From f08abba079dae83ad95b35691473b9253691c43b Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 17 Feb 2018 13:47:35 +0000 Subject: [PATCH] Provide further parts of the OpenSSL 1.1 API: {DH,DSA}_get0_{key,pqg}(), EVP_PKEY_get0_{DH,DSA,RSA}(), RSA_{g,s}et0_key(). ok jsing --- lib/libcrypto/Symbols.list | 9 +++++ lib/libcrypto/dh/dh.h | 6 +++- lib/libcrypto/dh/dh_lib.c | 22 +++++++++++- lib/libcrypto/dsa/dsa.h | 6 +++- lib/libcrypto/dsa/dsa_lib.c | 22 +++++++++++- lib/libcrypto/evp/evp.h | 11 +++--- lib/libcrypto/evp/p_lib.c | 67 ++++++++++++++++++++++++++----------- lib/libcrypto/rsa/rsa.h | 6 +++- lib/libcrypto/rsa/rsa_lib.c | 35 ++++++++++++++++++- 9 files changed, 155 insertions(+), 29 deletions(-) diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index d9cbe853a9a..99930ffa17c 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -736,6 +736,8 @@ DH_free DH_generate_key DH_generate_parameters DH_generate_parameters_ex +DH_get0_key +DH_get0_pqg DH_get_default_method DH_get_ex_data DH_get_ex_new_index @@ -776,6 +778,8 @@ DSA_free DSA_generate_key DSA_generate_parameters DSA_generate_parameters_ex +DSA_get0_key +DSA_get0_pqg DSA_get_default_method DSA_get_ex_data DSA_get_ex_new_index @@ -1338,9 +1342,12 @@ EVP_PKEY_encrypt_old EVP_PKEY_free EVP_PKEY_get0 EVP_PKEY_get0_asn1 +EVP_PKEY_get0_DH EVP_PKEY_get1_DH +EVP_PKEY_get0_DSA EVP_PKEY_get1_DSA EVP_PKEY_get1_EC_KEY +EVP_PKEY_get0_RSA EVP_PKEY_get1_RSA EVP_PKEY_get_attr EVP_PKEY_get_attr_by_NID @@ -2185,6 +2192,7 @@ RSA_flags RSA_free RSA_generate_key RSA_generate_key_ex +RSA_get0_key RSA_get_default_method RSA_get_ex_data RSA_get_ex_new_index @@ -2209,6 +2217,7 @@ RSA_private_decrypt RSA_private_encrypt RSA_public_decrypt RSA_public_encrypt +RSA_set0_key RSA_set_default_method RSA_set_ex_data RSA_set_method diff --git a/lib/libcrypto/dh/dh.h b/lib/libcrypto/dh/dh.h index 920af3b92d4..61c7d6c873d 100644 --- a/lib/libcrypto/dh/dh.h +++ b/lib/libcrypto/dh/dh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.h,v 1.18 2016/11/04 18:35:30 jsing Exp $ */ +/* $OpenBSD: dh.h,v 1.19 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -188,6 +188,10 @@ int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); +void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, + const BIGNUM **g); +void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); + /* Deprecated version */ #ifndef OPENSSL_NO_DEPRECATED DH * DH_generate_parameters(int prime_len,int generator, diff --git a/lib/libcrypto/dh/dh_lib.c b/lib/libcrypto/dh/dh_lib.c index d45dc171682..5a54ca88da8 100644 --- a/lib/libcrypto/dh/dh_lib.c +++ b/lib/libcrypto/dh/dh_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_lib.c,v 1.22 2017/01/29 17:49:22 beck Exp $ */ +/* $OpenBSD: dh_lib.c,v 1.23 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -239,3 +239,23 @@ DH_size(const DH *dh) { return BN_num_bytes(dh->p); } + +void +DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) +{ + if (p != NULL) + *p = dh->p; + if (q != NULL) + *q = dh->q; + if (g != NULL) + *g = dh->g; +} + +void +DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) +{ + if (pub_key != NULL) + *pub_key = dh->pub_key; + if (priv_key != NULL) + *priv_key = dh->priv_key; +} diff --git a/lib/libcrypto/dsa/dsa.h b/lib/libcrypto/dsa/dsa.h index 6ddd4c35d5c..f990ad52f04 100644 --- a/lib/libcrypto/dsa/dsa.h +++ b/lib/libcrypto/dsa/dsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa.h,v 1.22 2016/11/04 18:35:30 jsing Exp $ */ +/* $OpenBSD: dsa.h,v 1.23 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -257,6 +257,10 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off); DH *DSA_dup_DH(const DSA *r); #endif +void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, + const BIGNUM **g); +void DSA_get0_key(const DH *d, const BIGNUM **pub_key, const BIGNUM **priv_key); + #define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) diff --git a/lib/libcrypto/dsa/dsa_lib.c b/lib/libcrypto/dsa/dsa_lib.c index 58af74889cc..ae9155c9f8c 100644 --- a/lib/libcrypto/dsa/dsa_lib.c +++ b/lib/libcrypto/dsa/dsa_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_lib.c,v 1.23 2017/01/29 17:49:22 beck Exp $ */ +/* $OpenBSD: dsa_lib.c,v 1.24 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -303,3 +303,23 @@ err: return NULL; } #endif + +void +DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) +{ + if (p != NULL) + *p = d->p; + if (q != NULL) + *q = d->q; + if (g != NULL) + *g = d->g; +} + +void +DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key) +{ + if (pub_key != NULL) + *pub_key = d->pub_key; + if (priv_key != NULL) + *priv_key = d->priv_key; +} diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h index 09df7db64bd..c8da89844d5 100644 --- a/lib/libcrypto/evp/evp.h +++ b/lib/libcrypto/evp/evp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp.h,v 1.54 2018/02/14 16:40:42 