1/* 2 * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10/* 11 * RSA low level APIs are deprecated for public use, but still ok for 12 * internal use. 13 */ 14#include "internal/deprecated.h" 15 16#include <stdio.h> 17#include "internal/cryptlib.h" 18#include <openssl/bn.h> 19#include <openssl/x509.h> 20#include <openssl/asn1t.h> 21#include "rsa_local.h" 22 23/* 24 * Override the default free and new methods, 25 * and calculate helper products for multi-prime 26 * RSA keys. 27 */ 28static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 29 void *exarg) 30{ 31 if (operation == ASN1_OP_NEW_PRE) { 32 *pval = (ASN1_VALUE *)RSA_new(); 33 if (*pval != NULL) 34 return 2; 35 return 0; 36 } else if (operation == ASN1_OP_FREE_PRE) { 37 RSA_free((RSA *)*pval); 38 *pval = NULL; 39 return 2; 40 } else if (operation == ASN1_OP_D2I_POST) { 41 if (((RSA *)*pval)->version != RSA_ASN1_VERSION_MULTI) { 42 /* not a multi-prime key, skip */ 43 return 1; 44 } 45 return (ossl_rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0; 46 } 47 return 1; 48} 49 50/* Based on definitions in RFC 8017 appendix A.1.2 */ 51ASN1_SEQUENCE(RSA_PRIME_INFO) = { 52 ASN1_SIMPLE(RSA_PRIME_INFO, r, CBIGNUM), 53 ASN1_SIMPLE(RSA_PRIME_INFO, d, CBIGNUM), 54 ASN1_SIMPLE(RSA_PRIME_INFO, t, CBIGNUM), 55} ASN1_SEQUENCE_END(RSA_PRIME_INFO) 56 57ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = { 58 ASN1_EMBED(RSA, version, INT32), 59 ASN1_SIMPLE(RSA, n, BIGNUM), 60 ASN1_SIMPLE(RSA, e, BIGNUM), 61 ASN1_SIMPLE(RSA, d, CBIGNUM), 62 ASN1_SIMPLE(RSA, p, CBIGNUM), 63 ASN1_SIMPLE(RSA, q, CBIGNUM), 64 ASN1_SIMPLE(RSA, dmp1, CBIGNUM), 65 ASN1_SIMPLE(RSA, dmq1, CBIGNUM), 66 ASN1_SIMPLE(RSA, iqmp, CBIGNUM), 67 ASN1_SEQUENCE_OF_OPT(RSA, prime_infos, RSA_PRIME_INFO) 68} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey) 69 70 71ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { 72 ASN1_SIMPLE(RSA, n, BIGNUM), 73 ASN1_SIMPLE(RSA, e, BIGNUM), 74} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey) 75 76/* Free up maskHash */ 77static int rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 78 void *exarg) 79{ 80 if (operation == ASN1_OP_FREE_PRE) { 81 RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval; 82 X509_ALGOR_free(pss->maskHash); 83 } 84 return 1; 85} 86 87ASN1_SEQUENCE_cb(RSA_PSS_PARAMS, rsa_pss_cb) = { 88 ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0), 89 ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1), 90 ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2), 91 ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3) 92} ASN1_SEQUENCE_END_cb(RSA_PSS_PARAMS, RSA_PSS_PARAMS) 93 94IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS) 95IMPLEMENT_ASN1_DUP_FUNCTION(RSA_PSS_PARAMS) 96 97/* Free up maskHash */ 98static int rsa_oaep_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 99 void *exarg) 100{ 101 if (operation == ASN1_OP_FREE_PRE) { 102 RSA_OAEP_PARAMS *oaep = (RSA_OAEP_PARAMS *)*pval; 103 X509_ALGOR_free(oaep->maskHash); 104 } 105 return 1; 106} 107 108ASN1_SEQUENCE_cb(RSA_OAEP_PARAMS, rsa_oaep_cb) = { 109 ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0), 110 ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1), 111 ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2), 112} ASN1_SEQUENCE_END_cb(RSA_OAEP_PARAMS, RSA_OAEP_PARAMS) 113 114IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS) 115 116IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPrivateKey, RSAPrivateKey) 117 118IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPublicKey, RSAPublicKey) 119 120RSA *RSAPublicKey_dup(const RSA *rsa) 121{ 122 return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa); 123} 124 125RSA *RSAPrivateKey_dup(const RSA *rsa) 126{ 127 return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa); 128} 129