incomplete provisional OAEP CMS decrypt support
This commit is contained in:
		| @@ -62,12 +62,12 @@ | ||||
|  * [including the GNU Public Licence.] | ||||
|  */ | ||||
|  | ||||
| #define NUM_NID 920 | ||||
| #define NUM_SN 913 | ||||
| #define NUM_LN 913 | ||||
| #define NUM_OBJ 857 | ||||
| #define NUM_NID 921 | ||||
| #define NUM_SN 914 | ||||
| #define NUM_LN 914 | ||||
| #define NUM_OBJ 858 | ||||
|  | ||||
| static const unsigned char lvalues[5978]={ | ||||
| static const unsigned char lvalues[5987]={ | ||||
| 0x00,                                        /* [  0] OBJ_undef */ | ||||
| 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */ | ||||
| 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */ | ||||
| @@ -924,7 +924,8 @@ static const unsigned char lvalues[5978]={ | ||||
| 0x55,0x1D,0x25,0x00,                         /* [5948] OBJ_anyExtendedKeyUsage */ | ||||
| 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */ | ||||
| 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */ | ||||
| 0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01,          /* [5970] OBJ_dhpublicnumber */ | ||||
| 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5970] OBJ_rsaesOaep */ | ||||
| 0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01,          /* [5979] OBJ_dhpublicnumber */ | ||||
| }; | ||||
|  | ||||
| static const ASN1_OBJECT nid_objs[NUM_NID]={ | ||||
| @@ -2405,7 +2406,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ | ||||
| 	NID_aes_192_cbc_hmac_sha1,0,NULL,0}, | ||||
| {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", | ||||
| 	NID_aes_256_cbc_hmac_sha1,0,NULL,0}, | ||||
| {"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5970]),0}, | ||||
| {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5970]),0}, | ||||
| {"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5979]),0}, | ||||
| }; | ||||
|  | ||||
| static const unsigned int sn_objs[NUM_SN]={ | ||||
| @@ -2573,6 +2575,7 @@ static const unsigned int sn_objs[NUM_SN]={ | ||||
| 668,	/* "RSA-SHA256" */ | ||||
| 669,	/* "RSA-SHA384" */ | ||||
| 670,	/* "RSA-SHA512" */ | ||||
| 919,	/* "RSAES-OAEP" */ | ||||
| 912,	/* "RSASSA-PSS" */ | ||||
| 777,	/* "SEED-CBC" */ | ||||
| 779,	/* "SEED-CFB" */ | ||||
| @@ -2674,7 +2677,7 @@ static const unsigned int sn_objs[NUM_SN]={ | ||||
| 107,	/* "description" */ | ||||
| 871,	/* "destinationIndicator" */ | ||||
| 28,	/* "dhKeyAgreement" */ | ||||
| 919,	/* "dhpublicnumber" */ | ||||
| 920,	/* "dhpublicnumber" */ | ||||
| 382,	/* "directory" */ | ||||
| 887,	/* "distinguishedName" */ | ||||
| 892,	/* "dmdName" */ | ||||
| @@ -3458,7 +3461,7 @@ static const unsigned int ln_objs[NUM_LN]={ | ||||
| 85,	/* "X509v3 Subject Alternative Name" */ | ||||
| 769,	/* "X509v3 Subject Directory Attributes" */ | ||||
| 82,	/* "X509v3 Subject Key Identifier" */ | ||||
| 919,	/* "X9.42 DH" */ | ||||
| 920,	/* "X9.42 DH" */ | ||||
| 184,	/* "X9.57" */ | ||||
| 185,	/* "X9.57 CM ?" */ | ||||
| 478,	/* "aRecord" */ | ||||
| @@ -4013,6 +4016,7 @@ static const unsigned int ln_objs[NUM_LN]={ | ||||
|  6,	/* "rsaEncryption" */ | ||||
| 644,	/* "rsaOAEPEncryptionSET" */ | ||||
| 377,	/* "rsaSignature" */ | ||||
| 919,	/* "rsaesOaep" */ | ||||
| 912,	/* "rsassaPss" */ | ||||
| 124,	/* "run length compression" */ | ||||
| 482,	/* "sOARecord" */ | ||||
| @@ -4615,7 +4619,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ | ||||
| 416,	/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */ | ||||
| 791,	/* OBJ_ecdsa_with_Recommended       1 2 840 10045 4 2 */ | ||||
| 792,	/* OBJ_ecdsa_with_Specified         1 2 840 10045 4 3 */ | ||||
| 919,	/* OBJ_dhpublicnumber               1 2 840 10046 2 1 */ | ||||
