ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Added Diffie-Hellman support to dst

Browse Source
This commit is contained in:
Brian Wellington
1999-09-27 16:55:45 +00:00
parent 8b63ecfc36
commit 2be474d044
12 changed files with 849 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/dns/sec/dst/Makefile.in
View File

@@ -41,10 +41,12 @@ LIBS = @LIBS@
# Alphabetically
OBJS = bsafe_link.@O@ dst_api.@O@ dst_parse.@O@ hmac_link.@O@ \
openssl_link.@O@ dst_result.@O@ dst_support.@O@ dst_lib.@O@
openssl_link.@O@ openssldh_link.@O@ dst_result.@O@ \
dst_support.@O@ dst_lib.@O@
SRCS = bsafe_link.c dst_api.c dst_parse.c hmac_link.c \
openssl_link.c dst_result.c dst_support.c dst_lib.c
openssl_link.c openssldh_link.c dst_result.c dst_support.c \
dst_lib.c
SUBDIRS = include
TARGETS = ${OBJS}

15
lib/dns/sec/dst/bsafe_link.c
View File

@@ -19,7 +19,7 @@
/*
* Principal Author: Brian Wellington
* $Id: bsafe_link.c,v 1.5 1999/09/23 20:54:34 bwelling Exp $
* $Id: bsafe_link.c,v 1.6 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
@@ -111,18 +111,19 @@ static dst_result_t dst_bsafe_from_file(dst_key_t *key, const int id,
isc_mem_t *mctx);
/*
* dst_s_bsafe_init()
* dst_s_bsafersa_init()
* Sets up function pointers for BSAFE/DNSSAFE related functions
*/
void
dst_s_bsafe_init()
{
dst_s_bsafersa_init() {
REQUIRE(dst_t_func[DST_ALG_RSA] == NULL);
dst_t_func[DST_ALG_RSA] = &bsafe_functions;
memset(&bsafe_functions, 0, sizeof(struct dst_func));
bsafe_functions.sign = dst_bsafe_sign;
bsafe_functions.verify = dst_bsafe_verify;
bsafe_functions.computesecret = NULL;
bsafe_functions.compare = dst_bsafe_compare;
bsafe_functions.paramcompare = NULL;
bsafe_functions.generate = dst_bsafe_generate;
bsafe_functions.isprivate = dst_bsafe_isprivate;
bsafe_functions.destroy = dst_bsafe_destroy;
@@ -388,7 +389,7 @@ dst_bsafe_verify(const unsigned int mode, dst_key_t *key, void **context,
* ISC_TRUE
* ISC_FALSE
*/
isc_boolean_t
static isc_boolean_t
dst_bsafe_isprivate(const dst_key_t *key) {
RSA_Key *rkey = (RSA_Key *) key->opaque;
return (rkey != NULL && rkey->rk_Private_Key != NULL);
@@ -469,7 +470,6 @@ dst_bsafe_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
return (DST_R_NOMEMORY);
memset(rkey, 0, sizeof(RSA_Key));
key->opaque = (void *) rkey;
if (B_CreateKeyObject(&rkey->rk_Public_Key) != 0) {
isc_mem_put(mctx, rkey, sizeof(RSA_Key));
@@ -542,6 +542,9 @@ dst_bsafe_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
memset(public->modulus.data, 0, public->modulus.len);
isc_mem_put(mctx, public->modulus.data, public->modulus.len);
isc_mem_put(mctx, public, sizeof(*public));
key->opaque = (void *) rkey;
return (DST_R_SUCCESS);
}

