summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/rsa')
-rw-r--r--src/lib/libcrypto/rsa/Makefile287
-rw-r--r--src/lib/libcrypto/rsa/rsa.h79
-rw-r--r--src/lib/libcrypto/rsa/rsa_asn1.c10
-rw-r--r--src/lib/libcrypto/rsa/rsa_err.c21
-rw-r--r--src/lib/libcrypto/rsa/rsa_gen.c15
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c172
-rw-r--r--src/lib/libcrypto/rsa/rsa_null.c151
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep.c6
-rw-r--r--src/lib/libcrypto/rsa/rsa_sign.c33
-rw-r--r--src/lib/libcrypto/rsa/rsa_test.c340
10 files changed, 942 insertions, 172 deletions
diff --git a/src/lib/libcrypto/rsa/Makefile b/src/lib/libcrypto/rsa/Makefile
new file mode 100644
index 0000000000..bb64223e05
--- /dev/null
+++ b/src/lib/libcrypto/rsa/Makefile
@@ -0,0 +1,287 @@
1#
2# OpenSSL/crypto/rsa/Makefile
3#
4
5DIR= rsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=rsa_test.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
21 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
22 rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
23 rsa_pmeth.c
24LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
25 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
26 rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
27 rsa_pmeth.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= rsa.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
48
49links:
50 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
51 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
52 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
53
54install:
55 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
56 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
72 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
73
74dclean:
75 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
76 mv -f Makefile.new $(MAKEFILE)
77
78clean:
79 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
80
81# DO NOT DELETE THIS LINE -- make depend depends on it.
82
83rsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
84rsa_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
85rsa_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
86rsa_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
87rsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
88rsa_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
89rsa_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
90rsa_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
91rsa_ameth.o: ../../include/openssl/objects.h
92rsa_ameth.o: ../../include/openssl/opensslconf.h
93rsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
94rsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
95rsa_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
96rsa_ameth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
97rsa_ameth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
98rsa_ameth.o: ../asn1/asn1_locl.h ../cryptlib.h rsa_ameth.c
99rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
100rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
101rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
102rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
103rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
104rsa_asn1.o: ../../include/openssl/opensslconf.h
105rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
106rsa_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
107rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
108rsa_asn1.o: ../cryptlib.h rsa_asn1.c
109rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
110rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
111rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
112rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
113rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
114rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
115rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
116rsa_chk.o: rsa_chk.c
117rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
118rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
119rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
120rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
121rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
122rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
123rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
124rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
125rsa_depr.o: ../cryptlib.h rsa_depr.c
126rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
127rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
128rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
129rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
130rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
131rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
132rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
133rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
134rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
135rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
136rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
137rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
138rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
139rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
140rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
141rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c
142rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
143rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
144rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
145rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
146rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
147rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
148rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
149rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
150rsa_gen.o: ../cryptlib.h rsa_gen.c
151rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
152rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
153rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
154rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
155rsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
156rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
157rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
158rsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
159rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
160rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
161rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
162rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
163rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
164rsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
165rsa_lib.o: ../cryptlib.h rsa_lib.c
166rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
167rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
168rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
169rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
170rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
171rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
172rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
173rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
174rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
175rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
176rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
177rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
178rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
179rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
180rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
181rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
182rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
183rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
184rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
185rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
186rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
187rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
188rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
189rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
190rsa_oaep.o: ../../include/openssl/opensslconf.h
191rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
192rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
193rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
194rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
195rsa_oaep.o: ../cryptlib.h rsa_oaep.c
196rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
197rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
198rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
199rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
200rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
201rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
202rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
203rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
204rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.c
205rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
206rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
207rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
208rsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
209rsa_pmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
210rsa_pmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
211rsa_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
212rsa_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
213rsa_pmeth.o: ../../include/openssl/opensslconf.h
214rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
215rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
216rsa_pmeth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
217rsa_pmeth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
218rsa_pmeth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
219rsa_pmeth.o: ../cryptlib.h ../evp/evp_locl.h rsa_locl.h rsa_pmeth.c
220rsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
221rsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
222rsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
223rsa_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
224rsa_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
225rsa_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
226rsa_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
227rsa_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
228rsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
229rsa_prn.o: ../cryptlib.h rsa_prn.c
230rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h
231rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
232rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
233rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
234rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
235rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
236rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
237rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
238rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
239rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
240rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c
241rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
242rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
243rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
244rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
245rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
246rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h
247rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
248rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
249rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
250rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
251rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
252rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
253rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
254rsa_saos.o: ../cryptlib.h rsa_saos.c
255rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
256rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
257rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
258rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
259rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
260rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
261rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
262rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
263rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
264rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
265rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
266rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
267rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
268rsa_sign.o: ../cryptlib.h rsa_locl.h rsa_sign.c
269rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
270rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
271rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
272rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
273rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
274rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
275rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
276rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
277rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
278rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
279rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
280rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
281rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
282rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
283rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
284rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
285rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
286rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
287rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
index 4814a2fc15..cf74343657 100644
--- a/src/lib/libcrypto/rsa/rsa.h
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -222,22 +222,12 @@ struct rsa_st
222 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \ 222 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
223 pad, NULL) 223 pad, NULL)
224 224
225#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
226 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
227 EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
228
229#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \ 225#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
230 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \ 226 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
231 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \ 227 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
232 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \ 228 EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
233 len, NULL) 229 len, NULL)
234 230
235#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
236 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
237 (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
238 EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
239 0, plen)
240
241#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \ 231#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
242 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ 232 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
243 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL) 233 EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
@@ -246,24 +236,11 @@ struct rsa_st
246 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \ 236 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
247 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp) 237 EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
248 238
249#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
250 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
251 EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
252
253#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
254 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \
255 EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
256
257#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) 239#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)
258#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2) 240#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)
259 241
260#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3) 242#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)
261#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4) 243#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
262#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)
263
264#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)
265#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)
266#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)
267 244
268#define RSA_PKCS1_PADDING 1 245#define RSA_PKCS1_PADDING 1
269#define RSA_SSLV23_PADDING 2 246#define RSA_SSLV23_PADDING 2
@@ -323,16 +300,6 @@ const RSA_METHOD *RSA_null_method(void);
323DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey) 300DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
324DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey) 301DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
325 302
326typedef struct rsa_pss_params_st
327 {
328 X509_ALGOR *hashAlgorithm;
329 X509_ALGOR *maskGenAlgorithm;
330 ASN1_INTEGER *saltLength;
331 ASN1_INTEGER *trailerField;
332 } RSA_PSS_PARAMS;
333
334DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
335
336#ifndef OPENSSL_NO_FP_API 303#ifndef OPENSSL_NO_FP_API
337int RSA_print_fp(FILE *fp, const RSA *r,int offset); 304int RSA_print_fp(FILE *fp, const RSA *r,int offset);
338#endif 305#endif
@@ -413,14 +380,6 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
413 const unsigned char *mHash, 380 const unsigned char *mHash,
414 const EVP_MD *Hash, int sLen); 381 const EVP_MD *Hash, int sLen);
415 382
416int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
417 const EVP_MD *Hash, const EVP_MD *mgf1Hash,
418 const unsigned char *EM, int sLen);
419
420int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
421 const unsigned char *mHash,
422 const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);
423
424int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 383int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
425 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 384 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
426int RSA_set_ex_data(RSA *r,int idx,void *arg); 385int RSA_set_ex_data(RSA *r,int idx,void *arg);
@@ -429,25 +388,6 @@ void *RSA_get_ex_data(const RSA *r, int idx);
429RSA *RSAPublicKey_dup(RSA *rsa); 388RSA *RSAPublicKey_dup(RSA *rsa);
430RSA *RSAPrivateKey_dup(RSA *rsa); 389RSA *RSAPrivateKey_dup(RSA *rsa);
431 390
432/* If this flag is set the RSA method is FIPS compliant and can be used
433 * in FIPS mode. This is set in the validated module method. If an
434 * application sets this flag in its own methods it is its responsibility
435 * to ensure the result is compliant.
436 */
437
438#define RSA_FLAG_FIPS_METHOD 0x0400
439
440/* If this flag is set the operations normally disabled in FIPS mode are
441 * permitted it is then the applications responsibility to ensure that the
442 * usage is compliant.
443 */
444
445#define RSA_FLAG_NON_FIPS_ALLOW 0x0400
446/* Application has decided PRNG is good enough to generate a key: don't
447 * check.
448 */
449#define RSA_FLAG_CHECKED 0x0800
450
451/* BEGIN ERROR CODES */ 391/* BEGIN ERROR CODES */
452/* The following lines are auto generated by the script mkerr.pl. Any changes 392/* The following lines are auto generated by the script mkerr.pl. Any changes
453 * made after this point may be overwritten when the script is next run. 393 * made after this point may be overwritten when the script is next run.
