Skip to content

Finish migrating RSAOpenSsl from RSA* to EVP_PKEY* #54282

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bartonjs merged 18 commits into from
Jul 14, 2021
Merged

Finish migrating RSAOpenSsl from RSA* to EVP_PKEY* #54282

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
b91a2f8
Add EVP_PKEY based Decode methods.
bartonjs Jun 10, 2021
2c39b94
Change RSAOpenSsl to use new EVP_PKEY-based imports
bartonjs Jun 10, 2021
d946012
Native methods for EVP_PKEY to PKCS8PrivateKeyInfo
bartonjs Jun 11, 2021
186bf50
Change RSAOpenSsl export methods to be PKCS8-based
bartonjs Jun 11, 2021
a410ffb
Native support for EVP_PKEY to SubjectPublicKeyInfo
bartonjs Jun 11, 2021
64ec3a0
Eliminate SafeRsaHandle from the Unix build
bartonjs Jun 11, 2021
0e35eba
Remove RSA*-based PALEXPORT functions
bartonjs Jun 11, 2021
9e422fb
"Add" deleted file.
bartonjs Jun 11, 2021
2f75b09
Make the S.S.C.OpenSsl library work again
bartonjs Jun 16, 2021
7c5a5f8
Bringing back some small amount of RSA* PALEXPORTs.
bartonjs Jun 16, 2021
df42f68
Undo unintended config change
bartonjs Jun 16, 2021
5528ab3
Fix some build breaks
bartonjs Jun 16, 2021
80f753e
Add support for OpenSSL 1.0.x
bartonjs Jun 17, 2021
64b2f37
Remove PALEXPORT EVP_PKEY get/set RSA functions
bartonjs Jun 17, 2021
6b85d76
Error code, take 3.
bartonjs Jun 17, 2021
6e0444c
Merge remote-tracking branch 'dotnet/main' into finish_rsa_evp_pkey
bartonjs Jul 13, 2021
5900493
Clean up references to renamed functions.
bartonjs Jul 13, 2021
e05907d
Make new code build with OpenSSL 3 headers.
bartonjs Jul 13, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Native methods for EVP_PKEY to PKCS8PrivateKeyInfo
  • Loading branch information
@bartonjs
bartonjs committed Jun 11, 2021
commit d9460127a71f39f46d9d148dbcd220c858b480c0
2 changes: 2 additions & 0 deletions src/libraries/Native/Unix/System.Security.Cryptography.Native/entrypoints.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ static const Entry s_cryptoNative[] =
DllImportEntry(CryptoNative_EncodeAsn1Integer)
DllImportEntry(CryptoNative_EncodeOcspRequest)
DllImportEntry(CryptoNative_EncodePkcs7)
DllImportEntry(CryptoNative_EncodePkcs8PrivateKey)
DllImportEntry(CryptoNative_EncodeX509)
DllImportEntry(CryptoNative_EncodeX509SubjectPublicKeyInfo)
DllImportEntry(CryptoNative_ErrClearError)
Expand Down Expand Up @@ -176,6 +177,7 @@ static const Entry s_cryptoNative[] =
DllImportEntry(CryptoNative_GetOcspRequestDerSize)
DllImportEntry(CryptoNative_GetPkcs7Certificates)
DllImportEntry(CryptoNative_GetPkcs7DerSize)
DllImportEntry(CryptoNative_GetPkcs8PrivateKeySize)
DllImportEntry(CryptoNative_GetRandomBytes)
DllImportEntry(CryptoNative_GetRsaParameters)
DllImportEntry(CryptoNative_GetX509CrlNextUpdate)
Expand Down
4 changes: 4 additions & 0 deletions src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -322,6 +322,7 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void);
RENAMED_FUNCTION(EVP_MD_CTX_new, EVP_MD_CTX_create) \
REQUIRED_FUNCTION(EVP_MD_size) \
REQUIRED_FUNCTION(EVP_PKCS82PKEY) \
REQUIRED_FUNCTION(EVP_PKEY2PKCS8) \
REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl) \
REQUIRED_FUNCTION(EVP_PKEY_CTX_free) \
REQUIRED_FUNCTION(EVP_PKEY_CTX_get0_pkey) \
Expand Down Expand Up @@ -380,6 +381,7 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void);
REQUIRED_FUNCTION(i2d_OCSP_REQUEST) \
REQUIRED_FUNCTION(i2d_OCSP_RESPONSE) \
REQUIRED_FUNCTION(i2d_PKCS7) \
REQUIRED_FUNCTION(i2d_PKCS8_PRIV_KEY_INFO) \
REQUIRED_FUNCTION(i2d_X509) \
REQUIRED_FUNCTION(i2d_X509_PUBKEY) \
REQUIRED_FUNCTION(OBJ_ln2nid) \
Expand Down Expand Up @@ -763,6 +765,7 @@ FOR_ALL_OPENSSL_FUNCTIONS
#define EVP_MD_CTX_new EVP_MD_CTX_new_ptr
#define EVP_MD_size EVP_MD_size_ptr
#define EVP_PKCS82PKEY EVP_PKCS82PKEY_ptr
#define EVP_PKEY2PKCS8 EVP_PKEY2PKCS8_ptr
#define EVP_PKEY_CTX_ctrl EVP_PKEY_CTX_ctrl_ptr
#define EVP_PKEY_CTX_free EVP_PKEY_CTX_free_ptr
#define EVP_PKEY_CTX_get0_pkey EVP_PKEY_CTX_get0_pkey_ptr
Expand Down Expand Up @@ -818,6 +821,7 @@ FOR_ALL_OPENSSL_FUNCTIONS
#define HMAC_Update HMAC_Update_ptr
#define i2d_ASN1_INTEGER i2d_ASN1_INTEGER_ptr
#define i2d_ASN1_TYPE i2d_ASN1_TYPE_ptr
#define i2d_PKCS8_PRIV_KEY_INFO i2d_PKCS8_PRIV_KEY_INFO_ptr
#define i2d_OCSP_REQUEST i2d_OCSP_REQUEST_ptr
#define i2d_OCSP_RESPONSE i2d_OCSP_RESPONSE_ptr
#define i2d_PKCS7 i2d_PKCS7_ptr
Expand Down
33 changes: 33 additions & 0 deletions src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,3 +103,36 @@ EVP_PKEY* CryptoNative_DecodePkcs8PrivateKey(const uint8_t* buf, int32_t len, in

