Browse Source

Deprecate RSA harder

This deprecates all functions that deal with the types RSA and RSA_METHOD

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13096)
master
Richard Levitte 1 year ago
parent
commit
d7e498ac55
44 changed files with 1182 additions and 756 deletions
  1. +6
    -5
      apps/genrsa.c
  2. +6
    -3
      apps/req.c
  3. +78
    -66
      apps/rsa.c
  4. +31
    -31
      apps/rsautl.c
  5. +6
    -3
      apps/x509.c
  6. +3
    -0
      crypto/asn1/asn1_item_list.c
  7. +2
    -0
      crypto/asn1/asn1_item_list.h
  8. +6
    -2
      crypto/asn1/i2d_evp.c
  9. +1
    -1
      crypto/evp/build.info
  10. +2
    -5
      crypto/evp/p_dec.c
  11. +2
    -5
      crypto/evp/p_enc.c
  12. +51
    -0
      crypto/evp/p_legacy.c
  13. +0
    -31
      crypto/evp/p_lib.c
  14. +5
    -3
      crypto/pem/pem_all.c
  15. +3
    -0
      crypto/pem/pem_local.h
  16. +6
    -0
      crypto/rsa/rsa_backend.c
  17. +0
    -1
      crypto/rsa/rsa_local.h
  18. +242
    -0
      doc/man3/d2i_RSAPrivateKey.pod
  19. +8
    -23
      doc/man3/d2i_X509.pod
  20. +5
    -1
      fuzz/asn1.c
  21. +9
    -0
      fuzz/server.c
  22. +1
    -0
      include/crypto/rsa.h
  23. +16
    -0
      include/crypto/types.h
  24. +11
    -4
      include/openssl/evp.h
  25. +6
    -4
      include/openssl/pem.h
  26. +310
    -266
      include/openssl/rsa.h
  27. +19
    -5
      include/openssl/ssl.h.in
  28. +3
    -0
      include/openssl/types.h
  29. +22
    -16
      include/openssl/x509.h.in
  30. +6
    -0
      providers/common/der/der_rsa_key.c
  31. +2
    -0
      providers/common/include/prov/securitycheck.h
  32. +1
    -1
      ssl/build.info
  33. +0
    -1
      ssl/ssl_local.h
  34. +0
    -171
      ssl/ssl_rsa.c
  35. +180
    -0
      ssl/ssl_rsa_legacy.c
  36. +2
    -1
      ssl/statem/statem_clnt.c
  37. +1
    -0
      ssl/statem/statem_lib.c
  38. +1
    -0
      ssl/statem/statem_srvr.c
  39. +6
    -0
      test/endecoder_legacy_test.c
  40. +38
    -35
      test/evp_extra_test.c
  41. +6
    -0
      test/keymgmt_internal_test.c
  42. +7
    -0
      test/rsa_sp800_56b_test.c
  43. +66
    -66
      util/libcrypto.num
  44. +6
    -6
      util/libssl.num

+ 6
- 5
apps/genrsa.c View File

@ -79,9 +79,7 @@ int genrsa_main(int argc, char **argv)
BN_GENCB *cb = BN_GENCB_new();
ENGINE *eng = NULL;
BIGNUM *bn = BN_new();
RSA *rsa;
BIO *out = NULL;
const BIGNUM *e;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
const EVP_CIPHER *enc = NULL;
@ -205,9 +203,11 @@ opthelp:
}
if (verbose) {
if ((rsa = EVP_PKEY_get0_RSA(pkey)) != NULL) {
RSA_get0_key(rsa, NULL, &e, NULL);
} else {
BIGNUM *e = NULL;
/* Every RSA key has an 'e' */
EVP_PKEY_get_bn_param(pkey, "e", &e);
if (e == NULL) {
BIO_printf(bio_err, "Error cannot access RSA e\n");
goto end;
}
@ -218,6 +218,7 @@ opthelp:
}
OPENSSL_free(hexe);
OPENSSL_free(dece);
BN_free(e);
}
if (traditional) {
if (!PEM_write_bio_PrivateKey_traditional(out, pkey, enc, NULL, 0,


+ 6
- 3
apps/req.c View File

@ -939,10 +939,13 @@ int req_main(int argc, char **argv)
}
fprintf(stdout, "Modulus=");
#ifndef OPENSSL_NO_RSA
if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) {
const BIGNUM *n;
RSA_get0_key(EVP_PKEY_get0_RSA(tpubkey), &n, NULL, NULL);
if (EVP_PKEY_is_a(tpubkey, "RSA")) {
BIGNUM *n;
/* Every RSA key has an 'n' */
EVP_PKEY_get_bn_param(pkey, "n", &n);
BN_print(out, n);
BN_free(n);
} else
#endif
fprintf(stdout, "Wrong Algorithm type");


