summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa/rsa_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_lib.c')
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c263
1 files changed, 174 insertions, 89 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index 95a56f8a28..93235744f7 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -57,53 +57,103 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "crypto.h" 60#include <openssl/crypto.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "lhash.h" 62#include <openssl/lhash.h>
63#include "bn.h" 63#include <openssl/bn.h>
64#include "rsa.h" 64#include <openssl/rsa.h>
65#include <openssl/engine.h>
65 66
66char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998"; 67const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
67 68
68static RSA_METHOD *default_RSA_meth=NULL; 69static const RSA_METHOD *default_RSA_meth=NULL;
69static int rsa_meth_num=0;
70static STACK *rsa_meth=NULL;
71 70
72RSA *RSA_new() 71RSA *RSA_new(void)
73 { 72 {
74 return(RSA_new_method(NULL)); 73 return(RSA_new_method(NULL));
75 } 74 }
76 75
77void RSA_set_default_method(meth) 76void RSA_set_default_method(const RSA_METHOD *meth)
78RSA_METHOD *meth;
79 { 77 {
80 default_RSA_meth=meth; 78 default_RSA_meth = meth;
81 } 79 }
82 80
83RSA *RSA_new_method(meth) 81const RSA_METHOD *RSA_get_default_method(void)
84RSA_METHOD *meth;
85 { 82 {
86 RSA *ret;
87
88 if (default_RSA_meth == NULL) 83 if (default_RSA_meth == NULL)
89 { 84 {
90#ifdef RSAref 85#ifdef RSA_NULL
86 default_RSA_meth=RSA_null_method();
87#else
88#if 0 /* was: #ifdef RSAref */
91 default_RSA_meth=RSA_PKCS1_RSAref(); 89 default_RSA_meth=RSA_PKCS1_RSAref();
92#else 90#else
93 default_RSA_meth=RSA_PKCS1_SSLeay(); 91 default_RSA_meth=RSA_PKCS1_SSLeay();
94#endif 92#endif
93#endif
94 }
95
96 return default_RSA_meth;
97 }
98
99const RSA_METHOD *RSA_get_method(const RSA *rsa)
100 {
101 return rsa->meth;
102 }
103
104int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
105 {
106 /* NB: The caller is specifically setting a method, so it's not up to us
107 * to deal with which ENGINE it comes from. */
108 const RSA_METHOD *mtmp;
109 mtmp = rsa->meth;
110 if (mtmp->finish) mtmp->finish(rsa);
111 if (rsa->engine)
112 {
113 ENGINE_finish(rsa->engine);
114 rsa->engine = NULL;
95 } 115 }
96 ret=(RSA *)Malloc(sizeof(RSA)); 116 rsa->meth = meth;
117 if (meth->init) meth->init(rsa);
118 return 1;
119 }
120
121RSA *RSA_new_method(ENGINE *engine)
122 {
123 RSA *ret;
124
125 ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
97 if (ret == NULL) 126 if (ret == NULL)
98 { 127 {
99 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); 128 RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
100 return(NULL); 129 return NULL;
101 } 130 }
102 131
103 if (meth == NULL) 132 ret->meth = RSA_get_default_method();
104 ret->meth=default_RSA_meth; 133 if (engine)
134 {
135 if (!ENGINE_init(engine))
136 {
137 RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
138 OPENSSL_free(ret);
139 return NULL;
140 }
141 ret->engine = engine;
142 }
105 else 143 else
106 ret->meth=meth; 144 ret->engine = ENGINE_get_default_RSA();
145 if(ret->engine)
146 {
147 ret->meth = ENGINE_get_RSA(ret->engine);
148 if(!ret->meth)
149 {
150 RSAerr(RSA_F_RSA_NEW_METHOD,
151 ERR_R_ENGINE_LIB);
152 ENGINE_finish(ret->engine);
153 OPENSSL_free(ret);
154 return NULL;
155 }
156 }
107 157
108 ret->pad=0; 158 ret->pad=0;
109 ret->version=0; 159 ret->version=0;
@@ -116,22 +166,25 @@ RSA_METHOD *meth;
116 ret->dmq1=NULL; 166 ret->dmq1=NULL;
117 ret->iqmp=NULL; 167 ret->iqmp=NULL;
118 ret->references=1; 168 ret->references=1;
119 ret->method_mod_n=NULL; 169 ret->_method_mod_n=NULL;
120 ret->method_mod_p=NULL; 170 ret->_method_mod_p=NULL;
121 ret->method_mod_q=NULL; 171 ret->_method_mod_q=NULL;
