* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
+{-
+use OpenSSL::paramnames qw(produce_param_decoder);
+-}
/*
* RSA low level APIs are deprecated for public use, but still ok for
/* Just for SSL_MAX_MASTER_KEY_LENGTH */
#include <openssl/prov_ssl.h>
#include "internal/constant_time.h"
+#include "internal/cryptlib.h"
#include "internal/sizes.h"
#include "crypto/rsa.h"
#include "prov/provider_ctx.h"
return dstctx;
}
+{- produce_param_decoder('rsa_get_ctx_params',
+ (['ASYM_CIPHER_PARAM_OAEP_DIGEST', 'oaep', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_PAD_MODE', 'pad', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_PAD_MODE', 'pad', 'int'],
+ ['ASYM_CIPHER_PARAM_MGF1_DIGEST', 'mgf1', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_OAEP_LABEL', 'label', 'octet_ptr'],
+ ['ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION', 'tlsver', 'uint'],
+ ['ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION', 'negver', 'uint'],
+ ['ASYM_CIPHER_PARAM_IMPLICIT_REJECTION', 'imrej', 'uint'],
+ ['ASYM_CIPHER_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'],
+ )); -}
+
static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- OSSL_PARAM *p;
+ struct rsa_get_ctx_params_st p;
- if (prsactx == NULL)
+ if (prsactx == NULL || !rsa_get_ctx_params_decoder(params, &p))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_PAD_MODE);
- if (p != NULL)
- switch (p->data_type) {
+ if (p.pad != NULL)
+ switch (p.pad->data_type) {
case OSSL_PARAM_INTEGER: /* Support for legacy pad mode number */
- if (!OSSL_PARAM_set_int(p, prsactx->pad_mode))
+ if (!OSSL_PARAM_set_int(p.pad, prsactx->pad_mode))
return 0;
break;
case OSSL_PARAM_UTF8_STRING:
}
if (word != NULL) {
- if (!OSSL_PARAM_set_utf8_string(p, word))
+ if (!OSSL_PARAM_set_utf8_string(p.pad, word))
return 0;
} else {
ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
return 0;
}
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST);
- if (p != NULL && !OSSL_PARAM_set_utf8_string(p, prsactx->oaep_md == NULL
- ? ""
- : EVP_MD_get0_name(prsactx->oaep_md)))
+ if (p.oaep != NULL && !OSSL_PARAM_set_utf8_string(p.oaep, prsactx->oaep_md == NULL
+ ? ""
+ : EVP_MD_get0_name(prsactx->oaep_md)))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST);
- if (p != NULL) {
+ if (p.mgf1 != NULL) {
EVP_MD *mgf1_md = prsactx->mgf1_md == NULL ? prsactx->oaep_md
: prsactx->mgf1_md;
- if (!OSSL_PARAM_set_utf8_string(p, mgf1_md == NULL
- ? ""
- : EVP_MD_get0_name(mgf1_md)))
+ if (!OSSL_PARAM_set_utf8_string(p.mgf1, mgf1_md == NULL
+ ? ""
+ : EVP_MD_get0_name(mgf1_md)))
return 0;
}
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL);
- if (p != NULL &&
- !OSSL_PARAM_set_octet_ptr(p, prsactx->oaep_label,
- prsactx->oaep_labellen))
+ if (p.label != NULL
+ && !OSSL_PARAM_set_octet_ptr(p.label, prsactx->oaep_label,
+ prsactx->oaep_labellen))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION);
- if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->client_version))
+ if (p.tlsver != NULL
+ && !OSSL_PARAM_set_uint(p.tlsver, prsactx->client_version))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION);
- if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->alt_version))
+ if (p.negver != NULL
+ && !OSSL_PARAM_set_uint(p.negver, prsactx->alt_version))
return 0;
- p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION);
- if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->implicit_rejection))
+ if (p.imrej != NULL
+ && !OSSL_PARAM_set_uint(p.imrej, prsactx->implicit_rejection))
return 0;
- if (!OSSL_FIPS_IND_GET_CTX_PARAM(prsactx, params))
+
+ if (!OSSL_FIPS_IND_GET_CTX_FROM_PARAM(prsactx, p.ind))
return 0;
+
return 1;
}
-static const OSSL_PARAM known_gettable_ctx_params[] = {
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST, NULL, 0),
- OSSL_PARAM_DEFN(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR,
- NULL, 0),
- OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL),
- OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),
- OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, NULL),
- OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
- OSSL_PARAM_END
-};
static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx,
ossl_unused void *provctx)
{
- return known_gettable_ctx_params;
+ return rsa_get_ctx_params_list;
}
+{- produce_param_decoder('rsa_set_ctx_params',
+ (['ASYM_CIPHER_PARAM_OAEP_DIGEST', 'oaep', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS', 'oaep_pq', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_PAD_MODE', 'pad', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_PAD_MODE', 'pad', 'int'],
+ ['ASYM_CIPHER_PARAM_MGF1_DIGEST', 'mgf1', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS', 'mgf1_pq', 'utf8_string'],
+ ['ASYM_CIPHER_PARAM_OAEP_LABEL', 'label', 'octet_string'],
+ ['ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION', 'tlsver', 'uint'],
+ ['ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION', 'negver', 'uint'],
