// SoftEther VPN Source Code // Mayaqua Kernel // // SoftEther VPN Server, Client and Bridge are free software under GPLv2. // // Copyright (c) 2012-2016 Daiyuu Nobori. // Copyright (c) 2012-2016 SoftEther VPN Project, University of Tsukuba, Japan. // Copyright (c) 2012-2016 SoftEther Corporation. // // All Rights Reserved. // // http://www.softether.org/ // // Author: Daiyuu Nobori // Comments: Tetsuo Sugiyama, Ph.D. // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // version 2 as published by the Free Software Foundation. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License version 2 // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // // THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE // AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE. // // // THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN, // UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY, // MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS // SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS // SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER // CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL // DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING, // MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR // SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND // CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO // EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO, // JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION // AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN // THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE. // // USE ONLY IN JAPAN. DO NOT USE THIS SOFTWARE IN ANOTHER COUNTRY UNLESS // YOU HAVE A CONFIRMATION THAT THIS SOFTWARE DOES NOT VIOLATE ANY // CRIMINAL LAWS OR CIVIL RIGHTS IN THAT PARTICULAR COUNTRY. USING THIS // SOFTWARE IN OTHER COUNTRIES IS COMPLETELY AT YOUR OWN RISK. THE // SOFTETHER VPN PROJECT HAS DEVELOPED AND DISTRIBUTED THIS SOFTWARE TO // COMPLY ONLY WITH THE JAPANESE LAWS AND EXISTING CIVIL RIGHTS INCLUDING // PATENTS WHICH ARE SUBJECTS APPLY IN JAPAN. OTHER COUNTRIES' LAWS OR // CIVIL RIGHTS ARE NONE OF OUR CONCERNS NOR RESPONSIBILITIES. WE HAVE // NEVER INVESTIGATED ANY CRIMINAL REGULATIONS, CIVIL LAWS OR // INTELLECTUAL PROPERTY RIGHTS INCLUDING PATENTS IN ANY OF OTHER 200+ // COUNTRIES AND TERRITORIES. BY NATURE, THERE ARE 200+ REGIONS IN THE // WORLD, WITH DIFFERENT LAWS. IT IS IMPOSSIBLE TO VERIFY EVERY // COUNTRIES' LAWS, REGULATIONS AND CIVIL RIGHTS TO MAKE THE SOFTWARE // COMPLY WITH ALL COUNTRIES' LAWS BY THE PROJECT. EVEN IF YOU WILL BE // SUED BY A PRIVATE ENTITY OR BE DAMAGED BY A PUBLIC SERVANT IN YOUR // COUNTRY, THE DEVELOPERS OF THIS SOFTWARE WILL NEVER BE LIABLE TO // RECOVER OR COMPENSATE SUCH DAMAGES, CRIMINAL OR CIVIL // RESPONSIBILITIES. NOTE THAT THIS LINE IS NOT LICENSE RESTRICTION BUT // JUST A STATEMENT FOR WARNING AND DISCLAIMER. // // // SOURCE CODE CONTRIBUTION // ------------------------ // // Your contribution to SoftEther VPN Project is much appreciated. // Please send patches to us through GitHub. // Read the SoftEther VPN Patch Acceptance Policy in advance: // http://www.softether.org/5-download/src/9.patch // // // DEAR SECURITY EXPERTS // --------------------- // // If you find a bug or a security vulnerability please kindly inform us // about the problem immediately so that we can fix the security problem // to protect a lot of users around the world as soon as possible. // // Our e-mail address for security reports is: // softether-vpn-security [at] softether.org // // Please note that the above e-mail address is not a technical support // inquiry address. If you need technical assistance, please visit // http://www.softether.org/ and ask your question on the users forum. // // Thank you for your cooperation. // // // NO MEMORY OR RESOURCE LEAKS // --------------------------- // // The memory-leaks and resource-leaks verification under the stress // test has been passed before release this source code. // Encrypt.c // Encryption and digital certification routine #include #define ENCRYPT_C #define __WINCRYPT_H__ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef USE_INTEL_AESNI_LIBRARY #include #endif // USE_INTEL_AESNI_LIBRARY LOCK *openssl_lock = NULL; LOCK **ssl_lock_obj = NULL; UINT ssl_lock_num; static bool openssl_inited = false; static bool is_intel_aes_supported = false; static unsigned char *Internal_SHA0(const unsigned char *d, size_t n, unsigned char *md); // For the callback function typedef struct CB_PARAM { char *password; } CB_PARAM; // Copied from t1_enc.c of OpenSSL #define HMAC_Init_ex(ctx,sec,len,md,impl) HMAC_Init(ctx, sec, len, md) #define HMAC_CTX_cleanup(ctx) HMAC_cleanup(ctx) void Enc_tls1_P_hash(const EVP_MD *md, const unsigned char *sec, int sec_len, const unsigned char *seed, int seed_len, unsigned char *out, int olen) { int chunk,n; unsigned int j; HMAC_CTX ctx; HMAC_CTX ctx_tmp; unsigned char A1[EVP_MAX_MD_SIZE]; unsigned int A1_len; chunk=EVP_MD_size(md); Zero(&ctx, sizeof(ctx)); Zero(&ctx_tmp, sizeof(ctx_tmp)); HMAC_Init_ex(&ctx,sec,sec_len,md, NULL); HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL); HMAC_Update(&ctx,seed,seed_len); HMAC_Final(&ctx,A1,&A1_len); n=0; for (;;) { HMAC_Init_ex(&ctx,NULL,0,NULL,NULL); /* re-init */ HMAC_Init_ex(&ctx_tmp,NULL,0,NULL,NULL); /* re-init */ HMAC_Update(&ctx,A1,A1_len); HMAC_Update(&ctx_tmp,A1,A1_len); HMAC_Update(&ctx,seed,seed_len); if (olen > chunk) { HMAC_Final(&ctx,out,&j); out+=j; olen-=j; HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */ } else /* last one */ { HMAC_Final(&ctx,A1,&A1_len); memcpy(out,A1,olen); break; } } HMAC_CTX_cleanup(&ctx); HMAC_CTX_cleanup(&ctx_tmp); Zero (A1, sizeof(A1)); } void Enc_tls1_PRF(unsigned char *label, int label_len, const unsigned char *sec, int slen, unsigned char *out1, int olen) { const EVP_MD *md5 = EVP_md5(); const EVP_MD *sha1 = EVP_sha1(); int len,i; const unsigned char *S1,*S2; unsigned char *out2; out2 = (unsigned char *) Malloc (olen); len=slen/2; S1=sec; S2= &(sec[len]); len+=(slen&1); /* add for odd, make longer */ Enc_tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen); Enc_tls1_P_hash(sha1,S2,len,label,label_len,out2,olen); for (i=0; iBuf, tmp_data->Buf, tmp_data->Size); ret = NewBuf(); WriteBuf(ret, key, SHA1_SIZE); WriteBufBuf(ret, tmp_data); FreeCrypt(rc4); FreeBuf(tmp_data); SeekBufToBegin(ret); return ret; } // Easy decryption BUF *EasyDecrypt(BUF *src_buf) { UCHAR key[SHA1_SIZE]; BUF *tmp_buf; CRYPT *rc4; // Validate arguments if (src_buf == NULL) { return NULL; } SeekBufToBegin(src_buf); if (ReadBuf(src_buf, key, SHA1_SIZE) != SHA1_SIZE) { return NULL; } tmp_buf = ReadRemainBuf(src_buf); if (tmp_buf == NULL) { return NULL; } rc4 = NewCrypt(key, SHA1_SIZE); Encrypt(rc4, tmp_buf->Buf, tmp_buf->Buf, tmp_buf->Size); FreeCrypt(rc4); SeekBufToBegin(tmp_buf); return tmp_buf; } // Calculation of HMAC (MD5) void HMacMd5(void *dst, void *key, UINT key_size, void *data, UINT data_size) { UCHAR k[HMAC_BLOCK_SIZE]; UCHAR hash1[MD5_SIZE]; UCHAR data2[HMAC_BLOCK_SIZE]; MD5_CTX md5_ctx1; UCHAR pad1[HMAC_BLOCK_SIZE]; UINT i; // Validate arguments if (dst == NULL || (key == NULL && key_size != 0) || (data == NULL && data_size != 0)) { return; } // Creating a K if (key_size <= HMAC_BLOCK_SIZE) { for (i = 0;i < key_size;i++) { pad1[i] = ((UCHAR *)key)[i] ^ 0x36; } for (i = key_size;i < HMAC_BLOCK_SIZE;i++) { pad1[i] = 0 ^ 0x36; } } else { Zero(k, sizeof(k)); Hash(k, key, key_size, false); for (i = 0;i < HMAC_BLOCK_SIZE;i++) { pad1[i] = k[i] ^ 0x36; } } MD5_Init(&md5_ctx1); MD5_Update(&md5_ctx1, pad1, sizeof(pad1)); MD5_Update(&md5_ctx1, data, data_size); MD5_Final(hash1, &md5_ctx1); // Generation of data 2 if (key_size <= HMAC_BLOCK_SIZE) { for (i = 0;i < key_size;i++) { data2[i] = ((UCHAR *)key)[i] ^ 0x5c; } for (i = key_size;i < HMAC_BLOCK_SIZE;i++) { data2[i] = 0 ^ 0x5c; } } else { for (i = 0;i < HMAC_BLOCK_SIZE;i++) { data2[i] = k[i] ^ 0x5c; } } MD5_Init(&md5_ctx1); MD5_Update(&md5_ctx1, data2, HMAC_BLOCK_SIZE); MD5_Update(&md5_ctx1, hash1, MD5_SIZE); MD5_Final(dst, &md5_ctx1); } void HMacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) { HMacSha(SHA1_160, dst, key, key_size, data, data_size); } void HMacSha2_256(void *dst, void *key, UINT key_size, void *data, UINT data_size) { HMacSha(SHA2_256, dst, key, key_size, data, data_size); } void HMacSha2_384(void *dst, void *key, UINT key_size, void *data, UINT data_size) { HMacSha(SHA2_384, dst, key, key_size, data, data_size); } void HMacSha2_512(void *dst, void *key, UINT key_size, void *data, UINT data_size) { HMacSha(SHA2_512, dst, key, key_size, data, data_size); } // Calculation of HMAC (SHA-1) void HMacSha(UINT sha_type, void *dst, void *key, UINT key_size, void *data, UINT data_size) { UINT hmac_block_size; void* sha_ctx1; switch(sha_type) { case SHA1_160: sha_ctx1 = ZeroMalloc(sizeof(SHA_CTX)); hmac_block_size = HMAC_BLOCK_SIZE; break; case SHA2_256: sha_ctx1 = ZeroMalloc(sizeof(SHA256_CTX)); hmac_block_size = HMAC_BLOCK_SIZE; break; case SHA2_384: case SHA2_512: sha_ctx1 = ZeroMalloc(sizeof(SHA512_CTX)); hmac_block_size = HMAC_BLOCK_SIZE_1024; break; default: return; } UCHAR k[hmac_block_size]; UCHAR hash1[hmac_block_size]; UCHAR data2[hmac_block_size]; //SHA_CTX sha_ctx1; UCHAR pad1[hmac_block_size]; UINT i; // Validate arguments if (dst == NULL || (key == NULL && key_size != 0) || (data == NULL && data_size != 0)) { return; } // Creating a K if (key_size <= hmac_block_size) { for (i = 0;i < key_size;i++) { pad1[i] = ((UCHAR *)key)[i] ^ 0x36; } for (i = key_size;i < hmac_block_size;i++) { pad1[i] = 0 ^ 0x36; } } else { Zero(k, sizeof(k)); HashSha1(k, key, key_size); for (i = 0;i < hmac_block_size;i++) { pad1[i] = k[i] ^ 0x36; } } switch(sha_type) { case SHA1_160: SHA1_Init((SHA_CTX *)sha_ctx1); SHA1_Update((SHA_CTX *)sha_ctx1, pad1, sizeof(pad1)); SHA1_Update((SHA_CTX *)sha_ctx1, data, data_size); SHA1_Final(hash1, (SHA_CTX *)sha_ctx1); break; case SHA2_256: SHA256_Init((SHA256_CTX *)sha_ctx1); SHA256_Update((SHA256_CTX *)sha_ctx1, pad1, sizeof(pad1)); SHA256_Update((SHA256_CTX *)sha_ctx1, data, data_size); SHA256_Final(hash1, (SHA256_CTX *)sha_ctx1); break; case SHA2_384: SHA384_Init((SHA512_CTX *)sha_ctx1); SHA384_Update((SHA512_CTX *)sha_ctx1, pad1, sizeof(pad1)); SHA384_Update((SHA512_CTX *)sha_ctx1, data, data_size); SHA384_Final(hash1, (SHA512_CTX *)sha_ctx1); break; case SHA2_512: SHA512_Init((SHA512_CTX *)sha_ctx1); SHA512_Update((SHA512_CTX *)sha_ctx1, pad1, sizeof(pad1)); SHA512_Update((SHA512_CTX *)sha_ctx1, data, data_size); SHA512_Final(hash1, (SHA512_CTX *)sha_ctx1); break; } // Generation of data 2 if (key_size <= hmac_block_size) { for (i = 0;i < key_size;i++) { data2[i] = ((UCHAR *)key)[i] ^ 0x5c; } for (i = key_size;i < hmac_block_size;i++) { data2[i] = 0 ^ 0x5c; } } else { for (i = 0;i < hmac_block_size;i++) { data2[i] = k[i] ^ 0x5c; } } switch(sha_type) { case SHA1_160: SHA1_Init((SHA_CTX *)sha_ctx1); SHA1_Update((SHA_CTX *)sha_ctx1, data2, hmac_block_size); SHA1_Update((SHA_CTX *)sha_ctx1, hash1, SHA1_SIZE); SHA1_Final(dst, (SHA_CTX *)sha_ctx1); break; case SHA2_256: SHA256_Init((SHA256_CTX *)sha_ctx1); SHA256_Update((SHA256_CTX *)sha_ctx1, data2, hmac_block_size); SHA256_Update((SHA256_CTX *)sha_ctx1, hash1, SHA256_SIZE); SHA256_Final(dst, (SHA256_CTX *)sha_ctx1); break; case SHA2_384: SHA384_Init((SHA512_CTX *)sha_ctx1); SHA384_Update((SHA512_CTX *)sha_ctx1, data2, hmac_block_size); SHA384_Update((SHA512_CTX *)sha_ctx1, hash1, SHA384_SIZE); SHA384_Final(dst, (SHA512_CTX *)sha_ctx1); break; case SHA2_512: SHA512_Init((SHA512_CTX *)sha_ctx1); SHA512_Update((SHA512_CTX *)sha_ctx1, data2, hmac_block_size); SHA512_Update((SHA512_CTX *)sha_ctx1, hash1, SHA512_SIZE); SHA512_Final(dst, (SHA512_CTX *)sha_ctx1); break; } Free(sha_ctx1); } // Calculate the HMAC void MdProcess(MD *md, void *dest, void *src, UINT size) { int r; // Validate arguments if (md == NULL || dest == NULL || (src != NULL && size == 0)) { return; } HMAC_Init(md->Ctx, NULL, 0, NULL); HMAC_Update(md->Ctx, src, size); r = 0; HMAC_Final(md->Ctx, dest, &r); } // Set the key to the message digest object void SetMdKey(MD *md, void *key, UINT key_size) { // Validate arguments if (md == NULL || (key != NULL && key_size == 0)) { return; } HMAC_Init(md->Ctx, key, key_size, md->Md); } // Creating a message digest object MD *NewMd(char *name) { MD *m; // Validate arguments if (name == NULL) { return NULL; } m = ZeroMalloc(sizeof(MD)); StrCpy(m->Name, sizeof(m->Name), name); m->Md = EVP_get_digestbyname(name); if (m->Md == NULL) { FreeMd(m); return NULL; } m->Ctx = ZeroMalloc(sizeof(struct hmac_ctx_st)); HMAC_CTX_init(m->Ctx); m->Size = EVP_MD_size(m->Md); return m; } // Release of the message digest object void FreeMd(MD *md) { // Validate arguments if (md == NULL) { return; } if (md->Ctx != NULL) { HMAC_CTX_cleanup(md->Ctx); Free(md->Ctx); } Free(md); } // Creating a cipher object CIPHER *NewCipher(char *name) { CIPHER *c; // Validate arguments if (name == NULL) { return NULL; } c = ZeroMalloc(sizeof(CIPHER)); StrCpy(c->Name, sizeof(c->Name), name); if (StrCmpi(name, "[null-cipher]") == 0 || StrCmpi(name, "NULL") == 0 || IsEmptyStr(name)) { c->IsNullCipher = true; return c; } c->Cipher = EVP_get_cipherbyname(c->Name); if (c->Cipher == NULL) { FreeCipher(c); return NULL; } c->Ctx = ZeroMalloc(sizeof(struct evp_cipher_ctx_st)); EVP_CIPHER_CTX_init(c->Ctx); c->BlockSize = EVP_CIPHER_block_size(c->Cipher); c->KeySize = EVP_CIPHER_key_length(c->Cipher); c->IvSize = EVP_CIPHER_iv_length(c->Cipher); return c; } // Set the key to the cipher object void SetCipherKey(CIPHER *c, void *key, bool enc) { // Validate arguments if (c == NULL || key == NULL) { return; } if (c->IsNullCipher == false) { if (c->Ctx != NULL) { EVP_CipherInit(c->Ctx, c->Cipher, key, NULL, enc); } } c->Encrypt = enc; } // Process encryption / decryption UINT CipherProcess(CIPHER *c, void *iv, void *dest, void *src, UINT size) { int r = size; int r2 = 0; if (c != NULL && c->IsNullCipher) { if (dest != src) { Copy(dest, src, size); } return size; } // Validate arguments if (c == NULL || iv == NULL || dest == NULL || src == NULL || size == 0) { return 0; } if (EVP_CipherInit(c->Ctx, NULL, NULL, iv, c->Encrypt) == 0) { return 0; } if (EVP_CipherUpdate(c->Ctx, dest, &r, src, size) == 0) { return 0; } if (EVP_CipherFinal(c->Ctx, ((UCHAR *)dest) + (UINT)r, &r2) == 0) { return 0; } return r + r2; } // Release of the cipher object void FreeCipher(CIPHER *c) { // Validate arguments if (c == NULL) { return; } if (c->Ctx != NULL) { EVP_CIPHER_CTX_cleanup(c->Ctx); Free(c->Ctx); } Free(c); } // Verify whether the certificate is disabled by CRL in a particular directory bool IsXRevoked(X *x) { char dirname[MAX_PATH]; UINT i; bool ret = false; DIRLIST *t; // Validate arguments if (x == NULL) { return false; } GetExeDir(dirname, sizeof(dirname)); // Search the CRL file t = EnumDir(dirname); for (i = 0;i < t->NumFiles;i++) { char *name = t->File[i]->FileName; if (t->File[i]->Folder == false) { if (EndWith(name, ".crl")) { char filename[MAX_PATH]; X_CRL *r; ConbinePath(filename, sizeof(filename), dirname, name); r = FileToXCrl(filename); if (r != NULL) { if (IsXRevokedByXCrl(x, r)) { ret = true; } FreeXCrl(r); } } } } FreeDir(t); return ret; } // Verify whether the certificate is disabled by the CRL bool IsXRevokedByXCrl(X *x, X_CRL *r) { #ifdef OS_WIN32 X509_REVOKED tmp; X509_CRL_INFO *info; int index; // Validate arguments if (x == NULL || r == NULL) { return false; } Zero(&tmp, sizeof(tmp)); tmp.serialNumber = X509_get_serialNumber(x->x509); info = r->Crl->crl; if (sk_X509_REVOKED_is_sorted(info->revoked) == false) { sk_X509_REVOKED_sort(info->revoked); } index = sk_X509_REVOKED_find(info->revoked, &tmp); if (index < 0) { return false; } else { return true; } #else // OS_WIN32 return false; #endif // OS_WIN32 } // Release of the CRL void FreeXCrl(X_CRL *r) { // Validate arguments if (r == NULL) { return; } X509_CRL_free(r->Crl); Free(r); } // Convert a file to a CRL X_CRL *FileToXCrl(char *filename) { wchar_t *filename_w = CopyStrToUni(filename); X_CRL *ret = FileToXCrlW(filename_w); Free(filename_w); return ret; } X_CRL *FileToXCrlW(wchar_t *filename) { BUF *b; X_CRL *r; // Validate arguments if (filename == NULL) { return NULL; } b = ReadDumpW(filename); if (b == NULL) { return NULL; } r = BufToXCrl(b); FreeBuf(b); return r; } // Convert the buffer to the CRL X_CRL *BufToXCrl(BUF *b) { X_CRL *r; X509_CRL *x509crl; BIO *bio; // Validate arguments if (b == NULL) { return NULL; } bio = BufToBio(b); if (bio == NULL) { return NULL; } x509crl = NULL; if (d2i_X509_CRL_bio(bio, &x509crl) == NULL || x509crl == NULL) { FreeBio(bio); return NULL; } r = ZeroMalloc(sizeof(X_CRL)); r->Crl = x509crl; FreeBio(bio); return r; } // Convert the buffer to the public key K *RsaBinToPublic(void *data, UINT size) { RSA *rsa; K *k; BIO *bio; // Validate arguments if (data == NULL || size < 4) { return NULL; } rsa = RSA_new(); if (rsa->e != NULL) { BN_free(rsa->e); } rsa->e = BN_new(); BN_set_word(rsa->e, RSA_F4); if (rsa->n != NULL) { BN_free(rsa->n); } rsa->n = BinToBigNum(data, size); bio = NewBio(); Lock(openssl_lock); { i2d_RSA_PUBKEY_bio(bio, rsa); } Unlock(openssl_lock); BIO_seek(bio, 0); k = BioToK(bio, false, false, NULL); FreeBio(bio); RSA_free(rsa); return k; } // Convert the public key to a buffer BUF *RsaPublicToBuf(K *k) { BUF *b; // Validate arguments if (k == NULL || k->pkey == NULL || k->pkey->pkey.rsa == NULL || k->pkey->pkey.rsa->n == NULL) { return NULL; } b = BigNumToBuf(k->pkey->pkey.rsa->n); if (b == NULL) { return NULL; } return b; } // Convert the public key to a binary void RsaPublicToBin(K *k, void *data) { BUF *b; // Validate arguments if (k == NULL || k->pkey == NULL || k->pkey->pkey.rsa == NULL || k->pkey->pkey.rsa->n == NULL || data == NULL) { return; } b = BigNumToBuf(k->pkey->pkey.rsa->n); if (b == NULL) { return; } Copy(data, b->Buf, b->Size); FreeBuf(b); } // Get public key size UINT RsaPublicSize(K *k) { BUF *b; UINT ret; // Validate arguments if (k == NULL || k->pkey == NULL || k->pkey->pkey.rsa == NULL || k->pkey->pkey.rsa->n == NULL) { return 0; } b = BigNumToBuf(k->pkey->pkey.rsa->n); if (b == NULL) { return 0; } ret = b->Size; FreeBuf(b); return ret; } // Stupid test void CertTest2() { } // Yagi test void CertTest() { } // Test function related to certificate void CertTest_() { } // Hash a pointer to a 32-bit UINT HashPtrToUINT(void *p) { UCHAR hash_data[MD5_SIZE]; UINT ret; // Validate arguments if (p == NULL) { return 0; } Hash(hash_data, &p, sizeof(p), false); Copy(&ret, hash_data, sizeof(ret)); return ret; } // Copy of the NAME NAME *CopyName(NAME *n) { // Validate arguments if (n == NULL) { return NULL; } return NewName(n->CommonName, n->Organization, n->Unit, n->Country, n->State, n->Local); } // Convert a BIGNUM to a string char *BigNumToStr(BIGNUM *bn) { BIO *bio; BUF *b; char *ret; // Validate arguments if (bn == NULL) { return NULL; } bio = NewBio(); BN_print(bio, bn); b = BioToBuf(bio); FreeBio(bio); ret = ZeroMalloc(b->Size + 1); Copy(ret, b->Buf, b->Size); FreeBuf(b); return ret; } // Convert the binary to the BIGNUM BIGNUM *BinToBigNum(void *data, UINT size) { BIGNUM *bn; // Validate arguments if (data == NULL) { return NULL; } bn = BN_new(); BN_bin2bn(data, size, bn); return bn; } // Convert the buffer to a BIGNUM BIGNUM *BufToBigNum(BUF *b) { if (b == NULL) { return NULL; } return BinToBigNum(b->Buf, b->Size); } // Convert a BIGNUM to a buffer BUF *BigNumToBuf(BIGNUM *bn) { UINT size; UCHAR *tmp; BUF *b; // Validate arguments if (bn == NULL) { return NULL; } size = BN_num_bytes(bn); tmp = ZeroMalloc(size); BN_bn2bin(bn, tmp); b = NewBuf(); WriteBuf(b, tmp, size); Free(tmp); SeekBuf(b, 0, 0); return b; } // Initialization of the lock of OpenSSL void OpenSSL_InitLock() { UINT i; // Initialization of the lock object ssl_lock_num = CRYPTO_num_locks(); ssl_lock_obj = Malloc(sizeof(LOCK *) * ssl_lock_num); for (i = 0;i < ssl_lock_num;i++) { ssl_lock_obj[i] = NewLock(); } // Setting the lock function CRYPTO_set_locking_callback(OpenSSL_Lock); CRYPTO_set_id_callback(OpenSSL_Id); } // Release of the lock of OpenSSL void OpenSSL_FreeLock() { UINT i; for (i = 0;i < ssl_lock_num;i++) { DeleteLock(ssl_lock_obj[i]); } Free(ssl_lock_obj); ssl_lock_obj = NULL; CRYPTO_set_locking_callback(NULL); CRYPTO_set_id_callback(NULL); } // Lock function for OpenSSL void OpenSSL_Lock(int mode, int n, const char *file, int line) { LOCK *lock = ssl_lock_obj[n]; if (mode & CRYPTO_LOCK) { // Lock Lock(lock); } else { // Unlock Unlock(lock); } } // Return the thread ID unsigned long OpenSSL_Id(void) { return (unsigned long)ThreadId(); } // Get the display name of the certificate void GetPrintNameFromX(wchar_t *str, UINT size, X *x) { // Validate arguments if (x == NULL || str == NULL) { return; } GetPrintNameFromName(str, size, x->subject_name); } void GetPrintNameFromXA(char *str, UINT size, X *x) { wchar_t tmp[MAX_SIZE]; // Validate arguments if (str == NULL || x == NULL) { return; } GetPrintNameFromX(tmp, sizeof(tmp), x); UniToStr(str, size, tmp); } void GetAllNameFromXEx(wchar_t *str, UINT size, X *x) { // Validate arguments if (x == NULL || str == NULL) { return; } GetAllNameFromNameEx(str, size, x->subject_name); } void GetAllNameFromXExA(char *str, UINT size, X *x) { wchar_t tmp[MAX_SIZE]; // Validate arguments if (str == NULL || x == NULL) { return; } GetAllNameFromXEx(tmp, sizeof(tmp), x); UniToStr(str, size, tmp); } // Get the display name from NAME void GetPrintNameFromName(wchar_t *str, UINT size, NAME *name) { // Validate arguments if (str == NULL || name == NULL) { return; } if (name->CommonName != NULL) { UniStrCpy(str, size, name->CommonName); } else if (name->Organization != NULL) { UniStrCpy(str, size, name->Organization); } else if (name->Unit != NULL) { UniStrCpy(str, size, name->Unit); } else if (name->State != NULL) { UniStrCpy(str, size, name->State); } else if (name->Local != NULL) { UniStrCpy(str, size, name->Local); } else if (name->Country != NULL) { UniStrCpy(str, size, name->Country); } else { UniStrCpy(str, size, L"untitled"); } } // Get all the name strings from the certificate void GetAllNameFromX(wchar_t *str, UINT size, X *x) { UCHAR md5[MD5_SIZE], sha1[SHA1_SIZE]; char tmp1[MD5_SIZE * 3 + 8], tmp2[SHA1_SIZE * 3 + 8]; wchar_t tmp3[sizeof(tmp1) + sizeof(tmp2) + 64]; // Validate arguments if (str == NULL || x == NULL) { return; } GetAllNameFromName(str, size, x->subject_name); if (x->serial != NULL && x->serial->size >= 1) { char tmp[128]; wchar_t tmp2[128]; BinToStr(tmp, sizeof(tmp), x->serial->data, x->serial->size); UniFormat(tmp2, sizeof(tmp2), L", SERIAL=\"%S\"", tmp); UniStrCat(str, size, tmp2); } // Digest value GetXDigest(x, md5, false); GetXDigest(x, sha1, true); BinToStr(tmp1, sizeof(tmp1), md5, MD5_SIZE); BinToStr(tmp2, sizeof(tmp2), sha1, SHA1_SIZE); UniFormat(tmp3, sizeof(tmp3), L" (Digest: MD5=\"%S\", SHA1=\"%S\")", tmp1, tmp2); UniStrCat(str, size, tmp3); } void