CoCalc -- rsa

GitHub Repository: freebsd/freebsd-src
Path: blob/main/crypto/openssl/providers/implementations/asymciphers/rsa_enc.c
⁴⁸³⁸³ views
1
/*
2
 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9

10
/*
11
 * RSA low level APIs are deprecated for public use, but still ok for
12
 * internal use.
13
 */
14
#include "internal/deprecated.h"
15

16
#include <openssl/crypto.h>
17
#include <openssl/evp.h>
18
#include <openssl/core_dispatch.h>
19
#include <openssl/core_names.h>
20
#include <openssl/rsa.h>
21
#include <openssl/params.h>
22
#include <openssl/err.h>
23
#include <openssl/proverr.h>
24
/* Just for SSL_MAX_MASTER_KEY_LENGTH */
25
#include <openssl/prov_ssl.h>
26
#include "internal/constant_time.h"
27
#include "internal/sizes.h"
28
#include "crypto/rsa.h"
29
#include "prov/provider_ctx.h"
30
#include "prov/implementations.h"
31
#include "prov/providercommon.h"
32
#include "prov/securitycheck.h"
33
#include <stdlib.h>
34

35
static OSSL_FUNC_asym_cipher_newctx_fn rsa_newctx;
36
static OSSL_FUNC_asym_cipher_encrypt_init_fn rsa_encrypt_init;
37
static OSSL_FUNC_asym_cipher_encrypt_fn rsa_encrypt;
38
static OSSL_FUNC_asym_cipher_decrypt_init_fn rsa_decrypt_init;
39
static OSSL_FUNC_asym_cipher_decrypt_fn rsa_decrypt;
40
static OSSL_FUNC_asym_cipher_freectx_fn rsa_freectx;
41
static OSSL_FUNC_asym_cipher_dupctx_fn rsa_dupctx;
42
static OSSL_FUNC_asym_cipher_get_ctx_params_fn rsa_get_ctx_params;
43
static OSSL_FUNC_asym_cipher_gettable_ctx_params_fn rsa_gettable_ctx_params;
44
static OSSL_FUNC_asym_cipher_set_ctx_params_fn rsa_set_ctx_params;
45
static OSSL_FUNC_asym_cipher_settable_ctx_params_fn rsa_settable_ctx_params;
46

47
static OSSL_ITEM padding_item[] = {
48
    { RSA_PKCS1_PADDING,        OSSL_PKEY_RSA_PAD_MODE_PKCSV15 },
49
    { RSA_NO_PADDING,           OSSL_PKEY_RSA_PAD_MODE_NONE },
50
    { RSA_PKCS1_OAEP_PADDING,   OSSL_PKEY_RSA_PAD_MODE_OAEP }, /* Correct spelling first */
51
    { RSA_PKCS1_OAEP_PADDING,   "oeap"   },
52
    { 0,                        NULL     }
53
};
54

55
/*
56
 * What's passed as an actual key is defined by the KEYMGMT interface.
57
 * We happen to know that our KEYMGMT simply passes RSA structures, so
58
 * we use that here too.
59
 */
60

61
typedef struct {
62
    OSSL_LIB_CTX *libctx;
63
    RSA *rsa;
64
    int pad_mode;
65
    int operation;
66
    /* OAEP message digest */
67
    EVP_MD *oaep_md;
68
    /* message digest for MGF1 */
69
    EVP_MD *mgf1_md;
70
    /* OAEP label */
71
    unsigned char *oaep_label;
72
    size_t oaep_labellen;
73
    /* TLS padding */
74
    unsigned int client_version;
75
    unsigned int alt_version;
76
    /* PKCS#1 v1.5 decryption mode */
77
    unsigned int implicit_rejection;
78
    OSSL_FIPS_IND_DECLARE
79
} PROV_RSA_CTX;
80

81
static void *rsa_newctx(void *provctx)
82
{
83
    PROV_RSA_CTX *prsactx;
84

85
    if (!ossl_prov_is_running())
86
        return NULL;
87
    prsactx = OPENSSL_zalloc(sizeof(PROV_RSA_CTX));
88
    if (prsactx == NULL)
89
        return NULL;
90
    prsactx->libctx = PROV_LIBCTX_OF(provctx);
91
    OSSL_FIPS_IND_INIT(prsactx)
92

