trunk/src/rsa.c

/*
 *  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
 *
 *  Copyright (c) 2000-2015 ircd-hybrid development team
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
 *  USA
 */

/*! \file rsa.c
 * \brief Functions for use with RSA public key cryptography.
 * \version $Id$
 */

#include "stdinc.h"
#ifdef HAVE_LIBCRYPTO
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/opensslv.h>

#include "memory.h"
#include "rsa.h"
#include "conf.h"
#include "log.h"


/*
 * report_crypto_errors - Dump crypto error list to log
 */
void
report_crypto_errors(void)
{
  unsigned long e = 0;

  while ((e = ERR_get_error()))
    ilog(LOG_TYPE_IRCD, "SSL error: %s", ERR_error_string(e, 0));
}

void
binary_to_hex(const unsigned char *bin, char *hex, unsigned int length)
{
  static const char trans[] = "0123456789ABCDEF";

  for (const unsigned char *const end = bin + length; bin < end; ++bin)
  {
    *hex++ = trans[*bin >>  4];
    *hex++ = trans[*bin & 0xf];
  }

  *hex = '\0';
}

int
get_randomness(unsigned char *buf, int length)
{
  return RAND_bytes(buf, length);
}

int
generate_challenge(char **r_challenge, char **r_response, RSA *rsa)
{
  unsigned char secret[32], *tmp = NULL;
  unsigned long length = 0;
  int ret = -1;

  if (!rsa)
    return -1;

  if (!get_randomness(secret, 32))
  {
    report_crypto_errors();
    return -1;
  }

  *r_response = MyCalloc(65);
  binary_to_hex(secret, *r_response, 32);

  length = RSA_size(rsa);
  tmp = MyCalloc(length);
  ret = RSA_public_encrypt(32, secret, tmp, rsa, RSA_PKCS1_PADDING);

  *r_challenge = MyCalloc((length << 1) + 1);
  binary_to_hex(tmp, *r_challenge, length);
  MyFree(tmp);

  if (ret < 0)
  {
    report_crypto_errors();
    return -1;
  }

  return 0;
}
#endif
Revision:	5347
Committed:	Sun Jan 11 12:42:20 2015 UTC (10 years, 7 months ago) by michael
Content type:	text/x-csrc
File size:	2544 byte(s)
Log Message:	- Update copyright years
#	User	Rev	Content
1	adx	30	/*
2	michael	2916	* ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3	adx	30	*
4	michael	5347	* Copyright (c) 2000-2015 ircd-hybrid development team
5	adx	30	*
6			* This program is free software; you can redistribute it and/or modify
7			* it under the terms of the GNU General Public License as published by
8			* the Free Software Foundation; either version 2 of the License, or
9			* (at your option) any later version.
10			*
11			* This program is distributed in the hope that it will be useful,
12			* but WITHOUT ANY WARRANTY; without even the implied warranty of
13			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14			* GNU General Public License for more details.
15			*
16			* You should have received a copy of the GNU General Public License
17			* along with this program; if not, write to the Free Software
18	michael	4565	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
19	adx	30	* USA
20			*/
21
22	michael	2916	/*! \file rsa.c
23			* \brief Functions for use with RSA public key cryptography.
24			* \version $Id$
25			*/
26
27	adx	30	#include "stdinc.h"
28	michael	1307	#ifdef HAVE_LIBCRYPTO
29	adx	30	#include <openssl/pem.h>
30			#include <openssl/rand.h>
31			#include <openssl/rsa.h>
32			#include <openssl/bn.h>
33			#include <openssl/evp.h>
34			#include <openssl/err.h>
35	michael	1013	#include <openssl/opensslv.h>
36	adx	30
37			#include "memory.h"
38			#include "rsa.h"
39	michael	1309	#include "conf.h"
40			#include "log.h"
41	adx	30
42
43			/*
44			* report_crypto_errors - Dump crypto error list to log
45			*/
46			void
47			report_crypto_errors(void)
48			{
49	michael	1752	unsigned long e = 0;
50	adx	30
51	michael	1752	while ((e = ERR_get_error()))
52	michael	1247	ilog(LOG_TYPE_IRCD, "SSL error: %s", ERR_error_string(e, 0));
53	adx	30	}
54
55	michael	4113	void
56	michael	4110	binary_to_hex(const unsigned char bin, char hex, unsigned int length)
57	adx	30	{
58			static const char trans[] = "0123456789ABCDEF";
59
60	michael	4948	for (const unsigned char *const end = bin + length; bin < end; ++bin)
61	adx	30	{
62	michael	4110	hex++ = trans[bin >> 4];
63			hex++ = trans[bin & 0xf];
64	adx	30	}
65
66	michael	4110	*hex = '\0';
67	adx	30	}
68
69			int
70			get_randomness(unsigned char *buf, int length)
71			{
72	michael	4254	return RAND_bytes(buf, length);
73	adx	30	}
74
75			int
76			generate_challenge(char r_challenge, char r_response, RSA *rsa)
77			{
78	michael	3335	unsigned char secret[32], *tmp = NULL;
79			unsigned long length = 0;
80	adx	30	int ret = -1;
81
82			if (!rsa)
83	michael	1307	return -1;
84
85	michael	4254	if (!get_randomness(secret, 32))
86			{
87			report_crypto_errors();
88			return -1;
89			}
90
91	michael	3504	*r_response = MyCalloc(65);
92	adx	30	binary_to_hex(secret, *r_response, 32);
93
94			length = RSA_size(rsa);
95	michael	3504	tmp = MyCalloc(length);
96	adx	30	ret = RSA_public_encrypt(32, secret, tmp, rsa, RSA_PKCS1_PADDING);
97
98	michael	3504	*r_challenge = MyCalloc((length << 1) + 1);
99	michael	4254	binary_to_hex(tmp, *r_challenge, length);
100	adx	30	MyFree(tmp);
101
102			if (ret < 0)
103			{
104			report_crypto_errors();
105			return -1;
106			}
107	michael	1307
108	adx	30	return 0;
109			}
110	michael	1307	#endif