Changeset 73665 in vbox

Timestamp:

Aug 14, 2018 5:49:23 PM (7 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

124340

Message:

IPRT,SUP,Main: Working on new crypto key handling and rsa signing. bugref:9152

Location:

trunk

Files:

• include/iprt/crypto/key.h (added)
• include/iprt/crypto/pkix.h (modified) (11 diffs)
• include/iprt/err.h (modified) (2 diffs)
• include/iprt/mangling.h (modified) (1 diff)
• include/iprt/types.h (modified) (1 diff)
• src/VBox/HostDrivers/Support/Makefile.kmk (modified) (2 diffs)
• src/VBox/Main/src-server/ApplianceImplImport.cpp (modified) (1 diff)
• src/VBox/Runtime/Makefile.kmk (modified) (5 diffs)
• src/VBox/Runtime/common/crypto/key-file.cpp (added)
• src/VBox/Runtime/common/crypto/key-internal.h (added)
• src/VBox/Runtime/common/crypto/key-openssl.cpp (added)
• src/VBox/Runtime/common/crypto/key.cpp (added)
• src/VBox/Runtime/common/crypto/pkcs7-verify.cpp (modified) (2 diffs)
• src/VBox/Runtime/common/crypto/pkix-sign.cpp (added)
• src/VBox/Runtime/common/crypto/pkix-signature-builtin.cpp (modified) (1 diff)
• src/VBox/Runtime/common/crypto/pkix-signature-core.cpp (modified) (11 diffs)
• src/VBox/Runtime/common/crypto/pkix-signature-rsa.cpp (modified) (11 diffs)
• src/VBox/Runtime/common/crypto/pkix-verify.cpp (modified) (11 diffs)
• src/VBox/Runtime/common/crypto/x509-verify.cpp (modified) (3 diffs)
• src/VBox/Runtime/common/math/bignum.cpp (modified) (1 diff)
• src/VBox/Runtime/include/internal/iprt-openssl.h (modified) (2 diffs)
• src/VBox/Runtime/include/internal/magics.h (modified) (1 diff)
• src/VBox/Runtime/testcase/Makefile.kmk (modified) (2 diffs)
• src/VBox/Runtime/testcase/tstRTCrPkix-1.cpp (added)

trunk/include/iprt/crypto/pkix.h

@@ -32 +32 @@
 RT_C_DECLS_BEGIN
 
+struct RTCRX509SUBJECTPUBLICKEYINFO;
+
 /** @defgroup grp_rt_crpkix RTCrPkix - Public Key Infrastructure APIs
  * @ingroup grp_rt_crypto
@@ -43 +45 @@
  * @returns IPRT status code.
  * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
+ * @param   hPublicKey      The public key.
  * @param   pParameters     Parameter to the public key algorithm. Optional.
- * @param   pPublicKey      The public key.
  * @param   pSignatureValue The signature value.
  * @param   pvData          The signed data.
@@ -53 +55 @@
  *          performed more than once using all available crypto implementations.
  */
-RTDECL(int) RTCrPkixPubKeyVerifySignature(PCRTASN1OBJID pAlgorithm, PCRTASN1DYNTYPE pParameters, PCRTASN1BITSTRING pPublicKey,
+RTDECL(int) RTCrPkixPubKeyVerifySignature(PCRTASN1OBJID pAlgorithm, RTCRKEY hPublicKey, PCRTASN1DYNTYPE pParameters,
                                           PCRTASN1BITSTRING pSignatureValue, const void *pvData, size_t cbData,
                                           PRTERRINFO pErrInfo);
@@ -64 +66 @@
  * @returns IPRT status code.
  * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
+ * @param   hPublicKey      The public key.
  * @param   pParameters     Parameter to the public key algorithm. Optional.
- * @param   pPublicKey      The public key.
  * @param   pvSignedDigest  The signed digest.
  * @param   cbSignedDigest  The signed digest size.
@@ -75 +77 @@
  *          performed more than once using all available crypto implementations.
  */
-RTDECL(int) RTCrPkixPubKeyVerifySignedDigest(PCRTASN1OBJID pAlgorithm, PCRTASN1DYNTYPE pParameters,
-                                             PCRTASN1BITSTRING pPublicKey, void const *pvSignedDigest, size_t cbSignedDigest,
+RTDECL(int) RTCrPkixPubKeyVerifySignedDigest(PCRTASN1OBJID pAlgorithm, RTCRKEY hPublicKey, PCRTASN1DYNTYPE pParameters,
+                                             void const *pvSignedDigest, size_t cbSignedDigest,
                                              RTCRDIGEST hDigest, PRTERRINFO pErrInfo);
 
+/**
+ * Wrapper around RTCrPkixPubKeyVerifySignedDigest & RTCrKeyCreateFromAlgorithmAndBits.
+ *
+ * @note The public key info must include digest type for this to work.
+ */
+RTDECL(int) RTCrPkixPubKeyVerifySignedDigestByCertPubKeyInfo(struct RTCRX509SUBJECTPUBLICKEYINFO const *pCertPubKeyInfo,
+                                                             void const *pvSignedDigest, size_t cbSignedDigest,
+                                                             RTCRDIGEST hDigest, PRTERRINFO pErrInfo);
+
+
+/**
+ * Signs a digest (@a hDigest) using the specified private key (@a pPrivateKey) and algorithm.
+ *
+ * @returns IPRT status code.
+ * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
+ * @param   hPrivateKey     Handle to the private key to use.
+ * @param   pParameters     Parameter to the public key algorithm. Optional.
+ * @param   hDigest         The digest of the data being signed.
+ * @param   fFlags          Flags for future extensions, MBZ.
+ * @param   pvSignature     The output signature buffer.  Pass NULL to query
+ *                          the signature size.
+ * @param   pcbSignature    On input the variable pointed to holds the size of
+ *                          the buffer @a pvSignature points to.
+ *                          On return the variable pointed to is set to the size
+ *                          of the returned signature, or the required size in
+ *                          case of VERR_BUFFER_OVERFLOW.
+ * @param   pErrInfo        Where to return extended error info. Optional.
+ *
+ * @remarks Depending on the IPRT build configuration and the algorithm used, the
+ *          signing may be performed more than once using all available crypto
+ *          implementations.
+ */
+RTDECL(int) RTCrPkixPubKeySignDigest(PCRTASN1OBJID pAlgorithm, RTCRKEY hPrivateKey, PCRTASN1DYNTYPE pParameters,
+                                     RTCRDIGEST hDigest, uint32_t fFlags,
+                                     void *pvSignature, size_t *pcbSignature, PRTERRINFO pErrInfo);
 
 /**
@@ -141 +178 @@
      *                          setting for the lifetime of the instance due to the
      *                          algorithm requiring different keys.
-     * @param   pKey            The key to use (whether private or public depends on
-     *                          the operation).
+     * @param   hKey            The key handle.  Caller has retained it for the
+     *                          lifetime of the state being initialize.
      * @param   pParams         Algorithm/key parameters, optional.  Will be NULL if
      *                          none.
      */
     DECLCALLBACKMEMBER(int, pfnInit)(struct RTCRPKIXSIGNATUREDESC const *pDesc, void *pvState, void *pvOpaque, bool fSigning,
-                                     PCRTASN1BITSTRING pKey, PCRTASN1DYNTYPE pParams);
+                                     RTCRKEY hKey, PCRTASN1DYNTYPE pParams);
 
     /**
@@ -183 +220 @@
      * @param   pDesc           Pointer to this structure (for uProviderSpecific).
      * @param   pvState         The opaque provider state.
+     * @param   hKey            The key handle associated with the state at init.
      * @param   hDigest         The handle to the digest.  Call RTCrDigestFinal to
      *                          complete and retreive the final hash value.
@@ -188 +226 @@
      * @param   cbSignature     The size of the signature (in bytes).
      */
-    DECLCALLBACKMEMBER(int, pfnVerify)(struct RTCRPKIXSIGNATUREDESC const *pDesc, void *pvState,
+    DECLCALLBACKMEMBER(int, pfnVerify)(struct RTCRPKIXSIGNATUREDESC const *pDesc, void *pvState, RTCRKEY hKey,
                                        RTCRDIGEST hDigest, void const *pvSignature, size_t cbSignature);
 
