2 86693a33 2023-06-11 op * Copyright (c) 2023 Omar Polo <op@omarpolo.com>
3 86693a33 2023-06-11 op * Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
4 86693a33 2023-06-11 op * Copyright (c) 2012 Gilles Chehade <gilles@poolp.org>
6 86693a33 2023-06-11 op * Permission to use, copy, modify, and distribute this software for any
7 86693a33 2023-06-11 op * purpose with or without fee is hereby granted, provided that the above
8 86693a33 2023-06-11 op * copyright notice and this permission notice appear in all copies.
10 86693a33 2023-06-11 op * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 86693a33 2023-06-11 op * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 86693a33 2023-06-11 op * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 86693a33 2023-06-11 op * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 86693a33 2023-06-11 op * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 86693a33 2023-06-11 op * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 86693a33 2023-06-11 op * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 86693a33 2023-06-11 op #include "gmid.h"
21 86693a33 2023-06-11 op #include <string.h>
23 86693a33 2023-06-11 op #include <openssl/err.h>
24 86693a33 2023-06-11 op #include <openssl/pem.h>
26 86693a33 2023-06-11 op #include "log.h"
27 86693a33 2023-06-11 op #include "proc.h"
29 86693a33 2023-06-11 op #ifndef nitems
30 86693a33 2023-06-11 op #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
33 86693a33 2023-06-11 op static void crypto_init(struct privsep *, struct privsep_proc *, void *);
34 86693a33 2023-06-11 op static int crypto_dispatch_parent(int, struct privsep_proc *, struct imsg *);
35 86693a33 2023-06-11 op static int crypto_dispatch_server(int, struct privsep_proc *, struct imsg *);
37 86693a33 2023-06-11 op static struct privsep_proc procs[] = {
38 86693a33 2023-06-11 op { "parent", PROC_PARENT, crypto_dispatch_parent },
39 86693a33 2023-06-11 op { "server", PROC_SERVER, crypto_dispatch_server },
42 86693a33 2023-06-11 op struct imsg_crypto_req {
44 86693a33 2023-06-11 op char hash[TLS_CERT_HASH_SIZE];
48 86693a33 2023-06-11 op /* followed by flen bytes of `from'. */
51 86693a33 2023-06-11 op struct imsg_crypto_res {
55 86693a33 2023-06-11 op /* followed by len bytes of reply */
58 86693a33 2023-06-11 op static uint64_t reqid;
59 86693a33 2023-06-11 op static struct conf *conf;
62 86693a33 2023-06-11 op crypto(struct privsep *ps, struct privsep_proc *p)
64 86693a33 2023-06-11 op proc_run(ps, p, procs, nitems(procs), crypto_init, NULL);
68 86693a33 2023-06-11 op crypto_init(struct privsep *ps, struct privsep_proc *p, void *arg)
71 86693a33 2023-06-11 op static volatile int attached;
72 86693a33 2023-06-11 op while (!attached) sleep(1);
75 86693a33 2023-06-11 op conf = ps->ps_env;
77 86693a33 2023-06-11 op sandbox_crypto_process();
81 86693a33 2023-06-11 op crypto_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
83 86693a33 2023-06-11 op switch (imsg->hdr.type) {
84 86693a33 2023-06-11 op case IMSG_RECONF_START:
85 86693a33 2023-06-11 op case IMSG_RECONF_CERT:
86 86693a33 2023-06-11 op case IMSG_RECONF_KEY:
