Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST

author Shane Lontis <shane.lontis@oracle.com>

Tue, 22 Sep 2020 05:43:32 +0000 (15:43 +1000)

committer Shane Lontis <shane.lontis@oracle.com>

Wed, 23 Sep 2020 07:31:40 +0000 (17:31 +1000)
author Shane Lontis <shane.lontis@oracle.com>
Tue, 22 Sep 2020 05:43:32 +0000 (15:43 +1000)
committer Shane Lontis <shane.lontis@oracle.com>
Wed, 23 Sep 2020 07:31:40 +0000 (17:31 +1000)
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c

index 6558e1c6626a0d0cd862732de841651bd6adfb57..814452f27dfff5903548e29640f6ccaa7df0e2bf 100644 (file)
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -1239,7 +1239,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type,
              || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid)
              || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid)
              || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
-            || !rsa_pss_params_30_todata(&pss_params, propq, tmpl, NULL))
+            || !rsa_pss_params_30_todata(&pss_params, tmpl, NULL))
              goto err;
          selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS;
      }
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c

index 871aa17a2222333e5db2f9349544c58c4f0eaafd..fae09d706752469e30af960f11d3feebd64cbea1 100644 (file)
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -163,7 +163,7 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
      return ret;
  }
  
-int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, const char *propq,
+int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
                               OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
  {
      if (!rsa_pss_params_30_is_unrestricted(pss)) {
@@ -211,13 +211,16 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
                                 const OSSL_PARAM params[], OPENSSL_CTX *libctx)
  {
      const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md,  *param_saltlen;
+    const OSSL_PARAM *param_propq;
+    const char *propq = NULL;
      EVP_MD *md = NULL, *mgf1md = NULL;
      int saltlen;
      int ret = 0;
  
      if (pss_params == NULL)
          return 0;
-
+    param_propq =
+        OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_DIGEST_PROPS);
      param_md =
          OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_DIGEST);
      param_mgf =
@@ -227,6 +230,10 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
      param_saltlen =
          OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_PSS_SALTLEN);
  
+    if (param_propq != NULL) {
+        if (param_propq->data_type == OSSL_PARAM_UTF8_STRING)
+            propq = param_propq->data;
+    }
      /*
       * If we get any of the parameters, we know we have at least some
       * restrictions, so we start by setting default values, and let each
@@ -265,7 +272,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
          else if (!OSSL_PARAM_get_utf8_ptr(param_mgf, &mdname))
              goto err;
  
-        if ((md = EVP_MD_fetch(libctx, mdname, NULL)) == NULL
+        if ((md = EVP_MD_fetch(libctx, mdname, propq)) == NULL
              || !rsa_pss_params_30_set_hashalg(pss_params,
                                                rsa_oaeppss_md2nid(md)))
              goto err;
@@ -279,7 +286,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
          else if (!OSSL_PARAM_get_utf8_ptr(param_mgf, &mgf1mdname))
              goto err;
  
-        if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, NULL)) == NULL
+        if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, propq)) == NULL
              || !rsa_pss_params_30_set_maskgenhashalg(pss_params,
                                                       rsa_oaeppss_md2nid(mgf1md)))
              goto err;
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h

index 478327d2319eaeb4eb0195f98a8a4d917746eb69..278e2150626c17c7c8c1fb6486f097a23d02576b 100644 (file)
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -60,7 +60,7 @@ int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
  
  int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
  int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]);
-int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, const char *propq,
+int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
                               OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
  int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
                                 const OSSL_PARAM params[], OPENSSL_CTX *libctx);
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h

index a1c73a86dffa6bbea8b46faede6bef3afa0696c5..76902695f0c04fde8a6c9047af5e9572b7311774 100644 (file)
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -379,6 +379,7 @@ extern "C" {
  #define OSSL_PKEY_PARAM_RSA_BITS            OSSL_PKEY_PARAM_BITS
  #define OSSL_PKEY_PARAM_RSA_PRIMES          "primes"
  #define OSSL_PKEY_PARAM_RSA_DIGEST          OSSL_PKEY_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_RSA_DIGEST_PROPS    OSSL_PKEY_PARAM_PROPERTIES
  #define OSSL_PKEY_PARAM_RSA_MASKGENFUNC     OSSL_PKEY_PARAM_MASKGENFUNC
  #define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST     OSSL_PKEY_PARAM_MGF1_DIGEST
  #define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN     "saltlen"
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c

index 659121c227f7355b97129ede9ab0dcac2df1090d..6bc666bcf0503a7674b95224482beea9839ff4cb 100644 (file)
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -193,7 +193,7 @@ static int rsa_export(void *keydata, int selection,
  
      if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
          ok = ok && (rsa_pss_params_30_is_unrestricted(pss_params)
-                    || rsa_pss_params_30_todata(pss_params, NULL, tmpl, NULL));
+                    || rsa_pss_params_30_todata(pss_params, tmpl, NULL));
      if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
          ok = ok && rsa_todata(rsa, tmpl, NULL);
  
@@ -339,7 +339,7 @@ static int rsa_get_params(void *key, OSSL_PARAM params[])
          }
      }
      return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS
-            || rsa_pss_params_30_todata(pss_params, NULL, NULL, params))
+            || rsa_pss_params_30_todata(pss_params, NULL, params))
          && rsa_todata(rsa, NULL, params);
  }
  
@@ -383,6 +383,7 @@ static int rsa_validate(void *keydata, int selection)
  
  struct rsa_gen_ctx {
      OPENSSL_CTX *libctx;
+    const char *propq;
  
      int rsa_type;
  
@@ -493,6 +494,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[])
   */
  #define rsa_gen_pss                                                     \
      OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST, NULL, 0),        \
+    OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_DIGEST_PROPS, NULL, 0),  \
      OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MASKGENFUNC, NULL, 0),   \
      OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_RSA_MGF1_DIGEST, NULL, 0),   \
      OSSL_PARAM_int(OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, NULL)
author	Shane Lontis <shane.lontis@oracle.com>
	Tue, 22 Sep 2020 05:43:32 +0000 (15:43 +1000)
committer	Shane Lontis <shane.lontis@oracle.com>
	Wed, 23 Sep 2020 07:31:40 +0000 (17:31 +1000)
crypto/rsa/rsa_ameth.c		patch \| blob \| history
crypto/rsa/rsa_backend.c		patch \| blob \| history
include/crypto/rsa.h		patch \| blob \| history
include/openssl/core_names.h		patch \| blob \| history
providers/implementations/keymgmt/rsa_kmgmt.c		patch \| blob \| history