Use param API to create RSA key

nikic · nikic · commit 3724b49aa953 · 2021-08-09T17:02:17.000+02:00
Instead of deprecated low-level API. A caveat here is that when using the high-level API, OpenSSL 3 requires that if the prime factors are set, the CRT parameters are also set. See openssl/openssl#16271. As such, add CRT parameters to the manual construction test. This fixes the last deprecation warnings in openssl.c, but there are more elsewhere.
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
@@ -3789,8 +3789,8 @@ static void php_openssl_add_bn_to_array(zval *ary, const BIGNUM *bn, const char
 		} \
 	} while (0);
 
-/* {{{ php_openssl_pkey_init_rsa */
-static bool php_openssl_pkey_init_and_assign_rsa(EVP_PKEY *pkey, RSA *rsa, zval *data)
+#if PHP_OPENSSL_API_VERSION < 0x30000
+static bool php_openssl_pkey_init_legacy_rsa(RSA *rsa, zval *data)
 {
 	BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
 
@@ -3814,12 +3814,102 @@ static bool php_openssl_pkey_init_and_assign_rsa(EVP_PKEY *pkey, RSA *rsa, zval
 		return 0;
 	}
 
-	if (!EVP_PKEY_assign_RSA(pkey, rsa)) {
+	return 1;
+}
+#endif
+
+static EVP_PKEY *php_openssl_pkey_init_rsa(zval *data)
+{
+#if PHP_OPENSSL_API_VERSION >= 0x30000
+	BIGNUM *n = NULL, *e = NULL, *d = NULL, *p = NULL, *q = NULL;
+	BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
+	EVP_PKEY *pkey = NULL;
+	EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+	OSSL_PARAM *params = NULL;
+	OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();
+
+	OPENSSL_PKEY_SET_BN(data, n);
+	OPENSSL_PKEY_SET_BN(data, e);
+	OPENSSL_PKEY_SET_BN(data, d);
+	OPENSSL_PKEY_SET_BN(data, p);
+	OPENSSL_PKEY_SET_BN(data, q);
+	OPENSSL_PKEY_SET_BN(data, dmp1);
+	OPENSSL_PKEY_SET_BN(data, dmq1);
+	OPENSSL_PKEY_SET_BN(data, iqmp);
+
+	if (!ctx || !bld || !n || !d) {
+		goto cleanup;
+	}
+
+	OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n);
+	OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d);
+	if (e) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e);
+	}
+	if (p) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR1, p);
+	}
+	if (q) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_FACTOR2, q);
+	}
+	if (dmp1) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT1, dmp1);
+	}
+	if (dmq1) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_EXPONENT2, dmq1);
+	}
+	if (iqmp) {
+		OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, iqmp);
+	}
+
+	params = OSSL_PARAM_BLD_to_param(bld);
+	if (!params) {
+		goto cleanup;
+	}
+
+	if (EVP_PKEY_fromdata_init(ctx) <= 0 ||
+			EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0) {
+		goto cleanup;
+	}
+
+cleanup:
+	php_openssl_store_errors();
+	EVP_PKEY_CTX_free(ctx);
+	OSSL_PARAM_free(params);
+	OSSL_PARAM_BLD_free(bld);
+	BN_free(n);
+	BN_free(e);
+	BN_free(d);
+	BN_free(p);
+	BN_free(q);
+	BN_free(dmp1);
+	BN_free(dmq1);
+	BN_free(iqmp);
+	return pkey;
+#else
+	EVP_PKEY *pkey = EVP_PKEY_new();
+	if (!pkey) {
 		php_openssl_store_errors();
-		return 0;
+		return NULL;
 	}
 
-	return 1;
+	RSA *rsa = RSA_new();
+	if (!rsa) {
+		php_openssl_store_errors();
+		EVP_PKEY_free(pkey);
+		return NULL;
+	}
+
+	if (!php_openssl_pkey_init_legacy_rsa(rsa, data)
+			|| !EVP_PKEY_assign_RSA(pkey, rsa)) {
+		php_openssl_store_errors();
+		EVP_PKEY_free(pkey);
+		RSA_free(rsa);
+		return NULL;
+	}
+
+	return pkey;
+#endif
 }
 
