2 Bacula(R) - The Network Backup Solution
4 Copyright (C) 2000-2016 Kern Sibbald
6 The original author of Bacula is Kern Sibbald, with contributions
7 from many others, a complete list can be found in the file AUTHORS.
9 You may use this file and others of this release according to the
10 license defined in the LICENSE file, which includes the Affero General
11 Public License, v3.0 ("AGPLv3") and some additional permissions and
12 terms pursuant to its AGPLv3 Section 7.
14 This notice must be preserved when any source code is
15 conveyed and/or propagated.
17 Bacula(R) is a registered trademark of Kern Sibbald.
20 * crypto.c Encryption support functions
22 * Author: Landon Fuller <landonf@opendarwin.org>
24 * This file was contributed to the Bacula project by Landon Fuller.
26 * Landon Fuller has been granted a perpetual, worldwide, non-exclusive,
27 * no-charge, royalty-free, irrevocable copyright license to reproduce,
28 * prepare derivative works of, publicly display, publicly perform,
29 * sublicense, and distribute the original work contributed by Landon Fuller
30 * to the Bacula project in source or object form.
32 * If you wish to license these contributions under an alternate open source
33 * license please contact Landon Fuller <landonf@opendarwin.org>.
42 * For OpenSSL version 1.x, EVP_PKEY_encrypt no longer
43 * exists. It was not an official API.
46 #define EVP_PKEY_encrypt EVP_PKEY_encrypt_old
47 #define EVP_PKEY_decrypt EVP_PKEY_decrypt_old
54 * Prefix: iso.org.dod.internet.private.enterprise.threerings.external.bacula (1.3.6.1.4.1.22054.500.2)
55 * Organization: Bacula Project
56 * Contact Name: Kern Sibbald
57 * Contact E-mail: kern@sibbald.com
59 * Top Level Allocations - 500.2
60 * 1 - Published Allocations
61 * 1.1 - Bacula Encryption
63 * Bacula Encryption - 500.2.1.1
66 * 2 - ASN.1 Object Identifiers
72 * BaculaCrypto { iso(1) identified-organization(3) usdod(6)
73 * internet(1) private(4) enterprises(1) three-rings(22054)
74 * external(500) bacula(2) published(1) bacula-encryption(1)
75 * asn1-modules(1) bacula-crypto(1) }
77 * DEFINITIONS AUTOMATIC TAGS ::=
80 * SignatureData ::= SEQUENCE {
81 * version Version DEFAULT v0,
82 * signerInfo SignerInfo }
84 * CryptoData ::= SEQUENCE {
85 * version Version DEFAULT v0,
86 * contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
87 * iv InitializationVector,
88 * recipientInfo RecipientInfo
91 * SignerInfo ::= SET OF SignerInfo
92 * RecipientInfo ::= SET OF RecipientInfo
94 * Version ::= INTEGER { v0(0) }
96 * SignerInfo ::= SEQUENCE {
98 * subjectKeyIdentifier SubjectKeyIdentifier,
99 * digestAlgorithm DigestAlgorithmIdentifier,
100 * signatureAlgorithm SignatureAlgorithmIdentifier,
101 * signature SignatureValue }
103 * RecipientInfo ::= SEQUENCE {
105 * subjectKeyIdentifier SubjectKeyIdentifier
106 * keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier
107 * encryptedKey EncryptedKey
110 * SubjectKeyIdentifier ::= OCTET STRING
112 * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
114 * SignatureAlgorithmIdentifier ::= AlgorithmIdentifier
116 * KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
118 * ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
120 * InitializationVector ::= OCTET STRING
122 * SignatureValue ::= OCTET STRING
124 * EncryptedKey ::= OCTET STRING
126 * AlgorithmIdentifier ::= OBJECT IDENTIFIER
131 #ifdef HAVE_CRYPTO /* Is encryption enabled? */
132 #ifdef HAVE_OPENSSL /* How about OpenSSL? */
134 #include "openssl-compat.h"
136 /* ASN.1 Declarations */
137 #define BACULA_ASN1_VERSION 0
140 ASN1_INTEGER *version;
141 ASN1_OCTET_STRING *subjectKeyIdentifier;
142 ASN1_OBJECT *digestAlgorithm;
143 ASN1_OBJECT *signatureAlgorithm;
144 ASN1_OCTET_STRING *signature;
148 ASN1_INTEGER *version;
149 ASN1_OCTET_STRING *subjectKeyIdentifier;
150 ASN1_OBJECT *keyEncryptionAlgorithm;
151 ASN1_OCTET_STRING *encryptedKey;
154 ASN1_SEQUENCE(SignerInfo) = {
155 ASN1_SIMPLE(SignerInfo, version, ASN1_INTEGER),
156 ASN1_SIMPLE(SignerInfo, subjectKeyIdentifier, ASN1_OCTET_STRING),
157 ASN1_SIMPLE(SignerInfo, digestAlgorithm, ASN1_OBJECT),
158 ASN1_SIMPLE(SignerInfo, signatureAlgorithm, ASN1_OBJECT),
159 ASN1_SIMPLE(SignerInfo, signature, ASN1_OCTET_STRING)
160 } ASN1_SEQUENCE_END(SignerInfo);
162 ASN1_SEQUENCE(RecipientInfo) = {
163 ASN1_SIMPLE(RecipientInfo, version, ASN1_INTEGER),
164 ASN1_SIMPLE(RecipientInfo, subjectKeyIdentifier, ASN1_OCTET_STRING),
165 ASN1_SIMPLE(RecipientInfo, keyEncryptionAlgorithm, ASN1_OBJECT),
166 ASN1_SIMPLE(RecipientInfo, encryptedKey, ASN1_OCTET_STRING),
167 } ASN1_SEQUENCE_END(RecipientInfo);
170 ASN1_INTEGER *version;
171 STACK_OF(SignerInfo) *signerInfo;
175 ASN1_INTEGER *version;
176 ASN1_OBJECT *contentEncryptionAlgorithm;
177 ASN1_OCTET_STRING *iv;
178 STACK_OF(RecipientInfo) *recipientInfo;
181 ASN1_SEQUENCE(SignatureData) = {
182 ASN1_SIMPLE(SignatureData, version, ASN1_INTEGER),
183 ASN1_SET_OF(SignatureData, signerInfo, SignerInfo),
184 } ASN1_SEQUENCE_END(SignatureData);
186 ASN1_SEQUENCE(CryptoData) = {
187 ASN1_SIMPLE(CryptoData, version, ASN1_INTEGER),
188 ASN1_SIMPLE(CryptoData, contentEncryptionAlgorithm, ASN1_OBJECT),
189 ASN1_SIMPLE(CryptoData, iv, ASN1_OCTET_STRING),
190 ASN1_SET_OF(CryptoData, recipientInfo, RecipientInfo)
191 } ASN1_SEQUENCE_END(CryptoData);
193 IMPLEMENT_ASN1_FUNCTIONS(SignerInfo)
194 IMPLEMENT_ASN1_FUNCTIONS(RecipientInfo)
195 IMPLEMENT_ASN1_FUNCTIONS(SignatureData)
196 IMPLEMENT_ASN1_FUNCTIONS(CryptoData)
198 #if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
199 DEFINE_STACK_OF(SignerInfo);
200 DEFINE_STACK_OF(RecipientInfo);
203 * SignerInfo and RecipientInfo stack macros, generated by OpenSSL's util/mkstack.pl.
