1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci/* 11e1051a39Sopenharmony_ci * RSA low level APIs are deprecated for public use, but still ok for 12e1051a39Sopenharmony_ci * internal use. 13e1051a39Sopenharmony_ci */ 14e1051a39Sopenharmony_ci#include "internal/deprecated.h" 15e1051a39Sopenharmony_ci 16e1051a39Sopenharmony_ci#include <openssl/core_dispatch.h> 17e1051a39Sopenharmony_ci#include <openssl/core_names.h> 18e1051a39Sopenharmony_ci#include <openssl/bn.h> 19e1051a39Sopenharmony_ci#include <openssl/err.h> 20e1051a39Sopenharmony_ci#include <openssl/rsa.h> 21e1051a39Sopenharmony_ci#include <openssl/evp.h> 22e1051a39Sopenharmony_ci#include <openssl/proverr.h> 23e1051a39Sopenharmony_ci#include "prov/implementations.h" 24e1051a39Sopenharmony_ci#include "prov/providercommon.h" 25e1051a39Sopenharmony_ci#include "prov/provider_ctx.h" 26e1051a39Sopenharmony_ci#include "crypto/rsa.h" 27e1051a39Sopenharmony_ci#include "crypto/cryptlib.h" 28e1051a39Sopenharmony_ci#include "internal/param_build_set.h" 29e1051a39Sopenharmony_ci 30e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_new_fn rsa_newdata; 31e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_new_fn rsapss_newdata; 32e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_init_fn rsa_gen_init; 33e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_init_fn rsapss_gen_init; 34e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_set_params_fn rsa_gen_set_params; 35e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_settable_params_fn rsa_gen_settable_params; 36e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_settable_params_fn rsapss_gen_settable_params; 37e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_fn rsa_gen; 38e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gen_cleanup_fn rsa_gen_cleanup; 39e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_load_fn rsa_load; 40e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_load_fn rsapss_load; 41e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_free_fn rsa_freedata; 42e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_get_params_fn rsa_get_params; 43e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_gettable_params_fn rsa_gettable_params; 44e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_has_fn rsa_has; 45e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_match_fn rsa_match; 46e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_validate_fn rsa_validate; 47e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_import_fn rsa_import; 48e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_import_types_fn rsa_import_types; 49e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_export_fn rsa_export; 50e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_export_types_fn rsa_export_types; 51e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_query_operation_name_fn rsa_query_operation_name; 52e1051a39Sopenharmony_cistatic OSSL_FUNC_keymgmt_dup_fn rsa_dup; 53e1051a39Sopenharmony_ci 54e1051a39Sopenharmony_ci#define RSA_DEFAULT_MD "SHA256" 55e1051a39Sopenharmony_ci#define RSA_PSS_DEFAULT_MD OSSL_DIGEST_NAME_SHA1 56e1051a39Sopenharmony_ci#define RSA_POSSIBLE_SELECTIONS \ 57e1051a39Sopenharmony_ci (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) 58e1051a39Sopenharmony_ci 59e1051a39Sopenharmony_ciDEFINE_STACK_OF(BIGNUM) 60e1051a39Sopenharmony_ciDEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) 61e1051a39Sopenharmony_ci 62e1051a39Sopenharmony_cistatic int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params, int *defaults_set, 63e1051a39Sopenharmony_ci const OSSL_PARAM params[], int rsa_type, 64e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx) 65e1051a39Sopenharmony_ci{ 66e1051a39Sopenharmony_ci if (!ossl_rsa_pss_params_30_fromdata(pss_params, defaults_set, 67e1051a39Sopenharmony_ci params, libctx)) 68e1051a39Sopenharmony_ci return 0; 69e1051a39Sopenharmony_ci 70e1051a39Sopenharmony_ci /* If not a PSS type RSA, sending us PSS parameters is wrong */ 71e1051a39Sopenharmony_ci if (rsa_type != RSA_FLAG_TYPE_RSASSAPSS 72e1051a39Sopenharmony_ci && !ossl_rsa_pss_params_30_is_unrestricted(pss_params)) 73e1051a39Sopenharmony_ci return 0; 74e1051a39Sopenharmony_ci 75e1051a39Sopenharmony_ci return 1; 76e1051a39Sopenharmony_ci} 77e1051a39Sopenharmony_ci 78e1051a39Sopenharmony_cistatic void *rsa_newdata(void *provctx) 79e1051a39Sopenharmony_ci{ 80e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); 81e1051a39Sopenharmony_ci RSA *rsa; 82e1051a39Sopenharmony_ci 83e1051a39Sopenharmony_ci if (!ossl_prov_is_running()) 84e1051a39Sopenharmony_ci return NULL; 85e1051a39Sopenharmony_ci 86e1051a39Sopenharmony_ci rsa = ossl_rsa_new_with_ctx(libctx); 87e1051a39Sopenharmony_ci if (rsa != NULL) { 88e1051a39Sopenharmony_ci RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); 89e1051a39Sopenharmony_ci RSA_set_flags(rsa, RSA_FLAG_TYPE_RSA); 90e1051a39Sopenharmony_ci } 91e1051a39Sopenharmony_ci return rsa; 92e1051a39Sopenharmony_ci} 93e1051a39Sopenharmony_ci 