@@ -465,7 +405,6 @@ void ERR_load_RSA_strings(void);
465#define RSA_F_PKEY_RSA_CTRL 143 405#define RSA_F_PKEY_RSA_CTRL 143
466#define RSA_F_PKEY_RSA_CTRL_STR 144 406#define RSA_F_PKEY_RSA_CTRL_STR 144
467#define RSA_F_PKEY_RSA_SIGN 142 407#define RSA_F_PKEY_RSA_SIGN 142
468#define RSA_F_PKEY_RSA_VERIFY 154
469#define RSA_F_PKEY_RSA_VERIFYRECOVER 141 408#define RSA_F_PKEY_RSA_VERIFYRECOVER 141
470#define RSA_F_RSA_BUILTIN_KEYGEN 129 409#define RSA_F_RSA_BUILTIN_KEYGEN 129
471#define RSA_F_RSA_CHECK_KEY 123 410#define RSA_F_RSA_CHECK_KEY 123
@@ -474,8 +413,6 @@ void ERR_load_RSA_strings(void);
474#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 413#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
475#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 414#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
476#define RSA_F_RSA_GENERATE_KEY 105 415#define RSA_F_RSA_GENERATE_KEY 105
477#define RSA_F_RSA_GENERATE_KEY_EX 155
478#define RSA_F_RSA_ITEM_VERIFY 156
479#define RSA_F_RSA_MEMORY_LOCK 130 416#define RSA_F_RSA_MEMORY_LOCK 130
480#define RSA_F_RSA_NEW_METHOD 106 417#define RSA_F_RSA_NEW_METHOD 106
481#define RSA_F_RSA_NULL 124 418#define RSA_F_RSA_NULL 124
@@ -487,7 +424,6 @@ void ERR_load_RSA_strings(void);
487#define RSA_F_RSA_PADDING_ADD_NONE 107 424#define RSA_F_RSA_PADDING_ADD_NONE 107
488#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 425#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
489#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125 426#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
490#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148
491#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 427#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
492#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 428#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
493#define RSA_F_RSA_PADDING_ADD_SSLV23 110 429#define RSA_F_RSA_PADDING_ADD_SSLV23 110
@@ -500,12 +436,8 @@ void ERR_load_RSA_strings(void);
500#define RSA_F_RSA_PADDING_CHECK_X931 128 436#define RSA_F_RSA_PADDING_CHECK_X931 128
501#define RSA_F_RSA_PRINT 115 437#define RSA_F_RSA_PRINT 115
502#define RSA_F_RSA_PRINT_FP 116 438#define RSA_F_RSA_PRINT_FP 116
503#define RSA_F_RSA_PRIVATE_DECRYPT 150
504#define RSA_F_RSA_PRIVATE_ENCRYPT 151
505#define RSA_F_RSA_PRIV_DECODE 137 439#define RSA_F_RSA_PRIV_DECODE 137
506#define RSA_F_RSA_PRIV_ENCODE 138 440#define RSA_F_RSA_PRIV_ENCODE 138
507#define RSA_F_RSA_PUBLIC_DECRYPT 152
508#define RSA_F_RSA_PUBLIC_ENCRYPT 153
509#define RSA_F_RSA_PUB_DECODE 139 441#define RSA_F_RSA_PUB_DECODE 139
510#define RSA_F_RSA_SETUP_BLINDING 136 442#define RSA_F_RSA_SETUP_BLINDING 136
511#define RSA_F_RSA_SIGN 117 443#define RSA_F_RSA_SIGN 117
@@ -513,7 +445,6 @@ void ERR_load_RSA_strings(void);
513#define RSA_F_RSA_VERIFY 119 445#define RSA_F_RSA_VERIFY 119
514#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 446#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
515#define RSA_F_RSA_VERIFY_PKCS1_PSS 126 447#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
516#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149
517 448
518/* Reason codes. */ 449/* Reason codes. */
519#define RSA_R_ALGORITHM_MISMATCH 100 450#define RSA_R_ALGORITHM_MISMATCH 100
@@ -539,24 +470,19 @@ void ERR_load_RSA_strings(void);
539#define RSA_R_INVALID_HEADER 137 470#define RSA_R_INVALID_HEADER 137
540#define RSA_R_INVALID_KEYBITS 145 471#define RSA_R_INVALID_KEYBITS 145
541#define RSA_R_INVALID_MESSAGE_LENGTH 131 472#define RSA_R_INVALID_MESSAGE_LENGTH 131
542#define RSA_R_INVALID_MGF1_MD 156
543#define RSA_R_INVALID_PADDING 138 473#define RSA_R_INVALID_PADDING 138
544#define RSA_R_INVALID_PADDING_MODE 141 474#define RSA_R_INVALID_PADDING_MODE 141
545#define RSA_R_INVALID_PSS_PARAMETERS 149
546#define RSA_R_INVALID_PSS_SALTLEN 146 475#define RSA_R_INVALID_PSS_SALTLEN 146
547#define RSA_R_INVALID_SALT_LENGTH 150
548#define RSA_R_INVALID_TRAILER 139 476#define RSA_R_INVALID_TRAILER 139
549#define RSA_R_INVALID_X931_DIGEST 142 477#define RSA_R_INVALID_X931_DIGEST 142
550#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 478#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
551#define RSA_R_KEY_SIZE_TOO_SMALL 120 479#define RSA_R_KEY_SIZE_TOO_SMALL 120
552#define RSA_R_LAST_OCTET_INVALID 134 480#define RSA_R_LAST_OCTET_INVALID 134
553#define RSA_R_MODULUS_TOO_LARGE 105 481#define RSA_R_MODULUS_TOO_LARGE 105
554#define RSA_R_NON_FIPS_RSA_METHOD 157
555#define RSA_R_NO_PUBLIC_EXPONENT 140 482#define RSA_R_NO_PUBLIC_EXPONENT 140
556#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 483#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
557#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 484#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
558#define RSA_R_OAEP_DECODING_ERROR 121 485#define RSA_R_OAEP_DECODING_ERROR 121
559#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158
560#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148 486#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
561#define RSA_R_PADDING_CHECK_FAILED 114 487#define RSA_R_PADDING_CHECK_FAILED 114
562#define RSA_R_P_NOT_PRIME 128 488#define RSA_R_P_NOT_PRIME 128
@@ -567,12 +493,7 @@ void ERR_load_RSA_strings(void);
567#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 493#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
568#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 494#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
569#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 495#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
570#define RSA_R_UNKNOWN_MASK_DIGEST 151
571#define RSA_R_UNKNOWN_PADDING_TYPE 118 496#define RSA_R_UNKNOWN_PADDING_TYPE 118
572#define RSA_R_UNKNOWN_PSS_DIGEST 152
573#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
574#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154
575#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
576#define RSA_R_VALUE_MISSING 147 497#define RSA_R_VALUE_MISSING 147
577#define RSA_R_WRONG_SIGNATURE_LENGTH 119 498#define RSA_R_WRONG_SIGNATURE_LENGTH 119
578 499
diff --git a/src/lib/libcrypto/rsa/rsa_asn1.c b/src/lib/libcrypto/rsa/rsa_asn1.c
index 6ed5de3db4..4efca8cdc8 100644
--- a/src/lib/libcrypto/rsa/rsa_asn1.c
+++ b/src/lib/libcrypto/rsa/rsa_asn1.c
@@ -60,7 +60,6 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/bn.h> 61#include <openssl/bn.h>
62#include <openssl/rsa.h> 62#include <openssl/rsa.h>
63#include <openssl/x509.h>
64#include <openssl/asn1t.h> 63#include <openssl/asn1t.h>
65 64
66/* Override the default free and new methods */ 65/* Override the default free and new methods */
@@ -97,15 +96,6 @@ ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
