2 * crypto.c Encryption support functions
4 * Author: Landon Fuller <landonf@opendarwin.org>
8 * This file was contributed to the Bacula project by Landon Fuller.
10 * Landon Fuller has been granted a perpetual, worldwide, non-exclusive,
11 * no-charge, royalty-free, irrevocable copyright license to reproduce,
12 * prepare derivative works of, publicly display, publicly perform,
13 * sublicense, and distribute the original work contributed by Landon Fuller
14 * to the Bacula project in source or object form.
16 * If you wish to license these contributions under an alternate open source
17 * license please contact Landon Fuller <landonf@opendarwin.org>.
20 Bacula® - The Network Backup Solution
22 Copyright (C) 2005-2006 Free Software Foundation Europe e.V.
24 The main author of Bacula is Kern Sibbald, with contributions from
25 many others, a complete list can be found in the file AUTHORS.
26 This program is Free Software; you can redistribute it and/or
27 modify it under the terms of version two of the GNU General Public
28 License as published by the Free Software Foundation plus additions
29 that are listed in the file LICENSE.
31 This program is distributed in the hope that it will be useful, but
32 WITHOUT ANY WARRANTY; without even the implied warranty of
33 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
34 General Public License for more details.
36 You should have received a copy of the GNU General Public License
37 along with this program; if not, write to the Free Software
38 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
41 Bacula® is a registered trademark of John Walker.
42 The licensor of Bacula is the Free Software Foundation Europe
43 (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
44 Switzerland, email:ftf@fsfeurope.org.
55 * Prefix: iso.org.dod.internet.private.enterprise.threerings.external.bacula (1.3.6.1.4.1.22054.500.2)
56 * Organization: Bacula Project
57 * Contact Name: Kern Sibbald
58 * Contact E-mail: kern@sibbald.com
60 * Top Level Allocations - 500.2
61 * 1 - Published Allocations
62 * 1.1 - Bacula Encryption
64 * Bacula Encryption - 500.2.1.1
67 * 2 - ASN.1 Object Identifiers
73 * BaculaCrypto { iso(1) identified-organization(3) usdod(6)
74 * internet(1) private(4) enterprises(1) three-rings(22054)
75 * external(500) bacula(2) published(1) bacula-encryption(1)
76 * asn1-modules(1) bacula-crypto(1) }
78 * DEFINITIONS AUTOMATIC TAGS ::=
81 * SignatureData ::= SEQUENCE {
82 * version Version DEFAULT v0,
83 * signerInfo SignerInfo }
85 * CryptoData ::= SEQUENCE {
86 * version Version DEFAULT v0,
87 * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
88 * iv InitializationVector,
89 * recipientInfo RecipientInfo
92 * SignerInfo ::= SET OF SignerInfo
93 * RecipientInfo ::= SET OF RecipientInfo
95 * Version ::= INTEGER { v0(0) }
97 * SignerInfo ::= SEQUENCE {
99 * subjectKeyIdentifier SubjectKeyIdentifier,
100 * digestAlgorithm DigestAlgorithmIdentifier,
101 * signatureAlgorithm SignatureAlgorithmIdentifier,
102 * signature SignatureValue }
104 * RecipientInfo ::= SEQUENCE {
106 * subjectKeyIdentifier SubjectKeyIdentifier
107 * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier
108 * encryptedKey EncryptedKey
111 * SubjectKeyIdentifier ::= OCTET STRING
113 * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
115 * SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
117 * KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
119 * ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
121 * InitializationVector ::= OCTET STRING
123 * SignatureValue ::= OCTET STRING
125 * EncryptedKey ::= OCTET STRING
127 * AlgorithmIdentifier ::= OBJECT IDENTIFIER
132 #ifdef HAVE_CRYPTO /* Is encryption enabled? */
133 #ifdef HAVE_OPENSSL /* How about OpenSSL? */
135 /* Are we initialized? */
136 static int crypto_initialized = false;
138 /* ASN.1 Declarations */
139 #define BACULA_ASN1_VERSION 0
142 ASN1_INTEGER *version;
143 ASN1_OCTET_STRING *subjectKeyIdentifier;
144 ASN1_OBJECT *digestAlgorithm;
145 ASN1_OBJECT *signatureAlgorithm;
146 ASN1_OCTET_STRING *signature;
150 ASN1_INTEGER *version;
151 ASN1_OCTET_STRING *subjectKeyIdentifier;
152 ASN1_OBJECT *keyEncryptionAlgorithm;
153 ASN1_OCTET_STRING *encryptedKey;
156 ASN1_SEQUENCE(SignerInfo) = {
157 ASN1_SIMPLE(SignerInfo, version, ASN1_INTEGER),
158 ASN1_SIMPLE(SignerInfo, subjectKeyIdentifier, ASN1_OCTET_STRING),
159 ASN1_SIMPLE(SignerInfo, digestAlgorithm, ASN1_OBJECT),
160 ASN1_SIMPLE(SignerInfo, signatureAlgorithm, ASN1_OBJECT),
161 ASN1_SIMPLE(SignerInfo, signature, ASN1_OCTET_STRING)
162 } ASN1_SEQUENCE_END(SignerInfo);
164 ASN1_SEQUENCE(RecipientInfo) = {
165 ASN1_SIMPLE(RecipientInfo, version, ASN1_INTEGER),
166 ASN1_SIMPLE(RecipientInfo, subjectKeyIdentifier, ASN1_OCTET_STRING),
167 ASN1_SIMPLE(RecipientInfo, keyEncryptionAlgorithm, ASN1_OBJECT),
168 ASN1_SIMPLE(RecipientInfo, encryptedKey, ASN1_OCTET_STRING),
169 } ASN1_SEQUENCE_END(RecipientInfo);
172 ASN1_INTEGER *version;
173 STACK_OF(SignerInfo) *signerInfo;
177 ASN1_INTEGER *version;
178 ASN1_OBJECT *contentEncryptionAlgorithm;
179 ASN1_OCTET_STRING *iv;
180 STACK_OF(RecipientInfo) *recipientInfo;
183 ASN1_SEQUENCE(SignatureData) = {
184 ASN1_SIMPLE(SignatureData, version, ASN1_INTEGER),
185 ASN1_SET_OF(SignatureData, signerInfo, SignerInfo),
186 } ASN1_SEQUENCE_END(SignatureData);
188 ASN1_SEQUENCE(CryptoData) = {
189 ASN1_SIMPLE(CryptoData, version, ASN1_INTEGER),
190 ASN1_SIMPLE(CryptoData, contentEncryptionAlgorithm, ASN1_OBJECT),
191 ASN1_SIMPLE(CryptoData, iv, ASN1_OCTET_STRING),
192 ASN1_SET_OF(CryptoData, recipientInfo, RecipientInfo)
193 } ASN1_SEQUENCE_END(CryptoData);
195 IMPLEMENT_ASN1_FUNCTIONS(SignerInfo)
196 IMPLEMENT_ASN1_FUNCTIONS(RecipientInfo)
197 IMPLEMENT_ASN1_FUNCTIONS(SignatureData)
198 IMPLEMENT_ASN1_FUNCTIONS(CryptoData)
199 IMPLEMENT_STACK_OF(SignerInfo)
200 IMPLEMENT_STACK_OF(RecipientInfo)
203 * SignerInfo and RecipientInfo stack macros, generated by OpenSSL's util/mkstack.pl.
