2 Bacula® - The Network Backup Solution
4 Copyright (C) 2005-2007 Free Software Foundation Europe e.V.
6 The main author of Bacula is Kern Sibbald, with contributions from
7 many others, a complete list can be found in the file AUTHORS.
8 This program is Free Software; you can redistribute it and/or
9 modify it under the terms of version two of the GNU General Public
10 License as published by the Free Software Foundation and included
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 Bacula® is a registered trademark of John Walker.
24 The licensor of Bacula is the Free Software Foundation Europe
25 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
26 Switzerland, email:ftf@fsfeurope.org.
29 * crypto.c Encryption support functions
31 * Author: Landon Fuller <landonf@opendarwin.org>
35 * This file was contributed to the Bacula project by Landon Fuller.
37 * Landon Fuller has been granted a perpetual, worldwide, non-exclusive,
38 * no-charge, royalty-free, irrevocable copyright license to reproduce,
39 * prepare derivative works of, publicly display, publicly perform,
40 * sublicense, and distribute the original work contributed by Landon Fuller
41 * to the Bacula project in source or object form.
43 * If you wish to license these contributions under an alternate open source
44 * license please contact Landon Fuller <landonf@opendarwin.org>.
56 * Prefix: iso.org.dod.internet.private.enterprise.threerings.external.bacula (1.3.6.1.4.1.22054.500.2)
57 * Organization: Bacula Project
58 * Contact Name: Kern Sibbald
59 * Contact E-mail: kern@sibbald.com
61 * Top Level Allocations - 500.2
62 * 1 - Published Allocations
63 * 1.1 - Bacula Encryption
65 * Bacula Encryption - 500.2.1.1
68 * 2 - ASN.1 Object Identifiers
74 * BaculaCrypto { iso(1) identified-organization(3) usdod(6)
75 * internet(1) private(4) enterprises(1) three-rings(22054)
76 * external(500) bacula(2) published(1) bacula-encryption(1)
77 * asn1-modules(1) bacula-crypto(1) }
79 * DEFINITIONS AUTOMATIC TAGS ::=
82 * SignatureData ::= SEQUENCE {
83 * version Version DEFAULT v0,
84 * signerInfo SignerInfo }
86 * CryptoData ::= SEQUENCE {
87 * version Version DEFAULT v0,
88 * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
89 * iv InitializationVector,
90 * recipientInfo RecipientInfo
93 * SignerInfo ::= SET OF SignerInfo
94 * RecipientInfo ::= SET OF RecipientInfo
96 * Version ::= INTEGER { v0(0) }
98 * SignerInfo ::= SEQUENCE {
100 * subjectKeyIdentifier SubjectKeyIdentifier,
101 * digestAlgorithm DigestAlgorithmIdentifier,
102 * signatureAlgorithm SignatureAlgorithmIdentifier,
103 * signature SignatureValue }
105 * RecipientInfo ::= SEQUENCE {
107 * subjectKeyIdentifier SubjectKeyIdentifier
108 * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier
109 * encryptedKey EncryptedKey
112 * SubjectKeyIdentifier ::= OCTET STRING
114 * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
116 * SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
118 * KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
120 * ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
122 * InitializationVector ::= OCTET STRING
124 * SignatureValue ::= OCTET STRING
126 * EncryptedKey ::= OCTET STRING
128 * AlgorithmIdentifier ::= OBJECT IDENTIFIER
133 #ifdef HAVE_CRYPTO /* Is encryption enabled? */
134 #ifdef HAVE_OPENSSL /* How about OpenSSL? */
136 /* Are we initialized? */
137 static int crypto_initialized = false;
139 /* ASN.1 Declarations */
140 #define BACULA_ASN1_VERSION 0
143 ASN1_INTEGER *version;
144 ASN1_OCTET_STRING *subjectKeyIdentifier;
145 ASN1_OBJECT *digestAlgorithm;
146 ASN1_OBJECT *signatureAlgorithm;
147 ASN1_OCTET_STRING *signature;
151 ASN1_INTEGER *version;
152 ASN1_OCTET_STRING *subjectKeyIdentifier;
153 ASN1_OBJECT *keyEncryptionAlgorithm;
154 ASN1_OCTET_STRING *encryptedKey;
157 ASN1_SEQUENCE(SignerInfo) = {
158 ASN1_SIMPLE(SignerInfo, version, ASN1_INTEGER),
159 ASN1_SIMPLE(SignerInfo, subjectKeyIdentifier, ASN1_OCTET_STRING),
160 ASN1_SIMPLE(SignerInfo, digestAlgorithm, ASN1_OBJECT),
161 ASN1_SIMPLE(SignerInfo, signatureAlgorithm, ASN1_OBJECT),
162 ASN1_SIMPLE(SignerInfo, signature, ASN1_OCTET_STRING)
163 } ASN1_SEQUENCE_END(SignerInfo);
165 ASN1_SEQUENCE(RecipientInfo) = {
166 ASN1_SIMPLE(RecipientInfo, version, ASN1_INTEGER),
167 ASN1_SIMPLE(RecipientInfo, subjectKeyIdentifier, ASN1_OCTET_STRING),
168 ASN1_SIMPLE(RecipientInfo, keyEncryptionAlgorithm, ASN1_OBJECT),
169 ASN1_SIMPLE(RecipientInfo, encryptedKey, ASN1_OCTET_STRING),
170 } ASN1_SEQUENCE_END(RecipientInfo);
173 ASN1_INTEGER *version;
174 STACK_OF(SignerInfo) *signerInfo;
178 ASN1_INTEGER *version;
179 ASN1_OBJECT *contentEncryptionAlgorithm;
180 ASN1_OCTET_STRING *iv;
181 STACK_OF(RecipientInfo) *recipientInfo;
184 ASN1_SEQUENCE(SignatureData) = {
185 ASN1_SIMPLE(SignatureData, version, ASN1_INTEGER),
186 ASN1_SET_OF(SignatureData, signerInfo, SignerInfo),
187 } ASN1_SEQUENCE_END(SignatureData);
189 ASN1_SEQUENCE(CryptoData) = {
190 ASN1_SIMPLE(CryptoData, version, ASN1_INTEGER),
191 ASN1_SIMPLE(CryptoData, contentEncryptionAlgorithm, ASN1_OBJECT),
192 ASN1_SIMPLE(CryptoData, iv, ASN1_OCTET_STRING),
193 ASN1_SET_OF(CryptoData, recipientInfo, RecipientInfo)
194 } ASN1_SEQUENCE_END(CryptoData);
196 IMPLEMENT_ASN1_FUNCTIONS(SignerInfo)
197 IMPLEMENT_ASN1_FUNCTIONS(RecipientInfo)
198 IMPLEMENT_ASN1_FUNCTIONS(SignatureData)
199 IMPLEMENT_ASN1_FUNCTIONS(CryptoData)
200 IMPLEMENT_STACK_OF(SignerInfo)
201 IMPLEMENT_STACK_OF(RecipientInfo)
204 * SignerInfo and RecipientInfo stack macros, generated by OpenSSL's util/mkstack.pl.
