */
- rsa_private_key_t public;
-
- /**
- * Version of key, as encoded in PKCS#1
- */
- u_int version;
-
- /**
- * Public modulus.
- */
- mpz_t n;
-
- /**
- * Public exponent.
- */
- mpz_t e;
-
- /**
- * Private prime 1.
- */
- mpz_t p;
-
- /**
- * Private Prime 2.
- */
- mpz_t q;
-
- /**
- * Private exponent.
- */
- mpz_t d;
-
- /**
- * Private exponent 1.
- */
- mpz_t exp1;
-
- /**
- * Private exponent 2.
- */
- mpz_t exp2;
-
- /**
- * Private coefficient.
- */
- mpz_t coeff;
-
- /**
- * Keysize in bytes.
- */
- size_t k;
-
- /**
- * @brief Implements the RSADP algorithm specified in PKCS#1.
- *
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsadp) (private_rsa_private_key_t *this, chunk_t data);
-
- /**
- * @brief Implements the RSASP1 algorithm specified in PKCS#1.
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsasp1) (private_rsa_private_key_t *this, chunk_t data);
-
- /**
- * @brief Generate a prime value.
- *
- * @param this calling object
- * @param prime_size size of the prime, in bytes
- * @param[out] prime uninitialized mpz
- */
- void (*compute_prime) (private_rsa_private_key_t *this, size_t prime_size, mpz_t *prime);
-
-};
-
-/**
- * Rules for de-/encoding of a private key from/in ASN1
- */
-static asn1_rule_t rsa_private_key_rules[] = {
- {ASN1_SEQUENCE, 0, 0, 0},
- { ASN1_INTEGER, 0, offsetof(private_rsa_private_key_t, version), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, n), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, e), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, d), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, p), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, q), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, exp1), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, exp2), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_private_key_t, coeff), 0},
- {ASN1_END, 0, 0, 0},
-};
-
-static private_rsa_private_key_t *rsa_private_key_create_empty();
-
-/**
- * Implementation of private_rsa_private_key_t.compute_prime.
- */
-static void compute_prime(private_rsa_private_key_t *this, size_t prime_size, mpz_t *prime)
-{
- randomizer_t *randomizer;
- chunk_t random_bytes;
-
- randomizer = randomizer_create();
- mpz_init(*prime);
-
- do
- {
- randomizer->allocate_random_bytes(randomizer, prime_size, &random_bytes);
-
- /* make sure most significant bit is set */
- random_bytes.ptr[0] = random_bytes.ptr[0] | 0x80;
-
- /* convert chunk to mpz value */
- mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
-
- /* get next prime */
- mpz_nextprime (*prime, *prime);
-
- allocator_free(random_bytes.ptr);
- }
- /* check if it isnt too large */
- while (((mpz_sizeinbase(*prime, 2) + 7) / 8) > prime_size);
-
- randomizer->destroy(randomizer);
-}
-
-/**
- * Implementation of private_rsa_private_key_t.rsadp and private_rsa_private_key_t.rsasp1.
- */
-static chunk_t rsadp(private_rsa_private_key_t *this, chunk_t data)
-{
- mpz_t t1, t2;
- chunk_t decrypted;
-
- mpz_init(t1);
- mpz_init(t2);
-
- mpz_import(t1, data.len, 1, 1, 1, 0, data.ptr);
-
- mpz_powm(t2, t1, this->exp1, this->p); /* m1 = c^dP mod p */
- mpz_powm(t1, t1, this->exp2, this->q); /* m2 = c^dQ mod Q */
- mpz_sub(t2, t2, t1); /* h = qInv (m1 - m2) mod p */
- mpz_mod(t2, t2, this->p);
- mpz_mul(t2, t2, this->coeff);
- mpz_mod(t2, t2, this->p);
-
- mpz_mul(t2, t2, this->q); /* m = m2 + h q */
- mpz_add(t1, t1, t2);
-
- decrypted.len = this->k;
- decrypted.ptr = mpz_export(NULL, NULL, 1, decrypted.len, 1, 0, t1);
-
- mpz_clear(t1);
- mpz_clear(t2);
-
- return decrypted;
-}
-
-/**
- * Implementation of rsa_private_key.build_emsa_signature.