GetAllNameFromA(char *str, UINT size, X *x) { wchar_t tmp[MAX_SIZE]; // Validate arguments if (str == NULL || x == NULL) { return; } GetAllNameFromX(tmp, sizeof(tmp), x); UniToStr(str, size, tmp); } // Get the all name strings from NAME void GetAllNameFromName(wchar_t *str, UINT size, NAME *name) { UniStrCpy(str, size, L""); // Validate arguments if (str == NULL || name == NULL) { return; } if (name->CommonName != NULL) { UniFormat(str, size, L"%sCN=%s, ", str, name->CommonName); } if (name->Organization != NULL) { UniFormat(str, size, L"%sO=%s, ", str, name->Organization); } if (name->Unit != NULL) { UniFormat(str, size, L"%sOU=%s, ", str, name->Unit); } if (name->State != NULL) { UniFormat(str, size, L"%sS=%s, ", str, name->State); } if (name->Local != NULL) { UniFormat(str, size, L"%sL=%s, ", str, name->Local); } if (name->Country != NULL) { UniFormat(str, size, L"%sC=%s, ", str, name->Country); } if (UniStrLen(str) >= 3) { UINT len = UniStrLen(str); if (str[len - 2] == L',' && str[len - 1] == L' ') { str[len - 2] = 0; } } } void GetAllNameFromNameEx(wchar_t *str, UINT size, NAME *name) { // Validate arguments if (str == NULL || name == NULL) { return; } UniStrCpy(str, size, L""); if (name->CommonName != NULL) { UniFormat(str, size, L"%s%s, ", str, name->CommonName); } if (name->Organization != NULL) { UniFormat(str, size, L"%s%s, ", str, name->Organization); } if (name->Unit != NULL) { UniFormat(str, size, L"%s%s, ", str, name->Unit); } if (name->State != NULL) { UniFormat(str, size, L"%s%s, ", str, name->State); } if (name->Local != NULL) { UniFormat(str, size, L"%s%s, ", str, name->Local); } if (name->Country != NULL) { UniFormat(str, size, L"%s%s, ", str, name->Country); } if (UniStrLen(str) >= 3) { UINT len = UniStrLen(str); if (str[len - 2] == L',' && str[len - 1] == L' ') { str[len - 2] = 0; } } } // Clone of the key K *CloneK(K *k) { BUF *b; K *ret; // Validate arguments if (k == NULL) { return NULL; } b = KToBuf(k, false, NULL); if (b == NULL) { return NULL; } ret = BufToK(b, k->private_key, false, NULL); FreeBuf(b); return ret; } // Clone of certificate X *CloneX(X *x) { BUF *b; X *ret; // Validate arguments if (x == NULL) { return NULL; } b = XToBuf(x, false); if (b == NULL) { return NULL; } ret = BufToX(b, false); FreeBuf(b); return ret; } // Generate a P12 P12 *NewP12(X *x, K *k, char *password) { PKCS12 *pkcs12; P12 *p12; // Validate arguments if (x == NULL || k == NULL) { return false; } if (password && StrLen(password) == 0) { password = NULL; } Lock(openssl_lock); { pkcs12 = PKCS12_create(password, NULL, k->pkey, x->x509, NULL, 0, 0, 0, 0, 0); if (pkcs12 == NULL) { Unlock(openssl_lock); return NULL; } } Unlock(openssl_lock); p12 = PKCS12ToP12(pkcs12); return p12; } // Check whether the P12 is encrypted bool IsEncryptedP12(P12 *p12) { X *x; K *k; // Validate arguments if (p12 == NULL) { return false; } if (ParseP12(p12, &x, &k, NULL) == true) { FreeX(x); FreeK(k); return false; } return true; } // Extract the X and the K from the P12 bool ParseP12(P12 *p12, X **x, K **k, char *password) { EVP_PKEY *pkey; X509 *x509; // Validate arguments if (p12 == NULL || x == NULL || k == NULL) { return false; } if (password && StrLen(password) == 0) { password = NULL; } if (password == NULL) { password = ""; } // Password confirmation Lock(openssl_lock); { if (PKCS12_verify_mac(p12->pkcs12, password, -1) == false && PKCS12_verify_mac(p12->pkcs12, NULL, -1) == false) { Unlock(openssl_lock); return false; } } Unlock(openssl_lock); // Extraction Lock(openssl_lock); { if (PKCS12_parse(p12->pkcs12, password, &pkey, &x509, NULL) == false) { if (PKCS12_parse(p12->pkcs12, NULL, &pkey, &x509, NULL) == false) { Unlock(openssl_lock); return false; } } } Unlock(openssl_lock); // Conversion *x = X509ToX(x509); if (*x == NULL) { FreePKey(pkey); return false; } *k = ZeroMalloc(sizeof(K)); (*k)->private_key = true; (*k)->pkey = pkey; return true; } // Write the P12 to a file bool P12ToFile(P12 *p12, char *filename) { wchar_t *filename_w = CopyStrToUni(filename); bool ret = P12ToFileW(p12, filename_w); return ret; } bool P12ToFileW(P12 *p12, wchar_t *filename) { BUF *b; // Validate arguments if (p12 == NULL || filename == NULL) { return false; } b = P12ToBuf(p12); if (b == NULL) { return false; } if (DumpBufW(b, filename) == false) { FreeBuf(b); return false; } FreeBuf(b); return true; } // Read a P12 from the file P12 *FileToP12(char *filename) { wchar_t *filename_w = CopyStrToUni(filename); P12 *ret = FileToP12W(filename_w); Free(filename_w); return ret; } P12 *FileToP12W(wchar_t *filename) { BUF *b; P12 *p12; // Validate arguments if (filename == NULL) { return NULL; } b = ReadDumpW(filename); if (b == NULL) { return NULL; } p12 = BufToP12(b); FreeBuf(b); return p12; } // Release of P12 void FreeP12(P12 *p12) { // Validate arguments if (p12 == NULL) { return; } FreePKCS12(p12->pkcs12); Free(p12); } // Release of PKCS12 void FreePKCS12(PKCS12 *pkcs12) { // Validate arguments if (pkcs12 == NULL) { return; } PKCS12_free(pkcs12); } // Converted the P12 to a BUF BUF *P12ToBuf(P12 *p12) { BIO *bio; BUF *buf; // Validate arguments if (p12 == NULL) { return NULL; } bio = P12ToBio(p12); if (bio == NULL) { return NULL; } buf = BioToBuf(bio); FreeBio(bio); SeekBuf(buf, 0, 0); return buf; } // Converted the P12 to a BIO BIO *P12ToBio(P12 *p12) { BIO *bio; // Validate arguments if (p12 == NULL) { return NULL; } bio = NewBio(); Lock(openssl_lock); { i2d_PKCS12_bio(bio, p12->pkcs12); } Unlock(openssl_lock); return bio; } // Read the P12 from the BUF P12 *BufToP12(BUF *b) { P12 *p12; BIO *bio; // Validate arguments if (b == NULL) { return NULL; } bio = BufToBio(b); if (bio == NULL) { return NULL; } p12 = BioToP12(bio); FreeBio(bio); return p12; } // Read the P12 from the BIO P12 *BioToP12(BIO *bio) { PKCS12 *pkcs12; // Validate arguments if (bio == NULL) { return NULL; } // Conversion Lock(openssl_lock); { pkcs12 = d2i_PKCS12_bio(bio, NULL); } Unlock(openssl_lock); if (pkcs12 == NULL) { // Failure return NULL; } return PKCS12ToP12(pkcs12); } // Generate a P12 from a PKCS12 P12 *PKCS12ToP12(PKCS12 *pkcs12) { P12 *p12; // Validate arguments if (pkcs12 == NULL) { return NULL; } p12 = ZeroMalloc(sizeof(P12)); p12->pkcs12 = pkcs12; return p12; } // Convert a binary to a string char *ByteToStr(BYTE *src, UINT src_size) { UINT size; char *dst; UINT i; // Validate arguments if (src == NULL) { return NULL; } size = MAX(src_size * 3, 1); dst = Malloc(size); dst[size - 1] = 0; for (i = 0;i < src_size;i++) { char tmp[3]; Format(tmp, sizeof(tmp), "%02x", src[i]); dst[i * 3 + 0] = tmp[0]; dst[i * 3 + 1] = tmp[1]; dst[i * 3 + 2] = ((i == (src_size - 1) ? 0 : ' ')); } return dst; } // Release of X_SERIAL void FreeXSerial(X_SERIAL *serial) { // Validate arguments if (serial == NULL) { return; } Free(serial->data); Free(serial); } // Comparison of X_SERIAL bool CompareXSerial(X_SERIAL *s1, X_SERIAL *s2) { // Validate arguments if (s1 == NULL || s2 == NULL) { return false; } if (s1->size != s2->size) { return false; } if (Cmp(s1->data, s2->data, s1->size) != 0) { return false; } return true; } // Copy of X_SERIAL X_SERIAL *CloneXSerial(X_SERIAL *src) { X_SERIAL *s; // Validate arguments if (src == NULL) { return NULL; } s = ZeroMalloc(sizeof(X_SERIAL)); s->data = ZeroMalloc(src->size); Copy(s->data, src->data, src->size); s->size = src->size; return s; } // Initialization of X_SERIAL X_SERIAL *NewXSerial(void *data, UINT size) { X_SERIAL *serial; UCHAR *buf = (UCHAR *)data; UINT i; // Validate arguments if (data == NULL || size == 0) { return NULL; } for (i = 0;i < size;i++) { if (buf[i] != 0) { break; } } if (i == size) { i = size - 1; } buf += i; serial = Malloc(sizeof(X_SERIAL)); serial->size = size - i; serial->data = ZeroMalloc(size + 16); Copy(serial->data, buf, size - i); return serial; } // Get the number of days till January 1, 2038 UINT GetDaysUntil2038() { UINT64 now = SystemTime64(); UINT64 target; SYSTEMTIME st; Zero(&st, sizeof(st)); st.wYear = 2038; st.wMonth = 1; st.wDay = 1; target = SystemToUINT64(&st); if (now >= target) { return 0; } else { return (UINT)((target - now) / (UINT64)(1000 * 60 * 60 * 24)); } } UINT GetDaysUntil2038Ex() { SYSTEMTIME now; Zero(&now, sizeof(now)); SystemTime(&now); if (now.wYear >= 2030) { UINT64 now = SystemTime64(); UINT64 target; SYSTEMTIME st; Zero(&st, sizeof(st)); st.wYear = 2049; st.wMonth = 12; st.wDay = 30; target = SystemToUINT64(&st); if (now >= target) { return 0; } else { return (UINT)((target - now) / (UINT64)(1000 * 60 * 60 * 24)); } } else { return GetDaysUntil2038(); } } // Issue an X509 certificate X *NewX(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial) { X509 *x509; X *x; // Validate arguments if (pub == NULL || priv == NULL || name == NULL || ca == NULL) { return NULL; } x509 = NewX509(pub, priv, ca, name, days, serial); if (x509 == NULL) { return NULL; } x = X509ToX(x509); if (x == NULL) { return NULL; } return x; } // Create a root certificate X *NewRootX(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial) { X509 *x509; X *x, *x2; // Validate arguments if (pub == NULL || priv == NULL || name == NULL) { return NULL; } x509 = NewRootX509(pub, priv, name, days, serial); if (x509 == NULL) { return NULL; } x = X509ToX(x509); if (x == NULL) { return NULL; } x2 = CloneX(x); FreeX(x); return x2; } // Create new X509 basic & extended key usage void AddKeyUsageX509(EXTENDED_KEY_USAGE *ex, int nid) { ASN1_OBJECT *obj; // Validate arguments if (ex == NULL) { return; } obj = OBJ_nid2obj(nid); if (obj != NULL) { sk_ASN1_OBJECT_push(ex, obj); } } X509_EXTENSION *NewExtendedKeyUsageForX509() { EXTENDED_KEY_USAGE *ex = sk_ASN1_OBJECT_new_null(); X509_EXTENSION *ret; AddKeyUsageX509(ex, NID_server_auth); AddKeyUsageX509(ex, NID_client_auth); AddKeyUsageX509(ex, NID_code_sign); AddKeyUsageX509(ex, NID_email_protect); AddKeyUsageX509(ex, NID_ipsecEndSystem); AddKeyUsageX509(ex, NID_ipsecTunnel); AddKeyUsageX509(ex, NID_ipsecUser); AddKeyUsageX509(ex, NID_time_stamp); AddKeyUsageX509(ex, NID_OCSP_sign); ret = X509V3_EXT_i2d(NID_ext_key_usage, 0, ex); sk_ASN1_OBJECT_pop_free(ex, ASN1_OBJECT_free); return ret; } void BitStringSetBit(ASN1_BIT_STRING *str, int bit) { // Validate arguments if (str == NULL) { return; } ASN1_BIT_STRING_set_bit(str, bit, 1); } X509_EXTENSION *NewBasicKeyUsageForX509() { X509_EXTENSION *ret = NULL; ASN1_BIT_STRING *str; str = ASN1_BIT_STRING_new(); if (str != NULL) { BitStringSetBit(str, 0); // KU_DIGITAL_SIGNATURE BitStringSetBit(str, 1); // KU_NON_REPUDIATION BitStringSetBit(str, 2); // KU_KEY_ENCIPHERMENT BitStringSetBit(str, 3); // KU_DATA_ENCIPHERMENT //BitStringSetBit(str, 4); // KU_KEY_AGREEMENT BitStringSetBit(str, 5); // KU_KEY_CERT_SIGN BitStringSetBit(str, 6); // KU_CRL_SIGN ret = X509V3_EXT_i2d(NID_key_usage, 0, str); ASN1_BIT_STRING_free(str); } return ret; } // Issue an X509 certificate X509 *NewX509(K *pub, K *priv, X *ca, NAME *name, UINT days, X_SERIAL *serial) { X509 *x509; UINT64 notBefore, notAfter; ASN1_TIME *t1, *t2; X509_NAME *subject_name, *issuer_name; X509_EXTENSION *ex = NULL; X509_EXTENSION *eku = NULL; X509_EXTENSION *busage = NULL; // Validate arguments if (pub == NULL || name == NULL || ca == NULL) { return NULL; } if (pub->private_key != false) { return NULL; } if (priv->private_key == false) { return NULL; } notBefore = SystemTime64(); notAfter = notBefore + (UINT64)days * (UINT64)3600 * (UINT64)24 * (UINT64)1000; // Creating a X509 x509 = X509_new(); if (x509 == NULL) { return NULL; } // Make it a