/*

 * COPYRIGHT (c) International Business Machines Corp. 2005-2017

 *

 * This program is provided under the terms of the Common Public License,

 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this

 * software constitutes recipient's acceptance of CPL-1.0 terms which can be

 * found in the file LICENSE file or at

 * https://opensource.org/licenses/cpl1.0.php

 */

#include <sys/types.h>

#include <sys/stat.h>

#include <unistd.h>

#include <errno.h>

#include <string.h>

#include <pwd.h>

#include <openssl/pem.h>

#include <openssl/rsa.h>

#include <openssl/err.h>

#include <openssl/rand.h>

#include <openssl/evp.h>

#include <tss/platform.h>

#include <tss/tss_defines.h>

#include <tss/tss_typedef.h>

#include <tss/tss_structs.h>

#include <tss/tss_error.h>

#include <tss/tspi.h>

#include "pkcs11types.h"

#include "stdll.h"

#include "defs.h"

#include "host_defs.h"

#include "h_extern.h"

#include "tok_specific.h"

#include "tok_spec_struct.h"

#include "trace.h"

#include "tpm_specific.h"

/*

 * In order to make opencryptoki compatible with

 * OpenSSL 1.1 API Changes and backward compatible

 * we need to check for its version

 */

#if OPENSSL_VERSION_NUMBER < 0x10100000L

#define OLDER_OPENSSL

#endif

#ifdef DEBUG

void openssl_print_errors()

{

    ERR_load_ERR_strings();

    ERR_load_crypto_strings();

    ERR_print_errors_fp(stderr);

}

#endif

RSA *openssl_gen_key(STDLL_TokData_t *tokdata)

{

    RSA *rsa = NULL;

    int rc = 0, counter = 0;

    char buf[32];

#ifndef OLDER_OPENSSL

    EVP_PKEY *pkey = NULL;

    EVP_PKEY_CTX *ctx = NULL;

    BIGNUM *bne = NULL;

#endif

    token_specific_rng(tokdata, (CK_BYTE *) buf, 32);

    RAND_seed(buf, 32);

regen_rsa_key:

#ifdef OLDER_OPENSSL

    rsa = RSA_generate_key(2048, 65537, NULL, NULL);

    if (rsa == NULL) {

        fprintf(stderr, "Error generating user's RSA key\n");

        ERR_load_crypto_strings();

        ERR_print_errors_fp(stderr);

        goto err;

    }

    rc = RSA_check_key(rsa);

#else

    bne = BN_new();

    rc = BN_set_word(bne, 65537);

    if (!rc) {

        fprintf(stderr, "Error generating bne\n");

        ERR_load_crypto_strings();

        ERR_print_errors_fp(stderr);

        goto err;

    }

    ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);

    if (ctx == NULL)

        goto err;

    if (EVP_PKEY_keygen_init(ctx) <= 0

        || EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0

        || EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, bne) <= 0) {

        fprintf(stderr, "Error generating user's RSA key\n");

        ERR_load_crypto_strings();

        ERR_print_errors_fp(stderr);

        goto err;

    }

    bne = NULL; // will be freed as part of the context

    if (EVP_PKEY_keygen(ctx, &pkey) <= 0

        || (rsa = EVP_PKEY_get1_RSA(pkey)) == NULL) {

        fprintf(stderr, "Error generating user's RSA key\n");

        ERR_load_crypto_strings();

        ERR_print_errors_fp(stderr);

        goto err;

    }

#if OPENSSL_VERSION_NUMBER < 0x10101000L

    rc = RSA_check_key(rsa);

#else

    rc = (EVP_PKEY_check(ctx) == 1 ? 1 : 0);

#endif

#endif

    switch (rc) {

    case 0:

        /* rsa is not a valid RSA key */

        RSA_free(rsa);

        rsa = NULL;

        counter++;

        if (counter == KEYGEN_RETRY) {

            TRACE_DEVEL("Tried %d times to generate a "

                        "valid RSA key, failed.\n", KEYGEN_RETRY);

            goto err;

        }

        goto regen_rsa_key;

        break;

    case 1:

        /* success case, rsa is a valid key */

        break;

    case -1:

        /* fall through */

    default:

        DEBUG_openssl_print_errors();

        break;

    }

#ifndef OLDER_OPENSSL

    if (pkey != NULL)

        EVP_PKEY_free(pkey);

    if (ctx != NULL)

        EVP_PKEY_CTX_free(ctx);

    if (bne != NULL)

        BN_free(bne);

#endif

    return rsa;

err:

    if (rsa != NULL)

