mbed TLS library
Dependents: HTTPClient-SSL WS_SERVER
include/polarssl/openssl.h@0:137634ff4186, 2015-06-11 (annotated)
- Committer:
- ansond
- Date:
- Thu Jun 11 03:27:03 2015 +0000
- Revision:
- 0:137634ff4186
initial commit
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
ansond | 0:137634ff4186 | 1 | /** |
ansond | 0:137634ff4186 | 2 | * \file openssl.h |
ansond | 0:137634ff4186 | 3 | * |
ansond | 0:137634ff4186 | 4 | * \brief OpenSSL wrapper (definitions, inline functions). |
ansond | 0:137634ff4186 | 5 | * |
ansond | 0:137634ff4186 | 6 | * \deprecated Use native mbed TLS functions instead |
ansond | 0:137634ff4186 | 7 | * |
ansond | 0:137634ff4186 | 8 | * Copyright (C) 2006-2010, ARM Limited, All Rights Reserved |
ansond | 0:137634ff4186 | 9 | * |
ansond | 0:137634ff4186 | 10 | * This file is part of mbed TLS (https://tls.mbed.org) |
ansond | 0:137634ff4186 | 11 | * |
ansond | 0:137634ff4186 | 12 | * This program is free software; you can redistribute it and/or modify |
ansond | 0:137634ff4186 | 13 | * it under the terms of the GNU General Public License as published by |
ansond | 0:137634ff4186 | 14 | * the Free Software Foundation; either version 2 of the License, or |
ansond | 0:137634ff4186 | 15 | * (at your option) any later version. |
ansond | 0:137634ff4186 | 16 | * |
ansond | 0:137634ff4186 | 17 | * This program is distributed in the hope that it will be useful, |
ansond | 0:137634ff4186 | 18 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
ansond | 0:137634ff4186 | 19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
ansond | 0:137634ff4186 | 20 | * GNU General Public License for more details. |
ansond | 0:137634ff4186 | 21 | * |
ansond | 0:137634ff4186 | 22 | * You should have received a copy of the GNU General Public License along |
ansond | 0:137634ff4186 | 23 | * with this program; if not, write to the Free Software Foundation, Inc., |
ansond | 0:137634ff4186 | 24 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
ansond | 0:137634ff4186 | 25 | */ |
ansond | 0:137634ff4186 | 26 | |
ansond | 0:137634ff4186 | 27 | /* |
ansond | 0:137634ff4186 | 28 | * OpenSSL wrapper contributed by David Barett |
ansond | 0:137634ff4186 | 29 | */ |
ansond | 0:137634ff4186 | 30 | |
ansond | 0:137634ff4186 | 31 | #if ! defined(POLARSSL_DEPRECATED_REMOVED) |
ansond | 0:137634ff4186 | 32 | |
ansond | 0:137634ff4186 | 33 | #if defined(POLARSSL_DEPRECATED_WARNING) |
ansond | 0:137634ff4186 | 34 | #warning "Including openssl.h is deprecated" |
ansond | 0:137634ff4186 | 35 | #endif |
ansond | 0:137634ff4186 | 36 | |
ansond | 0:137634ff4186 | 37 | #ifndef POLARSSL_OPENSSL_H |
ansond | 0:137634ff4186 | 38 | #define POLARSSL_OPENSSL_H |
ansond | 0:137634ff4186 | 39 | |
ansond | 0:137634ff4186 | 40 | #include "aes.h" |
ansond | 0:137634ff4186 | 41 | #include "md5.h" |
ansond | 0:137634ff4186 | 42 | #include "rsa.h" |
ansond | 0:137634ff4186 | 43 | #include "sha1.h" |
ansond | 0:137634ff4186 | 44 | |
ansond | 0:137634ff4186 | 45 | #define AES_SIZE 16 |
ansond | 0:137634ff4186 | 46 | #define AES_BLOCK_SIZE 16 |
ansond | 0:137634ff4186 | 47 | #define AES_KEY aes_context |
ansond | 0:137634ff4186 | 48 | #define MD5_CTX md5_context |
ansond | 0:137634ff4186 | 49 | #define SHA_CTX sha1_context |
ansond | 0:137634ff4186 | 50 | |
ansond | 0:137634ff4186 | 51 | #define SHA1_Init( CTX ) \ |
ansond | 0:137634ff4186 | 52 | sha1_starts( (CTX) ) |
ansond | 0:137634ff4186 | 53 | #define SHA1_Update( CTX, BUF, LEN ) \ |
ansond | 0:137634ff4186 | 54 | sha1_update( (CTX), (unsigned char *)(BUF), (LEN) ) |
ansond | 0:137634ff4186 | 55 | #define SHA1_Final( OUT, CTX ) \ |
ansond | 0:137634ff4186 | 56 | sha1_finish( (CTX), (OUT) ) |
ansond | 0:137634ff4186 | 57 | |
ansond | 0:137634ff4186 | 58 | #define MD5_Init( CTX ) \ |
ansond | 0:137634ff4186 | 59 | md5_starts( (CTX) ) |
ansond | 0:137634ff4186 | 60 | #define MD5_Update( CTX, BUF, LEN ) \ |
ansond | 0:137634ff4186 | 61 | md5_update( (CTX), (unsigned char *)(BUF), (LEN) ) |
ansond | 0:137634ff4186 | 62 | #define MD5_Final( OUT, CTX ) \ |
ansond | 0:137634ff4186 | 63 | md5_finish( (CTX), (OUT) ) |
ansond | 0:137634ff4186 | 64 | |
ansond | 0:137634ff4186 | 65 | #define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \ |
ansond | 0:137634ff4186 | 66 | aes_setkey_enc( (CTX), (KEY), (KEYSIZE) ) |
ansond | 0:137634ff4186 | 67 | #define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \ |
ansond | 0:137634ff4186 | 68 | aes_setkey_dec( (CTX), (KEY), (KEYSIZE) ) |
ansond | 0:137634ff4186 | 69 | #define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \ |
ansond | 0:137634ff4186 | 70 | aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) ) |
