ircd-hybrid-8/src/rsa.c

/*
 *  ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
 *  rsa.c: Functions for use with RSA public key cryptography.
 *
 *  Copyright (C) 2002 by the past and present ircd coders, and others.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
 *  USA
 *
 *  $Id: rsa.c,v 7.34 2005/07/26 03:33:05 adx Exp $
 */

#include "stdinc.h"

#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/md5.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/err.h>

#include "memory.h"
#include "rsa.h"
#include "tools.h"
#include "s_conf.h"
#include "s_log.h"
#include "client.h" /* CIPHERKEYLEN .. eww */
#include "ircd.h" /* bio_spare_fd */

static void binary_to_hex(unsigned char *bin, char *hex, int length);

/*
 * report_crypto_errors - Dump crypto error list to log
 */
void
report_crypto_errors(void)
{
  unsigned long e   = 0;
  unsigned long cnt = 0;

  ERR_load_crypto_strings();

  while ((cnt < 100) && (e = ERR_get_error()))
  {
    ilog(L_CRIT, "SSL error: %s", ERR_error_string(e, 0));
    cnt++;
  }
}

/*
 * verify_private_key - reread private key and verify against inmem key
 */
int
verify_private_key(void)
{
  BIO *file;
  RSA *key;
  RSA *mkey;

  /* If the rsa_private_key directive isn't found, error out. */
  if (ServerInfo.rsa_private_key == NULL)
  {
    ilog(L_NOTICE, "rsa_private_key in serverinfo{} is not defined.");
    return -1;
  }

  /* If rsa_private_key_file isn't available, error out. */
  if (ServerInfo.rsa_private_key_file == NULL)
  {
    ilog(L_NOTICE, "Internal error: rsa_private_key_file isn't defined.");
    return -1;
  }

  if (bio_spare_fd > -1)
    close(bio_spare_fd);

  file = BIO_new_file(ServerInfo.rsa_private_key_file, "r");

  /*
   * If BIO_new_file returned NULL (according to OpenSSL docs), then
   * an error occurred.
   */
  if (file == NULL)
  {
    bio_spare_fd = save_spare_fd("SSL private key validation");
    ilog(L_NOTICE, "Failed to open private key file - can't validate it");
    return -1;
  }

  /*
   * jdc -- Let's do this a little differently.  According to the
   *        OpenSSL documentation, you need to METHOD_free(key) before
   *        assigning it.  Don't believe me?  Check out the following
   *        URL:  http://www.openssl.org/docs/crypto/pem.html#BUGS
   * P.S. -- I have no idea why the key= assignment has to be typecasted.
   *         For some reason the system thinks PEM_read_bio_RSAPrivateKey
   *         is returning an int, not a RSA *.
   * androsyn -- Thats because you didn't have a prototype and including
   *             pem.h breaks things for some reason..
   */
  key = (RSA *) PEM_read_bio_RSAPrivateKey(file, NULL, 0, NULL);

  if (key == NULL)
  {
    ilog(L_NOTICE, "PEM_read_bio_RSAPrivateKey() failed; possibly not RSA?");
    report_crypto_errors();
    return -1;
  }

  BIO_set_close(file, BIO_CLOSE);
  BIO_free(file);
  bio_spare_fd = save_spare_fd("SSL private key validation");

  mkey = ServerInfo.rsa_private_key;

  /*
   * Compare the in-memory key to the key we just loaded above.  If
   * any of the portions don't match, then logically we have a different
   * in-memory key vs. the one we just loaded.  This is bad, mmmkay?
   */
  if (mkey->pad != key->pad)
    ilog(L_CRIT, "Private key corrupted: pad %i != pad %i",
                 mkey->pad, key->pad);
  
  if (mkey->version != key->version)
  {
#if (OPENSSL_VERSION_NUMBER & 0x00907000) == 0x00907000
    ilog(L_CRIT, "Private key corrupted: version %li != version %li",
                 mkey->version, key->version);
#else
    ilog(L_CRIT, "Private key corrupted: version %i != version %i",
                 mkey->version, key->version);
#endif
  }    

  if (BN_cmp(mkey->n, key->n))
    ilog(L_CRIT, "Private key corrupted: n differs");
  if (BN_cmp(mkey->e, key->e))
    ilog(L_CRIT, "Private key corrupted: e differs");
  if (BN_cmp(mkey->d, key->d))
    ilog(L_CRIT, "Private key corrupted: d differs");
  if (BN_cmp(mkey->p, key->p))
    ilog(L_CRIT, "Private key corrupted: p differs");
  if (BN_cmp(mkey->q, key->q))
    ilog(L_CRIT, "Private key corrupted: q differs");
  if (BN_cmp(mkey->dmp1, key->dmp1))
    ilog(L_CRIT, "Private key corrupted: dmp1 differs");
  if (BN_cmp(mkey->dmq1, key->dmq1))
    ilog(L_CRIT, "Private key corrupted: dmq1 differs");
  if (BN_cmp(mkey->iqmp, key->iqmp))
    ilog(L_CRIT, "Private key corrupted: iqmp differs");