206 #define sk_SignerInfo_new(st) SKM_sk_new(SignerInfo, (st))
207 #define sk_SignerInfo_new_null() SKM_sk_new_null(SignerInfo)
208 #define sk_SignerInfo_free(st) SKM_sk_free(SignerInfo, (st))
209 #define sk_SignerInfo_num(st) SKM_sk_num(SignerInfo, (st))
210 #define sk_SignerInfo_value(st, i) SKM_sk_value(SignerInfo, (st), (i))
211 #define sk_SignerInfo_set(st, i, val) SKM_sk_set(SignerInfo, (st), (i), (val))
212 #define sk_SignerInfo_zero(st) SKM_sk_zero(SignerInfo, (st))
213 #define sk_SignerInfo_push(st, val) SKM_sk_push(SignerInfo, (st), (val))
214 #define sk_SignerInfo_unshift(st, val) SKM_sk_unshift(SignerInfo, (st), (val))
215 #define sk_SignerInfo_find(st, val) SKM_sk_find(SignerInfo, (st), (val))
216 #define sk_SignerInfo_delete(st, i) SKM_sk_delete(SignerInfo, (st), (i))
217 #define sk_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(SignerInfo, (st), (ptr))
218 #define sk_SignerInfo_insert(st, val, i) SKM_sk_insert(SignerInfo, (st), (val), (i))
219 #define sk_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SignerInfo, (st), (cmp))
220 #define sk_SignerInfo_dup(st) SKM_sk_dup(SignerInfo, st)
221 #define sk_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(SignerInfo, (st), (free_func))
222 #define sk_SignerInfo_shift(st) SKM_sk_shift(SignerInfo, (st))
223 #define sk_SignerInfo_pop(st) SKM_sk_pop(SignerInfo, (st))
224 #define sk_SignerInfo_sort(st) SKM_sk_sort(SignerInfo, (st))
225 #define sk_SignerInfo_is_sorted(st) SKM_sk_is_sorted(SignerInfo, (st))
227 #define d2i_ASN1_SET_OF_SignerInfo(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
228 SKM_ASN1_SET_OF_d2i(SignerInfo, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
229 #define i2d_ASN1_SET_OF_SignerInfo(st, pp, i2d_func, ex_tag, ex_class, is_set) \
230 SKM_ASN1_SET_OF_i2d(SignerInfo, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
231 #define ASN1_seq_pack_SignerInfo(st, i2d_func, buf, len) \
232 SKM_ASN1_seq_pack(SignerInfo, (st), (i2d_func), (buf), (len))
233 #define ASN1_seq_unpack_SignerInfo(buf, len, d2i_func, free_func) \
234 SKM_ASN1_seq_unpack(SignerInfo, (buf), (len), (d2i_func), (free_func))
236 #define sk_RecipientInfo_new(st) SKM_sk_new(RecipientInfo, (st))
237 #define sk_RecipientInfo_new_null() SKM_sk_new_null(RecipientInfo)
238 #define sk_RecipientInfo_free(st) SKM_sk_free(RecipientInfo, (st))
239 #define sk_RecipientInfo_num(st) SKM_sk_num(RecipientInfo, (st))
240 #define sk_RecipientInfo_value(st, i) SKM_sk_value(RecipientInfo, (st), (i))
241 #define sk_RecipientInfo_set(st, i, val) SKM_sk_set(RecipientInfo, (st), (i), (val))
242 #define sk_RecipientInfo_zero(st) SKM_sk_zero(RecipientInfo, (st))
243 #define sk_RecipientInfo_push(st, val) SKM_sk_push(RecipientInfo, (st), (val))
244 #define sk_RecipientInfo_unshift(st, val) SKM_sk_unshift(RecipientInfo, (st), (val))
245 #define sk_RecipientInfo_find(st, val) SKM_sk_find(RecipientInfo, (st), (val))
246 #define sk_RecipientInfo_delete(st, i) SKM_sk_delete(RecipientInfo, (st), (i))
247 #define sk_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(RecipientInfo, (st), (ptr))
248 #define sk_RecipientInfo_insert(st, val, i) SKM_sk_insert(RecipientInfo, (st), (val), (i))
249 #define sk_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(RecipientInfo, (st), (cmp))
250 #define sk_RecipientInfo_dup(st) SKM_sk_dup(RecipientInfo, st)
251 #define sk_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(RecipientInfo, (st), (free_func))
252 #define sk_RecipientInfo_shift(st) SKM_sk_shift(RecipientInfo, (st))
253 #define sk_RecipientInfo_pop(st) SKM_sk_pop(RecipientInfo, (st))
254 #define sk_RecipientInfo_sort(st) SKM_sk_sort(RecipientInfo, (st))
255 #define sk_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(RecipientInfo, (st))
257 #define d2i_ASN1_SET_OF_RecipientInfo(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
258 SKM_ASN1_SET_OF_d2i(RecipientInfo, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
259 #define i2d_ASN1_SET_OF_RecipientInfo(st, pp, i2d_func, ex_tag, ex_class, is_set) \
260 SKM_ASN1_SET_OF_i2d(RecipientInfo, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
261 #define ASN1_seq_pack_RecipientInfo(st, i2d_func, buf, len) \
262 SKM_ASN1_seq_pack(RecipientInfo, (st), (i2d_func), (buf), (len))
263 #define ASN1_seq_unpack_RecipientInfo(buf, len, d2i_func, free_func) \
264 SKM_ASN1_seq_unpack(RecipientInfo, (buf), (len), (d2i_func), (free_func))
265 /* End of util/mkstack.pl block */
267 /* X509 Public/Private Key Pair Structure */
268 struct X509_Keypair {
269 ASN1_OCTET_STRING *keyid;
274 /* Message Digest Structure */
276 crypto_digest_t type;
281 /* Message Signature Structure */
283 SignatureData *sigData;
287 /* Encryption Session Data */
288 struct Crypto_Session {
289 CryptoData *cryptoData; /* ASN.1 Structure */
290 unsigned char *session_key; /* Private symmetric session key */
291 size_t session_key_len; /* Symmetric session key length */
294 /* Symmetric Cipher Context */
295 struct Cipher_Context {
299 /* PEM Password Dispatch Context */
300 typedef struct PEM_CB_Context {
301 CRYPTO_PEM_PASSWD_CB *pem_callback;
302 const void *pem_userdata;
306 * Extract subjectKeyIdentifier from x509 certificate.
