Module Name: src
Committed By: agc
Date: Sun May 6 17:46:45 UTC 2012
Added Files:
src/crypto/external/bsd/netpgp/dist/src/librsa [agc-netpgp-standalone]:
Makefile libnetpgprsa.3 rsa.c rsa.h rsastubs.c rsastubs.h
Log Message:
Add the RSA and DSA signature code to the agc-netpgp-standalone branch.
Despite the library name, this library implements both RSA and DSA
functionality.
XXX There is still some work to do on DSA signatures and verification. XXX
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1.2.1 \
src/crypto/external/bsd/netpgp/dist/src/librsa/Makefile \
src/crypto/external/bsd/netpgp/dist/src/librsa/libnetpgprsa.3 \
src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.c \
src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.h \
src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.c \
src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Added files:
Index: src/crypto/external/bsd/netpgp/dist/src/librsa/Makefile
diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/librsa/Makefile:1.1.2.1
--- /dev/null Sun May 6 17:46:45 2012
+++ src/crypto/external/bsd/netpgp/dist/src/librsa/Makefile Sun May 6 17:46:45 2012
@@ -0,0 +1,10 @@
+LIB=netrsa
+SRCS=rsa.c stubs.c
+MKMAN=no
+WARNS=4
+CPPFLAGS+=-I${.CURDIR}/../bn
+
+INCS=rsa.h
+INCSDIR=/usr/include/netpgp
+
+.include <bsd.lib.mk>
Index: src/crypto/external/bsd/netpgp/dist/src/librsa/libnetpgprsa.3
diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/librsa/libnetpgprsa.3:1.1.2.1
--- /dev/null Sun May 6 17:46:45 2012
+++ src/crypto/external/bsd/netpgp/dist/src/librsa/libnetpgprsa.3 Sun May 6 17:46:45 2012
@@ -0,0 +1,114 @@
+.\" $NetBSD: libnetpgprsa.3,v 1.1.2.1 2012/05/06 17:46:45 agc Exp $
+.\"
+.\" Copyright (c) 2012 Alistair Crooks <a...@netbsd.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd April 13, 2012
+.Dt LIBNETPGPRSA 3
+.Os
+.Sh NAME
+.Nm libnetpgprsa
+.Nd BIGNUM library of multi-precision integers
+.Sh LIBRARY
+.Lb libnetpgprsa
+.Sh SYNOPSIS
+.In netpgp/rsa.h
+.Ft RSA *
+.Fo RSA_new
+.Fa "void"
+.Fc
+.Ft int
+.Fo RSA_size
+.Fa "const RSA *rsa"
+.Fc
+.Ft void
+.Fo RSA_free
+.Fa "RSA *rsa"
+.Fc
+.Ft int
+.Fo RSA_check_key
+.Fa "RSA *rsa"
+.Fc
+.Ft RSA *
+.Fo RSA_generate_key
+.Fa "int num" "unsigned long e" "void (*callback)(int, int, void *)" "void *callbackarg"
+.Fc
+.Ft int
+.Fo RSA_public_encrypt
+.Fa "int siglen" "const uint8_t *signature" "uint8_t *to" "RSA *rsa" "int padding"
+.Fc
+.Ft int
+.Fo RSA_private_encrypt
+.Fa "int siglen" "const uint8_t *signature" "uint8_t *to" "RSA *rsa" "int padding"
+.Fc
+.Ft int
+.Fo RSA_private_decrypt
+.Fa "int siglen" "const uint8_t *signature" "uint8_t *to" "RSA *rsa" "int padding"
+.Fc
+.Pp
+.Ft DSA *
+.Fo DSA_new
+.Fa "void"
+.Fc
+.Ft int
+.Fo DSA_size
+.Fa "const DSA *dsa"
+.Fc
+.Ft void
+.Fo DSA_free
+.Fa "DSA *dsa"
+.Fc
+.Ft DSA_SIG *
+.Fo DSA_SIG_new
+.Fa "void"
+.Fc
+.Ft void
+.Fo DSA_SIG_free
+.Fa "DSA_SIG *sig"
+.Fc
+.Ft int
+.Fo DSA_do_verify
+.Fa "const unsigned char *digest" "int digestlen" "DSA_SIG *sig" "DSA *dsa"
+.Fc
+.Ft int
+.Fo DSA_do_sign
+.Fa "const unsigned char *digest" "int digestlen" "DSA *dsa"
+.Fc
+.Sh DESCRIPTION
+.Nm
+is a small library which provides RSA signing,
+encryption and decryption, and DSA signing.
