Initial sshsm project structure

Issue-ID: AAF-94
Change-Id: I5e82fff418e7567b161acf9b98013a9b85ffc5b4
Signed-off-by: NingSun <ning.sun@intel.com>

1 files changed, 695 insertions, 0 deletions

diff --git a/SoftHSMv2/src/lib/crypto/OSSLDSA.cpp b/SoftHSMv2/src/lib/crypto/OSSLDSA.cpp
new file mode 100644
index 0000000..06b5d50
--- /dev/null
+++ b/SoftHSMv2/src/lib/crypto/OSSLDSA.cpp
@@ -0,0 +1,695 @@
+/*
+ * Copyright (c) 2010 SURFnet bv
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*****************************************************************************
+ OSSLDSA.cpp
+
+ OpenSSL DSA asymmetric algorithm implementation
+ *****************************************************************************/
+
+#include "config.h"
+#include "log.h"
+#include "OSSLDSA.h"
+#include "CryptoFactory.h"
+#include "DSAParameters.h"
+#include "OSSLDSAKeyPair.h"
+#include "OSSLComp.h"
+#include "OSSLUtil.h"
+#include <algorithm>
+#include <openssl/dsa.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+
+// Constructor
+OSSLDSA::OSSLDSA()
+{
+	pCurrentHash = NULL;
+}
+
+// Destructor
+OSSLDSA::~OSSLDSA()
+{
+	if (pCurrentHash != NULL)
+	{
+		delete pCurrentHash;
+	}
+}
+
+// Signing functions
+bool OSSLDSA::sign(PrivateKey* privateKey, const ByteString& dataToSign,
+		   ByteString& signature, const AsymMech::Type mechanism,
+		   const void* param /* = NULL */, const size_t paramLen /* = 0 */)
+{
+	if (mechanism == AsymMech::DSA)
+	{
+		// Separate implementation for DSA signing without hash computation
+
+		// Check if the private key is the right type
+		if (!privateKey->isOfType(OSSLDSAPrivateKey::type))
+		{
+			ERROR_MSG("Invalid key type supplied");
+
+			return false;
+		}
+
+		OSSLDSAPrivateKey* pk = (OSSLDSAPrivateKey*) privateKey;
+		DSA* dsa = pk->getOSSLKey();
+
+		// Perform the signature operation
+		unsigned int sigLen = pk->getOutputLength();
+		signature.resize(sigLen);
+		memset(&signature[0], 0, sigLen);
+		int dLen = dataToSign.size();
+		DSA_SIG* sig = DSA_do_sign(dataToSign.const_byte_str(), dLen, dsa);
+		if (sig == NULL)
+			return false;
+		// Store the 2 values with padding
+		const BIGNUM* bn_r = NULL;
+		const BIGNUM* bn_s = NULL;
+		DSA_SIG_get0(sig, &bn_r, &bn_s);
+		BN_bn2bin(bn_r, &signature[sigLen / 2 - BN_num_bytes(bn_r)]);
+		BN_bn2bin(bn_s, &signature[sigLen - BN_num_bytes(bn_s)]);
+		DSA_SIG_free(sig);
+		return true;
+	}
+	else
+	{
+		// Call default implementation
+		return AsymmetricAlgorithm::sign(privateKey, dataToSign, signature, mechanism, param, paramLen);
+	}
+}
+
+bool OSSLDSA::signInit(PrivateKey* privateKey, const AsymMech::Type mechanism,
+		       const void* param /* = NULL */, const size_t paramLen /* = 0 */)
+{
+	if (!AsymmetricAlgorithm::signInit(privateKey, mechanism, param, paramLen))
+	{
+		return false;
+	}
+
+	// Check if the private key is the right type
+	if (!privateKey->isOfType(OSSLDSAPrivateKey::type))
+	{
+		ERROR_MSG("Invalid key type supplied");
+
+		ByteString dummy;
+		AsymmetricAlgorithm::signFinal(dummy);
+
+		return false;