205 #define sk_SignerInfo_new(st) SKM_sk_new(SignerInfo, (st))
206 #define sk_SignerInfo_new_null() SKM_sk_new_null(SignerInfo)
207 #define sk_SignerInfo_free(st) SKM_sk_free(SignerInfo, (st))
208 #define sk_SignerInfo_num(st) SKM_sk_num(SignerInfo, (st))
209 #define sk_SignerInfo_value(st, i) SKM_sk_value(SignerInfo, (st), (i))
210 #define sk_SignerInfo_set(st, i, val) SKM_sk_set(SignerInfo, (st), (i), (val))
211 #define sk_SignerInfo_zero(st) SKM_sk_zero(SignerInfo, (st))
212 #define sk_SignerInfo_push(st, val) SKM_sk_push(SignerInfo, (st), (val))
213 #define sk_SignerInfo_unshift(st, val) SKM_sk_unshift(SignerInfo, (st), (val))
214 #define sk_SignerInfo_find(st, val) SKM_sk_find(SignerInfo, (st), (val))
215 #define sk_SignerInfo_delete(st, i) SKM_sk_delete(SignerInfo, (st), (i))
216 #define sk_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(SignerInfo, (st), (ptr))
217 #define sk_SignerInfo_insert(st, val, i) SKM_sk_insert(SignerInfo, (st), (val), (i))
218 #define sk_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SignerInfo, (st), (cmp))
219 #define sk_SignerInfo_dup(st) SKM_sk_dup(SignerInfo, st)
220 #define sk_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(SignerInfo, (st), (free_func))
221 #define sk_SignerInfo_shift(st) SKM_sk_shift(SignerInfo, (st))
222 #define sk_SignerInfo_pop(st) SKM_sk_pop(SignerInfo, (st))
223 #define sk_SignerInfo_sort(st) SKM_sk_sort(SignerInfo, (st))
224 #define sk_SignerInfo_is_sorted(st) SKM_sk_is_sorted(SignerInfo, (st))
226 #define d2i_ASN1_SET_OF_SignerInfo(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
227 SKM_ASN1_SET_OF_d2i(SignerInfo, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
228 #define i2d_ASN1_SET_OF_SignerInfo(st, pp, i2d_func, ex_tag, ex_class, is_set) \
229 SKM_ASN1_SET_OF_i2d(SignerInfo, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
230 #define ASN1_seq_pack_SignerInfo(st, i2d_func, buf, len) \
231 SKM_ASN1_seq_pack(SignerInfo, (st), (i2d_func), (buf), (len))
232 #define ASN1_seq_unpack_SignerInfo(buf, len, d2i_func, free_func) \
233 SKM_ASN1_seq_unpack(SignerInfo, (buf), (len), (d2i_func), (free_func))
235 #define sk_RecipientInfo_new(st) SKM_sk_new(RecipientInfo, (st))
236 #define sk_RecipientInfo_new_null() SKM_sk_new_null(RecipientInfo)
237 #define sk_RecipientInfo_free(st) SKM_sk_free(RecipientInfo, (st))
238 #define sk_RecipientInfo_num(st) SKM_sk_num(RecipientInfo, (st))
239 #define sk_RecipientInfo_value(st, i) SKM_sk_value(RecipientInfo, (st), (i))
240 #define sk_RecipientInfo_set(st, i, val) SKM_sk_set(RecipientInfo, (st), (i), (val))
241 #define sk_RecipientInfo_zero(st) SKM_sk_zero(RecipientInfo, (st))
242 #define sk_RecipientInfo_push(st, val) SKM_sk_push(RecipientInfo, (st), (val))
243 #define sk_RecipientInfo_unshift(st, val) SKM_sk_unshift(RecipientInfo, (st), (val))
244 #define sk_RecipientInfo_find(st, val) SKM_sk_find(RecipientInfo, (st), (val))
245 #define sk_RecipientInfo_delete(st, i) SKM_sk_delete(RecipientInfo, (st), (i))
246 #define sk_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(RecipientInfo, (st), (ptr))
247 #define sk_RecipientInfo_insert(st, val, i) SKM_sk_insert(RecipientInfo, (st), (val), (i))
248 #define sk_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(RecipientInfo, (st), (cmp))
249 #define sk_RecipientInfo_dup(st) SKM_sk_dup(RecipientInfo, st)
250 #define sk_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(RecipientInfo, (st), (free_func))
251 #define sk_RecipientInfo_shift(st) SKM_sk_shift(RecipientInfo, (st))
252 #define sk_RecipientInfo_pop(st) SKM_sk_pop(RecipientInfo, (st))
253 #define sk_RecipientInfo_sort(st) SKM_sk_sort(RecipientInfo, (st))
254 #define sk_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(RecipientInfo, (st))
256 #define d2i_ASN1_SET_OF_RecipientInfo(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
257 SKM_ASN1_SET_OF_d2i(RecipientInfo, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
258 #define i2d_ASN1_SET_OF_RecipientInfo(st, pp, i2d_func, ex_tag, ex_class, is_set) \
259 SKM_ASN1_SET_OF_i2d(RecipientInfo, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
260 #define ASN1_seq_pack_RecipientInfo(st, i2d_func, buf, len) \
261 SKM_ASN1_seq_pack(RecipientInfo, (st), (i2d_func), (buf), (len))
262 #define ASN1_seq_unpack_RecipientInfo(buf, len, d2i_func, free_func) \
263 SKM_ASN1_seq_unpack(RecipientInfo, (buf), (len), (d2i_func), (free_func))
264 /* End of util/mkstack.pl block */
267 /* X509 Public/Private Key Pair Structure */
268 struct X509_Keypair {
269 ASN1_OCTET_STRING *keyid;
274 /* Message Digest Structure */
276 crypto_digest_t type;
281 /* Message Signature Structure */
283 SignatureData *sigData;
287 /* Encryption Session Data */
288 struct Crypto_Session {
289 CryptoData *cryptoData; /* ASN.1 Structure */
290 unsigned char *session_key; /* Private symmetric session key */
291 size_t session_key_len; /* Symmetric session key length */
294 /* Symmetric Cipher Context */
295 struct Cipher_Context {
299 /* PEM Password Dispatch Context */
300 typedef struct PEM_CB_Context {
301 CRYPTO_PEM_PASSWD_CB *pem_callback;
302 const void *pem_userdata;
306 * Extract subjectKeyIdentifier from x509 certificate.