307 * Returns: On success, an ASN1_OCTET_STRING that must be freed via M_ASN1_OCTET_STRING_free().
310 static ASN1_OCTET_STRING *openssl_cert_keyid(X509 *cert) {
312 X509V3_EXT_METHOD *method;
313 ASN1_OCTET_STRING *keyid;
315 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
316 const unsigned char *ext_value_data;
318 unsigned char *ext_value_data;
322 /* Find the index to the subjectKeyIdentifier extension */
323 i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
329 /* Grab the extension */
330 ext = X509_get_ext(cert, i);
332 /* Get x509 extension method structure */
333 if (!(method = X509V3_EXT_get(ext))) {
337 ext_value_data = ext->value->data;
339 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
343 /* Decode ASN1 item in data */
344 keyid = (ASN1_OCTET_STRING *) ASN1_item_d2i(NULL, &ext_value_data, ext->value->length,
345 ASN1_ITEM_ptr(method->it));
349 /* Decode ASN1 item in data */
350 keyid = (ASN1_OCTET_STRING *) method->d2i(NULL, &ext_value_data, ext->value->length);
354 keyid = (ASN1_OCTET_STRING *) method->d2i(NULL, &ext_value_data, ext->value->length);
361 * Create a new keypair object.
362 * Returns: A pointer to a X509 KEYPAIR object on success.
365 X509_KEYPAIR *crypto_keypair_new(void)
367 X509_KEYPAIR *keypair;
369 /* Allocate our keypair structure */
370 keypair = (X509_KEYPAIR *)malloc(sizeof(X509_KEYPAIR));
372 /* Initialize our keypair structure */
373 keypair->keyid = NULL;
374 keypair->pubkey = NULL;
375 keypair->privkey = NULL;
381 * Create a copy of a keypair object. The underlying
382 * EVP objects are not duplicated, as no EVP_PKEY_dup()
383 * API is available. Instead, the reference count is
386 X509_KEYPAIR *crypto_keypair_dup(X509_KEYPAIR *keypair)
388 X509_KEYPAIR *newpair;
390 newpair = crypto_keypair_new();
393 /* Allocation failed */
397 /* Increment the public key ref count */
398 if (keypair->pubkey) {
399 CRYPTO_add(&(keypair->pubkey->references), 1, CRYPTO_LOCK_EVP_PKEY);
400 newpair->pubkey = keypair->pubkey;
403 /* Increment the private key ref count */
404 if (keypair->privkey) {
405 CRYPTO_add(&(keypair->privkey->references), 1, CRYPTO_LOCK_EVP_PKEY);
406 newpair->privkey = keypair->privkey;
409 /* Duplicate the keyid */
410 if (keypair->keyid) {
411 newpair->keyid = M_ASN1_OCTET_STRING_dup(keypair->keyid);
412 if (!newpair->keyid) {
413 /* Allocation failed */
414 crypto_keypair_free(newpair);
424 * Load a public key from a PEM-encoded x509 certificate.
425 * Returns: true on success
428 int crypto_keypair_load_cert(X509_KEYPAIR *keypair, const char *file)
434 if (!(bio = BIO_new_file(file, "r"))) {
435 openssl_post_errors(M_ERROR, _("Unable to open certificate file"));
439 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
442 openssl_post_errors(M_ERROR, _("Unable to read certificate from file"));
446 /* Extract the public key */
447 if (!(keypair->pubkey = X509_get_pubkey(cert))) {
448 openssl_post_errors(M_ERROR, _("Unable to extract public key from certificate"));
452 /* Extract the subjectKeyIdentifier extension field */
453 if ((keypair->keyid = openssl_cert_keyid(cert)) == NULL) {
454 Jmsg0(get_jcr_from_tid(), M_ERROR, 0,
455 _("Provided certificate does not include the required subjectKeyIdentifier extension."));
459 /* Validate the public key type (only RSA is supported) */
460 if (EVP_PKEY_type(keypair->pubkey->type) != EVP_PKEY_RSA) {
461 Jmsg1(get_jcr_from_tid(), M_ERROR, 0,
462 _("Unsupported key type provided: %d\n"), EVP_PKEY_type(keypair->pubkey->type));
471 if (keypair->pubkey) {
472 EVP_PKEY_free(keypair->pubkey);
477 /* Dispatch user PEM encryption callbacks */
478 static int crypto_pem_callback_dispatch (char *buf, int size, int rwflag, void *userdata)
480 PEM_CB_CONTEXT *ctx = (PEM_CB_CONTEXT *) userdata;
481 return (ctx->pem_callback(buf, size, ctx->pem_userdata));
485 * Check a PEM-encoded file
486 * for the existence of a private key.
487 * Returns: true if a private key is found
490 bool crypto_keypair_has_key(const char *file) {
494 unsigned char *data = NULL;
498 if (!(bio = BIO_new_file(file, "r"))) {
499 openssl_post_errors(M_ERROR, _("Unable to open private key file"));
503 while (PEM_read_bio(bio, &name, &header, &data, &len)) {
504 /* We don't care what the data is, just that it's there */
505 OPENSSL_free(header);
509 * PEM Header Found, check for a private key
510 * Due to OpenSSL limitations, we must specifically
511 * list supported PEM private key encodings.
513 if (strcmp(name, PEM_STRING_RSA) == 0
514 || strcmp(name, PEM_STRING_DSA) == 0
515 || strcmp(name, PEM_STRING_PKCS8) == 0
516 || strcmp(name, PEM_STRING_PKCS8INF) == 0) {
528 /* Post PEM-decoding error messages, if any */
529 openssl_post_errors(M_ERROR, _("Unable to read private key from file"));
534 * Load a PEM-encoded private key.