+ 78
- 66
apps/rsa.c View File

@ -22,6 +22,13 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/bn.h>
#include <openssl/encoder.h>
/*
* TODO: This include is to get OSSL_KEYMGMT_SELECT_*, which feels a bit
* much just for those macros... they might serve better as EVP macros.
*/
#include <openssl/core_dispatch.h>
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
@ -62,12 +69,10 @@ const OPTIONS rsa_options[] = {
{"traditional", OPT_TRADITIONAL, '-',
"Use traditional format for private keys"},
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
OPT_SECTION("PVK"),
{"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"},
{"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"},
{"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"},
#endif
OPT_PROV_OPTIONS,
{NULL}
@ -77,20 +82,21 @@ int rsa_main(int argc, char **argv)
{
ENGINE *e = NULL;
BIO *out = NULL;
RSA *rsa = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx;
const EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
int i, private = 0;
int private = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
int noout = 0, modulus = 0, pubin = 0, pubout = 0, ret = 1;
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
int pvk_encr = 2;
#endif
OPTION_CHOICE o;
int traditional = 0;
const char *output_type = NULL;
const char *output_structure = NULL;
int selection = 0;
OSSL_ENCODER_CTX *ectx = NULL;
prog = opt_init(argc, argv, rsa_options);
while ((o = opt_next()) != OPT_EOF) {
@ -142,9 +148,7 @@ int rsa_main(int argc, char **argv)
case OPT_PVK_STRONG: /* pvk_encr:= 2 */
case OPT_PVK_WEAK: /* pvk_encr:= 1 */
case OPT_PVK_NONE: /* pvk_encr:= 0 */
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
pvk_encr = (o - OPT_PVK_NONE);
#endif
break;
case OPT_NOOUT:
noout = 1;
@ -203,13 +207,14 @@ int rsa_main(int argc, char **argv)
pkey = load_key(infile, informat, 1, passin, e, "private key");
}
if (pkey != NULL)
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL) {
if (pkey == NULL) {
ERR_print_errors(bio_err);
goto end;
}
if (!EVP_PKEY_is_a(pkey, "RSA")) {
BIO_printf(bio_err, "Not an RSA key\n");
goto end;
}
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
@ -226,11 +231,14 @@ int rsa_main(int argc, char **argv)
}
if (modulus) {
const BIGNUM *n;
RSA_get0_key(rsa, &n, NULL, NULL);
BIGNUM *n = NULL;
/* Every RSA key has an 'n' */
EVP_PKEY_get_bn_param(pkey, "n", &n);
BIO_printf(out, "Modulus=");
BN_print(out, n);
BIO_printf(out, "\n");
BN_free(n);
}
if (check) {
@ -268,77 +276,81 @@ int rsa_main(int argc, char **argv)
goto end;
}
BIO_printf(bio_err, "writing RSA key\n");
/* Choose output type for the format */
if (outformat == FORMAT_ASN1) {
if (pubout || pubin) {
if (pubout == 2)
i = i2d_RSAPublicKey_bio(out, rsa);
else
i = i2d_RSA_PUBKEY_bio(out, rsa);
} else {
assert(private);
i = i2d_RSAPrivateKey_bio(out, rsa);
}
output_type = "DER";
} else if (outformat == FORMAT_PEM) {
output_type = "PEM";
} else if (outformat == FORMAT_MSBLOB) {
output_type = "MSBLOB";
} else if (outformat == FORMAT_PVK) {
if (pubin) {
BIO_printf(bio_err, "PVK form impossible with public key input\n");
goto end;
}
output_type = "PVK";
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
/* Select what you want in the output */
if (pubout || pubin) {
selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
} else {
assert(private);
selection = (OSSL_KEYMGMT_SELECT_KEYPAIR
| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS);
}
/* For DER based output, select the desired output structure */
if (outformat == FORMAT_ASN1 || outformat == FORMAT_PEM) {
if (pubout || pubin) {
if (pubout == 2)
i = PEM_write_bio_RSAPublicKey(out, rsa);
output_structure = "SubjectPublicKeyInfo";
else
i = PEM_write_bio_RSA_PUBKEY(out, rsa);
output_structure = "pkcs1"; /* "type-specific" would work too */
} else {
assert(private);
if (traditional) {
i = PEM_write_bio_PrivateKey_traditional(out, pkey, enc, NULL, 0,
NULL, passout);
} else {
i = PEM_write_bio_PrivateKey(out, pkey,
enc, NULL, 0, NULL, passout);
}
if (traditional)
output_structure = "pkcs1"; /* "type-specific" would work too */
else
output_structure = "pkcs8";
}
#ifndef OPENSSL_NO_DSA
} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
EVP_PKEY *pk;
pk = EVP_PKEY_new();
if (pk == NULL)
goto end;
}
EVP_PKEY_set1_RSA(pk, rsa);
if (outformat == FORMAT_PVK) {
if (pubin) {
BIO_printf(bio_err, "PVK form impossible with public key input\n");
EVP_PKEY_free(pk);
goto end;
}
assert(private);
# ifdef OPENSSL_NO_RC4
BIO_printf(bio_err, "PVK format not supported\n");
EVP_PKEY_free(pk);
/* Now, perform the encoding */
ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection,
output_type, output_structure,
NULL, NULL);
if (OSSL_ENCODER_CTX_get_num_encoders(ectx) == 0) {
BIO_printf(bio_err, "%s format not supported\n", output_type);
goto end;
}
/* PVK is a bit special... */
if (outformat == FORMAT_PVK) {
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
params[0] = OSSL_PARAM_construct_int("encrypt-level", &pvk_encr);
if (!OSSL_ENCODER_CTX_set_params(ectx, params)) {
BIO_printf(bio_err, "invalid PVK encryption level\n");
goto end;
# else
i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
# endif
} else if (pubin || pubout) {
i = i2b_PublicKey_bio(out, pk);
} else {
assert(private);
i = i2b_PrivateKey_bio(out, pk);
}
EVP_PKEY_free(pk);
#endif
} else {
BIO_printf(bio_err, "bad output format specified for outfile\n");
goto end;
}
if (i <= 0) {
if (!OSSL_ENCODER_to_bio(ectx, out)) {
BIO_printf(bio_err, "unable to write key\n");
ERR_print_errors(bio_err);
} else {
ret = 0;
goto end;
}
ret = 0;
end:
OSSL_ENCODER_CTX_free(ectx);
release_engine(e);
BIO_free_all(out);
EVP_PKEY_free(pkey);
RSA_free(rsa);
OPENSSL_free(passin);
OPENSSL_free(passout);
return ret;


+ 31
- 31
apps/rsautl.c View File

@ -7,9 +7,6 @@
* https://www.openssl.org/source/license.html
*/
/* We need to use the deprecated RSA low level calls */
#define OPENSSL_SUPPRESS_DEPRECATED
#include <openssl/opensslconf.h>
#include "apps.h"
@ -78,14 +75,15 @@ int rsautl_main(int argc, char **argv)
BIO *in = NULL, *out = NULL;
ENGINE *e = NULL;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
EVP_PKEY_CTX *ctx = NULL;
X509 *x;
char *infile = NULL, *outfile = NULL, *keyfile = NULL;
char *passinarg = NULL, *passin = NULL, *prog;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad = RSA_PKCS1_PADDING;
int rsa_inlen, keyformat = FORMAT_PEM, keysize, ret = 1;
int rsa_outlen = 0, hexdump = 0, asn1parse = 0, need_priv = 0, rev = 0;
size_t rsa_inlen, rsa_outlen = 0;
int keyformat = FORMAT_PEM, keysize, ret = 1, rv;
int hexdump = 0, asn1parse = 0, need_priv = 0, rev = 0;
OPTION_CHOICE o;
prog = opt_init(argc, argv, rsautl_options);
@ -208,15 +206,6 @@ int rsautl_main(int argc, char **argv)
if (pkey == NULL)
return 1;
rsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
if (rsa == NULL) {
BIO_printf(bio_err, "Error getting RSA key\n");
ERR_print_errors(bio_err);
goto end;
}
in = bio_open_default(infile, 'r', FORMAT_BINARY);
if (in == NULL)
goto end;
@ -224,48 +213,58 @@ int rsautl_main(int argc, char **argv)
if (out == NULL)
goto end;
keysize = RSA_size(rsa);
keysize = EVP_PKEY_size(pkey);
rsa_in = app_malloc(keysize * 2, "hold rsa key");
rsa_out = app_malloc(keysize, "output rsa key");
rsa_outlen = keysize;
/* Read the input data */
rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
if (rsa_inlen < 0) {
rv = BIO_read(in, rsa_in, keysize * 2);
if (rv < 0) {
BIO_printf(bio_err, "Error reading input Data\n");
goto end;
}
rsa_inlen = rv;
if (rev) {
int i;
size_t i;
unsigned char ctmp;
for (i = 0; i < rsa_inlen / 2; i++) {
ctmp = rsa_in[i];
rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
rsa_in[rsa_inlen - 1 - i] = ctmp;
}
}
switch (rsa_mode) {
if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL)) == NULL)
goto end;
switch (rsa_mode) {
case RSA_VERIFY:
rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
rv = EVP_PKEY_verify_recover_init(ctx)
&& EVP_PKEY_CTX_set_rsa_padding(ctx, pad)
&& EVP_PKEY_verify_recover(ctx, rsa_out, &rsa_outlen,
rsa_in, rsa_inlen);
break;
case RSA_SIGN:
rsa_outlen =
RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
rv = EVP_PKEY_sign_init(ctx)
&& EVP_PKEY_CTX_set_rsa_padding(ctx, pad)
&& EVP_PKEY_sign(ctx, rsa_out, &rsa_outlen, rsa_in, rsa_inlen);
break;
case RSA_ENCRYPT:
rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
rv = EVP_PKEY_encrypt_init(ctx)
&& EVP_PKEY_CTX_set_rsa_padding(ctx, pad)
&& EVP_PKEY_encrypt(ctx, rsa_out, &rsa_outlen, rsa_in, rsa_inlen);
break;
case RSA_DECRYPT:
rsa_outlen =
RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
rv = EVP_PKEY_decrypt_init(ctx)
&& EVP_PKEY_CTX_set_rsa_padding(ctx, pad)
&& EVP_PKEY_decrypt(ctx, rsa_out, &rsa_outlen, rsa_in, rsa_inlen);
break;
}
if (rsa_outlen < 0) {
if (!rv) {
BIO_printf(bio_err, "RSA operation error\n");
ERR_print_errors(bio_err);
goto end;
@ -281,7 +280,8 @@ int rsautl_main(int argc, char **argv)
BIO_write(out, rsa_out, rsa_outlen);
}
end:
RSA_free(rsa);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
release_engine(e);
BIO_free(in);
BIO_free_all(out);