307 * Returns: On success, an ASN1_OCTET_STRING that must be freed via ASN1_OCTET_STRING_free().
310 static ASN1_OCTET_STRING *openssl_cert_keyid(X509 *cert) {
312 const X509V3_EXT_METHOD *method;
313 ASN1_OCTET_STRING *keyid;
315 const ASN1_STRING *asn1_ext_val;
316 const unsigned char *ext_value_data;
318 /* Find the index to the subjectKeyIdentifier extension */
319 i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
325 /* Grab the extension */
326 ext = X509_get_ext(cert, i);
328 /* Get x509 extension method structure */
329 if (!(method = X509V3_EXT_get(ext))) {
333 asn1_ext_val = X509_EXTENSION_get_data(ext);
334 ext_value_data = ASN1_STRING_get0_data(asn1_ext_val);
339 /* Decode ASN1 item in data */
340 keyid = (ASN1_OCTET_STRING *) ASN1_item_d2i(NULL, &ext_value_data, ASN1_STRING_length(asn1_ext_val),
341 ASN1_ITEM_ptr(method->it));
345 /* Decode ASN1 item in data */
346 keyid = (ASN1_OCTET_STRING *) method->d2i(NULL, &ext_value_data, ASN1_STRING_length(asn1_ext_val));
353 * Create a new keypair object.
354 * Returns: A pointer to a X509 KEYPAIR object on success.
357 X509_KEYPAIR *crypto_keypair_new(void)
359 X509_KEYPAIR *keypair;
361 /* Allocate our keypair structure */
362 keypair = (X509_KEYPAIR *)malloc(sizeof(X509_KEYPAIR));
364 /* Initialize our keypair structure */
365 keypair->keyid = NULL;
366 keypair->pubkey = NULL;
367 keypair->privkey = NULL;
373 * Create a copy of a keypair object. The underlying
374 * EVP objects are not duplicated, as no EVP_PKEY_dup()
375 * API is available. Instead, the reference count is
378 X509_KEYPAIR *crypto_keypair_dup(X509_KEYPAIR *keypair)
380 X509_KEYPAIR *newpair;
383 newpair = crypto_keypair_new();
386 /* Allocation failed */
390 /* Increment the public key ref count */
391 if (keypair->pubkey) {
392 ret = EVP_PKEY_up_ref(keypair->pubkey);
395 newpair->pubkey = keypair->pubkey;
398 /* Increment the private key ref count */
399 if (keypair->privkey) {
400 ret = EVP_PKEY_up_ref(keypair->privkey);
403 newpair->privkey = keypair->privkey;
406 /* Duplicate the keyid */
407 if (keypair->keyid) {
408 newpair->keyid = ASN1_OCTET_STRING_dup(keypair->keyid);
416 crypto_keypair_free(newpair);
422 * Load a public key from a PEM-encoded x509 certificate.
423 * Returns: true on success
426 int crypto_keypair_load_cert(X509_KEYPAIR *keypair, const char *file)
432 if (!(bio = BIO_new_file(file, "r"))) {
433 openssl_post_errors(M_ERROR, _("Unable to open certificate file"));
437 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
440 openssl_post_errors(M_ERROR, _("Unable to read certificate from file"));
444 /* Extract the public key */
445 if (!(keypair->pubkey = X509_get_pubkey(cert))) {
446 openssl_post_errors(M_ERROR, _("Unable to extract public key from certificate"));
450 /* Extract the subjectKeyIdentifier extension field */
451 if ((keypair->keyid = openssl_cert_keyid(cert)) == NULL) {
452 Jmsg0(NULL, M_ERROR, 0,
453 _("Provided certificate does not include the required subjectKeyIdentifier extension."));
457 /* Validate the public key type (only RSA is supported) */
458 if (EVP_PKEY_base_id(keypair->pubkey) != EVP_PKEY_RSA) {
459 Jmsg1(NULL, M_ERROR, 0,
460 _("Unsupported key type provided: %d\n"), EVP_PKEY_id(keypair->pubkey));
469 if (keypair->pubkey) {
470 EVP_PKEY_free(keypair->pubkey);
475 /* Dispatch user PEM encryption callbacks */
476 static int crypto_pem_callback_dispatch (char *buf, int size, int rwflag, void *userdata)
478 PEM_CB_CONTEXT *ctx = (PEM_CB_CONTEXT *) userdata;
479 return (ctx->pem_callback(buf, size, ctx->pem_userdata));
483 * Check a PEM-encoded file
484 * for the existence of a private key.
485 * Returns: true if a private key is found
488 bool crypto_keypair_has_key(const char *file) {
492 unsigned char *data = NULL;
496 if (!(bio = BIO_new_file(file, "r"))) {
497 openssl_post_errors(M_ERROR, _("Unable to open private key file"));
501 while (PEM_read_bio(bio, &name, &header, &data, &len)) {
502 /* We don't care what the data is, just that it's there */
503 OPENSSL_free(header);
507 * PEM Header Found, check for a private key
508 * Due to OpenSSL limitations, we must specifically
509 * list supported PEM private key encodings.
511 if (strcmp(name, PEM_STRING_RSA) == 0
512 || strcmp(name, PEM_STRING_DSA) == 0
513 || strcmp(name, PEM_STRING_PKCS8) == 0
514 || strcmp(name, PEM_STRING_PKCS8INF) == 0) {
526 /* Post PEM-decoding error messages, if any */
527 openssl_post_errors(M_ERROR, _("Unable to read private key from file"));
532 * Load a PEM-encoded private key.