535 * Returns: true on success
538 int crypto_keypair_load_key(X509_KEYPAIR *keypair, const char *file,
539 CRYPTO_PEM_PASSWD_CB *pem_callback,
540 const void *pem_userdata)
546 if (!(bio = BIO_new_file(file, "r"))) {
547 openssl_post_errors(M_ERROR, _("Unable to open private key file"));
551 /* Set up PEM encryption callback */
553 ctx.pem_callback = pem_callback;
554 ctx.pem_userdata = pem_userdata;
556 ctx.pem_callback = crypto_default_pem_callback;
557 ctx.pem_userdata = NULL;
560 keypair->privkey = PEM_read_bio_PrivateKey(bio, NULL, crypto_pem_callback_dispatch, &ctx);
562 if (!keypair->privkey) {
563 openssl_post_errors(M_ERROR, _("Unable to read private key from file"));
571 * Free memory associated with a keypair object.
573 void crypto_keypair_free(X509_KEYPAIR *keypair)
575 if (keypair->pubkey) {
576 EVP_PKEY_free(keypair->pubkey);
578 if (keypair->privkey) {
579 EVP_PKEY_free(keypair->privkey);
581 if (keypair->keyid) {
582 M_ASN1_OCTET_STRING_free(keypair->keyid);
588 * Create a new message digest context of the specified type
589 * Returns: A pointer to a DIGEST object on success.
592 DIGEST *crypto_digest_new(JCR *jcr, crypto_digest_t type)
595 const EVP_MD *md = NULL; /* Quell invalid uninitialized warnings */
597 digest = (DIGEST *)malloc(sizeof(DIGEST));
600 Dmsg1(50, "crypto_digest_new jcr=%p\n", jcr);
602 /* Initialize the OpenSSL message digest context */
603 EVP_MD_CTX_init(&digest->ctx);
605 /* Determine the correct OpenSSL message digest type */
607 case CRYPTO_DIGEST_MD5:
610 case CRYPTO_DIGEST_SHA1:
614 case CRYPTO_DIGEST_SHA256:
617 case CRYPTO_DIGEST_SHA512:
622 Jmsg1(jcr, M_ERROR, 0, _("Unsupported digest type: %d\n"), type);
626 /* Initialize the backing OpenSSL context */
627 if (EVP_DigestInit_ex(&digest->ctx, md, NULL) == 0) {
634 /* This should not happen, but never say never ... */
635 Dmsg0(50, "Digest init failed.\n");
636 openssl_post_errors(jcr, M_ERROR, _("OpenSSL digest initialization failed"));
637 crypto_digest_free(digest);
642 * Hash length bytes of data into the provided digest context.
643 * Returns: true on success
646 bool crypto_digest_update(DIGEST *digest, const uint8_t *data, uint32_t length)
648 if (EVP_DigestUpdate(&digest->ctx, data, length) == 0) {
649 Dmsg0(50, "digest update failed\n");
650 openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest update failed"));
658 * Finalize the data in digest, storing the result in dest and the result size
659 * in length. The result size can be determined with crypto_digest_size().
661 * Returns: true on success
664 bool crypto_digest_finalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
666 if (!EVP_DigestFinal(&digest->ctx, dest, (unsigned int *)length)) {
667 Dmsg0(50, "digest finalize failed\n");
668 openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest finalize failed"));
676 * Free memory associated with a digest object.
678 void crypto_digest_free(DIGEST *digest)
680 EVP_MD_CTX_cleanup(&digest->ctx);
685 * Create a new message signature context.
686 * Returns: A pointer to a SIGNATURE object on success.
689 SIGNATURE *crypto_sign_new(JCR *jcr)
693 sig = (SIGNATURE *)malloc(sizeof(SIGNATURE));
698 sig->sigData = SignatureData_new();
700 Dmsg1(50, "crypto_sign_new jcr=%p\n", jcr);
703 /* Allocation failed in OpenSSL */
708 /* Set the ASN.1 structure version number */
709 ASN1_INTEGER_set(sig->sigData->version, BACULA_ASN1_VERSION);
715 * For a given public key, find the associated SignatureInfo record
716 * and create a digest context for signature validation
718 * Returns: CRYPTO_ERROR_NONE on success, with the newly allocated DIGEST in digest.
719 * A crypto_error_t value on failure.
721 crypto_error_t crypto_sign_get_digest(SIGNATURE *sig, X509_KEYPAIR *keypair,
722 crypto_digest_t &type, DIGEST **digest)
724 STACK_OF(SignerInfo) *signers;
728 signers = sig->sigData->signerInfo;
730 for (i = 0; i < sk_SignerInfo_num(signers); i++) {
731 si = sk_SignerInfo_value(signers, i);
732 if (M_ASN1_OCTET_STRING_cmp(keypair->keyid, si->subjectKeyIdentifier) == 0) {
733 /* Get the digest algorithm and allocate a digest context */
734 Dmsg1(50, "crypto_sign_get_digest jcr=%p\n", sig->jcr);
735 switch (OBJ_obj2nid(si->digestAlgorithm)) {
737 Dmsg0(100, "sign digest algorithm is MD5\n");
738 type = CRYPTO_DIGEST_MD5;
739 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_MD5);
742 Dmsg0(100, "sign digest algorithm is SHA1\n");
743 type = CRYPTO_DIGEST_SHA1;
744 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_SHA1);
748 Dmsg0(100, "sign digest algorithm is SHA256\n");
749 type = CRYPTO_DIGEST_SHA256;
750 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_SHA256);
753 Dmsg0(100, "sign digest algorithm is SHA512\n");
754 type = CRYPTO_DIGEST_SHA512;
755 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_SHA512);
759 type = CRYPTO_DIGEST_NONE;
761 return CRYPTO_ERROR_INVALID_DIGEST;
764 /* Shouldn't happen */
765 if (*digest == NULL) {
766 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL digest_new failed"));
767 return CRYPTO_ERROR_INVALID_DIGEST;
769 return CRYPTO_ERROR_NONE;
772 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL sign get digest failed"));
777 return CRYPTO_ERROR_NOSIGNER;
781 * For a given signature, public key, and digest, verify the SIGNATURE.
782 * Returns: CRYPTO_ERROR_NONE on success.
783 * A crypto_error_t value on failure.
