1e1051a39Sopenharmony_ci/*
2e1051a39Sopenharmony_ci * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
3e1051a39Sopenharmony_ci *
4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License").  You may not use
5e1051a39Sopenharmony_ci * this file except in compliance with the License.  You can obtain a copy
6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at
7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html
8e1051a39Sopenharmony_ci */
9e1051a39Sopenharmony_ci
10e1051a39Sopenharmony_ci/*
11e1051a39Sopenharmony_ci * RSA low level APIs are deprecated for public use, but still ok for
12e1051a39Sopenharmony_ci * internal use.
13e1051a39Sopenharmony_ci */
14e1051a39Sopenharmony_ci#include "internal/deprecated.h"
15e1051a39Sopenharmony_ci
16e1051a39Sopenharmony_ci#include <stdio.h>
17e1051a39Sopenharmony_ci#include "internal/cryptlib.h"
18e1051a39Sopenharmony_ci#include <openssl/bn.h>
19e1051a39Sopenharmony_ci#include <openssl/x509.h>
20e1051a39Sopenharmony_ci#include <openssl/asn1t.h>
21e1051a39Sopenharmony_ci#include "rsa_local.h"
22e1051a39Sopenharmony_ci
23e1051a39Sopenharmony_ci/*
24e1051a39Sopenharmony_ci * Override the default free and new methods,
25e1051a39Sopenharmony_ci * and calculate helper products for multi-prime
26e1051a39Sopenharmony_ci * RSA keys.
27e1051a39Sopenharmony_ci */
28e1051a39Sopenharmony_cistatic int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
29e1051a39Sopenharmony_ci                  void *exarg)
30e1051a39Sopenharmony_ci{
31e1051a39Sopenharmony_ci    if (operation == ASN1_OP_NEW_PRE) {
32e1051a39Sopenharmony_ci        *pval = (ASN1_VALUE *)RSA_new();
33e1051a39Sopenharmony_ci        if (*pval != NULL)
34e1051a39Sopenharmony_ci            return 2;
35e1051a39Sopenharmony_ci        return 0;
36e1051a39Sopenharmony_ci    } else if (operation == ASN1_OP_FREE_PRE) {
37e1051a39Sopenharmony_ci        RSA_free((RSA *)*pval);
38e1051a39Sopenharmony_ci        *pval = NULL;
39e1051a39Sopenharmony_ci        return 2;
40e1051a39Sopenharmony_ci    } else if (operation == ASN1_OP_D2I_POST) {
41e1051a39Sopenharmony_ci        if (((RSA *)*pval)->version != RSA_ASN1_VERSION_MULTI) {
42e1051a39Sopenharmony_ci            /* not a multi-prime key, skip */
43e1051a39Sopenharmony_ci            return 1;
44e1051a39Sopenharmony_ci        }
45e1051a39Sopenharmony_ci        return (ossl_rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0;
46e1051a39Sopenharmony_ci    }
47e1051a39Sopenharmony_ci    return 1;
48e1051a39Sopenharmony_ci}
49e1051a39Sopenharmony_ci
50e1051a39Sopenharmony_ci/* Based on definitions in RFC 8017 appendix A.1.2 */
51e1051a39Sopenharmony_ciASN1_SEQUENCE(RSA_PRIME_INFO) = {
52e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA_PRIME_INFO, r, CBIGNUM),
53e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA_PRIME_INFO, d, CBIGNUM),
54e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA_PRIME_INFO, t, CBIGNUM),
55e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END(RSA_PRIME_INFO)
56e1051a39Sopenharmony_ci
57e1051a39Sopenharmony_ciASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
58e1051a39Sopenharmony_ci        ASN1_EMBED(RSA, version, INT32),
59e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, n, BIGNUM),
60e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, e, BIGNUM),
61e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, d, CBIGNUM),
62e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, p, CBIGNUM),
63e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, q, CBIGNUM),
64e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, dmp1, CBIGNUM),
