Re: RSA provider use example

2021-09-27 Thread Matt Caswell 




On 24/09/2021 16:51, Antonio Santagiuliana wrote:

Thank you for your reply.
I'm still a bit confused though.
In /providers/implementations/asymcipher/rsa_enc.c I find function
rsa_decrypt() that calls RSA_private_decrypt(prsactx->rsa)
I haven't found other implementation of this RSA_private_decrypt() apart 
from the one in crypto/RSA/rsa_crypt.c , where the RSA argument passed 
is used to call this:

rsa->meth->rsa_priv_dec()
I can't find where this pointer to method was set up. I can't find it in 
the init of the default provider's rsa_enc.c and if the app requesting 
this default RSA can't use the set_method() because deprecated, how is 
this rsa_priv_dec pointer set up?where is the set up of it?


The default method for an RSA object is initialised in RSA_new() here:

https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_lib.c#L93

The global default RSA method is initialised here:

https://github.com/openssl/openssl/blob/8b6a7da304d4fdd0de38ddd6037d8a02491e3e4e/crypto/rsa/rsa_ossl.c#L52-L62

This includes the default pointer for the rsa_priv_dec() function.

An app *can* request an alternative default through 
RSA_set_default_method(). It is deprecated not removed - so it is still 
supported. But this is not the way you are supposed to do things any 
more. Applications that don't use any deprecated functions will always 
end up in the default method if using the default provider. If you want 
a different RSA implementation then you should not use the default provider.


Matt



Thank you



On Fri, 24 Sep 2021, 15:02 Matt Caswell, > wrote:




On 24/09/2021 14:49, Antonio Santagiuliana wrote:
 > Hello , thank you all for the replies. Very useful.
 > I have seen in Openssl/crypto/RSA/rsa_local.h the definition of
rsa_st
 > has a pointer to RSA_METHOD and I can't see this filled in in any
of the
 > examples' set up or initializations, where is it filled in for the
 > default provider , for the RSA algorithm?
 > I can see the methods pointers are used later down in the call chain
 > from RSA_private_decrypt() in
 > providers/implementation/asymciphers/rsa_enc but I can't find where
 > these methods' pointers are set and I would like to understand how I
 > could pass a different method pointer in the parameters for a
different
 > mod_exp operation , for example, or how I could set it on a
completely
 > new RSA implementation mimicking the one in the default provider but
 > with different methods where I need them changed, minimizing the
 > differences with the default provider's RSA.

The default RSA_METHOD structure to use can be set via
RSA_set_default_method():

https://www.openssl.org/docs/man3.0/man3/RSA_set_default_method.html


You can construct such an RSA_METHOD using the functions described here:

https://www.openssl.org/docs/man3.0/man3/RSA_meth_new.html


However all of the above is considered deprecated and legacy and may be
removed from a future version of OpenSSL.

Instead you are supposed to implement such things in a new provider.
For
example see:

https://www.openssl.org/docs/man3.0/man7/provider-base.html

https://www.openssl.org/docs/man3.0/man7/provider.html

https://www.openssl.org/docs/man3.0/man7/provider-signature.html

https://www.openssl.org/docs/man3.0/man7/provider-keymgmt.html



Matt


 > Thank you
 >
 >
 > On Fri, 24 Sep 2021, 12:22 Matt Caswell, mailto:m...@openssl.org>
 > >> wrote:
 >
 >
 >
 >     On 24/09/2021 12:17, Dr Paul Dale wrote:
 >      > What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
 >      > 3.0 doesn't use the RSA structure in the non-deprecated
public API.
 >      >
 >      > You probably want the EVP_PKEY_fromdata call.
 >
 >     An example of building an RSA key from its constituent parts is
 >     available on the EVP_PKEY_fromdata() man page:
 >
 > https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html

 >   
  >
 >
 >     Matt
 >
 >
 >      >
 >      >
 >      > Pauli
 >      >
 >      >
 >      > On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:
 >      >> Hello
 >      >> Is there any app or