785 crypto_error_t crypto_sign_verify(SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest)
787 STACK_OF(SignerInfo) *signers;
791 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
792 const unsigned char *sigData;
794 unsigned char *sigData;
797 signers = sig->sigData->signerInfo;
799 /* Find the signer */
800 for (i = 0; i < sk_SignerInfo_num(signers); i++) {
801 si = sk_SignerInfo_value(signers, i);
802 if (M_ASN1_OCTET_STRING_cmp(keypair->keyid, si->subjectKeyIdentifier) == 0) {
803 /* Extract the signature data */
804 sigLen = M_ASN1_STRING_length(si->signature);
805 sigData = M_ASN1_STRING_data(si->signature);
807 ok = EVP_VerifyFinal(&digest->ctx, sigData, sigLen, keypair->pubkey);
809 return CRYPTO_ERROR_NONE;
810 } else if (ok == 0) {
811 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL digest Verify final failed"));
812 return CRYPTO_ERROR_BAD_SIGNATURE;
814 /* Shouldn't happen */
815 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL digest Verify final failed"));
816 return CRYPTO_ERROR_INTERNAL;
820 Jmsg(sig->jcr, M_ERROR, 0, _("No signers found for crypto verify.\n"));
821 /* Signer wasn't found. */
822 return CRYPTO_ERROR_NOSIGNER;
828 * Returns: true on success
831 int crypto_sign_add_signer(SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair)
833 SignerInfo *si = NULL;
834 unsigned char *buf = NULL;
837 si = SignerInfo_new();
840 /* Allocation failed in OpenSSL */
844 /* Set the ASN.1 structure version number */
845 ASN1_INTEGER_set(si->version, BACULA_ASN1_VERSION);
847 /* Set the digest algorithm identifier */
848 switch (digest->type) {
849 case CRYPTO_DIGEST_MD5:
850 si->digestAlgorithm = OBJ_nid2obj(NID_md5);
852 case CRYPTO_DIGEST_SHA1:
853 si->digestAlgorithm = OBJ_nid2obj(NID_sha1);
856 case CRYPTO_DIGEST_SHA256:
857 si->digestAlgorithm = OBJ_nid2obj(NID_sha256);
859 case CRYPTO_DIGEST_SHA512:
860 si->digestAlgorithm = OBJ_nid2obj(NID_sha512);
864 /* This should never happen */
868 /* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
869 M_ASN1_OCTET_STRING_free(si->subjectKeyIdentifier);
870 si->subjectKeyIdentifier = M_ASN1_OCTET_STRING_dup(keypair->keyid);
872 /* Set our signature algorithm. We currently require RSA */
873 assert(EVP_PKEY_type(keypair->pubkey->type) == EVP_PKEY_RSA);
874 /* This is slightly evil. Reach into the MD structure and grab the key type */
875 si->signatureAlgorithm = OBJ_nid2obj(digest->ctx.digest->pkey_type);
877 /* Finalize/Sign our Digest */
878 len = EVP_PKEY_size(keypair->privkey);
879 buf = (unsigned char *) malloc(len);
880 if (!EVP_SignFinal(&digest->ctx, buf, &len, keypair->privkey)) {
881 openssl_post_errors(M_ERROR, _("Signature creation failed"));
885 /* Add the signature to the SignerInfo structure */
886 if (!M_ASN1_OCTET_STRING_set(si->signature, buf, len)) {
887 /* Allocation failed in OpenSSL */
891 /* No longer needed */
894 /* Push the new SignerInfo structure onto the stack */
895 sk_SignerInfo_push(sig->sigData->signerInfo, si);
911 * Encodes the SignatureData structure. The length argument is used to specify the
912 * size of dest. A length of 0 will cause no data to be written to dest, and the
913 * required length to be written to length. The caller can then allocate sufficient
914 * space for the output.
916 * Returns: true on success, stores the encoded data in dest, and the size in length.
919 int crypto_sign_encode(SIGNATURE *sig, uint8_t *dest, uint32_t *length)
922 *length = i2d_SignatureData(sig->sigData, NULL);
926 *length = i2d_SignatureData(sig->sigData, (unsigned char **)&dest);
931 * Decodes the SignatureData structure. The length argument is used to specify the
934 * Returns: SIGNATURE instance on success.
939 SIGNATURE *crypto_sign_decode(JCR *jcr, const uint8_t *sigData, uint32_t length)
942 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
943 const unsigned char *p = (const unsigned char *) sigData;
945 unsigned char *p = (unsigned char *)sigData;
948 sig = (SIGNATURE *)malloc(sizeof(SIGNATURE));
954 /* d2i_SignatureData modifies the supplied pointer */
955 sig->sigData = d2i_SignatureData(NULL, &p, length);
958 /* Allocation / Decoding failed in OpenSSL */
959 openssl_post_errors(jcr, M_ERROR, _("Signature decoding failed"));
968 * Free memory associated with a signature object.
970 void crypto_sign_free(SIGNATURE *sig)
972 SignatureData_free(sig->sigData);
977 * Create a new encryption session.
978 * Returns: A pointer to a CRYPTO_SESSION object on success.
981 * Note! Bacula malloc() fails if out of memory.
