unsigned char *sig;
size_t siglen;
+#ifdef FIPS_MODULE
+ /*
+ * FIPS 140-3 IG 2.4.B mandates that verification based on a digest of a
+ * message is not permitted. However, signing based on a digest is still
+ * permitted.
+ */
+ int verify_message;
+#endif
+
/* Temp buffer */
unsigned char *tbuf;
OSSL_FIPS_IND_INIT(prsactx)
prsactx->libctx = PROV_LIBCTX_OF(provctx);
prsactx->flag_allow_md = 1;
+#ifdef FIPS_MODULE
+ prsactx->verify_message = 1;
+#endif
prsactx->propq = propq_copy;
/* Maximum up to digest length for sign, auto for verify */
prsactx->saltlen = RSA_PSS_SALTLEN_AUTO_DIGEST_MAX;
}
static int
-rsa_signverify_init(void *vprsactx, void *vrsa,
+rsa_signverify_init(PROV_RSA_CTX *prsactx, void *vrsa,
OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params,
const OSSL_PARAM params[], int operation,
const char *desc)
{
- PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
int protect;
if (!ossl_prov_is_running() || prsactx == NULL)
static int rsa_sign_init(void *vprsactx, void *vrsa, const OSSL_PARAM params[])
{
- if (!ossl_prov_is_running())
- return 0;
- return rsa_signverify_init(vprsactx, vrsa, rsa_set_ctx_params, params,
+ PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
+
+#ifdef FIPS_MODULE
+ if (prsactx != NULL)
+ prsactx->verify_message = 1;
+#endif
+
+ return rsa_signverify_init(prsactx, vrsa, rsa_set_ctx_params, params,
EVP_PKEY_OP_SIGN, "RSA Sign Init");
}
* signing and signing the digest of a message, i.e. should be used with
* implementations of the keytype related algorithms.
*/
-static int rsa_sign_directly(void *vprsactx, unsigned char *sig, size_t *siglen,
- size_t sigsize, const unsigned char *tbs, size_t tbslen)
+static int rsa_sign_directly(PROV_RSA_CTX *prsactx,
+ unsigned char *sig, size_t *siglen, size_t sigsize,
+ const unsigned char *tbs, size_t tbslen)
{
- PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
int ret;
size_t rsasize = RSA_size(prsactx->rsa);
size_t mdsize = rsa_get_md_size(prsactx);
prsactx->flag_allow_final = 0;
}
- return rsa_sign_directly(vprsactx, sig, siglen, sigsize, digest, dlen);
+ return rsa_sign_directly(prsactx, sig, siglen, sigsize, digest, dlen);
}
/*
static int rsa_verify_recover_init(void *vprsactx, void *vrsa,
const OSSL_PARAM params[])
{
- if (!ossl_prov_is_running())
- return 0;
- return rsa_signverify_init(vprsactx, vrsa, rsa_set_ctx_params, params,
+ PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
+
+#ifdef FIPS_MODULE
+ if (prsactx != NULL)
+ prsactx->verify_message = 0;
+#endif
+
+ return rsa_signverify_init(prsactx, vrsa, rsa_set_ctx_params, params,
EVP_PKEY_OP_VERIFYRECOVER, "RSA VerifyRecover Init");
}
static int rsa_verify_init(void *vprsactx, void *vrsa,
const OSSL_PARAM params[])
{
- if (!ossl_prov_is_running())
- return 0;
- return rsa_signverify_init(vprsactx, vrsa, rsa_set_ctx_params, params,
+ PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
+
+#ifdef FIPS_MODULE
+ if (prsactx != NULL)
+ prsactx->verify_message = 0;
+#endif
+
+ return rsa_signverify_init(prsactx, vrsa, rsa_set_ctx_params, params,
EVP_PKEY_OP_VERIFY, "RSA Verify Init");
}
-static int rsa_verify_directly(void *vprsactx,
+static int rsa_verify_directly(PROV_RSA_CTX *prsactx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen)
{
- PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
size_t rslen;
if (!ossl_prov_is_running())
prsactx->flag_allow_final = 0;
prsactx->flag_allow_oneshot = 0;
- return rsa_verify_directly(vprsactx, prsactx->sig, prsactx->siglen,
+ return rsa_verify_directly(prsactx, prsactx->sig, prsactx->siglen,
digest, dlen);
}
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- if (!ossl_prov_is_running())
- return 0;
+#ifdef FIPS_MODULE
+ if (prsactx != NULL)
+ prsactx->verify_message = 1;
+#endif
- if (!rsa_signverify_init(vprsactx, vrsa, rsa_set_ctx_params, params,
+ if (!rsa_signverify_init(prsactx, vrsa, rsa_set_ctx_params, params,
operation, desc))
return 0;
if (prsactx->flag_sigalg)
return 0;
- return rsa_signverify_message_update(vprsactx, data, datalen);
+ return rsa_signverify_message_update(prsactx, data, datalen);
}
static int rsa_digest_sign_final(void *vprsactx, unsigned char *sig,
if (prsactx->flag_sigalg)
return 0;
- return rsa_signverify_message_update(vprsactx, data, datalen);
+ return rsa_signverify_message_update(prsactx, data, datalen);
}
int rsa_digest_verify_final(void *vprsactx, const unsigned char *sig,
return 0;
}
}
+
+#ifdef FIPS_MODULE
+ p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE);
+ if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->verify_message))
+ return 0;
+#endif
+
if (!OSSL_FIPS_IND_GET_CTX_PARAM(prsactx, params))
return 0;
return 1;
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_MGF1_DIGEST, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, NULL, 0),
+#ifdef FIPS_MODULE
+ OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE, NULL),
+#endif
OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END
};
if (!ossl_prov_is_running())
return 0;
- if (!rsa_signverify_init(vprsactx, vrsa, set_ctx_params, params, operation,
+ if (!rsa_signverify_init(prsactx, vrsa, set_ctx_params, params, operation,
desc))
return 0;
projects / thirdparty / openssl.git / commitdiff
