summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/rsa')
-rw-r--r--src/lib/libcrypto/rsa/Makefile.ssl45
-rw-r--r--src/lib/libcrypto/rsa/rsa.h33
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c4
-rw-r--r--src/lib/libcrypto/rsa/rsa_err.c5
-rw-r--r--src/lib/libcrypto/rsa/rsa_gen.c1
-rw-r--r--src/lib/libcrypto/rsa/rsa_lib.c24
-rw-r--r--src/lib/libcrypto/rsa/rsa_null.c149
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep.c3
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep_test.c309
-rw-r--r--src/lib/libcrypto/rsa/rsa_pk1.c18
-rw-r--r--src/lib/libcrypto/rsa/rsa_saos.c2
-rw-r--r--src/lib/libcrypto/rsa/rsa_sign.c153
-rw-r--r--src/lib/libcrypto/rsa/rsa_ssl.c11
-rw-r--r--src/lib/libcrypto/rsa/rsa_test.c314
14 files changed, 659 insertions, 412 deletions
diff --git a/src/lib/libcrypto/rsa/Makefile.ssl b/src/lib/libcrypto/rsa/Makefile.ssl
index 3bb89701a2..7b3960e70d 100644
--- a/src/lib/libcrypto/rsa/Makefile.ssl
+++ b/src/lib/libcrypto/rsa/Makefile.ssl
@@ -18,14 +18,14 @@ AR= ar r
18CFLAGS= $(INCLUDES) $(CFLAG) 18CFLAGS= $(INCLUDES) $(CFLAG)
19 19
20GENERAL=Makefile 20GENERAL=Makefile
21TEST=rsa_oaep_test.c 21TEST=rsa_test.c
22APPS= 22APPS=
23 23
24LIB=$(TOP)/libcrypto.a 24LIB=$(TOP)/libcrypto.a
25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ 25LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c 26 rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c
27LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ 27LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
28 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o 28 rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o
29 29
30SRC= $(LIBSRC) 30SRC= $(LIBSRC)
31 31
@@ -83,52 +83,61 @@ clean:
83rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h 83rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
84rsa_chk.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 84rsa_chk.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
85rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h 85rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
86rsa_chk.o: ../../include/openssl/stack.h 86rsa_chk.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
87rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 87rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
88rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 88rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
89rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 89rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
90rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 90rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
91rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 91rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
92rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/stack.h 92rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
93rsa_eay.o: ../cryptlib.h 93rsa_eay.o: ../../include/openssl/stack.h ../cryptlib.h
94rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h 94rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
95rsa_err.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 95rsa_err.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
96rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h 96rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
97rsa_err.o: ../../include/openssl/stack.h 97rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
98rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 98rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
99rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 99rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
100rsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 100rsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
101rsa_gen.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 101rsa_gen.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
102rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h 102rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
103rsa_gen.o: ../../include/openssl/stack.h ../cryptlib.h 103rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
104rsa_gen.o: ../cryptlib.h
104rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 105rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
105rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 106rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
106rsa_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 107rsa_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
107rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 108rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
108rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 109rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
109rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/stack.h 110rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
110rsa_lib.o: ../cryptlib.h 111rsa_lib.o: ../../include/openssl/stack.h ../cryptlib.h
111rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 112rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
112rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 113rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
113rsa_none.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 114rsa_none.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
114rsa_none.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 115rsa_none.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
115rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 116rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
116rsa_none.o: ../../include/openssl/rsa.h ../../include/openssl/stack.h 117rsa_none.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
117rsa_none.o: ../cryptlib.h 118rsa_none.o: ../../include/openssl/stack.h ../cryptlib.h
119rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
120rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
121rsa_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
122rsa_null.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
123rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
124rsa_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
125rsa_null.o: ../../include/openssl/stack.h ../cryptlib.h
118rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 126rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
119rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 127rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
120rsa_oaep.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 128rsa_oaep.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
121rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 129rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
122rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 130rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
123rsa_oaep.o: ../../include/openssl/rsa.h ../../include/openssl/sha.h 131rsa_oaep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
124rsa_oaep.o: ../../include/openssl/stack.h ../cryptlib.h 132rsa_oaep.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
133rsa_oaep.o: ../cryptlib.h
125rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 134rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
126rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 135rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
127rsa_pk1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 136rsa_pk1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
128rsa_pk1.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 137rsa_pk1.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
129rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 138rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
130rsa_pk1.o: ../../include/openssl/rsa.h ../../include/openssl/stack.h 139rsa_pk1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
131rsa_pk1.o: ../cryptlib.h 140rsa_pk1.o: ../../include/openssl/stack.h ../cryptlib.h
132rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 141rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
133rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 142rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
134rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h 143rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -168,5 +177,5 @@ rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
168rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h 177rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
169rsa_ssl.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 178rsa_ssl.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
170rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 179rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
171rsa_ssl.o: ../../include/openssl/rsa.h ../../include/openssl/stack.h 180rsa_ssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
172rsa_ssl.o: ../cryptlib.h 181rsa_ssl.o: ../../include/openssl/stack.h ../cryptlib.h
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
index 9230b2fcc9..f9f9b5cfe9 100644
--- a/src/lib/libcrypto/rsa/rsa.h
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -91,6 +91,18 @@ typedef struct rsa_meth_st
91 int (*finish)(RSA *rsa); /* called at free */ 91 int (*finish)(RSA *rsa); /* called at free */
92 int flags; /* RSA_METHOD_FLAG_* things */ 92 int flags; /* RSA_METHOD_FLAG_* things */
93 char *app_data; /* may be needed! */ 93 char *app_data; /* may be needed! */
94/* New sign and verify functions: some libraries don't allow arbitrary data
95 * to be signed/verified: this allows them to be used. Note: for this to work
96 * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
97 * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
98 * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
99 * option is set in 'flags'.
