Move FIPS RSA function definitions to fips.h
New function to lookup digests by NID in module.
Minor optimisation: if supplied hash is NULL to FIPS RSA functions and
we are using PKCS padding get digest NID from otherwise unused saltlen
parameter instead.
diff --git a/fips/fips.h b/fips/fips.h
index 816eb0d..2fa56db 100644
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -64,6 +64,7 @@
struct rsa_st;
struct evp_pkey_st;
struct env_md_st;
+struct env_md_ctx_st;
struct evp_cipher_st;
struct evp_cipher_ctx_st;
@@ -172,6 +173,31 @@
const unsigned char *ciphertext,
int len);
+const struct env_md_st *FIPS_get_digestbynid(int nid);
+
+struct rsa_st *FIPS_rsa_new(void);
+void FIPS_rsa_free(struct rsa_st *r);
+int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_sign_digest(struct rsa_st *rsa,
+ const unsigned char *md, int md_len,
+ const struct env_md_st *mhash,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_verify_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigbuf, unsigned int siglen);
+int FIPS_rsa_verify_digest(struct rsa_st *rsa,
+ const unsigned char *dig, int diglen,
+ const struct env_md_st *mhash,
+ int rsa_pad_mode, int saltlen,
+ const struct env_md_st *mgf1Hash,
+ unsigned char *sigbuf, unsigned int siglen);
+
#ifndef OPENSSL_FIPSCANISTER
int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
@@ -235,6 +261,8 @@
const EVP_MD *FIPS_evp_dss(void);
const EVP_MD *FIPS_evp_ecdsa(void);
+const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void);
+
#endif
/* Where necessary redirect standard OpenSSL APIs to FIPS versions */
diff --git a/fips/rand/fips_drbg_hash.c b/fips/rand/fips_drbg_hash.c
index a94170f..544cda1 100644
--- a/fips/rand/fips_drbg_hash.c
+++ b/fips/rand/fips_drbg_hash.c
@@ -327,6 +327,9 @@
{
const EVP_MD *md;
DRBG_HASH_CTX *hctx = &dctx->d.hash;
+ md = FIPS_get_digestbynid(dctx->type);
+ if (!md)
+ return -2;
switch (dctx->type)
{
case NID_sha1:
@@ -339,25 +342,9 @@
dctx->strength = 192;
break;
- case NID_sha256:
- md = EVP_sha256();
- dctx->strength = 256;
- break;
-
- case NID_sha384:
- md = EVP_sha384();
- dctx->strength = 256;
- break;
-
- case NID_sha512:
- md = EVP_sha512();
- dctx->strength = 256;
- break;
-
default:
- return -2;
+ dctx->strength = 256;
break;
-
}
dctx->instantiate = drbg_hash_instantiate;
diff --git a/fips/rsa/fips_rsa_sign.c b/fips/rsa/fips_rsa_sign.c
index c68c007..a4c62bf 100644
--- a/fips/rsa/fips_rsa_sign.c
+++ b/fips/rsa/fips_rsa_sign.c
@@ -224,8 +224,10 @@
FIPSerr(FIPS_F_FIPS_RSA_SIGN_DIGEST, FIPS_R_SELFTEST_FAILED);
return 0;
}
-
- md_type = M_EVP_MD_type(mhash);
+ if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+ md_type = saltlen;
+ else
+ md_type = M_EVP_MD_type(mhash);
if (rsa_pad_mode == RSA_X931_PADDING)
{
@@ -338,7 +340,10 @@
return(0);
}
- md_type = M_EVP_MD_type(mhash);
+ if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+ md_type = saltlen;
+ else
+ md_type = M_EVP_MD_type(mhash);
s= OPENSSL_malloc((unsigned int)siglen);
if (s == NULL)
diff --git a/fips/utl/fips_md.c b/fips/utl/fips_md.c
index d3db1c7..5e9fe4e 100644
--- a/fips/utl/fips_md.c
+++ b/fips/utl/fips_md.c
@@ -321,3 +321,27 @@
return 1;
}
+
+const EVP_MD *FIPS_get_digestbynid(int nid)
+ {
+ switch (nid)
+ {
+ case NID_sha1:
+ return EVP_sha1();
+
+ case NID_sha224:
+ return EVP_sha224();
+
+ case NID_sha256:
+ return EVP_sha256();
+
+ case NID_sha384:
+ return EVP_sha384();
+
+ case NID_sha512:
+ return EVP_sha512();
+
+ default:
+ return NULL;
+ }
+ }