533 * Returns: true on success
536 int crypto_keypair_load_key(X509_KEYPAIR *keypair, const char *file,
537 CRYPTO_PEM_PASSWD_CB *pem_callback,
538 const void *pem_userdata)
544 if (!(bio = BIO_new_file(file, "r"))) {
545 openssl_post_errors(M_ERROR, _("Unable to open private key file"));
549 /* Set up PEM encryption callback */
551 ctx.pem_callback = pem_callback;
552 ctx.pem_userdata = pem_userdata;
554 ctx.pem_callback = crypto_default_pem_callback;
555 ctx.pem_userdata = NULL;
558 keypair->privkey = PEM_read_bio_PrivateKey(bio, NULL, crypto_pem_callback_dispatch, &ctx);
560 if (!keypair->privkey) {
561 openssl_post_errors(M_ERROR, _("Unable to read private key from file"));
569 * Free memory associated with a keypair object.
571 void crypto_keypair_free(X509_KEYPAIR *keypair)
573 if (keypair->pubkey) {
574 EVP_PKEY_free(keypair->pubkey);
576 if (keypair->privkey) {
577 EVP_PKEY_free(keypair->privkey);
579 if (keypair->keyid) {
580 ASN1_OCTET_STRING_free(keypair->keyid);
586 * Create a new message digest context of the specified type
587 * Returns: A pointer to a DIGEST object on success.
590 DIGEST *crypto_digest_new(JCR *jcr, crypto_digest_t type)
593 const EVP_MD *md = NULL; /* Quell invalid uninitialized warnings */
595 digest = (DIGEST *)malloc(sizeof(DIGEST));
598 Dmsg1(150, "crypto_digest_new jcr=%p\n", jcr);
600 /* Initialize the OpenSSL message digest context */
601 digest->ctx = EVP_MD_CTX_new();
604 EVP_MD_CTX_reset(digest->ctx);
606 /* Determine the correct OpenSSL message digest type */
608 case CRYPTO_DIGEST_MD5:
611 case CRYPTO_DIGEST_SHA1:
615 case CRYPTO_DIGEST_SHA256:
618 case CRYPTO_DIGEST_SHA512:
623 Jmsg1(jcr, M_ERROR, 0, _("Unsupported digest type: %d\n"), type);
627 /* Initialize the backing OpenSSL context */
628 if (EVP_DigestInit_ex(digest->ctx, md, NULL) == 0) {
635 /* This should not happen, but never say never ... */
636 Dmsg0(150, "Digest init failed.\n");
637 openssl_post_errors(jcr, M_ERROR, _("OpenSSL digest initialization failed"));
638 crypto_digest_free(digest);
643 * Hash length bytes of data into the provided digest context.
644 * Returns: true on success
647 bool crypto_digest_update(DIGEST *digest, const uint8_t *data, uint32_t length)
649 if (EVP_DigestUpdate(digest->ctx, data, length) == 0) {
650 Dmsg0(150, "digest update failed\n");
651 openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest update failed"));
659 * Finalize the data in digest, storing the result in dest and the result size
660 * in length. The result size can be determined with crypto_digest_size().
662 * Returns: true on success
665 bool crypto_digest_finalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
667 if (!EVP_DigestFinal(digest->ctx, dest, (unsigned int *)length)) {
668 Dmsg0(150, "digest finalize failed\n");
669 openssl_post_errors(digest->jcr, M_ERROR, _("OpenSSL digest finalize failed"));
677 * Free memory associated with a digest object.
679 void crypto_digest_free(DIGEST *digest)
681 EVP_MD_CTX_free(digest->ctx);
686 * Create a new message signature context.
687 * Returns: A pointer to a SIGNATURE object on success.
690 SIGNATURE *crypto_sign_new(JCR *jcr)
694 sig = (SIGNATURE *)malloc(sizeof(SIGNATURE));
699 sig->sigData = SignatureData_new();
701 Dmsg1(150, "crypto_sign_new jcr=%p\n", jcr);
704 /* Allocation failed in OpenSSL */
709 /* Set the ASN.1 structure version number */
710 ASN1_INTEGER_set(sig->sigData->version, BACULA_ASN1_VERSION);
716 * For a given public key, find the associated SignatureInfo record
717 * and create a digest context for signature validation
719 * Returns: CRYPTO_ERROR_NONE on success, with the newly allocated DIGEST in digest.
720 * A crypto_error_t value on failure.
722 crypto_error_t crypto_sign_get_digest(SIGNATURE *sig, X509_KEYPAIR *keypair,
723 crypto_digest_t &type, DIGEST **digest)
725 STACK_OF(SignerInfo) *signers;
729 signers = sig->sigData->signerInfo;
731 for (i = 0; i < sk_SignerInfo_num(signers); i++) {
732 si = sk_SignerInfo_value(signers, i);
733 if (ASN1_OCTET_STRING_cmp(keypair->keyid, si->subjectKeyIdentifier) == 0) {
734 /* Get the digest algorithm and allocate a digest context */
735 Dmsg1(150, "crypto_sign_get_digest jcr=%p\n", sig->jcr);
736 switch (OBJ_obj2nid(si->digestAlgorithm)) {
738 Dmsg0(100, "sign digest algorithm is MD5\n");
739 type = CRYPTO_DIGEST_MD5;
740 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_MD5);
743 Dmsg0(100, "sign digest algorithm is SHA1\n");
744 type = CRYPTO_DIGEST_SHA1;
745 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_SHA1);
749 Dmsg0(100, "sign digest algorithm is SHA256\n");
750 type = CRYPTO_DIGEST_SHA256;
751 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_SHA256);
754 Dmsg0(100, "sign digest algorithm is SHA512\n");
755 type = CRYPTO_DIGEST_SHA512;
756 *digest = crypto_digest_new(sig->jcr, CRYPTO_DIGEST_SHA512);
760 type = CRYPTO_DIGEST_NONE;
762 return CRYPTO_ERROR_INVALID_DIGEST;
765 /* Shouldn't happen */
766 if (*digest == NULL) {
767 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL digest_new failed"));
768 return CRYPTO_ERROR_INVALID_DIGEST;
770 return CRYPTO_ERROR_NONE;
773 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL sign get digest failed"));
778 return CRYPTO_ERROR_NOSIGNER;
782 * For a given signature, public key, and digest, verify the SIGNATURE.
