Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1753413443, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"efd4c83077f13557c84fdacfeeda20a4", "commit": {"type":"commit", "time": 1484751889, "time_ofs": 0, "oid_tree": { "oid": "036babddbe82995d4f6c2b901a3a97bf7b91ae49", "alias": []}, "oid":{ "oid": "79ebfc46817bc5da1082bcdc5bd50905c83fa712", "alias": []}, "msg": "Add support for -1, -2 salt lengths for PSS only keys.", "sig_commit": { "git_time": { "time": 1484751889, "offset": 0 }, "name": "Dr. Stephen Henson", "email": "steve@openssl.org", "md5": "fb4026c8240f7577a612418c24e54343" }, "sig_author": { "git_time": { "time": 1484585572, "offset": 0 }, "name": "Dr. Stephen Henson", "email": "steve@openssl.org", "md5": "fb4026c8240f7577a612418c24e54343" }}, "body": "Add support for -1, -2 salt lengths for PSS only keys.\n\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\n(Merged from https://github.com/openssl/openssl/pull/2236)" , "diff": "diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c\nindex 45fd4ca..112e5a4 100644\n--- a/crypto/rsa/rsa_err.c\n+++ b/crypto/rsa/rsa_err.c\n@@ -23,6 +23,7 @@ static ERR_STRING_DATA RSA_str_functs[] \u003d {\n {ERR_FUNC(RSA_F_ENCODE_PKCS1), \u0022encode_pkcs1\u0022},\n {ERR_FUNC(RSA_F_INT_RSA_VERIFY), \u0022int_rsa_verify\u0022},\n {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), \u0022old_rsa_priv_decode\u0022},\n+ {ERR_FUNC(RSA_F_PKEY_PSS_INIT), \u0022pkey_pss_init\u0022},\n {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), \u0022pkey_rsa_ctrl\u0022},\n {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), \u0022pkey_rsa_ctrl_str\u0022},\n {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), \u0022pkey_rsa_sign\u0022},\ndiff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c\nindex d55fb21..c31b9a3 100644\n--- a/crypto/rsa/rsa_pmeth.c\n+++ b/crypto/rsa/rsa_pmeth.c\n@@ -432,9 +432,16 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)\n } else {\n if (p1 \u003c -2)\n return -2;\n- if (rsa_pss_restricted(rctx) \u0026\u0026 p1 \u003c rctx-\u003emin_saltlen) {\n- RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_PSS_SALTLEN_TOO_SMALL);\n- return 0;\n+ if (rsa_pss_restricted(rctx)) {\n+ if (p1 \u003d\u003d -2 \u0026\u0026 ctx-\u003eoperation \u003d\u003d EVP_PKEY_OP_VERIFY) {\n+ RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);\n+ return -2;\n+ }\n+ if ((p1 \u003d\u003d -1 \u0026\u0026 rctx-\u003emin_saltlen \u003e EVP_MD_size(rctx-\u003emd))\n+ || (p1 \u003e\u003d 0 \u0026\u0026 p1 \u003c rctx-\u003emin_saltlen)) {\n+ RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_PSS_SALTLEN_TOO_SMALL);\n+ return 0;\n+ }\n }\n rctx-\u003esaltlen \u003d p1;\n }\n@@ -752,7 +759,7 @@ static int pkey_pss_init(EVP_PKEY_CTX *ctx)\n RSA_PKEY_CTX *rctx \u003d ctx-\u003edata;\n const EVP_MD *md;\n const EVP_MD *mgf1md;\n- int min_saltlen;\n+ int min_saltlen, max_saltlen;\n \n /* Should never happen */\n if (!pkey_ctx_is_pss(ctx))\n@@ -765,6 +772,15 @@ static int pkey_pss_init(EVP_PKEY_CTX *ctx)\n if (!rsa_pss_get_param(rsa-\u003epss, \u0026md, \u0026mgf1md, \u0026min_saltlen))\n return 0;\n \n+ /* See if minumum salt length exceeds maximum possible */\n+ max_saltlen \u003d RSA_size(rsa) - EVP_MD_size(md);\n+ if ((RSA_bits(rsa) \u0026 0x7) \u003d\u003d 1)\n+ max_saltlen--;\n+ if (min_saltlen \u003e max_saltlen) {\n+ RSAerr(RSA_F_PKEY_PSS_INIT, RSA_R_INVALID_SALT_LENGTH);\n+ return 0;\n+ }\n+\n rctx-\u003emin_saltlen \u003d min_saltlen;\n \n /*\ndiff --git a/doc/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod b/doc/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod\nindex eb7dfd8..853d4b8 100644\n--- a/doc/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod\n+++ b/doc/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod\n@@ -42,9 +42,10 @@ returned if an attempt is made to set the padding mode to anything other\n than B\u003cPSS\u003e. It is otherwise similar to the B\u003cRSA\u003e version.\n \n The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro is used to set the salt length.\n-If the key has usage restrictionsthen an error is returned if an attempt is\n+If the key has usage restrictions then an error is returned if an attempt is\n made to set the salt length below the minimum value. It is otherwise similar\n-to the B\u003cRSA\u003e operation except special negative values are not supported.\n+to the B\u003cRSA\u003e operation except detection of the salt length (using -2) is\n+not supported for verification if the key has usage restrictions.\n \n The EVP_PKEY_CTX_set_signature_md() and EVP_PKEY_CTX_set_rsa_mgf1_md() macros\n are used to set the digest and MGF1 algorithms respectively. If the key has\ndiff --git a/include/openssl/rsa.h b/include/openssl/rsa.h\nindex 95639cb..b9179b3 100644\n--- a/include/openssl/rsa.h\n+++ b/include/openssl/rsa.h\n@@ -476,6 +476,7 @@ int ERR_load_RSA_strings(void);\n # define RSA_F_ENCODE_PKCS1 146\n # define RSA_F_INT_RSA_VERIFY 145\n # define RSA_F_OLD_RSA_PRIV_DECODE 147\n+# define RSA_F_PKEY_PSS_INIT 165\n # define RSA_F_PKEY_RSA_CTRL 143\n # define RSA_F_PKEY_RSA_CTRL_STR 144\n # define RSA_F_PKEY_RSA_SIGN 142\n","s":{"c":1753413443,"u": 26065}} ],"g": 27812,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}