kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Multi-prime RSA support.

Browse Source 
RSA with more than two primes is specified in
https://tools.ietf.org/html/rfc3447, although the idea goes back far
earier than that.

This change ports some of the changes in
http://rt.openssl.org/Ticket/Display.html?id=3477&user=guest&pass=guest
to BoringSSL—specifically those bits that are under an OpenSSL license.

Change-Id: I51e8e345e2148702b8ce12e00518f6ef4683d3e1
Reviewed-on: https://boringssl-review.googlesource.com/4870
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
Adam Langley 2015-05-26 11:36:46 -07:00 committed by Adam Langley
parent af0e32cb84
commit 839b881c61
17 changed files with 2511 additions and 1427 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/err/rsa.errordata
View File

@ -21,6 +21,7 @@ RSA,function,119,RSA_verify_PKCS1_PSS_mgf1
RSA,function,120,decrypt
RSA,function,121,encrypt
RSA,function,122,keygen
RSA,function,128,keygen_multiprime
RSA,function,123,pkcs1_prefixed_msg
RSA,function,124,private_transform
RSA,function,125,rsa_setup_blinding
@ -33,6 +34,7 @@ RSA,reason,103,BAD_RSA_PARAMETERS
RSA,reason,104,BAD_SIGNATURE
RSA,reason,105,BLOCK_TYPE_IS_NOT_01
RSA,reason,106,BN_NOT_INITIALIZED
RSA,reason,142,CANNOT_RECOVER_MULTI_PRIME_KEY
RSA,reason,107,CRT_PARAMS_ALREADY_GIVEN
RSA,reason,108,CRT_VALUES_INCORRECT
RSA,reason,109,DATA_LEN_NOT_EQUAL_TO_MOD_LEN
@ -51,6 +53,7 @@ RSA,reason,121,INVALID_MESSAGE_LENGTH
RSA,reason,122,KEY_SIZE_TOO_SMALL
RSA,reason,123,LAST_OCTET_INVALID
RSA,reason,124,MODULUS_TOO_LARGE
RSA,reason,141,MUST_HAVE_AT_LEAST_TWO_PRIMES
RSA,reason,125,NO_PUBLIC_EXPONENT
RSA,reason,126,NULL_BEFORE_BLOCK_MISSING
RSA,reason,127,N_NOT_EQUAL_P_Q

38
crypto/evp/p_rsa_asn1.c
View File

@ -198,6 +198,19 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off,
update_buflen(rsa->dmp1, &buf_len);
update_buflen(rsa->dmq1, &buf_len);
update_buflen(rsa->iqmp, &buf_len);
if (rsa->additional_primes != NULL) {
size_t i;
for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes);
i++) {
const RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
update_buflen(ap->prime, &buf_len);
update_buflen(ap->exp, &buf_len);
update_buflen(ap->coeff, &buf_len);
}
}
}
m = (uint8_t *)OPENSSL_malloc(buf_len + 10);
@ -215,7 +228,8 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off,
}
if (include_private && rsa->d) {
if (BIO_printf(out, "Private-Key: (%d bit)\n", mod_len) <= 0) {
if (BIO_printf(out, "Private-Key: (%d bit)\nversion: %ld\n", mod_len,
rsa->version) <= 0) {
goto err;
}
str = "modulus:";
@ -241,6 +255,28 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off,
!ASN1_bn_print(out, "coefficient:", rsa->iqmp, m, off)) {
goto err;
}
if (rsa->additional_primes != NULL &&
sk_RSA_additional_prime_num(rsa->additional_primes) > 0) {
size_t i;
if (BIO_printf(out, "otherPrimeInfos:\n") <= 0) {
goto err;
}
for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes);
i++) {
const RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
if (BIO_printf(out, "otherPrimeInfo (prime %u):\n",
(unsigned)(i + 3)) <= 0 ||
!ASN1_bn_print(out, "prime:", ap->prime, m, off) ||
!ASN1_bn_print(out, "exponent:", ap->exp, m, off) ||
!ASN1_bn_print(out, "coeff:", ap->coeff, m, off)) {
goto err;
}
}
}
}
ret = 1;

20
crypto/rsa/internal.h
View File

@ -133,6 +133,26 @@ typedef struct rsa_oaep_params_st {
X509_ALGOR *pSourceFunc;
} RSA_OAEP_PARAMS;
/* RSA_additional_prime contains information about the third, forth etc prime
* in a multi-prime RSA key. */
typedef struct RSA_additional_prime_st {
BIGNUM *prime;
/* exp is d^{prime-1} mod prime */
BIGNUM *exp;
/* coeff is such that r×coeff ≡ 1 mod prime. */
BIGNUM *coeff;
/* Values below here are not in the ASN.1 serialisation. */
/* r is the product of all primes (including p and q) prior to this one. */
BIGNUM *r;
/* method_mod is managed by the |RSA_METHOD|. */
BN_MONT_CTX *method_mod;
} RSA_additional_prime;
void RSA_additional_prime_free(RSA_additional_prime *ap);
#if defined(__cplusplus)
} /* extern C */
#endif

66
crypto/rsa/rsa.c
View File

@ -114,6 +114,18 @@ RSA *RSA_new_method(const ENGINE *engine) {
return rsa;
}
void RSA_additional_prime_free(RSA_additional_prime *ap) {
if (ap == NULL) {
return;
}
BN_clear_free(ap->prime);
BN_clear_free(ap->exp);
BN_clear_free(ap->coeff);
BN_clear_free(ap->r);
OPENSSL_free(ap);
}
void RSA_free(RSA *rsa) {
unsigned u;
@ -145,6 +157,10 @@ void RSA_free(RSA *rsa) {
}
OPENSSL_free(rsa->blindings);
OPENSSL_free(rsa->blindings_inuse);
if (rsa->additional_primes != NULL) {
sk_RSA_additional_prime_pop_free(rsa->additional_primes,
RSA_additional_prime_free);
}
CRYPTO_MUTEX_cleanup(&rsa->lock);
OPENSSL_free(rsa);
}
@ -162,6 +178,16 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
return RSA_default_method.keygen(rsa, bits, e_value, cb);
}
int RSA_generate_multi_prime_key(RSA *rsa, int bits, int num_primes,
BIGNUM *e_value, BN_GENCB *cb) {
if (rsa->meth->multi_prime_keygen) {
return rsa->meth->multi_prime_keygen(rsa, bits, num_primes, e_value, cb);
}
return RSA_default_method.multi_prime_keygen(rsa, bits, num_primes, e_value,
cb);
}
int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding) {
if (rsa->meth->encrypt) {
@ -540,15 +566,37 @@ int RSA_check_key(const RSA *key) {
BN_init(&dmq1);
BN_init(&iqmp);
if (/* n = pq */
!BN_mul(&n, key->p, key->q, ctx) ||
/* lcm = lcm(p-1, q-1) */
if (!BN_mul(&n, key->p, key->q, ctx) ||
/* lcm = lcm(prime-1, for all primes) */
!BN_sub(&pm1, key->p, BN_value_one()) ||
!BN_sub(&qm1, key->q, BN_value_one()) ||
!BN_mul(&lcm, &pm1, &qm1, ctx) ||
!BN_gcd(&gcd, &pm1, &qm1, ctx)) {
OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN);
goto out;
}
size_t num_additional_primes = 0;
if (key->additional_primes != NULL) {
num_additional_primes = sk_RSA_additional_prime_num(key->additional_primes);
}
size_t i;
for (i = 0; i < num_additional_primes; i++) {
const RSA_additional_prime *ap =
sk_RSA_additional_prime_value(key->additional_primes, i);
if (!BN_mul(&n, &n, ap->prime, ctx) ||
!BN_sub(&pm1, ap->prime, BN_value_one()) ||
!BN_mul(&lcm, &lcm, &pm1, ctx) ||
!BN_gcd(&gcd, &gcd, &pm1, ctx)) {
OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN);
goto out;
}
}
if (!BN_div(&lcm, NULL, &lcm, &gcd, ctx) ||
!BN_gcd(&gcd, &pm1, &qm1, ctx) ||
!BN_div(&lcm, NULL, &lcm, &gcd, ctx) ||
/* de = d*e mod lcm(p-1, q-1) */
/* de = d*e mod lcm(prime-1, for all primes). */
!BN_mod_mul(&de, key->d, key->e, &lcm, ctx)) {
OPENSSL_PUT_ERROR(RSA, RSA_check_key, ERR_LIB_BN);
goto out;
@ -571,7 +619,7 @@ int RSA_check_key(const RSA *key) {
goto out;
}
if (has_crt_values) {
if (has_crt_values && num_additional_primes == 0) {
if (/* dmp1 = d mod (p-1) */
!BN_mod(&dmp1, key->d, &pm1, ctx) ||
/* dmq1 = d mod (q-1) */
@ -623,6 +671,12 @@ int RSA_recover_crt_params(RSA *rsa) {
return 0;
}
if (rsa->additional_primes != NULL) {
OPENSSL_PUT_ERROR(RSA, RSA_recover_crt_params,
RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY);
return 0;
}
/* This uses the algorithm from section 9B of the RSA paper:
* http://people.csail.mit.edu/rivest/Rsapaper.pdf */

45
crypto/rsa/rsa_asn1.c
View File

@ -64,6 +64,11 @@
/* Override the default free and new methods */
static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg) {
RSA *rsa = (RSA *)*pval;
BN_CTX *ctx = NULL;
BIGNUM *product_of_primes_so_far = NULL;
int ret = 0;
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)RSA_new();
if (*pval) {
@ -71,13 +76,48 @@ static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
}
return 0;
} else if (operation == ASN1_OP_FREE_PRE) {
RSA_free((RSA *)*pval);
RSA_free(rsa);
*pval = NULL;
return 2;
} else if (operation == ASN1_OP_D2I_POST) {
if (rsa->additional_primes != NULL) {
ctx = BN_CTX_new();
product_of_primes_so_far = BN_new();
if (ctx == NULL ||
product_of_primes_so_far == NULL ||
!BN_mul(product_of_primes_so_far, rsa->p, rsa->q, ctx)) {
goto err;
}
size_t i;
for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) {
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
ap->r = BN_dup(product_of_primes_so_far);
if (ap->r == NULL ||
!BN_mul(product_of_primes_so_far, product_of_primes_so_far,
ap->prime, ctx)) {
goto err;
}
}
}
ret = 2;
} else {
return 1;
}
return 1;
err:
BN_CTX_free(ctx);
BN_free(product_of_primes_so_far);
return ret;
}
ASN1_SEQUENCE(RSA_additional_prime) = {
ASN1_SIMPLE(RSA_additional_prime, prime, BIGNUM),
ASN1_SIMPLE(RSA_additional_prime, exp, BIGNUM),
ASN1_SIMPLE(RSA_additional_prime, coeff, BIGNUM),
} ASN1_SEQUENCE_END(RSA_additional_prime);
ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
ASN1_SIMPLE(RSA, version, LONG),
ASN1_SIMPLE(RSA, n, BIGNUM),
@ -88,6 +128,7 @@ ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
ASN1_SIMPLE(RSA, dmp1, BIGNUM),
ASN1_SIMPLE(RSA, dmq1, BIGNUM),
ASN1_SIMPLE(RSA, iqmp, BIGNUM),
ASN1_SEQUENCE_OF_OPT(RSA, additional_primes, RSA_additional_prime),
} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey);
ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {

211
crypto/rsa/rsa_impl.c
View File

@ -78,6 +78,15 @@ static int finish(RSA *rsa) {
BN_MONT_CTX_free(rsa->_method_mod_p);
BN_MONT_CTX_free(rsa->_method_mod_q);
if (rsa->additional_primes != NULL) {
size_t i;
for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); i++) {
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
BN_MONT_CTX_free(ap->method_mod);
}
}
return 1;
}
@ -616,6 +625,11 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
BIGNUM *dmp1, *dmq1, *c, *pr1;
int ret = 0;
size_t i, num_additional_primes = 0;
if (rsa->additional_primes != NULL) {
num_additional_primes = sk_RSA_additional_prime_num(rsa->additional_primes);
}
BN_CTX_start(ctx);
r1 = BN_CTX_get(ctx);
@ -724,6 +738,42 @@ static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
goto err;
}
for (i = 0; i < num_additional_primes; i++) {
/* multi-prime RSA. */
BIGNUM local_exp, local_prime;
BIGNUM *exp = &local_exp, *prime = &local_prime;
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(rsa->additional_primes, i);
BN_with_flags(exp, ap->exp, BN_FLG_CONSTTIME);
BN_with_flags(prime, ap->prime, BN_FLG_CONSTTIME);
/* c will already point to a BIGNUM with the correct flags. */
if (!BN_mod(r1, c, prime, ctx)) {
goto err;
}
if ((rsa->flags & RSA_FLAG_CACHE_PRIVATE) &&
!BN_MONT_CTX_set_locked(&ap->method_mod, &rsa->lock, prime, ctx)) {
goto err;
}
if (!rsa->meth->bn_mod_exp(m1, r1, exp, prime, ctx, ap->method_mod)) {
goto err;
}
BN_set_flags(m1, BN_FLG_CONSTTIME);
if (!BN_sub(m1, m1, r0) ||
!BN_mul(m1, m1, ap->coeff, ctx) ||
!BN_mod(m1, m1, prime, ctx) ||
(BN_is_negative(m1) && !BN_add(m1, m1, prime)) ||
!BN_mul(m1, m1, ap->r, ctx) ||
!BN_add(r0, r0, m1)) {
goto err;
}
}
if (rsa->e && rsa->n) {
if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
rsa->_method_mod_n)) {
@ -766,12 +816,20 @@ err:
return ret;
}
static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
static int keygen_multiprime(RSA *rsa, int bits, int num_primes,
BIGNUM *e_value, BN_GENCB *cb) {
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
BIGNUM local_r0, local_d, local_p;
BIGNUM *pr0, *d, *p;
int bitsp, bitsq, ok = -1, n = 0;
int prime_bits, ok = -1, n = 0, i, j;
BN_CTX *ctx = NULL;
STACK_OF(RSA_additional_prime) *additional_primes = NULL;
if (num_primes < 2) {
ok = 0; /* we set our own err */
OPENSSL_PUT_ERROR(RSA, keygen_multiprime, RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES);
goto err;
}
ctx = BN_CTX_new();
if (ctx == NULL) {
@ -786,8 +844,32 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
goto err;
}
bitsp = (bits + 1) / 2;
bitsq = bits - bitsp;
if (num_primes > 2) {
additional_primes = sk_RSA_additional_prime_new_null();
if (additional_primes == NULL) {
goto err;
}
}
for (i = 2; i < num_primes; i++) {
RSA_additional_prime *ap = OPENSSL_malloc(sizeof(RSA_additional_prime));
if (ap == NULL) {
goto err;
}
memset(ap, 0, sizeof(RSA_additional_prime));
ap->prime = BN_new();
ap->exp = BN_new();
ap->coeff = BN_new();
ap->r = BN_new();
if (ap->prime == NULL ||
ap->exp == NULL ||
ap->coeff == NULL ||
ap->r == NULL ||
!sk_RSA_additional_prime_push(additional_primes, ap)) {
RSA_additional_prime_free(ap);
goto err;
}
}
/* We need the RSA components non-NULL */
if (!rsa->n && ((rsa->n = BN_new()) == NULL)) {
@ -818,8 +900,9 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
BN_copy(rsa->e, e_value);
/* generate p and q */
prime_bits = (bits + (num_primes - 1)) / num_primes;
for (;;) {
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb) ||
if (!BN_generate_prime_ex(rsa->p, prime_bits, 0, NULL, NULL, cb) ||
!BN_sub(r2, rsa->p, BN_value_one()) ||
!BN_gcd(r1, r2, rsa->e, ctx)) {
goto err;
@ -834,19 +917,20 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
if (!BN_GENCB_call(cb, 3, 0)) {
goto err;
}
prime_bits = ((bits - prime_bits) + (num_primes - 2)) / (num_primes - 1);
for (;;) {
/* When generating ridiculously small keys, we can get stuck
* continually regenerating the same prime values. Check for
* this and bail if it happens 3 times. */
unsigned int degenerate = 0;
do {
if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) {
if (!BN_generate_prime_ex(rsa->q, prime_bits, 0, NULL, NULL, cb)) {
goto err;
}
} while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
if (degenerate == 3) {
ok = 0; /* we set our own err */
OPENSSL_PUT_ERROR(RSA, keygen, RSA_R_KEY_SIZE_TOO_SMALL);
OPENSSL_PUT_ERROR(RSA, keygen_multiprime, RSA_R_KEY_SIZE_TOO_SMALL);
goto err;
}
if (!BN_sub(r2, rsa->q, BN_value_one()) ||
@ -860,20 +944,91 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
goto err;
}
}
if (!BN_GENCB_call(cb, 3, 1)) {
if (!BN_GENCB_call(cb, 3, 1) ||
!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) {
goto err;
}
for (i = 2; i < num_primes; i++) {
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(additional_primes, i - 2);
prime_bits = ((bits - BN_num_bits(rsa->n)) + (num_primes - (i + 1))) /
(num_primes - i);
for (;;) {
if (!BN_generate_prime_ex(ap->prime, prime_bits, 0, NULL, NULL, cb)) {
goto err;
}
if (BN_cmp(rsa->p, ap->prime) == 0 ||
BN_cmp(rsa->q, ap->prime) == 0) {
continue;
}
for (j = 0; j < i - 2; j++) {
if (BN_cmp(sk_RSA_additional_prime_value(additional_primes, j)->prime,
ap->prime) == 0) {
break;
}
}
if (j != i - 2) {
continue;
}
if (!BN_sub(r2, ap->prime, BN_value_one()) ||
!BN_gcd(r1, r2, rsa->e, ctx)) {
goto err;
}
if (!BN_is_one(r1)) {
continue;
}
if (i != num_primes - 1) {
break;
}
/* For the last prime we'll check that it makes n large enough. In the
* two prime case this isn't a problem because we generate primes with
* the top two bits set and so the product is always of the expected
* size. In the multi prime case, this doesn't follow. */
if (!BN_mul(r1, rsa->n, ap->prime, ctx)) {
goto err;
}
if (BN_num_bits(r1) == bits) {
break;
}
if (!BN_GENCB_call(cb, 2, n++)) {
goto err;
}
}
/* ap->r is is the product of all the primes prior to the current one
* (including p and q). */
if (!BN_copy(ap->r, rsa->n)) {
goto err;
}
if (i == num_primes - 1) {
/* In the case of the last prime, we calculated n as |r1| in the loop
* above. */
if (!BN_copy(rsa->n, r1)) {
goto err;
}
} else if (!BN_mul(rsa->n, rsa->n, ap->prime, ctx)) {
goto err;
}
if (!BN_GENCB_call(cb, 3, 1)) {
goto err;
}
}
if (BN_cmp(rsa->p, rsa->q) < 0) {
tmp = rsa->p;
rsa->p = rsa->q;
rsa->q = tmp;
}
/* calculate n */
if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) {
goto err;
}
/* calculate d */
if (!BN_sub(r1, rsa->p, BN_value_one())) {
goto err; /* p-1 */
@ -884,6 +1039,14 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
if (!BN_mul(r0, r1, r2, ctx)) {
goto err; /* (p-1)(q-1) */
}
for (i = 2; i < num_primes; i++) {
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(additional_primes, i - 2);
if (!BN_sub(r3, ap->prime, BN_value_one()) ||
!BN_mul(r0, r0, r3, ctx)) {
goto err;
}
}
pr0 = &local_r0;
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) {
@ -912,21 +1075,38 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
goto err;
}
for (i = 2; i < num_primes; i++) {
RSA_additional_prime *ap =
sk_RSA_additional_prime_value(additional_primes, i - 2);
if (!BN_sub(ap->exp, ap->prime, BN_value_one()) ||
!BN_mod(ap->exp, rsa->d, ap->exp, ctx) ||
!BN_mod_inverse(ap->coeff, ap->r, ap->prime, ctx)) {
goto err;
}
}
ok = 1;
rsa->additional_primes = additional_primes;
additional_primes = NULL;
err:
if (ok == -1) {
OPENSSL_PUT_ERROR(RSA, keygen, ERR_LIB_BN);
OPENSSL_PUT_ERROR(RSA, keygen_multiprime, ERR_LIB_BN);
ok = 0;
}
if (ctx != NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
sk_RSA_additional_prime_pop_free(additional_primes,
RSA_additional_prime_free);
return ok;
}
static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) {
return keygen_multiprime(rsa, bits, 2 /* num primes */, e_value, cb);
}
const struct rsa_meth_st RSA_default_method = {
{
0 /* references */,
@ -955,4 +1135,5 @@ const struct rsa_meth_st RSA_default_method = {
RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
keygen,
keygen_multiprime,
};