- */
-static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature)
-{
- hasher_t *hasher;
- chunk_t hash;
- chunk_t oid;
- chunk_t em;
-
- /* get oid string prepended to hash */
- switch (hash_algorithm)
- {
- case HASH_MD2:
- {
- oid.ptr = md2_oid;
- oid.len = sizeof(md2_oid);
- break;
- }
- case HASH_MD5:
- {
- oid.ptr = md5_oid;
- oid.len = sizeof(md5_oid);
- break;
- }
- case HASH_SHA1:
- {
- oid.ptr = sha1_oid;
- oid.len = sizeof(sha1_oid);
- break;
- }
- case HASH_SHA256:
- {
- oid.ptr = sha256_oid;
- oid.len = sizeof(sha256_oid);
- break;
- }
- case HASH_SHA384:
- {
- oid.ptr = sha384_oid;
- oid.len = sizeof(sha384_oid);
- break;
- }
- case HASH_SHA512:
- {
- oid.ptr = sha512_oid;
- oid.len = sizeof(sha512_oid);
- break;
- }
- default:
- {
- return NOT_SUPPORTED;
- }
- }
-
- /* get hasher */
- hasher = hasher_create(hash_algorithm);
- if (hasher == NULL)
- {
- return NOT_SUPPORTED;
- }
-
- /* build hash */
- hasher->allocate_hash(hasher, data, &hash);
- hasher->destroy(hasher);
-
- /* build chunk to rsa-decrypt:
- * EM = 0x00 || 0x01 || PS || 0x00 || T.
- * PS = 0xFF padding, with length to fill em
- * T = oid || hash
- */
- em.len = this->k;
- em.ptr = allocator_alloc(em.len);
-
- /* fill em with padding */
- memset(em.ptr, 0xFF, em.len);
- /* set magic bytes */
- *(em.ptr) = 0x00;
- *(em.ptr+1) = 0x01;
- *(em.ptr + em.len - hash.len - oid.len - 1) = 0x00;
- /* set hash */
- memcpy(em.ptr + em.len - hash.len, hash.ptr, hash.len);
- /* set oid */
- memcpy(em.ptr + em.len - hash.len - oid.len, oid.ptr, oid.len);
-
-
- /* build signature */
- *signature = this->rsasp1(this, em);
-
- allocator_free(hash.ptr);
- allocator_free(em.ptr);
-
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_private_key.get_key.
- */
-static status_t get_key(private_rsa_private_key_t *this, chunk_t *key)
-{
- chunk_t n, e, p, q, d, exp1, exp2, coeff;
-
- n.len = this->k;
- n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
- e.len = this->k;
- e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
- p.len = this->k;
- p.ptr = mpz_export(NULL, NULL, 1, p.len, 1, 0, this->p);
- q.len = this->k;
- q.ptr = mpz_export(NULL, NULL, 1, q.len, 1, 0, this->q);
- d.len = this->k;
- d.ptr = mpz_export(NULL, NULL, 1, d.len, 1, 0, this->d);
- exp1.len = this->k;
- exp1.ptr = mpz_export(NULL, NULL, 1, exp1.len, 1, 0, this->exp1);
- exp2.len = this->k;
- exp2.ptr = mpz_export(NULL, NULL, 1, exp2.len, 1, 0, this->exp2);
- coeff.len = this->k;
- coeff.ptr = mpz_export(NULL, NULL, 1, coeff.len, 1, 0, this->coeff);
-
- key->len = this->k * 8;
- key->ptr = allocator_alloc(key->len);
- memcpy(key->ptr + this->k * 0, n.ptr , n.len);
- memcpy(key->ptr + this->k * 1, e.ptr, e.len);
- memcpy(key->ptr + this->k * 2, p.ptr, p.len);
- memcpy(key->ptr + this->k * 3, q.ptr, q.len);
- memcpy(key->ptr + this->k * 4, d.ptr, d.len);
- memcpy(key->ptr + this->k * 5, exp1.ptr, exp1.len);
- memcpy(key->ptr + this->k * 6, exp2.ptr, exp2.len);
- memcpy(key->ptr + this->k * 7, coeff.ptr, coeff.len);
-
- allocator_free(n.ptr);
- allocator_free(e.ptr);
- allocator_free(p.ptr);
- allocator_free(q.ptr);
- allocator_free(d.ptr);
- allocator_free(exp1.ptr);
- allocator_free(exp2.ptr);
- allocator_free(coeff.ptr);
-
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_private_key.save_key.
- */
-static status_t save_key(private_rsa_private_key_t *this, char *file)
-{
- return NOT_SUPPORTED;
-}
-
-/**
- * Implementation of rsa_private_key.get_public_key.
- */
-rsa_public_key_t *get_public_key(private_rsa_private_key_t *this)
-{
- return NULL;
-}
-
-/**
- * Implementation of rsa_private_key.belongs_to.
