Attachment #525206 for bug #651170

View | Details | Raw Unified | Return to bug 651170
Collapse All | Expand All





#define THROW(p_result) if (!(p_result)) { error = 1; goto err; }

#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
static void RSA_get0_key(const RSA *r,
                         const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
{
    if (n != NULL)
        *n = r->n;
    if (e != NULL)
        *e = r->e;
    if (d != NULL)
        *d = r->d;
}

static int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
{
    /* If the fields n and e in r are NULL, the corresponding input
     * parameters MUST be non-NULL for n and e.  d may be
     * left NULL (in case only the public key is used).
     */
    if ((r->n == NULL && n == NULL)
        || (r->e == NULL && e == NULL))
        return 0;

    if (n != NULL) {
        BN_free(r->n);
        r->n = n;
    }
    if (e != NULL) {
        BN_free(r->e);
        r->e = e;
    }
    if (d != NULL) {
        BN_free(r->d);
        r->d = d;
    }

    return 1;
}

static int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
{
    /* If the fields p and q in r are NULL, the corresponding input
     * parameters MUST be non-NULL.
     */
    if ((r->p == NULL && p == NULL)
        || (r->q == NULL && q == NULL))
        return 0;

    if (p != NULL) {
        BN_free(r->p);
        r->p = p;
    }
    if (q != NULL) {
        BN_free(r->q);
        r->q = q;
    }

    return 1;
}

static void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
{
    if (p != NULL)
        *p = r->p;
    if (q != NULL)
        *q = r->q;
}

static int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
{
    /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
     * parameters MUST be non-NULL.
     */
    if ((r->dmp1 == NULL && dmp1 == NULL)
        || (r->dmq1 == NULL && dmq1 == NULL)
        || (r->iqmp == NULL && iqmp == NULL))
        return 0;

    if (dmp1 != NULL) {
        BN_free(r->dmp1);
        r->dmp1 = dmp1;
    }
    if (dmq1 != NULL) {
        BN_free(r->dmq1);
        r->dmq1 = dmq1;
    }
    if (iqmp != NULL) {
        BN_free(r->iqmp);
        r->iqmp = iqmp;
    }

    return 1;
}

static void RSA_get0_crt_params(const RSA *r,
                                const BIGNUM **dmp1, const BIGNUM **dmq1,
                                const BIGNUM **iqmp)
{
    if (dmp1 != NULL)
        *dmp1 = r->dmp1;
    if (dmq1 != NULL)
        *dmq1 = r->dmq1;
    if (iqmp != NULL)
        *iqmp = r->iqmp;
}
#endif

char _is_private(rsaData* p_rsa)
{
    const BIGNUM *d;

    RSA_get0_key(p_rsa->rsa, NULL, NULL, &d);
    return(d != NULL);
}

SV* make_rsa_obj(SV* p_proto, RSA* p_rsa)

    }
}

SV* bn2sv(const BIGNUM* p_bn)
{
    return p_bn != NULL
        ? sv_2mortal(newSViv((IV) BN_dup(p_bn)))

    unsigned long exponent;
  PREINIT:
    RSA* rsa;
    BIGNUM *e;
  CODE:
    e = BN_new();
    CHECK_OPEN_SSL(e);
    rsa = RSA_new();
    CHECK_OPEN_SSL(rsa);
    BN_set_word(e, exponent);
    CHECK_OPEN_SSL(RSA_generate_key_ex(rsa, SvIV(bitsSV), e, NULL));
    BN_free(e);
    RETVAL = make_rsa_obj(proto, rsa);
  OUTPUT:
    RETVAL

        croak("At least a modulous and public key must be provided");
    }
    CHECK_OPEN_SSL(rsa = RSA_new());
    CHECK_OPEN_SSL(RSA_set0_key(rsa, n, e, NULL));
    rsa->e = e;
    if (p || q)
    {
        BIGNUM *dmp1, *dmq1, *iqmp;

        error = 0;
        THROW(ctx = BN_CTX_new());
        if (!p)

            q = BN_new();
            THROW(BN_div(q, NULL, n, p, ctx));
        }
        CHECK_OPEN_SSL(RSA_set0_factors(rsa, p, q));
        rsa->q = q;
        THROW(p_minus_1 = BN_new());
        THROW(BN_sub(p_minus_1, p, BN_value_one()));
        THROW(q_minus_1 = BN_new());