205 #define sk_SignerInfo_new(st) SKM_sk_new(SignerInfo, (st))
206 #define sk_SignerInfo_new_null() SKM_sk_new_null(SignerInfo)
207 #define sk_SignerInfo_free(st) SKM_sk_free(SignerInfo, (st))
208 #define sk_SignerInfo_num(st) SKM_sk_num(SignerInfo, (st))
209 #define sk_SignerInfo_value(st, i) SKM_sk_value(SignerInfo, (st), (i))
210 #define sk_SignerInfo_set(st, i, val) SKM_sk_set(SignerInfo, (st), (i), (val))
211 #define sk_SignerInfo_zero(st) SKM_sk_zero(SignerInfo, (st))
212 #define sk_SignerInfo_push(st, val) SKM_sk_push(SignerInfo, (st), (val))
213 #define sk_SignerInfo_unshift(st, val) SKM_sk_unshift(SignerInfo, (st), (val))
214 #define sk_SignerInfo_find(st, val) SKM_sk_find(SignerInfo, (st), (val))
215 #define sk_SignerInfo_delete(st, i) SKM_sk_delete(SignerInfo, (st), (i))
216 #define sk_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(SignerInfo, (st), (ptr))
217 #define sk_SignerInfo_insert(st, val, i) SKM_sk_insert(SignerInfo, (st), (val), (i))
218 #define sk_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SignerInfo, (st), (cmp))
219 #define sk_SignerInfo_dup(st) SKM_sk_dup(SignerInfo, st)
220 #define sk_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(SignerInfo, (st), (free_func))
221 #define sk_SignerInfo_shift(st) SKM_sk_shift(SignerInfo, (st))
222 #define sk_SignerInfo_pop(st) SKM_sk_pop(SignerInfo, (st))
223 #define sk_SignerInfo_sort(st) SKM_sk_sort(SignerInfo, (st))
224 #define sk_SignerInfo_is_sorted(st) SKM_sk_is_sorted(SignerInfo, (st))
226 #define d2i_ASN1_SET_OF_SignerInfo(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
227 SKM_ASN1_SET_OF_d2i(SignerInfo, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
228 #define i2d_ASN1_SET_OF_SignerInfo(st, pp, i2d_func, ex_tag, ex_class, is_set) \
229 SKM_ASN1_SET_OF_i2d(SignerInfo, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
230 #define ASN1_seq_pack_SignerInfo(st, i2d_func, buf, len) \
231 SKM_ASN1_seq_pack(SignerInfo, (st), (i2d_func), (buf), (len))
232 #define ASN1_seq_unpack_SignerInfo(buf, len, d2i_func, free_func) \
233 SKM_ASN1_seq_unpack(SignerInfo, (buf), (len), (d2i_func), (free_func))
235 #define sk_RecipientInfo_new(st) SKM_sk_new(RecipientInfo, (st))
236 #define sk_RecipientInfo_new_null() SKM_sk_new_null(RecipientInfo)
237 #define sk_RecipientInfo_free(st) SKM_sk_free(RecipientInfo, (st))
238 #define sk_RecipientInfo_num(st) SKM_sk_num(RecipientInfo, (st))
239 #define sk_RecipientInfo_value(st, i) SKM_sk_value(RecipientInfo, (st), (i))
240 #define sk_RecipientInfo_set(st, i, val) SKM_sk_set(RecipientInfo, (st), (i), (val))
241 #define sk_RecipientInfo_zero(st) SKM_sk_zero(RecipientInfo, (st))
242 #define sk_RecipientInfo_push(st, val) SKM_sk_push(RecipientInfo, (st), (val))
243 #define sk_RecipientInfo_unshift(st, val) SKM_sk_unshift(RecipientInfo, (st), (val))
244 #define sk_RecipientInfo_find(st, val) SKM_sk_find(RecipientInfo, (st), (val))
245 #define sk_RecipientInfo_delete(st, i) SKM_sk_delete(RecipientInfo, (st), (i))
246 #define sk_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(RecipientInfo, (st), (ptr))
247 #define sk_RecipientInfo_insert(st, val, i) SKM_sk_insert(RecipientInfo, (st), (val), (i))
248 #define sk_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(RecipientInfo, (st), (cmp))
249 #define sk_RecipientInfo_dup(st) SKM_sk_dup(RecipientInfo, st)
250 #define sk_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(RecipientInfo, (st), (free_func))
251 #define sk_RecipientInfo_shift(st) SKM_sk_shift(RecipientInfo, (st))
252 #define sk_RecipientInfo_pop(st) SKM_sk_pop(RecipientInfo, (st))
253 #define sk_RecipientInfo_sort(st) SKM_sk_sort(RecipientInfo, (st))
254 #define sk_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(RecipientInfo, (st))
256 #define d2i_ASN1_SET_OF_RecipientInfo(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
257 SKM_ASN1_SET_OF_d2i(RecipientInfo, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
258 #define i2d_ASN1_SET_OF_RecipientInfo(st, pp, i2d_func, ex_tag, ex_class, is_set) \
259 SKM_ASN1_SET_OF_i2d(RecipientInfo, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
260 #define ASN1_seq_pack_RecipientInfo(st, i2d_func, buf, len) \
261 SKM_ASN1_seq_pack(RecipientInfo, (st), (i2d_func), (buf), (len))
262 #define ASN1_seq_unpack_RecipientInfo(buf, len, d2i_func, free_func) \
263 SKM_ASN1_seq_unpack(RecipientInfo, (buf), (len), (d2i_func), (free_func))
264 /* End of util/mkstack.pl block */
266 /* X509 Public/Private Key Pair Structure */
267 struct X509_Keypair {
268 ASN1_OCTET_STRING *keyid;
273 /* Message Digest Structure */
275 crypto_digest_t type;
279 /* Message Signature Structure */
281 SignatureData *sigData;
284 /* Encryption Session Data */
285 struct Crypto_Session {
286 CryptoData *cryptoData; /* ASN.1 Structure */
287 unsigned char *session_key; /* Private symmetric session key */
288 size_t session_key_len; /* Symmetric session key length */
291 /* Symmetric Cipher Context */
292 struct Cipher_Context {
296 /* PEM Password Dispatch Context */
297 typedef struct PEM_CB_Context {
298 CRYPTO_PEM_PASSWD_CB *pem_callback;
299 const void *pem_userdata;
303 * Extract subjectKeyIdentifier from x509 certificate.
