Lines Matching refs:rctx
58 #define rsa_pss_restricted(rctx) (rctx->min_saltlen != -1)
62 RSA_PKEY_CTX *rctx = OPENSSL_zalloc(sizeof(*rctx));
64 if (rctx == NULL)
66 rctx->nbits = 2048;
67 rctx->primes = RSA_DEFAULT_PRIME_NUM;
69 rctx->pad_mode = RSA_PKCS1_PSS_PADDING;
71 rctx->pad_mode = RSA_PKCS1_PADDING;
73 rctx->saltlen = RSA_PSS_SALTLEN_AUTO;
74 rctx->min_saltlen = -1;
75 ctx->data = rctx;
76 ctx->keygen_info = rctx->gentmp;
124 RSA_PKEY_CTX *rctx = ctx->data;
125 if (rctx) {
126 BN_free(rctx->pub_exp);
127 OPENSSL_free(rctx->tbuf);
128 OPENSSL_free(rctx->oaep_label);
129 OPENSSL_free(rctx);
138 RSA_PKEY_CTX *rctx = ctx->data;
146 if (rctx->md) {
147 if (tbslen != (size_t)EVP_MD_get_size(rctx->md)) {
152 if (EVP_MD_get_type(rctx->md) == NID_mdc2) {
154 if (rctx->pad_mode != RSA_PKCS1_PADDING)
161 } else if (rctx->pad_mode == RSA_X931_PADDING) {
166 if (!setup_tbuf(rctx, ctx)) {
170 memcpy(rctx->tbuf, tbs, tbslen);
171 rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_get_type(rctx->md));
172 ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
174 } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
176 ret = RSA_sign(EVP_MD_get_type(rctx->md),
181 } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
182 if (!setup_tbuf(rctx, ctx))
185 rctx->tbuf, tbs,
186 rctx->md, rctx->mgf1md,
187 rctx->saltlen))
189 ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
195 ret = RSA_private_encrypt(tbslen, tbs, sig, rsa, rctx->pad_mode);
208 RSA_PKEY_CTX *rctx = ctx->data;
216 if (rctx->md) {
217 if (rctx->pad_mode == RSA_X931_PADDING) {
218 if (!setup_tbuf(rctx, ctx))
220 ret = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa,
225 if (rctx->tbuf[ret] != RSA_X931_hash_id(EVP_MD_get_type(rctx->md))) {
229 if (ret != EVP_MD_get_size(rctx->md)) {
234 memcpy(rout, rctx->tbuf, ret);
235 } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
237 ret = ossl_rsa_verify(EVP_MD_get_type(rctx->md),
247 ret = RSA_public_decrypt(siglen, sig, rout, rsa, rctx->pad_mode);
259 RSA_PKEY_CTX *rctx = ctx->data;
268 if (rctx->md) {
269 if (rctx->pad_mode == RSA_PKCS1_PADDING)
270 return RSA_verify(EVP_MD_get_type(rctx->md), tbs, tbslen,
272 if (tbslen != (size_t)EVP_MD_get_size(rctx->md)) {
276 if (rctx->pad_mode == RSA_X931_PADDING) {
279 } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
281 if (!setup_tbuf(rctx, ctx))
283 ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
288 rctx->md, rctx->mgf1md,
289 rctx->tbuf, rctx->saltlen);
297 if (!setup_tbuf(rctx, ctx))
299 rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf,
300 rsa, rctx->pad_mode);
305 if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen))
317 RSA_PKEY_CTX *rctx = ctx->data;
325 if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
327 if (!setup_tbuf(rctx, ctx))
329 if (!RSA_padding_add_PKCS1_OAEP_mgf1(rctx->tbuf, klen,
331 rctx->oaep_label,
332 rctx->oaep_labellen,
333 rctx->md, rctx->mgf1md))
335 ret = RSA_public_encrypt(klen, rctx->tbuf, out, rsa, RSA_NO_PADDING);
337 ret = RSA_public_encrypt(inlen, in, out, rsa, rctx->pad_mode);
350 RSA_PKEY_CTX *rctx = ctx->data;
358 if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
359 if (!setup_tbuf(rctx, ctx))
361 ret = RSA_private_decrypt(inlen, in, rctx->tbuf, rsa, RSA_NO_PADDING);
364 ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, ret, rctx->tbuf,
366 rctx->oaep_label,
367 rctx->oaep_labellen,
368 rctx->md, rctx->mgf1md);
370 ret = RSA_private_decrypt(inlen, in, out, rsa, rctx->pad_mode);
430 RSA_PKEY_CTX *rctx = ctx->data;
435 if (!check_padding_md(rctx->md, p1))
441 if (!rctx->md)
442 rctx->md = EVP_sha1();
449 if (!rctx->md)
450 rctx->md = EVP_sha1();
452 rctx->pad_mode = p1;
460 *(int *)p2 = rctx->pad_mode;
465 if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
470 *(int *)p2 = rctx->saltlen;
474 if (rsa_pss_restricted(rctx)) {
481 && rctx->min_saltlen > EVP_MD_get_size(rctx->md))
482 || (p1 >= 0 && p1 < rctx->min_saltlen)) {
487 rctx->saltlen = p1;
496 rctx->nbits = p1;
504 BN_free(rctx->pub_exp);
505 rctx->pub_exp = p2;
513 rctx->primes = p1;
518 if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
523 *(const EVP_MD **)p2 = rctx->md;
525 rctx->md = p2;
529 if (!check_padding_md(p2, rctx->pad_mode))
531 if (rsa_pss_restricted(rctx)) {
532 if (EVP_MD_get_type(rctx->md) == EVP_MD_get_type(p2))
537 rctx->md = p2;
541 *(const EVP_MD **)p2 = rctx->md;
546 if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING
547 && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
552 if (rctx->mgf1md)
553 *(const EVP_MD **)p2 = rctx->mgf1md;
555 *(const EVP_MD **)p2 = rctx->md;
557 if (rsa_pss_restricted(rctx)) {
558 if (EVP_MD_get_type(rctx->mgf1md) == EVP_MD_get_type(p2))
563 rctx->mgf1md = p2;
568 if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
572 OPENSSL_free(rctx->oaep_label);
574 rctx->oaep_label = p2;
575 rctx->oaep_labellen = p1;
577 rctx->oaep_label = NULL;
578 rctx->oaep_labellen = 0;
583 if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
587 *(unsigned char **)p2 = rctx->oaep_label;
588 return rctx->oaep_labellen;
728 RSA_PKEY_CTX *rctx = ctx->data;
733 if (rctx->md == NULL && rctx->mgf1md == NULL && rctx->saltlen == -2)
735 rsa->pss = ossl_rsa_pss_params_create(rctx->md, rctx->mgf1md,
736 rctx->saltlen == -2
737 ? 0 : rctx->saltlen);
746 RSA_PKEY_CTX *rctx = ctx->data;
750 if (rctx->pub_exp == NULL) {
751 rctx->pub_exp = BN_new();
752 if (rctx->pub_exp == NULL || !BN_set_word(rctx->pub_exp, RSA_F4))
768 ret = RSA_generate_multi_prime_key(rsa, rctx->nbits, rctx->primes,
769 rctx->pub_exp, pcb);
830 RSA_PKEY_CTX *rctx = ctx->data;
855 rctx->min_saltlen = min_saltlen;
862 rctx->md = md;
863 rctx->mgf1md = mgf1md;
864 rctx->saltlen = min_saltlen;