[thirdparty/openssl.git] / crypto / rsa / rsa_lib.c

/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include <openssl/lhash.h>
#include "internal/bn_int.h"
#include <openssl/engine.h>
#include <openssl/evp.h>
#include "internal/evp_int.h"
#include "rsa_locl.h"

RSA *RSA_new(void)
{
    return RSA_new_method(NULL);
}

const RSA_METHOD *RSA_get_method(const RSA *rsa)
{
    return rsa->meth;
}

int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
{
    /*
     * NB: The caller is specifically setting a method, so it's not up to us
     * to deal with which ENGINE it comes from.
     */
    const RSA_METHOD *mtmp;
    mtmp = rsa->meth;
    if (mtmp->finish)
        mtmp->finish(rsa);
#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(rsa->engine);
    rsa->engine = NULL;
#endif
    rsa->meth = meth;
    if (meth->init)
        meth->init(rsa);
    return 1;
}

RSA *RSA_new_method(ENGINE *engine)
{
    RSA *ret = OPENSSL_zalloc(sizeof(*ret));

    if (ret == NULL) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return NULL;
    }

    ret->references = 1;
    ret->lock = CRYPTO_THREAD_lock_new();
    if (ret->lock == NULL) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ret);
        return NULL;
    }

    ret->meth = RSA_get_default_method();
#ifndef OPENSSL_NO_ENGINE
    ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
    if (engine) {
        if (!ENGINE_init(engine)) {
            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
            goto err;
        }
        ret->engine = engine;
    } else
        ret->engine = ENGINE_get_default_RSA();
    if (ret->engine) {
        ret->meth = ENGINE_get_RSA(ret->engine);
        if (ret->meth == NULL) {
            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
            goto err;
        }
    }
#endif

    ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
        goto err;
    }

    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_INIT_FAIL);
        goto err;
    }

    return ret;

err:
    RSA_free(ret);
    return NULL;
}

void RSA_free(RSA *r)
{
    int i;

    if (r == NULL)
        return;

    CRYPTO_DOWN_REF(&r->references, &i, r->lock);
    REF_PRINT_COUNT("RSA", r);
    if (i > 0)
        return;
    REF_ASSERT_ISNT(i < 0);

    if (r->meth->finish)
        r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(r->engine);
#endif

    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);

    CRYPTO_THREAD_lock_free(r->lock);

    BN_clear_free(r->n);
    BN_clear_free(r->e);
    BN_clear_free(r->d);
    BN_clear_free(r->p);
    BN_clear_free(r->q);
    BN_clear_free(r->dmp1);
    BN_clear_free(r->dmq1);
    BN_clear_free(r->iqmp);
    RSA_PSS_PARAMS_free(r->pss);
    BN_BLINDING_free(r->blinding);
    BN_BLINDING_free(r->mt_blinding);
    OPENSSL_free(r->bignum_data);
    OPENSSL_free(r);
}

int RSA_up_ref(RSA *r)
{
    int i;

    if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
        return 0;

    REF_PRINT_COUNT("RSA", r);
    REF_ASSERT_ISNT(i < 2);
    return ((i > 1) ? 1 : 0);
}

int RSA_set_ex_data(RSA *r, int idx, void *arg)
{
    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
}

void *RSA_get_ex_data(const RSA *r, int idx)
{
    return (CRYPTO_get_ex_data(&r->ex_data, idx));
}

int RSA_security_bits(const RSA *rsa)
{
    return BN_security_bits(BN_num_bits(rsa->n), -1);
}

int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
{
    /* If the fields n and e in r are NULL, the corresponding input
     * parameters MUST be non-NULL for n and e.  d may be
     * left NULL (in case only the public key is used).
     */
    if ((r->n == NULL && n == NULL)
        || (r->e == NULL && e == NULL))
        return 0;

    if (n != NULL) {
        BN_free(r->n);
        r->n = n;
    }
    if (e != NULL) {
        BN_free(r->e);
        r->e = e;
    }
    if (d != NULL) {
        BN_free(r->d);
        r->d = d;
    }

    return 1;
}

int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
{
    /* If the fields p and q in r are NULL, the corresponding input
     * parameters MUST be non-NULL.
     */
    if ((r->p == NULL && p == NULL)
        || (r->q == NULL && q == NULL))
        return 0;

    if (p != NULL) {
        BN_free(r->p);
        r->p = p;
    }
    if (q != NULL) {
        BN_free(r->q);
        r->q = q;
    }

