提交 b3339050 编写于 作者: D Dr. Stephen Henson

incomplete provisional OAEP CMS decrypt support

上级 918fc30f
...@@ -62,12 +62,12 @@ ...@@ -62,12 +62,12 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
#define NUM_NID 920 #define NUM_NID 921
#define NUM_SN 913 #define NUM_SN 914
#define NUM_LN 913 #define NUM_LN 914
#define NUM_OBJ 857 #define NUM_OBJ 858
static const unsigned char lvalues[5978]={ static const unsigned char lvalues[5987]={
0x00, /* [ 0] OBJ_undef */ 0x00, /* [ 0] OBJ_undef */
0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */
...@@ -924,7 +924,8 @@ static const unsigned char lvalues[5978]={ ...@@ -924,7 +924,8 @@ static const unsigned char lvalues[5978]={
0x55,0x1D,0x25,0x00, /* [5948] OBJ_anyExtendedKeyUsage */ 0x55,0x1D,0x25,0x00, /* [5948] OBJ_anyExtendedKeyUsage */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5952] OBJ_mgf1 */
0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5961] OBJ_rsassaPss */
0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5970] OBJ_dhpublicnumber */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5970] OBJ_rsaesOaep */
0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5979] OBJ_dhpublicnumber */
}; };
static const ASN1_OBJECT nid_objs[NUM_NID]={ static const ASN1_OBJECT nid_objs[NUM_NID]={
...@@ -2405,7 +2406,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ ...@@ -2405,7 +2406,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
NID_aes_192_cbc_hmac_sha1,0,NULL,0}, NID_aes_192_cbc_hmac_sha1,0,NULL,0},
{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
NID_aes_256_cbc_hmac_sha1,0,NULL,0}, NID_aes_256_cbc_hmac_sha1,0,NULL,0},
{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5970]),0}, {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5970]),0},
{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5979]),0},
}; };
static const unsigned int sn_objs[NUM_SN]={ static const unsigned int sn_objs[NUM_SN]={
...@@ -2573,6 +2575,7 @@ static const unsigned int sn_objs[NUM_SN]={ ...@@ -2573,6 +2575,7 @@ static const unsigned int sn_objs[NUM_SN]={
668, /* "RSA-SHA256" */ 668, /* "RSA-SHA256" */
669, /* "RSA-SHA384" */ 669, /* "RSA-SHA384" */
670, /* "RSA-SHA512" */ 670, /* "RSA-SHA512" */
919, /* "RSAES-OAEP" */
912, /* "RSASSA-PSS" */ 912, /* "RSASSA-PSS" */
777, /* "SEED-CBC" */ 777, /* "SEED-CBC" */
779, /* "SEED-CFB" */ 779, /* "SEED-CFB" */
...@@ -2674,7 +2677,7 @@ static const unsigned int sn_objs[NUM_SN]={ ...@@ -2674,7 +2677,7 @@ static const unsigned int sn_objs[NUM_SN]={
107, /* "description" */ 107, /* "description" */
871, /* "destinationIndicator" */ 871, /* "destinationIndicator" */
28, /* "dhKeyAgreement" */ 28, /* "dhKeyAgreement" */
919, /* "dhpublicnumber" */ 920, /* "dhpublicnumber" */
382, /* "directory" */ 382, /* "directory" */
887, /* "distinguishedName" */ 887, /* "distinguishedName" */
892, /* "dmdName" */ 892, /* "dmdName" */
...@@ -3458,7 +3461,7 @@ static const unsigned int ln_objs[NUM_LN]={ ...@@ -3458,7 +3461,7 @@ static const unsigned int ln_objs[NUM_LN]={
85, /* "X509v3 Subject Alternative Name" */ 85, /* "X509v3 Subject Alternative Name" */
769, /* "X509v3 Subject Directory Attributes" */ 769, /* "X509v3 Subject Directory Attributes" */
82, /* "X509v3 Subject Key Identifier" */ 82, /* "X509v3 Subject Key Identifier" */
919, /* "X9.42 DH" */ 920, /* "X9.42 DH" */
184, /* "X9.57" */ 184, /* "X9.57" */
185, /* "X9.57 CM ?" */ 185, /* "X9.57 CM ?" */
478, /* "aRecord" */ 478, /* "aRecord" */
...@@ -4013,6 +4016,7 @@ static const unsigned int ln_objs[NUM_LN]={ ...@@ -4013,6 +4016,7 @@ static const unsigned int ln_objs[NUM_LN]={
6, /* "rsaEncryption" */ 6, /* "rsaEncryption" */
644, /* "rsaOAEPEncryptionSET" */ 644, /* "rsaOAEPEncryptionSET" */
377, /* "rsaSignature" */ 377, /* "rsaSignature" */
919, /* "rsaesOaep" */
912, /* "rsassaPss" */ 912, /* "rsassaPss" */
124, /* "run length compression" */ 124, /* "run length compression" */
482, /* "sOARecord" */ 482, /* "sOARecord" */
...@@ -4615,7 +4619,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ ...@@ -4615,7 +4619,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
416, /* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */ 416, /* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */
791, /* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */ 791, /* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */
792, /* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */ 792, /* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */
919, /* OBJ_dhpublicnumber 1 2 840 10046 2 1 */ 920, /* OBJ_dhpublicnumber 1 2 840 10046 2 1 */
258, /* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */ 258, /* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */
175, /* OBJ_id_pe 1 3 6 1 5 5 7 1 */ 175, /* OBJ_id_pe 1 3 6 1 5 5 7 1 */
259, /* OBJ_id_qt 1 3 6 1 5 5 7 2 */ 259, /* OBJ_id_qt 1 3 6 1 5 5 7 2 */
...@@ -4831,6 +4835,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ ...@@ -4831,6 +4835,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
8, /* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */ 8, /* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
65, /* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */ 65, /* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
644, /* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */ 644, /* OBJ_rsaOAEPEncryptionSET 1 2 840 113549 1 1 6 */
919, /* OBJ_rsaesOaep 1 2 840 113549 1 1 7 */
911, /* OBJ_mgf1 1 2 840 113549 1 1 8 */ 911, /* OBJ_mgf1 1 2 840 113549 1 1 8 */
912, /* OBJ_rsassaPss 1 2 840 113549 1 1 10 */ 912, /* OBJ_rsassaPss 1 2 840 113549 1 1 10 */
668, /* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */ 668, /* OBJ_sha256WithRSAEncryption 1 2 840 113549 1 1 11 */
......