983 CRYPTO_SESSION *crypto_session_new (crypto_cipher_t cipher, alist *pubkeys)
986 X509_KEYPAIR *keypair;
987 const EVP_CIPHER *ec;
991 /* Allocate our session description structures */
992 cs = (CRYPTO_SESSION *)malloc(sizeof(CRYPTO_SESSION));
994 /* Initialize required fields */
995 cs->session_key = NULL;
997 /* Allocate a CryptoData structure */
998 cs->cryptoData = CryptoData_new();
1000 if (!cs->cryptoData) {
1001 /* Allocation failed in OpenSSL */
1006 /* Set the ASN.1 structure version number */
1007 ASN1_INTEGER_set(cs->cryptoData->version, BACULA_ASN1_VERSION);
1010 * Acquire a cipher instance and set the ASN.1 cipher NID
1013 case CRYPTO_CIPHER_AES_128_CBC:
1014 /* AES 128 bit CBC */
1015 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_128_cbc);
1016 ec = EVP_aes_128_cbc();
1018 #ifndef HAVE_OPENSSL_EXPORT_LIBRARY
1019 case CRYPTO_CIPHER_AES_192_CBC:
1020 /* AES 192 bit CBC */
1021 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_192_cbc);
1022 ec = EVP_aes_192_cbc();
1024 case CRYPTO_CIPHER_AES_256_CBC:
1025 /* AES 256 bit CBC */
1026 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_256_cbc);
1027 ec = EVP_aes_256_cbc();
1030 case CRYPTO_CIPHER_BLOWFISH_CBC:
1032 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_bf_cbc);
1036 Jmsg0(get_jcr_from_tid(), M_ERROR, 0, _("Unsupported cipher type specified\n"));
1037 crypto_session_free(cs);
1041 /* Generate a symmetric session key */
1042 cs->session_key_len = EVP_CIPHER_key_length(ec);
1043 cs->session_key = (unsigned char *) malloc(cs->session_key_len);
1044 if (RAND_bytes(cs->session_key, cs->session_key_len) <= 0) {
1045 /* OpenSSL failure */
1046 crypto_session_free(cs);
1050 /* Generate an IV if possible */
1051 if ((iv_len = EVP_CIPHER_iv_length(ec))) {
1052 iv = (unsigned char *)malloc(iv_len);
1054 /* Generate random IV */
1055 if (RAND_bytes(iv, iv_len) <= 0) {
1056 /* OpenSSL failure */
1057 crypto_session_free(cs);
1062 /* Store it in our ASN.1 structure */
1063 if (!M_ASN1_OCTET_STRING_set(cs->cryptoData->iv, iv, iv_len)) {
1064 /* Allocation failed in OpenSSL */
1065 crypto_session_free(cs);
1073 * Create RecipientInfo structures for supplied
1076 foreach_alist(keypair, pubkeys) {
1078 unsigned char *ekey;
1081 ri = RecipientInfo_new();
1083 /* Allocation failed in OpenSSL */
1084 crypto_session_free(cs);
1088 /* Set the ASN.1 structure version number */
1089 ASN1_INTEGER_set(ri->version, BACULA_ASN1_VERSION);
1091 /* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
1092 M_ASN1_OCTET_STRING_free(ri->subjectKeyIdentifier);
1093 ri->subjectKeyIdentifier = M_ASN1_OCTET_STRING_dup(keypair->keyid);
1095 /* Set our key encryption algorithm. We currently require RSA */
1096 assert(keypair->pubkey && EVP_PKEY_type(keypair->pubkey->type) == EVP_PKEY_RSA);
1097 ri->keyEncryptionAlgorithm = OBJ_nid2obj(NID_rsaEncryption);
1099 /* Encrypt the session key */
1100 ekey = (unsigned char *)malloc(EVP_PKEY_size(keypair->pubkey));
1102 if ((ekey_len = EVP_PKEY_encrypt(ekey, cs->session_key, cs->session_key_len, keypair->pubkey)) <= 0) {
1103 /* OpenSSL failure */
1104 RecipientInfo_free(ri);
1105 crypto_session_free(cs);
1110 /* Store it in our ASN.1 structure */
1111 if (!M_ASN1_OCTET_STRING_set(ri->encryptedKey, ekey, ekey_len)) {
1112 /* Allocation failed in OpenSSL */
1113 RecipientInfo_free(ri);
1114 crypto_session_free(cs);
1119 /* Free the encrypted key buffer */
1122 /* Push the new RecipientInfo structure onto the stack */
1123 sk_RecipientInfo_push(cs->cryptoData->recipientInfo, ri);
1130 * Encodes the CryptoData structure. The length argument is used to specify the
1131 * size of dest. A length of 0 will cause no data to be written to dest, and the
1132 * required length to be written to length. The caller can then allocate sufficient
1133 * space for the output.
1135 * Returns: true on success, stores the encoded data in dest, and the size in length.
1138 bool crypto_session_encode(CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length)
1141 *length = i2d_CryptoData(cs->cryptoData, NULL);
1145 *length = i2d_CryptoData(cs->cryptoData, &dest);
1150 * Decodes the CryptoData structure. The length argument is
1151 * used to specify the size of data.
1153 * Returns: CRYPTO_SESSION instance on success.
1155 * Returns: CRYPTO_ERROR_NONE and a pointer to a newly allocated CRYPTO_SESSION structure in *session on success.
1156 * A crypto_error_t value on failure.
1158 crypto_error_t crypto_session_decode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session)
1161 X509_KEYPAIR *keypair;
1162 STACK_OF(RecipientInfo) *recipients;
1163 crypto_error_t retval = CRYPTO_ERROR_NONE;
1164 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
1165 const unsigned char *p = (const unsigned char *)data;
1167 unsigned char *p = (unsigned char *)data;
1170 /* bacula-fd.conf doesn't contains any key */
1172 return CRYPTO_ERROR_NORECIPIENT;
1175 cs = (CRYPTO_SESSION *)malloc(sizeof(CRYPTO_SESSION));
1177 /* Initialize required fields */
1178 cs->session_key = NULL;
1180 /* d2i_CryptoData modifies the supplied pointer */
1181 cs->cryptoData = d2i_CryptoData(NULL, &p, length);
1183 if (!cs->cryptoData) {
1184 /* Allocation / Decoding failed in OpenSSL */
1185 openssl_post_errors(M_ERROR, _("CryptoData decoding failed"));
1186 retval = CRYPTO_ERROR_INTERNAL;
1190 recipients = cs->cryptoData->recipientInfo;
1193 * Find a matching RecipientInfo structure for a supplied
1196 foreach_alist(keypair, keypairs) {
1200 /* Private key available? */
1201 if (keypair->privkey == NULL) {
1205 for (i = 0; i < sk_RecipientInfo_num(recipients); i++) {
1206 ri = sk_RecipientInfo_value(recipients, i);
1208 /* Match against the subjectKeyIdentifier */
1209 if (M_ASN1_OCTET_STRING_cmp(keypair->keyid, ri->subjectKeyIdentifier) == 0) {
1210 /* Match found, extract symmetric encryption session data */
1212 /* RSA is required. */
1213 assert(EVP_PKEY_type(keypair->privkey->type) == EVP_PKEY_RSA);
1215 /* If we recieve a RecipientInfo structure that does not use
1216 * RSA, return an error */
1217 if (OBJ_obj2nid(ri->keyEncryptionAlgorithm) != NID_rsaEncryption) {
1218 retval = CRYPTO_ERROR_INVALID_CRYPTO;
1222 /* Decrypt the session key */
1223 /* Allocate sufficient space for the largest possible decrypted data */
1224 cs->session_key = (unsigned char *)malloc(EVP_PKEY_size(keypair->privkey));
1225 cs->session_key_len = EVP_PKEY_decrypt(cs->session_key, M_ASN1_STRING_data(ri->encryptedKey),
1226 M_ASN1_STRING_length(ri->encryptedKey), keypair->privkey);
1228 if (cs->session_key_len <= 0) {
1229 openssl_post_errors(M_ERROR, _("Failure decrypting the session key"));
1230 retval = CRYPTO_ERROR_DECRYPTION;
1234 /* Session key successfully extracted, return the CRYPTO_SESSION structure */
1236 return CRYPTO_ERROR_NONE;
1241 /* No matching recipient found */
1242 return CRYPTO_ERROR_NORECIPIENT;
1245 crypto_session_free(cs);
1250 * Free memory associated with a crypto session object.
