1 /* $OpenBSD: rsa_asn1.c,v 1.15 2019/10/25 14:40:18 jsing Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5 /* ====================================================================
6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 #include <stdio.h>
60
61 #include <openssl/asn1t.h>
62 #include <openssl/bn.h>
63 #include <openssl/rsa.h>
64 #include <openssl/x509.h>
65
66 #include "rsa_locl.h"
67
68 /* Override the default free and new methods */
69 static int
rsa_cb(int operation,ASN1_VALUE ** pval,const ASN1_ITEM * it,void * exarg)70 rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
71 {
72 if (operation == ASN1_OP_NEW_PRE) {
73 *pval = (ASN1_VALUE *)RSA_new();
74 if (*pval)
75 return 2;
76 return 0;
77 } else if (operation == ASN1_OP_FREE_PRE) {
78 RSA_free((RSA *)*pval);
79 *pval = NULL;
80 return 2;
81 }
82 return 1;
83 }
84
85 static const ASN1_AUX RSAPrivateKey_aux = {
86 .app_data = NULL,
87 .flags = 0,
88 .ref_offset = 0,
89 .ref_lock = 0,
90 .asn1_cb = rsa_cb,
91 .enc_offset = 0,
92 };
93 static const ASN1_TEMPLATE RSAPrivateKey_seq_tt[] = {
94 {
95 .flags = 0,
96 .tag = 0,
97 .offset = offsetof(RSA, version),
98 .field_name = "version",
99 .item = &LONG_it,
100 },
101 {
102 .flags = 0,
103 .tag = 0,
104 .offset = offsetof(RSA, n),
105 .field_name = "n",
106 .item = &BIGNUM_it,
107 },
108 {
109 .flags = 0,
110 .tag = 0,
111 .offset = offsetof(RSA, e),
112 .field_name = "e",
113 .item = &BIGNUM_it,
114 },
115 {
116 .flags = 0,
117 .tag = 0,
118 .offset = offsetof(RSA, d),
119 .field_name = "d",
120 .item = &BIGNUM_it,
121 },
122 {
123 .flags = 0,
124 .tag = 0,
125 .offset = offsetof(RSA, p),
126 .field_name = "p",
127 .item = &BIGNUM_it,
128 },
129 {
130 .flags = 0,
131 .tag = 0,
132 .offset = offsetof(RSA, q),
133 .field_name = "q",
134 .item = &BIGNUM_it,
135 },
136 {
137 .flags = 0,
138 .tag = 0,
139 .offset = offsetof(RSA, dmp1),
140 .field_name = "dmp1",
141 .item = &BIGNUM_it,
142 },
143 {
144 .flags = 0,
145 .tag = 0,
146 .offset = offsetof(RSA, dmq1),
147 .field_name = "dmq1",
148 .item = &BIGNUM_it,
149 },
150 {
151 .flags = 0,
152 .tag = 0,
153 .offset = offsetof(RSA, iqmp),
154 .field_name = "iqmp",
155 .item = &BIGNUM_it,
156 },
157 };
158
159 const ASN1_ITEM RSAPrivateKey_it = {
160 .itype = ASN1_ITYPE_SEQUENCE,
161 .utype = V_ASN1_SEQUENCE,
162 .templates = RSAPrivateKey_seq_tt,
163 .tcount = sizeof(RSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE),
164 .funcs = &RSAPrivateKey_aux,
165 .size = sizeof(RSA),
166 .sname = "RSA",
167 };
168
169
170 static const ASN1_AUX RSAPublicKey_aux = {
171 .app_data = NULL,
172 .flags = 0,
173 .ref_offset = 0,
174 .ref_lock = 0,
175 .asn1_cb = rsa_cb,
176 .enc_offset = 0,
177 };
178 static const ASN1_TEMPLATE RSAPublicKey_seq_tt[] = {
179 {
180 .flags = 0,
181 .tag = 0,
182 .offset = offsetof(RSA, n),
183 .field_name = "n",
184 .item = &BIGNUM_it,
185 },
186 {
187 .flags = 0,
188 .tag = 0,
189 .offset = offsetof(RSA, e),
190 .field_name = "e",
191 .item = &BIGNUM_it,
192 },
193 };
194
195 const ASN1_ITEM RSAPublicKey_it = {
196 .itype = ASN1_ITYPE_SEQUENCE,
197 .utype = V_ASN1_SEQUENCE,
198 .templates = RSAPublicKey_seq_tt,
199 .tcount = sizeof(RSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE),