100 */
101 int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
102 unsigned char *sigret, unsigned int *siglen, RSA *rsa);
103 int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len,
104 unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
105
94 } RSA_METHOD; 106 } RSA_METHOD;
95 107
96struct rsa_st 108struct rsa_st
@@ -140,12 +152,16 @@ struct rsa_st
140 */ 152 */
141#define RSA_FLAG_EXT_PKEY 0x20 153#define RSA_FLAG_EXT_PKEY 0x20
142 154
155/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
156 */
157#define RSA_FLAG_SIGN_VER 0x40
158
143#define RSA_PKCS1_PADDING 1 159#define RSA_PKCS1_PADDING 1
144#define RSA_SSLV23_PADDING 2 160#define RSA_SSLV23_PADDING 2
145#define RSA_NO_PADDING 3 161#define RSA_NO_PADDING 3
146#define RSA_PKCS1_OAEP_PADDING 4 162#define RSA_PKCS1_OAEP_PADDING 4
147 163
148#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,(char *)arg) 164#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg)
149#define RSA_get_app_data(s) RSA_get_ex_data(s,0) 165#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
150 166
151RSA * RSA_new(void); 167RSA * RSA_new(void);
@@ -181,6 +197,8 @@ RSA_METHOD *RSA_PKCS1_RSAref(void);
181/* these are the actual SSLeay RSA functions */ 197/* these are the actual SSLeay RSA functions */
182RSA_METHOD *RSA_PKCS1_SSLeay(void); 198RSA_METHOD *RSA_PKCS1_SSLeay(void);
183 199
200RSA_METHOD *RSA_null_method(void);
201
184void ERR_load_RSA_strings(void ); 202void ERR_load_RSA_strings(void );
185 203
186RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); 204RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
@@ -241,10 +259,10 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
241int RSA_padding_check_none(unsigned char *to,int tlen, 259int RSA_padding_check_none(unsigned char *to,int tlen,
242 unsigned char *f,int fl,int rsa_len); 260 unsigned char *f,int fl,int rsa_len);
243 261
244int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), 262int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
245 int (*dup_func)(), void (*free_func)()); 263 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
246int RSA_set_ex_data(RSA *r,int idx,char *arg); 264int RSA_set_ex_data(RSA *r,int idx,void *arg);
247char *RSA_get_ex_data(RSA *r, int idx); 265void *RSA_get_ex_data(RSA *r, int idx);
248 266
249/* BEGIN ERROR CODES */ 267/* BEGIN ERROR CODES */
250/* The following lines are auto generated by the script mkerr.pl. Any changes 268/* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -262,6 +280,7 @@ char *RSA_get_ex_data(RSA *r, int idx);
262#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 280#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
263#define RSA_F_RSA_GENERATE_KEY 105 281#define RSA_F_RSA_GENERATE_KEY 105
264#define RSA_F_RSA_NEW_METHOD 106 282#define RSA_F_RSA_NEW_METHOD 106
283#define RSA_F_RSA_NULL 124
265#define RSA_F_RSA_PADDING_ADD_NONE 107 284#define RSA_F_RSA_PADDING_ADD_NONE 107
266#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 285#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
267#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 286#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
@@ -292,10 +311,11 @@ char *RSA_get_ex_data(RSA *r, int idx);
292#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 311#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
293#define RSA_R_DATA_TOO_SMALL 111 312#define RSA_R_DATA_TOO_SMALL 111
294#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 313#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
295#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
296#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 314#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
297#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 315#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
298#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 316#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
317#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
318#define RSA_R_INVALID_MESSAGE_LENGTH 131
299#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 319#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
300#define RSA_R_KEY_SIZE_TOO_SMALL 120 320#define RSA_R_KEY_SIZE_TOO_SMALL 120
301#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 321#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
@@ -304,6 +324,7 @@ char *RSA_get_ex_data(RSA *r, int idx);
304#define RSA_R_PADDING_CHECK_FAILED 114 324#define RSA_R_PADDING_CHECK_FAILED 114
305#define RSA_R_P_NOT_PRIME 128 325#define RSA_R_P_NOT_PRIME 128
306#define RSA_R_Q_NOT_PRIME 129 326#define RSA_R_Q_NOT_PRIME 129
327#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
307#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 328#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
308#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 329#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
309#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 330#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index 776324860c..179b7da90a 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -72,6 +72,8 @@
72#include <openssl/rsa.h> 72#include <openssl/rsa.h>
73#include <openssl/rand.h> 73#include <openssl/rand.h>
74 74
75#ifndef RSA_NULL
76
75static int RSA_eay_public_encrypt(int flen, unsigned char *from, 77static int RSA_eay_public_encrypt(int flen, unsigned char *from,
76 unsigned char *to, RSA *rsa,int padding); 78 unsigned char *to, RSA *rsa,int padding);
77static int RSA_eay_private_encrypt(int flen, unsigned char *from, 79static int RSA_eay_private_encrypt(int flen, unsigned char *from,
@@ -285,4 +287,4 @@ static int RSA_eay_finish(RSA *rsa)
285 return(1); 287 return(1);
286 } 288 }
287 289
288 290#endif
diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c
index 9fb15e398d..5cfbea2b03 100644
--- a/src/lib/libcrypto/rsa/rsa_err.c
+++ b/src/lib/libcrypto/rsa/rsa_err.c
@@ -73,6 +73,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
73{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"}, 73{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
74{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"}, 74{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
75{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"}, 75{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
76{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"},
76{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"}, 77{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"},
77{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"}, 78{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"},
78{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"}, 79{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"},
