Beginnings of PSS support.

[openssl.git] / crypto / rsa / rsa.h

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 6a9062b27ecea4113310cbce7635eca6cc3a5dc6..6df1e67fb6e4163a6457e68d871ae80cd4f91f9d 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -117,7 +117,8 @@ struct rsa_meth_st
                unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
        int (*rsa_verify)(int dtype,
                const unsigned char *m, unsigned int m_length,
-               unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
+               const unsigned char *sigbuf, unsigned int siglen,
+                                                               const RSA *rsa);
 /* If this callback is NULL, the builtin software RSA key-gen will be used. This
  * is for behavioural compatibility whilst the code gets rewired, but one day
  * it would be nice to assume there are no such things as "builtin software"
@@ -192,11 +193,19 @@ struct rsa_st
                                                 * be used for all exponents.
                                                 */
 
+#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+       EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
+                               pad, NULL)
+
+#define EVP_PKEY_CTRL_RSA_PADDING      (EVP_PKEY_ALG_CTRL + 1)
+
 #define RSA_PKCS1_PADDING      1
 #define RSA_SSLV23_PADDING     2
 #define RSA_NO_PADDING         3
 #define RSA_PKCS1_OAEP_PADDING 4
 #define RSA_X931_PADDING       5
+/* EVP_PKEY_ only */
+#define RSA_PKCS1_PSS_PADDING  6
 
 #define RSA_PKCS1_PADDING_SIZE 11
 
@@ -275,7 +284,7 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
 int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
        unsigned char *sigret, unsigned int *siglen, RSA *rsa);
 int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
-       unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+       const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
 
 /* The following 2 function sign and verify a ASN1_OCTET_STRING
  * object inside PKCS#1 padded RSA encryption */
@@ -343,7 +352,10 @@ void ERR_load_RSA_strings(void);
 /* Error codes for the RSA functions. */
 
 /* Function codes. */
+#define RSA_F_CHECK_PADDING_NID                                 140
 #define RSA_F_MEMORY_LOCK                               100
+#define RSA_F_PKEY_RSA_SIGN                             142
+#define RSA_F_PKEY_RSA_VERIFYRECOVER                    141
 #define RSA_F_RSA_BUILTIN_KEYGEN                        129
 #define RSA_F_RSA_CHECK_KEY                             123
 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT                   101
@@ -403,10 +415,14 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                   125
 #define RSA_R_D_E_NOT_CONGRUENT_TO_1                    123
 #define RSA_R_FIRST_OCTET_INVALID                       133
+#define RSA_R_INVALID_DIGEST                            105
+#define RSA_R_INVALID_DIGEST_LENGTH                     143
 #define RSA_R_INVALID_HEADER                            137
 #define RSA_R_INVALID_MESSAGE_LENGTH                    131
 #define RSA_R_INVALID_PADDING                           138
+#define RSA_R_INVALID_PADDING_MODE                      141
 #define RSA_R_INVALID_TRAILER                           139
+#define RSA_R_INVALID_X931_DIGEST                       142
 #define RSA_R_IQMP_NOT_INVERSE_OF_Q                     126
 #define RSA_R_KEY_SIZE_TOO_SMALL                        120
 #define RSA_R_LAST_OCTET_INVALID                        134