+ 6
- 3
apps/x509.c View File

@ -757,10 +757,13 @@ int x509_main(int argc, char **argv)
}
BIO_printf(out, "Modulus=");
#ifndef OPENSSL_NO_RSA
if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
const BIGNUM *n;
RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &n, NULL, NULL);
if (EVP_PKEY_is_a(pkey, "RSA")) {
BIGNUM *n;
/* Every RSA key has an 'n' */
EVP_PKEY_get_bn_param(pkey, "n", &n);
BN_print(out, n);
BN_free(n);
} else
#endif
#ifndef OPENSSL_NO_DSA


+ 3
- 0
crypto/asn1/asn1_item_list.c View File

@ -7,6 +7,9 @@
* https://www.openssl.org/source/license.html
*/
/* We need to use the low level ASN1 items until they are removed */
#define OPENSSL_SUPPRESS_DEPRECATED
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>


+ 2
- 0
crypto/asn1/asn1_item_list.h View File

@ -135,10 +135,12 @@ static ASN1_ITEM_EXP *asn1_item_list[] = {
ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
ASN1_ITEM_ref(PROXY_POLICY),
#ifndef OPENSSL_NO_RSA
# ifndef OPENSSL_NO_DEPRECATED_3_0
ASN1_ITEM_ref(RSAPrivateKey),
ASN1_ITEM_ref(RSAPublicKey),
ASN1_ITEM_ref(RSA_OAEP_PARAMS),
ASN1_ITEM_ref(RSA_PSS_PARAMS),
# endif
#endif
#ifndef OPENSSL_NO_SCRYPT
ASN1_ITEM_ref(SCRYPT_PARAMS),


+ 6
- 2
crypto/asn1/i2d_evp.c View File

@ -16,7 +16,9 @@
#include <openssl/encoder.h>
#include <openssl/buffer.h>
#include <openssl/x509.h>
#include <openssl/rsa.h> /* For i2d_RSAPublicKey */
#ifndef OPENSSL_NO_DEPRECATED_3_0
# include <openssl/rsa.h> /* For i2d_RSAPublicKey */
#endif
#include <openssl/dsa.h> /* For i2d_DSAPublicKey */
#include <openssl/ec.h> /* For i2o_ECPublicKey */
#include "crypto/asn1.h"
@ -105,9 +107,11 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp)
return i2d_provided(a, EVP_PKEY_PUBLIC_KEY, output_structures, pp);
}
switch (EVP_PKEY_id(a)) {
#ifndef OPENSSL_NO_RSA
#ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_RSA
case EVP_PKEY_RSA:
return i2d_RSAPublicKey(EVP_PKEY_get0_RSA(a), pp);
# endif
#endif
#ifndef OPENSSL_NO_DSA
case EVP_PKEY_DSA:


+ 1
- 1
crypto/evp/build.info View File

@ -9,7 +9,7 @@ SOURCE[../../libcrypto]=$COMMON\
e_des.c e_bf.c e_idea.c e_des3.c \
e_rc4.c e_aes.c names.c e_aria.c e_sm4.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c m_null.c \
p_seal.c p_sign.c p_verify.c \
p_seal.c p_sign.c p_verify.c p_legacy.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_allc.c c_alld.c bio_ok.c \
evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \


+ 2
- 5
crypto/evp/p_dec.c View File

@ -7,11 +7,8 @@
* https://www.openssl.org/source/license.html
*/
/*
* RSA low level APIs are deprecated for public use, but still ok for
* internal use.
*/
#include "internal/deprecated.h"
/* We need to use the deprecated RSA low level calls */
#define OPENSSL_SUPPRESS_DEPRECATED
#include <stdio.h>
#include "internal/cryptlib.h"


+ 2
- 5
crypto/evp/p_enc.c View File

@ -7,11 +7,8 @@
* https://www.openssl.org/source/license.html
*/
/*
* RSA low level APIs are deprecated for public use, but still ok for
* internal use.
*/
#include "internal/deprecated.h"
/* We need to use the deprecated RSA low level calls */
#define OPENSSL_SUPPRESS_DEPRECATED
#include <stdio.h>
#include "internal/cryptlib.h"


+ 51
- 0
crypto/evp/p_legacy.c View File

@ -0,0 +1,51 @@
/*
* Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Legacy EVP_PKEY assign/set/get APIs are deprecated for public use, but
* still ok for internal use, particularly in providers.
*/
#include "internal/deprecated.h"
#include <openssl/types.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/rsa.h>
#include "crypto/types.h"
#include "crypto/evp.h"
#include "evp_local.h"
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
{
int ret = EVP_PKEY_assign_RSA(pkey, key);
if (ret)
RSA_up_ref(key);
return ret;
}
RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey)
{
if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY);
return NULL;
}
if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) {
ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
return pkey->pkey.rsa;
}
RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
{
RSA *ret = EVP_PKEY_get0_RSA(pkey);
if (ret != NULL)
RSA_up_ref(ret);
return ret;
}