+	}
+
+	HashAlgo::Type hash = HashAlgo::Unknown;
+
+	switch (mechanism)
+	{
+		case AsymMech::DSA_SHA1:
+			hash = HashAlgo::SHA1;
+			break;
+		case AsymMech::DSA_SHA224:
+			hash = HashAlgo::SHA224;
+			break;
+		case AsymMech::DSA_SHA256:
+			hash = HashAlgo::SHA256;
+			break;
+		case AsymMech::DSA_SHA384:
+			hash = HashAlgo::SHA384;
+			break;
+		case AsymMech::DSA_SHA512:
+			hash = HashAlgo::SHA512;
+			break;
+		default:
+			ERROR_MSG("Invalid mechanism supplied (%i)", mechanism);
+
+			ByteString dummy;
+			AsymmetricAlgorithm::signFinal(dummy);
+
+			return false;
+	}
+
+	pCurrentHash = CryptoFactory::i()->getHashAlgorithm(hash);
+
+	if (pCurrentHash == NULL)
+	{
+		ByteString dummy;
+		AsymmetricAlgorithm::signFinal(dummy);
+
+		return false;
+	}
+
+	if (!pCurrentHash->hashInit())
+	{
+		delete pCurrentHash;
+		pCurrentHash = NULL;
+
+		ByteString dummy;
+		AsymmetricAlgorithm::signFinal(dummy);
+
+		return false;
+	}
+
+	return true;
+}
+
+bool OSSLDSA::signUpdate(const ByteString& dataToSign)
+{
+	if (!AsymmetricAlgorithm::signUpdate(dataToSign))
+	{
+		return false;
+	}
+
+	if (!pCurrentHash->hashUpdate(dataToSign))
+	{
+		delete pCurrentHash;
+		pCurrentHash = NULL;
+
+		ByteString dummy;
+		AsymmetricAlgorithm::signFinal(dummy);
+
+		return false;
+	}
+
+	return true;
+}
+
+bool OSSLDSA::signFinal(ByteString& signature)
+{
+	// Save necessary state before calling super class signFinal
+	OSSLDSAPrivateKey* pk = (OSSLDSAPrivateKey*) currentPrivateKey;
+
+	if (!AsymmetricAlgorithm::signFinal(signature))
+	{
+		return false;
+	}
+
+	ByteString hash;
+
+	bool bFirstResult = pCurrentHash->hashFinal(hash);
+
+	delete pCurrentHash;
+	pCurrentHash = NULL;
+
+	if (!bFirstResult)
+	{
+		return false;
+	}
+
+	DSA* dsa = pk->getOSSLKey();
+
+	// Perform the signature operation
+	unsigned int sigLen = pk->getOutputLength();
+	signature.resize(sigLen);
+	memset(&signature[0], 0, sigLen);
+	DSA_SIG* sig = DSA_do_sign(&hash[0], hash.size(), dsa);
+	if (sig == NULL)
+		return false;
+	// Store the 2 values with padding
+	const BIGNUM* bn_r = NULL;
+	const BIGNUM* bn_s = NULL;
+	DSA_SIG_get0(sig, &bn_r, &bn_s);
+	BN_bn2bin(bn_r, &signature[sigLen / 2 - BN_num_bytes(bn_r)]);
+	BN_bn2bin(bn_s, &signature[sigLen - BN_num_bytes(bn_s)]);
+	DSA_SIG_free(sig);
+	return true;
+}
+
+// Verification functions
+bool OSSLDSA::verify(PublicKey* publicKey, const ByteString& originalData,
+		     const ByteString& signature, const AsymMech::Type mechanism,
+		     const void* param /* = NULL */, const size_t paramLen /* = 0 */)
+{
+	if (mechanism == AsymMech::DSA)
+	{
+		// Separate implementation for DSA verification without hash computation
+
+		// Check if the private key is the right type
+		if (!publicKey->isOfType(OSSLDSAPublicKey::type))
+		{
+			ERROR_MSG("Invalid key type supplied");
+
+			return false;
+		}
+
+		// Perform the verify operation
+		OSSLDSAPublicKey* pk = (OSSLDSAPublicKey*) publicKey;
+		unsigned int sigLen = pk->getOutputLength();
+		if (signature.size() != sigLen)
+			return false;
