16 #include "lib/crypt_ops/compat_openssl.h"
30 #ifdef HAVE_SYS_STAT_H
35 #include <openssl/rsa.h>
54 crypto_get_rsa_padding(
int padding)
95 char *to,
size_t tolen,
98 int padding,
int force)
100 int overhead, outlen, r;
101 size_t pkeylen, symlen;
102 crypto_cipher_t *cipher = NULL;
113 if (!force && fromlen+overhead <= pkeylen) {
117 from,fromlen,padding);
126 buf = tor_malloc(pkeylen+1);
134 if (outlen!=(
int)pkeylen) {
144 crypto_cipher_free(cipher);
146 return (
int)(outlen + symlen);
152 crypto_cipher_free(cipher);
168 int padding,
int warnOnFailure)
172 crypto_cipher_t *cipher = NULL;
178 if (fromlen <= pkeylen) {
183 buf = tor_malloc(pkeylen);
188 "Error decrypting public-key data");
193 "No room for a symmetric key");
202 tor_assert(tolen - outlen >= fromlen - pkeylen);
208 crypto_cipher_free(cipher);
210 return (
int)(outlen + (fromlen-pkeylen));
214 crypto_cipher_free(cipher);
273 char *end = out+outlen;
276 while (*in && out<end) {
278 if (++n == 4 && *in && out<end) {
294 size_t datalen,
const char *sig,
309 log_warn(
LD_BUG,
"couldn't compute digest");
313 buf = tor_malloc(buflen);
316 log_warn(
LD_CRYPTO,
"Invalid signature");
321 log_warn(
LD_CRYPTO,
"Signature mismatched with digest.");
340 const char *from,
size_t fromlen)
347 memwipe(digest, 0,
sizeof(digest));
364 buf = tor_malloc(buflen);
389 buf = tor_malloc(buflen);
403 static const char RSA_PUBLIC_TAG[] =
"RSA PUBLIC KEY";
404 static const char RSA_PRIVATE_TAG[] =
"RSA PRIVATE KEY";
408 #define PRIVATE_ASN_MAX_OVERHEAD_FACTOR 16
409 #define PUBLIC_ASN_MAX_OVERHEAD_FACTOR 3
419 char **dest,
size_t *len,
423 private_key ? PRIVATE_ASN_MAX_OVERHEAD_FACTOR
424 : PUBLIC_ASN_MAX_OVERHEAD_FACTOR;
427 private_key ? RSA_PRIVATE_TAG : RSA_PUBLIC_TAG;
428 char *buf = tor_malloc(buflen);
430 size_t resultlen = 0;
440 result = tor_malloc(resultlen);
442 (
const unsigned char *)buf, n, tag) < 0) {
451 if (rv < 0 && result) {
467 char **dest,
size_t *len)
479 char **dest,
size_t *len)
492 size_t len,
int severity,
493 bool private_key,
int max_bits)
495 if (len == (
size_t)-1)
498 const char *ktype = private_key ?
"private key" :
"public key";
500 private_key ? RSA_PRIVATE_TAG : RSA_PUBLIC_TAG;
502 uint8_t *buf = tor_malloc(buflen);
505 int n =
pem_decode(buf, buflen, src, len, tag);
508 "Error decoding PEM wrapper while reading %s", ktype);
517 "Error decoding ASN.1 while reading %s", ktype);
540 const char *src,
size_t len)
552 const char *src, ssize_t len)
565 const char *src, ssize_t len)
572 #define MAX_PRIVKEY_FILE_LEN (16*1024*1024)
582 char *buf = read_file_to_str(keyfile, 0, &st);
584 log_warn(
LD_CRYPTO,
"Unable to read file for private key in %s",
589 log_warn(
LD_CRYPTO,
"Private key file %s was far too large.",
598 log_warn(
LD_CRYPTO,
"Unable to decode private key from file %s",
601 memwipe(buf, 0, (
size_t)st.st_size);
636 char *buf = tor_malloc(buflen);
647 result = tor_malloc(reslen);
656 if (result && ! ok) {
673 char *der = tor_malloc_zero(len + 1);
676 log_warn(
LD_CRYPTO,
"Stored RSA private key seems corrupted (base64).");
int base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
size_t base64_encode_size(size_t srclen, int flags)
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
crypto_cipher_t * crypto_cipher_new(const char *key)
int crypto_cipher_decrypt(crypto_cipher_t *env, char *to, const char *from, size_t fromlen)
int crypto_cipher_encrypt(crypto_cipher_t *env, char *to, const char *from, size_t fromlen)
Headers for crypto_cipher.c.
