CMS RSA-OAEP and RSA-PSS support.
Extend RSA ASN1 method to support CMS PSS signatures for both sign and verify. For signing the EVP_PKEY_CTX parameters are read and the appropriate CMS structures set up. For verification the CMS structures are analysed and the corresponding parameters in the EVP_PKEY_CTX set. Also add RSA-OAEP support. For encrypt the EVP_PKEY_CTX parameters are used. For decrypt the CMS structure is uses to set the appropriate EVP_PKEY_CTX parameters.
This commit is contained in:
Dr. Stephen Henson
@@ -82,8 +82,10 @@ static ERR_STRING_DATA RSA_str_functs[]=
|
||||
{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
|
||||
{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
|
||||
{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
|
||||
{ERR_FUNC(RSA_F_RSA_ALGOR_TO_MD), "RSA_ALGOR_TO_MD"},
|
||||
{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
|
||||
{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
|
||||
{ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "RSA_CMS_DECRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
|
||||
@@ -91,6 +93,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
|
||||
{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
|
||||
{ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
|
||||
{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
|
||||
{ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "RSA_MGF1_TO_MD"},
|
||||
{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
|
||||
{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
|
||||
{ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
|
||||
@@ -98,6 +101,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
|
||||
{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
|
||||
{ERR_FUNC(RSA_F_RSA_OAEP_TO_CTX), "RSA_OAEP_TO_CTX"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
|
||||
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1), "RSA_padding_add_PKCS1_OAEP_mgf1"},
|
||||
@@ -118,6 +122,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
|
||||
{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
|
||||
{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
|
||||
{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
|
||||
{ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "RSA_PSS_TO_CTX"},
|
||||
{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
|
||||
{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
|
||||
{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
|
||||
@@ -143,6 +148,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
|
||||
{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),"data too large for modulus"},
|
||||
{ERR_REASON(RSA_R_DATA_TOO_SMALL) ,"data too small"},
|
||||
{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),"data too small for key size"},
|
||||
{ERR_REASON(RSA_R_DIGEST_DOES_NOT_MATCH) ,"digest does not match"},
|
||||
{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),"digest too big for rsa key"},
|
||||
{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
|
||||
{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
|
||||
@@ -153,8 +159,10 @@ static ERR_STRING_DATA RSA_str_reasons[]=
|
||||
{ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) ,"invalid digest length"},
|
||||
{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
|
||||
{ERR_REASON(RSA_R_INVALID_KEYBITS) ,"invalid keybits"},
|
||||
{ERR_REASON(RSA_R_INVALID_LABEL) ,"invalid label"},
|
||||
{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
|
||||
{ERR_REASON(RSA_R_INVALID_MGF1_MD) ,"invalid mgf1 md"},
|
||||
{ERR_REASON(RSA_R_INVALID_OAEP_PARAMETERS),"invalid oaep parameters"},
|
||||
{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
|
||||
{ERR_REASON(RSA_R_INVALID_PADDING_MODE) ,"invalid padding mode"},
|
||||
{ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS),"invalid pss parameters"},
|
||||
@@ -180,9 +188,12 @@ static ERR_STRING_DATA RSA_str_reasons[]=
|
||||
{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
|
||||
{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
|
||||
{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
|
||||
{ERR_REASON(RSA_R_UNKNOWN_DIGEST) ,"unknown digest"},
|
||||
{ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST) ,"unknown mask digest"},
|
||||
{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
|
||||
{ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST) ,"unknown pss digest"},
|
||||
{ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),"unsupported encryption type"},
|
||||
{ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE),"unsupported label source"},
|
||||
{ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),"unsupported mask algorithm"},
|
||||
{ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),"unsupported mask parameter"},
|
||||
{ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),"unsupported signature type"},
|
||||
|
||||
Reference in New Issue
Block a user