Update from 0.9.7-stable branch.

This commit is contained in:
Dr. Stephen Henson 2005-05-28 20:49:09 +00:00
parent 5cd94f9e9d
commit dea446d995
6 changed files with 82 additions and 20 deletions

View file

@ -148,6 +148,7 @@ int MAIN(int argc, char **argv)
else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING; else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING; else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING; else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
else if(!strcmp(*argv, "-sign")) { else if(!strcmp(*argv, "-sign")) {
rsa_mode = RSA_SIGN; rsa_mode = RSA_SIGN;
need_priv = 1; need_priv = 1;

View file

@ -19,10 +19,10 @@ APPS=
LIB=$(TOP)/libcrypto.a LIB=$(TOP)/libcrypto.a
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
rsa_asn1.c rsa_depr.c rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
rsa_asn1.o rsa_depr.o rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o
SRC= $(LIBSRC) SRC= $(LIBSRC)

View file

@ -196,6 +196,7 @@ struct rsa_st
#define RSA_SSLV23_PADDING 2 #define RSA_SSLV23_PADDING 2
#define RSA_NO_PADDING 3 #define RSA_NO_PADDING 3
#define RSA_PKCS1_OAEP_PADDING 4 #define RSA_PKCS1_OAEP_PADDING 4
#define RSA_X931_PADDING 5
#define RSA_PKCS1_PADDING_SIZE 11 #define RSA_PKCS1_PADDING_SIZE 11
@ -297,6 +298,8 @@ int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
const unsigned char *f,int fl); const unsigned char *f,int fl);
int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
const unsigned char *f,int fl,int rsa_len); const unsigned char *f,int fl,int rsa_len);
int PKCS1_MGF1(unsigned char *mask, long len,
const unsigned char *seed, long seedlen, const EVP_MD *dgst);
int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
const unsigned char *f,int fl, const unsigned char *f,int fl,
const unsigned char *p,int pl); const unsigned char *p,int pl);
@ -311,6 +314,11 @@ int RSA_padding_add_none(unsigned char *to,int tlen,
const unsigned char *f,int fl); const unsigned char *f,int fl);
int RSA_padding_check_none(unsigned char *to,int tlen, int RSA_padding_check_none(unsigned char *to,int tlen,
const unsigned char *f,int fl,int rsa_len); const unsigned char *f,int fl,int rsa_len);
int RSA_padding_add_X931(unsigned char *to,int tlen,
const unsigned char *f,int fl);
int RSA_padding_check_X931(unsigned char *to,int tlen,
const unsigned char *f,int fl,int rsa_len);
int RSA_X931_hash_id(int nid);
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@ -329,37 +337,43 @@ void ERR_load_RSA_strings(void);
/* Error codes for the RSA functions. */ /* Error codes for the RSA functions. */
/* Function codes. */ /* Function codes. */
#define RSA_F_RSA_BUILTIN_KEYGEN 105 #define RSA_F_MEMORY_LOCK 100
#define RSA_F_RSA_BUILTIN_KEYGEN 129
#define RSA_F_RSA_CHECK_KEY 123 #define RSA_F_RSA_CHECK_KEY 123
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 #define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 #define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 #define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 #define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
#define RSA_F_RSA_MEMORY_LOCK 100 #define RSA_F_RSA_GENERATE_KEY 105
#define RSA_F_RSA_MEMORY_LOCK 130
#define RSA_F_RSA_NEW_METHOD 106 #define RSA_F_RSA_NEW_METHOD 106
#define RSA_F_RSA_NULL 124 #define RSA_F_RSA_NULL 124
#define RSA_F_RSA_NULL_MOD_EXP 126 #define RSA_F_RSA_NULL_MOD_EXP 131
#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 127 #define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 128 #define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 129 #define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 130 #define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
#define RSA_F_RSA_PADDING_ADD_NONE 107 #define RSA_F_RSA_PADDING_ADD_NONE 107
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 #define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 #define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
#define RSA_F_RSA_PADDING_ADD_SSLV23 110 #define RSA_F_RSA_PADDING_ADD_SSLV23 110
#define RSA_F_RSA_PADDING_ADD_X931 127
#define RSA_F_RSA_PADDING_CHECK_NONE 111 #define RSA_F_RSA_PADDING_CHECK_NONE 111
#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 #define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 #define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 #define RSA_F_RSA_PADDING_CHECK_SSLV23 114
#define RSA_F_RSA_PADDING_CHECK_X931 128
#define RSA_F_RSA_PRINT 115 #define RSA_F_RSA_PRINT 115
#define RSA_F_RSA_PRINT_FP 116 #define RSA_F_RSA_PRINT_FP 116
#define RSA_F_RSA_SETUP_BLINDING 125 #define RSA_F_RSA_SETUP_BLINDING 136
#define RSA_F_RSA_SIGN 117 #define RSA_F_RSA_SIGN 117
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
#define RSA_F_RSA_VERIFY 119 #define RSA_F_RSA_VERIFY 119
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 #define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
/* Reason codes. */ /* Reason codes. */
#define RSA_R_ALGORITHM_MISMATCH 100 #define RSA_R_ALGORITHM_MISMATCH 100
@ -379,13 +393,19 @@ void ERR_load_RSA_strings(void);
#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 #define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 #define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
#define RSA_R_FIRST_OCTET_INVALID 133
#define RSA_R_INVALID_HEADER 137
#define RSA_R_INVALID_MESSAGE_LENGTH 131 #define RSA_R_INVALID_MESSAGE_LENGTH 131
#define RSA_R_INVALID_PADDING 138
#define RSA_R_INVALID_TRAILER 139
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 #define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120 #define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_NO_PUBLIC_EXPONENT 133 #define RSA_R_LAST_OCTET_INVALID 134
#define RSA_R_NO_PUBLIC_EXPONENT 140
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
#define RSA_R_OAEP_DECODING_ERROR 121 #define RSA_R_OAEP_DECODING_ERROR 121
#define RSA_R_ONE_CHECK_FAILED 135
#define RSA_R_PADDING_CHECK_FAILED 114 #define RSA_R_PADDING_CHECK_FAILED 114
#define RSA_R_P_NOT_PRIME 128 #define RSA_R_P_NOT_PRIME 128
#define RSA_R_Q_NOT_PRIME 129 #define RSA_R_Q_NOT_PRIME 129
@ -395,6 +415,7 @@ void ERR_load_RSA_strings(void);
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 #define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
#define RSA_R_UNKNOWN_PADDING_TYPE 118 #define RSA_R_UNKNOWN_PADDING_TYPE 118
#define RSA_R_WRONG_SIGNATURE_LENGTH 119 #define RSA_R_WRONG_SIGNATURE_LENGTH 119
#define RSA_R_ZERO_CHECK_FAILED 136
#ifdef __cplusplus #ifdef __cplusplus
} }