304 * Returns: On success, an ASN1_OCTET_STRING that must be freed via M_ASN1_OCTET_STRING_free().
307 static ASN1_OCTET_STRING *openssl_cert_keyid(X509 *cert){
309 X509V3_EXT_METHOD *method;
310 ASN1_OCTET_STRING *keyid;
312 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
313 const unsigned char *ext_value_data;
315 unsigned char *ext_value_data;
319 /* Find the index to the subjectKeyIdentifier extension */
320 i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
326 /* Grab the extension */
327 ext = X509_get_ext(cert, i);
329 /* Get x509 extension method structure */
330 if (!(method = X509V3_EXT_get(ext))) {
334 ext_value_data = ext->value->data;
336 #if (OPENSSL_VERSION_NUMBER > 0x00907000L)
340 /* Decode ASN1 item in data */
341 keyid = (ASN1_OCTET_STRING *) ASN1_item_d2i(NULL, &ext_value_data, ext->value->length,
342 ASN1_ITEM_ptr(method->it));
346 /* Decode ASN1 item in data */
347 keyid = (ASN1_OCTET_STRING *) method->d2i(NULL, &ext_value_data, ext->value->length);
351 keyid = (ASN1_OCTET_STRING *) method->d2i(NULL, &ext_value_data, ext->value->length);
358 * Create a new keypair object.
359 * Returns: A pointer to a X509 KEYPAIR object on success.
362 X509_KEYPAIR *crypto_keypair_new (void) {
363 X509_KEYPAIR *keypair;
365 /* Allocate our keypair structure */
366 keypair = (X509_KEYPAIR *) malloc(sizeof(X509_KEYPAIR));
371 /* Initialize our keypair structure */
372 keypair->keyid = NULL;
373 keypair->pubkey = NULL;
374 keypair->privkey = NULL;
380 * Create a copy of a keypair object. The underlying
381 * EVP objects are not duplicated, as no EVP_PKEY_dup()
382 * API is available. Instead, the reference count is
385 X509_KEYPAIR *crypto_keypair_dup (X509_KEYPAIR *keypair)
387 X509_KEYPAIR *newpair;
389 newpair = crypto_keypair_new();
392 /* Allocation failed */
396 /* Increment the public key ref count */
397 if (keypair->pubkey) {
398 CRYPTO_add(&(keypair->pubkey->references), 1, CRYPTO_LOCK_EVP_PKEY);
399 newpair->pubkey = keypair->pubkey;
402 /* Increment the private key ref count */
403 if (keypair->privkey) {
404 CRYPTO_add(&(keypair->privkey->references), 1, CRYPTO_LOCK_EVP_PKEY);
405 newpair->privkey = keypair->privkey;
408 /* Duplicate the keyid */
409 if (keypair->keyid) {
410 newpair->keyid = M_ASN1_OCTET_STRING_dup(keypair->keyid);
411 if (!newpair->keyid) {
412 /* Allocation failed */
413 crypto_keypair_free(newpair);
423 * Load a public key from a PEM-encoded x509 certificate.
424 * Returns: true on success
427 int crypto_keypair_load_cert (X509_KEYPAIR *keypair, const char *file)
433 if (!(bio = BIO_new_file(file, "r"))) {
434 openssl_post_errors(M_ERROR, _("Unable to open certificate file"));
438 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
441 openssl_post_errors(M_ERROR, _("Unable to read certificate from file"));
445 /* Extract the public key */
446 if (!(keypair->pubkey = X509_get_pubkey(cert))) {
447 openssl_post_errors(M_ERROR, _("Unable to extract public key from certificate"));
451 /* Extract the subjectKeyIdentifier extension field */
452 if ((keypair->keyid = openssl_cert_keyid(cert)) == NULL) {
453 Emsg0(M_ERROR, 0, _("Provided certificate does not include the required subjectKeyIdentifier extension."));
457 /* Validate the public key type (only RSA is supported) */
458 if (EVP_PKEY_type(keypair->pubkey->type) != EVP_PKEY_RSA) {
459 Emsg1(M_ERROR, 0, _("Unsupported key type provided: %d\n"), EVP_PKEY_type(keypair->pubkey->type));
468 if (keypair->pubkey) {
469 EVP_PKEY_free(keypair->pubkey);
474 /* Dispatch user PEM encryption callbacks */
475 static int crypto_pem_callback_dispatch (char *buf, int size, int rwflag, void *userdata)
477 PEM_CB_CONTEXT *ctx = (PEM_CB_CONTEXT *) userdata;
478 return (ctx->pem_callback(buf, size, ctx->pem_userdata));
482 * Check a PEM-encoded file
483 * for the existence of a private key.
484 * Returns: true if a private key is found
487 bool crypto_keypair_has_key (const char *file) {
491 unsigned char *data = NULL;
495 if (!(bio = BIO_new_file(file, "r"))) {
496 openssl_post_errors(M_ERROR, _("Unable to open private key file"));
500 while (PEM_read_bio(bio, &name, &header, &data, &len)) {
501 /* We don't care what the data is, just that it's there */
502 OPENSSL_free(header);
506 * PEM Header Found, check for a private key
507 * Due to OpenSSL limitations, we must specifically
508 * list supported PEM private key encodings.