87 86693a33 2023-06-11 op case IMSG_RECONF_END:
88 86693a33 2023-06-11 op if (config_recv(conf, imsg) == -1)
98 86693a33 2023-06-11 op static EVP_PKEY *
99 86693a33 2023-06-11 op get_pkey(const char *hash)
101 86693a33 2023-06-11 op struct pki *pki;
103 86693a33 2023-06-11 op TAILQ_FOREACH(pki, &conf->pkis, pkis) {
104 86693a33 2023-06-11 op if (!strcmp(pki->hash, hash))
105 86693a33 2023-06-11 op return pki->pkey;
112 86693a33 2023-06-11 op crypto_dispatch_server(int fd, struct privsep_proc *p, struct imsg *imsg)
114 86693a33 2023-06-11 op struct privsep *ps = p->p_ps;
115 51340784 2023-06-23 op RSA *rsa = NULL;
116 51340784 2023-06-23 op EC_KEY *ecdsa = NULL;
117 86693a33 2023-06-11 op EVP_PKEY *pkey;
118 86693a33 2023-06-11 op struct imsg_crypto_req req;
119 86693a33 2023-06-11 op struct imsg_crypto_res res;
120 86693a33 2023-06-11 op struct iovec iov[2];
121 86693a33 2023-06-11 op const void *from;
122 10cc8193 2023-06-13 op unsigned char *data, *to;
123 86693a33 2023-06-11 op size_t datalen;
125 b8d68fc8 2023-06-11 op unsigned int len;
127 10cc8193 2023-06-13 op data = imsg->data;
128 86693a33 2023-06-11 op datalen = IMSG_DATA_SIZE(imsg);
130 86693a33 2023-06-11 op switch (imsg->hdr.type) {
131 86693a33 2023-06-11 op case IMSG_CRYPTO_RSA_PRIVENC:
132 86693a33 2023-06-11 op case IMSG_CRYPTO_RSA_PRIVDEC:
133 86693a33 2023-06-11 op if (datalen < sizeof(req))
134 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d", imsg->hdr.type);
135 10cc8193 2023-06-13 op memcpy(&req, data, sizeof(req));
136 86693a33 2023-06-11 op if (datalen != sizeof(req) + req.flen)
137 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d", imsg->hdr.type);
138 10cc8193 2023-06-13 op from = data + sizeof(req);
140 86693a33 2023-06-11 op if ((pkey = get_pkey(req.hash)) == NULL ||
141 86693a33 2023-06-11 op (rsa = EVP_PKEY_get1_RSA(pkey)) == NULL)
142 86693a33 2023-06-11 op fatalx("invalid pkey hash");
144 86693a33 2023-06-11 op if ((to = calloc(1, req.tlen)) == NULL)
145 86693a33 2023-06-11 op fatal("calloc");
147 b90faa16 2023-06-13 op if (imsg->hdr.type == IMSG_CRYPTO_RSA_PRIVENC)
148 86693a33 2023-06-11 op ret = RSA_private_encrypt(req.flen, from,
149 86693a33 2023-06-11 op to, rsa, req.padding);
151 86693a33 2023-06-11 op ret = RSA_private_decrypt(req.flen, from,
152 86693a33 2023-06-11 op to, rsa, req.padding);
154 86693a33 2023-06-11 op memset(&res, 0, sizeof(res));
155 86693a33 2023-06-11 op res.id = req.id;
156 86693a33 2023-06-11 op res.ret = ret;
158 86693a33 2023-06-11 op memset(&iov, 0, sizeof(iov));
160 86693a33 2023-06-11 op iov[n].iov_base = &res;
161 86693a33 2023-06-11 op iov[n].iov_len = sizeof(res);
164 86693a33 2023-06-11 op if (ret > 0) {
165 86693a33 2023-06-11 op res.len = ret;
166 86693a33 2023-06-11 op iov[n].iov_base = to;
167 86693a33 2023-06-11 op iov[n].iov_len = ret;
171 86693a33 2023-06-11 op log_debug("replying to server #%d", imsg->hdr.pid);
172 86693a33 2023-06-11 op if (proc_composev_imsg(ps, PROC_SERVER, imsg->hdr.pid - 1,
173 86693a33 2023-06-11 op imsg->hdr.type, 0, -1, iov, n) == -1)
174 86693a33 2023-06-11 op fatal("proc_composev_imsg");
176 86693a33 2023-06-11 op if (proc_flush_imsg(ps, PROC_SERVER, imsg->hdr.pid - 1) == -1)
