18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/*
28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Crypto wrapper for internal crypto implementation - RSA parts
38d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2006-2009, Jouni Malinen <j@w1.fi>
48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *
5c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * This software may be distributed under the terms of the BSD license.
6c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * See README for more details.
78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */
88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "includes.h"
108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "common.h"
128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "crypto.h"
138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "tls/rsa.h"
148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "tls/pkcs1.h"
158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "tls/pkcs8.h"
168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* Dummy structures; these are just typecast to struct crypto_rsa_key */
188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct crypto_public_key;
198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct crypto_private_key;
208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct crypto_public_key * crypto_public_key_import(const u8 *key, size_t len)
238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return (struct crypto_public_key *)
258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		crypto_rsa_import_public_key(key, len);
268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
2950b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidtstruct crypto_public_key *
3050b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidtcrypto_public_key_import_parts(const u8 *n, size_t n_len,
3150b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt			       const u8 *e, size_t e_len)
3250b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt{
3350b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt	return (struct crypto_public_key *)
3450b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt		crypto_rsa_import_public_key_parts(n, n_len, e, e_len);
3550b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt}
3650b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt
3750b691dc36a8075e8f594e8bea93cb524fa6b1d2Dmitry Shmidt
388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct crypto_private_key * crypto_private_key_import(const u8 *key,
398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt						      size_t len,
408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt						      const char *passwd)
418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	struct crypto_private_key *res;
438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	/* First, check for possible PKCS #8 encoding */
458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	res = pkcs8_key_import(key, len);
468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	if (res)
478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		return res;
488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	if (passwd) {
508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		/* Try to parse as encrypted PKCS #8 */
518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		res = pkcs8_enc_key_import(key, len, passwd);
528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		if (res)
538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt			return res;
548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	}
558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	/* Not PKCS#8, so try to import PKCS #1 encoded RSA private key */
578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	wpa_printf(MSG_DEBUG, "Trying to parse PKCS #1 encoded RSA private "
588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		   "key");
598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return (struct crypto_private_key *)
608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt		crypto_rsa_import_private_key(key, len);
618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct crypto_public_key * crypto_public_key_from_cert(const u8 *buf,
658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt						       size_t len)
668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	/* No X.509 support in crypto_internal.c */
688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return NULL;
698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint crypto_public_key_encrypt_pkcs1_v15(struct crypto_public_key *key,
738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt					const u8 *in, size_t inlen,
748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt					u8 *out, size_t *outlen)
758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return pkcs1_encrypt(2, (struct crypto_rsa_key *) key,
778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt			     0, in, inlen, out, outlen);
788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint crypto_private_key_decrypt_pkcs1_v15(struct crypto_private_key *key,
828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt					 const u8 *in, size_t inlen,
838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt					 u8 *out, size_t *outlen)
848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return pkcs1_v15_private_key_decrypt((struct crypto_rsa_key *) key,
868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt					     in, inlen, out, outlen);
878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint crypto_private_key_sign_pkcs1(struct crypto_private_key *key,
918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt				  const u8 *in, size_t inlen,
928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt				  u8 *out, size_t *outlen)
938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return pkcs1_encrypt(1, (struct crypto_rsa_key *) key,
958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt			     1, in, inlen, out, outlen);
968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid crypto_public_key_free(struct crypto_public_key *key)
1008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
1018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	crypto_rsa_free((struct crypto_rsa_key *) key);
1028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
1038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
1048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
1058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid crypto_private_key_free(struct crypto_private_key *key)
1068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
1078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	crypto_rsa_free((struct crypto_rsa_key *) key);
1088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
1098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
1108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt
1118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint crypto_public_key_decrypt_pkcs1(struct crypto_public_key *key,
1128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt				    const u8 *crypt, size_t crypt_len,
1138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt				    u8 *plain, size_t *plain_len)
1148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{
1158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt	return pkcs1_decrypt_public_key((struct crypto_rsa_key *) key,
1168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt					crypt, crypt_len, plain, plain_len);
1178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}
118