X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frsa%2Frsa_chk.c;h=a351e6dee4a98b223e3f081374bc9bd909ab44d0;hp=2462c5e7933c602d135851da3c2d9d4d52bd7924;hb=2afb29b480d87c4c24f830e69dfe82762e3db608;hpb=6519b2cb922cd7f5405112fba87f17f39adc82ee

diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c
index 2462c5e793..a351e6dee4 100644
--- a/crypto/rsa/rsa_chk.c
+++ b/crypto/rsa/rsa_chk.c
@@ -1,4 +1,4 @@
-/* crypto/rsa/rsa_chck.c  -*- Mode: C; c-file-style: "eay" -*- */
+/* crypto/rsa/rsa_chk.c  -*- Mode: C; c-file-style: "eay" -*- */
 /* ====================================================================
  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
@@ -53,11 +53,23 @@
 #include <openssl/rsa.h>
 
 
-int RSA_check_key(RSA *key)
+int RSA_check_key(const RSA *key)
+	{
+	return RSA_check_key_ex(key, NULL);
+	}
+
+int RSA_check_key_ex(const RSA *key, BN_GENCB *cb)
 	{
 	BIGNUM *i, *j, *k, *l, *m;
 	BN_CTX *ctx;
+	int r;
 	int ret=1;
+
+	if (!key->p || !key->q || !key->n || !key->e || !key->d)
+		{
+		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
+		return 0;
+		}
 	
 	i = BN_new();
 	j = BN_new();
@@ -68,86 +80,110 @@ int RSA_check_key(RSA *key)
 	if (i == NULL || j == NULL || k == NULL || l == NULL ||
 		m == NULL || ctx == NULL)
 		{
+		ret = -1;
 		RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 	
 	/* p prime? */
-	if (BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL) != 1)
+	r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, cb);
+	if (r != 1)
 		{
-		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
+		ret = r;
+		if (r != 0)
 			goto err;
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
 		}
 	
 	/* q prime? */
-	if (BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL) != 1)
+	r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, cb);
+	if (r != 1)
 		{
-		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
+		ret = r;
+		if (r != 0)
 			goto err;
 		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
 		}
 	
 	/* n = p*q? */
-	BN_mul(i, key->p, key->q, ctx);
+	r = BN_mul(i, key->p, key->q, ctx);
+	if (!r) { ret = -1; goto err; }
+	
 	if (BN_cmp(i, key->n) != 0)
 		{
 		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_PQ);
+		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
 		}
 	
-	/* dmp1 = d mod (p-1)? */
-	BN_sub(i, key->p, BN_value_one());
-	BN_mod(j, key->d, i, ctx);
-	if (BN_cmp(j, key->dmp1) != 0)
+	/* d*e = 1  mod lcm(p-1,q-1)? */
+
+	r = BN_sub(i, key->p, BN_value_one());
+	if (!r) { ret = -1; goto err; }
+	r = BN_sub(j, key->q, BN_value_one());
+	if (!r) { ret = -1; goto err; }
+
+	/* now compute k = lcm(i,j) */
+	r = BN_mul(l, i, j, ctx);
+	if (!r) { ret = -1; goto err; }
+	r = BN_gcd(m, i, j, ctx);
+	if (!r) { ret = -1; goto err; }
+	r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
+	if (!r) { ret = -1; goto err; }
+
+	r = BN_mod_mul(i, key->d, key->e, k, ctx);
+	if (!r) { ret = -1; goto err; }
+
+	if (!BN_is_one(i))
 		{
 		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
+		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
 		}
 	
-	/* dmq1 = d mod (q-1)? */    
-	BN_sub(i, key->q, BN_value_one());
-	BN_mod(j, key->d, i, ctx);
-	if (BN_cmp(j, key->dmq1) != 0)
+	if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL)
 		{
-		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
-		}
+		/* dmp1 = d mod (p-1)? */
+		r = BN_sub(i, key->p, BN_value_one());
+		if (!r) { ret = -1; goto err; }
+
+		r = BN_mod(j, key->d, i, ctx);
+		if (!r) { ret = -1; goto err; }
+
+		if (BN_cmp(j, key->dmp1) != 0)
+			{
+			ret = 0;
+			RSAerr(RSA_F_RSA_CHECK_KEY,
+				RSA_R_DMP1_NOT_CONGRUENT_TO_D);
+			}
 	
-	/* iqmp = q^-1 mod p? */
-	BN_mod_inverse(i, key->q, key->p, ctx);
-	if (BN_cmp(i, key->iqmp) != 0)
-		{
-		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
-		}
+		/* dmq1 = d mod (q-1)? */    
+		r = BN_sub(i, key->q, BN_value_one());
+		if (!r) { ret = -1; goto err; }
 	
-	/* d*e = 1  mod lcm(p-1,q-1)? */
-	BN_sub(i, key->p, BN_value_one());
-	BN_sub(j, key->q, BN_value_one());
-	/* now compute k = lcm(i,j) */
-	BN_mul(l, i, j, ctx);
-	BN_gcd(m, i, j, ctx);
-	BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
-	BN_mod_mul(i, key->d, key->e, k, ctx);
-	if (!BN_is_one(i))
-		{
-		ret = 0;
-		if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
+		r = BN_mod(j, key->d, i, ctx);
+		if (!r) { ret = -1; goto err; }
+
+		if (BN_cmp(j, key->dmq1) != 0)
+			{
+			ret = 0;
+			RSAerr(RSA_F_RSA_CHECK_KEY,
+				RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
+			}
+	
+		/* iqmp = q^-1 mod p? */
+		if(!BN_mod_inverse(i, key->q, key->p, ctx))
+			{
+			ret = -1;
 			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DE_NOT_CONGRUENT_TO_1);
+			}
+
+		if (BN_cmp(i, key->iqmp) != 0)
+			{
+			ret = 0;
+			RSAerr(RSA_F_RSA_CHECK_KEY,
+				RSA_R_IQMP_NOT_INVERSE_OF_Q);
+			}
 		}
-	
+
  err:
 	if (i != NULL) BN_free(i);
 	if (j != NULL) BN_free(j);