1 /***************************************************************************
3 * Part II Project, "A secure, private IP network"
4 * Stephen Early <sde1000@cam.ac.uk>
9 * Description: RSA signature making and checking functions
11 * Copyright: (C) Stephen Early 1995
15 * $Date: 1996/05/16 18:40:14 $
19 ***************************************************************************/
22 * Revision 1.1 1996/05/16 18:40:14 sde1000
32 #define AUTHFILE_ID_STRING "SSH PRIVATE KEY FILE FORMAT 1.1\n"
36 struct rsaprivkey_if ops
;
43 struct rsapubkey_if ops
;
48 /* Sign data. NB data must be smaller than modulus */
50 static char *hexchars
="0123456789abcdef";
52 static string_t
rsa_sign(void *sst
, uint8_t *data
, uint32_t datalen
)
54 struct rsapriv
*st
=sst
;
63 msize
=mpz_sizeinbase(&st
->n
, 16);
65 if (datalen
*2+4>=msize
) {
66 fatal("rsa_sign: message too big\n");
71 for (i
=0; i
<datalen
; i
++) {
72 buff
[4+i
*2]=hexchars
[(data
[i
]&0xf0)>>4];
73 buff
[5+i
*2]=hexchars
[data
[i
]&0xf];
77 for (i
=datalen
*2+4; i
<msize
; i
++)
82 mpz_set_str(&a
, buff
, 16);
84 mpz_powm(&b
, &a
, &st
->d
, &st
->n
);
86 signature
=write_mpstring(&b
);
93 static bool_t
rsa_sig_check(void *sst
, uint8_t *data
, uint32_t datalen
,
96 struct rsapub
*st
=sst
;
106 msize
=mpz_sizeinbase(&st
->n
, 16);
110 for (i
=0; i
<datalen
; i
++) {
111 buff
[4+i
*2]=hexchars
[(data
[i
]&0xf0)>>4];
112 buff
[5+i
*2]=hexchars
[data
[i
]&0xf];
116 for (i
=datalen
*2+4; i
<msize
; i
++)
121 mpz_set_str(&a
, buff
, 16);
123 mpz_set_str(&b
, signature
, 16);
125 mpz_powm(&c
, &b
, &st
->e
, &st
->n
);
127 ok
=(mpz_cmp(&a
, &c
)==0);
136 static list_t
*rsapub_apply(closure_t
*self
, struct cloc loc
, dict_t
*context
,
143 st
=safe_malloc(sizeof(*st
),"rsapub_apply");
144 st
->cl
.description
="rsapub";
145 st
->cl
.type
=CL_RSAPUBKEY
;
147 st
->cl
.interface
=&st
->ops
;
149 st
->ops
.check
=rsa_sig_check
;
154 if (i
->type
!=t_string
) {
155 cfgfatal(i
->loc
,"rsa-public","first argument must be a string");
158 if (mpz_init_set_str(&st
->e
,e
,10)!=0) {
159 cfgfatal(i
->loc
,"rsa-public","encryption key \"%s\" is not a "
160 "decimal number string\n",e
);
163 cfgfatal(loc
,"rsa-public","you must provide an encryption key\n");
168 if (i
->type
!=t_string
) {
169 cfgfatal(i
->loc
,"rsa-public","second argument must be a string");
172 if (mpz_init_set_str(&st
->n
,n
,10)!=0) {
173 cfgfatal(i
->loc
,"rsa-public","modulus \"%s\" is not a decimal "
174 "number string\n",n
);
177 cfgfatal(loc
,"rsa-public","you must provide a modulus\n");
179 return new_closure(&st
->cl
);
182 static uint32_t keyfile_get_int(FILE *f
)
192 static uint16_t keyfile_get_short(FILE *f
)
200 static list_t
*rsapriv_apply(closure_t
*self
, struct cloc loc
, dict_t
*context
,
210 MP_INT e
,sig
,plain
,check
;
212 st
=safe_malloc(sizeof(*st
),"rsapriv_apply");
213 st
->cl
.description
="rsapriv";
214 st
->cl
.type
=CL_RSAPRIVKEY
;
216 st
->cl
.interface
=&st
->ops
;
218 st
->ops
.sign
=rsa_sign
;
221 /* Argument is filename pointing to SSH1 private key file */
224 if (i
->type
!=t_string
) {
225 cfgfatal(i
->loc
,"rsa-public","first argument must be a string");
227 filename
=i
->data
.string
;
229 filename