90
lib/dns/sec/dst/dst_api.c
View File

@@ -17,7 +17,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_api.c,v 1.10 1999/09/23 20:54:35 bwelling Exp $
* $Id: dst_api.c,v 1.11 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
@@ -122,6 +122,8 @@ dst_sign(const unsigned int mode, dst_key_t *key, dst_context_t *context,
return (DST_R_UNSUPPORTEDALG);
if (key->opaque == NULL)
return (DST_R_NULLKEY);
if (key->func->sign == NULL)
return (DST_R_NOTPRIVATEKEY);
return (key->func->sign(mode, key, (void **)context, data, sig,
key->mctx));
@@ -169,14 +171,55 @@ dst_verify(const unsigned int mode, dst_key_t *key, dst_context_t *context,
return (DST_R_UNSUPPORTEDALG);
if (key->opaque == NULL)
return (DST_R_NULLKEY);
if (key->func->verify == NULL)
return (DST_R_NOTPUBLICKEY);
return (key->func->verify(mode, key, (void **)context, data, sig,
key->mctx));
}
/*
* dst_computesecret
* A function to compute a shared secret from two (Diffie-Hellman) keys.
* Parameters
* pub The public key
* priv The private key
* secret A buffer into which the secret is written
* Returns
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
dst_result_t
dst_computesecret(const dst_key_t *pub, const dst_key_t *priv,
isc_buffer_t *secret)
{
RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
REQUIRE(VALID_KEY(pub) && VALID_KEY(priv));
REQUIRE(secret != NULL);
if (dst_supported_algorithm(pub->key_alg) == ISC_FALSE ||
dst_supported_algorithm(priv->key_alg) == ISC_FALSE)
return (DST_R_UNSUPPORTEDALG);
if (pub->opaque == NULL || priv->opaque == NULL)
return (DST_R_NULLKEY);
if (pub->key_alg != priv->key_alg ||
pub->func->computesecret == NULL ||
priv->func->computesecret == NULL)
return (DST_R_KEYCANNOTCOMPUTESECRET);
if (dst_key_isprivate(priv) == ISC_FALSE)
return (DST_R_NOTPRIVATEKEY);
return (pub->func->computesecret(pub, priv, secret));
}
/*
* dst_key_tofile
* Writes a key to disk. The key can either be a public or private key.
* The public key is written in DNS format and the private key is
* written as a set of base64 encoded values.
* Parameters
* key The key to be written.
* type Either DST_PUBLIC or DST_PRIVATE, or both
@@ -441,17 +484,22 @@ dst_key_tobuffer(const dst_key_t *key, isc_buffer_t *target) {
/*
* dst_key_generate
* Generate and store a public/private keypair.
* Keys will be stored in formatted files.
* Generate a public/private keypair.
* Parameters
* name Name of the new key. Used to create key files
* K<name>+<alg>+<id>.public
* K<name>+<alg>+<id>.private
* alg The algorithm to use
* bits Size of the new key in bits
* param Algorithm specific (currently RSA only)
* param Algorithm specific
* RSA: exponent
* 0 use exponent 3
* !0 use Fermat4 (2^16 + 1)
* DH: generator
* 0 default - use well-known prime if bits == 768
* or 1024, otherwise use generator 2
* !0 use this value as the generator
* DSA/HMACMD5: unused
* flags The default value of the DNS Key flags.
* protocol Default value of the DNS Key protocol field.
* mctx The memory context used to allocate the key
@@ -520,6 +568,34 @@ dst_key_compare(const dst_key_t *key1, const dst_key_t *key2) {
else
return (ISC_FALSE);
}
/*
* dst_key_paramcompare
* Compares two keys' parameters for equality. This is designed to
* determine if two (Diffie-Hellman) keys can be used to derive a shared
* secret.
* Parameters
* key1, key2 Two keys whose parameters are to be compared.
* Returns
* ISC_TRUE The keys' parameters are equal.
* ISC_FALSE The keys' parameters are not equal.
*/
isc_boolean_t
dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2) {
RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
REQUIRE(VALID_KEY(key1));
REQUIRE(VALID_KEY(key2));
if (key1 == key2)
return (ISC_TRUE);
if (key1 == NULL || key2 == NULL)
return (ISC_FALSE);
if (key1->key_alg == key2->key_alg &&
key1->func->paramcompare != NULL &&
key1->func->paramcompare(key1, key2) == ISC_TRUE)
return (ISC_TRUE);
else
return (ISC_FALSE);
}
/*
* dst_key_free
@@ -609,6 +685,7 @@ dst_sig_size(const dst_key_t *key) {
return (16);
case DST_ALG_HMACSHA1:
return (20);
case DST_ALG_DH:
default:
REQUIRE(ISC_FALSE);
return (-1);
@@ -668,10 +745,11 @@ initialize() {
dst_s_hmacmd5_init();
#if defined(BSAFE) || defined(DNSSAFE)
dst_s_bsafe_init();
dst_s_bsafersa_init();
#endif
#ifdef OPENSSL
dst_s_openssl_init();
dst_s_openssldsa_init();
dst_s_openssldh_init();
#endif
}

10
lib/dns/sec/dst/dst_internal.h
View File

@@ -63,7 +63,12 @@ struct dst_func {
dst_result_t (*verify)(const unsigned int mode, dst_key_t *key,
void **context, isc_region_t *data,
isc_region_t *sig, isc_mem_t *mctx);
dst_result_t (*computesecret)(const dst_key_t *pub,
const dst_key_t *priv,
isc_buffer_t *secret);
isc_boolean_t (*compare)(const dst_key_t *key1, const dst_key_t *key2);
isc_boolean_t (*paramcompare)(const dst_key_t *key1,
const dst_key_t *key2);
dst_result_t (*generate)(dst_key_t *key, int parms, isc_mem_t *mctx);
isc_boolean_t (*isprivate)(const dst_key_t *key);
void (*destroy)(void *key, isc_mem_t *mctx);
@@ -87,8 +92,9 @@ extern dst_func *dst_t_func[DST_MAX_ALGS];
#endif
void dst_s_hmacmd5_init(void);
void dst_s_bsafe_init(void);
void dst_s_openssl_init(void);
void dst_s_bsafersa_init(void);
void dst_s_openssldsa_init(void);
void dst_s_openssldh_init(void);
/* support functions */

