add separate PSS decode function, rename PSS parameters to RSA_PSS_PARAMS

3 files changed, 63 insertions, 32 deletions

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index e3565155ed..06cda223c7 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -241,6 +241,7 @@ struct rsa_st
 
 #define EVP_PKEY_CTRL_RSA_KEYGEN_BITS	(EVP_PKEY_ALG_CTRL + 3)
 #define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP	(EVP_PKEY_ALG_CTRL + 4)
+#define EVP_PKEY_CTRL_MGF1_MD		(EVP_PKEY_ALG_CTRL + 5)
 
 #define RSA_PKCS1_PADDING	1
 #define RSA_SSLV23_PADDING	2
@@ -300,15 +301,15 @@ const RSA_METHOD *RSA_null_method(void);
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
-typedef struct rsassaPssParams_st
+typedef struct rsa_pss_params_st
 	{
 	X509_ALGOR *hashAlgorithm;
 	X509_ALGOR *maskGenAlgorithm;
 	ASN1_INTEGER *saltLength;
 	ASN1_INTEGER *trailerField;
-	} RSASSA_PSS_PARAMS;
+	} RSA_PSS_PARAMS;
 
-DECLARE_ASN1_FUNCTIONS(RSASSA_PSS_PARAMS)
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
 
 #ifndef OPENSSL_NO_FP_API
 int	RSA_print_fp(FILE *fp, const RSA *r,int offset);
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 649291ef7e..e25240d3f7 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -265,14 +265,48 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
 	return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
 	}
 
-static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
+static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
+					X509_ALGOR **pmaskHash)
+	{
+	const unsigned char *p;
+	int plen;
+	RSA_PSS_PARAMS *pss;
+
+	*pmaskHash = NULL;
+
+	if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
+		return NULL;
+	p = alg->parameter->value.sequence->data;
+	plen = alg->parameter->value.sequence->length;
+	pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
+
+	if (!pss)
+		return NULL;
+	
+	if (pss->maskGenAlgorithm)
+		{
+		ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+		if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
+			&& param->type == V_ASN1_SEQUENCE)
+			{
+			p = param->value.sequence->data;
+			plen = param->value.sequence->length;
+			*pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
+			}
+		}
+
+	return pss;
+	}
+
+static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss, 
+				X509_ALGOR *maskHash, int indent)
 	{
 	int rv = 0;
-	X509_ALGOR *maskHash = NULL;
 	if (!pss)
 		{
 		if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
 			return 0;
+		return 1;
 		}
 	if (BIO_puts(bp, "\n") <= 0)
 		goto err;
@@ -299,18 +333,16 @@ static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
 			goto err;
 	if (pss->maskGenAlgorithm)
 		{
-		ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
-		if (param->type == V_ASN1_SEQUENCE)
-			{
-			const unsigned char *p = param->value.sequence->data;
-			int plen = param->value.sequence->length;
-			maskHash = d2i_X509_ALGOR(NULL, &p, plen);
-			}
 		if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
 			goto err;
 		if (BIO_puts(bp, " with ") <= 0)
 			goto err;
-		if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+		if (maskHash)
+			{
+			if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+			goto err;
+			}
+		else if (BIO_puts(bp, "INVALID") <= 0)
 			goto err;
 		}
 	else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
@@ -346,9 +378,6 @@ static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
 	rv = 1;
 
 	err:
-	if (maskHash)
-		X509_ALGOR_free(maskHash);
-	RSASSA_PSS_PARAMS_free(pss);
 	return rv;
 
 	}
@@ -359,15 +388,16 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
 	{
 	if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss)
 		{
-		RSASSA_PSS_PARAMS *pss = NULL;
-		ASN1_TYPE *param = sigalg->parameter;
-		if (param && param->type == V_ASN1_SEQUENCE)
-			{
-			const unsigned char *p = param->value.sequence->data;
-			int plen = param->value.sequence->length;
-			pss = d2i_RSASSA_PSS_PARAMS(NULL, &p, plen);
-			}
-		if (!rsa_pss_param_print(bp, pss, indent))
+		int rv;
+		RSA_PSS_PARAMS *pss;
+		X509_ALGOR *maskHash;
+		pss = rsa_pss_decode(sigalg, &maskHash);
+		rv = rsa_pss_param_print(bp, pss, maskHash, indent);
+		if (pss)
+			RSA_PSS_PARAMS_free(pss);
+		if (maskHash)
+			X509_ALGOR_free(maskHash);
+		if (!rv)
 			return 0;
 		}
 
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c
index f00ec69262..6ed5de3db4 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -97,14 +97,14 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
 	ASN1_SIMPLE(RSA, e, BIGNUM),
 } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
 
-ASN1_SEQUENCE(RSASSA_PSS_PARAMS) = {
-	ASN1_EXP_OPT(RSASSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
-	ASN1_EXP_OPT(RSASSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
-	ASN1_EXP_OPT(RSASSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
-	ASN1_EXP_OPT(RSASSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
-} ASN1_SEQUENCE_END(RSASSA_PSS_PARAMS)
+ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
+	ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
 
-IMPLEMENT_ASN1_FUNCTIONS(RSASSA_PSS_PARAMS)
+IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)