177 86693a33 2023-06-11 op fatal("proc_flush_imsg");
180 86693a33 2023-06-11 op RSA_free(rsa);
183 86693a33 2023-06-11 op case IMSG_CRYPTO_ECDSA_SIGN:
184 86693a33 2023-06-11 op if (datalen < sizeof(req))
185 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d", imsg->hdr.type);
186 10cc8193 2023-06-13 op memcpy(&req, data, sizeof(req));
187 86693a33 2023-06-11 op if (datalen != sizeof(req) + req.flen)
188 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d", imsg->hdr.type);
189 10cc8193 2023-06-13 op from = data + sizeof(req);
191 86693a33 2023-06-11 op if ((pkey = get_pkey(req.hash)) == NULL ||
192 86693a33 2023-06-11 op (ecdsa = EVP_PKEY_get1_EC_KEY(pkey)) == NULL)
193 86693a33 2023-06-11 op fatalx("invalid pkey hash");
195 86693a33 2023-06-11 op len = ECDSA_size(ecdsa);
196 86693a33 2023-06-11 op if ((to = calloc(1, len)) == NULL)
197 86693a33 2023-06-11 op fatal("calloc");
198 86693a33 2023-06-11 op ret = ECDSA_sign(0, from, req.flen, to, &len, ecdsa);
200 86693a33 2023-06-11 op memset(&res, 0, sizeof(res));
201 86693a33 2023-06-11 op res.id = req.id;
202 86693a33 2023-06-11 op res.ret = ret;
204 86693a33 2023-06-11 op memset(&iov, 0, sizeof(iov));
206 86693a33 2023-06-11 op iov[0].iov_base = &res;
207 6c86d810 2023-08-28 op iov[0].iov_len = sizeof(res);
210 86693a33 2023-06-11 op if (ret > 0) {
211 86693a33 2023-06-11 op res.len = len;
212 86693a33 2023-06-11 op iov[n].iov_base = to;
213 86693a33 2023-06-11 op iov[n].iov_len = len;
217 86693a33 2023-06-11 op log_debug("replying to server #%d", imsg->hdr.pid);
218 86693a33 2023-06-11 op if (proc_composev_imsg(ps, PROC_SERVER, imsg->hdr.pid - 1,
219 86693a33 2023-06-11 op imsg->hdr.type, 0, -1, iov, n) == -1)
220 86693a33 2023-06-11 op fatal("proc_composev_imsg");
222 86693a33 2023-06-11 op if (proc_flush_imsg(ps, PROC_SERVER, imsg->hdr.pid - 1) == -1)
223 86693a33 2023-06-11 op fatal("proc_flush_imsg");
226 86693a33 2023-06-11 op EC_KEY_free(ecdsa);
238 86693a33 2023-06-11 op * RSA privsep engine (called from unprivileged processes)
241 86693a33 2023-06-11 op static const RSA_METHOD *rsa_default;
242 86693a33 2023-06-11 op static RSA_METHOD *rsae_method;
245 86693a33 2023-06-11 op rsae_send_imsg(int flen, const unsigned char *from, unsigned char *to,
246 86693a33 2023-06-11 op RSA *rsa, int padding, unsigned int cmd)
248 86693a33 2023-06-11 op struct imsg_crypto_req req;
249 86693a33 2023-06-11 op struct iovec iov[2];
250 86693a33 2023-06-11 op struct imsg_crypto_res res;
251 86693a33 2023-06-11 op struct imsgev *iev;
252 86693a33 2023-06-11 op struct privsep_proc *p;
253 86693a33 2023-06-11 op struct privsep *ps = conf->ps;
254 86693a33 2023-06-11 op struct imsgbuf *ibuf;
255 86693a33 2023-06-11 op struct imsg imsg;
257 86693a33 2023-06-11 op int n, done = 0;
258 86693a33 2023-06-11 op const void *toptr;
260 10cc8193 2023-06-13 op unsigned char *data;
261 86693a33 2023-06-11 op size_t datalen;
263 86693a33 2023-06-11 op if ((hash = RSA_get_ex_data(rsa, 0)) == NULL)
267 86693a33 2023-06-11 op * Send a synchronous imsg because we cannot defer the RSA
268 86693a33 2023-06-11 op * operation in OpenSSL's engine layer.