+RSA and DSA verification are provided by the
+.Xr libnetpgpverify 3
+library.
+.Pp
+.Sh SEE ALSO
+.Xr libnetpgpbn 3
+.Xr libnetpgpverify 3
+.Sh HISTORY
+The
+.Nm
+library first appeared in
+.Nx 7.0 .
+.Sh AUTHORS
+.An Alistair Crooks Aq a...@netbsd.org
Index: src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.c
diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.c:1.1.2.1
--- /dev/null Sun May 6 17:46:45 2012
+++ src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.c Sun May 6 17:46:45 2012
@@ -0,0 +1,597 @@
+/*-
+ * Copyright (c) 2012 Alistair Crooks <a...@netbsd.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <sys/types.h>
+#include <sys/syslog.h>
+
+#ifdef _KERNEL
+# include <sys/kmem.h>
+# define logmessage log
+#else
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <unistd.h>
+#endif
+
+#include "misc.h"
+#include "digest.h"
+#include "rsa.h"
+
+#ifndef USE_ARG
+#define USE_ARG(x) /*LINTED*/(void)&(x)
+#endif
+
+#define RSA_MAX_MODULUS_BITS 16384
+#define RSA_SMALL_MODULUS_BITS 3072
+#define RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
+
+static int
+rsa_padding_check_none(uint8_t *to, int tlen, const uint8_t *from, int flen, int num)
+{
+ USE_ARG(num);
+ if (flen > tlen) {
+ printf("r too large\n");
+ return -1;
+ }
+ (void) memset(to, 0x0, tlen - flen);
+ (void) memcpy(to + tlen - flen, from, flen);
+ return tlen;
+}
+
+static int
+lowlevel_rsa_private_encrypt(int plainc, const unsigned char *plain, unsigned char *encbuf, RSA *rsa)
+{
+ BIGNUM *decbn;
+ BIGNUM *signedbn;
+ uint8_t *decbuf;
+ int nbytes;
+ int signc;
+ int signedbytes;
+ int r;
+
+ decbuf = NULL;
+ r = -1;
+ decbn = BN_new();
+ signedbn = BN_new();
+ nbytes = BN_num_bytes(rsa->n);
+ decbuf = netpgp_allocate(1, nbytes);
+ /* add no padding */
+ memcpy(decbuf, plain, plainc);
+ BN_bin2bn(decbuf, nbytes, decbn);
+ if (BN_cmp(decbn, rsa->n) >= 0) {
+ printf("decbn too big\n");
+ goto err;
+ }
+ if (!BN_mod_exp(signedbn, decbn, rsa->d, rsa->n, NULL)) {
+ printf("bad mod_exp\n");
+ goto err;
+ }
+ signedbytes = BN_num_bytes(signedbn);
+ signc = BN_bn2bin(signedbn, &encbuf[nbytes - signedbytes]);
+ memset(encbuf, 0x0, nbytes - signc);
+ r = nbytes;
+err:
+ netpgp_deallocate(decbuf, nbytes);
+ BN_clear_free(decbn);
+ BN_clear_free(signedbn);
+ return r;
+}
+
+static int
+lowlevel_rsa_public_encrypt(int plainc, const unsigned char *plain, unsigned char *encbuf, RSA *rsa)
+{
+ BIGNUM *decbn;
+ BIGNUM *encbn;
+ uint8_t *decbuf;
+ int nbytes;
+ int encc;
+ int r;
+ int i;
+
+ r = -1;
+ decbn = BN_new();
+ encbn = BN_new();
+ nbytes = BN_num_bytes(rsa->n);
+ decbuf = netpgp_allocate(1, nbytes);
+ (void) memcpy(decbuf, plain, plainc);
+ if (BN_bin2bn(decbuf, nbytes, decbn) == NULL) {
+ printf("bin2bn failed\n");
+ goto err;
+ }
+ if (BN_cmp(decbn, rsa->n) >= 0) {
+ printf("BN_cmp failed\n");
+ goto err;
+ }
+ if (!BN_mod_exp(encbn, decbn, rsa->e, rsa->n, NULL)) {
+ printf("BN_mod_exp failed\n");
+ goto err;
+ }
+ encc = BN_num_bytes(encbn);
+ i = BN_bn2bin(encbn, &encbuf[nbytes - encc]);
+ (void) memset(encbuf, 0x0, nbytes - i);
+ r = nbytes;
+err:
+ if (decbuf) {
+ memset(decbuf, 0x0, nbytes);
+ netpgp_deallocate(decbuf, nbytes);
+ }
+ BN_clear_free(decbn);
+ BN_clear_free(encbn);
+ return r;
+}
+
+static int
+lowlevel_rsa_private_decrypt(int enclen, const unsigned char *encbuf, unsigned char *to, RSA *rsa)
+{
+ BIGNUM *encbn;
+ BIGNUM *decbn;
+ uint8_t *buf;
+ int nbytes;
+ int j;
+ int r;
+
+ r = -1;
+ decbn = encbn = NULL;
+ buf = NULL;
+ if (BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
+ return -1;
+ }
+ if (BN_cmp(rsa->n, rsa->e) <= 0) {
+ return -1;
+ }
+ encbn = BN_new();
+ decbn = BN_new();
+ nbytes = BN_num_bytes(rsa->n);
+ buf = netpgp_allocate(1, nbytes);
+ if (enclen > nbytes) {
+ printf("bad enclen\n");
+ goto err;
+ }
+ BN_bin2bn(encbuf, enclen, encbn);
+ if (BN_cmp(encbn, rsa->n) >= 0) {
+ printf("bad encbn\n");
+ goto err;
+ }
+ BN_mod_exp(decbn, encbn, rsa->d, rsa->n, NULL);
+ j = BN_bn2bin(decbn, buf);
+ r = rsa_padding_check_none(to, nbytes, buf, j, nbytes);
+err:
+ BN_clear_free(encbn);
+ BN_clear_free(decbn);
+ netpgp_deallocate(buf, nbytes);
+ return r;
+}
+
+#if 0
+/**
+ @file rsa_make_key.c
+ RSA key generation, Tom St Denis
+*/
+
+/**
+ Create an RSA key
+ @param prng An active PRNG state
+ @param wprng The index of the PRNG desired
+ @param size The size of the modulus (key size) desired (octets)
+ @param e The "e" value (public key). e==65537 is a good choice
+ @param key [out] Destination of a newly created private key pair
+ @return CRYPT_OK if successful, upon error all allocated ram is freed
+*/
+static int
+rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key)
+{
+ void *p, *q, *tmp1, *tmp2, *tmp3;
+ int err;
+
+ LTC_ARGCHK(ltc_mp.name != NULL);
+ LTC_ARGCHK(key != NULL);
+
+ if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) {
+ return CRYPT_INVALID_KEYSIZE;
+ }
+
+ if ((e < 3) || ((e & 1) == 0)) {
+ return CRYPT_INVALID_ARG;
+ }
+
+ if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+ return err;
+ }
+
+ if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != CRYPT_OK) {
+ return err;
+ }
+
+ /* make primes p and q (optimization provided by Wayne Scott) */
+ /* tmp3 = e */
+ if ((err = mp_set_int(tmp3, e)) != CRYPT_OK) {
+ goto errkey;
+ }
+
+ /* make prime "p" */
+ do {
+ if ((err = rand_prime( p, size/2, prng, wprng)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* tmp1 = p-1 */
+ if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* tmp2 = gcd(p-1, e) */
+ if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) {
+ goto errkey;
+ }
+ } while (mp_cmp_d( tmp2, 1) != 0);
+ /* while e divides p-1 */
+
+ /* make prime "q" */
+ do {
+ if ((err = rand_prime( q, size/2, prng, wprng)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* tmp1 = q-1 */
+ if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* tmp2 = gcd(q-1, e) */
+ if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) {
+ goto errkey;
+ }
+ } while (mp_cmp_d( tmp2, 1) != 0);
+ /* while e divides q-1 */
+
+ /* tmp1 = lcm(p-1, q-1) */
+ /* tmp2 = p-1 */
+ if ((err = mp_sub_d( p, 1, tmp2)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* tmp1 = q-1 (previous do/while loop) */
+ /* tmp1 = lcm(p-1, q-1) */
+ if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) {
+ goto errkey;
+ }
+