1252 void crypto_session_free(CRYPTO_SESSION *cs)
1254 if (cs->cryptoData) {
1255 CryptoData_free(cs->cryptoData);
1257 if (cs->session_key){
1258 free(cs->session_key);
1264 * Create a new crypto cipher context with the specified session object
1265 * Returns: A pointer to a CIPHER_CONTEXT object on success. The cipher block size is returned in blocksize.
1268 CIPHER_CONTEXT *crypto_cipher_new(CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize)
1270 CIPHER_CONTEXT *cipher_ctx;
1271 const EVP_CIPHER *ec;
1273 cipher_ctx = (CIPHER_CONTEXT *)malloc(sizeof(CIPHER_CONTEXT));
1276 * Acquire a cipher instance for the given ASN.1 cipher NID
1278 if ((ec = EVP_get_cipherbyobj(cs->cryptoData->contentEncryptionAlgorithm)) == NULL) {
1279 Jmsg1(get_jcr_from_tid(), M_ERROR, 0,
1280 _("Unsupported contentEncryptionAlgorithm: %d\n"), OBJ_obj2nid(cs->cryptoData->contentEncryptionAlgorithm));
1285 /* Initialize the OpenSSL cipher context */
1286 EVP_CIPHER_CTX_init(&cipher_ctx->ctx);
1288 /* Initialize for encryption */
1289 if (!EVP_CipherInit_ex(&cipher_ctx->ctx, ec, NULL, NULL, NULL, 1)) {
1290 openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
1294 /* Initialize for decryption */
1295 if (!EVP_CipherInit_ex(&cipher_ctx->ctx, ec, NULL, NULL, NULL, 0)) {
1296 openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
1301 /* Set the key size */
1302 if (!EVP_CIPHER_CTX_set_key_length(&cipher_ctx->ctx, cs->session_key_len)) {
1303 openssl_post_errors(M_ERROR, _("Encryption session provided an invalid symmetric key"));
1307 /* Validate the IV length */
1308 if (EVP_CIPHER_iv_length(ec) != M_ASN1_STRING_length(cs->cryptoData->iv)) {
1309 openssl_post_errors(M_ERROR, _("Encryption session provided an invalid IV"));
1313 /* Add the key and IV to the cipher context */
1314 if (!EVP_CipherInit_ex(&cipher_ctx->ctx, NULL, NULL, cs->session_key, M_ASN1_STRING_data(cs->cryptoData->iv), -1)) {
1315 openssl_post_errors(M_ERROR, _("OpenSSL cipher context key/IV initialization failed"));
1319 *blocksize = EVP_CIPHER_CTX_block_size(&cipher_ctx->ctx);
1323 crypto_cipher_free(cipher_ctx);
1329 * Encrypt/Decrypt length bytes of data using the provided cipher context
1330 * Returns: true on success, number of bytes output in written
1333 bool crypto_cipher_update(CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written)
1335 if (!EVP_CipherUpdate(&cipher_ctx->ctx, (unsigned char *)dest, (int *)written, (const unsigned char *)data, length)) {
1336 /* This really shouldn't fail */
1344 * Finalize the cipher context, writing any remaining data and necessary padding
1345 * to dest, and the size in written.
1346 * The result size will either be one block of data or zero.
1348 * Returns: true on success
1351 bool crypto_cipher_finalize (CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written)
1353 if (!EVP_CipherFinal_ex(&cipher_ctx->ctx, (unsigned char *)dest, (int *) written)) {
1354 /* This really shouldn't fail */
1363 * Free memory associated with a cipher context.
1365 void crypto_cipher_free (CIPHER_CONTEXT *cipher_ctx)
1367 EVP_CIPHER_CTX_cleanup(&cipher_ctx->ctx);
1373 * Perform global initialization of OpenSSL
1374 * This function is not thread safe.
1375 * Returns: 0 on success
1378 int init_crypto (void)
1382 if ((stat = openssl_init_threads()) != 0) {
1384 Jmsg1(get_jcr_from_tid(), M_ABORT, 0,
1385 _("Unable to init OpenSSL threading: ERR=%s\n"), be.bstrerror(stat));
1388 /* Load libssl and libcrypto human-readable error strings */
1389 SSL_load_error_strings();
1391 /* Initialize OpenSSL SSL library */
1394 /* Register OpenSSL ciphers and digests */
1395 OpenSSL_add_all_algorithms();
1397 if (!openssl_seed_prng()) {
1398 Jmsg0(get_jcr_from_tid(), M_ERROR_TERM, 0, _("Failed to seed OpenSSL PRNG\n"));
1401 crypto_initialized = true;
1407 * Perform global cleanup of OpenSSL
1408 * All cryptographic operations must be completed before calling this function.
1409 * This function is not thread safe.
1410 * Returns: 0 on success
1413 int cleanup_crypto (void)
1416 * Ensure that we've actually been initialized; Doing this here decreases the
1417 * complexity of client's termination/cleanup code.
