From f9a6348a537290f65fd76d945419a4c9bafff012 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 10 Apr 2006 12:55:04 +0000 Subject: [PATCH] ctrls to set PSS salt length. --- crypto/rsa/rsa.h | 7 +++++++ crypto/rsa/rsa_pmeth.c | 18 +++++++++++++++--- 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 6df1e67fb..e9225a53c 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -197,7 +197,14 @@ struct rsa_st EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \ pad, NULL) +#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \ + (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ + EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \ + len, NULL) + #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) +#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) #define RSA_PKCS1_PADDING 1 #define RSA_SSLV23_PADDING 2 diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index f8ce45ca2..378bfe4b4 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -353,13 +353,11 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) case EVP_PKEY_CTRL_RSA_PADDING: if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING)) { - if (ctx->operation & EVP_PKEY_OP_TYPE_GEN) - return -2; if (!check_padding_md(rctx->md, p1)) return 0; if (p1 == RSA_PKCS1_PSS_PADDING) { - if (!(ctx->operation & EVP_PKEY_OP_TYPE_SIG)) + if (ctx->operation == EVP_PKEY_OP_VERIFYRECOVER) return -2; if (!rctx->md) rctx->md = EVP_sha1(); @@ -376,6 +374,14 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) } return -2; + case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: + if (p1 < -2) + return -2; + if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) + return -2; + rctx->saltlen = p1; + return 1; + case EVP_PKEY_CTRL_MD: if (!check_padding_md(p2, rctx->pad_mode)) return 0; @@ -412,6 +418,12 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, return -2; return EVP_PKEY_CTX_set_rsa_padding(ctx, pm); } + if (!strcmp(type, "rsa_pss_saltlen")) + { + int saltlen; + saltlen = atoi(value); + return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen); + } return -2; }