1/*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/*
11 * RSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14#include "internal/deprecated.h"
15
16#include <stdio.h>
17#include "internal/cryptlib.h"
18#include <openssl/bn.h>
19#include <openssl/rsa.h>
20#include <openssl/objects.h>
21#include <openssl/x509.h>
22
23int RSA_sign_ASN1_OCTET_STRING(int type,
24                               const unsigned char *m, unsigned int m_len,
25                               unsigned char *sigret, unsigned int *siglen,
26                               RSA *rsa)
27{
28    ASN1_OCTET_STRING sig;
29    int i, j, ret = 1;
30    unsigned char *p, *s;
31
32    sig.type = V_ASN1_OCTET_STRING;
33    sig.length = m_len;
34    sig.data = (unsigned char *)m;
35
36    i = i2d_ASN1_OCTET_STRING(&sig, NULL);
37    j = RSA_size(rsa);
38    if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
39        ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
40        return 0;
41    }
42    s = OPENSSL_malloc((unsigned int)j + 1);
43    if (s == NULL) {
44        ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE);
45        return 0;
46    }
47    p = s;
48    i2d_ASN1_OCTET_STRING(&sig, &p);
49    i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
50    if (i <= 0)
51        ret = 0;
52    else
53        *siglen = i;
54
55    OPENSSL_clear_free(s, (unsigned int)j + 1);
56    return ret;
57}
58
59int RSA_verify_ASN1_OCTET_STRING(int dtype,
60                                 const unsigned char *m,
61                                 unsigned int m_len, unsigned char *sigbuf,
62                                 unsigned int siglen, RSA *rsa)
63{
64    int i, ret = 0;
65    unsigned char *s;
66    const unsigned char *p;
67    ASN1_OCTET_STRING *sig = NULL;
68
69    if (siglen != (unsigned int)RSA_size(rsa)) {
70        ERR_raise(ERR_LIB_RSA, RSA_R_WRONG_SIGNATURE_LENGTH);
71        return 0;
72    }
73
74    s = OPENSSL_malloc((unsigned int)siglen);
75    if (s == NULL) {
76        ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE);
77        goto err;
78    }
79    i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
80
81    if (i <= 0)
82        goto err;
83
84    p = s;
85    sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i);
86    if (sig == NULL)
87        goto err;
88
89    if (((unsigned int)sig->length != m_len) ||
90        (memcmp(m, sig->data, m_len) != 0)) {
91        ERR_raise(ERR_LIB_RSA, RSA_R_BAD_SIGNATURE);
92    } else {
93        ret = 1;
94    }
95 err:
96    ASN1_OCTET_STRING_free(sig);
97    OPENSSL_clear_free(s, (unsigned int)siglen);
98    return ret;
99}
100