View file

@ -309,7 +309,7 @@ static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f,
static int RSA_eay_private_encrypt(int flen, const unsigned char *from, static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding) unsigned char *to, RSA *rsa, int padding)
{ {
BIGNUM *f, *ret, *br; BIGNUM *f, *ret, *br, *res;
int i,j,k,num=0,r= -1; int i,j,k,num=0,r= -1;
unsigned char *buf=NULL; unsigned char *buf=NULL;
BN_CTX *ctx=NULL; BN_CTX *ctx=NULL;
@ -334,6 +334,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
case RSA_PKCS1_PADDING: case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
break; break;
case RSA_X931_PADDING:
i=RSA_padding_add_X931(buf,num,from,flen);
break;
case RSA_NO_PADDING: case RSA_NO_PADDING:
i=RSA_padding_add_none(buf,num,from,flen); i=RSA_padding_add_none(buf,num,from,flen);
break; break;
@ -400,10 +403,21 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx))
goto err; goto err;
if (padding == RSA_X931_PADDING)
{
BN_sub(f, rsa->n, ret);
if (BN_cmp(ret, f))
res = f;
else
res = ret;
}
else
res = ret;
/* put in leading 0 bytes if the number is less than the /* put in leading 0 bytes if the number is less than the
* length of the modulus */ * length of the modulus */
j=BN_num_bytes(ret); j=BN_num_bytes(res);
i=BN_bn2bin(ret,&(to[num-j])); i=BN_bn2bin(res,&(to[num-j]));
for (k=0; k<(num-i); k++) for (k=0; k<(num-i); k++)
to[k]=0; to[k]=0;
@ -593,6 +607,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err; rsa->_method_mod_n)) goto err;
if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
BN_sub(ret, rsa->n, ret);
p=buf; p=buf;
i=BN_bn2bin(ret,p); i=BN_bn2bin(ret,p);
@ -601,6 +618,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
case RSA_PKCS1_PADDING: case RSA_PKCS1_PADDING:
r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
break; break;
case RSA_X931_PADDING:
r=RSA_padding_check_X931(to,num,buf,i,num);
break;
case RSA_NO_PADDING: case RSA_NO_PADDING:
r=RSA_padding_check_none(to,num,buf,i,num); r=RSA_padding_check_none(to,num,buf,i,num);
break; break;

