int ssh_rsa_complete_crt_parameters(struct sshkey *key, const BIGNUM *iqmp) { const BIGNUM *rsa_p, *rsa_q, *rsa_d; BIGNUM *aux = NULL, *d_consttime = NULL; BIGNUM *rsa_dmq1 = NULL, *rsa_dmp1 = NULL, *rsa_iqmp = NULL; BN_CTX *ctx = NULL; int r; if (key == NULL || key->rsa == NULL || sshkey_type_plain(key->type) != KEY_RSA) return SSH_ERR_INVALID_ARGUMENT; RSA_get0_key(key->rsa, NULL, NULL, &rsa_d); RSA_get0_factors(key->rsa, &rsa_p, &rsa_q); if ((ctx = BN_CTX_new()) == NULL) return SSH_ERR_ALLOC_FAIL; if ((aux = BN_new()) == NULL || (rsa_dmq1 = BN_new()) == NULL || (rsa_dmp1 = BN_new()) == NULL) return SSH_ERR_ALLOC_FAIL; if ((d_consttime = BN_dup(rsa_d)) == NULL || (rsa_iqmp = BN_dup(iqmp)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } BN_set_flags(aux, BN_FLG_CONSTTIME); BN_set_flags(d_consttime, BN_FLG_CONSTTIME); if ((BN_sub(aux, rsa_q, BN_value_one()) == 0) || (BN_mod(rsa_dmq1, d_consttime, aux, ctx) == 0) || (BN_sub(aux, rsa_p, BN_value_one()) == 0) || (BN_mod(rsa_dmp1, d_consttime, aux, ctx) == 0)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } if (!RSA_set0_crt_params(key->rsa, rsa_dmp1, rsa_dmq1, rsa_iqmp)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } rsa_dmp1 = rsa_dmq1 = rsa_iqmp = NULL; /* transferred */ /* success */ r = 0; out: BN_clear_free(aux); BN_clear_free(d_consttime); BN_clear_free(rsa_dmp1); BN_clear_free(rsa_dmq1); BN_clear_free(rsa_iqmp); BN_CTX_free(ctx); return r; }
static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub) { const unsigned char *pin = *in; EVP_PKEY *ret = NULL; BIGNUM *e = NULL, *n = NULL, *d = NULL; RSA *rsa = NULL; unsigned int nbyte, hnbyte; nbyte = (bitlen + 7) >> 3; hnbyte = (bitlen + 15) >> 4; rsa = RSA_new(); ret = EVP_PKEY_new(); if (rsa == NULL || ret == NULL) goto memerr; e = BN_new(); if (e == NULL) goto memerr; if (!BN_set_word(e, read_ledword(&pin))) goto memerr; if (!read_lebn(&pin, nbyte, &n)) goto memerr; if (!ispub) { BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; if (!read_lebn(&pin, hnbyte, &p)) goto memerr; if (!read_lebn(&pin, hnbyte, &q)) goto memerr; if (!read_lebn(&pin, hnbyte, &dmp1)) goto memerr; if (!read_lebn(&pin, hnbyte, &dmq1)) goto memerr; if (!read_lebn(&pin, hnbyte, &iqmp)) goto memerr; if (!read_lebn(&pin, nbyte, &d)) goto memerr; RSA_set0_factors(rsa, p, q); RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp); } RSA_set0_key(rsa, e, n, d); EVP_PKEY_set1_RSA(ret, rsa); RSA_free(rsa); *in = pin; return ret; memerr: PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); RSA_free(rsa); EVP_PKEY_free(ret); return NULL; }