93
    return prsactx;
94
}
95

96
static int rsa_init(void *vprsactx, void *vrsa, const OSSL_PARAM params[],
97
                    int operation, const char *desc)
98
{
99
    PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
100
    int protect = 0;
101

102
    if (!ossl_prov_is_running() || prsactx == NULL || vrsa == NULL)
103
        return 0;
104

105
    if (!ossl_rsa_key_op_get_protect(vrsa, operation, &protect))
106
        return 0;
107
    if (!RSA_up_ref(vrsa))
108
        return 0;
109
    RSA_free(prsactx->rsa);
110
    prsactx->rsa = vrsa;
111
    prsactx->operation = operation;
112
    prsactx->implicit_rejection = 1;
113

114
    switch (RSA_test_flags(prsactx->rsa, RSA_FLAG_TYPE_MASK)) {
115
    case RSA_FLAG_TYPE_RSA:
116
        prsactx->pad_mode = RSA_PKCS1_PADDING;
117
        break;
118
    default:
119
        /* This should not happen due to the check above */
120
        ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
121
        return 0;
122
    }
123

124
    OSSL_FIPS_IND_SET_APPROVED(prsactx)
125
    if (!rsa_set_ctx_params(prsactx, params))
126
        return 0;
127
#ifdef FIPS_MODULE
128
    if (!ossl_fips_ind_rsa_key_check(OSSL_FIPS_IND_GET(prsactx),
129
                                     OSSL_FIPS_IND_SETTABLE0, prsactx->libctx,
130
                                     prsactx->rsa, desc, protect))
131
        return 0;
132
#endif
133
    return 1;
134
}
135

136
static int rsa_encrypt_init(void *vprsactx, void *vrsa,
137
                            const OSSL_PARAM params[])
138
{
139
    return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_ENCRYPT,
140
                    "RSA Encrypt Init");
141
}
142

143
static int rsa_decrypt_init(void *vprsactx, void *vrsa,
144
                            const OSSL_PARAM params[])
145
{
146
    return rsa_init(vprsactx, vrsa, params, EVP_PKEY_OP_DECRYPT,
147
                    "RSA Decrypt Init");
148
}
149

150
static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
151
                       size_t outsize, const unsigned char *in, size_t inlen)
152
{
153
    PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
154
    size_t len = RSA_size(prsactx->rsa);
155
    int ret;
156

157
    if (!ossl_prov_is_running())
158
        return 0;
159

160
#ifdef FIPS_MODULE
161
    if ((prsactx->pad_mode == RSA_PKCS1_PADDING
162
         || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING)
163
        && !OSSL_FIPS_IND_ON_UNAPPROVED(prsactx, OSSL_FIPS_IND_SETTABLE1,
164
                                        prsactx->libctx, "RSA Encrypt",
165
                                        "PKCS#1 v1.5 padding",
166
                                        ossl_fips_config_rsa_pkcs15_padding_disabled)) {
167
        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE);
168
        return 0;
169
    }
170
#endif
171

172
    if (len == 0) {
173
        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY);
174
        return 0;
175
    }
176

177
    if (out == NULL) {
178
        *outlen = len;
179
        return 1;
180
    }
181

182
    if (outsize < len) {
183
        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
184
        return 0;
185
    }
186

187
    if (prsactx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
188
        int rsasize = RSA_size(prsactx->rsa);
189
        unsigned char *tbuf;
190

191
        if ((tbuf = OPENSSL_malloc(rsasize)) == NULL)
192
            return 0;
193
        if (prsactx->oaep_md == NULL) {
194
            prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, "SHA-1", NULL);
195
            if (prsactx->oaep_md == NULL) {
196
                OPENSSL_free(tbuf);
197
                ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
198
                return 0;
199
            }
200
        }
201
        ret =
202
            ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf,
203
                                                    rsasize, in, inlen,
204
                                                    prsactx->oaep_label,
205
                                                    prsactx->oaep_labellen,
206
                                                    prsactx->oaep_md,
207
                                                    prsactx->mgf1_md);
208

