/* crypto/rsa/rsa_ameth.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
/* ====================================================================
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+#include <openssl/cms.h>
+#endif
#include "asn1_locl.h"
static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
}
+static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
+ {
+ int rv = 0;
+ X509_ALGOR *maskHash = NULL;
+ if (!pss)
+ {
+ if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
+ return 0;
+ }
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
+ goto err;
+
+ if (pss->hashAlgorithm)
+ {
+ if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "sha1 (default)") <= 0)
+ goto err;
+
+ if (BIO_puts(bp, "\n") <= 0)
+ goto err;
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+
+ if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
+ goto err;
+ if (pss->maskGenAlgorithm)
+ {
+ ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+ if (param->type == V_ASN1_SEQUENCE)
+ {
+ const unsigned char *p = param->value.sequence->data;
+ int plen = param->value.sequence->length;
+ maskHash = d2i_X509_ALGOR(NULL, &p, plen);
+ }
+ if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
+ goto err;
+ if (BIO_puts(bp, " with ") <= 0)
+ goto err;
+ if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Salt Length: ") <= 0)
+ goto err;
+ if (pss->saltLength)
+ {
+ if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "20 (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ if (!BIO_indent(bp, indent, 128))
+ goto err;
+ if (BIO_puts(bp, "Trailer Field: ") <= 0)
+ goto err;
+ if (pss->trailerField)
+ {
+ if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
+ goto err;
+ }
+ else if (BIO_puts(bp, "0xbc (default)") <= 0)
+ goto err;
+ BIO_puts(bp, "\n");
+
+ rv = 1;
+
+ err:
+ if (maskHash)
+ X509_ALGOR_free(maskHash);
+ RSASSA_PSS_PARAMS_free(pss);
+ return rv;
+
+ }
+
+static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig,
+ int indent, ASN1_PCTX *pctx)
+ {
+ if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss)
+ {
+ RSASSA_PSS_PARAMS *pss = NULL;
+ ASN1_TYPE *param = sigalg->parameter;
+ if (param && param->type == V_ASN1_SEQUENCE)
+ {
+ const unsigned char *p = param->value.sequence->data;
+ int plen = param->value.sequence->length;
+ pss = d2i_RSASSA_PSS_PARAMS(NULL, &p, plen);
+ }
+ if (!rsa_pss_param_print(bp, pss, indent))
+ return 0;
+ }
+
+ return X509_signature_dump(bp, sig, indent);
+ }
static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
+ X509_ALGOR *alg = NULL;
switch (op)
{
case ASN1_PKEY_CTRL_PKCS7_SIGN:
if (arg1 == 0)
- {
- X509_ALGOR *alg;
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
- X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
- V_ASN1_NULL, 0);
- }
- return 1;
+ break;
case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
if (arg1 == 0)
- {
- X509_ALGOR *alg;
PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
- X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
- V_ASN1_NULL, 0);
- }
- return 1;
+ break;
+#ifndef OPENSSL_NO_CMS
+ case ASN1_PKEY_CTRL_CMS_SIGN:
+ if (arg1 == 0)
+ CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg);
+ break;
+
+ case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+ if (arg1 == 0)
+ CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg);
+ break;
+#endif
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = NID_sha1;
}
+ if (alg)
+ X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
+ V_ASN1_NULL, 0);
+
+ return 1;
+
}
0,0,0,0,0,0,
+ rsa_sig_print,
int_rsa_free,
rsa_pkey_ctrl,
old_rsa_priv_decode,
projects / openssl.git / blobdiff