Commit a300c725 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Support pad mode get/set for PSS keys. 



Pad mode setting returns an error if the mode is anything other then PSS.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177)
parent e64b2b5c

crypto/rsa/rsa_pmeth.c

+2 −0
Original line number Diff line number Diff line
@@ -388,6 +388,8 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) 
                    goto bad_pad;

                if (!rctx->md)

                    rctx->md = EVP_sha1();

            } else if (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) {

                goto bad_pad;

            }

            if (p1 == RSA_PKCS1_OAEP_PADDING) {

                if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))

include/openssl/rsa.h

+2 −4
Original line number Diff line number Diff line
@@ -86,12 +86,10 @@ extern "C" { 
# endif



# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \

        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \

                                pad, NULL)

        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL)



# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \

        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \

                                EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)

        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)



# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \

        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \