Add control to retrieve signature MD.

[openssl.git] / crypto / rsa / rsa_pmeth.c

diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 5b2ecf56adc7343b8661ac4c9c4222a00dde5a10..86a7c8dd3f102da5b7b9f51bdae5b31890f38d28 100644 (file)
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -174,10 +174,20 @@ static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx)
                rv = 0;
        if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv)
                return -1;
-       if (rctx->md && !(rctx->md->flags & EVP_MD_FLAG_FIPS))
-               return rv;
+       if (rctx->md)
+               {
+               const EVP_MD *fmd;
+               fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->md));
+               if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
+                       return rv;
+               }
        if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS))
-               return rv;
+               {
+               const EVP_MD *fmd;
+               fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->mgf1md));
+               if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
+                       return rv;
+               }
        return 1;
        }
 #endif
@@ -542,6 +552,10 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                rctx->md = p2;
                return 1;
 
+               case EVP_PKEY_CTRL_GET_MD:
+               *(const EVP_MD **)p2 = rctx->md;
+               return 1;
+
                case EVP_PKEY_CTRL_RSA_MGF1_MD:
                case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
                if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING)
@@ -611,6 +625,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
                        pm = RSA_NO_PADDING;
                else if (!strcmp(value, "oeap"))
                        pm = RSA_PKCS1_OAEP_PADDING;
+               else if (!strcmp(value, "oaep"))
+                       pm = RSA_PKCS1_OAEP_PADDING;
                else if (!strcmp(value, "x931"))
                        pm = RSA_X931_PADDING;
                else if (!strcmp(value, "pss"))