+ 0
- 31
crypto/evp/p_lib.c View File

@ -784,37 +784,6 @@ const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len)
}
# endif
# ifndef OPENSSL_NO_RSA
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
{
int ret = EVP_PKEY_assign_RSA(pkey, key);
if (ret)
RSA_up_ref(key);
return ret;
}
RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey)
{
if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) {
ERR_raise(ERR_LIB_EVP, EVP_R_INACCESSIBLE_KEY);
return NULL;
}
if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) {
ERR_raise(ERR_LIB_EVP, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
return pkey->pkey.rsa;
}
RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
{
RSA *ret = EVP_PKEY_get0_RSA(pkey);
if (ret != NULL)
RSA_up_ref(ret);
return ret;
}
# endif
# ifndef OPENSSL_NO_DSA
DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey)
{


+ 5
- 3
crypto/pem/pem_all.c View File

@ -45,7 +45,8 @@ IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
#ifndef OPENSSL_NO_RSA
#ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_RSA
/*
* We treat RSA or DSA private keys as a special case. For private keys we
* read in an EVP_PKEY structure with PEM_read_bio_PrivateKey() and extract
@ -76,7 +77,7 @@ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
return pkey_get_rsa(pktmp, rsa);
}
# ifndef OPENSSL_NO_STDIO
# ifndef OPENSSL_NO_STDIO
RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
{
@ -85,11 +86,12 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
return pkey_get_rsa(pktmp, rsa);
}
# endif
# endif
IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
# endif
#endif
#ifndef OPENSSL_NO_DSA
static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)


+ 3
- 0
crypto/pem/pem_local.h View File

@ -39,6 +39,9 @@
# define PEM_STRUCTURE_PrivateKey "pkcs8"
# define PEM_STRUCTURE_Parameters "type-specific"
# define PEM_STRUCTURE_RSAPrivateKey "type-specific"
# define PEM_STRUCTURE_RSAPublicKey "type-specific"
/* Alternative IMPLEMENT macros for provided encoders */
# define IMPLEMENT_PEM_provided_write_body_vars(type, asn1) \


+ 6
- 0
crypto/rsa/rsa_backend.c View File

@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
/*
* RSA low level APIs are deprecated for public use, but still ok for
* internal use.
*/
#include "internal/deprecated.h"
#include <string.h>
#include <openssl/core_names.h>
#include <openssl/params.h>


+ 0
- 1
crypto/rsa/rsa_local.h View File

@ -10,7 +10,6 @@
#ifndef OSSL_CRYPTO_RSA_LOCAL_H
#define OSSL_CRYPTO_RSA_LOCAL_H
#include "crypto/rsa.h"
#include "internal/refcount.h"
#include "crypto/rsa.h"


