PEM_read_bio_RSAPublicKey equivalent API which returns EVP_PKEY

Paramashivaiah, Sunil Sunil.Paramashivaiah at rbbn.com
Wed Apr 14 11:26:21 UTC 2021


Hi Richard,

    Thanks for the reply. Maybe you misunderstood my query.

    As you suggested, I will use EVP_PKEY_CTX_new  to create ctx for using it in
   "EVP_PKEY_encrypt" and "EVP_PKEY_decrypt".

    But to create ctx , EVP_PKEY_CTX_new takes input  parameter as  EVP_PKEY.

    In our code with 1.0.2 version, "RSA_public_encrypt" and "RSA_public_decrypt" APIs
    were used and input parameter to these APIs was RSA key obtained using APIs "PEM_read_bio_RSAPublicKey"
    and "PEM_read_bio_RSA_PUBKEY" from two different kinds of pem format public keys.

   Please note that pem format Public key used is different in  "PEM_read_bio_RSAPublicKey" and  "PEM_read_bio_RSA_PUBKEY".
   one begins with "-----BEGIN PUBLIC KEY-----" and other begins with "-----BEGIN RSA PUBLIC KEY-----" and seems to be encoded differently
--------------------------------------------------------------------------------------------------------------------------------------------------
OLD CODE:
RSA *rsa = NULL;
BIO *keybio ;

keybio = BIO_new_mem_buf((void*)pembublickey, -1); // !!!

if (!keybio)
{
   return NULL;
}

if (isPKCS1 == false)
{
     rsa = PEM_read_bio_RSA_PUBKEY(keybio, NULL, NULL, NULL);
}
else
{
    rsa = PEM_read_bio_RSAPublicKey(keybio, NULL, NULL, NULL);
}
--------------------------------------------------------------------------------------------------------------------------------------------------

  Now my problem is to create EVP_PKEY to use it as input parameter to EVP_PKEY_CTX_new for different kind of
  pem public key I need two different APIs equivalent to PEM_read_bio_RSA_PUBKEY and PEM_read_bio_RSAPublicKey.

  From the Manual page, I found the replacement for "PEM_read_bio_RSA_PUBKEY" as "PEM_read_bio_PUBKEY" to get EVP_PKEY

  But I am unable to find replacement for PEM_read_bio_RSAPublicKey to get EVP_PKEY from 2nd type of pem public key.

  Please let me know what to use instead of PEM_read_bio_RSAPublicKey.

-------------------------------------------------------------------------------------------------------------------------------------------------------------
NEW CODE:

EVP_PKEY *evpkey = NULL;
BIO *keybio ;
keybio = BIO_new_mem_buf((void*)key, -1);

if (!keybio)
{
   return NULL;
}

if ( isPKCS1 == false )
{
   evpkey = PEM_read_bio_PUBKEY(keybio, NULL, NULL, NULL);
}
else
{
   // PROBLEM: what is the alternate API to replace PEM_read_bio_RSAPublicKey

}
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------



Thanks and Regards,
Sunil

________________________________
From: openssl-users <openssl-users-bounces at openssl.org> on behalf of openssl-users-request at openssl.org <openssl-users-request at openssl.org>
Sent: 12 April 2021 22:12
To: openssl-users at openssl.org <openssl-users at openssl.org>
Subject: openssl-users Digest, Vol 77, Issue 20

NOTICE: This email was received from an EXTERNAL sender.


Send openssl-users mailing list submissions to
        openssl-users at openssl.org

To subscribe or unsubscribe via the World Wide Web, visit
        https://clicktime.symantec.com/37QJxo4UvenQwPJPNZ1QT2K6H2?u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users
or, via email, send a message with subject or body 'help' to
        openssl-users-request at openssl.org

You can reach the person managing the list at
        openssl-users-owner at openssl.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssl-users digest..."


Today's Topics:

   1. Re: EVP_MAC_init() in 3.0 alpha 13 (Hal Murray)
   2. Re: EVP_MAC_init() in 3.0 alpha 13 (Tomas Mraz)
   3. Re: error: redefinition of ?struct rsa_meth_st? (Shariful Alam)
   4. Re: PEM_read_bio_RSAPublicKey equivalent API which returns
      EVP_PKEY (Richard Levitte)
   5. Re: error: redefinition of ?struct rsa_meth_st? (Matt Caswell)


----------------------------------------------------------------------

Message: 1
Date: Mon, 12 Apr 2021 05:48:57 -0700
From: Hal Murray <hmurray at megapathdsl.net>
To: Dr Paul Dale <pauli at openssl.org>
Cc: openssl-users at openssl.org
Subject: Re: EVP_MAC_init() in 3.0 alpha 13
Message-ID:
        <20210412124857.623AB40605C at ip-64-139-1-69.sjc.megapath.net>
Content-Type: text/plain; charset=us-ascii


> Did you attempt to pass NULL for the key and zero for it's length to the
> EVP_MAC_init() call?

