diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2013-06-20 17:02:14 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2013-10-01 14:01:17 +0100 |
| commit | a64b8786b58a9f786b400a0492cfceb71866b869 (patch) | |
| tree | 6723463f8604072d0c24703b65cd81c887ab69cd /crypto/rsa | |
| parent | 25f93585a70fb05bb9f911884ab95e560f662a5d (diff) | |
Update to OAEP support.
Add OAEP ctrls to retrieve MD and label. Return errors if
an attempt is made to set or retrieve OAEP parameters when
padding mode is not OAEP.
(cherry picked from commit 211a14f6279f127f7a5a59948819bd939131b0b6)
Diffstat (limited to 'crypto/rsa')
| -rw-r--r-- | crypto/rsa/rsa.h | 11 | ||||
| -rw-r--r-- | crypto/rsa/rsa_pmeth.c | 37 |
2 files changed, 43 insertions, 5 deletions
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index a2b494cdeb..d4a329f5c4 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -260,10 +260,18 @@ struct rsa_st EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \ EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd) +#define EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ + EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd) + #define EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l) +#define EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, \ + EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l) + #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) @@ -278,6 +286,9 @@ struct rsa_st #define EVP_PKEY_CTRL_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 9) #define EVP_PKEY_CTRL_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 10) +#define EVP_PKEY_CTRL_GET_RSA_OAEP_MD (EVP_PKEY_ALG_CTRL + 11) +#define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12) + #define RSA_PKCS1_PADDING 1 #define RSA_SSLV23_PADDING 2 #define RSA_NO_PADDING 3 diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 0b42f1f434..9166fa582e 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -605,12 +605,16 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_RSA_OAEP_MD: + case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE); - return 0; + return -2; } - rctx->md = p2; + if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) + *(const EVP_MD **)p2 = rctx->md; + else + rctx->md = p2; return 1; case EVP_PKEY_CTRL_MD: @@ -643,11 +647,34 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_RSA_OAEP_LABEL: - OPENSSL_free(rctx->oaep_label); - rctx->oaep_label = p2; - rctx->oaep_labellen = p1; + if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) + { + RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE); + return -2; + } + if (rctx->oaep_label) + OPENSSL_free(rctx->oaep_label); + if (p2 && p1 > 0) + { + rctx->oaep_label = p2; + rctx->oaep_labellen = p1; + } + else + { + rctx->oaep_label = NULL; + rctx->oaep_labellen = 0; + } return 1; + case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL: + if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) + { + RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE); + return -2; + } + *(unsigned char **)p2 = rctx->oaep_label; + return rctx->oaep_labellen; + case EVP_PKEY_CTRL_DIGESTINIT: case EVP_PKEY_CTRL_PKCS7_ENCRYPT: case EVP_PKEY_CTRL_PKCS7_DECRYPT: |