97 ASN1_SIMPLE(RSA, e, BIGNUM), 96 ASN1_SIMPLE(RSA, e, BIGNUM),
98} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey) 97} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
99 98
100ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
101 ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
102 ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
103 ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
104 ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
105} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
106
107IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
108
109IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey) 99IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
110 100
111IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey) 101IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c
index 46e0bf9980..cf9f1106b0 100644
--- a/src/lib/libcrypto/rsa/rsa_err.c
+++ b/src/lib/libcrypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
1/* crypto/rsa/rsa_err.c */ 1/* crypto/rsa/rsa_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -78,7 +78,6 @@ static ERR_STRING_DATA RSA_str_functs[]=
78{ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"}, 78{ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"},
79{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"}, 79{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
80{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"}, 80{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
81{ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"},
82{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"}, 81{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
83{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, 82{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
84{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, 83{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
@@ -87,8 +86,6 @@ static ERR_STRING_DATA RSA_str_functs[]=
87{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, 86{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
88{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, 87{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
89{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"}, 88{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
90{ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"},
91{ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
92{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, 89{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
93{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, 90{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
94{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, 91{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
@@ -100,7 +97,6 @@ static ERR_STRING_DATA RSA_str_functs[]=
100{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, 97{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
101{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, 98{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
102{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"}, 99{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
103{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1), "RSA_padding_add_PKCS1_PSS_mgf1"},
104{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"}, 100{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
105{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"}, 101{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
106{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"}, 102{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
@@ -113,12 +109,8 @@ static ERR_STRING_DATA RSA_str_functs[]=
113{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, 109{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
114{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, 110{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
115{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, 111{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
116{ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT), "RSA_private_decrypt"},
117{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"},
118{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"}, 112{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
119{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"}, 113{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
120{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"},
121{ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
122{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"}, 114{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
123{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, 115{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
124{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, 116{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
@@ -126,7 +118,6 @@ static ERR_STRING_DATA RSA_str_functs[]=
126{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, 118{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
127{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"}, 119{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
128{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"}, 120{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
129{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
130{0,NULL} 121{0,NULL}
131 }; 122 };
132 123
@@ -155,24 +146,19 @@ static ERR_STRING_DATA RSA_str_reasons[]=
155{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"}, 146{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
156{ERR_REASON(RSA_R_INVALID_KEYBITS) ,"invalid keybits"}, 147{ERR_REASON(RSA_R_INVALID_KEYBITS) ,"invalid keybits"},
157{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"}, 148{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
158{ERR_REASON(RSA_R_INVALID_MGF1_MD) ,"invalid mgf1 md"},
159{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"}, 149{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
160{ERR_REASON(RSA_R_INVALID_PADDING_MODE) ,"invalid padding mode"}, 150{ERR_REASON(RSA_R_INVALID_PADDING_MODE) ,"invalid padding mode"},
161{ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS),"invalid pss parameters"},
162{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN) ,"invalid pss saltlen"}, 151{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN) ,"invalid pss saltlen"},
163{ERR_REASON(RSA_R_INVALID_SALT_LENGTH) ,"invalid salt length"},
164{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"}, 152{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"},
165{ERR_REASON(RSA_R_INVALID_X931_DIGEST) ,"invalid x931 digest"}, 153{ERR_REASON(RSA_R_INVALID_X931_DIGEST) ,"invalid x931 digest"},
