kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Quellcode durchsuchen

Remove EVP_PKEY_CTX case in rsa_pss_to_ctx. 

We only ever use the EVP_PKEY case, not the EVP_PKEY_CTX one.

Change-Id: Ibead854f793663da0a9e474599507d9c3ff920cb
Reviewed-on: https://boringssl-review.googlesource.com/1915
Reviewed-by: Adam Langley <agl@google.com>
kris/onging/CECPQ3_patch15
David Benjamin vor 10 Jahren
committed by Adam Langley
Ursprung
f4b4952719
Commit
75a1dd0dbe
1 geänderte Dateien mit 6 neuen und 22 gelöschten Zeilen
Geteilte Ansicht
Diff-Optionen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen
  1. +6
    -22
      crypto/evp/p_rsa_asn1.c

+ 6
- 22
crypto/evp/p_rsa_asn1.c Datei anzeigen

@@ -583,16 +583,14 @@ err:
return NULL;
}

/* From PSS AlgorithmIdentifier set public key parameters. If pkey
* isn't NULL then the EVP_MD_CTX is setup and initalised. If it
* is NULL parameters are passed to pkctx instead. */
static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
X509_ALGOR *sigalg, EVP_PKEY *pkey) {
/* From PSS AlgorithmIdentifier set public key parameters. */
static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) {
int ret = 0;
int saltlen;
const EVP_MD *mgf1md = NULL, *md = NULL;
RSA_PSS_PARAMS *pss;
X509_ALGOR *maskHash;
EVP_PKEY_CTX *pkctx;

/* Sanity check: make sure it is PSS */
if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
@@ -634,22 +632,8 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
goto err;
}

if (pkey) {
if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey)) {
goto err;
}
} else {
const EVP_MD *checkmd;
if (EVP_PKEY_CTX_get_signature_md(pkctx, &checkmd) <= 0) {
goto err;
}
if (EVP_MD_type(md) != EVP_MD_type(checkmd)) {
OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_DIGEST_DOES_NOT_MATCH);
goto err;
}
}

if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0 ||
if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey) ||
EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0 ||
EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0 ||
EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) {
goto err;
@@ -676,7 +660,7 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
OPENSSL_PUT_ERROR(EVP, rsa_item_verify, EVP_R_UNSUPPORTED_SIGNATURE_TYPE);
return -1;
}
if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey)) {
if (rsa_pss_to_ctx(ctx, sigalg, pkey)) {
/* Carry on */
return 2;
}


Verfassen Vorschau
Laden…
Abbrechen
Speichern