* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
+{-
+use OpenSSL::paramnames qw(produce_param_decoder);
+-}
/*
* RSA low level APIs are deprecated for public use, but still ok for
return NULL;
}
+{- produce_param_decoder('rsa_get_ctx_params',
+ (['SIGNATURE_PARAM_ALGORITHM_ID', 'algid', 'octet_string'],
+ ['SIGNATURE_PARAM_PAD_MODE', 'pad', 'utf8_string'],
+ ['SIGNATURE_PARAM_PAD_MODE', 'pad', 'int'],
+ ['SIGNATURE_PARAM_DIGEST', 'digest', 'utf8_string'],
+ ['SIGNATURE_PARAM_MGF1_DIGEST', 'mgf1', 'utf8_string'],
+ ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'utf8_string'],
+ ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'int'],
+ ['SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE', 'verify', 'uint'],
+ ['SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'],
+ )); -}
+
static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- OSSL_PARAM *p;
+ struct rsa_get_ctx_params_st p;
- if (prsactx == NULL)
+ if (prsactx == NULL || !rsa_get_ctx_params_decoder(params, &p))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
- if (p != NULL) {
+ if (p.algid != NULL) {
/* The Algorithm Identifier of the combined signature algorithm */
unsigned char aid_buf[128];
unsigned char *aid;
aid = rsa_generate_signature_aid(prsactx, aid_buf,
sizeof(aid_buf), &aid_len);
- if (aid == NULL || !OSSL_PARAM_set_octet_string(p, aid, aid_len))
+ if (aid == NULL || !OSSL_PARAM_set_octet_string(p.algid, aid, aid_len))
return 0;
}
- p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_PAD_MODE);
- if (p != NULL)
- switch (p->data_type) {
- case OSSL_PARAM_INTEGER:
- if (!OSSL_PARAM_set_int(p, prsactx->pad_mode))
+ if (p.pad != NULL)
+ switch (p.pad->data_type) {
+ default:
+ if (!OSSL_PARAM_set_int(p.pad, prsactx->pad_mode))
return 0;
break;
case OSSL_PARAM_UTF8_STRING:
}
if (word != NULL) {
- if (!OSSL_PARAM_set_utf8_string(p, word))
+ if (!OSSL_PARAM_set_utf8_string(p.pad, word))
return 0;
} else {
ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
}
}
break;
- default:
- return 0;
}
- p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
- if (p != NULL && !OSSL_PARAM_set_utf8_string(p, prsactx->mdname))
+ if (p.digest != NULL && !OSSL_PARAM_set_utf8_string(p.digest, prsactx->mdname))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_MGF1_DIGEST);
- if (p != NULL && !OSSL_PARAM_set_utf8_string(p, prsactx->mgf1_mdname))
+ if (p.mgf1 != NULL && !OSSL_PARAM_set_utf8_string(p.mgf1, prsactx->mgf1_mdname))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_PSS_SALTLEN);
- if (p != NULL) {
- if (p->data_type == OSSL_PARAM_INTEGER) {
- if (!OSSL_PARAM_set_int(p, prsactx->saltlen))
+ if (p.slen != NULL) {
+ if (p.slen->data_type != OSSL_PARAM_UTF8_STRING) {
+ if (!OSSL_PARAM_set_int(p.slen, prsactx->saltlen))
return 0;
- } else if (p->data_type == OSSL_PARAM_UTF8_STRING) {
+ } else {
const char *value = NULL;
switch (prsactx->saltlen) {
break;
default:
{
- int len = BIO_snprintf(p->data, p->data_size, "%d",
+ int len = BIO_snprintf(p.slen->data, p.slen->data_size, "%d",
prsactx->saltlen);
if (len <= 0)
return 0;
- p->return_size = len;
+ p.slen->return_size = len;
break;
}
}
if (value != NULL
- && !OSSL_PARAM_set_utf8_string(p, value))
+ && !OSSL_PARAM_set_utf8_string(p.slen, value))
return 0;
}
}
#ifdef FIPS_MODULE
- p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE);
- if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->verify_message))
+ if (p.verify != NULL && !OSSL_PARAM_set_uint(p.verify, prsactx->verify_message))
return 0;
#endif
- if (!OSSL_FIPS_IND_GET_CTX_PARAM(prsactx, params))
+ if (!OSSL_FIPS_IND_GET_CTX_FROM_PARAM(prsactx, p.ind))
return 0;
return 1;
}
-static const OSSL_PARAM known_gettable_ctx_params[] = {
- OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, NULL, 0),
-#ifdef FIPS_MODULE
- OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE, NULL),
-#endif
- OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
- OSSL_PARAM_END
-};
-
static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx,
ossl_unused void *provctx)
{
- return known_gettable_ctx_params;
+ return rsa_get_ctx_params_list;
}
#ifdef FIPS_MODULE
}
#endif
+{- produce_param_decoder('rsa_set_ctx_params',
+ (['SIGNATURE_PARAM_DIGEST', 'digest', 'utf8_string'],
+ ['SIGNATURE_PARAM_PROPERTIES', 'propq', 'utf8_string'],
