[thirdparty/openssl.git] / crypto / rsa / rsa_lib.c

/*
 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include <openssl/lhash.h>
#include "internal/bn_int.h"
#include <openssl/engine.h>
#include "rsa_locl.h"

static const RSA_METHOD *default_RSA_meth = NULL;

RSA *RSA_new(void)
{
    RSA *r = RSA_new_method(NULL);

    return r;
}

void RSA_set_default_method(const RSA_METHOD *meth)
{
    default_RSA_meth = meth;
}

const RSA_METHOD *RSA_get_default_method(void)
{
    if (default_RSA_meth == NULL) {
#ifdef RSA_NULL
        default_RSA_meth = RSA_null_method();
#else
        default_RSA_meth = RSA_PKCS1_OpenSSL();
#endif
    }

    return default_RSA_meth;
}

const RSA_METHOD *RSA_get_method(const RSA *rsa)
{
    return rsa->meth;
}

int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
{
    /*
     * NB: The caller is specifically setting a method, so it's not up to us
     * to deal with which ENGINE it comes from.
     */
    const RSA_METHOD *mtmp;
    mtmp = rsa->meth;
    if (mtmp->finish)
        mtmp->finish(rsa);
#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(rsa->engine);
    rsa->engine = NULL;
#endif
    rsa->meth = meth;
    if (meth->init)
        meth->init(rsa);
    return 1;
}

RSA *RSA_new_method(ENGINE *engine)
{
    RSA *ret = OPENSSL_zalloc(sizeof(*ret));

    if (ret == NULL) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return NULL;
    }

    ret->references = 1;
    ret->lock = CRYPTO_THREAD_lock_new();
    if (ret->lock == NULL) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ret);
        return NULL;
    }

    ret->meth = RSA_get_default_method();
#ifndef OPENSSL_NO_ENGINE
    ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
    if (engine) {
        if (!ENGINE_init(engine)) {
            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
            goto err;
        }
        ret->engine = engine;
    } else
        ret->engine = ENGINE_get_default_RSA();
    if (ret->engine) {
        ret->meth = ENGINE_get_RSA(ret->engine);
        if (ret->meth == NULL) {
            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
            goto err;
        }
    }
#endif

    ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
        goto err;
    }

    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_INIT_FAIL);
        goto err;
    }

    return ret;

err:
    RSA_free(ret);
    return NULL;
}

void RSA_free(RSA *r)
{
    int i;

    if (r == NULL)
        return;

    CRYPTO_DOWN_REF(&r->references, &i, r->lock);
    REF_PRINT_COUNT("RSA", r);
    if (i > 0)
        return;
    REF_ASSERT_ISNT(i < 0);

    if (r->meth->finish)
        r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(r->engine);
#endif

    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);

    CRYPTO_THREAD_lock_free(r->lock);

    BN_clear_free(r->n);
    BN_clear_free(r->e);
    BN_clear_free(r->d);
    BN_clear_free(r->p);
    BN_clear_free(r->q);
    BN_clear_free(r->dmp1);
    BN_clear_free(r->dmq1);
    BN_clear_free(r->iqmp);
    BN_BLINDING_free(r->blinding);
    BN_BLINDING_free(r->mt_blinding);
    OPENSSL_free(r->bignum_data);
    OPENSSL_free(r);
}

int RSA_up_ref(RSA *r)
{
    int i;

    if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
        return 0;

    REF_PRINT_COUNT("RSA", r);
    REF_ASSERT_ISNT(i < 2);
    return ((i > 1) ? 1 : 0);
}

int RSA_set_ex_data(RSA *r, int idx, void *arg)
{
    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
}

void *RSA_get_ex_data(const RSA *r, int idx)
{
    return (CRYPTO_get_ex_data(&r->ex_data, idx));
}

int RSA_security_bits(const RSA *rsa)
{
    return BN_security_bits(BN_num_bits(rsa->n), -1);
}

int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
{
    /* If the fields n and e in r are NULL, the corresponding input
     * parameters MUST be non-NULL for n and e.  d may be
     * left NULL (in case only the public key is used).
     */
    if ((r->n == NULL && n == NULL)
        || (r->e == NULL && e == NULL))
        return 0;

    if (n != NULL) {
        BN_free(r->n);
        r->n = n;
    }
    if (e != NULL) {
        BN_free(r->e);
        r->e = e;
    }
    if (d != NULL) {
        BN_free(r->d);
        r->d = d;
    }

    return 1;
}

int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
{
    /* If the fields p and q in r are NULL, the corresponding input
     * parameters MUST be non-NULL.
     */
    if ((r->p == NULL && p == NULL)
        || (r->q == NULL && q == NULL))
        return 0;

