CMS RSA-OAEP and RSA-PSS support.

Extend RSA ASN1 method to support CMS PSS signatures for both sign and verify. For signing the EVP_PKEY_CTX parameters are read and the appropriate CMS structures set up. For verification the CMS structures are analysed and the corresponding parameters in the EVP_PKEY_CTX set. Also add RSA-OAEP support. For encrypt the EVP_PKEY_CTX parameters are used. For decrypt the CMS structure is uses to set the appropriate EVP_PKEY_CTX parameters. (cherry picked from commit 0574cad) Also sync error codes with OpenSSL 1.0.1 and add new ones.
openssl · Oct 1, 2013 · af7d6b9 · af7d6b9
1 parent a64b878
commit af7d6b9
Show file tree

Hide file tree

Showing 5 changed files with 476 additions and 150 deletions.
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
@@ -357,6 +357,15 @@ typedef struct rsa_pss_params_st
 
 DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
 
+typedef struct rsa_oaep_params_st
+	{
+	X509_ALGOR *hashFunc;
+	X509_ALGOR *maskGenFunc;
+	X509_ALGOR *pSourceFunc;
+	} RSA_OAEP_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
 #ifndef OPENSSL_NO_FP_API
 int	RSA_print_fp(FILE *fp, const RSA *r,int offset);
 #endif
@@ -491,9 +500,6 @@ void ERR_load_RSA_strings(void);
 /* Function codes. */
 #define RSA_F_CHECK_PADDING_MD				 140
 #define RSA_F_DO_RSA_PRINT				 146
-#define RSA_F_FIPS_RSA_SIGN_DIGEST			 149
-#define RSA_F_FIPS_RSA_VERIFY				 150
-#define RSA_F_FIPS_RSA_VERIFY_DIGEST			 151
 #define RSA_F_INT_RSA_VERIFY				 145
 #define RSA_F_MEMORY_LOCK				 100
 #define RSA_F_OLD_RSA_PRIV_DECODE			 147
@@ -502,8 +508,10 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_PKEY_RSA_SIGN				 142
 #define RSA_F_PKEY_RSA_VERIFY				 154
 #define RSA_F_PKEY_RSA_VERIFYRECOVER			 141
+#define RSA_F_RSA_ALGOR_TO_MD				 157
 #define RSA_F_RSA_BUILTIN_KEYGEN			 129
 #define RSA_F_RSA_CHECK_KEY				 123
+#define RSA_F_RSA_CMS_DECRYPT				 158
 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT			 101
 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT			 102
 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT			 103
@@ -512,6 +520,7 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_RSA_GENERATE_KEY_EX			 155
 #define RSA_F_RSA_ITEM_VERIFY				 156
 #define RSA_F_RSA_MEMORY_LOCK				 130
+#define RSA_F_RSA_MGF1_TO_MD				 159
 #define RSA_F_RSA_NEW_METHOD				 106
 #define RSA_F_RSA_NULL					 124
 #define RSA_F_RSA_NULL_MOD_EXP				 131
@@ -521,7 +530,7 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_RSA_NULL_PUBLIC_ENCRYPT			 135
 #define RSA_F_RSA_PADDING_ADD_NONE			 107
 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP		 121
-#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1		 154
+#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1		 160
 #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS			 125
 #define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1		 148
 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1		 108
@@ -530,7 +539,7 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_RSA_PADDING_ADD_X931			 127
 #define RSA_F_RSA_PADDING_CHECK_NONE			 111
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP		 122
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1		 153
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1		 161
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1		 112
 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2		 113
 #define RSA_F_RSA_PADDING_CHECK_SSLV23			 114
@@ -541,6 +550,7 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_RSA_PRIVATE_ENCRYPT			 151
 #define RSA_F_RSA_PRIV_DECODE				 137
 #define RSA_F_RSA_PRIV_ENCODE				 138
+#define RSA_F_RSA_PSS_TO_CTX				 162
 #define RSA_F_RSA_PUBLIC_DECRYPT			 152
 #define RSA_F_RSA_PUBLIC_ENCRYPT			 153
 #define RSA_F_RSA_PUB_DECODE				 139
@@ -566,18 +576,21 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_DATA_TOO_LARGE_FOR_MODULUS		 132
 #define RSA_R_DATA_TOO_SMALL				 111
 #define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE		 122
+#define RSA_R_DIGEST_DOES_NOT_MATCH			 159
 #define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 112
 #define RSA_R_DMP1_NOT_CONGRUENT_TO_D			 124
 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D			 125
 #define RSA_R_D_E_NOT_CONGRUENT_TO_1			 123
 #define RSA_R_FIRST_OCTET_INVALID			 133
 #define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE	 144
-#define RSA_R_INVALID_DIGEST				 157
+#define RSA_R_INVALID_DIGEST				 160
 #define RSA_R_INVALID_DIGEST_LENGTH			 143
 #define RSA_R_INVALID_HEADER				 137
 #define RSA_R_INVALID_KEYBITS				 145
+#define RSA_R_INVALID_LABEL				 161
 #define RSA_R_INVALID_MESSAGE_LENGTH			 131
 #define RSA_R_INVALID_MGF1_MD				 156
+#define RSA_R_INVALID_OAEP_PARAMETERS			 162
 #define RSA_R_INVALID_PADDING				 138
 #define RSA_R_INVALID_PADDING_MODE			 141
 #define RSA_R_INVALID_PSS_PARAMETERS			 149
@@ -605,9 +618,12 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_SSLV3_ROLLBACK_ATTACK			 115
 #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
 #define RSA_R_UNKNOWN_ALGORITHM_TYPE			 117
+#define RSA_R_UNKNOWN_DIGEST				 163
 #define RSA_R_UNKNOWN_MASK_DIGEST			 151
 #define RSA_R_UNKNOWN_PADDING_TYPE			 118
 #define RSA_R_UNKNOWN_PSS_DIGEST			 152
+#define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE		 164
+#define RSA_R_UNSUPPORTED_LABEL_SOURCE			 165
 #define RSA_R_UNSUPPORTED_MASK_ALGORITHM		 153
 #define RSA_R_UNSUPPORTED_MASK_PARAMETER		 154
 #define RSA_R_UNSUPPORTED_SIGNATURE_TYPE		 155