From: Dr. Stephen Henson <steve@openssl.org>
Date: Thu, 11 Mar 2010 13:45:42 +0000 (+0000)
Subject: Add support for new PSS functions in RSA EVP_PKEY_METHOD
X-Git-Tag: OpenSSL-fips-2_0-rc1~1198
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=bf8883b3519c4a91f474c61bdaa6f9f8fcd93259;ds=sidebyside

Add support for new PSS functions in RSA EVP_PKEY_METHOD
---

diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 1c34e13f43..023917ea25 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -187,14 +187,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 			}
 		else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
 			{
-			const EVP_MD *pssmd;
-			pssmd = rctx->mgf1md;
-			if (pssmd == NULL)
-				pssmd = rctx->md;
 			if (!setup_tbuf(rctx, ctx))
 				return -1;
-			if (!RSA_padding_add_PKCS1_PSS(rsa, rctx->tbuf, tbs,
-						pssmd, rctx->saltlen))
+			if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
+						rctx->tbuf, tbs,
+						rctx->md, rctx->mgf1md,
+						rctx->saltlen))
 				return -1;
 			ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
 						sig, rsa, RSA_NO_PADDING);
@@ -288,17 +286,14 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
 		else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
 			{
 			int ret;
-			const EVP_MD *pssmd;
-			pssmd = rctx->mgf1md;
-			if (pssmd == NULL)
-				pssmd = rctx->md;
 			if (!setup_tbuf(rctx, ctx))
 				return -1;
 			ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
 							rsa, RSA_NO_PADDING);
 			if (ret <= 0)
 				return 0;
-			ret = RSA_verify_PKCS1_PSS(rsa, tbs, pssmd,
+			ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs,
+						rctx->md, rctx->mgf1md,
 						rctx->tbuf, rctx->saltlen);
 			if (ret <= 0)
 				return 0;