void _cjose_jwk_rsa_set_crt(RSA *rsa, uint8_t *dmp1, size_t dmp1_len, uint8_t *dmq1, size_t dmq1_len, uint8_t *iqmp, size_t iqmp_len) { BIGNUM *rsa_dmp1 = NULL, *rsa_dmq1 = NULL, *rsa_iqmp = NULL; if (dmp1 && dmp1_len > 0) rsa_dmp1 = BN_bin2bn(dmp1, dmp1_len, NULL); if (dmq1 && dmq1_len > 0) rsa_dmq1 = BN_bin2bn(dmq1, dmq1_len, NULL); if (iqmp && iqmp_len > 0) rsa_iqmp = BN_bin2bn(iqmp, iqmp_len, NULL); #if (CJOSE_OPENSSL_11X) RSA_set0_crt_params(rsa, rsa_dmp1, rsa_dmq1, rsa_iqmp); #else rsa->dmp1 = rsa_dmp1; rsa->dmq1 = rsa_dmq1; rsa->iqmp = rsa_iqmp; #endif }
int get_rsa_private_key(ErlNifEnv* env, ERL_NIF_TERM key, RSA *rsa) { /* key=[E,N,D]|[E,N,D,P1,P2,E1,E2,C] */ ERL_NIF_TERM head, tail; BIGNUM *e, *n, *d; BIGNUM *p, *q; BIGNUM *dmp1, *dmq1, *iqmp; if (!enif_get_list_cell(env, key, &head, &tail) || !get_bn_from_bin(env, head, &e) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &n) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &d)) { return 0; } (void) RSA_set0_key(rsa, n, e, d); if (enif_is_empty_list(env, tail)) { return 1; } if (!enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &p) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &q) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &dmp1) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &dmq1) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &iqmp) || !enif_is_empty_list(env, tail)) { return 0; } (void) RSA_set0_factors(rsa, p, q); (void) RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp); return 1; }
int RSA_set_RSAPRIVATEKEYBLOB(RSA *rsa, const RSAPRIVATEKEYBLOB *blob) { int ret = 0; BIGNUM *n = NULL; BIGNUM *e = NULL; BIGNUM *d = NULL; BIGNUM *p = NULL; BIGNUM *q = NULL; BIGNUM *dmp1 = NULL; BIGNUM *dmq1 = NULL; BIGNUM *iqmp = NULL; if (!rsa || !blob) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (blob->AlgID != SGD_RSA) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_ALGOR); return 0; } if (blob->BitLen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS || blob->BitLen > sizeof(blob->Modulus) * 8 || blob->BitLen % 8 != 0 || blob->BitLen % 16 != 0) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (!(n = BN_bin2bn(blob->Modulus, sizeof(blob->Modulus), NULL)) || !(e = BN_bin2bn(blob->PublicExponent, sizeof(blob->PublicExponent), NULL)) || !(d = BN_bin2bn(blob->PrivateExponent, sizeof(blob->PrivateExponent), NULL)) || !(p = BN_bin2bn(blob->Prime1, sizeof(blob->Prime1), NULL)) || !(q = BN_bin2bn(blob->Prime2, sizeof(blob->Prime2), NULL)) || !(dmp1 = BN_bin2bn(blob->Prime1Exponent, sizeof(blob->Prime1Exponent), NULL)) || !(dmq1 = BN_bin2bn(blob->Prime2Exponent, sizeof(blob->Prime2Exponent), NULL)) || !(iqmp = BN_bin2bn(blob->Coefficient, sizeof(blob->Coefficient), NULL))) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, ERR_R_BN_LIB); goto end; } if (!RSA_set0_key(rsa, n, e, d)) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY); goto end; } n = NULL; e = NULL; d = NULL; if (!RSA_set0_factors(rsa, p, q)) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY); goto end; } p = NULL; q = NULL; if (!RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp)) { GMAPIerr(GMAPI_F_RSA_SET_RSAPRIVATEKEYBLOB, GMAPI_R_INVALID_RSA_PRIVATE_KEY); goto end; } dmp1 = NULL; dmq1 = NULL; iqmp = NULL; ret = 1; end: BN_free(n); BN_free(e); BN_free(d); BN_free(p); BN_free(q); BN_free(dmp1); BN_free(dmq1); BN_free(iqmp); return ret; }