- */
-bool belongs_to(private_rsa_private_key_t *this, rsa_public_key_t *public)
-{
- if (mpz_cmp(this->n, *public->get_modulus(public)) == 0)
- {
- return TRUE;
- }
- return FALSE;
-}
-
-/**
- * Implementation of rsa_private_key.clone.
- */
-static rsa_private_key_t* _clone(private_rsa_private_key_t *this)
-{
- private_rsa_private_key_t *clone = rsa_private_key_create_empty();
-
- mpz_init_set(clone->n, this->n);
- mpz_init_set(clone->e, this->e);
- mpz_init_set(clone->p, this->p);
- mpz_init_set(clone->q, this->q);
- mpz_init_set(clone->d, this->d);
- mpz_init_set(clone->exp1, this->exp1);
- mpz_init_set(clone->exp2, this->exp2);
- mpz_init_set(clone->coeff, this->coeff);
- clone->k = this->k;
-
- return &clone->public;
-}
-
-/**
- * Implementation of rsa_private_key.destroy.
- */
-static void destroy(private_rsa_private_key_t *this)
-{
- mpz_clear(this->n);
- mpz_clear(this->e);
- mpz_clear(this->p);
- mpz_clear(this->q);
- mpz_clear(this->d);
- mpz_clear(this->exp1);
- mpz_clear(this->exp2);
- mpz_clear(this->coeff);
- allocator_free(this);
-}
-
-/**
- * Internal generic constructor
- */
-static private_rsa_private_key_t *rsa_private_key_create_empty()
-{
- private_rsa_private_key_t *this = allocator_alloc_thing(private_rsa_private_key_t);
-
- /* public functions */
- this->public.build_emsa_pkcs1_signature = (status_t (*) (rsa_private_key_t*,hash_algorithm_t,chunk_t,chunk_t*))build_emsa_pkcs1_signature;
- this->public.get_key = (status_t (*) (rsa_private_key_t*,chunk_t*))get_key;
- this->public.save_key = (status_t (*) (rsa_private_key_t*,char*))save_key;
- this->public.get_public_key = (rsa_public_key_t *(*) (rsa_private_key_t*))get_public_key;
- this->public.belongs_to = (bool (*) (rsa_private_key_t*,rsa_public_key_t*))belongs_to;
- this->public.clone = (rsa_private_key_t*(*)(rsa_private_key_t*))_clone;
- this->public.destroy = (void (*) (rsa_private_key_t*))destroy;
-
- /* private functions */
- this->rsadp = rsadp;
- this->rsasp1 = rsadp; /* same algorithm */
- this->compute_prime = compute_prime;
-
- return this;
-}
-
-/*
- * See header
- */
-rsa_private_key_t *rsa_private_key_create(size_t key_size)
-{
- mpz_t p, q, n, e, d, exp1, exp2, coeff;
- mpz_t m, q1, t;
- private_rsa_private_key_t *this;
-
- this = rsa_private_key_create_empty();
-
- key_size = key_size / 8;
-
- mpz_init(t);
- mpz_init(n);
- mpz_init(d);
- mpz_init(exp1);
- mpz_init(exp2);
- mpz_init(coeff);
-
- /* Get values of primes p and q */
- this->compute_prime(this, key_size/2, &p);
- this->compute_prime(this, key_size/2, &q);
-
- /* Swapping Primes so p is larger then q */
- if (mpz_cmp(p, q) < 0)
- {
- mpz_set(t, p);
- mpz_set(p, q);
- mpz_set(q, t);
- }
-
- mpz_mul(n, p, q); /* n = p*q */
- mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */
- mpz_init_set(m, p); /* m = p */
- mpz_sub_ui(m, m, 1); /* m = m -1 */
- mpz_init_set(q1, q); /* q1 = q */
- mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */
- mpz_gcd(t, m, q1); /* t = gcd(p-1, q-1) */
- mpz_mul(m, m, q1); /* m = (p-1)*(q-1) */
- mpz_divexact(m, m, t); /* m = m / t */
- mpz_gcd(t, m, e); /* t = gcd(m, e) (greatest common divisor) */
-
- mpz_invert(d, e, m); /* e has an inverse mod m */
- if (mpz_cmp_ui(d, 0) < 0) /* make sure d is positive */
- {
- mpz_add(d, d, m);
- }
- mpz_sub_ui(t, p, 1); /* t = p-1 */
- mpz_mod(exp1, d, t); /* exp1 = d mod p-1 */
- mpz_sub_ui(t, q, 1); /* t = q-1 */
- mpz_mod(exp2, d, t); /* exp2 = d mod q-1 */
-
- mpz_invert(coeff, q, p); /* coeff = q^-1 mod p */
- if (mpz_cmp_ui(coeff, 0) < 0) /* make coeff d is positive */
- {
- mpz_add(coeff, coeff, p);
- }
-
- mpz_clear(q1);
- mpz_clear(m);
- mpz_clear(t);
-
- /* apply values */
- *(this->p) = *p;
- *(this->q) = *q;
- *(this->n) = *n;
- *(this->e) = *e;
- *(this->d) = *d;
- *(this->exp1) = *exp1;
- *(this->exp2) = *exp2;
