summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'crypto')
-rw-r--r--crypto/pem/pvkfmt.c83
-rw-r--r--crypto/rsa/rsa_ameth.c2
-rw-r--r--crypto/rsa/rsa_asn1.c2
-rw-r--r--crypto/rsa/rsa_chk.c2
-rw-r--r--crypto/rsa/rsa_crpt.c2
-rw-r--r--crypto/rsa/rsa_gen.c2
-rw-r--r--crypto/rsa/rsa_lib.c95
-rw-r--r--crypto/rsa/rsa_locl.h48
-rw-r--r--crypto/rsa/rsa_oaep.c2
-rw-r--r--crypto/rsa/rsa_ossl.c2
-rw-r--r--crypto/rsa/rsa_x931g.c2
11 files changed, 201 insertions, 41 deletions
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index e378b57e25..634cc5924d 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -353,8 +353,9 @@ static EVP_PKEY *b2i_dss(const unsigned char **in,
static EVP_PKEY *b2i_rsa(const unsigned char **in,
unsigned int bitlen, int ispub)
{
- const unsigned char *p = *in;
+ const unsigned char *pin = *in;
EVP_PKEY *ret = NULL;
+ BIGNUM *e = NULL, *n = NULL, *d = NULL;
RSA *rsa = NULL;
unsigned int nbyte, hnbyte;
nbyte = (bitlen + 7) >> 3;
@@ -363,31 +364,35 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in,
ret = EVP_PKEY_new();
if (rsa == NULL || ret == NULL)
goto memerr;
- rsa->e = BN_new();
- if (rsa->e == NULL)
+ e = BN_new();
+ if (e == NULL)
goto memerr;
- if (!BN_set_word(rsa->e, read_ledword(&p)))
+ if (!BN_set_word(e, read_ledword(&pin)))
goto memerr;
- if (!read_lebn(&p, nbyte, &rsa->n))
+ if (!read_lebn(&pin, nbyte, &n))
goto memerr;
if (!ispub) {
- if (!read_lebn(&p, hnbyte, &rsa->p))
+ BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
+ if (!read_lebn(&pin, hnbyte, &p))
goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->q))
+ if (!read_lebn(&pin, hnbyte, &q))
goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->dmp1))
+ if (!read_lebn(&pin, hnbyte, &dmp1))
goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->dmq1))
+ if (!read_lebn(&pin, hnbyte, &dmq1))
goto memerr;
- if (!read_lebn(&p, hnbyte, &rsa->iqmp))
+ if (!read_lebn(&pin, hnbyte, &iqmp))
goto memerr;
- if (!read_lebn(&p, nbyte, &rsa->d))
+ if (!read_lebn(&pin, nbyte, &d))
goto memerr;
+ RSA_set0_factors(rsa, p, q);
+ RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp);
}
+ RSA_set0_key(rsa, e, n, d);
EVP_PKEY_set1_RSA(ret, rsa);
RSA_free(rsa);
- *in = p;
+ *in = pin;
return ret;
memerr:
PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
@@ -530,26 +535,35 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
{
int nbyte, hnbyte, bitlen;
- if (BN_num_bits(rsa->e) > 32)
+ BIGNUM *e;
+
+ RSA_get0_key(rsa, &e, NULL, NULL);
+ if (BN_num_bits(e) > 32)
goto badkey;
- bitlen = BN_num_bits(rsa->n);
- nbyte = BN_num_bytes(rsa->n);
- hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+ bitlen = RSA_bits(rsa);
+ nbyte = RSA_size(rsa);
+ hnbyte = (bitlen + 15) >> 4;
if (ispub) {
*pmagic = MS_RSA1MAGIC;
return bitlen;
} else {
+ BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1;
+
*pmagic = MS_RSA2MAGIC;
+
/*
* For private key each component must fit within nbyte or hnbyte.