Yes.

We can do better.  If we have to use dup/free, we can move the EVP_MAC_init()
to before the dup, out of the timing path.

My model is that initialization is 2 parts.  The first is turning the key into
a big table.  The second is initializing a small amount of state that is
whatever is needed/updated by EVP_MAC_update().

I was hoping that EVP_MAC_init() with NULL key would bypass the first step and
do the second.

If the second step involves a lot of computation we get into the space/time
tradeoff of computing it during step one and saving it in case EVP_MAC_init is
called with NULL key.

If there was a copy operation we could use it instead of dup/free.

Where is the code that does the key setup?  I expect it will be obvious after
I see it, but I don't know my way around that linkage yet.  I'm using the
default AES-128-CBC.

---------

I don't think I've said it explicitly, but thanks for the change to the API
for EVP_MAC_init()

----------

Should PKEY be a potentially interesting approach for something like this?  I
think it was suggested months ago.  One advantage is that the code works with
1.1.1.

It's horribly slow in 3.0

alpha14:
0.777 CMAC
7.533 PKEY
3.323 PKEY preload
0.392 EVP_MAC
0.308 EVP_MAC Preload with dup+free
0.102 EVP_MAC Preload (no dup, wrong answer)

1.1.1k:
0.285 CMAC
0.550 PKEY
0.196 PKEY preload



--
These are my opinions.  I hate spam.





------------------------------

Message: 2
Date: Mon, 12 Apr 2021 15:05:37 +0200
From: Tomas Mraz <tomas at openssl.org>
To: Hal Murray <hmurray at megapathdsl.net>, Dr Paul Dale
        <pauli at openssl.org>
Cc: openssl-users at openssl.org
Subject: Re: EVP_MAC_init() in 3.0 alpha 13
Message-ID:
        <348b006ceb83fd4301438cbb0c57b473a4f4ef23.camel at openssl.org>
Content-Type: text/plain; charset="UTF-8"

On Mon, 2021-04-12 at 05:48 -0700, Hal Murray wrote:
> > Did you attempt to pass NULL for the key and zero for it's length
> > to the
> > EVP_MAC_init() call?
>
> Yes.
>
> We can do better.  If we have to use dup/free, we can move the
> EVP_MAC_init()
> to before the dup, out of the timing path.
>
> My model is that initialization is 2 parts.  The first is turning the
> key into
> a big table.  The second is initializing a small amount of state that
> is
> whatever is needed/updated by EVP_MAC_update().
>
> I was hoping that EVP_MAC_init() with NULL key would bypass the first
> step and
> do the second.

We would have to introduce the special semantics similar to
EVP_CipherInit() with EVP_MAC_init(). I.e., that the EVP_CipherInit()
with NULL key keeps the key schedule from the previous initialization.

> If the second step involves a lot of computation we get into the
> space/time
> tradeoff of computing it during step one and saving it in case
> EVP_MAC_init is
> called with NULL key.
>
> If there was a copy operation we could use it instead of dup/free.

I do not think we want to introduce the copy operation. We are trying
to get out of the copy() pattern as it is much harder to handle
correctly than the dup().

> Where is the code that does the key setup?  I expect it will be
> obvious after
> I see it, but I don't know my way around that linkage yet.  I'm using
> the
> default AES-128-CBC.
>
> ---------
>
> I don't think I've said it explicitly, but thanks for the change to
> the API
> for EVP_MAC_init()
>
> ----------
>
> Should PKEY be a potentially interesting approach for something like
> this?  I
> think it was suggested months ago.  One advantage is that the code
> works with
> 1.1.1.
>
> It's horribly slow in 3.0
>
> alpha14:
> 0.777 CMAC
> 7.533 PKEY
> 3.323 PKEY preload
> 0.392 EVP_MAC
> 0.308 EVP_MAC Preload with dup+free
> 0.102 EVP_MAC Preload (no dup, wrong answer)
>
> 1.1.1k:
> 0.285 CMAC
> 0.550 PKEY
> 0.196 PKEY preload
>
>
>
--
Tom?? Mr?z
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]




------------------------------

Message: 3
Date: Mon, 12 Apr 2021 10:32:32 -0600
From: Shariful Alam <dipto181 at gmail.com>
To: Dr Paul Dale <pauli at openssl.org>
Cc: openssl-users at openssl.org
Subject: Re: error: redefinition of ?struct rsa_meth_st?
Message-ID:
        <CAA0KgGo3P96yHk8JZGT=c1oxqqHiqkntDPF406VFqecdj_HdEg at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

Dr. Pauli,
Goodmorning. Thank you for replying. I found the documentation a bit
difficult for me to understand. I was wondering if you can direct me to a
sample skeleton code for creating a custom RSA engine.