94e1051a39Sopenharmony_cistatic void *rsapss_newdata(void *provctx) 95e1051a39Sopenharmony_ci{ 96e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); 97e1051a39Sopenharmony_ci RSA *rsa; 98e1051a39Sopenharmony_ci 99e1051a39Sopenharmony_ci if (!ossl_prov_is_running()) 100e1051a39Sopenharmony_ci return NULL; 101e1051a39Sopenharmony_ci 102e1051a39Sopenharmony_ci rsa = ossl_rsa_new_with_ctx(libctx); 103e1051a39Sopenharmony_ci if (rsa != NULL) { 104e1051a39Sopenharmony_ci RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); 105e1051a39Sopenharmony_ci RSA_set_flags(rsa, RSA_FLAG_TYPE_RSASSAPSS); 106e1051a39Sopenharmony_ci } 107e1051a39Sopenharmony_ci return rsa; 108e1051a39Sopenharmony_ci} 109e1051a39Sopenharmony_ci 110e1051a39Sopenharmony_cistatic void rsa_freedata(void *keydata) 111e1051a39Sopenharmony_ci{ 112e1051a39Sopenharmony_ci RSA_free(keydata); 113e1051a39Sopenharmony_ci} 114e1051a39Sopenharmony_ci 115e1051a39Sopenharmony_cistatic int rsa_has(const void *keydata, int selection) 116e1051a39Sopenharmony_ci{ 117e1051a39Sopenharmony_ci const RSA *rsa = keydata; 118e1051a39Sopenharmony_ci int ok = 1; 119e1051a39Sopenharmony_ci 120e1051a39Sopenharmony_ci if (rsa == NULL || !ossl_prov_is_running()) 121e1051a39Sopenharmony_ci return 0; 122e1051a39Sopenharmony_ci if ((selection & RSA_POSSIBLE_SELECTIONS) == 0) 123e1051a39Sopenharmony_ci return 1; /* the selection is not missing */ 124e1051a39Sopenharmony_ci 125e1051a39Sopenharmony_ci /* OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS are always available even if empty */ 126e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) 127e1051a39Sopenharmony_ci ok = ok && (RSA_get0_n(rsa) != NULL); 128e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) 129e1051a39Sopenharmony_ci ok = ok && (RSA_get0_e(rsa) != NULL); 130e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) 131e1051a39Sopenharmony_ci ok = ok && (RSA_get0_d(rsa) != NULL); 132e1051a39Sopenharmony_ci return ok; 133e1051a39Sopenharmony_ci} 134e1051a39Sopenharmony_ci 135e1051a39Sopenharmony_cistatic int rsa_match(const void *keydata1, const void *keydata2, int selection) 136e1051a39Sopenharmony_ci{ 137e1051a39Sopenharmony_ci const RSA *rsa1 = keydata1; 138e1051a39Sopenharmony_ci const RSA *rsa2 = keydata2; 139e1051a39Sopenharmony_ci int ok = 1; 140e1051a39Sopenharmony_ci 141e1051a39Sopenharmony_ci if (!ossl_prov_is_running()) 142e1051a39Sopenharmony_ci return 0; 143e1051a39Sopenharmony_ci 144e1051a39Sopenharmony_ci /* There is always an |e| */ 145e1051a39Sopenharmony_ci ok = ok && BN_cmp(RSA_get0_e(rsa1), RSA_get0_e(rsa2)) == 0; 146e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { 147e1051a39Sopenharmony_ci int key_checked = 0; 148e1051a39Sopenharmony_ci 149e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) { 150e1051a39Sopenharmony_ci const BIGNUM *pa = RSA_get0_n(rsa1); 151e1051a39Sopenharmony_ci const BIGNUM *pb = RSA_get0_n(rsa2); 152e1051a39Sopenharmony_ci 153e1051a39Sopenharmony_ci if (pa != NULL && pb != NULL) { 154e1051a39Sopenharmony_ci ok = ok && BN_cmp(pa, pb) == 0; 155e1051a39Sopenharmony_ci key_checked = 1; 156e1051a39Sopenharmony_ci } 157e1051a39Sopenharmony_ci } 158e1051a39Sopenharmony_ci if (!key_checked 159e1051a39Sopenharmony_ci && (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { 160e1051a39Sopenharmony_ci const BIGNUM *pa = RSA_get0_d(rsa1); 161e1051a39Sopenharmony_ci const BIGNUM *pb = RSA_get0_d(rsa2); 162e1051a39Sopenharmony_ci 163e1051a39Sopenharmony_ci if (pa != NULL && pb != NULL) { 164e1051a39Sopenharmony_ci ok = ok && BN_cmp(pa, pb) == 0; 165e1051a39Sopenharmony_ci key_checked = 1; 166e1051a39Sopenharmony_ci } 167e1051a39Sopenharmony_ci } 168e1051a39Sopenharmony_ci ok = ok && key_checked; 169e1051a39Sopenharmony_ci } 170e1051a39Sopenharmony_ci return ok; 171e1051a39Sopenharmony_ci} 172e1051a39Sopenharmony_ci 173e1051a39Sopenharmony_cistatic int rsa_import(void *keydata, int selection, const OSSL_PARAM params[]) 174e1051a39Sopenharmony_ci{ 175e1051a39Sopenharmony_ci RSA *rsa = keydata; 176e1051a39Sopenharmony_ci int rsa_type; 177e1051a39Sopenharmony_ci int ok = 1; 178e1051a39Sopenharmony_ci int pss_defaults_set = 0; 179e1051a39Sopenharmony_ci 180e1051a39Sopenharmony_ci if (!ossl_prov_is_running() || rsa == NULL) 181e1051a39Sopenharmony_ci return 0; 182e1051a39Sopenharmony_ci 183e1051a39Sopenharmony_ci if ((selection & RSA_POSSIBLE_SELECTIONS) == 0) 184e1051a39Sopenharmony_ci return 0; 185e1051a39Sopenharmony_ci 186e1051a39Sopenharmony_ci rsa_type = RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK); 187e1051a39Sopenharmony_ci 188e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) 189e1051a39Sopenharmony_ci ok = ok && pss_params_fromdata(ossl_rsa_get0_pss_params_30(rsa), 190e1051a39Sopenharmony_ci &pss_defaults_set, 191e1051a39Sopenharmony_ci params, rsa_type, 192e1051a39Sopenharmony_ci ossl_rsa_get0_libctx(rsa)); 193e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { 194e1051a39Sopenharmony_ci int include_private = 195e1051a39Sopenharmony_ci selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; 196e1051a39Sopenharmony_ci 197e1051a39Sopenharmony_ci ok = ok && ossl_rsa_fromdata(rsa, params, include_private); 198e1051a39Sopenharmony_ci } 199e1051a39Sopenharmony_ci 200e1051a39Sopenharmony_ci return ok; 201e1051a39Sopenharmony_ci} 202e1051a39Sopenharmony_ci 203e1051a39Sopenharmony_cistatic int rsa_export(void *keydata, int selection, 204e1051a39Sopenharmony_ci OSSL_CALLBACK *param_callback, void *cbarg) 205e1051a39Sopenharmony_ci{ 206e1051a39Sopenharmony_ci RSA *rsa = keydata; 207e1051a39Sopenharmony_ci const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); 208e1051a39Sopenharmony_ci OSSL_PARAM_BLD *tmpl; 209e1051a39Sopenharmony_ci OSSL_PARAM *params = NULL; 210e1051a39Sopenharmony_ci int ok = 1; 211e1051a39Sopenharmony_ci 212e1051a39Sopenharmony_ci if (!ossl_prov_is_running() || rsa == NULL) 213e1051a39Sopenharmony_ci return 0; 214e1051a39Sopenharmony_ci 215e1051a39Sopenharmony_ci if ((selection & RSA_POSSIBLE_SELECTIONS) == 0) 216e1051a39Sopenharmony_ci return 0; 217e1051a39Sopenharmony_ci 218e1051a39Sopenharmony_ci tmpl = OSSL_PARAM_BLD_new(); 219e1051a39Sopenharmony_ci if (tmpl == NULL) 220e1051a39Sopenharmony_ci return 0; 221e1051a39Sopenharmony_ci 222e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) 223e1051a39Sopenharmony_ci ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params) 224e1051a39Sopenharmony_ci || ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL)); 225e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { 226e1051a39Sopenharmony_ci int include_private = 227e1051a39Sopenharmony_ci selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY ? 1 : 0; 228e1051a39Sopenharmony_ci 229e1051a39Sopenharmony_ci ok = ok && ossl_rsa_todata(rsa, tmpl, NULL, include_private); 230e1051a39Sopenharmony_ci } 231e1051a39Sopenharmony_ci 232e1051a39Sopenharmony_ci if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) { 233e1051a39Sopenharmony_ci ok = 0; 234e1051a39Sopenharmony_ci goto err; 235e1051a39Sopenharmony_ci } 236e1051a39Sopenharmony_ci 237e1051a39Sopenharmony_ci ok = param_callback(params, cbarg); 238e1051a39Sopenharmony_ci OSSL_PARAM_free(params); 239e1051a39Sopenharmony_cierr: 240e1051a39Sopenharmony_ci OSSL_PARAM_BLD_free(tmpl); 241e1051a39Sopenharmony_ci return ok; 242e1051a39Sopenharmony_ci} 243e1051a39Sopenharmony_ci 244e1051a39Sopenharmony_ci#ifdef FIPS_MODULE 245e1051a39Sopenharmony_ci/* In fips mode there are no multi-primes. */ 246e1051a39Sopenharmony_ci# define RSA_KEY_MP_TYPES() \ 247e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), \ 248e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), \ 249e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), \ 250e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), \ 251e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), 252e1051a39Sopenharmony_ci#else 253e1051a39Sopenharmony_ci/* 254e1051a39Sopenharmony_ci * We allow up to 10 prime factors (starting with p, q). 255e1051a39Sopenharmony_ci * NOTE: there is only 9 OSSL_PKEY_PARAM_RSA_COEFFICIENT 256e1051a39Sopenharmony_ci */ 257e1051a39Sopenharmony_ci# define RSA_KEY_MP_TYPES() \ 258e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, NULL, 0), \ 259e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, NULL, 0), \ 260e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR3, NULL, 0), \ 261e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR4, NULL, 0), \ 262e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR5, NULL, 0), \ 263e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR6, NULL, 0), \ 264e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR7, NULL, 0), \ 265e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR8, NULL, 0), \ 266e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR9, NULL, 0), \ 267e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR10, NULL, 0), \ 268e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, NULL, 0), \ 269e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, NULL, 0), \ 270e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT3, NULL, 0), \ 271e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT4, NULL, 0), \ 272e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT5, NULL, 0), \ 273e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT6, NULL, 0), \ 274e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT7, NULL, 0), \ 275e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT8, NULL, 0), \ 276e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT9, NULL, 0), \ 277e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT10, NULL, 0), \ 278e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, NULL, 0), \ 279e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT2, NULL, 0), \ 280e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT3, NULL, 0), \ 281e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT4, NULL, 0), \ 282e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT5, NULL, 0), \ 283e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT6, NULL, 