@@ -202 +240 @@
      * @param   pDesc           Pointer to this structure (for uProviderSpecific).
      * @param   pvState         The opaque provider state.
+     * @param   hKey            The key handle associated with the state at init.
      * @param   hDigest         The handle to the digest.  Call RTCrDigestFinal to
      *                          complete and retreive the final hash value.
@@ -211 +250 @@
      *                          case of VERR_BUFFER_OVERFLOW.
      */
-    DECLCALLBACKMEMBER(int, pfnSign)(struct RTCRPKIXSIGNATUREDESC const *pDesc, void *pvState,
+    DECLCALLBACKMEMBER(int, pfnSign)(struct RTCRPKIXSIGNATUREDESC const *pDesc, void *pvState, RTCRKEY hKey,
                                      RTCRDIGEST hDigest, void *pvSignature, size_t *pcbSignature);
 
@@ -220 +259 @@
 
 PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjIdString(const char *pszObjId, void *ppvOpaque);
-PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjId(PCRTASN1OBJID pObjId, void *ppvOpaque);
+PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjId(PCRTASN1OBJID pObjId, void **ppvOpaque);
 RTDECL(int) RTCrPkixSignatureCreateByObjIdString(PRTCRPKIXSIGNATURE phSignature, const char *pszObjId, bool fSigning,
-                                                 PCRTASN1BITSTRING pKey,PCRTASN1DYNTYPE pParams);
-RTDECL(int) RTCrPkixSignatureCreateByObjId(PRTCRPKIXSIGNATURE phSignature, PCRTASN1OBJID pObjId, bool fSigning,
-                                           PCRTASN1BITSTRING pKey, PCRTASN1DYNTYPE pParams);
+                                                 RTCRKEY hKey, PCRTASN1DYNTYPE pParams);
+RTDECL(int) RTCrPkixSignatureCreateByObjId(PRTCRPKIXSIGNATURE phSignature, PCRTASN1OBJID pObjId, RTCRKEY hKey,
+                                           PCRTASN1DYNTYPE pParams, bool fSigning);
 
 
 RTDECL(int) RTCrPkixSignatureCreate(PRTCRPKIXSIGNATURE phSignature, PCRTCRPKIXSIGNATUREDESC pDesc, void *pvOpaque,
-                                    bool fSigning, PCRTASN1BITSTRING pKey, PCRTASN1DYNTYPE pParams);
+                                    bool fSigning, RTCRKEY hKey, PCRTASN1DYNTYPE pParams);
 RTDECL(uint32_t) RTCrPkixSignatureRetain(RTCRPKIXSIGNATURE hSignature);
 RTDECL(uint32_t) RTCrPkixSignatureRelease(RTCRPKIXSIGNATURE hSignature);

trunk/include/iprt/err.h

@@ -2729 +2729 @@
 /** The EVP_PKEY_type API in OpenSSL failed.  */
 #define VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR       (-23517)
+/** OpenSSL failed to decode the public key. */
+#define VERR_CR_PKIX_OSSL_D2I_PRIVATE_KEY_FAILED    (-23518)
+/** The EVP_PKEY_CTX_set_rsa_padding API in OpenSSL failed.  */
+#define VERR_CR_PKIX_OSSL_EVP_PKEY_RSA_PAD_ERROR    (-23519)
+/** Final OpenSSL PKIX signing failed. */
+#define VERR_CR_PKIX_OSSL_SIGN_FINAL_FAILED         (-23520)
+/** OpenSSL and IPRT disagree on the signature size. */
+#define VERR_CR_PKIX_OSSL_VS_IPRT_SIGNATURE_SIZE    (-23521)
+/** OpenSSL and IPRT disagree on the signature. */
+#define VERR_CR_PKIX_OSSL_VS_IPRT_SIGNATURE         (-23522)
+/** Expected RSA private key. */
+#define VERR_CR_PKIX_NOT_RSA_PRIVATE_KEY            (-23523)
+/** Expected RSA public key. */
+#define VERR_CR_PKIX_NOT_RSA_PUBLIC_KEY             (-23524)
 /** @} */
 
@@ -2735 +2749 @@
 /** Generic store error. */
 #define VERR_CR_STORE_GENERIC_ERROR                 (-23700)
+/** @} */
+
+/** @name RTCrKey status codes.
+ * @{ */
+/** Could not recognize the key type. */
+#define VERR_CR_KEY_UNKNOWN_TYPE                    (-23800)
+/** Unsupported key format. */
+#define VERR_CR_KEY_FORMAT_NOT_SUPPORTED            (-23801)
 /** @} */
 

trunk/include/iprt/mangling.h

@@ -3111 +3111 @@
 # define RTCrDigestTypeToName                           RT_MANGLER(RTCrDigestTypeToName)
 # define RTCrDigestTypeToHashSize                       RT_MANGLER(RTCrDigestTypeToHashSize)
+# define RTCrKeyCreateFromBuffer                        RT_MANGLER(RTCrKeyCreateFromBuffer)
+# define RTCrKeyCreateFromFile                          RT_MANGLER(RTCrKeyCreateFromFile)
+# define RTCrKeyCreateFromPemSection                    RT_MANGLER(RTCrKeyCreateFromPemSection)
+# define RTCrKeyCreateFromPublicAlgorithmAndBits        RT_MANGLER(RTCrKeyCreateFromPublicAlgorithmAndBits)
+# define RTCrKeyCreateFromSubjectPublicKeyInfo          RT_MANGLER(RTCrKeyCreateFromSubjectPublicKeyInfo)
+# define RTCrKeyGetBitCount                             RT_MANGLER(RTCrKeyGetBitCount)
+# define RTCrKeyGetType                                 RT_MANGLER(RTCrKeyGetType)
+# define RTCrKeyHasPrivatePart                          RT_MANGLER(RTCrKeyHasPrivatePart)
+# define RTCrKeyHasPublicPart                           RT_MANGLER(RTCrKeyHasPublicPart)
+# define RTCrKeyRelease                                 RT_MANGLER(RTCrKeyRelease)
+# define RTCrKeyRetain                                  RT_MANGLER(RTCrKeyRetain)
 # define RTCrRsaDigestInfo_DecodeAsn1                   RT_MANGLER(RTCrRsaDigestInfo_DecodeAsn1)
 # define RTCrRsaOtherPrimeInfo_DecodeAsn1               RT_MANGLER(RTCrRsaOtherPrimeInfo_DecodeAsn1)

trunk/include/iprt/types.h

@@ -2087 +2087 @@
 #define NIL_RTCRDIGEST                              (0)
 
+/** Cryptographic key handle. */
+typedef R3R0PTRTYPE(struct RTCRKEYINT RT_FAR *)     RTCRKEY;
+/** Pointer to a cryptographic key handle. */
+typedef RTCRKEY                             RT_FAR *PRTCRKEY;
+/** Cryptographic key handle nil value. */
+#define NIL_RTCRKEY                                 (0)
+
 /** Public key encryption schema handle. */
 typedef R3R0PTRTYPE(struct RTCRPKIXENCRYPTIONINT RT_FAR *) RTCRPKIXENCRYPTION;

trunk/src/VBox/HostDrivers/Support/Makefile.kmk

@@ -242 +242 @@
         $(VBOX_PATH_RUNTIME_SRC)/common/asn1/asn1-cursor.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/asn1/asn1-default-allocator.cpp \
+        $(VBOX_PATH_RUNTIME_SRC)/common/asn1/asn1-safer-allocator.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/asn1/asn1-dump.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/asn1/asn1-encode.cpp \
@@ -266 +267 @@
         $(VBOX_PATH_RUNTIME_SRC)/common/crypto/digest-core.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/crypto/digest-builtin.cpp \
+        $(VBOX_PATH_RUNTIME_SRC)/common/crypto/key.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/crypto/pkcs7-asn1-decoder.cpp \
         $(VBOX_PATH_RUNTIME_SRC)/common/crypto/pkcs7-core.cpp \

trunk/src/VBox/Main/src-server/ApplianceImplImport.cpp

@@ -1729 +1729 @@
                    API will do the verification twice, once using IPRT's own crypto
                    and once using OpenSSL.  Both must OK it for success.) */
-                vrc = RTCrPkixPubKeyVerifySignedDigest(&m->SignerCert.TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm,
-                                                       &m->SignerCert.TbsCertificate.SubjectPublicKeyInfo.Algorithm.Parameters,
-                                                       &m->SignerCert.TbsCertificate.SubjectPublicKeyInfo.SubjectPublicKey,
-                                                       m->pbSignedDigest, m->cbSignedDigest, hDigest,
-                                                       RTErrInfoInitStatic(&StaticErrInfo));
+                vrc = RTCrPkixPubKeyVerifySignedDigestByCertPubKeyInfo(&m->SignerCert.TbsCertificate.SubjectPublicKeyInfo,
+                                                                       m->pbSignedDigest, m->cbSignedDigest, hDigest,
+                                                                       RTErrInfoInitStatic(&StaticErrInfo));
                 if (RT_SUCCESS(vrc))
                 {