367
crypto/rsa/rsa_test.c
View File

@ -240,6 +240,361 @@ static int key3(RSA *key, unsigned char *c) {
SetKey;
}
static const char two_prime_key[] =
"\x30\x82\x04\xa6\x02\x01\x00\x02\x82\x01\x01\x00\x93\x3a\x4f\xc9\x6a\x0a"
"\x6b\x28\x04\xfa\xb7\x05\x56\xdf\xa0\xaa\x4f\xaa\xab\x94\xa0\xa9\x25\xef"
"\xc5\x96\xd2\xd4\x66\x16\x62\x2c\x13\x7b\x91\xd0\x36\x0a\x10\x11\x6d\x7a"
"\x91\xb6\xe4\x74\x57\xc1\x3d\x7a\xbe\x24\x05\x3a\x04\x0b\x73\x91\x53\xb1"
"\x74\x10\xe1\x87\xdc\x91\x28\x9c\x1e\xe5\xf2\xb9\xfc\xa2\x48\x34\xb6\x78"
"\xed\x6d\x95\xfb\xf2\xc0\x4e\x1c\xa4\x15\x00\x3c\x8a\x68\x2b\xd6\xce\xd5"
"\xb3\x9f\x66\x02\xa7\x0d\x08\xa3\x23\x9b\xe5\x36\x96\x13\x22\xf9\x69\xa6"
"\x87\x88\x9b\x85\x3f\x83\x9c\xab\x1a\x1b\x6d\x8d\x16\xf4\x5e\xbd\xee\x4b"
"\x59\x56\xf8\x9d\x58\xcd\xd2\x83\x85\x59\x43\x84\x63\x4f\xe6\x1a\x86\x66"
"\x0d\xb5\xa0\x87\x89\xb6\x13\x82\x43\xda\x34\x92\x3b\x68\xc4\x95\x71\x2f"
"\x15\xc2\xe0\x43\x67\x3c\x08\x00\x36\x10\xc3\xb4\x46\x4c\x4e\x6e\xf5\x44"
"\xa9\x04\x44\x9d\xce\xc7\x05\x79\xee\x11\xcf\xaf\x2c\xd7\x9a\x32\xd3\xa5"
"\x30\xd4\x3a\x78\x43\x37\x74\x22\x90\x24\x04\x11\xd7\x95\x08\x52\xa4\x71"
"\x41\x68\x94\xb0\xa0\xc3\xec\x4e\xd2\xc4\x30\x71\x98\x64\x9c\xe3\x7c\x76"
"\xef\x33\xa3\x2b\xb1\x87\x63\xd2\x5c\x09\xfc\x90\x2d\x92\xf4\x57\x02\x01"
"\x03\x02\x82\x01\x00\x62\x26\xdf\xdb\x9c\x06\xf2\x1a\xad\xfc\x7a\x03\x8f"
"\x3f\xc0\x71\x8a\x71\xc7\xb8\x6b\x1b\x6e\x9f\xd9\x0f\x37\x38\x44\x0e\xec"
"\x1d\x62\x52\x61\x35\x79\x5c\x0a\xb6\x48\xfc\x61\x24\x98\x4d\x8f\xd6\x28"
"\xfc\x7e\xc2\xae\x26\xad\x5c\xf7\xb6\x37\xcb\xa2\xb5\xeb\xaf\xe8\x60\xc5"
"\xbd\x69\xee\xa1\xd1\x53\x16\xda\xcd\xce\xfb\x48\xf3\xb9\x52\xa1\xd5\x89"
"\x68\x6d\x63\x55\x7d\xb1\x9a\xc7\xe4\x89\xe3\xcd\x14\xee\xac\x6f\x5e\x05"
"\xc2\x17\xbd\x43\x79\xb9\x62\x17\x50\xf1\x19\xaf\xb0\x67\xae\x2a\x57\xbd"
"\xc7\x66\xbc\xf3\xb3\x64\xa1\xe3\x16\x74\x9e\xea\x02\x5c\xab\x94\xd8\x97"
"\x02\x42\x0c\x2c\xba\x54\xb9\xaf\xe0\x45\x93\xad\x7f\xb3\x10\x6a\x96\x50"
"\x4b\xaf\xcf\xc8\x27\x62\x2d\x83\xe9\x26\xc6\x94\xc1\xef\x5c\x8e\x06\x42"
"\x53\xe5\x56\xaf\xc2\x99\x01\xaa\x9a\x71\xbc\xe8\x21\x33\x2a\x2d\xa3\x36"
"\xac\x1b\x86\x19\xf8\xcd\x1f\x80\xa4\x26\x98\xb8\x9f\x62\x62\xd5\x1a\x7f"
"\xee\xdb\xdf\x81\xd3\x21\xdb\x33\x92\xee\xff\xe2\x2f\x32\x77\x73\x6a\x58"
"\xab\x21\xf3\xe3\xe1\xbc\x4f\x12\x72\xa6\xb5\xc2\xfb\x27\x9e\xc8\xca\xab"
"\x64\xa0\x87\x07\x9d\xef\xca\x0f\xdb\x02\x82\x00\x81\x00\xe6\xd3\x4d\xc0"
"\xa1\x91\x0e\x62\xfd\xb0\xdd\xc6\x30\xb8\x8c\xcb\x14\xc1\x4b\x69\x30\xdd"
"\xcd\x86\x67\xcb\x37\x14\xc5\x03\xd2\xb4\x69\xab\x3d\xe5\x16\x81\x0f\xe5"
"\x50\xf4\x18\xb1\xec\xbc\x71\xe9\x80\x99\x06\xe4\xa3\xfe\x44\x84\x4a\x2d"
"\x1e\x07\x7f\x22\x70\x6d\x4f\xd4\x93\x0b\x8b\x99\xce\x1e\xab\xcd\x4c\xd2"
"\xd3\x10\x47\x5c\x09\x9f\x6d\x82\xc0\x08\x75\xe3\x3d\x83\xc2\x19\x50\x29"
"\xec\x1f\x84\x29\xcc\xf1\x56\xee\xbd\x54\x5d\xe6\x19\xdf\x0d\x1c\xa4\xbb"
"\x0a\xfe\x84\x44\x29\x1d\xf9\x5c\x80\x96\x5b\x24\xb4\xf7\x02\x1b\x02\x82"
"\x00\x81\x00\xa3\x48\xf1\x9c\x58\xc2\x5f\x38\xfb\xd8\x12\x39\xf1\x8e\x73"
"\xa1\xcf\x78\x12\xe0\xed\x2a\xbb\xef\xac\x23\xb2\xbf\xd6\x0c\xe9\x6e\x1e"
"\xab\xea\x3f\x68\x36\xa7\x1f\xe5\xab\xe0\x86\xa5\x76\x32\x98\xdd\x75\xb5"
"\x2b\xbc\xcb\x8a\x03\x00\x7c\x2e\xca\xf8\xbc\x19\xe4\xe3\xa3\x31\xbd\x1d"
"\x20\x2b\x09\xad\x6f\x4c\xed\x48\xd4\xdf\x87\xf9\xf0\x46\xb9\x86\x4c\x4b"
"\x71\xe7\x48\x78\xdc\xed\xc7\x82\x02\x44\xd3\xa6\xb3\x10\x5f\x62\x81\xfc"
"\xb8\xe4\x0e\xf4\x1a\xdd\xab\x3f\xbc\x63\x79\x5b\x39\x69\x5e\xea\xa9\x15"
"\xfe\x90\xec\xda\x75\x02\x82\x00\x81\x00\x99\xe2\x33\xd5\xc1\x0b\x5e\xec"
"\xa9\x20\x93\xd9\x75\xd0\x5d\xdc\xb8\x80\xdc\xf0\xcb\x3e\x89\x04\x45\x32"
"\x24\xb8\x83\x57\xe1\xcd\x9b\xc7\x7e\x98\xb9\xab\x5f\xee\x35\xf8\x10\x76"
"\x9d\xd2\xf6\x9b\xab\x10\xaf\x43\x17\xfe\xd8\x58\x31\x73\x69\x5a\x54\xc1"
"\xa0\x48\xdf\xe3\x0c\xb2\x5d\x11\x34\x14\x72\x88\xdd\xe1\xe2\x0a\xda\x3d"
"\x5b\xbf\x9e\x57\x2a\xb0\x4e\x97\x7e\x57\xd6\xbb\x8a\xc6\x9d\x6a\x58\x1b"
"\xdd\xf6\x39\xf4\x7e\x38\x3e\x99\x66\x94\xb3\x68\x6d\xd2\x07\x54\x58\x2d"
"\x70\xbe\xa6\x3d\xab\x0e\xe7\x6d\xcd\xfa\x01\x67\x02\x82\x00\x80\x6c\xdb"
"\x4b\xbd\x90\x81\x94\xd0\xa7\xe5\x61\x7b\xf6\x5e\xf7\xc1\x34\xfa\xb7\x40"
"\x9e\x1c\x7d\x4a\x72\xc2\x77\x2a\x8e\xb3\x46\x49\x69\xc7\xf1\x7f\x9a\xcf"
"\x1a\x15\x43\xc7\xeb\x04\x6e\x4e\xcc\x65\xe8\xf9\x23\x72\x7d\xdd\x06\xac"
"\xaa\xfd\x74\x87\x50\x7d\x66\x98\x97\xc2\x21\x28\xbe\x15\x72\x06\x73\x9f"
"\x88\x9e\x30\x8d\xea\x5a\xa6\xa0\x2f\x26\x59\x88\x32\x4b\xef\x85\xa5\xe8"
"\x9e\x85\x01\x56\xd8\x8d\x19\xcc\xb5\x94\xec\x56\xa8\x7b\x42\xb4\xa2\xbc"
"\x93\xc7\x7f\xd2\xec\xfb\x92\x26\x46\x3f\x47\x1b\x63\xff\x0b\x48\x91\xa3"
"\x02\x82\x00\x80\x2c\x4a\xb9\xa4\x46\x7b\xff\x50\x7e\xbf\x60\x47\x3b\x2b"
"\x66\x82\xdc\x0e\x53\x65\x71\xe9\xda\x2a\xb8\x32\x93\x42\xb7\xff\xea\x67"
"\x66\xf1\xbc\x87\x28\x65\x29\x79\xca\xab\x93\x56\xda\x95\xc1\x26\x44\x3d"
"\x27\xc1\x91\xc6\x9b\xd9\xec\x9d\xb7\x49\xe7\x16\xee\x99\x87\x50\x95\x81"
"\xd4\x5c\x5b\x5a\x5d\x0a\x43\xa5\xa7\x8f\x5a\x80\x49\xa0\xb7\x10\x85\xc7"
"\xf4\x42\x34\x86\xb6\x5f\x3f\x88\x9e\xc7\xf5\x59\x29\x39\x68\x48\xf2\xd7"
"\x08\x5b\x92\x8e\x6b\xea\xa5\x63\x5f\xc0\xfb\xe4\xe1\xb2\x7d\xb7\x40\xe9"
"\x55\x06\xbf\x58\x25\x6f";
static const uint8_t two_prime_encrypted_msg[] = {
0x63, 0x0a, 0x30, 0x45, 0x43, 0x11, 0x45, 0xb7, 0x99, 0x67, 0x90, 0x35,
0x37, 0x27, 0xff, 0xbc, 0xe0, 0xbf, 0xa6, 0xd1, 0x47, 0x50, 0xbb, 0x6c,
0x1c, 0xaa, 0x66, 0xf2, 0xff, 0x9d, 0x9a, 0xa6, 0xb4, 0x16, 0x63, 0xb0,
0xa1, 0x7c, 0x7c, 0x0c, 0xef, 0xb3, 0x66, 0x52, 0x42, 0xd7, 0x5e, 0xf3,
0xa4, 0x15, 0x33, 0x40, 0x43, 0xe8, 0xb1, 0xfc, 0xe0, 0x42, 0x83, 0x46,
0x28, 0xce, 0xde, 0x7b, 0x01, 0xeb, 0x28, 0x92, 0x70, 0xdf, 0x8d, 0x54,
0x9e, 0xed, 0x23, 0xb4, 0x78, 0xc3, 0xca, 0x85, 0x53, 0x48, 0xd6, 0x8a,
0x87, 0xf7, 0x69, 0xcd, 0x82, 0x8c, 0x4f, 0x5c, 0x05, 0x55, 0xa6, 0x78,
0x89, 0xab, 0x4c, 0xd8, 0xa9, 0xd6, 0xa5, 0xf4, 0x29, 0x4c, 0x23, 0xc8,
0xcf, 0xf0, 0x4c, 0x64, 0x6b, 0x4e, 0x02, 0x17, 0x69, 0xd6, 0x47, 0x83,
0x30, 0x43, 0x02, 0x29, 0xda, 0xda, 0x75, 0x3b, 0xd7, 0xa7, 0x2b, 0x31,
0xb3, 0xe9, 0x71, 0xa4, 0x41, 0xf7, 0x26, 0x9b, 0xcd, 0x23, 0xfa, 0x45,
0x3c, 0x9b, 0x7d, 0x28, 0xf7, 0xf9, 0x67, 0x04, 0xba, 0xfc, 0x46, 0x75,
0x11, 0x3c, 0xd5, 0x27, 0x43, 0x53, 0xb1, 0xb6, 0x9e, 0x18, 0xeb, 0x11,
0xb4, 0x25, 0x20, 0x30, 0x0b, 0xe0, 0x1c, 0x17, 0x36, 0x22, 0x10, 0x0f,
0x99, 0xb5, 0x50, 0x14, 0x73, 0x07, 0xf0, 0x2f, 0x5d, 0x4c, 0xe3, 0xf2,
0x86, 0xc2, 0x05, 0xc8, 0x38, 0xed, 0xeb, 0x2a, 0x4a, 0xab, 0x76, 0xe3,
0x1a, 0x75, 0x44, 0xf7, 0x6e, 0x94, 0xdc, 0x25, 0x62, 0x7e, 0x31, 0xca,
0xc2, 0x73, 0x51, 0xb5, 0x03, 0xfb, 0xf9, 0xf6, 0xb5, 0x8d, 0x4e, 0x6c,
0x21, 0x0e, 0xf9, 0x97, 0x26, 0x57, 0xf3, 0x52, 0x72, 0x07, 0xf8, 0xb4,
0xcd, 0xb4, 0x39, 0xcf, 0xbf, 0x78, 0xcc, 0xb6, 0x87, 0xf9, 0xb7, 0x8b,
0x6a, 0xce, 0x9f, 0xc8,
};
static const char three_prime_key[] =
"\x30\x82\x04\xd7\x02\x01\x01\x02\x82\x01\x00\x62\x91\xe9\xea\xb3\x5d\x6c"
"\x29\xae\x21\x83\xbb\xb5\x82\xb1\x9e\xea\xe0\x64\x5b\x1e\x2f\x5e\x2c\x0a"
"\x80\x3d\x29\xd4\xfa\x9a\xe7\x44\xe6\x21\xbd\x98\xc0\x3d\xe0\x53\x59\xae"
"\xd3\x3e\xfe\xc4\xc2\xc4\x5a\x5a\x89\x07\xf4\x4f\xdc\xb0\x6a\xd4\x3e\x99"
"\x7d\x7a\x97\x26\x4e\xe1\x93\xca\x6e\xed\x07\xfc\xb4\xfa\x95\x1e\x73\x7b"
"\x86\x08\x6a\xb9\xd4\x29\xb0\x7e\x59\xb7\x9d\x7b\xeb\x67\x6e\xf0\xbb\x5e"
"\xcf\xb9\xcd\x58\x93\xf0\xe7\x88\x17\x6c\x0d\x76\x1e\xb9\x27\x9a\x4d\x02"
"\x16\xb6\x49\x6d\xa7\x83\x23\x4d\x02\x48\x0c\x0c\x1f\x0e\x85\x21\xe3\x06"
"\x76\x0a\x73\xe6\xc1\x21\xfa\x30\x18\x78\x29\x5c\x31\xd0\x29\xae\x6f\x7d"
"\x87\xd8\x2f\x16\xfa\xbc\x67\x8a\x94\x71\x59\x9b\xec\x22\x40\x55\x9f\xc2"
"\x94\xb5\xbd\x78\x01\xc9\xef\x18\xc8\x6d\x0d\xdc\x53\x42\xb2\x5c\xab\x65"
"\x05\xbd\x35\x08\x85\x1b\xf8\xe9\x47\xbc\xfe\xc5\xae\x47\x29\x63\x44\x8e"