...@@ -580,6 +580,11 @@ ...@@ -580,6 +580,11 @@
#define NID_sha1WithRSAEncryption 65 #define NID_sha1WithRSAEncryption 65
#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L #define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L
#define SN_rsaesOaep "RSAES-OAEP"
#define LN_rsaesOaep "rsaesOaep"
#define NID_rsaesOaep 919
#define OBJ_rsaesOaep OBJ_pkcs1,7L
#define SN_mgf1 "MGF1" #define SN_mgf1 "MGF1"
#define LN_mgf1 "mgf1" #define LN_mgf1 "mgf1"
#define NID_mgf1 911 #define NID_mgf1 911
...@@ -4027,6 +4032,6 @@ ...@@ -4027,6 +4032,6 @@
#define SN_dhpublicnumber "dhpublicnumber" #define SN_dhpublicnumber "dhpublicnumber"
#define LN_dhpublicnumber "X9.42 DH" #define LN_dhpublicnumber "X9.42 DH"
#define NID_dhpublicnumber 919 #define NID_dhpublicnumber 920
#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L #define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L
...@@ -916,4 +916,5 @@ rc4_hmac_md5 915 ...@@ -916,4 +916,5 @@ rc4_hmac_md5 915
aes_128_cbc_hmac_sha1 916 aes_128_cbc_hmac_sha1 916
aes_192_cbc_hmac_sha1 917 aes_192_cbc_hmac_sha1 917
aes_256_cbc_hmac_sha1 918 aes_256_cbc_hmac_sha1 918
dhpublicnumber 919 rsaesOaep 919
dhpublicnumber 920
...@@ -166,6 +166,7 @@ pkcs1 3 : RSA-MD4 : md4WithRSAEncryption ...@@ -166,6 +166,7 @@ pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
pkcs1 4 : RSA-MD5 : md5WithRSAEncryption pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
# According to PKCS #1 version 2.1 # According to PKCS #1 version 2.1
pkcs1 7 : RSAES-OAEP : rsaesOaep
pkcs1 8 : MGF1 : mgf1 pkcs1 8 : MGF1 : mgf1
pkcs1 10 : RSASSA-PSS : rsassaPss pkcs1 10 : RSASSA-PSS : rsassaPss
......
...@@ -63,6 +63,9 @@ ...@@ -63,6 +63,9 @@
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#ifndef OPENSSL_NO_CMS
#include <openssl/cms.h>
#endif
#include "evp_locl.h" #include "evp_locl.h"
#include "rsa_locl.h" #include "rsa_locl.h"
...@@ -473,12 +476,23 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) ...@@ -473,12 +476,23 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_PKCS7_ENCRYPT: case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
case EVP_PKEY_CTRL_PKCS7_DECRYPT: case EVP_PKEY_CTRL_PKCS7_DECRYPT:
case EVP_PKEY_CTRL_PKCS7_SIGN: case EVP_PKEY_CTRL_PKCS7_SIGN:
return 1;
#ifndef OPENSSL_NO_CMS #ifndef OPENSSL_NO_CMS
case EVP_PKEY_CTRL_CMS_ENCRYPT:
case EVP_PKEY_CTRL_CMS_DECRYPT: case EVP_PKEY_CTRL_CMS_DECRYPT:
{
X509_ALGOR *alg = NULL;
ASN1_OBJECT *encalg = NULL;
if (p2)
CMS_RecipientInfo_ktri_get0_algs(p2, NULL, NULL, &alg);
if (alg)
X509_ALGOR_get0(&encalg, NULL, NULL, alg);
if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep)
rctx->pad_mode = RSA_PKCS1_OAEP_PADDING;
}
case EVP_PKEY_CTRL_CMS_ENCRYPT:
case EVP_PKEY_CTRL_CMS_SIGN: case EVP_PKEY_CTRL_CMS_SIGN:
#endif
return 1; return 1;
#endif
case EVP_PKEY_CTRL_PEER_KEY: case EVP_PKEY_CTRL_PEER_KEY:
RSAerr(RSA_F_PKEY_RSA_CTRL, RSAerr(RSA_F_PKEY_RSA_CTRL,
RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册