Regards,
Shariful Alam

On Sun, Apr 11, 2021 at 6:00 PM Dr Paul Dale <pauli at openssl.org> wrote:

> You shouldn't be accessing the internal of a private structure.  That
> structure was made private for a reason and duplicating it in your engine
> will break when we change the structure's contents.
>
> Your engine should be using the EVP_PKEY_meth_set_* function to do what
> you want (for 1.1.1).  For 3.0, you should be writing a provider instead.
>
>
> Pauli
>
> On 12/4/21 5:04 am, Shariful Alam wrote:
>
> Hello,
> Hope you guys are doing well. I'm trying to develop an RSA engine. My
> engine was somewhat working until I try to integrate my engine with an
> apache httpd server. After installing the httpd from the source code, it
> turns out that, I can't compile my engine anymore. I get the
> following error while I try to compile (it was compiling before and I did
> not make any changes to my engine code).
>
> ==============================
>
> *$gcc -fPIC -c r_engine.c*
>
>
>
>
>
>
> *r_engine.c:29:8: error: redefinition of ?struct rsa_meth_st?  struct
> rsa_meth_st {         ^ In file included from
> /usr/include/openssl/crypto.h:131:0,                  from r_engine.c:7:
> /usr/include/openssl/ossl_typ.h:147:16: note: originally defined here
>  typedef struct rsa_meth_st RSA_METHOD;*
>
> =============================
>
> and my *struct rsa_meth_st *looks like the following,
>
>
> ================================================================================
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *struct rsa_meth_st {     const char *name;     int (*rsa_pub_enc) (int
> flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding);
>     int (*rsa_pub_dec) (int flen, const unsigned char *from, unsigned char
> *to, RSA *rsa, int padding);     int (*rsa_priv_enc) (int flen, const
> unsigned char *from, unsigned char *to, RSA *rsa, int padding);     int
> (*rsa_priv_dec) (int flen, const unsigned char *from, unsigned char *to,
> RSA *rsa, int padding);     int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM
> *I, RSA *rsa, BN_CTX *ctx);     int (*bn_mod_exp) (BIGNUM *r, const BIGNUM
> *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
> int (*init) (RSA *rsa);     int (*finish) (RSA *rsa);     int flags;
> char *app_data;     int (*rsa_sign) (int type, const unsigned char *m,
> unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const
> RSA *rsa);     int (*rsa_verify) (int dtype, const unsigned char *m,
> unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen,
> const RSA *rsa);     int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e,
> BN_GENCB *cb); }; *
>
>
> =================================================================================
>
> My sample skeleton code is here https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA
>
> Can anyone please tell me what I'm I doing wrong?
>
> Regards,
> Shariful Alam
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://clicktime.symantec.com/3swRYpsU9KK78WoSiSrAfr6H2?u=https%3A%2F%2Fmta.openssl.org%2Fpipermail%2Fopenssl-users%2Fattachments%2F20210412%2F3eab5997%2Fattachment-0001.html>

------------------------------

Message: 4
Date: Mon, 12 Apr 2021 18:34:51 +0200
From: Richard Levitte <levitte at openssl.org>
To: "openssl-users at openssl.org" <openssl-users at openssl.org>
Subject: Re: PEM_read_bio_RSAPublicKey equivalent API which returns
        EVP_PKEY
Message-ID: <87h7kba2c4.wl-levitte at openssl.org>
Content-Type: text/plain; charset=US-ASCII

On Mon, 12 Apr 2021 06:24:32 +0200,
Paramashivaiah, Sunil wrote:
>
> But, I couldn't find equivallent API to replace "PEM_read_bio_RSAPublicKey" to get EVP_PKEY for
> creating EVP ctx(EVP_PKEY_CTX_new) to use in "EVP_PKEY_encrypt" and "EVP_PKEY_decrypt".