    return 1;
}

int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
{
    /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
     * parameters MUST be non-NULL.
     */
    if ((r->dmp1 == NULL && dmp1 == NULL)
        || (r->dmq1 == NULL && dmq1 == NULL)
        || (r->iqmp == NULL && iqmp == NULL))
        return 0;

    if (dmp1 != NULL) {
        BN_free(r->dmp1);
        r->dmp1 = dmp1;
    }
    if (dmq1 != NULL) {
        BN_free(r->dmq1);
        r->dmq1 = dmq1;
    }
    if (iqmp != NULL) {
        BN_free(r->iqmp);
        r->iqmp = iqmp;
    }

    return 1;
}

void RSA_get0_key(const RSA *r,
                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
{
    if (n != NULL)
        *n = r->n;
    if (e != NULL)
        *e = r->e;
    if (d != NULL)
        *d = r->d;
}

void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
{
    if (p != NULL)
        *p = r->p;
    if (q != NULL)
        *q = r->q;
}

void RSA_get0_crt_params(const RSA *r,
                         const BIGNUM **dmp1, const BIGNUM **dmq1,
                         const BIGNUM **iqmp)
{
    if (dmp1 != NULL)
        *dmp1 = r->dmp1;
    if (dmq1 != NULL)
        *dmq1 = r->dmq1;
    if (iqmp != NULL)
        *iqmp = r->iqmp;
}

