mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

PROV: Refactor the RSA DER support

Browse Source 
We separate out the NIST arc OIDs to a separate file, so it can be
re-used, and also the DIGEST OIDs.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
This commit is contained in:
Richard Levitte 2020-05-02 13:25:52 +02:00
parent 2275ff656c
commit 36a2a551d7
8 changed files with 445 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
providers/common/der/DIGESTS.asn1 Normal file
View File

@ -0,0 +1,19 @@
-- -------------------------------------------------------------------
-- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
id-sha256 OBJECT IDENTIFIER ::= { hashAlgs 1 }
id-sha384 OBJECT IDENTIFIER ::= { hashAlgs 2 }
id-sha512 OBJECT IDENTIFIER ::= { hashAlgs 3 }
id-sha224 OBJECT IDENTIFIER ::= { hashAlgs 4 }
id-sha512-224 OBJECT IDENTIFIER ::= { hashAlgs 5 }
id-sha512-256 OBJECT IDENTIFIER ::= { hashAlgs 6 }
id-sha3-224 OBJECT IDENTIFIER ::= { hashAlgs 7 }
id-sha3-256 OBJECT IDENTIFIER ::= { hashAlgs 8 }
id-sha3-384 OBJECT IDENTIFIER ::= { hashAlgs 9 }
id-sha3-512 OBJECT IDENTIFIER ::= { hashAlgs 10 }
id-shake128 OBJECT IDENTIFIER ::= { hashAlgs 11 }
id-shake256 OBJECT IDENTIFIER ::= { hashAlgs 12 }
id-shake128-len OBJECT IDENTIFIER ::= { hashAlgs 17 }
id-shake256-len OBJECT IDENTIFIER ::= { hashAlgs 18 }
id-KMACWithSHAKE128 OBJECT IDENTIFIER ::={hashAlgs 19}
id-KMACWithSHAKE256 OBJECT IDENTIFIER ::={ hashAlgs 20}

8
providers/common/der/NIST.asn1 Normal file
View File

@ -0,0 +1,8 @@
-- -------------------------------------------------------------------
-- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
-- Copies of common OIDs used by other ASN.1 files.
csor OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 }
nistAlgorithms OBJECT IDENTIFIER ::= { csor nistAlgorithm(4) }
hashAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 2 }
sigAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 3 }

2
providers/common/der/RSA.asn1
View File

@ -80,8 +80,6 @@ id-mgf1 OBJECT IDENTIFIER ::= { pkcs-1 8 }
-- -------------------------------------------------------------------
-- Taken from https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
sigAlgs OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 4 3 }
id-rsassa-pkcs1-v1_5-with-sha3-224 OBJECT IDENTIFIER ::= { sigAlgs 13 }
id-rsassa-pkcs1-v1_5-with-sha3-256 OBJECT IDENTIFIER ::= { sigAlgs 14 }
id-rsassa-pkcs1-v1_5-with-sha3-384 OBJECT IDENTIFIER ::= { sigAlgs 15 }

11
providers/common/der/build.info
View File

@ -1,4 +1,4 @@
$FIPSABLE=der_rsa.c der_dsa.c der_ec.c
$FIPSABLE=der_rsa.c der_dsa.c der_ec.c der_digests.c
SOURCE[../../libfips.a]=$FIPSABLE
SOURCE[../../libnonfips.a]=$FIPSABLE
@ -6,7 +6,7 @@ SOURCE[../../libnonfips.a]=$FIPSABLE
GENERATE[der_rsa.c]=der_rsa.c.in
DEPEND[der_rsa.c]=oids_to_c.pm
DEPEND[der_rsa.o]=../include/prov/der_rsa.h
DEPEND[der_rsa.o]=../include/prov/der_rsa.h ../include/prov/der_digests.h
GENERATE[../include/prov/der_rsa.h]=der_rsa.h.in
DEPEND[../include/prov/der_rsa.h]=oids_to_c.pm
@ -23,3 +23,10 @@ DEPEND[der_ec.c]=oids_to_c.pm
DEPEND[der_ec.o]=../include/prov/der_ec.h
GENERATE[../include/prov/der_ec.h]=der_ec.h.in
DEPEND[../include/prov/der_ec.h]=oids_to_c.pm
GENERATE[der_digests.c]=der_digests.c.in
DEPEND[der_digests.c]=oids_to_c.pm
DEPEND[der_digests.o]=../include/prov/der_digests.h
GENERATE[../include/prov/der_digests.h]=der_digests.h.in
DEPEND[../include/prov/der_digests.h]=oids_to_c.pm

