Skip to content

Finish migrating RSAOpenSsl from RSA* to EVP_PKEY* #54282

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bartonjs merged 18 commits into from
Jul 14, 2021
Merged

Finish migrating RSAOpenSsl from RSA* to EVP_PKEY* #54282

Show file tree
Hide file tree
Changes from 15 commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
b91a2f8
Add EVP_PKEY based Decode methods.
bartonjs Jun 10, 2021
2c39b94
Change RSAOpenSsl to use new EVP_PKEY-based imports
bartonjs Jun 10, 2021
d946012
Native methods for EVP_PKEY to PKCS8PrivateKeyInfo
bartonjs Jun 11, 2021
186bf50
Change RSAOpenSsl export methods to be PKCS8-based
bartonjs Jun 11, 2021
a410ffb
Native support for EVP_PKEY to SubjectPublicKeyInfo
bartonjs Jun 11, 2021
64ec3a0
Eliminate SafeRsaHandle from the Unix build
bartonjs Jun 11, 2021
0e35eba
Remove RSA*-based PALEXPORT functions
bartonjs Jun 11, 2021
9e422fb
"Add" deleted file.
bartonjs Jun 11, 2021
2f75b09
Make the S.S.C.OpenSsl library work again
bartonjs Jun 16, 2021
7c5a5f8
Bringing back some small amount of RSA* PALEXPORTs.
bartonjs Jun 16, 2021
df42f68
Undo unintended config change
bartonjs Jun 16, 2021
5528ab3
Fix some build breaks
bartonjs Jun 16, 2021
80f753e
Add support for OpenSSL 1.0.x
bartonjs Jun 17, 2021
64b2f37
Remove PALEXPORT EVP_PKEY get/set RSA functions
bartonjs Jun 17, 2021
6b85d76
Error code, take 3.
bartonjs Jun 17, 2021
6e0444c
Merge remote-tracking branch 'dotnet/main' into finish_rsa_evp_pkey
bartonjs Jul 13, 2021
5900493
Clean up references to renamed functions.
bartonjs Jul 13, 2021
e05907d
Make new code build with OpenSSL 3 headers.
bartonjs Jul 13, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/libraries/Common/src/Internal/Cryptography/Helpers.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ public static int GetPaddingSize(this SymmetricAlgorithm algorithm)
return algorithm.BlockSize / 8;
}

internal static bool TryCopyToDestination(ReadOnlySpan<byte> source, Span<byte> destination, out int bytesWritten)
internal static bool TryCopyToDestination(this ReadOnlySpan<byte> source, Span<byte> destination, out int bytesWritten)
{
if (source.TryCopyTo(destination))
{
Expand Down
29 changes: 18 additions & 11 deletions ...raries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPkey.Rsa.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,24 @@ internal static partial class Interop
{
internal static partial class Crypto
{
[DllImport(Libraries.CryptoNative)]
private static extern SafeEvpPKeyHandle CryptoNative_EvpPKeyCreateRsa(IntPtr rsa);

internal static SafeEvpPKeyHandle EvpPKeyCreateRsa(IntPtr rsa)
{
Debug.Assert(rsa != IntPtr.Zero);

SafeEvpPKeyHandle pkey = CryptoNative_EvpPKeyCreateRsa(rsa);

if (pkey.IsInvalid)
{
pkey.Dispose();
throw CreateOpenSslCryptographicException();
}

return pkey;
}

[DllImport(Libraries.CryptoNative)]
private static extern SafeEvpPKeyHandle CryptoNative_RsaGenerateKey(int keySize);

Expand Down Expand Up @@ -171,16 +189,5 @@ ref MemoryMarshal.GetReference(signature),
Debug.Assert(ret == -1);
throw CreateOpenSslCryptographicException();
}

[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeyGetRsa")]
internal static extern SafeRsaHandle EvpPkeyGetRsa(SafeEvpPKeyHandle pkey);

[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeySetRsa")]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool EvpPkeySetRsa(SafeEvpPKeyHandle pkey, SafeRsaHandle rsa);

[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeySetRsa")]
[return: MarshalAs(UnmanagedType.Bool)]
internal static extern bool EvpPkeySetRsa(SafeEvpPKeyHandle pkey, IntPtr rsa);
}
}
193 changes: 193 additions & 0 deletions src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPkey.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
// The .NET Foundation licenses this file to you under the MIT license.

using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Security.Cryptography;

Expand All @@ -12,6 +13,30 @@ internal static partial class Crypto
[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeyCreate")]
internal static extern SafeEvpPKeyHandle EvpPkeyCreate();

[DllImport(Libraries.CryptoNative)]
private static extern SafeEvpPKeyHandle CryptoNative_EvpPKeyDuplicate(
SafeEvpPKeyHandle currentKey,
EvpAlgorithmId algorithmId);

internal static SafeEvpPKeyHandle EvpPKeyDuplicate(
SafeEvpPKeyHandle currentKey,
EvpAlgorithmId algorithmId)
{
Debug.Assert(!currentKey.IsInvalid);