783 * Returns: CRYPTO_ERROR_NONE on success.
784 * A crypto_error_t value on failure.
786 crypto_error_t crypto_sign_verify(SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest)
788 STACK_OF(SignerInfo) *signers;
792 const unsigned char *sigData;
794 signers = sig->sigData->signerInfo;
796 /* Find the signer */
797 for (i = 0; i < sk_SignerInfo_num(signers); i++) {
798 si = sk_SignerInfo_value(signers, i);
799 if (ASN1_OCTET_STRING_cmp(keypair->keyid, si->subjectKeyIdentifier) == 0) {
800 /* Extract the signature data */
801 sigLen = ASN1_STRING_length(si->signature);
802 sigData = ASN1_STRING_get0_data(si->signature);
804 ok = EVP_VerifyFinal(digest->ctx, sigData, sigLen, keypair->pubkey);
806 return CRYPTO_ERROR_NONE;
807 } else if (ok == 0) {
808 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL digest Verify final failed"));
809 return CRYPTO_ERROR_BAD_SIGNATURE;
811 /* Shouldn't happen */
812 openssl_post_errors(sig->jcr, M_ERROR, _("OpenSSL digest Verify final failed"));
813 return CRYPTO_ERROR_INTERNAL;
817 Jmsg(sig->jcr, M_ERROR, 0, _("No signers found for crypto verify.\n"));
818 /* Signer wasn't found. */
819 return CRYPTO_ERROR_NOSIGNER;
825 * Returns: true on success
828 int crypto_sign_add_signer(SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair)
830 SignerInfo *si = NULL;
831 unsigned char *buf = NULL;
834 si = SignerInfo_new();
837 /* Allocation failed in OpenSSL */
841 /* Set the ASN.1 structure version number */
842 ASN1_INTEGER_set(si->version, BACULA_ASN1_VERSION);
844 /* Set the digest algorithm identifier */
845 switch (digest->type) {
846 case CRYPTO_DIGEST_MD5:
847 si->digestAlgorithm = OBJ_nid2obj(NID_md5);
849 case CRYPTO_DIGEST_SHA1:
850 si->digestAlgorithm = OBJ_nid2obj(NID_sha1);
853 case CRYPTO_DIGEST_SHA256:
854 si->digestAlgorithm = OBJ_nid2obj(NID_sha256);
856 case CRYPTO_DIGEST_SHA512:
857 si->digestAlgorithm = OBJ_nid2obj(NID_sha512);
861 /* This should never happen */
865 /* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
866 ASN1_OCTET_STRING_free(si->subjectKeyIdentifier);
867 si->subjectKeyIdentifier = ASN1_OCTET_STRING_dup(keypair->keyid);
869 /* Set our signature algorithm. We currently require RSA */
870 assert(EVP_PKEY_base_id(keypair->pubkey) == EVP_PKEY_RSA);
871 /* This is slightly evil. Reach into the MD structure and grab the key type */
872 si->signatureAlgorithm = OBJ_nid2obj(EVP_MD_pkey_type(EVP_MD_CTX_md(digest->ctx)));
874 /* Finalize/Sign our Digest */
875 len = EVP_PKEY_size(keypair->privkey);
876 buf = (unsigned char *) malloc(len);
877 if (!EVP_SignFinal(digest->ctx, buf, &len, keypair->privkey)) {
878 openssl_post_errors(M_ERROR, _("Signature creation failed"));
882 /* Add the signature to the SignerInfo structure */
883 if (!ASN1_OCTET_STRING_set(si->signature, buf, len)) {
884 /* Allocation failed in OpenSSL */
888 /* No longer needed */
891 /* Push the new SignerInfo structure onto the stack */
892 sk_SignerInfo_push(sig->sigData->signerInfo, si);
908 * Encodes the SignatureData structure. The length argument is used to specify the
909 * size of dest. A length of 0 will cause no data to be written to dest, and the
910 * required length to be written to length. The caller can then allocate sufficient
911 * space for the output.
913 * Returns: true on success, stores the encoded data in dest, and the size in length.
916 int crypto_sign_encode(SIGNATURE *sig, uint8_t *dest, uint32_t *length)
919 *length = i2d_SignatureData(sig->sigData, NULL);
923 *length = i2d_SignatureData(sig->sigData, (unsigned char **)&dest);
928 * Decodes the SignatureData structure. The length argument is used to specify the
931 * Returns: SIGNATURE instance on success.
936 SIGNATURE *crypto_sign_decode(JCR *jcr, const uint8_t *sigData, uint32_t length)
939 const unsigned char *p = (const unsigned char *) sigData;
941 sig = (SIGNATURE *)malloc(sizeof(SIGNATURE));
947 /* d2i_SignatureData modifies the supplied pointer */
948 sig->sigData = d2i_SignatureData(NULL, &p, length);
951 /* Allocation / Decoding failed in OpenSSL */
952 openssl_post_errors(jcr, M_ERROR, _("Signature decoding failed"));
961 * Free memory associated with a signature object.
963 void crypto_sign_free(SIGNATURE *sig)
965 SignatureData_free(sig->sigData);
970 * Create a new encryption session.
971 * Returns: A pointer to a CRYPTO_SESSION object on success.
974 * Note! Bacula malloc() fails if out of memory.
