Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
429168e7
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
429168e7
编写于
5月 28, 2005
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add pss/x931 files.
上级
499fca2d
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
395 addition
and
0 deletion
+395
-0
crypto/rsa/rsa_pss.c
crypto/rsa/rsa_pss.c
+220
-0
crypto/rsa/rsa_x931.c
crypto/rsa/rsa_x931.c
+175
-0
未找到文件。
crypto/rsa/rsa_pss.c
0 → 100644
浏览文件 @
429168e7
/* rsa_pss.c */
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
* project 2005.
*/
/* ====================================================================
* Copyright (c) 2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
const
static
unsigned
char
zeroes
[]
=
{
0
,
0
,
0
,
0
,
0
,
0
,
0
,
0
};
int
RSA_verify_PKCS1_PSS
(
RSA
*
rsa
,
const
unsigned
char
*
mHash
,
const
EVP_MD
*
Hash
,
const
unsigned
char
*
EM
,
int
sLen
)
{
int
i
;
int
ret
=
0
;
int
hLen
,
maskedDBLen
,
emBits
,
emLen
;
const
unsigned
char
*
H
;
unsigned
char
*
DB
=
NULL
;
EVP_MD_CTX
ctx
;
unsigned
char
H_
[
EVP_MAX_MD_SIZE
];
emBits
=
BN_num_bits
(
rsa
->
n
)
-
1
;
emLen
=
(
emBits
+
7
)
>>
3
;
hLen
=
EVP_MD_size
(
Hash
);
if
(
emLen
<
(
hLen
+
sLen
+
2
))
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_DATA_TOO_LARGE
);
goto
err
;
}
if
(
EM
[
emLen
-
1
]
!=
0xbc
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_LAST_OCTET_INVALID
);
goto
err
;
}
if
(
EM
[
0
]
&
(
0xFF
<<
(
emBits
&
0x7
)))
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_FIRST_OCTET_INVALID
);
goto
err
;
}
maskedDBLen
=
emLen
-
hLen
-
1
;
H
=
EM
+
maskedDBLen
;
DB
=
OPENSSL_malloc
(
maskedDBLen
);
if
(
!
DB
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
PKCS1_MGF1
(
DB
,
maskedDBLen
,
H
,
hLen
,
Hash
);
for
(
i
=
0
;
i
<
maskedDBLen
;
i
++
)
DB
[
i
]
^=
EM
[
i
];
DB
[
0
]
&=
0xFF
>>
(
8
-
(
emBits
&
0x7
));
for
(
i
=
0
;
i
<
(
emLen
-
hLen
-
sLen
-
2
);
i
++
)
{
if
(
DB
[
i
]
!=
0
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_ZERO_CHECK_FAILED
);
goto
err
;
}
}
if
(
DB
[
i
]
!=
0x1
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_ONE_CHECK_FAILED
);
goto
err
;
}
EVP_MD_CTX_init
(
&
ctx
);
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
zeroes
,
sizeof
zeroes
);
EVP_DigestUpdate
(
&
ctx
,
mHash
,
hLen
);
if
(
sLen
)
EVP_DigestUpdate
(
&
ctx
,
DB
+
maskedDBLen
-
sLen
,
sLen
);
EVP_DigestFinal
(
&
ctx
,
H_
,
NULL
);
EVP_MD_CTX_cleanup
(
&
ctx
);
if
(
memcmp
(
H_
,
H
,
hLen
))
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_BAD_SIGNATURE
);
ret
=
0
;
}
else
ret
=
1
;
err:
if
(
DB
)
OPENSSL_free
(
DB
);
return
ret
;
}
int
RSA_padding_add_PKCS1_PSS
(
RSA
*
rsa
,
unsigned
char
*
EM
,
const
unsigned
char
*
mHash
,
const
EVP_MD
*
Hash
,
int
sLen
)
{
int
i
;
int
ret
=
0
;
int
hLen
,
maskedDBLen
,
emBits
,
emLen
;
unsigned
char
*
H
,
*
salt
=
NULL
,
*
p
;
EVP_MD_CTX
ctx
;
emBits
=
BN_num_bits
(
rsa
->
n
)
-
1
;
emLen
=
(
emBits
+
7
)
>>
3
;
hLen
=
EVP_MD_size
(
Hash
);
if
(
sLen
<
0
)
sLen
=
0
;
if
(
emLen
<
(
hLen
+
sLen
+
2
))
{
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
,
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
);
goto
err
;
}
if
(
sLen
>
0
)
{
salt
=
OPENSSL_malloc
(
sLen
);
if
(
!
salt
)
{
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
!