- *(this->coeff) = *coeff;
-
- /* set key size in bytes */
- this->k = key_size;
-
- return &this->public;
-}
-
-/*
- * see header
- */
-rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk)
-{
- private_rsa_private_key_t *this;
- der_decoder_t *dd;
- status_t status;
-
- this = rsa_private_key_create_empty();
-
- mpz_init(this->n);
- mpz_init(this->e);
- mpz_init(this->p);
- mpz_init(this->q);
- mpz_init(this->d);
- mpz_init(this->exp1);
- mpz_init(this->exp2);
- mpz_init(this->coeff);
-
- dd = der_decoder_create(rsa_private_key_rules);
- status = dd->decode(dd, chunk, this);
- dd->destroy(dd);
- if (status != SUCCESS)
- {
- destroy(this);
- return NULL;
- }
- this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
- return &this->public;
-}
-
-/*
- * see header
- */
-rsa_private_key_t *rsa_private_key_create_from_file(char *filename, char *passphrase)
-{
- chunk_t chunk;
- struct stat stb;
- FILE *file;
- char *buffer;
-
- if (stat(filename, &stb) == -1)
- {
- return NULL;
- }
-
- buffer = alloca(stb.st_size);
-
- file = fopen(filename, "r");
- if (file == NULL)
- {
- return NULL;
- }
-
- if (fread(buffer, stb.st_size, 1, file) != 1)
- {
- return NULL;
- }
-
- chunk.ptr = buffer;
- chunk.len = stb.st_size;
-
- return rsa_private_key_create_from_chunk(chunk);
-}
diff --git a/Source/charon/transforms/rsa/rsa_private_key.h b/Source/charon/transforms/rsa/rsa_private_key.h
deleted file mode 100644
index 3ca760042..000000000
--- a/Source/charon/transforms/rsa/rsa_private_key.h
+++ /dev/null
@@ -1,185 +0,0 @@
-/**
- * @file rsa_private_key.h
- *
- * @brief Interface of rsa_private_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef RSA_PRIVATE_KEY_H_
-#define RSA_PRIVATE_KEY_H_
-
-#include <types.h>
-#include <definitions.h>
-#include <transforms/rsa/rsa_public_key.h>
-#include <transforms/hashers/hasher.h>
-
-
-typedef struct rsa_private_key_t rsa_private_key_t;
-
-/**
- * @brief RSA private key with associated functions.
- *
- * Currently only supports signing using EMSA encoding.
- *
- * @b Constructors:
- * - rsa_private_key_create()
- * - rsa_private_key_create_from_chunk()
- * - rsa_private_key_create_from_file()
- *
- * @see rsa_public_key_t
- *
- * @todo Implement get_key(), save_key(), get_public_key()
- *
- * @ingroup rsa
- */
-struct rsa_private_key_t {
-
- /**
- * @brief Build a signature over a chunk using EMSA-PKCS1 encoding.
- *
- * This signature creates a hash using the specified hash algorithm, concatenates
- * it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
- * on it.
- *
- * @param this calling object
- * @param hash_algorithm hash algorithm to use for hashing
- * @param data data to sign
- * @param[out] signature allocated signature
- * @return
- * - SUCCESS
- * - INVALID_STATE, if key not set
- * - NOT_SUPPORTED, if hash algorithm not supported
- */
- status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
-
- /**
- * @brief Gets the key.
- *
- * UNIMPLEMENTED!
- *
- * @param this calling object
- * @param key key (in a propriarity format)
- * @return
- * - SUCCESS
- * - INVALID_STATE, if key not set
- */
- status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
-
- /**
- * @brief Saves a key to a file.
- *
- * Not implemented!
- *
- * @param this calling object
- * @param file file to which the key should be written.
- * @return NOT_SUPPORTED
- */
- status_t (*save_key) (rsa_private_key_t *this, char *file);
-
- /**
- * @brief Generate a new key.
- *
- * Generates a new private_key with specified key size
- *
- * @param this calling object
- * @param key_size size of the key in bits
- * @return
- * - SUCCESS
- * - INVALID_ARG if key_size invalid
- */
- status_t (*generate_key) (rsa_private_key_t *this, size_t key_size);
-
- /**
- * @brief Create a rsa_public_key_t with the public
- * parts of the key.