209
        if (!ret) {
210
            OPENSSL_free(tbuf);
211
            return 0;
212
        }
213
        ret = RSA_public_encrypt(rsasize, tbuf, out, prsactx->rsa,
214
                                 RSA_NO_PADDING);
215
        OPENSSL_free(tbuf);
216
    } else {
217
        ret = RSA_public_encrypt(inlen, in, out, prsactx->rsa,
218
                                 prsactx->pad_mode);
219
    }
220
    /* A ret value of 0 is not an error */
221
    if (ret < 0)
222
        return ret;
223
    *outlen = ret;
224
    return 1;
225
}
226

227
static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen,
228
                       size_t outsize, const unsigned char *in, size_t inlen)
229
{
230
    PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
231
    int ret;
232
    int pad_mode;
233
    size_t len = RSA_size(prsactx->rsa);
234

235
    if (!ossl_prov_is_running())
236
        return 0;
237

238
    if (prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) {
239
        if (out == NULL) {
240
            *outlen = SSL_MAX_MASTER_KEY_LENGTH;
241
            return 1;
242
        }
243
        if (outsize < SSL_MAX_MASTER_KEY_LENGTH) {
244
            ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH);
245
            return 0;
246
        }
247
    } else {
248
        if (out == NULL) {
249
            if (len == 0) {
250
                ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY);
251
                return 0;
252
            }
253
            *outlen = len;
254
            return 1;
255
        }
256

257
        if (outsize < len) {
258
            ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH);
259
            return 0;
260
        }
261
    }
262

263
    if (prsactx->pad_mode == RSA_PKCS1_OAEP_PADDING
264
            || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) {
265
        unsigned char *tbuf;
266

267
        if ((tbuf = OPENSSL_malloc(len)) == NULL)
268
            return 0;
269
        ret = RSA_private_decrypt(inlen, in, tbuf, prsactx->rsa,
270
                                  RSA_NO_PADDING);
271
        /*
272
         * With no padding then, on success ret should be len, otherwise an
273
         * error occurred (non-constant time)
274
         */
275
        if (ret != (int)len) {
276
            OPENSSL_free(tbuf);
277
            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_DECRYPT);
278
            return 0;
279
        }
280
        if (prsactx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
281
            if (prsactx->oaep_md == NULL) {
282
                prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, "SHA-1", NULL);
283
                if (prsactx->oaep_md == NULL) {
284
                    OPENSSL_free(tbuf);
285
                    ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
286
                    return 0;
287
                }
288
            }
289
            ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, outsize, tbuf,
290
                                                    len, len,
291
                                                    prsactx->oaep_label,
292
                                                    prsactx->oaep_labellen,
293
                                                    prsactx->oaep_md,
294
                                                    prsactx->mgf1_md);
295
        } else {
296
            /* RSA_PKCS1_WITH_TLS_PADDING */
297
            if (prsactx->client_version <= 0) {
298
                ERR_raise(ERR_LIB_PROV, PROV_R_BAD_TLS_CLIENT_VERSION);
299
                OPENSSL_free(tbuf);
300
                return 0;
301
            }
302
            ret = ossl_rsa_padding_check_PKCS1_type_2_TLS(
303
                        prsactx->libctx, out, outsize, tbuf, len,
304
                        prsactx->client_version, prsactx->alt_version);
305
        }
306
        OPENSSL_free(tbuf);
307
    } else {
308
        if ((prsactx->implicit_rejection == 0) &&
309
                (prsactx->pad_mode == RSA_PKCS1_PADDING))
310
            pad_mode = RSA_PKCS1_NO_IMPLICIT_REJECT_PADDING;
311
        else
312
            pad_mode = prsactx->pad_mode;
313
        ret = RSA_private_decrypt(inlen, in, out, prsactx->rsa, pad_mode);
314
    }
315
    *outlen = constant_time_select_s(constant_time_msb_s(ret), *outlen, ret);
316
    ret = constant_time_select_int(constant_time_msb(ret), 0, 1);
317
    return ret;
318
}
319

