diff options
author | Paul Yang <yang.yang@baishancloud.com> | 2017-08-02 02:19:43 +0800 |
---|---|---|
committer | Paul Yang <yang.yang@baishancloud.com> | 2017-11-21 14:38:42 +0800 |
commit | 665d899fa6d3571da016925067ebcf1789d7d19c (patch) | |
tree | 1674f352dc0feee9e68e6221d21c5d79bd1935ab /crypto/rsa/rsa_pmeth.c | |
parent | b0004708730f300a2e5c6a11c887caab50b6c42a (diff) |
Support multi-prime RSA (RFC 8017)
* Introduce RSA_generate_multi_prime_key to generate multi-prime
RSA private key. As well as the following functions:
RSA_get_multi_prime_extra_count
RSA_get0_multi_prime_factors
RSA_get0_multi_prime_crt_params
RSA_set0_multi_prime_params
RSA_get_version
* Support EVP operations for multi-prime RSA
* Support ASN.1 operations for multi-prime RSA
* Support multi-prime check in RSA_check_key_ex
* Support multi-prime RSA in apps/genrsa and apps/speed
* Support multi-prime RSA manipulation functions
* Test cases and documentation are added
* CHANGES is updated
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4241)
Diffstat (limited to 'crypto/rsa/rsa_pmeth.c')
-rw-r--r-- | crypto/rsa/rsa_pmeth.c | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 5e2df3e8ff..8a114cff89 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -25,6 +25,7 @@ typedef struct { /* Key gen parameters */ int nbits; BIGNUM *pub_exp; + int primes; /* Keygen callback info */ int gentmp[2]; /* RSA padding mode */ @@ -54,6 +55,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx) if (rctx == NULL) return 0; rctx->nbits = 1024; + rctx->primes = RSA_DEFAULT_PRIME_NUM; if (pkey_ctx_is_pss(ctx)) rctx->pad_mode = RSA_PKCS1_PSS_PADDING; else @@ -473,6 +475,14 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) rctx->pub_exp = p2; return 1; + case EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES: + if (p1 < RSA_DEFAULT_PRIME_NUM || p1 > RSA_MAX_PRIME_NUM) { + RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_KEY_PRIME_NUM_INVALID); + return -2; + } + rctx->primes = p1; + return 1; + case EVP_PKEY_CTRL_RSA_OAEP_MD: case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { @@ -583,6 +593,7 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, } if (strcmp(type, "rsa_padding_mode") == 0) { int pm; + if (strcmp(value, "pkcs1") == 0) { pm = RSA_PKCS1_PADDING; } else if (strcmp(value, "sslv23") == 0) { @@ -606,6 +617,7 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, if (strcmp(type, "rsa_pss_saltlen") == 0) { int saltlen; + if (!strcmp(value, "digest")) saltlen = RSA_PSS_SALTLEN_DIGEST; else if (!strcmp(value, "max")) @@ -618,13 +630,14 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, } if (strcmp(type, "rsa_keygen_bits") == 0) { - int nbits; - nbits = atoi(value); + int nbits = atoi(value); + return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits); } if (strcmp(type, "rsa_keygen_pubexp") == 0) { int ret; + BIGNUM *pubexp = NULL; if (!BN_asc2bn(&pubexp, value)) return 0; @@ -634,6 +647,12 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, return ret; } + if (strcmp(type, "rsa_keygen_primes") == 0) { + int nprimes = atoi(value); + + return EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, nprimes); + } + if (strcmp(type, "rsa_mgf1_md") == 0) return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, @@ -664,6 +683,7 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, unsigned char *lab; long lablen; int ret; + lab = OPENSSL_hexstr2buf(value, &lablen); if (!lab) return 0; @@ -718,7 +738,8 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) } else { pcb = NULL; } - ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb); + ret = RSA_generate_multi_prime_key(rsa, rctx->nbits, rctx->primes, + rctx->pub_exp, pcb); BN_GENCB_free(pcb); if (ret > 0 && !rsa_set_pss_param(rsa, ctx)) { RSA_free(rsa); |