trunk/src/VBox/Runtime/Makefile.kmk

@@ -314 +314 @@
         common/asn1/asn1-default-allocator.cpp \
         common/asn1/asn1-efence-allocator.cpp \
+        common/asn1/asn1-safer-allocator.cpp \
         common/asn1/asn1-dump.cpp \
         common/asn1/asn1-encode.cpp \
@@ -367 +368 @@
         common/crypto/digest-vfs.cpp \
         common/crypto/iprt-openssl.cpp \
+        common/crypto/key.cpp \
+        common/crypto/key-file.cpp \
+        common/crypto/key-openssl.cpp \
         common/crypto/rsa-asn1-decoder.cpp \
         common/crypto/rsa-core.cpp \
@@ -377 +381 @@
         common/crypto/pkcs7-sanity.cpp \
         common/crypto/pkcs7-verify.cpp \
+        common/crypto/pkix-sign.cpp \
         common/crypto/pkix-signature-builtin.cpp \
         common/crypto/pkix-signature-core.cpp \
@@ -2304 +2309 @@
         common/asn1/asn1-cursor.cpp \
         common/asn1/asn1-default-allocator.cpp \
+        common/asn1/asn1-safer-allocator.cpp \
         common/asn1/asn1-encode.cpp \
         common/asn1/asn1-ut-bitstring.cpp \
@@ -2327 +2333 @@
         common/crypto/digest-core.cpp \
         common/crypto/digest-builtin.cpp \
+        common/crypto/key.cpp \
         common/crypto/rsa-asn1-decoder.cpp \
         common/crypto/rsa-core.cpp \

trunk/src/VBox/Runtime/common/crypto/pkcs7-verify.cpp

@@ -35 +35 @@
 #include <iprt/string.h>
 #include <iprt/crypto/digest.h>
+#include <iprt/crypto/key.h>
 #include <iprt/crypto/pkix.h>
 #include <iprt/crypto/store.h>
@@ -477 +478 @@
         if (RT_SUCCESS(rc))
         {
-            RTCRPKIXSIGNATURE hSignature;
-            rc = RTCrPkixSignatureCreateByObjId(&hSignature,
-                                                &pSignerCert->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm,
-                                                false /*fSigning*/,
-                                                &pSignerCert->TbsCertificate.SubjectPublicKeyInfo.SubjectPublicKey,
-                                                &pSignerInfo->DigestEncryptionAlgorithm.Parameters);
+            RTCRKEY hKey;
+            rc = RTCrKeyCreateFromSubjectPublicKeyInfo(&hKey, &pSignerCert->TbsCertificate.SubjectPublicKeyInfo,
+                                                       pErrInfo, "pkcs7");
             if (RT_SUCCESS(rc))
             {
-                /** @todo Check that DigestEncryptionAlgorithm is compatible with hSignature
-                 *        (this is not vital). */
-                rc = RTCrPkixSignatureVerifyOctetString(hSignature, hDigest, &pSignerInfo->EncryptedDigest);
-                if (RT_FAILURE(rc))
-                    rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNATURE_VERIFICATION_FAILED,
-                                       "Signature verficiation failed: %Rrc", rc);
-                RTCrPkixSignatureRelease(hSignature);
+                RTCRPKIXSIGNATURE hSignature;
+                rc = RTCrPkixSignatureCreateByObjId(&hSignature, &pSignerInfo->DigestEncryptionAlgorithm.Algorithm,
+                                                    hKey, &pSignerInfo->DigestEncryptionAlgorithm.Parameters, false /*fSigning*/);
+                RTCrKeyRelease(hKey);
+                if (RT_SUCCESS(rc))
+                {
+                    /** @todo Check that DigestEncryptionAlgorithm is compatible with hSignature
+                     *        (this is not vital). */
+                    rc = RTCrPkixSignatureVerifyOctetString(hSignature, hDigest, &pSignerInfo->EncryptedDigest);
+                    if (RT_FAILURE(rc))
+                        rc = RTErrInfoSetF(pErrInfo, VERR_CR_PKCS7_SIGNATURE_VERIFICATION_FAILED,
+                                           "Signature verficiation failed: %Rrc", rc);
+                    RTCrPkixSignatureRelease(hSignature);
+                }
+                else
+                    rc = RTErrInfoSetF(pErrInfo, rc, "Failure to instantiate public key algorithm [IPRT]: %s (%s)",
+                                       pSignerCert->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm.szObjId,
+                                       pSignerInfo->DigestEncryptionAlgorithm.Algorithm.szObjId);
             }
-            else
-                rc = RTErrInfoSetF(pErrInfo, rc, "Failure to instantiate public key algorithm [IPRT]: %s (%s)",
-                                   pSignerCert->TbsCertificate.SubjectPublicKeyInfo.Algorithm.Algorithm.szObjId,
-                                   pSignerInfo->DigestEncryptionAlgorithm.Algorithm.szObjId);
         }
 

trunk/src/VBox/Runtime/common/crypto/pkix-signature-builtin.cpp

@@ -116 +116 @@
 
 
-RTDECL(int) RTCrPkixSignatureCreateByObjIdString(PRTCRPKIXSIGNATURE phSignature, const char *pszObjId, bool fSigning,
-                                                 PCRTASN1BITSTRING pKey,PCRTASN1DYNTYPE pParams)
+RTDECL(int) RTCrPkixSignatureCreateByObjIdString(PRTCRPKIXSIGNATURE phSignature, const char *pszObjId,
+                                                 RTCRKEY hKey, PCRTASN1DYNTYPE pParams, bool fSigning)
 {
     void *pvOpaque;
     PCRTCRPKIXSIGNATUREDESC pDesc = RTCrPkixSignatureFindByObjIdString(pszObjId, &pvOpaque);
     if (pDesc)
-        return RTCrPkixSignatureCreate(phSignature, pDesc, pvOpaque, fSigning, pKey, pParams);
+        return RTCrPkixSignatureCreate(phSignature, pDesc, pvOpaque, fSigning, hKey, pParams);
     return VERR_NOT_FOUND;
 }
 
 
-RTDECL(int) RTCrPkixSignatureCreateByObjId(PRTCRPKIXSIGNATURE phSignature, PCRTASN1OBJID pObjId, bool fSigning,
-                                           PCRTASN1BITSTRING pKey, PCRTASN1DYNTYPE pParams)
+RTDECL(int) RTCrPkixSignatureCreateByObjId(PRTCRPKIXSIGNATURE phSignature, PCRTASN1OBJID pObjId,
+                                           RTCRKEY hKey, PCRTASN1DYNTYPE pParams, bool fSigning)
 {
     void *pvOpaque;
     PCRTCRPKIXSIGNATUREDESC pDesc = RTCrPkixSignatureFindByObjId(pObjId, &pvOpaque);
     if (pDesc)
-        return RTCrPkixSignatureCreate(phSignature, pDesc, pvOpaque, fSigning, pKey, pParams);
+        return RTCrPkixSignatureCreate(phSignature, pDesc, pvOpaque, fSigning, hKey, pParams);
     return VERR_NOT_FOUND;
 }

trunk/src/VBox/Runtime/common/crypto/pkix-signature-core.cpp

@@ -38 +38 @@
 #include <iprt/string.h>
 #include <iprt/crypto/digest.h>
+#include <iprt/crypto/key.h>
 
 
@@ -54 +55 @@
     /** Pointer to the message digest descriptor. */
     PCRTCRPKIXSIGNATUREDESC pDesc;
+    /** Key being used (referrenced of course). */
+    RTCRKEY                 hKey;
     /** The operation this instance is licensed for. */
     bool                    fSigning;
     /** State. */
     uint32_t                uState;
-#if ARCH_BITS == 32
-    uint32_t                uPadding;
-#endif
 
     /** Opaque data specific to the message digest algorithm, size given by
@@ -86 +86 @@
 
