Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | | - |
26 | | - |
27 | | - |
28 | | - |
29 | | - |
30 | | - |
31 | | - |
32 | | - |
33 | | - |
34 | | - |
35 | | - |
36 | | - |
37 | | - |
38 | | - |
39 | | - |
40 | | - |
41 | | - |
42 | | - |
43 | | - |
44 | | - |
45 | | - |
46 | | - |
47 | | - |
48 | | - |
49 | | - |
50 | | - |
51 | #include <openssl/bn.h> | - |
52 | #include <openssl/err.h> | - |
53 | #include <openssl/rsa.h> | - |
54 | | - |
55 | #include "bn_lcl.h" | - |
56 | | - |
57 | int | - |
58 | RSA_check_key(const RSA *key) | - |
59 | { | - |
60 | BIGNUM *i, *j, *k, *l, *m; | - |
61 | BN_CTX *ctx; | - |
62 | int r; | - |
63 | int ret = 1; | - |
64 | | - |
65 | if (!key->p || !key->q || !key->n || !key->e || !key->d) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
66 | RSAerror(RSA_R_VALUE_MISSING); | - |
67 | return 0; never executed: return 0; | 0 |
68 | } | - |
69 | | - |
70 | i = BN_new(); | - |
71 | j = BN_new(); | - |
72 | k = BN_new(); | - |
73 | l = BN_new(); | - |
74 | m = BN_new(); | - |
75 | ctx = BN_CTX_new(); | - |
76 | if (i == NULL || j == NULL || k == NULL || l == NULL || m == NULL ||TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
77 | ctx == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
78 | ret = -1; | - |
79 | RSAerror(ERR_R_MALLOC_FAILURE); | - |
80 | goto err; never executed: goto err; | 0 |
81 | } | - |
82 | | - |
83 | | - |
84 | r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL); | - |
85 | if (r != 1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
86 | ret = r; | - |
87 | if (r != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
88 | goto err; never executed: goto err; | 0 |
89 | RSAerror(RSA_R_P_NOT_PRIME); | - |
90 | } never executed: end of block | 0 |
91 | | - |
92 | | - |
93 | r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL); | - |
94 | if (r != 1) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
95 | ret = r; | - |
96 | if (r != 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
97 | goto err; never executed: goto err; | 0 |
98 | RSAerror(RSA_R_Q_NOT_PRIME); | - |
99 | } never executed: end of block | 0 |
100 | | - |
101 | | - |
102 | r = BN_mul(i, key->p, key->q, ctx); | - |
103 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
104 | ret = -1; | - |
105 | goto err; never executed: goto err; | 0 |
106 | } | - |
107 | | - |
108 | if (BN_cmp(i, key->n) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
109 | ret = 0; | - |
110 | RSAerror(RSA_R_N_DOES_NOT_EQUAL_P_Q); | - |
111 | } never executed: end of block | 0 |
112 | | - |
113 | | - |
114 | | - |
115 | r = BN_sub(i, key->p, BN_value_one()); | - |
116 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
117 | ret = -1; | - |
118 | goto err; never executed: goto err; | 0 |
119 | } | - |
120 | r = BN_sub(j, key->q, BN_value_one()); | - |
121 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
122 | ret = -1; | - |
123 | goto err; never executed: goto err; | 0 |
124 | } | - |
125 | | - |
126 | | - |
127 | r = BN_mul(l, i, j, ctx); | - |
128 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
129 | ret = -1; | - |
130 | goto err; never executed: goto err; | 0 |
131 | } | - |
132 | r = BN_gcd_ct(m, i, j, ctx); | - |
133 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
134 | ret = -1; | - |
135 | goto err; never executed: goto err; | 0 |
136 | } | - |
137 | r = BN_div_ct(k, NULL, l, m, ctx); | - |
138 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
139 | ret = -1; | - |
140 | goto err; never executed: goto err; | 0 |
141 | } | - |
142 | | - |
143 | r = BN_mod_mul(i, key->d, key->e, k, ctx); | - |
144 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
145 | ret = -1; | - |
146 | goto err; never executed: goto err; | 0 |
147 | } | - |
148 | | - |
149 | if (!BN_is_one(i)) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
150 | ret = 0; | - |
151 | RSAerror(RSA_R_D_E_NOT_CONGRUENT_TO_1); | - |
152 | } never executed: end of block | 0 |
153 | | - |
154 | if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
155 | | - |
156 | r = BN_sub(i, key->p, BN_value_one()); | - |
157 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
158 | ret = -1; | - |
159 | goto err; never executed: goto err; | 0 |
160 | } | - |
161 | | - |
162 | r = BN_mod_ct(j, key->d, i, ctx); | - |
163 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
164 | ret = -1; | - |
165 | goto err; never executed: goto err; | 0 |
166 | } | - |
167 | | - |
168 | if (BN_cmp(j, key->dmp1) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
169 | ret = 0; | - |
170 | RSAerror(RSA_R_DMP1_NOT_CONGRUENT_TO_D); | - |
171 | } never executed: end of block | 0 |
172 | | - |
173 | | - |
174 | r = BN_sub(i, key->q, BN_value_one()); | - |
175 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
176 | ret = -1; | - |
177 | goto err; never executed: goto err; | 0 |
178 | } | - |
179 | | - |
180 | r = BN_mod_ct(j, key->d, i, ctx); | - |
181 | if (!r) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
182 | ret = -1; | - |
183 | goto err; never executed: goto err; | 0 |
184 | } | - |
185 | | - |
186 | if (BN_cmp(j, key->dmq1) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
187 | ret = 0; | - |
188 | RSAerror(RSA_R_DMQ1_NOT_CONGRUENT_TO_D); | - |
189 | } never executed: end of block | 0 |
190 | | - |
191 | | - |
192 | if (!BN_mod_inverse_ct(i, key->q, key->p, ctx)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
193 | ret = -1; | - |
194 | goto err; never executed: goto err; | 0 |
195 | } | - |
196 | | - |
197 | if (BN_cmp(i, key->iqmp) != 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
198 | ret = 0; | - |
199 | RSAerror(RSA_R_IQMP_NOT_INVERSE_OF_Q); | - |
200 | } never executed: end of block | 0 |
201 | } never executed: end of block | 0 |
202 | | - |
203 | err: code before this statement never executed: err: | 0 |
204 | BN_free(i); | - |
205 | BN_free(j); | - |
206 | BN_free(k); | - |
207 | BN_free(l); | - |
208 | BN_free(m); | - |
209 | BN_CTX_free(ctx); | - |
210 | | - |
211 | return (ret); never executed: return (ret); | 0 |
212 | } | - |
| | |