166{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"}, 154{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
167{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, 155{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
168{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, 156{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
169{ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, 157{ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
170{ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD) ,"non fips rsa method"},
171{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, 158{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"},
172{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, 159{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
173{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, 160{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},
174{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, 161{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"},
175{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"},
176{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"}, 162{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),"operation not supported for this keytype"},
177{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, 163{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"},
178{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, 164{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
@@ -183,12 +169,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
183{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"}, 169{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
184{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, 170{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
185{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, 171{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
186{ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST) ,"unknown mask digest"},
187{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, 172{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
188{ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST) ,"unknown pss digest"},
189{ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),"unsupported mask algorithm"},
190{ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),"unsupported mask parameter"},
191{ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),"unsupported signature type"},
192{ERR_REASON(RSA_R_VALUE_MISSING) ,"value missing"}, 173{ERR_REASON(RSA_R_VALUE_MISSING) ,"value missing"},
193{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, 174{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
194{0,NULL} 175{0,NULL}
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
index 42290cce66..767f7ab682 100644
--- a/src/lib/libcrypto/rsa/rsa_gen.c
+++ b/src/lib/libcrypto/rsa/rsa_gen.c
@@ -67,9 +67,6 @@
67#include "cryptlib.h" 67#include "cryptlib.h"
68#include <openssl/bn.h> 68#include <openssl/bn.h>
69#include <openssl/rsa.h> 69#include <openssl/rsa.h>
70#ifdef OPENSSL_FIPS
71#include <openssl/fips.h>
72#endif
73 70
74static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); 71static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb);
75 72
@@ -80,20 +77,8 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
80 * now just because key-generation is part of RSA_METHOD. */ 77 * now just because key-generation is part of RSA_METHOD. */
81int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) 78int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
82 { 79 {
83#ifdef OPENSSL_FIPS
84 if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
85 && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
86 {
87 RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD);
88 return 0;
89 }
90#endif
91 if(rsa->meth->rsa_keygen) 80 if(rsa->meth->rsa_keygen)
92 return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); 81 return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
93#ifdef OPENSSL_FIPS
94 if (FIPS_mode())
95 return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb);
96#endif
97 return rsa_builtin_keygen(rsa, bits, e_value, cb); 82 return rsa_builtin_keygen(rsa, bits, e_value, cb);
98 } 83 }
99 84
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index c95ceafc82..de45088d76 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -67,10 +67,6 @@
67#include <openssl/engine.h> 67#include <openssl/engine.h>
68#endif 68#endif
69 69
70#ifdef OPENSSL_FIPS
71#include <openssl/fips.h>
72#endif
73
74const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; 70const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;
75 71
76static const RSA_METHOD *default_RSA_meth=NULL; 72static const RSA_METHOD *default_RSA_meth=NULL;
@@ -91,15 +87,12 @@ const RSA_METHOD *RSA_get_default_method(void)
91 { 87 {
92 if (default_RSA_meth == NULL) 88 if (default_RSA_meth == NULL)
93 { 89 {
94#ifdef OPENSSL_FIPS
95 if (FIPS_mode())
96 return FIPS_rsa_pkcs1_ssleay();
97 else
98 return RSA_PKCS1_SSLeay();
99#else
100#ifdef RSA_NULL 90#ifdef RSA_NULL
101 default_RSA_meth=RSA_null_method(); 91 default_RSA_meth=RSA_null_method();
102#else 92#else
93#if 0 /* was: #ifdef RSAref */
94 default_RSA_meth=RSA_PKCS1_RSAref();
95#else
103 default_RSA_meth=RSA_PKCS1_SSLeay(); 96 default_RSA_meth=RSA_PKCS1_SSLeay();
104#endif 97#endif
105#endif 98#endif
@@ -188,7 +181,7 @@ RSA *RSA_new_method(ENGINE *engine)
188 ret->blinding=NULL; 181 ret->blinding=NULL;
189 ret->mt_blinding=NULL; 182 ret->mt_blinding=NULL;
190 ret->bignum_data=NULL; 183 ret->bignum_data=NULL;
191 ret->flags=ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW; 184 ret->flags=ret->meth->flags;
192 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) 185 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
193 { 186 {
194#ifndef OPENSSL_NO_ENGINE 187#ifndef OPENSSL_NO_ENGINE
@@ -287,6 +280,163 @@ void *RSA_get_ex_data(const RSA *r, int idx)
287 return(CRYPTO_get_ex_data(&r->ex_data,idx)); 280 return(CRYPTO_get_ex_data(&r->ex_data,idx));
288 } 281 }
289 282
283int RSA_size(const RSA *r)
284 {
285 return(BN_num_bytes(r->n));
286 }
287
288int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
289 RSA *rsa, int padding)
290 {
291 return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
292 }
293
294int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
295 RSA *rsa, int padding)
296 {
297 return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
298 }
299
300int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
301 RSA *rsa, int padding)
302 {
303 return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
304 }
305
306int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
