1/* 2 * Copyright (C) 2004-2009, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") 3 * Copyright (C) 2000-2003 Internet Software Consortium. 4 * 5 * Permission to use, copy, modify, and/or distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15 * PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18/* 19 * Principal Author: Brian Wellington 20 * $Id$ 21 */ 22#ifdef OPENSSL 23#include <config.h> 24 25#ifndef USE_EVP 26#if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA512) 27#define USE_EVP 0 28#else 29#define USE_EVP 1 30#endif 31#endif 32 33 34#include <isc/entropy.h> 35#include <isc/md5.h> 36#include <isc/sha1.h> 37#include <isc/sha2.h> 38#include <isc/mem.h> 39#include <isc/string.h> 40#include <isc/util.h> 41 42#include <dst/result.h> 43 44#include "dst_internal.h" 45#include "dst_openssl.h" 46#include "dst_parse.h" 47 48#include <openssl/err.h> 49#include <openssl/objects.h> 50#include <openssl/rsa.h> 51#if OPENSSL_VERSION_NUMBER > 0x00908000L 52#include <openssl/bn.h> 53#endif 54#ifdef USE_ENGINE 55#include <openssl/engine.h> 56#endif 57 58/* 59 * We don't use configure for windows so enforce the OpenSSL version 60 * here. Unlike with configure we don't support overriding this test. 61 */ 62#ifdef WIN32 63#if !((OPENSSL_VERSION_NUMBER >= 0x009070cfL && \ 64 OPENSSL_VERSION_NUMBER < 0x00908000L) || \ 65 OPENSSL_VERSION_NUMBER >= 0x0090804fL) 66#error Please upgrade OpenSSL to 0.9.8d/0.9.7l or greater. 67#endif 68#endif 69 70 71 /* 72 * XXXMPA Temporarily disable RSA_BLINDING as it requires 73 * good quality random data that cannot currently be guaranteed. 74 * XXXMPA Find which versions of openssl use pseudo random data 75 * and set RSA_FLAG_BLINDING for those. 76 */ 77 78#if 0 79#if OPENSSL_VERSION_NUMBER < 0x0090601fL 80#define SET_FLAGS(rsa) \ 81 do { \ 82 (rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \ 83 (rsa)->flags |= RSA_FLAG_BLINDING; \ 84 } while (0) 85#else 86#define SET_FLAGS(rsa) \ 87 do { \ 88 (rsa)->flags |= RSA_FLAG_BLINDING; \ 89 } while (0) 90#endif 91#endif 92 93#if OPENSSL_VERSION_NUMBER < 0x0090601fL 94#define SET_FLAGS(rsa) \ 95 do { \ 96 (rsa)->flags &= ~(RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE); \ 97 (rsa)->flags &= ~RSA_FLAG_BLINDING; \ 98 } while (0) 99#elif defined(RSA_FLAG_NO_BLINDING) 100#define SET_FLAGS(rsa) \ 101 do { \ 102 (rsa)->flags &= ~RSA_FLAG_BLINDING; \ 103 (rsa)->flags |= RSA_FLAG_NO_BLINDING; \ 104 } while (0) 105#else 106#define SET_FLAGS(rsa) \ 107 do { \ 108 (rsa)->flags &= ~RSA_FLAG_BLINDING; \ 109 } while (0) 110#endif 111 112#define DST_RET(a) {ret = a; goto err;} 113 114static isc_result_t opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data); 115 116static isc_result_t 117opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { 118#if USE_EVP 119 EVP_MD_CTX *evp_md_ctx; 120 const EVP_MD *type = NULL; 121#endif 122 123 UNUSED(key); 124 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || 125 dctx->key->key_alg == DST_ALG_RSASHA1 || 126 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || 127 dctx->key->key_alg == DST_ALG_RSASHA256 || 128 dctx->key->key_alg == DST_ALG_RSASHA512); 129 130#if USE_EVP 131 evp_md_ctx = EVP_MD_CTX_create(); 132 if (evp_md_ctx == NULL) 133 return (ISC_R_NOMEMORY); 134 135 switch (dctx->key->key_alg) { 136 case DST_ALG_RSAMD5: 137 type = EVP_md5(); /* MD5 + RSA */ 138 break; 139 case DST_ALG_RSASHA1: 140 case DST_ALG_NSEC3RSASHA1: 141 type = EVP_sha1(); /* SHA1 + RSA */ 142 break; 143#ifdef HAVE_EVP_SHA256 144 case DST_ALG_RSASHA256: 145 type = EVP_sha256(); /* SHA256 + RSA */ 146 break; 147#endif 148#ifdef HAVE_EVP_SHA512 149 case DST_ALG_RSASHA512: 150 type = EVP_sha512(); 151 break; 152#endif 153 default: 154 INSIST(0); 155 } 156 157 if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) { 158 EVP_MD_CTX_destroy(evp_md_ctx); 159 return (ISC_R_FAILURE); 160 } 161 dctx->ctxdata.evp_md_ctx = evp_md_ctx; 162#else 163 switch (dctx->key->key_alg) { 164 case DST_ALG_RSAMD5: 165 { 166 isc_md5_t *md5ctx; 167 168 md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t)); 169 if (md5ctx == NULL) 170 return (ISC_R_NOMEMORY); 171 isc_md5_init(md5ctx); 172 dctx->ctxdata.md5ctx = md5ctx; 173 } 174 break; 175 case DST_ALG_RSASHA1: 176 case DST_ALG_NSEC3RSASHA1: 177 { 178 isc_sha1_t *sha1ctx; 179 180 sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t)); 181 if (sha1ctx == NULL) 182 return (ISC_R_NOMEMORY); 