 RTDECL(int) RTCrPkixSignatureCreate(PRTCRPKIXSIGNATURE phSignature, PCRTCRPKIXSIGNATUREDESC pDesc, void *pvOpaque,
-                                    bool fSigning, PCRTASN1BITSTRING pKey, PCRTASN1DYNTYPE pParams)
+                                    bool fSigning, RTCRKEY hKey, PCRTASN1DYNTYPE pParams)
 {
     /*
@@ -93 +93 @@
     AssertPtrReturn(phSignature, VERR_INVALID_POINTER);
     AssertPtrReturn(pDesc, VERR_INVALID_POINTER);
-    AssertPtrReturn(pKey, VERR_INVALID_POINTER);
-    AssertReturn(RTAsn1BitString_IsPresent(pKey), VERR_INVALID_PARAMETER);
     if (pParams)
     {
@@ -102 +100 @@
             pParams = NULL;
     }
+    uint32_t cKeyRefs = RTCrKeyRetain(hKey);
+    AssertReturn(cKeyRefs != UINT32_MAX, VERR_INVALID_HANDLE);
 
     /*
@@ -116 +116 @@
         pThis->fSigning     = fSigning;
         pThis->uState       = RTCRPKIXSIGNATURE_STATE_READY;
+        pThis->hKey         = hKey;
         if (pDesc->pfnInit)
-            rc = pDesc->pfnInit(pDesc, pThis->abState, pvOpaque, fSigning, pKey, pParams);
+            rc = pDesc->pfnInit(pDesc, pThis->abState, pvOpaque, fSigning, hKey, pParams);
         if (RT_SUCCESS(rc))
         {
@@ -128 +129 @@
     else
         rc = VERR_NO_MEMORY;
+    RTCrKeyRelease(hKey);
     return rc;
 
@@ -142 +144 @@
     Assert(cRefs < 64);
     return cRefs;
+}
+
+
+/**
+ * Destructor worker.
+ */
+static uint32_t rtCrPkixSignatureDestructor(PRTCRPKIXSIGNATUREINT pThis)
+{
+    pThis->u32Magic = ~RTCRPKIXSIGNATUREINT_MAGIC;
+    if (pThis->pDesc->pfnDelete)
+        pThis->pDesc->pfnDelete(pThis->pDesc, pThis->abState, pThis->fSigning);
+
+    RTCrKeyRelease(pThis->hKey);
+    pThis->hKey = NIL_RTCRKEY;
+
+    size_t cbToWipe = RT_UOFFSETOF_DYN(RTCRPKIXSIGNATUREINT, abState[pThis->pDesc->cbState]);
+    RTMemWipeThoroughly(pThis, cbToWipe, 6);
+
+    RTMemFree(pThis);
+    return 0;
 }
 
@@ -156 +178 @@
     Assert(cRefs < 64);
     if (!cRefs)
-    {
-        pThis->u32Magic = ~RTCRPKIXSIGNATUREINT_MAGIC;
-        if (pThis->pDesc->pfnDelete)
-            pThis->pDesc->pfnDelete(pThis->pDesc, pThis->abState, pThis->fSigning);
-
-        size_t cbToWipe = RT_UOFFSETOF_DYN(RTCRPKIXSIGNATUREINT, abState[pThis->pDesc->cbState]);
-        RTMemWipeThoroughly(pThis, cbToWipe, 6);
-
-        RTMemFree(pThis);
-    }
+        return rtCrPkixSignatureDestructor(pThis);
     return cRefs;
 }
@@ -211 +224 @@
     if (RT_SUCCESS(rc))
     {
-        rc = pThis->pDesc->pfnVerify(pThis->pDesc, pThis->abState, hDigest, pvSignature, cbSignature);
+        rc = pThis->pDesc->pfnVerify(pThis->pDesc, pThis->abState, pThis->hKey, hDigest, pvSignature, cbSignature);
         pThis->uState = RTCRPKIXSIGNATURE_STATE_DONE;
     }
@@ -265 +278 @@
     if (RT_SUCCESS(rc))
     {
-        rc = pThis->pDesc->pfnSign(pThis->pDesc, pThis->abState, hDigest, pvSignature, pcbSignature);
+        rc = pThis->pDesc->pfnSign(pThis->pDesc, pThis->abState, pThis->hKey, hDigest, pvSignature, pcbSignature);
         if (rc != VERR_BUFFER_OVERFLOW)
             pThis->uState = RTCRPKIXSIGNATURE_STATE_DONE;

trunk/src/VBox/Runtime/common/crypto/pkix-signature-rsa.cpp

@@ -41 +41 @@
 #include "rsa-internal.h"
 #include "pkix-signature-builtin.h"
+#include "key-internal.h"
 
 
@@ -53 +54 @@
     /** Set if we're signing, clear if verifying.  */
     bool                    fSigning;
-    /** The modulus.  */
-    RTBIGNUM                Modulus;
-    /** The exponent.  */
-    RTBIGNUM                Exponent;
 
     /** Temporary big number for use when signing or verifiying. */
@@ -138 +135 @@
 /** @impl_interface_method{RTCRPKIXSIGNATUREDESC,pfnInit}  */
 static DECLCALLBACK(int) rtCrPkixSignatureRsa_Init(PCRTCRPKIXSIGNATUREDESC pDesc, void *pvState, void *pvOpaque,
-                                                   bool fSigning, PCRTASN1BITSTRING pKey, PCRTASN1DYNTYPE pParams)
+                                                   bool fSigning, RTCRKEY hKey, PCRTASN1DYNTYPE pParams)
 {
     RT_NOREF_PV(pDesc); RT_NOREF_PV(pvState); RT_NOREF_PV(pvOpaque);
@@ -145 +142 @@
         return VERR_CR_PKIX_SIGNATURE_TAKES_NO_PARAMETERS;
 
+    RTCRKEYTYPE enmKeyType = RTCrKeyGetType(hKey);
+    if (fSigning)
+        AssertReturn(enmKeyType == RTCRKEYTYPE_RSA_PRIVATE, VERR_CR_PKIX_NOT_RSA_PRIVATE_KEY);
+    else
+        AssertReturn(enmKeyType == RTCRKEYTYPE_RSA_PUBLIC, VERR_CR_PKIX_NOT_RSA_PUBLIC_KEY);
+
     PRTCRPKIXSIGNATURERSA pThis = (PRTCRPKIXSIGNATURERSA)pvState;
     pThis->fSigning = fSigning;
 
-    /*
-     * Decode the key and pick the bits we really need from it.
-     */
-    RTASN1CURSORPRIMARY PrimaryCursor;
-    RTAsn1CursorInitPrimary(&PrimaryCursor, RTASN1BITSTRING_GET_BIT0_PTR(pKey), RTASN1BITSTRING_GET_BYTE_SIZE(pKey),
-                            NULL, &g_RTAsn1DefaultAllocator, RTASN1CURSOR_FLAGS_DER, "rsa");
-    int rc;
-    if (!fSigning)
-    {
-        rc = RTCrRsaPublicKey_DecodeAsn1(&PrimaryCursor.Cursor, 0, &pThis->Scratch.PublicKey, "PublicKey");
-        if (RT_SUCCESS(rc))
-        {
-            rc = RTAsn1Integer_ToBigNum(&pThis->Scratch.PublicKey.Modulus, &pThis->Modulus, 0);
-            if (RT_SUCCESS(rc))
-            {
-                rc = RTAsn1Integer_ToBigNum(&pThis->Scratch.PublicKey.PublicExponent, &pThis->Exponent, 0);
-                if (RT_SUCCESS(rc))
-                {
-                    RTAsn1VtDelete(&pThis->Scratch.PublicKey.SeqCore.Asn1Core);
-                    return VINF_SUCCESS;
-                }
-                RTBigNumDestroy(&pThis->Modulus);
-            }
-            RTAsn1VtDelete(&pThis->Scratch.PublicKey.SeqCore.Asn1Core);
-        }
-    }
-    else
-    {
-        rc = RTCrRsaPrivateKey_DecodeAsn1(&PrimaryCursor.Cursor, 0, &pThis->Scratch.PrivateKey, "PrivateKey");
-        if (RT_SUCCESS(rc))
-        {
-            rc = RTAsn1Integer_ToBigNum(&pThis->Scratch.PrivateKey.Modulus, &pThis->Modulus, RTBIGNUMINIT_F_SENSITIVE);
-            if (RT_SUCCESS(rc))
-            {
-                rc = RTAsn1Integer_ToBigNum(&pThis->Scratch.PrivateKey.PublicExponent, &pThis->Exponent, RTBIGNUMINIT_F_SENSITIVE);
-                if (RT_SUCCESS(rc))
-                {
-                    RTAsn1VtDelete(&pThis->Scratch.PrivateKey.SeqCore.Asn1Core);
-                    return VINF_SUCCESS;
-                }
-                RTBigNumDestroy(&pThis->Modulus);
-            }
-            RTAsn1VtDelete(&pThis->Scratch.PrivateKey.SeqCore.Asn1Core);
-        }
-    }
-    return rc;
+    return VINF_SUCCESS;
 }
 