  RSA_free(key);
  return 0;
}


static void
binary_to_hex(unsigned char *bin, char *hex, int length)
{
  static const char trans[] = "0123456789ABCDEF";
  int i;

  for(i = 0; i < length; i++)
  {
    hex[i  << 1]      = trans[bin[i] >> 4];
    hex[(i << 1) + 1] = trans[bin[i] & 0xf];
  }

  hex[i << 1] = '\0';
}

int
get_randomness(unsigned char *buf, int length)
{
    /* Seed OpenSSL PRNG with EGD enthropy pool -kre */
    if (ConfigFileEntry.use_egd &&
        (ConfigFileEntry.egdpool_path != NULL))
    {
      if (RAND_egd(ConfigFileEntry.egdpool_path) == -1)
            return -1;
    }

  if (RAND_status())
    return (RAND_bytes(buf, length));
  else /* XXX - abort? */
    return (RAND_pseudo_bytes(buf, length));
}

int
generate_challenge(char **r_challenge, char **r_response, RSA *rsa)
{
  unsigned char secret[32], *tmp;
  unsigned long length;
  int ret = -1;

  if (!rsa)
        return -1;
  get_randomness(secret, 32);
  *r_response = MyMalloc(65);
  binary_to_hex(secret, *r_response, 32);

  length = RSA_size(rsa);
  tmp = MyMalloc(length);
  ret = RSA_public_encrypt(32, secret, tmp, rsa, RSA_PKCS1_PADDING);

  *r_challenge = MyMalloc((length << 1) + 1);
  binary_to_hex( tmp, *r_challenge, length);
  (*r_challenge)[length<<1] = 0;
  MyFree(tmp);