- *
- * @param this calling object
- * @return public_key
- */
- rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
-
- /**
- * @brief Check if a private key belongs to a public key.
- *
- * Compares the public part of the private key with the
- * public key, return TRUE if it equals.
- *
- * @param this private key
- * @param public public key
- * @return TRUE, if keys belong together
- */
- bool (*belongs_to) (rsa_private_key_t *this, rsa_public_key_t *public);
-
- /**
- * @brief Clone the private key.
- *
- * @param this private key to clone
- * @return clone of this
- */
- rsa_private_key_t *(*clone) (rsa_private_key_t *this);
-
- /**
- * @brief Destroys the private key.
- *
- * @param this private key to destroy
- */
- void (*destroy) (rsa_private_key_t *this);
-};
-
-/**
- * @brief Generate a new RSA key with specified key lenght.
- *
- * @param key_size size of the key in bits
- * @return generated rsa_private_key_t.
- *
- * @ingroup rsa
- */
-rsa_private_key_t *rsa_private_key_create(size_t key_size);
-
-/**
- * @brief Load an RSA private key from a chunk.
- *
- * Load a key from a chunk, encoded as described in PKCS#1
- * (ASN1 DER encoded).
- *
- * @param chunk chunk containing the DER encoded key
- * @return loaded rsa_private_key_t, or NULL
- *
- * @ingroup rsa
- */
-rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk);
-
-/**
- * @brief Load an RSA private key from a file.
- *
- * Load a key from a file, which is either in a unencrypted binary
- * format (DER), or in a (encrypted) PEM format. The supplied
- * passphrase is used to decrypt an ecrypted key.
- *
- * @param filename filename which holds the key
- * @param passphrase optional passphase for decryption
- * @return loaded rsa_private_key_t, or NULL
- *
- * @todo Implement PEM file loading
- * @todo Implement key decryption
- *
- * @ingroup rsa
- */
-rsa_private_key_t *rsa_private_key_create_from_file(char *filename, char *passphrase);
-
-#endif /*RSA_PRIVATE_KEY_H_*/
diff --git a/Source/charon/transforms/rsa/rsa_public_key.c b/Source/charon/transforms/rsa/rsa_public_key.c
deleted file mode 100644
index 5a3df1f10..000000000
--- a/Source/charon/transforms/rsa/rsa_public_key.c
+++ /dev/null
@@ -1,468 +0,0 @@
-/**
- * @file rsa_public_key.c
- *
- * @brief Implementation of rsa_public_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <gmp.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "rsa_public_key.h"
-
-#include <daemon.h>
-#include <utils/allocator.h>
-#include <transforms/hashers/hasher.h>
-#include <asn1/der_decoder.h>
-
-/*
- * For simplicity,
- * we use these predefined values for
- * hash algorithm OIDs. These also contain
- * the length of the following hash.
- * These values are also used in rsa_private_key.c.
- */
-
-u_int8_t md2_oid[] = {
- 0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,
- 0x48,0x86,0xf7,0x0d,0x02,0x02,0x05,0x00,
- 0x04,0x10
-};
-
-u_int8_t md5_oid[] = {
- 0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,
- 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,
- 0x04,0x10
-};
-
-u_int8_t sha1_oid[] = {
- 0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,
- 0x03,0x02,0x1a,0x05,0x00,0x04,0x14
-};
-
-u_int8_t sha256_oid[] = {
- 0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,
- 0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,
- 0x00,0x04,0x20
-};
-
-u_int8_t sha384_oid[] = {
- 0x30,0x41,0x30,0x0d,0x06,0x09,0x60,0x86,
- 0x48,0x01,0x65,0x03,0x04,0x02,0x02,0x05,
- 0x00,0x04,0x30
-};
-
-u_int8_t sha512_oid[] = {
- 0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,
- 0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,
- 0x00,0x04,0x40
-};
-
-
-typedef struct private_rsa_public_key_t private_rsa_public_key_t;
-
-/**
- * Private data structure with signing context.
- */
-struct private_rsa_public_key_t {
- /**
- * Public interface for this signer.
- */
- rsa_public_key_t public;
-
- /**
- * Public modulus.
- */
- mpz_t n;
-
- /**
- * Public exponent.
- */
- mpz_t e;
-
- /**
- * Keysize in bytes.
- */
- size_t k;
-
- /**
- * @brief Implements the RSAEP algorithm specified in PKCS#1.
- *
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsaep) (private_rsa_public_key_t *this, chunk_t data);
-
- /**
- * @brief Implements the RSASVP1 algorithm specified in PKCS#1.