18
providers/common/der/der_digests.c.in Normal file
View File

@ -0,0 +1,18 @@
/*
* Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "prov/der_digests.h"
/* Well known OIDs precompiled */
{-
$OUT = oids_to_c::process_leaves('providers/common/der/NIST.asn1',
'providers/common/der/DIGESTS.asn1',
{ dir => $config{sourcedir},
filter => \&oids_to_c::filter_to_C });
-}

18
providers/common/der/der_digests.h.in Normal file
View File

@ -0,0 +1,18 @@
/*
* Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include "internal/der.h"
/* Well known OIDs precompiled */
{-
$OUT = oids_to_c::process_leaves('providers/common/der/NIST.asn1',
'providers/common/der/DIGESTS.asn1',
{ dir => $config{sourcedir},
filter => \&oids_to_c::filter_to_H });
-}

391
providers/common/der/der_rsa.c.in
View File

@ -9,25 +9,368 @@
#include <openssl/bn.h>
#include <openssl/obj_mac.h>
#include "internal/cryptlib.h"
#include "prov/der_rsa.h"
#include "prov/der_digests.h"
/* Well known OIDs precompiled */
{-
$OUT = oids_to_c::process_leaves('providers/common/der/RSA.asn1',
$OUT = oids_to_c::process_leaves('providers/common/der/NIST.asn1',
'providers/common/der/DIGESTS.asn1',
'providers/common/der/RSA.asn1',
{ dir => $config{sourcedir},
filter => \&oids_to_c::filter_to_C });
-}
int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa)
/* More complex pre-compiled sequences. TODO(3.0) refactor? */
/*-
* From https://tools.ietf.org/html/rfc8017#appendix-A.2.1
*
* OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
* { OID id-sha1 PARAMETERS NULL }|
* { OID id-sha224 PARAMETERS NULL }|
* { OID id-sha256 PARAMETERS NULL }|
* { OID id-sha384 PARAMETERS NULL }|
* { OID id-sha512 PARAMETERS NULL }|
* { OID id-sha512-224 PARAMETERS NULL }|
* { OID id-sha512-256 PARAMETERS NULL },
* ... -- Allows for future expansion --
* }
*/
#define DER_V_NULL DER_P_NULL, 0
#define DER_SZ_NULL 2
/*
* The names for the hash function AlgorithmIdentifiers are borrowed and
* expanded from https://tools.ietf.org/html/rfc4055#section-2.1
*
* sha1Identifier AlgorithmIdentifier ::= { id-sha1, NULL }
* sha224Identifier AlgorithmIdentifier ::= { id-sha224, NULL }
* sha256Identifier AlgorithmIdentifier ::= { id-sha256, NULL }
* sha384Identifier AlgorithmIdentifier ::= { id-sha384, NULL }
* sha512Identifier AlgorithmIdentifier ::= { id-sha512, NULL }
*/
#if 0 /* Currently unused */
#define DER_AID_V_sha1Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha1 + DER_SZ_NULL, \
DER_OID_V_id_sha1, \
DER_V_NULL
static const unsigned char der_aid_sha1Identifier[] = {
DER_AID_V_sha1Identifier
};
#define DER_AID_SZ_sha1Identifier sizeof(der_aid_sha1Identifier)
#endif
#define DER_AID_V_sha224Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha224 + DER_SZ_NULL, \
DER_OID_V_id_sha224, \
DER_V_NULL
static const unsigned char der_aid_sha224Identifier[] = {
DER_AID_V_sha224Identifier
};
#define DER_AID_SZ_sha224Identifier sizeof(der_aid_sha224Identifier)
#define DER_AID_V_sha256Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha256 + DER_SZ_NULL, \
DER_OID_V_id_sha256, \
DER_V_NULL
static const unsigned char der_aid_sha256Identifier[] = {
DER_AID_V_sha256Identifier
};
#define DER_AID_SZ_sha256Identifier sizeof(der_aid_sha256Identifier)
#define DER_AID_V_sha384Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha384 + DER_SZ_NULL, \
DER_OID_V_id_sha384, \
DER_V_NULL
static const unsigned char der_aid_sha384Identifier[] = {
DER_AID_V_sha384Identifier
};
#define DER_AID_SZ_sha384Identifier sizeof(der_aid_sha384Identifier)
#define DER_AID_V_sha512Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha512 + DER_SZ_NULL, \
DER_OID_V_id_sha512, \
