]>
Commit | Line | Data |
---|---|---|
09b88a4a | 1 | /* crypto/rsa/rsa_ameth.c */ |
2e597528 | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
448be743 DSH |
3 | * project 2006. |
4 | */ | |
5 | /* ==================================================================== | |
6 | * Copyright (c) 2006 The OpenSSL Project. All rights reserved. | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * | |
15 | * 2. Redistributions in binary form must reproduce the above copyright | |
16 | * notice, this list of conditions and the following disclaimer in | |
17 | * the documentation and/or other materials provided with the | |
18 | * distribution. | |
19 | * | |
20 | * 3. All advertising materials mentioning features or use of this | |
21 | * software must display the following acknowledgment: | |
22 | * "This product includes software developed by the OpenSSL Project | |
23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 | * | |
25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 | * endorse or promote products derived from this software without | |
27 | * prior written permission. For written permission, please contact | |
28 | * licensing@OpenSSL.org. | |
29 | * | |
30 | * 5. Products derived from this software may not be called "OpenSSL" | |
31 | * nor may "OpenSSL" appear in their names without prior written | |
32 | * permission of the OpenSSL Project. | |
33 | * | |
34 | * 6. Redistributions of any form whatsoever must retain the following | |
35 | * acknowledgment: | |
36 | * "This product includes software developed by the OpenSSL Project | |
37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 | * | |
39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 | * ==================================================================== | |
52 | * | |
53 | * This product includes cryptographic software written by Eric Young | |
54 | * (eay@cryptsoft.com). This product includes software written by Tim | |
55 | * Hudson (tjh@cryptsoft.com). | |
56 | * | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
60 | #include "cryptlib.h" | |
61 | #include <openssl/asn1t.h> | |
62 | #include <openssl/x509.h> | |
63 | #include <openssl/rsa.h> | |
1e26a8ba | 64 | #include <openssl/bn.h> |
8931b30d DSH |
65 | #ifndef OPENSSL_NO_CMS |
66 | #include <openssl/cms.h> | |
67 | #endif | |
18e377b4 | 68 | #include "asn1_locl.h" |
448be743 | 69 | |
6f81892e | 70 | static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) |
448be743 DSH |
71 | { |
72 | unsigned char *penc = NULL; | |
73 | int penclen; | |
74 | penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc); | |
75 | if (penclen <= 0) | |
76 | return 0; | |
77 | if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA), | |
78 | V_ASN1_NULL, NULL, penc, penclen)) | |
79 | return 1; | |
80 | ||
81 | OPENSSL_free(penc); | |
82 | return 0; | |
83 | } | |
84 | ||
85 | static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) | |
86 | { | |
87 | const unsigned char *p; | |
88 | int pklen; | |
89 | RSA *rsa = NULL; | |
90 | if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey)) | |
91 | return 0; | |
92 | if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen))) | |
93 | { | |
94 | RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB); | |
95 | return 0; | |
96 | } | |
97 | EVP_PKEY_assign_RSA (pkey, rsa); | |
98 | return 1; | |
99 | } | |
100 | ||
6f81892e DSH |
101 | static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) |
102 | { | |
103 | if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0 | |
104 | || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0) | |