static int key2048p3(RSA *key) { /* C90 requires string should <= 509 bytes */ static const unsigned char n[] = "\x92\x60\xd0\x75\x0a\xe1\x17\xee\xe5\x5c\x3f\x3d\xea\xba\x74\x91" "\x75\x21\xa2\x62\xee\x76\x00\x7c\xdf\x8a\x56\x75\x5a\xd7\x3a\x15" "\x98\xa1\x40\x84\x10\xa0\x14\x34\xc3\xf5\xbc\x54\xa8\x8b\x57\xfa" "\x19\xfc\x43\x28\xda\xea\x07\x50\xa4\xc4\x4e\x88\xcf\xf3\xb2\x38" "\x26\x21\xb8\x0f\x67\x04\x64\x43\x3e\x43\x36\xe6\xd0\x03\xe8\xcd" "\x65\xbf\xf2\x11\xda\x14\x4b\x88\x29\x1c\x22\x59\xa0\x0a\x72\xb7" "\x11\xc1\x16\xef\x76\x86\xe8\xfe\xe3\x4e\x4d\x93\x3c\x86\x81\x87" "\xbd\xc2\x6f\x7b\xe0\x71\x49\x3c\x86\xf7\xa5\x94\x1c\x35\x10\x80" "\x6a\xd6\x7b\x0f\x94\xd8\x8f\x5c\xf5\xc0\x2a\x09\x28\x21\xd8\x62" "\x6e\x89\x32\xb6\x5c\x5b\xd8\xc9\x20\x49\xc2\x10\x93\x2b\x7a\xfa" "\x7a\xc5\x9c\x0e\x88\x6a\xe5\xc1\xed\xb0\x0d\x8c\xe2\xc5\x76\x33" "\xdb\x26\xbd\x66\x39\xbf\xf7\x3c\xee\x82\xbe\x92\x75\xc4\x02\xb4" "\xcf\x2a\x43\x88\xda\x8c\xf8\xc6\x4e\xef\xe1\xc5\xa0\xf5\xab\x80" "\x57\xc3\x9f\xa5\xc0\x58\x9c\x3e\x25\x3f\x09\x60\x33\x23\x00\xf9" "\x4b\xea\x44\x87\x7b\x58\x8e\x1e\xdb\xde\x97\xcf\x23\x60\x72\x7a" "\x09\xb7\x75\x26\x2d\x7e\xe5\x52\xb3\x31\x9b\x92\x66\xf0\x5a\x25"; static const unsigned char e[] = "\x01\x00\x01"; static const unsigned char d[] = "\x6a\x7d\xf2\xca\x63\xea\xd4\xdd\xa1\x91\xd6\x14\xb6\xb3\x85\xe0" "\xd9\x05\x6a\x3d\x6d\x5c\xfe\x07\xdb\x1d\xaa\xbe\xe0\x22\xdb\x08" "\x21\x2d\x97\x61\x3d\x33\x28\xe0\x26\x7c\x9d\xd2\x3d\x78\x7a\xbd" "\xe2\xaf\xcb\x30\x6a\xeb\x7d\xfc\xe6\x92\x46\xcc\x73\xf5\xc8\x7f" "\xdf\x06\x03\x01\x79\xa2\x11\x4b\x76\x7d\xb1\xf0\x83\xff\x84\x1c" "\x02\x5d\x7d\xc0\x0c\xd8\x24\x35\xb9\xa9\x0f\x69\x53\x69\xe9\x4d" "\xf2\x3d\x2c\xe4\x58\xbc\x3b\x32\x83\xad\x8b\xba\x2b\x8f\xa1\xba" "\x62\xe2\xdc\xe9\xac\xcf\xf3\x79\x9a\xae\x7c\x84\x00\x16\xf3\xba" "\x8e\x00\x48\xc0\xb6\xcc\x43\x39\xaf\x71\x61\x00\x3a\x5b\xeb\x86" "\x4a\x01\x64\xb2\xc1\xc9\x23\x7b\x64\xbc\x87\x55\x69\x94\x35\x1b" "\x27\x50\x6c\x33\xd4\xbc\xdf\xce\x0f\x9c\x49\x1a\x7d\x6b\x06\x28" "\xc7\xc8\x52\xbe\x4f\x0a\x9c\x31\x32\xb2\xed\x3a\x2c\x88\x81\xe9" "\xaa\xb0\x7e\x20\xe1\x7d\xeb\x07\x46\x91\xbe\x67\x77\x76\xa7\x8b" "\x5c\x50\x2e\x05\xd9\xbd\xde\x72\x12\x6b\x37\x38\x69\x5e\x2d\xd1" "\xa0\xa9\x8a\x14\x24\x7c\x65\xd8\xa7\xee\x79\x43\x2a\x09\x2c\xb0" "\x72\x1a\x12\xdf\x79\x8e\x44\xf7\xcf\xce\x0c\x49\x81\x47\xa9\xb1"; static const unsigned char