@@ -106,10 +107,11 @@ static ERR_STRING_DATA RSA_str_reasons[]=
106{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, 107{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
107{RSA_R_DATA_TOO_SMALL ,"data too small"}, 108{RSA_R_DATA_TOO_SMALL ,"data too small"},
108{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"}, 109{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
109{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"},
110{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"}, 110{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
111{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"}, 111{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"},
112{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"}, 112{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"},
113{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"},
114{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"},
113{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"}, 115{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"},
114{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"}, 116{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"},
115{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, 117{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
@@ -118,6 +120,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
118{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"}, 120{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
119{RSA_R_P_NOT_PRIME ,"p not prime"}, 121{RSA_R_P_NOT_PRIME ,"p not prime"},
120{RSA_R_Q_NOT_PRIME ,"q not prime"}, 122{RSA_R_Q_NOT_PRIME ,"q not prime"},
123{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"},
121{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"}, 124{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
122{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, 125{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
123{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"}, 126{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
index 3227dba794..b1ee5d8dce 100644
--- a/src/lib/libcrypto/rsa/rsa_gen.c
+++ b/src/lib/libcrypto/rsa/rsa_gen.c
@@ -85,6 +85,7 @@ err:
85 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); 85 RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
86 ok=0; 86 ok=0;
87 } 87 }
88 BN_CTX_end(ctx);
88 BN_CTX_free(ctx); 89 BN_CTX_free(ctx);
89 BN_CTX_free(ctx2); 90 BN_CTX_free(ctx2);
90 91
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index c0ca2923a6..074a4f5074 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -67,7 +67,7 @@ const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
67 67
68static RSA_METHOD *default_RSA_meth=NULL; 68static RSA_METHOD *default_RSA_meth=NULL;
69static int rsa_meth_num=0; 69static int rsa_meth_num=0;
70static STACK *rsa_meth=NULL; 70static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
71 71
72RSA *RSA_new(void) 72RSA *RSA_new(void)
73 { 73 {
@@ -105,11 +105,15 @@ RSA *RSA_new_method(RSA_METHOD *meth)
105 105
106 if (default_RSA_meth == NULL) 106 if (default_RSA_meth == NULL)
107 { 107 {
108#ifdef RSA_NULL
109 default_RSA_meth=RSA_null_method();
110#else
108#ifdef RSAref 111#ifdef RSAref
109 default_RSA_meth=RSA_PKCS1_RSAref(); 112 default_RSA_meth=RSA_PKCS1_RSAref();
110#else 113#else
111 default_RSA_meth=RSA_PKCS1_SSLeay(); 114 default_RSA_meth=RSA_PKCS1_SSLeay();
112#endif 115#endif
116#endif
113 } 117 }
114 ret=(RSA *)Malloc(sizeof(RSA)); 118 ret=(RSA *)Malloc(sizeof(RSA));
115 if (ret == NULL) 119 if (ret == NULL)
@@ -146,7 +150,7 @@ RSA *RSA_new_method(RSA_METHOD *meth)
146 ret=NULL; 150 ret=NULL;
147 } 151 }
148 else 152 else
149 CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); 153 CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data);
150 return(ret); 154 return(ret);
151 } 155 }
152 156
@@ -169,7 +173,7 @@ void RSA_free(RSA *r)
169 } 173 }
170#endif 174#endif
171 175
172 CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data); 176 CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data);
173 177
174 if (r->meth->finish != NULL) 178 if (r->meth->finish != NULL)
175 r->meth->finish(r); 179 r->meth->finish(r);
@@ -187,20 +191,20 @@ void RSA_free(RSA *r)
187 Free(r); 191 Free(r);
188 } 192 }
189 193
190int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), 194int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
191 int (*dup_func)(), void (*free_func)()) 195 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
192 { 196 {
193 rsa_meth_num++; 197 rsa_meth_num++;
194 return(CRYPTO_get_ex_new_index(rsa_meth_num-1, 198 return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
195 &rsa_meth,argl,argp,new_func,dup_func,free_func)); 199 &rsa_meth,argl,argp,new_func,dup_func,free_func));
196 } 200 }
197 201
198int RSA_set_ex_data(RSA *r, int idx, char *arg) 202int RSA_set_ex_data(RSA *r, int idx, void *arg)
199 { 203 {
200 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); 204 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
201 } 205 }
202 206
203char *RSA_get_ex_data(RSA *r, int idx) 207void *RSA_get_ex_data(RSA *r, int idx)
204 { 208 {
205 return(CRYPTO_get_ex_data(&r->ex_data,idx)); 209 return(CRYPTO_get_ex_data(&r->ex_data,idx));
206 } 210 }
@@ -265,19 +269,19 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
265 if (rsa->blinding != NULL) 269 if (rsa->blinding != NULL)
266 BN_BLINDING_free(rsa->blinding); 270 BN_BLINDING_free(rsa->blinding);
267 271
268 A= &(ctx->bn[0]); 272 BN_CTX_start(ctx);
269 ctx->tos++; 273 A = BN_CTX_get(ctx);
270 if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; 274 if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
271 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; 275 if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
272 276
273 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) 277 if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
274 goto err; 278 goto err;
275 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); 279 rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
276 ctx->tos--;
277 rsa->flags|=RSA_FLAG_BLINDING; 280 rsa->flags|=RSA_FLAG_BLINDING;
278 BN_free(Ai); 281 BN_free(Ai);
279 ret=1; 282 ret=1;
280err: 283err:
284 BN_CTX_end(ctx);
281 if (ctx != p_ctx) BN_CTX_free(ctx); 285 if (ctx != p_ctx) BN_CTX_free(ctx);
282 return(ret); 286 return(ret);
283 } 287 }
diff --git a/src/lib/libcrypto/rsa/rsa_null.c b/src/lib/libcrypto/rsa/rsa_null.c
new file mode 100644
index 0000000000..7b58a0eca3
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_null.c
@@ -0,0 +1,149 @@
1/* rsa_null.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rsa.h>
63#include <openssl/rand.h>
64
65/* This is a dummy RSA implementation that just returns errors when called.