105 | return 0; | |
106 | return 1; | |
107 | } | |
108 | ||
e4263314 | 109 | static int old_rsa_priv_decode(EVP_PKEY *pkey, |
6343829a | 110 | const unsigned char **pder, int derlen) |
448be743 | 111 | { |
e4263314 DSH |
112 | RSA *rsa; |
113 | if (!(rsa = d2i_RSAPrivateKey (NULL, pder, derlen))) | |
448be743 | 114 | { |
5c95c2ac | 115 | RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB); |
448be743 DSH |
116 | return 0; |
117 | } | |
e4263314 | 118 | EVP_PKEY_assign_RSA(pkey, rsa); |
448be743 DSH |
119 | return 1; |
120 | } | |
121 | ||
e4263314 DSH |
122 | static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) |
123 | { | |
124 | return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); | |
125 | } | |
126 | ||
6f81892e | 127 | static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) |
448be743 DSH |
128 | { |
129 | unsigned char *rk = NULL; | |
130 | int rklen; | |
131 | rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); | |
132 | ||
133 | if (rklen <= 0) | |
134 | { | |
135 | RSAerr(RSA_F_RSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE); | |
136 | return 0; | |
137 | } | |
138 | ||
139 | if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0, | |
140 | V_ASN1_NULL, NULL, rk, rklen)) | |
141 | { | |
142 | RSAerr(RSA_F_RSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE); | |
143 | return 0; | |
144 | } | |
145 | ||
146 | return 1; | |
147 | } | |
148 | ||
e4263314 DSH |
149 | static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) |
150 | { | |
151 | const unsigned char *p; | |
152 | int pklen; | |
153 | if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8)) | |
154 | return 0; | |
155 | return old_rsa_priv_decode(pkey, &p, pklen); | |
156 | } | |
157 | ||
6f81892e DSH |
158 | static int int_rsa_size(const EVP_PKEY *pkey) |
159 | { | |
160 | return RSA_size(pkey->pkey.rsa); | |
161 | } | |
162 | ||
163 | static int rsa_bits(const EVP_PKEY *pkey) | |
164 | { | |
165 | return BN_num_bits(pkey->pkey.rsa->n); | |
166 | } | |
167 | ||
168 | static void int_rsa_free(EVP_PKEY *pkey) | |
169 | { | |
170 | RSA_free(pkey->pkey.rsa); | |
171 | } | |
172 | ||
35208f36 DSH |
173 | |
174 | static void update_buflen(const BIGNUM *b, size_t *pbuflen) | |
175 | { | |
c20276e4 | 176 | size_t i; |
35208f36 DSH |
177 | if (!b) |
178 | return; | |
179 | if (*pbuflen < (i = (size_t)BN_num_bytes(b))) | |
180 | *pbuflen = i; | |
181 | } | |
182 | ||
183 | static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv) | |
184 | { | |
185 | char *str; | |
186 | const char *s; | |
187 | unsigned char *m=NULL; | |
188 | int ret=0, mod_len = 0; | |
189 | size_t buf_len=0; | |
190 | ||
191 | update_buflen(x->n, &buf_len); | |
192 | update_buflen(x->e, &buf_len); | |
193 | ||
194 | if (priv) | |
195 | { | |
196 | update_buflen(x->d, &buf_len); | |
197 | update_buflen(x->p, &buf_len); | |
198 | update_buflen(x->q, &buf_len); | |
199 | update_buflen(x->dmp1, &buf_len); | |
200 | update_buflen(x->dmq1, &buf_len); | |
201 | update_buflen(x->iqmp, &buf_len); | |
202 | } | |
203 | ||
204 | m=(unsigned char *)OPENSSL_malloc(buf_len+10); | |
205 | if (m == NULL) | |
206 | { | |
5c95c2ac | 207 | RSAerr(RSA_F_DO_RSA_PRINT,ERR_R_MALLOC_FAILURE); |
35208f36 DSH |
208 | goto err; |
209 | } | |
210 | ||
211 | if (x->n != NULL) | |
212 | mod_len = BN_num_bits(x->n); | |
213 | ||
214 | if(!BIO_indent(bp,off,128)) | |
215 | goto err; | |
216 | ||
217 | if (priv && x->d) | |
218 | { | |
219 | if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len) | |
220 | <= 0) goto err; | |
221 | str = "modulus:"; | |
222 | s = "publicExponent:"; | |