307 RSA *rsa, int padding)
308 {
309 return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
310 }
311
312int RSA_flags(const RSA *r)
313 {
314 return((r == NULL)?0:r->meth->flags);
315 }
316
317void RSA_blinding_off(RSA *rsa)
318 {
319 if (rsa->blinding != NULL)
320 {
321 BN_BLINDING_free(rsa->blinding);
322 rsa->blinding=NULL;
323 }
324 rsa->flags &= ~RSA_FLAG_BLINDING;
325 rsa->flags |= RSA_FLAG_NO_BLINDING;
326 }
327
328int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
329 {
330 int ret=0;
331
332 if (rsa->blinding != NULL)
333 RSA_blinding_off(rsa);
334
335 rsa->blinding = RSA_setup_blinding(rsa, ctx);
336 if (rsa->blinding == NULL)
337 goto err;
338
339 rsa->flags |= RSA_FLAG_BLINDING;
340 rsa->flags &= ~RSA_FLAG_NO_BLINDING;
341 ret=1;
342err:
343 return(ret);
344 }
345
346static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
347 const BIGNUM *q, BN_CTX *ctx)
348{
349 BIGNUM *ret = NULL, *r0, *r1, *r2;
350
351 if (d == NULL || p == NULL || q == NULL)
352 return NULL;
353
354 BN_CTX_start(ctx);
355 r0 = BN_CTX_get(ctx);
356 r1 = BN_CTX_get(ctx);
357 r2 = BN_CTX_get(ctx);
358 if (r2 == NULL)
359 goto err;
360
361 if (!BN_sub(r1, p, BN_value_one())) goto err;
362 if (!BN_sub(r2, q, BN_value_one())) goto err;
363 if (!BN_mul(r0, r1, r2, ctx)) goto err;
364
365 ret = BN_mod_inverse(NULL, d, r0, ctx);
366err:
367 BN_CTX_end(ctx);
368 return ret;
369}
370
371BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
372{
373 BIGNUM local_n;
374 BIGNUM *e,*n;
375 BN_CTX *ctx;
376 BN_BLINDING *ret = NULL;
377
378 if (in_ctx == NULL)
379 {
380 if ((ctx = BN_CTX_new()) == NULL) return 0;
381 }
382 else
383 ctx = in_ctx;
384
385 BN_CTX_start(ctx);
386 e = BN_CTX_get(ctx);
387 if (e == NULL)
388 {
389 RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
390 goto err;
391 }
392
393 if (rsa->e == NULL)
394 {
395 e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
396 if (e == NULL)
397 {
398 RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
399 goto err;
400 }
401 }
402 else
403 e = rsa->e;
404
405
406 if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
407 {
408 /* if PRNG is not properly seeded, resort to secret
409 * exponent as unpredictable seed */
410 RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
411 }
412
413 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
414 {
415 /* Set BN_FLG_CONSTTIME flag */
416 n = &local_n;
417 BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
418 }
419 else
420 n = rsa->n;
421
422 ret = BN_BLINDING_create_param(NULL, e, n, ctx,
423 rsa->meth->bn_mod_exp, rsa->_method_mod_n);
424 if (ret == NULL)
425 {
426 RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
427 goto err;
428 }
429 CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
430err:
431 BN_CTX_end(ctx);
432 if (in_ctx == NULL)
433 BN_CTX_free(ctx);
434 if(rsa->e == NULL)
435 BN_free(e);
436
437 return ret;
438}
439
290int RSA_memory_lock(RSA *r) 440int RSA_memory_lock(RSA *r)
291 { 441 {
292 int i,j,k,off; 442 int i,j,k,off;
diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c
new file mode 100644
index 0000000000..2f2202f142
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_null.c
@@ -0,0 +1,151 @@
1/* rsa_null.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/rand.h>
64
65/* This is a dummy RSA implementation that just returns errors when called.
66 * It is designed to allow some RSA functions to work while stopping those
67 * covered by the RSA patent. That is RSA, encryption, decryption, signing
68 * and verify is not allowed but RSA key generation, key checking and other
69 * operations (like storing RSA keys) are permitted.
70 */
71
72static int RSA_null_public_encrypt(int flen, const unsigned char *from,
73 unsigned char *to, RSA *rsa,int padding);
74static int RSA_null_private_encrypt(int flen, const unsigned char *from,
75 unsigned char *to, RSA *rsa,int padding);
76static int RSA_null_public_decrypt(int flen, const unsigned char *from,
77 unsigned char *to, RSA *rsa,int padding);
78static int RSA_null_private_decrypt(int flen, const unsigned char *from,
79 unsigned char *to, RSA *rsa,int padding);
80#if 0 /* not currently used */
81static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa);
82#endif
83static int RSA_null_init(RSA *rsa);
84static int RSA_null_finish(RSA *rsa);
85static RSA_METHOD rsa_null_meth={
86 "Null RSA",
87 RSA_null_public_encrypt,
88 RSA_null_public_decrypt,
89 RSA_null_private_encrypt,
90 RSA_null_private_decrypt,
91 NULL,
92 NULL,
93 RSA_null_init,
94 RSA_null_finish,
95 0,
96 NULL,
97 NULL,
98 NULL,
99 NULL
100 };
101
102const RSA_METHOD *RSA_null_method(void)
103 {
104 return(&rsa_null_meth);
105 }
106
107static int RSA_null_public_encrypt(int flen, const unsigned char *from,
108 unsigned char *to, RSA *rsa, int padding)
109 {
110 RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
111 return -1;
112 }
113
114static int RSA_null_private_encrypt(int flen, const unsigned char *from,
115 unsigned char *to, RSA *rsa, int padding)
116 {
117 RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
118 return -1;
119 }
120
121static int RSA_null_private_decrypt(int flen, const unsigned char *from,
122 unsigned char *to, RSA *rsa, int padding)
123 {
124 RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
125 return -1;
126 }
127
128static int RSA_null_public_decrypt(int flen, const unsigned char *from,
129 unsigned char *to, RSA *rsa, int padding)
130 {
131 RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
132 return -1;
133 }
134
135#if 0 /* not currently used */
136static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
137 {
138 ...err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
139 return -1;
140 }
141#endif
142
143static int RSA_null_init(RSA *rsa)
144 {
145 return(1);
146 }
147
148static int RSA_null_finish(RSA *rsa)
149 {
150 return(1);
151 }
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index 553d212ebe..18d307ea9e 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -56,8 +56,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
56 seed = to + 1; 56 seed = to + 1;
57 db = to + SHA_DIGEST_LENGTH + 1; 57 db = to + SHA_DIGEST_LENGTH + 1;
58 58
59 if (!EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL)) 59 EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
60 return 0;
61 memset(db + SHA_DIGEST_LENGTH, 0, 60 memset(db + SHA_DIGEST_LENGTH, 0,
62 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); 61 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
63 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; 62 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
@@ -146,8 +145,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
146 for (i = 0; i < dblen; i++) 145 for (i = 0; i < dblen; i++)