26
lib/dns/sec/dst/dst_parse.c
View File

@@ -17,7 +17,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_parse.c,v 1.4 1999/09/02 15:56:32 bwelling Exp $
* $Id: dst_parse.c,v 1.5 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
@@ -47,6 +47,7 @@
#define PRIVATE_KEY_STR "Private-key-format:"
#define ALGORITHM_STR "Algorithm:"
#define RSA_STR "RSA"
#define DH_STR "DH"
#define DSA_STR "DSA"
#define HMACMD5_STR "HMAC_MD5"
@@ -65,6 +66,11 @@ static struct parse_map map[] = {
{TAG_RSA_EXPONENT2, "Exponent2:"},
{TAG_RSA_COEFFICIENT, "Coefficient:"},
{TAG_DH_PRIME, "Prime(p):"},
{TAG_DH_GENERATOR, "Generator(g):"},
{TAG_DH_PRIVATE, "Private_value(x):"},
{TAG_DH_PUBLIC, "Public_value(y):"},
{TAG_DSA_PRIME, "Prime(p):"},
{TAG_DSA_SUBPRIME, "Subprime(q):"},
{TAG_DSA_BASE, "Base(g):"},
@@ -114,6 +120,21 @@ check_rsa(const dst_private_t *priv) {
return (0);
}
static int
check_dh(const dst_private_t *priv) {
int i, j;
if (priv->nelements != DH_NTAGS)
return (-1);
for (i = 0; i < DH_NTAGS; i++) {
for (j = 0; j < priv->nelements; j++)
if (priv->elements[j].tag == TAG(DST_ALG_DH, i))
break;
if (j == priv->nelements)
return (-1);
}
return (0);
}
static int
check_dsa(const dst_private_t *priv) {
int i, j;
@@ -143,6 +164,8 @@ check_data(const dst_private_t *priv, const int alg) {
switch (alg) {
case DST_ALG_RSA:
return (check_rsa(priv));
case DST_ALG_DH:
return (check_dh(priv));
case DST_ALG_DSA:
return (check_dsa(priv));
case DST_ALG_HMACMD5:
@@ -330,6 +353,7 @@ dst_s_write_private_key_file(const char *name, const int alg, const int id,
fprintf(fp, "%s %d ", ALGORITHM_STR, alg);
switch (alg) {
case DST_ALG_RSA: fprintf(fp, "(RSA)\n"); break;
case DST_ALG_DH: fprintf(fp, "(DH)\n"); break;
case DST_ALG_DSA: fprintf(fp, "(DSA)\n"); break;
case DST_ALG_HMACMD5: fprintf(fp, "(HMAC_MD5)\n"); break;
default : fprintf(fp, "(?)\n"); break;

6
lib/dns/sec/dst/dst_parse.h
View File

@@ -43,6 +43,12 @@ ISC_LANG_BEGINDECLS
#define TAG_RSA_EXPONENT2 ((DST_ALG_RSA << TAG_SHIFT) + 6)
#define TAG_RSA_COEFFICIENT ((DST_ALG_RSA << TAG_SHIFT) + 7)
#define DH_NTAGS 4
#define TAG_DH_PRIME ((DST_ALG_DH << TAG_SHIFT) + 0)
#define TAG_DH_GENERATOR ((DST_ALG_DH << TAG_SHIFT) + 1)
#define TAG_DH_PRIVATE ((DST_ALG_DH << TAG_SHIFT) + 2)
#define TAG_DH_PUBLIC ((DST_ALG_DH << TAG_SHIFT) + 3)
#define DSA_NTAGS 5
#define TAG_DSA_PRIME ((DST_ALG_DSA << TAG_SHIFT) + 0)
#define TAG_DSA_SUBPRIME ((DST_ALG_DSA << TAG_SHIFT) + 1)

4
lib/dns/sec/dst/dst_result.c
View File

@@ -17,7 +17,7 @@
/*
* Principal Author: Brian Wellington
* $Id: dst_result.c,v 1.2 1999/09/23 20:54:35 bwelling Exp $
* $Id: dst_result.c,v 1.3 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
@@ -49,6 +49,8 @@ static char *text[DST_R_NRESULTS] = {
"verify final failure", /* 14 */
"not a public key", /* 15 */
"not a private key", /* 16 */
"not a key that can compute a secret", /* 17 */
"failure computing a shared secret", /* 18 */
};
#define DST_RESULT_RESULTSET 2