@@ -213 +171 @@
     RT_NOREF_PV(fSigning); RT_NOREF_PV(pDesc);
     Assert(pThis->fSigning == fSigning);
-
-    RTBigNumDestroy(&pThis->Modulus);
-    RTBigNumDestroy(&pThis->Exponent);
 }
 
@@ -246 +201 @@
      * Figure out which hash and select the associate prebaked DigestInfo.
      */
-    RTDIGESTTYPE const  enmDigest    = RTCrDigestGetType(hDigest);
+    RTDIGESTTYPE const  enmDigest = RTCrDigestGetType(hDigest);
     AssertReturn(enmDigest != RTDIGESTTYPE_INVALID && enmDigest != RTDIGESTTYPE_UNKNOWN, VERR_CR_PKIX_UNKNOWN_DIGEST_TYPE);
     uint8_t const      *pbDigestInfoStart = NULL;
@@ -297 +252 @@
 
 /** @impl_interface_method{RTCRPKIXSIGNATUREDESC,pfnVerify}  */
-static DECLCALLBACK(int) rtCrPkixSignatureRsa_Verify(PCRTCRPKIXSIGNATUREDESC pDesc, void *pvState,
+static DECLCALLBACK(int) rtCrPkixSignatureRsa_Verify(PCRTCRPKIXSIGNATUREDESC pDesc, void *pvState, RTCRKEY hKey,
                                                      RTCRDIGEST hDigest, void const *pvSignature, size_t cbSignature)
 {
@@ -307 +262 @@
 
     /*
-     * 8.2.2.1 - Length check.
-     */
-    if (cbSignature != RTBigNumByteWidth(&pThis->Modulus))
+     * Get the key bits we need.
+     */
+    Assert(RTCrKeyGetType(hKey) == RTCRKEYTYPE_RSA_PUBLIC);
+    PRTBIGNUM pModulus  = &hKey->u.RsaPublic.Modulus;
+    PRTBIGNUM pExponent = &hKey->u.RsaPublic.Exponent;
+
+    /*
+     * 8.2.2.1 - Length check.  (RFC-3447)
+     */
+    if (cbSignature != RTBigNumByteWidth(pModulus))
         return VERR_CR_PKIX_INVALID_SIGNATURE_LENGTH;
 
@@ -321 +283 @@
         return rc;
     /* b) RSAVP1 - 5.2.2.2: Range check (0 <= s < n). */
-    if (RTBigNumCompare(&pThis->TmpBigNum1, &pThis->Modulus) < 0)
+    if (RTBigNumCompare(&pThis->TmpBigNum1, pModulus) < 0)
     {
         if (RTBigNumCompareWithU64(&pThis->TmpBigNum1, 0) >= 0)
@@ -329 +291 @@
             if (RT_SUCCESS(rc))
             {
-                rc = RTBigNumModExp(&pThis->TmpBigNum2, &pThis->TmpBigNum1, &pThis->Exponent, &pThis->Modulus);
+                rc = RTBigNumModExp(&pThis->TmpBigNum2, &pThis->TmpBigNum1, pExponent, pModulus);
                 if (RT_SUCCESS(rc))
                 {
@@ -387 +349 @@
 
 /** @impl_interface_method{RTCRPKIXSIGNATUREDESC,pfnSign}  */
-static DECLCALLBACK(int) rtCrPkixSignatureRsa_Sign(PCRTCRPKIXSIGNATUREDESC pDesc, void *pvState,
+static DECLCALLBACK(int) rtCrPkixSignatureRsa_Sign(PCRTCRPKIXSIGNATUREDESC pDesc, void *pvState, RTCRKEY hKey,
                                                    RTCRDIGEST hDigest, void *pvSignature, size_t *pcbSignature)
 {
     PRTCRPKIXSIGNATURERSA pThis = (PRTCRPKIXSIGNATURERSA)pvState;
-    RT_NOREF_PV(pDesc);  RT_NOREF_PV(hDigest); RT_NOREF_PV(pvSignature); RT_NOREF_PV(pcbSignature);
-    Assert(pThis->fSigning); NOREF(pThis);
-    return VERR_NOT_IMPLEMENTED;
+    RT_NOREF_PV(pDesc);
+    Assert(pThis->fSigning);
+
+    /*
+     * Get the key bits we need.
+     */
+    Assert(RTCrKeyGetType(hKey) == RTCRKEYTYPE_RSA_PRIVATE);
+    PRTBIGNUM pModulus  = &hKey->u.RsaPrivate.Modulus;
+    PRTBIGNUM pExponent = &hKey->u.RsaPrivate.PrivateExponent;
+
+    /*
+     * Calc signature length and return if destination buffer isn't big enough.
+     */
+    size_t const cbDst        = *pcbSignature;
+    size_t const cbEncodedMsg = RTBigNumByteWidth(pModulus);
+    *pcbSignature = cbEncodedMsg;
+    if (cbEncodedMsg > sizeof(pThis->Scratch) / 2)
+        return VERR_CR_PKIX_SIGNATURE_TOO_LONG;
+    if (!pvSignature || cbDst < cbEncodedMsg)
+        return VERR_BUFFER_OVERFLOW;
+
+    /*
+     * 8.1.1.1 - EMSA-PSS encoding.  (RFC-3447)
+     */
+    int rc = rtCrPkixSignatureRsa_EmsaPkcs1V15Encode(pThis, hDigest, cbEncodedMsg, false /* fNoDigestInfo */);
+    if (RT_FAILURE(rc))
+        return rc;
+
+    /*
+     * 8.1.1.2 - RSA signature.
+     */
+    /* a) m = OS2IP(EM) -- Convert the encoded message (EM) to integer. */
+    rc = RTBigNumInit(&pThis->TmpBigNum1, RTBIGNUMINIT_F_ENDIAN_BIG | RTBIGNUMINIT_F_UNSIGNED,
+                      pThis->Scratch.abSignature, cbEncodedMsg);
+    if (RT_FAILURE(rc))
+        return rc;
+
+    /* b) s = RSASP1(K, m = EM) - 5.2.1.1: Range check (0 <= m < n). */
+    if (RTBigNumCompare(&pThis->TmpBigNum1, pModulus) < 0)
+    {
+        /* b) s = RSAVP1(K, m = EM) - 5.2.1.2.a: s = m^d mod n */
+        rc = RTBigNumInitZero(&pThis->TmpBigNum2, 0);
+        if (RT_SUCCESS(rc))
+        {
+            rc = RTBigNumModExp(&pThis->TmpBigNum2, &pThis->TmpBigNum1, pExponent, pModulus);
+            if (RT_SUCCESS(rc))
+            {
+                /* c) S = I2OSP(s, k) -- Convert the result to bytes. */
+                rc = RTBigNumToBytesBigEndian(&pThis->TmpBigNum2, pvSignature, cbEncodedMsg);
+                AssertStmt(RT_SUCCESS(rc) || rc != VERR_BUFFER_OVERFLOW, rc = VERR_CR_PKIX_INTERNAL_ERROR);
+            }
+            RTBigNumDestroy(&pThis->TmpBigNum2);
+        }
+    }
+    else
+        rc = VERR_CR_PKIX_SIGNATURE_GE_KEY;
+    RTBigNumDestroy(&pThis->TmpBigNum1);
+    return rc;
 }
 

trunk/src/VBox/Runtime/common/crypto/pkix-verify.cpp

@@ -35 +35 @@
 #include <iprt/string.h>
 #include <iprt/crypto/digest.h>
+#include <iprt/crypto/key.h>
 