147 db[i] ^= maskeddb[i]; 146 db[i] ^= maskeddb[i];
148 147
149 if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL)) 148 EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
150 return -1;
151 149
152 if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad) 150 if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
153 goto decoding_err; 151 goto decoding_err;
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index b6f6037ae0..0be4ec7fb0 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -77,14 +77,6 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
77 const unsigned char *s = NULL; 77 const unsigned char *s = NULL;
78 X509_ALGOR algor; 78 X509_ALGOR algor;
79 ASN1_OCTET_STRING digest; 79 ASN1_OCTET_STRING digest;
80#ifdef OPENSSL_FIPS
81 if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
82 && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
83 {
84 RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD);
85 return 0;
86 }
87#endif
88 if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) 80 if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign)
89 { 81 {
90 return rsa->meth->rsa_sign(type, m, m_len, 82 return rsa->meth->rsa_sign(type, m, m_len,
@@ -161,15 +153,6 @@ int int_rsa_verify(int dtype, const unsigned char *m,
161 unsigned char *s; 153 unsigned char *s;
162 X509_SIG *sig=NULL; 154 X509_SIG *sig=NULL;
163 155
164#ifdef OPENSSL_FIPS
165 if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
166 && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW))
167 {
168 RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_NON_FIPS_RSA_METHOD);
169 return 0;
170 }
171#endif
172
173 if (siglen != (unsigned int)RSA_size(rsa)) 156 if (siglen != (unsigned int)RSA_size(rsa))
174 { 157 {
175 RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); 158 RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
@@ -199,22 +182,6 @@ int int_rsa_verify(int dtype, const unsigned char *m,
199 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); 182 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
200 183
201 if (i <= 0) goto err; 184 if (i <= 0) goto err;
202 /* Oddball MDC2 case: signature can be OCTET STRING.
203 * check for correct tag and length octets.
204 */
205 if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10)
206 {
207 if (rm)
208 {
209 memcpy(rm, s + 2, 16);
210 *prm_len = 16;
211 ret = 1;
212 }
213 else if(memcmp(m, s + 2, 16))
214 RSAerr(RSA_F_INT_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
215 else
216 ret = 1;
217 }
218 185
219 /* Special case: SSL signature */ 186 /* Special case: SSL signature */
220 if(dtype == NID_md5_sha1) { 187 if(dtype == NID_md5_sha1) {
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c
new file mode 100644
index 0000000000..c8705a0f6e
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_test.c
@@ -0,0 +1,340 @@
1/* test vectors from p1ovect1.txt */
2
3#include <stdio.h>
4#include <string.h>
5
6#include "e_os.h"
7
8#include <openssl/crypto.h>
9#include <openssl/err.h>
10#include <openssl/rand.h>
11#include <openssl/bn.h>
12#ifdef OPENSSL_NO_RSA
13int main(int argc, char *argv[])
14{
15 printf("No RSA support\n");
16 return(0);
17}
18#else
19#include <openssl/rsa.h>
20
21#define SetKey \
22 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
23 key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
24 key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
25 key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
26 key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
27 key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
28 key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
29 key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
30 memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
31 return (sizeof(ctext_ex) - 1);
32
33static int key1(RSA *key, unsigned char *c)
34 {
35 static unsigned char n[] =
36"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
37"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
38"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
39"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
40"\xF5";
41
42 static unsigned char e[] = "\x11";
43
44 static unsigned char d[] =
45"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
46"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
47"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
48"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
49
50 static unsigned char p[] =
51"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
52"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
53"\x0D";
54
55 static unsigned char q[] =
56"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
57"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
58"\x89";
59
60 static unsigned char dmp1[] =
61"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
62"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
63
64 static unsigned char dmq1[] =
65"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
66"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
67"\x51";
68
69 static unsigned char iqmp[] =
70"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
71"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
72
73 static unsigned char ctext_ex[] =
74"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
75"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
76"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
77"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
78
79 SetKey;
80 }
81
82static int key2(RSA *key, unsigned char *c)
83 {
84 static unsigned char n[] =
85"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
86"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
87"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
88"\x34\x77\xCF";
89
90 static unsigned char e[] = "\x3";
91
92 static unsigned char d[] =
93"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
94"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
95"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
96"\xE5\xEB";
97
98 static unsigned char p[] =
99"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
100"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
101
102 static unsigned char q[] =
103"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
104"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
105
106 static unsigned char dmp1[] =
107"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
108"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
109
110 static unsigned char dmq1[] =
111"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
112"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
113
114 static unsigned char iqmp[] =
115"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