8
lib/dns/sec/dst/hmac_link.c
View File

@@ -17,7 +17,7 @@
/*
* Principal Author: Brian Wellington
* $Id: hmac_link.c,v 1.7 1999/09/23 20:54:35 bwelling Exp $
* $Id: hmac_link.c,v 1.8 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
@@ -87,7 +87,9 @@ dst_s_hmacmd5_init()
memset(&hmacmd5_functions, 0, sizeof(struct dst_func));
hmacmd5_functions.sign = dst_hmacmd5_sign;
hmacmd5_functions.verify = dst_hmacmd5_verify;
hmacmd5_functions.computesecret = NULL;
hmacmd5_functions.compare = dst_hmacmd5_compare;
hmacmd5_functions.paramcompare = NULL;
hmacmd5_functions.generate = dst_hmacmd5_generate;
hmacmd5_functions.isprivate = dst_hmacmd5_isprivate;
hmacmd5_functions.destroy = dst_hmacmd5_destroy;
@@ -241,8 +243,10 @@ dst_hmacmd5_verify(const unsigned int mode, dst_key_t *key, void **context,
* Returns
* ISC_TRUE
*/
isc_boolean_t
static isc_boolean_t
dst_hmacmd5_isprivate(const dst_key_t *key) {
key = key; /* suppress warning */
return (ISC_TRUE);
}

25
lib/dns/sec/dst/include/dst/dst.h
View File

@@ -96,6 +96,22 @@ dst_result_t
dst_verify(const unsigned int mode, dst_key_t *key, dst_context_t *context,
isc_region_t *data, isc_region_t *sig);
/*
* dst_computesecret
* A function to compute a shared secret from two (Diffie-Hellman) keys.
*
* Requires:
* "pub" is a valid key that can be used to derive a shared secret
* "priv" is a valid private key that can be used to derive a shared secret
* "secret" is a valid buffer
*
* Ensures:
* If successful, secret will contain the derived shared secret.
*/
dst_result_t
dst_computesecret(const dst_key_t *pub, const dst_key_t *priv,
isc_buffer_t *secret);
/* Reads a key from permanent storage.
*
* Requires:
@@ -205,6 +221,15 @@ dst_key_generate(const char *name, const int alg, const int bits,
isc_boolean_t
dst_key_compare(const dst_key_t *key1, const dst_key_t *key2);
/* Compares the parameters of two DST keys.
*
* Requires:
* "key1" is a valid key.
* "key2" is a valid key.
*/
isc_boolean_t
dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2);
/* Free a DST key.
*
* Requires:

4
lib/dns/sec/dst/include/dst/result.h
View File

@@ -30,8 +30,10 @@ typedef unsigned int dst_result_t;
#define DST_R_VERIFYFINALFAILURE (ISC_RESULTCLASS_DST + 14)
#define DST_R_NOTPUBLICKEY (ISC_RESULTCLASS_DST + 15)
#define DST_R_NOTPRIVATEKEY (ISC_RESULTCLASS_DST + 16)
#define DST_R_KEYCANNOTCOMPUTESECRET (ISC_RESULTCLASS_DST + 17)
#define DST_R_COMPUTESECRETFAILURE (ISC_RESULTCLASS_DST + 18)
#define DST_R_NRESULTS 17 /* Number of results */
#define DST_R_NRESULTS 19 /* Number of results */
char * dst_result_totext(dst_result_t);

