Private-key validation is fairly expensive for long keys in openssl,
so we need to avoid it sooner.

This function was a wrapper around RSA_check_key() in openssl, which
checks for invalid RSA private keys (like those where p or q are
composite, or where d is not the inverse of e, or where n != p*q).
We don't need a function like this in NSS, since unlike OpenSSL, NSS
won't let you import a bogus private key.

I've renamed the function and changed its return type to make it
more reasonable, and added a unit test for trying to read a key
where n != p*q.

7 unit tests are failing at this point, but they're all TLS-related.

This cleans up a lot of junk from crypto_rsa_openssl, and will
save us duplicated code in crypto_rsa_nss (when it exists).

(Actually, it already exists, but I am going to use git rebase so
that this commit precedes the creation of crypto_rsa_nss.)

These functions exist only to expose RSA keys to other places in Tor
that use OpenSSL; let's be specific about their purpose.

It is not nice to expose a private key's contents without having the
function name advertise the fact.  Fortunately, we weren't misusing
these yet.

Fun fact: these files used to be called log.[ch] until we ran into
conflicts with systems having a log.h file.  But now that we always
include "lib/log/log.h", we should be fine.

You have no idea how glad I am that this is automated.

I am calling the crypto library "crypt_ops", since I want
higher-level crypto things to be separated from lower-level ones.
This library will hold only the low-level ones, once we have it
refactored.

We moved the crypto_pk_obselete_* functions into crypto_rsa.[ch] because they fit
better with the RSA module.

Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>

Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>

We moved the crypto_pk_* digest functions into crypto_rsa.[ch] because they fit
better with the RSA module.

Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>

Fernando Fernandez Mancera authored Jan 26, 2018 and Nick Mathewson committed Feb 01, 2018

crypto_get_rsa_padding_overhead() and crypto_get_rsa_padding() are
not static inline anymore in order to split the crypto_rsa module
from crypto.[ch].

Also included necessary modules in order to solve dependency issues.

Also made two functions in crypto.c use crypto_pk_asn1_encdoe()
instead of reaching into the crypto_pk_t struct.

Add two new files (crypto_rsa.c, crypto_rsa.h) as new module of crypto.[ch].
This new module includes all functions and dependencies related to RSA
operations. Those have been removed from crypto.[ch].

All new changes related to RSA operations must be done in these files.

Follows #24658
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>