RAND_bytes
(
salt
,
sLen
))
goto
err
;
}
maskedDBLen
=
emLen
-
hLen
-
1
;
H
=
EM
+
maskedDBLen
;
EVP_MD_CTX_init
(
&
ctx
);
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
);
EVP_DigestUpdate
(
&
ctx
,
zeroes
,
sizeof
zeroes
);
EVP_DigestUpdate
(
&
ctx
,
mHash
,
hLen
);
if
(
sLen
)
EVP_DigestUpdate
(
&
ctx
,
salt
,
sLen
);
EVP_DigestFinal
(
&
ctx
,
H
,
NULL
);
EVP_MD_CTX_cleanup
(
&
ctx
);
/* Generate dbMask in place then perform XOR on it */
PKCS1_MGF1
(
EM
,
maskedDBLen
,
H
,
hLen
,
Hash
);
p
=
EM
;
/* Initial PS XORs with all zeroes which is a NOP so just update
* pointer. Note from a test above this value is guaranteed to
* be non-negative.
*/
p
+=
emLen
-
sLen
-
hLen
-
2
;
*
p
++
^=
0x1
;
if
(
sLen
>
0
)
{
for
(
i
=
0
;
i
<
sLen
;
i
++
)
*
p
++
^=
salt
[
i
];
}
EM
[
0
]
&=
0xFF
>>
(
8
-
(
emBits
&
0x7
));
/* H is already in place so just set final 0xbc */
EM
[
emLen
-
1
]
=
0xbc
;
ret
=
1
;
err:
if
(
salt
)
OPENSSL_free
(
salt
);
return
ret
;
}
crypto/rsa/rsa_x931.c
0 → 100644
浏览文件 @
429168e7
/* rsa_x931.c */
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
* project 2005.
*/
/* ====================================================================
* Copyright (c) 2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
#include <openssl/objects.h>
int
RSA_padding_add_X931
(
unsigned
char
*
to
,
int
tlen
,
const
unsigned
char
*
from
,
int
flen
)
{
int
j
;
unsigned
char
*
p
;
/* Absolute minimum amount of padding is 1 header nibble, 1 padding
* nibble and 2 trailer bytes: but 1 hash if is already in 'from'.
*/
j
=
tlen
-
flen
-
2
;
if
(
j
<
0
)
{
RSAerr
(
RSA_F_RSA_PADDING_ADD_X931
,
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
);
return
-
1
;
}
p
=
(
unsigned
char
*
)
to
;
/* If no padding start and end nibbles are in one byte */
if
(
j
==
0
)
*
p
++
=
0x6A
;
else
{
*
p
++
=
0x6B
;
if
(
j
>
1
)
{
memset
(
p
,
0xBB
,
j
-
1
);
p
+=
j
-
1
;
}
*
p
++
=
0xBA
;
}
memcpy
(
p
,
from
,(
unsigned
int
)
flen
);
p
+=
flen
;
*
p
=
0xCC
;
return
(
1
);
}
int
RSA_padding_check_X931
(
unsigned
char
*
to
,
int
tlen
,
const
unsigned
char
*
from
,
int
flen
,
int
num
)
{
int
i
,
j
;
const
unsigned
char
*
p
;
p
=
from
;
if
((
num
!=
flen
)
||
((
*
p
!=
0x6A
)
&&
(
*
p
!=
0x6B
)))
{
RSAerr
(
RSA_F_RSA_PADDING_CHECK_X931
,
RSA_R_INVALID_HEADER
);
return
-
1
;
}
j
=
flen
-
3
;
if
(
*
p
++
==
0x6B
)
{
for
(
i
=
0
;
i
<
j
;
i
++
)
{
unsigned
char
c
=
*
p
++
;
if
(
c
==
0xBA
)
break
;
if
(
c
!=
0xBB
)
{
RSAerr
(
RSA_F_RSA_PADDING_CHECK_X931
,
RSA_R_INVALID_PADDING
);
return
-
1
;
}
}
}
j
-=
i
;
if
(
i
==
0
)
{
RSAerr
(
RSA_F_RSA_PADDING_CHECK_X931
,
RSA_R_INVALID_PADDING
);
return
-
1
;
}
if
(
p
[
j
]
!=
0xCC
)
{
RSAerr
(
RSA_F_RSA_PADDING_CHECK_X931
,
RSA_R_INVALID_TRAILER
);
return
-
1
;
}
memcpy
(
to
,
p
,(
unsigned
int
)
j
);
return
(
j
);
}
/* Translate between X931 hash ids and NIDs */
int
RSA_X931_hash_id
(
int
nid
)
{
switch
(
nid
)
{
case
NID_sha1
:
return
0x33
;
case
NID_sha256
:
return
0x34
;
case
NID_sha384
:
return
0x36
;
case
NID_sha512
:
return
0x35
;
}
return
-
1
;
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录