183 isc_sha1_init(sha1ctx); 184 dctx->ctxdata.sha1ctx = sha1ctx; 185 } 186 break; 187 case DST_ALG_RSASHA256: 188 { 189 isc_sha256_t *sha256ctx; 190 191 sha256ctx = isc_mem_get(dctx->mctx, 192 sizeof(isc_sha256_t)); 193 if (sha256ctx == NULL) 194 return (ISC_R_NOMEMORY); 195 isc_sha256_init(sha256ctx); 196 dctx->ctxdata.sha256ctx = sha256ctx; 197 } 198 break; 199 case DST_ALG_RSASHA512: 200 { 201 isc_sha512_t *sha512ctx; 202 203 sha512ctx = isc_mem_get(dctx->mctx, 204 sizeof(isc_sha512_t)); 205 if (sha512ctx == NULL) 206 return (ISC_R_NOMEMORY); 207 isc_sha512_init(sha512ctx); 208 dctx->ctxdata.sha512ctx = sha512ctx; 209 } 210 break; 211 default: 212 INSIST(0); 213 } 214#endif 215 216 return (ISC_R_SUCCESS); 217} 218 219static void 220opensslrsa_destroyctx(dst_context_t *dctx) { 221#if USE_EVP 222 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; 223#endif 224 225 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || 226 dctx->key->key_alg == DST_ALG_RSASHA1 || 227 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || 228 dctx->key->key_alg == DST_ALG_RSASHA256 || 229 dctx->key->key_alg == DST_ALG_RSASHA512); 230 231#if USE_EVP 232 if (evp_md_ctx != NULL) { 233 EVP_MD_CTX_destroy(evp_md_ctx); 234 dctx->ctxdata.evp_md_ctx = NULL; 235 } 236#else 237 switch (dctx->key->key_alg) { 238 case DST_ALG_RSAMD5: 239 { 240 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; 241 242 if (md5ctx != NULL) { 243 isc_md5_invalidate(md5ctx); 244 isc_mem_put(dctx->mctx, md5ctx, 245 sizeof(isc_md5_t)); 246 dctx->ctxdata.md5ctx = NULL; 247 } 248 } 249 break; 250 case DST_ALG_RSASHA1: 251 case DST_ALG_NSEC3RSASHA1: 252 { 253 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; 254 255 if (sha1ctx != NULL) { 256 isc_sha1_invalidate(sha1ctx); 257 isc_mem_put(dctx->mctx, sha1ctx, 258 sizeof(isc_sha1_t)); 259 dctx->ctxdata.sha1ctx = NULL; 260 } 261 } 262 break; 263 case DST_ALG_RSASHA256: 264 { 265 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; 266 267 if (sha256ctx != NULL) { 268 isc_sha256_invalidate(sha256ctx); 269 isc_mem_put(dctx->mctx, sha256ctx, 270 sizeof(isc_sha256_t)); 271 dctx->ctxdata.sha256ctx = NULL; 272 } 273 } 274 break; 275 case DST_ALG_RSASHA512: 276 { 277 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; 278 279 if (sha512ctx != NULL) { 280 isc_sha512_invalidate(sha512ctx); 281 isc_mem_put(dctx->mctx, sha512ctx, 282 sizeof(isc_sha512_t)); 283 dctx->ctxdata.sha512ctx = NULL; 284 } 285 } 286 break; 287 default: 288 INSIST(0); 289 } 290#endif 291} 292 293static isc_result_t 294opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { 295#if USE_EVP 296 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; 297#endif 298 299 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || 300 dctx->key->key_alg == DST_ALG_RSASHA1 || 301 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || 302 dctx->key->key_alg == DST_ALG_RSASHA256 || 303 dctx->key->key_alg == DST_ALG_RSASHA512); 304 305#if USE_EVP 306 if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) { 307 return (ISC_R_FAILURE); 308 } 309#else 310 switch (dctx->key->key_alg) { 311 case DST_ALG_RSAMD5: 312 { 313 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; 314 315 isc_md5_update(md5ctx, data->base, data->length); 316 } 317 break; 318 case DST_ALG_RSASHA1: 319 case DST_ALG_NSEC3RSASHA1: 320 { 321 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; 322 323 isc_sha1_update(sha1ctx, data->base, data->length); 324 } 325 break; 326 case DST_ALG_RSASHA256: 327 { 328 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; 329 330 isc_sha256_update(sha256ctx, data->base, data->length); 331 } 332 break; 333 case DST_ALG_RSASHA512: 334 { 335 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; 336 337 isc_sha512_update(sha512ctx, data->base, data->length); 338 } 339 break; 340 default: 341 INSIST(0); 342 } 343#endif 344 return (ISC_R_SUCCESS); 345} 346 347#if ! USE_EVP && OPENSSL_VERSION_NUMBER < 0x00908000L 348/* 349 * Digest prefixes from RFC 5702. 