View file

@ -70,12 +70,14 @@
static ERR_STRING_DATA RSA_str_functs[]= static ERR_STRING_DATA RSA_str_functs[]=
{ {
{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"}, {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
@ -86,14 +88,17 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"}, {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_PADDING_ADD_PKCS1_PSS"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"}, {ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"},
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"},
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"},
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"}, {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
@ -101,6 +106,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"}, {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_VERIFY_PKCS1_PSS"},
{0,NULL} {0,NULL}
}; };
@ -123,13 +129,19 @@ static ERR_STRING_DATA RSA_str_reasons[]=
{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"}, {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"}, {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"}, {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
{ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"},
{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"}, {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"},
{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"}, {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"},
{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},
{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"},
{ERR_REASON(RSA_R_ONE_CHECK_FAILED) ,"one check failed"},
{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"},
{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
{ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"},
@ -139,6 +151,7 @@ static ERR_STRING_DATA RSA_str_reasons[]=
{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"}, {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"}, {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"}, {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
{ERR_REASON(RSA_R_ZERO_CHECK_FAILED) ,"zero check failed"},
{0,NULL} {0,NULL}
}; };

View file

@ -170,28 +170,30 @@ decoding_err:
return -1; return -1;
} }
int MGF1(unsigned char *mask, long len, int PKCS1_MGF1(unsigned char *mask, long len,
const unsigned char *seed, long seedlen) const unsigned char *seed, long seedlen, const EVP_MD *dgst)
{ {
long i, outlen = 0; long i, outlen = 0;
unsigned char cnt[4]; unsigned char cnt[4];
EVP_MD_CTX c; EVP_MD_CTX c;
unsigned char md[SHA_DIGEST_LENGTH]; unsigned char md[EVP_MAX_MD_SIZE];
int mdlen;
EVP_MD_CTX_init(&c); EVP_MD_CTX_init(&c);
mdlen = EVP_MD_size(dgst);
for (i = 0; outlen < len; i++) for (i = 0; outlen < len; i++)
{ {
cnt[0] = (unsigned char)((i >> 24) & 255); cnt[0] = (unsigned char)((i >> 24) & 255);
cnt[1] = (unsigned char)((i >> 16) & 255); cnt[1] = (unsigned char)((i >> 16) & 255);
cnt[2] = (unsigned char)((i >> 8)) & 255; cnt[2] = (unsigned char)((i >> 8)) & 255;
cnt[3] = (unsigned char)(i & 255); cnt[3] = (unsigned char)(i & 255);
EVP_DigestInit_ex(&c,EVP_sha1(), NULL); EVP_DigestInit_ex(&c,dgst, NULL);
EVP_DigestUpdate(&c, seed, seedlen); EVP_DigestUpdate(&c, seed, seedlen);
EVP_DigestUpdate(&c, cnt, 4); EVP_DigestUpdate(&c, cnt, 4);
if (outlen + SHA_DIGEST_LENGTH <= len) if (outlen + mdlen <= len)
{ {
EVP_DigestFinal_ex(&c, mask + outlen, NULL); EVP_DigestFinal_ex(&c, mask + outlen, NULL);
outlen += SHA_DIGEST_LENGTH; outlen += mdlen;
} }
else else
{ {
@ -203,4 +205,9 @@ int MGF1(unsigned char *mask, long len,
EVP_MD_CTX_cleanup(&c); EVP_MD_CTX_cleanup(&c);
return 0; return 0;
} }
int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen)
{
return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
}
#endif #endif