diff options
| author | jsing <> | 2019-10-04 16:51:31 +0000 |
|---|---|---|
| committer | jsing <> | 2019-10-04 16:51:31 +0000 |
| commit | 5e5005b92f5807443f04e3f78e5c3a0c65b10de5 (patch) | |
| tree | 7429e94288453050e02c020441dc4aac270c382a /src | |
| parent | 90f489ef7ff4d9517eb9cb52fb75a95d5d391747 (diff) | |
| download | openbsd-5e5005b92f5807443f04e3f78e5c3a0c65b10de5.tar.gz openbsd-5e5005b92f5807443f04e3f78e5c3a0c65b10de5.tar.bz2 openbsd-5e5005b92f5807443f04e3f78e5c3a0c65b10de5.zip | |
Provide internal RSA_padding_{add,check}_PKCS1_OAEP_mgf1() functions.
These are internal only for now and will be made public at a later date.
The RSA_padding_{add,check}_PKCS1_OAEP() functions become wrappers around
the *_mgf1() variant.
ok tb@ inoguchi@ (as part of a larger diff)
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_locl.h | 9 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_oaep.c | 91 |
2 files changed, 90 insertions, 10 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_locl.h b/src/lib/libcrypto/rsa/rsa_locl.h index e949ee8aa9..28bf4110c2 100644 --- a/src/lib/libcrypto/rsa/rsa_locl.h +++ b/src/lib/libcrypto/rsa/rsa_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_locl.h,v 1.4 2016/12/21 15:49:29 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_locl.h,v 1.5 2019/10/04 16:51:31 jsing Exp $ */ |
| 2 | 2 | ||
| 3 | __BEGIN_HIDDEN_DECLS | 3 | __BEGIN_HIDDEN_DECLS |
| 4 | 4 | ||
| @@ -6,4 +6,11 @@ extern int int_rsa_verify(int dtype, const unsigned char *m, | |||
| 6 | unsigned int m_len, unsigned char *rm, size_t *prm_len, | 6 | unsigned int m_len, unsigned char *rm, size_t *prm_len, |
| 7 | const unsigned char *sigbuf, size_t siglen, RSA *rsa); | 7 | const unsigned char *sigbuf, size_t siglen, RSA *rsa); |
| 8 | 8 | ||
| 9 | int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, | ||
| 10 | const unsigned char *from, int flen, const unsigned char *param, int plen, | ||
| 11 | const EVP_MD *md, const EVP_MD *mgf1md); | ||
| 12 | int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, | ||
| 13 | const unsigned char *from, int flen, int num, const unsigned char *param, | ||
| 14 | int plen, const EVP_MD *md, const EVP_MD *mgf1md); | ||
| 15 | |||
| 9 | __END_HIDDEN_DECLS | 16 | __END_HIDDEN_DECLS |
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c index 2b902f44b4..c90299093a 100644 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ b/src/lib/libcrypto/rsa/rsa_oaep.c | |||
| @@ -1,6 +1,57 @@ | |||
| 1 | /* $OpenBSD: rsa_oaep.c,v 1.30 2019/10/03 17:45:27 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_oaep.c,v 1.31 2019/10/04 16:51:31 jsing Exp $ */ |
| 2 | /* Written by Ulf Moeller. This software is distributed on an "AS IS" | 2 | /* |
| 3 | basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ | 3 | * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. |
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@openssl.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 4 | 55 | ||
| 5 | /* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ | 56 | /* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ |
| 6 | 57 | ||
| @@ -32,20 +83,32 @@ | |||
| 32 | #include <openssl/rsa.h> | 83 | #include <openssl/rsa.h> |