+ /* make key */
+ if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
+ goto errkey;
+ }
+
+ /* key->e = e */
+ if ((err = mp_set_int( key->e, e)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* key->d = 1/e mod lcm(p-1,q-1) */
+ if ((err = mp_invmod( key->e, tmp1, key->d)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* key->N = pq */
+ if ((err = mp_mul( p, q, key->N)) != CRYPT_OK) {
+ goto errkey;
+ }
+
+ /* optimize for CRT now */
+ /* find d mod q-1 and d mod p-1 */
+ /* tmp1 = q-1 */
+ if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* tmp2 = p-1 */
+ if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* dP = d mod p-1 */
+ if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* dQ = d mod q-1 */
+ if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) {
+ goto errkey;
+ }
+ /* qP = 1/q mod p */
+ if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) {
+ got oerrkey;
+ }
+
+ if ((err = mp_copy( p, key->p)) != CRYPT_OK) {
+ goto errkey;
+ }
+ if ((err = mp_copy( q, key->q)) != CRYPT_OK) {
+ goto errkey;
+ }
+
+ /* set key type (in this case it's CRT optimized) */
+ key->type = PK_PRIVATE;
+
+ /* return ok and free temps */
+ err = CRYPT_OK;
+ goto cleanup;
+errkey:
+ mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
+cleanup:
+ mp_clear_multi(tmp3, tmp2, tmp1, p, q, NULL);
+ return err;
+}
+#endif
+
+#define HASHBUF_LEN 512
+
+#define DSA_MAX_MODULUS_BITS 10000
+
+static int
+dsa_do_verify(const unsigned char *calculated, int dgst_len, const dsasig_t *sig, mpi_dsa_t *dsa)
+{
+ BIGNUM *M;
+ BIGNUM *W;
+ BIGNUM *t1;
+ int ret = -1;
+ int qbits;
+
+ if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) {
+ return 0;
+ }
+ M = W = t1 = NULL;
+ qbits = BN_num_bits(dsa->q);
+ switch(qbits) {
+ case 160:
+ case 224:
+ case 256:
+ /* openssl sources say these are the valid values */
+ /* according to FIPS 186-3 */
+ break;
+ default:
+ printf("dsa: bad # of Q bits\n");
+ return 0;
+ }
+ if (BN_num_bits(dsa->p) > DSA_MAX_MODULUS_BITS) {
+ printf("dsa: p too large\n");
+ return 0;
+ }
+ /* no love for SHA512? */
+ if (dgst_len > SHA256_DIGEST_LENGTH) {
+ printf("dsa: digest too long\n");
+ return 0;
+ }
+ ret = 0;
+ if ((M = BN_new()) == NULL ||
+ (W = BN_new()) == NULL ||
+ (t1 = BN_new()) == NULL) {
+ goto err;
+ }
+ if (BN_is_zero(sig->r) ||
+ BN_is_negative(sig->r) ||
+ BN_cmp(sig->r, dsa->q) >= 0) {
+ goto err;
+ }
+ if (BN_is_zero(sig->s) ||
+ BN_is_negative(sig->s) ||
+ BN_cmp(sig->s, dsa->q) >= 0) {
+ goto err;
+ }
+ if (BN_mod_inverse(W, sig->s, dsa->q, NULL) != MP_OKAY) {
+ goto err;
+ }
+ if (dgst_len > qbits / 8) {
+ dgst_len = qbits / 8;
+ }
+ if (BN_bin2bn(calculated, dgst_len, M) == NULL) {
+ goto err;
+ }
+ if (!BN_mod_mul(M, M, W, dsa->q, NULL)) {
+ goto err;
+ }
+ if (!BN_mod_mul(W, sig->r, W, dsa->q, NULL)) {
+ goto err;
+ }
+ if (!BN_mod_exp(dsa->p, t1, dsa->g, M, NULL)) {
+ goto err;
+ }
+ if (!BN_div(NULL, M, t1, dsa->q, NULL)) {
+ goto err;
+ }
+ ret = (BN_cmp(M, sig->r) == 0);
+err:
+ if (M) {
+ BN_free(M);
+ }
+ if (W) {
+ BN_free(W);
+ }
+ if (t1) {
+ BN_free(t1);
+ }
+ return ret;
+}
+
+/*************************************************************************/