510 if (strcmp(name, PEM_STRING_RSA) == 0
511 || strcmp(name, PEM_STRING_DSA) == 0
512 || strcmp(name, PEM_STRING_PKCS8) == 0
513 || strcmp(name, PEM_STRING_PKCS8INF) == 0) {
525 /* Post PEM-decoding error messages, if any */
526 openssl_post_errors(M_ERROR, _("Unable to read private key from file"));
531 * Load a PEM-encoded private key.
532 * Returns: true on success
535 int crypto_keypair_load_key (X509_KEYPAIR *keypair, const char *file,
536 CRYPTO_PEM_PASSWD_CB *pem_callback,
537 const void *pem_userdata)
543 if (!(bio = BIO_new_file(file, "r"))) {
544 openssl_post_errors(M_ERROR, _("Unable to open private key file"));
548 /* Set up PEM encryption callback */
550 ctx.pem_callback = pem_callback;
551 ctx.pem_userdata = pem_userdata;
553 ctx.pem_callback = crypto_default_pem_callback;
554 ctx.pem_userdata = NULL;
557 keypair->privkey = PEM_read_bio_PrivateKey(bio, NULL, crypto_pem_callback_dispatch, &ctx);
559 if (!keypair->privkey) {
560 openssl_post_errors(M_ERROR, _("Unable to read private key from file"));
568 * Free memory associated with a keypair object.
570 void crypto_keypair_free (X509_KEYPAIR *keypair)
572 if (keypair->pubkey) {
573 EVP_PKEY_free(keypair->pubkey);
575 if (keypair->privkey) {
576 EVP_PKEY_free(keypair->privkey);
578 if (keypair->keyid) {
579 M_ASN1_OCTET_STRING_free(keypair->keyid);
585 * Create a new message digest context of the specified type
586 * Returns: A pointer to a DIGEST object on success.
589 DIGEST *crypto_digest_new (crypto_digest_t type)
592 const EVP_MD *md = NULL; /* Quell invalid uninitialized warnings */
594 digest = (DIGEST *)malloc(sizeof(DIGEST));
597 /* Initialize the OpenSSL message digest context */
598 EVP_MD_CTX_init(&digest->ctx);
600 /* Determine the correct OpenSSL message digest type */
602 case CRYPTO_DIGEST_MD5:
605 case CRYPTO_DIGEST_SHA1:
609 case CRYPTO_DIGEST_SHA256:
612 case CRYPTO_DIGEST_SHA512:
617 Emsg1(M_ERROR, 0, _("Unsupported digest type: %d\n"), type);
621 /* Initialize the backing OpenSSL context */
622 if (EVP_DigestInit_ex(&digest->ctx, md, NULL) == 0) {
629 /* This should not happen, but never say never ... */
630 openssl_post_errors(M_ERROR, _("OpenSSL digest initialization failed"));
631 crypto_digest_free(digest);
636 * Hash length bytes of data into the provided digest context.
637 * Returns: true on success
640 bool crypto_digest_update(DIGEST *digest, const uint8_t *data, uint32_t length)
642 if (EVP_DigestUpdate(&digest->ctx, data, length) == 0) {
650 * Finalize the data in digest, storing the result in dest and the result size
651 * in length. The result size can be determined with crypto_digest_size().
653 * Returns: true on success
656 bool crypto_digest_finalize (DIGEST *digest, uint8_t *dest, uint32_t *length)
658 if (!EVP_DigestFinal(&digest->ctx, dest, (unsigned int *)length)) {
666 * Free memory associated with a digest object.
668 void crypto_digest_free (DIGEST *digest)
670 EVP_MD_CTX_cleanup(&digest->ctx);
675 * Create a new message signature context.
676 * Returns: A pointer to a SIGNATURE object on success.
679 SIGNATURE *crypto_sign_new (void)
683 sig = (SIGNATURE *) malloc(sizeof(SIGNATURE));
688 sig->sigData = SignatureData_new();
691 /* Allocation failed in OpenSSL */
696 /* Set the ASN.1 structure version number */
697 ASN1_INTEGER_set(sig->sigData->version, BACULA_ASN1_VERSION);
703 * For a given public key, find the associated SignatureInfo record
704 * and create a digest context for signature validation
705 * Returns: CRYPTO_ERROR_NONE on success, with the newly allocated DIGEST in digest.
706 * A crypto_error_t value on failure.
708 crypto_error_t crypto_sign_get_digest(SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST **digest)
710 STACK_OF(SignerInfo) *signers;
714 signers = sig->sigData->signerInfo;
716 for (i = 0; i < sk_SignerInfo_num(signers); i++) {
717 si = sk_SignerInfo_value(signers, i);
718 if (M_ASN1_OCTET_STRING_cmp(keypair->keyid, si->subjectKeyIdentifier) == 0) {
719 /* Get the digest algorithm and allocate a digest context */
720 switch (OBJ_obj2nid(si->digestAlgorithm)) {
722 *digest = crypto_digest_new(CRYPTO_DIGEST_MD5);
725 *digest = crypto_digest_new(CRYPTO_DIGEST_SHA1);
729 *digest = crypto_digest_new(CRYPTO_DIGEST_SHA256);
732 *digest = crypto_digest_new(CRYPTO_DIGEST_SHA512);
737 return CRYPTO_ERROR_INVALID_DIGEST;
740 /* Shouldn't happen */
741 if (*digest == NULL) {
742 return CRYPTO_ERROR_INVALID_DIGEST;
744 return CRYPTO_ERROR_NONE;
749 return CRYPTO_ERROR_NOSIGNER;
753 * For a given signature, public key, and digest, verify the SIGNATURE.
754 * Returns: CRYPTO_ERROR_NONE on success.
755 * A crypto_error_t value on failure.