+		DSA_SIG* sig = DSA_SIG_new();
+		if (sig == NULL)
+			return false;
+		const unsigned char *s = signature.const_byte_str();
+		BIGNUM* bn_r = BN_bin2bn(s, sigLen / 2, NULL);
+		BIGNUM* bn_s = BN_bin2bn(s + sigLen / 2, sigLen / 2, NULL);
+		if (bn_r == NULL || bn_s == NULL ||
+		    !DSA_SIG_set0(sig, bn_r, bn_s))
+		{
+			DSA_SIG_free(sig);
+			return false;
+		}
+		int dLen = originalData.size();
+		int ret = DSA_do_verify(originalData.const_byte_str(), dLen, sig, pk->getOSSLKey());
+		if (ret != 1)
+		{
+			if (ret < 0)
+				ERROR_MSG("DSA verify failed (0x%08X)", ERR_get_error());
+
+			DSA_SIG_free(sig);
+			return false;
+		}
+
+		DSA_SIG_free(sig);
+		return true;
+	}
+	else
+	{
+		// Call the generic function
+		return AsymmetricAlgorithm::verify(publicKey, originalData, signature, mechanism, param, paramLen);
+	}
+}
+
+bool OSSLDSA::verifyInit(PublicKey* publicKey, const AsymMech::Type mechanism,
+			 const void* param /* = NULL */, const size_t paramLen /* = 0 */)
+{
+	if (!AsymmetricAlgorithm::verifyInit(publicKey, mechanism, param, paramLen))
+	{
+		return false;
+	}
+
+	// Check if the private key is the right type
+	if (!publicKey->isOfType(OSSLDSAPublicKey::type))
+	{
+		ERROR_MSG("Invalid key type supplied");
+
+		ByteString dummy;
+		AsymmetricAlgorithm::verifyFinal(dummy);
+
+		return false;
+	}
+
+	HashAlgo::Type hash = HashAlgo::Unknown;
+
+	switch (mechanism)
+	{
+		case AsymMech::DSA_SHA1:
+			hash = HashAlgo::SHA1;
+			break;
+		case AsymMech::DSA_SHA224:
+			hash = HashAlgo::SHA224;
+			break;
+		case AsymMech::DSA_SHA256:
+			hash = HashAlgo::SHA256;
+			break;
+		case AsymMech::DSA_SHA384:
+			hash = HashAlgo::SHA384;
+			break;
+		case AsymMech::DSA_SHA512:
+			hash = HashAlgo::SHA512;
+			break;
+		default:
+			ERROR_MSG("Invalid mechanism supplied (%i)", mechanism);
+
+			ByteString dummy;
+			AsymmetricAlgorithm::verifyFinal(dummy);
+
+			return false;
+	}
+
+	pCurrentHash = CryptoFactory::i()->getHashAlgorithm(hash);
+
+
+	if (pCurrentHash == NULL)
+	{
+		ByteString dummy;
+		AsymmetricAlgorithm::verifyFinal(dummy);
+
+		return false;
+	}
+
+	if (!pCurrentHash->hashInit())
+	{
+		delete pCurrentHash;
+		pCurrentHash = NULL;
+
+		ByteString dummy;
+		AsymmetricAlgorithm::verifyFinal(dummy);
+
+		return false;
+	}
+
+	return true;
+}
+
+bool OSSLDSA::verifyUpdate(const ByteString& originalData)
+{
+	if (!AsymmetricAlgorithm::verifyUpdate(originalData))
+	{
+		return false;
+	}
+
+	if (!pCurrentHash->hashUpdate(originalData))
+	{
+		delete pCurrentHash;
+		pCurrentHash = NULL;
+
+		ByteString dummy;
+		AsymmetricAlgorithm::verifyFinal(dummy);
+
+		return false;
+	}
+
+	return true;
+}
+
+bool OSSLDSA::verifyFinal(const ByteString& signature)
+{
+	// Save necessary state before calling super class verifyFinal
+	OSSLDSAPublicKey* pk = (OSSLDSAPublicKey*) currentPublicKey;
+
+	if (!AsymmetricAlgorithm::verifyFinal(signature))
+	{
+		return false;
+	}
+
+	ByteString hash;
+
+	bool bFirstResult = pCurrentHash->hashFinal(hash);
+
+	delete pCurrentHash;