"\x4d\xb7\x47\xab\x0d\xd8\x76\x68\x4f\xc7\x07\x02\xe4\x86\xb0\xcf\xd8\x19"
"\xad\xf4\x85\x76\x8b\x3b\x4e\x40\x8d\x29\x7a\x8a\x07\x36\xf3\x78\xae\x17"
"\xa6\x8f\x53\x58\x65\x4c\x86\x9e\xd7\x8b\xec\x38\x4f\x99\xc7\x02\x01\x03"
"\x02\x82\x01\x00\x41\xb6\x9b\xf1\xcc\xe8\xf2\xc6\x74\x16\x57\xd2\x79\x01"
"\xcb\xbf\x47\x40\x42\xe7\x69\x74\xe9\x72\xb1\xaa\xd3\x71\x38\xa7\x11\xef"
"\x83\x44\x16\x7e\x65\xd5\x7e\x95\x8c\xe6\x74\x8c\xd4\xa9\xd8\x81\xd8\x3c"
"\x3c\x5b\x5a\xa2\xdf\xe8\x75\x9c\x8d\x7f\x10\xfe\x51\xba\x19\x89\xeb\xb7"
"\xdc\x49\xf3\x5a\xa8\x78\xa7\x0e\x14\x4c\xfd\x04\x05\x9c\x7b\xe2\xc5\xa3"
"\x04\xee\xd9\x4c\xfd\x7d\x47\xb0\x0d\x9b\x3d\x70\x91\x81\x2c\xab\x2b\x87"
"\xad\x11\x68\x24\xfc\x2b\xd4\xee\x5e\x28\xeb\x6d\xab\xde\x0f\x77\x15\x58"
"\x76\x39\xc9\x59\x3a\x7f\x19\x9d\xc6\x7e\x86\xe4\xd5\x38\x70\x9e\xae\xb9"
"\xfb\x33\x33\xd1\x0c\x2d\xab\x01\x20\xe1\x8b\x29\x99\xd3\xeb\x87\x05\x72"
"\xaa\x43\x58\x64\x8e\x9e\x31\xdb\x45\x9b\x2b\xac\x58\x80\x5d\x33\xa2\x43"
"\x05\x96\xcc\xca\x2d\x04\x5f\xd6\xb7\x3d\x8b\x8f\x2d\xa3\xa5\xf8\x73\xf5"
"\xd7\xc0\x19\xff\x10\xe6\xee\x3a\x26\x2f\xe1\x64\x3d\x11\xcd\x2d\xe4\x0a"
"\x84\x27\xe3\xcb\x16\x62\x19\xe7\xe3\x0d\x13\xe8\x09\x5a\x53\xd0\x20\x56"
"\x15\xf5\xb3\x67\xac\xa1\xb5\x94\x6b\xab\xdc\x71\xc7\xbf\x0a\xde\x76\xf5"
"\x03\xa0\x30\xd8\x27\x9d\x00\x2b\x02\x57\x00\xf1\x4f\xc2\x86\x13\x06\x17"
"\xf7\x69\x7e\x37\xdf\x67\xc5\x32\xa0\x74\x1c\x32\x69\x0f\x9f\x08\x88\x24"
"\xb1\x51\xbc\xbc\x92\xba\x73\x1f\x9c\x75\xc2\x14\x6d\x4f\xc4\x5a\xcf\xda"
"\x44\x35\x00\x6b\x42\x3b\x9f\x14\xf1\x05\xb3\x51\x22\xb6\xbe\x9c\xe0\xc1"
"\x5c\x48\x61\xdf\x4e\x4c\x72\xb8\x05\x35\x7c\xac\xf1\xbb\xa0\x3b\x2a\xea"
"\xf7\x86\xe9\xd2\xff\x1e\x1d\x02\x56\x00\xca\xb1\x39\xf6\xa2\xc6\x3b\x65"
"\x45\x2f\x39\x00\xcd\x6e\xd6\x55\xf7\x71\x37\x89\xc2\xe7\x7a\xc0\x1a\xa6"
"\x2f\xea\x17\x7c\xaa\x2a\x91\x8f\xd4\xc7\x50\x8b\xab\x8e\x99\x3b\x33\x91"
"\xbc\x02\x10\x58\x4b\x58\x40\x9b\xc4\x8f\x48\x2b\xa7\x44\xfd\x07\x04\xf0"
"\x98\x67\x56\xea\x25\x92\x8b\x2e\x4b\x4a\xa1\xd3\xc2\xa4\xb4\x9b\x59\x70"
"\x32\xa6\xd8\x8b\xd9\x02\x57\x00\xa0\xdf\xd7\x04\x0c\xae\xba\xa4\xf0\xfe"
"\xcf\xea\x45\x2e\x21\xc0\x4d\x68\x21\x9b\x5f\xbf\x5b\x05\x6d\xcb\x8b\xd3"
"\x28\x61\xd1\xa2\x15\x12\xf9\x2c\x0d\x9e\x35\x2d\x91\xdf\xe6\xd8\x23\x55"
"\x9c\xd6\xd2\x6a\x0d\xf6\x03\xcc\xe0\xc1\xcf\x29\xbd\xeb\x2b\x92\xda\xeb"
"\xea\x34\x32\xf7\x25\x58\xce\x53\x1d\xf6\x7d\x15\x7c\xc7\x47\x4f\xaf\x46"
"\x8c\xaa\x14\x13\x02\x56\x00\x87\x20\xd1\x4f\x17\x2e\xd2\x43\x83\x74\xd0"
"\xab\x33\x9f\x39\x8e\xa4\xf6\x25\x06\x81\xef\xa7\x2a\xbc\x6e\xca\x9c\x0f"
"\xa8\x71\x71\xb6\x5f\xe3\x2f\x8b\x07\xc7\xb4\x66\x27\x77\xb6\x7d\x56\xb5"
"\x90\x32\x3a\xd5\xbd\x2d\xb4\xda\xc7\xc4\xd8\xa8\xaf\x58\xa0\x65\x9a\x39"
"\xf1\x6e\x61\xb2\x1e\xdc\xdc\x6b\xe2\x81\xc3\x23\x12\x3b\xa0\x21\xc4\x90"
"\x5d\x3b\x02\x57\x00\xe6\x8a\xaa\xb8\x6d\x2c\x81\x43\xb5\xd6\xa0\x2b\x42"
"\x49\xa9\x0a\x51\xfa\x18\xc8\x32\xea\x54\x18\xf3\x60\xc2\xb5\x4a\x43\x05"
"\x93\x9c\x01\xd9\x28\xed\x73\xfa\x82\xbc\x12\x64\xcb\xc4\x24\xa9\x3e\xae"
"\x7c\x4b\x8f\x94\x57\x7b\x14\x10\x41\xdc\x62\x12\x8c\xb2\x4a\x7c\xf6\x53"
"\xd4\xc6\xe4\xda\xd1\xa2\x00\x0e\x3d\x30\xf7\x05\x4f\x1d\x82\xbc\x52\xd9"
"\xb1\x30\x82\x01\x0a\x30\x82\x01\x06\x02\x56\x00\x84\x12\x4f\xf7\x3b\x65"
"\x53\x34\x6c\x6c\x4d\x77\xdf\xfd\x1f\xb6\x16\xe2\x25\x15\xca\xc9\xc1\x41"
"\x9a\x50\xda\xeb\x88\x4f\x3d\xb3\x01\x00\x44\xc4\xac\xe7\x14\x62\xa6\x56"
"\xde\xc5\xb7\xc3\x1d\x07\xbd\x7d\x64\xc5\x7e\x45\x25\x56\xed\x7a\xd2\x14"
"\xdb\x4e\x27\xd4\x1f\xf8\x94\xa7\xef\x07\xce\xdb\x24\xb7\xdd\x71\x5c\x63"
"\xc9\x33\xfe\xde\x40\x52\xeb\x02\x55\x58\x0c\x35\x4f\x7c\xee\x37\x78\x48"
"\x48\x33\xa5\x3f\xfe\x15\x24\x0f\x41\x6e\x0e\x87\x31\x2b\x81\x11\x8b\x3c"
"\x9d\x05\x8a\x29\x22\x00\xaa\xd8\x83\x1d\xef\x62\xec\x6e\xe4\x94\x83\xcf"
"\xd7\x68\xaf\xd3\xa8\xed\xd8\xfe\xd8\xc3\x8f\x48\xfc\x8c\x0d\xe7\x89\x6f"
"\xe2\xbf\xfb\x0d\xc5\x4a\x05\x34\x92\x18\x7a\x93\xa0\xe8\x42\x86\x22\xa9"
"\xe9\x80\x37\x47\x02\x55\x60\x76\xab\xde\x2b\xf5\xa2\x2c\xaa\x0c\x99\x81"
"\xee\x72\x2c\x7d\x22\x59\x2a\x35\xea\x50\x4e\x47\x6b\x92\x2d\x30\xa1\x01"
"\xa5\x9e\x26\x6e\x27\xca\xf5\xf2\x87\x5d\x31\xaf\xe9\x32\xcd\x10\xfd\x4d"
"\xdb\xf9\x86\x05\x12\x1b\x01\x84\x55\x97\x5f\xe2\x78\x27\xd9\xe4\x26\x7d"
"\xab\x0e\xe0\x1b\x6f\xcb\x4b\x14\xdd\xdc\xdc\x8b\xe8\x9f\xd0\x62\x96\xca"
"\xcf";
static const uint8_t three_prime_encrypted_msg[] = {
0x58, 0xd9, 0xea, 0x8a, 0xf6, 0x3d, 0xb4, 0xd9, 0xf7, 0xbb, 0x02, 0xc5,
0x58, 0xd2, 0xa9, 0x46, 0x80, 0x70, 0x70, 0x16, 0x07, 0x64, 0x32, 0x4c,
0x4e, 0x92, 0x61, 0xb7, 0xff, 0x92, 0xdc, 0xfc, 0xf8, 0xf0, 0x2c, 0x84,
0x56, 0xbc, 0xe5, 0x93, 0x76, 0xe5, 0xa3, 0x72, 0x98, 0xf2, 0xdf, 0xef,
0x99, 0x53, 0xf6, 0xd8, 0x4b, 0x09, 0xac, 0xa9, 0xa3, 0xdb, 0x63, 0xa1,
0xb5, 0x09, 0x8e, 0x40, 0x84, 0x8f, 0x4d, 0xd5, 0x1d, 0xac, 0x6c, 0xaa,
0x6b, 0x15, 0xe7, 0xb1, 0x0c, 0x67, 0xd2, 0xb2, 0x81, 0x58, 0x30, 0x0e,
0x18, 0x27, 0xa1, 0x9b, 0x96, 0xad, 0xae, 0x76, 0x1a, 0x32, 0xf7, 0x10,
0x0b, 0x53, 0x85, 0x31, 0xd6, 0x2a, 0xf6, 0x1c, 0x9f, 0xc2, 0xc7, 0xb1,
0x05, 0x63, 0x0b, 0xa5, 0x07, 0x1f, 0x1c, 0x01, 0xf0, 0xe0, 0x06, 0xea,
0x20, 0x69, 0x41, 0x19, 0x57, 0x92, 0x17, 0xf7, 0x0c, 0x5c, 0x66, 0x75,
0x0e, 0xe5, 0xb3, 0xf1, 0x67, 0x3b, 0x27, 0x47, 0xb2, 0x8e, 0x1c, 0xb6,
0x3f, 0xdd, 0x76, 0x42, 0x31, 0x13, 0x68, 0x96, 0xdf, 0x3b, 0xd4, 0x87,
0xd9, 0x16, 0x44, 0x71, 0x52, 0x2e, 0x54, 0x3e, 0x09, 0xcd, 0x71, 0xc1,
0x1e, 0x5e, 0x96, 0x13, 0xc9, 0x1e, 0xa4, 0xe6, 0xe6, 0x97, 0x2c, 0x6b,
0xf2, 0xa9, 0x5c, 0xc6, 0x60, 0x2a, 0xbc, 0x82, 0xf8, 0xcb, 0xd4, 0xd7,
0xea, 0x8a, 0xa1, 0x8a, 0xd9, 0xa5, 0x14, 0x8b, 0x9e, 0xf9, 0x25, 0x02,
0xd2, 0xab, 0x0c, 0x42, 0xca, 0x2d, 0x45, 0xa3, 0x56, 0x5e, 0xa2, 0x2a,
0xc8, 0x60, 0xa5, 0x87, 0x5d, 0x85, 0x5c, 0xde, 0xc7, 0xa2, 0x47, 0xc3,
0x99, 0x29, 0x23, 0x79, 0x36, 0x88, 0xad, 0x40, 0x3e, 0x27, 0x7d, 0xf0,
0xb6, 0xfa, 0x95, 0x20, 0x3c, 0xec, 0xfc, 0x56, 0x3b, 0x20, 0x91, 0xee,
0x98, 0x10, 0x2c, 0x82,
};
static const char six_prime_key[] =
"\x30\x82\x05\x24\x02\x01\x01\x02\x82\x01\x00\x1c\x04\x39\x44\xb9\xb8\x71"
"\x1c\x1c\xf7\xdc\x11\x1b\x85\x3b\x2b\xe8\xa6\xeb\xeb\xe9\xb6\x86\x97\x73"
"\x5d\x75\x46\xd1\x35\x25\xf8\x30\x9a\xc3\x57\x44\x89\xa6\x44\x59\xe3\x3a"
"\x60\xb5\x33\x84\x72\xa4\x03\xc5\x1a\x20\x98\x70\xbd\xe8\x3b\xc1\x9b\x8a"
"\x3a\x24\x45\xb6\x6a\x73\xb4\xd0\x6c\x18\xc6\xa7\x94\xd3\x24\x70\xf0\x2d"
"\x0c\xa5\xb2\x3b\xc5\x33\x90\x9d\x56\x8d\x33\xf6\x93\x7d\xa7\x95\x88\x05"
"\xdf\xf5\x65\x58\xb9\x5b\xd3\x07\x9c\x16\x8e\x74\xfc\xb8\x76\xaf\x62\x99"
"\x6c\xd4\xc5\xb3\x69\xe5\x64\xdf\x38\x00\x25\x24\xe9\xb1\x4a\x85\xa6\xf4"
"\xb6\x23\x68\x67\x4a\x2c\xbd\x9d\x01\x3b\x04\x8c\x70\x94\x82\x76\x45\x0c"
"\x8b\x95\x8a\x07\x1c\x32\xe7\x09\x97\x3a\xfd\xca\x57\xe9\x57\x0c\xae\x2b"
"\xa3\x25\xd1\xf2\x0d\x34\xa1\xe6\x2f\x7b\x1b\x36\x53\x83\x95\xb9\x26\x6e"
"\x4f\x36\x26\xf8\x47\xae\xdf\xe8\x4d\xf6\xb2\xff\x03\x23\x74\xfa\xa5\x6d"
"\xcb\xcb\x80\x12\xc3\x77\xf0\x19\xb7\xf2\x6b\x19\x5c\xde\x0a\xd7\xee\x8c"
"\x48\x2f\x50\x24\xa5\x2e\xcc\x2a\xed\xc2\x35\xe0\x3d\x29\x31\x17\xd6\x8f"
"\x44\xaa\x5b\x33\xbd\xb4\x88\x87\xd9\x29\x3f\x94\xe7\x75\xe3\x02\x01\x03"
"\x02\x82\x01\x00\x12\xad\x7b\x83\x26\x7a\xf6\x12\xbd\xfa\x92\xb6\x12\x58"
"\xd2\x1d\x45\xc4\x9d\x47\xf1\x24\x59\xba\x4c\xe8\xf8\xd9\xe0\xce\x19\x50"
"\x20\x67\x2c\xe4\xd8\x5b\xc4\x2d\x91\x41\xeb\x05\x4f\xf4\xb4\x20\xc7\xbc"
"\xd6\xe2\x5c\xa0\x27\xcf\xb8\xb3\x3b\x5c\xeb\x5e\x96\xb7\x99\x4b\x8a\xc3"
"\x70\xaf\x7f\xd8\x5f\xeb\xcb\x1a\x79\x44\x68\x97\x84\xd8\x29\x87\x64\xba"
"\x18\x2e\x95\x66\x1a\x7d\xd9\x35\x3a\x5c\x92\x7a\x81\x1b\x6c\xa9\xf8\xfa"
"\x05\x23\x18\x5b\xb2\xf8\x77\x1c\xc5\x1b\x7d\x26\x5f\x48\x69\x1b\xc4\x34"
