Add ACVP fips module tests

[openssl.git] / providers / implementations / keymgmt / rsa_kmgmt.c

diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
index 3091c1dee092b1ac0713cf2ce3e0f2f230e68ba5..313b9c292df8114e4e72d87c2da743736d70e2ef 100644 (file)
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -380,6 +380,11 @@ struct rsa_gen_ctx {
     /* For generation callback */
     OSSL_CALLBACK *cb;
     void *cbarg;
+
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
+    /* ACVP test parameters */
+    OSSL_PARAM *acvp_test_params;
+#endif
 };
 
 static int rsa_gencb(int p, int n, BN_GENCB *cb)
@@ -389,7 +394,6 @@ static int rsa_gencb(int p, int n, BN_GENCB *cb)
 
     params[0] = OSSL_PARAM_construct_int(OSSL_GEN_PARAM_POTENTIAL, &p);
     params[1] = OSSL_PARAM_construct_int(OSSL_GEN_PARAM_ITERATION, &n);
-
     return gctx->cb(params, gctx->cbarg);
 }
 
@@ -451,6 +455,11 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[])
         && !pss_params_fromdata(&gctx->pss_params, params, gctx->rsa_type,
                                 gctx->libctx))
         return 0;
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
+    /* Any ACVP test related parameters are copied into a params[] */
+    if (!rsa_acvp_test_gen_params_new(&gctx->acvp_test_params, params))
+        return 0;
+#endif
     return 1;
 }
 
@@ -525,6 +534,13 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
     if (gencb != NULL)
         BN_GENCB_set(gencb, rsa_gencb, genctx);
 
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
+    if (gctx->acvp_test_params != NULL) {
+        if (!rsa_acvp_test_set_params(rsa_tmp, gctx->acvp_test_params))
+            goto err;
+    }
+#endif
+
     if (!RSA_generate_multi_prime_key(rsa_tmp,
                                       (int)gctx->nbits, (int)gctx->primes,
                                       gctx->pub_exp, gencb))
@@ -551,7 +567,10 @@ static void rsa_gen_cleanup(void *genctx)
 
     if (gctx == NULL)
         return;
-
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
+    rsa_acvp_test_gen_params_free(gctx->acvp_test_params);
+    gctx->acvp_test_params = NULL;
+#endif
     BN_clear_free(gctx->pub_exp);
     OPENSSL_free(gctx);
 }