void RSA_clear_flags(RSA *r, int flags)
{
    r->flags &= ~flags;
}

int RSA_test_flags(const RSA *r, int flags)
{
    return r->flags & flags;
}

void RSA_set_flags(RSA *r, int flags)
{
    r->flags |= flags;
}

ENGINE *RSA_get0_engine(const RSA *r)
{
    return r->engine;
}

int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2)
{
    /* If key type not RSA or RSA-PSS return error */
    if (ctx != NULL && ctx->pmeth != NULL
        && ctx->pmeth->pkey_id != EVP_PKEY_RSA
        && ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
        return -1;
     return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, p1, p2);
}
Commit	Line	Data
2039c421 RS	1	/*
2039c421 RS	2	* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
2039c421 RS	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6 RE	8	*/
	9
	10	#include <stdio.h>
ec577822	11	#include <openssl/crypto.h>
b39fc560	12	#include "internal/cryptlib.h"
ec577822	13	#include <openssl/lhash.h>
18125f7f	14	#include "internal/bn_int.h"
3c27208f	15	#include <openssl/engine.h>
e5e04ee3 DSH	16	#include <openssl/evp.h>
e5e04ee3 DSH	17	#include "internal/evp_int.h"
9862e9aa	18	#include "rsa_locl.h"
d02b48c6	19
6b691a5c	20	RSA *RSA_new(void)
0f113f3e	21	{
076fc555	22	return RSA_new_method(NULL);
0f113f3e	23	}
ce8b2574	24
29c1f061	25	const RSA_METHOD RSA_get_method(const RSA rsa)
0f113f3e MC	26	{
	27	return rsa->meth;
	28	}
cb78486d GT	29
cb78486d GT	30	int RSA_set_method(RSA rsa, const RSA_METHOD meth)
0f113f3e MC	31	{
	32	/*
	33	* NB: The caller is specifically setting a method, so it's not up to us
	34	* to deal with which ENGINE it comes from.
	35	*/
	36	const RSA_METHOD *mtmp;
	37	mtmp = rsa->meth;
	38	if (mtmp->finish)
	39	mtmp->finish(rsa);
0b13e9f0	40	#ifndef OPENSSL_NO_ENGINE
7c96dbcd RS	41	ENGINE_finish(rsa->engine);
7c96dbcd RS	42	rsa->engine = NULL;
0b13e9f0	43	#endif
0f113f3e MC	44	rsa->meth = meth;
	45	if (meth->init)
	46	meth->init(rsa);
	47	return 1;
	48	}
ce8b2574	49
5270e702	50	RSA RSA_new_method(ENGINE engine)
0f113f3e	51	{
11ed851d	52	RSA ret = OPENSSL_zalloc(sizeof(ret));
d02b48c6	53
0f113f3e MC	54	if (ret == NULL) {
	55	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
	56	return NULL;
	57	}
d02b48c6	58
11ed851d F	59	ret->references = 1;
	60	ret->lock = CRYPTO_THREAD_lock_new();
	61	if (ret->lock == NULL) {
	62	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
	63	OPENSSL_free(ret);
	64	return NULL;
	65	}
	66
0f113f3e	67	ret->meth = RSA_get_default_method();
0b13e9f0	68	#ifndef OPENSSL_NO_ENGINE
11ed851d	69	ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
0f113f3e MC	70	if (engine) {
	71	if (!ENGINE_init(engine)) {
	72	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
11ed851d	73	goto err;
0f113f3e MC	74	}
	75	ret->engine = engine;
	76	} else
	77	ret->engine = ENGINE_get_default_RSA();
	78	if (ret->engine) {
	79	ret->meth = ENGINE_get_RSA(ret->engine);
7c96dbcd	80	if (ret->meth == NULL) {
0f113f3e	81	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
11ed851d	82	goto err;
0f113f3e MC	83	}
0f113f3e MC	84	}
0b13e9f0	85	#endif
0c9de428	86
0f113f3e MC	87	ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
0f113f3e MC	88	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
11ed851d	89	goto err;
d188a536 AG	90	}
	91
	92	if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
11ed851d F	93	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_INIT_FAIL);
11ed851d F	94	goto err;
0f113f3e	95	}
d188a536 AG	96
d188a536 AG	97	return ret;
11ed851d F	98
	99	err:
	100	RSA_free(ret);
	101	return NULL;
0f113f3e	102	}
d02b48c6	103
6b691a5c	104	void RSA_free(RSA *r)
0f113f3e MC	105	{
0f113f3e MC	106	int i;
d02b48c6	107
0f113f3e MC	108	if (r == NULL)
0f113f3e MC	109	return;
d02b48c6	110
2f545ae4	111	CRYPTO_DOWN_REF(&r->references, &i, r->lock);
f3f1cf84	112	REF_PRINT_COUNT("RSA", r);
0f113f3e MC	113	if (i > 0)
0f113f3e MC	114	return;
f3f1cf84	115	REF_ASSERT_ISNT(i < 0);
d02b48c6	116
0f113f3e MC	117	if (r->meth->finish)
0f113f3e MC	118	r->meth->finish(r);
0b13e9f0	119	#ifndef OPENSSL_NO_ENGINE
412bafdc	120	ENGINE_finish(r->engine);
0b13e9f0	121	#endif
d02b48c6	122
0f113f3e	123	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
7abe8305	124
d188a536 AG	125	CRYPTO_THREAD_lock_free(r->lock);
d188a536 AG	126
23a1d5e9 RS	127	BN_clear_free(r->n);
	128	BN_clear_free(r->e);
	129	BN_clear_free(r->d);
	130	BN_clear_free(r->p);
	131	BN_clear_free(r->q);
	132	BN_clear_free(r->dmp1);
	133	BN_clear_free(r->dmq1);