757 crypto_error_t crypto_sign_verify(SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest)
759 STACK_OF(SignerInfo) *signers;
763 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
764 const unsigned char *sigData;
766 unsigned char *sigData;
769 signers = sig->sigData->signerInfo;
771 /* Find the signer */
772 for (i = 0; i < sk_SignerInfo_num(signers); i++) {
773 si = sk_SignerInfo_value(signers, i);
774 if (M_ASN1_OCTET_STRING_cmp(keypair->keyid, si->subjectKeyIdentifier) == 0) {
775 /* Extract the signature data */
776 sigLen = M_ASN1_STRING_length(si->signature);
777 sigData = M_ASN1_STRING_data(si->signature);
779 ok = EVP_VerifyFinal(&digest->ctx, sigData, sigLen, keypair->pubkey);
781 return CRYPTO_ERROR_NONE;
782 } else if (ok == 0) {
783 return CRYPTO_ERROR_BAD_SIGNATURE;
785 /* Shouldn't happen */
786 openssl_post_errors(M_ERROR, _("OpenSSL error occured"));
787 return CRYPTO_ERROR_INTERNAL;
792 /* Signer wasn't found. */
793 return CRYPTO_ERROR_NOSIGNER;
799 * Returns: true on success
802 int crypto_sign_add_signer(SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair)
804 SignerInfo *si = NULL;
805 unsigned char *buf = NULL;
808 si = SignerInfo_new();
811 /* Allocation failed in OpenSSL */
815 /* Set the ASN.1 structure version number */
816 ASN1_INTEGER_set(si->version, BACULA_ASN1_VERSION);
818 /* Set the digest algorithm identifier */
819 switch (digest->type) {
820 case CRYPTO_DIGEST_MD5:
821 si->digestAlgorithm = OBJ_nid2obj(NID_md5);
823 case CRYPTO_DIGEST_SHA1:
824 si->digestAlgorithm = OBJ_nid2obj(NID_sha1);
827 case CRYPTO_DIGEST_SHA256:
828 si->digestAlgorithm = OBJ_nid2obj(NID_sha256);
830 case CRYPTO_DIGEST_SHA512:
831 si->digestAlgorithm = OBJ_nid2obj(NID_sha512);
835 /* This should never happen */
839 /* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
840 M_ASN1_OCTET_STRING_free(si->subjectKeyIdentifier);
841 si->subjectKeyIdentifier = M_ASN1_OCTET_STRING_dup(keypair->keyid);
843 /* Set our signature algorithm. We currently require RSA */
844 assert(EVP_PKEY_type(keypair->pubkey->type) == EVP_PKEY_RSA);
845 /* This is slightly evil. Reach into the MD structure and grab the key type */
846 si->signatureAlgorithm = OBJ_nid2obj(digest->ctx.digest->pkey_type);
848 /* Finalize/Sign our Digest */
849 len = EVP_PKEY_size(keypair->privkey);
850 buf = (unsigned char *) malloc(len);
851 if (!EVP_SignFinal(&digest->ctx, buf, &len, keypair->privkey)) {
852 openssl_post_errors(M_ERROR, _("Signature creation failed"));
856 /* Add the signature to the SignerInfo structure */
857 if (!M_ASN1_OCTET_STRING_set(si->signature, buf, len)) {
858 /* Allocation failed in OpenSSL */
862 /* No longer needed */
865 /* Push the new SignerInfo structure onto the stack */
866 sk_SignerInfo_push(sig->sigData->signerInfo, si);
882 * Encodes the SignatureData structure. The length argument is used to specify the
883 * size of dest. A length of 0 will cause no data to be written to dest, and the
884 * required length to be written to length. The caller can then allocate sufficient
885 * space for the output.
887 * Returns: true on success, stores the encoded data in dest, and the size in length.
890 int crypto_sign_encode(SIGNATURE *sig, uint8_t *dest, uint32_t *length)
893 *length = i2d_SignatureData(sig->sigData, NULL);
897 *length = i2d_SignatureData(sig->sigData, (unsigned char **)&dest);
902 * Decodes the SignatureData structure. The length argument is used to specify the
905 * Returns: SIGNATURE instance on success.
910 SIGNATURE *crypto_sign_decode(const uint8_t *sigData, uint32_t length)
913 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
914 const unsigned char *p = (const unsigned char *) sigData;
916 unsigned char *p = (unsigned char *)sigData;
919 sig = (SIGNATURE *)malloc(sizeof(SIGNATURE));
924 /* d2i_SignatureData modifies the supplied pointer */
925 sig->sigData = d2i_SignatureData(NULL, &p, length);
928 /* Allocation / Decoding failed in OpenSSL */
929 openssl_post_errors(M_ERROR, _("Signature decoding failed"));
938 * Free memory associated with a signature object.
940 void crypto_sign_free(SIGNATURE *sig)
942 SignatureData_free(sig->sigData);
947 * Create a new encryption session.
948 * Returns: A pointer to a CRYPTO_SESSION object on success.