270 86693a33 2023-06-11 op memset(&req, 0, sizeof(req));
271 86693a33 2023-06-11 op req.id = ++reqid;
272 86693a33 2023-06-11 op if (strlcpy(req.hash, hash, sizeof(req.hash)) >= sizeof(req.hash))
273 86693a33 2023-06-11 op fatalx("%s: hash too long (%zu)", __func__, strlen(hash));
274 86693a33 2023-06-11 op req.flen = flen;
275 86693a33 2023-06-11 op req.tlen = RSA_size(rsa);
276 86693a33 2023-06-11 op req.padding = padding;
278 86693a33 2023-06-11 op memset(&iov, 0, sizeof(iov));
279 86693a33 2023-06-11 op iov[0].iov_base = &req;
280 86693a33 2023-06-11 op iov[0].iov_len = sizeof(req);
281 86693a33 2023-06-11 op iov[1].iov_base = (void *)from;
282 86693a33 2023-06-11 op iov[1].iov_len = flen;
284 86693a33 2023-06-11 op if (proc_composev(ps, PROC_CRYPTO, cmd, iov, 2) == -1)
285 86693a33 2023-06-11 op fatal("proc_composev");
287 86693a33 2023-06-11 op if (proc_flush_imsg(ps, PROC_CRYPTO, -1) == -1)
288 86693a33 2023-06-11 op fatal("proc_flush_imsg");
290 86693a33 2023-06-11 op iev = ps->ps_ievs[PROC_CRYPTO];
291 86693a33 2023-06-11 op p = iev->proc;
292 86693a33 2023-06-11 op ibuf = &iev->ibuf;
294 86693a33 2023-06-11 op while (!done) {
295 86693a33 2023-06-11 op if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
296 86693a33 2023-06-11 op fatalx("imsg_read");
298 86693a33 2023-06-11 op fatalx("pipe closed");
300 86693a33 2023-06-11 op while (!done) {
301 86693a33 2023-06-11 op if ((n = imsg_get(ibuf, &imsg)) == -1)
302 86693a33 2023-06-11 op fatalx("imsg_get error");
306 86693a33 2023-06-11 op #if DEBUG > 1
308 86693a33 2023-06-11 op "%s: %s %d got imsg %d peerid %d from %s %d",
309 86693a33 2023-06-11 op __func__, title, 1, imsg.hdr.type,
310 86693a33 2023-06-11 op imsg.hdr.peerid, "crypto", imsg.hdr.pid);
313 86693a33 2023-06-11 op if ((p->p_cb)(ibuf->fd, p, &imsg) == 0) {
314 86693a33 2023-06-11 op /* Message was handled by the callback */
315 86693a33 2023-06-11 op imsg_free(&imsg);
319 86693a33 2023-06-11 op switch (imsg.hdr.type) {
320 86693a33 2023-06-11 op case IMSG_CRYPTO_RSA_PRIVENC:
321 86693a33 2023-06-11 op case IMSG_CRYPTO_RSA_PRIVDEC:
324 86693a33 2023-06-11 op fatalx("%s: %s %d got invalid imsg %d"
325 86693a33 2023-06-11 op " peerid %d from %s %d",
326 86693a33 2023-06-11 op __func__, "server", ps->ps_instance + 1,
327 86693a33 2023-06-11 op imsg.hdr.type, imsg.hdr.peerid,
328 86693a33 2023-06-11 op "crypto", imsg.hdr.pid);
331 10cc8193 2023-06-13 op data = imsg.data;
332 86693a33 2023-06-11 op datalen = IMSG_DATA_SIZE(&imsg);
333 86693a33 2023-06-11 op if (datalen < sizeof(res))
334 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d",
335 86693a33 2023-06-11 op imsg.hdr.type);
336 10cc8193 2023-06-13 op memcpy(&res, data, sizeof(res));
337 86693a33 2023-06-11 op if (datalen != sizeof(res) + res.ret)
338 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d",
