| /* |
| * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
| * |
| * Licensed under the OpenSSL license (the "License"). You may not use |
| * this file except in compliance with the License. You can obtain a copy |
| * in the file LICENSE in the source distribution or at |
| * https://www.openssl.org/source/license.html |
| */ |
| |
| #include <stdio.h> |
| #include <openssl/crypto.h> |
| #include "internal/cryptlib.h" |
| #include <openssl/lhash.h> |
| #include "internal/bn_int.h" |
| #include <openssl/rand.h> |
| #include <openssl/engine.h> |
| #include "rsa_locl.h" |
| |
| static const RSA_METHOD *default_RSA_meth = NULL; |
| |
| RSA *RSA_new(void) |
| { |
| RSA *r = RSA_new_method(NULL); |
| |
| return r; |
| } |
| |
| void RSA_set_default_method(const RSA_METHOD *meth) |
| { |
| default_RSA_meth = meth; |
| } |
| |
| const RSA_METHOD *RSA_get_default_method(void) |
| { |
| if (default_RSA_meth == NULL) { |
| #ifdef RSA_NULL |
| default_RSA_meth = RSA_null_method(); |
| #else |
| default_RSA_meth = RSA_PKCS1_OpenSSL(); |
| #endif |
| } |
| |
| return default_RSA_meth; |
| } |
| |
| const RSA_METHOD *RSA_get_method(const RSA *rsa) |
| { |
| return rsa->meth; |
| } |
| |
| int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) |
| { |
| /* |
| * NB: The caller is specifically setting a method, so it's not up to us |
| * to deal with which ENGINE it comes from. |
| */ |
| const RSA_METHOD *mtmp; |
| mtmp = rsa->meth; |
| if (mtmp->finish) |
| mtmp->finish(rsa); |
| #ifndef OPENSSL_NO_ENGINE |
| ENGINE_finish(rsa->engine); |
| rsa->engine = NULL; |
| #endif |
| rsa->meth = meth; |
| if (meth->init) |
| meth->init(rsa); |
| return 1; |
| } |
| |
| RSA *RSA_new_method(ENGINE *engine) |
| { |
| RSA *ret = OPENSSL_zalloc(sizeof(*ret)); |
| |
| if (ret == NULL) { |
| RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE); |
| return NULL; |
| } |
| |
| ret->references = 1; |
| ret->lock = CRYPTO_THREAD_lock_new(); |
| if (ret->lock == NULL) { |
| RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE); |
| OPENSSL_free(ret); |
| return NULL; |
| } |
| |
| ret->meth = RSA_get_default_method(); |
| #ifndef OPENSSL_NO_ENGINE |
| ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; |
| if (engine) { |
| if (!ENGINE_init(engine)) { |
| RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); |
| goto err; |
| } |
| ret->engine = engine; |
| } else |
| ret->engine = ENGINE_get_default_RSA(); |
| if (ret->engine) { |
| ret->meth = ENGINE_get_RSA(ret->engine); |
| if (ret->meth == NULL) { |
| RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); |
| goto err; |
| } |
| } |
| #endif |
| |
| ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; |
| if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) { |
| goto err; |
| } |
| |
| if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { |
| RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_INIT_FAIL); |
| goto err; |
| } |
| |
| return ret; |
| |
| err: |
| RSA_free(ret); |
| return NULL; |
| } |
| |
| void RSA_free(RSA *r) |
| { |
| int i; |
| |
| if (r == NULL) |
| return; |
| |
| CRYPTO_atomic_add(&r->references, -1, &i, r->lock); |
| REF_PRINT_COUNT("RSA", r); |
| if (i > 0) |
| return; |
| REF_ASSERT_ISNT(i < 0); |
| |
| if (r->meth->finish) |
| r->meth->finish(r); |
| #ifndef OPENSSL_NO_ENGINE |
| ENGINE_finish(r->engine); |
| #endif |
| |
| CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); |
| |
| CRYPTO_THREAD_lock_free(r->lock); |
| |
| BN_clear_free(r->n); |
| BN_clear_free(r->e); |
| BN_clear_free(r->d); |
| BN_clear_free(r->p); |
| BN_clear_free(r->q); |
| BN_clear_free(r->dmp1); |
| BN_clear_free(r->dmq1); |
| BN_clear_free(r->iqmp); |
| BN_BLINDING_free(r->blinding); |
| BN_BLINDING_free(r->mt_blinding); |
| OPENSSL_free(r->bignum_data); |
| OPENSSL_free(r); |
| } |
| |
| int RSA_up_ref(RSA *r) |
| { |
| int i; |
| |
| if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) |
| return 0; |
| |
| REF_PRINT_COUNT("RSA", r); |
| REF_ASSERT_ISNT(i < 2); |
| return ((i > 1) ? 1 : 0); |
| } |
| |