350 */ 351static unsigned char sha256_prefix[] = 352 { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 353 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; 354static unsigned char sha512_prefix[] = 355 { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 356 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; 357#define PREFIXLEN sizeof(sha512_prefix) 358#else 359#define PREFIXLEN 0 360#endif 361 362static isc_result_t 363opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { 364 dst_key_t *key = dctx->key; 365 isc_region_t r; 366 unsigned int siglen = 0; 367#if USE_EVP 368 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; 369 EVP_PKEY *pkey = key->keydata.pkey; 370#else 371 RSA *rsa = key->keydata.rsa; 372 /* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */ 373 unsigned char digest[PREFIXLEN + ISC_SHA512_DIGESTLENGTH]; 374 int status; 375 int type = 0; 376 unsigned int digestlen = 0; 377 char *message; 378 unsigned long err; 379 const char* file; 380 int line; 381#if OPENSSL_VERSION_NUMBER < 0x00908000L 382 unsigned int prefixlen = 0; 383 const unsigned char *prefix = NULL; 384#endif 385#endif 386 387 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || 388 dctx->key->key_alg == DST_ALG_RSASHA1 || 389 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || 390 dctx->key->key_alg == DST_ALG_RSASHA256 || 391 dctx->key->key_alg == DST_ALG_RSASHA512); 392 393 isc_buffer_availableregion(sig, &r); 394 395#if USE_EVP 396 if (r.length < (unsigned int) EVP_PKEY_size(pkey)) 397 return (ISC_R_NOSPACE); 398 399 if (!EVP_SignFinal(evp_md_ctx, r.base, &siglen, pkey)) { 400 return (ISC_R_FAILURE); 401 } 402#else 403 if (r.length < (unsigned int) RSA_size(rsa)) 404 return (ISC_R_NOSPACE); 405 406 switch (dctx->key->key_alg) { 407 case DST_ALG_RSAMD5: 408 { 409 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; 410 411 isc_md5_final(md5ctx, digest); 412 type = NID_md5; 413 digestlen = ISC_MD5_DIGESTLENGTH; 414 } 415 break; 416 case DST_ALG_RSASHA1: 417 case DST_ALG_NSEC3RSASHA1: 418 { 419 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; 420 421 isc_sha1_final(sha1ctx, digest); 422 type = NID_sha1; 423 digestlen = ISC_SHA1_DIGESTLENGTH; 424 } 425 break; 426 case DST_ALG_RSASHA256: 427 { 428 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; 429 430 isc_sha256_final(digest, sha256ctx); 431 digestlen = ISC_SHA256_DIGESTLENGTH; 432#if OPENSSL_VERSION_NUMBER < 0x00908000L 433 prefix = sha256_prefix; 434 prefixlen = sizeof(sha256_prefix); 435#else 436 type = NID_sha256; 437#endif 438 } 439 break; 440 case DST_ALG_RSASHA512: 441 { 442 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; 443 444 isc_sha512_final(digest, sha512ctx); 445 digestlen = ISC_SHA512_DIGESTLENGTH; 446#if OPENSSL_VERSION_NUMBER < 0x00908000L 447 prefix = sha512_prefix; 448 prefixlen = sizeof(sha512_prefix); 449#else 450 type = NID_sha512; 451#endif 452 } 453 break; 454 default: 455 INSIST(0); 456 } 457 458#if OPENSSL_VERSION_NUMBER < 0x00908000L 459 switch (dctx->key->key_alg) { 460 case DST_ALG_RSAMD5: 461 case DST_ALG_RSASHA1: 462 case DST_ALG_NSEC3RSASHA1: 463 INSIST(type != 0); 464 status = RSA_sign(type, digest, digestlen, r.base, 465 &siglen, rsa); 466 break; 467 468 case DST_ALG_RSASHA256: 469 case DST_ALG_RSASHA512: 470 INSIST(prefix != NULL); 471 INSIST(prefixlen != 0); 472 INSIST(prefixlen + digestlen <= sizeof(digest)); 473 474 memmove(digest + prefixlen, digest, digestlen); 475 memcpy(digest, prefix, prefixlen); 476 status = RSA_private_encrypt(digestlen + prefixlen, 477 digest, r.base, rsa, 478 RSA_PKCS1_PADDING); 479 if (status < 0) 480 status = 0; 481 else 482 siglen = status; 483 break; 484 485 default: 486 INSIST(0); 487 } 488#else 489 INSIST(type != 0); 490 status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa); 491#endif 492 if (status == 0) { 493 err = ERR_peek_error_line(&file, &line); 494 if (err != 0U) { 495 message = ERR_error_string(err, NULL); 496 } 497 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 498 } 499#endif 500 501 isc_buffer_add(sig, siglen); 502 503 return (ISC_R_SUCCESS); 504} 505 506static isc_result_t 507opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) { 508 dst_key_t *key = dctx->key; 509 int status = 0; 510#if USE_EVP 511 EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; 512 EVP_PKEY *pkey = key->keydata.pkey; 513#else 514 /* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */ 515 unsigned char digest[ISC_SHA512_DIGESTLENGTH]; 516 int type = 0; 517 unsigned int digestlen = 0; 518 RSA *rsa = key->keydata.rsa; 519#if OPENSSL_VERSION_NUMBER < 0x00908000L 520 unsigned int prefixlen = 0; 521 const unsigned char *prefix = NULL; 522#endif 523#endif 524 525 REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || 526 dctx->key->key_alg == DST_ALG_RSASHA1 || 527 dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || 528 dctx->key->key_alg == DST_ALG_RSASHA256 || 529 dctx->key->key_alg == DST_ALG_RSASHA512); 530 531#if USE_EVP 532 status = EVP_VerifyFinal(evp_md_ctx, sig->base, sig->length, pkey); 533#else 534 switch (dctx->key->key_alg) { 535 case DST_ALG_RSAMD5: 536 { 537 isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; 538 539 isc_md5_final(md5ctx, digest); 540 type = NID_md5; 541 digestlen = ISC_MD5_DIGESTLENGTH; 542 } 543 break; 544 case DST_ALG_RSASHA1: 545 case DST_ALG_NSEC3RSASHA1: 546 { 547 isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; 548 549 isc_sha1_final(sha1ctx, digest); 550 type = NID_sha1; 551 digestlen = ISC_SHA1_DIGESTLENGTH; 552 } 553 break; 554 case DST_ALG_RSASHA256: 555 { 556 isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; 557 558 isc_sha256_final(digest, sha256ctx); 559 digestlen = ISC_SHA256_DIGESTLENGTH; 560#if OPENSSL_VERSION_NUMBER < 0x00908000L 561 prefix = sha256_prefix; 562 prefixlen = sizeof(sha256_prefix); 563#else 564 type = NID_sha256; 565#endif 566 } 567 break; 568 case DST_ALG_RSASHA512: 569 { 570 isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; 571 572 isc_sha512_final(digest, sha512ctx); 573 digestlen = ISC_SHA512_DIGESTLENGTH; 574#if OPENSSL_VERSION_NUMBER < 0x00908000L 575 prefix = sha512_prefix; 576 prefixlen = sizeof(sha512_prefix); 577#else 578 type = NID_sha512; 579#endif 580 } 581 break; 582 default: 583 INSIST(0); 584 } 585 586 if (sig->length != (unsigned int) RSA_size(rsa)) 587 return (DST_R_VERIFYFAILURE); 588 589#if OPENSSL_VERSION_NUMBER < 0x00908000L 590 switch (dctx->key->key_alg) { 591 case DST_ALG_RSAMD5: 592 case DST_ALG_RSASHA1: 593 case DST_ALG_NSEC3RSASHA1: 594 INSIST(type != 0); 595 status = RSA_verify(type, digest, digestlen, sig->base, 596 RSA_size(rsa), rsa); 597 break; 598 599 case DST_ALG_RSASHA256: 600 case DST_ALG_RSASHA512: 601 { 602 /* 603 * 1024 is big enough for all valid RSA bit sizes 604 * for use with DNSSEC. 605 */ 606 unsigned char original[PREFIXLEN + 1024]; 607 608 INSIST(prefix != NULL); 609 INSIST(prefixlen != 0U); 610 611 if (RSA_size(rsa) > (int)sizeof(original)) 612 return (DST_R_VERIFYFAILURE); 613 614 status = RSA_public_decrypt(sig->length, sig->base, 615 original, rsa, 616 RSA_PKCS1_PADDING); 617 if (status <= 0) 618 return (DST_R_VERIFYFAILURE); 619 if (status != (int)(prefixlen + digestlen)) 620 return (DST_R_VERIFYFAILURE); 621 if (memcmp(original, prefix, prefixlen)) 622 return (DST_R_VERIFYFAILURE); 623 if (memcmp(original + prefixlen, digest, digestlen)) 624 return (DST_R_VERIFYFAILURE); 625 status = 1; 626 } 627 break; 628 629 default: 630 INSIST(0); 631 } 632#else 633 INSIST(type != 0); 634 status = RSA_verify(type, digest, digestlen, sig->base, 635 RSA_size(rsa), rsa); 636#endif 637#endif 638 if (status != 1) 639 return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); 640 641 return (ISC_R_SUCCESS); 642} 643 644static isc_boolean_t 645opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) { 646 int status; 647 RSA *rsa1 = NULL, *rsa2 = NULL; 648#if USE_EVP 649 EVP_PKEY *pkey1, *pkey2; 650#endif 651 652#if USE_EVP 653 pkey1 = key1->keydata.pkey; 654 pkey2 = key2->keydata.pkey; 655 /* 656 * The pkey reference will keep these around after 657 * the RSA_free() call. 658 */ 659 if (pkey1 != NULL) { 660 rsa1 = EVP_PKEY_get1_RSA(pkey1); 661 RSA_free(rsa1); 662 } 663 if (pkey2 != NULL) { 664 rsa2 = EVP_PKEY_get1_RSA(pkey2); 665 RSA_free(rsa2); 666 } 667#else 668 rsa1 = key1->keydata.rsa; 669 rsa2 = key2->keydata.rsa; 670#endif 671 672 if (rsa1 == NULL && rsa2 == NULL) 673 return (ISC_TRUE); 674 else if (rsa1 == NULL || rsa2 == NULL) 675 return (ISC_FALSE); 676 677 status = BN_cmp(rsa1->n, rsa2->n) || 678 BN_cmp(rsa1->e, rsa2->e); 679 680 if (status != 0) 681 return (ISC_FALSE); 682 683#if USE_EVP 684 if ((rsa1->flags & RSA_FLAG_EXT_PKEY) != 0 || 685 (rsa2->flags & RSA_FLAG_EXT_PKEY) != 0) { 686 if ((rsa1->flags & RSA_FLAG_EXT_PKEY) == 0 || 687 (rsa2->flags & RSA_FLAG_EXT_PKEY) == 0) 688 return (ISC_FALSE); 689 /* 690 * Can't compare private parameters, BTW does it make sense? 