66 * It is designed to allow some RSA functions to work while stopping those
67 * covered by the RSA patent. That is RSA, encryption, decryption, signing
68 * and verify is not allowed but RSA key generation, key checking and other
69 * operations (like storing RSA keys) are permitted.
70 */
71
72static int RSA_null_public_encrypt(int flen, unsigned char *from,
73 unsigned char *to, RSA *rsa,int padding);
74static int RSA_null_private_encrypt(int flen, unsigned char *from,
75 unsigned char *to, RSA *rsa,int padding);
76static int RSA_null_public_decrypt(int flen, unsigned char *from,
77 unsigned char *to, RSA *rsa,int padding);
78static int RSA_null_private_decrypt(int flen, unsigned char *from,
79 unsigned char *to, RSA *rsa,int padding);
80#if 0 /* not currently used */
81static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
82#endif
83static int RSA_null_init(RSA *rsa);
84static int RSA_null_finish(RSA *rsa);
85static RSA_METHOD rsa_null_meth={
86 "Null RSA",
87 RSA_null_public_encrypt,
88 RSA_null_public_decrypt,
89 RSA_null_private_encrypt,
90 RSA_null_private_decrypt,
91 NULL, NULL,
92 RSA_null_init,
93 RSA_null_finish,
94 0,
95 NULL,
96 };
97
98RSA_METHOD *RSA_null_method(void)
99 {
100 return(&rsa_null_meth);
101 }
102
103static int RSA_null_public_encrypt(int flen, unsigned char *from,
104 unsigned char *to, RSA *rsa, int padding)
105 {
106 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
107 return -1;
108 }
109
110static int RSA_null_private_encrypt(int flen, unsigned char *from,
111 unsigned char *to, RSA *rsa, int padding)
112 {
113 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
114 return -1;
115 }
116
117static int RSA_null_private_decrypt(int flen, unsigned char *from,
118 unsigned char *to, RSA *rsa, int padding)
119 {
120 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
121 return -1;
122 }
123
124static int RSA_null_public_decrypt(int flen, unsigned char *from,
125 unsigned char *to, RSA *rsa, int padding)
126 {
127 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
128 return -1;
129 }
130
131#if 0 /* not currently used */
132static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
133 {
134 RSAerr(RSA_F_RSA_NULL, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
135 return -1;
136 }
137#endif
138
139static int RSA_null_init(RSA *rsa)
140 {
141 return(1);
142 }
143
144static int RSA_null_finish(RSA *rsa)
145 {
146 return(1);
147 }
148
149
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index 843c40c864..1465c01f4f 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -50,7 +50,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
50 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); 50 emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
51 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; 51 db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
52 memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen); 52 memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen);
53 RAND_bytes(seed, SHA_DIGEST_LENGTH); 53 if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0)
54 return (0);
54#ifdef PKCS_TESTVECT 55#ifdef PKCS_TESTVECT
55 memcpy(seed, 56 memcpy(seed,
56 "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f", 57 "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
diff --git a/src/lib/libcrypto/rsa/rsa_oaep_test.c b/src/lib/libcrypto/rsa/rsa_oaep_test.c
index 0d4e39d3da..e69de29bb2 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep_test.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep_test.c
@@ -1,309 +0,0 @@
1/* test vectors from p1ovect1.txt */
2
3#include <stdio.h>
4#include <string.h>
5
6#include "openssl/e_os.h"
7
8#include <openssl/crypto.h>
9#include <openssl/err.h>
10#ifdef NO_RSA
11int main(int argc, char *argv[])
12{
13 printf("No RSA support\n");
14 return(0);
15}
16#else
17#include <openssl/rsa.h>
18
19#define SetKey \
20 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
21 key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
22 key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
23 key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
24 key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
25 key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
26 key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
27 key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
28 memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
29 return (sizeof(ctext_ex) - 1);
30
31static int key1(RSA *key, unsigned char *c)
32 {
33 static unsigned char n[] =
34"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
35"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
36"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
37"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
38"\xF5";
39
40 static unsigned char e[] = "\x11";
41
42 static unsigned char d[] =
43"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
44"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
45"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
46"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
47
48 static unsigned char p[] =
49"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
50"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
51"\x0D";
52
53 static unsigned char q[] =
54"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
55"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
56"\x89";
57
58 static unsigned char dmp1[] =
59"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
60"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
61
62 static unsigned char dmq1[] =
63"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
64"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
65"\x51";
66
67 static unsigned char iqmp[] =
68"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
69"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
70
71 static unsigned char ctext_ex[] =
72"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
73"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
74"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
75"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
76
77 SetKey;
78 }
79
80static int key2(RSA *key, unsigned char *c)
81 {
82 static unsigned char n[] =
83"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
84"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
85"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
86"\x34\x77\xCF";
87
88 static unsigned char e[] = "\x3";
89
90 static unsigned char d[] =
91"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
92"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
93"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
