diff options
author | Daniel Fiala <daniel@openssl.org> | 2022-03-16 20:30:38 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-03-22 14:02:49 +0100 |
commit | 5d1f357a01f668f708c1abd7567175b4a0f18a38 (patch) | |
tree | f472db40423b2f31838c724bfe6f7e7eaac14a9a | |
parent | 344c7fb8a83e8eaac2ea01aaa82c7108945c9dc7 (diff) |
Make `openssl check -rsa ...` to work for both RSA and RSA-PSS.
Fixes openssl#17167
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17920)
-rw-r--r-- | apps/rsa.c | 2 | ||||
-rw-r--r-- | test/recipes/15-test_rsapss.t | 12 |
2 files changed, 12 insertions, 2 deletions
diff --git a/apps/rsa.c b/apps/rsa.c index 05a091ce4b..97e9504a00 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -257,7 +257,7 @@ int rsa_main(int argc, char **argv) ERR_print_errors(bio_err); goto end; } - if (!EVP_PKEY_is_a(pkey, "RSA")) { + if (!EVP_PKEY_is_a(pkey, "RSA") && !EVP_PKEY_is_a(pkey, "RSA-PSS")) { BIO_printf(bio_err, "Not an RSA key\n"); goto end; } diff --git a/test/recipes/15-test_rsapss.t b/test/recipes/15-test_rsapss.t index 69a5b7b0eb..ea87d8420e 100644 --- a/test/recipes/15-test_rsapss.t +++ b/test/recipes/15-test_rsapss.t @@ -16,7 +16,7 @@ use OpenSSL::Test::Utils; setup("test_rsapss"); -plan tests => 7; +plan tests => 9; #using test/testrsa.pem which happens to be a 512 bit RSA ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', @@ -64,3 +64,13 @@ ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-signature', 'testrsapss-unrestricted.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify [plain RSA key, PSS padding mode, no PSS restrictions]"); + +# Test that RSA-PSS keys are supported by genpkey and rsa commands. +{ + my $rsapss = "rsapss.key"; + ok(run(app(['openssl', 'genpkey', '-algorithm', 'RSA-PSS', + '-pkeyopt', 'rsa_keygen_bits:1024', + '--out', $rsapss]))); + ok(run(app(['openssl', 'rsa', '-check', + '-in', $rsapss]))); +} |