 #ifdef IPRT_WITH_OPENSSL
@@ -45 +46 @@
 
 
-RTDECL(int) RTCrPkixPubKeyVerifySignature(PCRTASN1OBJID pAlgorithm, PCRTASN1DYNTYPE pParameters, PCRTASN1BITSTRING pPublicKey,
+
+RTDECL(int) RTCrPkixPubKeyVerifySignature(PCRTASN1OBJID pAlgorithm, RTCRKEY hPublicKey, PCRTASN1DYNTYPE pParameters,
                                           PCRTASN1BITSTRING pSignatureValue, const void *pvData, size_t cbData,
                                           PRTERRINFO pErrInfo)
@@ -62 +64 @@
     }
 
-    AssertPtrReturn(pPublicKey, VERR_INVALID_POINTER);
-    AssertReturn(RTAsn1BitString_IsPresent(pPublicKey), VERR_INVALID_POINTER);
+    AssertPtrReturn(hPublicKey, VERR_INVALID_POINTER);
+    Assert(RTCrKeyHasPublicPart(hPublicKey));
 
     AssertPtrReturn(pSignatureValue, VERR_INVALID_POINTER);
@@ -82 +84 @@
      */
     RTCRPKIXSIGNATURE hSignature;
-    int rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, false /*fSigning*/, pPublicKey, pParameters);
+    int rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, hPublicKey, pParameters, false /*fSigning*/);
     if (RT_FAILURE(rcIprt))
         return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN,
@@ -111 +113 @@
      * Validate using OpenSSL EVP.
      */
-    rtCrOpenSslInit();
-
-    /* Translate the algorithm ID into a EVP message digest type pointer. */
-    int iAlgoNid = OBJ_txt2nid(pAlgorithm->szObjId);
-    if (iAlgoNid == NID_undef)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN,
-                             "Unknown public key algorithm [OpenSSL]: %s", pAlgorithm->szObjId);
-    const char *pszAlgoSn = OBJ_nid2sn(iAlgoNid);
-
-# if OPENSSL_VERSION_NUMBER >= 0x10001000 && !defined(LIBRESSL_VERSION_NUMBER)
-    int idAlgoPkey = 0;
-    int idAlgoMd = 0;
-    if (!OBJ_find_sigid_algs(iAlgoNid, &idAlgoMd, &idAlgoPkey))
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "OBJ_find_sigid_algs failed on %u (%s, %s)", iAlgoNid, pszAlgoSn, pAlgorithm->szObjId);
-    const EVP_MD *pEvpMdType = EVP_get_digestbynid(idAlgoMd);
-    if (!pEvpMdType)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "EVP_get_digestbynid failed on %d (%s, %s)", idAlgoMd, pszAlgoSn, pAlgorithm->szObjId);
-# else
-    const EVP_MD *pEvpMdType = EVP_get_digestbyname(pszAlgoSn);
-    if (!pEvpMdType)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "EVP_get_digestbyname failed on %s (%s)", pszAlgoSn, pAlgorithm->szObjId);
-# endif
-
-    EVP_MD_CTX *pEvpMdCtx = EVP_MD_CTX_create();
-    if (!pEvpMdCtx)
-        return RTErrInfoSetF(pErrInfo, VERR_NO_MEMORY, "EVP_MD_CTX_create failed");
-    int rcOssl;
-    if (EVP_VerifyInit_ex(pEvpMdCtx, pEvpMdType, NULL /*engine*/))
-    {
-        /* Create an EVP public key. */
-        EVP_PKEY *pEvpPublicKey = EVP_PKEY_new();
-        if (pEvpPublicKey)
+    /* Create an EVP public key. */
+    EVP_PKEY     *pEvpPublicKey = NULL;
+    const EVP_MD *pEvpMdType = NULL;
+    int rcOssl = rtCrKeyToOpenSslKey(hPublicKey, true /*fNeedPublic*/, pAlgorithm->szObjId, &pEvpPublicKey, &pEvpMdType, pErrInfo);
+    if (RT_SUCCESS(rcOssl))
+    {
+        EVP_MD_CTX *pEvpMdCtx = EVP_MD_CTX_create();
+        if (pEvpMdCtx)
         {
-# if OPENSSL_VERSION_NUMBER >= 0x10001000 && !defined(LIBRESSL_VERSION_NUMBER)
-            if (EVP_PKEY_set_type(pEvpPublicKey, idAlgoPkey))
+            if (EVP_VerifyInit_ex(pEvpMdCtx, pEvpMdType, NULL /*engine*/))
             {
-                int idKeyType = EVP_PKEY_base_id(pEvpPublicKey);
-# else
-                int idKeyType = pEvpPublicKey->type = EVP_PKEY_type(pEvpMdType->required_pkey_type[0]);
-# endif
-                if (idKeyType != NID_undef)
-                {
-                    const unsigned char *puchPublicKey = RTASN1BITSTRING_GET_BIT0_PTR(pPublicKey);
-                    if (d2i_PublicKey(idKeyType, &pEvpPublicKey, &puchPublicKey, RTASN1BITSTRING_GET_BYTE_SIZE(pPublicKey)))
-                    {
-                        /* Digest the data. */
-                        EVP_VerifyUpdate(pEvpMdCtx, pvData, cbData);
-
-                        /* Verify the signature. */
-                        if (EVP_VerifyFinal(pEvpMdCtx,
-                                            RTASN1BITSTRING_GET_BIT0_PTR(pSignatureValue),
-                                            RTASN1BITSTRING_GET_BYTE_SIZE(pSignatureValue),
-                                            pEvpPublicKey) > 0)
-                            rcOssl = VINF_SUCCESS;
-                        else
-                            rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_VERIFY_FINAL_FAILED, "EVP_VerifyFinal failed");
-                    }
-                    else
-                        rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_D2I_PUBLIC_KEY_FAILED, "d2i_PublicKey failed");
-                }
+                /* Digest the data. */
+                EVP_VerifyUpdate(pEvpMdCtx, pvData, cbData);
+
+                /* Verify the signature. */
+                if (EVP_VerifyFinal(pEvpMdCtx,
+                                    RTASN1BITSTRING_GET_BIT0_PTR(pSignatureValue),
+                                    RTASN1BITSTRING_GET_BYTE_SIZE(pSignatureValue),
+                                    pEvpPublicKey) > 0)
+                    rcOssl = VINF_SUCCESS;
                 else
-# if OPENSSL_VERSION_NUMBER < 0x10001000 || defined(LIBRESSL_VERSION_NUMBER)
-                    rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_type() failed");
-# else
-                    rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_base_id() failed");
+                    rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_VERIFY_FINAL_FAILED, "EVP_VerifyFinal failed");
+
+                /* Cleanup and return: */
             }
             else
-                rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
-                                       "EVP_PKEY_set_type(%u) failed (sig algo %s)", idAlgoPkey, pszAlgoSn);
-# endif
-            /* Cleanup and return.*/
-            EVP_PKEY_free(pEvpPublicKey);
+                rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALOG_INIT_FAILED,
+                                       "EVP_VerifyInit_ex failed (algorithm type is %s)", pAlgorithm->szObjId);
+            EVP_MD_CTX_destroy(pEvpMdCtx);
         }
         else
-            rcOssl = RTErrInfoSetF(pErrInfo, VERR_NO_MEMORY, "EVP_PKEY_new(%d) failed", iAlgoNid);
-    }
-    else
-        rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALOG_INIT_FAILED,
-                               "EVP_VerifyInit_ex failed (algorithm type is %s / %s)", pszAlgoSn, pAlgorithm->szObjId);
-    EVP_MD_CTX_destroy(pEvpMdCtx);
+            rcOssl = RTErrInfoSetF(pErrInfo, VERR_NO_MEMORY, "EVP_MD_CTX_create failed");
+        EVP_PKEY_free(pEvpPublicKey);
+    }
 
     /*
@@ -211 +164 @@
 
 
-RTDECL(int) RTCrPkixPubKeyVerifySignedDigest(PCRTASN1OBJID pAlgorithm, PCRTASN1DYNTYPE pParameters, PCRTASN1BITSTRING pPublicKey,
+RTDECL(int) RTCrPkixPubKeyVerifySignedDigest(PCRTASN1OBJID pAlgorithm, RTCRKEY hPublicKey, PCRTASN1DYNTYPE pParameters,
                                              void const *pvSignedDigest, size_t cbSignedDigest, RTCRDIGEST hDigest,
                                              PRTERRINFO pErrInfo)
@@ -228 +181 @@
     }
 