976 CRYPTO_SESSION *crypto_session_new (crypto_cipher_t cipher, alist *pubkeys)
979 X509_KEYPAIR *keypair;
980 const EVP_CIPHER *ec;
984 /* Allocate our session description structures */
985 cs = (CRYPTO_SESSION *)malloc(sizeof(CRYPTO_SESSION));
987 /* Initialize required fields */
988 cs->session_key = NULL;
990 /* Allocate a CryptoData structure */
991 cs->cryptoData = CryptoData_new();
993 if (!cs->cryptoData) {
994 /* Allocation failed in OpenSSL */
999 /* Set the ASN.1 structure version number */
1000 ASN1_INTEGER_set(cs->cryptoData->version, BACULA_ASN1_VERSION);
1003 * Acquire a cipher instance and set the ASN.1 cipher NID
1006 case CRYPTO_CIPHER_AES_128_CBC:
1007 /* AES 128 bit CBC */
1008 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_128_cbc);
1009 ec = EVP_aes_128_cbc();
1011 #ifndef HAVE_OPENSSL_EXPORT_LIBRARY
1012 case CRYPTO_CIPHER_AES_192_CBC:
1013 /* AES 192 bit CBC */
1014 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_192_cbc);
1015 ec = EVP_aes_192_cbc();
1017 case CRYPTO_CIPHER_AES_256_CBC:
1018 /* AES 256 bit CBC */
1019 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_aes_256_cbc);
1020 ec = EVP_aes_256_cbc();
1023 case CRYPTO_CIPHER_BLOWFISH_CBC:
1025 cs->cryptoData->contentEncryptionAlgorithm = OBJ_nid2obj(NID_bf_cbc);
1029 Jmsg0(NULL, M_ERROR, 0, _("Unsupported cipher type specified\n"));
1030 crypto_session_free(cs);
1034 /* Generate a symmetric session key */
1035 cs->session_key_len = EVP_CIPHER_key_length(ec);
1036 cs->session_key = (unsigned char *) malloc(cs->session_key_len);
1037 if (RAND_bytes(cs->session_key, cs->session_key_len) <= 0) {
1038 /* OpenSSL failure */
1039 crypto_session_free(cs);
1043 /* Generate an IV if possible */
1044 if ((iv_len = EVP_CIPHER_iv_length(ec))) {
1045 iv = (unsigned char *)malloc(iv_len);
1047 /* Generate random IV */
1048 if (RAND_bytes(iv, iv_len) <= 0) {
1049 /* OpenSSL failure */
1050 crypto_session_free(cs);
1055 /* Store it in our ASN.1 structure */
1056 if (!ASN1_OCTET_STRING_set(cs->cryptoData->iv, iv, iv_len)) {
1057 /* Allocation failed in OpenSSL */
1058 crypto_session_free(cs);
1066 * Create RecipientInfo structures for supplied
1069 foreach_alist(keypair, pubkeys) {
1071 unsigned char *ekey;
1074 ri = RecipientInfo_new();
1076 /* Allocation failed in OpenSSL */
1077 crypto_session_free(cs);
1081 /* Set the ASN.1 structure version number */
1082 ASN1_INTEGER_set(ri->version, BACULA_ASN1_VERSION);
1084 /* Drop the string allocated by OpenSSL, and add our subjectKeyIdentifier */
1085 ASN1_OCTET_STRING_free(ri->subjectKeyIdentifier);
1086 ri->subjectKeyIdentifier = ASN1_OCTET_STRING_dup(keypair->keyid);
1088 /* Set our key encryption algorithm. We currently require RSA */
1089 assert(keypair->pubkey && EVP_PKEY_base_id(keypair->pubkey) == EVP_PKEY_RSA);
1090 ri->keyEncryptionAlgorithm = OBJ_nid2obj(NID_rsaEncryption);
1092 /* Encrypt the session key */
1093 ekey = (unsigned char *)malloc(EVP_PKEY_size(keypair->pubkey));
1095 if ((ekey_len = EVP_PKEY_encrypt(ekey, cs->session_key, cs->session_key_len, keypair->pubkey)) <= 0) {
1096 /* OpenSSL failure */
1097 RecipientInfo_free(ri);
1098 crypto_session_free(cs);
1103 /* Store it in our ASN.1 structure */
1104 if (!ASN1_OCTET_STRING_set(ri->encryptedKey, ekey, ekey_len)) {
1105 /* Allocation failed in OpenSSL */
1106 RecipientInfo_free(ri);
1107 crypto_session_free(cs);
1112 /* Free the encrypted key buffer */
1115 /* Push the new RecipientInfo structure onto the stack */
1116 sk_RecipientInfo_push(cs->cryptoData->recipientInfo, ri);
1123 * Encodes the CryptoData structure. The length argument is used to specify the
1124 * size of dest. A length of 0 will cause no data to be written to dest, and the
1125 * required length to be written to length. The caller can then allocate sufficient
1126 * space for the output.
1128 * Returns: true on success, stores the encoded data in dest, and the size in length.
1131 bool crypto_session_encode(CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length)
1134 *length = i2d_CryptoData(cs->cryptoData, NULL);
1138 *length = i2d_CryptoData(cs->cryptoData, &dest);
1143 * Decodes the CryptoData structure. The length argument is
1144 * used to specify the size of data.
1146 * Returns: CRYPTO_SESSION instance on success.
1148 * Returns: CRYPTO_ERROR_NONE and a pointer to a newly allocated CRYPTO_SESSION structure in *session on success.
1149 * A crypto_error_t value on failure.
1151 crypto_error_t crypto_session_decode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session)
1154 X509_KEYPAIR *keypair;
1155 STACK_OF(RecipientInfo) *recipients;
1156 crypto_error_t retval = CRYPTO_ERROR_NONE;
1157 const unsigned char *p = (const unsigned char *)data;
1159 /* bacula-fd.conf doesn't contains any key */
1161 return CRYPTO_ERROR_NORECIPIENT;
1164 cs = (CRYPTO_SESSION *)malloc(sizeof(CRYPTO_SESSION));
1166 /* Initialize required fields */
1167 cs->session_key = NULL;
1169 /* d2i_CryptoData modifies the supplied pointer */
1170 cs->cryptoData = d2i_CryptoData(NULL, &p, length);
1172 if (!cs->cryptoData) {
1173 /* Allocation / Decoding failed in OpenSSL */
1174 openssl_post_errors(M_ERROR, _("CryptoData decoding failed"));
1175 retval = CRYPTO_ERROR_INTERNAL;
1179 recipients = cs->cryptoData->recipientInfo;
1182 * Find a matching RecipientInfo structure for a supplied
1185 foreach_alist(keypair, keypairs) {
1189 /* Private key available? */
1190 if (keypair->privkey == NULL) {
1194 for (i = 0; i < sk_RecipientInfo_num(recipients); i++) {
1195 ri = sk_RecipientInfo_value(recipients, i);
1197 /* Match against the subjectKeyIdentifier */
1198 if (ASN1_OCTET_STRING_cmp(keypair->keyid, ri->subjectKeyIdentifier) == 0) {
1199 /* Match found, extract symmetric encryption session data */
1201 /* RSA is required. */
1202 assert(EVP_PKEY_base_id(keypair->privkey) == EVP_PKEY_RSA);
1204 /* If we recieve a RecipientInfo structure that does not use
1205 * RSA, return an error */
1206 if (OBJ_obj2nid(ri->keyEncryptionAlgorithm) != NID_rsaEncryption) {
1207 retval = CRYPTO_ERROR_INVALID_CRYPTO;
1211 /* Decrypt the session key */
1212 /* Allocate sufficient space for the largest possible decrypted data */
1213 cs->session_key = (unsigned char *)malloc(EVP_PKEY_size(keypair->privkey));
1214 cs->session_key_len = EVP_PKEY_decrypt(cs->session_key, ASN1_STRING_get0_data(ri->encryptedKey),
1215 ASN1_STRING_length(ri->encryptedKey), keypair->privkey);
1217 if (cs->session_key_len <= 0) {
1218 openssl_post_errors(M_ERROR, _("Failure decrypting the session key"));
1219 retval = CRYPTO_ERROR_DECRYPTION;
1223 /* Session key successfully extracted, return the CRYPTO_SESSION structure */
1225 return CRYPTO_ERROR_NONE;
1230 /* No matching recipient found */
1231 return CRYPTO_ERROR_NORECIPIENT;
1234 crypto_session_free(cs);
1239 * Free memory associated with a crypto session object.