122 ret->blinding=NULL; 172 ret->blinding=NULL;
173 ret->bignum_data=NULL;
123 ret->flags=ret->meth->flags; 174 ret->flags=ret->meth->flags;
175 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
124 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) 176 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
125 { 177 {
126 Free(ret); 178 if (ret->engine)
179 ENGINE_finish(ret->engine);
180 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
181 OPENSSL_free(ret);
127 ret=NULL; 182 ret=NULL;
128 } 183 }
129 CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
130 return(ret); 184 return(ret);
131 } 185 }
132 186
133void RSA_free(r) 187void RSA_free(RSA *r)
134RSA *r;
135 { 188 {
136 int i; 189 int i;
137 190
@@ -150,10 +203,12 @@ RSA *r;
150 } 203 }
151#endif 204#endif
152 205
153 CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data); 206 if (r->meth->finish)
154
155 if (r->meth->finish != NULL)
156 r->meth->finish(r); 207 r->meth->finish(r);
208 if (r->engine)
209 ENGINE_finish(r->engine);
210
211 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
157 212
158 if (r->n != NULL) BN_clear_free(r->n); 213 if (r->n != NULL) BN_clear_free(r->n);
159 if (r->e != NULL) BN_clear_free(r->e); 214 if (r->e != NULL) BN_clear_free(r->e);
@@ -164,90 +219,78 @@ RSA *r;
164 if (r->dmq1 != NULL) BN_clear_free(r->dmq1); 219 if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
165 if (r->iqmp != NULL) BN_clear_free(r->iqmp); 220 if (r->iqmp != NULL) BN_clear_free(r->iqmp);
166 if (r->blinding != NULL) BN_BLINDING_free(r->blinding); 221 if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
167 Free(r); 222 if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
223 OPENSSL_free(r);
168 } 224 }
169 225
170int RSA_get_ex_new_index(argl,argp,new_func,dup_func,free_func) 226int RSA_up_ref(RSA *r)
171long argl; 227 {
172char *argp; 228 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
173int (*new_func)(); 229#ifdef REF_PRINT
174int (*dup_func)(); 230 REF_PRINT("RSA",r);
175void (*free_func)(); 231#endif
232#ifdef REF_CHECK
233 if (i < 2)
234 {
235 fprintf(stderr, "RSA_up_ref, bad reference count\n");
236 abort();
237 }
238#endif
239 return ((i > 1) ? 1 : 0);
240 }
241
242int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
243 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
176 { 244 {
177 rsa_meth_num++; 245 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
178 return(CRYPTO_get_ex_new_index(rsa_meth_num-1, 246 new_func, dup_func, free_func);
179 &rsa_meth,argl,argp,new_func,dup_func,free_func));
180 } 247 }
181 248
182int RSA_set_ex_data(r,idx,arg) 249int RSA_set_ex_data(RSA *r, int idx, void *arg)
183RSA *r;
184int idx;
185char *arg;
186 { 250 {
187 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); 251 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
188 } 252 }
189 253
190char *RSA_get_ex_data(r,idx) 254void *RSA_get_ex_data(const RSA *r, int idx)
191RSA *r;
192int idx;
193 { 255 {
194 return(CRYPTO_get_ex_data(&r->ex_data,idx)); 256 return(CRYPTO_get_ex_data(&r->ex_data,idx));
195 } 257 }
196 258
197int RSA_size(r) 259int RSA_size(const RSA *r)
198RSA *r;
199 { 260 {
200 return(BN_num_bytes(r->n)); 261 return(BN_num_bytes(r->n));
201 } 262 }
202 263
203int RSA_public_encrypt(flen, from, to, rsa, padding) 264int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
204int flen; 265 RSA *rsa, int padding)
205unsigned char *from;
206unsigned char *to;
207RSA *rsa;
208int padding;
209 { 266 {
210 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); 267 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
211 } 268 }
212 269
213int RSA_private_encrypt(flen, from, to, rsa, padding) 270int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
214int flen; 271 RSA *rsa, int padding)
215unsigned char *from;
216unsigned char *to;