v3 certificate X509_set_version(x509, 2L); // Set the Expiration t1 = X509_get_notBefore(x509); t2 = X509_get_notAfter(x509); if (!UINT64ToAsn1Time(t1, notBefore)) { FreeX509(x509); return NULL; } if (!UINT64ToAsn1Time(t2, notAfter)) { FreeX509(x509); return NULL; } // Set the name subject_name = NameToX509Name(name); if (subject_name == NULL) { FreeX509(x509); return NULL; } issuer_name = X509_get_subject_name(ca->x509); if (issuer_name == NULL) { FreeX509Name(subject_name); FreeX509(x509); return NULL; } X509_set_issuer_name(x509, issuer_name); X509_set_subject_name(x509, subject_name); FreeX509Name(subject_name); // Set the Serial Number if (serial == NULL) { char zero = 0; ASN1_INTEGER *s = x509->cert_info->serialNumber; OPENSSL_free(s->data); s->data = OPENSSL_malloc(sizeof(char)); Copy(s->data, &zero, sizeof(char)); s->length = sizeof(char); } else { ASN1_INTEGER *s = x509->cert_info->serialNumber; OPENSSL_free(s->data); s->data = OPENSSL_malloc(serial->size); Copy(s->data, serial->data, serial->size); s->length = serial->size; } /* // Extensions ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, "critical,CA:TRUE"); X509_add_ext(x509, ex, -1); X509_EXTENSION_free(ex); */ // Basic usage busage = NewBasicKeyUsageForX509(); if (busage != NULL) { X509_add_ext(x509, busage, -1); X509_EXTENSION_free(busage); } // EKU eku = NewExtendedKeyUsageForX509(); if (eku != NULL) { X509_add_ext(x509, eku, -1); X509_EXTENSION_free(eku); } Lock(openssl_lock); { // Set the public key X509_set_pubkey(x509, pub->pkey); // Signature // 2014.3.19 set the initial digest algorithm to SHA-256 X509_sign(x509, priv->pkey, EVP_sha256()); } Unlock(openssl_lock); return x509; } // Create an X509 root certificate X509 *NewRootX509(K *pub, K *priv, NAME *name, UINT days, X_SERIAL *serial) { X509 *x509; UINT64 notBefore, notAfter; ASN1_TIME *t1, *t2; X509_NAME *subject_name, *issuer_name; X509_EXTENSION *ex = NULL; X509_EXTENSION *eku = NULL; X509_EXTENSION *busage = NULL; // Validate arguments if (pub == NULL || name == NULL || priv == NULL) { return NULL; } if (days == 0) { days = 365; } if (priv->private_key == false) { return NULL; } if (pub->private_key != false) { return NULL; } notBefore = SystemTime64(); notAfter = notBefore + (UINT64)days * (UINT64)3600 * (UINT64)24 * (UINT64)1000; // Creating a X509 x509 = X509_new(); if (x509 == NULL) { return NULL; } // Make it a v3 certificate X509_set_version(x509, 2L); // Set the Expiration t1 = X509_get_notBefore(x509); t2 = X509_get_notAfter(x509); if (!UINT64ToAsn1Time(t1, notBefore)) { FreeX509(x509); return NULL; } if (!UINT64ToAsn1Time(t2, notAfter)) { FreeX509(x509); return NULL; } // Set the name subject_name = NameToX509Name(name); if (subject_name == NULL) { FreeX509(x509); return NULL; } issuer_name = NameToX509Name(name); if (issuer_name == NULL) { FreeX509Name(subject_name); FreeX509(x509); return NULL; } X509_set_issuer_name(x509, issuer_name); X509_set_subject_name(x509, subject_name); FreeX509Name(subject_name); FreeX509Name(issuer_name); // Set a Serial Number if (serial == NULL) { char zero = 0; ASN1_INTEGER *s = x509->cert_info->serialNumber; OPENSSL_free(s->data); s->data = OPENSSL_malloc(sizeof(char)); Copy(s->data, &zero, sizeof(char)); s->length = sizeof(char); } else { ASN1_INTEGER *s = x509->cert_info->serialNumber; OPENSSL_free(s->data); s->data = OPENSSL_malloc(serial->size); Copy(s->data, serial->data, serial->size); s->length = serial->size; } // Extensions ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints, "critical,CA:TRUE"); X509_add_ext(x509, ex, -1); X509_EXTENSION_free(ex); // Basic usage busage = NewBasicKeyUsageForX509(); if (busage != NULL) { X509_add_ext(x509, busage, -1); X509_EXTENSION_free(busage); } // EKU eku = NewExtendedKeyUsageForX509(); if (eku != NULL) { X509_add_ext(x509, eku, -1); X509_EXTENSION_free(eku); } Lock(openssl_lock); { // Set the public key X509_set_pubkey(x509, pub->pkey); // Signature // 2014.3.19 set the initial digest algorithm to SHA-256 X509_sign(x509, priv->pkey, EVP_sha256()); } Unlock(openssl_lock); return x509; } // Convert the NAMEto a X509_NAME void *NameToX509Name(NAME *nm) { X509_NAME *xn; // Validate arguments if (nm == NULL) { return NULL; } xn = X509_NAME_new(); if (xn == NULL) { return NULL; } // Add the entries AddX509Name(xn, NID_commonName, nm->CommonName); AddX509Name(xn, NID_organizationName, nm->Organization); AddX509Name(xn, NID_organizationalUnitName, nm->Unit); AddX509Name(xn, NID_countryName, nm->Country); AddX509Name(xn, NID_stateOrProvinceName, nm->State); AddX509Name(xn, NID_localityName, nm->Local); return xn; } // Add an entry to the X509_NAME bool AddX509Name(void *xn, int nid, wchar_t *str) { X509_NAME *x509_name; UINT utf8_size; BYTE *utf8; int encoding_type = MBSTRING_ASC; // Validate arguments if (xn == NULL || str == NULL) { return false; } // Convert to UTF-8 utf8_size = CalcUniToUtf8(str); if (utf8_size == 0) { return false; } utf8 = ZeroMalloc(utf8_size + 1); UniToUtf8(utf8, utf8_size, str); utf8[utf8_size] = 0; if (StrLen(utf8) != UniStrLen(str)) { encoding_type = MBSTRING_UTF8; } // Adding x509_name = (X509_NAME *)xn; Lock(openssl_lock); { X509_NAME_add_entry_by_NID(x509_name, nid, encoding_type, utf8, utf8_size, -1, 0); } Unlock(openssl_lock); Free(utf8); return true; } // Release the X509_NAME void FreeX509Name(void *xn) { X509_NAME *x509_name; // Validate arguments if (xn == NULL) { return; } x509_name = (X509_NAME *)xn; X509_NAME_free(x509_name); } // Creating the NAME NAME *NewName(wchar_t *common_name, wchar_t *organization, wchar_t *unit, wchar_t *country, wchar_t *state, wchar_t *local) { NAME *nm = ZeroMalloc(sizeof(NAME)); if (UniIsEmptyStr(common_name) == false) { nm->CommonName = CopyUniStr(common_name); } if (UniIsEmptyStr(organization) == false) { nm->Organization = CopyUniStr(organization); } if (UniIsEmptyStr(unit) == false) { nm->Unit = CopyUniStr(unit); } if (UniIsEmptyStr(country) == false) { nm->Country = CopyUniStr(country); } if (UniIsEmptyStr(state) == false) { nm->State = CopyUniStr(state); } if (UniIsEmptyStr(local) == false) { nm->Local = CopyUniStr(local); } return nm; } // Check the expiration date of the certificate by the current time bool CheckXDateNow(X *x) { // Validate arguments if (x == NULL) { return false; } return CheckXDate(x, SystemTime64()); } // Check the expiration date of the certificate bool CheckXDate(X *x, UINT64 current_system_time) { // Validate arguments if (x == NULL) { return false; } if (x->notBefore >= current_system_time || x->notAfter <= current_system_time) { return false; } return true; } // Read the expiration date of the certificate void LoadXDates(X *x) { // Validate arguments if (x == NULL) { return; } x->notBefore = Asn1TimeToUINT64(x->x509->cert_info->validity->notBefore); x->notAfter = Asn1TimeToUINT64(x->x509->cert_info->validity->notAfter); } // Convert the 64bit system time to ASN1 time bool UINT64ToAsn1Time(void *asn1_time, UINT64 t) { SYSTEMTIME st; // Validate arguments if (asn1_time == NULL) { return false; } UINT64ToSystem(&st, t); return SystemToAsn1Time(asn1_time, &st); } // Convert the system time to the ASN1 time bool SystemToAsn1Time(void *asn1_time, SYSTEMTIME *s) { char tmp[20]; ASN1_TIME *t; // Validate arguments if (asn1_time == NULL || s == NULL) { return false; } if (SystemToStr(tmp, sizeof(tmp), s) == false) { return false; } t = (ASN1_TIME *)asn1_time; if (t->data == NULL || t->length < sizeof(tmp)) { t->data = OPENSSL_malloc(sizeof(tmp)); } StrCpy((char *)t->data, t->length, tmp); t->length = StrLen(tmp); t->type = V_ASN1_UTCTIME; return true; } // Convert the system time to a string bool SystemToStr(char *str, UINT size, SYSTEMTIME *s) { // Validate arguments if (str == NULL || s == NULL) { return false; } Format(str, size, "%02u%02u%02u%02u%02u%02uZ", s->wYear % 100, s->wMonth, s->wDay, s->wHour, s->wMinute, s->wSecond); return true; } // Convert an ASN1 time to an UINT64 time UINT64 Asn1TimeToUINT64(void *asn1_time) { SYSTEMTIME st; // Validate arguments if (asn1_time == NULL) { return 0; } if (Asn1TimeToSystem(&st, asn1_time) == false) { return 0; } return SystemToUINT64(&st); } // Converted an ASN1 time to a system time bool Asn1TimeToSystem(SYSTEMTIME *s, void *asn1_time) { ASN1_TIME *t; // Validate arguments if (s == NULL || asn1_time == NULL) { return false; } t = (ASN1_TIME *)asn1_time; if (StrToSystem(s, (char *)t->data) == false) { return false; } if (t->type == V_ASN1_GENERALIZEDTIME) { LocalToSystem(s, s); } return true; } // Convert the string to the system time bool StrToSystem(SYSTEMTIME *s, char *str) { // Validate arguments if (s == NULL || str == NULL) { return false; } if (StrLen(str) != 13) { return false; } if (str[12] != 'Z') { return false; } // Conversion { char year[3] = {str[0], str[1], 0}, month[3] = {str[2], str[3], 0}, day[3] = {str[4], str[5], 0}, hour[3] = {str[6], str[7], 0}, minute[3] = {str[8], str[9], 0}, second[3] = {str[10], str[11], 0}; Zero(s, sizeof(SYSTEMTIME)); s->wYear = ToInt(year); if (s->wYear >= 60) { s->wYear += 1900; } else { s->wYear += 2000; } s->wMonth = ToInt(month); s->wDay = ToInt(day); s->wHour = ToInt(hour); s->wMinute = ToInt(minute); s->wSecond = ToInt(second); NormalizeSystem(s); } return true; } // Verify the RSA signature bool RsaVerify(void *data, UINT data_size, void *sign, K *k) { return RsaVerifyEx(data, data_size, sign, k, 0); } bool RsaVerifyEx(void *data, UINT data_size, void *sign, K *k, UINT bits) { UCHAR hash_data[SIGN_HASH_SIZE]; UCHAR decrypt_data[SIGN_HASH_SIZE]; // Validate arguments if (data == NULL || sign == NULL || k == NULL || k->private_key != false) { return false; } if (bits == 0) { bits = 1024; } // Hash the data if (HashForSign(hash_data, sizeof(hash_data), data, data_size) == false) { return false; } // Decode the signature if (RSA_public_decrypt(bits / 8, sign, decrypt_data, k->pkey->pkey.rsa, RSA_PKCS1_PADDING) <= 0) { return false; } // Comparison if (Cmp(decrypt_data, hash_data, SIGN_HASH_SIZE) != 0) { return false; } return true; } // RSA signature bool RsaSign(void *dst, void *src, UINT size, K *k) { return RsaSignEx(dst, src, size, k, 0); } bool RsaSignEx(void *dst, void *src, UINT size, K *k, UINT bits) { UCHAR hash[SIGN_HASH_SIZE]; // Validate arguments if (dst == NULL || src == NULL || k == NULL || k->pkey->type != EVP_PKEY_RSA) { return false; } if (bits == 0) { bits = 1024; } Zero(dst, bits / 8); // Hash if (HashForSign(hash, sizeof(hash), src, size) == false) { return false; } // Signature if (RSA_private_encrypt(sizeof(hash), hash, dst, k->pkey->pkey.rsa, RSA_PKCS1_PADDING) <= 0) { return false; } return true; } // Generation of signature data by SHA-1 bool HashForSign(void *dst, UINT dst_size, void *src, UINT src_size) { UCHAR *buf = (UCHAR *)dst; UCHAR sign_data[] = { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14, }; // Validate arguments if (dst == NULL || src == NULL || src_size == 0 || MIN_SIGN_HASH_SIZE > dst_size) { return false; } // Header part Copy(buf, sign_data, sizeof(sign_data)); // Hash HashSha1(HASHED_DATA(buf), src, src_size); return true; } // Decrypt with the RSA public key bool RsaPublicDecrypt(void *dst, void *src, UINT size, K *k) { void *tmp; int ret; // Validate arguments if (src == NULL || size == 0 || k == NULL) { return false; } tmp = ZeroMalloc(size); Lock(openssl_lock); { ret = RSA_public_decrypt(size, src, tmp, k->pkey->pkey.rsa, RSA_NO_PADDING); } Unlock(openssl_lock); if (ret <= 0) { /* Debug("RSA Error: 0x%x\n", ERR_get_error()); */ Free(tmp); return false; } Copy(dst, tmp, size); Free(tmp); return true; } // Encrypt with the RSA private key bool RsaPrivateEncrypt(void *dst, void *src, UINT size, K *k) { void *tmp; int ret; // Validate arguments if (src == NULL || size == 0 || k == NULL) { return false; } tmp = ZeroMalloc(size); Lock(openssl_lock); { ret = RSA_private_encrypt(size, src, tmp, k->pkey->pkey.rsa, RSA_NO_PADDING); } Unlock(openssl_lock); if (ret <= 0) { /* Debug("RSA Error: %u\n", ERR_GET_REASON(ERR_get_error())); */ Free(tmp); return false; } Copy(dst, tmp, size); Free(tmp); return true; } // Decrypt with the RSA private key bool RsaPrivateDecrypt(void *dst, void *src, UINT size, K *k) { void *tmp; int ret; // Validate arguments if (src == NULL || size == 0 || k == NULL) { return false; } tmp = ZeroMalloc(size); Lock(openssl_lock); { ret = RSA_private_decrypt(size, src, tmp, k->pkey->pkey.rsa, RSA_NO_PADDING); } Unlock(openssl_lock); if (ret <= 0) { return false; } Copy(dst, tmp, size); Free(tmp); return true; } // Encrypt with the RSA public key bool RsaPublicEncrypt(void *dst, void *src, UINT size, K *k) { void *tmp; int ret; // Validate arguments if (src == NULL || size == 0 || k == NULL) { return false; } tmp = ZeroMalloc(size); Lock(openssl_lock); { ret = RSA_public_encrypt(size, src, tmp, k->pkey->pkey.rsa, RSA_NO_PADDING); } Unlock(openssl_lock); if (ret <= 0) { return false; } Copy(dst, tmp, size); Free(tmp); return true; } // RSA operating environment check bool RsaCheckEx() { UINT num = 20; UINT i; for (i = 0;i < num;i++) { if (RsaCheck()) { return true; } SleepThread(100); } return false; } bool RsaCheck() { RSA *rsa; K *priv_key, *pub_key; BIO *bio; char errbuf[MAX_SIZE]; UINT size = 0; UINT bit = 32; // Validate arguments // Key generation Lock(openssl_lock); { rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); } Unlock(openssl_lock); if (rsa == NULL) { Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); return false; } // Secret key bio = NewBio(); Lock(openssl_lock); { i2d_RSAPrivateKey_bio(bio, rsa); } Unlock(openssl_lock); BIO_seek(bio, 0); priv_key = BioToK(bio, true, false, NULL); FreeBio(bio); // Public key bio = NewBio(); Lock(openssl_lock); { i2d_RSA_PUBKEY_bio(bio, rsa); } Unlock(openssl_lock); BIO_seek(bio, 0); pub_key = BioToK(bio, false, false, NULL); FreeBio(bio); RSA_free(rsa); size = RsaPublicSize(pub_key); if (size != ((bit + 7) / 8)) { FreeK(priv_key); FreeK(pub_key); return false; } FreeK(priv_key); FreeK(pub_key); return true; } // Generation of RSA key bool RsaGen(K **priv, K **pub, UINT bit) { RSA *rsa; K *priv_key, *pub_key; BIO *bio; char errbuf[MAX_SIZE]; UINT size = 0; // Validate arguments if (priv == NULL || pub == NULL) { return false; } if (bit == 0) { bit = 1024; } // Key generation Lock(openssl_lock); { rsa = RSA_generate_key(bit, RSA_F4, NULL, NULL); } Unlock(openssl_lock); if (rsa == NULL) { Debug("RSA_generate_key: err=%s\n", ERR_error_string(ERR_get_error(), errbuf)); return false; } // Secret key bio = NewBio(); Lock(openssl_lock); { i2d_RSAPrivateKey_bio(bio, rsa); } Unlock(openssl_lock); BIO_seek(bio, 0); priv_key = BioToK(bio, true, false, NULL); FreeBio(bio); // Public key bio = NewBio(); Lock(openssl_lock); { i2d_RSA_PUBKEY_bio(bio, rsa); } Unlock(openssl_lock); BIO_seek(bio, 0); pub_key = BioToK(bio, false, false, NULL); FreeBio(bio); *priv = priv_key; *pub = pub_key; RSA_free(rsa); size = RsaPublicSize(*pub); if (size != ((bit + 7) / 8)) { FreeK(*priv); FreeK(*pub); return RsaGen(priv, pub, bit); } return true; } // Confirm whether the certificate X is signed by the issuer of the certificate x_issuer bool CheckX(X *x, X *x_issuer) { return CheckXEx(x, x_issuer, false, false); } bool CheckXEx(X *x, X *x_issuer, bool check_name, bool check_date) { K *k; bool ret; // Validate arguments if (x == NULL || x_issuer == NULL) { return false; } k = GetKFromX(x_issuer); if (k == NULL) { return false; } ret = CheckSignature(x, k); if (ret) { if (check_name) { if (CompareName(x->issuer_name, x_issuer->subject_name) == false) { ret = false; } } if (check_date) { if (CheckXDateNow(x_issuer) == false) { ret = false; } } } FreeK(k); return ret; } // Confirm the signature of the certificate X with the public key K bool CheckSignature(X *x, K *k) { // Validate arguments if (x == NULL || k == NULL) { return false; } Lock(openssl_lock); { if (X509_verify(x->x509, k->pkey) == 0) { Unlock(openssl_lock); return false; } } Unlock(openssl_lock); return true; } // Get the public key from the certificate K *GetKFromX(X *x) { EVP_PKEY *pkey; K *k; // Validate arguments if (x == NULL) { return NULL; } Lock(openssl_lock); { pkey = X509_get_pubkey(x->x509); } Unlock(openssl_lock); if (pkey == NULL) { return NULL; } k = ZeroMalloc(sizeof(K)); k->pkey = pkey; return k; } // The name comparison bool CompareName(NAME *n1, NAME *n2) { // Validate arguments if (n1 == NULL || n2 == NULL) { return false; } // Name comparison if (UniStrCmpi(n1->CommonName, n2->CommonName) == 0 && UniStrCmpi(n1->Organization, n2->Organization) == 0 && UniStrCmpi(n1->Unit, n2->Unit) == 0 && UniStrCmpi(n1->Country, n2->Country) == 0 && UniStrCmpi(n1->State, n2->State) == 0 && UniStrCmpi(n1->Local, n2->Local) == 0) { return true; } return false; } // Release the name of the X void FreeXNames(X *x) { // Validate arguments if (x == NULL) { return; } FreeName(x->issuer_name); x->issuer_name = NULL; FreeName(x->subject_name); x->subject_name = NULL; } // Release the name void FreeName(NAME *n) { // Validate arguments if (n == NULL) { return; } // Release the string Free(n->CommonName); Free(n->Organization); Free(n->Unit); Free(n->Country); Free(n->State); Free(n->Local); // Release the object Free(n); return; } // Get the name of the certificate void LoadXNames(X *x) { X509 *x509; // Validate arguments if (x == NULL) { return; } x509 = x->x509; x->issuer_name = X509NameToName(X509_get_issuer_name(x509)); x->subject_name = X509NameToName(X509_get_subject_name(x509)); } // Convert the X509_NAME structure to the NAME structure NAME *X509NameToName(void *xn) { NAME *n; // Validate arguments if (xn == NULL) { return NULL; } n = ZeroMalloc(sizeof(NAME)); // Get the strings one by one n->CommonName = GetUniStrFromX509Name(xn, NID_commonName); n->Organization = GetUniStrFromX509Name(xn, NID_organizationName); n->Unit = GetUniStrFromX509Name(xn, NID_organizationalUnitName); n->Country = GetUniStrFromX509Name(xn, NID_countryName); n->State = GetUniStrFromX509Name(xn, NID_stateOrProvinceName); n->Local = GetUniStrFromX509Name(xn, NID_localityName); return n; } // Read a Unicode string from the X509_NAME structure wchar_t *GetUniStrFromX509Name(void *xn, int nid) { UCHAR txt[1024]; bool b = false; UINT i, size; int index; bool unicode = false; bool is_utf_8 = false; ASN1_OBJECT *obj; ASN1_STRING *data; // Validate arguments if (xn == NULL || nid == 0) { return NULL; } Zero(txt, sizeof(txt)); if (X509_NAME_get_text_by_NID(xn, nid, (char *)txt, sizeof(txt) - 2) <= 0) { return NULL; } obj = OBJ_nid2obj(nid); if (obj == NULL) { return NULL; } index = X509_NAME_get_index_by_OBJ(xn, obj, -1); if (index < 0) { return NULL; } data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(xn, index)); if (data == NULL) { return NULL; } if (data->type == V_ASN1_BMPSTRING) { unicode = true; } if (data->type == V_ASN1_UTF8STRING || data->type == V_ASN1_T61STRING) { is_utf_8 = true; } size = UniStrLen((wchar_t *)txt) * 4 + 8; for (i = 0;i < size;i++) { if (txt[i] >= 0x80) { unicode = true; break; } } if (is_utf_8) { wchar_t *ret; UINT ret_size; ret_size = CalcUtf8ToUni(txt, StrLen(txt)); ret = ZeroMalloc(ret_size + 8); Utf8ToUni(ret, ret_size, txt, StrLen(txt)); return ret; } else if (unicode == false) { wchar_t tmp[1024]; StrToUni(tmp, sizeof(tmp), (char *)txt); return CopyUniStr(tmp); } else { EndianUnicode((wchar_t *)txt); return CopyUniStr((wchar_t *)txt); } } // Check whether the certificate x1 equal to x2 bool CompareX(X *x1, X *x2) { // Validate arguments if (x1 == NULL || x2 == NULL) { return false; } Lock(openssl_lock); if (X509_cmp(x1->x509, x2->x509) == 0) { Unlock(openssl_lock); return true; } else { Unlock(openssl_lock); return false; } } // Check whether K is private key of X bool CheckXandK(X *x, K *k) { // Validate arguments if (x == NULL || k == NULL) { return false; } Lock(openssl_lock); if (X509_check_private_key(x->x509, k->pkey) != 0) { Unlock(openssl_lock); return true; } else { Unlock(openssl_lock); return false; } } // Read a X from the file X *FileToX(char *filename) { wchar_t *filename_w = CopyStrToUni(filename); X *ret = FileToXW(filename_w); Free(filename_w); return ret; } X *FileToXW(wchar_t *filename) { bool text; BUF *b; X *x; // Validate arguments if (filename == NULL) { return NULL; } b = ReadDumpW(filename); text = IsBase64(b); x = BufToX(b, text); FreeBuf(b); return x; } // Write the X to a file bool XToFile(X *x, char *filename, bool text) { wchar_t *filename_w = CopyStrToUni(filename); bool ret = XToFileW(x, filename_w, text); Free(filename_w); return ret; } bool XToFileW(X *x, wchar_t *filename, bool text) { BUF *b; bool ret; // Validate arguments if (x == NULL || filename == NULL) { return false; } b = XToBuf(x, text); if (b == NULL) { return false; } ret = DumpBufW(b, filename); FreeBuf(b); return ret; } // Read a K from the file K *FileToK(char *filename, bool private_key, char *password) { wchar_t *filename_w = CopyStrToUni(filename); K *ret; ret = FileToKW(filename_w, private_key, password); Free(filename_w); return ret; } K *FileToKW(wchar_t *filename, bool private_key, char *password) { bool text; BUF *b; K *k; // Validate arguments if (filename == NULL) { return NULL; } b = ReadDumpW(filename); if (b == NULL) { return NULL; } text = IsBase64(b); if (text == false) { k = BufToK(b, private_key, false, NULL); } else { k = BufToK(b, private_key, true, NULL); if (k == NULL) { k = BufToK(b, private_key, true, password); } } FreeBuf(b); return k; } // Save the K to a file bool KToFile(K *k, char *filename, bool text, char *password) { wchar_t *filename_w = CopyStrToUni(filename); bool ret = KToFileW(k, filename_w, text, password); Free(filename_w); return ret; } bool KToFileW(K *k, wchar_t *filename, bool text, char *password) { BUF *b; bool ret; // Validate arguments if (k == NULL || filename == NULL) { return false; } b = KToBuf(k, text, password); if (b == NULL) { return false; } ret = DumpBufW(b, filename); FreeBuf(b); return ret; } // Convert the K to the BUF BUF *KToBuf(K *k, bool text, char *password) { BUF *buf; BIO *bio; // Validate arguments if (k == NULL) { return NULL; } bio = KToBio(k, text, password); if (bio == NULL) { return NULL; } buf = BioToBuf(bio); FreeBio(bio); SeekBuf(buf, 0, 0); return buf; } // Convert the K to the BIO BIO *KToBio(K *k, bool text, char *password) { BIO *bio; // Validate arguments if (k == NULL) { return NULL; } bio = NewBio(); if (k->private_key) { // Secret key if (text == false) { // Binary format Lock(openssl_lock); { i2d_PrivateKey_bio(bio, k->pkey); } Unlock(openssl_lock); } else { // Text format if (password == 0 || StrLen(password) == 0) { // No encryption Lock(openssl_lock); { PEM_write_bio_PrivateKey(bio, k->pkey, NULL, NULL, 0, NULL, NULL); } Unlock(openssl_lock); } else { // Encrypt CB_PARAM cb; cb.password = password; Lock(openssl_lock); { PEM_write_bio_PrivateKey(bio, k->pkey, EVP_des_ede3_cbc(), NULL, 0, (pem_password_cb *)PKeyPasswordCallbackFunction, &cb); } Unlock(openssl_lock); } } } else { // Public key if (text == false) { // Binary