691 */ 692 return (ISC_TRUE); 693 } 694#endif 695 696 if (rsa1->d != NULL || rsa2->d != NULL) { 697 if (rsa1->d == NULL || rsa2->d == NULL) 698 return (ISC_FALSE); 699 status = BN_cmp(rsa1->d, rsa2->d) || 700 BN_cmp(rsa1->p, rsa2->p) || 701 BN_cmp(rsa1->q, rsa2->q); 702 703 if (status != 0) 704 return (ISC_FALSE); 705 } 706 return (ISC_TRUE); 707} 708 709#if OPENSSL_VERSION_NUMBER > 0x00908000L 710static int 711progress_cb(int p, int n, BN_GENCB *cb) 712{ 713 union { 714 void *dptr; 715 void (*fptr)(int); 716 } u; 717 718 UNUSED(n); 719 720 u.dptr = cb->arg; 721 if (u.fptr != NULL) 722 u.fptr(p); 723 return (1); 724} 725#endif 726 727static isc_result_t 728opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) { 729#if OPENSSL_VERSION_NUMBER > 0x00908000L 730 BN_GENCB cb; 731 union { 732 void *dptr; 733 void (*fptr)(int); 734 } u; 735 RSA *rsa = RSA_new(); 736 BIGNUM *e = BN_new(); 737#if USE_EVP 738 EVP_PKEY *pkey = EVP_PKEY_new(); 739#endif 740 741 if (rsa == NULL || e == NULL) 742 goto err; 743#if USE_EVP 744 if (pkey == NULL) 745 goto err; 746 if (!EVP_PKEY_set1_RSA(pkey, rsa)) 747 goto err; 748#endif 749 750 if (exp == 0) { 751 /* RSA_F4 0x10001 */ 752 BN_set_bit(e, 0); 753 BN_set_bit(e, 16); 754 } else { 755 /* F5 0x100000001 */ 756 BN_set_bit(e, 0); 757 BN_set_bit(e, 32); 758 } 759 760 if (callback == NULL) { 761 BN_GENCB_set_old(&cb, NULL, NULL); 762 } else { 763 u.fptr = callback; 764 BN_GENCB_set(&cb, &progress_cb, u.dptr); 765 } 766 767 if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) { 768 BN_free(e); 769 SET_FLAGS(rsa); 770#if USE_EVP 771 key->keydata.pkey = pkey; 772 773 RSA_free(rsa); 774#else 775 key->keydata.rsa = rsa; 776#endif 777 return (ISC_R_SUCCESS); 778 } 779 780err: 781#if USE_EVP 782 if (pkey != NULL) 783 EVP_PKEY_free(pkey); 784#endif 785 if (e != NULL) 786 BN_free(e); 787 if (rsa != NULL) 788 RSA_free(rsa); 789 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 790#else 791 RSA *rsa; 792 unsigned long e; 793#if USE_EVP 794 EVP_PKEY *pkey = EVP_PKEY_new(); 795 796 UNUSED(callback); 797 798 if (pkey == NULL) 799 return (ISC_R_NOMEMORY); 800#else 801 UNUSED(callback); 802#endif 803 804 if (exp == 0) 805 e = RSA_F4; 806 else 807 e = 0x40000003; 808 rsa = RSA_generate_key(key->key_size, e, NULL, NULL); 809 if (rsa == NULL) { 810#if USE_EVP 811 EVP_PKEY_free(pkey); 812#endif 813 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 814 } 815 SET_FLAGS(rsa); 816#if USE_EVP 817 if (!EVP_PKEY_set1_RSA(pkey, rsa)) { 818 EVP_PKEY_free(pkey); 819 RSA_free(rsa); 820 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 821 } 822 key->keydata.pkey = pkey; 823 RSA_free(rsa); 824#else 825 key->keydata.rsa = rsa; 826#endif 827 828 return (ISC_R_SUCCESS); 829#endif 830} 831 832static isc_boolean_t 833opensslrsa_isprivate(const dst_key_t *key) { 834#if USE_EVP 835 RSA *rsa = EVP_PKEY_get1_RSA(key->keydata.pkey); 836 INSIST(rsa != NULL); 837 RSA_free(rsa); 838 /* key->keydata.pkey still has a reference so rsa is still valid. */ 839#else 840 RSA *rsa = key->keydata.rsa; 841#endif 842 if (rsa != NULL && (rsa->flags & RSA_FLAG_EXT_PKEY) != 0) 843 return (ISC_TRUE); 844 return (ISC_TF(rsa != NULL && rsa->d != NULL)); 845} 846 847static void 848opensslrsa_destroy(dst_key_t *key) { 849#if USE_EVP 850 EVP_PKEY *pkey = key->keydata.pkey; 851 EVP_PKEY_free(pkey); 852 key->keydata.pkey = NULL; 853#else 854 RSA *rsa = key->keydata.rsa; 855 RSA_free(rsa); 856 key->keydata.rsa = NULL; 857#endif 858} 859 860 861static isc_result_t 862opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { 863 isc_region_t r; 864 unsigned int e_bytes; 865 unsigned int mod_bytes; 866 isc_result_t ret; 867 RSA *rsa; 868#if USE_EVP 869 EVP_PKEY *pkey; 870#endif 871 872#if USE_EVP 873 REQUIRE(key->keydata.pkey != NULL); 874#else 875 REQUIRE(key->keydata.rsa != NULL); 876#endif 877 878#if USE_EVP 879 pkey = key->keydata.pkey; 880 rsa = EVP_PKEY_get1_RSA(pkey); 881 if (rsa == NULL) 882 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 883#else 884 rsa = key->keydata.rsa; 885#endif 886 887 isc_buffer_availableregion(data, &r); 888 889 e_bytes = BN_num_bytes(rsa->e); 890 mod_bytes = BN_num_bytes(rsa->n); 891 892 if (e_bytes < 256) { /*%< key exponent is <= 2040 bits */ 893 if (r.length < 1) 894 DST_RET(ISC_R_NOSPACE); 895 isc_buffer_putuint8(data, (isc_uint8_t) e_bytes); 896 isc_region_consume(&r, 1); 897 } else { 898 if (r.length < 3) 899 DST_RET(ISC_R_NOSPACE); 900 isc_buffer_putuint8(data, 0); 901 isc_buffer_putuint16(data, (isc_uint16_t) e_bytes); 902 isc_region_consume(&r, 3); 903 } 904 905 if (r.length < e_bytes + mod_bytes) 906 DST_RET(ISC_R_NOSPACE); 907 908 BN_bn2bin(rsa->e, r.base); 909 isc_region_consume(&r, e_bytes); 