94"\xE5\xEB";
95
96 static unsigned char p[] =
97"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
98"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
99
100 static unsigned char q[] =
101"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
102"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
103
104 static unsigned char dmp1[] =
105"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
106"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
107
108 static unsigned char dmq1[] =
109"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
110"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
111
112 static unsigned char iqmp[] =
113"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
114"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
115
116 static unsigned char ctext_ex[] =
117"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
118"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
119"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
120"\x62\x51";
121
122 SetKey;
123 }
124
125static int key3(RSA *key, unsigned char *c)
126 {
127 static unsigned char n[] =
128"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
129"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
130"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
131"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
132"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
133"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
134"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
135"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
136"\xCB";
137
138 static unsigned char e[] = "\x11";
139
140 static unsigned char d[] =
141"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
142"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
143"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
144"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
145"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
146"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
147"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
148"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
149"\xC1";
150
151 static unsigned char p[] =
152"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
153"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
154"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
155"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
156"\x99";
157
158 static unsigned char q[] =
159"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
160"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
161"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
162"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
163"\x03";
164
165 static unsigned char dmp1[] =
166"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
167"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
168"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
169"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
170
171 static unsigned char dmq1[] =
172"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
173"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
174"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
175"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
176
177 static unsigned char iqmp[] =
178"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
179"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
180"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
181"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
182"\xF7";
183
184 static unsigned char ctext_ex[] =
185"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
186"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
187"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
188"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
189"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
190"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
191"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
192"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
193
194 SetKey;
195 }
196
197static int pad_unknown(void)
198{
199 unsigned long l;
200 while ((l = ERR_get_error()) != 0)
201 if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
202 return(1);
203 return(0);
204}
205
206int main()
207 {
208 int err=0;
209 int v;
210 RSA *key;
211 unsigned char ptext[256];
212 unsigned char ctext[256];
213 static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
214 unsigned char ctext_ex[256];
215 int plen;
216 int clen = 0;
217 int num;
218
219 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
220
221 plen = sizeof(ptext_ex) - 1;
222
223 for (v = 0; v < 3; v++)
224 {
225 key = RSA_new();
226 switch (v) {
227 case 0:
228 clen = key1(key, ctext_ex);
229 break;
230 case 1:
231 clen = key2(key, ctext_ex);
232 break;
233 case 2:
234 clen = key3(key, ctext_ex);
235 break;
236 }
237
238 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
239 RSA_PKCS1_PADDING);
240 if (num != clen)
241 {
242 printf("PKCS#1 v1.5 encryption failed!\n");
243 err=1;
244 goto oaep;
245 }
246
247 num = RSA_private_decrypt(num, ctext, ptext, key,
248 RSA_PKCS1_PADDING);
249 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
250 {
251 printf("PKCS#1 v1.5 decryption failed!\n");
252 err=1;
253 }
254 else
255 printf("PKCS #1 v1.5 encryption/decryption ok\n");
256
257 oaep:
258 ERR_clear_error();
259 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
260 RSA_PKCS1_OAEP_PADDING);
261 if (num == -1 && pad_unknown())
262 {
263 printf("No OAEP support\n");
264 goto next;
265 }
266 if (num != clen)
267 {
268 printf("OAEP encryption failed!\n");
269 err=1;
270 goto next;
271 }
272
273 num = RSA_private_decrypt(num, ctext, ptext, key,
274 RSA_PKCS1_OAEP_PADDING);
275 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
276 {
277 printf("OAEP decryption (encrypted data) failed!\n");
278 err=1;
279 }
280 else if (memcmp(ctext, ctext_ex, num) == 0)
281 {
282 printf("OAEP test vector %d passed!\n", v);
283 goto next;
284 }
285
286 /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
287 Try decrypting ctext_ex */
288
289 num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
290 RSA_PKCS1_OAEP_PADDING);
291
292 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
293 {
294 printf("OAEP decryption (test vector data) failed!\n");
295 err=1;
296 }
297 else
298 printf("OAEP encryption/decryption ok\n");
299 next:
300 RSA_free(key);
301 }
302
303 ERR_remove_state(0);
304
305 CRYPTO_mem_leaks_fp(stdout);
306
307 return err;
308 }
309#endif
diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c
index f0ae51f234..48a32bc264 100644
--- a/src/lib/libcrypto/rsa/rsa_pk1.c