"\xef\x6e\xa1\x15\xd2\xb2\xac\xb8\xa8\xed\x1e\xee\xdc\xb5\xb9\x5c\x79\x25"
"\x48\xbb\xe5\x9d\xd8\xe5\xe2\x94\xdf\xd5\x32\x22\x84\xbf\xc2\xaa\xa4\x54"
"\xbb\x29\xdb\x13\x4a\x28\x3d\x83\x3a\xff\xa3\xae\x38\x08\xfc\x36\x84\x91"
"\x30\xd1\xfd\x82\x64\xf1\x0f\xae\xba\xd7\x9a\x43\x58\x03\x5e\x5f\x01\xcb"
"\x8b\x90\x8d\x77\x34\x6f\x37\x40\xb6\x6d\x22\x23\x90\xb2\xfd\x32\xb5\x96"
"\x45\xbf\xae\x8c\xc4\x62\x03\x6c\x68\x90\x59\x31\x1a\xcb\xfb\xa4\x0b\x94"
"\x15\x13\xda\x1a\x8d\xa7\x0b\x34\x62\x93\xea\xbe\x6e\x71\xc2\x1d\xc8\x9d"
"\xac\x66\xcc\x31\x87\xff\x99\xab\x02\x2c\x00\xa5\x57\x41\x66\x87\x68\x02"
"\x6a\xdf\x97\xb0\xfe\x6b\x34\xc4\x33\x88\x2b\xce\x82\xaf\x2d\x33\x5a\xad"
"\x75\x2d\xac\xa5\xd6\x3a\x2d\x65\x43\x68\xfb\x44\x9e\xb8\x25\x05\xed\x97"
"\x02\x2c\x00\xd2\x77\x34\x24\xac\x60\x9a\xc4\x68\x34\xe5\x6a\xa3\xdc\xe2"
"\xb0\x58\x5c\x35\x83\x5a\xc7\xa7\xc1\x0b\x7e\x9e\xa5\x85\x32\x47\x93\x22"
"\xee\xb6\x59\xe9\xe3\x61\x94\xd0\x0e\xcb\x02\x2b\x6e\x3a\x2b\x99\xaf\x9a"
"\xac\x47\x3f\xba\x75\xfe\xf2\x23\x2d\x77\xb0\x1d\x34\x57\x1f\x73\x77\x91"
"\xc8\xf8\xc9\x1d\xc3\xe4\x26\xc8\xee\x2c\xf0\xa7\x83\x14\x7a\xc3\x59\x49"
"\x0f\x02\x2c\x00\x8c\x4f\x78\x18\x72\xeb\x11\xd8\x45\x78\x98\xf1\xc2\x93"
"\x41\xca\xe5\x92\xce\x57\x91\xda\x6f\xd6\x07\xa9\xbf\x19\x03\x76\xda\x62"
"\x17\x49\xce\xe6\x9b\xec\xeb\xb8\x8a\xb4\x87\x02\x2c\x00\xa3\xc2\x29\xa6"
"\xa7\xe1\x3c\xe9\xcf\x0f\x50\x51\x1c\xcc\xc8\x5b\x08\x9c\x97\x24\x3a\x86"
"\x23\xa8\x0b\xbb\x54\xa6\xb9\x70\x3d\x1d\xd0\x1b\xa3\xac\xd9\xb2\x03\x80"
"\xd7\x67\xec\x30\x82\x02\x2d\x30\x82\x00\x88\x02\x2c\x00\x97\x5d\x3b\xf2"
"\xcc\xba\xd9\x77\x67\xaa\xd2\x22\xa7\xa3\x49\x08\xc7\xb8\x27\xa1\x59\x4b"
"\xa7\xa5\xd2\x74\x05\xe7\x5a\x35\xd7\x25\x79\x18\x20\x8a\x25\xec\x3b\x52"
"\xaf\xcb\xdb\x02\x2b\x64\xe8\xd2\xa1\xdd\xd1\xe6\x4f\x9a\x71\xe1\x6c\x6f"
"\xc2\x30\xb0\x85\x25\x6f\xc0\xe6\x32\x6f\xc3\xe1\xa2\xae\x9a\x3c\x23\xe4"
"\xc3\xa6\x10\x15\xb1\x6e\x9d\x7c\xe1\xca\x87\xe7\x02\x2b\x5e\xef\x25\x29"
"\xed\xf6\x52\x15\xd3\x60\xb6\x88\xcf\x0f\xe2\x24\xa4\x04\x97\x9c\x9d\x58"
"\x13\xbb\x00\x6d\x39\xf6\xad\x21\x7e\x56\x2c\x2e\x06\x06\xc4\x6d\x44\xac"
"\x79\x1f\xe5\x30\x82\x00\x89\x02\x2c\x00\xdb\xf1\x78\xf9\xa4\x94\xea\x39"
"\x8a\x3f\x23\x48\x2a\x23\x8f\xd2\x18\x97\xd2\xdf\x0f\xb8\x2b\x33\xa0\xe8"
"\x8f\xbc\x4e\x42\xfd\x54\xc7\x0f\xde\xba\x6d\xba\x96\xa7\xce\x67\x3d\x02"
"\x2c\x00\x92\xa0\xfb\x51\x18\x63\x46\xd1\x06\xd4\xc2\x30\x1c\x17\xb5\x36"
"\xbb\x0f\xe1\xea\x0a\x7a\xc7\x77\xc0\x9b\x0a\x7d\x89\x81\xfe\x38\x84\xb5"
"\x3f\x26\xf3\xd1\xb9\xc5\x34\x44\xd3\x02\x2b\x4c\xbd\x1d\x44\xc8\x19\x23"
"\xd8\xb3\x96\x66\x4b\x62\xcb\x3e\xe6\x6c\x11\xdf\xb2\x92\xd3\xc8\x34\xb9"
"\xa6\x5a\x2f\x19\xf4\x0b\xb2\xe6\x8e\xa6\xaf\xa3\xae\xa4\xb3\x92\xc4\x79"
"\x30\x82\x00\x85\x02\x2b\x00\x89\xab\x30\xfc\x7b\x37\x94\x11\x9f\x4d\x31"
"\x3b\xac\x09\x57\xe6\x64\xec\xa0\xc8\xf8\x04\x1a\xf9\x2a\xa4\x4b\x36\x18"
"\xbb\x5f\xdc\xcd\xf0\xc8\xcb\x97\xd1\xdf\x13\x12\x3f\x02\x2a\x5b\xc7\x75"
"\xfd\xa7\x7a\x62\xb6\x6a\x33\x76\x27\xc8\x06\x3a\x99\x98\x9d\xc0\x85\xfa"
"\xad\x67\x50\xc7\x18\x32\x24\x10\x7c\xea\x93\x33\xf5\xdb\x32\x65\x36\x94"
"\xb7\x61\x7f\x02\x2a\x16\x6c\x96\xa1\x50\x6f\x3a\x92\xc0\x75\x43\xb5\x6b"
"\x9c\x17\x09\xd3\xf0\x67\x69\x45\x92\xfb\x7b\x50\xa8\x42\x9b\x33\x92\xab"
"\xd5\xe6\x49\xb3\x26\x99\x55\x16\x3a\x39\x63\x30\x82\x00\x87\x02\x2b\x00"
"\xc1\x25\x19\x1d\x6e\x18\xcb\x2d\x64\xe2\xe6\xb6\x1c\xe4\xaa\x9c\xb9\xee"
"\x18\xd4\xf7\x5f\x66\x40\xf0\xe1\x31\x38\xf2\x53\x00\x8b\xcc\xe4\x0d\xb7"
"\x81\xb4\xe6\x1c\x19\xaf\x02\x2b\x00\x80\xc3\x66\x13\x9e\xbb\x32\x1e\x43"
"\x41\xef\x24\x13\x43\x1c\x68\x7b\xf4\x10\x8d\xfa\x3f\x99\x80\xa0\x96\x20"
"\xd0\xa1\x8c\xab\x07\xdd\xed\x5e\x7a\x56\x78\x99\x68\x11\x1f\x02\x2b\x00"
"\xb0\x59\xea\x67\x93\x42\xbf\x07\x54\x38\x41\xcb\x73\xa4\x0e\xc2\xae\x56"
"\x19\x41\xc9\x8a\xb2\x2f\xa8\x0a\xb1\x4e\x12\x39\x2e\xc0\x94\x9a\xc6\xa3"
"\xe4\xaf\x8a\x16\x06\xb8";
static const uint8_t six_prime_encrypted_msg[] = {
0x0a, 0xcb, 0x6c, 0x02, 0x9d, 0x1a, 0x7c, 0xf3, 0x4e, 0xff, 0x16, 0x88,
0xee, 0x22, 0x1d, 0x8d, 0xd2, 0xfd, 0xde, 0x83, 0xb3, 0xd9, 0x35, 0x2c,
0x82, 0xe0, 0xff, 0xe6, 0x79, 0x6d, 0x06, 0x21, 0x74, 0xa8, 0x04, 0x0c,
0xe2, 0xd3, 0x98, 0x3f, 0xbf, 0xd0, 0xe9, 0x88, 0x24, 0xe2, 0x05, 0xa4,
0x45, 0x51, 0x87, 0x6b, 0x1c, 0xef, 0x5f, 0x2d, 0x61, 0xb6, 0xf1, 0x4c,
0x1f, 0x3d, 0xbf, 0x4b, 0xf2, 0xda, 0x09, 0x97, 0x81, 0xde, 0x91, 0xb7,
0x0d, 0xb4, 0xc2, 0xab, 0x41, 0x64, 0x9d, 0xd9, 0x39, 0x46, 0x79, 0x66,
0x43, 0xf1, 0x34, 0x21, 0x56, 0x2f, 0xc6, 0x68, 0x40, 0x4a, 0x2d, 0x73,
0x96, 0x50, 0xe1, 0xb0, 0xaf, 0x49, 0x39, 0xb4, 0xf0, 0x3a, 0x78, 0x38,
0x70, 0xa9, 0x91, 0x5d, 0x5e, 0x07, 0xf4, 0xec, 0xbb, 0xc4, 0xe5, 0x8a,
0xb8, 0x06, 0xba, 0xdf, 0xc6, 0x48, 0x78, 0x4b, 0xca, 0x2a, 0x8a, 0x92,
0x64, 0xe3, 0xa6, 0xae, 0x87, 0x97, 0x12, 0x16, 0x46, 0x67, 0x59, 0xdf,
0xf2, 0xf3, 0x89, 0x6f, 0xe8, 0xa9, 0x13, 0x57, 0x63, 0x4e, 0x07, 0x98,
0xcc, 0x73, 0xa0, 0x84, 0x9d, 0xe8, 0xb3, 0x50, 0x59, 0xb5, 0x51, 0xb3,
0x41, 0x7d, 0x55, 0xfe, 0xd9, 0xf0, 0xc6, 0xff, 0x6e, 0x96, 0x4f, 0x22,
0xb2, 0x0d, 0x6b, 0xc9, 0x83, 0x2d, 0x98, 0x98, 0xb2, 0xd1, 0xb7, 0xe4,
0x50, 0x83, 0x1a, 0xa9, 0x02, 0x9f, 0xaf, 0x54, 0x74, 0x2a, 0x2c, 0x63,
0x10, 0x79, 0x45, 0x5c, 0x95, 0x0d, 0xa1, 0x9b, 0x55, 0xf3, 0x1e, 0xb7,
0x56, 0x59, 0xf1, 0x59, 0x8d, 0xd6, 0x15, 0x89, 0xf6, 0xfe, 0xc0, 0x00,
0xdd, 0x1f, 0x2b, 0xf0, 0xf7, 0x5d, 0x64, 0x84, 0x76, 0xd3, 0xc2, 0x92,
0x35, 0xac, 0xb5, 0xf9, 0xf6, 0xa8, 0x05, 0x89, 0x4c, 0x95, 0x41, 0x4e,
0x34, 0x25, 0x11, 0x14,
};
static int test_multi_prime_key(int nprimes, const uint8_t *der,
size_t der_size, const uint8_t *enc,
size_t enc_size) {
RSA *rsa = d2i_RSAPrivateKey(NULL, &der, der_size);
if (!rsa) {
printf("%d-prime key failed to parse.\n", nprimes);
ERR_print_errors_fp(stderr);
return 0;
}
if (!RSA_check_key(rsa)) {
printf("RSA_check_key failed for %d-prime key.\n", nprimes);
ERR_print_errors_fp(stderr);
return 0;
}
uint8_t out[256];
size_t out_len;
if (!RSA_decrypt(rsa, &out_len, out, sizeof(out), enc, enc_size,
RSA_PKCS1_PADDING) ||
out_len != 11 ||
memcmp(out, "hello world", 11) != 0) {
printf("%d-prime key failed to decrypt.\n", nprimes);
ERR_print_errors_fp(stderr);
return 0;
}
RSA_free(rsa);
return 1;
}
static int test_multi_prime_keygen() {
RSA *rsa = RSA_new();
BIGNUM e;
BN_init(&e);
static const char kMessage[] = "Hello world.";
static const size_t kBits = 1024;
uint8_t encrypted[kBits / 8], decrypted[kBits / 8];
size_t encrypted_len, decrypted_len;
if (rsa == NULL ||
!BN_set_word(&e, RSA_F4) ||
!RSA_generate_multi_prime_key(rsa, kBits, 3, &e, NULL) ||
!RSA_check_key(rsa) ||
!RSA_encrypt(rsa, &encrypted_len, encrypted, sizeof(encrypted),
(const uint8_t *)kMessage, sizeof(kMessage),
RSA_PKCS1_PADDING) ||
!RSA_decrypt(rsa, &decrypted_len, decrypted, sizeof(decrypted), encrypted,
encrypted_len, RSA_PKCS1_PADDING) ||
decrypted_len != sizeof(kMessage) ||
memcmp(decrypted, kMessage, sizeof(kMessage)) != 0) {
ERR_print_errors_fp(stderr);
return 0;
}
BN_free(&e);
RSA_free(rsa);
return 1;
}
static int test_bad_key(void) {
RSA *key = RSA_new();
BIGNUM e;
@ -500,7 +855,17 @@ int main(int argc, char *argv[]) {
if (err != 0 ||
!test_only_d_given() ||
!test_recover_crt_params() ||
!test_bad_key()) {
!test_bad_key() ||
!test_multi_prime_key(2, (const uint8_t *)two_prime_key,
sizeof(two_prime_key) - 1, two_prime_encrypted_msg,
sizeof(two_prime_encrypted_msg)) ||
!test_multi_prime_key(
3, (const uint8_t *)three_prime_key, sizeof(three_prime_key) - 1,
three_prime_encrypted_msg, sizeof(three_prime_encrypted_msg)) ||
!test_multi_prime_key(6, (const uint8_t *)six_prime_key,
sizeof(six_prime_key) - 1, six_prime_encrypted_msg,
sizeof(six_prime_encrypted_msg)) ||
!test_multi_prime_keygen()) {
err = 1;
}

