Key gen param support.

Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
author: Dr. Stephen Henson <steve@openssl.org> 2016-11-30 16:55:30 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2017-01-08 01:42:48 +0000
commit: e64b2b5c839efb89403b4894f1ed43d5b8131201 (patch)
tree: 071c116f1db81963d981471565e69d8fd2d3ec98 /crypto/rsa
parent: ad4b3d0a658a2f5e4028714109d347c2b105dae4 (diff)
1 files changed, 33 insertions, 5 deletions
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index e720a0b2a3..f226c055dc 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -580,11 +580,20 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
                                EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT,
                                EVP_PKEY_CTRL_RSA_MGF1_MD, value);
 
-    if (strcmp(type, "rsa_oaep_md") == 0) {
-        const EVP_MD *md;
-        if ((md = EVP_get_digestbyname(value)) == NULL) {
-            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
-            return 0;
+    if (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) {
+
+        if (strcmp(type, "rsa_pss_keygen_mgf1_md") == 0)
+            return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_KEYGEN,
+                                   EVP_PKEY_CTRL_RSA_MGF1_MD, value);
+
+        if (strcmp(type, "rsa_pss_keygen_md") == 0)
+            return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_KEYGEN,
+                                   EVP_PKEY_CTRL_MD, value);
+
+        if (strcmp(type, "rsa_pss_keygen_saltlen") == 0) {
+            int saltlen;
+            saltlen = atoi(value);
+            return EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, saltlen);
         }
     }
 
@@ -608,6 +617,21 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
     return -2;
 }
 
+/* Set PSS parameters when generating a key, if necessary */
+static int rsa_set_pss_param(RSA *rsa, EVP_PKEY_CTX *ctx)
+{
+    RSA_PKEY_CTX *rctx = ctx->data;
+    if (ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+        return 1;
+    if (rctx->md == NULL && rctx->mgf1md == NULL && rctx->saltlen == -2)
+        return 1;
+    rsa->pss = rsa_pss_params_create(rctx->md, rctx->mgf1md,
+                                     rctx->saltlen == -2 ? 0 : rctx->saltlen);
+    if (rsa->pss == NULL)
+        return 0;
+    return 1;
+}
+
 static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 {
     RSA *rsa = NULL;
@@ -633,6 +657,10 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
         pcb = NULL;
     ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
     BN_GENCB_free(pcb);
+    if (ret > 0 && !rsa_set_pss_param(rsa, ctx)) {
+        RSA_free(rsa);
+        return 0;
+    }
     if (ret > 0)
         EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, rsa);
     else
author	Dr. Stephen Henson <steve@openssl.org>	2016-11-30 16:55:30 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2017-01-08 01:42:48 +0000
commit	e64b2b5c839efb89403b4894f1ed43d5b8131201 (patch)
tree	071c116f1db81963d981471565e69d8fd2d3ec98 /crypto/rsa
parent	ad4b3d0a658a2f5e4028714109d347c2b105dae4 (diff)