+++ b/src/lib/libcrypto/rsa/rsa_pk1.c
@@ -79,7 +79,7 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
79 *(p++)=0; 79 *(p++)=0;
80 *(p++)=1; /* Private Key BT (Block Type) */ 80 *(p++)=1; /* Private Key BT (Block Type) */
81 81
82 /* padd out with 0xff data */ 82 /* pad out with 0xff data */
83 j=tlen-3-flen; 83 j=tlen-3-flen;
84 memset(p,0xff,j); 84 memset(p,0xff,j);
85 p+=j; 85 p+=j;
@@ -130,6 +130,11 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
130 } 130 }
131 i++; /* Skip over the '\0' */ 131 i++; /* Skip over the '\0' */
132 j-=i; 132 j-=i;
133 if (j > tlen)
134 {
135 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
136 return(-1);
137 }
133 memcpy(to,p,(unsigned int)j); 138 memcpy(to,p,(unsigned int)j);
134 139
135 return(j); 140 return(j);
@@ -155,12 +160,14 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
155 /* pad out with non-zero random data */ 160 /* pad out with non-zero random data */
156 j=tlen-3-flen; 161 j=tlen-3-flen;
157 162
158 RAND_bytes(p,j); 163 if (RAND_bytes(p,j) <= 0)
164 return(0);
159 for (i=0; i<j; i++) 165 for (i=0; i<j; i++)
160 { 166 {
161 if (*p == '\0') 167 if (*p == '\0')
162 do { 168 do {
163 RAND_bytes(p,1); 169 if (RAND_bytes(p,1) <= 0)
170 return(0);
164 } while (*p == '\0'); 171 } while (*p == '\0');
165 p++; 172 p++;
166 } 173 }
@@ -205,6 +212,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
205 } 212 }
206 i++; /* Skip over the '\0' */ 213 i++; /* Skip over the '\0' */
207 j-=i; 214 j-=i;
215 if (j > tlen)
216 {
217 RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
218 return(-1);
219 }
208 memcpy(to,p,(unsigned int)j); 220 memcpy(to,p,(unsigned int)j);
209 221
210 return(j); 222 return(j);
diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c
index 73b8b0c7ad..61efb0b00f 100644
--- a/src/lib/libcrypto/rsa/rsa_saos.c
+++ b/src/lib/libcrypto/rsa/rsa_saos.c
@@ -136,7 +136,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m,
136 else 136 else
137 ret=1; 137 ret=1;
138err: 138err:
139 if (sig != NULL) ASN1_OCTET_STRING_free(sig); 139 if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
140 memset(s,0,(unsigned int)siglen); 140 memset(s,0,(unsigned int)siglen);
141 Free(s); 141 Free(s);
142 return(ret); 142 return(ret);
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index 1740494a4c..05bb7fb74a 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -63,59 +63,77 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65 65
66/* Size of an SSL signature: MD5+SHA1 */
67#define SSL_SIG_LENGTH 36
68
66int RSA_sign(int type, unsigned char *m, unsigned int m_len, 69int RSA_sign(int type, unsigned char *m, unsigned int m_len,
67 unsigned char *sigret, unsigned int *siglen, RSA *rsa) 70 unsigned char *sigret, unsigned int *siglen, RSA *rsa)
68 { 71 {
69 X509_SIG sig; 72 X509_SIG sig;
70 ASN1_TYPE parameter; 73 ASN1_TYPE parameter;
71 int i,j,ret=1; 74 int i,j,ret=1;
72 unsigned char *p,*s; 75 unsigned char *p,*s = NULL;
73 X509_ALGOR algor; 76 X509_ALGOR algor;
74 ASN1_OCTET_STRING digest; 77 ASN1_OCTET_STRING digest;
75 78 if(rsa->flags & RSA_FLAG_SIGN_VER)
76 sig.algor= &algor; 79 return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
77 sig.algor->algorithm=OBJ_nid2obj(type); 80 /* Special case: SSL signature, just check the length */
78 if (sig.algor->algorithm == NULL) 81 if(type == NID_md5_sha1) {
79 { 82 if(m_len != SSL_SIG_LENGTH) {
80 RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); 83 RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH);
81 return(0); 84 return(0);
82 }
83 if (sig.algor->algorithm->length == 0)
84 {
85 RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
86 return(0);
87 } 85 }
88 parameter.type=V_ASN1_NULL; 86 i = SSL_SIG_LENGTH;
89 parameter.value.ptr=NULL; 87 s = m;
90 sig.algor->parameter= &parameter; 88 } else {
89 sig.algor= &algor;
90 sig.algor->algorithm=OBJ_nid2obj(type);
91 if (sig.algor->algorithm == NULL)
92 {
93 RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
94 return(0);
95 }
96 if (sig.algor->algorithm->length == 0)
97 {
98 RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
99 return(0);
100 }
101 parameter.type=V_ASN1_NULL;
102 parameter.value.ptr=NULL;
103 sig.algor->parameter= &parameter;
91 104
92 sig.digest= &digest; 105 sig.digest= &digest;
93 sig.digest->data=m; 106 sig.digest->data=m;
94 sig.digest->length=m_len; 107 sig.digest->length=m_len;
95 108
96 i=i2d_X509_SIG(&sig,NULL); 109 i=i2d_X509_SIG(&sig,NULL);
110 }
97 j=RSA_size(rsa); 111 j=RSA_size(rsa);
98 if ((i-RSA_PKCS1_PADDING) > j) 112 if ((i-RSA_PKCS1_PADDING) > j)
99 { 113 {
100 RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); 114 RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
101 return(0); 115 return(0);
102 } 116 }
103 s=(unsigned char *)Malloc((unsigned int)j+1); 117 if(type != NID_md5_sha1) {
104 if (s == NULL) 118 s=(unsigned char *)Malloc((unsigned int)j+1);
105 { 119 if (s == NULL)
106 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); 120 {
107 return(0); 121 RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
108 } 122 return(0);
109 p=s; 123 }
110 i2d_X509_SIG(&sig,&p); 124 p=s;
125 i2d_X509_SIG(&sig,&p);
126 }
111 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); 127 i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
112 if (i <= 0) 128 if (i <= 0)
113 ret=0; 129 ret=0;
114 else 130 else
115 *siglen=i; 131 *siglen=i;
116 132
117 memset(s,0,(unsigned int)j+1); 133 if(type != NID_md5_sha1) {
118 Free(s); 134 memset(s,0,(unsigned int)j+1);
135 Free(s);
136 }
119 return(ret); 137 return(ret);
120 } 138 }
121 139
@@ -132,53 +150,68 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len,
132 return(0); 150 return(0);
133 } 151 }
134 152
153 if(rsa->flags & RSA_FLAG_SIGN_VER)
154 return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
155
135 s=(unsigned char *)Malloc((unsigned int)siglen); 156 s=(unsigned char *)Malloc((unsigned int)siglen);
136 if (s == NULL) 157 if (s == NULL)
137 { 158 {
138 RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); 159 RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
139 goto err; 160 goto err;
140 } 161 }
162 if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
163 RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
164 return(0);
165 }
141 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); 166 i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
142 167
143 if (i <= 0) goto err; 168 if (i <= 0) goto err;
144 169
145 p=s; 170 /* Special case: SSL signature */
146 sig=d2i_X509_SIG(NULL,&p,(long)i); 171 if(dtype == NID_md5_sha1) {
172 if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
173 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