    if (p != NULL) {
        BN_free(r->p);
        r->p = p;
    }
    if (q != NULL) {
        BN_free(r->q);
        r->q = q;
    }

    return 1;
}

int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
{
    /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
     * parameters MUST be non-NULL.
     */
    if ((r->dmp1 == NULL && dmp1 == NULL)
        || (r->dmq1 == NULL && dmq1 == NULL)
        || (r->iqmp == NULL && iqmp == NULL))
        return 0;

    if (dmp1 != NULL) {
        BN_free(r->dmp1);
        r->dmp1 = dmp1;
    }
    if (dmq1 != NULL) {
        BN_free(r->dmq1);
        r->dmq1 = dmq1;
    }
    if (iqmp != NULL) {
        BN_free(r->iqmp);
        r->iqmp = iqmp;
    }

    return 1;
}

void RSA_get0_key(const RSA *r,
                  const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
{
    if (n != NULL)
        *n = r->n;
    if (e != NULL)
        *e = r->e;
    if (d != NULL)
        *d = r->d;
}

void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
{
    if (p != NULL)
        *p = r->p;
    if (q != NULL)
        *q = r->q;
}

void RSA_get0_crt_params(const RSA *r,
                         const BIGNUM **dmp1, const BIGNUM **dmq1,
                         const BIGNUM **iqmp)
{
    if (dmp1 != NULL)
        *dmp1 = r->dmp1;
    if (dmq1 != NULL)
        *dmq1 = r->dmq1;
    if (iqmp != NULL)
        *iqmp = r->iqmp;
}

