• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2  * project 2006.
3  */
4 /* ====================================================================
5  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in
16  *    the documentation and/or other materials provided with the
17  *    distribution.
18  *
19  * 3. All advertising materials mentioning features or use of this
20  *    software must display the following acknowledgment:
21  *    "This product includes software developed by the OpenSSL Project
22  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23  *
24  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25  *    endorse or promote products derived from this software without
26  *    prior written permission. For written permission, please contact
27  *    licensing@OpenSSL.org.
28  *
29  * 5. Products derived from this software may not be called "OpenSSL"
30  *    nor may "OpenSSL" appear in their names without prior written
31  *    permission of the OpenSSL Project.
32  *
33  * 6. Redistributions of any form whatsoever must retain the following
34  *    acknowledgment:
35  *    "This product includes software developed by the OpenSSL Project
36  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37  *
38  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49  * OF THE POSSIBILITY OF SUCH DAMAGE.
50  * ====================================================================
51  *
52  * This product includes cryptographic software written by Eric Young
53  * (eay@cryptsoft.com).  This product includes software written by Tim
54  * Hudson (tjh@cryptsoft.com). */
55 
56 #include <openssl/evp.h>
57 
58 #include <openssl/bn.h>
59 #include <openssl/bytestring.h>
60 #include <openssl/digest.h>
61 #include <openssl/err.h>
62 #include <openssl/mem.h>
63 #include <openssl/rsa.h>
64 
65 #include "../fipsmodule/rsa/internal.h"
66 #include "internal.h"
67 
68 
rsa_pub_encode(CBB * out,const EVP_PKEY * key)69 static int rsa_pub_encode(CBB *out, const EVP_PKEY *key) {
70   // See RFC 3279, section 2.3.1.
71   CBB spki, algorithm, oid, null, key_bitstring;
72   if (!CBB_add_asn1(out, &spki, CBS_ASN1_SEQUENCE) ||
73       !CBB_add_asn1(&spki, &algorithm, CBS_ASN1_SEQUENCE) ||
74       !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
75       !CBB_add_bytes(&oid, rsa_asn1_meth.oid, rsa_asn1_meth.oid_len) ||
76       !CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL) ||
77       !CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) ||
78       !CBB_add_u8(&key_bitstring, 0 /* padding */) ||
79       !RSA_marshal_public_key(&key_bitstring, key->pkey.rsa) ||
80       !CBB_flush(out)) {
81     OPENSSL_PUT_ERROR(EVP, EVP_R_ENCODE_ERROR);
82     return 0;
83   }
84 
85   return 1;
86 }
87 
rsa_pub_decode(EVP_PKEY * out,CBS * params,CBS * key)88 static int rsa_pub_decode(EVP_PKEY *out, CBS *params, CBS *key) {
89   // See RFC 3279, section 2.3.1.
90 
91   // The parameters must be NULL.
92   CBS null;
93   if (!CBS_get_asn1(params, &null, CBS_ASN1_NULL) ||
94       CBS_len(&null) != 0 ||
95       CBS_len(params) != 0) {
96     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
97     return 0;
98   }
99 
100   RSA *rsa = RSA_parse_public_key(key);
101   if (rsa == NULL || CBS_len(key) != 0) {
102     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
103     RSA_free(rsa);
104     return 0;
105   }
106 
107   EVP_PKEY_assign_RSA(out, rsa);
108   return 1;
109 }
110 
rsa_pub_cmp(const EVP_PKEY * a,const EVP_PKEY * b)111 static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) {
112   return BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) == 0 &&
113          BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) == 0;
114 }
115 
rsa_priv_encode(CBB * out,const EVP_PKEY * key)116 static int rsa_priv_encode(CBB *out, const EVP_PKEY *key) {
117   CBB pkcs8, algorithm, oid, null, private_key;
118   if (!CBB_add_asn1(out, &pkcs8, CBS_ASN1_SEQUENCE) ||
119       !CBB_add_asn1_uint64(&pkcs8, 0 /* version */) ||
120       !CBB_add_asn1(&pkcs8, &algorithm, CBS_ASN1_SEQUENCE) ||
121       !CBB_add_asn1(&algorithm, &oid, CBS_ASN1_OBJECT) ||
122       !CBB_add_bytes(&oid, rsa_asn1_meth.oid, rsa_asn1_meth.oid_len) ||
123       !CBB_add_asn1(&algorithm, &null, CBS_ASN1_NULL) ||
124       !CBB_add_asn1(&pkcs8, &private_key, CBS_ASN1_OCTETSTRING) ||
125       !RSA_marshal_private_key(&private_key, key->pkey.rsa) ||
126       !CBB_flush(out)) {
127     OPENSSL_PUT_ERROR(EVP, EVP_R_ENCODE_ERROR);
128     return 0;
129   }
130 
131   return 1;
132 }
133 
rsa_priv_decode(EVP_PKEY * out,CBS * params,CBS * key)134 static int rsa_priv_decode(EVP_PKEY *out, CBS *params, CBS *key) {
135   // Per RFC 3447, A.1, the parameters have type NULL.
136   CBS null;
137   if (!CBS_get_asn1(params, &null, CBS_ASN1_NULL) ||
138       CBS_len(&null) != 0 ||
139       CBS_len(params) != 0) {
140     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
141     return 0;
142   }
143 
144   RSA *rsa = RSA_parse_private_key(key);
145   if (rsa == NULL || CBS_len(key) != 0) {
146     OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);
147     RSA_free(rsa);
148     return 0;
149   }
150 
151   EVP_PKEY_assign_RSA(out, rsa);
152   return 1;
153 }
154 
rsa_opaque(const EVP_PKEY * pkey)155 static int rsa_opaque(const EVP_PKEY *pkey) {
156   return RSA_is_opaque(pkey->pkey.rsa);
157 }
158 
int_rsa_size(const EVP_PKEY * pkey)159 static int int_rsa_size(const EVP_PKEY *pkey) {
160   return RSA_size(pkey->pkey.rsa);
161 }
162 
rsa_bits(const EVP_PKEY * pkey)163 static int rsa_bits(const EVP_PKEY *pkey) {
164   return RSA_bits(pkey->pkey.rsa);
165 }
166 
int_rsa_free(EVP_PKEY * pkey)167 static void int_rsa_free(EVP_PKEY *pkey) { RSA_free(pkey->pkey.rsa); }
168 
169 const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = {
170   EVP_PKEY_RSA,
171   // 1.2.840.113549.1.1.1
172   {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01}, 9,
173 
174   rsa_pub_decode,
175   rsa_pub_encode,
176   rsa_pub_cmp,
177 
178   rsa_priv_decode,
179   rsa_priv_encode,
180 
181   rsa_opaque,
182 
183   int_rsa_size,
184   rsa_bits,
185 
186   0,0,0,
187 
188   int_rsa_free,
189 };
190