174 else ret = 1;
175 } else {
176 p=s;
177 sig=d2i_X509_SIG(NULL,&p,(long)i);
147 178
148 if (sig == NULL) goto err; 179 if (sig == NULL) goto err;
149 sigtype=OBJ_obj2nid(sig->algor->algorithm); 180 sigtype=OBJ_obj2nid(sig->algor->algorithm);
150 181
151 182
152#ifdef RSA_DEBUG 183 #ifdef RSA_DEBUG
153 /* put a backward compatability flag in EAY */ 184 /* put a backward compatibility flag in EAY */
154 fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), 185 fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
155 OBJ_nid2ln(dtype)); 186 OBJ_nid2ln(dtype));
156#endif 187 #endif
157 if (sigtype != dtype) 188 if (sigtype != dtype)
158 {
159 if (((dtype == NID_md5) &&
160 (sigtype == NID_md5WithRSAEncryption)) ||
161 ((dtype == NID_md2) &&
162 (sigtype == NID_md2WithRSAEncryption)))
163 { 189 {
164 /* ok, we will let it through */ 190 if (((dtype == NID_md5) &&
165#if !defined(NO_STDIO) && !defined(WIN16) 191 (sigtype == NID_md5WithRSAEncryption)) ||
166 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); 192 ((dtype == NID_md2) &&
167#endif 193 (sigtype == NID_md2WithRSAEncryption)))
194 {
195 /* ok, we will let it through */
196 #if !defined(NO_STDIO) && !defined(WIN16)
197 fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
198 #endif
199 }
200 else
201 {
202 RSAerr(RSA_F_RSA_VERIFY,
203 RSA_R_ALGORITHM_MISMATCH);
204 goto err;
205 }
168 } 206 }
169 else 207 if ( ((unsigned int)sig->digest->length != m_len) ||
208 (memcmp(m,sig->digest->data,m_len) != 0))
170 { 209 {
171 RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH); 210 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
172 goto err;
173 } 211 }
174 } 212 else
175 if ( ((unsigned int)sig->digest->length != m_len) || 213 ret=1;
176 (memcmp(m,sig->digest->data,m_len) != 0)) 214 }
177 {
178 RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
179 }
180 else
181 ret=1;
182err: 215err:
183 if (sig != NULL) X509_SIG_free(sig); 216 if (sig != NULL) X509_SIG_free(sig);
184 memset(s,0,(unsigned int)siglen); 217 memset(s,0,(unsigned int)siglen);
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c
index 1050844f8d..81a857c813 100644
--- a/src/lib/libcrypto/rsa/rsa_ssl.c
+++ b/src/lib/libcrypto/rsa/rsa_ssl.c
@@ -82,12 +82,14 @@ int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from,
82 /* pad out with non-zero random data */ 82 /* pad out with non-zero random data */
83 j=tlen-3-8-flen; 83 j=tlen-3-8-flen;
84 84
85 RAND_bytes(p,j); 85 if (RAND_bytes(p,j) <= 0)
86 return(0);
86 for (i=0; i<j; i++) 87 for (i=0; i<j; i++)
87 { 88 {
88 if (*p == '\0') 89 if (*p == '\0')
89 do { 90 do {
90 RAND_bytes(p,1); 91 if (RAND_bytes(p,1) <= 0)
92 return(0);
91 } while (*p == '\0'); 93 } while (*p == '\0');
92 p++; 94 p++;
93 } 95 }
@@ -140,6 +142,11 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
140 142
141 i++; /* Skip over the '\0' */ 143 i++; /* Skip over the '\0' */
142 j-=i; 144 j-=i;
145 if (j > tlen)
146 {
147 RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
148 return(-1);
149 }
143 memcpy(to,p,(unsigned int)j); 150 memcpy(to,p,(unsigned int)j);
144 151
145 return(j); 152 return(j);
diff --git a/src/lib/libcrypto/rsa/rsa_test.c b/src/lib/libcrypto/rsa/rsa_test.c
new file mode 100644
index 0000000000..e5ae0c1f69
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_test.c
@@ -0,0 +1,314 @@
1/* test vectors from p1ovect1.txt */
2
3#include <stdio.h>
4#include <string.h>
5
6#include "openssl/e_os.h"
7
8#include <openssl/crypto.h>
9#include <openssl/err.h>
10#include <openssl/rand.h>
11#ifdef NO_RSA
12int main(int argc, char *argv[])
13{
14 printf("No RSA support\n");
15 return(0);
16}
17#else
18#include <openssl/rsa.h>
19
20#define SetKey \
21 key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
22 key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
23 key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
24 key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
25 key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
26 key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
27 key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
28 key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
29 memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
30 return (sizeof(ctext_ex) - 1);
31
32static int key1(RSA *key, unsigned char *c)
33 {
34 static unsigned char n[] =
35"\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
36"\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
37"\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
38"\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
39"\xF5";
40
41 static unsigned char e[] = "\x11";
42
43 static unsigned char d[] =
44"\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
45"\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
46"\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
47"\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
48
49 static unsigned char p[] =
50"\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
51"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
52"\x0D";
53
54 static unsigned char q[] =
55"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
56"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
57"\x89";
58
59 static unsigned char dmp1[] =
60"\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
61"\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
62
63 static unsigned char dmq1[] =
64"\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
65"\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
66"\x51";
67
68 static unsigned char iqmp[] =
69"\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
70"\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
71
72 static unsigned char ctext_ex[] =
73"\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
74"\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
75"\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
76"\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
77
78 SetKey;
79 }
80
81static int key2(RSA *key, unsigned char *c)
82 {
83 static unsigned char n[] =
84"\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
85"\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
86"\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
87"\x34\x77\xCF";
88
89 static unsigned char e[] = "\x3";
90
91 static unsigned char d[] =
92"\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
93"\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
94"\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
95"\xE5\xEB";
96
97 static unsigned char p[] =
98"\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
99"\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
100