DER_V_NULL
static const unsigned char der_aid_sha512Identifier[] = {
DER_AID_V_sha512Identifier
};
#define DER_AID_SZ_sha512Identifier sizeof(der_aid_sha512Identifier)
#define DER_AID_V_sha512_224Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha512_224 + DER_SZ_NULL, \
DER_OID_V_id_sha512_224, \
DER_V_NULL
static const unsigned char der_aid_sha512_224Identifier[] = {
DER_AID_V_sha512_224Identifier
};
#define DER_AID_SZ_sha512_224Identifier sizeof(der_aid_sha512_224Identifier)
#define DER_AID_V_sha512_256Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_sha512_256 + DER_SZ_NULL, \
DER_OID_V_id_sha512_256, \
DER_V_NULL
static const unsigned char der_aid_sha512_256Identifier[] = {
DER_AID_V_sha512_256Identifier
};
#define DER_AID_SZ_sha512_256Identifier sizeof(der_aid_sha512_256Identifier)
/*-
* From https://tools.ietf.org/html/rfc8017#appendix-A.2.1
*
* HashAlgorithm ::= AlgorithmIdentifier {
* {OAEP-PSSDigestAlgorithms}
* }
*
* ...
*
* PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= {
* { OID id-mgf1 PARAMETERS HashAlgorithm },
* ... -- Allows for future expansion --
* }
*/
/*
* The names for the MGF1 AlgorithmIdentifiers are borrowed and expanded
* from https://tools.ietf.org/html/rfc4055#section-2.1
*
* mgf1SHA1Identifier AlgorithmIdentifier ::=
* { id-mgf1, sha1Identifier }
* mgf1SHA224Identifier AlgorithmIdentifier ::=
* { id-mgf1, sha224Identifier }
* mgf1SHA256Identifier AlgorithmIdentifier ::=
* { id-mgf1, sha256Identifier }
* mgf1SHA384Identifier AlgorithmIdentifier ::=
* { id-mgf1, sha384Identifier }
* mgf1SHA512Identifier AlgorithmIdentifier ::=
* { id-mgf1, sha512Identifier }
*/
#if 0 /* Currently unused */
#define DER_AID_V_mgf1SHA1Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha1Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha1Identifier
static const unsigned char der_aid_mgf1SHA1Identifier[] = {
DER_AID_V_mgf1SHA1Identifier
};
#define DER_AID_SZ_mgf1SHA1Identifier sizeof(der_aid_mgf1SHA1Identifier)
#endif
#define DER_AID_V_mgf1SHA224Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha224Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha224Identifier
static const unsigned char der_aid_mgf1SHA224Identifier[] = {
DER_AID_V_mgf1SHA224Identifier
};
#define DER_AID_SZ_mgf1SHA224Identifier sizeof(der_aid_mgf1SHA224Identifier)
#define DER_AID_V_mgf1SHA256Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha256Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha256Identifier
static const unsigned char der_aid_mgf1SHA256Identifier[] = {
DER_AID_V_mgf1SHA256Identifier
};
#define DER_AID_SZ_mgf1SHA256Identifier sizeof(der_aid_mgf1SHA256Identifier)
#define DER_AID_V_mgf1SHA384Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha384Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha384Identifier
static const unsigned char der_aid_mgf1SHA384Identifier[] = {
DER_AID_V_mgf1SHA384Identifier
};
#define DER_AID_SZ_mgf1SHA384Identifier sizeof(der_aid_mgf1SHA384Identifier)
#define DER_AID_V_mgf1SHA512Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha512Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha512Identifier
static const unsigned char der_aid_mgf1SHA512Identifier[] = {
DER_AID_V_mgf1SHA512Identifier
};
#define DER_AID_SZ_mgf1SHA512Identifier sizeof(der_aid_mgf1SHA512Identifier)
#define DER_AID_V_mgf1SHA512_224Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha512_224Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha512_224Identifier
static const unsigned char der_aid_mgf1SHA512_224Identifier[] = {
DER_AID_V_mgf1SHA512_224Identifier
};
#define DER_AID_SZ_mgf1SHA512_224Identifier sizeof(der_aid_mgf1SHA512_224Identifier)