Re: RSA provider use example

2021-09-24 Thread Antonio Santagiuliana 
Thank you for your reply.
I'm still a bit confused though.
In /providers/implementations/asymcipher/rsa_enc.c I find function
rsa_decrypt() that calls RSA_private_decrypt(prsactx->rsa)
I haven't found other implementation of this RSA_private_decrypt() apart
from the one in crypto/RSA/rsa_crypt.c , where the RSA argument passed is
used to call this:
rsa->meth->rsa_priv_dec()
I can't find where this pointer to method was set up. I can't find it in
the init of the default provider's rsa_enc.c and if the app requesting this
default RSA can't use the set_method() because deprecated, how is this
rsa_priv_dec pointer set up?where is the set up of it?
Thank you



On Fri, 24 Sep 2021, 15:02 Matt Caswell,  wrote:

>
>
> On 24/09/2021 14:49, Antonio Santagiuliana wrote:
> > Hello , thank you all for the replies. Very useful.
> > I have seen in Openssl/crypto/RSA/rsa_local.h the definition of rsa_st
> > has a pointer to RSA_METHOD and I can't see this filled in in any of the
> > examples' set up or initializations, where is it filled in for the
> > default provider , for the RSA algorithm?
> > I can see the methods pointers are used later down in the call chain
> > from RSA_private_decrypt() in
> > providers/implementation/asymciphers/rsa_enc but I can't find where
> > these methods' pointers are set and I would like to understand how I
> > could pass a different method pointer in the parameters for a different
> > mod_exp operation , for example, or how I could set it on a completely
> > new RSA implementation mimicking the one in the default provider but
> > with different methods where I need them changed, minimizing the
> > differences with the default provider's RSA.
>
> The default RSA_METHOD structure to use can be set via
> RSA_set_default_method():
>
> https://www.openssl.org/docs/man3.0/man3/RSA_set_default_method.html
>
> You can construct such an RSA_METHOD using the functions described here:
>
> https://www.openssl.org/docs/man3.0/man3/RSA_meth_new.html
>
> However all of the above is considered deprecated and legacy and may be
> removed from a future version of OpenSSL.
>
> Instead you are supposed to implement such things in a new provider. For
> example see:
>
> https://www.openssl.org/docs/man3.0/man7/provider-base.html
> https://www.openssl.org/docs/man3.0/man7/provider.html
> https://www.openssl.org/docs/man3.0/man7/provider-signature.html
> https://www.openssl.org/docs/man3.0/man7/provider-keymgmt.html
>
>
> Matt
>
>
> > Thank you
> >
> >
> > On Fri, 24 Sep 2021, 12:22 Matt Caswell,  > > wrote:
> >
> >
> >
> > On 24/09/2021 12:17, Dr Paul Dale wrote:
> >  > What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
> >  > 3.0 doesn't use the RSA structure in the non-deprecated public
> API.
> >  >
> >  > You probably want the EVP_PKEY_fromdata call.
> >
> > An example of building an RSA key from its constituent parts is
> > available on the EVP_PKEY_fromdata() man page:
> >
> > https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html
> > 
> >
> > Matt
> >
> >
> >  >
> >  >
> >  > Pauli
> >  >
> >  >
> >  > On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:
> >  >> Hello
> >  >> Is there any app or command in the current Openssl master
> > repository
> >  >> that initialises and uses the new RSA provider?
> >  >> I would like to see how the RSA* context parameter is filled in
> and
> >  >> used, but I can't find an example using the RSA provider.
> >  >>
> >  >>
> >  >> Thank you
> >  >>
> >  >
> >
>

Re: RSA provider use example

2021-09-24 Thread Matt Caswell 




On 24/09/2021 14:49, Antonio Santagiuliana wrote:

Hello , thank you all for the replies. Very useful.
I have seen in Openssl/crypto/RSA/rsa_local.h the definition of rsa_st 
has a pointer to RSA_METHOD and I can't see this filled in in any of the 
examples' set up or initializations, where is it filled in for the 
default provider , for the RSA algorithm?
I can see the methods pointers are used later down in the call chain 
from RSA_private_decrypt() in 
providers/implementation/asymciphers/rsa_enc but I can't find where 
these methods' pointers are set and I would like to understand how I 
could pass a different method pointer in the parameters for a different 
mod_exp operation , for example, or how I could set it on a completely 
new RSA implementation mimicking the one in the default provider but 
with different methods where I need them changed, minimizing the 
differences with the default provider's RSA.