15
include/openssl/rsa.h
View File

@ -100,6 +100,12 @@ OPENSSL_EXPORT int RSA_up_ref(RSA *rsa);
OPENSSL_EXPORT int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
BN_GENCB *cb);
/* RSA_generate_multi_prime_key acts like |RSA_generate_key_ex| but can
* generate an RSA private key with more than two primes. */
OPENSSL_EXPORT int RSA_generate_multi_prime_key(RSA *rsa, int bits,
int num_primes, BIGNUM *e,
BN_GENCB *cb);
/* Encryption / Decryption */
@ -450,6 +456,9 @@ struct rsa_meth_st {
int (*keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
int (*multi_prime_keygen)(RSA *rsa, int bits, int num_primes, BIGNUM *e,
BN_GENCB *cb);
/* supports_digest returns one if |rsa| supports digests of type
* |md|. If null, it is assumed that all digests are supported. */
int (*supports_digest)(const RSA *rsa, const EVP_MD *md);
@ -473,6 +482,9 @@ struct rsa_st {
BIGNUM *dmp1;
BIGNUM *dmq1;
BIGNUM *iqmp;
STACK_OF(RSA_additional_prime) *additional_primes;
/* be careful using this if the RSA structure is shared */
CRYPTO_EX_DATA ex_data;
CRYPTO_refcount_t references;
@ -530,6 +542,7 @@ struct rsa_st {
#define RSA_F_rsa_setup_blinding 125
#define RSA_F_sign_raw 126
#define RSA_F_verify_raw 127
#define RSA_F_keygen_multiprime 128
#define RSA_R_BAD_E_VALUE 100
#define RSA_R_BAD_FIXED_HEADER_DECRYPT 101
#define RSA_R_BAD_PAD_BYTE_COUNT 102
@ -571,5 +584,7 @@ struct rsa_st {
#define RSA_R_UNKNOWN_PADDING_TYPE 138
#define RSA_R_VALUE_MISSING 139
#define RSA_R_WRONG_SIGNATURE_LENGTH 140
#define RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES 141
#define RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY 142
#endif /* OPENSSL_HEADER_RSA_H */