	134	BN_clear_free(r->iqmp);
d771441d	135	RSA_PSS_PARAMS_free(r->pss);
23a1d5e9 RS	136	BN_BLINDING_free(r->blinding);
23a1d5e9 RS	137	BN_BLINDING_free(r->mt_blinding);
4c42ebd2	138	OPENSSL_free(r->bignum_data);
0f113f3e MC	139	OPENSSL_free(r);
0f113f3e MC	140	}
d02b48c6	141
6ac4e8bd	142	int RSA_up_ref(RSA *r)
0f113f3e	143	{
d188a536 AG	144	int i;
d188a536 AG	145
2f545ae4	146	if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
d188a536	147	return 0;
f3f1cf84 RS	148
	149	REF_PRINT_COUNT("RSA", r);
	150	REF_ASSERT_ISNT(i < 2);
0f113f3e MC	151	return ((i > 1) ? 1 : 0);
0f113f3e MC	152	}
5cbc2e8b	153
dd9d233e	154	int RSA_set_ex_data(RSA r, int idx, void arg)
0f113f3e MC	155	{
	156	return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
	157	}
58964a49	158
29c1f061	159	void RSA_get_ex_data(const RSA r, int idx)
0f113f3e MC	160	{
	161	return (CRYPTO_get_ex_data(&r->ex_data, idx));
	162	}
58964a49	163
2514fa79	164	int RSA_security_bits(const RSA *rsa)
0f113f3e MC	165	{
	166	return BN_security_bits(BN_num_bits(rsa->n), -1);
	167	}
9862e9aa RL	168
	169	int RSA_set0_key(RSA r, BIGNUM n, BIGNUM e, BIGNUM d)
	170	{
fd809cfd	171	/* If the fields n and e in r are NULL, the corresponding input
1da12e34 RL	172	* parameters MUST be non-NULL for n and e. d may be
1da12e34 RL	173	* left NULL (in case only the public key is used).
1da12e34	174	*/
b84e1226 MC	175	if ((r->n == NULL && n == NULL)
b84e1226 MC	176	\|\| (r->e == NULL && e == NULL))
9862e9aa RL	177	return 0;
9862e9aa RL	178
1da12e34 RL	179	if (n != NULL) {
	180	BN_free(r->n);
	181	r->n = n;
	182	}
	183	if (e != NULL) {
	184	BN_free(r->e);
	185	r->e = e;
	186	}
	187	if (d != NULL) {
	188	BN_free(r->d);
	189	r->d = d;
	190	}
9862e9aa RL	191
	192	return 1;
	193	}
	194
	195	int RSA_set0_factors(RSA r, BIGNUM p, BIGNUM *q)
	196	{
fd809cfd	197	/* If the fields p and q in r are NULL, the corresponding input
1da12e34	198	* parameters MUST be non-NULL.
1da12e34	199	*/
b84e1226 MC	200	if ((r->p == NULL && p == NULL)
b84e1226 MC	201	\|\| (r->q == NULL && q == NULL))
9862e9aa RL	202	return 0;
9862e9aa RL	203
1da12e34 RL	204	if (p != NULL) {
	205	BN_free(r->p);
	206	r->p = p;
	207	}
	208	if (q != NULL) {
	209	BN_free(r->q);
	210	r->q = q;
	211	}
9862e9aa RL	212
	213	return 1;
	214	}
	215
	216	int RSA_set0_crt_params(RSA r, BIGNUM dmp1, BIGNUM dmq1, BIGNUM iqmp)
	217	{
fd809cfd	218	/* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
1da12e34	219	* parameters MUST be non-NULL.
1da12e34	220	*/
b84e1226 MC	221	if ((r->dmp1 == NULL && dmp1 == NULL)
	222	\|\| (r->dmq1 == NULL && dmq1 == NULL)
	223	\|\| (r->iqmp == NULL && iqmp == NULL))
9862e9aa RL	224	return 0;
9862e9aa RL	225
1da12e34 RL	226	if (dmp1 != NULL) {
	227	BN_free(r->dmp1);
	228	r->dmp1 = dmp1;
	229	}
	230	if (dmq1 != NULL) {
	231	BN_free(r->dmq1);
	232	r->dmq1 = dmq1;
	233	}
	234	if (iqmp != NULL) {
	235	BN_free(r->iqmp);
	236	r->iqmp = iqmp;
	237	}
9862e9aa RL	238
	239	return 1;
	240	}
	241
fd809cfd RL	242	void RSA_get0_key(const RSA *r,
fd809cfd RL	243	const BIGNUM n, const BIGNUM e, const BIGNUM **d)
9862e9aa RL	244	{
	245	if (n != NULL)
	246	*n = r->n;
	247	if (e != NULL)
	248	*e = r->e;
	249	if (d != NULL)
	250	*d = r->d;
	251	}
	252
fd809cfd	253	void RSA_get0_factors(const RSA r, const BIGNUM p, const BIGNUM *q)
9862e9aa RL	254	{
	255	if (p != NULL)
	256	*p = r->p;
	257	if (q != NULL)
	258	*q = r->q;
	259	}
	260
	261	void RSA_get0_crt_params(const RSA *r,
fd809cfd RL	262	const BIGNUM dmp1, const BIGNUM dmq1,
fd809cfd RL	263	const BIGNUM **iqmp)
9862e9aa RL	264	{
	265	if (dmp1 != NULL)
	266	*dmp1 = r->dmp1;
	267	if (dmq1 != NULL)
	268	*dmq1 = r->dmq1;
	269	if (iqmp != NULL)
	270	*iqmp = r->iqmp;
	271	}
	272
	273	void RSA_clear_flags(RSA *r, int flags)
	274	{
	275	r->flags &= ~flags;
	276	}
	277
	278	int RSA_test_flags(const RSA *r, int flags)
	279	{
	280	return r->flags & flags;
	281	}
	282
	283	void RSA_set_flags(RSA *r, int flags)
	284	{
	285	r->flags \|= flags;
	286	}
	287
e0685d24	288	ENGINE RSA_get0_engine(const RSA r)
9862e9aa RL	289	{
	290	return r->engine;
	291	}
e5e04ee3 DSH	292
	293	int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX ctx, int optype, int cmd, int p1, void p2)
	294	{
	295	/* If key type not RSA or RSA-PSS return error */
	296	if (ctx != NULL && ctx->pmeth != NULL
	297	&& ctx->pmeth->pkey_id != EVP_PKEY_RSA
	298	&& ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
	299	return -1;
	300	return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, p1, p2);
	301	}