65e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, dmq1, CBIGNUM),
66e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, iqmp, CBIGNUM),
67e1051a39Sopenharmony_ci        ASN1_SEQUENCE_OF_OPT(RSA, prime_infos, RSA_PRIME_INFO)
68e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
69e1051a39Sopenharmony_ci
70e1051a39Sopenharmony_ci
71e1051a39Sopenharmony_ciASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
72e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, n, BIGNUM),
73e1051a39Sopenharmony_ci        ASN1_SIMPLE(RSA, e, BIGNUM),
74e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
75e1051a39Sopenharmony_ci
76e1051a39Sopenharmony_ci/* Free up maskHash */
77e1051a39Sopenharmony_cistatic int rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
78e1051a39Sopenharmony_ci                      void *exarg)
79e1051a39Sopenharmony_ci{
80e1051a39Sopenharmony_ci    if (operation == ASN1_OP_FREE_PRE) {
81e1051a39Sopenharmony_ci        RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval;
82e1051a39Sopenharmony_ci        X509_ALGOR_free(pss->maskHash);
83e1051a39Sopenharmony_ci    }
84e1051a39Sopenharmony_ci    return 1;
85e1051a39Sopenharmony_ci}
86e1051a39Sopenharmony_ci
87e1051a39Sopenharmony_ciASN1_SEQUENCE_cb(RSA_PSS_PARAMS, rsa_pss_cb) = {
88e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
89e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
90e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
91e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
92e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END_cb(RSA_PSS_PARAMS, RSA_PSS_PARAMS)
93e1051a39Sopenharmony_ci
94e1051a39Sopenharmony_ciIMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
95e1051a39Sopenharmony_ciIMPLEMENT_ASN1_DUP_FUNCTION(RSA_PSS_PARAMS)
96e1051a39Sopenharmony_ci
97e1051a39Sopenharmony_ci/* Free up maskHash */
98e1051a39Sopenharmony_cistatic int rsa_oaep_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
99e1051a39Sopenharmony_ci                       void *exarg)
100e1051a39Sopenharmony_ci{
101e1051a39Sopenharmony_ci    if (operation == ASN1_OP_FREE_PRE) {
102e1051a39Sopenharmony_ci        RSA_OAEP_PARAMS *oaep = (RSA_OAEP_PARAMS *)*pval;
103e1051a39Sopenharmony_ci        X509_ALGOR_free(oaep->maskHash);
104e1051a39Sopenharmony_ci    }
105e1051a39Sopenharmony_ci    return 1;
106e1051a39Sopenharmony_ci}
107e1051a39Sopenharmony_ci
108e1051a39Sopenharmony_ciASN1_SEQUENCE_cb(RSA_OAEP_PARAMS, rsa_oaep_cb) = {
109e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0),
110e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1),
111e1051a39Sopenharmony_ci        ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2),
112e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END_cb(RSA_OAEP_PARAMS, RSA_OAEP_PARAMS)
113e1051a39Sopenharmony_ci
114e1051a39Sopenharmony_ciIMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
115e1051a39Sopenharmony_ci
116e1051a39Sopenharmony_ciIMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPrivateKey, RSAPrivateKey)
117e1051a39Sopenharmony_ci
118e1051a39Sopenharmony_ciIMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPublicKey, RSAPublicKey)
119e1051a39Sopenharmony_ci
120e1051a39Sopenharmony_ciRSA *RSAPublicKey_dup(const RSA *rsa)
121e1051a39Sopenharmony_ci{
122e1051a39Sopenharmony_ci    return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
123e1051a39Sopenharmony_ci}
124e1051a39Sopenharmony_ci
125e1051a39Sopenharmony_ciRSA *RSAPrivateKey_dup(const RSA *rsa)
126e1051a39Sopenharmony_ci{
127e1051a39Sopenharmony_ci    return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
128e1051a39Sopenharmony_ci}
129