320
static void rsa_freectx(void *vprsactx)
321
{
322
    PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
323

324
    RSA_free(prsactx->rsa);
325

326
    EVP_MD_free(prsactx->oaep_md);
327
    EVP_MD_free(prsactx->mgf1_md);
328
    OPENSSL_free(prsactx->oaep_label);
329

330
    OPENSSL_free(prsactx);
331
}
332

333
static void *rsa_dupctx(void *vprsactx)
334
{
335
    PROV_RSA_CTX *srcctx = (PROV_RSA_CTX *)vprsactx;
336
    PROV_RSA_CTX *dstctx;
337

338
    if (!ossl_prov_is_running())
339
        return NULL;
340

341
    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
342
    if (dstctx == NULL)
343
        return NULL;
344

345
    *dstctx = *srcctx;
346
    if (dstctx->rsa != NULL && !RSA_up_ref(dstctx->rsa)) {
347
        OPENSSL_free(dstctx);
348
        return NULL;
349
    }
350

351
    if (dstctx->oaep_md != NULL && !EVP_MD_up_ref(dstctx->oaep_md)) {
352
        RSA_free(dstctx->rsa);
353
        OPENSSL_free(dstctx);
354
        return NULL;
355
    }
356

357
    if (dstctx->mgf1_md != NULL && !EVP_MD_up_ref(dstctx->mgf1_md)) {
358
        RSA_free(dstctx->rsa);
359
        EVP_MD_free(dstctx->oaep_md);
360
        OPENSSL_free(dstctx);
361
        return NULL;
362
    }
363

364
    return dstctx;
365
}
366

367
static int rsa_get_ctx_params(void *vprsactx, OSSL_PARAM *params)
368
{
369
    PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
370
    OSSL_PARAM *p;
371

372
    if (prsactx == NULL)
373
        return 0;
374

375
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_PAD_MODE);
376
    if (p != NULL)
377
        switch (p->data_type) {
378
        case OSSL_PARAM_INTEGER: /* Support for legacy pad mode number */
379
            if (!OSSL_PARAM_set_int(p, prsactx->pad_mode))
380
                return 0;
381
            break;
382
        case OSSL_PARAM_UTF8_STRING:
383
            {
384
                int i;
385
                const char *word = NULL;
386

387
                for (i = 0; padding_item[i].id != 0; i++) {
388
                    if (prsactx->pad_mode == (int)padding_item[i].id) {
389
                        word = padding_item[i].ptr;
390
                        break;
391
                    }
392
                }
393

394
                if (word != NULL) {
395
                    if (!OSSL_PARAM_set_utf8_string(p, word))
396
                        return 0;
397
                } else {
398
                    ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
399
                }
400
            }
401
            break;
402
        default:
403
            return 0;
404
        }
405

406
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST);
407
    if (p != NULL && !OSSL_PARAM_set_utf8_string(p, prsactx->oaep_md == NULL
408
                                                    ? ""
409
                                                    : EVP_MD_get0_name(prsactx->oaep_md)))
410
        return 0;
411

412
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST);
413
    if (p != NULL) {
414
        EVP_MD *mgf1_md = prsactx->mgf1_md == NULL ? prsactx->oaep_md
415
                                                   : prsactx->mgf1_md;
416

417
        if (!OSSL_PARAM_set_utf8_string(p, mgf1_md == NULL
418
                                           ? ""
419
                                           : EVP_MD_get0_name(mgf1_md)))
420
        return 0;
421
    }
422

423
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL);
424
    if (p != NULL &&
425
        !OSSL_PARAM_set_octet_ptr(p, prsactx->oaep_label,
426
                                  prsactx->oaep_labellen))
427
        return 0;
428

429
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION);
430
    if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->client_version))
431
        return 0;
432

433
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION);
434
    if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->alt_version))
435
        return 0;
436

437
    p = OSSL_PARAM_locate(params, OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION);
438
    if (p != NULL && !OSSL_PARAM_set_uint(p, prsactx->implicit_rejection))
439
        return 0;
440
    if (!OSSL_FIPS_IND_GET_CTX_PARAM(prsactx, params))
441
        return 0;
442
    return 1;
443
}
444