format Lock(openssl_lock); { i2d_PUBKEY_bio(bio, k->pkey); } Unlock(openssl_lock); } else { // Text format Lock(openssl_lock); { PEM_write_bio_PUBKEY(bio, k->pkey); } Unlock(openssl_lock); } } return bio; } // Check whether the BUF is encoded as the Base64 bool IsBase64(BUF *b) { UINT i; // Validate arguments if (b == NULL) { return false; } if (SearchAsciiInBinary(b->Buf, b->Size, "-----BEGIN", false) != INFINITE) { return true; } for (i = 0;i < b->Size;i++) { char c = ((char *)b->Buf)[i]; bool b = false; if ('a' <= c && c <= 'z') { b = true; } else if ('A' <= c && c <= 'Z') { b = true; } else if ('0' <= c && c <= '9') { b = true; } else if (c == ':' || c == '.' || c == ';' || c == ',') { b = true; } else if (c == '!' || c == '&' || c == '#' || c == '(' || c == ')') { b = true; } else if (c == '-' || c == ' ') { b = true; } else if (c == 13 || c == 10 || c == EOF) { b = true; } else if (c == '\t' || c == '=' || c == '+' || c == '/') { b = true; } if (b == false) { return false; } } return true; } // Check whether the K in the BUF is encrypted bool IsEncryptedK(BUF *b, bool private_key) { K *k; // Validate arguments if (b == NULL) { return false; } if (IsBase64(b) == false) { return false; } k = BufToK(b, private_key, true, NULL); if (k != NULL) { FreeK(k); return false; } return true; } // Convert the BUF to a K K *BufToK(BUF *b, bool private_key, bool text, char *password) { BIO *bio; K *k; // Validate arguments if (b == NULL) { return NULL; } bio = BufToBio(b); k = BioToK(bio, private_key, text, password); FreeBio(bio); return k; } // Release of K void FreeK(K *k) { // Validate arguments if (k == NULL) { return; } FreePKey(k->pkey); Free(k); } // Release the secret key void FreePKey(EVP_PKEY *pkey) { // Validate arguments if (pkey == NULL) { return; } EVP_PKEY_free(pkey); } // Convert the BIO to the K K *BioToK(BIO *bio, bool private_key, bool text, char *password) { EVP_PKEY *pkey; K *k; // Validate arguments if (bio == NULL) { return NULL; } if (password != NULL && StrLen(password) == 0) { password = NULL; } if (private_key == false) { // Public key if (text == false) { // Binary format pkey = d2i_PUBKEY_bio(bio, NULL); if (pkey == NULL) { return NULL; } } else { // Text format CB_PARAM cb; cb.password = password; Lock(openssl_lock); { pkey = PEM_read_bio_PUBKEY(bio, NULL, (pem_password_cb *)PKeyPasswordCallbackFunction, &cb); } Unlock(openssl_lock); if (pkey == NULL) { return NULL; } } } else { if (text == false) { // Binary format Lock(openssl_lock); { pkey = d2i_PrivateKey_bio(bio, NULL); } Unlock(openssl_lock); if (pkey == NULL) { return NULL; } } else { // Text format CB_PARAM cb; cb.password = password; Lock(openssl_lock); { pkey = PEM_read_bio_PrivateKey(bio, NULL, (pem_password_cb *)PKeyPasswordCallbackFunction, &cb); } Unlock(openssl_lock); if (pkey == NULL) { return NULL; } } } k = ZeroMalloc(sizeof(K)); k->pkey = pkey; k->private_key = private_key; return k; } // Password callback function int PKeyPasswordCallbackFunction(char *buf, int bufsize, int verify, void *param) { CB_PARAM *cb; // Validate arguments if (buf == NULL || param == NULL || bufsize == 0) { return 0; } cb = (CB_PARAM *)param; if (cb->password == NULL) { return 0; } return StrCpy(buf, bufsize, cb->password); } // Convert the X to a BUF BUF *XToBuf(X *x, bool text) { BIO *bio; BUF *b; // Validate arguments if (x == NULL) { return NULL; } bio = XToBio(x, text); if (bio == NULL) { return NULL; } b = BioToBuf(bio); FreeBio(bio); SeekBuf(b, 0, 0); return b; } // Convert the X to a BIO BIO *XToBio(X *x, bool text) { BIO *bio; // Validate arguments if (x == NULL) { return NULL; } bio = NewBio(); Lock(openssl_lock); { if (text == false) { // Binary format i2d_X509_bio(bio, x->x509); } else { // Text format PEM_write_bio_X509(bio, x->x509); } } Unlock(openssl_lock); return bio; } // Release of the X void FreeX(X *x) { // Validate arguments if (x == NULL) { return; } // Release the name FreeXNames(x); // Release the Serial FreeXSerial(x->serial); if (x->do_not_free == false) { FreeX509(x->x509); } Free(x); } // Release of the X509 void FreeX509(X509 *x509) { // Validate arguments if (x509 == NULL) { return; } Lock(openssl_lock); { X509_free(x509); } Unlock(openssl_lock); } // Convert the BUF to a X X *BufToX(BUF *b, bool text) { X *x; BIO *bio; // Validate arguments if (b == NULL) { return NULL; } bio = BufToBio(b); if (bio == NULL) { FreeBuf(b); return NULL; } x = BioToX(bio, text); FreeBio(bio); return x; } // Create a new buffer by skipping the contents of the buffer to the specified string BUF *SkipBufBeforeString(BUF *b, char *str) { char *tmp; UINT tmp_size; BUF *ret; UINT i; UINT offset = 0; // Validate arguments if (b == NULL || str == NULL) { return NULL; } tmp_size = b->Size + 1; tmp = ZeroMalloc(tmp_size); Copy(tmp, b->Buf, b->Size); i = SearchStrEx(tmp, str, 0, false); if (i != INFINITE) { offset = i; } ret = NewBuf(); WriteBuf(ret, ((UCHAR *)b->Buf) + offset, b->Size - offset); SeekBuf(ret, 0, 0); Free(tmp); return ret; } // Get a digest of the X void GetXDigest(X *x, UCHAR *buf, bool sha1) { // Validate arguments if (x == NULL) { return; } if (sha1 == false) { UINT size = MD5_SIZE; X509_digest(x->x509, EVP_md5(), buf, (unsigned int *)&size); } else { UINT size = SHA1_SIZE; X509_digest(x->x509, EVP_sha1(), buf, (unsigned int *)&size); } } // Convert BIO to X X *BioToX(BIO *bio, bool text) { X *x; X509 *x509; // Validate arguments if (bio == NULL) { return NULL; } Lock(openssl_lock); { // Reading x509 if (text == false) { // Binary mode x509 = d2i_X509_bio(bio, NULL); } else { // Text mode x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); } } Unlock(openssl_lock); if (x509 == NULL) { return NULL; } x = X509ToX(x509); if (x == NULL) { return NULL; } return x; } // Convert the X509 to X X *X509ToX(X509 *x509) { X *x; K *k; BUF *b; UINT size; UINT type; // Validate arguments if (x509 == NULL) { return NULL; } x = ZeroMalloc(sizeof(X)); x->x509 = x509; // Name LoadXNames(x); // Expiration date LoadXDates(x); // Check whether it is a root certificate if (CompareName(x->issuer_name, x->subject_name)) { K *pubkey = GetKFromX(x); if (pubkey != NULL) { if (CheckXandK(x, pubkey)) { x->root_cert = true; } FreeK(pubkey); } } // Check whether there is basic constraints if (X509_get_ext_by_NID(x509, NID_basic_constraints, -1) != -1) { x->has_basic_constraints = true; } // Get the "Certification Authority Issuer" (1.3.6.1.5.5.7.48.2) field value if (x->root_cert == false) { AUTHORITY_INFO_ACCESS *ads = (AUTHORITY_INFO_ACCESS *)X509_get_ext_d2i(x509, NID_info_access, NULL, NULL); if (ads != NULL) { int i; for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ads); i++) { ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(ads, i); if (ad != NULL) { if (OBJ_obj2nid(ad->method) == NID_ad_ca_issuers && ad->location->type == GEN_URI) { char *uri = (char *)ASN1_STRING_data(ad->location->d.uniformResourceIdentifier); if (IsEmptyStr(uri) == false) { StrCpy(x->issuer_url, sizeof(x->issuer_url), uri); break; } } } } AUTHORITY_INFO_ACCESS_free(ads); } } // Get the Serial Number x->serial = NewXSerial(x509->cert_info->serialNumber->data, x509->cert_info->serialNumber->length); if (x->serial == NULL) { char zero = 0; x->serial = NewXSerial(&zero, sizeof(char)); } k = GetKFromX(x); if (k == NULL) { FreeX(x); return NULL; } b = KToBuf(k, false, NULL); size = b->Size; type = k->pkey->type; FreeBuf(b); FreeK(k); if (type == EVP_PKEY_RSA) { x->is_compatible_bit = true; switch (size) { case 162: x->bits = 1024; break; case 226: x->bits = 1536; break; case 294: x->bits = 2048; break; case 442: x->bits = 3072; break; case 550: x->bits = 4096; break; default: x->is_compatible_bit = false; break; } } return x; } // Create a BIO BIO *NewBio() { return BIO_new(BIO_s_mem()); } // Release the BIO void FreeBio(BIO *bio) { // Validate arguments if (bio == NULL) { return; } BIO_free(bio); } // Convert the BIO to the BUF BUF *BioToBuf(BIO *bio) { BUF *b; UINT size; void *tmp; // Validate arguments if (bio == NULL) { return NULL; } BIO_seek(bio, 0); size = bio->num_write; tmp = Malloc(size); BIO_read(bio, tmp, size); b = NewBuf(); WriteBuf(b, tmp, size); Free(tmp); return b; } // Convert the BUF to a BIO BIO *BufToBio(BUF *b) { BIO *bio; // Validate arguments if (b == NULL) { return NULL; } Lock(openssl_lock); { bio = BIO_new(BIO_s_mem()); if (bio == NULL) { Unlock(openssl_lock); return NULL; } BIO_write(bio, b->Buf, b->Size); BIO_seek(bio, 0); } Unlock(openssl_lock); return bio; } // 128-bit random number generation void Rand128(void *buf) { Rand(buf, 16); } // 64-bit random number generation UINT64 Rand64() { UINT64 i; Rand(&i, sizeof(i)); return i; } // 32-bit random number generation UINT Rand32() { UINT i; Rand(&i, sizeof(i)); return i; } // 16-bit random number generation USHORT Rand16() { USHORT i; Rand(&i, sizeof(i)); return i; } // 8-bit random number generation UCHAR Rand8() { UCHAR i; Rand(&i, sizeof(i)); return i; } // 1-bit random number generation bool Rand1() { return (Rand32() % 2) == 0 ? false : true; } // Random number generation void Rand(void *buf, UINT size) { // Validate arguments if (buf == NULL || size == 0) { return; } RAND_bytes(buf, size); } // Delete a thread-specific information that OpenSSL has holded void FreeOpenSSLThreadState() { ERR_remove_state(0); } // Release the Crypt library void FreeCryptLibrary() { openssl_inited = false; DeleteLock(openssl_lock); openssl_lock = NULL; // RAND_Free_For_SoftEther(); OpenSSL_FreeLock(); } // Initialize the Crypt library void InitCryptLibrary() { char tmp[16]; CheckIfIntelAesNiSupportedInit(); // RAND_Init_For_SoftEther() openssl_lock = NewLock(); SSL_library_init(); //OpenSSL_add_all_algorithms(); OpenSSL_add_all_ciphers(); SSLeay_add_all_digests(); ERR_load_crypto_strings(); SSL_load_error_strings(); #ifdef OS_UNIX { char *name1 = "/dev/random"; char *name2 = "/dev/urandom"; IO *o; o = FileOpen(name1, false); if (o == NULL) { o = FileOpen(name2, false); if (o == NULL) { UINT64 now = SystemTime64(); BUF *b; UINT i; b = NewBuf(); for (i = 0;i < 4096;i++) { UCHAR c = rand() % 256; WriteBuf(b, &c, 1); } WriteBuf(b, &now, sizeof(now)); RAND_seed(b->Buf, b->Size); FreeBuf(b); } else { FileClose(o); } } else { FileClose(o); } } #endif // OS_UNIX RAND_poll(); #ifdef OS_WIN32 // RAND_screen(); #endif Rand(tmp, sizeof(tmp)); OpenSSL_InitLock(); openssl_inited = true; } // Hash function void Hash(void *dst, void *src, UINT size, bool sha) { // Validate arguments if (dst == NULL || (src == NULL && size != 0)) { return; } if (sha == false) { // MD5 hash MD5(src, size, dst); } else { // SHA hash Internal_SHA0(src, size, dst); } } // MD4 specific hash function void HashMd4(void *dst, void *src, UINT size) { // Validate arguments if (dst == NULL || (size != 0 && src == NULL)) { return; } MD4(src, size, dst); } // Hash with the SHA-1 and convert it to UINT UINT HashToUINT(void *data, UINT size) { UCHAR hash[SHA1_SIZE]; UINT u; // Validate arguments if (data == NULL && size != 0) { return 0; } HashSha1(hash, data, size); Copy(&u, hash, sizeof(UINT)); u = Endian32(u); return u; } // SHA-1 specific hash function void HashSha1(void *dst, void *src, UINT size) { // Validate arguments if (dst == NULL || (size != 0 && src == NULL)) { return; } SHA1(src, size, dst); } // SHA-256 specific hash function void HashSha256(void *dst, void *src, UINT size) { // Validate arguments if (dst == NULL || (size != 0 && src == NULL)) { return; } SHA256(src, size, dst); } // Creating a new CRYPT