| 33 | #include <openssl/sha.h> | 84 | #include <openssl/sha.h> |
| 34 | 85 | ||
| 86 | #include "rsa_locl.h" | ||
| 87 | |||
| 35 | int | 88 | int |
| 36 | RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, | 89 | RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, |
| 37 | const unsigned char *from, int flen, const unsigned char *param, int plen) | 90 | const unsigned char *from, int flen, const unsigned char *param, int plen) |
| 38 | { | 91 | { |
| 92 | return RSA_padding_add_PKCS1_OAEP_mgf1(to, tlen, from, flen, param, | ||
| 93 | plen, NULL, NULL); | ||
| 94 | } | ||
| 95 | |||
| 96 | int | ||
| 97 | RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, | ||
| 98 | const unsigned char *from, int flen, const unsigned char *param, int plen, | ||
| 99 | const EVP_MD *md, const EVP_MD *mgf1md) | ||
| 100 | { | ||
| 39 | int i, emlen = tlen - 1; | 101 | int i, emlen = tlen - 1; |
| 40 | unsigned char *db, *seed; | 102 | unsigned char *db, *seed; |
| 41 | unsigned char *dbmask = NULL; | 103 | unsigned char *dbmask = NULL; |
| 42 | unsigned char seedmask[EVP_MAX_MD_SIZE]; | 104 | unsigned char seedmask[EVP_MAX_MD_SIZE]; |
| 43 | const EVP_MD *md, *mgf1md; | ||
| 44 | int mdlen, dbmask_len = 0; | 105 | int mdlen, dbmask_len = 0; |
| 45 | int rv = 0; | 106 | int rv = 0; |
| 46 | 107 | ||
| 47 | md = EVP_sha1(); | 108 | if (md == NULL) |
| 48 | mgf1md = EVP_sha1(); | 109 | md = EVP_sha1(); |
| 110 | if (mgf1md == NULL) | ||
| 111 | mgf1md = md; | ||
| 49 | 112 | ||
| 50 | if ((mdlen = EVP_MD_size(md)) <= 0) | 113 | if ((mdlen = EVP_MD_size(md)) <= 0) |
| 51 | goto err; | 114 | goto err; |
| @@ -101,6 +164,15 @@ RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 101 | const unsigned char *from, int flen, int num, const unsigned char *param, | 164 | const unsigned char *from, int flen, int num, const unsigned char *param, |
| 102 | int plen) | 165 | int plen) |
| 103 | { | 166 | { |
| 167 | return RSA_padding_check_PKCS1_OAEP_mgf1(to, tlen, from, flen, num, | ||
| 168 | param, plen, NULL, NULL); | ||
| 169 | } | ||
| 170 | |||
| 171 | int | ||
| 172 | RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, | ||
| 173 | const unsigned char *from, int flen, int num, const unsigned char *param, | ||
| 174 | int plen, const EVP_MD *md, const EVP_MD *mgf1md) | ||
| 175 | { | ||
| 104 | int i, dblen, mlen = -1; | 176 | int i, dblen, mlen = -1; |
| 105 | const unsigned char *maskeddb; | 177 | const unsigned char *maskeddb; |
| 106 | int lzero; | 178 | int lzero; |
| @@ -108,11 +180,12 @@ RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, | |||
| 108 | unsigned char seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; | 180 | unsigned char seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; |
| 109 | unsigned char *padded_from; | 181 | unsigned char *padded_from; |
| 110 | int bad = 0; | 182 | int bad = 0; |
| 111 | const EVP_MD *md, *mgf1md; | ||
| 112 | int mdlen; | 183 | int mdlen; |
| 113 | 184 | ||
| 114 | md = EVP_sha1(); | 185 | if (md == NULL) |
| 115 | mgf1md = EVP_sha1(); | 186 | md = EVP_sha1(); |
| 187 | if (mgf1md == NULL) | ||
| 188 | mgf1md = md; | ||
| 116 | 189 | ||
| 117 | if ((mdlen = EVP_MD_size(md)) <= 0) | 190 | if ((mdlen = EVP_MD_size(md)) <= 0) |
| 118 | goto err; | 191 | goto err; |