445
static const OSSL_PARAM known_gettable_ctx_params[] = {
446
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, NULL, 0),
447
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, NULL, 0),
448
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST, NULL, 0),
449
    OSSL_PARAM_DEFN(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, OSSL_PARAM_OCTET_PTR,
450
                    NULL, 0),
451
    OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL),
452
    OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),
453
    OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, NULL),
454
    OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
455
    OSSL_PARAM_END
456
};
457

458
static const OSSL_PARAM *rsa_gettable_ctx_params(ossl_unused void *vprsactx,
459
                                                 ossl_unused void *provctx)
460
{
461
    return known_gettable_ctx_params;
462
}
463

464
static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[])
465
{
466
    PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
467
    const OSSL_PARAM *p;
468
    char mdname[OSSL_MAX_NAME_SIZE];
469
    char mdprops[OSSL_MAX_PROPQUERY_SIZE] = { '\0' };
470
    char *str = NULL;
471

472
    if (prsactx == NULL)
473
        return 0;
474
    if (ossl_param_is_empty(params))
475
        return 1;
476

477
    if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE0, params,
478
                                     OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK))
479
        return 0;
480
    if (!OSSL_FIPS_IND_SET_CTX_PARAM(prsactx, OSSL_FIPS_IND_SETTABLE1, params,
481
                                     OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED))
482
        return 0;
483

484
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST);
485
    if (p != NULL) {
486
        str = mdname;
487
        if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdname)))
488
            return 0;
489

490
        p = OSSL_PARAM_locate_const(params,
491
                                    OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS);
492
        if (p != NULL) {
493
            str = mdprops;
494
            if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
495
                return 0;
496
        }
497

498
        EVP_MD_free(prsactx->oaep_md);
499
        prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, mdname, mdprops);
500

501
        if (prsactx->oaep_md == NULL)
502
            return 0;
503
    }
504

505
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_PAD_MODE);
506
    if (p != NULL) {
507
        int pad_mode = 0;
508

509
        switch (p->data_type) {
510
        case OSSL_PARAM_INTEGER: /* Support for legacy pad mode number */
511
            if (!OSSL_PARAM_get_int(p, &pad_mode))
512
                return 0;
513
            break;
514
        case OSSL_PARAM_UTF8_STRING:
515
            {
516
                int i;
517

518
                if (p->data == NULL)
519
                    return 0;
520

521
                for (i = 0; padding_item[i].id != 0; i++) {
522
                    if (strcmp(p->data, padding_item[i].ptr) == 0) {
523
                        pad_mode = padding_item[i].id;
524
                        break;
525
                    }
526
                }
527
            }
528
            break;
529
        default:
530
            return 0;
531
        }
532

533
        /*
534
         * PSS padding is for signatures only so is not compatible with
535
         * asymmetric cipher use.
536
         */
537
        if (pad_mode == RSA_PKCS1_PSS_PADDING)
538
            return 0;
539
        if (pad_mode == RSA_PKCS1_OAEP_PADDING && prsactx->oaep_md == NULL) {
540
            prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, "SHA1", mdprops);
541
            if (prsactx->oaep_md == NULL)
542
                return 0;
543
        }
544
        prsactx->pad_mode = pad_mode;
545
    }
546

547
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST);
548
    if (p != NULL) {
549
        str = mdname;
550
        if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdname)))
551
            return 0;
552

553
        p = OSSL_PARAM_locate_const(params,
554
                                    OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS);
555
        if (p != NULL) {
556
            str = mdprops;
557
            if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops)))
558
                return 0;
559
        } else {
560
            str = NULL;
561
        }
562

563
        EVP_MD_free(prsactx->mgf1_md);
564
        prsactx->mgf1_md = EVP_MD_fetch(prsactx->libctx, mdname, str);
565

566
        if (prsactx->mgf1_md == NULL)
567
            return 0;
568
    }
569

570
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL);
571
    if (p != NULL) {
572
        void *tmp_label = NULL;
573
        size_t tmp_labellen;
574

