Add support for legacy PEM format private keys in EVP_PKEY_ASN1_METHOD.
[openssl.git] / crypto / rsa / rsa_ameth.c
1 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
2  * project 2006.
3  */
4 /* ====================================================================
5  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer. 
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in
16  *    the documentation and/or other materials provided with the
17  *    distribution.
18  *
19  * 3. All advertising materials mentioning features or use of this
20  *    software must display the following acknowledgment:
21  *    "This product includes software developed by the OpenSSL Project
22  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23  *
24  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25  *    endorse or promote products derived from this software without
26  *    prior written permission. For written permission, please contact
27  *    licensing@OpenSSL.org.
28  *
29  * 5. Products derived from this software may not be called "OpenSSL"
30  *    nor may "OpenSSL" appear in their names without prior written
31  *    permission of the OpenSSL Project.
32  *
33  * 6. Redistributions of any form whatsoever must retain the following
34  *    acknowledgment:
35  *    "This product includes software developed by the OpenSSL Project
36  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37  *
38  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49  * OF THE POSSIBILITY OF SUCH DAMAGE.
50  * ====================================================================
51  *
52  * This product includes cryptographic software written by Eric Young
53  * (eay@cryptsoft.com).  This product includes software written by Tim
54  * Hudson (tjh@cryptsoft.com).
55  *
56  */
57
58 #include <stdio.h>
59 #include "cryptlib.h"
60 #include <openssl/asn1t.h>
61 #include <openssl/x509.h>
62 #include <openssl/rsa.h>
63 #include "asn1_locl.h"
64
65 static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
66         {
67         unsigned char *penc = NULL;
68         int penclen;
69         penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
70         if (penclen <= 0)
71                 return 0;
72         if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA),
73                                 V_ASN1_NULL, NULL, penc, penclen))
74                 return 1;
75
76         OPENSSL_free(penc);
77         return 0;
78         }
79
80 static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
81         {
82         const unsigned char *p;
83         int pklen;
84         RSA *rsa = NULL;
85         if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
86                 return 0;
87         if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen)))
88                 {
89                 RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
90                 return 0;
91                 }
92         EVP_PKEY_assign_RSA (pkey, rsa);
93         return 1;
94         }
95
96 static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
97         {
98         if (BN_cmp(b->pkey.rsa->n,a->pkey.rsa->n) != 0
99                 || BN_cmp(b->pkey.rsa->e,a->pkey.rsa->e) != 0)
100                         return 0;
101         return 1;
102         }
103
104 static int old_rsa_priv_decode(EVP_PKEY *pkey,
105                                         const unsigned char **pder, int derlen)
106         {
107         RSA *rsa;
108         if (!(rsa = d2i_RSAPrivateKey (NULL, pder, derlen)))
109                 {
110                 RSAerr(RSA_F_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
111                 return 0;
112                 }
113         EVP_PKEY_assign_RSA(pkey, rsa);
114         return 1;
115         }
116
117 static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
118         {
119         return i2d_RSAPrivateKey(pkey->pkey.rsa, pder);
120         }
121
122 static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
123         {
124         unsigned char *rk = NULL;
125         int rklen;
126         rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
127
128         if (rklen <= 0)
129                 {
130                 RSAerr(RSA_F_RSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
131                 return 0;
132                 }
133
134         if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0,
135                                 V_ASN1_NULL, NULL, rk, rklen))
136                 {
137                 RSAerr(RSA_F_RSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
138                 return 0;
139                 }
140
141         return 1;
142         }
143
144 static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
145         {
146         const unsigned char *p;
147         int pklen;
