r_enhanc.c

des和rsa加密算法程序

unsigned char *signature;        /* signature */
unsigned int signatureLen;       /* length of signature */
int digestAlgorithm;             /* message-digest algorithm */
R_RSA_PUBLIC_KEY *publicKey;     /* signer's RSA public key */
{
	R_SIGNATURE_CTX context;
	int status;

	if((status = R_VerifyInit(&context, digestAlgorithm)) == 0)
		if((status = R_VerifyUpdate(&context, block, blockLen)) == 0)
			status = R_VerifyFinal(&context, signature, signatureLen, publicKey);

	/* Clear sensitive information. */
	R_memset((POINTER)&context, 0, sizeof(context));

	return(status);
}

int R_SealPEMBlock(encryptedContent, encryptedContentLen, encryptedKey, encryptedKeyLen,
	 encryptedSignature, encryptedSignatureLen, iv, content, contentLen,
	 digestAlgorithm, publicKey, privateKey, randomStruct)
unsigned char *encryptedContent;            /* encoded, encrypted content */
unsigned int *encryptedContentLen;          /* length */
unsigned char *encryptedKey;                /* encoded, encrypted key */
unsigned int *encryptedKeyLen;              /* length */
unsigned char *encryptedSignature;          /* encoded, encrypted signature */
unsigned int *encryptedSignatureLen;        /* length */
unsigned char iv[8];                        /* DES initialization vector */
unsigned char *content;                     /* content */
unsigned int contentLen;                    /* length of content */
int digestAlgorithm;                        /* message-digest algorithms */
R_RSA_PUBLIC_KEY *publicKey;                /* recipient's RSA public key */
R_RSA_PRIVATE_KEY *privateKey;              /* signer's RSA private key */
R_RANDOM_STRUCT *randomStruct;              /* random structure */
{
	R_ENVELOPE_CTX context;
	R_RSA_PUBLIC_KEY *publicKeys[1];
	int status;
	unsigned char encryptedKeyBlock[MAX_ENCRYPTED_KEY_LEN],
		signature[MAX_SIGNATURE_LEN], *encryptedKeys[1];
	unsigned int signatureLen, encryptedKeyBlockLen;

	if((status = R_SignBlock(signature, &signatureLen, content, contentLen,
														digestAlgorithm, privateKey)) == 0) {

		encryptedKeys[0] = encryptedKeyBlock;
		publicKeys[0] = publicKey;

		if((status = R_SealInit(&context, encryptedKeys, &encryptedKeyBlockLen, iv, 1, publicKeys, EA_DES_CBC, randomStruct)) == 0) {

			R_EncodePEMBlock(encryptedKey, encryptedKeyLen, encryptedKeyBlock,
												encryptedKeyBlockLen);

			R_EncryptOpenPEMBlock(&context, encryptedContent, encryptedContentLen,
														 content,       contentLen);

			R_EncryptOpenPEMBlock(&context, encryptedSignature, encryptedSignatureLen,
														 signature,     signatureLen);
		}
	}

	/* Clear sensitive information. */
	R_memset((POINTER)&context, 0, sizeof(context));
	R_memset(signature, 0, sizeof(signature));

	return (status);
}

int R_OpenPEMBlock(content, contentLen, encryptedContent, encryptedContentLen, encryptedKey,
	 encryptedKeyLen, encryptedSignature, encryptedSignatureLen,
	 iv, digestAlgorithm, privateKey, publicKey)
unsigned char *content;                     /* content */
unsigned int *contentLen;                   /* length of content */
unsigned char *encryptedContent;            /* encoded, encrypted content */
unsigned int encryptedContentLen;           /* length */
unsigned char *encryptedKey;                /* encoded, encrypted key */
unsigned int encryptedKeyLen;               /* length */
unsigned char *encryptedSignature;          /* encoded, encrypted signature */
unsigned int encryptedSignatureLen;         /* length */
unsigned char iv[8];                        /* DES initialization vector */
int digestAlgorithm;                        /* message-digest algorithms */
R_RSA_PRIVATE_KEY *privateKey;              /* recipient's RSA private key */
R_RSA_PUBLIC_KEY *publicKey;                /* signer's RSA public key */
{
	R_ENVELOPE_CTX context;
	int status;
	unsigned char encryptedKeyBlock[MAX_ENCRYPTED_KEY_LEN],
		signature[MAX_SIGNATURE_LEN];
	unsigned int encryptedKeyBlockLen, signatureLen;