339 86693a33 2023-06-11 op imsg.hdr.type);
340 86693a33 2023-06-11 op ret = res.ret;
341 10cc8193 2023-06-13 op toptr = data + sizeof(res);
343 86693a33 2023-06-11 op if (res.id != reqid)
344 d1739e3f 2023-06-11 op fatalx("invalid id; got %llu, want %llu",
345 d1739e3f 2023-06-11 op (unsigned long long)res.id,
346 d1739e3f 2023-06-11 op (unsigned long long)reqid);
347 86693a33 2023-06-11 op if (res.ret > 0)
348 86693a33 2023-06-11 op memcpy(to, toptr, res.len);
352 86693a33 2023-06-11 op imsg_free(&imsg);
355 86693a33 2023-06-11 op imsg_event_add(iev);
357 86693a33 2023-06-11 op return (ret);
361 86693a33 2023-06-11 op rsae_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,
364 86693a33 2023-06-11 op log_debug("debug: %s", __func__);
365 86693a33 2023-06-11 op if (RSA_get_ex_data(rsa, 0) != NULL)
366 86693a33 2023-06-11 op return (rsae_send_imsg(flen, from, to, rsa, padding,
367 86693a33 2023-06-11 op IMSG_CRYPTO_RSA_PRIVENC));
368 86693a33 2023-06-11 op return (RSA_meth_get_priv_enc(rsa_default)(flen, from, to, rsa, padding));
372 86693a33 2023-06-11 op rsae_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,
375 86693a33 2023-06-11 op log_debug("debug: %s", __func__);
376 86693a33 2023-06-11 op if (RSA_get_ex_data(rsa, 0) != NULL)
377 86693a33 2023-06-11 op return (rsae_send_imsg(flen, from, to, rsa, padding,
378 86693a33 2023-06-11 op IMSG_CRYPTO_RSA_PRIVDEC));
380 86693a33 2023-06-11 op return (RSA_meth_get_priv_dec(rsa_default)(flen, from, to, rsa, padding));
385 86693a33 2023-06-11 op * ECDSA privsep engine (called from unprivileged processes)
388 86693a33 2023-06-11 op static const EC_KEY_METHOD *ecdsa_default;
389 86693a33 2023-06-11 op static EC_KEY_METHOD *ecdsae_method;
391 86693a33 2023-06-11 op static ECDSA_SIG *
392 86693a33 2023-06-11 op ecdsae_send_enc_imsg(const unsigned char *dgst, int dgst_len,
393 86693a33 2023-06-11 op const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey)
395 86693a33 2023-06-11 op ECDSA_SIG *sig = NULL;
396 86693a33 2023-06-11 op struct imsg_crypto_req req;
397 86693a33 2023-06-11 op struct iovec iov[2];
398 86693a33 2023-06-11 op struct imsg_crypto_res res;
399 86693a33 2023-06-11 op struct imsgev *iev;
400 86693a33 2023-06-11 op struct privsep_proc *p;
401 86693a33 2023-06-11 op struct privsep *ps = conf->ps;
402 86693a33 2023-06-11 op struct imsgbuf *ibuf;
403 86693a33 2023-06-11 op struct imsg imsg;
404 86693a33 2023-06-11 op int n, done = 0;
405 86693a33 2023-06-11 op const void *toptr;
407 10cc8193 2023-06-13 op unsigned char *data;
408 86693a33 2023-06-11 op size_t datalen;
410 86693a33 2023-06-11 op if ((hash = EC_KEY_get_ex_data(eckey, 0)) == NULL)
414 86693a33 2023-06-11 op * Send a synchronous imsg because we cannot defer the RSA
415 86693a33 2023-06-11 op * operation in OpenSSL's engine layer.