jsing Exp $ */ +/* $OpenBSD: evp.h,v 1.55 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -870,18 +870,21 @@ void *EVP_PKEY_get0(EVP_PKEY *pkey); #ifndef OPENSSL_NO_RSA struct rsa_st; -int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key); +struct rsa_st *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); +int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key); #endif #ifndef OPENSSL_NO_DSA struct dsa_st; -int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key); +struct dsa_st *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey); +int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key); #endif #ifndef OPENSSL_NO_DH struct dh_st; -int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key); +struct dh_st *EVP_PKEY_get0_DH(EVP_PKEY *pkey); struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); +int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key); #endif #ifndef OPENSSL_NO_EC struct ec_key_st; diff --git a/lib/libcrypto/evp/p_lib.c b/lib/libcrypto/evp/p_lib.c index e001755ef18..3cd1bf3b348 100644 --- a/lib/libcrypto/evp/p_lib.c +++ b/lib/libcrypto/evp/p_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: p_lib.c,v 1.18 2018/02/14 16:40:42 jsing Exp $ */ +/* $OpenBSD: p_lib.c,v 1.19 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -286,13 +286,14 @@ EVP_PKEY_get0(EVP_PKEY *pkey) } #ifndef OPENSSL_NO_RSA -int -EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) +RSA * +EVP_PKEY_get0_RSA(EVP_PKEY *pkey) { - int ret = EVP_PKEY_assign_RSA(pkey, key); - if (ret) - RSA_up_ref(key); - return ret; + if (pkey->type != EVP_PKEY_RSA) { + EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); + return NULL; + } + return pkey->pkey.rsa; } RSA * @@ -305,17 +306,27 @@ EVP_PKEY_get1_RSA(EVP_PKEY *pkey) RSA_up_ref(pkey->pkey.rsa); return pkey->pkey.rsa; } -#endif -#ifndef OPENSSL_NO_DSA int -EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) +EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { - int ret = EVP_PKEY_assign_DSA(pkey, key); + int ret = EVP_PKEY_assign_RSA(pkey, key); if (ret) - DSA_up_ref(key); + RSA_up_ref(key); return ret; } +#endif + +#ifndef OPENSSL_NO_DSA +DSA * +EVP_PKEY_get0_DSA(EVP_PKEY *pkey) +{ + if (pkey->type != EVP_PKEY_DSA) { + EVPerror(EVP_R_EXPECTING_A_DSA_KEY); + return NULL; + } + return pkey->pkey.dsa; +} DSA * EVP_PKEY_get1_DSA(EVP_PKEY *pkey) @@ -327,6 +338,15 @@ EVP_PKEY_get1_DSA(EVP_PKEY *pkey) DSA_up_ref(pkey->pkey.dsa); return pkey->pkey.dsa; } + +int +EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) +{ + int ret = EVP_PKEY_assign_DSA(pkey, key); + if (ret) + DSA_up_ref(key); + return ret; +} #endif #ifndef OPENSSL_NO_EC @@ -354,14 +374,14 @@ EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) #ifndef OPENSSL_NO_DH - -int -EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) +DH * +EVP_PKEY_get0_DH(EVP_PKEY *pkey) { - int ret = EVP_PKEY_assign_DH(pkey, key); - if (ret) - DH_up_ref(key); - return ret; + if (pkey->type != EVP_PKEY_DH) { + EVPerror(EVP_R_EXPECTING_A_DH_KEY); + return NULL; + } + return pkey->pkey.dh; } DH * @@ -374,6 +394,15 @@ EVP_PKEY_get1_DH(EVP_PKEY *pkey) DH_up_ref(pkey->pkey.dh); return pkey->pkey.dh; } + +int +EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) +{ + int ret = EVP_PKEY_assign_DH(pkey, key); + if (ret) + DH_up_ref(key); + return ret; +} #endif int diff --git a/lib/libcrypto/rsa/rsa.h b/lib/libcrypto/rsa/rsa.h index 7476a1164a7..7d4bd838c50 100644 --- a/lib/libcrypto/rsa/rsa.h +++ b/lib/libcrypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.31 2017/08/30 16:07:35 jsing Exp $ */ +/* $OpenBSD: rsa.h,v 1.32 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -395,6 +395,10 @@ int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, int RSA_set_ex_data(RSA *r, int idx, void *arg); void *RSA_get_ex_data(const RSA *r, int idx); +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); +void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, + const BIGNUM **d); + RSA *RSAPublicKey_dup(RSA *rsa); RSA *RSAPrivateKey_dup(RSA *rsa); diff --git a/lib/libcrypto/rsa/rsa_lib.c b/lib/libcrypto/rsa/rsa_lib.c index 31ea418427a..2a73364e702 100644 --- a/lib/libcrypto/rsa/rsa_lib.c +++ b/lib/libcrypto/rsa/rsa_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_lib.c,v 1.31 2017/01/29 17:49:23 beck Exp $ */ +/* $OpenBSD: rsa_lib.c,v 1.32 2018/02/17 13:47:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -256,3 +256,36 @@ RSA_get_ex_data(const RSA *r, int idx) { return CRYPTO_get_ex_data(&r->ex_data, idx); } + +int +RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL)) + return 0; + + if (n != NULL) { + BN_free(r->n); + r->n = n; + } + if (e != NULL) { + BN_free(r->e); + r->e = e; + } + if (d != NULL) { + BN_free(r->d); + r->d = d; + } + + return 1; +} + +void +RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} -- 2.20.1