+	pCurrentHash = NULL;
+
+	if (!bFirstResult)
+	{
+		return false;
+	}
+
+	// Perform the verify operation
+	unsigned int sigLen = pk->getOutputLength();
+	if (signature.size() != sigLen)
+		return false;
+	DSA_SIG* sig = DSA_SIG_new();
+	if (sig == NULL)
+		return false;
+	const unsigned char *s = signature.const_byte_str();
+	BIGNUM* bn_r = BN_bin2bn(s, sigLen / 2, NULL);
+	BIGNUM* bn_s = BN_bin2bn(s + sigLen / 2, sigLen / 2, NULL);
+	if (bn_r == NULL || bn_s == NULL ||
+	    !DSA_SIG_set0(sig, bn_r, bn_s))
+	{
+		DSA_SIG_free(sig);
+		return false;
+	}
+	int ret = DSA_do_verify(&hash[0], hash.size(), sig, pk->getOSSLKey());
+	if (ret != 1)
+	{
+		if (ret < 0)
+			ERROR_MSG("DSA verify failed (0x%08X)", ERR_get_error());
+
+		DSA_SIG_free(sig);
+		return false;
+	}
+
+	DSA_SIG_free(sig);
+	return true;
+}
+
+// Encryption functions
+bool OSSLDSA::encrypt(PublicKey* /*publicKey*/, const ByteString& /*data*/,
+		      ByteString& /*encryptedData*/, const AsymMech::Type /*padding*/)
+{
+	ERROR_MSG("DSA does not support encryption");
+
+	return false;
+}
+
+// Decryption functions
+bool OSSLDSA::decrypt(PrivateKey* /*privateKey*/, const ByteString& /*encryptedData*/,
+		      ByteString& /*data*/, const AsymMech::Type /*padding*/)
+{
+	ERROR_MSG("DSA does not support decryption");
+
+	return false;
+}
+
+// Key factory
+bool OSSLDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */)
+{
+	// Check parameters
+	if ((ppKeyPair == NULL) ||
+	    (parameters == NULL))
+	{
+		return false;
+	}
+
+	if (!parameters->areOfType(DSAParameters::type))
+	{
+		ERROR_MSG("Invalid parameters supplied for DSA key generation");
+
+		return false;
+	}
+
+	DSAParameters* params = (DSAParameters*) parameters;
+
+	// Generate the key-pair
+	DSA* dsa = DSA_new();
+	if (dsa == NULL)
+	{
+		ERROR_MSG("Failed to instantiate OpenSSL DSA object");
+
+		return false;
+	}
+
+	// Use the OpenSSL implementation and not any engine
+	DSA_set_method(dsa, DSA_get_default_method());
+
+	BIGNUM* bn_p = OSSL::byteString2bn(params->getP());
+	BIGNUM* bn_q = OSSL::byteString2bn(params->getQ());
+	BIGNUM* bn_g = OSSL::byteString2bn(params->getG());
+	DSA_set0_pqg(dsa, bn_p, bn_q, bn_g);
+
+	if (DSA_generate_key(dsa) != 1)
+	{
+		ERROR_MSG("DSA key generation failed (0x%08X)", ERR_get_error());
+
+		DSA_free(dsa);
+
+		return false;
+	}
+
+	// Create an asymmetric key-pair object to return
+	OSSLDSAKeyPair* kp = new OSSLDSAKeyPair();
+
+	((OSSLDSAPublicKey*) kp->getPublicKey())->setFromOSSL(dsa);
+	((OSSLDSAPrivateKey*) kp->getPrivateKey())->setFromOSSL(dsa);
+
+	*ppKeyPair = kp;
+
+	// Release the key
+	DSA_free(dsa);
+
+	return true;
+}
+
+unsigned long OSSLDSA::getMinKeySize()
+{
+#ifdef WITH_FIPS
+	// OPENSSL_DSA_FIPS_MIN_MODULUS_BITS is 1024
+	return 1024;
+#else
+	return 512;
+#endif
+}
+
+unsigned long OSSLDSA::getMaxKeySize()
+{
+	return OPENSSL_DSA_MAX_MODULUS_BITS;
+}
+
+bool OSSLDSA::generateParameters(AsymmetricParameters** ppParams, void* parameters /* = NULL */, RNG* /*rng = NULL*/)
+{
+	if ((ppParams == NULL) || (parameters == NULL))