-    AssertPtrReturn(pPublicKey, VERR_INVALID_POINTER);
-    AssertReturn(RTAsn1BitString_IsPresent(pPublicKey), VERR_INVALID_POINTER);
+    AssertPtrReturn(hPublicKey, VERR_INVALID_POINTER);
+    Assert(RTCrKeyHasPublicPart(hPublicKey));
 
     AssertPtrReturn(pvSignedDigest, VERR_INVALID_POINTER);
@@ -247 +200 @@
      */
     RTCRPKIXSIGNATURE hSignature;
-    int rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, false /*fSigning*/, pPublicKey, pParameters);
+    int rcIprt = RTCrPkixSignatureCreateByObjId(&hSignature, pAlgorithm, hPublicKey, pParameters, false /*fSigning*/);
     if (RT_FAILURE(rcIprt))
         return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_CIPHER_ALGO_NOT_KNOWN,
@@ -263 +216 @@
      * Validate using OpenSSL EVP.
      */
-    rtCrOpenSslInit();
-
+    /* Combine encryption and digest if the algorithm doesn't specify the digest type. */
     const char *pszAlgObjId = pAlgorithm->szObjId;
     if (!strcmp(pszAlgObjId, RTCRX509ALGORITHMIDENTIFIERID_RSA))
@@ -274 +226 @@
     }
 
-    /* Translate the algorithm ID into a EVP message digest type pointer. */
-    int iAlgoNid = OBJ_txt2nid(pszAlgObjId);
-    if (iAlgoNid == NID_undef)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN,
-                             "Unknown public key algorithm [OpenSSL]: %s", pszAlgObjId);
-    const char *pszAlgoSn = OBJ_nid2sn(iAlgoNid);
-
-# if OPENSSL_VERSION_NUMBER >= 0x10001000 && !defined(LIBRESSL_VERSION_NUMBER)
-    int idAlgoPkey = 0;
-    int idAlgoMd = 0;
-    if (!OBJ_find_sigid_algs(iAlgoNid, &idAlgoMd, &idAlgoPkey))
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "OBJ_find_sigid_algs failed on %u (%s, %s)", iAlgoNid, pszAlgoSn, pAlgorithm->szObjId);
-    const EVP_MD *pEvpMdType = EVP_get_digestbynid(idAlgoMd);
-    if (!pEvpMdType)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "EVP_get_digestbynid failed on %d (%s, %s)", idAlgoMd, pszAlgoSn, pAlgorithm->szObjId);
-# else
-    const EVP_MD *pEvpMdType = EVP_get_digestbyname(pszAlgoSn);
-    if (!pEvpMdType)
-        return RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_CIPHER_ALGO_NOT_KNOWN_EVP,
-                             "EVP_get_digestbyname failed on %s (%s)", pszAlgoSn, pszAlgObjId);
-# endif
-
     /* Create an EVP public key. */
-    int rcOssl;
-    EVP_PKEY *pEvpPublicKey = EVP_PKEY_new();
-    if (pEvpPublicKey)
-    {
-# if OPENSSL_VERSION_NUMBER >= 0x10001000 && !defined(LIBRESSL_VERSION_NUMBER)
-        if (EVP_PKEY_set_type(pEvpPublicKey, idAlgoPkey))
+    EVP_PKEY     *pEvpPublicKey = NULL;
+    const EVP_MD *pEvpMdType = NULL;
+    int rcOssl = rtCrKeyToOpenSslKey(hPublicKey, true /*fNeedPublic*/, pszAlgObjId, &pEvpPublicKey, &pEvpMdType, pErrInfo);
+    if (RT_SUCCESS(rcOssl))
+    {
+        /* Create an EVP public key context we can use to validate the digest. */
+        EVP_PKEY_CTX *pEvpPKeyCtx = EVP_PKEY_CTX_new(pEvpPublicKey, NULL);
+        if (pEvpPKeyCtx)
         {
-            int idKeyType = EVP_PKEY_base_id(pEvpPublicKey);
-# else
-            int idKeyType = pEvpPublicKey->type = EVP_PKEY_type(pEvpMdType->required_pkey_type[0]);
-# endif
-            if (idKeyType != NID_undef)
-
+            rcOssl = EVP_PKEY_verify_init(pEvpPKeyCtx);
+            if (rcOssl > 0)
             {
-                const unsigned char *puchPublicKey = RTASN1BITSTRING_GET_BIT0_PTR(pPublicKey);
-                if (d2i_PublicKey(idKeyType, &pEvpPublicKey, &puchPublicKey, RTASN1BITSTRING_GET_BYTE_SIZE(pPublicKey)))
+                rcOssl = EVP_PKEY_CTX_set_signature_md(pEvpPKeyCtx, pEvpMdType);
+                if (rcOssl > 0)
                 {
-                    /* Create an EVP public key context we can use to validate the digest. */
-                    EVP_PKEY_CTX *pEvpPKeyCtx = EVP_PKEY_CTX_new(pEvpPublicKey, NULL);
-                    if (pEvpPKeyCtx)
-                    {
-                        rcOssl = EVP_PKEY_verify_init(pEvpPKeyCtx);
-                        if (rcOssl > 0)
-                        {
-                            rcOssl = EVP_PKEY_CTX_set_signature_md(pEvpPKeyCtx, pEvpMdType);
-                            if (rcOssl > 0)
-                            {
-                                /* Get the digest from hDigest and verify it. */
-                                rcOssl = EVP_PKEY_verify(pEvpPKeyCtx,
-                                                         (uint8_t const *)pvSignedDigest,
-                                                         cbSignedDigest,
-                                                         RTCrDigestGetHash(hDigest),
-                                                         RTCrDigestGetHashSize(hDigest));
-                                if (rcOssl > 0)
-                                    rcOssl = VINF_SUCCESS;
-                                else
-                                    rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_VERIFY_FINAL_FAILED,
-                                                           "EVP_PKEY_verify failed (%d)", rcOssl);
-                            }
-                            else
-                                rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
-                                                       "EVP_PKEY_CTX_set_signature_md failed (%d)", rcOssl);
-                        }
-                        else
-                            rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
-                                                   "EVP_PKEY_verify_init failed (%d)", rcOssl);
-                        EVP_PKEY_CTX_free(pEvpPKeyCtx);
-                    }
+                    /* Get the digest from hDigest and verify it. */
+                    rcOssl = EVP_PKEY_verify(pEvpPKeyCtx,
+                                             (uint8_t const *)pvSignedDigest,
+                                             cbSignedDigest,
+                                             RTCrDigestGetHash(hDigest),
+                                             RTCrDigestGetHashSize(hDigest));
+                    if (rcOssl > 0)
+                        rcOssl = VINF_SUCCESS;
                     else
-                        rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_CTX_new failed");
+                        rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_VERIFY_FINAL_FAILED,
+                                               "EVP_PKEY_verify failed (%d)", rcOssl);
+                    /* Cleanup and return: */
                 }
                 else
-                    rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_D2I_PUBLIC_KEY_FAILED, "d2i_PublicKey failed");
+                    rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
+                                           "EVP_PKEY_CTX_set_signature_md failed (%d)", rcOssl);
             }
             else
-# if OPENSSL_VERSION_NUMBER < 0x10001000 || defined(LIBRESSL_VERSION_NUMBER)
-                rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_type() failed");
-# else
-                rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_base_id() failed");
+                rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
+                                       "EVP_PKEY_verify_init failed (%d)", rcOssl);
+            EVP_PKEY_CTX_free(pEvpPKeyCtx);
         }
         else
-            rcOssl = RTErrInfoSetF(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR,
-                                   "EVP_PKEY_set_type(%u) failed (sig algo %s)", idAlgoPkey, pszAlgoSn);
-# endif
-
-        /* Cleanup and return.*/
+            rcOssl = RTErrInfoSet(pErrInfo, VERR_CR_PKIX_OSSL_EVP_PKEY_TYPE_ERROR, "EVP_PKEY_CTX_new failed");
         EVP_PKEY_free(pEvpPublicKey);
     }
-    else
-        rcOssl = RTErrInfoSetF(pErrInfo, VERR_NO_MEMORY, "EVP_PKEY_new(%d) failed", iAlgoNid);
 