3
include/openssl/stack.h
View File

@ -140,11 +140,12 @@ STACK_OF(type) {\
* STACK_OF:GENERAL_NAMES
* STACK_OF:GENERAL_SUBTREE
* STACK_OF:MIME_HEADER
* STACK_OF:PKCS7_SIGNER_INFO
* STACK_OF:PKCS7_RECIP_INFO
* STACK_OF:PKCS7_SIGNER_INFO
* STACK_OF:POLICYINFO
* STACK_OF:POLICYQUALINFO
* STACK_OF:POLICY_MAPPING
* STACK_OF:RSA_additional_prime
* STACK_OF:SSL_COMP
* STACK_OF:STACK_OF_X509_NAME_ENTRY
* STACK_OF:SXNETID

2923
include/openssl/stack_macros.h
View File

File diff suppressed because it is too large Load Diff

1
tool/CMakeLists.txt
View File

@ -7,6 +7,7 @@ add_executable(
client.cc
const.cc
digest.cc
genrsa.cc
pkcs12.cc
rand.cc
server.cc

26
tool/args.cc
View File

@ -15,6 +15,7 @@
#include <string>
#include <vector>
#include <limits.h>
#include <stdio.h>
#include <string.h>
@ -75,3 +76,28 @@ void PrintUsage(const struct argument *templates) {
fprintf(stderr, "%s\t%s\n", templ->name, templ->description);
}
}
bool GetUnsigned(unsigned *out, const std::string &arg_name,
unsigned default_value,
const std::map<std::string, std::string> &args) {
const auto &it = args.find(arg_name);
if (it == args.end()) {
*out = default_value;
return true;
}
const std::string &value = it->second;
if (value.empty()) {
return false;
}
char *endptr;
unsigned long int num = strtoul(value.c_str(), &endptr, 10);
if (*endptr ||
num > UINT_MAX) {
return false;
}
*out = num;
return true;
}

111
tool/const.cc
View File

@ -323,4 +323,113 @@ uint8_t kDERRSAPrivate4096[] = {
size_t kDERRSAPrivate4096Len = sizeof(kDERRSAPrivate4096);
}
uint8_t kDERRSAPrivate3Prime2048[] = {
0x30, 0x82, 0x04, 0xd7, 0x02, 0x01, 0x01, 0x02, 0x82, 0x01, 0x00, 0x62,
0x91, 0xe9, 0xea, 0xb3, 0x5d, 0x6c, 0x29, 0xae, 0x21, 0x83, 0xbb, 0xb5,
0x82, 0xb1, 0x9e, 0xea, 0xe0, 0x64, 0x5b, 0x1e, 0x2f, 0x5e, 0x2c, 0x0a,
0x80, 0x3d, 0x29, 0xd4, 0xfa, 0x9a, 0xe7, 0x44, 0xe6, 0x21, 0xbd, 0x98,
0xc0, 0x3d, 0xe0, 0x53, 0x59, 0xae, 0xd3, 0x3e, 0xfe, 0xc4, 0xc2, 0xc4,
0x5a, 0x5a, 0x89, 0x07, 0xf4, 0x4f, 0xdc, 0xb0, 0x6a, 0xd4, 0x3e, 0x99,
0x7d, 0x7a, 0x97, 0x26, 0x4e, 0xe1, 0x93, 0xca, 0x6e, 0xed, 0x07, 0xfc,
0xb4, 0xfa, 0x95, 0x1e, 0x73, 0x7b, 0x86, 0x08, 0x6a, 0xb9, 0xd4, 0x29,
0xb0, 0x7e, 0x59, 0xb7, 0x9d, 0x7b, 0xeb, 0x67, 0x6e, 0xf0, 0xbb, 0x5e,
0xcf, 0xb9, 0xcd, 0x58, 0x93, 0xf0, 0xe7, 0x88, 0x17, 0x6c, 0x0d, 0x76,
0x1e, 0xb9, 0x27, 0x9a, 0x4d, 0x02, 0x16, 0xb6, 0x49, 0x6d, 0xa7, 0x83,
0x23, 0x4d, 0x02, 0x48, 0x0c, 0x0c, 0x1f, 0x0e, 0x85, 0x21, 0xe3, 0x06,
0x76, 0x0a, 0x73, 0xe6, 0xc1, 0x21, 0xfa, 0x30, 0x18, 0x78, 0x29, 0x5c,
0x31, 0xd0, 0x29, 0xae, 0x6f, 0x7d, 0x87, 0xd8, 0x2f, 0x16, 0xfa, 0xbc,
0x67, 0x8a, 0x94, 0x71, 0x59, 0x9b, 0xec, 0x22, 0x40, 0x55, 0x9f, 0xc2,
0x94, 0xb5, 0xbd, 0x78, 0x01, 0xc9, 0xef, 0x18, 0xc8, 0x6d, 0x0d, 0xdc,
0x53, 0x42, 0xb2, 0x5c, 0xab, 0x65, 0x05, 0xbd, 0x35, 0x08, 0x85, 0x1b,
0xf8, 0xe9, 0x47, 0xbc, 0xfe, 0xc5, 0xae, 0x47, 0x29, 0x63, 0x44, 0x8e,
0x4d, 0xb7, 0x47, 0xab, 0x0d, 0xd8, 0x76, 0x68, 0x4f, 0xc7, 0x07, 0x02,
0xe4, 0x86, 0xb0, 0xcf, 0xd8, 0x19, 0xad, 0xf4, 0x85, 0x76, 0x8b, 0x3b,
0x4e, 0x40, 0x8d, 0x29, 0x7a, 0x8a, 0x07, 0x36, 0xf3, 0x78, 0xae, 0x17,
0xa6, 0x8f, 0x53, 0x58, 0x65, 0x4c, 0x86, 0x9e, 0xd7, 0x8b, 0xec, 0x38,
0x4f, 0x99, 0xc7, 0x02, 0x01, 0x03, 0x02, 0x82, 0x01, 0x00, 0x41, 0xb6,
0x9b, 0xf1, 0xcc, 0xe8, 0xf2, 0xc6, 0x74, 0x16, 0x57, 0xd2, 0x79, 0x01,
0xcb, 0xbf, 0x47, 0x40, 0x42, 0xe7, 0x69, 0x74, 0xe9, 0x72, 0xb1, 0xaa,
0xd3, 0x71, 0x38, 0xa7, 0x11, 0xef, 0x83, 0x44, 0x16, 0x7e, 0x65, 0xd5,
0x7e, 0x95, 0x8c, 0xe6, 0x74, 0x8c, 0xd4, 0xa9, 0xd8, 0x81, 0xd8, 0x3c,
0x3c, 0x5b, 0x5a, 0xa2, 0xdf, 0xe8, 0x75, 0x9c, 0x8d, 0x7f, 0x10, 0xfe,
0x51, 0xba, 0x19, 0x89, 0xeb, 0xb7, 0xdc, 0x49, 0xf3, 0x5a, 0xa8, 0x78,
0xa7, 0x0e, 0x14, 0x4c, 0xfd, 0x04, 0x05, 0x9c, 0x7b, 0xe2, 0xc5, 0xa3,
0x04, 0xee, 0xd9, 0x4c, 0xfd, 0x7d, 0x47, 0xb0, 0x0d, 0x9b, 0x3d, 0x70,
0x91, 0x81, 0x2c, 0xab, 0x2b, 0x87, 0xad, 0x11, 0x68, 0x24, 0xfc, 0x2b,
0xd4, 0xee, 0x5e, 0x28, 0xeb, 0x6d, 0xab, 0xde, 0x0f, 0x77, 0x15, 0x58,
0x76, 0x39, 0xc9, 0x59, 0x3a, 0x7f, 0x19, 0x9d, 0xc6, 0x7e, 0x86, 0xe4,
0xd5, 0x38, 0x70, 0x9e, 0xae, 0xb9, 0xfb, 0x33, 0x33, 0xd1, 0x0c, 0x2d,
0xab, 0x01, 0x20, 0xe1, 0x8b, 0x29, 0x99, 0xd3, 0xeb, 0x87, 0x05, 0x72,
0xaa, 0x43, 0x58, 0x64, 0x8e, 0x9e, 0x31, 0xdb, 0x45, 0x9b, 0x2b, 0xac,
0x58, 0x80, 0x5d, 0x33, 0xa2, 0x43, 0x05, 0x96, 0xcc, 0xca, 0x2d, 0x04,
0x5f, 0xd6, 0xb7, 0x3d, 0x8b, 0x8f, 0x2d, 0xa3, 0xa5, 0xf8, 0x73, 0xf5,
0xd7, 0xc0, 0x19, 0xff, 0x10, 0xe6, 0xee, 0x3a, 0x26, 0x2f, 0xe1, 0x64,
0x3d, 0x11, 0xcd, 0x2d, 0xe4, 0x0a, 0x84, 0x27, 0xe3, 0xcb, 0x16, 0x62,
0x19, 0xe7, 0xe3, 0x0d, 0x13, 0xe8, 0x09, 0x5a, 0x53, 0xd0, 0x20, 0x56,
0x15, 0xf5, 0xb3, 0x67, 0xac, 0xa1, 0xb5, 0x94, 0x6b, 0xab, 0xdc, 0x71,
0xc7, 0xbf, 0x0a, 0xde, 0x76, 0xf5, 0x03, 0xa0, 0x30, 0xd8, 0x27, 0x9d,
0x00, 0x2b, 0x02, 0x57, 0x00, 0xf1, 0x4f, 0xc2, 0x86, 0x13, 0x06, 0x17,
0xf7, 0x69, 0x7e, 0x37, 0xdf, 0x67, 0xc5, 0x32, 0xa0, 0x74, 0x1c, 0x32,
0x69, 0x0f, 0x9f, 0x08, 0x88, 0x24, 0xb1, 0x51, 0xbc, 0xbc, 0x92, 0xba,
0x73, 0x1f, 0x9c, 0x75, 0xc2, 0x14, 0x6d, 0x4f, 0xc4, 0x5a, 0xcf, 0xda,
0x44, 0x35, 0x00, 0x6b, 0x42, 0x3b, 0x9f, 0x14, 0xf1, 0x05, 0xb3, 0x51,
0x22, 0xb6, 0xbe, 0x9c, 0xe0, 0xc1, 0x5c, 0x48, 0x61, 0xdf, 0x4e, 0x4c,
0x72, 0xb8, 0x05, 0x35, 0x7c, 0xac, 0xf1, 0xbb, 0xa0, 0x3b, 0x2a, 0xea,
0xf7, 0x86, 0xe9, 0xd2, 0xff, 0x1e, 0x1d, 0x02, 0x56, 0x00, 0xca, 0xb1,
0x39, 0xf6, 0xa2, 0xc6, 0x3b, 0x65, 0x45, 0x2f, 0x39, 0x00, 0xcd, 0x6e,
0xd6, 0x55, 0xf7, 0x71, 0x37, 0x89, 0xc2, 0xe7, 0x7a, 0xc0, 0x1a, 0xa6,
0x2f, 0xea, 0x17, 0x7c, 0xaa, 0x2a, 0x91, 0x8f, 0xd4, 0xc7, 0x50, 0x8b,
0xab, 0x8e, 0x99, 0x3b, 0x33, 0x91, 0xbc, 0x02, 0x10, 0x58, 0x4b, 0x58,
0x40, 0x9b, 0xc4, 0x8f, 0x48, 0x2b, 0xa7, 0x44, 0xfd, 0x07, 0x04, 0xf0,
0x98, 0x67, 0x56, 0xea, 0x25, 0x92, 0x8b, 0x2e, 0x4b, 0x4a, 0xa1, 0xd3,
0xc2, 0xa4, 0xb4, 0x9b, 0x59, 0x70, 0x32, 0xa6, 0xd8, 0x8b, 0xd9, 0x02,
0x57, 0x00, 0xa0, 0xdf, 0xd7, 0x04, 0x0c, 0xae, 0xba, 0xa4, 0xf0, 0xfe,
0xcf, 0xea, 0x45, 0x2e, 0x21, 0xc0, 0x4d, 0x68, 0x21, 0x9b, 0x5f, 0xbf,
0x5b, 0x05, 0x6d, 0xcb, 0x8b, 0xd3, 0x28, 0x61, 0xd1, 0xa2, 0x15, 0x12,
0xf9, 0x2c, 0x0d, 0x9e, 0x35, 0x2d, 0x91, 0xdf, 0xe6, 0xd8, 0x23, 0x55,
0x9c, 0xd6, 0xd2, 0x6a, 0x0d, 0xf6, 0x03, 0xcc, 0xe0, 0xc1, 0xcf, 0x29,
0xbd, 0xeb, 0x2b, 0x92, 0xda, 0xeb, 0xea, 0x34, 0x32, 0xf7, 0x25, 0x58,
0xce, 0x53, 0x1d, 0xf6, 0x7d, 0x15, 0x7c, 0xc7, 0x47, 0x4f, 0xaf, 0x46,
0x8c, 0xaa, 0x14, 0x13, 0x02, 0x56, 0x00, 0x87, 0x20, 0xd1, 0x4f, 0x17,
0x2e, 0xd2, 0x43, 0x83, 0x74, 0xd0, 0xab, 0x33, 0x9f, 0x39, 0x8e, 0xa4,
0xf6, 0x25, 0x06, 0x81, 0xef, 0xa7, 0x2a, 0xbc, 0x6e, 0xca, 0x9c, 0x0f,
0xa8, 0x71, 0x71, 0xb6, 0x5f, 0xe3, 0x2f, 0x8b, 0x07, 0xc7, 0xb4, 0x66,
0x27, 0x77, 0xb6, 0x7d, 0x56, 0xb5, 0x90, 0x32, 0x3a, 0xd5, 0xbd, 0x2d,
0xb4, 0xda, 0xc7, 0xc4, 0xd8, 0xa8, 0xaf, 0x58, 0xa0, 0x65, 0x9a, 0x39,
0xf1, 0x6e, 0x61, 0xb2, 0x1e, 0xdc, 0xdc, 0x6b, 0xe2, 0x81, 0xc3, 0x23,
0x12, 0x3b, 0xa0, 0x21, 0xc4, 0x90, 0x5d, 0x3b, 0x02, 0x57, 0x00, 0xe6,
0x8a, 0xaa, 0xb8, 0x6d, 0x2c, 0x81, 0x43, 0xb5, 0xd6, 0xa0, 0x2b, 0x42,
0x49, 0xa9, 0x0a, 0x51, 0xfa, 0x18, 0xc8, 0x32, 0xea, 0x54, 0x18, 0xf3,
0x60, 0xc2, 0xb5, 0x4a, 0x43, 0x05, 0x93, 0x9c, 0x01, 0xd9, 0x28, 0xed,
0x73, 0xfa, 0x82, 0xbc, 0x12, 0x64, 0xcb, 0xc4, 0x24, 0xa9, 0x3e, 0xae,
0x7c, 0x4b, 0x8f, 0x94, 0x57, 0x7b, 0x14, 0x10, 0x41, 0xdc, 0x62, 0x12,
0x8c, 0xb2, 0x4a, 0x7c, 0xf6, 0x53, 0xd4, 0xc6, 0xe4, 0xda, 0xd1, 0xa2,
0x00, 0x0e, 0x3d, 0x30, 0xf7, 0x05, 0x4f, 0x1d, 0x82, 0xbc, 0x52, 0xd9,
0xb1, 0x30, 0x82, 0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x02, 0x56, 0x00,
0x84, 0x12, 0x4f, 0xf7, 0x3b, 0x65, 0x53, 0x34, 0x6c, 0x6c, 0x4d, 0x77,
0xdf, 0xfd, 0x1f, 0xb6, 0x16, 0xe2, 0x25, 0x15, 0xca, 0xc9, 0xc1, 0x41,
0x9a, 0x50, 0xda, 0xeb, 0x88, 0x4f, 0x3d, 0xb3, 0x01, 0x00, 0x44, 0xc4,
0xac, 0xe7, 0x14, 0x62, 0xa6, 0x56, 0xde, 0xc5, 0xb7, 0xc3, 0x1d, 0x07,
0xbd, 0x7d, 0x64, 0xc5, 0x7e, 0x45, 0x25, 0x56, 0xed, 0x7a, 0xd2, 0x14,
0xdb, 0x4e, 0x27, 0xd4, 0x1f, 0xf8, 0x94, 0xa7, 0xef, 0x07, 0xce, 0xdb,
0x24, 0xb7, 0xdd, 0x71, 0x5c, 0x63, 0xc9, 0x33, 0xfe, 0xde, 0x40, 0x52,
0xeb, 0x02, 0x55, 0x58, 0x0c, 0x35, 0x4f, 0x7c, 0xee, 0x37, 0x78, 0x48,
0x48, 0x33, 0xa5, 0x3f, 0xfe, 0x15, 0x24, 0x0f, 0x41, 0x6e, 0x0e, 0x87,
0x31, 0x2b, 0x81, 0x11, 0x8b, 0x3c, 0x9d, 0x05, 0x8a, 0x29, 0x22, 0x00,
0xaa, 0xd8, 0x83, 0x1d, 0xef, 0x62, 0xec, 0x6e, 0xe4, 0x94, 0x83, 0xcf,
0xd7, 0x68, 0xaf, 0xd3, 0xa8, 0xed, 0xd8, 0xfe, 0xd8, 0xc3, 0x8f, 0x48,
0xfc, 0x8c, 0x0d, 0xe7, 0x89, 0x6f, 0xe2, 0xbf, 0xfb, 0x0d, 0xc5, 0x4a,
0x05, 0x34, 0x92, 0x18, 0x7a, 0x93, 0xa0, 0xe8, 0x42, 0x86, 0x22, 0xa9,
0xe9, 0x80, 0x37, 0x47, 0x02, 0x55, 0x60, 0x76, 0xab, 0xde, 0x2b, 0xf5,
0xa2, 0x2c, 0xaa, 0x0c, 0x99, 0x81, 0xee, 0x72, 0x2c, 0x7d, 0x22, 0x59,
0x2a, 0x35, 0xea, 0x50, 0x4e, 0x47, 0x6b, 0x92, 0x2d, 0x30, 0xa1, 0x01,
0xa5, 0x9e, 0x26, 0x6e, 0x27, 0xca, 0xf5, 0xf2, 0x87, 0x5d, 0x31, 0xaf,
0xe9, 0x32, 0xcd, 0x10, 0xfd, 0x4d, 0xdb, 0xf9, 0x86, 0x05, 0x12, 0x1b,
0x01, 0x84, 0x55, 0x97, 0x5f, 0xe2, 0x78, 0x27, 0xd9, 0xe4, 0x26, 0x7d,
0xab, 0x0e, 0xe0, 0x1b, 0x6f, 0xcb, 0x4b, 0x14, 0xdd, 0xdc, 0xdc, 0x8b,
0xe8, 0x9f, 0xd0, 0x62, 0x96, 0xca, 0xcf,
};
size_t kDERRSAPrivate3Prime2048Len = sizeof(kDERRSAPrivate3Prime2048);
} /* extern "C" */

