diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2008-03-15 23:21:33 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2008-03-15 23:21:33 +0000 |
commit | 4f1aa191b33f0bbda29c3289d50fee2991b77df0 (patch) | |
tree | 10c7eb9e8d1fcf55e78d6d2ad05d2fcefb835aab /crypto/rsa | |
parent | e540d1cd77d4cf0edea74212a5e598d073ce2e67 (diff) |
Initial support for enveloped data decrypt. Extent runex.pl to cover these
examples. All RFC4134 examples can not be processed.
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/rsa.h | 1 | ||||
-rw-r--r-- | crypto/rsa/rsa_ameth.c | 33 | ||||
-rw-r--r-- | crypto/rsa/rsa_err.c | 3 | ||||
-rw-r--r-- | crypto/rsa/rsa_pmeth.c | 2 |
4 files changed, 19 insertions, 20 deletions
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 898aafffae..94a166630c 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -481,6 +481,7 @@ void ERR_load_RSA_strings(void); #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_OAEP_DECODING_ERROR 121 +#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 #define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_P_NOT_PRIME 128 #define RSA_R_Q_NOT_PRIME 129 diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 39fa9ec104..e705f16cb9 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -267,38 +267,29 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { + X509_ALGOR *alg = NULL; switch (op) { case ASN1_PKEY_CTRL_PKCS7_SIGN: if (arg1 == 0) - { - X509_ALGOR *alg; PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), - V_ASN1_NULL, 0); - } - return 1; + break; case ASN1_PKEY_CTRL_PKCS7_ENCRYPT: if (arg1 == 0) - { - X509_ALGOR *alg; PKCS7_RECIP_INFO_get0_alg(arg2, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), - V_ASN1_NULL, 0); - } - return 1; + break; #ifndef OPENSSL_NO_CMS case ASN1_PKEY_CTRL_CMS_SIGN: if (arg1 == 0) - { - X509_ALGOR *alg; CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg); - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), - V_ASN1_NULL, 0); - } - return 1; + break; + + case ASN1_PKEY_CTRL_CMS_ENVELOPE: + if (arg1 == 0) + CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg); + break; #endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: @@ -310,6 +301,12 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) } + if (alg) + X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), + V_ASN1_NULL, 0); + + return 1; + } diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index b7ac4d2c21..0577fbb1ea 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -1,6 +1,6 @@ /* crypto/rsa/rsa_err.c */ /* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -159,6 +159,7 @@ static ERR_STRING_DATA RSA_str_reasons[]= {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, +{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 0580bac9c9..7d6fef822a 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -443,7 +443,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_PEER_KEY: RSAerr(RSA_F_PKEY_RSA_CTRL, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return -2; default: |