I believe that one of these functions would help you:

EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);

EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx,
                                         EVP_PKEY *pkey, const char *propquery);

Cheers,
Richard

--
Richard Levitte         levitte at openssl.org
OpenSSL Project         https://clicktime.symantec.com/3Mg1WCF9H66r4CYkJ5HJcfU6H2?u=http%3A%2F%2Fwww.openssl.org%2F~levitte%2F


------------------------------

Message: 5
Date: Mon, 12 Apr 2021 17:42:20 +0100
From: Matt Caswell <matt at openssl.org>
To: openssl-users at openssl.org
Subject: Re: error: redefinition of ?struct rsa_meth_st?
Message-ID: <f1a6c492-58f3-b35e-4f8b-186df020e080 at openssl.org>
Content-Type: text/plain; charset=utf-8; format=flowed

You can look at the dummy async engine which wraps the standard RSA
functions inside an engine (as well as various other crypto primitives).
You can see it here:

https://clicktime.symantec.com/36mWBLRZPoyFNTFYDsD2yZ26H2?u=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fblob%2FOpenSSL_1_1_1-stable%2Fengines%2Fe_dasync.c

Matt

On 12/04/2021 17:32, Shariful Alam wrote:
> Dr. Pauli,
> Goodmorning. Thank you for replying. I found the documentation a bit
> difficult for me to understand. I was wondering if you can direct me to
> a sample skeleton code for creating a custom RSA engine.
>
> Regards,
> Shariful Alam
>
> On Sun, Apr 11, 2021 at 6:00 PM Dr Paul Dale <pauli at openssl.org
> <mailto:pauli at openssl.org>> wrote:
>
>     You shouldn't be accessing the internal of a private structure. That
>     structure was made private for a reason and duplicating it in your
>     engine will break when we change the structure's contents.
>
>     Your engine should be using the EVP_PKEY_meth_set_* function to do
>     what you want (for 1.1.1).? For 3.0, you should be writing a
>     provider instead.
>
>
>     Pauli
>
>     On 12/4/21 5:04 am, Shariful Alam wrote:
>>     Hello,
>>     Hope you guys are doing well. I'm trying to develop an RSA engine.
>>     My engine was somewhat working until?I try to integrate my engine
>>     with an apache httpd server. After installing the httpd from the
>>     source code, it turns out that, I can't compile my engine anymore.
>>     I get the following?error while I try to compile (it was compiling
>>     before and I did not make any changes to my engine code).
>>
>>     ==============================
>>
>>     *$gcc -fPIC -c r_engine.c*
>>     *r_engine.c:29:8: error: redefinition of ?struct rsa_meth_st?
>>     ?struct rsa_meth_st {
>>     ? ? ? ? ^
>>     In file included from /usr/include/openssl/crypto.h:131:0,
>>     ? ? ? ? ? ? ? ? ?from r_engine.c:7:
>>     /usr/include/openssl/ossl_typ.h:147:16: note: originally defined here
>>     ?typedef struct rsa_meth_st RSA_METHOD;*
>>
>>     =============================
>>
>>     and my *struct rsa_meth_st *looks like the following,
>>
>>     ================================================================================
>>
>>     *struct rsa_meth_st {
>>
>>     ? ? const char *name;
>>     ? ? int (*rsa_pub_enc) (int flen, const unsigned char *from,
>>     unsigned char *to, RSA *rsa, int padding);
>>     ? ? int (*rsa_pub_dec) (int flen, const unsigned char *from,
>>     unsigned char *to, RSA *rsa, int padding);
>>     ? ? int (*rsa_priv_enc) (int flen, const unsigned char *from,
>>     unsigned char *to, RSA *rsa, int padding);
>>     ? ? int (*rsa_priv_dec) (int flen, const unsigned char *from,
>>     unsigned char *to, RSA *rsa, int padding);
>>
>>     ? ? int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa,
>>     BN_CTX *ctx);
>>
>>     ? ? int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM
>>     *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
>>
>>     ? ? int (*init) (RSA *rsa);
>>
>>     ? ? int (*finish) (RSA *rsa);
>>
>>     ? ? int flags;
>>
>>     ? ? char *app_data;
>>
>>     ? ? int (*rsa_sign) (int type, const unsigned char *m, unsigned
>>     int m_length, unsigned char *sigret, unsigned int *siglen, const
>>     RSA *rsa);
>>
>>     ? ? int (*rsa_verify) (int dtype, const unsigned char *m, unsigned
>>     int m_length, const unsigned char *sigbuf, unsigned int siglen,
>>     const RSA *rsa);
>>
>>     ? ? int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
>>
>>     };
>>     *
>>
>>     =================================================================================
>>
>>     My sample skeleton code is here https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA
>>     <https://clicktime.symantec.com/33X17gA39DAZvzaTx4AG8ej6H2?u=https%3A%2F%2Fpastebin.com%2FuNXYknEA>
>>
>>     Can anyone please tell me what I'm I doing wrong?
>>
>>     Regards,
>>     Shariful Alam
>


------------------------------

Subject: Digest Footer

_______________________________________________
openssl-users mailing list
openssl-users at openssl.org
https://clicktime.symantec.com/37QJxo4UvenQwPJPNZ1QT2K6H2?u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users


------------------------------

End of openssl-users Digest, Vol 77, Issue 20
*********************************************

Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210414/72c46086/attachment-0001.html>


More information about the openssl-users mailing list