18
lib/dns/sec/dst/openssl_link.c
View File

@@ -19,7 +19,7 @@
/*
* Principal Author: Brian Wellington
* $Id: openssl_link.c,v 1.7 1999/09/23 20:54:36 bwelling Exp $
* $Id: openssl_link.c,v 1.8 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
@@ -55,7 +55,7 @@ static dst_result_t dst_openssl_verify(const unsigned int mode,
isc_region_t *sig, isc_mem_t *mctx);
static isc_boolean_t dst_openssl_compare(const dst_key_t *key1,
const dst_key_t *key2);
static dst_result_t dst_openssl_generate(dst_key_t *key, int exp,
static dst_result_t dst_openssl_generate(dst_key_t *key, int unused,
isc_mem_t *mctx);
static isc_boolean_t dst_openssl_isprivate(const dst_key_t *key);
static void dst_openssl_destroy(void *key, isc_mem_t *mctx);
@@ -72,18 +72,19 @@ static int BN_bn2bin_fixed(BIGNUM *bn, unsigned char *buf,
/*
* dst_s_openssl_init()
* dst_s_openssldsa_init()
* Sets up function pointers for OpenSSL related functions
*/
void
dst_s_openssl_init()
{
dst_s_openssldsa_init() {
REQUIRE(dst_t_func[DST_ALG_DSA] == NULL);
dst_t_func[DST_ALG_DSA] = &openssl_functions;
memset(&openssl_functions, 0, sizeof(struct dst_func));
openssl_functions.sign = dst_openssl_sign;
openssl_functions.verify = dst_openssl_verify;
openssl_functions.computesecret = NULL;
openssl_functions.compare = dst_openssl_compare;
openssl_functions.paramcompare = NULL; /* is this useful for DSA? */
openssl_functions.generate = dst_openssl_generate;
openssl_functions.isprivate = dst_openssl_isprivate;
openssl_functions.destroy = dst_openssl_destroy;
@@ -247,7 +248,7 @@ dst_openssl_verify(const unsigned int mode, dst_key_t *key, void **context,
* ISC_TRUE
* ISC_FALSE
*/
isc_boolean_t
static isc_boolean_t
dst_openssl_isprivate(const dst_key_t *key) {
DSA *dsa = (DSA *) key->opaque;
return (dsa != NULL && dsa->priv_key != NULL);
@@ -330,7 +331,6 @@ dst_openssl_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
return (DST_R_NOMEMORY);
memset(dsa, 0, sizeof(DSA));
key->opaque = (void *) dsa;
t = (unsigned int) *r.base++;
if (t > 8) {
@@ -363,6 +363,8 @@ dst_openssl_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
isc_buffer_forward(data, SHA_DIGEST_LENGTH + 3 * p_bytes);
key->opaque = (void *) dsa;
return (DST_R_SUCCESS);
}
@@ -456,7 +458,7 @@ dst_openssl_from_file(dst_key_t *key, const int id, isc_mem_t *mctx) {
dsa = DSA_new();
if (dsa == NULL)
DST_RET(DST_R_NOMEMORY);
memset(dsa, 0, sizeof(DSA *));
memset(dsa, 0, sizeof(DSA));
key->opaque = dsa;
for (i=0; i < priv.nelements; i++) {

