diff options
author | Richard Levitte <levitte@openssl.org> | 2016-04-02 15:12:58 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2016-04-06 16:19:17 +0200 |
commit | 9862e9aa98ee1e38fbcef8d1dd5db0e750eb5e8d (patch) | |
tree | d7ddbd0b7d4c97875479e3b9cd52fdf579ca2434 /crypto/pem | |
parent | 3e41ac35281827b59e55d51058cf6bb086c1f2b5 (diff) |
Make the RSA structure opaque
Move rsa_st away from public headers.
Add accessor/writer functions for the public RSA data.
Adapt all other source to use the accessors and writers.
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'crypto/pem')
-rw-r--r-- | crypto/pem/pvkfmt.c | 83 |
1 files changed, 51 insertions, 32 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index e378b57e25..634cc5924d 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -353,8 +353,9 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub) { - const unsigned char *p = *in; + const unsigned char *pin = *in; EVP_PKEY *ret = NULL; + BIGNUM *e = NULL, *n = NULL, *d = NULL; RSA *rsa = NULL; unsigned int nbyte, hnbyte; nbyte = (bitlen + 7) >> 3; @@ -363,31 +364,35 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in, ret = EVP_PKEY_new(); if (rsa == NULL || ret == NULL) goto memerr; - rsa->e = BN_new(); - if (rsa->e == NULL) + e = BN_new(); + if (e == NULL) goto memerr; - if (!BN_set_word(rsa->e, read_ledword(&p))) + if (!BN_set_word(e, read_ledword(&pin))) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->n)) + if (!read_lebn(&pin, nbyte, &n)) goto memerr; if (!ispub) { - if (!read_lebn(&p, hnbyte, &rsa->p)) + BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; + if (!read_lebn(&pin, hnbyte, &p)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->q)) + if (!read_lebn(&pin, hnbyte, &q)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmp1)) + if (!read_lebn(&pin, hnbyte, &dmp1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmq1)) + if (!read_lebn(&pin, hnbyte, &dmq1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->iqmp)) + if (!read_lebn(&pin, hnbyte, &iqmp)) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->d)) + if (!read_lebn(&pin, nbyte, &d)) goto memerr; + RSA_set0_factors(rsa, p, q); + RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp); } + RSA_set0_key(rsa, e, n, d); EVP_PKEY_set1_RSA(ret, rsa); RSA_free(rsa); - *in = p; + *in = pin; return ret; memerr: PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); @@ -530,26 +535,35 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) { int nbyte, hnbyte, bitlen; - if (BN_num_bits(rsa->e) > 32) + BIGNUM *e; + + RSA_get0_key(rsa, &e, NULL, NULL); + if (BN_num_bits(e) > 32) goto badkey; - bitlen = BN_num_bits(rsa->n); - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; + bitlen = RSA_bits(rsa); + nbyte = RSA_size(rsa); + hnbyte = (bitlen + 15) >> 4; if (ispub) { *pmagic = MS_RSA1MAGIC; return bitlen; } else { + BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1; + *pmagic = MS_RSA2MAGIC; + /* * For private key each component must fit within nbyte or hnbyte. */ - if (BN_num_bytes(rsa->d) > nbyte) + RSA_get0_key(rsa, NULL, NULL, &d); + if (BN_num_bytes(d) > nbyte) goto badkey; - if ((BN_num_bytes(rsa->iqmp) > hnbyte) - || (BN_num_bytes(rsa->p) > hnbyte) - || (BN_num_bytes(rsa->q) > hnbyte) - || (BN_num_bytes(rsa->dmp1) > hnbyte) - || (BN_num_bytes(rsa->dmq1) > hnbyte)) + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + if ((BN_num_bytes(iqmp) > hnbyte) + || (BN_num_bytes(p) > hnbyte) + || (BN_num_bytes(q) > hnbyte) + || (BN_num_bytes(dmp1) > hnbyte) + || (BN_num_bytes(dmq1) > hnbyte)) goto badkey; } return bitlen; @@ -561,18 +575,23 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) static void write_rsa(unsigned char **out, RSA *rsa, int ispub) { int nbyte, hnbyte; - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; - write_lebn(out, rsa->e, 4); - write_lebn(out, rsa->n, -1); + BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1; + + nbyte = RSA_size(rsa); + hnbyte = (RSA_bits(rsa) + 15) >> 4; + RSA_get0_key(rsa, &e, &n, &d); + write_lebn(out, e, 4); + write_lebn(out, n, -1); if (ispub) return; - write_lebn(out, rsa->p, hnbyte); - write_lebn(out, rsa->q, hnbyte); - write_lebn(out, rsa->dmp1, hnbyte); - write_lebn(out, rsa->dmq1, hnbyte); - write_lebn(out, rsa->iqmp, hnbyte); - write_lebn(out, rsa->d, nbyte); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + write_lebn(out, p, hnbyte); + write_lebn(out, q, hnbyte); + write_lebn(out, dmp1, hnbyte); + write_lebn(out, dmq1, hnbyte); + write_lebn(out, iqmp, hnbyte); + write_lebn(out, d, nbyte); } static void write_dsa(unsigned char **out, DSA *dsa, int ispub) |