2 rsa.c -- RSA key handling
3 Copyright (C) 2007-2022 Guus Sliepen <guus@tinc-vpn.org>
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 2 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License along
16 with this program; if not, write to the Free Software Foundation, Inc.,
17 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 #include "../system.h"
27 #include "../logger.h"
29 #include "../xalloc.h"
31 // BER decoding functions
33 static int ber_read_id(unsigned char **p, size_t *buflen) {
38 if((**p & 0x1f) == 0x1f) {
45 more = *(*p)++ & 0x80;
56 return *(*p)++ & 0x1f;
60 static size_t ber_read_len(unsigned char **p, size_t *buflen) {
67 size_t len = *(*p)++ & 0x7f;
75 result = (size_t)(result << 8);
88 static bool ber_read_sequence(unsigned char **p, size_t *buflen, size_t *result) {
89 int tag = ber_read_id(p, buflen);
90 size_t len = ber_read_len(p, buflen);
103 static bool ber_read_mpi(unsigned char **p, size_t *buflen, gcry_mpi_t *mpi) {
104 int tag = ber_read_id(p, buflen);
105 size_t len = ber_read_len(p, buflen);
106 gcry_error_t err = 0;
108 if(tag != 0x02 || len > *buflen) {
113 err = gcry_mpi_scan(mpi, GCRYMPI_FMT_USG, *p, len, NULL);
119 return mpi ? !err : true;
122 rsa_t *rsa_set_hex_public_key(const char *n, const char *e) {
123 rsa_t *rsa = xzalloc(sizeof(rsa_t));
125 gcry_error_t err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL);
128 err = gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, e, 0, NULL);
132 logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno));
140 rsa_t *rsa_set_hex_private_key(const char *n, const char *e, const char *d) {
141 rsa_t *rsa = xzalloc(sizeof(rsa_t));
143 gcry_error_t err = gcry_mpi_scan(&rsa->n, GCRYMPI_FMT_HEX, n, 0, NULL);
146 err = gcry_mpi_scan(&rsa->e, GCRYMPI_FMT_HEX, e, 0, NULL);
150 err = gcry_mpi_scan(&rsa->d, GCRYMPI_FMT_HEX, d, 0, NULL);
154 logger(DEBUG_ALWAYS, LOG_ERR, "Error while reading RSA public key: %s", gcry_strerror(errno));
164 rsa_t *rsa_read_pem_public_key(FILE *fp) {
165 uint8_t derbuf[8096], *derp = derbuf;
168 if(!pem_decode(fp, "RSA PUBLIC KEY", derbuf, sizeof(derbuf), &derlen)) {
169 logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA public key: %s", strerror(errno));
173 rsa_t *rsa = xzalloc(sizeof(rsa_t));
175 if(!ber_read_sequence(&derp, &derlen, NULL)
176 || !ber_read_mpi(&derp, &derlen, &rsa->n)
177 || !ber_read_mpi(&derp, &derlen, &rsa->e)
179 logger(DEBUG_ALWAYS, LOG_ERR, "Error while decoding RSA public key");
187 rsa_t *rsa_read_pem_private_key(FILE *fp) {
188 uint8_t derbuf[8096], *derp = derbuf;
191 if(!pem_decode(fp, "RSA PRIVATE KEY", derbuf, sizeof(derbuf), &derlen)) {
192 logger(DEBUG_ALWAYS, LOG_ERR, "Unable to read RSA private key: %s", strerror(errno));
196 rsa_t *rsa = xzalloc(sizeof(rsa_t));
198 if(!ber_read_sequence(&derp, &derlen, NULL)
199 || !ber_read_mpi(&derp, &derlen, NULL)
200 || !ber_read_mpi(&derp, &derlen, &rsa->n)
201 || !ber_read_mpi(&derp, &derlen, &rsa->e)
202 || !ber_read_mpi(&derp, &derlen, &rsa->d)
203 || !ber_read_mpi(&derp, &derlen, NULL) // p
204 || !ber_read_mpi(&derp, &derlen, NULL) // q
205 || !ber_read_mpi(&derp, &derlen, NULL)
206 || !ber_read_mpi(&derp, &derlen, NULL)
207 || !ber_read_mpi(&derp, &derlen, NULL) // u
209 logger(DEBUG_ALWAYS, LOG_ERR, "Error while decoding RSA private key");
217 size_t rsa_size(const rsa_t *rsa) {
218 return (gcry_mpi_get_nbits(rsa->n) + 7) / 8;
221 /* Well, libgcrypt has functions to handle RSA keys, but they suck.
222 * So we just use libgcrypt's mpi functions, and do the math ourselves.
225 // TODO: get rid of this macro, properly clean up gcry_ structures after use
226 #define check(foo) { gcry_error_t err = (foo); if(err) {logger(DEBUG_ALWAYS, LOG_ERR, "gcrypt error %s/%s at %s:%d", gcry_strsource(err), gcry_strerror(err), __FILE__, __LINE__); return false; }}
228 bool rsa_public_encrypt(rsa_t *rsa, const void *in, size_t len, void *out) {
230 check(gcry_mpi_scan(&inmpi, GCRYMPI_FMT_USG, in, len, NULL));
232 gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
233 gcry_mpi_powm(outmpi, inmpi, rsa->e, rsa->n);
235 size_t out_bytes = (gcry_mpi_get_nbits(outmpi) + 7) / 8;
236 size_t pad = len - MIN(out_bytes, len);
237 unsigned char *pout = out;
243 check(gcry_mpi_print(GCRYMPI_FMT_USG, pout, len, NULL, outmpi));
248 bool rsa_private_decrypt(rsa_t *rsa, const void *in, size_t len, void *out) {
250 check(gcry_mpi_scan(&inmpi, GCRYMPI_FMT_USG, in, len, NULL));
252 gcry_mpi_t outmpi = gcry_mpi_new(len * 8);
253 gcry_mpi_powm(outmpi, inmpi, rsa->d, rsa->n);
255 size_t pad = len - (gcry_mpi_get_nbits(outmpi) + 7) / 8;
256 unsigned char *pout = out;
262 check(gcry_mpi_print(GCRYMPI_FMT_USG, pout, len, NULL, outmpi));
267 void rsa_free(rsa_t *rsa) {
270 gcry_mpi_release(rsa->n);
274 gcry_mpi_release(rsa->e);
278 gcry_mpi_release(rsa->d);
projects / tinc / blob