object CRYPT *NewCrypt(void *key, UINT size) { CRYPT *c = ZeroMalloc(sizeof(CRYPT)); c->Rc4Key = Malloc(sizeof(struct rc4_key_st)); RC4_set_key(c->Rc4Key, size, (UCHAR *)key); return c; } // Release the CRYPT object void FreeCrypt(CRYPT *c) { // Validate arguments if (c == NULL) { return; } // Memory release Free(c->Rc4Key); Free(c); } // Encryption and decryption void Encrypt(CRYPT *c, void *dst, void *src, UINT size) { RC4(c->Rc4Key, size, src, dst); } // SHA-1 hash void Sha(UINT sha_type, void *dst, void *src, UINT size) { // Validate arguments if (dst == NULL || src == NULL) { return; } switch(sha_type) { case SHA1_160: SHA1(src, size, dst); break; case SHA2_256: SHA256(src, size, dst); break; case SHA2_384: SHA384(src, size, dst); break; case SHA2_512: SHA512(src, size, dst); break; } } void Sha1(void *dst, void *src, UINT size) { Sha(SHA1_160, dst, src, size); } void Sha2_256(void *dst, void *src, UINT size) { Sha(SHA2_256, dst, src, size); } void Sha2_384(void *dst, void *src, UINT size) { Sha(SHA2_384, dst, src, size); } void Sha2_512(void *dst, void *src, UINT size) { Sha(SHA2_512, dst, src, size); } // MD5 hash void Md5(void *dst, void *src, UINT size) { // Validate arguments if (dst == NULL || src == NULL) { return; } MD5(src, size, dst); } // 3DES encryption void Des3Encrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec) { UCHAR ivec_copy[DES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || key == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, DES_IV_SIZE); DES_ede3_cbc_encrypt(src, dest, size, key->k1->KeySchedule, key->k2->KeySchedule, key->k3->KeySchedule, (DES_cblock *)ivec_copy, 1); } void Des3Encrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec) { UCHAR ivec_copy[DES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k1 == NULL || k2 == NULL || k3 == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, DES_IV_SIZE); DES_ede3_cbc_encrypt(src, dest, size, k1->KeySchedule, k2->KeySchedule, k3->KeySchedule, (DES_cblock *)ivec_copy, 1); } // DES encryption void DesEncrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec) { UCHAR ivec_copy[DES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, DES_IV_SIZE); DES_cbc_encrypt(src, dest, size, k->KeySchedule, (DES_cblock *)ivec_copy, 1); } // 3DES decryption void Des3Decrypt(void *dest, void *src, UINT size, DES_KEY *key, void *ivec) { UCHAR ivec_copy[DES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || key == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, DES_IV_SIZE); DES_ede3_cbc_encrypt(src, dest, size, key->k1->KeySchedule, key->k2->KeySchedule, key->k3->KeySchedule, (DES_cblock *)ivec_copy, 0); } void Des3Decrypt2(void *dest, void *src, UINT size, DES_KEY_VALUE *k1, DES_KEY_VALUE *k2, DES_KEY_VALUE *k3, void *ivec) { UCHAR ivec_copy[DES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k1 == NULL || k2 == NULL || k3 == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, DES_IV_SIZE); DES_ede3_cbc_encrypt(src, dest, size, k1->KeySchedule, k2->KeySchedule, k3->KeySchedule, (DES_cblock *)ivec_copy, 0); } // DES-ECB encryption void DesEcbEncrypt(void *dst, void *src, void *key_7bytes) { UCHAR *key_56; DES_cblock key; DES_key_schedule ks; // Validate arguments if (dst == NULL || src == NULL || key == NULL) { return; } key_56 = (UCHAR *)key_7bytes; Zero(&key, sizeof(key)); Zero(&ks, sizeof(ks)); key[0] = key_56[0]; key[1] = (unsigned char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1)); key[2] = (unsigned char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2)); key[3] = (unsigned char)(((key_56[2] << 5) & 0xFF) | (key_56[3] >> 3)); key[4] = (unsigned char)(((key_56[3] << 4) & 0xFF) | (key_56[4] >> 4)); key[5] = (unsigned char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5)); key[6] = (unsigned char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6)); key[7] = (unsigned char) ((key_56[6] << 1) & 0xFF); DES_set_odd_parity(&key); DES_set_key_unchecked(&key, &ks); DES_ecb_encrypt(src, dst, &ks, 1); } // DES decryption void DesDecrypt(void *dest, void *src, UINT size, DES_KEY_VALUE *k, void *ivec) { UCHAR ivec_copy[DES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, DES_IV_SIZE); DES_cbc_encrypt(src, dest, size, k->KeySchedule, (DES_cblock *)ivec_copy, 0); } // Generate a random 3DES key DES_KEY *Des3RandKey() { DES_KEY *k = ZeroMalloc(sizeof(DES_KEY)); k->k1 = DesRandKeyValue(); k->k2 = DesRandKeyValue(); k->k3 = DesRandKeyValue(); return k; } // Generate a random DES key DES_KEY *DesRandKey() { DES_KEY *k = ZeroMalloc(sizeof(DES_KEY)); k->k1 = DesRandKeyValue(); k->k2 = DesNewKeyValue(k->k1->KeyValue); k->k3 = DesNewKeyValue(k->k1->KeyValue); return k; } // Release the 3DES key void Des3FreeKey(DES_KEY *k) { // Validate arguments if (k == NULL) { return; } DesFreeKeyValue(k->k1); DesFreeKeyValue(k->k2); DesFreeKeyValue(k->k3); Free(k); } // Release the DES key void DesFreeKey(DES_KEY *k) { Des3FreeKey(k); } // Create a 3DES key DES_KEY *Des3NewKey(void *k1, void *k2, void *k3) { DES_KEY *k; // Validate arguments if (k1 == NULL || k2 == NULL || k3 == NULL) { return NULL; } k = ZeroMalloc(sizeof(DES_KEY)); k->k1 = DesNewKeyValue(k1); k->k2 = DesNewKeyValue(k2); k->k3 = DesNewKeyValue(k3); return k; } // Create a DES key DES_KEY *DesNewKey(void *k1) { return Des3NewKey(k1, k1, k1); } // Create a new DES key element DES_KEY_VALUE *DesNewKeyValue(void *value) { DES_KEY_VALUE *v; // Validate arguments if (value == NULL) { return NULL; } v = ZeroMalloc(sizeof(DES_KEY_VALUE)); Copy(v->KeyValue, value, DES_KEY_SIZE); v->KeySchedule = ZeroMalloc(sizeof(DES_key_schedule)); DES_set_key_unchecked(value, v->KeySchedule); return v; } // Random generation of new DES key element DES_KEY_VALUE *DesRandKeyValue() { UCHAR key_value[DES_KEY_SIZE]; DES_random_key((DES_cblock *)key_value); return DesNewKeyValue(key_value); } // Release of DES key element void DesFreeKeyValue(DES_KEY_VALUE *v) { // Validate arguments if (v == NULL) { return; } Free(v->KeySchedule); Free(v); } // Create a new AES key AES_KEY_VALUE *AesNewKey(void *data, UINT size) { AES_KEY_VALUE *k; // Validate arguments if (data == NULL || (!(size == 16 || size == 24 || size == 32))) { return NULL; } k = ZeroMalloc(sizeof(AES_KEY_VALUE)); k->EncryptKey = ZeroMalloc(sizeof(struct aes_key_st)); k->DecryptKey = ZeroMalloc(sizeof(struct aes_key_st)); k->KeySize = size; Copy(k->KeyValue, data, size); AES_set_encrypt_key(data, size * 8, k->EncryptKey); AES_set_decrypt_key(data, size * 8, k->DecryptKey); return k; } // Release the AES key void AesFreeKey(AES_KEY_VALUE *k) { // Validate arguments if (k == NULL) { return; } Free(k->EncryptKey); Free(k->DecryptKey); Free(k); } // AES encryption void AesEncrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec) { UCHAR ivec_copy[AES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL) { return; } #ifdef USE_INTEL_AESNI_LIBRARY if (is_intel_aes_supported) { AesEncryptWithIntel(dest, src, size, k, ivec); return; } #endif // USE_INTEL_AESNI_LIBRARY Copy(ivec_copy, ivec, AES_IV_SIZE); AES_cbc_encrypt(src, dest, size, k->EncryptKey, ivec, 1); } // AES decryption void AesDecrypt(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec) { UCHAR ivec_copy[AES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL) { return; } #ifdef USE_INTEL_AESNI_LIBRARY if (is_intel_aes_supported) { AesDecryptWithIntel(dest, src, size, k, ivec); return; } #endif // USE_INTEL_AESNI_LIBRARY Copy(ivec_copy, ivec, AES_IV_SIZE); AES_cbc_encrypt(src, dest, size, k->DecryptKey, ivec, 0); } // Determine whether the Intel AES-NI is supported bool IsIntelAesNiSupported() { return is_intel_aes_supported; } void CheckIfIntelAesNiSupportedInit() { #ifdef USE_INTEL_AESNI_LIBRARY if (check_for_aes_instructions()) { is_intel_aes_supported = true; } else { is_intel_aes_supported = false; } #else // USE_INTEL_AESNI_LIBRARY is_intel_aes_supported = false; #endif // USE_INTEL_AESNI_LIBRARY } // Disable the Intel AES-NI void DisableIntelAesAccel() { is_intel_aes_supported = false; } #ifdef USE_INTEL_AESNI_LIBRARY // Encrypt AES using the Intel AES-NI void AesEncryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec) { UCHAR ivec_copy[AES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, AES_IV_SIZE); switch (k->KeySize) { case 16: intel_AES_enc128_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy); break; case 24: intel_AES_enc192_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy); break; case 32: intel_AES_enc256_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy); break; } } // Decrypt AES using the Intel AES-NI void AesDecryptWithIntel(void *dest, void *src, UINT size, AES_KEY_VALUE *k, void *ivec) { UCHAR ivec_copy[AES_IV_SIZE]; // Validate arguments if (dest == NULL || src == NULL || size == 0 || k == NULL || ivec == NULL) { return; } Copy(ivec_copy, ivec, AES_IV_SIZE); switch (k->KeySize) { case 16: intel_AES_dec128_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy); break; case 24: intel_AES_dec192_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy); break; case 32: intel_AES_dec256_CBC(src, dest, k->KeyValue, (size / AES_IV_SIZE), ivec_copy); break; } } #endif // USE_INTEL_AESNI_LIBRARY // Calculation of HMAC-SHA-1-96 void MacSha196(void *dst, void *key, void *data, UINT data_size) { UCHAR tmp[HMAC_SHA1_SIZE]; // Validate arguments if (dst == NULL || key == NULL || data == NULL) { return; } MacSha1(tmp, key, HMAC_SHA1_96_KEY_SIZE, data, data_size); Copy(dst, tmp, HMAC_SHA1_96_HASH_SIZE); } // Calculation of HMAC-SHA-1 void MacSha1(void *dst, void *key, UINT key_size, void *data, UINT data_size) { UCHAR key_plus[SHA1_BLOCK_SIZE]; UCHAR key_plus2[SHA1_BLOCK_SIZE]; UCHAR key_plus5[SHA1_BLOCK_SIZE]; UCHAR hash4[SHA1_HASH_SIZE]; UINT i; BUF *buf3; BUF *buf6; // Validate arguments if (dst == NULL || key == NULL || data == NULL) { return; } Zero(key_plus, sizeof(key_plus)); if (key_size <= SHA1_BLOCK_SIZE) { Copy(key_plus, key, key_size); } else { Sha1(key_plus, key, key_size); } for (i = 0;i < sizeof(key_plus);i++) { key_plus2[i] = key_plus[i] ^ 0x36; } buf3 = NewBuf(); WriteBuf(buf3, key_plus2, sizeof(key_plus2)); WriteBuf(buf3, data, data_size); Sha1(hash4, buf3->Buf, buf3->Size); for (i = 0;i < sizeof(key_plus);i++) { key_plus5[i] = key_plus[i] ^ 0x5c; } buf6 = NewBuf(); WriteBuf(buf6, key_plus5, sizeof(key_plus5)); WriteBuf(buf6, hash4, sizeof(hash4)); Sha1(dst, buf6->Buf, buf6->Size); FreeBuf(buf3); FreeBuf(buf6); } // DH calculation bool DhCompute(DH_CTX *dh, void *dst_priv_key, void *src_pub_key, UINT key_size) { int i; BIGNUM *bn; bool ret = false; // Validate arguments if (dh == NULL || dst_priv_key == NULL || src_pub_key == NULL) { return false; } if (key_size > dh->Size) { return false; } bn = BinToBigNum(src_pub_key, key_size); i = DH_compute_key(dst_priv_key, bn, dh->dh); if (i == dh->Size) { ret = true; } else if ((UINT)i < dh->Size) { UCHAR *dst2 = Clone(dst_priv_key, i); Zero(dst_priv_key, dh->Size); Copy(((UCHAR *)dst_priv_key) + (dh->Size - i), dst2, i); ret = true; } BN_free(bn); return ret; } // Creating a DH 2048bit DH_CTX *DhNew2048() { return DhNew(DH_SET_2048, 2); } // Creating a DH 3072bit DH_CTX *DhNew3072() { return DhNew(DH_SET_3072, 2); } // Creating a DH 4096bit DH_CTX *DhNew4096() { return DhNew(DH_SET_4096, 2); } // Creating a DH GROUP1 DH_CTX *DhNewGroup1() { return DhNew(DH_GROUP1_PRIME_768, 2); } // Creating a DH GROUP2 DH_CTX *DhNewGroup2() { return DhNew(DH_GROUP2_PRIME_1024, 2); } // Creating a DH GROUP5 DH_CTX *DhNewGroup5() { return