=""; /* Make compiler happy */
230 cfgfatal(loc
,"rsa-private","you must provide a filename\n");
233 f
=fopen(filename
,"rb");
235 if (just_check_config
) {
236 Message(M_WARNING
,"rsa-private (%s:%d): cannot open keyfile "
237 "\"%s\"; assuming it's valid while we check the "
238 "rest of the configuration\n",loc
.file
,loc
.line
,filename
);
241 fatal_perror("rsa-private (%s:%d): cannot open file \"%s\"",
242 loc
.file
,loc
.line
,filename
);
246 /* Check that the ID string is correct */
247 length
=strlen(AUTHFILE_ID_STRING
)+1;
248 b
=safe_malloc(length
,"rsapriv_apply");
249 if (fread(b
,length
,1,f
)!=1 || memcmp(b
,AUTHFILE_ID_STRING
,length
)!=0) {
250 cfgfatal(loc
,"rsa-private","file \"%s\" is not a "
251 "SSH1 private keyfile\n",filename
);
255 cipher_type
=fgetc(f
);
256 keyfile_get_int(f
); /* "Reserved data" */
257 if (cipher_type
!= 0) {
258 cfgfatal(loc
,"rsa-private","we don't support encrypted keyfiles\n");
261 /* Read the public key */
262 keyfile_get_int(f
); /* Not sure what this is */
263 length
=(keyfile_get_short(f
)+7)/8;
265 cfgfatal(loc
,"rsa-private","implausible length %ld for modulus\n",
268 b
=safe_malloc(length
,"rsapriv_apply");
269 if (fread(b
,length
,1,f
) != 1) {
270 cfgfatal(loc
,"rsa-private","error reading modulus\n");
273 read_mpbin(&st
->n
,b
,length
);
275 length
=(keyfile_get_short(f
)+7)/8;
277 cfgfatal(loc
,"rsa-private","implausible length %ld for e\n",length
);
279 b
=safe_malloc(length
,"rsapriv_apply");
280 if (fread(b
,length
,1,f
)!=1) {
281 cfgfatal(loc
,"rsa-private","error reading e\n");
284 read_mpbin(&e
,b
,length
);
287 length
=keyfile_get_int(f
);
289 cfgfatal(loc
,"rsa-private","implausibly long (%ld) key comment\n",
292 c
=safe_malloc(length
+1,"rsapriv_apply");
293 if (fread(c
,length
,1,f
)!=1) {
294 cfgfatal(loc
,"rsa-private","error reading key comment\n");
298 /* Check that the next two pairs of characters are identical - the
299 keyfile is not encrypted, so they should be */
300 if (keyfile_get_short(f
) != keyfile_get_short(f
)) {
301 cfgfatal(loc
,"rsa-private","corrupt keyfile\n");
305 length
=(keyfile_get_short(f
)+7)/8;
307 cfgfatal(loc
,"rsa-private","implausibly long (%ld) decryption key\n",
310 b
=safe_malloc(length
,"rsapriv_apply");
311 if (fread(b
,length
,1,f
)!=1) {
312 cfgfatal(loc
,"rsa-private","error reading decryption key\n");
315 read_mpbin(&st
->d
,b
,length
);
319 fatal_perror("rsa-private (%s:%d): fclose",loc
.file
,loc
.line
);
322 /* Now do trial signature/check to make sure it's a real keypair:
323 sign the comment string! */
325 if (i
&& i
->type
==t_bool
&& i
->data
.bool==False
) {
326 Message(M_INFO
,"rsa-private (%s:%d): skipping RSA key validity "
327 "check\n",loc
.file
,loc
.line
);
332 read_mpbin(&plain
,c
,strlen(c
));
333 mpz_powm(&sig
, &plain
, &st
->d
, &st
->n
);
334 mpz_powm(&check
, &sig
, &e
, &st
->n
);
335 if (mpz_cmp(&plain
,&check
)!=0) {
336 cfgfatal(loc
,"rsa-private","file \"%s\" does not contain a "
337 "valid RSA key!\n",filename
);
348 return new_closure(&st
->cl
);
351 init_module rsa_module
;
352 void rsa_module(dict_t
*dict
)
354 add_closure(dict
,"rsa-private",rsapriv_apply
);
355 add_closure(dict
,"rsa-public",rsapub_apply
);