p[] = "\x06\x77\xcd\xd5\x46\x9b\xc1\xd5\x58\x00\x81\xe2\xf3\x0a\x36\xb1" "\x6e\x29\x89\xd5\x2f\x31\x5f\x92\x22\x3b\x9b\x75\x30\x82\xfa\xc5" "\xf5\xde\x8a\x36\xdb\xc6\xe5\x8f\xef\x14\x37\xd6\x00\xf9\xab\x90" "\x9b\x5d\x57\x4c\xf5\x1f\x77\xc4\xbb\x8b\xdd\x9b\x67\x11\x45\xb2" "\x64\xe8\xac\xa8\x03\x0f\x16\x0d\x5d\x2d\x53\x07\x23\xfb\x62\x0d" "\xe6\x16\xd3\x23\xe8\xb3"; static const unsigned char q[] = "\x06\x66\x9a\x70\x53\xd6\x72\x74\xfd\xea\x45\xc3\xc0\x17\xae\xde" "\x79\x17\xae\x79\xde\xfc\x0e\xf7\xa4\x3a\x8c\x43\x8f\xc7\x8a\xa2" "\x2c\x51\xc4\xd0\x72\x89\x73\x5c\x61\xbe\xfd\x54\x3f\x92\x65\xde" "\x4d\x65\x71\x70\xf6\xf2\xe5\x98\xb9\x0f\xd1\x0b\xe6\x95\x09\x4a" "\x7a\xdf\xf3\x10\x16\xd0\x60\xfc\xa5\x10\x34\x97\x37\x6f\x0a\xd5" "\x5d\x8f\xd4\xc3\xa0\x5b"; static const unsigned char dmp1[] = "\x05\x7c\x9e\x1c\xbd\x90\x25\xe7\x40\x86\xf5\xa8\x3b\x7a\x3f\x99" "\x56\x95\x60\x3a\x7b\x95\x4b\xb8\xa0\xd7\xa5\xf1\xcc\xdc\x5f\xb5" "\x8c\xf4\x62\x95\x54\xed\x2e\x12\x62\xc2\xe8\xf6\xde\xce\xed\x8e" "\x77\x6d\xc0\x40\x25\x74\xb3\x5a\x2d\xaa\xe1\xac\x11\xcb\xe2\x2f" "\x0a\x51\x23\x1e\x47\xb2\x05\x88\x02\xb2\x0f\x4b\xf0\x67\x30\xf0" "\x0f\x6e\xef\x5f\xf7\xe7"; static const unsigned char dmq1[] = "\x01\xa5\x6b\xbc\xcd\xe3\x0e\x46\xc6\x72\xf5\x04\x56\x28\x01\x22" "\x58\x74\x5d\xbc\x1c\x3c\x29\x41\x49\x6c\x81\x5c\x72\xe2\xf7\xe5" "\xa3\x8e\x58\x16\xe0\x0e\x37\xac\x1f\xbb\x75\xfd\xaf\xe7\xdf\xe9" "\x1f\x70\xa2\x8f\x52\x03\xc0\x46\xd9\xf9\x96\x63\x00\x27\x7e\x5f" "\x38\x60\xd6\x6b\x61\xe2\xaf\xbe\xea\x58\xd3\x9d\xbc\x75\x03\x8d" "\x42\x65\xd6\x6b\x85\x97"; static const unsigned char iqmp[] = "\x03\xa1\x8b\x80\xe4\xd8\x87\x25\x17\x5d\xcc\x8d\xa9\x8a\x22\x2b" "\x6c\x15\x34\x6f\x80\xcc\x1c\x44\x04\x68\xbc\x03\xcd\x95\xbb\x69" "\x37\x61\x48\xb4\x23\x13\x08\x16\x54\x6a\xa1\x7c\xf5\xd4\x3a\xe1" "\x4f\xa4\x0c\xf5\xaf\x80\x85\x27\x06\x0d\x70\xc0\xc5\x19\x28\xfe" "\xee\x8e\x86\x21\x98\x8a\x37\xb7\xe5\x30\x25\x70\x93\x51\x2d\x49" "\x85\x56\xb3\x0c\x2b\x96"; static const unsigned char ex_prime[] = "\x03\x89\x22\xa0\xb7\x3a\x91\xcb\x5e\x0c\xfd\x73\xde\xa7\x38\xa9" "\x47\x43\xd6\x02\xbf\x2a\xb9\x3c\x48\xf3\x06\xd6\x58\x35\x50\x56" "\x16\x5c\x34\x9b\x61\x87\xc8\xaa\x0a\x5d\x8a\x0a\xcd\x9c\x41\xd9" "\x96\x24\xe0\xa9\x9b\x26\xb7\xa8\x08\xc9\xea\xdc\xa7\x15\xfb\x62" "\xa0\x2d\x90\xe6\xa7\x55\x6e\xc6\x6c\xff\xd6\x10\x6d\xfa\x2e\x04" "\x50\xec\x5c\x66\xe4\x05"; static const unsigned char ex_exponent[] = "\x02\x0a\xcd\xc3\x82\xd2\x03\xb0\x31\xac\xd3\x20\x80\x34\x9a\x57" "\xbc\x60\x04\x57\x25\xd0\x29\x9a\x16\x90\xb9\x1c\x49\x6a\xd1\xf2" "\x47\x8c\x0e\x9e\xc9\x20\xc2\xd8\xe4\x8f\xce\xd2\x1a\x9c\xec\xb4" "\x1f\x33\x41\xc8\xf5\x62\xd1\xa5\xef\x1d\xa1\xd8\xbd\x71\xc6\xf7" "\xda\x89\x37\x2e\xe2\xec\x47\xc5\xb8\xe3\xb4\xe3\x5c\x82\xaa\xdd" "\xb7\x58\x2e\xaf\x07\x79"; static const unsigned char