     /*
@@ -385 +284 @@
 }
 
+
+RTDECL(int) RTCrPkixPubKeyVerifySignedDigestByCertPubKeyInfo(PCRTCRX509SUBJECTPUBLICKEYINFO pCertPubKeyInfo,
+                                                             void const *pvSignedDigest, size_t cbSignedDigest,
+                                                             RTCRDIGEST hDigest, PRTERRINFO pErrInfo)
+{
+    RTCRKEY hPublicKey;
+    int rc = RTCrKeyCreateFromPublicAlgorithmAndBits(&hPublicKey, &pCertPubKeyInfo->Algorithm.Algorithm,
+                                                     &pCertPubKeyInfo->SubjectPublicKey, pErrInfo, NULL);
+    if (RT_SUCCESS(rc))
+    {
+        rc = RTCrPkixPubKeyVerifySignedDigest(&pCertPubKeyInfo->Algorithm.Algorithm, hPublicKey,
+                                              &pCertPubKeyInfo->Algorithm.Parameters, pvSignedDigest, cbSignedDigest,
+                                              hDigest, pErrInfo);
+
+        uint32_t cRefs = RTCrKeyRelease(hPublicKey);
+        Assert(cRefs == 0); RT_NOREF(cRefs);
+    }
+    return rc;
+}
+

trunk/src/VBox/Runtime/common/crypto/x509-verify.cpp

@@ -32 +32 @@
 #include <iprt/crypto/x509.h>
 #include <iprt/crypto/pkix.h>
+#include <iprt/crypto/key.h>
 
 #include <iprt/err.h>
@@ -76 +77 @@
 
     /*
+     * Wrap up the public key.
+     */
+    RTCRKEY hPubKey;
+    int rc = RTCrKeyCreateFromPublicAlgorithmAndBits(&hPubKey, pAlgorithm, pPublicKey, pErrInfo, NULL);
+    if (RT_FAILURE(rc))
+        return rc;
+
+    /*
      * Here we should recode the to-be-signed part as DER, but we'll ASSUME
      * that it's already in DER encoding and only does this if there the
@@ -82 +91 @@
     if (   pThis->TbsCertificate.SeqCore.Asn1Core.uData.pu8
         && pThis->TbsCertificate.SeqCore.Asn1Core.cb > 0)
-        return RTCrPkixPubKeyVerifySignature(&pThis->SignatureAlgorithm.Algorithm, pParameters, pPublicKey, &pThis->SignatureValue,
-                                             RTASN1CORE_GET_RAW_ASN1_PTR(&pThis->TbsCertificate.SeqCore.Asn1Core),
-                                             RTASN1CORE_GET_RAW_ASN1_SIZE(&pThis->TbsCertificate.SeqCore.Asn1Core),
-                                             pErrInfo);
+        rc = RTCrPkixPubKeyVerifySignature(&pThis->SignatureAlgorithm.Algorithm, hPubKey, pParameters, &pThis->SignatureValue,
+                                           RTASN1CORE_GET_RAW_ASN1_PTR(&pThis->TbsCertificate.SeqCore.Asn1Core),
+                                           RTASN1CORE_GET_RAW_ASN1_SIZE(&pThis->TbsCertificate.SeqCore.Asn1Core),
+                                           pErrInfo);
+    else
+    {
+        uint32_t cbEncoded;
+        int rc = RTAsn1EncodePrepare((PRTASN1CORE)&pThis->TbsCertificate.SeqCore.Asn1Core, RTASN1ENCODE_F_DER, &cbEncoded, pErrInfo);
+        if (RT_SUCCESS(rc))
+        {
+            void *pvTbsBits = RTMemTmpAlloc(cbEncoded);
+            if (pvTbsBits)
+            {
+                rc = RTAsn1EncodeToBuffer(&pThis->TbsCertificate.SeqCore.Asn1Core, RTASN1ENCODE_F_DER,
+                                          pvTbsBits, cbEncoded, pErrInfo);
+                if (RT_SUCCESS(rc))
+                    rc = RTCrPkixPubKeyVerifySignature(&pThis->SignatureAlgorithm.Algorithm, hPubKey, pParameters,
+                                                       &pThis->SignatureValue, pvTbsBits, cbEncoded, pErrInfo);
+                else
+                    AssertRC(rc);
+                RTMemTmpFree(pvTbsBits);
+            }
+            else
+                rc = VERR_NO_TMP_MEMORY;
+        }
+    }
 
-    uint32_t cbEncoded;
-    int rc = RTAsn1EncodePrepare((PRTASN1CORE)&pThis->TbsCertificate.SeqCore.Asn1Core, RTASN1ENCODE_F_DER, &cbEncoded, pErrInfo);
-    if (RT_SUCCESS(rc))
-    {
-        void *pvTbsBits = RTMemTmpAlloc(cbEncoded);
-        if (pvTbsBits)
-        {
-            rc = RTAsn1EncodeToBuffer(&pThis->TbsCertificate.SeqCore.Asn1Core, RTASN1ENCODE_F_DER,
-                                      pvTbsBits, cbEncoded, pErrInfo);
-            if (RT_SUCCESS(rc))
-                rc = RTCrPkixPubKeyVerifySignature(&pThis->SignatureAlgorithm.Algorithm, pParameters, pPublicKey,
-                                                   &pThis->SignatureValue, pvTbsBits, cbEncoded, pErrInfo);
-            else
-                AssertRC(rc);
-            RTMemTmpFree(pvTbsBits);
-        }
-        else
-            rc = VERR_NO_TMP_MEMORY;
-    }
+    /* Free the public key. */
+    uint32_t cRefs = RTCrKeyRelease(hPubKey);
+    Assert(cRefs == 0); NOREF(cRefs);
+
     return rc;
 }

trunk/src/VBox/Runtime/common/math/bignum.cpp

@@ -840 +840 @@
         {
             Assert(pBigNum->cAllocated > 0);
-            if (pBigNum->fSensitive)
+            if (!pBigNum->fSensitive)
+                RTMemFree(pBigNum->pauElements);
+            else
             {
                 RTMemSaferFree(pBigNum->pauElements, pBigNum->cAllocated * RTBIGNUM_ELEMENT_SIZE);
                 RT_ZERO(*pBigNum);
             }
-            RTMemFree(pBigNum->pauElements);
             pBigNum->pauElements = NULL;
         }

trunk/src/VBox/Runtime/include/internal/iprt-openssl.h

@@ -32 +32 @@
 
 RT_C_DECLS_BEGIN
+struct evp_md_st;
+struct evp_pkey_st;
 
 DECLHIDDEN(void) rtCrOpenSslInit(void);
@@ -37 +39 @@
 DECLHIDDEN(int)  rtCrOpenSslAddX509CertToStack(void *pvOsslStack, PCRTCRX509CERTIFICATE pCert);
 
+DECLHIDDEN(int)  rtCrKeyToOpenSslKey(RTCRKEY hKey, bool fNeedPublic, const char *pszAlgoObjId,
+                                     struct evp_pkey_st **ppEvpKey, const struct evp_md_st **ppEvpMdType, PRTERRINFO pErrInfo);
+
 RT_C_DECLS_END
 

trunk/src/VBox/Runtime/include/internal/magics.h

@@ -35 +35 @@
 /** Magic number for RTAIOMGRINTFILE::u32Magic. (Ephraim Kishon) */
 #define RTAIOMGRFILE_MAGIC              UINT32_C(0x19240823)
+/** Magic value for RTCRKEYINT::u32Magic. (Ronald Linn Rivest) */
+#define RTCRKEYINT_MAGIC                UINT32_C(0x19470506)
 /** Magic number for RTDBGMODINT::u32Magic. (Charles Lloyd) */
 #define RTDBGAS_MAGIC                   UINT32_C(0x19380315)

trunk/src/VBox/Runtime/testcase/Makefile.kmk

@@ -53 +53 @@
         tstRTCritSect \
         tstRTCritSectRw \
+        tstRTCrPkix-1 \
         tstRTCrX509-1 \
         tstRTCType \
@@ -265 +266 @@
 tstRTCritSectW32_DEFS = TRY_WIN32_CRIT
 
+tstRTCrPkix-1_TEMPLATE      = VBOXR3TSTEXE
+tstRTCrPkix-1_SOURCES       = tstRTCrPkix-1.cpp
+
 tstRTCrX509-1_TEMPLATE      = VBOXR3TSTEXE
 tstRTCrX509-1_SOURCES       = tstRTCrX509-1.cpp