1/*
2 * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/bn.h>
13#include <openssl/x509.h>
14#include <openssl/asn1t.h>
15#include "rsa_local.h"
16
17/*
18 * Override the default free and new methods,
19 * and calculate helper products for multi-prime
20 * RSA keys.
21 */
22static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
23 void *exarg)
24{
25 if (operation == ASN1_OP_NEW_PRE) {
26 *pval = (ASN1_VALUE *)RSA_new();
27 if (*pval != NULL)
28 return 2;
29 return 0;
30 } else if (operation == ASN1_OP_FREE_PRE) {
31 RSA_free((RSA *)*pval);
32 *pval = NULL;
33 return 2;
34 } else if (operation == ASN1_OP_D2I_POST) {
35 if (((RSA *)*pval)->version != RSA_ASN1_VERSION_MULTI) {
36 /* not a multi-prime key, skip */
37 return 1;
38 }
39 return (rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0;
40 }
41 return 1;
42}
43
44/* Based on definitions in RFC 8017 appendix A.1.2 */
45ASN1_SEQUENCE(RSA_PRIME_INFO) = {
46 ASN1_SIMPLE(RSA_PRIME_INFO, r, CBIGNUM),
47 ASN1_SIMPLE(RSA_PRIME_INFO, d, CBIGNUM),
48 ASN1_SIMPLE(RSA_PRIME_INFO, t, CBIGNUM),
49} ASN1_SEQUENCE_END(RSA_PRIME_INFO)
50
51ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
52 ASN1_EMBED(RSA, version, INT32),
53 ASN1_SIMPLE(RSA, n, BIGNUM),
54 ASN1_SIMPLE(RSA, e, BIGNUM),
55 ASN1_SIMPLE(RSA, d, CBIGNUM),
56 ASN1_SIMPLE(RSA, p, CBIGNUM),
57 ASN1_SIMPLE(RSA, q, CBIGNUM),
58 ASN1_SIMPLE(RSA, dmp1, CBIGNUM),
59 ASN1_SIMPLE(RSA, dmq1, CBIGNUM),
60 ASN1_SIMPLE(RSA, iqmp, CBIGNUM),
61 ASN1_SEQUENCE_OF_OPT(RSA, prime_infos, RSA_PRIME_INFO)
62} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
63
64
65ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
66 ASN1_SIMPLE(RSA, n, BIGNUM),
67 ASN1_SIMPLE(RSA, e, BIGNUM),
68} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
69
70/* Free up maskHash */
71static int rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
72 void *exarg)
73{
74 if (operation == ASN1_OP_FREE_PRE) {
75 RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval;
76 X509_ALGOR_free(pss->maskHash);
77 }
78 return 1;
79}
80
81ASN1_SEQUENCE_cb(RSA_PSS_PARAMS, rsa_pss_cb) = {
82 ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
83 ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
84 ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
85 ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
86} ASN1_SEQUENCE_END_cb(RSA_PSS_PARAMS, RSA_PSS_PARAMS)
87
88IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
89
90/* Free up maskHash */
91static int rsa_oaep_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
92 void *exarg)
93{
94 if (operation == ASN1_OP_FREE_PRE) {
95 RSA_OAEP_PARAMS *oaep = (RSA_OAEP_PARAMS *)*pval;
96 X509_ALGOR_free(oaep->maskHash);
97 }
98 return 1;
99}
100
101ASN1_SEQUENCE_cb(RSA_OAEP_PARAMS, rsa_oaep_cb) = {
102 ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0),
103 ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1),
104 ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2),
105} ASN1_SEQUENCE_END_cb(RSA_OAEP_PARAMS, RSA_OAEP_PARAMS)
106
107IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
108
109IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPrivateKey, RSAPrivateKey)
110
111IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(RSA, RSAPublicKey, RSAPublicKey)
112
113RSA *RSAPublicKey_dup(const RSA *rsa)
114{
115 return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
116}
117
118RSA *RSAPrivateKey_dup(const RSA *rsa)
119{
120 return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
121}
122