| 920,	/* OBJ_dhpublicnumber               1 2 840 10046 2 1 */ | ||||
| 258,	/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */ | ||||
| 175,	/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */ | ||||
| 259,	/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */ | ||||
| @@ -4831,6 +4835,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ | ||||
|  8,	/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */ | ||||
| 65,	/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */ | ||||
| 644,	/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */ | ||||
| 919,	/* OBJ_rsaesOaep                    1 2 840 113549 1 1 7 */ | ||||
| 911,	/* OBJ_mgf1                         1 2 840 113549 1 1 8 */ | ||||
| 912,	/* OBJ_rsassaPss                    1 2 840 113549 1 1 10 */ | ||||
| 668,	/* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */ | ||||
|   | ||||
| @@ -580,6 +580,11 @@ | ||||
| #define NID_sha1WithRSAEncryption		65 | ||||
| #define OBJ_sha1WithRSAEncryption		OBJ_pkcs1,5L | ||||
|  | ||||
| #define SN_rsaesOaep		"RSAES-OAEP" | ||||
| #define LN_rsaesOaep		"rsaesOaep" | ||||
| #define NID_rsaesOaep		919 | ||||
| #define OBJ_rsaesOaep		OBJ_pkcs1,7L | ||||
|  | ||||
| #define SN_mgf1		"MGF1" | ||||
| #define LN_mgf1		"mgf1" | ||||
| #define NID_mgf1		911 | ||||
| @@ -4027,6 +4032,6 @@ | ||||
|  | ||||
| #define SN_dhpublicnumber		"dhpublicnumber" | ||||
| #define LN_dhpublicnumber		"X9.42 DH" | ||||
| #define NID_dhpublicnumber		919 | ||||
| #define NID_dhpublicnumber		920 | ||||
| #define OBJ_dhpublicnumber		OBJ_ISO_US,10046L,2L,1L | ||||
|  | ||||
|   | ||||
| @@ -916,4 +916,5 @@ rc4_hmac_md5		915 | ||||
| aes_128_cbc_hmac_sha1		916 | ||||
| aes_192_cbc_hmac_sha1		917 | ||||
| aes_256_cbc_hmac_sha1		918 | ||||
| dhpublicnumber		919 | ||||
| rsaesOaep		919 | ||||
| dhpublicnumber		920 | ||||
|   | ||||
| @@ -166,6 +166,7 @@ pkcs1 3			: RSA-MD4		: md4WithRSAEncryption | ||||
| pkcs1 4			: RSA-MD5		: md5WithRSAEncryption | ||||
| pkcs1 5			: RSA-SHA1		: sha1WithRSAEncryption | ||||
| # According to PKCS #1 version 2.1 | ||||
| pkcs1 7			: RSAES-OAEP		: rsaesOaep | ||||
| pkcs1 8			: MGF1			: mgf1 | ||||
| pkcs1 10		: RSASSA-PSS		: rsassaPss | ||||
|  | ||||
|   | ||||
| @@ -63,6 +63,9 @@ | ||||
| #include <openssl/rsa.h> | ||||
| #include <openssl/bn.h> | ||||
| #include <openssl/evp.h> | ||||
| #ifndef OPENSSL_NO_CMS | ||||
| #include <openssl/cms.h> | ||||
| #endif | ||||
| #include "evp_locl.h" | ||||
| #include "rsa_locl.h" | ||||
|  | ||||
| @@ -473,12 +476,23 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | ||||
| 		case EVP_PKEY_CTRL_PKCS7_ENCRYPT: | ||||
| 		case EVP_PKEY_CTRL_PKCS7_DECRYPT: | ||||
| 		case EVP_PKEY_CTRL_PKCS7_SIGN: | ||||
| #ifndef OPENSSL_NO_CMS | ||||
| 		case EVP_PKEY_CTRL_CMS_ENCRYPT: | ||||
| 		case EVP_PKEY_CTRL_CMS_DECRYPT: | ||||
| 		case EVP_PKEY_CTRL_CMS_SIGN: | ||||
| #endif | ||||
| 		return 1; | ||||
| #ifndef OPENSSL_NO_CMS | ||||
| 		case EVP_PKEY_CTRL_CMS_DECRYPT: | ||||
| 		{ | ||||
| 		X509_ALGOR *alg = NULL; | ||||
| 		ASN1_OBJECT *encalg = NULL; | ||||
| 		if (p2) | ||||
| 			CMS_RecipientInfo_ktri_get0_algs(p2, NULL, NULL, &alg); | ||||
| 		if (alg) | ||||
| 			X509_ALGOR_get0(&encalg, NULL, NULL, alg); | ||||
| 		if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep) | ||||
| 			rctx->pad_mode = RSA_PKCS1_OAEP_PADDING; | ||||
| 		} | ||||
| 		case EVP_PKEY_CTRL_CMS_ENCRYPT: | ||||
| 		case EVP_PKEY_CTRL_CMS_SIGN: | ||||
| 		return 1; | ||||
| #endif | ||||
| 		case EVP_PKEY_CTRL_PEER_KEY: | ||||
| 			RSAerr(RSA_F_PKEY_RSA_CTRL, | ||||
| 			RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Dr. Stephen Henson
					Dr. Stephen Henson