From 7eb9c6664ab4ab906cd034638c7a981fe4f96dce Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Wed, 15 Feb 2017 15:03:35 +0800 Subject: [PATCH] add cpk --- Configure | 2 +- crypto/cpk/build.info | 3 + crypto/cpk/cpk_asn1.c | 94 ++++ crypto/cpk/cpk_err.c | 61 +++ crypto/cpk/cpk_kap.c | 95 ++++ crypto/cpk/cpk_lib.c | 994 +++++++++++++++++++++++++++++++++++++ crypto/cpk/cpk_map.c | 178 +++++++ crypto/cpk/cpk_prn.c | 69 +++ crypto/err/err.c | 2 + crypto/err/err_all.c | 4 + crypto/err/openssl.ec | 1 + include/openssl/cpk.h | 150 ++++++ include/openssl/err.h | 3 + test/build.info | 6 +- test/cpktest.c | 198 ++++++++ test/recipes/15-test_cpk.t | 12 + util/mkdef.pl | 2 +- 17 files changed, 1871 insertions(+), 3 deletions(-) create mode 100644 crypto/cpk/build.info create mode 100755 crypto/cpk/cpk_asn1.c create mode 100755 crypto/cpk/cpk_err.c create mode 100755 crypto/cpk/cpk_kap.c create mode 100755 crypto/cpk/cpk_lib.c create mode 100755 crypto/cpk/cpk_map.c create mode 100644 crypto/cpk/cpk_prn.c create mode 100755 include/openssl/cpk.h create mode 100644 test/cpktest.c create mode 100644 test/recipes/15-test_cpk.t diff --git a/Configure b/Configure index 55bb136a..01e7adf7 100755 --- a/Configure +++ b/Configure @@ -311,7 +311,7 @@ $config{sdirs} = [ "buffer", "bio", "stack", "lhash", "rand", "err", "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", - "sm3", "sms4", "kdf2", "ecies", "ffx", "sm2", "paillier" + "sm3", "sms4", "kdf2", "ecies", "ffx", "sm2", "paillier", "cpk" ]; # Known TLS and DTLS protocols diff --git a/crypto/cpk/build.info b/crypto/cpk/build.info new file mode 100644 index 00000000..86e39562 --- /dev/null +++ b/crypto/cpk/build.info @@ -0,0 +1,3 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=cpk_asn1.c cpk_err.c cpk_kap.c cpk_lib.c cpk_map.c \ + cpk_prn.c diff --git a/crypto/cpk/cpk_asn1.c b/crypto/cpk/cpk_asn1.c new file mode 100755 index 00000000..20b0d291 --- /dev/null +++ b/crypto/cpk/cpk_asn1.c @@ -0,0 +1,94 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include + +ASN1_SEQUENCE(CPK_MASTER_SECRET) = { + ASN1_SIMPLE(CPK_MASTER_SECRET, version, LONG), + ASN1_SIMPLE(CPK_MASTER_SECRET, id, X509_NAME), + ASN1_SIMPLE(CPK_MASTER_SECRET, pkey_algor, X509_ALGOR), + ASN1_SIMPLE(CPK_MASTER_SECRET, map_algor, X509_ALGOR), + ASN1_SIMPLE(CPK_MASTER_SECRET, secret_factors, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(CPK_MASTER_SECRET) +IMPLEMENT_ASN1_FUNCTIONS(CPK_MASTER_SECRET) +IMPLEMENT_ASN1_DUP_FUNCTION(CPK_MASTER_SECRET) + +ASN1_SEQUENCE(CPK_PUBLIC_PARAMS) = { + ASN1_SIMPLE(CPK_PUBLIC_PARAMS, version, LONG), + ASN1_SIMPLE(CPK_PUBLIC_PARAMS, id, X509_NAME), + ASN1_SIMPLE(CPK_PUBLIC_PARAMS, pkey_algor, X509_ALGOR), + ASN1_SIMPLE(CPK_PUBLIC_PARAMS, map_algor, X509_ALGOR), + ASN1_SIMPLE(CPK_PUBLIC_PARAMS, public_factors, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(CPK_PUBLIC_PARAMS) +IMPLEMENT_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS) +IMPLEMENT_ASN1_DUP_FUNCTION(CPK_PUBLIC_PARAMS) + + +CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master) +{ + return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master); +} + +int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master) +{ + return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_MASTER_SECRET), bp, master); +} + +CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params) +{ + return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params); +} + +int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params) +{ + return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CPK_PUBLIC_PARAMS), bp, params); +} + diff --git a/crypto/cpk/cpk_err.c b/crypto/cpk/cpk_err.c new file mode 100755 index 00000000..441b052f --- /dev/null +++ b/crypto/cpk/cpk_err.c @@ -0,0 +1,61 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include + +/* BEGIN ERROR CODES */ +#ifndef OPENSSL_NO_ERR + +# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CPK,func,0) +# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CPK,0,reason) + +static ERR_STRING_DATA CPK_str_functs[] = { + {ERR_FUNC(CPK_F_CPK_MAP_NEW_DEFAULT), "CPK_MAP_new_default"}, + {ERR_FUNC(CPK_F_CPK_MAP_STR2INDEX), "CPK_MAP_str2index"}, + {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_CREATE), "CPK_MASTER_SECRET_create"}, + {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY), + "CPK_MASTER_SECRET_extract_private_key"}, + {ERR_FUNC(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS), + "CPK_MASTER_SECRET_extract_public_params"}, + {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY), + "CPK_PUBLIC_PARAMS_compute_share_key"}, + {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY), + "CPK_PUBLIC_PARAMS_extract_public_key"}, + {ERR_FUNC(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY), + "CPK_PUBLIC_PARAMS_validate_private_key"}, + {ERR_FUNC(CPK_F_X509_ALGOR_GET1_DSA), "X509_ALGOR_get1_DSA"}, + {ERR_FUNC(CPK_F_X509_ALGOR_GET1_EC_KEY), "X509_ALGOR_get1_EC_KEY"}, + {0, NULL} +}; + +static ERR_STRING_DATA CPK_str_reasons[] = { + {ERR_REASON(CPK_R_BAD_ARGUMENT), "bad argument"}, + {ERR_REASON(CPK_R_BAD_DATA), "bad data"}, + {ERR_REASON(CPK_R_INVALID_ID_LENGTH), "invalid id length"}, + {ERR_REASON(CPK_R_INVALID_MAP_ALGOR), "invalid map algor"}, + {ERR_REASON(CPK_R_INVALID_PKEY_TYPE), "invalid pkey type"}, + {0, NULL} +}; + +#endif + +int ERR_load_CPK_strings(void) +{ +#ifndef OPENSSL_NO_ERR + + if (ERR_func_error_string(CPK_str_functs[0].error) == NULL) { + ERR_load_strings(0, CPK_str_functs); + ERR_load_strings(0, CPK_str_reasons); + } +#endif + return 1; +} diff --git a/crypto/cpk/cpk_kap.c b/crypto/cpk/cpk_kap.c new file mode 100755 index 00000000..9a2df365 --- /dev/null +++ b/crypto/cpk/cpk_kap.c @@ -0,0 +1,95 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include + +int CPK_PUBLIC_PARAMS_compute_share_key(CPK_PUBLIC_PARAMS *params, + void *out, size_t outlen, const char *id, EVP_PKEY *priv_key, + void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen)) +{ + int ret = 0; + EVP_PKEY *pub_key = NULL; + int pkey_type = OBJ_obj2nid(params->pkey_algor->algorithm); + + OPENSSL_assert(kdf != NULL); + + printf("%d\n", __LINE__); + if (EVP_PKEY_id(priv_key) != pkey_type) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY, + ERR_R_MALLOC_FAILURE); //FIXME: ERR_R_XXX + goto err; + } + if (!(pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id))) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY, + ERR_R_MALLOC_FAILURE); //FIXME: ERR_R_XXX + goto err; + } + if (pkey_type == EVP_PKEY_EC) { + + if (!ECDH_compute_key(out, outlen, + EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0(pub_key)), + (EC_KEY *)EVP_PKEY_get0(priv_key), kdf)) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY, + ERR_R_MALLOC_FAILURE); //FIXME: ERR_R_XXX + goto err; + } + } else if (pkey_type == EVP_PKEY_DH) { + // not supported yet + goto err; + } + + + ret = 1; +err: + return ret; +} + diff --git a/crypto/cpk/cpk_lib.c b/crypto/cpk/cpk_lib.c new file mode 100755 index 00000000..c26f3215 --- /dev/null +++ b/crypto/cpk/cpk_lib.c @@ -0,0 +1,994 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "../dsa/dsa_locl.h" +#include "../x509/x509_lcl.h" + +#define ASN1_STRING_data(a) ((a)->data) + +static DSA *X509_ALGOR_get1_DSA(X509_ALGOR *algor); +static int extract_dsa_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param); +static DSA *extract_dsa_priv_key(CPK_MASTER_SECRET *master, const char *id); +static DSA *extract_dsa_pub_key(CPK_PUBLIC_PARAMS *param, const char *id); + +static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor); +static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param); +static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id); +static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id); + + + +CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, + EVP_PKEY *pkey, X509_ALGOR *map_algor) +{ + int e = 1; + CPK_MASTER_SECRET *master = NULL; + BIGNUM *bn = NULL; + BIGNUM *order = NULL; + X509_PUBKEY *pubkey = NULL; + int pkey_type; + int i, bn_size, num_factors; + unsigned char *bn_ptr; + + if (!domain_id || !pkey || !map_algor) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + if (strlen(domain_id) <= 0 || strlen(domain_id) > CPK_MAX_ID_LENGTH) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_ID_LENGTH); + return NULL; + } + + pkey_type = EVP_PKEY_id(pkey); + if (pkey_type == EVP_PKEY_DSA) { + if (!(order = ((DSA *)EVP_PKEY_get0(pkey))->q)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_BAD_ARGUMENT); + goto err; + } + } else if (pkey_type == EVP_PKEY_EC) { + const EC_GROUP *ec_group; + if (!(order = BN_new())) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); + goto err; + } + ec_group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0(pkey)); + if (!EC_GROUP_get_order(ec_group, order, NULL)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); + goto err; + } + OPENSSL_assert(EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0(pkey)) != NULL); + } else { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_PKEY_TYPE); + goto err; + } + + if (!(master = CPK_MASTER_SECRET_new())) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); + goto err; + } + + master->version = 1; + if (!X509_NAME_add_entry_by_NID(master->id, NID_organizationName, + MBSTRING_UTF8, (unsigned char *)domain_id, -1, -1, 0)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); + goto err; + } + + /* + * convert EVP_PKEY to X509_ALGOR through X509_PUBKEY_set + * X509_ALGOR_set0() is another choice but require more code + */ + // FIXME: X509_PUBKEY require pkey has a public key + if (!X509_PUBKEY_set(&pubkey, pkey)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); + goto err; + } + X509_ALGOR_free(master->pkey_algor); + + X509_ALGOR_set0(master->pkey_algor, OBJ_nid2obj(EVP_PKEY_id(pkey)), 0, NULL); + + /* + if (!(master->pkey_algor = X509_ALGOR_dup(pubkey->algor))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_X509_LIB); + goto err; + } + */ + + //FIXME: check the validity of CPK_MAP + X509_ALGOR_free(master->map_algor); + if (!(master->map_algor = X509_ALGOR_dup(map_algor))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); + goto err; + } + if ((num_factors = CPK_MAP_num_factors(map_algor)) <= 0) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, CPK_R_INVALID_MAP_ALGOR); + goto err; + } + + /* + * create secret factors, for both DSA and EC, + * the private keys are both big integers, + */ + bn_size = BN_num_bytes(order); + if (!ASN1_STRING_set(master->secret_factors, NULL, bn_size * num_factors)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_ASN1_LIB); + goto err; + } + bn_ptr = master->secret_factors->data; + memset(bn_ptr, 0, ASN1_STRING_length(master->secret_factors)); + + if (!(bn = BN_new())) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_MALLOC_FAILURE); + goto err; + } + for (i = 0; i < num_factors; i++) { + do { + if (!BN_rand_range(bn, order)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, + ERR_R_BN_LIB); + goto err; + } + } while (BN_is_zero(bn)); + + if (!BN_bn2bin(bn, bn_ptr + bn_size - BN_num_bytes(bn))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_CREATE, ERR_R_BN_LIB); + goto err; + } + bn_ptr += bn_size; + } + + e = 0; +err: + if (e && master) { + CPK_MASTER_SECRET_free(master); + master = NULL; + } + if (pubkey) X509_PUBKEY_free(pubkey); + if (order && pkey_type == EVP_PKEY_EC) BN_free(order); + if (bn) BN_free(bn); + return master; +} + +CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master) +{ + CPK_PUBLIC_PARAMS *param = NULL; + int pkey_type; + pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm); + + + if (!