+ 242
- 0
doc/man3/d2i_RSAPrivateKey.pod View File

@ -0,0 +1,242 @@
=pod
=begin comment
Any deprecated keypair function from d2i_X509.pod are collected in this file.
=end comment
=head1 NAME
d2i_RSAPrivateKey,
d2i_RSAPrivateKey_bio,
d2i_RSAPrivateKey_fp,
d2i_RSAPublicKey,
d2i_RSAPublicKey_bio,
d2i_RSAPublicKey_fp,
d2i_RSA_PUBKEY,
d2i_RSA_PUBKEY_bio,
d2i_RSA_PUBKEY_fp,
i2d_RSAPrivateKey,
i2d_RSAPrivateKey_bio,
i2d_RSAPrivateKey_fp,
i2d_RSAPublicKey,
i2d_RSAPublicKey_bio,
i2d_RSAPublicKey_fp,
i2d_RSA_PUBKEY,
i2d_RSA_PUBKEY_bio,
i2d_RSA_PUBKEY_fp
- DEPRECATED
=head1 SYNOPSIS
=for openssl generic
Deprecated since OpenSSL 3.0, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:
TYPE *d2i_TYPEPrivateKey(TYPE **a, const unsigned char **ppin, long length);
TYPE *d2i_TYPEPrivateKey_bio(BIO *bp, TYPE **a);
TYPE *d2i_TYPEPrivateKey_fp(FILE *fp, TYPE **a);
TYPE *d2i_TYPEPublicKey(TYPE **a, const unsigned char **ppin, long length);
TYPE *d2i_TYPEPublicKey_bio(BIO *bp, TYPE **a);
TYPE *d2i_TYPEPublicKey_fp(FILE *fp, TYPE **a);
TYPE *d2i_TYPEparams(TYPE **a, const unsigned char **ppin, long length);
TYPE *d2i_TYPEparams_bio(BIO *bp, TYPE **a);
TYPE *d2i_TYPEparams_fp(FILE *fp, TYPE **a);
TYPE *d2i_TYPE_PUBKEY(TYPE **a, const unsigned char **ppin, long length);
TYPE *d2i_TYPE_PUBKEY_bio(BIO *bp, TYPE **a);
TYPE *d2i_TYPE_PUBKEY_fp(FILE *fp, TYPE **a);
int i2d_TYPEPrivateKey(const TYPE *a, unsigned char **ppout);
int i2d_TYPEPrivateKey(TYPE *a, unsigned char **ppout);
int i2d_TYPEPrivateKey_fp(FILE *fp, const TYPE *a);
int i2d_TYPEPrivateKey_fp(FILE *fp, TYPE *a);
int i2d_TYPEPrivateKey_bio(BIO *bp, const TYPE *a);
int i2d_TYPEPrivateKey_bio(BIO *bp, TYPE *a);
int i2d_TYPEPublicKey(const TYPE *a, unsigned char **ppout);
int i2d_TYPEPublicKey(TYPE *a, unsigned char **ppout);
int i2d_TYPEPublicKey_fp(FILE *fp, const TYPE *a);
int i2d_TYPEPublicKey_fp(FILE *fp, TYPE *a);
int i2d_TYPEPublicKey_bio(BIO *bp, const TYPE *a);
int i2d_TYPEPublicKey_bio(BIO *bp, TYPE *a);
int i2d_TYPEparams(const TYPE *a, unsigned char **ppout);
int i2d_TYPEparams(TYPE *a, unsigned char **ppout);
int i2d_TYPEparams_fp(FILE *fp, const TYPE *a);
int i2d_TYPEparams_fp(FILE *fp, TYPE *a);
int i2d_TYPEparams_bio(BIO *bp, const TYPE *a);
int i2d_TYPEparams_bio(BIO *bp, TYPE *a);
int i2d_TYPE_PUBKEY(const TYPE *a, unsigned char **ppout);
int i2d_TYPE_PUBKEY(TYPE *a, unsigned char **ppout);
int i2d_TYPE_PUBKEY_fp(FILE *fp, const TYPE *a);
int i2d_TYPE_PUBKEY_fp(FILE *fp, TYPE *a);
int i2d_TYPE_PUBKEY_bio(BIO *bp, const TYPE *a);
int i2d_TYPE_PUBKEY_bio(BIO *bp, TYPE *a);
=head1 DESCRIPTION
All functions described here are deprecated. Please use L<OSSL_DECODER(3)>
instead of the B<d2i> functions and L<OSSL_ENCODER(3)> instead of the B<i2d>
functions. See L</Migration> below.
In the description here, B<I<TYPE>> is used a placeholder for any of the
OpenSSL datatypes, such as B<RSA>.
The function parameters I<ppin> and I<ppout> are generally either both named
I<pp> in the headers, or I<in> and I<out>.
All the functions here behave the way that's described in L<d2i_X509(3)>.
Please note that not all functions in the synopsis are available for all key
types. For example, there are no d2i_RSAparams() or i2d_RSAparams(),
because the PKCS#1 B<RSA> structure doesn't include any key parameters.
B<d2i_I<TYPE>PrivateKey>() and derivates thereof decode DER encoded
B<I<TYPE>> private key data organized in a type specific structure.
B<d2i_I<TYPE>PublicKey>() and derivates thereof decode DER encoded
B<I<TYPE>> public key data organized in a type specific structure.
B<d2i_I<TYPE>params>() and derivates thereof decode DER encoded B<I<TYPE>>
key parameters organized in a type specific structure.
B<d2i_I<TYPE>_PUBKEY>() and derivates thereof decode DER encoded B<I<TYPE>>
public key data organized in a B<SubjectPublicKeyInfo> structure.
B<i2d_I<TYPE>PrivateKey>() and derivates thereof encode the private key
B<I<TYPE>> data into a type specific DER encoded structure.
B<i2d_I<TYPE>PublicKey>() and derivates thereof encode the public key
B<I<TYPE>> data into a type specific DER encoded structure.
B<i2d_I<TYPE>params>() and derivates thereof encode the B<I<TYPE>> key
parameters data into a type specific DER encoded structure.
B<i2d_I<TYPE>_PUBKEY>() and derivates thereof encode the public key
B<I<TYPE>> data into a DER encoded B<SubjectPublicKeyInfo> structure.
For example, d2i_RSAPrivateKey() and d2i_RSAPublicKey() expects the
structure defined by PKCS#1.
Similarly, i2d_RSAPrivateKey() and i2d_RSAPublicKey() produce DER encoded
string organized according to PKCS#1.
=head2 Migration
Migration from the diverse B<I<TYPE>>s requires using corresponding new
OpenSSL types. For all B<I<TYPE>>s described here, the corresponding new
type is B<EVP_PKEY>. The rest of this section assumes that this has been
done, exactly how to do that is described elsewhere.
There are two migration paths:
=over 4
=item *
Replace
b<d2i_I<TYPE>PrivateKey()> with L<d2i_PrivateKey(3)>,
b<d2i_I<TYPE>PublicKey()> with L<d2i_PublicKey(3)>,
b<d2i_I<TYPE>params()> with L<d2i_KeyParams(3)>,
b<d2i_I<TYPE>_PUBKEY()> with L<d2i_PUBKEY(3)>,
b<i2d_I<TYPE>PrivateKey()> with L<i2d_PrivateKey(3)>,
b<i2d_I<TYPE>PublicKey()> with L<i2d_PublicKey(3)>,
b<i2d_I<TYPE>params()> with L<i2d_KeyParams(3)>,
b<i2d_I<TYPE>_PUBKEY()> with L<i2d_PUBKEY(3)>.
A caveat is that L<i2d_PrivateKey(3)> may output a DER encoded PKCS#8
outermost structure instead of the type specific structure, and that
L<d2i_PrivateKey(3)> recognises and unpacks a PKCS#8 structures.
=item *
Use L<OSSL_DECODER(3)> and L<OSSL_ENCODER(3)>. How to migrate is described
below. All those descriptions assume that the key to be encoded is in the
variable I<pkey>.
=back
=head3 Migrating B<i2d> functions to B<OSSL_ENCODER>
The exact L<OSSL_ENCODER(3)> output is driven by arguments rather than by
function names. The sample code to get DER encoded output in a type
specific structure is uniform, the only things that vary are the selection
of what part of the B<EVP_PKEY> should be output, and the structure. The
B<i2d> functions names can therefore be translated into two variables,
I<selection> and I<structure> as follows:
=over 4
=item B<i2d_I<TYPE>PrivateKey>() translates into:
int selection = EVP_PKEY_PRIVATE_KEY;
const char *structure = "type-specific";
=item B<i2d_I<TYPE>PublicKey>() translates into:
int selection = EVP_PKEY_PUBLIC_KEY;
const char *structure = "type-specific";
=item B<i2d_I<TYPE>params>() translates into:
int selection = EVP_PKEY_PARAMETERS;
const char *structure = "type-specific";
=item B<i2d_I<TYPE>_PUBKEY>() translates into:
int selection = EVP_PKEY_PUBLIC_KEY;
const char *structure = "SubjectPublicKeyInfo";
=back
The following sample code does the rest of the work:
unsigned char *p = buffer; /* |buffer| is supplied by the caller */
size_t len = buffer_size; /* assumed be the size of |buffer| */
OSSL_ENCODER_CTX *ctx =
OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, selection, "DER", structure,
NULL, NULL);
if (ctx == NULL) {
/* fatal error handling */
}
if (OSSL_ENCODER_CTX_get_num_encoders(ctx) == 0) {
OSSL_ENCODER_CTX_free(ctx);
/* non-fatal error handling */
}
if (!OSSL_ENCODER_to_data(ctx, &p, &len)) {
OSSL_ENCODER_CTX_free(ctx);
/* error handling */
}
OSSL_ENCODER_CTX_free(ctx);
=for comment TODO: a similar section on OSSL_DECODER is to be added
=head1 RETURN VALUES
B<d2i_I<TYPE>>(), B<d2i_I<TYPE>_bio>() and B<d2i_I<TYPE>_fp>() return a valid
B<I<TYPE>> structure or NULL if an error occurs. If the "reuse" capability has
been used with a valid structure being passed in via I<a>, then the object is
freed in the event of error and I<*a> is set to NULL.
B<i2d_I<TYPE>>() returns the number of bytes successfully encoded or a negative
value if an error occurs.
B<i2d_I<TYPE>_bio>() and B<i2d_I<TYPE>_fp>() return 1 for success and 0 if an
error occurs.
=head1 SEE ALSO
L<OSSL_ENCODER(3)>, L<OSSL_DECODER(3)>,
L<d2i_PrivateKey(3)>, L<d2i_PublicKey(3)>, L<d2i_KeyParams(3)>,
L<d2i_PUBKEY(3)>,
L<i2d_PrivateKey(3)>, L<i2d_PublicKey(3)>, L<i2d_KeyParams(3)>,
L<i2d_PUBKEY(3)>
=head1 COPYRIGHT
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut

+ 8
- 23
doc/man3/d2i_X509.pod View File

@ -1,5 +1,12 @@
=pod
=begin comment
Any keypair function here that gets deprecated should be moved to
d2i_RSAPrivateKey.pod.
=end comment
=head1 NAME
d2i_ACCESS_DESCRIPTION,
@ -141,17 +148,8 @@ d2i_POLICYQUALINFO,
d2i_PROFESSION_INFO,
d2i_PROXY_CERT_INFO_EXTENSION,
d2i_PROXY_POLICY,
d2i_RSAPrivateKey,
d2i_RSAPrivateKey_bio,
d2i_RSAPrivateKey_fp,
d2i_RSAPublicKey,
d2i_RSAPublicKey_bio,
d2i_RSAPublicKey_fp,
d2i_RSA_OAEP_PARAMS,
d2i_RSA_PSS_PARAMS,
d2i_RSA_PUBKEY,
d2i_RSA_PUBKEY_bio,
d2i_RSA_PUBKEY_fp,
d2i_SCRYPT_PARAMS,
d2i_SCT_LIST,
d2i_SXNET,
@ -337,17 +335,8 @@ i2d_POLICYQUALINFO,
i2d_PROFESSION_INFO,
i2d_PROXY_CERT_INFO_EXTENSION,
i2d_PROXY_POLICY,
i2d_RSAPrivateKey,
i2d_RSAPrivateKey_bio,
i2d_RSAPrivateKey_fp,
i2d_RSAPublicKey,
i2d_RSAPublicKey_bio,
i2d_RSAPublicKey_fp,
i2d_RSA_OAEP_PARAMS,
i2d_RSA_PSS_PARAMS,
i2d_RSA_PUBKEY,
i2d_RSA_PUBKEY_bio,
i2d_RSA_PUBKEY_fp,
i2d_SCRYPT_PARAMS,
i2d_SCT_LIST,
i2d_SXNET,
@ -411,7 +400,7 @@ i2d_X509_VAL,
=head1 DESCRIPTION
In the description here, B<I<TYPE>> is used a placeholder
for any of the OpenSSL datatypes, such as I<X509_CRL>.
for any of the OpenSSL datatypes, such as B<X509_CRL>.
The function parameters I<ppin> and I<ppout> are generally
either both named I<pp> in the headers, or I<in> and I<out>.
@ -512,10 +501,6 @@ L<PEM_write_PrivateKey(3)>, or similar instead.
Represents an ECDSA signature.
=item B<RSAPublicKey>
Represents a PKCS#1 RSA public key structure.
=item B<X509_ALGOR>
Represents an B<AlgorithmIdentifier> structure as used in IETF RFC 6960 and


+ 5
- 1
fuzz/asn1.c View File

@ -169,9 +169,11 @@ static ASN1_ITEM_EXP *item_type[] = {
ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
ASN1_ITEM_ref(PROXY_POLICY),
ASN1_ITEM_ref(RSA_OAEP_PARAMS),
ASN1_ITEM_ref(RSAPrivateKey),
ASN1_ITEM_ref(RSA_PSS_PARAMS),
#ifndef OPENSSL_NO_DEPRECATED_3_0
ASN1_ITEM_ref(RSAPrivateKey),
ASN1_ITEM_ref(RSAPublicKey),
#endif
ASN1_ITEM_ref(SXNET),
ASN1_ITEM_ref(SXNETID),
ASN1_ITEM_ref(USERNOTICE),
@ -339,7 +341,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
DO_TEST_NO_PRINT(DSA, d2i_DSAPublicKey, i2d_DSAPublicKey);
DO_TEST_NO_PRINT(DSA, d2i_DSAparams, i2d_DSAparams);
#endif
#ifndef OPENSSL_NO_DEPRECATED_3_0
DO_TEST_NO_PRINT(RSA, d2i_RSAPublicKey, i2d_RSAPublicKey);
#endif
#ifndef OPENSSL_NO_EC
DO_TEST_PRINT_OFFSET(EC_GROUP, d2i_ECPKParameters, i2d_ECPKParameters, ECPKParameters_print);
DO_TEST_PRINT_OFFSET(EC_KEY, d2i_ECPrivateKey, i2d_ECPrivateKey, EC_KEY_print);


+ 9
- 0
fuzz/server.c View File

@ -12,6 +12,9 @@
/* Test first part of SSL server handshake. */
/* We need to use the deprecated RSA low level calls */
#define OPENSSL_SUPPRESS_DEPRECATED
#include <time.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
@ -92,6 +95,7 @@ static const uint8_t kCertificateDER[] = {
0x76, 0x8a, 0xbb,
};
#ifndef OPENSSL_NO_DEPRECATED_3_0
static const uint8_t kRSAPrivateKeyDER[] = {
0x30, 0x82, 0x04, 0xa5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
0xce, 0x47, 0xcb, 0x11, 0xbb, 0xd2, 0x9d, 0x8e, 0x9e, 0xd2, 0x1e, 0x14,
@ -194,6 +198,7 @@ static const uint8_t kRSAPrivateKeyDER[] = {
0xb2, 0xc6, 0xb2, 0x0a, 0x2a, 0x7c, 0x6d, 0x6a, 0x40, 0xfc, 0xf5, 0x50,
0x98, 0x46, 0x89, 0x82, 0x40,
};
#endif
#ifndef OPENSSL_NO_EC
@ -512,7 +517,9 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
#endif
SSL_CTX *ctx;
int ret;
#ifndef OPENSSL_NO_DEPRECATED_3_0
RSA *privkey;
#endif
const uint8_t *bufp;
EVP_PKEY *pkey;
X509 *cert;
@ -539,6 +546,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
ret = SSL_CTX_set_cipher_list(ctx, "ALL:eNULL:@SECLEVEL=0");
OPENSSL_assert(ret == 1);
#ifndef OPENSSL_NO_DEPRECATED_3_0
/* RSA */
bufp = kRSAPrivateKeyDER;
privkey = d2i_RSAPrivateKey(NULL, &bufp, sizeof(kRSAPrivateKeyDER));
@ -548,6 +556,7 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
ret = SSL_CTX_use_PrivateKey(ctx, pkey);
OPENSSL_assert(ret == 1);
EVP_PKEY_free(pkey);
#endif
bufp = kCertificateDER;
cert = d2i_X509(NULL, &bufp, sizeof(kCertificateDER));


+ 1
- 0
include/crypto/rsa.h View File

@ -12,6 +12,7 @@
# include <openssl/core.h>
# include <openssl/rsa.h>
# include "crypto/types.h"
typedef struct rsa_pss_params_30_st {
int hash_algorithm_nid;


+ 16
- 0
include/crypto/types.h View File

@ -0,0 +1,16 @@
/*
* Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* When removal is simulated, we still need the type internally */
#ifdef OPENSSL_NO_DEPRECATED_3_0
typedef struct rsa_st RSA;
typedef struct rsa_meth_st RSA_METHOD;
#endif

+ 11
- 4
include/openssl/evp.h View File

@ -457,9 +457,11 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
const EVP_CIPHER *cipher, const EVP_MD *md,
int en_de);
# ifndef OPENSSL_NO_RSA
# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(rsa))
# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_RSA
# define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(rsa))
# endif
# endif
# ifndef OPENSSL_NO_DSA
@ -1211,11 +1213,16 @@ const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
# endif
# ifndef OPENSSL_NO_RSA
# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_RSA
struct rsa_st;
OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
OSSL_DEPRECATEDIN_3_0
struct rsa_st *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);
OSSL_DEPRECATEDIN_3_0
struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
# endif
# endif
# ifndef OPENSSL_NO_DSA
struct dsa_st;


