Provide further parts of the OpenSSL 1.1 API: {DH,DSA}_get0_{key,pqg}(),

EVP_PKEY_get0_{DH,DSA,RSA}(), RSA_{g,s}et0_key().

ok jsing

9 files changed, 155 insertions, 29 deletions

diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list
index d9cbe853a9a..99930ffa17c 100644
--- a/lib/libcrypto/Symbols.list
+++ b/lib/libcrypto/Symbols.list
@@ -736,6 +736,8 @@ DH_free
 DH_generate_key
 DH_generate_parameters
 DH_generate_parameters_ex
+DH_get0_key
+DH_get0_pqg
 DH_get_default_method
 DH_get_ex_data
 DH_get_ex_new_index
@@ -776,6 +778,8 @@ DSA_free
 DSA_generate_key
 DSA_generate_parameters
 DSA_generate_parameters_ex
+DSA_get0_key
+DSA_get0_pqg
 DSA_get_default_method
 DSA_get_ex_data
 DSA_get_ex_new_index
@@ -1338,9 +1342,12 @@ EVP_PKEY_encrypt_old
 EVP_PKEY_free
 EVP_PKEY_get0
 EVP_PKEY_get0_asn1
+EVP_PKEY_get0_DH
 EVP_PKEY_get1_DH
+EVP_PKEY_get0_DSA
 EVP_PKEY_get1_DSA
 EVP_PKEY_get1_EC_KEY
+EVP_PKEY_get0_RSA
 EVP_PKEY_get1_RSA
 EVP_PKEY_get_attr
 EVP_PKEY_get_attr_by_NID
@@ -2185,6 +2192,7 @@ RSA_flags
 RSA_free
 RSA_generate_key
 RSA_generate_key_ex
+RSA_get0_key
 RSA_get_default_method
 RSA_get_ex_data
 RSA_get_ex_new_index
@@ -2209,6 +2217,7 @@ RSA_private_decrypt
 RSA_private_encrypt
 RSA_public_decrypt
 RSA_public_encrypt
+RSA_set0_key
 RSA_set_default_method
 RSA_set_ex_data
 RSA_set_method
diff --git a/lib/libcrypto/dh/dh.h b/lib/libcrypto/dh/dh.h
index 920af3b92d4..61c7d6c873d 100644
--- a/lib/libcrypto/dh/dh.h
+++ b/lib/libcrypto/dh/dh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.h,v 1.18 2016/11/04 18:35:30 jsing Exp $ */
+/* $OpenBSD: dh.h,v 1.19 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -188,6 +188,10 @@ int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 int DH_set_ex_data(DH *d, int idx, void *arg);
 void *DH_get_ex_data(DH *d, int idx);
 
+void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q,
+    const BIGNUM **g);
+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
+
 /* Deprecated version */
 #ifndef OPENSSL_NO_DEPRECATED
 DH *	DH_generate_parameters(int prime_len,int generator,
diff --git a/lib/libcrypto/dh/dh_lib.c b/lib/libcrypto/dh/dh_lib.c
index d45dc171682..5a54ca88da8 100644
--- a/lib/libcrypto/dh/dh_lib.c
+++ b/lib/libcrypto/dh/dh_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_lib.c,v 1.22 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: dh_lib.c,v 1.23 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -239,3 +239,23 @@ DH_size(const DH *dh)
 {
 	return BN_num_bytes(dh->p);
 }
+
+void
+DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
+{
+	if (p != NULL)
+		*p = dh->p;
+	if (q != NULL)
+		*q = dh->q;
+	if (g != NULL)
+		*g = dh->g;
+}
+
+void
+DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
+{
+	if (pub_key != NULL)
+		*pub_key = dh->pub_key;
+	if (priv_key != NULL)
+		*priv_key = dh->priv_key;
+}
diff --git a/lib/libcrypto/dsa/dsa.h b/lib/libcrypto/dsa/dsa.h
index 6ddd4c35d5c..f990ad52f04 100644
--- a/lib/libcrypto/dsa/dsa.h
+++ b/lib/libcrypto/dsa/dsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa.h,v 1.22 2016/11/04 18:35:30 jsing Exp $ */
+/* $OpenBSD: dsa.h,v 1.23 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -257,6 +257,10 @@ int	DSA_print_fp(FILE *bp, const DSA *x, int off);
 DH *DSA_dup_DH(const DSA *r);
 #endif
 
+void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q,
+    const BIGNUM **g);
+void DSA_get0_key(const DH *d, const BIGNUM **pub_key, const BIGNUM **priv_key);
+
 #define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
 	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
 				EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
diff --git a/lib/libcrypto/dsa/dsa_lib.c b/lib/libcrypto/dsa/dsa_lib.c
index 58af74889cc..ae9155c9f8c 100644
--- a/lib/libcrypto/dsa/dsa_lib.c
+++ b/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_lib.c,v 1.23 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: dsa_lib.c,v 1.24 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -303,3 +303,23 @@ err:
 	return NULL;
 }
 #endif
+
+void
+DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
+{
+	if (p != NULL)
+		*p = d->p;
+	if (q != NULL)
+		*q = d->q;
+	if (g != NULL)
+		*g = d->g;
+}
+
+void
+DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key)
+{
+	if (pub_key != NULL)
+		*pub_key = d->pub_key;
+	if (priv_key != NULL)
+		*priv_key = d->priv_key;
+}
diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h
index 09df7db64bd..c8da89844d5 100644
--- a/lib/libcrypto/evp/evp.h
+++ b/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.54 2018/02/14 16:40:42 jsing Exp $ */
+/* $OpenBSD: evp.h,v 1.55 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -870,18 +870,21 @@ void *EVP_PKEY_get0(EVP_PKEY *pkey);
 