*/
- if (BN_num_bytes(rsa->d) > nbyte)
+ RSA_get0_key(rsa, NULL, NULL, &d);
+ if (BN_num_bytes(d) > nbyte)
goto badkey;
- if ((BN_num_bytes(rsa->iqmp) > hnbyte)
- || (BN_num_bytes(rsa->p) > hnbyte)
- || (BN_num_bytes(rsa->q) > hnbyte)
- || (BN_num_bytes(rsa->dmp1) > hnbyte)
- || (BN_num_bytes(rsa->dmq1) > hnbyte))
+ RSA_get0_factors(rsa, &p, &q);
+ RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+ if ((BN_num_bytes(iqmp) > hnbyte)
+ || (BN_num_bytes(p) > hnbyte)
+ || (BN_num_bytes(q) > hnbyte)
+ || (BN_num_bytes(dmp1) > hnbyte)
+ || (BN_num_bytes(dmq1) > hnbyte))
goto badkey;
}
return bitlen;
@@ -561,18 +575,23 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
{
int nbyte, hnbyte;
- nbyte = BN_num_bytes(rsa->n);
- hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
- write_lebn(out, rsa->e, 4);
- write_lebn(out, rsa->n, -1);
+ BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1;
+
+ nbyte = RSA_size(rsa);
+ hnbyte = (RSA_bits(rsa) + 15) >> 4;
+ RSA_get0_key(rsa, &e, &n, &d);
+ write_lebn(out, e, 4);
+ write_lebn(out, n, -1);
if (ispub)
return;
- write_lebn(out, rsa->p, hnbyte);
- write_lebn(out, rsa->q, hnbyte);
- write_lebn(out, rsa->dmp1, hnbyte);
- write_lebn(out, rsa->dmq1, hnbyte);
- write_lebn(out, rsa->iqmp, hnbyte);
- write_lebn(out, rsa->d, nbyte);
+ RSA_get0_factors(rsa, &p, &q);
+ RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
+ write_lebn(out, p, hnbyte);
+ write_lebn(out, q, hnbyte);
+ write_lebn(out, dmp1, hnbyte);
+ write_lebn(out, dmq1, hnbyte);
+ write_lebn(out, iqmp, hnbyte);
+ write_lebn(out, d, nbyte);
}
static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index ad51a440e5..4ff2665d60 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -60,11 +60,11 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/cms.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
+#include "rsa_locl.h"
#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si);
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index 86a71b7c6b..da8b2406dd 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -59,9 +59,9 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/rsa.h>
#include <openssl/x509.h>
#include <openssl/asn1t.h>
+#include "rsa_locl.h"
/* Override the default free and new methods */
static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c
index 02d3c41340..f78050876c 100644
--- a/crypto/rsa/rsa_chk.c
+++ b/crypto/rsa/rsa_chk.c
@@ -49,7 +49,7 @@
#include <openssl/bn.h>
#include <openssl/err.h>
-#include <openssl/rsa.h>
+#include "rsa_locl.h"
int RSA_check_key(const RSA *key)
{
diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c
index cec4a7c2bd..6cc3c70ec3 100644
--- a/crypto/rsa/rsa_crpt.c
+++ b/crypto/rsa/rsa_crpt.c
@@ -60,8 +60,8 @@
#include "internal/cryptlib.h"
#include <openssl/lhash.h>
#include "internal/bn_int.h"
-#include <openssl/rsa.h>
#include <openssl/rand.h>
+#include "rsa_locl.h"
int RSA_bits(const RSA *r)
{
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index 6ec27495e7..c4562589e1 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -65,7 +65,7 @@
#include <time.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/rsa.h>
+#include "rsa_locl.h"
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
BN_GENCB *cb);
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index bd881ed528..7ee575d663 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -60,9 +60,9 @@
#include "internal/cryptlib.h"
#include <openssl/lhash.h>
#include "internal/bn_int.h"
-#include <openssl/rsa.h>
#include <openssl/rand.h>
#include <openssl/engine.h>
+#include "rsa_locl.h"
static const RSA_METHOD *default_RSA_meth = NULL;
@@ -283,3 +283,96 @@ int RSA_security_bits(const RSA *rsa)
{
return BN_security_bits(BN_num_bits(rsa->n), -1);
}
+