- *
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsavp1) (private_rsa_public_key_t *this, chunk_t data);
-};
-
-
-typedef struct rsa_public_key_info_t rsa_public_key_info_t;
-
-/**
- * KeyInfo, as it appears in a public key file
- */
-struct rsa_public_key_info_t {
- /**
- * Algorithm for this key
- */
- chunk_t algorithm_oid;
-
- /**
- * Public key, parseable with rsa_public_key_rules
- */
- chunk_t public_key;
-};
-
-/**
- * Rules for de-/encoding of a public key from/in ASN1
- */
-static asn1_rule_t rsa_public_key_rules[] = {
- {ASN1_SEQUENCE, 0, 0, 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_public_key_t, n), 0},
- { ASN1_INTEGER, ASN1_MPZ, offsetof(private_rsa_public_key_t, e), 0},
- {ASN1_END, 0, 0, 0},
-};
-
-/**
- * Rules for de-/encoding of a PublicKeyInfo from/in ASN1
- */
-static asn1_rule_t rsa_public_key_info_rules[] = {
- {ASN1_SEQUENCE, 0, 0, 0},
- { ASN1_SEQUENCE, 0, 0, 0},
- { ASN1_OID, 0, offsetof(rsa_public_key_info_t, algorithm_oid), 0},
- { ASN1_NULL, 0, 0, 0},
- { ASN1_END, 0, 0, 0},
- { ASN1_BITSTRING, 0, offsetof(rsa_public_key_info_t, public_key), 0},
- {ASN1_END, 0, 0, 0},
-};
-
-private_rsa_public_key_t *rsa_public_key_create_empty();
-
-/**
- * Implementation of private_rsa_public_key_t.rsaep and private_rsa_public_key_t.rsavp1
- */
-static chunk_t rsaep(private_rsa_public_key_t *this, chunk_t data)
-{
- mpz_t m, c;
- chunk_t encrypted;
-
- mpz_init(c);
- mpz_init(m);
-
- mpz_import(m, data.len, 1, 1, 1, 0, data.ptr);
-
- mpz_powm(c, m, this->e, this->n);
-
- encrypted.len = this->k;
- encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
-
- mpz_clear(c);
- mpz_clear(m);
-
- return encrypted;
-}
-
-/**
- * Implementation of rsa_public_key.verify_emsa_pkcs1_signature.
- */
-static status_t verify_emsa_pkcs1_signature(private_rsa_public_key_t *this, chunk_t data, chunk_t signature)
-{
- hasher_t *hasher = NULL;
- chunk_t hash;
- chunk_t em;
- u_int8_t *pos;
-
- if (signature.len > this->k)
- {
- return INVALID_ARG;
- }
-
- /* unpack signature */
- em = this->rsavp1(this, signature);
-
- /* result should look like this:
- * EM = 0x00 || 0x01 || PS || 0x00 || T.
- * PS = 0xFF padding, with length to fill em
- * T = oid || hash
- */
-
- /* check magic bytes */
- if ((*(em.ptr) != 0x00) ||
- (*(em.ptr+1) != 0x01))
- {
- allocator_free(em.ptr);
- return FAILED;
- }
-
- /* find magic 0x00 */
- pos = em.ptr + 2;
- while (pos <= em.ptr + em.len)
- {
- if (*pos == 0x00)
- {
- /* found magic byte, stop */
- pos++;
- break;
- }
- else if (*pos != 0xFF)
- {
- /* bad padding, decryption failed ?!*/
- allocator_free(em.ptr);
- return FAILED;
- }
- pos++;
- }
-
- if (pos + 20 > em.ptr + em.len)
- {
- /* not enought room for oid compare */
- allocator_free(em.ptr);
- return FAILED;
- }
-
- if (memcmp(md2_oid, pos, sizeof(md2_oid)) == 0)
- {
- hasher = hasher_create(HASH_MD2);
- pos += sizeof(md2_oid);
- }
- else if (memcmp(md5_oid, pos, sizeof(md5_oid)) == 0)
- {
- hasher = hasher_create(HASH_MD5);
- pos += sizeof(md5_oid);
- }
- else if (memcmp(sha1_oid, pos, sizeof(sha1_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA1);
- pos += sizeof(sha1_oid);
- }
- else if (memcmp(sha256_oid, pos, sizeof(sha256_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA256);
- pos += sizeof(sha256_oid);
- }
- else if (memcmp(sha384_oid, pos, sizeof(sha384_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA384);
- pos += sizeof(sha384_oid);
- }
- else if (memcmp(sha512_oid, pos, sizeof(sha512_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA512);
- pos += sizeof(sha512_oid);
- }
-
- if (hasher == NULL)
- {
- /* not supported hash algorithm */
- allocator_free(em.ptr);
- return NOT_SUPPORTED;
- }
-
- if (pos + hasher->get_block_size(hasher) != em.ptr + em.len)
- {
- /* bad length */
- allocator_free(em.ptr);
- hasher->destroy(hasher);
- return FAILED;
- }
-
- /* build own hash for a compare */
- hasher->allocate_hash(hasher, data, &hash);
- hasher->destroy(hasher);
-
- if (memcmp(hash.ptr, pos, hash.len) != 0)
- {
- /* hash does not equal */
- allocator_free(hash.ptr);
- allocator_free(em.ptr);
- return FAILED;
-
- }
-
- /* seems good */
- allocator_free(hash.ptr);
- allocator_free(em.ptr);
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_public_key.get_key.
