crypto: Add privkey_to_pubkey/2 to get the public key from a priv key in an Engine

Only RSA and DSA so far.

2 files changed, 123 insertions, 2 deletions

diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 28cc982c1e..b29c5082ba 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -348,6 +348,10 @@ static INLINE void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const
 
 static INLINE int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
 static INLINE int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+static INLINE void DSA_get0_pqg(const DSA *dsa,
+			       const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+static INLINE void DSA_get0_key(const DSA *dsa,
+			       const BIGNUM **pub_key, const BIGNUM **priv_key);
 
 static INLINE int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
 {
@@ -364,6 +368,23 @@ static INLINE int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
     return 1;
 }
 
+static INLINE void
+DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
+{
+    *p = dsa->p;
+    *q = dsa->q;
+    *g = dsa->g;
+}
+
+static INLINE void
+DSA_get0_key(const DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key)
+{
+    if (pub_key) *pub_key = dsa->pub_key;
+    if (priv_key) *priv_key = dsa->priv_key;
+}
+
+
+
 static INLINE int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
 static INLINE int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
 static INLINE int DH_set_length(DH *dh, long length);
@@ -393,6 +414,8 @@ static INLINE int DH_set_length(DH *dh, long length)
     return 1;
 }
 
+
+
 static INLINE void
 DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 {
@@ -404,8 +427,8 @@ DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 static INLINE void
 DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
 {
-    *pub_key = dh->pub_key;
-    *priv_key = dh->priv_key;
+    if (pub_key) *pub_key = dh->pub_key;
+    if (priv_key) *priv_key = dh->priv_key;
 }
 
 #else /* End of compatibility definitions. */
@@ -454,6 +477,7 @@ static ERL_NIF_TERM dh_generate_parameters_nif(ErlNifEnv* env, int argc, const E
 static ERL_NIF_TERM dh_check(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM dh_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM dh_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM privkey_to_pubkey_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM srp_value_B_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM srp_user_secret_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM srp_host_secret_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -542,6 +566,7 @@ static ErlNifFunc nif_funcs[] = {
     {"dh_check", 1, dh_check},
     {"dh_generate_key_nif", 4, dh_generate_key_nif},
     {"dh_compute_key_nif", 3, dh_compute_key_nif},
+    {"privkey_to_pubkey_nif", 2, privkey_to_pubkey_nif},
     {"srp_value_B_nif", 5, srp_value_B_nif},
     {"srp_user_secret_nif", 7, srp_user_secret_nif},
     {"srp_host_secret_nif", 5, srp_host_secret_nif},
@@ -4765,6 +4790,83 @@ static ERL_NIF_TERM pkey_crypt_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM
 
 
 /*--------------------------------*/
+static ERL_NIF_TERM privkey_to_pubkey_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{ /* (Algorithm, PrivKey | KeyMap) */
+    EVP_PKEY *pkey;
+    ERL_NIF_TERM alg = argv[0];
+    ERL_NIF_TERM result[8];
+
+    if (get_pkey_private_key(env, alg, argv[1], &pkey) != PKEY_OK) {
+	return enif_make_badarg(env);
+    }
+
+    if (alg == atom_rsa) {
+        const BIGNUM *n = NULL, *e = NULL, *d = NULL;
+        RSA *rsa = EVP_PKEY_get1_RSA(pkey);
+        if (rsa) {
+            RSA_get0_key(rsa, &n, &e, &d);
+            result[0] = bin_from_bn(env, e);  // Exponent E
+            result[1] = bin_from_bn(env, n);  // Modulus N = p*q
+            EVP_PKEY_free(pkey);
+            return enif_make_list_from_array(env, result, 2);
+        }
+
+    } else if (argv[0] == atom_dss) {
+        const BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL;
+        DSA *dsa = EVP_PKEY_get1_DSA(pkey);
+        if (dsa) {
+            DSA_get0_pqg(dsa, &p, &q, &g);
+            DSA_get0_key(dsa, &pub_key, NULL);
+            result[0] = bin_from_bn(env, p);
+            result[1] = bin_from_bn(env, q);
+            result[2] = bin_from_bn(env, g);
+            result[3] = bin_from_bn(env, pub_key);
+            EVP_PKEY_free(pkey);
+            return enif_make_list_from_array(env, result, 4);
+        }
+
+    } else if (argv[0] == atom_ecdsa) {
+#if defined(HAVE_EC)
+        EC_KEY *ec = EVP_PKEY_get1_EC_KEY(pkey);
+        if (ec) {
+            /* Example of result:
+               {
+                 Curve =  {Field, Prime, Point, Order, CoFactor} =
+                    { 
+                      Field =  {prime_field,<<255,...,255>>},
+                      Prime = {<<255,...,252>>,
+                               <<90,...,75>>,
+                               <<196,...,144>>
+                              },
+                      Point =    <<4,...,245>>,
+                      Order =    <<255,...,81>>,
+                      CoFactor = <<1>>
+                    },
+                Key = <<151,...,62>>
+              }
+              or
+              { 
+                Curve =
+                    {characteristic_two_field, 
+                     M,
+                     Basis = {tpbasis, _}
+                           | {ppbasis, k1, k2, k3}
+                    },
+                Key
+               }
+            */
+            EVP_PKEY_free(pkey);
+            return atom_notsup;
+        }
+#else
+        EVP_PKEY_free(pkey);
+        return atom_notsup;
+#endif
+    }
+
+    if (pkey) EVP_PKEY_free(pkey);
+    return enif_make_badarg(env);
+}
 
 /*================================================================*/
 
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 7510babdde..0d39dcc76e 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -42,6 +42,7 @@
 -export([public_encrypt/4, private_decrypt/4]).
 -export([private_encrypt/4, public_decrypt/4]).
 -export([dh_generate_parameters/2, dh_check/1]). %% Testing see
+-export([privkey_to_pubkey/2]).
 -export([ec_curve/1, ec_curves/0]).
 -export([rand_seed/1]).
 %% Engine
@@ -1058,6 +1059,16 @@ ec_curves() ->
 ec_curve(X) ->
     crypto_ec_curves:curve(X).
 
+
+privkey_to_pubkey(Alg, EngineMap) when Alg == rsa; Alg == dss; Alg == ecdsa ->
+    case privkey_to_pubkey_nif(Alg, format_pkey(Alg,EngineMap)) of
+        [_|_]=L -> map_ensure_bin_as_int(L);
+        X -> X
+    end.
+            
+privkey_to_pubkey_nif(_Alg, _EngineMap) -> ?nif_stub.
+
+
 %%
 %% EC
 %%
@@ -1125,6 +1136,14 @@ ensure_int_as_bin(Int) when is_integer(Int) ->
 ensure_int_as_bin(Bin) ->
     Bin.
 
+map_ensure_bin_as_int(List) when is_list(List) ->
+    lists:map(fun ensure_bin_as_int/1, List).
+
+ensure_bin_as_int(Bin) when is_binary(Bin) ->
+    bin_to_int(Bin);
+ensure_bin_as_int(E) ->
+    E.
+
 format_pkey(_Alg, #{engine:=_, key_id:=T}=M) when is_binary(T) -> format_pwd(M);
 format_pkey(_Alg, #{engine:=_, key_id:=T}=M) when is_list(T) -> format_pwd(M#{key_id:=list_to_binary(T)});
 format_pkey(_Alg, #{engine:=_           }=M) -> error({bad_key_id, M});