910 BN_bn2bin(rsa->n, r.base); 911 912 isc_buffer_add(data, e_bytes + mod_bytes); 913 914 ret = ISC_R_SUCCESS; 915 err: 916#if USE_EVP 917 if (rsa != NULL) 918 RSA_free(rsa); 919#endif 920 return (ret); 921} 922 923static isc_result_t 924opensslrsa_fromdns(dst_key_t *key, isc_buffer_t *data) { 925 RSA *rsa; 926 isc_region_t r; 927 unsigned int e_bytes; 928#if USE_EVP 929 EVP_PKEY *pkey; 930#endif 931 932 isc_buffer_remainingregion(data, &r); 933 if (r.length == 0) 934 return (ISC_R_SUCCESS); 935 936 rsa = RSA_new(); 937 if (rsa == NULL) 938 return (dst__openssl_toresult(ISC_R_NOMEMORY)); 939 SET_FLAGS(rsa); 940 941 if (r.length < 1) { 942 RSA_free(rsa); 943 return (DST_R_INVALIDPUBLICKEY); 944 } 945 e_bytes = *r.base++; 946 r.length--; 947 948 if (e_bytes == 0) { 949 if (r.length < 2) { 950 RSA_free(rsa); 951 return (DST_R_INVALIDPUBLICKEY); 952 } 953 e_bytes = ((*r.base++) << 8); 954 e_bytes += *r.base++; 955 r.length -= 2; 956 } 957 958 if (r.length < e_bytes) { 959 RSA_free(rsa); 960 return (DST_R_INVALIDPUBLICKEY); 961 } 962 rsa->e = BN_bin2bn(r.base, e_bytes, NULL); 963 r.base += e_bytes; 964 r.length -= e_bytes; 965 966 rsa->n = BN_bin2bn(r.base, r.length, NULL); 967 968 key->key_size = BN_num_bits(rsa->n); 969 970 isc_buffer_forward(data, r.length); 971 972#if USE_EVP 973 pkey = EVP_PKEY_new(); 974 if (pkey == NULL) { 975 RSA_free(rsa); 976 return (ISC_R_NOMEMORY); 977 } 978 if (!EVP_PKEY_set1_RSA(pkey, rsa)) { 979 EVP_PKEY_free(pkey); 980 RSA_free(rsa); 981 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 982 } 983 key->keydata.pkey = pkey; 984 RSA_free(rsa); 985#else 986 key->keydata.rsa = rsa; 987#endif 988 989 return (ISC_R_SUCCESS); 990} 991 992static isc_result_t 993opensslrsa_tofile(const dst_key_t *key, const char *directory) { 994 int i; 995 RSA *rsa; 996 dst_private_t priv; 997 unsigned char *bufs[8]; 998 isc_result_t result; 999 1000#if USE_EVP 1001 if (key->keydata.pkey == NULL) 1002 return (DST_R_NULLKEY); 1003 rsa = EVP_PKEY_get1_RSA(key->keydata.pkey); 1004 if (rsa == NULL) 1005 return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 1006#else 1007 if (key->keydata.rsa == NULL) 1008 return (DST_R_NULLKEY); 1009 rsa = key->keydata.rsa; 1010#endif 1011 1012 for (i = 0; i < 8; i++) { 1013 bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(rsa->n)); 1014 if (bufs[i] == NULL) { 1015 result = ISC_R_NOMEMORY; 1016 goto fail; 1017 } 1018 } 1019 1020 i = 0; 1021 1022 priv.elements[i].tag = TAG_RSA_MODULUS; 1023 priv.elements[i].length = BN_num_bytes(rsa->n); 1024 BN_bn2bin(rsa->n, bufs[i]); 1025 priv.elements[i].data = bufs[i]; 1026 i++; 1027 1028 priv.elements[i].tag = TAG_RSA_PUBLICEXPONENT; 1029 priv.elements[i].length = BN_num_bytes(rsa->e); 1030 BN_bn2bin(rsa->e, bufs[i]); 1031 priv.elements[i].data = bufs[i]; 1032 i++; 1033 1034 if (rsa->d != NULL) { 1035 priv.elements[i].tag = TAG_RSA_PRIVATEEXPONENT; 1036 priv.elements[i].length = BN_num_bytes(rsa->d); 1037 BN_bn2bin(rsa->d, bufs[i]); 1038 priv.elements[i].data = bufs[i]; 1039 i++; 1040 } 1041 1042 if (rsa->p != NULL) { 1043 priv.elements[i].tag = TAG_RSA_PRIME1; 1044 priv.elements[i].length = BN_num_bytes(rsa->p); 1045 BN_bn2bin(rsa->p, bufs[i]); 1046 priv.elements[i].data = bufs[i]; 1047 i++; 1048 } 1049 1050 if (rsa->q != NULL) { 1051 priv.elements[i].tag = TAG_RSA_PRIME2; 1052 priv.elements[i].length = BN_num_bytes(rsa->q); 1053 BN_bn2bin(rsa->q, bufs[i]); 1054 priv.elements[i].data = bufs[i]; 1055 i++; 1056 } 1057 1058 if (rsa->dmp1 != NULL) { 1059 priv.elements[i].tag = TAG_RSA_EXPONENT1; 1060 priv.elements[i].length = BN_num_bytes(rsa->dmp1); 1061 BN_bn2bin(rsa->dmp1, bufs[i]); 1062 priv.elements[i].data = bufs[i]; 1063 i++; 1064 } 1065 1066 if (rsa->dmq1 != NULL) { 1067 priv.elements[i].tag = TAG_RSA_EXPONENT2; 1068 priv.elements[i].length = BN_num_bytes(rsa->dmq1); 1069 BN_bn2bin(rsa->dmq1, bufs[i]); 1070 priv.elements[i].data = bufs[i]; 1071 i++; 1072 } 1073 1074 if (rsa->iqmp != NULL) { 1075 priv.elements[i].tag = TAG_RSA_COEFFICIENT; 1076 priv.elements[i].length = BN_num_bytes(rsa->iqmp); 1077 BN_bn2bin(rsa->iqmp, bufs[i]); 1078 priv.elements[i].data = bufs[i]; 1079 i++; 1080 } 1081 1082 if (key->engine != NULL) { 1083 priv.elements[i].tag = TAG_RSA_ENGINE; 1084 priv.elements[i].length = strlen(key->engine) + 1; 1085 priv.elements[i].data = (unsigned char *)key->engine; 1086 i++; 1087 } 1088 1089 if (key->label != NULL) { 