+ 6
- 4
include/openssl/pem.h View File

@ -373,10 +373,12 @@ DECLARE_PEM_rw(PKCS7, PKCS7)
DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
DECLARE_PEM_rw(PKCS8, X509_SIG)
DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
# ifndef OPENSSL_NO_RSA
DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
DECLARE_PEM_rw(RSAPublicKey, RSA)
DECLARE_PEM_rw(RSA_PUBKEY, RSA)
# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_RSA
DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, RSAPrivateKey, RSA)
DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, RSAPublicKey, RSA)
DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, RSA_PUBKEY, RSA)
# endif
# endif
# ifndef OPENSSL_NO_DSA
DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)


+ 310
- 266
include/openssl/rsa.h View File

@ -37,6 +37,9 @@ extern "C" {
# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
# endif
# define RSA_3 0x3L
# define RSA_F4 0x10001L
# ifndef OPENSSL_NO_DEPRECATED_3_0
/* The types RSA and RSA_METHOD are defined in ossl_typ.h */
@ -50,24 +53,13 @@ extern "C" {
# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
# define OPENSSL_RSA_MAX_PUBEXP_BITS 64
# endif
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
# define RSA_3 0x3L
# define RSA_F4 0x10001L
# ifndef OPENSSL_NO_DEPRECATED_3_0
/* based on RFC 8017 appendix A.1.2 */
# define RSA_ASN1_VERSION_DEFAULT 0
# define RSA_ASN1_VERSION_MULTI 1
# define RSA_DEFAULT_PRIME_NUM 2
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
/* Don't check pub/private match */
/* TODO(3.0): deprecate this? It is exposed for sls/t1_lib.c's use */
# define RSA_METHOD_FLAG_NO_CHECK 0x0001
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define RSA_METHOD_FLAG_NO_CHECK 0x0001
# define RSA_FLAG_CACHE_PUBLIC 0x0002
# define RSA_FLAG_CACHE_PRIVATE 0x0004
# define RSA_FLAG_BLINDING 0x0008
@ -132,11 +124,13 @@ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen);
int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *saltlen);
int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int bits);
DEPRECATEDIN_3_0(int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx,
BIGNUM *pubexp))
int EVP_PKEY_CTX_set1_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes);
int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *ctx, int saltlen);
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0
int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
# endif
/* Salt length matches digest */
# define RSA_PSS_SALTLEN_DIGEST -1
@ -206,99 +200,113 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label);
# define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
# define RSA_get_app_data(s) RSA_get_ex_data(s,0)
RSA *RSA_new(void);
DEPRECATEDIN_3_0(RSA *RSA_new_method(ENGINE *engine))
int RSA_bits(const RSA *rsa);
DEPRECATEDIN_3_0(int RSA_size(const RSA *rsa))
DEPRECATEDIN_3_0(int RSA_security_bits(const RSA *rsa))
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
BIGNUM *coeffs[], int pnum);
void RSA_get0_key(const RSA *r,
const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
int RSA_get_multi_prime_extra_count(const RSA *r);
int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]);
void RSA_get0_crt_params(const RSA *r,
const BIGNUM **dmp1, const BIGNUM **dmq1,
const BIGNUM **iqmp);
# ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_DEPRECATEDIN_3_0 RSA *RSA_new(void);
OSSL_DEPRECATEDIN_3_0 RSA *RSA_new_method(ENGINE *engine);
OSSL_DEPRECATEDIN_3_0 int RSA_bits(const RSA *rsa);
OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa);
OSSL_DEPRECATEDIN_3_0 int RSA_security_bits(const RSA *rsa);
OSSL_DEPRECATEDIN_3_0 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
OSSL_DEPRECATEDIN_3_0 int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
OSSL_DEPRECATEDIN_3_0 int RSA_set0_crt_params(RSA *r,
BIGNUM *dmp1, BIGNUM *dmq1,
BIGNUM *iqmp);
OSSL_DEPRECATEDIN_3_0 int RSA_set0_multi_prime_params(RSA *r,
BIGNUM *primes[],
BIGNUM *exps[],
BIGNUM *coeffs[],
int pnum);
OSSL_DEPRECATEDIN_3_0 void RSA_get0_key(const RSA *r,
const BIGNUM **n, const BIGNUM **e,
const BIGNUM **d);
OSSL_DEPRECATEDIN_3_0 void RSA_get0_factors(const RSA *r,
const BIGNUM **p, const BIGNUM **q);
OSSL_DEPRECATEDIN_3_0 int RSA_get_multi_prime_extra_count(const RSA *r);
OSSL_DEPRECATEDIN_3_0 int RSA_get0_multi_prime_factors(const RSA *r,
const BIGNUM *primes[]);
OSSL_DEPRECATEDIN_3_0 void RSA_get0_crt_params(const RSA *r,
const BIGNUM **dmp1,
const BIGNUM **dmq1,
const BIGNUM **iqmp);
OSSL_DEPRECATEDIN_3_0
int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
const BIGNUM *coeffs[]);
const BIGNUM *RSA_get0_n(const RSA *d);
const BIGNUM *RSA_get0_e(const RSA *d);
const BIGNUM *RSA_get0_d(const RSA *d);
const BIGNUM *RSA_get0_p(const RSA *d);
const BIGNUM *RSA_get0_q(const RSA *d);
const BIGNUM *RSA_get0_dmp1(const RSA *r);
const BIGNUM *RSA_get0_dmq1(const RSA *r);
const BIGNUM *RSA_get0_iqmp(const RSA *r);
DEPRECATEDIN_3_0(const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r))
void RSA_clear_flags(RSA *r, int flags);
int RSA_test_flags(const RSA *r, int flags);
void RSA_set_flags(RSA *r, int flags);
DEPRECATEDIN_3_0(int RSA_get_version(RSA *r))
DEPRECATEDIN_3_0(ENGINE *RSA_get0_engine(const RSA *r))
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_n(const RSA *d);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_e(const RSA *d);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_d(const RSA *d);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_p(const RSA *d);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_q(const RSA *d);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_dmp1(const RSA *r);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_dmq1(const RSA *r);
OSSL_DEPRECATEDIN_3_0 const BIGNUM *RSA_get0_iqmp(const RSA *r);
OSSL_DEPRECATEDIN_3_0 const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r);
OSSL_DEPRECATEDIN_3_0 void RSA_clear_flags(RSA *r, int flags);
OSSL_DEPRECATEDIN_3_0 int RSA_test_flags(const RSA *r, int flags);
OSSL_DEPRECATEDIN_3_0 void RSA_set_flags(RSA *r, int flags);
OSSL_DEPRECATEDIN_3_0 int RSA_get_version(RSA *r);
