Google Git
Sign in
boringssl/boringssl/7e43e2e8eecc9114f829e6d75cc3c04d1af57504^!/.
commit
7e43e2e8eecc9114f829e6d75cc3c04d1af57504
[log] [tgz]
author
David Benjamin <davidben@google.com>
Fri Feb 07 14:06:42 2020 -0500
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Fri Feb 07 19:36:22 2020 +0000
tree
6d4db4a1da38e800fbb59eb2c3db22d277af09c7
parent
1766935f767e943b98dfd4b0f3872f2521c8c6e8 [diff]
Add more convenient RSA getters.

OpenSSL 1.1.0's RSA getters can be inconvenient because they return a number of
fields via output parameters. OpenSSL 1.1.1 adds individual getters for each of
the fields, which is a bit simpler. Align with them.

Note our OPENSSL_VERSION_NUMBER is still 1.1.0. Adding these functions may
cause friction with third-party packages which polyfill these functions based
on OPENSSL_VERSION_NUMBER, though none appear to be doing this right now.
Between this and TLS 1.3, we probably should switch the version to 1.1.1 at
some point anyway.

Change-Id: Iada5a0315c403cc221688af53fc4ba165d65e99c
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/39944
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/fipsmodule/rsa/rsa.c b/crypto/fipsmodule/rsa/rsa.c
index 0830b05..a7fb7ae 100644
--- a/crypto/fipsmodule/rsa/rsa.c
+++ b/crypto/fipsmodule/rsa/rsa.c

@@ -167,6 +167,22 @@
 
 unsigned RSA_bits(const RSA *rsa) { return BN_num_bits(rsa->n); }
 
+const BIGNUM *RSA_get0_n(const RSA *rsa) { return rsa->n; }
+
+const BIGNUM *RSA_get0_e(const RSA *rsa) { return rsa->e; }
+
+const BIGNUM *RSA_get0_d(const RSA *rsa) { return rsa->d; }
+
+const BIGNUM *RSA_get0_p(const RSA *rsa) { return rsa->p; }
+
+const BIGNUM *RSA_get0_q(const RSA *rsa) { return rsa->q; }
+
+const BIGNUM *RSA_get0_dmp1(const RSA *rsa) { return rsa->dmp1; }
+
+const BIGNUM *RSA_get0_dmq1(const RSA *rsa) { return rsa->dmq1; }
+
+const BIGNUM *RSA_get0_iqmp(const RSA *rsa) { return rsa->iqmp; }
+
 void RSA_get0_key(const RSA *rsa, const BIGNUM **out_n, const BIGNUM **out_e,
                   const BIGNUM **out_d) {
   if (out_n != NULL) {

diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 2e5cc89..51600c6 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h

@@ -99,6 +99,36 @@
 // RSA_bits returns the size of |rsa|, in bits.
 OPENSSL_EXPORT unsigned RSA_bits(const RSA *rsa);
 
+// RSA_get0_n returns |rsa|'s public modulus.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_n(const RSA *rsa);
+
+// RSA_get0_e returns |rsa|'s public exponent.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_e(const RSA *rsa);
+
+// RSA_get0_d returns |rsa|'s private exponent. If |rsa| is a public key, this
+// value will be NULL.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_d(const RSA *rsa);
+
+// RSA_get0_p returns |rsa|'s first private prime factor. If |rsa| is a public
+// key or lacks its prime factors, this value will be NULL.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_p(const RSA *rsa);
+
+// RSA_get0_q returns |rsa|'s second private prime factor. If |rsa| is a public
+// key or lacks its prime factors, this value will be NULL.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_q(const RSA *rsa);
+
+// RSA_get0_dmp1 returns d (mod p-1) for |rsa|. If |rsa| is a public key or
+// lacks CRT parameters, this value will be NULL.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_dmp1(const RSA *rsa);
+
+// RSA_get0_dmq1 returns d (mod q-1) for |rsa|. If |rsa| is a public key or
+// lacks CRT parameters, this value will be NULL.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_dmq1(const RSA *rsa);
+
+// RSA_get0_iqmp returns q^-1 (mod p). If |rsa| is a public key or lacks CRT
+// parameters, this value will be NULL.
+OPENSSL_EXPORT const BIGNUM *RSA_get0_iqmp(const RSA *rsa);
+
 // RSA_get0_key sets |*out_n|, |*out_e|, and |*out_d|, if non-NULL, to |rsa|'s
 // modulus, public exponent, and private exponent, respectively. If |rsa| is a
 // public key, the private exponent will be set to NULL.