X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frsa%2Frsa_pmeth.c;h=8c8e0e86e47df70f68e6f83c79675ed0b9edd40c;hp=866dd1601e2ab3ab21bfe0fb5f3ae654db9e5798;hb=7f572e958b13041056f377a62d3219633cfb1e8a;hpb=23a1d5e97cd543d2b8e1b01dbf0f619b2e5ce540 diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 866dd1601e..8c8e0e86e4 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -58,7 +58,7 @@ */ #include -#include "cryptlib.h" +#include "internal/cryptlib.h" #include #include #include @@ -97,21 +97,12 @@ typedef struct { static int pkey_rsa_init(EVP_PKEY_CTX *ctx) { RSA_PKEY_CTX *rctx; - rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX)); - if (!rctx) + rctx = OPENSSL_zalloc(sizeof(*rctx)); + if (rctx == NULL) return 0; rctx->nbits = 1024; - rctx->pub_exp = NULL; rctx->pad_mode = RSA_PKCS1_PADDING; - rctx->md = NULL; - rctx->mgf1md = NULL; - rctx->tbuf = NULL; - rctx->saltlen = -2; - - rctx->oaep_label = NULL; - rctx->oaep_labellen = 0; - ctx->data = rctx; ctx->keygen_info = rctx->gentmp; ctx->keygen_info_count = 2; @@ -136,8 +127,7 @@ static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) dctx->md = sctx->md; dctx->mgf1md = sctx->mgf1md; if (sctx->oaep_label) { - if (dctx->oaep_label) - OPENSSL_free(dctx->oaep_label); + OPENSSL_free(dctx->oaep_label); dctx->oaep_label = BUF_memdup(sctx->oaep_label, sctx->oaep_labellen); if (!dctx->oaep_label) return 0; @@ -151,7 +141,7 @@ static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk) if (ctx->tbuf) return 1; ctx->tbuf = OPENSSL_malloc(EVP_PKEY_size(pk->pkey)); - if (!ctx->tbuf) + if (ctx->tbuf == NULL) return 0; return 1; } @@ -161,10 +151,8 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx) RSA_PKEY_CTX *rctx = ctx->data; if (rctx) { BN_free(rctx->pub_exp); - if (rctx->tbuf) - OPENSSL_free(rctx->tbuf); - if (rctx->oaep_label) - OPENSSL_free(rctx->oaep_label); + OPENSSL_free(rctx->tbuf); + OPENSSL_free(rctx->oaep_label); OPENSSL_free(rctx); } } @@ -389,20 +377,43 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, static int check_padding_md(const EVP_MD *md, int padding) { + int mdnid; if (!md) return 1; + mdnid = EVP_MD_type(md); + if (padding == RSA_NO_PADDING) { RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE); return 0; } if (padding == RSA_X931_PADDING) { - if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) { + if (RSA_X931_hash_id(mdnid) == -1) { RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST); return 0; } - return 1; + } else { + switch(mdnid) { + /* List of all supported RSA digests */ + case NID_sha1: + case NID_sha224: + case NID_sha256: + case NID_sha384: + case NID_sha512: + case NID_md5: + case NID_md5_sha1: + case NID_md2: + case NID_md4: + case NID_mdc2: + case NID_ripemd160: + return 1; + + default: + RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_DIGEST); + return 0; + + } } return 1; @@ -514,8 +525,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE); return -2; } - if (rctx->oaep_label) - OPENSSL_free(rctx->oaep_label); + OPENSSL_free(rctx->oaep_label); if (p2 && p1 > 0) { rctx->oaep_label = p2; rctx->oaep_labellen = p1; @@ -562,21 +572,21 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_VALUE_MISSING); return 0; } - if (!strcmp(type, "rsa_padding_mode")) { + if (strcmp(type, "rsa_padding_mode") == 0) { int pm; - if (!strcmp(value, "pkcs1")) + if (strcmp(value, "pkcs1") == 0) pm = RSA_PKCS1_PADDING; - else if (!strcmp(value, "sslv23")) + else if (strcmp(value, "sslv23") == 0) pm = RSA_SSLV23_PADDING; - else if (!strcmp(value, "none")) + else if (strcmp(value, "none") == 0) pm = RSA_NO_PADDING; - else if (!strcmp(value, "oeap")) + else if (strcmp(value, "oeap") == 0) pm = RSA_PKCS1_OAEP_PADDING; - else if (!strcmp(value, "oaep")) + else if (strcmp(value, "oaep") == 0) pm = RSA_PKCS1_OAEP_PADDING; - else if (!strcmp(value, "x931")) + else if (strcmp(value, "x931") == 0) pm = RSA_X931_PADDING; - else if (!strcmp(value, "pss")) + else if (strcmp(value, "pss") == 0) pm = RSA_PKCS1_PSS_PADDING; else { RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_UNKNOWN_PADDING_TYPE); @@ -585,19 +595,19 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, return EVP_PKEY_CTX_set_rsa_padding(ctx, pm); } - if (!strcmp(type, "rsa_pss_saltlen")) { + if (strcmp(type, "rsa_pss_saltlen") == 0) { int saltlen; saltlen = atoi(value); return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen); } - if (!strcmp(type, "rsa_keygen_bits")) { + if (strcmp(type, "rsa_keygen_bits") == 0) { int nbits; nbits = atoi(value); return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits); } - if (!strcmp(type, "rsa_keygen_pubexp")) { + if (strcmp(type, "rsa_keygen_pubexp") == 0) { int ret; BIGNUM *pubexp = NULL; if (!BN_asc2bn(&pubexp, value)) @@ -608,24 +618,24 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, return ret; } - if (!strcmp(type, "rsa_mgf1_md")) { + if (strcmp(type, "rsa_mgf1_md") == 0) { const EVP_MD *md; - if (!(md = EVP_get_digestbyname(value))) { + if ((md = EVP_get_digestbyname(value)) == NULL) { RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST); return 0; } return EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md); } - if (!strcmp(type, "rsa_oaep_md")) { + if (strcmp(type, "rsa_oaep_md") == 0) { const EVP_MD *md; - if (!(md = EVP_get_digestbyname(value))) { + if ((md = EVP_get_digestbyname(value)) == NULL) { RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST); return 0; } return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md); } - if (!strcmp(type, "rsa_oaep_label")) { + if (strcmp(type, "rsa_oaep_label") == 0) { unsigned char *lab; long lablen; int ret; @@ -647,17 +657,17 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) RSA_PKEY_CTX *rctx = ctx->data; BN_GENCB *pcb; int ret; - if (!rctx->pub_exp) { + if (rctx->pub_exp == NULL) { rctx->pub_exp = BN_new(); - if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4)) + if (rctx->pub_exp == NULL || !BN_set_word(rctx->pub_exp, RSA_F4)) return 0; } rsa = RSA_new(); - if (!rsa) + if (rsa == NULL) return 0; if (ctx->pkey_gencb) { pcb = BN_GENCB_new(); - if (!pcb) { + if (pcb == NULL) { RSA_free(rsa); return 0; }