diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index a9a2f6a1c7a968636fcad5f5f0d200a30ec6ea98..52f41c2502f8462d4f3b33159d782d8611996def 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -904,15 +904,31 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, #define EVP_PKEY_OP_UNDEFINED 0 -#define EVP_PKEY_OP_PARAMGEN 1 -#define EVP_PKEY_OP_KEYGEN 2 -#define EVP_PKEY_OP_SIGN 3 -#define EVP_PKEY_OP_VERIFY 4 -#define EVP_PKEY_OP_VERIFYRECOVER 5 -#define EVP_PKEY_OP_SIGNCTX 6 -#define EVP_PKEY_OP_VERIFYCTX 7 -#define EVP_PKEY_OP_ENCRYPT 8 -#define EVP_PKEY_OP_DECRYPT 9 +#define EVP_PKEY_OP_PARAMGEN (1<<1) +#define EVP_PKEY_OP_KEYGEN (1<<2) +#define EVP_PKEY_OP_SIGN (1<<3) +#define EVP_PKEY_OP_VERIFY (1<<4) +#define EVP_PKEY_OP_VERIFYRECOVER (1<<5) +#define EVP_PKEY_OP_SIGNCTX (1<<6) +#define EVP_PKEY_OP_VERIFYCTX (1<<7) +#define EVP_PKEY_OP_ENCRYPT (1<<8) +#define EVP_PKEY_OP_DECRYPT (1<<9) +#define EVP_PKEY_OP_DERIVE (1<<10) + +#define EVP_PKEY_OP_TYPE_SIGNATURE \ + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \ + | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) + +#define EVP_PKEY_OP_TYPE_CRYPTO \ + (EVP_PKEY_OP_SIGNATURE | EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT \ + | EVP_PKEY_OP_DERIVE) + +#define EVP_PKEY_OP_TYPE_GENERATE \ + (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) + +#define EVP_PKEY_CTX_set_signature_md(ctx, md) \ + EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIGNATURE, \ + EVP_PKEY_CTRL_MD, 0, (void *)md) #define EVP_PKEY_CTRL_MD 1 diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index a76e88b805707626094ba4759cb89d54493ce67c..26a55048cabe309d751b11178f1a828ac3d55d40 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -156,7 +156,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, return -1; } - if ((optype != -1) && (ctx->operation != optype)) + if ((optype != -1) && !(ctx->operation & optype)) { EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION); return -1; @@ -187,8 +187,7 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_DIGEST); return 0; } - return EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_MD, - 0, (void *)md); + return EVP_PKEY_CTX_set_signature_md(ctx, md); } return ctx->pmeth->ctrl_str(ctx, name, value); } diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 55019652985f616d7c99c2886c3e95f956cf5a18..696eef9332ad49db44d4cba446a98c47458b8ed0 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -212,6 +212,7 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, ret = int_rsa_verify(EVP_MD_type(rctx->md), NULL, 0, rout, &sltmp, sig, siglen, ctx->pkey->pkey.rsa); + ret = sltmp; } else return -1;