1241 void crypto_session_free(CRYPTO_SESSION *cs)
1243 if (cs->cryptoData) {
1244 CryptoData_free(cs->cryptoData);
1246 if (cs->session_key){
1247 free(cs->session_key);
1253 * Create a new crypto cipher context with the specified session object
1254 * Returns: A pointer to a CIPHER_CONTEXT object on success. The cipher block size is returned in blocksize.
1257 CIPHER_CONTEXT *crypto_cipher_new(CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize)
1259 CIPHER_CONTEXT *cipher_ctx;
1260 const EVP_CIPHER *ec;
1262 cipher_ctx = (CIPHER_CONTEXT *)malloc(sizeof(CIPHER_CONTEXT));
1266 cipher_ctx->ctx = EVP_CIPHER_CTX_new();
1267 if (!cipher_ctx->ctx)
1271 * Acquire a cipher instance for the given ASN.1 cipher NID
1273 if ((ec = EVP_get_cipherbyobj(cs->cryptoData->contentEncryptionAlgorithm)) == NULL) {
1274 Jmsg1(NULL, M_ERROR, 0,
1275 _("Unsupported contentEncryptionAlgorithm: %d\n"), OBJ_obj2nid(cs->cryptoData->contentEncryptionAlgorithm));
1280 /* Initialize the OpenSSL cipher context */
1281 EVP_CIPHER_CTX_reset(cipher_ctx->ctx);
1283 /* Initialize for encryption */
1284 if (!EVP_CipherInit_ex(cipher_ctx->ctx, ec, NULL, NULL, NULL, 1)) {
1285 openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
1289 /* Initialize for decryption */
1290 if (!EVP_CipherInit_ex(cipher_ctx->ctx, ec, NULL, NULL, NULL, 0)) {
1291 openssl_post_errors(M_ERROR, _("OpenSSL cipher context initialization failed"));
1296 /* Set the key size */
1297 if (!EVP_CIPHER_CTX_set_key_length(cipher_ctx->ctx, cs->session_key_len)) {
1298 openssl_post_errors(M_ERROR, _("Encryption session provided an invalid symmetric key"));
1302 /* Validate the IV length */
1303 if (EVP_CIPHER_iv_length(ec) != ASN1_STRING_length(cs->cryptoData->iv)) {
1304 openssl_post_errors(M_ERROR, _("Encryption session provided an invalid IV"));
1308 /* Add the key and IV to the cipher context */
1309 if (!EVP_CipherInit_ex(cipher_ctx->ctx, NULL, NULL, cs->session_key, ASN1_STRING_get0_data(cs->cryptoData->iv), -1)) {
1310 openssl_post_errors(M_ERROR, _("OpenSSL cipher context key/IV initialization failed"));
1314 *blocksize = EVP_CIPHER_CTX_block_size(cipher_ctx->ctx);
1318 crypto_cipher_free(cipher_ctx);
1324 * Encrypt/Decrypt length bytes of data using the provided cipher context
1325 * Returns: true on success, number of bytes output in written
1328 bool crypto_cipher_update(CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written)
1330 if (!EVP_CipherUpdate(cipher_ctx->ctx, (unsigned char *)dest, (int *)written, (const unsigned char *)data, length)) {
1331 /* This really shouldn't fail */
1339 * Finalize the cipher context, writing any remaining data and necessary padding
1340 * to dest, and the size in written.
1341 * The result size will either be one block of data or zero.
1343 * Returns: true on success
1346 bool crypto_cipher_finalize (CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written)
1348 if (!EVP_CipherFinal_ex(cipher_ctx->ctx, (unsigned char *)dest, (int *) written)) {
1349 /* This really shouldn't fail */
1358 * Free memory associated with a cipher context.