- */
-static status_t get_key(private_rsa_public_key_t *this, chunk_t *key)
-{
- chunk_t n, e;
-
- n.len = this->k;
- n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
- e.len = this->k;
- e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
-
- key->len = this->k * 2;
- key->ptr = allocator_alloc(key->len);
- memcpy(key->ptr, n.ptr, n.len);
- memcpy(key->ptr + n.len, e.ptr, e.len);
- allocator_free(n.ptr);
- allocator_free(e.ptr);
-
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_public_key.save_key.
- */
-static status_t save_key(private_rsa_public_key_t *this, char *file)
-{
- return NOT_SUPPORTED;
-}
-
-/**
- * Implementation of rsa_public_key.get_modulus.
- */
-static mpz_t *get_modulus(private_rsa_public_key_t *this)
-{
- return &this->n;
-}
-
-/**
- * Implementation of rsa_public_key.clone.
- */
-static rsa_public_key_t* _clone(private_rsa_public_key_t *this)
-{
- private_rsa_public_key_t *clone = rsa_public_key_create_empty();
-
- mpz_init_set(clone->n, this->n);
- mpz_init_set(clone->e, this->e);
- clone->k = this->k;
-
- return &clone->public;
-}
-
-/**
- * Implementation of rsa_public_key.destroy.
- */
-static void destroy(private_rsa_public_key_t *this)
-{
- mpz_clear(this->n);
- mpz_clear(this->e);
- allocator_free(this);
-}
-
-/**
- * Generic private constructor
- */
-private_rsa_public_key_t *rsa_public_key_create_empty()
-{
- private_rsa_public_key_t *this = allocator_alloc_thing(private_rsa_public_key_t);
-
- /* public functions */
- this->public.verify_emsa_pkcs1_signature = (status_t (*) (rsa_public_key_t*,chunk_t,chunk_t))verify_emsa_pkcs1_signature;
- this->public.get_key = (status_t (*) (rsa_public_key_t*,chunk_t*))get_key;
- this->public.save_key = (status_t (*) (rsa_public_key_t*,char*))save_key;
- this->public.get_modulus = (mpz_t *(*) (rsa_public_key_t*))get_modulus;
- this->public.clone = (rsa_public_key_t* (*) (rsa_public_key_t*))_clone;
- this->public.destroy = (void (*) (rsa_public_key_t*))destroy;
-
- /* private functions */
- this->rsaep = rsaep;
- this->rsavp1 = rsaep; /* same algorithm */
-
- return this;
-}
-
-/*
- * See header
- */
-rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk)
-{
- der_decoder_t *dd;
- status_t status;
- private_rsa_public_key_t *this;
-
- this = rsa_public_key_create_empty();
- mpz_init(this->n);
- mpz_init(this->e);
-
- dd = der_decoder_create(rsa_public_key_rules);
- status = dd->decode(dd, chunk, this);
- dd->destroy(dd);
- if (status != SUCCESS)
- {
- destroy(this);
- return NULL;
- }
- this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
- return &this->public;
-}
-
-/*
- * See header
- */
-rsa_public_key_t *rsa_public_key_create_from_file(char *filename)
-{
- struct stat stb;
- FILE *file;
- char *buffer;
- chunk_t chunk;
- rsa_public_key_info_t key_info = {CHUNK_INITIALIZER, CHUNK_INITIALIZER};
- der_decoder_t *dd;
- status_t status;
- rsa_public_key_t *public_key = NULL;
-
- if (stat(filename, &stb) == -1)
- {
- return NULL;
- }
-
- buffer = alloca(stb.st_size);
-
- file = fopen(filename, "r");
- if (file == NULL)
- {
- return NULL;
- }
-
- if (fread(buffer, stb.st_size, 1, file) != 1)
- {
- return NULL;
- }
-
- chunk.ptr = buffer;
- chunk.len = stb.st_size;
-
- /* parse public key info first */
- dd = der_decoder_create(rsa_public_key_info_rules);
- status = dd->decode(dd, chunk, &key_info);
- dd->destroy(dd);
- allocator_free_chunk(&key_info.algorithm_oid);
- if (status == SUCCESS)
- {
- public_key = rsa_public_key_create_from_chunk(chunk);
- }
- allocator_free_chunk(&key_info.public_key);
- return public_key;
-}
diff --git a/Source/charon/transforms/rsa/rsa_public_key.h b/Source/charon/transforms/rsa/rsa_public_key.h
deleted file mode 100644
index ef79153d6..000000000
--- a/Source/charon/transforms/rsa/rsa_public_key.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * @file rsa_public_key.h
- *
- * @brief Interface of rsa_public_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef RSA_PUBLIC_KEY_H_
-#define RSA_PUBLIC_KEY_H_
-
-#include <gmp.h>
-
-#include <types.h>
-#include <definitions.h>
-
-
-typedef struct rsa_public_key_t rsa_public_key_t;
-
-/**
- * @brief RSA public key with associated functions.