+
+int
+RSA_size(const RSA *rsa)
+{
+ return BN_num_bits(rsa->n);
+}
+
+int
+DSA_size(const DSA *rsa)
+{
+ return BN_num_bits(rsa->p);
+}
+
+unsigned
+dsa_verify(const signature_t *signature, const dsa_pubkey_t *pubdsa, const uint8_t *calculated, size_t hash_length)
+{
+ mpi_dsa_t odsa;
+ dsasig_t osig;
+ unsigned qlen;
+ int ret;
+
+ (void) memset(&osig, 0x0, sizeof(osig));
+ (void) memset(&odsa, 0x0, sizeof(odsa));
+ BN_copy(osig.r, signature->dsa.r);
+ BN_copy(osig.s, signature->dsa.s);
+ odsa.p = pubdsa->p;
+ odsa.q = pubdsa->q;
+ odsa.g = pubdsa->g;
+ odsa.pub_key = pubdsa->y;
+ if ((qlen = BN_num_bytes(odsa.q)) < hash_length) {
+ hash_length = qlen;
+ }
+ ret = dsa_do_verify(calculated, (int)hash_length, &signature->dsa, &odsa);
+ if (ret < 0) {
+ return 0;
+ }
+ BN_free(odsa.p);
+ BN_free(odsa.q);
+ BN_free(odsa.g);
+ BN_free(odsa.pub_key);
+ odsa.p = odsa.q = odsa.g = odsa.pub_key = NULL;
+ BN_free(osig.r);
+ BN_free(osig.s);
+ osig.r = osig.s = NULL;
+ return (unsigned)ret;
+}
+
+RSA *
+RSA_new(void)
+{
+ return netpgp_allocate(1, sizeof(RSA));
+}
+
+void
+RSA_free(RSA *rsa)
+{
+ if (rsa) {
+ netpgp_deallocate(rsa, sizeof(*rsa));
+ }
+}
+
+int
+RSA_check_key(RSA *rsa)
+{
+ BIGNUM *calcn;
+ int ret;
+
+ ret = 0;
+ if (rsa == NULL || rsa->p == NULL || rsa->q == NULL || rsa->n == NULL) {
+ return 0;
+ }
+ /* check that p and q are coprime, and that n = p*q. */
+ if (!BN_is_prime(rsa->p, 1, NULL, NULL, NULL) ||
+ !BN_is_prime(rsa->q, 1, NULL, NULL, NULL)) {
+ return 0;
+ }
+ calcn = BN_new();
+ BN_mul(calcn, rsa->p, rsa->q, NULL);
+ if (BN_cmp(calcn, rsa->n) != 0) {
+ goto errout;
+ }
+ /* XXX - check that d*e = 1 mod (p-1*q-1) */
+ ret = 1;
+errout:
+ BN_clear_free(calcn);
+ return ret;
+}
+
+RSA *
+RSA_generate_key(int num, unsigned long e, void (*callback)(int,int,void *), void *cb_arg)
+{
+ /* STUBBED */
+ USE_ARG(num);
+ USE_ARG(e);
+ USE_ARG(callback);
+ USE_ARG(cb_arg);
+ printf("RSA_generate_key stubbed\n");
+ return RSA_new();
+}
+
+/* encrypt */
+int
+RSA_public_encrypt(int plainc, const unsigned char *plain, unsigned char *encbuf, RSA *rsa, int padding)
+{
+ USE_ARG(padding);
+ return lowlevel_rsa_public_encrypt(plainc, plain, encbuf, rsa);
+}
+
+/* decrypt */
+int
+RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
+{
+ USE_ARG(padding);
+ return lowlevel_rsa_private_decrypt(flen, from, to, rsa);
+}
+
+/* sign */
+int
+RSA_private_encrypt(int plainc, const unsigned char *plain, unsigned char *encbuf, RSA *rsa, int padding)
+{
+ USE_ARG(padding);
+ return lowlevel_rsa_private_encrypt(plainc, plain, encbuf, rsa);
+}
+
+/***********************************************************************/
+
+DSA *
+DSA_new(void)
+{
+ return netpgp_allocate(1, sizeof(DSA));
+}
+
+void
+DSA_free(DSA *dsa)
+{
+ if (dsa) {
+ netpgp_deallocate(dsa, sizeof(*dsa));
+ }
+}
+
+DSA_SIG *
+DSA_SIG_new(void)
+{
+ return netpgp_allocate(1, sizeof(DSA_SIG));
+}
+
+void
+DSA_SIG_free(DSA_SIG *sig)
+{
+ if (sig) {
+ netpgp_deallocate(sig, sizeof(*sig));
+ }
+}
+
+DSA_SIG *
+DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+ /* STUBBED */
+ USE_ARG(dgst);
+ USE_ARG(dlen);
+ USE_ARG(dsa);
+ printf("DSA_do_sign stubbed\n");