951 CRYPTO_SESSION *crypto_session_new (crypto_cipher_t cipher, alist *pubkeys)
954 X509_KEYPAIR *keypair;
955 const EVP_CIPHER *ec;
959 /* Allocate our session description structures */
960 cs = (CRYPTO_SESSION *) malloc(sizeof(CRYPTO_SESSION));
965 /* Initialize required fields */
966 cs->session_key = NULL;
968 /* Allocate a CryptoData structure */
969 cs->cryptoData = CryptoData_new();
971 if (!cs->cryptoData) {
972 /* Allocation failed in OpenSSL */
977 /* Set the ASN.1 structure version number */
978 ASN1_INTEGER_set(cs->cryptoData->version, BACULA_ASN1_VERSION);
981 * Acquire a cipher instance and set the ASN.1 cipher NID
984 case CRYPTO_CIPHER_AES_128_CBC:
985 /* AES 128 bit CBC */
986 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_128_cbc);
987 ec = EVP_aes_128_cbc();
989 case CRYPTO_CIPHER_AES_192_CBC:
990 /* AES 192 bit CBC */
991 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_192_cbc);
992 ec = EVP_aes_192_cbc();
994 case CRYPTO_CIPHER_AES_256_CBC:
995 /* AES 256 bit CBC */
996 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_256_cbc);
997 ec = EVP_aes_256_cbc();
999 case CRYPTO_CIPHER_BLOWFISH_CBC:
1001 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_bf_cbc);
1005 Emsg0(M_ERROR, 0, _("Unsupported cipher type specified\n"));
1006 crypto_session_free(cs);
1010 /* Generate a symmetric session key */
1011 cs->session_key_len = EVP_CIPHER_key_length(ec);
1012 cs->session_key = (unsigned char *) malloc(cs->session_key_len);
1013 if (RAND_bytes(cs->session_key, cs->session_key_len) <= 0) {
1014 /* OpenSSL failure */
1015 crypto_session_free(cs);
1019 /* Generate an IV if possible */
1020 if ((iv_len = EVP_CIPHER_iv_length(ec))) {
1021 iv = (unsigned char *) malloc(iv_len);
1023 /* Malloc failure */
1024 crypto_session_free(cs);
1028 /* Generate random IV */
1029 if (RAND_bytes(iv, iv_len) <= 0) {
1030 /* OpenSSL failure */
1031 crypto_session_free(cs);
1036 /* Store it in our ASN.1 structure */
1037 if (!M_ASN1_OCTET_STRING_set(cs->cryptoData->iv, iv, iv_len)) {
1038 /* Allocation failed in OpenSSL */
1039 crypto_session_free(cs);
1047 * Create RecipientInfo structures for supplied
1050 foreach_alist(keypair, pubkeys) {
1052 unsigned char *ekey;
1055 ri = RecipientInfo_new();
1057 /* Allocation failed in OpenSSL */
1058 crypto_session_free(cs);
1062 /* Set the ASN.1 structure version number */
1063 ASN1_INTEGER_set(ri->version, BACULA_ASN1_VERSION);
1065 /* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
1066 M_ASN1_OCTET_STRING_free(ri->subjectKeyIdentifier);
1067 ri->subjectKeyIdentifier = M_ASN1_OCTET_STRING_dup(keypair->keyid);
1069 /* Set our key encryption algorithm. We currently require RSA */
1070 assert(keypair->pubkey && EVP_PKEY_type(keypair->pubkey->type) == EVP_PKEY_RSA);
1071 ri->keyEncryptionAlgorithm = OBJ_nid2obj(NID_rsaEncryption);
1073 /* Encrypt the session key */
1074 ekey = (unsigned char *) malloc(EVP_PKEY_size(keypair->pubkey));
1076 RecipientInfo_free(ri);
1077 crypto_session_free(cs);
1081 if ((ekey_len = EVP_PKEY_encrypt(ekey, cs->session_key, cs->session_key_len, keypair->pubkey)) <= 0) {
1082 /* OpenSSL failure */
1083 RecipientInfo_free(ri);
1084 crypto_session_free(cs);
1089 /* Store it in our ASN.1 structure */
1090 if (!M_ASN1_OCTET_STRING_set(ri->encryptedKey, ekey, ekey_len)) {
1091 /* Allocation failed in OpenSSL */
1092 RecipientInfo_free(ri);
1093 crypto_session_free(cs);
1098 /* Free the encrypted key buffer */
1101 /* Push the new RecipientInfo structure onto the stack */
1102 sk_RecipientInfo_push(cs->cryptoData->recipientInfo, ri);
1109 * Encodes the CryptoData structure. The length argument is used to specify the
1110 * size of dest. A length of 0 will cause no data to be written to dest, and the
1111 * required length to be written to length. The caller can then allocate sufficient
1112 * space for the output.
1114 * Returns: true on success, stores the encoded data in dest, and the size in length.
1117 bool crypto_session_encode(CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length)
1120 *length = i2d_CryptoData(cs->cryptoData, NULL);
1124 *length = i2d_CryptoData(cs->cryptoData, &dest);
1129 * Decodes the CryptoData structure. The length argument is
1130 * used to specify the size of data.
1132 * Returns: CRYPTO_SESSION instance on success.
1134 * Returns: CRYPTO_ERROR_NONE and a pointer to a newly allocated CRYPTO_SESSION structure in *session on success.
1135 * A crypto_error_t value on failure.
1137 crypto_error_t crypto_session_decode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session)
1140 X509_KEYPAIR *keypair;
1141 STACK_OF(RecipientInfo) *recipients;
1142 crypto_error_t retval = CRYPTO_ERROR_NONE;
1143 #if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
1144 const unsigned char *p = (const unsigned char *)data;
1146 unsigned char *p = (unsigned char *)data;
1149 /* bacula-fd.conf doesn't contains any key */
1151 return CRYPTO_ERROR_NORECIPIENT;
1154 cs = (CRYPTO_SESSION *) malloc(sizeof(CRYPTO_SESSION));
1156 return CRYPTO_ERROR_INTERNAL;
1159 /* Initialize required fields */
1160 cs->session_key = NULL;
1162 /* d2i_CryptoData modifies the supplied pointer */
1163 cs->cryptoData = d2i_CryptoData(NULL, &p, length);
1165 if (!cs->cryptoData) {
1166 /* Allocation / Decoding failed in OpenSSL */
1167 openssl_post_errors(M_ERROR, _("CryptoData decoding failed"));
1168 retval = CRYPTO_ERROR_INTERNAL;
1172 recipients = cs->cryptoData->recipientInfo;
1175 * Find a matching RecipientInfo structure for a supplied
1178 foreach_alist(keypair, keypairs) {
1182 /* Private key available? */
1183 if (keypair->privkey == NULL) {
1187 for (i = 0; i < sk_RecipientInfo_num(recipients); i++) {
1188 ri = sk_RecipientInfo_value(recipients, i);
1190 /* Match against the subjectKeyIdentifier */
1191 if (M_ASN1_OCTET_STRING_cmp(keypair->keyid, ri->subjectKeyIdentifier) == 0) {
1192 /* Match found, extract symmetric encryption session data */
1194 /* RSA is required. */
1195 assert(EVP_PKEY_type(keypair->privkey->type) == EVP_PKEY_RSA);
1197 /* If we recieve a RecipientInfo structure that does not use
1198 * RSA, return an error */
1199 if (OBJ_obj2nid(ri->keyEncryptionAlgorithm) != NID_rsaEncryption) {
1200 retval = CRYPTO_ERROR_INVALID_CRYPTO;
1204 /* Decrypt the session key */
1205 /* Allocate sufficient space for the largest possible decrypted data */
1206 cs->session_key = (unsigned char *) malloc(EVP_PKEY_size(keypair->privkey));
1207 cs->session_key_len = EVP_PKEY_decrypt(cs->session_key, M_ASN1_STRING_data(ri->encryptedKey),
1208 M_ASN1_STRING_length(ri->encryptedKey), keypair->privkey);
1210 if (cs->session_key_len <= 0) {
1211 openssl_post_errors(M_ERROR, _("Failure decrypting the session key"));
1212 retval = CRYPTO_ERROR_DECRYPTION;
1216 /* Session key successfully extracted, return the CRYPTO_SESSION structure */
1218 return CRYPTO_ERROR_NONE;
1223 /* No matching recipient found */
1224 return CRYPTO_ERROR_NORECIPIENT;
1227 crypto_session_free(cs);
1232 * Free memory associated with a crypto session object.