ansond | 0:137634ff4186 | 71 | |
ansond | 0:137634ff4186 | 72 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 73 | extern "C" { |
ansond | 0:137634ff4186 | 74 | #endif |
ansond | 0:137634ff4186 | 75 | |
ansond | 0:137634ff4186 | 76 | /* |
ansond | 0:137634ff4186 | 77 | * RSA stuff follows. TODO: needs cleanup |
ansond | 0:137634ff4186 | 78 | */ |
ansond | 0:137634ff4186 | 79 | inline int __RSA_Passthrough( void *output, void *input, int size ) |
ansond | 0:137634ff4186 | 80 | { |
ansond | 0:137634ff4186 | 81 | memcpy( output, input, size ); |
ansond | 0:137634ff4186 | 82 | return size; |
ansond | 0:137634ff4186 | 83 | } |
ansond | 0:137634ff4186 | 84 | |
ansond | 0:137634ff4186 | 85 | inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr, |
ansond | 0:137634ff4186 | 86 | int len ) |
ansond | 0:137634ff4186 | 87 | { |
ansond | 0:137634ff4186 | 88 | unsigned char *buffer = *(unsigned char **) bufptr; |
ansond | 0:137634ff4186 | 89 | rsa_context *rsa; |
ansond | 0:137634ff4186 | 90 | |
ansond | 0:137634ff4186 | 91 | /* |
ansond | 0:137634ff4186 | 92 | * Not a general-purpose parser: only parses public key from *exactly* |
ansond | 0:137634ff4186 | 93 | * openssl genrsa -out privkey.pem 512 (or 1024) |
ansond | 0:137634ff4186 | 94 | * openssl rsa -in privkey.pem -out privatekey.der -outform der |
ansond | 0:137634ff4186 | 95 | * openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout |
ansond | 0:137634ff4186 | 96 | * |
ansond | 0:137634ff4186 | 97 | * TODO: make a general-purpose parse |
ansond | 0:137634ff4186 | 98 | */ |
ansond | 0:137634ff4186 | 99 | if( ignore != 0 || ( len != 94 && len != 162 ) ) |
ansond | 0:137634ff4186 | 100 | return( 0 ); |
ansond | 0:137634ff4186 | 101 | |
ansond | 0:137634ff4186 | 102 | rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) ); |
ansond | 0:137634ff4186 | 103 | if( rsa == NULL ) |
ansond | 0:137634ff4186 | 104 | return( 0 ); |
ansond | 0:137634ff4186 | 105 | |
ansond | 0:137634ff4186 | 106 | memset( rsa, 0, sizeof( rsa_context ) ); |
ansond | 0:137634ff4186 | 107 | |
ansond | 0:137634ff4186 | 108 | if( ( len == 94 && |
ansond | 0:137634ff4186 | 109 | mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 && |
ansond | 0:137634ff4186 | 110 | mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) || |
ansond | 0:137634ff4186 | 111 | ( len == 162 && |
ansond | 0:137634ff4186 | 112 | mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) && |
ansond | 0:137634ff4186 | 113 | mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 ) |
ansond | 0:137634ff4186 | 114 | { |
ansond | 0:137634ff4186 | 115 | /* |
ansond | 0:137634ff4186 | 116 | * key read successfully |
ansond | 0:137634ff4186 | 117 | */ |
ansond | 0:137634ff4186 | 118 | rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3; |
ansond | 0:137634ff4186 | 119 | return( rsa ); |
ansond | 0:137634ff4186 | 120 | } |
ansond | 0:137634ff4186 | 121 | else |
ansond | 0:137634ff4186 | 122 | { |
ansond | 0:137634ff4186 | 123 | memset( rsa, 0, sizeof( rsa_context ) ); |
ansond | 0:137634ff4186 | 124 | free( rsa ); |
ansond | 0:137634ff4186 | 125 | return( 0 ); |
ansond | 0:137634ff4186 | 126 | } |
ansond | 0:137634ff4186 | 127 | } |
ansond | 0:137634ff4186 | 128 | |
ansond | 0:137634ff4186 | 129 | #define RSA rsa_context |
ansond | 0:137634ff4186 | 130 | #define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */ |
ansond | 0:137634ff4186 | 131 | #define RSA_size( CTX ) (CTX)->len |
ansond | 0:137634ff4186 | 132 | #define RSA_free( CTX ) rsa_free( CTX ) |
ansond | 0:137634ff4186 | 133 | #define ERR_get_error( ) "ERR_get_error() not supported" |
ansond | 0:137634ff4186 | 134 | #define RSA_blinding_off( IGNORE ) |
ansond | 0:137634ff4186 | 135 | |
ansond | 0:137634ff4186 | 136 | #define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */ |
ansond | 0:137634ff4186 | 137 | |
ansond | 0:137634ff4186 | 138 | inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; } |
ansond | 0:137634ff4186 | 139 | inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; } |
ansond | 0:137634ff4186 | 140 | inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; } |
ansond | 0:137634ff4186 | 141 | inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; } |
ansond | 0:137634ff4186 | 142 | |
ansond | 0:137634ff4186 | 143 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 144 | } |
ansond | 0:137634ff4186 | 145 | #endif |
ansond | 0:137634ff4186 | 146 | |
ansond | 0:137634ff4186 | 147 | #endif /* openssl.h */ |
ansond | 0:137634ff4186 | 148 | #endif /* POLARSSL_DEPRECATED_REMOVED */ |
ansond | 0:137634ff4186 | 149 |