Re: RSA provider use example

Matt Caswell <matt@xxxxxxxxxxx> · Mon, 27 Sep 2021 10:49:39 +0100

On 24/09/2021 16:51, Antonio Santagiuliana wrote:
Thank you for your reply.
I'm still a bit confused though.
In /providers/implementations/asymcipher/rsa_enc.c I find function
rsa_decrypt() that calls RSA_private_decrypt(prsactx->rsa)
I haven't found other implementation of this RSA_private_decrypt() apart 
from the one in crypto/RSA/rsa_crypt.c , where the RSA argument passed 
is used to call this:
rsa->meth->rsa_priv_dec()
I can't find where this pointer to method was set up. I can't find it in 
the init of the default provider's rsa_enc.c and if the app requesting 
this default RSA can't use the set_method() because deprecated, how is 
this rsa_priv_dec pointer set up?where is the set up of it?

The default method for an RSA object is initialised in RSA_new() here:

https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_lib.c#L93

The global default RSA method is initialised here:

https://github.com/openssl/openssl/blob/8b6a7da304d4fdd0de38ddd6037d8a02491e3e4e/crypto/rsa/rsa_ossl.c#L52-L62

This includes the default pointer for the rsa_priv_dec() function.

An app *can* request an alternative default through 
RSA_set_default_method(). It is deprecated not removed - so it is still 
supported. But this is not the way you are supposed to do things any 
more. Applications that don't use any deprecated functions will always 
end up in the default method if using the default provider. If you want 
a different RSA implementation then you should not use the default provider.

Matt

Thank you

On Fri, 24 Sep 2021, 15:02 Matt Caswell, <matt@xxxxxxxxxxx 
<mailto:matt@xxxxxxxxxxx>> wrote:

    On 24/09/2021 14:49, Antonio Santagiuliana wrote:
     > Hello , thank you all for the replies. Very useful.
     > I have seen in Openssl/crypto/RSA/rsa_local.h the definition of
    rsa_st
     > has a pointer to RSA_METHOD and I can't see this filled in in any
    of the
     > examples' set up or initializations, where is it filled in for the
     > default provider , for the RSA algorithm?
     > I can see the methods pointers are used later down in the call chain
     > from RSA_private_decrypt() in
     > providers/implementation/asymciphers/rsa_enc but I can't find where
     > these methods' pointers are set and I would like to understand how I
     > could pass a different method pointer in the parameters for a
    different
     > mod_exp operation , for example, or how I could set it on a
    completely
     > new RSA implementation mimicking the one in the default provider but
     > with different methods where I need them changed, minimizing the
     > differences with the default provider's RSA.

    The default RSA_METHOD structure to use can be set via
    RSA_set_default_method():

    https://www.openssl.org/docs/man3.0/man3/RSA_set_default_method.html
    <https://www.openssl.org/docs/man3.0/man3/RSA_set_default_method.html>

    You can construct such an RSA_METHOD using the functions described here:

    https://www.openssl.org/docs/man3.0/man3/RSA_meth_new.html
    <https://www.openssl.org/docs/man3.0/man3/RSA_meth_new.html>

    However all of the above is considered deprecated and legacy and may be
    removed from a future version of OpenSSL.

    Instead you are supposed to implement such things in a new provider.
    For
    example see:

    https://www.openssl.org/docs/man3.0/man7/provider-base.html
    <https://www.openssl.org/docs/man3.0/man7/provider-base.html>
    https://www.openssl.org/docs/man3.0/man7/provider.html
    <https://www.openssl.org/docs/man3.0/man7/provider.html>
    https://www.openssl.org/docs/man3.0/man7/provider-signature.html
    <https://www.openssl.org/docs/man3.0/man7/provider-signature.html>
    https://www.openssl.org/docs/man3.0/man7/provider-keymgmt.html
    <https://www.openssl.org/docs/man3.0/man7/provider-keymgmt.html>

    Matt

     > Thank you
     >
     >
     > On Fri, 24 Sep 2021, 12:22 Matt Caswell, <matt@xxxxxxxxxxx
    <mailto:matt@xxxxxxxxxxx>
     > <mailto:matt@xxxxxxxxxxx <mailto:matt@xxxxxxxxxxx>>> wrote:
     >
     >
     >
     >     On 24/09/2021 12:17, Dr Paul Dale wrote:
     >      > What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c
     >      > 3.0 doesn't use the RSA structure in the non-deprecated
    public API.
     >      >
     >      > You probably want the EVP_PKEY_fromdata call.
     >
     >     An example of building an RSA key from its constituent parts is
     >     available on the EVP_PKEY_fromdata() man page:
     >
     > https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html
    <https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html>
     >   
      <https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html
    <https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html>>
     >
     >     Matt
     >
     >
     >      >
     >      >
     >      > Pauli
     >      >
     >      >
     >      > On 24/9/21 8:55 pm, Antonio Santagiuliana wrote:
     >      >> Hello
     >      >> Is there any app or command in the current Openssl master
     >     repository
     >      >> that initialises and uses the new RSA provider?
     >      >> I would like to see how the RSA* context parameter is
    filled in and
     >      >> used, but I can't find an example using the RSA provider.
     >      >>
     >      >>
     >      >> Thank you
     >      >>
     >      >
     >