	if(encryptedSignatureLen > MAX_PEM_ENCRYPTED_SIGNATURE_LEN)
		return(RE_SIGNATURE_ENCODING);

	if(encryptedKeyLen > MAX_PEM_ENCRYPTED_KEY_LEN)
		return(RE_KEY_ENCODING);

	if(R_DecodePEMBlock(encryptedKeyBlock, &encryptedKeyBlockLen, encryptedKey, encryptedKeyLen) != 0) {
			status = RE_KEY_ENCODING;
	}else{
		if((status = R_OpenInit(&context, EA_DES_CBC, encryptedKeyBlock, encryptedKeyBlockLen, iv, privateKey)) == 0) {

			if((status = R_DecryptOpenPEMBlock(&context, content, contentLen, encryptedContent, encryptedContentLen)) != 0) {
				if((status == RE_LEN || status == RE_ENCODING))
					status = RE_CONTENT_ENCODING;
				else
					status = RE_KEY;
			}else{

				status = R_DecryptOpenPEMBlock(&context, signature, &signatureLen, encryptedSignature, encryptedSignatureLen);

				if(status) {
					if((status == RE_LEN || status == RE_ENCODING))
						status = RE_SIGNATURE_ENCODING;
					else
						status = RE_KEY;
				}else
					status = R_VerifyBlockSignature(content, *contentLen, signature, signatureLen, digestAlgorithm, publicKey);
			}
		}
	}
	/* Clear sensitive information. */

	R_memset((POINTER)&context, 0, sizeof(context));
	R_memset(signature, 0, sizeof(signature));

	return(status);
}

int R_DigestBlock(digest, digestLen, block, blockLen, digestAlgorithm)
unsigned char *digest;           /* message digest */
unsigned int *digestLen;         /* length of message digest */
unsigned char *block;            /* block */
unsigned int blockLen;           /* length of block */
int digestAlgorithm;             /* message-digest algorithm */
{
	R_DIGEST_CTX context;
	int status;

	if((status = R_DigestInit(&context, digestAlgorithm)) == 0)
		if((status = R_DigestUpdate(&context, block, blockLen)) == 0)
			status = R_DigestFinal(&context, digest, digestLen);

	/* Clear sensitive information. */

	R_memset((POINTER)&context, 0, sizeof(context));

	return(status);
}

int R_DecryptOpenPEMBlock(context, output, outputLen, input, inputLen)
R_ENVELOPE_CTX *context;          /* context */
unsigned char *output;            /* decoded, decrypted block */
unsigned int *outputLen;          /* length of output */
unsigned char *input;             /* encrypted, encoded block */
unsigned int inputLen;            /* length */
{
	int status;
	unsigned char encryptedPart[24];
	unsigned int i, len;

	*outputLen = 0;

	for (i = 0; i < inputLen/32; i++) {
			/* len is always 24 */
		if ((status = R_DecodePEMBlock(encryptedPart, &len, &input[32*i], 32)) != 0)
			break;

		R_OpenUpdate (context, output, &len, encryptedPart, 24);
		*outputLen += len;
		output += len;
	}

	if(!status)                     /* Decode the last block. */
		if((status = R_DecodePEMBlock(encryptedPart, &len, &input[32*i], inputLen - 32*i)) == 0) {
									/* Decrypt the last block. */
			R_OpenUpdate (context, output, &len, encryptedPart, len);
			output += len;
			*outputLen += len;
			if((status = R_OpenFinal (context, output, &len)) == 0)
				*outputLen += len;
		}

	/* Clear sensitive information. */

	R_memset((POINTER)&context, 0, sizeof(context));
	R_memset(encryptedPart, 0, sizeof(encryptedPart));

	return(status);
}

int R_EncryptOpenPEMBlock(context, output, outputLen, input, inputLen)
R_ENVELOPE_CTX *context;          /* context */
unsigned char *output;            /* encrypted, encoded block */
unsigned int *outputLen;          /* length of output */
unsigned char *input;             /* block to encrypt */
unsigned int inputLen;            /* length */
{
	unsigned char encryptedPart[24];
	unsigned int i, lastPartLen, tempLen, len;