The default RSA_METHOD structure to use can be set via 
RSA_set_default_method():


https://www.openssl.org/docs/man3.0/man3/RSA_set_default_method.html

You can construct such an RSA_METHOD using the functions described here:

https://www.openssl.org/docs/man3.0/man3/RSA_meth_new.html

However all of the above is considered deprecated and legacy and may be 
removed from a future version of OpenSSL.


Instead you are supposed to implement such things in a new provider. For 
example see:


https://www.openssl.org/docs/man3.0/man7/provider-base.html
https://www.openssl.org/docs/man3.0/man7/provider.html
https://www.openssl.org/docs/man3.0/man7/provider-signature.html
https://www.openssl.org/docs/man3.0/man7/provider-keymgmt.html


Matt



Thank you


On Fri, 24 Sep 2021, 12:22 Matt Caswell, > wrote:




On 24/09/2021 12:17, Dr Paul Dale wrote:
 > What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
 > 3.0 doesn't use the RSA structure in the non-deprecated public API.
 >
 > You probably want the EVP_PKEY_fromdata call.

An example of building an RSA key from its constituent parts is
available on the EVP_PKEY_fromdata() man page:

https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html


Matt


 >
 >
 > Pauli
 >
 >
 > On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:
 >> Hello
 >> Is there any app or command in the current Openssl master
repository
 >> that initialises and uses the new RSA provider?
 >> I would like to see how the RSA* context parameter is filled in and
 >> used, but I can't find an example using the RSA provider.
 >>
 >>
 >> Thank you
 >>
 >

Re: RSA provider use example

2021-09-24 Thread Antonio Santagiuliana 
Hello , thank you all for the replies. Very useful.
I have seen in Openssl/crypto/RSA/rsa_local.h the definition of rsa_st has
a pointer to RSA_METHOD and I can't see this filled in in any of the
examples' set up or initializations, where is it filled in for the default
provider , for the RSA algorithm?
I can see the methods pointers are used later down in the call chain from
RSA_private_decrypt() in providers/implementation/asymciphers/rsa_enc but I
can't find where these methods' pointers are set and I would like to
understand how I could pass a different method pointer in the parameters
for a different mod_exp operation , for example, or how I could set it on a
completely new RSA implementation mimicking the one in the default provider
but with different methods where I need them changed, minimizing the
differences with the default provider's RSA.
Thank you


On Fri, 24 Sep 2021, 12:22 Matt Caswell,  wrote:

>
>
> On 24/09/2021 12:17, Dr Paul Dale wrote:
> > What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
> > 3.0 doesn't use the RSA structure in the non-deprecated public API.
> >
> > You probably want the EVP_PKEY_fromdata call.
>
> An example of building an RSA key from its constituent parts is
> available on the EVP_PKEY_fromdata() man page:
>
> https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html
>
> Matt
>
>
> >
> >
> > Pauli
> >
> >
> > On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:
> >> Hello
> >> Is there any app or command in the current Openssl master repository
> >> that initialises and uses the new RSA provider?
> >> I would like to see how the RSA* context parameter is filled in and
> >> used, but I can't find an example using the RSA provider.
> >>
> >>
> >> Thank you
> >>
> >
>

Re: RSA provider use example

2021-09-24 Thread Matt Caswell 




On 24/09/2021 12:17, Dr Paul Dale wrote:

What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
3.0 doesn't use the RSA structure in the non-deprecated public API.

You probably want the EVP_PKEY_fromdata call.