666
lib/dns/sec/dst/openssldh_link.c Normal file
View File

@@ -0,0 +1,666 @@
#if defined(OPENSSL)
/*
* Portions Copyright (c) 1995-1998 by Network Associates, Inc.
*
* Permission to use, copy modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND NETWORK ASSOCIATES
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
* NETWORK ASSOCIATES BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
* WITH THE USE OR PERFORMANCE OF THE SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: openssldh_link.c,v 1.1 1999/09/27 16:55:44 bwelling Exp $
*/
#include <config.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <memory.h>
#include <isc/assertions.h>
#include <isc/buffer.h>
#include <isc/int.h>
#include <isc/region.h>
#include "dst_internal.h"
#include "dst_parse.h"
#include <openssl/crypto.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#define PRIME768 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF"
#define PRIME1024 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF"
static struct dst_func openssldh_functions;
static dst_result_t dst_openssldh_computesecret(const dst_key_t *pub,
const dst_key_t *priv,
isc_buffer_t *secret);
static isc_boolean_t dst_openssldh_compare(const dst_key_t *key1,
const dst_key_t *key2);
static isc_boolean_t dst_openssldh_paramcompare(const dst_key_t *key1,
const dst_key_t *key2);
static dst_result_t dst_openssldh_generate(dst_key_t *key, int generator,
isc_mem_t *mctx);
static isc_boolean_t dst_openssldh_isprivate(const dst_key_t *key);
static void dst_openssldh_destroy(void *key, isc_mem_t *mctx);
static dst_result_t dst_openssldh_to_dns(const dst_key_t *in_key,
isc_buffer_t *data);
static dst_result_t dst_openssldh_from_dns(dst_key_t *key,
isc_buffer_t *data,
isc_mem_t *mctx);
static dst_result_t dst_openssldh_to_file(const dst_key_t *key);
static dst_result_t dst_openssldh_from_file(dst_key_t *key, const int id,
isc_mem_t *mctx);
static void uint16_toregion(isc_uint16_t val, isc_region_t *region);
static isc_uint16_t uint16_fromregion(isc_region_t *region);
static BIGNUM *bn2, *bn768, *bn1024;
/*
* dst_s_openssldh_init()
* Sets up function pointers for OpenSSL related functions
*/
void
dst_s_openssldh_init()
{
REQUIRE(dst_t_func[DST_ALG_DH] == NULL);
dst_t_func[DST_ALG_DH] = &openssldh_functions;
memset(&openssldh_functions, 0, sizeof(struct dst_func));
openssldh_functions.sign = NULL;
openssldh_functions.verify = NULL;
openssldh_functions.computesecret = dst_openssldh_computesecret;
openssldh_functions.compare = dst_openssldh_compare;
openssldh_functions.paramcompare = dst_openssldh_paramcompare;
openssldh_functions.generate = dst_openssldh_generate;
openssldh_functions.isprivate = dst_openssldh_isprivate;
openssldh_functions.destroy = dst_openssldh_destroy;
openssldh_functions.to_dns = dst_openssldh_to_dns;
openssldh_functions.from_dns = dst_openssldh_from_dns;
openssldh_functions.to_file = dst_openssldh_to_file;
openssldh_functions.from_file = dst_openssldh_from_file;
CRYPTO_set_mem_functions(dst_mem_alloc, dst_mem_realloc, dst_mem_free);
/* BEW - should check for NULL here... */
bn2 = BN_new();
bn768 = BN_new();
bn1024 = BN_new();
BN_set_word(bn2, 2);
BN_hex2bn(&bn768, PRIME768);
BN_hex2bn(&bn1024, PRIME1024);
}
/*
* dst_openssldh_computesecret
* Compute a shared secret from this public and private key
* Parameters
* pub The public key
* priv The private key
* secret A buffer into which the secret is written
* Returns
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
static dst_result_t
dst_openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
isc_buffer_t *secret)
{
DH *dhpub, *dhpriv;
int ret;
isc_region_t r;
unsigned int len;
REQUIRE(pub->opaque != NULL);
REQUIRE(priv->opaque != NULL);
dhpub = (DH *) pub->opaque;
dhpriv = (DH *) priv->opaque;
len = DH_size(dhpriv);
isc_buffer_available(secret, &r);
if (r.length < len)
return (DST_R_NOSPACE);
ret = DH_compute_key(r.base, dhpub->pub_key, dhpriv);
if (ret == 0)
return(DST_R_COMPUTESECRETFAILURE);
isc_buffer_add(secret, len);
return (DST_R_SUCCESS);
}
/*
* dst_openssldh_isprivate
* Is this a private key?
* Parameters
* key DST KEY structure
* Returns
* ISC_TRUE
* ISC_FALSE
*/
static isc_boolean_t
dst_openssldh_isprivate(const dst_key_t *key) {
DH *dh = (DH *) key->opaque;
return (dh != NULL && dh->priv_key != NULL);
}
/*
* dst_openssldh_to_dns
* Converts key from DH to DNS distribution format
* Parameters
* key DST KEY structure
* data output data
* Returns
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
static dst_result_t
dst_openssldh_to_dns(const dst_key_t *key, isc_buffer_t *data) {
DH *dh;
isc_region_t r;
isc_uint16_t dnslen, plen, glen, publen;
REQUIRE(key->opaque != NULL);
dh = (DH *) key->opaque;
isc_buffer_available(data, &r);