  if (ret < 0)
  {
    report_crypto_errors();
    return -1;
  }
  return 0;
}
Revision:	30
Committed:	Sun Oct 2 20:03:27 2005 UTC (19 years, 10 months ago) by adx
Content type:	text/x-csrc
Original Path:	*ircd-hybrid/src/rsa.c*
File size:	6436 byte(s)
Log Message:	- imported sources - can be moved later according to the directory/branching scheme, but we need the svn up
#	User	Rev	Content
1	adx	30	/*
2			* ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
3			* rsa.c: Functions for use with RSA public key cryptography.
4			*
5			* Copyright (C) 2002 by the past and present ircd coders, and others.
6			*
7			* This program is free software; you can redistribute it and/or modify
8			* it under the terms of the GNU General Public License as published by
9			* the Free Software Foundation; either version 2 of the License, or
10			* (at your option) any later version.
11			*
12			* This program is distributed in the hope that it will be useful,
13			* but WITHOUT ANY WARRANTY; without even the implied warranty of
14			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15			* GNU General Public License for more details.
16			*
17			* You should have received a copy of the GNU General Public License
18			* along with this program; if not, write to the Free Software
19			* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
20			* USA
21			*
22			* $Id: rsa.c,v 7.34 2005/07/26 03:33:05 adx Exp $
23			*/
24
25			#include "stdinc.h"
26
27			#include <openssl/pem.h>
28			#include <openssl/rand.h>
29			#include <openssl/rsa.h>
30			#include <openssl/md5.h>
31			#include <openssl/bn.h>
32			#include <openssl/evp.h>
33			#include <openssl/err.h>
34
35			#include "memory.h"
36			#include "rsa.h"
37			#include "tools.h"
38			#include "s_conf.h"
39			#include "s_log.h"
40			#include "client.h" /* CIPHERKEYLEN .. eww */
41			#include "ircd.h" /* bio_spare_fd */
42
43			static void binary_to_hex(unsigned char bin, char hex, int length);
44
45			/*
46			* report_crypto_errors - Dump crypto error list to log
47			*/
48			void
49			report_crypto_errors(void)
50			{
51			unsigned long e = 0;
52			unsigned long cnt = 0;
53
54			ERR_load_crypto_strings();
55
56			while ((cnt < 100) && (e = ERR_get_error()))
57			{
58			ilog(L_CRIT, "SSL error: %s", ERR_error_string(e, 0));
59			cnt++;
60			}
61			}
62
63			/*
64			* verify_private_key - reread private key and verify against inmem key
65			*/
66			int
67			verify_private_key(void)
68			{
69			BIO *file;
70			RSA *key;
71			RSA *mkey;
72
73			/* If the rsa_private_key directive isn't found, error out. */
74			if (ServerInfo.rsa_private_key == NULL)
75			{
76			ilog(L_NOTICE, "rsa_private_key in serverinfo{} is not defined.");
77			return -1;
78			}
79
80			/* If rsa_private_key_file isn't available, error out. */
81			if (ServerInfo.rsa_private_key_file == NULL)
82			{
83			ilog(L_NOTICE, "Internal error: rsa_private_key_file isn't defined.");
84			return -1;
85			}
86
87			if (bio_spare_fd > -1)
88			close(bio_spare_fd);
89
90			file = BIO_new_file(ServerInfo.rsa_private_key_file, "r");
91
92			/*
93			* If BIO_new_file returned NULL (according to OpenSSL docs), then
94			* an error occurred.
95			*/
96			if (file == NULL)
97			{
98			bio_spare_fd = save_spare_fd("SSL private key validation");
99			ilog(L_NOTICE, "Failed to open private key file - can't validate it");
100			return -1;
101			}
102
103			/*
104			* jdc -- Let's do this a little differently. According to the
105			* OpenSSL documentation, you need to METHOD_free(key) before
106			* assigning it. Don't believe me? Check out the following
107			* URL: http://www.openssl.org/docs/crypto/pem.html#BUGS
108			* P.S. -- I have no idea why the key= assignment has to be typecasted.
109			* For some reason the system thinks PEM_read_bio_RSAPrivateKey
110			* is returning an int, not a RSA *.
111			* androsyn -- Thats because you didn't have a prototype and including
112			* pem.h breaks things for some reason..
113			*/
114			key = (RSA *) PEM_read_bio_RSAPrivateKey(file, NULL, 0, NULL);
115
116			if (key == NULL)
117			{
118			ilog(L_NOTICE, "PEM_read_bio_RSAPrivateKey() failed; possibly not RSA?");
119			report_crypto_errors();
120			return -1;
121			}
122
123			BIO_set_close(file, BIO_CLOSE);
124			BIO_free(file);
125			bio_spare_fd = save_spare_fd("SSL private key validation");
126
127			mkey = ServerInfo.rsa_private_key;
128
129			/*
130			* Compare the in-memory key to the key we just loaded above. If
131			* any of the portions don't match, then logically we have a different
132			* in-memory key vs. the one we just loaded. This is bad, mmmkay?
133			*/
134			if (mkey->pad != key->pad)
135			ilog(L_CRIT, "Private key corrupted: pad %i != pad %i",
136			mkey->pad, key->pad);
137
138			if (mkey->version != key->version)
139			{
140			#if (OPENSSL_VERSION_NUMBER & 0x00907000) == 0x00907000
141			ilog(L_CRIT, "Private key corrupted: version %li != version %li",
142			mkey->version, key->version);
143			#else
144			ilog(L_CRIT, "Private key corrupted: version %i != version %i",
145			mkey->version, key->version);
146			#endif
147			}
148
149			if (BN_cmp(mkey->n, key->n))
150			ilog(L_CRIT, "Private key corrupted: n differs");
151			if (BN_cmp(mkey->e, key->e))
152			ilog(L_CRIT, "Private key corrupted: e differs");
153			if (BN_cmp(mkey->d, key->d))
154			ilog(L_CRIT, "Private key corrupted: d differs");
155			if (BN_cmp(mkey->p, key->p))
156			ilog(L_CRIT, "Private key corrupted: p differs");
157			if (BN_cmp(mkey->q, key->q))
158			ilog(L_CRIT, "Private key corrupted: q differs");
159			if (BN_cmp(mkey->dmp1, key->dmp1))
160			ilog(L_CRIT, "Private key corrupted: dmp1 differs");
161			if (BN_cmp(mkey->dmq1, key->dmq1))
162			ilog(L_CRIT, "Private key corrupted: dmq1 differs");
163			if (BN_cmp(mkey->iqmp, key->iqmp))
164			ilog(L_CRIT, "Private key corrupted: iqmp differs");
165
166			RSA_free(key);
167			return 0;
168			}
169
170
171			static void
172			binary_to_hex(unsigned char bin, char hex, int length)
173			{
174			static const char trans[] = "0123456789ABCDEF";
175			int i;
176
177			for(i = 0; i < length; i++)
178			{
179			hex[i << 1] = trans[bin[i] >> 4];
180			hex[(i << 1) + 1] = trans[bin[i] & 0xf];
181			}
182
183			hex[i << 1] = '\0';
184			}
185
186			int
187			get_randomness(unsigned char *buf, int length)
188			{
189			/* Seed OpenSSL PRNG with EGD enthropy pool -kre */
190			if (ConfigFileEntry.use_egd &&
191			(ConfigFileEntry.egdpool_path != NULL))
192			{
193			if (RAND_egd(ConfigFileEntry.egdpool_path) == -1)
194			return -1;
195			}
196
197			if (RAND_status())
198			return (RAND_bytes(buf, length));
199			else /* XXX - abort? */
200			return (RAND_pseudo_bytes(buf, length));
201			}
202
203			int
204			generate_challenge(char r_challenge, char r_response, RSA *rsa)
205			{
206			unsigned char secret[32], *tmp;
207			unsigned long length;
208			int ret = -1;
209
210			if (!rsa)
211			return -1;
212			get_randomness(secret, 32);
213			*r_response = MyMalloc(65);
214			binary_to_hex(secret, *r_response, 32);
215
216			length = RSA_size(rsa);
217			tmp = MyMalloc(length);
218			ret = RSA_public_encrypt(32, secret, tmp, rsa, RSA_PKCS1_PADDING);
219
220			*r_challenge = MyMalloc((length << 1) + 1);
221			binary_to_hex( tmp, *r_challenge, length);
222			(*r_challenge)[length<<1] = 0;
223			MyFree(tmp);
224
225			if (ret < 0)
226			{
227			report_crypto_errors();
228			return -1;
229			}
230			return 0;
231			}