	/* Encrypt and encode as many 24-byte blocks as possible. */

	for (i = 0; i < inputLen / 24; ++i) {
		/* Assume part out length will equal part in length since it is
			 a multiple of 8.  Also assume no error output. */
		R_SealUpdate (context, encryptedPart, &tempLen, &input[24*i], 24);

		/* len will always be 32 */
		R_EncodePEMBlock (&output[32*i], &tempLen, encryptedPart, 24);
	}

	/* Encrypt the last part into encryptedPart. */

	R_SealUpdate(context, encryptedPart, &lastPartLen, &input[24*i], inputLen - 24*i);
	R_SealFinal(context, encryptedPart + lastPartLen, &len);
	lastPartLen += len;

	R_EncodePEMBlock(&output[32*i], &len, encryptedPart, lastPartLen);
	*outputLen = 32*i + len;

	/* Clear sensitive information. */

	R_memset(encryptedPart, 0, sizeof(encryptedPart));

	return(ID_OK);
}

/* Assumes that digestAlgorithm is DA_MD2, DA_MD4 or DA_MD5 and
	 the digest length must be 16.  SHS Not supported here. */

static void R_EncodeDigestInfo(digestInfo, digestAlgorithm, digest)
unsigned char *digestInfo;
int digestAlgorithm;
unsigned char *digest;
{
	if(!(digestAlgorithm == DA_SHS)) {
		digestInfo[DIGEST_INFO_A_LEN] = digestAlgorithm;

		R_memcpy((POINTER)&digestInfo[DIGEST_INFO_A_LEN + 1], (POINTER)DIGEST_INFO_B, DIGEST_INFO_B_LEN);
		R_memcpy((POINTER)digestInfo, (POINTER)DIGEST_INFO_A, DIGEST_INFO_A_LEN);
		R_memcpy((POINTER)&digestInfo[DIGEST_INFO_A_LEN + 1 + DIGEST_INFO_B_LEN], (POINTER)digest, 16);
	}
}

/* Quick check to correct digest was used to verify */

static int R_CheckDigestInfo(originaldigestInfo, digestInfo)
unsigned char *originaldigestInfo;
unsigned char *digestInfo;
{
	return((originaldigestInfo[DIGEST_INFO_A_LEN] ==
		digestInfo[DIGEST_INFO_A_LEN]) ? ID_OK : RE_SIGNATURE);
}

/*
    Blowfish uses a keyLen value during startup, this was added to this routine
    for version 1.10 of RSAEuro.
*/

static int CipherInit(context, encryptionAlgorithm, key, keyLen, iv, encrypt)
R_ENVELOPE_CTX *context;
int encryptionAlgorithm;
unsigned char *key;
int keyLen;
unsigned char *iv;
int encrypt;
{
	switch(encryptionAlgorithm) {
	case EA_DES_CBC:
		DES_CBCInit (&context->cipherContext.des, key, iv, encrypt);
		break;
	case EA_DESX_CBC:
		DESX_CBCInit (&context->cipherContext.desx, key, iv, encrypt);
		break;
	case EA_DES_EDE2_CBC:
	case EA_DES_EDE3_CBC:
		DES3_CBCInit (&context->cipherContext.des3, key, iv, encrypt);
		break;
	default:
		return (RE_ENCRYPTION_ALGORITHM);
	}
	return(ID_OK);
}

/* Assume len is a multiple of 8.
 */
static void EncryptBlk(context, output, input, len)
R_ENVELOPE_CTX *context;
unsigned char *output;
unsigned char *input;
unsigned int len;
{
	switch(context->encryptionAlgorithm) {
	case EA_DES_CBC:
		DES_CBCUpdate (&context->cipherContext.des, output, input, len);
		break;
	case EA_DESX_CBC:
		DESX_CBCUpdate (&context->cipherContext.desx, output, input, len);
		break;
	case EA_DES_EDE2_CBC:
	case EA_DES_EDE3_CBC:
		DES3_CBCUpdate (&context->cipherContext.des3, output, input, len);
        break;
	}
}

static void RestartCipher(context)
R_ENVELOPE_CTX *context;
{
	switch(context->encryptionAlgorithm) {
	case EA_DES_CBC:
		DES_CBCRestart (&context->cipherContext.des);
		break;
	case EA_DESX_CBC:
		DESX_CBCRestart (&context->cipherContext.desx);
		break;
	case EA_DES_EDE2_CBC:
	case EA_DES_EDE3_CBC:
		DES3_CBCRestart (&context->cipherContext.des3);
	}
}