0), \ 284e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT7, NULL, 0), \ 285e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT8, NULL, 0), \ 286e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT9, NULL, 0), 287e1051a39Sopenharmony_ci#endif 288e1051a39Sopenharmony_ci 289e1051a39Sopenharmony_ci#define RSA_KEY_TYPES() \ 290e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), \ 291e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), \ 292e1051a39Sopenharmony_ciOSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, NULL, 0), \ 293e1051a39Sopenharmony_ciRSA_KEY_MP_TYPES() 294e1051a39Sopenharmony_ci 295e1051a39Sopenharmony_ci/* 296e1051a39Sopenharmony_ci * This provider can export everything in an RSA key, so we use the exact 297e1051a39Sopenharmony_ci * same type description for export as for import. Other providers might 298e1051a39Sopenharmony_ci * choose to import full keys, but only export the public parts, and will 299e1051a39Sopenharmony_ci * therefore have the importkey_types and importkey_types functions return 300e1051a39Sopenharmony_ci * different arrays. 301e1051a39Sopenharmony_ci */ 302e1051a39Sopenharmony_cistatic const OSSL_PARAM rsa_key_types[] = { 303e1051a39Sopenharmony_ci RSA_KEY_TYPES() 304e1051a39Sopenharmony_ci OSSL_PARAM_END 305e1051a39Sopenharmony_ci}; 306e1051a39Sopenharmony_ci/* 307e1051a39Sopenharmony_ci * We lied about the amount of factors, exponents and coefficients, the 308e1051a39Sopenharmony_ci * export and import functions can really deal with an infinite amount 309e1051a39Sopenharmony_ci * of these numbers. However, RSA keys with too many primes are futile, 310e1051a39Sopenharmony_ci * so we at least pretend to have some limits. 311e1051a39Sopenharmony_ci */ 312e1051a39Sopenharmony_ci 313e1051a39Sopenharmony_cistatic const OSSL_PARAM *rsa_imexport_types(int selection) 314e1051a39Sopenharmony_ci{ 315e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) 316e1051a39Sopenharmony_ci return rsa_key_types; 317e1051a39Sopenharmony_ci return NULL; 318e1051a39Sopenharmony_ci} 319e1051a39Sopenharmony_ci 320e1051a39Sopenharmony_cistatic const OSSL_PARAM *rsa_import_types(int selection) 321e1051a39Sopenharmony_ci{ 322e1051a39Sopenharmony_ci return rsa_imexport_types(selection); 323e1051a39Sopenharmony_ci} 324e1051a39Sopenharmony_ci 325e1051a39Sopenharmony_cistatic const OSSL_PARAM *rsa_export_types(int selection) 326e1051a39Sopenharmony_ci{ 327e1051a39Sopenharmony_ci return rsa_imexport_types(selection); 328e1051a39Sopenharmony_ci} 329e1051a39Sopenharmony_ci 330e1051a39Sopenharmony_cistatic int rsa_get_params(void *key, OSSL_PARAM params[]) 331e1051a39Sopenharmony_ci{ 332e1051a39Sopenharmony_ci RSA *rsa = key; 333e1051a39Sopenharmony_ci const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); 334e1051a39Sopenharmony_ci int rsa_type = RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK); 335e1051a39Sopenharmony_ci OSSL_PARAM *p; 336e1051a39Sopenharmony_ci int empty = RSA_get0_n(rsa) == NULL; 337e1051a39Sopenharmony_ci 338e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL 339e1051a39Sopenharmony_ci && (empty || !OSSL_PARAM_set_int(p, RSA_bits(rsa)))) 340e1051a39Sopenharmony_ci return 0; 341e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL 342e1051a39Sopenharmony_ci && (empty || !OSSL_PARAM_set_int(p, RSA_security_bits(rsa)))) 343e1051a39Sopenharmony_ci return 0; 344e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL 345e1051a39Sopenharmony_ci && (empty || !OSSL_PARAM_set_int(p, RSA_size(rsa)))) 346e1051a39Sopenharmony_ci return 0; 347e1051a39Sopenharmony_ci 348e1051a39Sopenharmony_ci /* 349e1051a39Sopenharmony_ci * For restricted RSA-PSS keys, we ignore the default digest request. 350e1051a39Sopenharmony_ci * With RSA-OAEP keys, this may need to be amended. 351e1051a39Sopenharmony_ci */ 352e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL 353e1051a39Sopenharmony_ci && (rsa_type != RSA_FLAG_TYPE_RSASSAPSS 354e1051a39Sopenharmony_ci || ossl_rsa_pss_params_30_is_unrestricted(pss_params))) { 355e1051a39Sopenharmony_ci if (!OSSL_PARAM_set_utf8_string(p, RSA_DEFAULT_MD)) 356e1051a39Sopenharmony_ci return 0; 357e1051a39Sopenharmony_ci } 358e1051a39Sopenharmony_ci 359e1051a39Sopenharmony_ci /* 360e1051a39Sopenharmony_ci * For non-RSA-PSS keys, we ignore the mandatory digest request. 361e1051a39Sopenharmony_ci * With RSA-OAEP keys, this may need to be amended. 362e1051a39Sopenharmony_ci */ 363e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate(params, 364e1051a39Sopenharmony_ci OSSL_PKEY_PARAM_MANDATORY_DIGEST)) != NULL 365e1051a39Sopenharmony_ci && rsa_type == RSA_FLAG_TYPE_RSASSAPSS 366e1051a39Sopenharmony_ci && !ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { 367e1051a39Sopenharmony_ci const char *mdname = 368e1051a39Sopenharmony_ci ossl_rsa_oaeppss_nid2name(ossl_rsa_pss_params_30_hashalg(pss_params)); 369e1051a39Sopenharmony_ci 370e1051a39Sopenharmony_ci if (mdname == NULL || !OSSL_PARAM_set_utf8_string(p, mdname)) 371e1051a39Sopenharmony_ci return 0; 372e1051a39Sopenharmony_ci } 373e1051a39Sopenharmony_ci return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS 374e1051a39Sopenharmony_ci || ossl_rsa_pss_params_30_todata(pss_params, NULL, params)) 375e1051a39Sopenharmony_ci && ossl_rsa_todata(rsa, NULL, params, 1); 376e1051a39Sopenharmony_ci} 377e1051a39Sopenharmony_ci 378e1051a39Sopenharmony_cistatic const OSSL_PARAM rsa_params[] = { 379e1051a39Sopenharmony_ci OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL), 380e1051a39Sopenharmony_ci OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), 381e1051a39Sopenharmony_ci OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), 382e1051a39Sopenharmony_ci OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST, NULL, 0), 383e1051a39Sopenharmony_ci RSA_KEY_TYPES() 384e1051a39Sopenharmony_ci OSSL_PARAM_END 385e1051a39Sopenharmony_ci}; 386e1051a39Sopenharmony_ci 387e1051a39Sopenharmony_cistatic const OSSL_PARAM *rsa_gettable_params(void *provctx) 388e1051a39Sopenharmony_ci{ 389e1051a39Sopenharmony_ci return rsa_params; 390e1051a39Sopenharmony_ci} 391e1051a39Sopenharmony_ci 392e1051a39Sopenharmony_cistatic int rsa_validate(const void *keydata, int selection, int checktype) 393e1051a39Sopenharmony_ci{ 394e1051a39Sopenharmony_ci const RSA *rsa = keydata; 395e1051a39Sopenharmony_ci int ok = 1; 396e1051a39Sopenharmony_ci 397e1051a39Sopenharmony_ci if (!ossl_prov_is_running()) 398e1051a39Sopenharmony_ci return 0; 399e1051a39Sopenharmony_ci 400e1051a39Sopenharmony_ci if ((selection & RSA_POSSIBLE_SELECTIONS) == 0) 401e1051a39Sopenharmony_ci return 1; /* nothing to validate */ 402e1051a39Sopenharmony_ci 403e1051a39Sopenharmony_ci /* If the whole key is selected, we do a pairwise validation */ 404e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) 405e1051a39Sopenharmony_ci == OSSL_KEYMGMT_SELECT_KEYPAIR) { 406e1051a39Sopenharmony_ci ok = ok && ossl_rsa_validate_pairwise(rsa); 407e1051a39Sopenharmony_ci } else { 408e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) 409e1051a39Sopenharmony_ci ok = ok && ossl_rsa_validate_private(rsa); 410e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) 411e1051a39Sopenharmony_ci ok = ok && ossl_rsa_validate_public(rsa); 412e1051a39Sopenharmony_ci } 413e1051a39Sopenharmony_ci return ok; 414e1051a39Sopenharmony_ci} 415e1051a39Sopenharmony_ci 416e1051a39Sopenharmony_cistruct rsa_gen_ctx { 417e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx; 418e1051a39Sopenharmony_ci const char *propq; 419e1051a39Sopenharmony_ci 420e1051a39Sopenharmony_ci int rsa_type; 421e1051a39Sopenharmony_ci 422e1051a39Sopenharmony_ci size_t nbits; 423e1051a39Sopenharmony_ci BIGNUM *pub_exp; 424e1051a39Sopenharmony_ci size_t primes; 425e1051a39Sopenharmony_ci 426e1051a39Sopenharmony_ci /* For PSS */ 427e1051a39Sopenharmony_ci RSA_PSS_PARAMS_30 pss_params; 428e1051a39Sopenharmony_ci int pss_defaults_set; 429e1051a39Sopenharmony_ci 430e1051a39Sopenharmony_ci /* For generation callback */ 431e1051a39Sopenharmony_ci OSSL_CALLBACK *cb; 432e1051a39Sopenharmony_ci void *cbarg; 433e1051a39Sopenharmony_ci 434e1051a39Sopenharmony_ci#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) 435e1051a39Sopenharmony_ci /* ACVP test parameters */ 436e1051a39Sopenharmony_ci OSSL_PARAM *acvp_test_params; 437e1051a39Sopenharmony_ci#endif 438e1051a39Sopenharmony_ci}; 439e1051a39Sopenharmony_ci 440e1051a39Sopenharmony_cistatic int rsa_gencb(int p, int n, BN_GENCB *cb) 441e1051a39Sopenharmony_ci{ 442e1051a39Sopenharmony_ci struct rsa_gen_ctx *gctx = BN_GENCB_get_arg(cb); 443e1051a39Sopenharmony_ci OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END }; 444e1051a39Sopenharmony_ci 445e1051a39Sopenharmony_ci params[0] = OSSL_PARAM_construct_int(OSSL_GEN_PARAM_POTENTIAL, &p); 446e1051a39Sopenharmony_ci params[1] = OSSL_PARAM_construct_int(OSSL_GEN_PARAM_ITERATION, &n); 447e1051a39Sopenharmony_ci return gctx->cb(params, gctx->cbarg); 448e1051a39Sopenharmony_ci} 449e1051a39Sopenharmony_ci 450e1051a39Sopenharmony_cistatic void *gen_init(void *provctx, int selection, int rsa_type, 451e1051a39Sopenharmony_ci const OSSL_PARAM params[]) 452e1051a39Sopenharmony_ci{ 453e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); 454e1051a39Sopenharmony_ci struct rsa_gen_ctx *gctx = NULL; 455e1051a39Sopenharmony_ci 456e1051a39Sopenharmony_ci if (!ossl_prov_is_running()) 457e1051a39Sopenharmony_ci return NULL; 458e1051a39Sopenharmony_ci 459e1051a39Sopenharmony_ci if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) 460e1051a39Sopenharmony_ci return NULL; 461e1051a39Sopenharmony_ci 462e1051a39Sopenharmony_ci if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) { 463e1051a39Sopenharmony_ci gctx->libctx = libctx; 464e1051a39Sopenharmony_ci if ((gctx->pub_exp = BN_new()) == NULL 465e1051a39Sopenharmony_ci || !BN_set_word(gctx->pub_exp, RSA_F4)) { 466e1051a39Sopenharmony_ci goto err; 467e1051a39Sopenharmony_ci } 468e1051a39Sopenharmony_ci gctx->nbits = 2048; 469e1051a39Sopenharmony_ci gctx->primes = RSA_DEFAULT_PRIME_NUM; 470e1051a39Sopenharmony_ci gctx->rsa_type = rsa_type; 471e1051a39Sopenharmony_ci } else { 472e1051a39Sopenharmony_ci goto err; 473e1051a39Sopenharmony_ci } 474e1051a39Sopenharmony_ci 475e1051a39Sopenharmony_ci if (!rsa_gen_set_params(gctx, params)) 476e1051a39Sopenharmony_ci goto err; 477e1051a39Sopenharmony_ci return gctx; 478e1051a39Sopenharmony_ci 479e1051a39Sopenharmony_cierr: 480e1051a39Sopenharmony_ci if (gctx != NULL) 481e1051a39Sopenharmony_ci BN_free(gctx->pub_exp); 482e1051a39Sopenharmony_ci OPENSSL_free(gctx); 483e1051a39Sopenharmony_ci return NULL; 484e1051a39Sopenharmony_ci} 485e1051a39Sopenharmony_ci 486e1051a39Sopenharmony_cistatic void *rsa_gen_init(void *provctx, int selection, 487e1051a39Sopenharmony_ci const OSSL_PARAM params[]) 488e1051a39Sopenharmony_ci{ 489e1051a39Sopenharmony_ci return gen_init(provctx, selection, RSA_FLAG_TYPE_RSA, params); 490e1051a39Sopenharmony_ci} 491e1051a39Sopenharmony_ci 492e1051a39Sopenharmony_cistatic void *rsapss_gen_init(void *provctx, int selection, 493e1051a39Sopenharmony_ci const OSSL_PARAM params[]) 494e1051a39Sopenharmony_ci{ 495e1051a39Sopenharmony_ci return gen_init(provctx, selection, RSA_FLAG_TYPE_RSASSAPSS, params); 496e1051a39Sopenharmony_ci} 497e1051a39Sopenharmony_ci 498e1051a39Sopenharmony_ci/* 499e1051a39Sopenharmony_ci * This function is common for all RSA sub-types, to detect possible 500e1051a39Sopenharmony_ci * misuse, such as PSS parameters being passed when a plain RSA key 501e1051a39Sopenharmony_ci * is generated. 502e1051a39Sopenharmony_ci */ 503e1051a39Sopenharmony_cistatic int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) 504e1051a39Sopenharmony_ci{ 505e1051a39Sopenharmony_ci struct rsa_gen_ctx *gctx = genctx; 506e1051a39Sopenharmony_ci const OSSL_PARAM *p; 507e1051a39Sopenharmony_ci 508e1051a39Sopenharmony_ci if (params == NULL) 509e1051a39Sopenharmony_ci return 1; 510e1051a39Sopenharmony_ci 511e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_BITS)) != NULL) { 512e1051a39Sopenharmony_ci if (!OSSL_PARAM_get_size_t(p, &gctx->nbits)) 513e1051a39Sopenharmony_ci return 0; 514e1051a39Sopenharmony_ci if (gctx->nbits < RSA_MIN_MODULUS_BITS) { 515e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); 516e1051a39Sopenharmony_ci return 0; 517e1051a39Sopenharmony_ci } 518e1051a39Sopenharmony_ci } 519e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_PRIMES)) != NULL 520e1051a39Sopenharmony_ci && !OSSL_PARAM_get_size_t(p, &gctx->primes)) 521e1051a39Sopenharmony_ci return 0; 522e1051a39Sopenharmony_ci if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_E)) != NULL 523e1051a39Sopenharmony_ci && !OSSL_PARAM_get_BN(p, &gctx->pub_exp)) 524e1051a39Sopenharmony_ci return 0; 525e1051a39Sopenharmony_ci /* Only attempt to get PSS parameters when generating an RSA-PSS key */ 526e1051a39Sopenharmony_ci if (gctx->rsa_type == RSA_FLAG_TYPE_RSASSAPSS 527e1051a39Sopenharmony_ci && !pss_params_fromdata(&gctx->pss_params, &gctx->pss_defaults_set, params, 528e1051a39Sopenharmony_ci gctx->rsa_type, gctx->libctx)) 529e1051a39Sopenharmony_ci return 0; 530e1051a39Sopenharmony_ci#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) 531e1051a39Sopenharmony_ci /* Any ACVP test related parameters are copied into a params[] */ 532e1051a39Sopenharmony_ci if (!ossl_rsa_acvp_test_gen_params_new(&gctx->acvp_test_params, params)) 533e1051a39Sopenharmony_ci return 0; 534e1051a39Sopenharmony_ci#endif 535e1051a39Sopenharmony_ci return 1; 536e1051a39Sopenharmony_ci} 537e1051a39Sopenharmony_ci 538e1051a39Sopenharmony_ci#define rsa_gen_basic \ 539e1051a39Sopenharmony_ci OSSL_PARAM_size_t(OSSL_PKEY_PARAM_RSA_BITS, NULL), \ 540e1051a39Sopenharmony_ci OSSL_PARAM_size_t(OSSL_PKEY_PARAM_RSA_PRIMES, NULL), \ 541e1051a39Sopenharmony_ci OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0) 542e1051a39Sopenharmony_ci 543e1051a39Sopenharmony_ci/* 544e1051a39Sopenharmony_ci * The following must be kept in sync with ossl_rsa_pss_params_30_fromdata() 545e1051a39Sopenharmony_ci * in crypto/rsa/rsa_backend.c 546e1051a39Sopenharmony_ci */ 547e1051a39Sopenharmony_ci#define rsa_gen_pss \ 548e1051a39Sopenharmony_ci OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST, NULL, 0), \ 549e1051a39Sopenharmony_ci OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST_PROPS, NULL, 0), \ 550e1051a39Sopenharmony_ci OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MASKGENFUNC, NULL, 0), \ 551e1051a39Sopenharmony_ci OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MGF1_DIGEST, NULL, 0), \ 552e1051a39Sopenharmony_ci OSSL_PARAM_int(OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, NULL) 553e1051a39Sopenharmony_ci 554e1051a39Sopenharmony_cistatic const OSSL_PARAM *rsa_gen_settable_params(ossl_unused void *genctx, 555e1051a39Sopenharmony_ci ossl_unused void *provctx) 556e1051a39Sopenharmony_ci{ 557e1051a39Sopenharmony_ci static OSSL_PARAM settable[] = { 558e1051a39Sopenharmony_ci rsa_gen_basic, 559e1051a39Sopenharmony_ci OSSL_PARAM_END 560e1051a39Sopenharmony_ci }; 561e1051a39Sopenharmony_ci 562e1051a39Sopenharmony_ci return settable; 563e1051a39Sopenharmony_ci} 564e1051a39Sopenharmony_ci 565e1051a39Sopenharmony_cistatic const OSSL_PARAM *rsapss_gen_settable_params(ossl_unused void *genctx, 566e1051a39Sopenharmony_ci ossl_unused void *provctx) 567e1051a39Sopenharmony_ci{ 568e1051a39Sopenharmony_ci static OSSL_PARAM settable[] = { 569e1051a39Sopenharmony_ci rsa_gen_basic, 570e1051a39Sopenharmony_ci rsa_gen_pss, 571e1051a39Sopenharmony_ci OSSL_PARAM_END 572e1051a39Sopenharmony_ci }; 573e1051a39Sopenharmony_ci 574e1051a39Sopenharmony_ci return settable; 575e1051a39Sopenharmony_ci} 576e1051a39Sopenharmony_ci 577e1051a39Sopenharmony_cistatic void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) 578e1051a39Sopenharmony_ci{ 579e1051a39Sopenharmony_ci struct rsa_gen_ctx *gctx = genctx; 580e1051a39Sopenharmony_ci RSA *rsa = NULL, *rsa_tmp = NULL; 581e1051a39Sopenharmony_ci BN_GENCB *gencb = NULL; 582e1051a39Sopenharmony_ci 583e1051a39Sopenharmony_ci if (!ossl_prov_is_running() || gctx == NULL) 584e1051a39Sopenharmony_ci return NULL; 585e1051a39Sopenharmony_ci 586e1051a39Sopenharmony_ci switch (gctx->rsa_type) { 587e1051a39Sopenharmony_ci case RSA_FLAG_TYPE_RSA: 588e1051a39Sopenharmony_ci /* For plain RSA keys, PSS parameters must not be set */ 589e1051a39Sopenharmony_ci if (!ossl_rsa_pss_params_30_is_unrestricted(&gctx->pss_params)) 590e1051a39Sopenharmony_ci goto err; 591e1051a39Sopenharmony_ci break; 592e1051a39Sopenharmony_ci case RSA_FLAG_TYPE_RSASSAPSS: 593e1051a39Sopenharmony_ci /* 594e1051a39Sopenharmony_ci * For plain RSA-PSS keys, PSS parameters may be set but don't have 595e1051a39Sopenharmony_ci * to, so not check. 596e1051a39Sopenharmony_ci */ 597e1051a39Sopenharmony_ci break; 598e1051a39Sopenharmony_ci default: 599e1051a39Sopenharmony_ci /* Unsupported RSA key sub-type... */ 600e1051a39Sopenharmony_ci return NULL; 601e1051a39Sopenharmony_ci } 602e1051a39Sopenharmony_ci 603e1051a39Sopenharmony_ci if ((rsa_tmp = ossl_rsa_new_with_ctx(gctx->libctx)) == NULL) 604e1051a39Sopenharmony_ci return NULL; 605e1051a39Sopenharmony_ci 606e1051a39Sopenharmony_ci gctx->cb = osslcb; 607e1051a39Sopenharmony_ci gctx->cbarg = cbarg; 608e1051a39Sopenharmony_ci gencb = BN_GENCB_new(); 609e1051a39Sopenharmony_ci if (gencb != NULL) 610e1051a39Sopenharmony_ci BN_GENCB_set(gencb, rsa_gencb, genctx); 611e1051a39Sopenharmony_ci 612e1051a39Sopenharmony_ci#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) 613e1051a39Sopenharmony_ci if (gctx->acvp_test_params != NULL) { 614e1051a39Sopenharmony_ci if (!ossl_rsa_acvp_test_set_params(rsa_tmp, gctx->acvp_test_params)) 615e1051a39Sopenharmony_ci goto err; 616e1051a39Sopenharmony_ci } 617e1051a39Sopenharmony_ci#endif 618e1051a39Sopenharmony_ci 619e1051a39Sopenharmony_ci if (!RSA_generate_multi_prime_key(rsa_tmp, 620e1051a39Sopenharmony_ci (int)gctx->nbits, (int)gctx->primes, 621e1051a39Sopenharmony_ci gctx->pub_exp, gencb)) 622e1051a39Sopenharmony_ci goto err; 623e1051a39Sopenharmony_ci 624e1051a39Sopenharmony_ci if (!ossl_rsa_pss_params_30_copy(ossl_rsa_get0_pss_params_30(rsa_tmp), 625e1051a39Sopenharmony_ci &gctx->pss_params)) 626e1051a39Sopenharmony_ci goto err; 627e1051a39Sopenharmony_ci 628e1051a39Sopenharmony_ci RSA_clear_flags(rsa_tmp, RSA_FLAG_TYPE_MASK); 629e1051a39Sopenharmony_ci RSA_set_flags(rsa_tmp, gctx->rsa_type); 630e1051a39Sopenharmony_ci 631e1051a39Sopenharmony_ci rsa = rsa_tmp; 632e1051a39Sopenharmony_ci rsa_tmp = NULL; 633e1051a39Sopenharmony_ci err: 634e1051a39Sopenharmony_ci BN_GENCB_free(gencb); 635e1051a39Sopenharmony_ci RSA_free(rsa_tmp); 636e1051a39Sopenharmony_ci return rsa; 637e1051a39Sopenharmony_ci} 638e1051a39Sopenharmony_ci 639e1051a39Sopenharmony_cistatic void rsa_gen_cleanup(void *genctx) 640e1051a39Sopenharmony_ci{ 641e1051a39Sopenharmony_ci struct rsa_gen_ctx *gctx = genctx; 642e1051a39Sopenharmony_ci 643e1051a39Sopenharmony_ci if (gctx == NULL) 644e1051a39Sopenharmony_ci return; 645e1051a39Sopenharmony_ci#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) 646e1051a39Sopenharmony_ci ossl_rsa_acvp_test_gen_params_free(gctx->acvp_test_params); 647e1051a39Sopenharmony_ci gctx->acvp_test_params = NULL; 648e1051a39Sopenharmony_ci#endif 649e1051a39Sopenharmony_ci BN_clear_free(gctx->pub_exp); 650e1051a39Sopenharmony_ci OPENSSL_free(gctx); 651e1051a39Sopenharmony_ci} 652e1051a39Sopenharmony_ci 653e1051a39Sopenharmony_cistatic void *common_load(const void *reference, size_t reference_sz, 654e1051a39Sopenharmony_ci int expected_rsa_type) 655e1051a39Sopenharmony_ci{ 656e1051a39Sopenharmony_ci RSA *rsa = NULL; 657e1051a39Sopenharmony_ci 658e1051a39Sopenharmony_ci if (ossl_prov_is_running() && reference_sz == sizeof(rsa)) { 659e1051a39Sopenharmony_ci /* The contents of the reference is the address to our object */ 660e1051a39Sopenharmony_ci rsa = *(RSA **)reference; 661e1051a39Sopenharmony_ci 662e1051a39Sopenharmony_ci if (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK) != expected_rsa_type) 663e1051a39Sopenharmony_ci