            THROW(BN_mul(d, p_minus_1, q_minus_1, ctx));
            THROW(BN_mod_inverse(d, e, d, ctx));
        }
        CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d));

        THROW(dmp1 = BN_new());
        THROW(dmq1 = BN_new());
        THROW(iqmp = BN_new());

        THROW(BN_mod(dmp1, d, p_minus_1, ctx));
        THROW(BN_mod(dmq1, d, q_minus_1, ctx));
        THROW(BN_mod_inverse(iqmp, q, p, ctx));

        CHECK_OPEN_SSL(RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp));
        THROW(RSA_check_key(rsa) == 1);
     err:
        if (p_minus_1) BN_clear_free(p_minus_1);

    }
    else
    {
        CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d));
    }
    RETVAL = make_rsa_obj(proto, rsa);
}

PPCODE:
{
    RSA* rsa;
    const BIGNUM *n, *e, *d, *p, *q;
    const BIGNUM *dmp1, *dmq1, *iqmp;

    rsa = p_rsa->rsa;
    RSA_get0_key(rsa, &n, &e, &d);
    RSA_get0_factors(rsa, &p, &q);
    RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
    XPUSHs(bn2sv(n));
    XPUSHs(bn2sv(e));
    XPUSHs(bn2sv(d));
    XPUSHs(bn2sv(p));
    XPUSHs(bn2sv(q));
    XPUSHs(bn2sv(dmp1));
    XPUSHs(bn2sv(dmq1));
    XPUSHs(bn2sv(iqmp));
}

