RSA: Add rsa_schemes.c, to store scheme data and translator functions
authorRichard Levitte <levitte@openssl.org>
Sat, 2 May 2020 10:41:39 +0000 (12:41 +0200)
committerRichard Levitte <levitte@openssl.org>
Thu, 14 May 2020 10:16:34 +0000 (12:16 +0200)
The scheme currently added is OAEP-PSSDigestAlgorithms codified.
The translator functions translate an EVP_MD into a NID, and a NID
into a name, to support the creation and parsing of OSSL_PARAM items.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)

crypto/rsa/build.info
crypto/rsa/rsa_schemes.c [new file with mode: 0644]
include/crypto/rsa.h

index 970c493..984ad77 100644 (file)
@@ -3,7 +3,7 @@ LIBS=../../libcrypto
 $COMMON=rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_pk1.c \
         rsa_none.c rsa_oaep.c rsa_chk.c rsa_pss.c rsa_x931.c rsa_crpt.c \
         rsa_x931g.c rsa_sp800_56b_gen.c rsa_sp800_56b_check.c rsa_backend.c \
-        rsa_mp_names.c
+        rsa_mp_names.c rsa_schemes.c
 
 SOURCE[../../libcrypto]=$COMMON\
         rsa_saos.c rsa_err.c rsa_asn1.c rsa_ameth.c rsa_prn.c \
diff --git a/crypto/rsa/rsa_schemes.c b/crypto/rsa/rsa_schemes.c
new file mode 100644 (file)
index 0000000..7a54296
--- /dev/null
@@ -0,0 +1,86 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/core.h>
+#include <openssl/core_names.h>
+#include <openssl/evp.h>
+#include <openssl/obj_mac.h>
+#include "internal/nelem.h"
+#include "crypto/rsa.h"
+
+static int meth2nid(const void *meth,
+                    int (*meth_is_a)(const void *meth, const char *name),
+                    const OSSL_ITEM *items, size_t items_n)
+{
+    size_t i;
+
+    if (meth != NULL)
+        for (i = 0; i < items_n; i++)
+            if (meth_is_a(meth, items[i].ptr))
+                return (int)items[i].id;
+    return NID_undef;
+}
+
+static const char *nid2name(int meth, const OSSL_ITEM *items, size_t items_n)
+{
+    size_t i;
+
+    for (i = 0; i < items_n; i++)
+        if (meth == (int)items[i].id)
+            return items[i].ptr;
+    return NULL;
+}
+
+/*
+ * The list of permitted hash functions are taken from 
+ * https://tools.ietf.org/html/rfc8017#appendix-A.2.1:
+ *
+ * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+ *     { OID id-sha1       PARAMETERS NULL }|
+ *     { OID id-sha224     PARAMETERS NULL }|
+ *     { OID id-sha256     PARAMETERS NULL }|
+ *     { OID id-sha384     PARAMETERS NULL }|
+ *     { OID id-sha512     PARAMETERS NULL }|
+ *     { OID id-sha512-224 PARAMETERS NULL }|
+ *     { OID id-sha512-256 PARAMETERS NULL },
+ *     ...  -- Allows for future expansion --
+ * }
+ */
+static const OSSL_ITEM oaeppss_name_nid_map[] = {
+    { NID_sha1,         OSSL_DIGEST_NAME_SHA1         },
+    { NID_sha224,       OSSL_DIGEST_NAME_SHA2_224     },
+    { NID_sha256,       OSSL_DIGEST_NAME_SHA2_256     },
+    { NID_sha384,       OSSL_DIGEST_NAME_SHA2_384     },
+    { NID_sha512,       OSSL_DIGEST_NAME_SHA2_512     },
+    { NID_sha512_224,   OSSL_DIGEST_NAME_SHA2_512_224 },
+    { NID_sha512_256,   OSSL_DIGEST_NAME_SHA2_512_256 },
+};
+
+static int md_is_a(const void *md, const char *name)
+{
+    return EVP_MD_is_a(md, name);
+}
+
+int rsa_oaeppss_md2nid(const EVP_MD *md)
+{
+    return meth2nid(md, md_is_a,
+                    oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map));
+}
+
+const char *rsa_oaeppss_nid2name(int md)
+{
+    return nid2name(md, oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map));
+}
+
+const char *rsa_mgf_nid2name(int mgf)
+{
+    if (mgf == NID_mgf1)
+        return SN_mgf1;
+    return NULL;
+}
index 321c7f8..fb7f80d 100644 (file)
 #include <openssl/core.h>
 #include <openssl/rsa.h>
 
+const char *rsa_mgf_nid2name(int mgf);
+int rsa_oaeppss_md2nid(const EVP_MD *md);
+const char *rsa_oaeppss_nid2name(int md);
+
 RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx);
 
 int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,