1234 void crypto_session_free (CRYPTO_SESSION *cs)
1236 if (cs->cryptoData) {
1237 CryptoData_free(cs->cryptoData);
1239 if (cs->session_key){
1240 free(cs->session_key);
1246 * Create a new crypto cipher context with the specified session object
1247 * Returns: A pointer to a CIPHER_CONTEXT object on success. The cipher block size is returned in blocksize.
1250 CIPHER_CONTEXT *crypto_cipher_new (CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize)
1252 CIPHER_CONTEXT *cipher_ctx;
1253 const EVP_CIPHER *ec;
1255 cipher_ctx = (CIPHER_CONTEXT *) malloc(sizeof(CIPHER_CONTEXT));
1261 * Acquire a cipher instance for the given ASN.1 cipher NID
1263 if ((ec = EVP_get_cipherbyobj(cs->cryptoData->contentEncryptionAlgorithm)) == NULL) {
1264 Emsg1(M_ERROR, 0, _("Unsupported contentEncryptionAlgorithm: %d\n"), OBJ_obj2nid(cs->cryptoData->contentEncryptionAlgorithm));
1269 /* Initialize the OpenSSL cipher context */
1270 EVP_CIPHER_CTX_init(&cipher_ctx->ctx);
1272 /* Initialize for encryption */
1273 if (!EVP_CipherInit_ex(&cipher_ctx->ctx, ec, NULL, NULL, NULL, 1)) {
1274 openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
1278 /* Initialize for decryption */
1279 if (!EVP_CipherInit_ex(&cipher_ctx->ctx, ec, NULL, NULL, NULL, 0)) {
1280 openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
1285 /* Set the key size */
1286 if (!EVP_CIPHER_CTX_set_key_length(&cipher_ctx->ctx, cs->session_key_len)) {
1287 openssl_post_errors(M_ERROR, _("Encryption session provided an invalid symmetric key"));
1291 /* Validate the IV length */
1292 if (EVP_CIPHER_iv_length(ec) != M_ASN1_STRING_length(cs->cryptoData->iv)) {
1293 openssl_post_errors(M_ERROR, _("Encryption session provided an invalid IV"));
1297 /* Add the key and IV to the cipher context */
1298 if (!EVP_CipherInit_ex(&cipher_ctx->ctx, NULL, NULL, cs->session_key, M_ASN1_STRING_data(cs->cryptoData->iv), -1)) {
1299 openssl_post_errors(M_ERROR, _("OpenSSL cipher context key/IV initialization failed"));
1303 *blocksize = EVP_CIPHER_CTX_block_size(&cipher_ctx->ctx);
1307 crypto_cipher_free(cipher_ctx);
1313 * Encrypt/Decrypt length bytes of data using the provided cipher context
1314 * Returns: true on success, number of bytes output in written
1317 bool crypto_cipher_update(CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written)
1319 if (!EVP_CipherUpdate(&cipher_ctx->ctx, (unsigned char *)dest, (int *)written, (const unsigned char *)data, length)) {
1320 /* This really shouldn't fail */
1328 * Finalize the cipher context, writing any remaining data and necessary padding
1329 * to dest, and the size in written.
1330 * The result size will either be one block of data or zero.
1332 * Returns: true on success
1335 bool crypto_cipher_finalize (CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written)
1337 if (!EVP_CipherFinal_ex(&cipher_ctx->ctx, (unsigned char *)dest, (int *) written)) {
1338 /* This really shouldn't fail */
1347 * Free memory associated with a cipher context.
1349 void crypto_cipher_free (CIPHER_CONTEXT *cipher_ctx)
1351 EVP_CIPHER_CTX_cleanup(&cipher_ctx->ctx);
1357 * Perform global initialization of OpenSSL
1358 * This function is not thread safe.
1359 * Returns: 0 on success
1362 int init_crypto (void)
1366 if ((stat = openssl_init_threads()) != 0) {
1367 Emsg1(M_ABORT, 0, _("Unable to init OpenSSL threading: ERR=%s\n"), strerror(stat));
1370 /* Load libssl and libcrypto human-readable error strings */
1371 SSL_load_error_strings();
1373 /* Initialize OpenSSL SSL library */
1376 /* Register OpenSSL ciphers and digests */
1377 OpenSSL_add_all_algorithms();
1379 if (!openssl_seed_prng()) {
1380 Emsg0(M_ERROR_TERM, 0, _("Failed to seed OpenSSL PRNG\n"));
1383 crypto_initialized = true;
1389 * Perform global cleanup of OpenSSL
1390 * All cryptographic operations must be completed before calling this function.
1391 * This function is not thread safe.
1392 * Returns: 0 on success
1395 int cleanup_crypto (void)
1398 * Ensure that we've actually been initialized; Doing this here decreases the
1399 * complexity of client's termination/cleanup code.