223 | } | |
224 | else | |
225 | { | |
226 | if (BIO_printf(bp,"Public-Key: (%d bit)\n", mod_len) | |
227 | <= 0) goto err; | |
228 | str = "Modulus:"; | |
229 | s= "Exponent:"; | |
230 | } | |
231 | if (!ASN1_bn_print(bp,str,x->n,m,off)) goto err; | |
232 | if (!ASN1_bn_print(bp,s,x->e,m,off)) | |
233 | goto err; | |
234 | if (priv) | |
235 | { | |
236 | if (!ASN1_bn_print(bp,"privateExponent:",x->d,m,off)) | |
237 | goto err; | |
238 | if (!ASN1_bn_print(bp,"prime1:",x->p,m,off)) | |
239 | goto err; | |
240 | if (!ASN1_bn_print(bp,"prime2:",x->q,m,off)) | |
241 | goto err; | |
242 | if (!ASN1_bn_print(bp,"exponent1:",x->dmp1,m,off)) | |
243 | goto err; | |
244 | if (!ASN1_bn_print(bp,"exponent2:",x->dmq1,m,off)) | |
245 | goto err; | |
246 | if (!ASN1_bn_print(bp,"coefficient:",x->iqmp,m,off)) | |
247 | goto err; | |
248 | } | |
249 | ret=1; | |
250 | err: | |
251 | if (m != NULL) OPENSSL_free(m); | |
252 | return(ret); | |
253 | } | |
254 | ||
255 | static int rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, | |
256 | ASN1_PCTX *ctx) | |
257 | { | |
258 | return do_rsa_print(bp, pkey->pkey.rsa, indent, 0); | |
259 | } | |
260 | ||
261 | ||
262 | static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, | |
263 | ASN1_PCTX *ctx) | |
264 | { | |
265 | return do_rsa_print(bp, pkey->pkey.rsa, indent, 1); | |
266 | } | |
267 | ||
ff04bbe3 DSH |
268 | static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent) |
269 | { | |
270 | int rv = 0; | |
271 | X509_ALGOR *maskHash = NULL; | |
272 | if (!pss) | |
273 | { | |
274 | if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0) | |
275 | return 0; | |
276 | } | |
277 | if (BIO_puts(bp, "\n") <= 0) | |
278 | goto err; | |
279 | if (!BIO_indent(bp, indent, 128)) | |
280 | goto err; | |
281 | if (BIO_puts(bp, "Hash Algorithm: ") <= 0) | |
282 | goto err; | |
283 | ||
284 | if (pss->hashAlgorithm) | |
285 | { | |
286 | if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0) | |
287 | goto err; | |
288 | } | |
289 | else if (BIO_puts(bp, "sha1 (default)") <= 0) | |
290 | goto err; | |
291 | ||
292 | if (BIO_puts(bp, "\n") <= 0) | |
293 | goto err; | |
294 | ||
295 | if (!BIO_indent(bp, indent, 128)) | |
296 | goto err; | |
297 | ||
298 | if (BIO_puts(bp, "Mask Algorithm: ") <= 0) | |
299 | goto err; | |
300 | if (pss->maskGenAlgorithm) | |
301 | { | |
302 | ASN1_TYPE *param = pss->maskGenAlgorithm->parameter; | |
303 | if (param->type == V_ASN1_SEQUENCE) | |
304 | { | |
305 | const unsigned char *p = param->value.sequence->data; | |
306 | int plen = param->value.sequence->length; | |
307 | maskHash = d2i_X509_ALGOR(NULL, &p, plen); | |
308 | } | |
309 | if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0) | |
310 | goto err; | |
311 | if (BIO_puts(bp, " with ") <= 0) | |
312 | goto err; | |
313 | if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0) | |
314 | goto err; | |
315 | } | |
316 | else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0) | |
317 | goto err; | |
318 | BIO_puts(bp, "\n"); | |
319 | ||
320 | if (!BIO_indent(bp, indent, 128)) | |
321 | goto err; | |
322 | if (BIO_puts(bp, "Salt Length: ") <= 0) | |
323 | goto err; | |
324 | if (pss->saltLength) | |
325 | { | |
326 | if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0) | |
327 | goto err; | |
328 | } | |
329 | else if (BIO_puts(bp, "20 (default)") <= 0) | |
330 | goto err; | |
331 | BIO_puts(bp, "\n"); | |
332 | ||
333 | if (!BIO_indent(bp, indent, 128)) | |
334 | goto err; | |
335 | if (BIO_puts(bp, "Trailer Field: ") <= 0) | |
336 | goto err; | |
337 | if (pss->trailerField) | |
