root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

rsa: expose pairwise consistency test API 

This is only used by the FIPS provider as part of importing keys.  At least
at the moment.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28122)
This commit is contained in:
Pauli 2025-01-29 11:44:02 +11:00 committed by Tomas Mraz
parent eac588ac36
commit dc5cd6f70a
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
crypto/rsa/rsa_gen.c
View File

@ -734,3 +734,18 @@ err:
return ret;
}
#ifdef FIPS_MODULE
int ossl_rsa_key_pairwise_test(RSA *rsa)
{
OSSL_CALLBACK *stcb;
void *stcbarg;
int res;
OSSL_SELF_TEST_get_callback(rsa->libctx, &stcb, &stcbarg);
res = rsa_keygen_pairwise_test(rsa, stcb, stcbarg);
if (res <= 0)
ossl_set_error_state(OSSL_SELF_TEST_TYPE_PCT);
return res;
}
#endif /* FIPS_MODULE */

4
include/crypto/rsa.h
View File

@ -124,6 +124,10 @@ ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
# ifdef FIPS_MODULE
int ossl_rsa_key_pairwise_test(RSA *rsa);
# endif /* FIPS_MODULE */
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);