/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
static RSA *rsa_new_intern(ENGINE *engine, OPENSSL_CTX *libctx);
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
RSA *RSA_new(void)
{
return rsa_new_intern(NULL, NULL);
ret->libctx = libctx;
ret->meth = RSA_get_default_method();
-#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
if (engine) {
if (!ENGINE_init(engine)) {
#endif
ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
goto err;
}
if (r->meth != NULL && r->meth->finish != NULL)
r->meth->finish(r);
-#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
ENGINE_finish(r->engine);
#endif
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
#endif
BN_clear_free(r->dmp1);
BN_clear_free(r->dmq1);
BN_clear_free(r->iqmp);
- /* TODO(3.0): Support PSS in FIPS_MODE */
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
RSA_PSS_PARAMS_free(r->pss);
sk_RSA_PRIME_INFO_pop_free(r->prime_infos, rsa_multip_info_free);
#endif
return i > 1 ? 1 : 0;
}
-#ifndef FIPS_MODE
+OPENSSL_CTX *rsa_get0_libctx(RSA *r)
+{
+ return r->libctx;
+}
+
+#ifndef FIPS_MODULE
int RSA_set_ex_data(RSA *r, int idx, void *arg)
{
return CRYPTO_set_ex_data(&r->ex_data, idx, arg);
{
int bits = BN_num_bits(rsa->n);
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
if (rsa->version == RSA_ASN1_VERSION_MULTI) {
/* This ought to mean that we have private key at hand. */
int ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos);
return 1;
}
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
/*
* Is it better to export RSA_PRIME_INFO structure
* and related functions to let user pass a triplet?
*q = r->q;
}
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
int RSA_get_multi_prime_extra_count(const RSA *r)
{
int pnum;
*iqmp = r->iqmp;
}
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[],
const BIGNUM *coeffs[])
{
const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r)
{
+#ifdef FIPS_MODULE
+ return NULL;
+#else
return r->pss;
+#endif
+}
+
+/* Internal */
+RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r)
+{
+ return &r->pss_params;
}
void RSA_clear_flags(RSA *r, int flags)
return r->version;
}
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
ENGINE *RSA_get0_engine(const RSA *r)
{
return r->engine;
const STACK_OF(BIGNUM) *exps,
const STACK_OF(BIGNUM) *coeffs)
{
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
STACK_OF(RSA_PRIME_INFO) *prime_infos, *old_infos = NULL;
#endif
int pnum;
sk_BIGNUM_value(coeffs, 0)))
return 0;
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
old_infos = r->prime_infos;
#endif
if (pnum > 2) {
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
int i;
prime_infos = sk_RSA_PRIME_INFO_new_reserve(NULL, pnum);
#endif
}
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
if (old_infos != NULL) {
/*
* This is hard to deal with, since the old infos could
r->dirty_cnt++;
return 1;
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
err:
/* r, d, t should not be freed */
sk_RSA_PRIME_INFO_pop_free(prime_infos, rsa_multip_info_free_ex);
STACK_OF(BIGNUM_const) *exps,
STACK_OF(BIGNUM_const) *coeffs)
{
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
RSA_PRIME_INFO *pinfo;
int i, pnum;
#endif
sk_BIGNUM_const_push(exps, RSA_get0_dmq1(r));
sk_BIGNUM_const_push(coeffs, RSA_get0_iqmp(r));
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
pnum = RSA_get_multi_prime_extra_count(r);
for (i = 0; i < pnum; i++) {
pinfo = sk_RSA_PRIME_INFO_value(r->prime_infos, i);
return 1;
}
-#ifndef FIPS_MODE
+#ifndef FIPS_MODULE
int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad_mode)
{
OSSL_PARAM pad_params[2], *p = pad_params;
return 1;
}
-int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+static int int_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx,
+ /* For EVP_PKEY_CTX_ctrl() */
+ int keytype, int optype, int cmd,
+ const EVP_MD *md,
+ /* For EVP_PKEY_CTX_set_params() */
+ const char *mdname, const char *mdprops)
{
- const char *name;
+ OSSL_PARAM rsa_params[3], *p = rsa_params;
- if (ctx == NULL
- || (!EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
- && !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx))) {
+ if (ctx == NULL || (ctx->operation & optype) == 0) {
ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
/* Uses the same return values as EVP_PKEY_CTX_ctrl */
return -2;
/* If key type not RSA return error */
if (ctx->pmeth != NULL
- && ctx->pmeth->pkey_id != EVP_PKEY_RSA
- && ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+ && (keytype == -1
+ ? (ctx->pmeth->pkey_id != EVP_PKEY_RSA
+ && ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+ : ctx->pmeth->pkey_id != keytype))
return -1;
/* TODO(3.0): Remove this eventually when no more legacy */
- if ((EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
- && ctx->op.ciph.ciphprovctx == NULL)
+ if (cmd != -1) {
+ if ((EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
+ && ctx->op.ciph.ciphprovctx == NULL)
