EVP: fix keygen for EVP_PKEY_RSA_PSS

This commit attempts to fix the an issue when generating a key of type EVP_PKEY_RSA_PSS. Currently, EVP_PKEY_CTX_set_rsa_keygen_bits will return -1 if the key id is not of type EVP_PKEY_RSA. This commit adds EVP_PKEY_RSA_PSS to also be accepted. The macro EVP_PKEY_CTX_set_rsa_pss_keygen_md si converted into a function and it is now called in legacy_ctrl_to_param. Fixes #12384 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13099)
author: Daniel Bevenius <daniel.bevenius@gmail.com> 2020-10-09 06:07:43 +0200
committer: Tomas Mraz <tomas@openssl.org> 2021-01-28 16:25:16 +0100
commit: e947a0642db111bb34547b5f7d48e13163492ca5 (patch)
tree: a5e71dbadff8d328df119f0c2f12fc8dcbcfa61f /crypto/evp/pmeth_lib.c
parent: d744934b756bc71344818a2cb60b13dd89954afb (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 7c2e648209..7fb32df86a 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -1315,6 +1315,14 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
             return EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, p1);
         }
     }
+
+    if (keytype == EVP_PKEY_RSA_PSS) {
+      switch(cmd) {
+        case EVP_PKEY_CTRL_MD:
+          return EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, p2);
+      }
+    }
+
     /*
      * keytype == -1 is used when several key types share the same structure,
      * or for generic controls that are the same across multiple key types.
author	Daniel Bevenius <daniel.bevenius@gmail.com>	2020-10-09 06:07:43 +0200
committer	Tomas Mraz <tomas@openssl.org>	2021-01-28 16:25:16 +0100
commit	e947a0642db111bb34547b5f7d48e13163492ca5 (patch)
tree	a5e71dbadff8d328df119f0c2f12fc8dcbcfa61f /crypto/evp/pmeth_lib.c
parent	d744934b756bc71344818a2cb60b13dd89954afb (diff)