+ return DSA_SIG_new();
+}
+
+int
+DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
+{
+ return dsa_do_verify(dgst, dgst_len, sig, dsa);
+}
Index: src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.h
diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.h:1.1.2.1
--- /dev/null Sun May 6 17:46:45 2012
+++ src/crypto/external/bsd/netpgp/dist/src/librsa/rsa.h Sun May 6 17:46:45 2012
@@ -0,0 +1,154 @@
+/*-
+ * Copyright (c) 2012 Alistair Crooks <a...@netbsd.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef RSA_H_
+#define RSA_H_ 20120325
+
+#include "bn.h"
+
+#ifndef __BEGIN_DECLS
+# if defined(__cplusplus)
+# define __BEGIN_DECLS extern "C" {
+# define __END_DECLS }
+# else
+# define __BEGIN_DECLS
+# define __END_DECLS
+# endif
+#endif
+
+__BEGIN_DECLS
+
+typedef struct rsa_pubkey_t {
+ BIGNUM *n; /* RSA public modulus n */
+ BIGNUM *e; /* RSA public encryption exponent e */
+} rsa_pubkey_t;
+
+typedef struct mpi_rsa_t {
+ int f1; /* openssl pad */
+ long f2; /* openssl version */
+ const void *f3; /* openssl method */
+ void *f4; /* openssl engine */
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+} mpi_rsa_t;
+
+#define RSA mpi_rsa_t
+
+typedef struct dsa_pubkey_t {
+ BIGNUM *p; /* DSA public modulus n */
+ BIGNUM *q; /* DSA public encryption exponent e */
+ BIGNUM *g;
+ BIGNUM *y;
+} dsa_pubkey_t;
+
+typedef struct mpi_dsa_t {
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *g;
+ BIGNUM *y;
+ BIGNUM *x;
+ BIGNUM *pub_key;
+ BIGNUM *priv_key;
+} mpi_dsa_t;
+
+#define DSA mpi_dsa_t
+
+typedef struct rsasig_t {
+ BIGNUM *sig; /* mpi which is actual signature */
+} rsasig_t;
+
+typedef struct dsasig_t {
+ BIGNUM *r; /* mpi which is actual signature */
+ BIGNUM *s; /* mpi which is actual signature */
+} dsasig_t;
+
+#define DSA_SIG dsasig_t
+
+/* misc defs */
+#define RSA_NO_PADDING 3
+
+#define SIGNETBSD_ID_SIZE 8
+#define SIGNETBSD_NAME_SIZE 128
+
+#define RSA_PUBKEY_ALG 1
+#define DSA_PUBKEY_ALG 17
+
+/* the public part of the key */
+typedef struct pubkey_t {
+ uint32_t version; /* key version - usually 4 */
+ uint8_t id[SIGNETBSD_ID_SIZE]; /* binary id */
+ char name[SIGNETBSD_NAME_SIZE]; /* name of identity - not necessary, but looks better */
+ int64_t birthtime; /* time of creation of key */
+ int64_t expiry; /* expiration time of the key */
+ uint32_t validity; /* validity in days */
+ uint32_t alg; /* pubkey algorithm - rsa/dss etc */
+ rsa_pubkey_t rsa; /* specific RSA keys */
+ dsa_pubkey_t dsa; /* specific DSA keys */
+} pubkey_t;
+
+/* signature details (for a specific file) */
+typedef struct signature_t {
+ uint32_t version; /* signature version number */
+ uint32_t type; /* signature type value */
+ int64_t birthtime; /* creation time of the signature */
+ int64_t expiry; /* expiration time of the signature */
+ uint8_t id[SIGNETBSD_ID_SIZE]; /* binary id */
+ uint32_t key_alg; /* public key algorithm number */
+ uint32_t hash_alg; /* hashing algorithm number */
+ rsasig_t rsa; /* RSA signature */
+ dsasig_t dsa; /* DSA signature */
+ size_t v4_hashlen; /* length of hashed info */
+ uint8_t *v4_hashed; /* hashed info */