338 | { | |
339 | if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0) | |
340 | goto err; | |
341 | } | |
342 | else if (BIO_puts(bp, "0xbc (default)") <= 0) | |
343 | goto err; | |
344 | BIO_puts(bp, "\n"); | |
345 | ||
346 | rv = 1; | |
347 | ||
348 | err: | |
349 | if (maskHash) | |
350 | X509_ALGOR_free(maskHash); | |
351 | RSASSA_PSS_PARAMS_free(pss); | |
352 | return rv; | |
353 | ||
354 | } | |
355 | ||
356 | static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, | |
357 | const ASN1_STRING *sig, | |
358 | int indent, ASN1_PCTX *pctx) | |
359 | { | |
360 | if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss) | |
361 | { | |
362 | RSASSA_PSS_PARAMS *pss = NULL; | |
363 | ASN1_TYPE *param = sigalg->parameter; | |
364 | if (param && param->type == V_ASN1_SEQUENCE) | |
365 | { | |
366 | const unsigned char *p = param->value.sequence->data; | |
367 | int plen = param->value.sequence->length; | |
368 | pss = d2i_RSASSA_PSS_PARAMS(NULL, &p, plen); | |
369 | } | |
370 | if (!rsa_pss_param_print(bp, pss, indent)) | |
371 | return 0; | |
372 | } | |
373 | ||
374 | return X509_signature_dump(bp, sig, indent); | |
375 | } | |
492a9e24 DSH |
376 | |
377 | static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) | |
378 | { | |
4f1aa191 | 379 | X509_ALGOR *alg = NULL; |
492a9e24 DSH |
380 | switch (op) |
381 | { | |
a78568b7 | 382 | |
492a9e24 DSH |
383 | case ASN1_PKEY_CTRL_PKCS7_SIGN: |
384 | if (arg1 == 0) | |
492a9e24 | 385 | PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg); |
4f1aa191 | 386 | break; |
492a9e24 | 387 | |
a78568b7 DSH |
388 | case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: |
389 | if (arg1 == 0) | |
a78568b7 | 390 | PKCS7_RECIP_INFO_get0_alg(arg2, &alg); |
4f1aa191 | 391 | break; |
8931b30d DSH |
392 | #ifndef OPENSSL_NO_CMS |
393 | case ASN1_PKEY_CTRL_CMS_SIGN: | |
394 | if (arg1 == 0) | |
8931b30d | 395 | CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg); |
4f1aa191 DSH |
396 | break; |
397 | ||
398 | case ASN1_PKEY_CTRL_CMS_ENVELOPE: | |
399 | if (arg1 == 0) | |
400 | CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg); | |
401 | break; | |
8931b30d | 402 | #endif |
a78568b7 | 403 | |
03919683 DSH |
404 | case ASN1_PKEY_CTRL_DEFAULT_MD_NID: |
405 | *(int *)arg2 = NID_sha1; | |
406 | return 1; | |
407 | ||
492a9e24 DSH |
408 | default: |
409 | return -2; | |
410 | ||
411 | } | |
412 | ||
4f1aa191 DSH |
413 | if (alg) |
414 | X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), | |
415 | V_ASN1_NULL, 0); | |
416 | ||
417 | return 1; | |
418 | ||
492a9e24 DSH |
419 | } |
420 | ||
421 | ||
448be743 DSH |
422 | const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = |
423 | { | |
424 | { | |
425 | EVP_PKEY_RSA, | |
426 | EVP_PKEY_RSA, | |
ee1d9ec0 | 427 | ASN1_PKEY_SIGPARAM_NULL, |
6f81892e | 428 | |
e4263314 | 429 | "RSA", |
d82e2718 DSH |
430 | "OpenSSL RSA method", |
431 | ||
448be743 DSH |
432 | rsa_pub_decode, |
433 | rsa_pub_encode, | |
6f81892e | 434 | rsa_pub_cmp, |
35208f36 | 435 | rsa_pub_print, |
6f81892e | 436 | |
448be743 DSH |
437 | rsa_priv_decode, |
438 | rsa_priv_encode, | |
35208f36 | 439 | rsa_priv_print, |
6f81892e DSH |
440 | |
441 | int_rsa_size, | |
442 | rsa_bits, | |
443 | ||
ff04bbe3 | 444 | 0,0,0,0,0,0, |
6f81892e | 445 | |
ff04bbe3 | 446 | rsa_sig_print, |
6f81892e | 447 | int_rsa_free, |
492a9e24 | 448 | rsa_pkey_ctrl, |
e4263314 DSH |
449 | old_rsa_priv_decode, |
450 | old_rsa_priv_encode | |
448be743 DSH |
451 | }, |
452 | ||
453 | { | |
454 | EVP_PKEY_RSA2, | |
455 | EVP_PKEY_RSA, | |
456 | ASN1_PKEY_ALIAS | |
457 | } | |
458 | }; |