+ ['SIGNATURE_PARAM_PAD_MODE', 'pad', 'utf8_string'],
+ ['SIGNATURE_PARAM_PAD_MODE', 'pad', 'int'],
+ ['SIGNATURE_PARAM_MGF1_DIGEST', 'mgf1', 'utf8_string'],
+ ['SIGNATURE_PARAM_MGF1_PROPERTIES', 'mgf1pq', 'utf8_string'],
+ ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'utf8_string'],
+ ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'int'],
+ ['SIGNATURE_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'],
+ ['SIGNATURE_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int'],
+ ['SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK', 'ind_slen', 'int'],
+ ['SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK', 'ind_xpad', 'int'],
+ )); -}
+
+#define rsa_set_ctx_params_no_digest_st rsa_set_ctx_params_st
+
+{- produce_param_decoder('rsa_set_ctx_params_no_digest',
+ (['SIGNATURE_PARAM_PAD_MODE', 'pad', 'utf8_string'],
+ ['SIGNATURE_PARAM_PAD_MODE', 'pad', 'int'],
+ ['SIGNATURE_PARAM_MGF1_DIGEST', 'mgf1', 'utf8_string'],
+ ['SIGNATURE_PARAM_MGF1_PROPERTIES', 'mgf1pq', 'utf8_string'],
+ ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'utf8_string'],
+ ['SIGNATURE_PARAM_PSS_SALTLEN', 'slen', 'int'],
+ ['SIGNATURE_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'],
+ ['SIGNATURE_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int'],
+ ['SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK', 'ind_slen', 'int'],
+ ['SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK', 'ind_xpad', 'int'],
+ )); -}
+
static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- const OSSL_PARAM *p;
+ struct rsa_set_ctx_params_st p;
int pad_mode;
int saltlen;
char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = NULL;
if (prsactx == NULL)
return 0;
+ /* The processing code below doesn't handle no parameters properly */
if (ossl_param_is_empty(params))
return 1;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE0, params,
- OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK))
+ if (prsactx->flag_allow_md) {
+ if (!rsa_set_ctx_params_decoder(params, &p))
+ return 0;
+ } else {
+ if (!rsa_set_ctx_params_no_digest_decoder(params, &p))
+ return 0;
+ }
+
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE0,
+ p.ind_k))
return 0;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE1, params,
- OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK))
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE1,
+ p.ind_d))
return 0;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE2, params,
- OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK))
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE2,
+ p.ind_xpad))
return 0;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE3, params,
- OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK))
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE3,
+ p.ind_slen))
return 0;
pad_mode = prsactx->pad_mode;
saltlen = prsactx->saltlen;
- p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST);
- if (p != NULL) {
- const OSSL_PARAM *propsp =
- OSSL_PARAM_locate_const(params,
- OSSL_SIGNATURE_PARAM_PROPERTIES);
-
+ if (p.digest != NULL) {
pmdname = mdname;
- if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname)))
+ if (!OSSL_PARAM_get_utf8_string(p.digest, &pmdname, sizeof(mdname)))
return 0;
- if (propsp != NULL) {
+ if (p.propq != NULL) {
pmdprops = mdprops;
- if (!OSSL_PARAM_get_utf8_string(propsp,
+ if (!OSSL_PARAM_get_utf8_string(p.propq,
&pmdprops, sizeof(mdprops)))
return 0;
}
}
- p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_PAD_MODE);
- if (p != NULL) {
+ if (p.pad != NULL) {
const char *err_extra_text = NULL;
- switch (p->data_type) {
- case OSSL_PARAM_INTEGER: /* Support for legacy pad mode number */
- if (!OSSL_PARAM_get_int(p, &pad_mode))
+ switch (p.pad->data_type) {
+ default: /* Support for legacy pad mode number */
+ if (!OSSL_PARAM_get_int(p.pad, &pad_mode))
return 0;
break;
case OSSL_PARAM_UTF8_STRING:
{
int i;
- if (p->data == NULL)
+ if (p.pad->data == NULL)
return 0;
for (i = 0; padding_item[i].id != 0; i++) {
- if (strcmp(p->data, padding_item[i].ptr) == 0) {
+ if (strcmp(p.pad->data, padding_item[i].ptr) == 0) {
pad_mode = padding_item[i].id;
break;
}
}
}
break;
- default:
- return 0;
}
switch (pad_mode) {
}
}
- p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_PSS_SALTLEN);
- if (p != NULL) {