(param = CPK_PUBLIC_PARAMS_new())) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, + ERR_R_MALLOC_FAILURE); + goto err; + } + + param->version = master->version; + + X509_NAME_free(param->id); + if (!(param->id = X509_NAME_dup(master->id))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, + ERR_R_MALLOC_FAILURE); + goto err; + } + + X509_ALGOR_free(param->pkey_algor); + if (!(param->pkey_algor = X509_ALGOR_dup(master->pkey_algor))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, + ERR_R_MALLOC_FAILURE); + goto err; + } + + X509_ALGOR_free(param->map_algor); + if (!(param->map_algor = X509_ALGOR_dup(master->map_algor))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, + ERR_R_MALLOC_FAILURE); + goto err; + } + + switch (pkey_type) { + case EVP_PKEY_DSA: + if (!extract_dsa_params(master, param)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, + ERR_R_CPK_LIB); + goto err; + } + break; + + case EVP_PKEY_EC: + if (!extract_ec_params(master, param)) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, + ERR_R_CPK_LIB); + goto err; + } + break; + + default: + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS, CPK_R_INVALID_PKEY_TYPE); + goto err; + } + return param; + +err: + if (param) CPK_PUBLIC_PARAMS_free(param); + return NULL; +} + +EVP_PKEY *CPK_MASTER_SECRET_extract_private_key( + CPK_MASTER_SECRET *master, const char *id) +{ + EVP_PKEY *pkey = NULL; + int pkey_type; + + if (!(pkey = EVP_PKEY_new())) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + + pkey_type = OBJ_obj2nid(master->pkey_algor->algorithm); + + if (pkey_type == EVP_PKEY_DSA) { + DSA *dsa; + if (!(dsa = extract_dsa_priv_key(master, id))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, + ERR_R_CPK_LIB); + goto err; + } + if (!EVP_PKEY_assign_DSA(pkey, dsa)) { + DSA_free(dsa); + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, + ERR_R_EVP_LIB); + goto err; + } + + } else if (pkey_type == EVP_PKEY_EC) { + EC_KEY *ec_key; + if (!(ec_key = extract_ec_priv_key(master, id))) { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, + ERR_R_CPK_LIB); + goto err; + } + if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) { + EC_KEY_free(ec_key); + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, + ERR_R_EVP_LIB); + goto err; + } + + } else { + CPKerr(CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY, + CPK_R_INVALID_PKEY_TYPE); + goto err; + } + + return pkey; + +err: + if (pkey) EVP_PKEY_free(pkey); + return NULL; +} + +EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *param, + const char *id) +{ + EVP_PKEY *pkey = NULL; + int pkey_type; + //char domain_id[CPK_MAX_ID_LENGTH + 1]; + + if (!(pkey = EVP_PKEY_new())) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + + pkey_type = OBJ_obj2nid(param->pkey_algor->algorithm); + + if (pkey_type == EVP_PKEY_DSA) { + DSA *dsa = NULL; + if (!(dsa = extract_dsa_pub_key(param, id))) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, + ERR_R_CPK_LIB); + goto err; + } + if (!EVP_PKEY_assign_DSA(pkey, dsa)) { + DSA_free(dsa); + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, + ERR_R_EVP_LIB); + goto err; + } + + } else if (pkey_type == EVP_PKEY_EC) { + EC_KEY *ec_key = NULL; + if (!(ec_key = extract_ec_pub_key(param, id))) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, + ERR_R_CPK_LIB); + goto err; + } + if (!EVP_PKEY_assign_EC_KEY(pkey, ec_key)) { + EC_KEY_free(ec_key); + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, + ERR_R_EVP_LIB); + goto err; + } + + } else { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY, + CPK_R_INVALID_PKEY_TYPE); + goto err; + } + + return pkey; + +err: + if (pkey) EVP_PKEY_free(pkey); + return NULL; +} + +int CPK_MASTER_SECRET_digest(CPK_MASTER_SECRET *master, const EVP_MD *md, + unsigned char *dgst, unsigned int *dgstlen) +{ + if (!EVP_Digest(ASN1_STRING_data(master->secret_factors), + ASN1_STRING_length(master->secret_factors), + dgst, dgstlen, md, NULL)) { + return 0; + } + return 1; +} + +int CPK_PUBLIC_PARAMS_digest(CPK_PUBLIC_PARAMS *params, const EVP_MD *md, + unsigned char *dgst, unsigned int *dgstlen) +{ + if (!EVP_Digest(ASN1_STRING_data(params->public_factors), + ASN1_STRING_length(params->public_factors), + dgst, dgstlen, md, NULL)) { + return 0; + } + return 1; +} + +char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size) +{ + return X509_NAME_oneline(master->id, buf, size); +} + +char *CPK_PUBLIC_PARAMS_name(CPK_PUBLIC_PARAMS *params, char *buf, int size) +{ + return X509_NAME_oneline(params->id, buf, size); +} + +int CPK_MASTER_SECRET_validate_public_params(CPK_MASTER_SECRET *master, + CPK_PUBLIC_PARAMS *params) +{ + int ret = 0; + CPK_PUBLIC_PARAMS *tmp = NULL; + + if (!(tmp = CPK_MASTER_SECRET_extract_public_params(master))) { + fprintf(stderr, "shit1\n"); + goto err; + } + if (tmp->version != params->version) { + fprintf(stderr, "shit2\n"); + goto err; + } + if (X509_NAME_cmp(tmp->id, params->id)) { + fprintf(stderr, "shit3\n"); + goto err; + } + + /* + * two ASN_OBJECT * with different address may have same NID + * thus we can not check with: + * tmp->pkey_algor->algorithm != params->pkey_algor->algorithm + */ + if (OBJ_obj2nid(tmp->pkey_algor->algorithm) != + OBJ_obj2nid(params->pkey_algor->algorithm)) { + fprintf(stderr, "shit4\n"); + goto err; + } + // FIXME: pkey_algor->parameters + if (OBJ_obj2nid(tmp->map_algor->algorithm) != + OBJ_obj2nid(params->map_algor->algorithm)) { + fprintf(stderr, "shit5\n"); + goto err; + } + if (ASN1_STRING_cmp(tmp->public_factors, params->public_factors)) { + fprintf(stderr, "shit6\n"); + goto err; + } + + ret = 1; +err: + if (tmp) CPK_PUBLIC_PARAMS_free(tmp); + return ret; +} + +int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params, + const char *id, const EVP_PKEY *priv_key) +{ + int ret = -3; + EVP_PKEY *pub_key = NULL; + + if (!(pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id))) { + CPKerr(CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY, + ERR_R_EVP_LIB); + goto err; + } + ret = EVP_PKEY_cmp(pub_key, priv_key); +err: + if (pub_key) EVP_PKEY_free(pub_key); + return ret; +} + +/* + * static functions + */ +#if 0 +// FIXME: check DSA and EC_KEY +static int X509_ALGOR_cmp(X509_ALGOR *a, X509_ALGOR *b) +{ + int pkey_type = OBJ_obj2nid(a->algorithm); + if (pkey_type != EVP_PKEY_DSA || pkey_type != EVP_PKEY_EC) + return 1; + if (a->algorithm != b->algorithm) + return -1; + return 0; +} +#endif + +static DSA *X509_ALGOR_get1_DSA(X509_ALGOR *algor) +{ + DSA *dsa = NULL; + int ptype; + void *pval; + ASN1_OCTET_STRING *pstr; + const unsigned char *p; + + X509_ALGOR_get0(NULL, &ptype, &pval, algor); + if (ptype != V_ASN1_SEQUENCE) { + CPKerr(CPK_F_X509_ALGOR_GET1_DSA, CPK_R_BAD_DATA); + return NULL; + } + pstr = (ASN1_OCTET_STRING *)pval; + p = pstr->data; + if (!(dsa = d2i_DSAparams(NULL, &p, pstr->length))) { + CPKerr(CPK_F_X509_ALGOR_GET1_DSA, ERR_R_DSA_LIB); + return NULL; + } + return dsa; +} + +static int extract_dsa_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param) +{ + int ret = 0; + DSA *dsa = NULL; + BIGNUM *pri = BN_new(); + BIGNUM *pub = BN_new(); + BN_CTX *ctx = BN_CTX_new(); + int i, pri_size, pub_size, num_factors; + const unsigned char *pri_ptr; + unsigned char *pub_ptr; + + if (!pri || !pub || !ctx) { + goto err; + } + + if (!(dsa = (DSA *)X509_ALGOR_get1_DSA(master->pkey_algor))) { + goto err; + } + pri_size = BN_num_bytes(dsa->q); + pub_size = BN_num_bytes(dsa->p); + + if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) { + goto err; + } + if (ASN1_STRING_length(master->secret_factors) != pri_size * num_factors) { + goto err; + } + + ASN1_STRING_free(param->public_factors); + if (!ASN1_STRING_set(param->public_factors, NULL, pub_size * num_factors)) { + goto err; + } + + pri_ptr = ASN1_STRING_data(master->secret_factors); + pub_ptr = ASN1_STRING_data(param->public_factors); + memset(pub_ptr, 0, ASN1_STRING_length(param->public_factors)); + + for (i = 0; i < num_factors; i++) { + + if (!BN_bin2bn(pri_ptr, pri_size, pri)) { + goto err; + } + if (BN_is_zero(pri) || BN_cmp(pri, dsa->q) >= 0) { + goto err; + } + + if (!BN_mod_exp(pub, dsa->g, pri, dsa->p, ctx)) { + goto err; + } + if (!BN_bn2bin(pub, pub_ptr + pub_size - BN_num_bytes(pub))) { + goto err; + } + + pri_ptr += pri_size; + pub_ptr += pub_size; + } + + ret = 1; +err: + if (dsa) DSA_free(dsa); + if (pri) BN_free(pri); + if (pub) BN_free(pub); + if (ctx) BN_CTX_free(ctx); + return ret; +} + +static DSA *extract_dsa_priv_key(CPK_MASTER_SECRET *master, const char *id) +{ + int e = 1; + DSA *dsa = NULL; + BIGNUM *bn = BN_new(); + BN_CTX *ctx = BN_CTX_new(); + const unsigned char *p; + int *index = NULL; + int i, num_indexes, bn_size; + + + if (!bn || !ctx) { + goto err; + } + if (!(dsa = X509_ALGOR_get1_DSA(master->pkey_algor))) { + goto err; + } + + if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) { + goto err; + } + if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) { + goto err; + } + if (!CPK_MAP_str2index(master->map_algor, id, index)) { + goto err; + } + if (!dsa->priv_key) { + if (!(dsa->priv_key = BN_new())) { + goto err; + } + } + BN_zero(dsa->priv_key); + bn_size = BN_num_bytes(dsa->q); + + for (i = 0; i < num_indexes; i++) { + p = ASN1_STRING_data(master->secret_factors) + bn_size * index[i]; + if (!BN_bin2bn(p, bn_size, bn)) { + goto err; + } + if (BN_is_zero(bn) || BN_cmp(bn, dsa->q) >= 0) { + goto err; + } + if (!BN_mod_add(dsa->priv_key, dsa->priv_key, bn, dsa->q, ctx)) { + goto err; + } + } + + if (!(dsa->pub_key)) + if (!(dsa->pub_key = BN_new())) { + goto err; + } + if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { + goto err; + } + e = 0; + +err: + if (e && dsa) { + DSA_free(dsa); + dsa = NULL; + } + if (bn) BN_free(bn); + if (ctx) BN_CTX_free(ctx); + if (index) OPENSSL_free(index); + return dsa; +} + +static DSA *extract_dsa_pub_key(CPK_PUBLIC_PARAMS *param, const char *id) +{ + int e = 1; + DSA *dsa = NULL; + BIGNUM *bn = BN_new(); + BN_CTX *ctx = BN_CTX_new(); + const unsigned char *p; + int *index = NULL; + int i, num_indexes, bn_size; + + + if (!bn || !ctx) { + goto err; + } + if (!(dsa = X509_ALGOR_get1_DSA(param->pkey_algor))) { + goto err; + } + + if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) { + goto err; + } + if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) { + goto err; + } + if (!CPK_MAP_str2index(param->map_algor, id, index)) { + goto err; + } + if (!dsa->pub_key) { + if (!(dsa->pub_key = BN_new())) { + goto err; + } + } + BN_zero(dsa->pub_key); + bn_size = BN_num_bytes(dsa->p); + + for (i = 0; i < num_indexes; i++) { + p = ASN1_STRING_data(param->public_factors) + bn_size * index[i]; + if (!BN_bin2bn(p, bn_size, bn)) { + goto err; + } + if (BN_is_zero(bn) || BN_cmp(bn, dsa->p) >= 0) { + goto err; + } + if (!BN_mod_add(dsa->pub_key, dsa->pub_key, bn, dsa->p, ctx)) { + goto err; + } + } + e = 0; + +err: + if (e && dsa) { + DSA_free(dsa); + dsa = NULL; + } + if (bn) BN_free(bn); + if (ctx) BN_CTX_free(ctx); + if (index) OPENSSL_free(index); + return dsa; +} + +static EC_KEY *X509_ALGOR_get1_EC_KEY(X509_ALGOR *algor) +{ + EC_KEY *ec_key = NULL; + int ptype; + void *pval; + const unsigned char *p; + + X509_ALGOR_get0(NULL, &ptype, &pval, algor); + + if (ptype == V_ASN1_SEQUENCE) { + ASN1_OCTET_STRING *pstr = (ASN1_OCTET_STRING *)pval; + p = pstr->data; + if (!