Commit 9862e9aa authored by Richard Levitte's avatar Richard Levitte
Browse files

Make the RSA structure opaque 



Move rsa_st away from public headers.
Add accessor/writer functions for the public RSA data.
Adapt all other source to use the accessors and writers.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent 3e41ac35

apps/genrsa.c

+7 −5
Original line number Diff line number Diff line
@@ -104,9 +104,10 @@ int genrsa_main(int argc, char **argv) 
{

    BN_GENCB *cb = BN_GENCB_new();

    PW_CB_DATA cb_data;

    ENGINE *e = NULL;

    ENGINE *eng = NULL;

    BIGNUM *bn = BN_new();

    BIO *out = NULL;

    BIGNUM *e;

    RSA *rsa = NULL;

    const EVP_CIPHER *enc = NULL;

    int ret = 1, num = DEFBITS, private = 0;
@@ -141,7 +142,7 @@ int genrsa_main(int argc, char **argv) 
            outfile = opt_arg();

            break;

        case OPT_ENGINE:

            e = setup_engine(opt_arg(), 0);

            eng = setup_engine(opt_arg(), 0);

            break;

        case OPT_RAND:

            inrand = opt_arg();
@@ -182,7 +183,7 @@ int genrsa_main(int argc, char **argv) 


    BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",

               num);

    rsa = e ? RSA_new_method(e) : RSA_new();

    rsa = eng ? RSA_new_method(eng) : RSA_new();

    if (rsa == NULL)

        goto end;
@@ -191,8 +192,9 @@ int genrsa_main(int argc, char **argv) 


    app_RAND_write_file(NULL);



    hexe = BN_bn2hex(rsa->e);

    dece = BN_bn2dec(rsa->e);

    RSA_get0_key(rsa, NULL, &e, NULL);

    hexe = BN_bn2hex(e);

    dece = BN_bn2dec(e);

    if (hexe && dece) {

        BIO_printf(bio_err, "e is %s (0x%s)\n", dece, hexe);

    }

apps/req.c

+5 −3
Original line number Diff line number Diff line
@@ -811,9 +811,11 @@ int req_main(int argc, char **argv) 
        }

        fprintf(stdout, "Modulus=");

#ifndef OPENSSL_NO_RSA

        if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)

            BN_print(out, EVP_PKEY_get0_RSA(tpubkey)->n);

        else

        if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) {

            BIGNUM *n;

            RSA_get0_key(EVP_PKEY_get0_RSA(tpubkey), &n, NULL, NULL);

            BN_print(out, n);

        } else

#endif

            fprintf(stdout, "Wrong Algorithm type");

        EVP_PKEY_free(tpubkey);

apps/rsa.c

+3 −1
Original line number Diff line number Diff line
@@ -310,8 +310,10 @@ int rsa_main(int argc, char **argv) 
    }



    if (modulus) {

        BIGNUM *n;

        RSA_get0_key(rsa, &n, NULL, NULL);

        BIO_printf(out, "Modulus=");

        BN_print(out, rsa->n);

        BN_print(out, n);

        BIO_printf(out, "\n");

    }

apps/x509.c

+5 −3
Original line number Diff line number Diff line
@@ -727,9 +727,11 @@ int x509_main(int argc, char **argv) 
                }

                BIO_printf(out, "Modulus=");

#ifndef OPENSSL_NO_RSA

                if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA)

                    BN_print(out, EVP_PKEY_get0_RSA(pkey)->n);

                else

                if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {

                    BIGNUM *n;

                    RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &n, NULL, NULL);

                    BN_print(out, n);

                } else

#endif

#ifndef OPENSSL_NO_DSA

                if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) {

crypto/pem/pvkfmt.c

+51 −32
Original line number Diff line number Diff line
@@ -353,8 +353,9 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, 
static EVP_PKEY *b2i_rsa(const unsigned char **in,

                         unsigned int bitlen, int ispub)

{

    const unsigned char *p = *in;

    const unsigned char *pin = *in;

    EVP_PKEY *ret = NULL;

    BIGNUM *e = NULL, *n = NULL, *d = NULL;

    RSA *rsa = NULL;

    unsigned int nbyte, hnbyte;

    nbyte = (bitlen + 7) >> 3;
@@ -363,31 +364,35 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in, 
    ret = EVP_PKEY_new();

    if (rsa == NULL || ret == NULL)

        goto memerr;

    rsa->e = BN_new();

    if (rsa->e == NULL)

    e = BN_new();

    if (e == NULL)

        goto memerr;

    if (!BN_set_word(rsa->e, read_ledword(&p)))

    if (!BN_set_word(e, read_ledword(&pin)))

        goto memerr;

    if (!read_lebn(&p, nbyte, &rsa->n))

    if (!read_lebn(&pin, nbyte, &n))

        goto memerr;

    if (!ispub) {

        if (!read_lebn(&p, hnbyte, &rsa->p))

        BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;

        if (!read_lebn(&pin, hnbyte, &p))

            goto memerr;

        if (!read_lebn(&p, hnbyte, &rsa->q))

        if (!read_lebn(&pin, hnbyte, &q))

            goto memerr;

        if (!read_lebn(&p, hnbyte, &rsa->dmp1))

        if (!read_lebn(&pin, hnbyte, &dmp1))

            goto memerr;

        if (!read_lebn(&p, hnbyte, &rsa->dmq1))

        if (!read_lebn(&pin, hnbyte, &dmq1))

            goto memerr;

        if (!read_lebn(&p, hnbyte, &rsa->iqmp))

        if (!read_lebn(&pin, hnbyte, &iqmp))

            goto memerr;

        if (!read_lebn(&p, nbyte, &rsa->d))

        if (!read_lebn(&pin, nbyte, &d))

            goto memerr;

        RSA_set0_factors(rsa, p, q);

        RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp);

    }

    RSA_set0_key(rsa, e, n, d);



    EVP_PKEY_set1_RSA(ret, rsa);

    RSA_free(rsa);

    *in = p;

    *in = pin;

    return ret;

 memerr:

    PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
@@ -530,26 +535,35 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) 
static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)

{

    int nbyte, hnbyte, bitlen;

    if (BN_num_bits(rsa->e) > 32)

    BIGNUM *e;



    RSA_get0_key(rsa, &e, NULL, NULL);

    if (BN_num_bits(e) > 32)

        goto badkey;

    bitlen = BN_num_bits(rsa->n);

    nbyte = BN_num_bytes(rsa->n);

    hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;

    bitlen = RSA_bits(rsa);

    nbyte = RSA_size(rsa);

    hnbyte = (bitlen + 15) >> 4;

    if (ispub) {

        *pmagic = MS_RSA1MAGIC;

        return bitlen;

    } else {

        BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1;



        *pmagic = MS_RSA2MAGIC;



        /*

         * For private key each component must fit within nbyte or hnbyte.

         */

        if (BN_num_bytes(rsa->d) > nbyte)

        RSA_get0_key(rsa, NULL, NULL, &d);

        if (BN_num_bytes(d) > nbyte)

            goto badkey;

        if ((BN_num_bytes(rsa->iqmp) > hnbyte)

            || (BN_num_bytes(rsa->p) > hnbyte)

            || (BN_num_bytes(rsa->q) > hnbyte)

            || (BN_num_bytes(rsa->dmp1) > hnbyte)

            || (BN_num_bytes(rsa->dmq1) > hnbyte))

        RSA_get0_factors(rsa, &p, &q);

        RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);

        if ((BN_num_bytes(iqmp) > hnbyte)

            || (BN_num_bytes(p) > hnbyte)

            || (BN_num_bytes(q) > hnbyte)

            || (BN_num_bytes(dmp1) > hnbyte)

            || (BN_num_bytes(dmq1) > hnbyte))

            goto badkey;

    }

    return bitlen;
@@ -561,18 +575,23 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) 
static void write_rsa(unsigned char **out, RSA *rsa, int ispub)

{

    int nbyte, hnbyte;

    nbyte = BN_num_bytes(rsa->n);

    hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;

    write_lebn(out, rsa->e, 4);

    write_lebn(out, rsa->n, -1);

    BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1;



    nbyte = RSA_size(rsa);

    hnbyte = (RSA_bits(rsa) + 15) >> 4;

    RSA_get0_key(rsa, &e, &n, &d);

    write_lebn(out, e, 4);

    write_lebn(out, n, -1);

    if (ispub)

        return;

    write_lebn(out, rsa->p, hnbyte);

    write_lebn(out, rsa->q, hnbyte);

    write_lebn(out, rsa->dmp1, hnbyte);

    write_lebn(out, rsa->dmq1, hnbyte);

    write_lebn(out, rsa->iqmp, hnbyte);

    write_lebn(out, rsa->d, nbyte);

    RSA_get0_factors(rsa, &p, &q);

    RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);

    write_lebn(out, p, hnbyte);

    write_lebn(out, q, hnbyte);

    write_lebn(out, dmp1, hnbyte);

    write_lebn(out, dmq1, hnbyte);

    write_lebn(out, iqmp, hnbyte);

    write_lebn(out, d, nbyte);

}



static void write_dsa(unsigned char **out, DSA *dsa, int ispub)