xref: /third_party/openssl/providers/implementations/signature/rsa_sig.c

198 static int rsa_pss_compute_saltlen(PROV_RSA_CTX *ctx)
200     int saltlen = ctx->saltlen;
203         saltlen = EVP_MD_get_size(ctx->md);
205         saltlen = RSA_size(ctx->rsa) - EVP_MD_get_size(ctx->md) - 2;
206         if ((RSA_bits(ctx->rsa) & 0x7) == 1)
212     } else if (saltlen < ctx->min_saltlen) {
215                        ctx->min_saltlen, saltlen);
221 static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx,
237     switch(ctx->pad_mode) {
240                                                                  ctx->mdnid);
250                        ctx->mdnid);
253         saltlen = rsa_pss_compute_saltlen(ctx);
257             || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, ctx->mdnid)
259                                                           ctx->mgf1_mdnid)
271                        ctx->pad_mode);
283 static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
287         mdprops = ctx->propq;
290         EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
291         int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
292         int md_nid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md,
298             || !rsa_check_padding(ctx, mdname, NULL, md_nid)
299             || mdname_len >= sizeof(ctx->mdname)) {
306             if (mdname_len >= sizeof(ctx->mdname))
313         if (!ctx->flag_allow_md) {
314             if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) {
316                                "digest %s != %s", mdname, ctx->mdname);
324         if (!ctx->mgf1_md_set) {
329             EVP_MD_free(ctx->mgf1_md);
330             ctx->mgf1_md = md;
331             ctx->mgf1_mdnid = md_nid;
332             OPENSSL_strlcpy(ctx->mgf1_mdname, mdname, sizeof(ctx->mgf1_mdname));
335         EVP_MD_CTX_free(ctx->mdctx);
336         EVP_MD_free(ctx->md);
338         ctx->mdctx = NULL;
339         ctx->md = md;
340         ctx->mdnid = md_nid;
341         OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname));
347 static int rsa_setup_mgf1_md(PROV_RSA_CTX *ctx, const char *mdname,
355         mdprops = ctx->propq;
357     if ((md = EVP_MD_fetch(ctx->libctx, mdname, mdprops)) == NULL) {
363     if ((mdnid = ossl_digest_rsa_sign_get_md_nid(ctx->libctx, md, 1)) <= 0
364         || !rsa_check_padding(ctx, NULL, mdname, mdnid)) {
371     len = OPENSSL_strlcpy(ctx->mgf1_mdname, mdname, sizeof(ctx->mgf1_mdname));
372     if (len >= sizeof(ctx->mgf1_mdname)) {
379     EVP_MD_free(ctx->mgf1_md);
380     ctx->mgf1_md = md;
381     ctx->mgf1_mdnid = mdnid;
382     ctx->mgf1_md_set = 1;
483 static int setup_tbuf(PROV_RSA_CTX *ctx)
485     if (ctx->tbuf != NULL)
487     if ((ctx->tbuf = OPENSSL_malloc(RSA_size(ctx->rsa))) == NULL) {
494 static void clean_tbuf(PROV_RSA_CTX *ctx)
496     if (ctx->tbuf != NULL)
497         OPENSSL_cleanse(ctx->tbuf, RSA_size(ctx->rsa));
500 static void free_tbuf(PROV_RSA_CTX *ctx)
502     clean_tbuf(ctx);
503     OPENSSL_free(ctx->tbuf);
504     ctx->tbuf = NULL;

Indexes created Thu Nov 07 10:32:03 CST 2024