(ec_key = d2i_ECParameters(NULL, &p, pstr->length))) { + CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB); + return NULL; + } + + } else if (ptype == V_ASN1_OBJECT) { + ASN1_OBJECT *poid = (ASN1_OBJECT *)pval; + EC_GROUP *group; + if (!(ec_key = EC_KEY_new())) { + CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_MALLOC_FAILURE); + return NULL; + } + if (!(group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid)))) { + EC_KEY_free(ec_key); + CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB); + return NULL; + } + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + if (!EC_KEY_set_group(ec_key, group)) { + EC_GROUP_free(group); + EC_KEY_free(ec_key); + CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, ERR_R_EC_LIB); + return NULL; + } + EC_GROUP_free(group); + + } else { + CPKerr(CPK_F_X509_ALGOR_GET1_EC_KEY, CPK_R_BAD_DATA); + return NULL; + } + return ec_key; +} + +static int extract_ec_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *param) +{ + int ret = 0; + EC_KEY *ec_key = NULL; + const EC_GROUP *ec_group; + BIGNUM *bn = BN_new(); + BIGNUM *order = BN_new(); + BN_CTX *ctx = BN_CTX_new(); + EC_POINT *pt = NULL; + int i, bn_size, pt_size, num_factors; + const unsigned char *bn_ptr; + unsigned char *pt_ptr; + + if (!bn || !order || !ctx) { + goto err; + } + + if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) { + goto err; + } + ec_group = EC_KEY_get0_group(ec_key); + if (!(EC_GROUP_get_order(ec_group, order, ctx))) { + goto err; + } + bn_size = BN_num_bytes(order); + pt_size = bn_size + 1; + + if ((num_factors = CPK_MAP_num_factors(master->map_algor)) <= 0) { + goto err; + } + if (ASN1_STRING_length(master->secret_factors) != bn_size * num_factors) { + goto err; + } + if (!ASN1_STRING_set(param->public_factors, NULL, pt_size * num_factors)) { + goto err; + } + + bn_ptr = ASN1_STRING_data(master->secret_factors); + pt_ptr = ASN1_STRING_data(param->public_factors); + memset(pt_ptr, 0, ASN1_STRING_length(param->public_factors)); + + if (!(pt = EC_POINT_new(ec_group))) { + goto err; + } + for (i = 0; i < num_factors; i++) { + if (!BN_bin2bn(bn_ptr, bn_size, bn)) { + goto err; + } + if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) { + goto err; + } + if (!EC_POINT_mul(ec_group, pt, bn, NULL, NULL, ctx)) { + goto err; + } + + if (!EC_POINT_point2oct(ec_group, pt, + POINT_CONVERSION_COMPRESSED, pt_ptr, pt_size, ctx)) { + goto err; + } + bn_ptr += bn_size; + pt_ptr += pt_size; + } + + ret = 1; +err: + if (ec_key) EC_KEY_free(ec_key); + if (bn) BN_free(bn); + if (order) BN_free(order); + if (ctx) BN_CTX_free(ctx); + if (pt) EC_POINT_free(pt); + return ret; +} + + + +static EC_KEY *extract_ec_priv_key(CPK_MASTER_SECRET *master, const char *id) +{ + int e = 1; + EC_KEY *ec_key = NULL; + const EC_GROUP *ec_group; + EC_POINT *pub_key = NULL; + BIGNUM *priv_key = BN_new(); + BIGNUM *order = BN_new(); + BIGNUM *bn = BN_new(); + BN_CTX *ctx = BN_CTX_new(); + int *index = NULL; + int i, num_indexes, bn_size; + + + if (!priv_key || !bn || !order || !ctx) { + goto err; + } + + if (!(ec_key = X509_ALGOR_get1_EC_KEY(master->pkey_algor))) { + goto err; + } + ec_group = EC_KEY_get0_group(ec_key); + if (!(pub_key = EC_POINT_new(ec_group))) { + goto err; + } + + if ((num_indexes = CPK_MAP_num_indexes(master->map_algor)) <= 0) { + goto err; + } + if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) { + goto err; + } + if (!CPK_MAP_str2index(master->map_algor, id, index)) { + goto err; + } + + BN_zero(priv_key); + if (!(EC_GROUP_get_order(EC_KEY_get0_group(ec_key), order, ctx))) { + goto err; + } + bn_size = BN_num_bytes(order); + + for (i = 0; i < num_indexes; i++) { + const unsigned char *p = + ASN1_STRING_data(master->secret_factors) + + bn_size * index[i]; + + if (!BN_bin2bn(p, bn_size, bn)) { + goto err; + } + if (BN_is_zero(bn) || BN_cmp(bn, order) >= 0) { + goto err; + } + if (!BN_mod_add(priv_key, priv_key, bn, order, ctx)) { + goto err; + } + } + if (!EC_KEY_set_private_key(ec_key, priv_key)) { + goto err; + } + + if (!EC_POINT_mul(ec_group, pub_key, priv_key, NULL, NULL, ctx)) { + goto err; + } + if (!EC_KEY_set_public_key(ec_key, pub_key)) { + goto err; + } + e = 0; + +err: + if (e && ec_key) { + EC_KEY_free(ec_key); + ec_key = NULL; + } + if (priv_key) BN_free(priv_key); + if (pub_key) EC_POINT_free(pub_key); + if (order) BN_free(order); + if (bn) BN_free(bn); + if (ctx) BN_CTX_free(ctx); + if (index) OPENSSL_free(index); + return ec_key; +} + +static EC_KEY *extract_ec_pub_key(CPK_PUBLIC_PARAMS *param, const char *id) +{ + int e = 1; + EC_KEY *ec_key = NULL; + const EC_GROUP *ec_group; + EC_POINT *pub_key = NULL; + EC_POINT *pt = NULL; + BIGNUM *order = BN_new(); + BIGNUM *bn = BN_new(); + BN_CTX *ctx = BN_CTX_new(); + int *index = NULL; + int i, bn_size, pt_size, num_indexes, num_factors; + + if (!(ec_key = X509_ALGOR_get1_EC_KEY(param->pkey_algor))) { + goto err; + } + ec_group = EC_KEY_get0_group(ec_key); + + if (!(pub_key = EC_POINT_new(ec_group))) { + goto err; + } + if (!(pt = EC_POINT_new(ec_group))) { + goto err; + } + if (!EC_GROUP_get_order(ec_group, order, ctx)) { + goto err; + } + bn_size = BN_num_bytes(order); + pt_size = bn_size + 1; + if ((num_factors = CPK_MAP_num_factors(param->map_algor)) <= 0) { + goto err; + } + if (ASN1_STRING_length(param->public_factors) != pt_size * num_factors) { + goto err; + } + + if ((num_indexes = CPK_MAP_num_indexes(param->map_algor)) <= 0) { + goto err; + } + if (!