xref: /openbsd/lib/libcrypto/rsa/rsa_asn1.c (revision 4bdff4be) 
1 /* $OpenBSD: rsa_asn1.c,v 1.17 2023/07/08 12:26:45 beck Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3  * project 2000.
4  */
5 /* ====================================================================
6  * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58 
59 #include <stdio.h>
60 
61 #include <openssl/asn1t.h>
62 #include <openssl/bn.h>
63 #include <openssl/rsa.h>
64 #include <openssl/x509.h>
65 
66 #include "rsa_local.h"
67 
68 /* Override the default free and new methods */
69 static int
70 rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
71 {
72 	if (operation == ASN1_OP_NEW_PRE) {
73 		*pval = (ASN1_VALUE *)RSA_new();
74 		if (*pval)
75 			return 2;
76 		return 0;
77 	} else if (operation == ASN1_OP_FREE_PRE) {
78 		RSA_free((RSA *)*pval);
79 		*pval = NULL;
80 		return 2;
81 	}
82 	return 1;
83 }
84 
85 static const ASN1_AUX RSAPrivateKey_aux = {
86 	.app_data = NULL,
87 	.flags = 0,
88 	.ref_offset = 0,
89 	.ref_lock = 0,
90 	.asn1_cb = rsa_cb,
91 	.enc_offset = 0,
92 };
93 static const ASN1_TEMPLATE RSAPrivateKey_seq_tt[] = {
94 	{
95 		.flags = 0,
96 		.tag = 0,
97 		.offset = offsetof(RSA, version),
98 		.field_name = "version",
99 		.item = &LONG_it,
100 	},
101 	{
102 		.flags = 0,
103 		.tag = 0,
104 		.offset = offsetof(RSA, n),
105 		.field_name = "n",
106 		.item = &BIGNUM_it,
107 	},
108 	{
109 		.flags = 0,
110 		.tag = 0,
111 		.offset = offsetof(RSA, e),
112 		.field_name = "e",
113 		.item = &BIGNUM_it,
114 	},
115 	{
116 		.flags = 0,
117 		.tag = 0,
118 		.offset = offsetof(RSA, d),
119 		.field_name = "d",
120 		.item = &BIGNUM_it,
121 	},
122 	{
123 		.flags = 0,
124 		.tag = 0,
125 		.offset = offsetof(RSA, p),
126 		.field_name = "p",
127 		.item = &BIGNUM_it,
128 	},
129 	{
130 		.flags = 0,
131 		.tag = 0,
132 		.offset = offsetof(RSA, q),
133 		.field_name = "q",
134 		.item = &BIGNUM_it,
135 	},
136 	{
137 		.flags = 0,
138 		.tag = 0,
139 		.offset = offsetof(RSA, dmp1),
140 		.field_name = "dmp1",
141 		.item = &BIGNUM_it,
142 	},
143 	{
144 		.flags = 0,
145 		.tag = 0,
146 		.offset = offsetof(RSA, dmq1),
147 		.field_name = "dmq1",
148 		.item = &BIGNUM_it,
149 	},
150 	{
151 		.flags = 0,
152 		.tag = 0,
153 		.offset = offsetof(RSA, iqmp),
154 		.field_name = "iqmp",
155 		.item = &BIGNUM_it,
156 	},
157 };
158 
159 const ASN1_ITEM RSAPrivateKey_it = {
160 	.itype = ASN1_ITYPE_SEQUENCE,
161 	.utype = V_ASN1_SEQUENCE,
162 	.templates = RSAPrivateKey_seq_tt,
163 	.tcount = sizeof(RSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE),
164 	.funcs = &RSAPrivateKey_aux,
165 	.size = sizeof(RSA),
166 	.sname = "RSA",
167 };
168 
169 
170 static const ASN1_AUX RSAPublicKey_aux = {
171 	.app_data = NULL,
172 	.flags = 0,
173 	.ref_offset = 0,
174 	.ref_lock = 0,
175 	.asn1_cb = rsa_cb,
176 	.enc_offset = 0,
177 };
178 static const ASN1_TEMPLATE RSAPublicKey_seq_tt[] = {
179 	{
180 		.flags = 0,
181 		.tag = 0,
182 		.offset = offsetof(RSA, n),
183 		.field_name = "n",
184 		.item = &BIGNUM_it,
185 	},
186 	{
187 		.flags = 0,
188 		.tag = 0,
189 		.offset = offsetof(RSA, e),
190 		.field_name = "e",
191 		.item = &BIGNUM_it,
192 	},
193 };
194 
