EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \\r
pad, NULL)\r
\r
+#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \\r
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \\r
+ EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)\r
+\r
#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \\r
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \\r
(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \\r
EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \\r
len, NULL)\r
\r
+#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \\r
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \\r
+ (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \\r
+ EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \\r
+ 0, plen)\r
+\r
#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \\r
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \\r
EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)\r
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \\r
EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)\r
\r
+#define EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \\r
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \\r
+ EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)\r
+\r
+#define EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \\r
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, \\r
+ EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)\r
+\r
#define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1)\r
#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 2)\r
\r
#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS (EVP_PKEY_ALG_CTRL + 3)\r
#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)\r
+#define EVP_PKEY_CTRL_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 5)\r
+\r
+#define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 6)\r
+#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 7)\r
+#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD (EVP_PKEY_ALG_CTRL + 8)\r
\r
#define RSA_PKCS1_PADDING 1\r
#define RSA_SSLV23_PADDING 2\r
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)\r
DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)\r
\r
+typedef struct rsa_pss_params_st\r
+ {\r
+ X509_ALGOR *hashAlgorithm;\r
+ X509_ALGOR *maskGenAlgorithm;\r
+ ASN1_INTEGER *saltLength;\r
+ ASN1_INTEGER *trailerField;\r
+ } RSA_PSS_PARAMS;\r
+\r
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)\r
+\r
#ifndef OPENSSL_NO_FP_API\r
int RSA_print_fp(FILE *fp, const RSA *r,int offset);\r
#endif\r
const unsigned char *mHash,\r
const EVP_MD *Hash, int sLen);\r
\r
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,\r
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash,\r
+ const unsigned char *EM, int sLen);\r
+\r
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,\r
+ const unsigned char *mHash,\r
+ const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen);\r
+\r
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,\r
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);\r
int RSA_set_ex_data(RSA *r,int idx,void *arg);\r
RSA *RSAPublicKey_dup(RSA *rsa);\r
RSA *RSAPrivateKey_dup(RSA *rsa);\r
\r
+/* If this flag is set the RSA method is FIPS compliant and can be used\r
+ * in FIPS mode. This is set in the validated module method. If an\r
+ * application sets this flag in its own methods it is its responsibility\r
+ * to ensure the result is compliant.\r
+ */\r
+\r
+#define RSA_FLAG_FIPS_METHOD 0x0400\r
+\r
+/* If this flag is set the operations normally disabled in FIPS mode are\r
+ * permitted it is then the applications responsibility to ensure that the\r
+ * usage is compliant.\r
+ */\r
+\r
+#define RSA_FLAG_NON_FIPS_ALLOW 0x0400\r
+/* Application has decided PRNG is good enough to generate a key: don't\r
+ * check.\r
+ */\r
+#define RSA_FLAG_CHECKED 0x0800\r
+\r
/* BEGIN ERROR CODES */\r
/* The following lines are auto generated by the script mkerr.pl. Any changes\r
* made after this point may be overwritten when the script is next run.\r
#define RSA_F_PKEY_RSA_CTRL 143\r
#define RSA_F_PKEY_RSA_CTRL_STR 144\r
#define RSA_F_PKEY_RSA_SIGN 142\r
+#define RSA_F_PKEY_RSA_VERIFY 154\r
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141\r
#define RSA_F_RSA_BUILTIN_KEYGEN 129\r
#define RSA_F_RSA_CHECK_KEY 123\r
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103\r
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104\r
#define RSA_F_RSA_GENERATE_KEY 105\r
+#define RSA_F_RSA_GENERATE_KEY_EX 155\r
+#define RSA_F_RSA_ITEM_VERIFY 156\r
#define RSA_F_RSA_MEMORY_LOCK 130\r
#define RSA_F_RSA_NEW_METHOD 106\r
#define RSA_F_RSA_NULL 124\r
#define RSA_F_RSA_PADDING_ADD_NONE 107\r
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121\r
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125\r
+#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 148\r
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108\r
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109\r
#define RSA_F_RSA_PADDING_ADD_SSLV23 110\r
#define RSA_F_RSA_PADDING_CHECK_X931 128\r
#define RSA_F_RSA_PRINT 115\r
#define RSA_F_RSA_PRINT_FP 116\r
+#define RSA_F_RSA_PRIVATE_DECRYPT 150\r
+#define RSA_F_RSA_PRIVATE_ENCRYPT 151\r
#define RSA_F_RSA_PRIV_DECODE 137\r
#define RSA_F_RSA_PRIV_ENCODE 138\r
+#define RSA_F_RSA_PUBLIC_DECRYPT 152\r
+#define RSA_F_RSA_PUBLIC_ENCRYPT 153\r
#define RSA_F_RSA_PUB_DECODE 139\r
#define RSA_F_RSA_SETUP_BLINDING 136\r
#define RSA_F_RSA_SIGN 117\r
#define RSA_F_RSA_VERIFY 119\r
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120\r
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126\r
+#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 149\r
\r
/* Reason codes. */\r
#define RSA_R_ALGORITHM_MISMATCH 100\r
#define RSA_R_INVALID_HEADER 137\r
#define RSA_R_INVALID_KEYBITS 145\r
#define RSA_R_INVALID_MESSAGE_LENGTH 131\r
+#define RSA_R_INVALID_MGF1_MD 156\r
#define RSA_R_INVALID_PADDING 138\r
#define RSA_R_INVALID_PADDING_MODE 141\r
+#define RSA_R_INVALID_PSS_PARAMETERS 149\r
#define RSA_R_INVALID_PSS_SALTLEN 146\r
+#define RSA_R_INVALID_SALT_LENGTH 150\r
#define RSA_R_INVALID_TRAILER 139\r
#define RSA_R_INVALID_X931_DIGEST 142\r
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126\r
#define RSA_R_KEY_SIZE_TOO_SMALL 120\r
#define RSA_R_LAST_OCTET_INVALID 134\r
#define RSA_R_MODULUS_TOO_LARGE 105\r
+#define RSA_R_NON_FIPS_RSA_METHOD 157\r
#define RSA_R_NO_PUBLIC_EXPONENT 140\r
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113\r
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127\r
#define RSA_R_OAEP_DECODING_ERROR 121\r
+#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 158\r
#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148\r
#define RSA_R_PADDING_CHECK_FAILED 114\r
#define RSA_R_P_NOT_PRIME 128\r
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115\r
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116\r
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117\r
+#define RSA_R_UNKNOWN_MASK_DIGEST 151\r
#define RSA_R_UNKNOWN_PADDING_TYPE 118\r
+#define RSA_R_UNKNOWN_PSS_DIGEST 152\r
+#define RSA_R_UNSUPPORTED_MASK_ALGORITHM 153\r
+#define RSA_R_UNSUPPORTED_MASK_PARAMETER 154\r
+#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155\r
#define RSA_R_VALUE_MISSING 147\r
#define RSA_R_WRONG_SIGNATURE_LENGTH 119\r
\r