|| (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
- && ctx->op.sig.sigprovctx == NULL))
- return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA,
- EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT,
- EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md);
-
- name = (md == NULL) ? "" : EVP_MD_name(md);
-
- return EVP_PKEY_CTX_set_rsa_mgf1_md_name(ctx, name, NULL);
-}
-
-int EVP_PKEY_CTX_set_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
- const char *mdprops)
-{
- OSSL_PARAM rsa_params[3], *p = rsa_params;
+ && ctx->op.sig.sigprovctx == NULL)
+ || (EVP_PKEY_CTX_IS_GEN_OP(ctx)
+ && ctx->op.keymgmt.genctx == NULL))
+ return EVP_PKEY_CTX_ctrl(ctx, keytype, optype, cmd, 0, (void *)md);
- if (ctx == NULL
- || mdname == NULL
- || (!EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
- && !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx))) {
- ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
- /* Uses the same return values as EVP_PKEY_CTX_ctrl */
- return -2;
+ mdname = (md == NULL) ? "" : EVP_MD_name(md);
}
- /* If key type not RSA return error */
- if (ctx->pmeth != NULL
- && ctx->pmeth->pkey_id != EVP_PKEY_RSA
- && ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
- return -1;
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_MGF1_DIGEST,
/*
return EVP_PKEY_CTX_set_params(ctx, rsa_params);
}
+int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+{
+ return int_set_rsa_mgf1_md(ctx, -1,
+ EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
+ EVP_PKEY_CTRL_RSA_MGF1_MD, md, NULL, NULL);
+}
+
+int EVP_PKEY_CTX_set_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, const char *mdname,
+ const char *mdprops)
+{
+ return int_set_rsa_mgf1_md(ctx, -1,
+ EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
+ -1, NULL, mdname, mdprops);
+}
+
+int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
+{
+ return int_set_rsa_mgf1_md(ctx, EVP_PKEY_RSA_PSS,
+ EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_RSA_MGF1_MD,
+ md, NULL, NULL);
+}
+
+int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name(EVP_PKEY_CTX *ctx,
+ const char *mdname)
+{
+ return int_set_rsa_mgf1_md(ctx, EVP_PKEY_RSA_PSS,
+ EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_TYPE_SIG,
+ -1, NULL, mdname, NULL);
+}
+
int EVP_PKEY_CTX_get_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, char *name,
size_t namelen)
{
return (int)labellen;
}
-int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen)
+static int int_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen,
+ int keytype, int optype)
{
OSSL_PARAM pad_params[2], *p = pad_params;
- if (ctx == NULL) {
+ if (ctx == NULL || (ctx->operation & optype) == 0) {
ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
/* Uses the same return values as EVP_PKEY_CTX_ctrl */
return -2;
/* If key type not RSA or RSA-PSS return error */
if (ctx->pmeth != NULL
- && ctx->pmeth->pkey_id != EVP_PKEY_RSA
- && ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+ && (keytype == -1
+ ? (ctx->pmeth->pkey_id != EVP_PKEY_RSA
+ && ctx->pmeth->pkey_id != EVP_PKEY_RSA_PSS)
+ : ctx->pmeth->pkey_id != keytype))
return -1;
/* TODO(3.0): Remove this eventually when no more legacy */
- if (!EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
- || ctx->op.sig.sigprovctx == NULL)
- return EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_RSA_PSS_SALTLEN,
+ if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
+ && ctx->op.sig.sigprovctx == NULL)
+ || (EVP_PKEY_CTX_IS_GEN_OP(ctx)
+ && ctx->op.keymgmt.genctx == NULL))
+ return EVP_PKEY_CTX_ctrl(ctx, keytype, optype,
+ EVP_PKEY_CTRL_RSA_PSS_SALTLEN,
saltlen, NULL);
*p++ =
return EVP_PKEY_CTX_set_params(ctx, pad_params);
}
+int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen)
+{
+ return int_set_rsa_pss_saltlen(ctx, saltlen, -1, EVP_PKEY_OP_TYPE_SIG);
+}
+
+int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *ctx, int saltlen)
+{
+ return int_set_rsa_pss_saltlen(ctx, saltlen, EVP_PKEY_RSA_PSS,
+ EVP_PKEY_OP_KEYGEN);
+}
+
int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *saltlen)
{
OSSL_PARAM pad_params[2], *p = pad_params;
int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp)
{
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params;
int ret;
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN,
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp);
- OSSL_PARAM_BLD_init(&tmpl);
- if (!OSSL_PARAM_BLD_push_BN(&tmpl, OSSL_PKEY_PARAM_RSA_E, pubexp)
- || (params = OSSL_PARAM_BLD_to_param(&tmpl)) == NULL)
+ if ((tmpl = OSSL_PARAM_BLD_new()) == NULL)
return 0;
+ if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_RSA_E, pubexp)
+ || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) {
+ OSSL_PARAM_BLD_free(tmpl);
+ return 0;
+ }
+ OSSL_PARAM_BLD_free(tmpl);
ret = EVP_PKEY_CTX_set_params(ctx, params);
- OSSL_PARAM_BLD_free(params);
+ OSSL_PARAM_BLD_free_params(params);
return ret;
}