From f6b8e0eae4374f339487a33e3e4fe5462d5816e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= Date: Sat, 25 Nov 2017 10:16:00 +0100 Subject: New upstream version 2.0.0 --- ccast/axTLS/Jamfile | 2 +- ccast/axTLS/aes.c | 0 ccast/axTLS/asn1.c | 34 ++++++++++++++++++++++++++++++++++ ccast/axTLS/axTLS_config.h | 0 ccast/axTLS/axTLS_version.h | 0 ccast/axTLS/bigint.c | 0 ccast/axTLS/bigint.h | 0 ccast/axTLS/bigint_impl.h | 0 ccast/axTLS/cert.h | 0 ccast/axTLS/crypto.h | 1 + ccast/axTLS/crypto_misc.c | 0 ccast/axTLS/crypto_misc.h | 2 ++ ccast/axTLS/gen_cert.c | 0 ccast/axTLS/hmac.c | 0 ccast/axTLS/loader.c | 0 ccast/axTLS/md2.c | 0 ccast/axTLS/md5.c | 0 ccast/axTLS/openssl.c | 0 ccast/axTLS/os_int.h | 0 ccast/axTLS/os_port.c | 0 ccast/axTLS/os_port.h | 0 ccast/axTLS/p12.c | 0 ccast/axTLS/private_key.h | 0 ccast/axTLS/rc4.c | 0 ccast/axTLS/rsa.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ ccast/axTLS/sha1.c | 0 ccast/axTLS/ssl.h | 0 ccast/axTLS/temp | 0 ccast/axTLS/tls1.c | 0 ccast/axTLS/tls1.h | 0 ccast/axTLS/tls1_clnt.c | 0 ccast/axTLS/tls1_svr.c | 0 ccast/axTLS/x509.c | 0 33 files changed, 82 insertions(+), 1 deletion(-) mode change 100644 => 100755 ccast/axTLS/Jamfile mode change 100644 => 100755 ccast/axTLS/aes.c mode change 100644 => 100755 ccast/axTLS/asn1.c mode change 100644 => 100755 ccast/axTLS/axTLS_config.h mode change 100644 => 100755 ccast/axTLS/axTLS_version.h mode change 100644 => 100755 ccast/axTLS/bigint.c mode change 100644 => 100755 ccast/axTLS/bigint.h mode change 100644 => 100755 ccast/axTLS/bigint_impl.h mode change 100644 => 100755 ccast/axTLS/cert.h mode change 100644 => 100755 ccast/axTLS/crypto.h mode change 100644 => 100755 ccast/axTLS/crypto_misc.c mode change 100644 => 100755 ccast/axTLS/crypto_misc.h mode change 100644 => 100755 ccast/axTLS/gen_cert.c mode change 100644 => 100755 ccast/axTLS/hmac.c mode change 100644 => 100755 ccast/axTLS/loader.c mode change 100644 => 100755 ccast/axTLS/md2.c mode change 100644 => 100755 ccast/axTLS/md5.c mode change 100644 => 100755 ccast/axTLS/openssl.c mode change 100644 => 100755 ccast/axTLS/os_int.h mode change 100644 => 100755 ccast/axTLS/os_port.c mode change 100644 => 100755 ccast/axTLS/os_port.h mode change 100644 => 100755 ccast/axTLS/p12.c mode change 100644 => 100755 ccast/axTLS/private_key.h mode change 100644 => 100755 ccast/axTLS/rc4.c mode change 100644 => 100755 ccast/axTLS/rsa.c mode change 100644 => 100755 ccast/axTLS/sha1.c mode change 100644 => 100755 ccast/axTLS/ssl.h mode change 100644 => 100755 ccast/axTLS/temp mode change 100644 => 100755 ccast/axTLS/tls1.c mode change 100644 => 100755 ccast/axTLS/tls1.h mode change 100644 => 100755 ccast/axTLS/tls1_clnt.c mode change 100644 => 100755 ccast/axTLS/tls1_svr.c mode change 100644 => 100755 ccast/axTLS/x509.c (limited to 'ccast/axTLS') diff --git a/ccast/axTLS/Jamfile b/ccast/axTLS/Jamfile old mode 100644 new mode 100755 index 9a8aff4..5466680 --- a/ccast/axTLS/Jamfile +++ b/ccast/axTLS/Jamfile @@ -13,7 +13,7 @@ if $(NT) { } } -# tiff library +# axTLS library LIBSRCS = aes.c asn1.c diff --git a/ccast/axTLS/aes.c b/ccast/axTLS/aes.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/asn1.c b/ccast/axTLS/asn1.c old mode 100644 new mode 100755 index b082275..b5e678e --- a/ccast/axTLS/asn1.c +++ b/ccast/axTLS/asn1.c @@ -200,6 +200,40 @@ int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx) return X509_OK; } +/** + * Read the modulus and public exponent of an RSA certificate. + */ +int asn1_get_public_key(const uint8_t *cert, int *offset, RSA_CTX **rsa_ctx) +{ + int ret = X509_NOT_OK, mod_len, pub_len; + uint8_t *modulus = NULL, *pub_exp = NULL; + int len; + + /* Hmm. Not checking that the two ints are within the squence ... */ + if ((len = asn1_next_obj(cert, offset, ASN1_SEQUENCE)) < 0) + goto end_pub_key; + + if ((mod_len = asn1_get_int(cert, offset, &modulus)) <= 0) { + ret = X509_INVALID_PUB_KEY; + goto end_pub_key; + } + if ((pub_len = asn1_get_int(cert, offset, &pub_exp)) <= 0) { + free(modulus); + ret = X509_INVALID_PUB_KEY; + goto end_pub_key; + } + + RSA_pub_key_new(rsa_ctx, modulus, mod_len, pub_exp, pub_len); + + free(modulus); + free(pub_exp); + + ret = X509_OK; + +end_pub_key: + return ret; +} + /** * Get the time of a certificate. Ignore hours/minutes/seconds. */ diff --git a/ccast/axTLS/axTLS_config.h b/ccast/axTLS/axTLS_config.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/axTLS_version.h b/ccast/axTLS/axTLS_version.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/bigint.c b/ccast/axTLS/bigint.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/bigint.h b/ccast/axTLS/bigint.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/bigint_impl.h b/ccast/axTLS/bigint_impl.