69
tool/genrsa.cc Normal file
View File

@ -0,0 +1,69 @@
/* Copyright (c) 2015, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include "../crypto/test/scoped_types.h"
#include "internal.h"
static const struct argument kArguments[] = {
{
"-nprimes", kOptionalArgument,
"The number of primes to generate (default: 2)",
},
{
"-bits", kOptionalArgument,
"The number of bits in the modulus (default: 2048)",
},
{
"", kOptionalArgument, "",
},
};
bool GenerateRSAKey(const std::vector<std::string> &args) {
std::map<std::string, std::string> args_map;
if (!ParseKeyValueArguments(&args_map, args, kArguments)) {
PrintUsage(kArguments);
return false;
}
unsigned bits, nprimes;
if (!GetUnsigned(&bits, "-bits", 2048, args_map) ||
!GetUnsigned(&nprimes, "-nprimes", 2, args_map)) {
PrintUsage(kArguments);
return false;
}
ScopedRSA rsa(RSA_new());
ScopedBIGNUM e(BN_new());
ScopedBIO bio(BIO_new_fp(stdout, BIO_NOCLOSE));
if (!BN_set_word(e.get(), RSA_F4) ||
!RSA_generate_multi_prime_key(rsa.get(), bits, nprimes, e.get(), NULL) ||
!PEM_write_bio_RSAPrivateKey(bio.get(), rsa.get(), NULL /* cipher */,
NULL /* key */, 0 /* key len */,
NULL /* password callback */,
NULL /* callback arg */)) {
ERR_print_errors_fp(stderr);
return false;
}
return true;
}

4
tool/internal.h
View File

@ -49,5 +49,9 @@ bool ParseKeyValueArguments(std::map<std::string, std::string> *out_args, const
void PrintUsage(const struct argument *templates);
bool GetUnsigned(unsigned *out, const std::string &arg_name,
unsigned default_value,
const std::map<std::string, std::string> &args);
#endif /* !OPENSSL_HEADER_TOOL_INTERNAL_H */

16
tool/speed.cc
View File

@ -44,6 +44,8 @@ extern const uint8_t kDERRSAPrivate2048[];
extern size_t kDERRSAPrivate2048Len;
extern const uint8_t kDERRSAPrivate4096[];
extern size_t kDERRSAPrivate4096Len;
extern const uint8_t kDERRSAPrivate3Prime2048[];
extern size_t kDERRSAPrivate3Prime2048Len;
}
// TimeResults represents the results of benchmarking a function.
@ -429,6 +431,20 @@ bool Speed(const std::vector<std::string> &args) {
RSA_free(key);
key = NULL;
inp = kDERRSAPrivate3Prime2048;
if (NULL == d2i_RSAPrivateKey(&key, &inp, kDERRSAPrivate3Prime2048Len)) {
fprintf(stderr, "Failed to parse RSA key.\n");
ERR_print_errors_fp(stderr);
return false;
}
if (!SpeedRSA("RSA 2048 (3 prime, e=3)", key, selected)) {
return false;
}
RSA_free(key);
key = NULL;
inp = kDERRSAPrivate4096;
if (NULL == d2i_RSAPrivateKey(&key, &inp, kDERRSAPrivate4096Len)) {
fprintf(stderr, "Failed to parse 4096-bit RSA key.\n");

20
tool/tool.cc
View File

@ -27,16 +27,17 @@
bool Client(const std::vector<std::string> &args);
bool Server(const std::vector<std::string> &args);
bool DoPKCS12(const std::vector<std::string> &args);
bool GenerateRSAKey(const std::vector<std::string> &args);
bool MD5Sum(const std::vector<std::string> &args);
bool Rand(const std::vector<std::string> &args);
bool SHA1Sum(const std::vector<std::string> &args);
bool SHA224Sum(const std::vector<std::string> &args);
bool SHA256Sum(const std::vector<std::string> &args);
bool SHA384Sum(const std::vector<std::string> &args);
bool SHA512Sum(const std::vector<std::string> &args);
bool DoPKCS12(const std::vector<std::string> &args);
bool Server(const std::vector<std::string> &args);
bool Speed(const std::vector<std::string> &args);
bool Rand(const std::vector<std::string> &args);
typedef bool (*tool_func_t)(const std::vector<std::string> &args);
@ -46,19 +47,20 @@ struct Tool {
};
static const Tool kTools[] = {
{ "speed", Speed },
{ "pkcs12", DoPKCS12 },
{ "client", Client },
{ "s_client", Client },
{ "server", Server },
{ "s_server", Server },
{ "genrsa", GenerateRSAKey },
{ "md5sum", MD5Sum },
{ "pkcs12", DoPKCS12 },
{ "rand", Rand },
{ "s_client", Client },
{ "s_server", Server },
{ "server", Server },
{ "sha1sum", SHA1Sum },
{ "sha224sum", SHA224Sum },
{ "sha256sum", SHA256Sum },
{ "sha384sum", SHA384Sum },
{ "sha512sum", SHA512Sum },
{ "rand", Rand },
{ "speed", Speed },
{ "", nullptr },
};