+ ['ASYM_CIPHER_PARAM_IMPLICIT_REJECTION', 'imrej', 'uint'],
+ ['ASYM_CIPHER_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'],
+ ['ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED', 'ind_pad', 'int'],
+ )); -}
+
static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- const OSSL_PARAM *p;
+ struct rsa_set_ctx_params_st p;
char mdname[OSSL_MAX_NAME_SIZE];
char mdprops[OSSL_MAX_PROPQUERY_SIZE] = { '\0' };
char *str = NULL;
- if (prsactx == NULL)
+ if (prsactx == NULL || !rsa_set_ctx_params_decoder(params, &p))
return 0;
- if (ossl_param_is_empty(params))
- return 1;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE0, params,
- OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK))
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE0, p.ind_k))
return 0;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE1, params,
- OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED))
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE1, p.ind_pad))
return 0;
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST);
- if (p != NULL) {
+ if (p.oaep != NULL) {
str = mdname;
- if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdname)))
+ if (!OSSL_PARAM_get_utf8_string(p.oaep, &str, sizeof(mdname)))
return 0;
- p = OSSL_PARAM_locate_const(params,
- OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS);
- if (p != NULL) {
+ if (p.oaep_pq != NULL) {
str = mdprops;
- if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
+ if (!OSSL_PARAM_get_utf8_string(p.oaep_pq, &str, sizeof(mdprops)))
return 0;
}
return 0;
}
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_PAD_MODE);
- if (p != NULL) {
+ if (p.pad != NULL) {
int pad_mode = 0;
- switch (p->data_type) {
+ switch (p.pad->data_type) {
case OSSL_PARAM_INTEGER: /* Support for legacy pad mode number */
- if (!OSSL_PARAM_get_int(p, &pad_mode))
+ if (!OSSL_PARAM_get_int(p.pad, &pad_mode))
return 0;
break;
case OSSL_PARAM_UTF8_STRING:
{
int i;
- if (p->data == NULL)
+ if (p.pad->data == NULL)
return 0;
for (i = 0; padding_item[i].id != 0; i++) {
- if (strcmp(p->data, padding_item[i].ptr) == 0) {
+ if (strcmp(p.pad->data, padding_item[i].ptr) == 0) {
pad_mode = padding_item[i].id;
break;
}
prsactx->pad_mode = pad_mode;
}
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST);
- if (p != NULL) {
+ if (p.mgf1 != NULL) {
str = mdname;
- if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdname)))
+ if (!OSSL_PARAM_get_utf8_string(p.mgf1, &str, sizeof(mdname)))
return 0;
- p = OSSL_PARAM_locate_const(params,
- OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS);
- if (p != NULL) {
+ if (p.mgf1_pq != NULL) {
str = mdprops;
- if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
+ if (!OSSL_PARAM_get_utf8_string(p.mgf1_pq, &str, sizeof(mdprops)))
return 0;
} else {
str = NULL;
return 0;
}
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL);
- if (p != NULL) {
+ if (p.label != NULL) {
void *tmp_label = NULL;
size_t tmp_labellen;
- if (!OSSL_PARAM_get_octet_string(p, &tmp_label, 0, &tmp_labellen))
+ if (!OSSL_PARAM_get_octet_string(p.label, &tmp_label, 0, &tmp_labellen))
return 0;
OPENSSL_free(prsactx->oaep_label);
prsactx->oaep_label = (unsigned char *)tmp_label;
prsactx->oaep_labellen = tmp_labellen;
}
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION);
- if (p != NULL) {
+ if (p.tlsver != NULL) {
unsigned int client_version;
- if (!OSSL_PARAM_get_uint(p, &client_version))
+ if (!OSSL_PARAM_get_uint(p.tlsver, &client_version))
return 0;
prsactx->client_version = client_version;
}
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION);
- if (p != NULL) {
+ if (p.negver != NULL) {
unsigned int alt_version;
- if (!OSSL_PARAM_get_uint(p, &alt_version))
+ if (!OSSL_PARAM_get_uint(p.negver, &alt_version))
return 0;
prsactx->alt_version = alt_version;
}
- p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION);
- if (p != NULL) {
+
+ if (p.imrej != NULL) {
unsigned int implicit_rejection;
- if (!OSSL_PARAM_get_uint(p, &implicit_rejection))
+ if (!OSSL_PARAM_get_uint(p.imrej, &implicit_rejection))
return 0;
prsactx->implicit_rejection = implicit_rejection;
}
return 1;
}
-static const OSSL_PARAM known_settable_ctx_params[] = {
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS, NULL, 0),
- OSSL_PARAM_octet_string(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, NULL, 0),
- OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL),
- OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),
- OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, NULL),
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK)
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED)
- OSSL_PARAM_END
-};
-
static const OSSL_PARAM *rsa_settable_ctx_params(ossl_unused void *vprsactx,
ossl_unused void *provctx)
{
- return known_settable_ctx_params;
+ return rsa_set_ctx_params_list;
}
const OSSL_DISPATCH ossl_rsa_asym_cipher_functions[] = {
projects / thirdparty / openssl.git / commitdiff
