Move FIPS RSA function definitions to fips.h

New function to lookup digests by NID in module.

Minor optimisation: if supplied hash is NULL to FIPS RSA functions and
we are using PKCS padding get digest NID from otherwise unused saltlen
parameter instead.

diff --git a/fips/fips.h b/fips/fips.h
index 816eb0d677aabc0a57375b069ffba178e7fb29bc..2fa56dbf02e29e78a6edc7d00546edacb52bc2f4 100644 (file)
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -64,6 +64,7 @@ struct ec_key_st;
 struct rsa_st;
 struct evp_pkey_st;
 struct env_md_st;
+struct env_md_ctx_st;
 struct evp_cipher_st;
 struct evp_cipher_ctx_st;
 
@@ -172,6 +173,31 @@ int fips_cipher_test(int id, struct evp_cipher_ctx_st *ctx,
                        const unsigned char *ciphertext,
                        int len);
 
+const struct env_md_st *FIPS_get_digestbynid(int nid);
+
+struct rsa_st *FIPS_rsa_new(void);
+void FIPS_rsa_free(struct rsa_st *r);
+int FIPS_rsa_sign_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+                       int rsa_pad_mode, int saltlen,
+                       const struct env_md_st *mgf1Hash,
+                       unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_sign_digest(struct rsa_st *rsa,
+                       const unsigned char *md, int md_len,
+                       const struct env_md_st *mhash,
+                       int rsa_pad_mode, int saltlen,
+                       const struct env_md_st *mgf1Hash,
+                       unsigned char *sigret, unsigned int *siglen);
+int FIPS_rsa_verify_ctx(struct rsa_st *rsa, struct env_md_ctx_st *ctx,
+                       int rsa_pad_mode, int saltlen,
+                       const struct env_md_st *mgf1Hash,
+                       unsigned char *sigbuf, unsigned int siglen);
+int FIPS_rsa_verify_digest(struct rsa_st *rsa,
+                       const unsigned char *dig, int diglen,
+                       const struct env_md_st *mhash,
+                       int rsa_pad_mode, int saltlen,
+                       const struct env_md_st *mgf1Hash,
+                       unsigned char *sigbuf, unsigned int siglen);
+
 #ifndef OPENSSL_FIPSCANISTER
 
 int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type);
@@ -235,6 +261,8 @@ const EVP_MD *FIPS_evp_dss1(void);
 const EVP_MD *FIPS_evp_dss(void);
 const EVP_MD *FIPS_evp_ecdsa(void);
 
+const RSA_METHOD *FIPS_rsa_pkcs1_ssleay(void);
+
 #endif
 
 /* Where necessary redirect standard OpenSSL APIs to FIPS versions */

diff --git a/fips/rand/fips_drbg_hash.c b/fips/rand/fips_drbg_hash.c
index a94170f135b5d34c6517c33d091e1f77228ca89f..544cda1fff726a7d1729c3661d20a0f0a2166e91 100644 (file)
--- a/fips/rand/fips_drbg_hash.c
+++ b/fips/rand/fips_drbg_hash.c
@@ -327,6 +327,9 @@ int fips_drbg_hash_init(DRBG_CTX *dctx)
        {
        const EVP_MD *md;
        DRBG_HASH_CTX *hctx = &dctx->d.hash;
+       md = FIPS_get_digestbynid(dctx->type);
+       if (!md)
+               return -2;
        switch (dctx->type)
                {
                case NID_sha1:
@@ -339,25 +342,9 @@ int fips_drbg_hash_init(DRBG_CTX *dctx)
                dctx->strength = 192;
                break;
 
-               case NID_sha256:
-               md = EVP_sha256();
-               dctx->strength = 256;
-               break;
-
-               case NID_sha384:
-               md = EVP_sha384();
-               dctx->strength = 256;
-               break;
-
-               case NID_sha512:
-               md = EVP_sha512();
-               dctx->strength = 256;
-               break;
-
                default:
-               return -2;
+               dctx->strength = 256;
                break;
-
                }
 
        dctx->instantiate = drbg_hash_instantiate;

diff --git a/fips/rsa/fips_rsa_sign.c b/fips/rsa/fips_rsa_sign.c
index c68c00787d0ffb1275062f7ab7a61856ac03d662..a4c62bf1ce5c206da616bfc545ed354491fe6afd 100644 (file)
--- a/fips/rsa/fips_rsa_sign.c
+++ b/fips/rsa/fips_rsa_sign.c
@@ -224,8 +224,10 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
                FIPSerr(FIPS_F_FIPS_RSA_SIGN_DIGEST, FIPS_R_SELFTEST_FAILED);
                return 0;
                }
-
-       md_type = M_EVP_MD_type(mhash);
+       if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+               md_type = saltlen;
+       else
+               md_type = M_EVP_MD_type(mhash);
 
        if (rsa_pad_mode == RSA_X931_PADDING)
                {
@@ -338,7 +340,10 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
                return(0);
                }
 
-       md_type = M_EVP_MD_type(mhash);
+       if (!mhash && rsa_pad_mode == RSA_PKCS1_PADDING)
+               md_type = saltlen;
+       else
+               md_type = M_EVP_MD_type(mhash);
 
        s= OPENSSL_malloc((unsigned int)siglen);
        if (s == NULL)

diff --git a/fips/utl/fips_md.c b/fips/utl/fips_md.c
index d3db1c71880a23fd7b8d408bbf0d3e1b66e7cf83..5e9fe4e4ee2d7afde8be988f99e3439faaacaf97 100644 (file)
--- a/fips/utl/fips_md.c
+++ b/fips/utl/fips_md.c
@@ -321,3 +321,27 @@ int FIPS_md_ctx_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
        
        return 1;
        }
+
+const EVP_MD *FIPS_get_digestbynid(int nid)
+       {
+       switch (nid)
+               {
+               case NID_sha1:
+               return EVP_sha1();
+
+               case NID_sha224:
+               return EVP_sha224();
+
+               case NID_sha256:
+               return EVP_sha256();
+
+               case NID_sha384:
+               return EVP_sha384();
+
+               case NID_sha512:
+               return EVP_sha512();
+
+               default:
+               return NULL;
+               }
+       }