#define DER_AID_V_mgf1SHA512_256Identifier \
DER_P_SEQUENCE|DER_F_CONSTRUCTED, \
DER_OID_SZ_id_mgf1 + DER_AID_SZ_sha512_256Identifier, \
DER_OID_V_id_mgf1, \
DER_AID_V_sha512_256Identifier
static const unsigned char der_aid_mgf1SHA512_256Identifier[] = {
DER_AID_V_mgf1SHA512_256Identifier
};
#define DER_AID_SZ_mgf1SHA512_256Identifier sizeof(der_aid_mgf1SHA512_256Identifier)
#define MGF1_SHA_CASE(bits, var) \
case NID_sha##bits: \
var = der_aid_mgf1SHA##bits##Identifier; \
var##_sz = sizeof(der_aid_mgf1SHA##bits##Identifier); \
break;
/*-
* The name is borrowed from https://tools.ietf.org/html/rfc8017#appendix-A.2.1
*
* MaskGenAlgorithm ::= AlgorithmIdentifier { {PKCS1MGFAlgorithms} }
*/
static int DER_w_MaskGenAlgorithm(WPACKET *pkt, int tag,
const RSA_PSS_PARAMS_30 *pss)
{
if (pss != NULL && rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) {
int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss);
const unsigned char *maskgenalg = NULL;
size_t maskgenalg_sz = 0;
switch (maskgenhashalg_nid) {
case NID_sha1:
break;
MGF1_SHA_CASE(224, maskgenalg);
MGF1_SHA_CASE(256, maskgenalg);
MGF1_SHA_CASE(384, maskgenalg);
MGF1_SHA_CASE(512, maskgenalg);
MGF1_SHA_CASE(512_224, maskgenalg);
MGF1_SHA_CASE(512_256, maskgenalg);
default:
return 0;
}
/* If there is none (or it was the default), we write nothing */
if (maskgenalg == NULL)
return 1;
return DER_w_precompiled(pkt, tag, maskgenalg, maskgenalg_sz);
}
return 0;
}
#define OAEP_PSS_MD_CASE(name, var) \
case NID_##name: \
var = der_oid_id_##name; \
var##_sz = sizeof(der_oid_id_##name); \
break;
int DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, const RSA_PSS_PARAMS_30 *pss)
{
int hashalg_nid, default_hashalg_nid;
int saltlen, default_saltlen;
int trailerfield, default_trailerfield;
const unsigned char *hashalg = NULL;
size_t hashalg_sz = 0;
/*
* For an unrestricted key, this function should not have been called;
* the caller must be in control, because unrestricted keys are permitted
* in some situations (when encoding the public key in a SubjectKeyInfo,
* for example) while not in others, and this function doesn't know the
* intent. Therefore, we assert that here, the PSS parameters must show
* that the key is restricted.
*/
if (!ossl_assert(pss != NULL && !rsa_pss_params_30_is_unrestricted(pss)))
return 0;
hashalg_nid = rsa_pss_params_30_hashalg(pss);
saltlen = rsa_pss_params_30_saltlen(pss);
trailerfield = rsa_pss_params_30_trailerfield(pss);
/* Getting default values */
default_hashalg_nid = rsa_pss_params_30_hashalg(NULL);
default_saltlen = rsa_pss_params_30_saltlen(NULL);
default_trailerfield = rsa_pss_params_30_trailerfield(NULL);
/*
* From https://tools.ietf.org/html/rfc8017#appendix-A.2.1:
*
* OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
* { OID id-sha1 PARAMETERS NULL }|
* { OID id-sha224 PARAMETERS NULL }|
* { OID id-sha256 PARAMETERS NULL }|
* { OID id-sha384 PARAMETERS NULL }|
* { OID id-sha512 PARAMETERS NULL }|
* { OID id-sha512-224 PARAMETERS NULL }|
* { OID id-sha512-256 PARAMETERS NULL },
* ... -- Allows for future expansion --
* }
*/
switch (hashalg_nid) {
OAEP_PSS_MD_CASE(sha1, hashalg);
OAEP_PSS_MD_CASE(sha224, hashalg);
OAEP_PSS_MD_CASE(sha256, hashalg);
OAEP_PSS_MD_CASE(sha384, hashalg);
OAEP_PSS_MD_CASE(sha512, hashalg);
OAEP_PSS_MD_CASE(sha512_224, hashalg);
OAEP_PSS_MD_CASE(sha512_256, hashalg);
default:
return 0;
}
return DER_w_begin_sequence(pkt, tag)
/* No parameters (yet?) */
&& DER_w_precompiled(pkt, -1, der_oid_rsaEncryption,
sizeof(der_oid_rsaEncryption))
&& (trailerfield == default_trailerfield
|| DER_w_ulong(pkt, 3, trailerfield))
&& (saltlen == default_saltlen || DER_w_ulong(pkt, 2, saltlen))
&& DER_w_MaskGenAlgorithm(pkt, 1, pss)
&& (hashalg_nid == default_hashalg_nid
|| DER_w_precompiled(pkt, 0, hashalg, hashalg_sz))
&& DER_w_end_sequence(pkt, tag);
}
/* Aliases so we can have a uniform MD_CASE */
/* Aliases so we can have a uniform RSA_CASE */
#define der_oid_rsassaPss der_oid_id_RSASSA_PSS
#define RSA_CASE(name, var) \
var##_nid = NID_##name; \
var##_oid = der_oid_##name; \
var##_oid_sz = sizeof(der_oid_##name); \
break;
int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa)
{
int rsa_nid = NID_undef;
const unsigned char *rsa_oid = NULL;
size_t rsa_oid_sz = 0;
RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa);
switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) {
case RSA_FLAG_TYPE_RSA:
RSA_CASE(rsaEncryption, rsa);
case RSA_FLAG_TYPE_RSASSAPSS:
RSA_CASE(rsassaPss, rsa);
}
if (rsa_oid == NULL)
return 0;
return DER_w_begin_sequence(pkt, tag)
&& (rsa_nid != NID_rsassaPss
|| rsa_pss_params_30_is_unrestricted(pss_params)
|| DER_w_RSASSA_PSS_params(pkt, -1, pss_params))
&& DER_w_precompiled(pkt, -1, rsa_oid, rsa_oid_sz)
&& DER_w_end_sequence(pkt, tag);
}
/* Aliases so we can have a uniform MD_with_RSA_CASE */
#define der_oid_sha3_224WithRSAEncryption \
der_oid_id_rsassa_pkcs1_v1_5_with_sha3_224
#define der_oid_sha3_256WithRSAEncryption \
@ -37,10 +380,10 @@ int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa)
#define der_oid_sha3_512WithRSAEncryption \
der_oid_id_rsassa_pkcs1_v1_5_with_sha3_512
#define MD_CASE(name) \
#define MD_with_RSA_CASE(name, var) \
case NID_##name: \
precompiled = der_oid_##name##WithRSAEncryption; \
precompiled_sz = sizeof(der_oid_##name##WithRSAEncryption); \
var = der_oid_##name##WithRSAEncryption; \
var##_sz = sizeof(der_oid_##name##WithRSAEncryption); \
break;
int DER_w_algorithmIdentifier_RSA_with(WPACKET *pkt, int tag,
@ -51,23 +394,23 @@ int DER_w_algorithmIdentifier_RSA_with(WPACKET *pkt, int tag,
switch (mdnid) {
#ifndef FIPS_MODULE
MD_CASE(md2);
MD_CASE(md5);
MD_CASE(md4);
MD_CASE(ripemd160);
MD_with_RSA_CASE(md2, precompiled);
MD_with_RSA_CASE(md5, precompiled);
MD_with_RSA_CASE(md4, precompiled);
MD_with_RSA_CASE(ripemd160, precompiled);
/* TODO(3.0) Decide what to do about mdc2 and md5_sha1 */
#endif
MD_CASE(sha1);
MD_CASE(sha224);
MD_CASE(sha256);
MD_CASE(sha384);
MD_CASE(sha512);
MD_CASE(sha512_224);
MD_CASE(sha512_256);
MD_CASE(sha3_224);
MD_CASE(sha3_256);
MD_CASE(sha3_384);
MD_CASE(sha3_512);
MD_with_RSA_CASE(sha1, precompiled);
MD_with_RSA_CASE(sha224, precompiled);
MD_with_RSA_CASE(sha256, precompiled);
MD_with_RSA_CASE(sha384, precompiled);
MD_with_RSA_CASE(sha512, precompiled);
MD_with_RSA_CASE(sha512_224, precompiled);
MD_with_RSA_CASE(sha512_256, precompiled);
MD_with_RSA_CASE(sha3_224, precompiled);
MD_with_RSA_CASE(sha3_256, precompiled);
MD_with_RSA_CASE(sha3_384, precompiled);
MD_with_RSA_CASE(sha3_512, precompiled);
default:
return 0;
}

7
providers/common/der/der_rsa.h.in
View File

@ -7,15 +7,20 @@
* https://www.openssl.org/source/license.html
*/
#include "crypto/rsa.h"
#include "internal/der.h"
/* Well known OIDs precompiled */
{-
$OUT = oids_to_c::process_leaves('providers/common/der/RSA.asn1',
$OUT = oids_to_c::process_leaves('providers/common/der/NIST.asn1',
'providers/common/der/DIGESTS.asn1',
'providers/common/der/RSA.asn1',
{ dir => $config{sourcedir},
filter => \&oids_to_c::filter_to_H });
-}
int DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag,
const RSA_PSS_PARAMS_30 *pss);
int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa);
int DER_w_algorithmIdentifier_RSA_with(WPACKET *pkt, int tag,
RSA *rsa, int mdnid);