OSSL_DEPRECATEDIN_3_0 ENGINE *RSA_get0_engine(const RSA *r);
/* Deprecated version */
DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void
(*callback) (int, int, void *),
void *cb_arg))
OSSL_DEPRECATEDIN_0_9_8 RSA *RSA_generate_key(int bits, unsigned long e, void
(*callback) (int, int, void *),
void *cb_arg);
/* New version */
DEPRECATEDIN_3_0(int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
BN_GENCB *cb))
OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
BN_GENCB *cb);
/* Multi-prime version */
DEPRECATEDIN_3_0(int RSA_generate_multi_prime_key(RSA *rsa, int bits,
int primes, BIGNUM *e,
BN_GENCB *cb))
DEPRECATEDIN_3_0(int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
BIGNUM *q1, BIGNUM *q2,
const BIGNUM *Xp1, const BIGNUM *Xp2,
const BIGNUM *Xp, const BIGNUM *Xq1,
const BIGNUM *Xq2, const BIGNUM *Xq,
const BIGNUM *e, BN_GENCB *cb))
DEPRECATEDIN_3_0(int RSA_X931_generate_key_ex(RSA *rsa, int bits,
const BIGNUM *e, BN_GENCB *cb))
DEPRECATEDIN_3_0(int RSA_check_key(const RSA *))
DEPRECATEDIN_3_0(int RSA_check_key_ex(const RSA *, BN_GENCB *cb))
OSSL_DEPRECATEDIN_3_0 int RSA_generate_multi_prime_key(RSA *rsa, int bits,
int primes, BIGNUM *e,
BN_GENCB *cb);
OSSL_DEPRECATEDIN_3_0
int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2,
BIGNUM *q1, BIGNUM *q2,
const BIGNUM *Xp1, const BIGNUM *Xp2,
const BIGNUM *Xp, const BIGNUM *Xq1,
const BIGNUM *Xq2, const BIGNUM *Xq,
const BIGNUM *e, BN_GENCB *cb);
OSSL_DEPRECATEDIN_3_0 int RSA_X931_generate_key_ex(RSA *rsa, int bits,
const BIGNUM *e,
BN_GENCB *cb);
OSSL_DEPRECATEDIN_3_0 int RSA_check_key(const RSA *);
OSSL_DEPRECATEDIN_3_0 int RSA_check_key_ex(const RSA *, BN_GENCB *cb);
/* next 4 return -1 on error */
DEPRECATEDIN_3_0(int RSA_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding))
DEPRECATEDIN_3_0(int RSA_private_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding))
DEPRECATEDIN_3_0(int RSA_public_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding))
DEPRECATEDIN_3_0(int RSA_private_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,
int padding))
void RSA_free(RSA *r);
OSSL_DEPRECATEDIN_3_0
int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
RSA *rsa, int padding);
OSSL_DEPRECATEDIN_3_0
int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
RSA *rsa, int padding);
OSSL_DEPRECATEDIN_3_0
int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
RSA *rsa, int padding);
OSSL_DEPRECATEDIN_3_0
int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
RSA *rsa, int padding);
OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r);
/* "up" the RSA object's reference count */
int RSA_up_ref(RSA *r);
/* TODO(3.0): deprecate this one ssl/ssl_rsa.c can be changed to avoid it */
int RSA_flags(const RSA *r);
OSSL_DEPRECATEDIN_3_0 int RSA_up_ref(RSA *r);
OSSL_DEPRECATEDIN_3_0 int RSA_flags(const RSA *r);
DEPRECATEDIN_3_0(void RSA_set_default_method(const RSA_METHOD *meth))
DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_default_method(void))
DEPRECATEDIN_3_0(const RSA_METHOD *RSA_null_method(void))
DEPRECATEDIN_3_0(const RSA_METHOD *RSA_get_method(const RSA *rsa))
DEPRECATEDIN_3_0(int RSA_set_method(RSA *rsa, const RSA_METHOD *meth))
OSSL_DEPRECATEDIN_3_0 void RSA_set_default_method(const RSA_METHOD *meth);
OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_get_default_method(void);
OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_null_method(void);
OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_get_method(const RSA *rsa);
OSSL_DEPRECATEDIN_3_0 int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
/* these are the actual RSA functions */
DEPRECATEDIN_3_0(const RSA_METHOD *RSA_PKCS1_OpenSSL(void))
OSSL_DEPRECATEDIN_3_0 const RSA_METHOD *RSA_PKCS1_OpenSSL(void);
int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(OSSL_DEPRECATEDIN_3_0,
RSA, RSAPublicKey)
DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(OSSL_DEPRECATEDIN_3_0,
RSA, RSAPrivateKey)
# endif /* !OPENSSL_NO_DEPRECATED_3_0 */
DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPublicKey)
DECLARE_ASN1_ENCODE_FUNCTIONS_name(RSA, RSAPrivateKey)
int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2);
struct rsa_pss_params_st {
X509_ALGOR *hashAlgorithm;
@ -321,130 +329,127 @@ typedef struct rsa_oaep_params_st {
DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
# ifndef OPENSSL_NO_STDIO
DEPRECATEDIN_3_0(int RSA_print_fp(FILE *fp, const RSA *r, int offset))
# endif
# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_STDIO
OSSL_DEPRECATEDIN_3_0 int RSA_print_fp(FILE *fp, const RSA *r, int offset);
# endif
DEPRECATEDIN_3_0(int RSA_print(BIO *bp, const RSA *r, int offset))
OSSL_DEPRECATEDIN_3_0 int RSA_print(BIO *bp, const RSA *r, int offset);
/*
* The following 2 functions sign and verify a X509_SIG ASN1 object inside
* PKCS#1 padded RSA encryption
*/
DEPRECATEDIN_3_0(int RSA_sign(int type, const unsigned char *m,
unsigned int m_length, unsigned char *sigret,
unsigned int *siglen, RSA *rsa))
DEPRECATEDIN_3_0(int RSA_verify(int type, const unsigned char *m,
unsigned int m_length,
const unsigned char *sigbuf,
unsigned int siglen, RSA *rsa))
OSSL_DEPRECATEDIN_3_0 int RSA_sign(int type, const unsigned char *m,
unsigned int m_length, unsigned char *sigret,
unsigned int *siglen, RSA *rsa);
OSSL_DEPRECATEDIN_3_0 int RSA_verify(int type, const unsigned char *m,
unsigned int m_length,
const unsigned char *sigbuf,
unsigned int siglen, RSA *rsa);
/*
* The following 2 function sign and verify a ASN1_OCTET_STRING object inside
* PKCS#1 padded RSA encryption
*/
DEPRECATEDIN_3_0(int RSA_sign_ASN1_OCTET_STRING(int type,
const unsigned char *m,
unsigned int m_length,
unsigned char *sigret,
unsigned int *siglen, RSA *rsa))
DEPRECATEDIN_3_0(int RSA_verify_ASN1_OCTET_STRING(int type,
const unsigned char *m,
unsigned int m_length,
unsigned char *sigbuf,
unsigned int siglen,
RSA *rsa))
/* TODO(3.0): figure out how to deprecate these two */
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
void RSA_blinding_off(RSA *rsa);
DEPRECATEDIN_3_0(BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx))