Merge #115

bors[bot] · jack-fortanix · web-flow · commit c26a84e2f03f · 2020-12-01T14:46:58.000Z
115: Add accessors for RSA d, dp, dq, and qp r=raoulstrackx a=jethrogb Closes #109 Co-authored-by: Jack Lloyd <jack.lloyd@fortanix.com>
diff --git a/mbedtls/src/pk/mod.rs b/mbedtls/src/pk/mod.rs
@@ -469,6 +469,92 @@ impl Pk {
         Ok(q)
     }
 
+    pub fn rsa_private_exponent(&self) -> Result<Mpi> {
+        match self.pk_type() {
+            Type::Rsa => {}
+            _ => return Err(Error::PkTypeMismatch),
+        }
+
+        let mut d = Mpi::new(0)?;
+
+        unsafe {
+            rsa_export(
+                self.inner.pk_ctx as *const rsa_context,
+                ptr::null_mut(),
+                ptr::null_mut(),
+                ptr::null_mut(),
+                d.handle_mut(),
+                ptr::null_mut(),
+            )
+            .into_result()?;
+        }
+
+        Ok(d)
+    }
+
+    pub fn rsa_crt_dp(&self) -> Result<Mpi> {
+        match self.pk_type() {
+            Type::Rsa => {}
+            _ => return Err(Error::PkTypeMismatch),
+        }
+
+        let mut dp = Mpi::new(0)?;
+
+        unsafe {
+            rsa_export_crt(
+                self.inner.pk_ctx as *const rsa_context,
+                dp.handle_mut(),
+                ptr::null_mut(),
+                ptr::null_mut(),
+            )
+            .into_result()?;
+        }
+
+        Ok(dp)
+    }
+
+    pub fn rsa_crt_dq(&self) -> Result<Mpi> {
+        match self.pk_type() {
+            Type::Rsa => {}
+            _ => return Err(Error::PkTypeMismatch),
+        }
+
+        let mut dq = Mpi::new(0)?;
+
+        unsafe {
+            rsa_export_crt(
+                self.inner.pk_ctx as *const rsa_context,
+                ptr::null_mut(),
+                dq.handle_mut(),
+                ptr::null_mut(),
+            )
+            .into_result()?;
+        }
+
+        Ok(dq)
+    }
+
+    pub fn rsa_crt_qp(&self) -> Result<Mpi> {
+        match self.pk_type() {
+            Type::Rsa => {}
+            _ => return Err(Error::PkTypeMismatch),
+        }
+
+        let mut qp = Mpi::new(0)?;
+
+        unsafe {
+            rsa_export_crt(
+                self.inner.pk_ctx as *const rsa_context,
+                ptr::null_mut(),
+                ptr::null_mut(),
+                qp.handle_mut(),
+            )
+            .into_result()?;
+        }
+
+        Ok(qp)
+    }
+
     pub fn rsa_public_exponent(&self) -> Result<u32> {
         match self.pk_type() {
             Type::Rsa => {}
@@ -1277,6 +1363,29 @@ iy6KC991zzvaWY/Ys+q/84Afqa+0qJKQnPuy/7F5GkVdQA/lfbhi
         );
     }
 
+    #[test]
+    fn rsa_params() {
+        let pk = Pk::from_private_key(TEST_DER, None).unwrap();
+
+        let n = pk.rsa_public_modulus().unwrap();
+        let d = pk.rsa_private_exponent().unwrap();
+        let p = pk.rsa_private_prime1().unwrap();
+        let q = pk.rsa_private_prime2().unwrap();
+
+        let dp = pk.rsa_crt_dp().unwrap();
+        let dq = pk.rsa_crt_dq().unwrap();
+        let qp = pk.rsa_crt_qp().unwrap();
+
+        let one = Mpi::new(1).unwrap();
+
+        let p1 = (&p - &one).unwrap();
+        let q1 = (&q - &one).unwrap();
+        assert_eq!(&p * &q, Ok(n));
+        assert_eq!(&d % &p1, Ok(dp));
+        assert_eq!(&d % &q1, Ok(dq));
+        assert_eq!((&qp * &q).unwrap().modulo(&p), Ok(one));
+    }
+
     #[test]
     fn custom_pk_obj() {
         let pk = Pk::public_custom_algo(&[8, 0, 2], &[1, 2, 3, 4]).unwrap();
