Is this a bug in openssl provider?

Afshin Pir Afshin.Pir at gallagher.com
Wed Mar 1 02:07:17 UTC 2023 

Hi

Since I'm writing a small provider, I'm reading openssl provider source to use as learning tool. Today, I noticed something strange in RSA key management here: https://github.com/openssl/openssl/blob/3307338e26862070eaacad6ec7537a63a63b8a90/providers/implementations/keymgmt/rsa_kmgmt.c#L115-L133

The rsa_has() method is written like this:
static int rsa_has(const void *keydata, int selection)
{
    const RSA *rsa = keydata;
    int ok = 1;

    if (rsa == NULL || !ossl_prov_is_running())
        return 0;
    if ((selection & RSA_POSSIBLE_SELECTIONS) == 0)
        return 1; /* the selection is not missing */

    /* OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS are always available even if empty */
    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
        ok = ok && (RSA_get0_e(rsa) != NULL);
    if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
        ok = ok && (RSA_get0_n(rsa) != NULL);
    if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
        ok = ok && (RSA_get0_d(rsa) != NULL);
    return ok;
}

But I think selection of OSSL_KEYMGMT_SELECT_KEYPAIR and OSSL_KEYMGMT_SELECT_PUBLIC_KEY should be like this:
    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
        ok = ok && (RSA_get0_n(rsa) != NULL);
    if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
        ok = ok && (RSA_get0_e(rsa) != NULL);
RSA public key is pair (e,n) and private key is (d,n). `n` is the common part, so I think in case of OSSL_KEYMGMT_SELECT_KEYPAIR, we need to check `n` is not null, not `e` and we need to check `e` for public key. Current rsa_has() return 1 if RSA structure has `d` and `e` but no `n` and we OSSL_KEYMGMT_SELECT_PRIVATE_KEY selection which I think is incorrect.

What do you think? Do you think it is a bug too?
________________________________
This email is confidential and may contain information subject to legal privilege. If you are not the intended recipient please advise us of our error by return e-mail then delete this email and any attached files. You may not copy, disclose or use the contents in any way. The views expressed in this email may not be those of Gallagher Group Ltd or subsidiary companies thereof.
________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230301/59d97edb/attachment.htm>

More information about the openssl-users mailing list