200 .funcs = &RSAPublicKey_aux,
201 .size = sizeof(RSA),
202 .sname = "RSA",
203 };
204
205 static int
rsa_pss_cb(int operation,ASN1_VALUE ** pval,const ASN1_ITEM * it,void * exarg)206 rsa_pss_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
207 {
208 /* Free up maskHash */
209 if (operation == ASN1_OP_FREE_PRE) {
210 RSA_PSS_PARAMS *pss = (RSA_PSS_PARAMS *)*pval;
211 X509_ALGOR_free(pss->maskHash);
212 }
213 return 1;
214 }
215
216 static const ASN1_AUX RSA_PSS_PARAMS_aux = {
217 .app_data = NULL,
218 .flags = 0,
219 .ref_offset = 0,
220 .ref_lock = 0,
221 .asn1_cb = rsa_pss_cb,
222 .enc_offset = 0,
223 };
224
225 static const ASN1_TEMPLATE RSA_PSS_PARAMS_seq_tt[] = {
226 {
227 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
228 .tag = 0,
229 .offset = offsetof(RSA_PSS_PARAMS, hashAlgorithm),
230 .field_name = "hashAlgorithm",
231 .item = &X509_ALGOR_it,
232 },
233 {
234 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
235 .tag = 1,
236 .offset = offsetof(RSA_PSS_PARAMS, maskGenAlgorithm),
237 .field_name = "maskGenAlgorithm",
238 .item = &X509_ALGOR_it,
239 },
240 {
241 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
242 .tag = 2,
243 .offset = offsetof(RSA_PSS_PARAMS, saltLength),
244 .field_name = "saltLength",
245 .item = &ASN1_INTEGER_it,
246 },
247 {
248 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
249 .tag = 3,
250 .offset = offsetof(RSA_PSS_PARAMS, trailerField),
251 .field_name = "trailerField",
252 .item = &ASN1_INTEGER_it,
253 },
254 };
255
256 const ASN1_ITEM RSA_PSS_PARAMS_it = {
257 .itype = ASN1_ITYPE_SEQUENCE,
258 .utype = V_ASN1_SEQUENCE,
259 .templates = RSA_PSS_PARAMS_seq_tt,
260 .tcount = sizeof(RSA_PSS_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
261 .funcs = &RSA_PSS_PARAMS_aux,
262 .size = sizeof(RSA_PSS_PARAMS),
263 .sname = "RSA_PSS_PARAMS",
264 };
265
266 RSA_PSS_PARAMS *
d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS ** a,const unsigned char ** in,long len)267 d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **a, const unsigned char **in, long len)
268 {
269 return (RSA_PSS_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
270 &RSA_PSS_PARAMS_it);
271 }
272
273 int
i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS * a,unsigned char ** out)274 i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS *a, unsigned char **out)
275 {
276 return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_PSS_PARAMS_it);
277 }
278
279 RSA_PSS_PARAMS *
RSA_PSS_PARAMS_new(void)280 RSA_PSS_PARAMS_new(void)
281 {
282 return (RSA_PSS_PARAMS *)ASN1_item_new(&RSA_PSS_PARAMS_it);
283 }
284
285 void
RSA_PSS_PARAMS_free(RSA_PSS_PARAMS * a)286 RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *a)
287 {
288 ASN1_item_free((ASN1_VALUE *)a, &RSA_PSS_PARAMS_it);
289 }
290
291 static int
rsa_oaep_cb(int operation,ASN1_VALUE ** pval,const ASN1_ITEM * it,void * exarg)292 rsa_oaep_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
293 {
294 /* Free up maskHash */
295 if (operation == ASN1_OP_FREE_PRE) {
296 RSA_OAEP_PARAMS *oaep = (RSA_OAEP_PARAMS *)*pval;
297 X509_ALGOR_free(oaep->maskHash);
298 }
299 return 1;
300 }
301
302 static const ASN1_AUX RSA_OAEP_PARAMS_aux = {
303 .app_data = NULL,