116"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
117
118 static unsigned char ctext_ex[] =
119"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
120"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
121"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
122"\x62\x51";
123
124 SetKey;
125 }
126
127static int key3(RSA *key, unsigned char *c)
128 {
129 static unsigned char n[] =
130"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
131"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
132"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
133"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
134"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
135"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
136"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
137"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
138"\xCB";
139
140 static unsigned char e[] = "\x11";
141
142 static unsigned char d[] =
143"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
144"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
145"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
146"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
147"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
148"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
149"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
150"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
151"\xC1";
152
153 static unsigned char p[] =
154"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
155"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
156"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
157"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
158"\x99";
159
160 static unsigned char q[] =
161"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
162"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
163"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
164"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
165"\x03";
166
167 static unsigned char dmp1[] =
168"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
169"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
170"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
171"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
172
173 static unsigned char dmq1[] =
174"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
175"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
176"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
177"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
178
179 static unsigned char iqmp[] =
180"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
181"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
182"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
183"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
184"\xF7";
185
186 static unsigned char ctext_ex[] =
187"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
188"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
189"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
190"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
191"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
192"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
193"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
194"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
195
196 SetKey;
197 }
198
199static int pad_unknown(void)
200{
201 unsigned long l;
202 while ((l = ERR_get_error()) != 0)
203 if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
204 return(1);
205 return(0);
206}
207
208static const char rnd_seed[] = "string to make the random number generator think it has entropy";
209
210int main(int argc, char *argv[])
211 {
212 int err=0;
213 int v;
214 RSA *key;
215 unsigned char ptext[256];
216 unsigned char ctext[256];
217 static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
218 unsigned char ctext_ex[256];
219 int plen;
220 int clen = 0;
221 int num;
222 int n;
223
224 CRYPTO_malloc_debug_init();
225 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
226 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
227
228 RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
229
230 plen = sizeof(ptext_ex) - 1;
231
232 for (v = 0; v < 6; v++)
233 {
234 key = RSA_new();
235 switch (v%3) {
236 case 0:
237 clen = key1(key, ctext_ex);
238 break;
239 case 1:
240 clen = key2(key, ctext_ex);
241 break;
242 case 2:
243 clen = key3(key, ctext_ex);
244 break;
245 }
246 if (v/3 >= 1) key->flags |= RSA_FLAG_NO_CONSTTIME;
247
248 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
249 RSA_PKCS1_PADDING);
250 if (num != clen)
251 {
252 printf("PKCS#1 v1.5 encryption failed!\n");
253 err=1;
254 goto oaep;
255 }
256
257 num = RSA_private_decrypt(num, ctext, ptext, key,
258 RSA_PKCS1_PADDING);
259 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
260 {
261 printf("PKCS#1 v1.5 decryption failed!\n");
262 err=1;
263 }
264 else
265 printf("PKCS #1 v1.5 encryption/decryption ok\n");
266
267 oaep:
268 ERR_clear_error();
269 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
270 RSA_PKCS1_OAEP_PADDING);
271 if (num == -1 && pad_unknown())
272 {
273 printf("No OAEP support\n");
274 goto next;
275 }
276 if (num != clen)
277 {
278 printf("OAEP encryption failed!\n");
279 err=1;
280 goto next;
281 }
282
283 num = RSA_private_decrypt(num, ctext, ptext, key,
284 RSA_PKCS1_OAEP_PADDING);
285 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
286 {
287 printf("OAEP decryption (encrypted data) failed!\n");
288 err=1;
289 }
290 else if (memcmp(ctext, ctext_ex, num) == 0)
291 printf("OAEP test vector %d passed!\n", v);
292
293 /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
294 Try decrypting ctext_ex */
295
296 num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
297 RSA_PKCS1_OAEP_PADDING);
298
299 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
300 {
301 printf("OAEP decryption (test vector data) failed!\n");
302 err=1;
303 }
304 else
305 printf("OAEP encryption/decryption ok\n");
306
307 /* Try decrypting corrupted ciphertexts */
308 for(n = 0 ; n < clen ; ++n)
309 {
310 int b;
311 unsigned char saved = ctext[n];
312 for(b = 0 ; b < 256 ; ++b)
313 {
314 if(b == saved)
315 continue;
316 ctext[n] = b;
317 num = RSA_private_decrypt(num, ctext, ptext, key,
318 RSA_PKCS1_OAEP_PADDING);
319 if(num > 0)
320 {
321 printf("Corrupt data decrypted!\n");
322 err = 1;
323 }
324 }
325 }
326 next:
327 RSA_free(key);
328 }
329
330 CRYPTO_cleanup_all_ex_data();
331 ERR_remove_thread_state(NULL);
332
333 CRYPTO_mem_leaks_fp(stderr);
334
335#ifdef OPENSSL_SYS_NETWARE
336 if (err) printf("ERROR: %d\n", err);
337#endif
338 return err;
339 }
340#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-10 21:42:49 +0000