int pad_mode;
/* message digest */
const EVP_MD *md;
+ /* message digest for MGF1 */
+ const EVP_MD *mgf1md;
/* PSS/OAEP salt length */
int saltlen;
/* Temp buffer */
rctx->pub_exp = NULL;
rctx->pad_mode = RSA_PKCS1_PADDING;
rctx->md = NULL;
+ rctx->mgf1md = NULL;
rctx->tbuf = NULL;
rctx->saltlen = -2;
}
else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
{
+ const EVP_MD *pssmd;
+ pssmd = rctx->mgf1md;
+ if (pssmd == NULL)
+ pssmd = rctx->md;
if (!setup_tbuf(rctx, ctx))
return -1;
if (!RSA_padding_add_PKCS1_PSS(rsa, rctx->tbuf, tbs,
- rctx->md, rctx->saltlen))
+ pssmd, rctx->saltlen))
return -1;
ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
sig, rsa, RSA_NO_PADDING);
else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
{
int ret;
+ const EVP_MD *pssmd;
+ pssmd = rctx->mgf1md;
+ if (pssmd == NULL)
+ pssmd = rctx->md;
if (!setup_tbuf(rctx, ctx))
return -1;
ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
rsa, RSA_NO_PADDING);
if (ret <= 0)
return 0;
- ret = RSA_verify_PKCS1_PSS(rsa, tbs, rctx->md,
+ ret = RSA_verify_PKCS1_PSS(rsa, tbs, pssmd,
rctx->tbuf, rctx->saltlen);
if (ret <= 0)
return 0;
rctx->md = p2;
return 1;
+ case EVP_PKEY_CTRL_MGF1_MD:
+ rctx->mgf1md = p2;
+ return 1;
+
case EVP_PKEY_CTRL_DIGESTINIT:
case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT:
projects / openssl.git / commitdiff