ex_coefficient[] = "\x00\x9c\x09\x88\x9b\xc8\x57\x08\x69\x69\xab\x2d\x9e\x29\x1c\x3c" "\x6d\x59\x33\x12\x0d\x2b\x09\x2e\xaf\x01\x2c\x27\x01\xfc\xbd\x26" "\x13\xf9\x2d\x09\x22\x4e\x49\x11\x03\x82\x88\x87\xf4\x43\x1d\xac" "\xca\xec\x86\xf7\x23\xf1\x64\xf3\xf5\x81\xf0\x37\x36\xcf\x67\xff" "\x1a\xff\x7a\xc7\xf9\xf9\x67\x2d\xa0\x9d\x61\xf8\xf6\x47\x5c\x2f" "\xe7\x66\xe8\x3c\x3a\xe8"; BIGNUM **pris = NULL, **exps = NULL, **coeffs = NULL; int rv = 256; /* public key length */ if (!TEST_int_eq(RSA_set0_key(key, BN_bin2bn(n, sizeof(n) - 1, NULL), BN_bin2bn(e, sizeof(e) - 1, NULL), BN_bin2bn(d, sizeof(d) - 1, NULL)), 1)) goto err; if (!TEST_int_eq(RSA_set0_factors(key, BN_bin2bn(p, sizeof(p) - 1, NULL), BN_bin2bn(q, sizeof(q) - 1, NULL)), 1)) goto err; if (!TEST_int_eq(RSA_set0_crt_params(key, BN_bin2bn(dmp1, sizeof(dmp1) - 1, NULL), BN_bin2bn(dmq1, sizeof(dmq1) - 1, NULL), BN_bin2bn(iqmp, sizeof(iqmp) - 1, NULL)), 1)) return 0; pris = OPENSSL_zalloc(sizeof(BIGNUM *)); exps = OPENSSL_zalloc(sizeof(BIGNUM *)); coeffs = OPENSSL_zalloc(sizeof(BIGNUM *)); if (!TEST_ptr(pris) || !TEST_ptr(exps) || !TEST_ptr(coeffs)) goto err; pris[0] = BN_bin2bn(ex_prime, sizeof(ex_prime) - 1, NULL); exps[0] = BN_bin2bn(ex_exponent, sizeof(ex_exponent) - 1, NULL); coeffs[0] = BN_bin2bn(ex_coefficient, sizeof(ex_coefficient) - 1, NULL); if (!TEST_ptr(pris[0]) || !TEST_ptr(exps[0]) || !TEST_ptr(coeffs[0])) goto err; if (!TEST_true(RSA_set0_multi_prime_params(key, pris, exps, coeffs, NUM_EXTRA_PRIMES))) goto err; ret: OPENSSL_free(pris); OPENSSL_free(exps); OPENSSL_free(coeffs); return rv; err: if (pris != NULL) BN_free(pris[0]); if (exps != NULL) BN_free(exps[0]); if (coeffs != NULL) BN_free(coeffs[0]); rv = 0; goto ret; }
int _libssh2_rsa_new(libssh2_rsa_ctx ** rsa, const unsigned char *edata, unsigned long elen, const unsigned char *ndata, unsigned long nlen, const unsigned char *ddata, unsigned long dlen, const unsigned char *pdata, unsigned long plen, const unsigned char *qdata, unsigned long qlen, const unsigned char *e1data, unsigned long e1len, const unsigned char *e2data, unsigned long e2len, const unsigned char *coeffdata, unsigned long coefflen) { BIGNUM * e; BIGNUM * n; BIGNUM * d = 0; BIGNUM * p = 0; BIGNUM * q = 0; BIGNUM * dmp1 = 0; BIGNUM * dmq1 = 0; BIGNUM * iqmp = 0; e = BN_new(); BN_bin2bn(edata, elen, e); n = BN_new(); BN_bin2bn(ndata, nlen, n); if(ddata) { d = BN_new(); BN_bin2bn(ddata, dlen, d); p = BN_new(); BN_bin2bn(pdata, plen, p); q = BN_new(); BN_bin2bn(qdata, qlen, q); dmp1 = BN_new(); BN_bin2bn(e1data, e1len, dmp1); dmq1 = BN_new(); BN_bin2bn(e2data, e2len, dmq1); iqmp = BN_new(); BN_bin2bn(coeffdata, coefflen, iqmp); } *rsa = RSA_new(); #ifdef HAVE_OPAQUE_STRUCTS RSA_set0_key(*rsa, n, e, d); #else (*rsa)->e = e; (*rsa)->n = n; #endif #ifdef HAVE_OPAQUE_STRUCTS RSA_set0_factors(*rsa, p, q); #else (*rsa)->p = p; (*rsa)->q = q; #endif #ifdef HAVE_OPAQUE_STRUCTS RSA_set0_crt_params(*rsa, dmp1, dmq1, iqmp); #else (*rsa)->dmp1 = dmp1; (*rsa)->dmq1 = dmq1; (*rsa)->iqmp = iqmp; #endif return 0; }