304 .flags = 0,
305 .ref_offset = 0,
306 .ref_lock = 0,
307 .asn1_cb = rsa_oaep_cb,
308 .enc_offset = 0,
309 };
310
311 static const ASN1_TEMPLATE RSA_OAEP_PARAMS_seq_tt[] = {
312 {
313 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
314 .tag = 0,
315 .offset = offsetof(RSA_OAEP_PARAMS, hashFunc),
316 .field_name = "hashFunc",
317 .item = &X509_ALGOR_it,
318 },
319 {
320 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
321 .tag = 1,
322 .offset = offsetof(RSA_OAEP_PARAMS, maskGenFunc),
323 .field_name = "maskGenFunc",
324 .item = &X509_ALGOR_it,
325 },
326 {
327 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
328 .tag = 2,
329 .offset = offsetof(RSA_OAEP_PARAMS, pSourceFunc),
330 .field_name = "pSourceFunc",
331 .item = &X509_ALGOR_it,
332 },
333 };
334
335 const ASN1_ITEM RSA_OAEP_PARAMS_it = {
336 .itype = ASN1_ITYPE_SEQUENCE,
337 .utype = V_ASN1_SEQUENCE,
338 .templates = RSA_OAEP_PARAMS_seq_tt,
339 .tcount = sizeof(RSA_OAEP_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
340 .funcs = &RSA_OAEP_PARAMS_aux,
341 .size = sizeof(RSA_OAEP_PARAMS),
342 .sname = "RSA_OAEP_PARAMS",
343 };
344
345
346 RSA_OAEP_PARAMS *
d2i_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS ** a,const unsigned char ** in,long len)347 d2i_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS **a, const unsigned char **in, long len)
348 {
349 return (RSA_OAEP_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
350 &RSA_OAEP_PARAMS_it);
351 }
352
353 int
i2d_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS * a,unsigned char ** out)354 i2d_RSA_OAEP_PARAMS(RSA_OAEP_PARAMS *a, unsigned char **out)
355 {
356 return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_OAEP_PARAMS_it);
357 }
358
359 RSA_OAEP_PARAMS *
RSA_OAEP_PARAMS_new(void)360 RSA_OAEP_PARAMS_new(void)
361 {
362 return (RSA_OAEP_PARAMS *)ASN1_item_new(&RSA_OAEP_PARAMS_it);
363 }
364
365 void
RSA_OAEP_PARAMS_free(RSA_OAEP_PARAMS * a)366 RSA_OAEP_PARAMS_free(RSA_OAEP_PARAMS *a)
367 {
368 ASN1_item_free((ASN1_VALUE *)a, &RSA_OAEP_PARAMS_it);
369 }
370
371 RSA *
d2i_RSAPrivateKey(RSA ** a,const unsigned char ** in,long len)372 d2i_RSAPrivateKey(RSA **a, const unsigned char **in, long len)
373 {
374 return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
375 &RSAPrivateKey_it);
376 }
377
378 int
i2d_RSAPrivateKey(const RSA * a,unsigned char ** out)379 i2d_RSAPrivateKey(const RSA *a, unsigned char **out)
380 {
381 return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPrivateKey_it);
382 }
383
384
385 RSA *
d2i_RSAPublicKey(RSA ** a,const unsigned char ** in,long len)386 d2i_RSAPublicKey(RSA **a, const unsigned char **in, long len)
387 {
388 return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
389 &RSAPublicKey_it);
390 }
391
392 int
i2d_RSAPublicKey(const RSA * a,unsigned char ** out)393 i2d_RSAPublicKey(const RSA *a, unsigned char **out)
394 {
395 return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPublicKey_it);
396 }
397
398 RSA *
RSAPublicKey_dup(RSA * rsa)399 RSAPublicKey_dup(RSA *rsa)
400 {
401 return ASN1_item_dup(&RSAPublicKey_it, rsa);
402 }
403
404 RSA *
RSAPrivateKey_dup(RSA * rsa)405 RSAPrivateKey_dup(RSA *rsa)
406 {
407 return ASN1_item_dup(&RSAPrivateKey_it, rsa);
408 }
409