417 86693a33 2023-06-11 op memset(&req, 0, sizeof(req));
418 3cba037a 2023-08-28 op req.id = ++reqid;
419 86693a33 2023-06-11 op if (strlcpy(req.hash, hash, sizeof(req.hash)) >= sizeof(req.hash))
420 86693a33 2023-06-11 op fatalx("%s: hash too long (%zu)", __func__, strlen(hash));
421 86693a33 2023-06-11 op req.flen = dgst_len;
423 86693a33 2023-06-11 op memset(&iov, 0, sizeof(iov));
424 86693a33 2023-06-11 op iov[0].iov_base = &req;
425 86693a33 2023-06-11 op iov[0].iov_len = sizeof(req);
426 86693a33 2023-06-11 op iov[1].iov_base = (void *)dgst;
427 86693a33 2023-06-11 op iov[1].iov_len = dgst_len;
429 86693a33 2023-06-11 op if (proc_composev(ps, PROC_CRYPTO, IMSG_CRYPTO_ECDSA_SIGN, iov, 2) == -1)
430 86693a33 2023-06-11 op fatal("proc_composev");
432 86693a33 2023-06-11 op if (proc_flush_imsg(ps, PROC_CRYPTO, -1) == -1)
433 86693a33 2023-06-11 op fatal("proc_flush_imsg");
435 86693a33 2023-06-11 op iev = ps->ps_ievs[PROC_CRYPTO];
436 86693a33 2023-06-11 op p = iev->proc;
437 86693a33 2023-06-11 op ibuf = &iev->ibuf;
439 86693a33 2023-06-11 op while (!done) {
440 86693a33 2023-06-11 op if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
441 86693a33 2023-06-11 op fatalx("imsg_read");
443 86693a33 2023-06-11 op fatalx("pipe closed");
445 86693a33 2023-06-11 op while (!done) {
446 86693a33 2023-06-11 op if ((n = imsg_get(ibuf, &imsg)) == -1)
447 86693a33 2023-06-11 op fatalx("imsg_get error");
451 86693a33 2023-06-11 op #if DEBUG > 1
453 86693a33 2023-06-11 op "%s: %s %d got imsg %d peerid %d from %s %d",
454 86693a33 2023-06-11 op __func__, title, 1, imsg.hdr.type,
455 86693a33 2023-06-11 op imsg.hdr.peerid, "crypto", imsg.hdr.pid);
458 a6c8b805 2023-08-28 op if (imsg.hdr.type != IMSG_CRYPTO_ECDSA_SIGN &&
459 a6c8b805 2023-08-28 op crypto_dispatch_server(ibuf->fd, p, &imsg) == 0) {
460 86693a33 2023-06-11 op /* Message was handled by the callback */
461 86693a33 2023-06-11 op imsg_free(&imsg);
465 86693a33 2023-06-11 op if (imsg.hdr.type != IMSG_CRYPTO_ECDSA_SIGN)
466 86693a33 2023-06-11 op fatalx("%s: %s %d got invalid imsg %d"
467 86693a33 2023-06-11 op " peerid %d from %s %d",
468 86693a33 2023-06-11 op __func__, "server", ps->ps_instance + 1,
469 86693a33 2023-06-11 op imsg.hdr.type, imsg.hdr.peerid,
470 86693a33 2023-06-11 op "crypto", imsg.hdr.pid);
472 10cc8193 2023-06-13 op data = imsg.data;
473 86693a33 2023-06-11 op datalen = IMSG_DATA_SIZE(&imsg);
474 86693a33 2023-06-11 op if (datalen < sizeof(res))
475 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d",
476 86693a33 2023-06-11 op imsg.hdr.type);
477 10cc8193 2023-06-13 op memcpy(&res, data, sizeof(res));
478 b894573a 2023-08-29 op if (datalen != sizeof(res) + res.len)
479 86693a33 2023-06-11 op fatalx("size mismatch for imsg %d",
480 86693a33 2023-06-11 op imsg.hdr.type);
481 10cc8193 2023-06-13 op toptr = data + sizeof(res);
483 86693a33 2023-06-11 op if (res.id != reqid)
484 86693a33 2023-06-11 op fatalx("invalid response id");
485 86693a33 2023-06-11 op if (res.ret > 0) {
486 86693a33 2023-06-11 op d2i_ECDSA_SIG(&sig,
487 86693a33 2023-06-11 op (const unsigned char **)&toptr, res.len);
492 86693a33 2023-06-11 op imsg_free(&imsg);
495 86693a33 2023-06-11 op imsg_event_add(iev);
497 86693a33 2023-06-11 op return (sig);
500 86693a33 2023-06-11 op static ECDSA_SIG *
501 86693a33 2023-06-11 op ecdsae_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
502 86693a33 2023-06-11 op const BIGNUM *rp, EC_KEY *eckey)
504 86693a33 2023-06-11 op ECDSA_SIG *(*psign_sig)(const unsigned char *, int, const BIGNUM *,
505 86693a33 2023-06-11 op const BIGNUM *, EC_KEY *);
507 86693a33 2023-06-11 op log_debug("debug: %s", __func__);
508 86693a33 2023-06-11 op if (EC_KEY_get_ex_data(eckey, 0) != NULL)
509 86693a33 2023-06-11 op return (ecdsae_send_enc_imsg(dgst, dgst_len, inv, rp, eckey));
510 86693a33 2023-06-11 op EC_KEY_METHOD_get_sign(ecdsa_default, NULL, NULL, &psign_sig);
511 86693a33 2023-06-11 op return (psign_sig(dgst, dgst_len, inv, rp, eckey));
516 86693a33 2023-06-11 op * Initialize the two engines.
