Use EVP_PKEY for RSA public key operations

Also change the storage model to SafeEvpPKeyHandle, only import and export use legacy SafeRsaHandle.
erlimar · Apr 20, 2021 · a0811a1 · a0811a1
1 parent 58b25df
commit a0811a1
Show file tree

Hide file tree

Showing 15 changed files with 431 additions and 404 deletions.
diff --git a/...raries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPkey.Rsa.cs b/...raries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPkey.Rsa.cs
@@ -62,6 +62,41 @@ ref MemoryMarshal.GetReference(destination),
             return written;
         }
 
+        [DllImport(Libraries.CryptoNative)]
+        private static extern int CryptoNative_RsaEncrypt(
+            SafeEvpPKeyHandle pkey,
+            ref byte source,
+            int sourceLength,
+            RSAEncryptionPaddingMode paddingMode,
+            IntPtr digestAlgorithm,
+            ref byte destination,
+            int destinationLength);
+
+        internal static int RsaEncrypt(
+            SafeEvpPKeyHandle pkey,
+            ReadOnlySpan<byte> source,
+            RSAEncryptionPaddingMode paddingMode,
+            IntPtr digestAlgorithm,
+            Span<byte> destination)
+        {
+            int written = CryptoNative_RsaEncrypt(
+                pkey,
+                ref MemoryMarshal.GetReference(source),
+                source.Length,
+                paddingMode,
+                digestAlgorithm,
+                ref MemoryMarshal.GetReference(destination),
+                destination.Length);
+
+            if (written < 0)
+            {
+                Debug.Assert(written == -1);
+                throw CreateOpenSslCryptographicException();
+            }
+
+            return written;
+        }
+
         [DllImport(Libraries.CryptoNative)]
         private static extern int CryptoNative_RsaSignHash(
             SafeEvpPKeyHandle pkey,
@@ -97,11 +132,55 @@ ref MemoryMarshal.GetReference(destination),
             return written;
         }
 
+        [DllImport(Libraries.CryptoNative)]
+        private static extern int CryptoNative_RsaVerifyHash(
+            SafeEvpPKeyHandle pkey,
+            RSASignaturePaddingMode paddingMode,
+            IntPtr digestAlgorithm,
+            ref byte hash,
+            int hashLength,
+            ref byte signature,
+            int signatureLength);
+
+        internal static bool RsaVerifyHash(
+            SafeEvpPKeyHandle pkey,
+            RSASignaturePaddingMode paddingMode,
+            IntPtr digestAlgorithm,
+            ReadOnlySpan<byte> hash,
+            ReadOnlySpan<byte> signature)
+        {
+            int ret = CryptoNative_RsaVerifyHash(
+                pkey,
+                paddingMode,
+                digestAlgorithm,
+                ref MemoryMarshal.GetReference(hash),
+                hash.Length,
+                ref MemoryMarshal.GetReference(signature),
+                signature.Length);
+
+            if (ret == 1)
+            {
+                return true;
+            }
+
+            if (ret == 0)
+            {
+                return false;
+            }
+
+            Debug.Assert(ret == -1);
+            throw CreateOpenSslCryptographicException();
+        }
+
         [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeyGetRsa")]
         internal static extern SafeRsaHandle EvpPkeyGetRsa(SafeEvpPKeyHandle pkey);
 
         [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeySetRsa")]
         [return: MarshalAs(UnmanagedType.Bool)]
         internal static extern bool EvpPkeySetRsa(SafeEvpPKeyHandle pkey, SafeRsaHandle rsa);
+
+        [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_EvpPkeySetRsa")]
+        [return: MarshalAs(UnmanagedType.Bool)]
+        internal static extern bool EvpPkeySetRsa(SafeEvpPKeyHandle pkey, IntPtr rsa);
     }
 }
diff --git a/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Rsa.cs b/src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Rsa.cs
@@ -27,61 +27,17 @@ internal static SafeRsaHandle DecodeRsaPublicKey(ReadOnlySpan<byte> buf) =>
         [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_DecodeRsaPublicKey")]
         private static extern SafeRsaHandle DecodeRsaPublicKey(ref byte buf, int len);
 
-        internal static int RsaPublicEncrypt(
-            int flen,
-            ReadOnlySpan<byte> from,
-            Span<byte> to,
-            SafeRsaHandle rsa,
-            RsaPadding padding) =>
-            RsaPublicEncrypt(flen, ref MemoryMarshal.GetReference(from), ref MemoryMarshal.GetReference(to), rsa, padding);
-
-        [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_RsaPublicEncrypt")]
-        private static extern int RsaPublicEncrypt(
-            int flen,
-            ref byte from,
-            ref byte to,
-            SafeRsaHandle rsa,
-            RsaPadding padding);
-
-        internal static int RsaVerificationPrimitive(
-            ReadOnlySpan<byte> from,
-            Span<byte> to,
-            SafeRsaHandle rsa) =>
-            RsaVerificationPrimitive(from.Length, ref MemoryMarshal.GetReference(from), ref MemoryMarshal.GetReference(to), rsa);
-
-        [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_RsaVerificationPrimitive")]
-        private static extern int RsaVerificationPrimitive(
-            int flen,
-            ref byte from,
-            ref byte to,
-            SafeRsaHandle rsa);
-
         [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_RsaSize")]
         internal static extern int RsaSize(SafeRsaHandle rsa);
 
-        internal static bool RsaVerify(int type, ReadOnlySpan<byte> m, ReadOnlySpan<byte> sigbuf, SafeRsaHandle rsa)
+        internal static RSAParameters ExportRsaParameters(SafeEvpPKeyHandle key, bool includePrivateParameters)
         {
-            bool ret = RsaVerify(
-                type,
-                ref MemoryMarshal.GetReference(m),
-                m.Length,
-                ref MemoryMarshal.GetReference(sigbuf),
-                sigbuf.Length,
-                rsa);
-
-            if (!ret)
+            using (SafeRsaHandle rsa = EvpPkeyGetRsa(key))
             {
-                ErrClearError();
+                return ExportRsaParameters(rsa, includePrivateParameters);
             }
-
-            return ret;
         }
 
-
-        [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_RsaVerify")]
-        [return: MarshalAs(UnmanagedType.Bool)]
-        private static extern bool RsaVerify(int type, ref byte m, int m_len, ref byte sigbuf, int siglen, SafeRsaHandle rsa);
-
         internal static RSAParameters ExportRsaParameters(SafeRsaHandle key, bool includePrivateParameters)
         {
             Debug.Assert(