/*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* https://www.openssl.org/source/license.html
*/
+/*
+ * RSA low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/types.h>
#include <openssl/params.h>
#include <openssl/safestack.h>
+#include "crypto/rsa.h"
#include "prov/bio.h"
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
struct pkcs8_encrypt_ctx_st sc;
};
-/* Helper functions to prepare RSA-PSS params for serialization */
-
-static int prepare_rsa_params(const void *rsa, int nid,
- ASN1_STRING **pstr, int *pstrtype)
-{
- const RSA_PSS_PARAMS *pss = RSA_get0_pss_params(rsa);
- *pstr = NULL;
-
- /* If RSA it's just NULL type */
- if (nid != EVP_PKEY_RSA_PSS) {
- *pstrtype = V_ASN1_NULL;
- return 1;
- }
- /* If no PSS parameters we omit parameters entirely */
- if (pss == NULL) {
- *pstrtype = V_ASN1_UNDEF;
- return 1;
- }
- /* Encode PSS parameters */
- if (ASN1_item_pack((void *)pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), pstr)
- == NULL)
- return 0;
-
- *pstrtype = V_ASN1_SEQUENCE;
- return 1;
-}
-
/* Private key : context */
static void *rsa_priv_newctx(void *provctx)
{
if (ctx != NULL) {
ctx->provctx = provctx;
+ /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
+ ctx->sc.pbe_nid = -1;
}
-
- /* -1 is the "whatever" indicator, i.e. the PKCS8 library default PBE */
- ctx->sc.pbe_nid = -1;
-
return ctx;
}
OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
{
struct rsa_priv_ctx_st *ctx = vctx;
- OSSL_OP_keymgmt_importkey_fn *rsa_importkey =
- ossl_prov_get_rsa_importkey();
+ OSSL_OP_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new();
+ OSSL_OP_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free();
+ OSSL_OP_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import();
int ok = 0;
- if (rsa_importkey != NULL) {
- RSA *rsa = rsa_importkey(ctx->provctx, params);
+ if (rsa_import != NULL) {
+ RSA *rsa;
- ok = rsa_priv_der(vctx, rsa, out, cb, cbarg);
- RSA_free(rsa);
+ if ((rsa = rsa_new(ctx->provctx)) != NULL
+ && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+ && rsa_priv_der(ctx, rsa, out, cb, cbarg))
+ ok = 1;
+ rsa_free(rsa);
}
return ok;
}
ctx->sc.cb = cb;
ctx->sc.cbarg = cbarg;
- ret = ossl_prov_write_priv_der_from_obj(out, rsa, EVP_PKEY_RSA,
- prepare_rsa_params,
+ ret = ossl_prov_write_priv_der_from_obj(out, rsa,
+ ossl_prov_rsa_type_to_evp(rsa),
+ ossl_prov_prepare_rsa_params,
(i2d_of_void *)i2d_RSAPrivateKey,
&ctx->sc);
OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
{
struct rsa_priv_ctx_st *ctx = vctx;
- OSSL_OP_keymgmt_importkey_fn *rsa_importkey =
- ossl_prov_get_rsa_importkey();
+ OSSL_OP_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new();
+ OSSL_OP_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free();
+ OSSL_OP_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import();
int ok = 0;
- if (rsa_importkey != NULL) {
- RSA *rsa = rsa_importkey(ctx, params);
+ if (rsa_import != NULL) {
+ RSA *rsa;
- ok = rsa_pem_priv(vctx, rsa, out, cb, cbarg);
- RSA_free(rsa);
+ if ((rsa = rsa_new(ctx->provctx)) != NULL
+ && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+ && rsa_pem_priv(ctx, rsa, out, cb, cbarg))
+ ok = 1;
+ rsa_free(rsa);
}
return ok;
}
ctx->sc.cb = cb;
ctx->sc.cbarg = cbarg;
- ret = ossl_prov_write_priv_pem_from_obj(out, rsa, EVP_PKEY_RSA,
- prepare_rsa_params,
+ ret = ossl_prov_write_priv_pem_from_obj(out, rsa,
+ ossl_prov_rsa_type_to_evp(rsa),
+ ossl_prov_prepare_rsa_params,
(i2d_of_void *)i2d_RSAPrivateKey,
&ctx->sc);
{
}
-static int rsa_priv_print_data(void *provctx, const OSSL_PARAM params[],
+static int rsa_priv_print_data(void *vctx, const OSSL_PARAM params[],
BIO *out,
OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
{
- OSSL_OP_keymgmt_importkey_fn *rsa_importkey =
- ossl_prov_get_rsa_importkey();
+ struct rsa_priv_ctx_st *ctx = vctx;
+ OSSL_OP_keymgmt_new_fn *rsa_new = ossl_prov_get_keymgmt_rsa_new();
+ OSSL_OP_keymgmt_free_fn *rsa_free = ossl_prov_get_keymgmt_rsa_free();
+ OSSL_OP_keymgmt_import_fn *rsa_import = ossl_prov_get_keymgmt_rsa_import();
int ok = 0;
- if (rsa_importkey != NULL) {
- RSA *rsa = rsa_importkey(provctx, params); /* ctx == provctx */
+ if (rsa_import != NULL) {
+ RSA *rsa;
- ok = rsa_priv_print(provctx, rsa, out, cb, cbarg);
- RSA_free(rsa);
+ if ((rsa = rsa_new(ctx->provctx)) != NULL
+ && rsa_import(rsa, OSSL_KEYMGMT_SELECT_KEYPAIR, params)
+ && rsa_priv_print(ctx, rsa, out, cb, cbarg))
+ ok = 1;
+ rsa_free(rsa);
}
return ok;
}