From 716630c0eb8546e53f1e229f2abcd867c5d46576 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 10 Apr 2006 11:16:11 +0000
Subject: [PATCH] Change operation values so they can be used as a mask.

Fix rsa_pkey_method.
---
 crypto/evp/evp.h       | 34 +++++++++++++++++++++++++---------
 crypto/evp/pmeth_lib.c |  5 ++---
 crypto/rsa/rsa_pmeth.c |  1 +
 3 files changed, 28 insertions(+), 12 deletions(-)

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index a9a2f6a1c7..52f41c2502 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -904,15 +904,31 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
 
 
 #define EVP_PKEY_OP_UNDEFINED		0
-#define EVP_PKEY_OP_PARAMGEN		1
-#define EVP_PKEY_OP_KEYGEN		2
-#define EVP_PKEY_OP_SIGN		3
-#define EVP_PKEY_OP_VERIFY		4
-#define EVP_PKEY_OP_VERIFYRECOVER	5
-#define EVP_PKEY_OP_SIGNCTX		6
-#define EVP_PKEY_OP_VERIFYCTX		7
-#define EVP_PKEY_OP_ENCRYPT		8
-#define EVP_PKEY_OP_DECRYPT		9
+#define EVP_PKEY_OP_PARAMGEN		(1<<1)
+#define EVP_PKEY_OP_KEYGEN		(1<<2)
+#define EVP_PKEY_OP_SIGN		(1<<3)
+#define EVP_PKEY_OP_VERIFY		(1<<4)
+#define EVP_PKEY_OP_VERIFYRECOVER	(1<<5)
+#define EVP_PKEY_OP_SIGNCTX		(1<<6)
+#define EVP_PKEY_OP_VERIFYCTX		(1<<7)
+#define EVP_PKEY_OP_ENCRYPT		(1<<8)
+#define EVP_PKEY_OP_DECRYPT		(1<<9)
+#define EVP_PKEY_OP_DERIVE		(1<<10)
+
+#define EVP_PKEY_OP_TYPE_SIGNATURE	\
+	(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+		| EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+#define EVP_PKEY_OP_TYPE_CRYPTO \
+	(EVP_PKEY_OP_SIGNATURE | EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT \
+		| EVP_PKEY_OP_DERIVE)
+
+#define EVP_PKEY_OP_TYPE_GENERATE \
+		(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+#define	 EVP_PKEY_CTX_set_signature_md(ctx, md)	\
+		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIGNATURE,  \
+					EVP_PKEY_CTRL_MD, 0, (void *)md)
 
 #define EVP_PKEY_CTRL_MD		1
 
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index a76e88b805..26a55048ca 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -156,7 +156,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
 		return -1;
 		}
 
-	if ((optype != -1) && (ctx->operation != optype))
+	if ((optype != -1) && !(ctx->operation & optype))
 		{
 		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
 		return -1;
@@ -187,8 +187,7 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
 			EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_DIGEST);
 			return 0;
 			}
-		return EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_MD,
-								0, (void *)md);
+		return EVP_PKEY_CTX_set_signature_md(ctx, md);
 		}
 	return ctx->pmeth->ctrl_str(ctx, name, value);
 	}
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 5501965298..696eef9332 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -212,6 +212,7 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
 			ret = int_rsa_verify(EVP_MD_type(rctx->md),
 						NULL, 0, rout, &sltmp,
 					sig, siglen, ctx->pkey->pkey.rsa);
+			ret = sltmp;
 			}
 		else
 			return -1;
-- 
2.34.1