1401 if (!crypto_initialized) {
1405 if (!openssl_save_prng()) {
1406 Emsg0(M_ERROR, 0, _("Failed to save OpenSSL PRNG\n"));
1409 openssl_cleanup_threads();
1411 /* Free libssl and libcrypto error strings */
1414 /* Free all ciphers and digests */
1417 /* Free memory used by PRNG */
1420 crypto_initialized = false;
1426 #else /* HAVE_OPENSSL */
1427 # error No encryption library available
1428 #endif /* HAVE_OPENSSL */
1430 #else /* HAVE_CRYPTO */
1433 * Cryptography Support Disabled
1436 /* Message Digest Structure */
1438 crypto_digest_t type;
1445 /* Dummy Signature Structure */
1449 DIGEST *crypto_digest_new (crypto_digest_t type)
1453 digest = (DIGEST *)malloc(sizeof(DIGEST));
1454 digest->type = type;
1457 case CRYPTO_DIGEST_MD5:
1458 MD5Init(&digest->md5);
1460 case CRYPTO_DIGEST_SHA1:
1461 SHA1Init(&digest->sha1);
1464 Emsg0(M_ERROR, 0, _("Unsupported digest type specified\n"));
1472 bool crypto_digest_update(DIGEST *digest, const uint8_t *data, uint32_t length)
1474 switch (digest->type) {
1475 case CRYPTO_DIGEST_MD5:
1476 /* Doesn't return anything ... */
1477 MD5Update(&digest->md5, (unsigned char *) data, length);
1479 case CRYPTO_DIGEST_SHA1:
1481 if ((ret = SHA1Update(&digest->sha1, (const u_int8_t *) data, length)) == shaSuccess) {
1484 Emsg1(M_ERROR, 0, _("SHA1Update() returned an error: %d\n"), ret);
1493 bool crypto_digest_finalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
1495 switch (digest->type) {
1496 case CRYPTO_DIGEST_MD5:
1497 /* Guard against programmer error by either the API client or
1498 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
1499 assert(*length >= CRYPTO_DIGEST_MD5_SIZE);
1500 *length = CRYPTO_DIGEST_MD5_SIZE;
1501 /* Doesn't return anything ... */
1502 MD5Final((unsigned char *)dest, &digest->md5);
1504 case CRYPTO_DIGEST_SHA1:
1505 /* Guard against programmer error by either the API client or
1506 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
1507 assert(*length >= CRYPTO_DIGEST_SHA1_SIZE);
1508 *length = CRYPTO_DIGEST_SHA1_SIZE;
1509 if (SHA1Final(&digest->sha1, (u_int8_t *) dest) == shaSuccess) {
1522 void crypto_digest_free(DIGEST *digest)
1527 /* Dummy routines */
1528 int init_crypto (void) { return 0; }
1529 int cleanup_crypto (void) { return 0; }
1531 SIGNATURE *crypto_sign_new (void) { return NULL; }
1533 crypto_error_t crypto_sign_get_digest (SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST **digest) { return CRYPTO_ERROR_INTERNAL; }
1534 crypto_error_t crypto_sign_verify (SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest) { return CRYPTO_ERROR_INTERNAL; }
1536 int crypto_sign_add_signer (SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair) { return false; }
1537 int crypto_sign_encode (SIGNATURE *sig, uint8_t *dest, uint32_t *length) { return false; }
1539 SIGNATURE *crypto_sign_decode (const uint8_t *sigData, uint32_t length) { return NULL; }
1540 void crypto_sign_free (SIGNATURE *sig) { }
1543 X509_KEYPAIR *crypto_keypair_new (void) { return NULL; }
1544 X509_KEYPAIR *crypto_keypair_dup (X509_KEYPAIR *keypair) { return NULL; }
1545 int crypto_keypair_load_cert (X509_KEYPAIR *keypair, const char *file) { return false; }
1546 bool crypto_keypair_has_key (const char *file) { return false; }
1547 int crypto_keypair_load_key (X509_KEYPAIR *keypair, const char *file, CRYPTO_PEM_PASSWD_CB *pem_callback, const void *pem_userdata) { return false; }
1548 void crypto_keypair_free (X509_KEYPAIR *keypair) { }
1550 CRYPTO_SESSION *crypto_session_new (crypto_cipher_t cipher, alist *pubkeys) { return NULL; }
1551 void crypto_session_free (CRYPTO_SESSION *cs) { }
1552 bool crypto_session_encode (CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length) { return false; }
1553 crypto_error_t crypto_session_decode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session) { return CRYPTO_ERROR_INTERNAL; }
1555 CIPHER_CONTEXT *crypto_cipher_new (CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize) { return NULL; }
1556 bool crypto_cipher_update (CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written) { return false; }
1557 bool crypto_cipher_finalize (CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written) { return false; }
1558 void crypto_cipher_free (CIPHER_CONTEXT *cipher_ctx) { }
1560 #endif /* HAVE_CRYPTO */
1565 * Default PEM encryption passphrase callback.
1566 * Returns an empty password.
1568 int crypto_default_pem_callback(char *buf, int size, const void *userdata)
1570 bstrncpy(buf, "", size);
1571 return (strlen(buf));
1575 * Returns the ASCII name of the digest type.
1576 * Returns: ASCII name of digest type.
1578 const char *crypto_digest_name (DIGEST *digest) {
1579 switch (digest->type) {
1580 case CRYPTO_DIGEST_MD5:
1582 case CRYPTO_DIGEST_SHA1:
1584 case CRYPTO_DIGEST_SHA256:
1586 case CRYPTO_DIGEST_SHA512:
1588 case CRYPTO_DIGEST_NONE:
1591 return "Invalid Digest Type";
1597 * Given a stream type, returns the associated
1598 * crypto_digest_t value.
1600 crypto_digest_t crypto_digest_stream_type (int stream) {
1602 case STREAM_MD5_DIGEST:
1603 return CRYPTO_DIGEST_MD5;
1604 case STREAM_SHA1_DIGEST:
1605 return CRYPTO_DIGEST_SHA1;
1606 case STREAM_SHA256_DIGEST:
1607 return CRYPTO_DIGEST_SHA256;
1608 case STREAM_SHA512_DIGEST:
1609 return CRYPTO_DIGEST_SHA512;
1611 return CRYPTO_DIGEST_NONE;
1616 * * Given a crypto_error_t value, return the associated
1619 const char *crypto_strerror(crypto_error_t error) {
1621 case CRYPTO_ERROR_NONE:
1623 case CRYPTO_ERROR_NOSIGNER:
1624 return "Signer not found";
1625 case CRYPTO_ERROR_NORECIPIENT:
1626 return "Recipient not found";
1627 case CRYPTO_ERROR_INVALID_DIGEST:
1628 return "Unsupported digest algorithm";
1629 case CRYPTO_ERROR_INVALID_CRYPTO:
1630 return "Unsupported encryption algorithm";
1631 case CRYPTO_ERROR_BAD_SIGNATURE:
1632 return "Signature is invalid";
1633 case CRYPTO_ERROR_DECRYPTION:
1634 return "Decryption error";
1635 case CRYPTO_ERROR_INTERNAL:
1636 /* This shouldn't happen */
1637 return "Internal error";
1639 return "Unknown error";