(index = OPENSSL_malloc(sizeof(int) * num_indexes))) { + goto err; + } + if (!CPK_MAP_str2index(param->map_algor, id, index)) { + goto err; + } + + if (!EC_POINT_set_to_infinity(ec_group, pub_key)) { + goto err; + } + for (i = 0; i < num_indexes; i++) { + const unsigned char *p = + ASN1_STRING_data(param->public_factors) + + pt_size * index[i]; + + if (!EC_POINT_oct2point(ec_group, pt, p, pt_size, ctx)) { + goto err; + } + if (!EC_POINT_add(ec_group, pub_key, pub_key, pt, ctx)) { + goto err; + } + } + + if (!EC_KEY_set_public_key(ec_key, pub_key)) { + goto err; + } + e = 0; +err: + if (e && ec_key) { + EC_KEY_free(ec_key); + ec_key = NULL; + } + if (pub_key) EC_POINT_free(pub_key); + if (order) BN_free(order); + if (bn) BN_free(bn); + if (ctx) BN_CTX_free(ctx); + if (index) OPENSSL_free(index); + return ec_key; +} + + diff --git a/crypto/cpk/cpk_map.c b/crypto/cpk/cpk_map.c new file mode 100755 index 00000000..ebbc505e --- /dev/null +++ b/crypto/cpk/cpk_map.c @@ -0,0 +1,178 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +#include +#include +#include +#include + +X509_ALGOR *CPK_MAP_new_default() +{ + X509_ALGOR *algor = NULL; + const EVP_MD *md = EVP_sha1(); + + if (md != EVP_sha1() && md != EVP_sha384()) { + CPKerr(CPK_F_CPK_MAP_NEW_DEFAULT, CPK_R_BAD_ARGUMENT); + goto end; + } + if (!(algor = X509_ALGOR_new())) { + CPKerr(CPK_F_CPK_MAP_NEW_DEFAULT, ERR_R_X509_LIB); + goto end; + } + if (!X509_ALGOR_set0(algor, OBJ_nid2obj(EVP_MD_nid(md)), + V_ASN1_UNDEF, NULL)) { + X509_ALGOR_free(algor); + algor = NULL; + CPKerr(CPK_F_CPK_MAP_NEW_DEFAULT, ERR_R_X509_LIB); + goto end; + } +end: + return algor; +} + +int CPK_MAP_is_valid(const X509_ALGOR *algor) +{ + OPENSSL_assert(algor); + OPENSSL_assert(algor->algorithm); + switch (OBJ_obj2nid(algor->algorithm)) { + case NID_sha1: + case NID_sha384: + return 1; + } + return 0; +} + +int CPK_MAP_num_subset(const X509_ALGOR *algor) +{ + OPENSSL_assert(algor); + OPENSSL_assert(algor->algorithm); + switch (OBJ_obj2nid(algor->algorithm)) { + case NID_sha1: + return 32; + case NID_sha384: + return 4096; + } + return -1; +} + +int CPK_MAP_num_factors(const X509_ALGOR *algor) +{ + return 1024; +} + +int CPK_MAP_num_indexes(const X509_ALGOR *algor) +{ + return 32; +} + +int CPK_MAP_num_index(const X509_ALGOR *algor) +{ + OPENSSL_assert(algor); + OPENSSL_assert(algor->algorithm); + switch (OBJ_obj2nid(algor->algorithm)) { + case NID_sha1: + return 32; + case NID_sha384: + return 32; + } + return -1; +} + +int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index) +{ + int ret = 0; + const EVP_MD *md; + unsigned char dgst[EVP_MAX_MD_SIZE]; + unsigned int dgstlen; + BIGNUM *bn = NULL; + int i, num_index, num_subset; + + OPENSSL_assert(algor); + OPENSSL_assert(algor->algorithm); + OPENSSL_assert(str); + OPENSSL_assert(strlen(str) > 0); + + if (!CPK_MAP_is_valid(algor)) { + CPKerr(CPK_F_CPK_MAP_STR2INDEX, CPK_R_INVALID_MAP_ALGOR); + goto err; + } + if (!index) { + ret = CPK_MAP_num_index(algor); + goto err; + } + if (!(md = EVP_get_digestbyobj(algor->algorithm))) { + CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_EVP_LIB); + goto err; + } + if (!EVP_Digest(str, strlen(str), dgst, &dgstlen, md, NULL)) { + CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_EVP_LIB); + return 0; + } + if (!(bn = BN_new())) { + CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_BN_LIB); + goto err; + } + if (!BN_bin2bn(dgst, dgstlen, bn)) { + CPKerr(CPK_F_CPK_MAP_STR2INDEX, ERR_R_BN_LIB); + goto err; + } + num_index = CPK_MAP_num_index(algor); + num_subset = CPK_MAP_num_subset(algor); + + for (i = 0; i < num_index; i++) { + int r = BN_mod_word(bn, num_subset); + index[i] = num_subset * i + r; + } + ret = num_index; +err: + if (bn) BN_free(bn); + return ret; +} + diff --git a/crypto/cpk/cpk_prn.c b/crypto/cpk/cpk_prn.c new file mode 100644 index 00000000..5843cdf3 --- /dev/null +++ b/crypto/cpk/cpk_prn.c @@ -0,0 +1,69 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include + +int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master, + int indent, unsigned long flags) +{ + + BIO_printf(out, "%s() not implemented\n", __FUNCTION__); + + return 1; +} + +int CPK_PUBLIC_PARAMS_print(BIO *out, CPK_PUBLIC_PARAMS *params, + int indent, unsigned long flags) +{ + BIO_printf(out, "%s() not implemented\n", __FUNCTION__); + return 1; +} + diff --git a/crypto/err/err.c b/crypto/err/err.c index 8061d847..caff8129 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -62,6 +62,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = { {ERR_PACK(ERR_LIB_KDF2, 0, 0), "KDF2 routines"}, {ERR_PACK(ERR_LIB_FFX, 0, 0), "FFX routines"}, {ERR_PACK(ERR_LIB_PAILLIER, 0, 0), "PAILLIER routines"}, + {ERR_PACK(ERR_LIB_CPK, 0, 0), "CPK routines"}, {0, NULL}, }; @@ -109,6 +110,7 @@ static ERR_STRING_DATA ERR_str_reasons[] = { {ERR_R_KDF2_LIB, "KDF2 lib"}, {ERR_R_FFX_LIB, "FFX lib"}, {ERR_R_PAILLIER_LIB, "PAILLIER lib"}, + {ERR_R_CPK_LIB, "CPK lib"}, {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"}, {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"}, diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index d53fc249..2dbe0d96 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -42,6 +42,7 @@ #include #include #include +#include int err_load_crypto_strings_int(void) { @@ -113,6 +114,9 @@ int err_load_crypto_strings_int(void) # ifndef OPENSSL_NO_PAILLIER ERR_load_PAILLIER_strings() == 0 || # endif +# ifndef OPENSSL_NO_CPK + ERR_load_CPK_strings() == 0 || +# endif #endif ERR_load_KDF_strings() == 0) return 0; diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 1276ef4e..7b687372 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -38,6 +38,7 @@ L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c L KDF2 include/openssl/kdf2.h crypto/kdf2/kdf2_err.c L FFX include/openssl/ffx.h crypto/ffx/ffx_err.c L PAILLIER include/openssl/paillier.h crypto/paillier/paillier_err.c +L CPK include/openssl/cpk.h crypto/cpk/cpk_err.c # additional header files to be scanned for function names L NONE crypto/x509/x509_vfy.h NONE diff --git a/include/openssl/cpk.h b/include/openssl/cpk.h new file mode 100755 index 00000000..0a55c051 --- /dev/null +++ b/include/openssl/cpk.h @@ -0,0 +1,150 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +/* + * CPK (Combined Public Key) is an identity-based cryptographic scheme + * with bound security. + */ + +#ifndef HEADER_CPK_H +#define HEADER_CPK_H + +#include +#include +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define CPK_MAX_ID_LENGTH 64 + + +X509_ALGOR *CPK_MAP_new_default(void); +int CPK_MAP_is_valid(const X509_ALGOR *algor); +int CPK_MAP_num_factors(const X509_ALGOR *algor); +int CPK_MAP_num_indexes(const X509_ALGOR *algor); +int CPK_MAP_str2index(const X509_ALGOR *algor, const char *str, int *index); +int CPK_MAP_print(BIO *out, X509_ALGOR *map, int indent, unsigned long flags); + + +typedef struct cpk_master_secret_st { + long version; + X509_NAME *id; + X509_ALGOR *pkey_algor; + X509_ALGOR *map_algor; + ASN1_OCTET_STRING *secret_factors; +} CPK_MASTER_SECRET; +DECLARE_ASN1_FUNCTIONS(CPK_MASTER_SECRET) + +typedef struct cpk_public_params_st { + long version; + X509_NAME *id; + X509_ALGOR *pkey_algor; + X509_ALGOR *map_algor; + ASN1_OCTET_STRING *public_factors; +} CPK_PUBLIC_PARAMS; +DECLARE_ASN1_FUNCTIONS(CPK_PUBLIC_PARAMS) + +CPK_MASTER_SECRET *CPK_MASTER_SECRET_create(const char *domain_id, EVP_PKEY *pkey, X509_ALGOR *map_algor); +CPK_PUBLIC_PARAMS *CPK_MASTER_SECRET_extract_public_params(CPK_MASTER_SECRET *master); +EVP_PKEY *CPK_MASTER_SECRET_extract_private_key(CPK_MASTER_SECRET *master, const char *id); +EVP_PKEY *CPK_PUBLIC_PARAMS_extract_public_key(CPK_PUBLIC_PARAMS *params, const char *id); +int CPK_PUBLIC_PARAMS_compute_share_key(CPK_PUBLIC_PARAMS *params, + void *out, size_t outlen, const char *id, EVP_PKEY *priv_key, + void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen)); + +char *CPK_MASTER_SECRET_get_name(CPK_MASTER_SECRET *master, char *buf, int size); +char *CPK_PUBLIC_PARAMS_get_name(CPK_PUBLIC_PARAMS *params); +int CPK_MASTER_SECRET_digest(CPK_MASTER_SECRET *master, const EVP_MD *type, unsigned char *md, unsigned int *len); +int CPK_PUBLIC_PARAMS_digest(CPK_PUBLIC_PARAMS *params, const EVP_MD *type, unsigned char *md, unsigned int *len); +int CPK_MASTER_SECRET_print(BIO *out, CPK_MASTER_SECRET *master, int indent, unsigned long flags); +int CPK_PUBLIC_PARAMS_print(BIO *out, CPK_PUBLIC_PARAMS *params, int indent, unsigned long flags); +int CPK_MASTER_SECRET_validate_public_params(CPK_MASTER_SECRET *master, CPK_PUBLIC_PARAMS *params); +int CPK_PUBLIC_PARAMS_validate_private_key(CPK_PUBLIC_PARAMS *params, const char *id, const EVP_PKEY *pkey); + +CPK_MASTER_SECRET *d2i_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET **master); +int i2d_CPK_MASTER_SECRET_bio(BIO *bp, CPK_MASTER_SECRET *master); +CPK_PUBLIC_PARAMS *d2i_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS **params); +int i2d_CPK_PUBLIC_PARAMS_bio(BIO *bp, CPK_PUBLIC_PARAMS *params); + + +/* BEGIN ERROR CODES */ +/* + * The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ + +int ERR_load_CPK_strings(void); + +/* Error codes for the CPK functions. */ + +/* Function codes. */ +# define CPK_F_CPK_MAP_NEW_DEFAULT 100 +# define CPK_F_CPK_MAP_STR2INDEX 101 +# define CPK_F_CPK_MASTER_SECRET_CREATE 102 +# define CPK_F_CPK_MASTER_SECRET_EXTRACT_PRIVATE_KEY 103 +# define CPK_F_CPK_MASTER_SECRET_EXTRACT_PUBLIC_PARAMS 104 +# define CPK_F_CPK_PUBLIC_PARAMS_COMPUTE_SHARE_KEY 105 +# define CPK_F_CPK_PUBLIC_PARAMS_EXTRACT_PUBLIC_KEY 106 +# define CPK_F_CPK_PUBLIC_PARAMS_VALIDATE_PRIVATE_KEY 107 +# define CPK_F_X509_ALGOR_GET1_DSA 108 +# define CPK_F_X509_ALGOR_GET1_EC_KEY 109 + +/* Reason codes. */ +# define CPK_R_BAD_ARGUMENT 100 +# define CPK_R_BAD_DATA 101 +# define CPK_R_INVALID_ID_LENGTH 102 +# define CPK_R_INVALID_MAP_ALGOR 103 +# define CPK_R_INVALID_PKEY_TYPE 104 + +# ifdef __cplusplus +} +# endif +#endif diff --git a/include/openssl/err.h b/include/openssl/err.h index 37efb62e..976b4b86 100644 --- a/include/openssl/err.h +++ b/include/openssl/err.h @@ -96,6 +96,7 @@ typedef struct err_state_st { # define ERR_LIB_KDF2 53 # define ERR_LIB_FFX 54 # define ERR_LIB_PAILLIER 55 +# define ERR_LIB_CPK 56 # define ERR_LIB_USER 128 @@ -137,6 +138,7 @@ typedef struct err_state_st { # define KDF2err(f,r) ERR_PUT_error(ERR_LIB_KDF2,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define FFXerr(f,r) ERR_PUT_error(ERR_LIB_FFX,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define PAILLIERerr(f,r) ERR_PUT_error(ERR_LIB_PAILLIER,(f),(r),OPENSSL_FILE,OPENSSL_LINE) +# define CPKerr(f,r) ERR_PUT_error(ERR_LIB_CPK,(f),(r),OPENSSL_FILE,OPENSSL_LINE) # define ERR_PACK(l,f,r) ( \ (((unsigned int)(l) & 0x0FF) << 24L) | \ @@ -187,6 +189,7 @@ typedef struct err_state_st { # define ERR_R_KDF2_LIB ERR_LIB_KDF2/* 53 */ # define ERR_R_FFX_LIB ERR_LIB_FFX/* 54 */ # define ERR_R_PAILLIER_LIB ERR_LIB_PAILLIER/* 55 */ +# define ERR_R_CPK_LIB ERR_LIB_CPK/* 56 */ # define ERR_R_NESTED_ASN1_ERROR 58 # define ERR_R_MISSING_ASN1_EOS 63 diff --git a/test/build.info b/test/build.info index 608d88e4..35716bfc 100644 --- a/test/build.info +++ b/test/build.info @@ -17,7 +17,7 @@ IF[{- !$disabled{tests} -}] dtlsv1listentest ct_test threadstest afalgtest d2i_test \ ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ - sm3test sms4test kdf2test eciestest ffxtest sm2test pailliertest + sm3test sms4test kdf2test eciestest ffxtest sm2test pailliertest cpktest SOURCE[aborttest]=aborttest.c INCLUDE[aborttest]=../include @@ -312,6 +312,10 @@ IF[{- !