| int RSA_set_ex_data(RSA *r, int idx, void *arg) |
| { |
| return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); |
| } |
| |
| void *RSA_get_ex_data(const RSA *r, int idx) |
| { |
| return (CRYPTO_get_ex_data(&r->ex_data, idx)); |
| } |
| |
| int RSA_memory_lock(RSA *r) |
| { |
| int i, j, k, off; |
| char *p; |
| BIGNUM *bn, **t[6], *b; |
| BN_ULONG *ul; |
| |
| if (r->d == NULL) |
| return (1); |
| t[0] = &r->d; |
| t[1] = &r->p; |
| t[2] = &r->q; |
| t[3] = &r->dmp1; |
| t[4] = &r->dmq1; |
| t[5] = &r->iqmp; |
| k = bn_sizeof_BIGNUM() * 6; |
| off = k / sizeof(BN_ULONG) + 1; |
| j = 1; |
| for (i = 0; i < 6; i++) |
| j += bn_get_top(*t[i]); |
| if ((p = OPENSSL_malloc((off + j) * sizeof(*p))) == NULL) { |
| RSAerr(RSA_F_RSA_MEMORY_LOCK, ERR_R_MALLOC_FAILURE); |
| return (0); |
| } |
| memset(p, 0, sizeof(*p) * (off + j)); |
| bn = (BIGNUM *)p; |
| ul = (BN_ULONG *)&(p[off]); |
| for (i = 0; i < 6; i++) { |
| b = *(t[i]); |
| *(t[i]) = bn_array_el(bn, i); |
| memcpy(bn_array_el(bn, i), b, bn_sizeof_BIGNUM()); |
| memcpy(ul, bn_get_words(b), sizeof(*ul) * bn_get_top(b)); |
| bn_set_static_words(bn_array_el(bn, i), ul, bn_get_top(b)); |
| ul += bn_get_top(b); |
| BN_clear_free(b); |
| } |
| |
| /* I should fix this so it can still be done */ |
| r->flags &= ~(RSA_FLAG_CACHE_PRIVATE | RSA_FLAG_CACHE_PUBLIC); |
| |
| r->bignum_data = p; |
| return (1); |
| } |
| |
| int RSA_security_bits(const RSA *rsa) |
| { |
| return BN_security_bits(BN_num_bits(rsa->n), -1); |
| } |
| |
| int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) |
| { |
| /* If the fields in r are NULL, the corresponding input |
| * parameters MUST be non-NULL for n and e. d may be |
| * left NULL (in case only the public key is used). |
| * |
| * It is an error to give the results from get0 on r |
| * as input parameters. |
| */ |
| if (n == r->n || e == r->e |
| || (r->d != NULL && d == r->d)) |
| return 0; |
| |
| if (n != NULL) { |
| BN_free(r->n); |
| r->n = n; |
| } |
| if (e != NULL) { |
| BN_free(r->e); |
| r->e = e; |
| } |
| if (d != NULL) { |
| BN_free(r->d); |
| r->d = d; |
| } |
| |
| return 1; |
| } |
| |
| int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) |
| { |
| /* If the fields in r are NULL, the corresponding input |
| * parameters MUST be non-NULL. |
| * |
| * It is an error to give the results from get0 on r |
| * as input parameters. |
| */ |
| if (p == r->p || q == r->q) |
| return 0; |
| |
| if (p != NULL) { |
| BN_free(r->p); |
| r->p = p; |
| } |
| if (q != NULL) { |
| BN_free(r->q); |
| r->q = q; |
| } |
| |
| return 1; |
| } |
| |
| int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) |
| { |
| /* If the fields in r are NULL, the corresponding input |
| * parameters MUST be non-NULL. |
| * |
| * It is an error to give the results from get0 on r |
| * as input parameters. |
| */ |
| if (dmp1 == r->dmp1 || dmq1 == r->dmq1 || iqmp == r->iqmp) |
| return 0; |
| |
| if (dmp1 != NULL) { |
| BN_free(r->dmp1); |
| r->dmp1 = dmp1; |
| } |
| if (dmq1 != NULL) { |
| BN_free(r->dmq1); |
| r->dmq1 = dmq1; |
| } |
| if (iqmp != NULL) { |
| BN_free(r->iqmp); |
| r->iqmp = iqmp; |
| } |
| |
| return 1; |
| } |
| |
| void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d) |
| { |
| if (n != NULL) |
| *n = r->n; |
| if (e != NULL) |
| *e = r->e; |
| if (d != NULL) |
| *d = r->d; |
| } |
| |
| void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q) |
| { |
| if (p != NULL) |
| *p = r->p; |
| if (q != NULL) |
| *q = r->q; |
| } |
| |
| void RSA_get0_crt_params(const RSA *r, |
| BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp) |
| { |
| if (dmp1 != NULL) |
| *dmp1 = r->dmp1; |
| if (dmq1 != NULL) |
| *dmq1 = r->dmq1; |
| if (iqmp != NULL) |
| *iqmp = r->iqmp; |
| } |
| |
| void RSA_clear_flags(RSA *r, int flags) |
| { |
| r->flags &= ~flags; |
| } |
| |
| int RSA_test_flags(const RSA *r, int flags) |
| { |
| return r->flags & flags; |
| } |
| |
| void RSA_set_flags(RSA *r, int flags) |
| { |
| r->flags |= flags; |
| } |
| |
| ENGINE *RSA_get0_engine(RSA *r) |
| { |
| return r->engine; |
| } |