DhNew(DH_GROUP5_PRIME_1536, 2); } // Creating a DH SIMPLE 160bits DH_CTX *DhNewSimple160() { return DhNew(DH_SIMPLE_160, 2); } // Convert the DH parameters to file BUF *DhToBuf(DH_CTX *dh) { BIO *bio; BUF *buf = NULL; int r; // Validate arguments if (dh == NULL) { return NULL; } bio = NewBio(); r = i2d_DHparams_bio(bio, dh->dh); if (r > 1) { buf = BioToBuf(bio); } FreeBio(bio); return buf; } // Creating a new DH DH_CTX *DhNew(char *prime, UINT g) { DH_CTX *dh; BUF *buf; // Validate arguments if (prime == NULL || g == 0) { return NULL; } buf = StrToBin(prime); dh = ZeroMalloc(sizeof(DH_CTX)); dh->dh = DH_new(); dh->dh->p = BinToBigNum(buf->Buf, buf->Size); dh->dh->g = BN_new(); BN_set_word(dh->dh->g, g); DH_generate_key(dh->dh); dh->MyPublicKey = BigNumToBuf(dh->dh->pub_key); dh->MyPrivateKey = BigNumToBuf(dh->dh->priv_key); dh->Size = buf->Size; FreeBuf(buf); return dh; } // Release of DH void DhFree(DH_CTX *dh) { // Validate arguments if (dh == NULL) { return; } DH_free(dh->dh); FreeBuf(dh->MyPrivateKey); FreeBuf(dh->MyPublicKey); Free(dh); } ///////////////////////// // SHA0 implementation // ///////////////////////// // // From: https://bitbucket.org/Polarina/ampheck/src/097585ce2a74/src/ /* Copyright (C) 2009 Gabriel A. Petursson This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ struct ampheck_sha0 { UINT h[5]; UCHAR buffer[64]; UINT64 length; }; #define ROR(x, y) (((x) >> (y)) ^ ((x) << ((sizeof(x) * 8) - (y)))) #define ROL(x, y) (((x) << (y)) ^ ((x) >> ((sizeof(x) * 8) - (y)))) #define UNPACK_32_BE(x, str) { \ *((str)) = (UCHAR) ((x) >> 24); \ *((str) + 1) = (UCHAR) ((x) >> 16); \ *((str) + 2) = (UCHAR) ((x) >> 8); \ *((str) + 3) = (UCHAR) (x); \ } #define UNPACK_64_BE(x, str) { \ *((str)) = (UCHAR) ((x) >> 56); \ *((str) + 1) = (UCHAR) ((x) >> 48); \ *((str) + 2) = (UCHAR) ((x) >> 40); \ *((str) + 3) = (UCHAR) ((x) >> 32); \ *((str) + 4) = (UCHAR) ((x) >> 24); \ *((str) + 5) = (UCHAR) ((x) >> 16); \ *((str) + 6) = (UCHAR) ((x) >> 8); \ *((str) + 7) = (UCHAR) (x); \ } #define PACK_32_BE(str, x) { \ *(x) = ((UINT) *((str) ) << 24) \ ^ ((UINT) *((str) + 1) << 16) \ ^ ((UINT) *((str) + 2) << 8) \ ^ ((UINT) *((str) + 3)); \ } #define PACK_64_BE(str, x) { \ *(x) = ((UINT64) *((str) ) << 56) \ ^ ((UINT64) *((str) + 1) << 48) \ ^ ((UINT64) *((str) + 2) << 40) \ ^ ((UINT64) *((str) + 3) << 32) \ ^ ((UINT64) *((str) + 4) << 24) \ ^ ((UINT64) *((str) + 5) << 16) \ ^ ((UINT64) *((str) + 6) << 8) \ ^ ((UINT64) *((str) + 7)); \ } #define UNPACK_32_LE(x, str) { \ *((str)) = (UCHAR) (x); \ *((str) + 1) = (UCHAR) ((x) >> 8); \ *((str) + 2) = (UCHAR) ((x) >> 16); \ *((str) + 3) = (UCHAR) ((x) >> 24); \ } #define UNPACK_64_LE(x, str) { \ *((str)) = (UCHAR) (x); \ *((str) + 1) = (UCHAR) ((x) >> 8); \ *((str) + 2) = (UCHAR) ((x) >> 16); \ *((str) + 3) = (UCHAR) ((x) >> 24); \ *((str) + 4) = (UCHAR) ((x) >> 32); \ *((str) + 5) = (UCHAR) ((x) >> 40); \ *((str) + 6) = (UCHAR) ((x) >> 48); \ *((str) + 7) = (UCHAR) ((x) >> 56); \ } #define PACK_32_LE(str, x) { \ *(x) = ((UINT) *((str) )) \ ^ ((UINT) *((str) + 1) << 8) \ ^ ((UINT) *((str) + 2) << 16) \ ^ ((UINT) *((str) + 3) << 24); \ } #define PACK_64_LE(str, x) { \ *(x) = ((UINT64) *((str) )) \ ^ ((UINT64) *((str) + 1) << 8) \ ^ ((UINT64) *((str) + 2) << 16) \ ^ ((UINT64) *((str) + 3) << 24) \ ^ ((UINT64) *((str) + 4) << 32) \ ^ ((UINT64) *((str) + 5) << 40) \ ^ ((UINT64) *((str) + 6) << 48) \ ^ ((UINT64) *((str) + 7) << 56); \ } #define SHA0_R1(x, y, z) ((z ^ (x & (y ^ z))) + 0x5a827999) #define SHA0_R2(x, y, z) ((x ^ y ^ z) + 0x6ed9eba1) #define SHA0_R3(x, y, z) (((x & y) | (z & (x | y))) + 0x8f1bbcdc) #define SHA0_R4(x, y, z) ((x ^ y ^ z) + 0xca62c1d6) #define SHA0_PRC(a, b, c, d, e, idx, rnd) { \ wv[e] += ROR(wv[a], 27) + SHA0_R##rnd(wv[b], wv[c], wv[d]) + idx; \ wv[b] = ROR(wv[b], 2); \ } #define SHA0_EXT(i) ( \ w[i] ^= w[(i - 3) & 0x0F] ^ w[(i - 8) & 0x0F] ^ w[(i - 14) & 0x0F] \ ) static void ampheck_sha0_init(struct ampheck_sha0 *ctx); static void ampheck_sha0_update(struct ampheck_sha0 *ctx, const UCHAR *data, UINT length); static void ampheck_sha0_finish(const struct ampheck_sha0 *ctx, UCHAR *digest); static void ampheck_sha0_init(struct ampheck_sha0 *ctx) { ctx->h[0] = 0x67452301; ctx->h[1] = 0xefcdab89; ctx->h[2] = 0x98badcfe; ctx->h[3] = 0x10325476; ctx->h[4] = 0xc3d2e1f0; ctx->length = 0; } static void ampheck_sha0_transform(struct ampheck_sha0 *ctx, const UCHAR *data, UINT blocks) { UINT i; for (i = 0; i < blocks; ++i) { UINT wv[5]; UINT w[16]; PACK_32_BE(&data[(i << 6) ], &w[ 0]); PACK_32_BE(&data[(i << 6) + 4], &w[ 1]); PACK_32_BE(&data[(i << 6) + 8], &w[ 2]); PACK_32_BE(&data[(i << 6) + 12], &w[ 3]); PACK_32_BE(&data[(i << 6) + 16], &w[ 4]); PACK_32_BE(&data[(i << 6) + 20], &w[ 5]); PACK_32_BE(&data[(i << 6) + 24], &w[ 6]); PACK_32_BE(&data[(i << 6) + 28], &w[ 7]); PACK_32_BE(&data[(i << 6) + 32], &w[ 8]); PACK_32_BE(&data[(i << 6) + 36], &w[ 9]); PACK_32_BE(&data[(i << 6) + 40], &w[10]); PACK_32_BE(&data[(i << 6) + 44], &w[11]); PACK_32_BE(&data[(i << 6) + 48], &w[12]); PACK_32_BE(&data[(i << 6) + 52], &w[13]); PACK_32_BE(&data[(i << 6) + 56], &w[14]); PACK_32_BE(&data[(i << 6) + 60], &w[15]); wv[0] = ctx->h[0]; wv[1] = ctx->h[1]; wv[2] = ctx->h[2]; wv[3] = ctx->h[3]; wv[4] = ctx->h[4]; SHA0_PRC(0, 1, 2, 3, 4, w[ 0], 1); SHA0_PRC(4, 0, 1, 2, 3, w[ 1], 1); SHA0_PRC(3, 4, 0, 1, 2, w[ 2], 1); SHA0_PRC(2, 3, 4, 0, 1, w[ 3], 1); SHA0_PRC(1, 2, 3, 4, 0, w[ 4], 1); SHA0_PRC(0, 1, 2, 3, 4, w[ 5], 1); SHA0_PRC(4, 0, 1, 2, 3, w[ 6], 1); SHA0_PRC(3, 4, 0, 1, 2, w[ 7], 1); SHA0_PRC(2, 3, 4, 0, 1, w[ 8], 1); SHA0_PRC(1, 2, 3, 4, 0, w[ 9], 1); SHA0_PRC(0, 1, 2, 3, 4, w[10], 1); SHA0_PRC(4, 0, 1, 2, 3, w[11], 1); SHA0_PRC(3, 4, 0, 1, 2, w[12], 1); SHA0_PRC(2, 3, 4, 0, 1, w[13], 1); SHA0_PRC(1, 2, 3, 4, 0, w[14], 1); SHA0_PRC(0, 1, 2, 3, 4, w[15], 1); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 0), 1); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 1), 1); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 2), 1); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 3), 1); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 4), 2); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 5), 2); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 6), 2); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 7), 2); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 8), 2); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 9), 2); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT(10), 2); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT(11), 2); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT(12), 2); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT(13), 2); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT(14), 2); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT(15), 2); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 0), 2); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 1), 2); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 2), 2); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 3), 2); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 4), 2); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 5), 2); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 6), 2); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 7), 2); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 8), 3); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 9), 3); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT(10), 3); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT(11), 3); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT(12), 3); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT(13), 3); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT(14), 3); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT(15), 3); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 0), 3); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 1), 3); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 2), 3); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 3), 3); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 4), 3); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 5), 3); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 6), 3); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 7), 3); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 8), 3); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 9), 3); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT(10), 3); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT(11), 3); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT(12), 4); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT(13), 4); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT(14), 4); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT(15), 4); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 0), 4); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 1), 4); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 2), 4); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 3), 4); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 4), 4); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT( 5), 4); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT( 6), 4); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT( 7), 4); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT( 8), 4); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT( 9), 4); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT(10), 4); SHA0_PRC(0, 1, 2, 3, 4, SHA0_EXT(11), 4); SHA0_PRC(4, 0, 1, 2, 3, SHA0_EXT(12), 4); SHA0_PRC(3, 4, 0, 1, 2, SHA0_EXT(13), 4); SHA0_PRC(2, 3, 4, 0, 1, SHA0_EXT(14), 4); SHA0_PRC(1, 2, 3, 4, 0, SHA0_EXT(15), 4); ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; ctx->h[4] += wv[4]; } } static void ampheck_sha0_update(struct ampheck_sha0 *ctx, const UCHAR *data, UINT size) { UINT tmp = size; if (size >= 64 - ctx->length % 64) { memcpy(&ctx->buffer[ctx->length % 64], data, 64 - ctx->length % 64); data += 64 - ctx->length % 64; size -= 64 - ctx->length % 64; ampheck_sha0_transform(ctx, ctx->buffer, 1); ampheck_sha0_transform(ctx, data, size / 64); data += size & ~63; size %= 64; memcpy(ctx->buffer, data, size); } else { memcpy(&ctx->buffer[ctx->length % 64], data, size); } ctx->length += tmp; } static void ampheck_sha0_finish(const struct ampheck_sha0 *ctx, UCHAR *digest) { struct ampheck_sha0 tmp; memcpy(tmp.h, ctx->h, 5 * sizeof(UINT)); memcpy(tmp.buffer, ctx->buffer, ctx->length % 64); tmp.buffer[ctx->length % 64] = 0x80; if (ctx->length % 64 < 56) { memset(&tmp.buffer[ctx->length % 64 + 1], 0x00, 55 - ctx->length % 64); } else { memset(&tmp.buffer[ctx->length % 64 + 1], 0x00, 63 - ctx->length % 64); ampheck_sha0_transform(&tmp, tmp.buffer, 1); memset(tmp.buffer, 0x00, 56); } UNPACK_64_BE(ctx->length * 8, &tmp.buffer[56]); ampheck_sha0_transform(&tmp, tmp.buffer, 1); UNPACK_32_BE(tmp.h[0], &digest[ 0]); UNPACK_32_BE(tmp.h[1], &digest[ 4]); UNPACK_32_BE(tmp.h[2], &digest[ 8]); UNPACK_32_BE(tmp.h[3], &digest[12]); UNPACK_32_BE(tmp.h[4], &digest[16]); } static unsigned char *Internal_SHA0(const unsigned char *d, size_t n, unsigned char *md) { struct ampheck_sha0 c; static unsigned char m[SHA_DIGEST_LENGTH]; if (md == NULL) md=m; ampheck_sha0_init(&c); ampheck_sha0_update(&c, d, (UINT)n); ampheck_sha0_finish(&c, md); return md; } // Developed by SoftEther VPN Project at University of Tsukuba in Japan. // Department of Computer Science has dozens of overly-enthusiastic geeks. // Join us: http://www.tsukuba.ac.jp/english/admission/