An example of building an RSA key from its constituent parts is 
available on the EVP_PKEY_fromdata() man page:


https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html

Matt





Pauli


On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:

Hello
Is there any app or command in the current Openssl master repository 
that initialises and uses the new RSA provider?
I would like to see how the RSA* context parameter is filled in and 
used, but I can't find an example using the RSA provider.



Thank you

Re: RSA provider use example

2021-09-24 Thread Dr Paul Dale 




On 24/9/21 9:15 pm, Angus Robertson - Magenta Systems Ltd wrote:

I've been wondering if this is more efficient than getting the
parameters one at a time using multiple EVP_PKEY_get_xx_param which
also calls EVP_PKEY_get_params.


I'd be surprised if there was a lot of difference.
If I had to give a guess (and it is a guess), I'd go for ever so 
slightly more efficient your way.



Pauli

Re: RSA provider use example

2021-09-24 Thread Matt Caswell 




On 24/09/2021 11:55, Antonio Santagiuliana wrote:

Hello
Is there any app or command in the current Openssl master repository 
that initialises and uses the new RSA provider?
I would like to see how the RSA* context parameter is filled in and 
used, but I can't find an example using the RSA provider.


There is no such thing as an "RSA provider". Probably what you mean to 
ask is there such an example of using RSA with the default provider.


There is a demo of using RSA to encrypt/decrypt that is about the be 
added to the repo in this PR:


https://github.com/openssl/openssl/pull/16283

There are some examples of RSA key generation, as well as descriptions 
of all the various RSA params that are available on this man page:


https://www.openssl.org/docs/man3.0/man7/RSA.html

There is an example of doing signature/verification here:

https://github.com/openssl/openssl/blob/master/demos/signature/EVP_Signature_demo.c

This last one isn't RSA specific. It's actually using EC - but most of 
the code (with the exception of the "get_key" function) would be 
identical for RSA.



Matt

Re: RSA provider use example

2021-09-24 Thread Dr Paul Dale 

What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
3.0 doesn't use the RSA structure in the non-deprecated public API.

You probably want the EVP_PKEY_fromdata call.


Pauli


On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:

Hello
Is there any app or command in the current Openssl master repository 
that initialises and uses the new RSA provider?
I would like to see how the RSA* context parameter is filled in and 
used, but I can't find an example using the RSA provider.



Thank you

Re: RSA provider use example

2021-09-24 Thread Angus Robertson - Magenta Systems Ltd 
> I would like to see how the RSA* context parameter is filled in 
> and used, but I can't find an example using the RSA provider.

This is an example I just created by building a OSSL_PARAM array with
OSSL_PARAM_construct_xx and calling EVP_PKEY_get_params.  

I've been wondering if this is more efficient than getting the
parameters one at a time using multiple EVP_PKEY_get_xx_param which
also calls EVP_PKEY_get_params. 

I've removed trailing nulls from the unsigned integer fields where the
returned data size is always the buffer size.  