SV*
- 

Return to bug 651170

Lines 47-55 void croakSsl(char* p_file, int p_line) Link Here

(-)a/RSA.xs (-24 / +150 lines)
47		47
48	#define THROW(p_result) if (!(p_result)) { error = 1; goto err; }	48	#define THROW(p_result) if (!(p_result)) { error = 1; goto err; }
49		49
		50	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| \
		51	(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
		52	static void RSA_get0_key(const RSA *r,
		53	const BIGNUM n, const BIGNUM e, const BIGNUM **d)
		54	{
		55	if (n != NULL)
		56	*n = r->n;
		57	if (e != NULL)
		58	*e = r->e;
		59	if (d != NULL)
		60	*d = r->d;
		61	}
		62
		63	static int RSA_set0_key(RSA r, BIGNUM n, BIGNUM e, BIGNUM d)
		64	{
		65	/* If the fields n and e in r are NULL, the corresponding input
		66	* parameters MUST be non-NULL for n and e. d may be
		67	* left NULL (in case only the public key is used).
		68	*/
		69	if ((r->n == NULL && n == NULL)
		70	\|\| (r->e == NULL && e == NULL))
		71	return 0;
		72
		73	if (n != NULL) {
		74	BN_free(r->n);
		75	r->n = n;
		76	}
		77	if (e != NULL) {
		78	BN_free(r->e);
		79	r->e = e;
		80	}
		81	if (d != NULL) {
		82	BN_free(r->d);
		83	r->d = d;
		84	}
		85
		86	return 1;
		87	}
		88
		89	static int RSA_set0_factors(RSA r, BIGNUM p, BIGNUM *q)
		90	{
		91	/* If the fields p and q in r are NULL, the corresponding input
		92	* parameters MUST be non-NULL.
		93	*/
		94	if ((r->p == NULL && p == NULL)
		95	\|\| (r->q == NULL && q == NULL))
		96	return 0;
		97
		98	if (p != NULL) {
		99	BN_free(r->p);
		100	r->p = p;
		101	}
		102	if (q != NULL) {
		103	BN_free(r->q);
		104	r->q = q;
		105	}
		106
		107	return 1;
		108	}
		109
		110	static void RSA_get0_factors(const RSA r, const BIGNUM p, const BIGNUM *q)
		111	{
		112	if (p != NULL)
		113	*p = r->p;
114	if (q != NULL)
115	*q = r->q;
116	}
117
118	static int RSA_set0_crt_params(RSA r, BIGNUM dmp1, BIGNUM dmq1, BIGNUM iqmp)
119	{
120	/* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
121	* parameters MUST be non-NULL.
122	*/
123	if ((r->dmp1 == NULL && dmp1 == NULL)
124	\|\| (r->dmq1 == NULL && dmq1 == NULL)
125	\|\| (r->iqmp == NULL && iqmp == NULL))
126	return 0;
127
128	if (dmp1 != NULL) {
129	BN_free(r->dmp1);
130	r->dmp1 = dmp1;
131	}
132	if (dmq1 != NULL) {
133	BN_free(r->dmq1);
134	r->dmq1 = dmq1;
135	}
136	if (iqmp != NULL) {
137	BN_free(r->iqmp);
138	r->iqmp = iqmp;
139	}
140
141	return 1;
142	}
143
144	static void RSA_get0_crt_params(const RSA *r,
145	const BIGNUM dmp1, const BIGNUM dmq1,
146	const BIGNUM **iqmp)
147	{
148	if (dmp1 != NULL)
149	*dmp1 = r->dmp1;
150	if (dmq1 != NULL)
151	*dmq1 = r->dmq1;
152	if (iqmp != NULL)
153	*iqmp = r->iqmp;
154	}
155	#endif
156
50	char _is_private(rsaData* p_rsa)	157	char _is_private(rsaData* p_rsa)
51	{	158	{
52	return(p_rsa->rsa->d != NULL);	159	const BIGNUM *d;
		160
		161	RSA_get0_key(p_rsa->rsa, NULL, NULL, &d);
		162	return(d != NULL);
53	}	163	}
54		164
55	SV* make_rsa_obj(SV* p_proto, RSA* p_rsa)	165	SV* make_rsa_obj(SV* p_proto, RSA* p_rsa)
Lines 136-142 unsigned char* get_message_digest(SV* text_SV, int hash_method) Link Here
136	}	246	}
137	}	247	}
138		248
139	SV* bn2sv(BIGNUM* p_bn)	249	SV* bn2sv(const BIGNUM* p_bn)
140	{	250	{
141	return p_bn != NULL	251	return p_bn != NULL
142	? sv_2mortal(newSViv((IV) BN_dup(p_bn)))	252	? sv_2mortal(newSViv((IV) BN_dup(p_bn)))
Lines 297-304 generate_key(proto, bitsSV, exponent = 65537) Link Here
297	unsigned long exponent;	407	unsigned long exponent;
298	PREINIT:	408	PREINIT:
299	RSA* rsa;	409	RSA* rsa;
		410	BIGNUM *e;
300	CODE:	411	CODE:
301	CHECK_OPEN_SSL(rsa = RSA_generate_key(SvIV(bitsSV), exponent, NULL, NULL));	412	e = BN_new();