        RSA_free(rsa);

#ifndef OLDER_OPENSSL

    if (pkey != NULL)

        EVP_PKEY_free(pkey);

    if (ctx != NULL)

        EVP_PKEY_CTX_free(ctx);

    if (bne != NULL)

        BN_free(bne);

#endif

    return NULL;

}

int openssl_write_key(STDLL_TokData_t * tokdata, RSA * rsa, char *filename,

                      CK_BYTE * pPin)

{

    BIO *b = NULL;

    char loc[PATH_MAX];

    struct passwd *pw = NULL;

    errno = 0;

    if ((pw = getpwuid(getuid())) == NULL) {

        TRACE_ERROR("Error getting username: %s\n", strerror(errno));

        return -1;

    }

    if (ock_snprintf(loc, PATH_MAX, "%s/%s/%s",

                        tokdata->pk_dir, pw->pw_name, filename) != 0) {

        TRACE_ERROR("key path too long\n");

        return -1;

    }

    b = BIO_new_file(loc, "w");

    if (!b) {

        TRACE_ERROR("Error opening file for write: %s\n", loc);

        return -1;

    }

    if (!PEM_write_bio_RSAPrivateKey(b, rsa,

                                     EVP_aes_256_cbc(), NULL, 0, 0, pPin)) {

        BIO_free(b);

        TRACE_ERROR("Writing key %s to disk failed.\n", loc);

        DEBUG_openssl_print_errors();

        return -1;

    }

    BIO_free(b);

    if (util_set_file_mode(loc, (S_IRUSR | S_IWUSR))) {

        TRACE_ERROR("Setting file mode of %s failed\n", loc);

    }

    return 0;

}

CK_RV openssl_read_key(STDLL_TokData_t * tokdata, char *filename,

                       CK_BYTE * pPin, RSA ** ret)

{

    BIO *b = NULL;

    RSA *rsa = NULL;

    char loc[PATH_MAX];

    struct passwd *pw = NULL;

    CK_RV rc = CKR_FUNCTION_FAILED;

    errno = 0;

    if ((pw = getpwuid(getuid())) == NULL) {

        TRACE_ERROR("Error getting username: %s\n", strerror(errno));

        return CKR_FUNCTION_FAILED;

    }

    if (ock_snprintf(loc, PATH_MAX, "%s/%s/%s",

                     tokdata->pk_dir, pw->pw_name, filename) != 0) {

        TRACE_ERROR("key file name too long\n");

        return CKR_FUNCTION_FAILED;

    }

    /* we can't allow a pin of NULL here, since openssl will try to prompt

     * for a password in PEM_read_bio_RSAPrivateKey */

    if (pPin == NULL)

        return CKR_PIN_INCORRECT;

    b = BIO_new_file(loc, "r+");

    if (b == NULL) {

        TRACE_ERROR("Error opening file for read: %s\n", loc);

        return CKR_FILE_NOT_FOUND;

    }

    if ((rsa = PEM_read_bio_RSAPrivateKey(b, NULL, 0, pPin)) == NULL) {

        TRACE_ERROR("Reading key %s from disk failed.\n", loc);

        DEBUG_openssl_print_errors();

        if (ERR_GET_REASON(ERR_get_error()) == PEM_R_BAD_DECRYPT) {

            rc = CKR_PIN_INCORRECT;

        }

        BIO_free(b);

        return rc;

    }

    BIO_free(b);

    *ret = rsa;

    return CKR_OK;

}

int openssl_get_modulus_and_prime(RSA * rsa, unsigned int *size_n,

                                  unsigned char *n, unsigned int *size_p,

                                  unsigned char *p)

{

#ifndef OLDER_OPENSSL

    const BIGNUM *n_tmp, *p_tmp;

#endif

    /* get the modulus from the RSA object */

#ifdef OLDER_OPENSSL

    if ((*size_n = BN_bn2bin(rsa->n, n)) <= 0) {

#else

    RSA_get0_key(rsa, &n_tmp, NULL, NULL);

    if ((*size_n = BN_bn2bin(n_tmp, n)) <= 0) {

#endif

        DEBUG_openssl_print_errors();

        return -1;

    }

    /* get one of the primes from the RSA object */

#ifdef OLDER_OPENSSL

    if ((*size_p = BN_bn2bin(rsa->p, p)) <= 0) {

#else

    RSA_get0_factors(rsa, &p_tmp, NULL);

    if ((*size_p = BN_bn2bin(p_tmp, p)) <= 0) {

#endif

        DEBUG_openssl_print_errors();

        return -1;

    }

    return 0;

}