1419 if (!crypto_initialized) {
1423 if (!openssl_save_prng()) {
1424 Jmsg0(get_jcr_from_tid(), M_ERROR, 0, _("Failed to save OpenSSL PRNG\n"));
1427 openssl_cleanup_threads();
1429 /* Free libssl and libcrypto error strings */
1432 /* Free all ciphers and digests */
1435 /* Free memory used by PRNG */
1438 crypto_initialized = false;
1444 #else /* HAVE_OPENSSL */
1445 # error No encryption library available
1446 #endif /* HAVE_OPENSSL */
1448 #else /* HAVE_CRYPTO */
1451 * Cryptography Support Disabled
1454 /* Message Digest Structure */
1456 crypto_digest_t type;
1464 /* Dummy Signature Structure */
1469 DIGEST *crypto_digest_new(JCR *jcr, crypto_digest_t type)
1473 digest = (DIGEST *)malloc(sizeof(DIGEST));
1474 digest->type = type;
1478 case CRYPTO_DIGEST_MD5:
1479 MD5Init(&digest->md5);
1481 case CRYPTO_DIGEST_SHA1:
1482 SHA1Init(&digest->sha1);
1485 Jmsg1(jcr, M_ERROR, 0, _("Unsupported digest type=%d specified\n"), type);
1493 bool crypto_digest_update(DIGEST *digest, const uint8_t *data, uint32_t length)
1495 switch (digest->type) {
1496 case CRYPTO_DIGEST_MD5:
1497 /* Doesn't return anything ... */
1498 MD5Update(&digest->md5, (unsigned char *) data, length);
1500 case CRYPTO_DIGEST_SHA1:
1502 if ((ret = SHA1Update(&digest->sha1, (const u_int8_t *) data, length)) == shaSuccess) {
1505 Jmsg1(get_jcr_from_tid(), M_ERROR, 0, _("SHA1Update() returned an error: %d\n"), ret);
1514 bool crypto_digest_finalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
1516 switch (digest->type) {
1517 case CRYPTO_DIGEST_MD5:
1518 /* Guard against programmer error by either the API client or
1519 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
1520 assert(*length >= CRYPTO_DIGEST_MD5_SIZE);
1521 *length = CRYPTO_DIGEST_MD5_SIZE;
1522 /* Doesn't return anything ... */
1523 MD5Final((unsigned char *)dest, &digest->md5);
1525 case CRYPTO_DIGEST_SHA1:
1526 /* Guard against programmer error by either the API client or
1527 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
1528 assert(*length >= CRYPTO_DIGEST_SHA1_SIZE);
1529 *length = CRYPTO_DIGEST_SHA1_SIZE;
1530 if (SHA1Final(&digest->sha1, (u_int8_t *) dest) == shaSuccess) {
1543 void crypto_digest_free(DIGEST *digest)
1548 /* Dummy routines */
1549 int init_crypto (void) { return 0; }
1550 int cleanup_crypto (void) { return 0; }
1552 SIGNATURE *crypto_sign_new(JCR *jcr) { return NULL; }
1554 crypto_error_t crypto_sign_get_digest (SIGNATURE *sig, X509_KEYPAIR *keypair,
1555 crypto_digest_t &type, DIGEST **digest)
1556 { return CRYPTO_ERROR_INTERNAL; }
1558 crypto_error_t crypto_sign_verify (SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest) { return CRYPTO_ERROR_INTERNAL; }
1560 int crypto_sign_add_signer (SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair) { return false; }
1561 int crypto_sign_encode (SIGNATURE *sig, uint8_t *dest, uint32_t *length) { return false; }
1563 SIGNATURE *crypto_sign_decode (JCR *jcr, const uint8_t *sigData, uint32_t length) { return NULL; }
1564 void crypto_sign_free (SIGNATURE *sig) { }
1567 X509_KEYPAIR *crypto_keypair_new(void) { return NULL; }
1568 X509_KEYPAIR *crypto_keypair_dup (X509_KEYPAIR *keypair) { return NULL; }
1569 int crypto_keypair_load_cert (X509_KEYPAIR *keypair, const char *file) { return false; }
1570 bool crypto_keypair_has_key (const char *file) { return false; }
1571 int crypto_keypair_load_key (X509_KEYPAIR *keypair, const char *file, CRYPTO_PEM_PASSWD_CB *pem_callback, const void *pem_userdata) { return false; }
1572 void crypto_keypair_free (X509_KEYPAIR *keypair) { }
1574 CRYPTO_SESSION *crypto_session_new (crypto_cipher_t cipher, alist *pubkeys) { return NULL; }
1575 void crypto_session_free (CRYPTO_SESSION *cs) { }
1576 bool crypto_session_encode (CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length) { return false; }
1577 crypto_error_t crypto_session_decode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session) { return CRYPTO_ERROR_INTERNAL; }
1579 CIPHER_CONTEXT *crypto_cipher_new (CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize) { return NULL; }
1580 bool crypto_cipher_update (CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written) { return false; }
1581 bool crypto_cipher_finalize (CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written) { return false; }
1582 void crypto_cipher_free (CIPHER_CONTEXT *cipher_ctx) { }
1584 #endif /* HAVE_CRYPTO */
1589 * Default PEM encryption passphrase callback.
1590 * Returns an empty password.
1592 int crypto_default_pem_callback(char *buf, int size, const void *userdata)
1594 bstrncpy(buf, "", size);
1595 return (strlen(buf));
1599 * Returns the ASCII name of the digest type.
1600 * Returns: ASCII name of digest type.
1602 const char *crypto_digest_name(DIGEST *digest)
1604 switch (digest->type) {
1605 case CRYPTO_DIGEST_MD5:
1607 case CRYPTO_DIGEST_SHA1:
1609 case CRYPTO_DIGEST_SHA256:
1611 case CRYPTO_DIGEST_SHA512:
1613 case CRYPTO_DIGEST_NONE:
1616 return "Invalid Digest Type";
1622 * Given a stream type, returns the associated
1623 * crypto_digest_t value.
1625 crypto_digest_t crypto_digest_stream_type(int stream)
1628 case STREAM_MD5_DIGEST:
1629 return CRYPTO_DIGEST_MD5;
1630 case STREAM_SHA1_DIGEST:
1631 return CRYPTO_DIGEST_SHA1;
1632 case STREAM_SHA256_DIGEST:
1633 return CRYPTO_DIGEST_SHA256;
1634 case STREAM_SHA512_DIGEST:
1635 return CRYPTO_DIGEST_SHA512;
1637 return CRYPTO_DIGEST_NONE;
1642 * * Given a crypto_error_t value, return the associated
1645 const char *crypto_strerror(crypto_error_t error) {
1647 case CRYPTO_ERROR_NONE:
1648 return _("No error");
1649 case CRYPTO_ERROR_NOSIGNER:
1650 return _("Signer not found");
1651 case CRYPTO_ERROR_NORECIPIENT:
1652 return _("Recipient not found");
1653 case CRYPTO_ERROR_INVALID_DIGEST:
1654 return _("Unsupported digest algorithm");
1655 case CRYPTO_ERROR_INVALID_CRYPTO:
1656 return _("Unsupported encryption algorithm");
1657 case CRYPTO_ERROR_BAD_SIGNATURE:
1658 return _("Signature is invalid");
1659 case CRYPTO_ERROR_DECRYPTION:
1660 return _("Decryption error");
1661 case CRYPTO_ERROR_INTERNAL:
1662 /* This shouldn't happen */
1663 return _("Internal error");
1665 return _("Unknown error");