Move FIPS RSA function definitions to fips.h

New function to lookup digests by NID in module.

Minor optimisation: if supplied hash is NULL to FIPS RSA functions and
we are using PKCS padding get digest NID from otherwise unused saltlen
parameter instead.

fips/fips.h

@@ -64,6 +64,7 @@ struct ec_key_st;
 struct rsa_st;
 struct evp_pkey_st;
 struct env_md_st;
+struct env_md_ctx_st;
 struct evp_cipher_st;
 struct evp_cipher_ctx_st;
 
@@ -172,6 +173,31 @@ int fips_cipher_test(int id, struct evp_cipher_ctx_st *ctx,
 			const unsigned char *ciphertext,
 			int len);
 
+const struct env_md_st *FIPS_get_digestbynid(int nid);
+
+struct rsa_st *FIPS_rsa_new(void);
+void FIPS_rsa_free(struct rsa_st *r);
+int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+			int rsa_pad_mode, int saltlen,
+			const struct env_md_st *mgf1Hash,
+			unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_sign_digest(struct rsa_st *rsa,
+			const unsigned char *md, int md_len,
+			const struct env_md_st *mhash,
+			int rsa_pad_mode, int saltlen,
+			const struct env_md_st *mgf1Hash,
+			unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_verify_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+			int rsa_pad_mode, int saltlen,
+			const struct env_md_st *mgf1Hash,
+			unsigned char *sigbuf, unsigned int siglen);
+int FIPS_rsa_verify_digest(struct rsa_st *rsa,
+			const unsigned char *dig, int diglen,
+			const struct env_md_st *mhash,
+			int rsa_pad_mode, int saltlen,
+			const struct env_md_st *mgf1Hash,
+			unsigned char *sigbuf, unsigned int siglen);
+
 #ifndef OPENSSL_FIPSCANISTER
 
 int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
@@ -235,6 +261,8 @@ const EVP_MD *FIPS_evp_dss1(void);
 const EVP_MD *FIPS_evp_dss(void);
 const EVP_MD *FIPS_evp_ecdsa(void);
 
+const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void);
+
 #endif
 
 /* Where necessary redirect standard OpenSSL APIs to FIPS versions */

fips/rand/fips_drbg_hash.c

@@ -327,6 +327,9 @@ int fips_drbg_hash_init(DRBG_CTX *dctx)
 	{
 	const EVP_MD *md;
 	DRBG_HASH_CTX *hctx = &dctx->d.hash;
+	md = FIPS_get_digestbynid(dctx->type);
+	if (!md)
+		return -2;
 	switch (dctx->type)
 		{
 		case NID_sha1:
@@ -339,25 +342,9 @@ int fips_drbg_hash_init(DRBG_CTX *dctx)
 		dctx->strength = 192;
 		break;
 
-		case NID_sha256:
-		md = EVP_sha256();
-		dctx->strength = 256;
-		break;
-
-		case NID_sha384:
-		md = EVP_sha384();
-		dctx->strength = 256;
-		break;
-
-		case NID_sha512:
-		md = EVP_sha512();
-		dctx->strength = 256;
-		break;
-
 		default:
-		return -2;
+		dctx->strength = 256;
 		break;
-
 		}
 
 	dctx->instantiate = drbg_hash_instantiate;

fips/rsa/fips_rsa_sign.c

@@ -224,8 +224,10 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
 		FIPSerr(FIPS_F_FIPS_RSA_SIGN_DIGEST, FIPS_R_SELFTEST_FAILED);
 		return 0;
 		}
-
-	md_type = M_EVP_MD_type(mhash);
+	if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+		md_type = saltlen;
+	else
+		md_type = M_EVP_MD_type(mhash);
 
 	if (rsa_pad_mode == RSA_X931_PADDING)
 		{
@@ -338,7 +340,10 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
 		return(0);
 		}
 
-	md_type = M_EVP_MD_type(mhash);
+	if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+		md_type = saltlen;
+	else
+		md_type = M_EVP_MD_type(mhash);
 
 	s= OPENSSL_malloc((unsigned int)siglen);
 	if (s == NULL)

fips/utl/fips_md.c

@@ -321,3 +321,27 @@ int FIPS_md_ctx_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
 	
 	return 1;
 	}
+
+const EVP_MD *FIPS_get_digestbynid(int nid)
+	{
+	switch (nid)
+		{
+		case NID_sha1:
+		return EVP_sha1();
+
+		case NID_sha224:
+		return EVP_sha224();
+
+		case NID_sha256:
+		return EVP_sha256();
+
+		case NID_sha384:
+		return EVP_sha384();
+
+		case NID_sha512:
+		return EVP_sha512();
+
+		default:
+		return NULL;
+		}
+	}