New function RSA_check_key,
openssl rsa -check
diff --git a/CHANGES b/CHANGES
index fa03ac0..d64db58 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
Changes between 0.9.3a and 0.9.4
+ *) New function RSA_check_key and new openssl rsa option -check
+ for verifying the consistency of RSA keys.
+ [Ulf Moeller, Bodo Moeller]
+
*) Various changes to make Win32 compile work:
1. Casts to avoid "loss of data" warnings in p5_crpt2.c
2. Change unsigned int to int in b_dump.c to avoid "signed/unsigned
diff --git a/apps/rsa.c b/apps/rsa.c
index 3be1f67..6537a24 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -81,6 +81,7 @@
* -idea - encrypt output if PEM format
* -text - print a text version
* -modulus - print the RSA key modulus
+ * -check - verify key consistency
*/
int MAIN(int argc, char **argv)
@@ -90,7 +91,7 @@
int i,badops=0;
const EVP_CIPHER *enc=NULL;
BIO *in=NULL,*out=NULL;
- int informat,outformat,text=0,noout=0;
+ int informat,outformat,text=0,check=0,noout=0;
char *infile,*outfile,*prog;
int modulus=0;
@@ -136,6 +137,8 @@
text=1;
else if (strcmp(*argv,"-modulus") == 0)
modulus=1;
+ else if (strcmp(*argv,"-check") == 0)
+ check=1;
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -163,6 +166,7 @@
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the RSA key modulus\n");
+ BIO_printf(bio_err," -check verify key consistency\n");
goto end;
}
@@ -257,6 +261,28 @@
fprintf(stdout,"\n");
}
+ if (check)
+ if (RSA_check_key(rsa))
+ BIO_printf(out,"RSA key ok\n");
+ else
+ {
+ long e;
+
+ while ((e = ERR_peek_error()) != 0 &&
+ ERR_GET_LIB(e) == ERR_LIB_RSA &&
+ ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY &&
+ ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE)
+ {
+ BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
+ ERR_get_error(); /* remove e from error stack */
+ }
+ if (e != 0)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
if (noout) goto end;
BIO_printf(bio_err,"writing RSA private key\n");
if (outformat == FORMAT_ASN1)
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
index ad038ba..da704fc 100644
--- a/crypto/rsa/Makefile.ssl
+++ b/crypto/rsa/Makefile.ssl
@@ -23,9 +23,9 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
- rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c
+ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
- rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o
+ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o
SRC= $(LIBSRC)
@@ -80,6 +80,10 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_chk.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
+rsa_chk.o: ../../include/openssl/stack.h
rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 3be447d..26423dd 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -147,6 +147,7 @@
int RSA_size(RSA *);
RSA * RSA_generate_key(int bits, unsigned long e,void
(*callback)(int,int,void *),void *cb_arg);
+int RSA_check_key(RSA *);
/* next 4 return -1 on error */
int RSA_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
@@ -248,6 +249,7 @@
/* Function codes. */
#define RSA_F_MEMORY_LOCK 100
+#define RSA_F_RSA_CHECK_KEY 123
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
@@ -284,11 +286,18 @@
#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
#define RSA_R_DATA_TOO_SMALL 111
#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
+#define RSA_R_DE_NOT_CONGRUENT_TO_1 123
#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
+#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
+#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
+#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
+#define RSA_R_N_DOES_NOT_EQUAL_PQ 127
#define RSA_R_OAEP_DECODING_ERROR 121
#define RSA_R_PADDING_CHECK_FAILED 114
+#define RSA_R_P_NOT_PRIME 128
+#define RSA_R_Q_NOT_PRIME 129
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index 0b443af..d165553 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -66,6 +66,7 @@
static ERR_STRING_DATA RSA_str_functs[]=
{
{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"},
+{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"},
{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
@@ -105,11 +106,18 @@
{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
{RSA_R_DATA_TOO_SMALL ,"data too small"},
{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
+{RSA_R_DE_NOT_CONGRUENT_TO_1 ,"de not congruent to 1"},
{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
+{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"},
+{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"},
+{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"},
{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"},
{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
+{RSA_R_N_DOES_NOT_EQUAL_PQ ,"n does not equal pq"},
{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"},
{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
+{RSA_R_P_NOT_PRIME ,"p not prime"},
+{RSA_R_Q_NOT_PRIME ,"q not prime"},
{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
diff --git a/util/libeay.num b/util/libeay.num
index e08ad4e..2761f90 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1841,3 +1841,4 @@
sk_POLICYQUALINFO_sort 1866
sk_X509_CRL_sort 1867
sk_DIST_POINT_sort 1868
+RSA_check_key 1869