217RSA *rsa;
218int padding;
219 { 272 {
220 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); 273 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
221 } 274 }
222 275
223int RSA_private_decrypt(flen, from, to, rsa, padding) 276int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
224int flen; 277 RSA *rsa, int padding)
225unsigned char *from;
226unsigned char *to;
227RSA *rsa;
228int padding;
229 { 278 {
230 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); 279 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
231 } 280 }
232 281
233int RSA_public_decrypt(flen, from, to, rsa, padding) 282int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
234int flen; 283 RSA *rsa, int padding)
235unsigned char *from;
236unsigned char *to;
237RSA *rsa;
238int padding;
239 { 284 {
240 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); 285 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
241 } 286 }
242 287
243int RSA_flags(r) 288int RSA_flags(const RSA *r)
244RSA *r;
245 { 289 {
246 return((r == NULL)?0:r->meth->flags); 290 return((r == NULL)?0:r->meth->flags);
247 } 291 }
248 292
249void RSA_blinding_off(rsa) 293void RSA_blinding_off(RSA *rsa)
250RSA *rsa;
251 { 294 {
252 if (rsa->blinding != NULL) 295 if (rsa->blinding != NULL)
253 { 296 {
@@ -257,9 +300,7 @@ RSA *rsa;
257 rsa->flags&= ~RSA_FLAG_BLINDING; 300 rsa->flags&= ~RSA_FLAG_BLINDING;
258 } 301 }
259 302
260int RSA_blinding_on(rsa,p_ctx) 303int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
261RSA *rsa;
262BN_CTX *p_ctx;
263 { 304 {
264 BIGNUM *A,*Ai; 305 BIGNUM *A,*Ai;
265 BN_CTX *ctx; 306 BN_CTX *ctx;
@@ -275,20 +316,64 @@ BN_CTX *p_ctx;
275 if (rsa->blinding != NULL) 316 if (rsa->blinding != NULL)
276 BN_BLINDING_free(rsa->blinding); 317 BN_BLINDING_free(rsa->blinding);
277 318
278 A=ctx->bn[0]; 319 BN_CTX_start(ctx);
279 ctx->tos++; 320 A = BN_CTX_get(ctx);
280 if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; 321 if (!BN_rand_range(A,rsa->n)) goto err;
281 if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err; 322 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
282 323
283 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx, 324 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
284 (char *)rsa->method_mod_n)) goto err; 325 goto err;
285 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); 326 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
286 ctx->tos--;
287 rsa->flags|=RSA_FLAG_BLINDING; 327 rsa->flags|=RSA_FLAG_BLINDING;
288 BN_free(Ai); 328 BN_free(Ai);
289 ret=1; 329 ret=1;
290err: 330err:
331 BN_CTX_end(ctx);
291 if (ctx != p_ctx) BN_CTX_free(ctx); 332 if (ctx != p_ctx) BN_CTX_free(ctx);
292 return(ret); 333 return(ret);
293 } 334 }
294 335
336int RSA_memory_lock(RSA *r)
337 {
338 int i,j,k,off;
339 char *p;
340 BIGNUM *bn,**t[6],*b;
341 BN_ULONG *ul;
342
343 if (r->d == NULL) return(1);
344 t[0]= &r->d;
345 t[1]= &r->p;
346 t[2]= &r->q;
347 t[3]= &r->dmp1;
348 t[4]= &r->dmq1;
349 t[5]= &r->iqmp;
350 k=sizeof(BIGNUM)*6;
351 off=k/sizeof(BN_ULONG)+1;
352 j=1;
353 for (i=0; i<6; i++)
354 j+= (*t[i])->top;
355 if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
356 {
357 RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
358 return(0);
359 }
360 bn=(BIGNUM *)p;
361 ul=(BN_ULONG *)&(p[off]);
362 for (i=0; i<6; i++)
363 {
364 b= *(t[i]);
365 *(t[i])= &(bn[i]);
366 memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
367 bn[i].flags=BN_FLG_STATIC_DATA;
368 bn[i].d=ul;
369 memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
370 ul+=b->top;
371 BN_clear_free(b);
372 }
373
374 /* I should fix this so it can still be done */
375 r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
376
377 r->bignum_data=p;
378 return(1);
379 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-07 02:46:24 +0000