1090 priv.elements[i].tag = TAG_RSA_LABEL; 1091 priv.elements[i].length = strlen(key->label) + 1; 1092 priv.elements[i].data = (unsigned char *)key->label; 1093 i++; 1094 } 1095 1096 1097 priv.nelements = i; 1098 result = dst__privstruct_writefile(key, &priv, directory); 1099 fail: 1100#if USE_EVP 1101 RSA_free(rsa); 1102#endif 1103 for (i = 0; i < 8; i++) { 1104 if (bufs[i] == NULL) 1105 break; 1106 isc_mem_put(key->mctx, bufs[i], BN_num_bytes(rsa->n)); 1107 } 1108 return (result); 1109} 1110 1111static isc_result_t 1112rsa_check(RSA *rsa, RSA *pub) 1113{ 1114 /* Public parameters should be the same but if they are not set 1115 * copy them from the public key. */ 1116 if (pub != NULL) { 1117 if (rsa->n != NULL) { 1118 if (BN_cmp(rsa->n, pub->n) != 0) 1119 return (DST_R_INVALIDPRIVATEKEY); 1120 } else { 1121 rsa->n = pub->n; 1122 pub->n = NULL; 1123 } 1124 if (rsa->e != NULL) { 1125 if (BN_cmp(rsa->e, pub->e) != 0) 1126 return (DST_R_INVALIDPRIVATEKEY); 1127 } else { 1128 rsa->e = pub->e; 1129 pub->e = NULL; 1130 } 1131 } 1132 if (rsa->n == NULL || rsa->e == NULL) 1133 return (DST_R_INVALIDPRIVATEKEY); 1134 return (ISC_R_SUCCESS); 1135} 1136 1137static isc_result_t 1138opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { 1139 dst_private_t priv; 1140 isc_result_t ret; 1141 int i; 1142 RSA *rsa = NULL, *pubrsa = NULL; 1143#ifdef USE_ENGINE 1144 ENGINE *e = NULL; 1145#endif 1146 isc_mem_t *mctx = key->mctx; 1147 const char *engine = NULL, *label = NULL; 1148#if defined(USE_ENGINE) || USE_EVP 1149 EVP_PKEY *pkey = NULL; 1150#endif 1151 1152#if USE_EVP 1153 if (pub != NULL && pub->keydata.pkey != NULL) 1154 pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey); 1155#else 1156 if (pub != NULL && pub->keydata.rsa != NULL) { 1157 pubrsa = pub->keydata.rsa; 1158 pub->keydata.rsa = NULL; 1159 } 1160#endif 1161 1162 /* read private key file */ 1163 ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); 1164 if (ret != ISC_R_SUCCESS) 1165 return (ret); 1166 1167 for (i = 0; i < priv.nelements; i++) { 1168 switch (priv.elements[i].tag) { 1169 case TAG_RSA_ENGINE: 1170 engine = (char *)priv.elements[i].data; 1171 break; 1172 case TAG_RSA_LABEL: 1173 label = (char *)priv.elements[i].data; 1174 break; 1175 default: 1176 break; 1177 } 1178 } 1179 /* 1180 * Is this key is stored in a HSM? 1181 * See if we can fetch it. 1182 */ 1183 if (label != NULL) { 1184#ifdef USE_ENGINE 1185 if (engine == NULL) 1186 DST_RET(DST_R_NOENGINE); 1187 e = dst__openssl_getengine(engine); 1188 if (e == NULL) 1189 DST_RET(DST_R_NOENGINE); 1190 pkey = ENGINE_load_private_key(e, label, NULL, NULL); 1191 if (pkey == NULL) { 1192 /* ERR_print_errors_fp(stderr); */ 1193 DST_RET(ISC_R_NOTFOUND); 1194 } 1195 key->engine = isc_mem_strdup(key->mctx, engine); 1196 if (key->engine == NULL) 1197 DST_RET(ISC_R_NOMEMORY); 1198 key->label = isc_mem_strdup(key->mctx, label); 1199 if (key->label == NULL) 1200 DST_RET(ISC_R_NOMEMORY); 1201 rsa = EVP_PKEY_get1_RSA(pkey); 1202 if (rsa == NULL) 1203 DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 1204 if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS) 1205 DST_RET(DST_R_INVALIDPRIVATEKEY); 1206 if (pubrsa != NULL) 1207 RSA_free(pubrsa); 1208 key->key_size = EVP_PKEY_bits(pkey); 1209#if USE_EVP 1210 key->keydata.pkey = pkey; 1211 RSA_free(rsa); 1212#else 1213 key->keydata.rsa = rsa; 1214 EVP_PKEY_free(pkey); 1215#endif 1216 dst__privstruct_free(&priv, mctx); 1217 memset(&priv, 0, sizeof(priv)); 1218 return (ISC_R_SUCCESS); 1219#else 1220 DST_RET(DST_R_NOENGINE); 1221#endif 1222 } 1223 1224 rsa = RSA_new(); 1225 if (rsa == NULL) 1226 DST_RET(ISC_R_NOMEMORY); 1227 SET_FLAGS(rsa); 1228 1229#if USE_EVP 1230 pkey = EVP_PKEY_new(); 1231 if (pkey == NULL) 1232 DST_RET(ISC_R_NOMEMORY); 1233 if (!EVP_PKEY_set1_RSA(pkey, rsa)) 1234 DST_RET(ISC_R_FAILURE); 1235 key->keydata.pkey = pkey; 1236#else 1237 key->keydata.rsa = rsa; 1238#endif 1239 1240 for (i = 0; i < priv.nelements; i++) { 1241 BIGNUM *bn; 1242 switch (priv.elements[i].tag) { 1243 case TAG_RSA_ENGINE: 1244 continue; 1245 case TAG_RSA_LABEL: 1246 continue; 1247 case TAG_RSA_PIN: 1248 continue; 1249 default: 1250 bn = BN_bin2bn(priv.elements[i].data, 1251 priv.elements[i].length, NULL); 1252 if (bn == NULL) 1253 DST_RET(ISC_R_NOMEMORY); 1254 } 1255 1256 switch (priv.elements[i].tag) { 1257 case TAG_RSA_MODULUS: 1258 rsa->n = bn; 1259 break; 1260 case