+ if (p.slen != NULL) {
if (pad_mode != RSA_PKCS1_PSS_PADDING) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_NOT_SUPPORTED,
"PSS saltlen can only be specified if "
return 0;
}
- switch (p->data_type) {
- case OSSL_PARAM_INTEGER: /* Support for legacy pad mode number */
- if (!OSSL_PARAM_get_int(p, &saltlen))
+ switch (p.slen->data_type) {
+ default: /* Support for legacy pad mode number */
+ if (!OSSL_PARAM_get_int(p.slen, &saltlen))
return 0;
break;
case OSSL_PARAM_UTF8_STRING:
- if (strcmp(p->data, OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST) == 0)
+ if (strcmp(p.slen->data, OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST) == 0)
saltlen = RSA_PSS_SALTLEN_DIGEST;
- else if (strcmp(p->data, OSSL_PKEY_RSA_PSS_SALT_LEN_MAX) == 0)
+ else if (strcmp(p.slen->data, OSSL_PKEY_RSA_PSS_SALT_LEN_MAX) == 0)
saltlen = RSA_PSS_SALTLEN_MAX;
- else if (strcmp(p->data, OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO) == 0)
+ else if (strcmp(p.slen->data, OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO) == 0)
saltlen = RSA_PSS_SALTLEN_AUTO;
- else if (strcmp(p->data, OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX) == 0)
+ else if (strcmp(p.slen->data, OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO_DIGEST_MAX) == 0)
saltlen = RSA_PSS_SALTLEN_AUTO_DIGEST_MAX;
else
- saltlen = atoi(p->data);
+ saltlen = atoi(p.slen->data);
break;
- default:
- return 0;
}
/*
}
}
- p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_MGF1_DIGEST);
- if (p != NULL) {
- const OSSL_PARAM *propsp =
- OSSL_PARAM_locate_const(params,
- OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES);
-
+ if (p.mgf1 != NULL) {
pmgf1mdname = mgf1mdname;
- if (!OSSL_PARAM_get_utf8_string(p, &pmgf1mdname, sizeof(mgf1mdname)))
+ if (!OSSL_PARAM_get_utf8_string(p.mgf1, &pmgf1mdname, sizeof(mgf1mdname)))
return 0;
- if (propsp != NULL) {
+ if (p.mgf1pq != NULL) {
pmgf1mdprops = mgf1mdprops;
- if (!OSSL_PARAM_get_utf8_string(propsp,
+ if (!OSSL_PARAM_get_utf8_string(p.mgf1pq,
&pmgf1mdprops, sizeof(mgf1mdprops)))
return 0;
}
return 1;
}
-static const OSSL_PARAM settable_ctx_params[] = {
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, NULL, 0),
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK)
- OSSL_PARAM_END
-};
-
-static const OSSL_PARAM settable_ctx_params_no_digest[] = {
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, NULL, 0),
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_RSA_PSS_SALTLEN_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK)
- OSSL_PARAM_END
-};
-
static const OSSL_PARAM *rsa_settable_ctx_params(void *vprsactx,
ossl_unused void *provctx)
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
if (prsactx != NULL && !prsactx->flag_allow_md)
- return settable_ctx_params_no_digest;
- return settable_ctx_params;
+ return rsa_set_ctx_params_no_digest_list;
+ return rsa_set_ctx_params_list;
}
static int rsa_get_ctx_md_params(void *vprsactx, OSSL_PARAM *params)
return keytypes;
}
-static const OSSL_PARAM settable_sigalg_ctx_params[] = {
- OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_SIGNATURE, NULL, 0),
- OSSL_PARAM_END
-};
+{- produce_param_decoder('rsa_sigalg_set_ctx_params',
+ (['SIGNATURE_PARAM_SIGNATURE', 'sig', 'octet_string'],
+ )); -}
static const OSSL_PARAM *rsa_sigalg_settable_ctx_params(void *vprsactx,
ossl_unused void *provctx)
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
if (prsactx != NULL && prsactx->operation == EVP_PKEY_OP_VERIFYMSG)
- return settable_sigalg_ctx_params;
+ return rsa_sigalg_set_ctx_params_list;
return NULL;
}
static int rsa_sigalg_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- const OSSL_PARAM *p;
+ struct rsa_sigalg_set_ctx_params_st p;
- if (prsactx == NULL)
+ if (prsactx == NULL || !rsa_sigalg_set_ctx_params_decoder(params, &p))
return 0;
- if (ossl_param_is_empty(params))
- return 1;
if (prsactx->operation == EVP_PKEY_OP_VERIFYMSG) {
- p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_SIGNATURE);
- if (p != NULL) {
+ if (p.sig != NULL) {
OPENSSL_free(prsactx->sig);
prsactx->sig = NULL;
prsactx->siglen = 0;
- if (!OSSL_PARAM_get_octet_string(p, (void **)&prsactx->sig,
+ if (!OSSL_PARAM_get_octet_string(p.sig, (void **)&prsactx->sig,
0, &prsactx->siglen))
return 0;
}
projects / thirdparty / openssl.git / commitdiff