1360 void crypto_cipher_free (CIPHER_CONTEXT *cipher_ctx)
1362 EVP_CIPHER_CTX_free(cipher_ctx->ctx);
1366 #else /* HAVE_OPENSSL */
1367 # error No encryption library available
1368 #endif /* HAVE_OPENSSL */
1370 #else /* HAVE_CRYPTO */
1373 * Cryptography Support Disabled
1376 /* Message Digest Structure */
1378 crypto_digest_t type;
1386 /* Dummy Signature Structure */
1391 DIGEST *crypto_digest_new(JCR *jcr, crypto_digest_t type)
1395 digest = (DIGEST *)malloc(sizeof(DIGEST));
1396 digest->type = type;
1400 case CRYPTO_DIGEST_MD5:
1401 MD5Init(&digest->md5);
1403 case CRYPTO_DIGEST_SHA1:
1404 SHA1Init(&digest->sha1);
1407 Jmsg1(jcr, M_ERROR, 0, _("Unsupported digest type=%d specified\n"), type);
1415 bool crypto_digest_update(DIGEST *digest, const uint8_t *data, uint32_t length)
1417 switch (digest->type) {
1418 case CRYPTO_DIGEST_MD5:
1419 /* Doesn't return anything ... */
1420 MD5Update(&digest->md5, (unsigned char *) data, length);
1422 case CRYPTO_DIGEST_SHA1:
1424 if ((ret = SHA1Update(&digest->sha1, (const u_int8_t *) data, length)) == shaSuccess) {
1427 Jmsg1(NULL, M_ERROR, 0, _("SHA1Update() returned an error: %d\n"), ret);
1436 bool crypto_digest_finalize(DIGEST *digest, uint8_t *dest, uint32_t *length)
1438 switch (digest->type) {
1439 case CRYPTO_DIGEST_MD5:
1440 /* Guard against programmer error by either the API client or
1441 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
1442 assert(*length >= CRYPTO_DIGEST_MD5_SIZE);
1443 *length = CRYPTO_DIGEST_MD5_SIZE;
1444 /* Doesn't return anything ... */
1445 MD5Final((unsigned char *)dest, &digest->md5);
1447 case CRYPTO_DIGEST_SHA1:
1448 /* Guard against programmer error by either the API client or
1449 * an out-of-sync CRYPTO_DIGEST_MAX_SIZE */
1450 assert(*length >= CRYPTO_DIGEST_SHA1_SIZE);
1451 *length = CRYPTO_DIGEST_SHA1_SIZE;
1452 if (SHA1Final(&digest->sha1, (u_int8_t *) dest) == shaSuccess) {
1465 void crypto_digest_free(DIGEST *digest)
1470 SIGNATURE *crypto_sign_new(JCR *jcr) { return NULL; }
1472 crypto_error_t crypto_sign_get_digest (SIGNATURE *sig, X509_KEYPAIR *keypair,
1473 crypto_digest_t &type, DIGEST **digest)
1474 { return CRYPTO_ERROR_INTERNAL; }
1476 crypto_error_t crypto_sign_verify (SIGNATURE *sig, X509_KEYPAIR *keypair, DIGEST *digest) { return CRYPTO_ERROR_INTERNAL; }
1478 int crypto_sign_add_signer (SIGNATURE *sig, DIGEST *digest, X509_KEYPAIR *keypair) { return false; }
1479 int crypto_sign_encode (SIGNATURE *sig, uint8_t *dest, uint32_t *length) { return false; }
1481 SIGNATURE *crypto_sign_decode (JCR *jcr, const uint8_t *sigData, uint32_t length) { return NULL; }
1482 void crypto_sign_free (SIGNATURE *sig) { }
1485 X509_KEYPAIR *crypto_keypair_new(void) { return NULL; }
1486 X509_KEYPAIR *crypto_keypair_dup (X509_KEYPAIR *keypair) { return NULL; }
1487 int crypto_keypair_load_cert (X509_KEYPAIR *keypair, const char *file) { return false; }
1488 bool crypto_keypair_has_key (const char *file) { return false; }
1489 int crypto_keypair_load_key (X509_KEYPAIR *keypair, const char *file, CRYPTO_PEM_PASSWD_CB *pem_callback, const void *pem_userdata) { return false; }
1490 void crypto_keypair_free (X509_KEYPAIR *keypair) { }
1492 CRYPTO_SESSION *crypto_session_new (crypto_cipher_t cipher, alist *pubkeys) { return NULL; }
1493 void crypto_session_free (CRYPTO_SESSION *cs) { }
1494 bool crypto_session_encode (CRYPTO_SESSION *cs, uint8_t *dest, uint32_t *length) { return false; }
1495 crypto_error_t crypto_session_decode(const uint8_t *data, uint32_t length, alist *keypairs, CRYPTO_SESSION **session) { return CRYPTO_ERROR_INTERNAL; }
1497 CIPHER_CONTEXT *crypto_cipher_new (CRYPTO_SESSION *cs, bool encrypt, uint32_t *blocksize) { return NULL; }
1498 bool crypto_cipher_update (CIPHER_CONTEXT *cipher_ctx, const uint8_t *data, uint32_t length, const uint8_t *dest, uint32_t *written) { return false; }
1499 bool crypto_cipher_finalize (CIPHER_CONTEXT *cipher_ctx, uint8_t *dest, uint32_t *written) { return false; }
1500 void crypto_cipher_free (CIPHER_CONTEXT *cipher_ctx) { }
1502 #endif /* HAVE_CRYPTO */
1507 * Default PEM encryption passphrase callback.
1508 * Returns an empty password.
1510 int crypto_default_pem_callback(char *buf, int size, const void *userdata)
1512 bstrncpy(buf, "", size);
1513 return (strlen(buf));
1517 * Returns the ASCII name of the digest type.
1518 * Returns: ASCII name of digest type.
1520 const char *crypto_digest_name(DIGEST *digest)
1522 switch (digest->type) {
1523 case CRYPTO_DIGEST_MD5:
1525 case CRYPTO_DIGEST_SHA1:
1527 case CRYPTO_DIGEST_SHA256:
1529 case CRYPTO_DIGEST_SHA512:
1531 case CRYPTO_DIGEST_NONE:
1534 return "Invalid Digest Type";
1540 * Given a stream type, returns the associated
1541 * crypto_digest_t value.
1543 crypto_digest_t crypto_digest_stream_type(int stream)
1546 case STREAM_MD5_DIGEST:
1547 return CRYPTO_DIGEST_MD5;
1548 case STREAM_SHA1_DIGEST:
1549 return CRYPTO_DIGEST_SHA1;
1550 case STREAM_SHA256_DIGEST:
1551 return CRYPTO_DIGEST_SHA256;
1552 case STREAM_SHA512_DIGEST:
1553 return CRYPTO_DIGEST_SHA512;
1555 return CRYPTO_DIGEST_NONE;
1560 * * Given a crypto_error_t value, return the associated
1563 const char *crypto_strerror(crypto_error_t error) {
1565 case CRYPTO_ERROR_NONE:
1566 return _("No error");
1567 case CRYPTO_ERROR_NOSIGNER:
1568 return _("Signer not found");
1569 case CRYPTO_ERROR_NORECIPIENT:
1570 return _("Recipient not found");
1571 case CRYPTO_ERROR_INVALID_DIGEST:
1572 return _("Unsupported digest algorithm");
1573 case CRYPTO_ERROR_INVALID_CRYPTO:
1574 return _("Unsupported encryption algorithm");
1575 case CRYPTO_ERROR_BAD_SIGNATURE:
1576 return _("Signature is invalid");
1577 case CRYPTO_ERROR_DECRYPTION:
1578 return _("Decryption error");
1579 case CRYPTO_ERROR_INTERNAL:
1580 /* This shouldn't happen */
1581 return _("Internal error");
1583 return _("Unknown error");