root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value 

When an integer value was specified, it was not being passed back via
the orig_p2 weirdness.

Regression test included.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17136)
This commit is contained in:
Tom Cosgrove 2021-11-25 15:49:26 +00:00 committed by Pauli
parent 23750f677e
commit 6f87463b62
2 changed files with 34 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
crypto/evp/ctrl_params_translate.c
View File

@ -1392,21 +1392,23 @@ static int fix_rsa_pss_saltlen(enum state state,
if ((ctx->action_type == SET && state == PRE_PARAMS_TO_CTRL)
|| (ctx->action_type == GET && state == POST_CTRL_TO_PARAMS)) {
size_t i;
int val;
for (i = 0; i < OSSL_NELEM(str_value_map); i++) {
if (strcmp(ctx->p2, str_value_map[i].ptr) == 0)
break;
}
if (i == OSSL_NELEM(str_value_map)) {
ctx->p1 = atoi(ctx->p2);
} else if (state == POST_CTRL_TO_PARAMS) {
val = i == OSSL_NELEM(str_value_map) ? atoi(ctx->p2)
: (int)str_value_map[i].id;
if (state == POST_CTRL_TO_PARAMS) {
/*
* EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN weirdness explained further
* up
*/
*(int *)ctx->orig_p2 = str_value_map[i].id;
*(int *)ctx->orig_p2 = val;
} else {
ctx->p1 = (int)str_value_map[i].id;
ctx->p1 = val;
}
ctx->p2 = NULL;
}

27
test/evp_extra_test.c
View File

@ -3283,6 +3283,32 @@ static int test_EVP_rsa_pss_with_keygen_bits(void)
return ret;
}
static int test_EVP_rsa_pss_set_saltlen(void)
{
int ret = 0;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pkey_ctx = NULL;
EVP_MD *sha256 = NULL;
EVP_MD_CTX *sha256_ctx = NULL;
int saltlen = 9999; /* buggy EVP_PKEY_CTX_get_rsa_pss_saltlen() didn't update this */
const int test_value = 32;
ret = TEST_ptr(pkey = load_example_rsa_key())
&& TEST_ptr(sha256 = EVP_MD_fetch(testctx, "sha256", NULL))
&& TEST_ptr(sha256_ctx = EVP_MD_CTX_new())
&& TEST_true(EVP_DigestSignInit(sha256_ctx, &pkey_ctx, sha256, NULL, pkey))
&& TEST_true(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING))
&& TEST_true(EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, test_value))
&& TEST_true(EVP_PKEY_CTX_get_rsa_pss_saltlen(pkey_ctx, &saltlen))
&& TEST_int_eq(saltlen, test_value);
EVP_MD_CTX_free(sha256_ctx);
EVP_PKEY_free(pkey);
EVP_MD_free(sha256);
return ret;
}
static int success = 1;
static void md_names(const char *name, void *vctx)
{
@ -4368,6 +4394,7 @@ int setup_tests(void)
ADD_ALL_TESTS(test_evp_iv_des, 6);
#endif
ADD_TEST(test_EVP_rsa_pss_with_keygen_bits);
ADD_TEST(test_EVP_rsa_pss_set_saltlen);
#ifndef OPENSSL_NO_EC
ADD_ALL_TESTS(test_ecpub, OSSL_NELEM(ecpub_nids));
#endif