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/cert.h b/ccast/axTLS/cert.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/crypto.h b/ccast/axTLS/crypto.h old mode 100644 new mode 100755 index bf2c187..904000d --- a/ccast/axTLS/crypto.h +++ b/ccast/axTLS/crypto.h @@ -204,6 +204,7 @@ void RSA_pub_key_new(RSA_CTX **rsa_ctx, void RSA_free(RSA_CTX *ctx); int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data, int is_decryption); +int RSA_decrypt2(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data); bigint *RSA_private(const RSA_CTX *c, bigint *bi_msg); #if defined(CONFIG_SSL_CERT_VERIFICATION) || defined(CONFIG_SSL_GENERATE_X509_CERT) bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len, diff --git a/ccast/axTLS/crypto_misc.c b/ccast/axTLS/crypto_misc.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/crypto_misc.h b/ccast/axTLS/crypto_misc.h old mode 100644 new mode 100755 index acb5c73..d1c843c --- a/ccast/axTLS/crypto_misc.h +++ b/ccast/axTLS/crypto_misc.h @@ -55,6 +55,7 @@ extern "C" { #define X509_VFY_ERROR_INVALID_CHAIN -7 #define X509_VFY_ERROR_UNSUPPORTED_DIGEST -8 #define X509_INVALID_PRIV_KEY -9 +#define X509_INVALID_PUB_KEY -10 /* * The Distinguished Name @@ -128,6 +129,7 @@ const char * x509_display_error(int error); int get_asn1_length(const uint8_t *buf, int *offset); int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx); +int asn1_get_public_key(const uint8_t *cert, int *offset, RSA_CTX **rsa_ctx); int asn1_next_obj(const uint8_t *buf, int *offset, int obj_type); int asn1_skip_obj(const uint8_t *buf, int *offset, int obj_type); int asn1_get_int(const uint8_t *buf, int *offset, uint8_t **object); diff --git a/ccast/axTLS/gen_cert.c b/ccast/axTLS/gen_cert.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/hmac.c b/ccast/axTLS/hmac.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/loader.c b/ccast/axTLS/loader.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/md2.c b/ccast/axTLS/md2.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/md5.c b/ccast/axTLS/md5.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/openssl.c b/ccast/axTLS/openssl.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/os_int.h b/ccast/axTLS/os_int.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/os_port.c b/ccast/axTLS/os_port.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/os_port.h b/ccast/axTLS/os_port.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/p12.c b/ccast/axTLS/p12.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/private_key.h b/ccast/axTLS/private_key.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/rc4.c b/ccast/axTLS/rc4.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/rsa.c b/ccast/axTLS/rsa.c old mode 100644 new mode 100755 index e707f2b..14948eb --- a/ccast/axTLS/rsa.c +++ b/ccast/axTLS/rsa.c @@ -187,6 +187,50 @@ int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data, return size ? size : -1; } +/** + * @brief Use PKCS1.5 for decryption. + * @param ctx [in] The context + * @param in_data [in] The data to encrypt + * @param out_data [out] The decrypted data. + * @return The number of bytes that were originally encrypted. -1 on error. + */ +int RSA_decrypt2(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data) +{ + const int byte_size = ctx->num_octets; + int i, size; + bigint *decrypted_bi, *dat_bi; + uint8_t *block = (uint8_t *)malloc(byte_size); + + /* decrypt */ + dat_bi = bi_import(ctx->bi_ctx, in_data, byte_size); + + decrypted_bi = RSA_public(ctx, dat_bi); /* Frees dat_bi and exponent ? */ + + /* convert to a normal block (frees decrypted_bi) */ + bi_export(ctx->bi_ctx, decrypted_bi, block, byte_size); + + + /* We assume this is padded with "0001ff....ff00" */ + i = 2; + while (block[i++] == 0xff && i < byte_size) + ; + + /* Skip last 0x00 */ + if (i < byte_size && block[i] == 0x00) + i++; + + size = byte_size - i; + + /* get only the bit we want */ + if (size > 0) { + memcpy(out_data, &block[i], size); + } + + free(block); + + return size ? size : -1; +} + /** * Performs m = c^d mod n */ diff --git a/ccast/axTLS/sha1.c b/ccast/axTLS/sha1.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/ssl.h b/ccast/axTLS/ssl.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/temp b/ccast/axTLS/temp old mode 100644 new mode 100755 diff --git a/ccast/axTLS/tls1.c b/ccast/axTLS/tls1.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/tls1.h b/ccast/axTLS/tls1.h old mode 100644 new mode 100755 diff --git a/ccast/axTLS/tls1_clnt.c b/ccast/axTLS/tls1_clnt.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/tls1_svr.c b/ccast/axTLS/tls1_svr.c old mode 100644 new mode 100755 diff --git a/ccast/axTLS/x509.c b/ccast/axTLS/x509.c old mode 100644 new mode 100755 -- cgit v1.2.3