195 const ASN1_ITEM RSAPublicKey_it = {
196 	.itype = ASN1_ITYPE_SEQUENCE,
197 	.utype = V_ASN1_SEQUENCE,
198 	.templates = RSAPublicKey_seq_tt,
199 	.tcount = sizeof(RSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE),
200 	.funcs = &RSAPublicKey_aux,
201 	.size = sizeof(RSA),
202 	.sname = "RSA",
203 };
204 
205 static int
206 rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
207 {
208 	/* Free up maskHash */
209 	if (operation == ASN1_OP_FREE_PRE) {
210 		RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval;
211 		X509_ALGOR_free(pss->maskHash);
212 	}
213 	return 1;
214 }
215 
216 static const ASN1_AUX RSA_PSS_PARAMS_aux = {
217 	.app_data = NULL,
218 	.flags = 0,
219 	.ref_offset = 0,
220 	.ref_lock = 0,
221 	.asn1_cb = rsa_pss_cb,
222 	.enc_offset = 0,
223 };
224 
225 static const ASN1_TEMPLATE RSA_PSS_PARAMS_seq_tt[] = {
226 	{
227 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
228 		.tag = 0,
229 		.offset = offsetof(RSA_PSS_PARAMS, hashAlgorithm),
230 		.field_name = "hashAlgorithm",
231 		.item = &X509_ALGOR_it,
232 	},
233 	{
234 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
235 		.tag = 1,
236 		.offset = offsetof(RSA_PSS_PARAMS, maskGenAlgorithm),
237 		.field_name = "maskGenAlgorithm",
238 		.item = &X509_ALGOR_it,
239 	},
240 	{
241 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
242 		.tag = 2,
243 		.offset = offsetof(RSA_PSS_PARAMS, saltLength),
244 		.field_name = "saltLength",
245 		.item = &ASN1_INTEGER_it,
246 	},
247 	{
248 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
249 		.tag = 3,
250 		.offset = offsetof(RSA_PSS_PARAMS, trailerField),
251 		.field_name = "trailerField",
252 		.item = &ASN1_INTEGER_it,
253 	},
254 };
255 
256 const ASN1_ITEM RSA_PSS_PARAMS_it = {
257 	.itype = ASN1_ITYPE_SEQUENCE,
258 	.utype = V_ASN1_SEQUENCE,
259 	.templates = RSA_PSS_PARAMS_seq_tt,
260 	.tcount = sizeof(RSA_PSS_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
261 	.funcs = &RSA_PSS_PARAMS_aux,
262 	.size = sizeof(RSA_PSS_PARAMS),
263 	.sname = "RSA_PSS_PARAMS",
264 };
265 
266 RSA_PSS_PARAMS *
267 d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **a, const unsigned char **in, long len)
268 {
269 	return (RSA_PSS_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
270 	    &RSA_PSS_PARAMS_it);
271 }
272 LCRYPTO_ALIAS(d2i_RSA_PSS_PARAMS);
273 
274 int
275 i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS *a, unsigned char **out)
276 {
277 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_PSS_PARAMS_it);
278 }
279 LCRYPTO_ALIAS(i2d_RSA_PSS_PARAMS);
280 
281 RSA_PSS_PARAMS *
282 RSA_PSS_PARAMS_new(void)
283 {
284 	return (RSA_PSS_PARAMS *)ASN1_item_new(&RSA_PSS_PARAMS_it);
285 }
286 LCRYPTO_ALIAS(RSA_PSS_PARAMS_new);
287 
288 void
289 RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *a)
290 {
291 	ASN1_item_free((ASN1_VALUE *)a, &RSA_PSS_PARAMS_it);
292 }
293 LCRYPTO_ALIAS(RSA_PSS_PARAMS_free);
294 
295 static int
296 rsa_oaep_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
297 {
298 	/* Free up maskHash */
299 	if (operation == ASN1_OP_FREE_PRE) {
300 		RSA_OAEP_PARAMS *oaep = (RSA_OAEP_PARAMS *)*pval;
301 		X509_ALGOR_free(oaep->maskHash);
302 	}
303 	return 1;
304 }
305 