void RSA_clear_flags(RSA *r, int flags)
{
    r->flags &= ~flags;
}

int RSA_test_flags(const RSA *r, int flags)
{
    return r->flags & flags;
}

void RSA_set_flags(RSA *r, int flags)
{
    r->flags |= flags;
}

ENGINE *RSA_get0_engine(const RSA *r)
{
    return r->engine;
}
Commit	Line	Data
2039c421 RS	1	/*
2039c421 RS	2	* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
d02b48c6	3	*
2039c421 RS	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
d02b48c6 RE	8	*/
	9
	10	#include <stdio.h>
ec577822	11	#include <openssl/crypto.h>
b39fc560	12	#include "internal/cryptlib.h"
ec577822	13	#include <openssl/lhash.h>
18125f7f	14	#include "internal/bn_int.h"
3c27208f	15	#include <openssl/engine.h>
9862e9aa	16	#include "rsa_locl.h"
d02b48c6	17
0f113f3e	18	static const RSA_METHOD *default_RSA_meth = NULL;
d02b48c6	19
6b691a5c	20	RSA *RSA_new(void)
0f113f3e MC	21	{
0f113f3e MC	22	RSA *r = RSA_new_method(NULL);
c554155b	23
0f113f3e MC	24	return r;
0f113f3e MC	25	}
d02b48c6	26
cb78486d	27	void RSA_set_default_method(const RSA_METHOD *meth)
0f113f3e MC	28	{
	29	default_RSA_meth = meth;
	30	}
d02b48c6	31
cb78486d	32	const RSA_METHOD *RSA_get_default_method(void)
0f113f3e MC	33	{
0f113f3e MC	34	if (default_RSA_meth == NULL) {
deb4d50e	35	#ifdef RSA_NULL
0f113f3e	36	default_RSA_meth = RSA_null_method();
deb4d50e	37	#else
b0700d2c	38	default_RSA_meth = RSA_PKCS1_OpenSSL();
deb4d50e	39	#endif
0f113f3e	40	}
deb4d50e	41
0f113f3e MC	42	return default_RSA_meth;
0f113f3e MC	43	}
ce8b2574	44
29c1f061	45	const RSA_METHOD RSA_get_method(const RSA rsa)
0f113f3e MC	46	{
	47	return rsa->meth;
	48	}
cb78486d GT	49
cb78486d GT	50	int RSA_set_method(RSA rsa, const RSA_METHOD meth)
0f113f3e MC	51	{
	52	/*
	53	* NB: The caller is specifically setting a method, so it's not up to us
	54	* to deal with which ENGINE it comes from.
	55	*/
	56	const RSA_METHOD *mtmp;
	57	mtmp = rsa->meth;
	58	if (mtmp->finish)
	59	mtmp->finish(rsa);
0b13e9f0	60	#ifndef OPENSSL_NO_ENGINE
7c96dbcd RS	61	ENGINE_finish(rsa->engine);
7c96dbcd RS	62	rsa->engine = NULL;
0b13e9f0	63	#endif
0f113f3e MC	64	rsa->meth = meth;
	65	if (meth->init)
	66	meth->init(rsa);
	67	return 1;
	68	}
ce8b2574	69
5270e702	70	RSA RSA_new_method(ENGINE engine)
0f113f3e	71	{
11ed851d	72	RSA ret = OPENSSL_zalloc(sizeof(ret));
d02b48c6	73
0f113f3e MC	74	if (ret == NULL) {
	75	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
	76	return NULL;
	77	}
d02b48c6	78
11ed851d F	79	ret->references = 1;
	80	ret->lock = CRYPTO_THREAD_lock_new();
	81	if (ret->lock == NULL) {
	82	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
	83	OPENSSL_free(ret);
	84	return NULL;
	85	}
	86
0f113f3e	87	ret->meth = RSA_get_default_method();
0b13e9f0	88	#ifndef OPENSSL_NO_ENGINE
11ed851d	89	ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
0f113f3e MC	90	if (engine) {
	91	if (!ENGINE_init(engine)) {
	92	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
11ed851d	93	goto err;
0f113f3e MC	94	}
	95	ret->engine = engine;
	96	} else
	97	ret->engine = ENGINE_get_default_RSA();
	98	if (ret->engine) {
	99	ret->meth = ENGINE_get_RSA(ret->engine);
7c96dbcd	100	if (ret->meth == NULL) {
0f113f3e	101	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
11ed851d	102	goto err;
0f113f3e MC	103	}
0f113f3e MC	104	}
0b13e9f0	105	#endif
0c9de428	106
0f113f3e MC	107	ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
0f113f3e MC	108	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
11ed851d	109	goto err;
d188a536 AG	110	}
	111
	112	if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
11ed851d F	113	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_INIT_FAIL);
11ed851d F	114	goto err;
0f113f3e	115	}
d188a536 AG	116
d188a536 AG	117	return ret;
11ed851d F	118
	119	err:
	120	RSA_free(ret);
	121	return NULL;
0f113f3e	122	}
d02b48c6	123
6b691a5c	124	void RSA_free(RSA *r)
0f113f3e MC	125	{
0f113f3e MC	126	int i;
d02b48c6	127
0f113f3e MC	128	if (r == NULL)
0f113f3e MC	129	return;
d02b48c6	130
2f545ae4	131	CRYPTO_DOWN_REF(&r->references, &i, r->lock);
f3f1cf84	132	REF_PRINT_COUNT("RSA", r);
0f113f3e MC	133	if (i > 0)
0f113f3e MC	134	return;
f3f1cf84	135	REF_ASSERT_ISNT(i < 0);
d02b48c6	136
0f113f3e MC	137	if (r->meth->finish)
0f113f3e MC	138	r->meth->finish(r);
0b13e9f0	139	#ifndef OPENSSL_NO_ENGINE
412bafdc	140	ENGINE_finish(r->engine);
0b13e9f0	141	#endif