520 86693a33 2023-06-11 op rsa_engine_init(void)
522 bd233076 2023-07-22 op const char *errstr;
524 bd233076 2023-07-22 op if ((rsa_default = RSA_get_default_method()) == NULL) {
525 bd233076 2023-07-22 op errstr = "RSA_get_default_method";
529 21617eda 2023-07-22 op if ((rsae_method = RSA_meth_dup(rsa_default)) == NULL) {
530 21617eda 2023-07-22 op errstr = "RSA_meth_dup";
534 21617eda 2023-07-22 op RSA_meth_set_priv_enc(rsae_method, rsae_priv_enc);
535 21617eda 2023-07-22 op RSA_meth_set_priv_dec(rsae_method, rsae_priv_dec);
537 86693a33 2023-06-11 op RSA_meth_set_flags(rsae_method,
538 6a996ec2 2023-07-22 op RSA_meth_get_flags(rsa_default) | RSA_METHOD_FLAG_NO_CHECK);
539 86693a33 2023-06-11 op RSA_meth_set0_app_data(rsae_method,
540 6a996ec2 2023-07-22 op RSA_meth_get0_app_data(rsa_default));
542 bd233076 2023-07-22 op RSA_set_default_method(rsae_method);
547 86693a33 2023-06-11 op ssl_error(errstr);
548 86693a33 2023-06-11 op fatalx("%s", errstr);
552 86693a33 2023-06-11 op ecdsa_engine_init(void)
554 21617eda 2023-07-22 op int (*sign)(int, const unsigned char *, int, unsigned char *,
555 21617eda 2023-07-22 op unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *);
556 21617eda 2023-07-22 op int (*sign_setup)(EC_KEY *, BN_CTX *, BIGNUM **, BIGNUM **);
557 bd233076 2023-07-22 op const char *errstr;
559 bd233076 2023-07-22 op if ((ecdsa_default = EC_KEY_get_default_method()) == NULL) {
560 bd233076 2023-07-22 op errstr = "EC_KEY_get_default_method";
564 21617eda 2023-07-22 op if ((ecdsae_method = EC_KEY_METHOD_new(ecdsa_default)) == NULL) {
565 21617eda 2023-07-22 op errstr = "EC_KEY_METHOD_new";
569 21617eda 2023-07-22 op EC_KEY_METHOD_get_sign(ecdsa_default, &sign, &sign_setup, NULL);
570 21617eda 2023-07-22 op EC_KEY_METHOD_set_sign(ecdsae_method, sign, sign_setup,
571 21617eda 2023-07-22 op ecdsae_do_sign);
573 bd233076 2023-07-22 op EC_KEY_set_default_method(ecdsae_method);
578 86693a33 2023-06-11 op ssl_error(errstr);
579 86693a33 2023-06-11 op fatalx("%s", errstr);
583 86693a33 2023-06-11 op crypto_engine_init(struct conf *c)
587 86693a33 2023-06-11 op rsa_engine_init();
588 86693a33 2023-06-11 op ecdsa_engine_init();