Export / import RSA to / from provider#10190
Export / import RSA to / from provider#10190levitte wants to merge 22 commits intoopenssl:masterfrom
Conversation
|
The reason I'm making this a separate PR is because the same kind of work exists both in an upcoming key generation branch I'm working on and in @mattcaswell's #10152, and that part of the work should be synchronised, at least with regards to export/import. |
|
Keep in mind that in fips mode multiprimes are not supported. |
|
Sure, but that will be for key generation in the provider, no? Or should the import functions do some extra checks? But in that case, shouldn't the RSA functionality simply refuse working with multi-primes when FIPS_MODE is defined, going so far as disabling RSA_set0_multi_prime_params() completely? That's not what happens now. |
|
Fixing the multiprime issue with FIPS is for another PR, methinks. |
00d2433 to
0db16e2
Compare
0db16e2 to
a653aeb
Compare
|
I added an internal keymgmt tester, |
|
Not WIP anymore |
1469b36 to
b833a09
Compare
|
Github has lost its mind... I have rebased, and yet... Let's see if a kick helps |
Yup, it did |
RSA_set0_all_params() is used to set all the primes, exponents and coefficients. RSA_get0_all_params() is used to get all the primes, exponents and coefficients. "All" includes p, q, dP, dQ and qInv without making them separate. All arrays of numbers are implemented as stacks to make dynamic use easier.
b833a09 to
a568a48
Compare
|
Most concerns answered, #10190 (comment) unresolved, and rebased. |
|
Rebased on a fresher master. That's a moving target! |
mattcaswell
left a comment
There was a problem hiding this comment.
Approved assuming the CHANGES entry is removed as suggested below.
| the first of them, with the "extra" of everything in the multi-prime | ||
| RSA case. These functions handle everything via stacks of BIGNUMs | ||
| for dynamic processing. | ||
| [Richard Levitte] |
There was a problem hiding this comment.
This CHANGES entry no longer seems relevant since the functions aren't public any more. I think it should be deleted.
…ers. rsa_set0_all_params() is used to set all the primes, exponents and coefficients. rsa_get0_all_params() is used to get all the primes, exponents and coefficients. "All" includes p, q, dP, dQ and qInv without making them separate. All arrays of numbers are implemented as stacks to make dynamic use easier. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #10190)
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #10190)
This tests diverse internal KEYMGMT features. The current existing test checks that evp_keymgmt_export_to_provider() passes the key data correctly through two instances of the default provider, and that the resulting numbers at the end match the initial numbers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #10190)
It may be that the OSSL_PARAM array we used for getting parameter values for a key had a few too many entries. These are detected by their return_size == 0. Before making second export call, we prune away these items so we only ask for parameters that exist. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #10190)
|
Merged. Pfew! Thanks for the thorough review! c3a4fa4 Added internal functions for easy getting and setting all RSA parameters. |
|
To make sure I understand: in the non-multiprime case you have several stacks of one entry. |
|
In the 2-prime case, the factors or primes stack has two numbers (commonly known as p and q), the exps stack has two numbers has two numbers (commonly known as dP or dmp1, and dQ or dmq1), and the coeffs stack has one number (commonly known as qInv or iqmp). Whether you are building a 2-prime or a n-prime key, processing them in parallel is more practical because of the way the RSA structure is constructed (which, BTW, is directly related to the ASN.1 spec) |
|
thanks. dees coeffs have to be a stack? |
|
It's more practical that way, for where those functions are used. For n-primes, there's more than one, and I see very little benefit in special-casing 2-prime keys. |
|
I missed the "for n-primes" part. Thanks again. |
This lays the foundation for transferring RSA keys to / from providers.
It goes with the idea of using multiple OSSL_PARAM items with the same key to pass multiple primes, CRT exponents and CRT coefficients, and in doing so, simplifies it by making p and q part of the primes (they are the first two), dP and dQ part of the CRT exponents, and qInv part of the CRT coefficients. Extra RSA functionality is added to support this.