TAG_RSA_PUBLICEXPONENT: 1261 rsa->e = bn; 1262 break; 1263 case TAG_RSA_PRIVATEEXPONENT: 1264 rsa->d = bn; 1265 break; 1266 case TAG_RSA_PRIME1: 1267 rsa->p = bn; 1268 break; 1269 case TAG_RSA_PRIME2: 1270 rsa->q = bn; 1271 break; 1272 case TAG_RSA_EXPONENT1: 1273 rsa->dmp1 = bn; 1274 break; 1275 case TAG_RSA_EXPONENT2: 1276 rsa->dmq1 = bn; 1277 break; 1278 case TAG_RSA_COEFFICIENT: 1279 rsa->iqmp = bn; 1280 break; 1281 } 1282 } 1283 dst__privstruct_free(&priv, mctx); 1284 memset(&priv, 0, sizeof(priv)); 1285 1286 if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS) 1287 DST_RET(DST_R_INVALIDPRIVATEKEY); 1288 key->key_size = BN_num_bits(rsa->n); 1289 if (pubrsa != NULL) 1290 RSA_free(pubrsa); 1291#if USE_EVP 1292 RSA_free(rsa); 1293#endif 1294 1295 return (ISC_R_SUCCESS); 1296 1297 err: 1298#if USE_EVP 1299 if (pkey != NULL) 1300 EVP_PKEY_free(pkey); 1301#endif 1302 if (rsa != NULL) 1303 RSA_free(rsa); 1304 if (pubrsa != NULL) 1305 RSA_free(pubrsa); 1306 opensslrsa_destroy(key); 1307 dst__privstruct_free(&priv, mctx); 1308 memset(&priv, 0, sizeof(priv)); 1309 return (ret); 1310} 1311 1312static isc_result_t 1313opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label, 1314 const char *pin) 1315{ 1316#ifdef USE_ENGINE 1317 ENGINE *e = NULL; 1318 isc_result_t ret; 1319 EVP_PKEY *pkey = NULL; 1320 RSA *rsa = NULL, *pubrsa = NULL; 1321 char *colon; 1322 1323 UNUSED(pin); 1324 1325 if (engine == NULL) 1326 DST_RET(DST_R_NOENGINE); 1327 e = dst__openssl_getengine(engine); 1328 if (e == NULL) 1329 DST_RET(DST_R_NOENGINE); 1330 pkey = ENGINE_load_public_key(e, label, NULL, NULL); 1331 if (pkey != NULL) { 1332 pubrsa = EVP_PKEY_get1_RSA(pkey); 1333 EVP_PKEY_free(pkey); 1334 if (pubrsa == NULL) 1335 DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 1336 } 1337 pkey = ENGINE_load_private_key(e, label, NULL, NULL); 1338 if (pkey == NULL) 1339 DST_RET(ISC_R_NOTFOUND); 1340 if (engine != NULL) { 1341 key->engine = isc_mem_strdup(key->mctx, engine); 1342 if (key->engine == NULL) 1343 DST_RET(ISC_R_NOMEMORY); 1344 } else { 1345 key->engine = isc_mem_strdup(key->mctx, label); 1346 if (key->engine == NULL) 1347 DST_RET(ISC_R_NOMEMORY); 1348 colon = strchr(key->engine, ':'); 1349 if (colon != NULL) 1350 *colon = '\0'; 1351 } 1352 key->label = isc_mem_strdup(key->mctx, label); 1353 if (key->label == NULL) 1354 DST_RET(ISC_R_NOMEMORY); 1355 rsa = EVP_PKEY_get1_RSA(pkey); 1356 if (rsa == NULL) 1357 DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); 1358 if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS) 1359 DST_RET(DST_R_INVALIDPRIVATEKEY); 1360 if (pubrsa != NULL) 1361 RSA_free(pubrsa); 1362 key->key_size = EVP_PKEY_bits(pkey); 1363#if USE_EVP 1364 key->keydata.pkey = pkey; 1365 RSA_free(rsa); 1366#else 1367 key->keydata.rsa = rsa; 1368 EVP_PKEY_free(pkey); 1369#endif 1370 return (ISC_R_SUCCESS); 1371 1372 err: 1373 if (rsa != NULL) 1374 RSA_free(rsa); 1375 if (pubrsa != NULL) 1376 RSA_free(pubrsa); 1377 if (pkey != NULL) 1378 EVP_PKEY_free(pkey); 1379 return (ret); 1380#else 1381 UNUSED(key); 1382 UNUSED(engine); 1383 UNUSED(label); 1384 UNUSED(pin); 1385 return(DST_R_NOENGINE); 1386#endif 1387} 1388 1389static dst_func_t opensslrsa_functions = { 1390 opensslrsa_createctx, 1391 opensslrsa_destroyctx, 1392 opensslrsa_adddata, 1393 opensslrsa_sign, 1394 opensslrsa_verify, 1395 NULL, /*%< computesecret */ 1396 opensslrsa_compare, 1397 NULL, /*%< paramcompare */ 1398 opensslrsa_generate, 1399 opensslrsa_isprivate, 1400 opensslrsa_destroy, 1401 opensslrsa_todns, 1402 opensslrsa_fromdns, 1403 opensslrsa_tofile, 1404 opensslrsa_parse, 1405 NULL, /*%< cleanup */ 1406 opensslrsa_fromlabel, 1407 NULL, /*%< dump */ 1408 NULL, /*%< restore */ 1409}; 1410 1411isc_result_t 1412dst__opensslrsa_init(dst_func_t **funcp, unsigned char algorithm) { 1413 REQUIRE(funcp != NULL); 1414 1415 if (*funcp == NULL) { 1416 switch (algorithm) { 1417 case DST_ALG_RSASHA256: 1418#if defined(HAVE_EVP_SHA256) || !USE_EVP 1419 *funcp = &opensslrsa_functions; 1420#endif 1421 break; 1422 case DST_ALG_RSASHA512: 1423#if defined(HAVE_EVP_SHA512) || !USE_EVP 1424 *funcp = &opensslrsa_functions; 1425#endif 1426 break; 1427 default: 1428 *funcp = &opensslrsa_functions; 1429 break; 1430 } 1431 } 1432 return (ISC_R_SUCCESS); 1433} 1434 1435#else /* OPENSSL */ 1436 1437#include <isc/util.h> 1438 1439EMPTY_TRANSLATION_UNIT 1440 1441#endif /* OPENSSL */ 1442/*! \file */ 1443