static isc_result_t opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) { dst_private_t priv; isc_result_t ret; int i; RSA *rsa = NULL, *pubrsa = NULL; #ifdef USE_ENGINE ENGINE *ep = NULL; const BIGNUM *ex = NULL; #endif isc_mem_t *mctx = key->mctx; const char *engine = NULL, *label = NULL; #if defined(USE_ENGINE) || USE_EVP EVP_PKEY *pkey = NULL; #endif BIGNUM *n = NULL, *e = NULL, *d = NULL; BIGNUM *p = NULL, *q = NULL; BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; /* read private key file */ ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); if (ret != ISC_R_SUCCESS) goto err; if (key->external) { if (priv.nelements != 0) DST_RET(DST_R_INVALIDPRIVATEKEY); if (pub == NULL) DST_RET(DST_R_INVALIDPRIVATEKEY); key->keydata.pkey = pub->keydata.pkey; pub->keydata.pkey = NULL; key->key_size = pub->key_size; dst__privstruct_free(&priv, mctx); memset(&priv, 0, sizeof(priv)); return (ISC_R_SUCCESS); } #if USE_EVP if (pub != NULL && pub->keydata.pkey != NULL) pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey); #else if (pub != NULL && pub->keydata.rsa != NULL) { pubrsa = pub->keydata.rsa; pub->keydata.rsa = NULL; } #endif for (i = 0; i < priv.nelements; i++) { switch (priv.elements[i].tag) { case TAG_RSA_ENGINE: engine = (char *)priv.elements[i].data; break; case TAG_RSA_LABEL: label = (char *)priv.elements[i].data; break; default: break; } } /* * Is this key is stored in a HSM? * See if we can fetch it. */ if (label != NULL) { #ifdef USE_ENGINE if (engine == NULL) DST_RET(DST_R_NOENGINE); ep = dst__openssl_getengine(engine); if (ep == NULL) DST_RET(DST_R_NOENGINE); pkey = ENGINE_load_private_key(ep, label, NULL, NULL); if (pkey == NULL) DST_RET(dst__openssl_toresult2( "ENGINE_load_private_key", ISC_R_NOTFOUND)); key->engine = isc_mem_strdup(key->mctx, engine); if (key->engine == NULL) DST_RET(ISC_R_NOMEMORY); key->label = isc_mem_strdup(key->mctx, label); if (key->label == NULL) DST_RET(ISC_R_NOMEMORY); rsa = EVP_PKEY_get1_RSA(pkey); if (rsa == NULL) DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE)); if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS) DST_RET(DST_R_INVALIDPRIVATEKEY); RSA_get0_key(rsa, NULL, &ex, NULL); if (BN_num_bits(ex) > RSA_MAX_PUBEXP_BITS) DST_RET(ISC_R_RANGE); if (pubrsa != NULL) RSA_free(pubrsa); key->key_size = EVP_PKEY_bits(pkey); #if USE_EVP key->keydata.pkey = pkey; RSA_free(rsa); #else key->keydata.rsa = rsa; EVP_PKEY_free(pkey); #endif dst__privstruct_free(&priv, mctx); memset(&priv, 0, sizeof(priv)); return (ISC_R_SUCCESS); #else DST_RET(DST_R_NOENGINE); #endif } rsa = RSA_new(); if (rsa == NULL) DST_RET(ISC_R_NOMEMORY); SET_FLAGS(rsa); #if USE_EVP pkey = EVP_PKEY_new(); if (pkey == NULL) DST_RET(ISC_R_NOMEMORY); if (!EVP_PKEY_set1_RSA(pkey, rsa)) DST_RET(ISC_R_FAILURE); key->keydata.pkey = pkey; #else key->keydata.rsa = rsa; #endif for (i = 0; i < priv.nelements; i++) { BIGNUM *bn; switch (priv.elements[i].tag) { case TAG_RSA_ENGINE: continue; case TAG_RSA_LABEL: continue; default: bn = BN_bin2bn(priv.elements[i].data, priv.elements[i].length, NULL); if (bn == NULL) DST_RET(ISC_R_NOMEMORY); switch (priv.elements[i].tag) { case TAG_RSA_MODULUS: n = bn; break; case TAG_RSA_PUBLICEXPONENT: e = bn; break; case TAG_RSA_PRIVATEEXPONENT: d = bn; break; case TAG_RSA_PRIME1: p = bn; break; case TAG_RSA_PRIME2: q = bn; break; case TAG_RSA_EXPONENT1: dmp1 = bn; break; case TAG_RSA_EXPONENT2: dmq1 = bn; break; case TAG_RSA_COEFFICIENT: iqmp = bn; break; } } } dst__privstruct_free(&priv, mctx); memset(&priv, 0, sizeof(priv)); if (RSA_set0_key(rsa, n, e, d) == 0) { if (n != NULL) BN_free(n); if (e != NULL) BN_free(e); if (d != NULL) BN_free(d); } if (RSA_set0_factors(rsa, p, q) == 0) { if (p != NULL) BN_free(p); if (q != NULL) BN_free(q); } if (RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp) == 0) { if (dmp1 != NULL) BN_free(dmp1); if (dmq1 != NULL) BN_free(dmq1); if (iqmp != NULL) BN_free(iqmp); } if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS) DST_RET(DST_R_INVALIDPRIVATEKEY); if (BN_num_bits(e) > RSA_MAX_PUBEXP_BITS) DST_RET(ISC_R_RANGE); key->key_size = BN_num_bits(n); if (pubrsa != NULL) RSA_free(pubrsa); #if USE_EVP RSA_free(rsa); #endif return (ISC_R_SUCCESS); err: #if USE_EVP if (pkey != NULL) EVP_PKEY_free(pkey); #endif if (rsa != NULL) RSA_free(rsa); if (pubrsa != NULL) RSA_free(pubrsa); key->keydata.generic = NULL; dst__privstruct_free(&priv, mctx); memset(&priv, 0, sizeof(priv)); return (ret); }
/** Sets the tag-designated key component into the established RSA context. This function sets the tag-designated RSA key component into the established RSA context from the user-specified non-negative integer (octet string format represented in RSA PKCS#1). If BigNumber is NULL, then the specified key component in RSA context is cleared. If RsaContext is NULL, then return FALSE. @param[in, out] RsaContext Pointer to RSA context being set. @param[in] KeyTag Tag of RSA key component being set. @param[in] BigNumber Pointer to octet integer buffer. If NULL, then the specified key component in RSA context is cleared. @param[in] BnSize Size of big number buffer in bytes. If BigNumber is NULL, then it is ignored. @retval TRUE RSA key component was set successfully. @retval FALSE Invalid RSA key component tag. **/ BOOLEAN EFIAPI RsaSetKey ( IN OUT VOID *RsaContext, IN RSA_KEY_TAG KeyTag, IN CONST UINT8 *BigNumber, IN UINTN BnSize ) { RSA *RsaKey; BIGNUM *BnN; BIGNUM *BnE; BIGNUM *BnD; BIGNUM *BnP; BIGNUM *BnQ; BIGNUM *BnDp; BIGNUM *BnDq; BIGNUM *BnQInv; // // Check input parameters. // if (RsaContext == NULL || BnSize > INT_MAX) { return FALSE; } BnN = NULL; BnE = NULL; BnD = NULL; BnP = NULL; BnQ = NULL; BnDp = NULL; BnDq = NULL; BnQInv = NULL; // // Retrieve the components from RSA object. // RsaKey = (RSA *) RsaContext; RSA_get0_key (RsaKey, (const BIGNUM **)&BnN, (const BIGNUM **)&BnE, (const BIGNUM **)&BnD); RSA_get0_factors (RsaKey, (const BIGNUM **)&BnP, (const BIGNUM **)&BnQ); RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnDp, (const BIGNUM **)&BnDq, (const BIGNUM **)&BnQInv); // // Set RSA Key Components by converting octet string to OpenSSL BN representation. // NOTE: For RSA public key (used in signature verification), only public components // (N, e) are needed. // switch (KeyTag) { // // RSA Public Modulus (N), Public Exponent (e) and Private Exponent (d) // case RsaKeyN: case RsaKeyE: case RsaKeyD: if (BnN == NULL) { BnN = BN_new (); } if (BnE == NULL) { BnE = BN_new (); } if (BnD == NULL) { BnD = BN_new (); } if ((BnN == NULL) || (BnE == NULL) || (BnD == NULL)) { return FALSE; } switch (KeyTag) { case RsaKeyN: BnN = BN_bin2bn (BigNumber, (UINT32)BnSize, BnN); break; case RsaKeyE: BnE = BN_bin2bn (BigNumber, (UINT32)BnSize, BnE); break; case RsaKeyD: BnD = BN_bin2bn (BigNumber, (UINT32)BnSize, BnD); break; default: return FALSE; } if (RSA_set0_key (RsaKey, BN_dup(BnN), BN_dup(BnE), BN_dup(BnD)) == 0) { return FALSE; } break; // // RSA Secret Prime Factor of Modulus (p and q) // case RsaKeyP: case RsaKeyQ: if (BnP == NULL) { BnP = BN_new (); } if (BnQ == NULL) { BnQ = BN_new (); } if ((BnP == NULL) || (BnQ == NULL)) { return FALSE; } switch (KeyTag) { case RsaKeyP: BnP = BN_bin2bn (BigNumber, (UINT32)BnSize, BnP); break; case RsaKeyQ: BnQ = BN_bin2bn (BigNumber, (UINT32)BnSize, BnQ); break; default: return FALSE; } if (RSA_set0_factors (RsaKey, BN_dup(BnP), BN_dup(BnQ)) == 0) { return FALSE; } break; // // p's CRT Exponent (== d mod (p - 1)), q's CRT Exponent (== d mod (q - 1)), // and CRT Coefficient (== 1/q mod p) // case RsaKeyDp: case RsaKeyDq: case RsaKeyQInv: if (BnDp == NULL) { BnDp = BN_new (); } if (BnDq == NULL) { BnDq = BN_new (); } if (BnQInv == NULL) { BnQInv = BN_new (); } if ((BnDp == NULL) || (BnDq == NULL) || (BnQInv == NULL)) { return FALSE; } switch (KeyTag) { case RsaKeyDp: BnDp = BN_bin2bn (BigNumber, (UINT32)BnSize, BnDp); break; case RsaKeyDq: BnDq = BN_bin2bn (BigNumber, (UINT32)BnSize, BnDq); break; case RsaKeyQInv: BnQInv = BN_bin2bn (BigNumber, (UINT32)BnSize, BnQInv); break; default: return FALSE; } if (RSA_set0_crt_params (RsaKey, BN_dup(BnDp), BN_dup(BnDq), BN_dup(BnQInv)) == 0) { return FALSE; } break; default: return FALSE; } return TRUE; }