SafeEvpPKeyHandle pkey = CryptoNative_EvpPKeyDuplicate(
currentKey,
algorithmId);

if (pkey.IsInvalid)
{
pkey.Dispose();
throw CreateOpenSslCryptographicException();
}

return pkey;
}

[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeyDestroy")]
internal static extern void EvpPkeyDestroy(IntPtr pkey);

Expand All @@ -20,5 +45,173 @@ internal static partial class Crypto

[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_UpRefEvpPkey")]
internal static extern int UpRefEvpPkey(SafeEvpPKeyHandle handle);

[DllImport(Libraries.CryptoNative)]
private static extern unsafe SafeEvpPKeyHandle CryptoNative_DecodeSubjectPublicKeyInfo(
byte* buf,
int len,
int algId);

[DllImport(Libraries.CryptoNative)]
private static extern unsafe SafeEvpPKeyHandle CryptoNative_DecodePkcs8PrivateKey(
byte* buf,
int len,
int algId);

internal static unsafe SafeEvpPKeyHandle DecodeSubjectPublicKeyInfo(
ReadOnlySpan<byte> source,
Copy link
Member

@GrabYourPitchforks GrabYourPitchforks Jul 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: Since CryptoNative_DecodeSubjectPublicKeyInfo requires buf != nullptr and len > 0, may want a Debug.Assert(!source.IsEmpty); statement here.

(Same comment for related methods in this file.)

EvpAlgorithmId algorithmId)
{
SafeEvpPKeyHandle handle;

fixed (byte* sourcePtr = source)
{
handle = CryptoNative_DecodeSubjectPublicKeyInfo(
sourcePtr,
source.Length,
(int)algorithmId);
}

if (handle.IsInvalid)
{
handle.Dispose();
throw CreateOpenSslCryptographicException();
}

return handle;
}

internal static unsafe SafeEvpPKeyHandle DecodePkcs8PrivateKey(
ReadOnlySpan<byte> source,
EvpAlgorithmId algorithmId)
{
SafeEvpPKeyHandle handle;

fixed (byte* sourcePtr = source)
{
handle = CryptoNative_DecodePkcs8PrivateKey(
sourcePtr,
source.Length,
(int)algorithmId);
}

if (handle.IsInvalid)
{
handle.Dispose();
throw CreateOpenSslCryptographicException();
}

return handle;
}

[DllImport(Libraries.CryptoNative)]
private static extern int CryptoNative_GetPkcs8PrivateKeySize(IntPtr pkey);

private static int GetPkcs8PrivateKeySize(IntPtr pkey)
{
int ret = CryptoNative_GetPkcs8PrivateKeySize(pkey);

if (ret < 0)
{
throw CreateOpenSslCryptographicException();
}

return ret;
}

[DllImport(Libraries.CryptoNative)]
private static extern unsafe int CryptoNative_EncodePkcs8PrivateKey(IntPtr pkey, byte* buf);

internal static ArraySegment<byte> RentEncodePkcs8PrivateKey(SafeEvpPKeyHandle pkey)
{
bool addedRef = false;

try
{
pkey.DangerousAddRef(ref addedRef);
IntPtr handle = pkey.DangerousGetHandle();

int size = GetPkcs8PrivateKeySize(handle);
byte[] rented = CryptoPool.Rent(size);
int written;

unsafe
{
fixed (byte* buf = rented)
{
written = CryptoNative_EncodePkcs8PrivateKey(handle, buf);
}
}

Debug.Assert(written == size);
return new ArraySegment<byte>(rented, 0, written);
}
finally
{
if (addedRef)
{
pkey.DangerousRelease();
}
}
}

[DllImport(Libraries.CryptoNative)]
private static extern int CryptoNative_GetSubjectPublicKeyInfoSize(IntPtr pkey);

private static int GetSubjectPublicKeyInfoSize(IntPtr pkey)
{
int ret = CryptoNative_GetSubjectPublicKeyInfoSize(pkey);

if (ret < 0)
{
throw CreateOpenSslCryptographicException();
}

return ret;
}

[DllImport(Libraries.CryptoNative)]
private static extern unsafe int CryptoNative_EncodeSubjectPublicKeyInfo(IntPtr pkey, byte* buf);

internal static ArraySegment<byte> RentEncodeSubjectPublicKeyInfo(SafeEvpPKeyHandle pkey)
{
bool addedRef = false;

try
{
pkey.DangerousAddRef(ref addedRef);
IntPtr handle = pkey.DangerousGetHandle();

int size = GetSubjectPublicKeyInfoSize(handle);
byte[] rented = CryptoPool.Rent(size);
int written;

unsafe
{
fixed (byte* buf = rented)
{
written = CryptoNative_EncodeSubjectPublicKeyInfo(handle, buf);
}
}

Debug.Assert(written == size);
return new ArraySegment<byte>(rented, 0, written);
}
finally
{
if (addedRef)
{
pkey.DangerousRelease();
}
}
}

internal enum EvpAlgorithmId
{
Unknown = 0,
RSA = 6,
DSA = 116,
ECC = 408,
}
}
}
Loading