+	{
+		return false;
+	}
+
+	size_t bitLen = (size_t) parameters;
+
+	if (bitLen < getMinKeySize() || bitLen > getMaxKeySize())
+	{
+		ERROR_MSG("This DSA key size is not supported");
+
+		return false;
+	}
+
+	DSA* dsa = DSA_new();
+
+	if (dsa == NULL ||
+	    !DSA_generate_parameters_ex(dsa, bitLen, NULL, 0, NULL, NULL, NULL))
+	{
+		ERROR_MSG("Failed to generate %d bit DSA parameters", bitLen);
+
+		return false;
+	}
+
+	// Store the DSA parameters
+	DSAParameters* params = new DSAParameters();
+
+	const BIGNUM* bn_p = NULL;
+	const BIGNUM* bn_q = NULL;
+	const BIGNUM* bn_g = NULL;
+	DSA_get0_pqg(dsa, &bn_p, &bn_q, &bn_g);
+
+	ByteString p = OSSL::bn2ByteString(bn_p); params->setP(p);
+	ByteString q = OSSL::bn2ByteString(bn_q); params->setQ(q);
+	ByteString g = OSSL::bn2ByteString(bn_g); params->setG(g);
+
+	*ppParams = params;
+
+	DSA_free(dsa);
+
+	return true;
+}
+
+bool OSSLDSA::reconstructKeyPair(AsymmetricKeyPair** ppKeyPair, ByteString& serialisedData)
+{
+	// Check input
+	if ((ppKeyPair == NULL) ||
+	    (serialisedData.size() == 0))
+	{
+		return false;
+	}
+
+	ByteString dPub = ByteString::chainDeserialise(serialisedData);
+	ByteString dPriv = ByteString::chainDeserialise(serialisedData);
+
+	OSSLDSAKeyPair* kp = new OSSLDSAKeyPair();
+
+	bool rv = true;
+
+	if (!((DSAPublicKey*) kp->getPublicKey())->deserialise(dPub))
+	{
+		rv = false;
+	}
+
+	if (!((DSAPrivateKey*) kp->getPrivateKey())->deserialise(dPriv))
+	{
+		rv = false;
+	}
+
+	if (!rv)
+	{
+		delete kp;
+
+		return false;
+	}
+
+	*ppKeyPair = kp;
+
+	return true;
+}
+
+bool OSSLDSA::reconstructPublicKey(PublicKey** ppPublicKey, ByteString& serialisedData)
+{
+	// Check input
+	if ((ppPublicKey == NULL) ||
+	    (serialisedData.size() == 0))
+	{
+		return false;
+	}
+
+	OSSLDSAPublicKey* pub = new OSSLDSAPublicKey();
+
+	if (!pub->deserialise(serialisedData))
+	{
+		delete pub;
+
+		return false;
+	}
+
+	*ppPublicKey = pub;
+
+	return true;
+}
+
+bool OSSLDSA::reconstructPrivateKey(PrivateKey** ppPrivateKey, ByteString& serialisedData)
+{
+	// Check input
+	if ((ppPrivateKey == NULL) ||
+	    (serialisedData.size() == 0))
+	{
+		return false;
+	}
+
+	OSSLDSAPrivateKey* priv = new OSSLDSAPrivateKey();
+
+	if (!priv->deserialise(serialisedData))
+	{
+		delete priv;
+
+		return false;
+	}
+
+	*ppPrivateKey = priv;
+
+	return true;
+}
+
+PublicKey* OSSLDSA::newPublicKey()
+{
+	return (PublicKey*) new OSSLDSAPublicKey();
+}
+
+PrivateKey* OSSLDSA::newPrivateKey()
+{
+	return (PrivateKey*) new OSSLDSAPrivateKey();
+}
+
+AsymmetricParameters* OSSLDSA::newParameters()
+{
+	return (AsymmetricParameters*) new DSAParameters();
+}
+
+bool OSSLDSA::reconstructParameters(AsymmetricParameters** ppParams, ByteString& serialisedData)
+{
+	// Check input parameters
+	if ((ppParams == NULL) || (serialisedData.size() == 0))
+	{
+		return false;
+	}
+
+	DSAParameters* params = new DSAParameters();
+
+	if (!params->deserialise(serialisedData))
+	{
+		delete params;
+
+		return false;
+	}
+
+	*ppParams = params;
+
+	return true;
+}
+