		413	CHECK_OPEN_SSL(e);
		414	rsa = RSA_new();
		415	CHECK_OPEN_SSL(rsa);
		416	BN_set_word(e, exponent);
		417	CHECK_OPEN_SSL(RSA_generate_key_ex(rsa, SvIV(bitsSV), e, NULL));
		418	BN_free(e);
302	RETVAL = make_rsa_obj(proto, rsa);	419	RETVAL = make_rsa_obj(proto, rsa);
303	OUTPUT:	420	OUTPUT:
304	RETVAL	421	RETVAL
Lines 325-334 _new_key_from_parameters(proto, n, e, d, p, q) Link Here
325	croak("At least a modulous and public key must be provided");	442	croak("At least a modulous and public key must be provided");
326	}	443	}
327	CHECK_OPEN_SSL(rsa = RSA_new());	444	CHECK_OPEN_SSL(rsa = RSA_new());
328	rsa->n = n;	445	CHECK_OPEN_SSL(RSA_set0_key(rsa, n, e, NULL));
329	rsa->e = e;
330	if (p \|\| q)	446	if (p \|\| q)
331	{	447	{
		448	BIGNUM dmp1, dmq1, *iqmp;
		449
332	error = 0;	450	error = 0;
333	THROW(ctx = BN_CTX_new());	451	THROW(ctx = BN_CTX_new());
334	if (!p)	452	if (!p)
Lines 341-348 _new_key_from_parameters(proto, n, e, d, p, q) Link Here
341	q = BN_new();	459	q = BN_new();
342	THROW(BN_div(q, NULL, n, p, ctx));	460	THROW(BN_div(q, NULL, n, p, ctx));
343	}	461	}
344	rsa->p = p;	462	CHECK_OPEN_SSL(RSA_set0_factors(rsa, p, q));
345	rsa->q = q;
346	THROW(p_minus_1 = BN_new());	463	THROW(p_minus_1 = BN_new());
347	THROW(BN_sub(p_minus_1, p, BN_value_one()));	464	THROW(BN_sub(p_minus_1, p, BN_value_one()));
348	THROW(q_minus_1 = BN_new());	465	THROW(q_minus_1 = BN_new());
Lines 353-365 _new_key_from_parameters(proto, n, e, d, p, q) Link Here
353	THROW(BN_mul(d, p_minus_1, q_minus_1, ctx));	470	THROW(BN_mul(d, p_minus_1, q_minus_1, ctx));
354	THROW(BN_mod_inverse(d, e, d, ctx));	471	THROW(BN_mod_inverse(d, e, d, ctx));
355	}	472	}
356	rsa->d = d;	473	CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d));
357	THROW(rsa->dmp1 = BN_new());	474
358	THROW(BN_mod(rsa->dmp1, d, p_minus_1, ctx));	475	THROW(dmp1 = BN_new());
359	THROW(rsa->dmq1 = BN_new());	476	THROW(dmq1 = BN_new());
360	THROW(BN_mod(rsa->dmq1, d, q_minus_1, ctx));	477	THROW(iqmp = BN_new());
361	THROW(rsa->iqmp = BN_new());	478
362	THROW(BN_mod_inverse(rsa->iqmp, q, p, ctx));	479	THROW(BN_mod(dmp1, d, p_minus_1, ctx));
		480	THROW(BN_mod(dmq1, d, q_minus_1, ctx));
		481	THROW(BN_mod_inverse(iqmp, q, p, ctx));
		482
		483	CHECK_OPEN_SSL(RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp));
363	THROW(RSA_check_key(rsa) == 1);	484	THROW(RSA_check_key(rsa) == 1);
364	err:	485	err:
365	if (p_minus_1) BN_clear_free(p_minus_1);	486	if (p_minus_1) BN_clear_free(p_minus_1);
Lines 373-379 _new_key_from_parameters(proto, n, e, d, p, q) Link Here
373	}	494	}
374	else	495	else
375	{	496	{
376	rsa->d = d;	497	CHECK_OPEN_SSL(RSA_set0_key(rsa, NULL, NULL, d));
377	}	498	}
378	RETVAL = make_rsa_obj(proto, rsa);	499	RETVAL = make_rsa_obj(proto, rsa);
379	}	500	}
Lines 386-400 _get_key_parameters(p_rsa) Link Here
386	PPCODE:	507	PPCODE:
387	{	508	{
388	RSA* rsa;	509	RSA* rsa;
		510	const BIGNUM n, e, d, p, *q;
		511	const BIGNUM dmp1, dmq1, *iqmp;
		512
389	rsa = p_rsa->rsa;	513	rsa = p_rsa->rsa;
390	XPUSHs(bn2sv(rsa->n));	514	RSA_get0_key(rsa, &n, &e, &d);
391	XPUSHs(bn2sv(rsa->e));	515	RSA_get0_factors(rsa, &p, &q);
392	XPUSHs(bn2sv(rsa->d));	516	RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
393	XPUSHs(bn2sv(rsa->p));	517	XPUSHs(bn2sv(n));
394	XPUSHs(bn2sv(rsa->q));	518	XPUSHs(bn2sv(e));
395	XPUSHs(bn2sv(rsa->dmp1));	519	XPUSHs(bn2sv(d));
396	XPUSHs(bn2sv(rsa->dmq1));	520	XPUSHs(bn2sv(p));
397	XPUSHs(bn2sv(rsa->iqmp));	521	XPUSHs(bn2sv(q));
		522	XPUSHs(bn2sv(dmp1));
		523	XPUSHs(bn2sv(dmq1));
		524	XPUSHs(bn2sv(iqmp));
398	}	525	}
399		526
400	SV*	527	SV*
401	-