static LUA_FUNCTION(openssl_rsa_parse)
{
const BIGNUM *n = NULL, *e = NULL, *d = NULL;
const BIGNUM *p = NULL, *q = NULL;
const BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
RSA* rsa = CHECK_OBJECT(1, RSA, "openssl.rsa");
RSA_get0_key(rsa, &n, &e, &d);
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
lua_newtable(L);
lua_pushinteger(L, RSA_size(rsa));
lua_setfield(L, -2, "size");
lua_pushinteger(L, RSA_bits(rsa));
lua_setfield(L, -2, "bits");
OPENSSL_PKEY_GET_BN(n, n);
OPENSSL_PKEY_GET_BN(e, e);
OPENSSL_PKEY_GET_BN(d, d);
OPENSSL_PKEY_GET_BN(p, p);
OPENSSL_PKEY_GET_BN(q, q);
OPENSSL_PKEY_GET_BN(dmp1, dmp1);
OPENSSL_PKEY_GET_BN(dmq1, dmq1);
OPENSSL_PKEY_GET_BN(iqmp, iqmp);
return 1;
}
int RSA_get_RSAPUBLICKEYBLOB(RSA *rsa, RSAPUBLICKEYBLOB *blob)
{
const BIGNUM *n;
const BIGNUM *e;
if (!rsa || !blob) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
RSA_get0_key(rsa, &n, &e, NULL);
if (!n || !e) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
if (RSA_bits(rsa) > sizeof(blob->Modulus) * 8
|| RSA_bits(rsa) % 8 != 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
GMAPI_R_INVALID_RSA_PUBLIC_KEY);
return 0;
}
memset(blob, 0, sizeof(RSAPUBLICKEYBLOB));
blob->AlgID = SGD_RSA;
blob->BitLen = RSA_bits(rsa);
if (BN_bn2bin(n, blob->Modulus +
sizeof(blob->Modulus) - BN_num_bytes(n)) <= 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED);
return 0;
}
if (BN_bn2bin(e, blob->PublicExponent +
sizeof(blob->PublicExponent) - BN_num_bytes(e)) <= 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPUBLICKEYBLOB,
GMAPI_R_ENCODE_RSA_PUBLIC_KEY_FAILED);
return 0;
}
return 1;
}
static int pkey_pss_init(EVP_PKEY_CTX *ctx)
{
RSA *rsa;
RSA_PKEY_CTX *rctx = ctx->data;
const EVP_MD *md;
const EVP_MD *mgf1md;
int min_saltlen, max_saltlen;
/* Should never happen */
if (!pkey_ctx_is_pss(ctx))
return 0;
rsa = ctx->pkey->pkey.rsa;
/* If no restrictions just return */
if (rsa->pss == NULL)
return 1;
/* Get and check parameters */
if (!rsa_pss_get_param(rsa->pss, &md, &mgf1md, &min_saltlen))
return 0;
/* See if minumum salt length exceeds maximum possible */
max_saltlen = RSA_size(rsa) - EVP_MD_size(md);
if ((RSA_bits(rsa) & 0x7) == 1)
max_saltlen--;
if (min_saltlen > max_saltlen) {
RSAerr(RSA_F_PKEY_PSS_INIT, RSA_R_INVALID_SALT_LENGTH);
return 0;
}
rctx->min_saltlen = min_saltlen;
/*
* Set PSS restrictions as defaults: we can then block any attempt to
* use invalid values in pkey_rsa_ctrl
*/
rctx->md = md;
rctx->mgf1md = mgf1md;
rctx->saltlen = min_saltlen;
return 1;
}
static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
{
int nbyte, hnbyte;
BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1;
nbyte = RSA_size(rsa);
hnbyte = (RSA_bits(rsa) + 15) >> 4;
RSA_get0_key(rsa, &e, &n, &d);
write_lebn(out, e, 4);
write_lebn(out, n, -1);
if (ispub)
return;
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
write_lebn(out, p, hnbyte);
write_lebn(out, q, hnbyte);
write_lebn(out, dmp1, hnbyte);
write_lebn(out, dmq1, hnbyte);
write_lebn(out, iqmp, hnbyte);
write_lebn(out, d, nbyte);
}
static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
{
int nbyte, hnbyte, bitlen;
BIGNUM *e;
RSA_get0_key(rsa, &e, NULL, NULL);
if (BN_num_bits(e) > 32)
goto badkey;
bitlen = RSA_bits(rsa);
nbyte = RSA_size(rsa);
hnbyte = (bitlen + 15) >> 4;
if (ispub) {
*pmagic = MS_RSA1MAGIC;
return bitlen;
} else {
BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1;
*pmagic = MS_RSA2MAGIC;
/*
* For private key each component must fit within nbyte or hnbyte.
*/
RSA_get0_key(rsa, NULL, NULL, &d);
if (BN_num_bytes(d) > nbyte)
goto badkey;
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
if ((BN_num_bytes(iqmp) > hnbyte)
|| (BN_num_bytes(p) > hnbyte)
|| (BN_num_bytes(q) > hnbyte)
|| (BN_num_bytes(dmp1) > hnbyte)
|| (BN_num_bytes(dmq1) > hnbyte))
goto badkey;
}
return bitlen;
badkey:
PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
return 0;
}
static int rsa_bits(const EVP_PKEY *pkey) {
return RSA_bits(pkey->pkey.rsa);
}
int RSA_get_RSAPRIVATEKEYBLOB(RSA *rsa, RSAPRIVATEKEYBLOB *blob)
{
const BIGNUM *n;
const BIGNUM *e;
const BIGNUM *d;
const BIGNUM *p;
const BIGNUM *q;
const BIGNUM *dmp1;
const BIGNUM *dmq1;
const BIGNUM *iqmp;
if (!rsa || !blob) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (RSA_bits(rsa) > sizeof(blob->Modulus) * 8
|| RSA_bits(rsa) % 8 != 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
RSA_get0_key(rsa, &n, &e, &d);
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
if (!n || !e || !d) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
memset(blob, 0, sizeof(RSAPRIVATEKEYBLOB));
blob->AlgID = SGD_RSA;
blob->BitLen = RSA_bits(rsa);
if (BN_bn2bin(n, blob->Modulus +
sizeof(blob->Modulus) - BN_num_bytes(n)) <= 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (BN_bn2bin(e, blob->PublicExponent +
sizeof(blob->PublicExponent) - BN_num_bytes(e)) <= 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (BN_bn2bin(d, blob->PrivateExponent +
sizeof(blob->PrivateExponent) - BN_num_bytes(d)) <= 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (p && BN_bn2bin(p, blob->Prime1 +
sizeof(blob->Prime1) - BN_num_bytes(p)) < 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (q && BN_bn2bin(q, blob->Prime2 +
sizeof(blob->Prime2) - BN_num_bytes(q)) < 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (dmp1 && BN_bn2bin(dmp1, blob->Prime1Exponent +
sizeof(blob->Prime1Exponent) - BN_num_bytes(dmp1)) < 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (dmq1 && BN_bn2bin(dmq1, blob->Prime2Exponent +
sizeof(blob->Prime2Exponent) - BN_num_bytes(dmq1)) < 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
if (iqmp && BN_bn2bin(iqmp, blob->Coefficient +
sizeof(blob->Coefficient) - BN_num_bytes(iqmp)) < 0) {
GMAPIerr(GMAPI_F_RSA_GET_RSAPRIVATEKEYBLOB,
GMAPI_R_INVALID_RSA_PRIVATE_KEY);
return 0;
}
return 1;
}