+static int rsa_pkey_check(const EVP_PKEY *pkey)
+{
+ return RSA_check_key_ex(pkey->pkey.rsa, NULL);
+}
+
+static size_t rsa_pkey_dirty_cnt(const EVP_PKEY *pkey)
+{
+ return pkey->pkey.rsa->dirty_cnt;
+}
+
+DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
+
+static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
+ EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx,
+ const char *propq)
+{
+ RSA *rsa = from->pkey.rsa;
+ OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new();
+ const BIGNUM *n = RSA_get0_n(rsa), *e = RSA_get0_e(rsa);
+ const BIGNUM *d = RSA_get0_d(rsa);
+ STACK_OF(BIGNUM_const) *primes = NULL, *exps = NULL, *coeffs = NULL;
+ int numprimes = 0, numexps = 0, numcoeffs = 0;
+ OSSL_PARAM *params = NULL;
+ int selection = 0;
+ int rv = 0;
+
+ if (tmpl == NULL)
+ return 0;
+ /*
+ * If the RSA method is foreign, then we can't be sure of anything, and
+ * can therefore not export or pretend to export.
+ */
+ if (RSA_get_method(rsa) != RSA_PKCS1_OpenSSL())
+ goto err;
+
+ /* Public parameters must always be present */
+ if (n == NULL || e == NULL)
+ goto err;
+
+ /* |e| and |n| are always present */
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, e))
+ goto err;
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_N, n))
+ goto err;
+ selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
+
+ if (d != NULL) {
+ int i;
+
+ /* Get all the primes and CRT params */
+ if ((primes = sk_BIGNUM_const_new_null()) == NULL
+ || (exps = sk_BIGNUM_const_new_null()) == NULL
+ || (coeffs = sk_BIGNUM_const_new_null()) == NULL)
+ goto err;
+
+ if (!rsa_get0_all_params(rsa, primes, exps, coeffs))
+ goto err;
+
+ numprimes = sk_BIGNUM_const_num(primes);
+ numexps = sk_BIGNUM_const_num(exps);
+ numcoeffs = sk_BIGNUM_const_num(coeffs);
+
+ /*
+ * It's permisssible to have zero primes, i.e. no CRT params.
+ * Otherwise, there must be at least two, as many exponents,
+ * and one coefficient less.
+ */
+ if (numprimes != 0
+ && (numprimes < 2 || numexps < 2 || numcoeffs < 1))
+ goto err;
+
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_D, d))
+ goto err;
+ selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
+
+ for (i = 0; i < numprimes && rsa_mp_factor_names[i] != NULL; i++) {
+ const BIGNUM *num = sk_BIGNUM_const_value(primes, i);
+
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, rsa_mp_factor_names[i], num))
+ goto err;
+ }
+
+ for (i = 0; i < numexps && rsa_mp_exp_names[i] != NULL; i++) {
+ const BIGNUM *num = sk_BIGNUM_const_value(exps, i);
+
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, rsa_mp_exp_names[i], num))
+ goto err;
+ }
+
+ for (i = 0; i < numcoeffs && rsa_mp_coeff_names[i] != NULL; i++) {
+ const BIGNUM *num = sk_BIGNUM_const_value(coeffs, i);
+
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, rsa_mp_coeff_names[i], num))
+ goto err;
+ }
+ }
+
+ if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
+ goto err;
+
+ /* We export, the provider imports */
+ rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
+
+ err:
+ sk_BIGNUM_const_free(primes);
+ sk_BIGNUM_const_free(exps);
+ sk_BIGNUM_const_free(coeffs);
+ OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_BLD_free(tmpl);
+ return rv;
+}
+
+static int rsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
+{
+ EVP_PKEY_CTX *pctx = vpctx;
+ EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+ RSA *rsa = rsa_new_with_ctx(pctx->libctx);
+
+ if (rsa == NULL) {
+ ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+
+ if (!rsa_fromdata(rsa, params)
+ || !EVP_PKEY_assign_RSA(pkey, rsa)) {
+ RSA_free(rsa);
+ return 0;
+ }
+ return 1;
+}
+
+const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2] = {