提交 77f4b6ba 编写于 作者: D Dr. Stephen Henson

add MGF1 digest ctrl

上级 a5667732
...@@ -79,6 +79,8 @@ typedef struct ...@@ -79,6 +79,8 @@ typedef struct
int pad_mode; int pad_mode;
/* message digest */ /* message digest */
const EVP_MD *md; const EVP_MD *md;
/* message digest for MGF1 */
const EVP_MD *mgf1md;
/* PSS/OAEP salt length */ /* PSS/OAEP salt length */
int saltlen; int saltlen;
/* Temp buffer */ /* Temp buffer */
...@@ -95,6 +97,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx) ...@@ -95,6 +97,7 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
rctx->pub_exp = NULL; rctx->pub_exp = NULL;
rctx->pad_mode = RSA_PKCS1_PADDING; rctx->pad_mode = RSA_PKCS1_PADDING;
rctx->md = NULL; rctx->md = NULL;
rctx->mgf1md = NULL;
rctx->tbuf = NULL; rctx->tbuf = NULL;
rctx->saltlen = -2; rctx->saltlen = -2;
...@@ -184,10 +187,14 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, ...@@ -184,10 +187,14 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
} }
else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
{ {
const EVP_MD *pssmd;
pssmd = rctx->mgf1md;
if (pssmd == NULL)
pssmd = rctx->md;
if (!setup_tbuf(rctx, ctx)) if (!setup_tbuf(rctx, ctx))
return -1; return -1;
if (!RSA_padding_add_PKCS1_PSS(rsa, rctx->tbuf, tbs, if (!RSA_padding_add_PKCS1_PSS(rsa, rctx->tbuf, tbs,
rctx->md, rctx->saltlen)) pssmd, rctx->saltlen))
return -1; return -1;
ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf, ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
sig, rsa, RSA_NO_PADDING); sig, rsa, RSA_NO_PADDING);
...@@ -281,13 +288,17 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx, ...@@ -281,13 +288,17 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING)
{ {
int ret; int ret;
const EVP_MD *pssmd;
pssmd = rctx->mgf1md;
if (pssmd == NULL)
pssmd = rctx->md;
if (!setup_tbuf(rctx, ctx)) if (!setup_tbuf(rctx, ctx))
return -1; return -1;
ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
rsa, RSA_NO_PADDING); rsa, RSA_NO_PADDING);
if (ret <= 0) if (ret <= 0)
return 0; return 0;
ret = RSA_verify_PKCS1_PSS(rsa, tbs, rctx->md, ret = RSA_verify_PKCS1_PSS(rsa, tbs, pssmd,
rctx->tbuf, rctx->saltlen); rctx->tbuf, rctx->saltlen);
if (ret <= 0) if (ret <= 0)
return 0; return 0;
...@@ -433,6 +444,10 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ...@@ -433,6 +444,10 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
rctx->md = p2; rctx->md = p2;
return 1; return 1;
case EVP_PKEY_CTRL_MGF1_MD:
rctx->mgf1md = p2;
return 1;
case EVP_PKEY_CTRL_DIGESTINIT: case EVP_PKEY_CTRL_DIGESTINIT:
case EVP_PKEY_CTRL_PKCS7_ENCRYPT: case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT: case EVP_PKEY_CTRL_PKCS7_DECRYPT:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册