RSA Key Parameters:
Param Key: bits, type: Integer, len: 4 = 2048
Param Key: security-bits, type: Integer, len: 4 = 112
Param Key: max-size, type: Integer, len: 4 = 256
Param Key: e, type: UInteger, len: 1024 = 01000100
Param Key: n, type: UInteger, len: 1024 =
CBE73B4395545CA90A5CE459EEDE322D0F8EFCA775C641626CE156C82B4482F3AAEA048A
73AD41A55F95FA330C858473D2A5C9F1AE771D2B9FE41B43178CFDCBC952725AFD06DA27
6F1F5298B8DE5E08F9DED442B57798A01DE09746FDF3ED920385AADDAFD391139595F3F1
37BD4DADE7F43FBA65BFF9EC4CBCF1A7A7A43D53183CE057797A60B28F326569C3B56B06
F7FD4FF310DA44AC1FFC1E81FA2480CCA9265D14AA99B0956A7ECBDAE94151E95D73ED67
2AC2BC654DA516D3A9F5C5C9CFC51B41EFC05A232AA40700C64A2DBD3D0EBFFE33BC0157
8FFB6E8CE06B28D448E2E18C42982A1DD2C73BB7D8B0A8B79DE20128586283036C03FD26
497BEE92
Param Key: d, type: UInteger, len: 1024 =
91ED9788089647F342094199DDF8097801CD30866D19E854649D16B5585311DDDC015AEB
7885AF558084A88911D00FF9315A5C943136655B91F11886970A9508176C3F1325E0D4B4
E7C6D4B44FEE74B96F1C42E0C40367A6213D74D9391AB01825F68A5F3D2A78241B600089
B3FF68D9DA2BA7D14E6F96255AAEB0A2906C22AA85308EC17DD4372A622C908D2ECB0A9E
AA55773BE7C3C60D794D2E8628C71E95CB18A689BAB0385A20A5220521B71B1B5FB17A2D
E47C8AEE7088B594B41A0C2A84DE0283CC72C96145761F7CE66768B004991B6F1725DF19
951A12C70DFDDAF36FBE9A8D218E085E8E69B604FE9772617A5E0721937626F6339A4A74
5C5DAB06
Param Key: rsa-factor1, type: UInteger, len: 1024 =
8D2CBBDD31C6B7F88AFAC5F935DF5CED43D83D296B5B389B1CC2CE741C217594F64490D0
D904D433AEBC4572240B6BD4D5B0C69AC96FC561447D759E97DA80CF07B5D559EF85
84445221EB20599FCD0B2236DCA7786DD7CAB1FB1AA9A6B8DE1AB80E74201CF27BEC1479
542945632114590E1FA160FFC4833B0E2122CCBE
Param Key: rsa-factor2, type: UInteger, len: 1024 =
B70BD9C4340422CD11A6443AF3B86E557B6EC0F4DA981CC25FB9DD7A8E548A794BC7775D
3EFC3EB91B242CA1C7925B8CE887B3817E3CE3B15F9C400E3710D29C62485413C76A8377
08E3708A7D9FDE29964F2C0893E74498B6330F9C15C7A235A60B37AFB4E397E3C16F4F5A
F146CC2674F98C4D4CC079B4310BE85FA2C124C5
Param Key: rsa-exponent1, type: UInteger, len: 1024 =
B9708BB779BA7984AB023E60FBD1263CBA4490D64ECFDE2C319FE29907F5F02B7570D181
2F3F3CEFEA1A9A9FCD2D9C373D74BB76CF709B3BEAB0879F61157550621C60B6A9F5
2D4E83A9B5DAE6B859DED1A775797BDB720F06A0FD9FF9B7F3EBEFD58CEC73B580EA67F6
8BFF385923EB6C0D06B8ED3867D902B36136A20F
Param Key: rsa-exponent2, type: UInteger, len: 1024 =
152C82D495DD9CD6CF2327999B2B52C1F91BA352CDD2051CE8EE4D8EDE0D3C9B76B629AF
EE1DC90A52CD5CC9B6B1A481CF549D1720A7DB59C89B13ABAC1677A50CB8814EE7F671B2
1D42F48AC74448738030278126FF8ABF06AC566FCF1F081BB72F9511202D06EF30A941FE
36660B4E9C745E0A1E5D66F6898A32226A9FC6B9
Param Key: rsa-coefficient1, type: UInteger, len: 1024 =
0C7F4DBEBAAEC38C0E636872F33803584AF8B00E7FF4799054A4C4BF56DB145D6914A4D8
9AB5C8F05C2794AC723BA26EF9E7FED4D3DFB6D710222A21EFA030C9A5E7175E36D072E7
74E1BB760BEF735672E3113A8D3F11BD227312A49077EDE7EC22D210972F8F28C832836B
58D414535641469B9D79378A16ACA582EC54BA3E
Param Key: default-digest, type: String, len: 6 = SHA256
Total key parameters: 12

Angus

RSA provider use example

2021-09-24 Thread Antonio Santagiuliana 
Hello
Is there any app or command in the current Openssl master repository that
initialises and uses the new RSA provider?
I would like to see how the RSA* context parameter is filled in and used,
but I can't find an example using the RSA provider.


Thank you