- *
- * Currently only supports signature verification using
- * the EMSA encoding (see PKCS1)
- *
- * @b Constructors:
- * - rsa_public_key_create_from_chunk()
- * - rsa_public_key_create_from_file()
- * - rsa_private_key_t.get_public_key()
- *
- * @see rsa_private_key_t
- *
- * @todo Implement getkey() and savekey()
- *
- * @ingroup rsa
- */
-struct rsa_public_key_t {
-
- /**
- * @brief Verify a EMSA-PKCS1 encodined signature.
- *
- * Processes the supplied signature with the RSAVP1 function,
- * selects the hash algorithm form the resultign ASN1-OID and
- * verifies the hash against the supplied data.
- *
- * @param this rsa_public_key to use
- * @param data data to sign
- * @param signature signature to verify
- * @return
- * - SUCCESS, if signature ok
- * - INVALID_STATE, if key not set
- * - NOT_SUPPORTED, if hash algorithm not supported
- * - INVALID_ARG, if signature is not a signature
- * - FAILED if signature invalid or unable to verify
- */
- status_t (*verify_emsa_pkcs1_signature) (rsa_public_key_t *this, chunk_t data, chunk_t signature);
-
- /**
- * @brief Gets the key.
- *
- * Currently uses a proprietary format which is only inteded
- * for testing. This should be replaced with a proper
- * ASN1 encoded key format, when charon gets the ASN1
- * capabilities.
- *
- * @param this calling object
- * @param key key (in a propriarity format)
- * @return
- * - SUCCESS
- * - INVALID_STATE, if key not set
- */
- status_t (*get_key) (rsa_public_key_t *this, chunk_t *key);
-
- /**
- * @brief Saves a key to a file.
- *
- * Not implemented!
- *
- * @param this calling object
- * @param file file to which the key should be written.
- * @return NOT_SUPPORTED
- */
- status_t (*save_key) (rsa_public_key_t *this, char *file);
-
- /**
- * @brief Get the modulus of the key.
- *
- * @param this calling object
- * @return modulus (n) of the key
- */
- mpz_t *(*get_modulus) (rsa_public_key_t *this);
-
- /**
- * @brief Clone the public key.
- *
- * @param this public key to clone
- * @return clone of this
- */
- rsa_public_key_t *(*clone) (rsa_public_key_t *this);
-
- /**
- * @brief Destroys the public key.
- *
- * @param this public key to destroy
- */
- void (*destroy) (rsa_public_key_t *this);
-};
-
-/**
- * @brief Load an RSA public key from a chunk.
- *
- * Load a key from a chunk, encoded in the more frequently
- * used PublicKeyInfo struct (ASN1 DER encoded).
- *
- * @param chunk chunk containing the DER encoded key
- * @return loaded rsa_public_key_t, or NULL
- *
- * @todo Check OID in PublicKeyInfo
- *
- * @ingroup rsa
- */
-rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk);
-
-/**
- * @brief Load an RSA public key from a file.
- *
- * Load a key from a file, which is either in binary
- * format (DER), or in PEM format.
- *
- * @param filename filename which holds the key
- * @return loaded rsa_public_key_t, or NULL
- *
- * @todo Implement PEM file loading
- *
- * @ingroup rsa
- */
-rsa_public_key_t *rsa_public_key_create_from_file(char *filename);
-
-#endif /*RSA_PUBLIC_KEY_H_*/