306 static const ASN1_AUX RSA_OAEP_PARAMS_aux = {
307 	.app_data = NULL,
308 	.flags = 0,
309 	.ref_offset = 0,
310 	.ref_lock = 0,
311 	.asn1_cb = rsa_oaep_cb,
312 	.enc_offset = 0,
313 };
314 
315 static const ASN1_TEMPLATE RSA_OAEP_PARAMS_seq_tt[] = {
316 	{
317 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
318 		.tag = 0,
319 		.offset = offsetof(RSA_OAEP_PARAMS, hashFunc),
320 		.field_name = "hashFunc",
321 		.item = &X509_ALGOR_it,
322 	},
323 	{
324 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
325 		.tag = 1,
326 		.offset = offsetof(RSA_OAEP_PARAMS, maskGenFunc),
327 		.field_name = "maskGenFunc",
328 		.item = &X509_ALGOR_it,
329 	},
330 	{
331 		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
332 		.tag = 2,
333 		.offset = offsetof(RSA_OAEP_PARAMS, pSourceFunc),
334 		.field_name = "pSourceFunc",
335 		.item = &X509_ALGOR_it,
336 	},
337 };
338 
339 const ASN1_ITEM RSA_OAEP_PARAMS_it = {
340 	.itype = ASN1_ITYPE_SEQUENCE,
341 	.utype = V_ASN1_SEQUENCE,
342 	.templates = RSA_OAEP_PARAMS_seq_tt,
343 	.tcount = sizeof(RSA_OAEP_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
344 	.funcs = &RSA_OAEP_PARAMS_aux,
345 	.size = sizeof(RSA_OAEP_PARAMS),
346 	.sname = "RSA_OAEP_PARAMS",
347 };
348 
349 
350 RSA_OAEP_PARAMS *
351 d2i_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS **a, const unsigned char **in, long len)
352 {
353 	return (RSA_OAEP_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
354 	    &RSA_OAEP_PARAMS_it);
355 }
356 LCRYPTO_ALIAS(d2i_RSA_OAEP_PARAMS);
357 
358 int
359 i2d_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS *a, unsigned char **out)
360 {
361 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_OAEP_PARAMS_it);
362 }
363 LCRYPTO_ALIAS(i2d_RSA_OAEP_PARAMS);
364 
365 RSA_OAEP_PARAMS *
366 RSA_OAEP_PARAMS_new(void)
367 {
368 	return (RSA_OAEP_PARAMS *)ASN1_item_new(&RSA_OAEP_PARAMS_it);
369 }
370 LCRYPTO_ALIAS(RSA_OAEP_PARAMS_new);
371 
372 void
373 RSA_OAEP_PARAMS_free(RSA_OAEP_PARAMS *a)
374 {
375 	ASN1_item_free((ASN1_VALUE *)a, &RSA_OAEP_PARAMS_it);
376 }
377 LCRYPTO_ALIAS(RSA_OAEP_PARAMS_free);
378 
379 RSA *
380 d2i_RSAPrivateKey(RSA **a, const unsigned char **in, long len)
381 {
382 	return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
383 	    &RSAPrivateKey_it);
384 }
385 LCRYPTO_ALIAS(d2i_RSAPrivateKey);
386 
387 int
388 i2d_RSAPrivateKey(const RSA *a, unsigned char **out)
389 {
390 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPrivateKey_it);
391 }
392 LCRYPTO_ALIAS(i2d_RSAPrivateKey);
393 
394 
395 RSA *
396 d2i_RSAPublicKey(RSA **a, const unsigned char **in, long len)
397 {
398 	return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
399 	    &RSAPublicKey_it);
400 }
401 LCRYPTO_ALIAS(d2i_RSAPublicKey);
402 
403 int
404 i2d_RSAPublicKey(const RSA *a, unsigned char **out)
405 {
406 	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPublicKey_it);
407 }
408 LCRYPTO_ALIAS(i2d_RSAPublicKey);
409 
410 RSA *
411 RSAPublicKey_dup(RSA *rsa)
412 {
413 	return ASN1_item_dup(&RSAPublicKey_it, rsa);
414 }
415 LCRYPTO_ALIAS(RSAPublicKey_dup);
416 
417 RSA *
418 RSAPrivateKey_dup(RSA *rsa)
419 {
420 	return ASN1_item_dup(&RSAPrivateKey_it, rsa);
421 }
422 LCRYPTO_ALIAS(RSAPrivateKey_dup);
423