+ uint8_t hash2[2]; /* high 2 bytes of hashed value - for quick test */
+ pubkey_t *signer; /* pubkey of signer */
+} signature_t;
+
+unsigned dsa_verify(const signature_t */*sig*/, const dsa_pubkey_t */*pubdsa*/, const uint8_t */*calc*/, size_t /*hashlen*/);
+
+RSA *RSA_new(void);
+int RSA_size(const RSA */*rsa*/);
+void RSA_free(RSA */*rsa*/);
+int RSA_check_key(RSA */*rsa*/);
+RSA *RSA_generate_key(int /*num*/, unsigned long /*e*/, void (*callback)(int,int,void *), void */*cb_arg*/);
+int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding);
+int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding);
+int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding);
+
+DSA *DSA_new(void);
+int DSA_size(const DSA */*rsa*/);
+void DSA_free(DSA */*dsa*/);
+DSA_SIG *DSA_SIG_new(void);
+void DSA_SIG_free(DSA_SIG */*sig*/);
+int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa);
+DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+
+__END_DECLS
+
+#endif
Index: src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.c
diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.c:1.1.2.1
--- /dev/null Sun May 6 17:46:45 2012
+++ src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.c Sun May 6 17:46:45 2012
@@ -0,0 +1,83 @@
+/*-
+ * Copyright (c) 2012 Alistair Crooks <a...@netbsd.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <pwd.h>
+
+#include "rsa.h"
+#include "rsastubs.h"
+
+#ifndef USE_ARG
+#define USE_ARG(x) /*LINTED*/(void)&(x)
+#endif
+
+static int
+pass_cb(char *buf, int size, int rwflag, void *u)
+{
+ char *passphrase;
+ char prompt[128];
+
+ USE_ARG(rwflag);
+ snprintf(prompt, sizeof(prompt), "\"%s\" passphrase: ", (char *)u);
+ if ((passphrase = getpass(prompt)) == NULL) {
+ return -1;
+ }
+ (void) memcpy(buf, passphrase, (size_t)size);
+ return (int)strlen(passphrase);
+}
+
+RSA *
+PEM_read_RSAPrivateKey(FILE *fp, RSA **x, pem_password_cb *cb, void *u)
+{
+ char phrase[128 + 1];
+ RSA *rsa;
+ int cc;
+
+fprintf(stderr, "Stubbed PEM_read_RSAPrivateKey\n");
+ USE_ARG(u);
+ if (cb == NULL) {
+ cb = pass_cb;
+ }
+ cc = (*cb)(phrase, sizeof(phrase), 0, u);
+ rsa = *x = RSA_new();
+ USE_ARG(fp);
+ return rsa;
+}
+
+DSA *
+PEM_read_DSAPrivateKey(FILE *fp, DSA **x, pem_password_cb *cb, void *u)
+{
+ DSA *dsa;
+
+ USE_ARG(u);
+ if (cb == NULL) {
+ cb = pass_cb;
+ }
+ dsa = *x = DSA_new();
+ USE_ARG(fp);
+ return dsa;
+}
Index: src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.h
diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.h:1.1.2.1
--- /dev/null Sun May 6 17:46:45 2012
+++ src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.h Sun May 6 17:46:45 2012
@@ -0,0 +1,25 @@
+#ifndef RSASTUBS_H_
+#define RSASTUBS_H_ 20120412
+
+#include "rsa.h"
+
+#ifndef __BEGIN_DECLS
+# if defined(__cplusplus)
+# define __BEGIN_DECLS extern "C" {
+# define __END_DECLS }
+# else
+# define __BEGIN_DECLS
+# define __END_DECLS
+# endif
+#endif
+
+__BEGIN_DECLS
+
+typedef int pem_password_cb(char */*buf*/, int /*size*/, int /*rwflag*/, void */*userdata*/);
+
+RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x, pem_password_cb *cb, void *u);
+DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+
+__END_DECLS
+
+#endif
