add separate PSS decode function, rename PSS parameters to RSA_PSS_PARAMS
authorDr. Stephen Henson <steve@openssl.org>
Sun, 7 Mar 2010 13:34:51 +0000 (13:34 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 7 Mar 2010 13:34:51 +0000 (13:34 +0000)
crypto/rsa/rsa.h
crypto/rsa/rsa_ameth.c
crypto/rsa/rsa_asn1.c

index e356515..06cda22 100644 (file)
@@ -241,6 +241,7 @@ struct rsa_st
 
 #define EVP_PKEY_CTRL_RSA_KEYGEN_BITS  (EVP_PKEY_ALG_CTRL + 3)
 #define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP        (EVP_PKEY_ALG_CTRL + 4)
+#define EVP_PKEY_CTRL_MGF1_MD          (EVP_PKEY_ALG_CTRL + 5)
 
 #define RSA_PKCS1_PADDING      1
 #define RSA_SSLV23_PADDING     2
@@ -300,15 +301,15 @@ const RSA_METHOD *RSA_null_method(void);
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
-typedef struct rsassaPssParams_st
+typedef struct rsa_pss_params_st
        {
        X509_ALGOR *hashAlgorithm;
        X509_ALGOR *maskGenAlgorithm;
        ASN1_INTEGER *saltLength;
        ASN1_INTEGER *trailerField;
-       } RSASSA_PSS_PARAMS;
+       } RSA_PSS_PARAMS;
 
-DECLARE_ASN1_FUNCTIONS(RSASSA_PSS_PARAMS)
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
 
 #ifndef OPENSSL_NO_FP_API
 int    RSA_print_fp(FILE *fp, const RSA *r,int offset);
index 649291e..e25240d 100644 (file)
@@ -265,14 +265,48 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
        return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
        }
 
-static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
+static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
+                                       X509_ALGOR **pmaskHash)
+       {
+       const unsigned char *p;
+       int plen;
+       RSA_PSS_PARAMS *pss;
+
+       *pmaskHash = NULL;
+
+       if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
+               return NULL;
+       p = alg->parameter->value.sequence->data;
+       plen = alg->parameter->value.sequence->length;
+       pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
+
+       if (!pss)
+               return NULL;
+       
+       if (pss->maskGenAlgorithm)
+               {
+               ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+               if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
+                       && param->type == V_ASN1_SEQUENCE)
+                       {
+                       p = param->value.sequence->data;
+                       plen = param->value.sequence->length;
+                       *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
+                       }
+               }
+
+       return pss;
+       }
+
+static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss, 
+                               X509_ALGOR *maskHash, int indent)
        {
        int rv = 0;
-       X509_ALGOR *maskHash = NULL;
        if (!pss)
                {
                if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
                        return 0;
+               return 1;
                }
        if (BIO_puts(bp, "\n") <= 0)
                goto err;
@@ -299,18 +333,16 @@ static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
                        goto err;
        if (pss->maskGenAlgorithm)
                {
-               ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
-               if (param->type == V_ASN1_SEQUENCE)
-                       {
-                       const unsigned char *p = param->value.sequence->data;
-                       int plen = param->value.sequence->length;
-                       maskHash = d2i_X509_ALGOR(NULL, &p, plen);
-                       }
                if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
                        goto err;
                if (BIO_puts(bp, " with ") <= 0)
                        goto err;
-               if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+               if (maskHash)
+                       {
+                       if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+                       goto err;
+                       }
+               else if (BIO_puts(bp, "INVALID") <= 0)
                        goto err;
                }
        else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
@@ -346,9 +378,6 @@ static int rsa_pss_param_print(BIO *bp, RSASSA_PSS_PARAMS *pss, int indent)
        rv = 1;
 
        err:
-       if (maskHash)
-               X509_ALGOR_free(maskHash);
-       RSASSA_PSS_PARAMS_free(pss);
        return rv;
 
        }
@@ -359,15 +388,16 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
        {
        if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss)
                {
-               RSASSA_PSS_PARAMS *pss = NULL;
-               ASN1_TYPE *param = sigalg->parameter;
-               if (param && param->type == V_ASN1_SEQUENCE)
-                       {
-                       const unsigned char *p = param->value.sequence->data;
-                       int plen = param->value.sequence->length;
-                       pss = d2i_RSASSA_PSS_PARAMS(NULL, &p, plen);
-                       }
-               if (!rsa_pss_param_print(bp, pss, indent))
+               int rv;
+               RSA_PSS_PARAMS *pss;
+               X509_ALGOR *maskHash;
+               pss = rsa_pss_decode(sigalg, &maskHash);
+               rv = rsa_pss_param_print(bp, pss, maskHash, indent);
+               if (pss)
+                       RSA_PSS_PARAMS_free(pss);
+               if (maskHash)
+                       X509_ALGOR_free(maskHash);
+               if (!rv)
                        return 0;
                }
 
index f00ec69..6ed5de3 100644 (file)
@@ -97,14 +97,14 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
        ASN1_SIMPLE(RSA, e, BIGNUM),
 } ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
 
-ASN1_SEQUENCE(RSASSA_PSS_PARAMS) = {
-       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
-       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
-       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
-       ASN1_EXP_OPT(RSASSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
-} ASN1_SEQUENCE_END(RSASSA_PSS_PARAMS)
+ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
+       ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
+       ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
+       ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
+       ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
 
-IMPLEMENT_ASN1_FUNCTIONS(RSASSA_PSS_PARAMS)
+IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)