 #if PHP_OPENSSL_API_VERSION < 0x30000
@@ -4363,23 +4453,12 @@ PHP_FUNCTION(openssl_pkey_new)
 
 		if ((data = zend_hash_str_find(Z_ARRVAL_P(args), "rsa", sizeof("rsa")-1)) != NULL &&
 			Z_TYPE_P(data) == IS_ARRAY) {
-			pkey = EVP_PKEY_new();
-			if (pkey) {
-				RSA *rsa = RSA_new();
-				if (rsa) {
-					if (php_openssl_pkey_init_and_assign_rsa(pkey, rsa, data)) {
-						php_openssl_pkey_object_init(return_value, pkey, /* is_private */ true);
-						return;
-					}
-					RSA_free(rsa);
-				} else {
-					php_openssl_store_errors();
-				}
-				EVP_PKEY_free(pkey);
-			} else {
-				php_openssl_store_errors();
+			pkey = php_openssl_pkey_init_rsa(data);
+			if (!pkey) {
+				RETURN_FALSE;
 			}
-			RETURN_FALSE;
+			php_openssl_pkey_object_init(return_value, pkey, /* is_private */ true);
+			return;
 		} else if ((data = zend_hash_str_find(Z_ARRVAL_P(args), "dsa", sizeof("dsa") - 1)) != NULL &&
 			Z_TYPE_P(data) == IS_ARRAY) {
 			bool is_private;
diff --git a/ext/openssl/tests/openssl_pkey_new_basic.phpt b/ext/openssl/tests/openssl_pkey_new_basic.phpt
@@ -26,13 +26,21 @@ $phex = "EECFAE81B1B9B3C908810B10A1B5600199EB9F44AEF4FDA493B81A9E3D84F632" .
 $qhex = "C97FB1F027F453F6341233EAAAD1D9353F6C42D08866B1D05A0F2035028B9D86" .
         "9840B41666B42E92EA0DA3B43204B5CFCE3352524D0416A5A441E700AF461503";
 
+$dphex = "11";
+$dqhex = "11";
+$qinvhex = "b06c4fdabb6301198d265bdbae9423b380f271f73453885093077fcd39e2119f" .
+           "c98632154f5883b167a967bf402b4e9e2e0f9656e698ea3666edfb25798039f7";
+
 $rsa= openssl_pkey_new(array(
     'rsa' => array(
         'n' => hex2bin($nhex),
         'e' => hex2bin($ehex),
         'd' => hex2bin($dhex),
         'p' => hex2bin($phex),
         'q' => hex2bin($qhex),
+        'dmp1' => hex2bin($dphex),
+        'dmq1' => hex2bin($dqhex),
+        'iqmp' => hex2bin($qinvhex),
     )
 ));
 $details = openssl_pkey_get_details($rsa);
@@ -42,6 +50,10 @@ openssl_pkey_test_cmp($ehex, $rsa_details['e']);
 openssl_pkey_test_cmp($dhex, $rsa_details['d']);
 openssl_pkey_test_cmp($phex, $rsa_details['p']);
 openssl_pkey_test_cmp($qhex, $rsa_details['q']);
+openssl_pkey_test_cmp($dphex, $rsa_details['dmp1']);
+openssl_pkey_test_cmp($dqhex, $rsa_details['dmq1']);
+openssl_pkey_test_cmp($qinvhex, $rsa_details['iqmp']);
+echo "\n";
 
 // DSA
 $phex = '00f8000ae45b2dacb47dd977d58b719d097bdf07cb2c17660ad898518c08' .
@@ -95,6 +107,10 @@ int(0)
 int(0)
 int(0)
 int(0)
+int(0)
+int(0)
+int(0)
+
 int(0)
 int(0)
 int(0)