148         if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8))
149                 return 0;
150         return old_rsa_priv_decode(pkey, &p, pklen);
151         }
152
153 static int int_rsa_size(const EVP_PKEY *pkey)
154         {
155         return RSA_size(pkey->pkey.rsa);
156         }
157
158 static int rsa_bits(const EVP_PKEY *pkey)
159         {
160         return BN_num_bits(pkey->pkey.rsa->n);
161         }
162
163 static void int_rsa_free(EVP_PKEY *pkey)
164         {
165         RSA_free(pkey->pkey.rsa);
166         }
167
168
169 static void update_buflen(const BIGNUM *b, size_t *pbuflen)
170         {
171         int i;
172         if (!b)
173                 return;
174         if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
175                         *pbuflen = i;
176         }
177
178 static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
179         {
180         char *str;
181         const char *s;
182         unsigned char *m=NULL;
183         int ret=0, mod_len = 0;
184         size_t buf_len=0;
185
186         update_buflen(x->n, &buf_len);
187         update_buflen(x->e, &buf_len);
188
189         if (priv)
190                 {
191                 update_buflen(x->d, &buf_len);
192                 update_buflen(x->p, &buf_len);
193                 update_buflen(x->q, &buf_len);
194                 update_buflen(x->dmp1, &buf_len);
195                 update_buflen(x->dmq1, &buf_len);
196                 update_buflen(x->iqmp, &buf_len);
197                 }
198
199         m=(unsigned char *)OPENSSL_malloc(buf_len+10);
200         if (m == NULL)
201                 {
202                 RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
203                 goto err;
204                 }
205
206         if (x->n != NULL)
207                 mod_len = BN_num_bits(x->n);
208
209         if(!BIO_indent(bp,off,128))
210                 goto err;
211
212         if (priv && x->d)
213                 {
214                 if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len)
215                         <= 0) goto err;
216                 str = "modulus:";
217                 s = "publicExponent:";
218                 }
219         else
220                 {
221                 if (BIO_printf(bp,"Public-Key: (%d bit)\n", mod_len)
222                         <= 0) goto err;
223                 str = "Modulus:";
224                 s= "Exponent:";
225                 }
226         if (!ASN1_bn_print(bp,str,x->n,m,off)) goto err;
227         if (!ASN1_bn_print(bp,s,x->e,m,off))
228                 goto err;
229         if (priv)
230                 {
231                 if (!ASN1_bn_print(bp,"privateExponent:",x->d,m,off))
232                         goto err;
233                 if (!ASN1_bn_print(bp,"prime1:",x->p,m,off))
234                         goto err;
235                 if (!ASN1_bn_print(bp,"prime2:",x->q,m,off))
236                         goto err;
237                 if (!ASN1_bn_print(bp,"exponent1:",x->dmp1,m,off))
238                         goto err;
239                 if (!ASN1_bn_print(bp,"exponent2:",x->dmq1,m,off))
240                         goto err;
241                 if (!ASN1_bn_print(bp,"coefficient:",x->iqmp,m,off))
242                         goto err;
243                 }
244         ret=1;
245 err:
246         if (m != NULL) OPENSSL_free(m);
247         return(ret);
248         }
249
250 static int rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
251                                                         ASN1_PCTX *ctx)
252         {
253         return do_rsa_print(bp, pkey->pkey.rsa, indent, 0);
254         }
255
256
257 static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
258                                                         ASN1_PCTX *ctx)
259         {
260         return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
261         }
262
263 const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = 
264         {
265                 {
266                 EVP_PKEY_RSA,
267                 EVP_PKEY_RSA,
268                 0,
269
270                 "RSA",
271                 "OpenSSL RSA method",
272
273                 rsa_pub_decode,
274                 rsa_pub_encode,
275                 rsa_pub_cmp,
276                 rsa_pub_print,
277
278                 rsa_priv_decode,
279                 rsa_priv_encode,
280                 rsa_priv_print,
281
282                 int_rsa_size,
283                 rsa_bits,
284
285                 0,0,0,0,0,0,
286
287                 int_rsa_free,
288                 0,
289                 old_rsa_priv_decode,
290                 old_rsa_priv_encode
291                 },
292
293                 {
294                 EVP_PKEY_RSA2,
295                 EVP_PKEY_RSA,
296                 ASN1_PKEY_ALIAS
297                 }
298         };