Header for crypto_curve25519.c.
int crypto_common_digests(common_digests_t *ds_out, const char *m, size_t len)
Headers for crypto_digest.c.
int crypto_digest(char *digest, const char *m, size_t len)
void crypto_rand(char *to, size_t n)
Common functions for using (pseudo-)random number generators.
int crypto_pk_read_private_key_from_string(crypto_pk_t *env, const char *src, ssize_t len)
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
int crypto_pk_obsolete_public_hybrid_encrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int force)
int crypto_pk_eq_keys(const crypto_pk_t *a, const crypto_pk_t *b)
int crypto_pk_obsolete_private_hybrid_decrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int warnOnFailure)
int crypto_pk_write_public_key_to_string(crypto_pk_t *env, char **dest, size_t *len)
int crypto_pk_write_private_key_to_filename(crypto_pk_t *env, const char *fname)
static int crypto_pk_read_from_string_generic(crypto_pk_t *env, const char *src, size_t len, int severity, bool private_key, int max_bits)
int crypto_pk_get_common_digests(crypto_pk_t *pk, common_digests_t *digests_out)
int crypto_pk_read_private_key1024_from_string(crypto_pk_t *env, const char *src, ssize_t len)
int crypto_pk_base64_encode_private(const crypto_pk_t *pk, char **priv_out)
int crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
crypto_pk_t * crypto_pk_base64_decode_private(const char *str, size_t len)
int crypto_get_rsa_padding_overhead(int padding)
void crypto_add_spaces_to_fp(char *out, size_t outlen, const char *in)
static int crypto_pk_write_to_string_generic(crypto_pk_t *env, char **dest, size_t *len, bool private_key)
int crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen)
int crypto_pk_public_checksig_digest(crypto_pk_t *env, const char *data, size_t datalen, const char *sig, size_t siglen)
#define MAX_PRIVKEY_FILE_LEN
int crypto_pk_read_private_key_from_filename(crypto_pk_t *env, const char *keyfile)
int crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src, size_t len)
int crypto_pk_write_private_key_to_string(crypto_pk_t *env, char **dest, size_t *len)
Headers for crypto_rsa.c.
#define PKCS1_OAEP_PADDING_OVERHEAD
void crypto_pk_assign_private(crypto_pk_t *dest, const crypto_pk_t *src)
crypto_pk_t * crypto_pk_asn1_decode_private(const char *str, size_t len, int max_bits)
int crypto_pk_cmp_keys(const crypto_pk_t *a, const crypto_pk_t *b)
size_t crypto_pk_keysize(const crypto_pk_t *env)
int crypto_pk_private_sign(const crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen)
crypto_pk_t * crypto_pk_asn1_decode(const char *str, size_t len)
int crypto_pk_private_decrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding, int warnOnFailure)
#define PK_PKCS1_OAEP_PADDING
int crypto_pk_asn1_encode(const crypto_pk_t *pk, char *dest, size_t dest_len)
int crypto_pk_public_encrypt(crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding)
void crypto_pk_assign_public(crypto_pk_t *dest, const crypto_pk_t *src)
int crypto_pk_asn1_encode_private(const crypto_pk_t *pk, char *dest, size_t dest_len)
int crypto_pk_public_checksig(const crypto_pk_t *env, char *to, size_t tolen, const char *from, size_t fromlen)
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
#define tor_memneq(a, b, sz)
const char * escaped(const char *s)
Wrappers for reading and writing data to files on disk.
int write_bytes_to_file(const char *fname, const char *str, size_t len, int bin)
#define log_fn(severity, domain, args,...)
int pem_decode(uint8_t *dest, size_t destlen, const char *src, size_t srclen, const char *objtype)
size_t pem_encoded_size(size_t src_len, const char *objtype)
int pem_encode(char *dest, size_t destlen, const uint8_t *src, size_t srclen, const char *objtype)
#define MOCK_IMPL(rv, funcname, arglist)
Macros to manage assertions, fatal and non-fatal.