$disabled{tests} -}] INCLUDE[pailliertest]=../include DEPEND[pailliertest]=../libcrypto + SOURCE[cpktest]=cpktest.c + INCLUDE[cpktest]=../include + DEPEND[cpktest]=../libcrypto + IF[{- !$disabled{shared} -}] PROGRAMS_NO_INST=shlibloadtest SOURCE[shlibloadtest]=shlibloadtest.c diff --git a/test/cpktest.c b/test/cpktest.c new file mode 100644 index 00000000..8f67eaa9 --- /dev/null +++ b/test/cpktest.c @@ -0,0 +1,198 @@ +/* ==================================================================== + * Copyright (c) 2007 - 2016 The GmSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the GmSSL Project. + * (http://gmssl.org/)" + * + * 4. The name "GmSSL Project" must not be used to endorse or promote + * products derived from this software without prior written + * permission. For written permission, please contact + * guanzhi1980@gmail.com. + * + * 5. Products derived from this software may not be called "GmSSL" + * nor may "GmSSL" appear in their names without prior written + * permission of the GmSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the GmSSL Project + * (http://gmssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#include +#include +#include +#include "../e_os.h" + +#ifdef OPENSSL_NO_CPK +int main(int argc, char **argv) +{ + printf("NO CPK support\n"); + return 0; +} +#else +# include +# include +# include +# include +# include +# include +# include + + +const char *id_short = "id"; +const char *id_long = + "123456789022345678903234567890423456789052345678906234567890" + "123456789022345678903234567890423456789052345678906234567890"; + + +int EVP_PKEY_print_fp(const EVP_PKEY *pkey, FILE *fp) +{ + ASN1_PCTX *ctx = ASN1_PCTX_new(); + BIO *bio = BIO_new_fp(fp, BIO_NOCLOSE); + + EVP_PKEY_print_params(bio, pkey, 0, ctx); + EVP_PKEY_print_public(bio, pkey, 0, ctx); + EVP_PKEY_print_private(bio, pkey, 0, NULL); + + return 0; +} + +int main(int argc, char **argv) +{ + int r, i; + KDF_FUNC kdf = NULL; + EC_GROUP *ec_group = NULL; + EC_KEY *ec_key = NULL; + EVP_PKEY *pkey = NULL; + EVP_PKEY *pub_key = NULL; + EVP_PKEY *priv_key = NULL; + X509_ALGOR *map = NULL; + CPK_MASTER_SECRET *master = NULL; + CPK_PUBLIC_PARAMS *params = NULL; + BIO *bio_out = NULL; + unsigned char *buf = NULL; + unsigned char *p; + const unsigned char *cp; + int len; + + return 0; + + /* init openssl global functions */ + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + + /* prepare cpk setup parameters */ + if (!(ec_key = EC_KEY_new_by_curve_name(OBJ_sn2nid("prime192v1")))) { + goto end; + } + EC_GROUP_set_asn1_flag((EC_GROUP *)EC_KEY_get0_group(ec_key), OPENSSL_EC_NAMED_CURVE); + r = EC_KEY_generate_key(ec_key); + + + + + + pkey = EVP_PKEY_new(); + r = EVP_PKEY_set1_EC_KEY(pkey, ec_key); + map = CPK_MAP_new_default(); + + + //EVP_PKEY_print_fp(pkey, stdout); + + /* generate master_secret and public_params */ + master = CPK_MASTER_SECRET_create("domainid", pkey, map); + + bio_out = BIO_new_fp(stdout, BIO_NOCLOSE); + + r = CPK_MASTER_SECRET_print(bio_out, master, 0, 0); + + EVP_PKEY_free(pkey); + pkey = NULL; + pkey = CPK_MASTER_SECRET_extract_private_key(master, "id"); + EVP_PKEY_free(pkey); + //pkey = CPK_MASTER_SECRET_extract_private_key(master, NULL); + //assert(pkey == NULL); + pkey = CPK_MASTER_SECRET_extract_private_key(master, id_long); + EVP_PKEY_print_fp(pkey, stdout); + params = CPK_MASTER_SECRET_extract_public_params(master); + r = CPK_PUBLIC_PARAMS_print(bio_out, params, 0, 0); + printf("\n"); + + printf("test CPK_PUBLIC_PARAMS_extract_public_key()\n"); + pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id_short); + EVP_PKEY_free(pub_key); + + pub_key = CPK_PUBLIC_PARAMS_extract_public_key(params, id_long); + printf("Public Key of '%s':\n", id_long); + EVP_PKEY_print_fp(pkey, stdout); + printf("\n"); + + r = CPK_MASTER_SECRET_validate_public_params(master, params); + if (priv_key) EVP_PKEY_free(priv_key); + priv_key = CPK_MASTER_SECRET_extract_private_key(master, "identity"); + r = CPK_PUBLIC_PARAMS_validate_private_key(params, "identity", priv_key); + r = CPK_PUBLIC_PARAMS_validate_private_key(params, "id", priv_key); + + /* der encoding and decoding */ + len = i2d_CPK_MASTER_SECRET(master, NULL); + if (buf != NULL) OPENSSL_free(buf); + buf = OPENSSL_malloc(len); + p = buf; + len = i2d_CPK_MASTER_SECRET(master, &p); + + cp = buf; + if (master) CPK_MASTER_SECRET_free(master); + master = NULL; + master = d2i_CPK_MASTER_SECRET(NULL, &cp, len); + r = CPK_MASTER_SECRET_validate_public_params(master, params); + + kdf = KDF_get_x9_63(EVP_sha1()); + + if (priv_key != NULL) EVP_PKEY_free(priv_key); + priv_key = CPK_MASTER_SECRET_extract_private_key(master, "Alice"); + + if (buf != NULL) OPENSSL_free(buf); + buf = OPENSSL_malloc(1024); + r = CPK_PUBLIC_PARAMS_compute_share_key(params, buf, 64, "Bob", priv_key, kdf); + for (i = 0; i < 64; i++) printf("%02x", buf[i]); printf("\n"); + + if (priv_key != NULL) + EVP_PKEY_free(priv_key); + priv_key = CPK_MASTER_SECRET_extract_private_key(master, "Bob"); + r = CPK_PUBLIC_PARAMS_compute_share_key(params, buf, 64, "Alice", priv_key, kdf); + for (i = 0; i < 64; i++) printf("%02x", buf[i]); printf("\n"); + +end: + printf("ok\n"); + return 0; +} +#endif diff --git a/test/recipes/15-test_cpk.t b/test/recipes/15-test_cpk.t new file mode 100644 index 00000000..8ef242f4 --- /dev/null +++ b/test/recipes/15-test_cpk.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_cpk", "cpktest", "cpk"); diff --git a/util/mkdef.pl b/util/mkdef.pl index 8d42aefd..e66f7fa3 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -132,7 +132,7 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", "CMAC", # APPLINK (win build feature?) "APPLINK", - "SM3", "SMS4", "KDF2", "ECIES", "FFX", "PAILLIER" + "SM3", "SMS4", "KDF2", "ECIES", "FFX", "PAILLIER", "CPK" ); my %disabled_algorithms;