return NULL; 664e1051a39Sopenharmony_ci 665e1051a39Sopenharmony_ci /* We grabbed, so we detach it */ 666e1051a39Sopenharmony_ci *(RSA **)reference = NULL; 667e1051a39Sopenharmony_ci return rsa; 668e1051a39Sopenharmony_ci } 669e1051a39Sopenharmony_ci return NULL; 670e1051a39Sopenharmony_ci} 671e1051a39Sopenharmony_ci 672e1051a39Sopenharmony_cistatic void *rsa_load(const void *reference, size_t reference_sz) 673e1051a39Sopenharmony_ci{ 674e1051a39Sopenharmony_ci return common_load(reference, reference_sz, RSA_FLAG_TYPE_RSA); 675e1051a39Sopenharmony_ci} 676e1051a39Sopenharmony_ci 677e1051a39Sopenharmony_cistatic void *rsapss_load(const void *reference, size_t reference_sz) 678e1051a39Sopenharmony_ci{ 679e1051a39Sopenharmony_ci return common_load(reference, reference_sz, RSA_FLAG_TYPE_RSASSAPSS); 680e1051a39Sopenharmony_ci} 681e1051a39Sopenharmony_ci 682e1051a39Sopenharmony_cistatic void *rsa_dup(const void *keydata_from, int selection) 683e1051a39Sopenharmony_ci{ 684e1051a39Sopenharmony_ci if (ossl_prov_is_running() 685e1051a39Sopenharmony_ci /* do not allow creating empty keys by duplication */ 686e1051a39Sopenharmony_ci && (selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) 687e1051a39Sopenharmony_ci return ossl_rsa_dup(keydata_from, selection); 688e1051a39Sopenharmony_ci return NULL; 689e1051a39Sopenharmony_ci} 690e1051a39Sopenharmony_ci 691e1051a39Sopenharmony_ci/* For any RSA key, we use the "RSA" algorithms regardless of sub-type. */ 692e1051a39Sopenharmony_cistatic const char *rsa_query_operation_name(int operation_id) 693e1051a39Sopenharmony_ci{ 694e1051a39Sopenharmony_ci return "RSA"; 695e1051a39Sopenharmony_ci} 696e1051a39Sopenharmony_ci 697e1051a39Sopenharmony_ciconst OSSL_DISPATCH ossl_rsa_keymgmt_functions[] = { 698e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))rsa_newdata }, 699e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))rsa_gen_init }, 700e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, 701e1051a39Sopenharmony_ci (void (*)(void))rsa_gen_set_params }, 702e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, 703e1051a39Sopenharmony_ci (void (*)(void))rsa_gen_settable_params }, 704e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))rsa_gen }, 705e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))rsa_gen_cleanup }, 706e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))rsa_load }, 707e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))rsa_freedata }, 708e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))rsa_get_params }, 709e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))rsa_gettable_params }, 710e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))rsa_has }, 711e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))rsa_match }, 712e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))rsa_validate }, 713e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))rsa_import }, 714e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))rsa_import_types }, 715e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))rsa_export }, 716e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))rsa_export_types }, 717e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))rsa_dup }, 718e1051a39Sopenharmony_ci { 0, NULL } 719e1051a39Sopenharmony_ci}; 720e1051a39Sopenharmony_ci 721e1051a39Sopenharmony_ciconst OSSL_DISPATCH ossl_rsapss_keymgmt_functions[] = { 722e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))rsapss_newdata }, 723e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))rsapss_gen_init }, 724e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))rsa_gen_set_params }, 725e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS, 726e1051a39Sopenharmony_ci (void (*)(void))rsapss_gen_settable_params }, 727e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))rsa_gen }, 728e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))rsa_gen_cleanup }, 729e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))rsapss_load }, 730e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))rsa_freedata }, 731e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))rsa_get_params }, 732e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))rsa_gettable_params }, 733e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))rsa_has }, 734e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))rsa_match }, 735e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))rsa_validate }, 736e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))rsa_import }, 737e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))rsa_import_types }, 738e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))rsa_export }, 739e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))rsa_export_types }, 740e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME, 741e1051a39Sopenharmony_ci (void (*)(void))rsa_query_operation_name }, 742e1051a39Sopenharmony_ci { OSSL_FUNC_KEYMGMT_DUP, (void (*)(void))rsa_dup }, 743e1051a39Sopenharmony_ci { 0, NULL } 744e1051a39Sopenharmony_ci}; 745