 #ifndef OPENSSL_NO_RSA
 struct rsa_st;
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
+struct rsa_st *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
 struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
 #endif
 #ifndef OPENSSL_NO_DSA
 struct dsa_st;
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
+struct dsa_st *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
 struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
 #endif
 #ifndef OPENSSL_NO_DH
 struct dh_st;
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
+struct dh_st *EVP_PKEY_get0_DH(EVP_PKEY *pkey);
 struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
 #endif
 #ifndef OPENSSL_NO_EC
 struct ec_key_st;
diff --git a/lib/libcrypto/evp/p_lib.c b/lib/libcrypto/evp/p_lib.c
index e001755ef18..3cd1bf3b348 100644
--- a/lib/libcrypto/evp/p_lib.c
+++ b/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p_lib.c,v 1.18 2018/02/14 16:40:42 jsing Exp $ */
+/* $OpenBSD: p_lib.c,v 1.19 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -286,13 +286,14 @@ EVP_PKEY_get0(EVP_PKEY *pkey)
 }
 
 #ifndef OPENSSL_NO_RSA
-int
-EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
+RSA *
+EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
 {
-	int ret = EVP_PKEY_assign_RSA(pkey, key);
-	if (ret)
-		RSA_up_ref(key);
-	return ret;
+	if (pkey->type != EVP_PKEY_RSA) {
+		EVPerror(EVP_R_EXPECTING_AN_RSA_KEY);
+		return NULL;
+	}
+	return pkey->pkey.rsa;
 }
 
 RSA *
@@ -305,17 +306,27 @@ EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
 	RSA_up_ref(pkey->pkey.rsa);
 	return pkey->pkey.rsa;
 }
-#endif
 
-#ifndef OPENSSL_NO_DSA
 int
-EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
+EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
 {
-	int ret = EVP_PKEY_assign_DSA(pkey, key);
+	int ret = EVP_PKEY_assign_RSA(pkey, key);
 	if (ret)
-		DSA_up_ref(key);
+		RSA_up_ref(key);
 	return ret;
 }
+#endif
+
+#ifndef OPENSSL_NO_DSA
+DSA *
+EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
+{
+	if (pkey->type != EVP_PKEY_DSA) {
+		EVPerror(EVP_R_EXPECTING_A_DSA_KEY);
+		return NULL;
+	}
+	return pkey->pkey.dsa;
+}
 
 DSA *
 EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
@@ -327,6 +338,15 @@ EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
 	DSA_up_ref(pkey->pkey.dsa);
 	return pkey->pkey.dsa;
 }
+
+int
+EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
+{
+	int ret = EVP_PKEY_assign_DSA(pkey, key);
+	if (ret)
+		DSA_up_ref(key);
+	return ret;
+}
 #endif
 
 #ifndef OPENSSL_NO_EC
@@ -354,14 +374,14 @@ EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
 
 
 #ifndef OPENSSL_NO_DH
-
-int
-EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
+DH *
+EVP_PKEY_get0_DH(EVP_PKEY *pkey)
 {
-	int ret = EVP_PKEY_assign_DH(pkey, key);
-	if (ret)
-		DH_up_ref(key);
-	return ret;
+	if (pkey->type != EVP_PKEY_DH) {
+		EVPerror(EVP_R_EXPECTING_A_DH_KEY);
+		return NULL;
+	}
+	return pkey->pkey.dh;
 }
 
 DH *
@@ -374,6 +394,15 @@ EVP_PKEY_get1_DH(EVP_PKEY *pkey)
 	DH_up_ref(pkey->pkey.dh);
 	return pkey->pkey.dh;
 }
+
+int
+EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
+{
+	int ret = EVP_PKEY_assign_DH(pkey, key);
+	if (ret)
+		DH_up_ref(key);
+	return ret;
+}
 #endif
 
 int
diff --git a/lib/libcrypto/rsa/rsa.h b/lib/libcrypto/rsa/rsa.h
index 7476a1164a7..7d4bd838c50 100644
--- a/lib/libcrypto/rsa/rsa.h
+++ b/lib/libcrypto/rsa/rsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.h,v 1.31 2017/08/30 16:07:35 jsing Exp $ */
+/* $OpenBSD: rsa.h,v 1.32 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -395,6 +395,10 @@ int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 int RSA_set_ex_data(RSA *r, int idx, void *arg);
 void *RSA_get_ex_data(const RSA *r, int idx);
 
+int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
+void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e,
+    const BIGNUM **d);
+
 RSA *RSAPublicKey_dup(RSA *rsa);
 RSA *RSAPrivateKey_dup(RSA *rsa);
 
diff --git a/lib/libcrypto/rsa/rsa_lib.c b/lib/libcrypto/rsa/rsa_lib.c
index 31ea418427a..2a73364e702 100644
--- a/lib/libcrypto/rsa/rsa_lib.c
+++ b/lib/libcrypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_lib.c,v 1.31 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.32 2018/02/17 13:47:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -256,3 +256,36 @@ RSA_get_ex_data(const RSA *r, int idx)
 {
 	return CRYPTO_get_ex_data(&r->ex_data, idx);
 }
+
+int
+RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+{
+	if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL))
+		return 0;
+
+	if (n != NULL) {
+		BN_free(r->n);
+		r->n = n;
+	}
+	if (e != NULL) {
+		BN_free(r->e);
+		r->e = e;
+	}
+	if (d != NULL) {
+		BN_free(r->d);
+		r->d = d;
+	}
+
+	return 1;
+}
+
+void
+RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+{
+	if (n != NULL)
+		*n = r->n;
+	if (e != NULL)
+		*e = r->e;
+	if (d != NULL)
+		*d = r->d;
+}