575
        if (!OSSL_PARAM_get_octet_string(p, &tmp_label, 0, &tmp_labellen))
576
            return 0;
577
        OPENSSL_free(prsactx->oaep_label);
578
        prsactx->oaep_label = (unsigned char *)tmp_label;
579
        prsactx->oaep_labellen = tmp_labellen;
580
    }
581

582
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION);
583
    if (p != NULL) {
584
        unsigned int client_version;
585

586
        if (!OSSL_PARAM_get_uint(p, &client_version))
587
            return 0;
588
        prsactx->client_version = client_version;
589
    }
590

591
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION);
592
    if (p != NULL) {
593
        unsigned int alt_version;
594

595
        if (!OSSL_PARAM_get_uint(p, &alt_version))
596
            return 0;
597
        prsactx->alt_version = alt_version;
598
    }
599
    p = OSSL_PARAM_locate_const(params, OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION);
600
    if (p != NULL) {
601
        unsigned int implicit_rejection;
602

603
        if (!OSSL_PARAM_get_uint(p, &implicit_rejection))
604
            return 0;
605
        prsactx->implicit_rejection = implicit_rejection;
606
    }
607
    return 1;
608
}
609

610
static const OSSL_PARAM known_settable_ctx_params[] = {
611
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST, NULL, 0),
612
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_OAEP_DIGEST_PROPS, NULL, 0),
613
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, NULL, 0),
614
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST, NULL, 0),
615
    OSSL_PARAM_utf8_string(OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS, NULL, 0),
616
    OSSL_PARAM_octet_string(OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL, NULL, 0),
617
    OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION, NULL),
618
    OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, NULL),
619
    OSSL_PARAM_uint(OSSL_ASYM_CIPHER_PARAM_IMPLICIT_REJECTION, NULL),
620
    OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_ASYM_CIPHER_PARAM_FIPS_KEY_CHECK)
621
    OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_ASYM_CIPHER_PARAM_FIPS_RSA_PKCS15_PAD_DISABLED)
622
    OSSL_PARAM_END
623
};
624

625
static const OSSL_PARAM *rsa_settable_ctx_params(ossl_unused void *vprsactx,
626
                                                 ossl_unused void *provctx)
627
{
628
    return known_settable_ctx_params;
629
}
630

631
const OSSL_DISPATCH ossl_rsa_asym_cipher_functions[] = {
632
    { OSSL_FUNC_ASYM_CIPHER_NEWCTX, (void (*)(void))rsa_newctx },
633
    { OSSL_FUNC_ASYM_CIPHER_ENCRYPT_INIT, (void (*)(void))rsa_encrypt_init },
634
    { OSSL_FUNC_ASYM_CIPHER_ENCRYPT, (void (*)(void))rsa_encrypt },
635
    { OSSL_FUNC_ASYM_CIPHER_DECRYPT_INIT, (void (*)(void))rsa_decrypt_init },
636
    { OSSL_FUNC_ASYM_CIPHER_DECRYPT, (void (*)(void))rsa_decrypt },
637
    { OSSL_FUNC_ASYM_CIPHER_FREECTX, (void (*)(void))rsa_freectx },
638
    { OSSL_FUNC_ASYM_CIPHER_DUPCTX, (void (*)(void))rsa_dupctx },
639
    { OSSL_FUNC_ASYM_CIPHER_GET_CTX_PARAMS,
640
      (void (*)(void))rsa_get_ctx_params },
641
    { OSSL_FUNC_ASYM_CIPHER_GETTABLE_CTX_PARAMS,
642
      (void (*)(void))rsa_gettable_ctx_params },
643
    { OSSL_FUNC_ASYM_CIPHER_SET_CTX_PARAMS,
644
      (void (*)(void))rsa_set_ctx_params },
645
    { OSSL_FUNC_ASYM_CIPHER_SETTABLE_CTX_PARAMS,
646
      (void (*)(void))rsa_settable_ctx_params },
647
    OSSL_DISPATCH_END
648
};
649

650
Product

Resources

Company