101 static unsigned char q[] =
102"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
103"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
104
105 static unsigned char dmp1[] =
106"\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
107"\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
108
109 static unsigned char dmq1[] =
110"\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
111"\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
112
113 static unsigned char iqmp[] =
114"\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
115"\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
116
117 static unsigned char ctext_ex[] =
118"\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
119"\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
120"\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
121"\x62\x51";
122
123 SetKey;
124 }
125
126static int key3(RSA *key, unsigned char *c)
127 {
128 static unsigned char n[] =
129"\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
130"\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
131"\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
132"\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
133"\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
134"\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
135"\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
136"\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
137"\xCB";
138
139 static unsigned char e[] = "\x11";
140
141 static unsigned char d[] =
142"\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
143"\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
144"\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
145"\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
146"\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
147"\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
148"\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
149"\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
150"\xC1";
151
152 static unsigned char p[] =
153"\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
154"\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
155"\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
156"\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
157"\x99";
158
159 static unsigned char q[] =
160"\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
161"\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
162"\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
163"\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
164"\x03";
165
166 static unsigned char dmp1[] =
167"\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
168"\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
169"\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
170"\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
171
172 static unsigned char dmq1[] =
173"\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
174"\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
175"\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
176"\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
177
178 static unsigned char iqmp[] =
179"\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
180"\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
181"\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
182"\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
183"\xF7";
184
185 static unsigned char ctext_ex[] =
186"\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
187"\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
188"\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
189"\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
190"\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
191"\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
192"\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
193"\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
194
195 SetKey;
196 }
197
198static int pad_unknown(void)
199{
200 unsigned long l;
201 while ((l = ERR_get_error()) != 0)
202 if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
203 return(1);
204 return(0);
205}
206
207static const char rnd_seed[] = "string to make the random number generator think it has entropy";
208
209int main(int argc, char *argv[])
210 {
211 int err=0;
212 int v;
213 RSA *key;
214 unsigned char ptext[256];
215 unsigned char ctext[256];
216 static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
217 unsigned char ctext_ex[256];
218 int plen;
219 int clen = 0;
220 int num;
221
222 RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
223
224 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
225
226 plen = sizeof(ptext_ex) - 1;
227
228 for (v = 0; v < 3; v++)
229 {
230 key = RSA_new();
231 switch (v) {
232 case 0:
233 clen = key1(key, ctext_ex);
234 break;
235 case 1:
236 clen = key2(key, ctext_ex);
237 break;
238 case 2:
239 clen = key3(key, ctext_ex);
240 break;
241 }
242
243 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
244 RSA_PKCS1_PADDING);
245 if (num != clen)
246 {
247 printf("PKCS#1 v1.5 encryption failed!\n");
248 err=1;
249 goto oaep;
250 }
251
252 num = RSA_private_decrypt(num, ctext, ptext, key,
253 RSA_PKCS1_PADDING);
254 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
255 {
256 printf("PKCS#1 v1.5 decryption failed!\n");
257 err=1;
258 }
259 else
260 printf("PKCS #1 v1.5 encryption/decryption ok\n");
261
262 oaep:
263 ERR_clear_error();
264 num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
265 RSA_PKCS1_OAEP_PADDING);
266 if (num == -1 && pad_unknown())
267 {
268 printf("No OAEP support\n");
269 goto next;
270 }
271 if (num != clen)
272 {
273 printf("OAEP encryption failed!\n");
274 err=1;
275 goto next;
276 }
277
278 num = RSA_private_decrypt(num, ctext, ptext, key,
279 RSA_PKCS1_OAEP_PADDING);
280 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
281 {
282 printf("OAEP decryption (encrypted data) failed!\n");
283 err=1;
284 }
285 else if (memcmp(ctext, ctext_ex, num) == 0)
286 {
287 printf("OAEP test vector %d passed!\n", v);
288 goto next;
289 }
290
291 /* Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT).
292 Try decrypting ctext_ex */
293
294 num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
295 RSA_PKCS1_OAEP_PADDING);
296
297 if (num != plen || memcmp(ptext, ptext_ex, num) != 0)
298 {
299 printf("OAEP decryption (test vector data) failed!\n");
300 err=1;
301 }
302 else
303 printf("OAEP encryption/decryption ok\n");
304 next:
305 RSA_free(key);
306 }
307
308 ERR_remove_state(0);
309
310 CRYPTO_mem_leaks_fp(stdout);
311
312 return err;
313 }
314#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 15:46:18 +0000