d02b48c6	142
0f113f3e	143	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
7abe8305	144
d188a536 AG	145	CRYPTO_THREAD_lock_free(r->lock);
d188a536 AG	146
23a1d5e9 RS	147	BN_clear_free(r->n);
	148	BN_clear_free(r->e);
	149	BN_clear_free(r->d);
	150	BN_clear_free(r->p);
	151	BN_clear_free(r->q);
	152	BN_clear_free(r->dmp1);
	153	BN_clear_free(r->dmq1);
	154	BN_clear_free(r->iqmp);
	155	BN_BLINDING_free(r->blinding);
	156	BN_BLINDING_free(r->mt_blinding);
4c42ebd2	157	OPENSSL_free(r->bignum_data);
0f113f3e MC	158	OPENSSL_free(r);
0f113f3e MC	159	}
d02b48c6	160
6ac4e8bd	161	int RSA_up_ref(RSA *r)
0f113f3e	162	{
d188a536 AG	163	int i;
d188a536 AG	164
2f545ae4	165	if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
d188a536	166	return 0;
f3f1cf84 RS	167
	168	REF_PRINT_COUNT("RSA", r);
	169	REF_ASSERT_ISNT(i < 2);
0f113f3e MC	170	return ((i > 1) ? 1 : 0);
0f113f3e MC	171	}
5cbc2e8b	172
dd9d233e	173	int RSA_set_ex_data(RSA r, int idx, void arg)
0f113f3e MC	174	{
	175	return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
	176	}
58964a49	177
29c1f061	178	void RSA_get_ex_data(const RSA r, int idx)
0f113f3e MC	179	{
	180	return (CRYPTO_get_ex_data(&r->ex_data, idx));
	181	}
58964a49	182
2514fa79	183	int RSA_security_bits(const RSA *rsa)
0f113f3e MC	184	{
	185	return BN_security_bits(BN_num_bits(rsa->n), -1);
	186	}
9862e9aa RL	187
	188	int RSA_set0_key(RSA r, BIGNUM n, BIGNUM e, BIGNUM d)
	189	{
fd809cfd	190	/* If the fields n and e in r are NULL, the corresponding input
1da12e34 RL	191	* parameters MUST be non-NULL for n and e. d may be
1da12e34 RL	192	* left NULL (in case only the public key is used).
1da12e34	193	*/
b84e1226 MC	194	if ((r->n == NULL && n == NULL)
b84e1226 MC	195	\|\| (r->e == NULL && e == NULL))
9862e9aa RL	196	return 0;
9862e9aa RL	197
1da12e34 RL	198	if (n != NULL) {
	199	BN_free(r->n);
	200	r->n = n;
	201	}
	202	if (e != NULL) {
	203	BN_free(r->e);
	204	r->e = e;
	205	}
	206	if (d != NULL) {
	207	BN_free(r->d);
	208	r->d = d;
	209	}
9862e9aa RL	210
	211	return 1;
	212	}
	213
	214	int RSA_set0_factors(RSA r, BIGNUM p, BIGNUM *q)
	215	{
fd809cfd	216	/* If the fields p and q in r are NULL, the corresponding input
1da12e34	217	* parameters MUST be non-NULL.
1da12e34	218	*/
b84e1226 MC	219	if ((r->p == NULL && p == NULL)
b84e1226 MC	220	\|\| (r->q == NULL && q == NULL))
9862e9aa RL	221	return 0;
9862e9aa RL	222
1da12e34 RL	223	if (p != NULL) {
	224	BN_free(r->p);
	225	r->p = p;
	226	}
	227	if (q != NULL) {
	228	BN_free(r->q);
	229	r->q = q;
	230	}
9862e9aa RL	231
	232	return 1;
	233	}
	234
	235	int RSA_set0_crt_params(RSA r, BIGNUM dmp1, BIGNUM dmq1, BIGNUM iqmp)
	236	{
fd809cfd	237	/* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
1da12e34	238	* parameters MUST be non-NULL.
1da12e34	239	*/
b84e1226 MC	240	if ((r->dmp1 == NULL && dmp1 == NULL)
	241	\|\| (r->dmq1 == NULL && dmq1 == NULL)
	242	\|\| (r->iqmp == NULL && iqmp == NULL))
9862e9aa RL	243	return 0;
9862e9aa RL	244
1da12e34 RL	245	if (dmp1 != NULL) {
	246	BN_free(r->dmp1);
	247	r->dmp1 = dmp1;
	248	}
	249	if (dmq1 != NULL) {
	250	BN_free(r->dmq1);
	251	r->dmq1 = dmq1;
	252	}
	253	if (iqmp != NULL) {
	254	BN_free(r->iqmp);
	255	r->iqmp = iqmp;
	256	}
9862e9aa RL	257
	258	return 1;
	259	}
	260
fd809cfd RL	261	void RSA_get0_key(const RSA *r,
fd809cfd RL	262	const BIGNUM n, const BIGNUM e, const BIGNUM **d)
9862e9aa RL	263	{
	264	if (n != NULL)
	265	*n = r->n;
	266	if (e != NULL)
	267	*e = r->e;
	268	if (d != NULL)
	269	*d = r->d;
	270	}
	271
fd809cfd	272	void RSA_get0_factors(const RSA r, const BIGNUM p, const BIGNUM *q)
9862e9aa RL	273	{
	274	if (p != NULL)
	275	*p = r->p;
	276	if (q != NULL)
	277	*q = r->q;
	278	}
	279
	280	void RSA_get0_crt_params(const RSA *r,
fd809cfd RL	281	const BIGNUM dmp1, const BIGNUM dmq1,
fd809cfd RL	282	const BIGNUM **iqmp)
9862e9aa RL	283	{
	284	if (dmp1 != NULL)
	285	*dmp1 = r->dmp1;
	286	if (dmq1 != NULL)
	287	*dmq1 = r->dmq1;
	288	if (iqmp != NULL)
	289	*iqmp = r->iqmp;
	290	}
	291
	292	void RSA_clear_flags(RSA *r, int flags)
	293	{
	294	r->flags &= ~flags;
	295	}
	296
	297	int RSA_test_flags(const RSA *r, int flags)
	298	{
	299	return r->flags & flags;
	300	}
	301
	302	void RSA_set_flags(RSA *r, int flags)
	303	{
	304	r->flags \|= flags;
	305	}
	306
e0685d24	307	ENGINE RSA_get0_engine(const RSA r)
9862e9aa RL	308	{
	309	return r->engine;
	310	}