return key;
}

int32_t CryptoNative_GetPkcs8PrivateKeySize(EVP_PKEY* pkey)
{
assert(pkey != NULL);

PKCS8_PRIV_KEY_INFO* p8 = EVP_PKEY2PKCS8(pkey);

if (p8 == NULL)
{
return -1;
}

int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, NULL);
PKCS8_PRIV_KEY_INFO_free(p8);
return ret;
}

int32_t CryptoNative_EncodePkcs8PrivateKey(EVP_PKEY* pkey, uint8_t* buf)
{
assert(pkey != NULL);
assert(buf != NULL);

PKCS8_PRIV_KEY_INFO* p8 = EVP_PKEY2PKCS8(pkey);

if (p8 == NULL)
{
return -1;
}

int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, &buf);
PKCS8_PRIV_KEY_INFO_free(p8);
return ret;
}
26 changes: 20 additions & 6 deletions src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_evp_pkey.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,15 +38,29 @@ Returns the number (as of this call) of references to the EVP_PKEY. Anything les
PALEXPORT int32_t CryptoNative_UpRefEvpPkey(EVP_PKEY* pkey);

/*
* Decodes an X.509 SubjectPublicKeyInfo into an EVP_PKEY*, verifying the interpreted algorithm type.
*
* Requres a non-null buf, and len > 0.
Decodes an X.509 SubjectPublicKeyInfo into an EVP_PKEY*, verifying the interpreted algorithm type.

Requres a non-null buf, and len > 0.
*/
PALEXPORT EVP_PKEY* CryptoNative_DecodeSubjectPublicKeyInfo(const uint8_t* buf, int32_t len, int32_t algId);

/*
* Decodes an Pkcs8PrivateKeyInfo into an EVP_PKEY*, verifying the interpreted algorithm type.
*
* Requres a non-null buf, and len > 0.
Decodes an Pkcs8PrivateKeyInfo into an EVP_PKEY*, verifying the interpreted algorithm type.

Requres a non-null buf, and len > 0.
*/
PALEXPORT EVP_PKEY* CryptoNative_DecodePkcs8PrivateKey(const uint8_t* buf, int32_t len, int32_t algId);

/*
Reports the number of bytes rqeuired to encode an EVP_PKEY* as a Pkcs8PrivateKeyInfo, or a negative value on error.
*/
PALEXPORT int32_t CryptoNative_GetPkcs8PrivateKeySize(EVP_PKEY* pkey);

/*
Encodes the EVP_PKEY* as a Pkcs8PrivateKeyInfo, writing the encoded value to buf.

buf must be big enough, or an out of bounds write may occur.

Returns the number of bytes written.
*/
PALEXPORT int32_t CryptoNative_EncodePkcs8PrivateKey(EVP_PKEY* pkey, uint8_t* buf);