+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+{
+ /* d is the private component and may be NULL */
+ if (n == NULL || e == NULL)
+ return 0;
+
+ BN_free(r->n);
+ BN_free(r->e);
+ BN_free(r->d);
+ r->n = n;
+ r->e = e;
+ r->d = d;
+
+ return 1;
+}
+
+int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
+{
+ if (p == NULL || q == NULL)
+ return 0;
+
+ BN_free(r->p);
+ BN_free(r->q);
+ r->p = p;
+ r->q = q;
+
+ return 1;
+}
+
+int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
+{
+ if (dmp1 == NULL || dmq1 == NULL || iqmp == NULL)
+ return 0;
+
+ BN_free(r->dmp1);
+ BN_free(r->dmq1);
+ BN_free(r->iqmp);
+ r->dmp1 = dmp1;
+ r->dmq1 = dmq1;
+ r->iqmp = iqmp;
+
+ return 1;
+}
+
+void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d)
+{
+ if (n != NULL)
+ *n = r->n;
+ if (e != NULL)
+ *e = r->e;
+ if (d != NULL)
+ *d = r->d;
+}
+
+void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q)
+{
+ if (p != NULL)
+ *p = r->p;
+ if (q != NULL)
+ *q = r->q;
+}
+
+void RSA_get0_crt_params(const RSA *r,
+ BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp)
+{
+ if (dmp1 != NULL)
+ *dmp1 = r->dmp1;
+ if (dmq1 != NULL)
+ *dmq1 = r->dmq1;
+ if (iqmp != NULL)
+ *iqmp = r->iqmp;
+}
+
+void RSA_clear_flags(RSA *r, int flags)
+{
+ r->flags &= ~flags;
+}
+
+int RSA_test_flags(const RSA *r, int flags)
+{
+ return r->flags & flags;
+}
+
+void RSA_set_flags(RSA *r, int flags)
+{
+ r->flags |= flags;
+}
+
+ENGINE *RSA_get0_engine(RSA *r)
+{
+ return r->engine;
+}
diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h
index 3e88187d9b..dd9e70b6a8 100644
--- a/crypto/rsa/rsa_locl.h
+++ b/crypto/rsa/rsa_locl.h
@@ -1,3 +1,51 @@
+/*
+ * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL licenses, (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * https://www.openssl.org/source/license.html
+ * or in the file LICENSE in the source distribution.
+ */
+
+#include <openssl/rsa.h>
+
+struct rsa_st {
+ /*
+ * The first parameter is used to pickup errors where this is passed
+ * instead of aEVP_PKEY, it is set to 0
+ */
+ int pad;
+ long version;
+ const RSA_METHOD *meth;
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+ /* be careful using this if the RSA structure is shared */
+ CRYPTO_EX_DATA ex_data;
+ int references;
+ int flags;
+ /* Used to cache montgomery values */
+ BN_MONT_CTX *_method_mod_n;
+ BN_MONT_CTX *_method_mod_p;
+ BN_MONT_CTX *_method_mod_q;
+ /*
+ * all BIGNUM values are actually in the following data, if it is not
+ * NULL
+ */
+ char *bignum_data;
+ BN_BLINDING *blinding;
+ BN_BLINDING *mt_blinding;
+ CRYPTO_RWLOCK *lock;
+};
+
extern int int_rsa_verify(int dtype, const unsigned char *m,
unsigned int m_len, unsigned char *rm,
size_t *prm_len, const unsigned char *sigbuf,
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index 355788423b..27a6e78823 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -21,10 +21,10 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
+#include "rsa_locl.h"
int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *from, int flen,
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index 8d3383bfb0..5c3c0bf95e 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -110,8 +110,8 @@
#include "internal/cryptlib.h"
#include "internal/bn_int.h"
-#include <openssl/rsa.h>
#include <openssl/rand.h>
+#include "rsa_locl.h"
#ifndef RSA_NULL
diff --git a/crypto/rsa/rsa_x931g.c b/crypto/rsa/rsa_x931g.c
index d4c520c429..1e164e86e1 100644
--- a/crypto/rsa/rsa_x931g.c
+++ b/crypto/rsa/rsa_x931g.c
@@ -60,7 +60,7 @@
#include <time.h>
#include <openssl/err.h>
#include <openssl/bn.h>
-#include <openssl/rsa.h>
+#include "rsa_locl.h"
/* X9.31 RSA key derivation and generation */
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-26 22:49:07 +0000