Add RSA sign to the fips provider

Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11199)
author: Shane Lontis <shane.lontis@oracle.com> 2020-03-15 17:38:00 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2020-03-15 17:38:00 +1000
commit: d16d0b71a9a31bf61289518a8ae523131f293faf (patch)
tree: 52a0e2f46fef419b4d7a662e4b659bd1022da74f /providers
parent: 629b507eaedde95c7b6195a1f210df56395efb8b (diff)
3 files changed, 18 insertions, 5 deletions
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 48394b27d5..61573f0337 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -69,6 +69,7 @@ static OSSL_CRYPTO_secure_zalloc_fn *c_CRYPTO_secure_zalloc;
 static OSSL_CRYPTO_secure_free_fn *c_CRYPTO_secure_free;
 static OSSL_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free;
 static OSSL_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated;
+static OSSL_BIO_vsnprintf_fn *c_BIO_vsnprintf;
 
 typedef struct fips_global_st {
     const OSSL_PROVIDER *prov;
@@ -805,6 +806,7 @@ static const OSSL_ALGORITHM fips_signature[] = {
 #ifndef OPENSSL_NO_DSA
     { "DSA:dsaEncryption", "provider=fips,fips=yes", dsa_signature_functions },
 #endif
+    { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_signature_functions },
     { NULL, NULL, NULL }
 };
 
@@ -961,6 +963,9 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider,
         case OSSL_FUNC_BIO_FREE:
             selftest_params.bio_free_cb = OSSL_get_BIO_free(in);
             break;
+        case OSSL_FUNC_BIO_VSNPRINTF:
+            c_BIO_vsnprintf = OSSL_get_BIO_vsnprintf(in);
+            break;
         case OSSL_FUNC_SELF_TEST_CB: {
             stcbfn = OSSL_get_self_test_cb(in);
             break;
@@ -1161,3 +1166,14 @@ int CRYPTO_secure_allocated(const void *ptr)
 {
     return c_CRYPTO_secure_allocated(ptr);
 }
+
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+{
+    va_list args;
+    int ret;
+
+    va_start(args, format);
+    ret = c_BIO_vsnprintf(buf, n, format, args);
+    va_end(args);
+    return ret;
+}
diff --git a/providers/implementations/signature/build.info b/providers/implementations/signature/build.info
index c5d0645a8a..bb229be90d 100644
--- a/providers/implementations/signature/build.info
+++ b/providers/implementations/signature/build.info
@@ -2,7 +2,6 @@
 # switch each to the Legacy provider when needed.
 
 $DSA_GOAL=../../libimplementations.a
-$RSA_GOAL=../../libimplementations.a
 $EC_GOAL=../../libimplementations.a
 
 IF[{- !$disabled{dsa} -}]
@@ -13,6 +12,5 @@ IF[{- !$disabled{ec} -}]
   SOURCE[$EC_GOAL]=eddsa.c
 ENDIF
 
-SOURCE[$RSA_GOAL]=rsa.c
-
-
+SOURCE[../../libfips.a]=rsa.c
+SOURCE[../../libnonfips.a]=rsa.c
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index 6b0f55a19a..848cbd7249 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -328,7 +328,6 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen,
             goto end;
         }
 #endif
-
         switch (prsactx->pad_mode) {
         case RSA_X931_PADDING:
             if ((size_t)RSA_size(prsactx->rsa) < tbslen + 1) {
author	Shane Lontis <shane.lontis@oracle.com>	2020-03-15 17:38:00 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2020-03-15 17:38:00 +1000
commit	d16d0b71a9a31bf61289518a8ae523131f293faf (patch)
tree	52a0e2f46fef419b4d7a662e4b659bd1022da74f /providers
parent	629b507eaedde95c7b6195a1f210df56395efb8b (diff)