if (dh->g == bn2 && (dh->p == bn768 || dh->p == bn1024)) {
plen = 1;
glen = 0;
}
else {
plen = BN_num_bytes(dh->p);
glen = BN_num_bytes(dh->g);
}
publen = BN_num_bytes(dh->pub_key);
dnslen = plen + glen + publen + 6;
if (r.length < (unsigned int) dnslen)
return (DST_R_NOSPACE);
uint16_toregion(plen, &r);
if (plen == 1) {
if (dh->p == bn768)
*r.base = 1;
else
*r.base = 2;
}
else
BN_bn2bin(dh->p, r.base);
r.base += plen;
uint16_toregion(glen, &r);
if (glen > 0)
BN_bn2bin(dh->g, r.base);
r.base += glen;
uint16_toregion(publen, &r);
BN_bn2bin(dh->pub_key, r.base);
r.base += publen;
isc_buffer_add(data, dnslen);
return (DST_R_SUCCESS);
}
/*
* dst_openssldh_from_dns
* Converts from a DNS KEY RR format to a DH KEY.
* Parameters
* key Partially filled key structure
* data Buffer containing key in DNS format
* Return
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
static dst_result_t
dst_openssldh_from_dns(dst_key_t *key, isc_buffer_t *data, isc_mem_t *mctx) {
DH *dh;
isc_region_t r;
isc_uint16_t plen, glen, publen;
int special = 0;
mctx = mctx; /* make the compiler happy */
isc_buffer_remaining(data, &r);
if (r.length == 0)
return (DST_R_SUCCESS);
dh = DH_new();
if (dh == NULL)
return (DST_R_NOMEMORY);
memset(dh, 0, sizeof(DH));
/*
* Read the prime length. 1 & 2 are table entries, > 16 means a
* prime follows, otherwise an error.
*/
if (r.length < 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
plen = uint16_fromregion(&r);
if (plen < 16 && plen != 1 && plen != 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
if (r.length < plen) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
if (plen == 1 || plen == 2) {
if (plen == 1)
special = *r.base++;
else
special = uint16_fromregion(&r);
switch (special) {
case 1:
dh->p = bn768;
break;
case 2:
dh->p = bn1024;
break;
default:
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
}
else {
dh->p = BN_bin2bn(r.base, plen, NULL);
r.base += plen;
}
/*
* Read the generator length. This should be 0 if the prime was
* special, but it might not be. If it's 0 and the prime is not
* special, we have a problem.
*/
if (r.length < 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
glen = uint16_fromregion(&r);
if (r.length < glen) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
if (special != 0) {
if (glen == 0)
dh->g = bn2;
else {
dh->g = BN_bin2bn(r.base, glen, NULL);
if (BN_cmp(dh->g, bn2) == 0) {
BN_free(dh->g);
dh->g = bn2;
}
else {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
}
}
else {
if (glen == 0) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
dh->g = BN_bin2bn(r.base, glen, NULL);
}
r.base += glen;
if (r.length < 2) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
publen = uint16_fromregion(&r);
if (r.length < publen) {
DH_free(dh);
return (DST_R_INVALIDPUBLICKEY);
}
dh->pub_key = BN_bin2bn(r.base, publen, NULL);
r.base += publen;
isc_buffer_remaining(data, &r);
key->key_id = dst_s_id_calc(r.base, plen + glen + publen + 6);
key->key_size = BN_num_bits(dh->p);
isc_buffer_forward(data, plen + glen + publen + 6);
key->opaque = (void *) dh;
return (DST_R_SUCCESS);
}
/*
* dst_openssldh_to_file
* Encodes a DH Key into the portable file format.
* Parameters
* key DST KEY structure
* Returns
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
static dst_result_t
dst_openssldh_to_file(const dst_key_t *key) {
int cnt = 0;
DH *dh;
dst_private_t priv;
unsigned char bufs[4][128];
if (key->opaque == NULL)
return (DST_R_NULLKEY);
dh = (DH *) key->opaque;
priv.elements[cnt].tag = TAG_DH_PRIME;
priv.elements[cnt].length = BN_num_bytes(dh->p);
BN_bn2bin(dh->p, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DH_GENERATOR;
priv.elements[cnt].length = BN_num_bytes(dh->g);
BN_bn2bin(dh->g, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DH_PRIVATE;
priv.elements[cnt].length = BN_num_bytes(dh->priv_key);
BN_bn2bin(dh->priv_key, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.elements[cnt].tag = TAG_DH_PUBLIC;
priv.elements[cnt].length = BN_num_bytes(dh->pub_key);
BN_bn2bin(dh->pub_key, bufs[cnt]);
priv.elements[cnt].data = bufs[cnt];
cnt++;
priv.nelements = cnt;
return (dst_s_write_private_key_file(key->key_name, key->key_alg,
key->key_id, &priv));
}
/*
* dst_openssldh_from_file
* Converts contents of a private key file into a private DH key.
* Parameters
* key Partially filled DH KEY structure
* id The key id
* path The directory that the file will be read from
* Return
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
static dst_result_t
dst_openssldh_from_file(dst_key_t *key, const int id, isc_mem_t *mctx) {
dst_private_t priv;
dst_result_t ret;
isc_buffer_t dns;
isc_region_t r;
unsigned char dns_array[1024];
int i;
DH *dh = NULL;
#define DST_RET(a) {ret = a; goto err;}
/* read private key file */
ret = dst_s_parse_private_key_file(key->key_name, key->key_alg,
id, &priv, mctx);
if (ret != DST_R_SUCCESS)
return (ret);
dh = DH_new();
if (dh == NULL)
DST_RET(DST_R_NOMEMORY);
memset(dh, 0, sizeof(DH));
key->opaque = dh;
for (i=0; i < priv.nelements; i++) {
BIGNUM *bn;
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(DST_R_NOMEMORY);
switch (priv.elements[i].tag) {
case TAG_DH_PRIME:
dh->p = bn;
break;
case TAG_DH_GENERATOR:
dh->g = bn;
break;
case TAG_DH_PRIVATE:
dh->priv_key = bn;
break;
case TAG_DH_PUBLIC:
dh->pub_key = bn;
break;
}
}
dst_s_free_private_structure_fields(&priv, mctx);
key->key_size = BN_num_bits(dh->p);
if ((key->key_size == 768 || key->key_size == 1024) &&
BN_cmp(dh->g, bn2) == 0)
{
if (key->key_size == 768 && BN_cmp(dh->p, bn768)) {
BN_free(dh->p);
BN_free(dh->g);
dh->p = bn768;
dh->g = bn2;
}
else if (key->key_size == 1024 && BN_cmp(dh->p, bn1024)) {
BN_free(dh->p);
BN_free(dh->g);
dh->p = bn1024;
dh->g = bn2;
}
}
isc_buffer_init(&dns, dns_array, sizeof(dns_array),
ISC_BUFFERTYPE_BINARY);
ret = dst_openssldh_to_dns(key, &dns);
if (ret != DST_R_SUCCESS)
DST_RET(ret);
isc_buffer_used(&dns, &r);
key->key_id = dst_s_id_calc(r.base, r.length);
if (key->key_id != id)
DST_RET(DST_R_INVALIDPRIVATEKEY);
return (DST_R_SUCCESS);
err:
key->opaque = NULL;
dst_openssldh_destroy(dh, mctx);
dst_s_free_private_structure_fields(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
/*
* dst_openssldh_destroy
* Frees all dynamically allocated structures in key.
*/
static void
dst_openssldh_destroy(void *key, isc_mem_t *mctx) {
DH *dh = (DH *) key;
if (dh == NULL)
return;
mctx = mctx; /* make the compiler happy */
if (dh->p == bn768 || dh->p == bn1024)
dh->p = NULL;
if (dh->g == bn2)
dh->g = NULL;
DH_free(dh);
}
/*
* dst_openssldh_generate
* Generates unique keys that are hard to predict.
* Parameters
* key DST Key structure
* generator generator
* mctx memory context to allocate key
* Return
* DST_R_SUCCESS Success
* !DST_R_SUCCESS Failure
*/
static dst_result_t
dst_openssldh_generate(dst_key_t *key, int generator, isc_mem_t *mctx) {
DH *dh = NULL;
unsigned char dns_array[1024];
isc_buffer_t dns;
isc_region_t r;
mctx = mctx; /* make the compiler happy */
if (generator == 0) {
if (key->key_size == 768 || key->key_size == 1024) {
dh = DH_new();
if (dh == NULL)
return (DST_R_NOMEMORY);
if (key->key_size == 768)
dh->p = bn768;
else
dh->p = bn1024;
dh->g = bn2;
}
else
generator = 2;
}
if (generator != 0)
dh = DH_generate_parameters(key->key_size, generator,
NULL, NULL);
if (dh == NULL)
return (DST_R_INVALIDPARAM);
if (DH_generate_key(dh) == 0) {
DH_free(dh);
return(DST_R_NOMEMORY);
}
key->opaque = dh;
isc_buffer_init(&dns, dns_array, sizeof(dns_array),
ISC_BUFFERTYPE_BINARY);
dst_openssldh_to_dns(key, &dns);
isc_buffer_used(&dns, &r);
key->key_id = dst_s_id_calc(r.base, r.length);
return (DST_R_SUCCESS);
}
/**************************************************************************
* dst_openssldh_compare
* Compare two keys for equality.
* Return
* ISC_TRUE The keys are equal
* ISC_FALSE The keys are not equal
*/
static isc_boolean_t
dst_openssldh_compare(const dst_key_t *key1, const dst_key_t *key2) {
int status;
DH *dh1, *dh2;
dh1 = (DH *) key1->opaque;
dh2 = (DH *) key2->opaque;
if (dh1 == NULL && dh2 == NULL)
return(ISC_TRUE);
else if (dh1 == NULL || dh2 == NULL)
return (ISC_FALSE);
status = BN_cmp(dh1->p, dh2->p) ||
BN_cmp(dh1->g, dh2->g) ||
BN_cmp(dh1->pub_key, dh2->pub_key);
if (status != 0)
return (ISC_FALSE);
if (dh1->priv_key != NULL || dh2->priv_key != NULL) {
if (dh1->priv_key == NULL || dh2->priv_key == NULL)
return (ISC_FALSE);
if (BN_cmp(dh1->priv_key, dh2->priv_key))
return (ISC_FALSE);
}
return (ISC_TRUE);
}
/**************************************************************************
* dst_openssldh_paramcompare
* Compare two keys' parameters for equality.
* Return
* ISC_TRUE The keys are equal
* ISC_FALSE The keys are not equal
*/
static isc_boolean_t
dst_openssldh_paramcompare(const dst_key_t *key1, const dst_key_t *key2) {
int status;
DH *dh1, *dh2;
dh1 = (DH *) key1->opaque;
dh2 = (DH *) key2->opaque;
if (dh1 == NULL && dh2 == NULL)
return(ISC_TRUE);
else if (dh1 == NULL || dh2 == NULL)
return (ISC_FALSE);
status = BN_cmp(dh1->p, dh2->p) ||
BN_cmp(dh1->g, dh2->g);
if (status != 0)
return (ISC_FALSE);
return (ISC_TRUE);
}
static void
uint16_toregion(isc_uint16_t val, isc_region_t *region) {
*region->base++ = (val & 0xff00) >> 8;
*region->base++ = (val & 0x00ff);
}
static isc_uint16_t
uint16_fromregion(isc_region_t *region) {
isc_uint16_t val;
unsigned char *cp = region->base;
val = ((unsigned int)(cp[0])) << 8;
val |= ((unsigned int)(cp[1]));
region->base += 2;
return val;
}
#endif