Beginnings of PSS support. (29db322e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/evp/evp.h

+8 −6

Original line number	Diff line number	Diff line
		@@ -915,19 +915,21 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
		#define EVP_PKEY_OP_DECRYPT (1<<9)
		#define EVP_PKEY_OP_DERIVE (1<<10)

		#define EVP_PKEY_OP_TYPE_SIGNATURE \
		#define EVP_PKEY_OP_TYPE_SIG \
		(EVP_PKEY_OP_SIGN \| EVP_PKEY_OP_VERIFY \| EVP_PKEY_OP_VERIFYRECOVER \
		\| EVP_PKEY_OP_SIGNCTX \| EVP_PKEY_OP_VERIFYCTX)

		#define EVP_PKEY_OP_TYPE_CRYPTO \
		(EVP_PKEY_OP_SIGNATURE \| EVP_PKEY_OP_ENCRYPT \| EVP_PKEY_OP_DECRYPT \
		\| EVP_PKEY_OP_DERIVE)
		#define EVP_PKEY_OP_TYPE_CRYPT \
		(EVP_PKEY_OP_ENCRYPT \| EVP_PKEY_OP_DECRYPT)

		#define EVP_PKEY_OP_TYPE_GENERATE \
		#define EVP_PKEY_OP_TYPE_NOGEN \
		(EVP_PKEY_OP_SIG \| EVP_PKEY_OP_CRYPT \| EVP_PKEY_OP_DERIVE)

		#define EVP_PKEY_OP_TYPE_GEN \
		(EVP_PKEY_OP_PARAMGEN \| EVP_PKEY_OP_KEYGEN)

		#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIGNATURE, \
		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
		EVP_PKEY_CTRL_MD, 0, (void *)md)

		#define EVP_PKEY_CTRL_MD 1

+2 −0

+14 −3

Original line number	Diff line number	Diff line
		@@ -79,6 +79,8 @@ typedef struct
		int pad_mode;
		/* message digest */
		const EVP_MD *md;
		/* PSS seedlength */
		int pss_seedlen;
		/* Temp buffer */
		unsigned char *tbuf;
		} RSA_PKEY_CTX;
		@@ -95,6 +97,8 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
		rctx->md = NULL;
		rctx->tbuf = NULL;

		rctx->pss_seedlen = 0;

		ctx->data = rctx;

		return 1;
		@@ -321,13 +325,18 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
		switch (type)
		{
		case EVP_PKEY_CTRL_RSA_PADDING:
		/* TODO: add PSS support */
		if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_X931_PADDING))
		if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING))
		{
		if (ctx->operation == EVP_PKEY_OP_KEYGEN)
		if (ctx->operation & EVP_PKEY_OP_TYPE_GEN)
		return -2;
		if (!check_padding_md(rctx->md, p1))
		return 0;
		if ((p1 == RSA_PKCS1_PSS_PADDING)
		&& !(ctx->operation & EVP_PKEY_OP_TYPE_SIG))
		return -2;
		if ((p1 == RSA_PKCS1_OAEP_PADDING)
		&& !(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
		return -2;
		rctx->pad_mode = p1;
		return 1;
		}
		@@ -363,6 +372,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
		pm = RSA_PKCS1_OAEP_PADDING;
		else if (!strcmp(value, "x931"))
		pm = RSA_X931_PADDING;
		else if (!strcmp(value, "pss"))
		pm = RSA_PKCS1_PSS_PADDING;
		else
		return -2;
		return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);