RSA PSS verification support including certificates and certificate

[openssl.git] / crypto / rsa / rsa.h

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 91cd4198c7a1f9eb17d04c87c141b96dd13c2e57..8cb737d4b1390210dbdf60477249a2ab52662d62 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -236,11 +236,16 @@ struct rsa_st
        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
                                EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
 
+#define         EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md)  \
+               EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
+                               EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
+
 #define EVP_PKEY_CTRL_RSA_PADDING      (EVP_PKEY_ALG_CTRL + 1)
 #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN  (EVP_PKEY_ALG_CTRL + 2)
 
 #define EVP_PKEY_CTRL_RSA_KEYGEN_BITS  (EVP_PKEY_ALG_CTRL + 3)
 #define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP        (EVP_PKEY_ALG_CTRL + 4)
+#define EVP_PKEY_CTRL_RSA_MGF1_MD      (EVP_PKEY_ALG_CTRL + 5)
 
 #define RSA_PKCS1_PADDING      1
 #define RSA_SSLV23_PADDING     2
@@ -300,6 +305,16 @@ const RSA_METHOD *RSA_null_method(void);
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
+typedef struct rsa_pss_params_st
+       {
+       X509_ALGOR *hashAlgorithm;
+       X509_ALGOR *maskGenAlgorithm;
+       ASN1_INTEGER *saltLength;
+       ASN1_INTEGER *trailerField;
+       } RSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
 #ifndef OPENSSL_NO_FP_API
 int    RSA_print_fp(FILE *fp, const RSA *r,int offset);
 #endif
@@ -413,6 +428,7 @@ void ERR_load_RSA_strings(void);
 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT                    103
 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT                    104
 #define RSA_F_RSA_GENERATE_KEY                          105
+#define RSA_F_RSA_ITEM_VERIFY                           148
 #define RSA_F_RSA_MEMORY_LOCK                           130
 #define RSA_F_RSA_NEW_METHOD                            106
 #define RSA_F_RSA_NULL                                  124
@@ -448,7 +464,6 @@ void ERR_load_RSA_strings(void);
 
 /* Reason codes. */
 #define RSA_R_ALGORITHM_MISMATCH                        100
-#define RSA_R_BAD_ARGUMENT                              149
 #define RSA_R_BAD_E_VALUE                               101
 #define RSA_R_BAD_FIXED_HEADER_DECRYPT                  102
 #define RSA_R_BAD_PAD_BYTE_COUNT                        103
@@ -473,7 +488,9 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_INVALID_MESSAGE_LENGTH                    131
 #define RSA_R_INVALID_PADDING                           138
 #define RSA_R_INVALID_PADDING_MODE                      141
+#define RSA_R_INVALID_PSS_PARAMETERS                    149
 #define RSA_R_INVALID_PSS_SALTLEN                       146
+#define RSA_R_INVALID_SALT_LENGTH                       150
 #define RSA_R_INVALID_TRAILER                           139
 #define RSA_R_INVALID_X931_DIGEST                       142
 #define RSA_R_IQMP_NOT_INVERSE_OF_Q                     126
@@ -494,7 +511,12 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_SSLV3_ROLLBACK_ATTACK                     115
 #define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
 #define RSA_R_UNKNOWN_ALGORITHM_TYPE                    117
+#define RSA_R_UNKNOWN_MASK_DIGEST                       151
 #define RSA_R_UNKNOWN_PADDING_TYPE                      118
+#define RSA_R_UNKNOWN_PSS_DIGEST                        152
+#define RSA_R_UNSUPPORTED_MASK_ALGORITHM                153
+#define RSA_R_UNSUPPORTED_MASK_PARAMETER                154
+#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE                155
 #define RSA_R_VALUE_MISSING                             147
 #define RSA_R_WRONG_SIGNATURE_LENGTH                    119