Change operation values so they can be used as a mask.

Fix rsa_pkey_method.

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index a9a2f6a1c7a968636fcad5f5f0d200a30ec6ea98..52f41c2502f8462d4f3b33159d782d8611996def 100644 (file)
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -904,15 +904,31 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
 
 
 #define EVP_PKEY_OP_UNDEFINED          0
-#define EVP_PKEY_OP_PARAMGEN           1
-#define EVP_PKEY_OP_KEYGEN             2
-#define EVP_PKEY_OP_SIGN               3
-#define EVP_PKEY_OP_VERIFY             4
-#define EVP_PKEY_OP_VERIFYRECOVER      5
-#define EVP_PKEY_OP_SIGNCTX            6
-#define EVP_PKEY_OP_VERIFYCTX          7
-#define EVP_PKEY_OP_ENCRYPT            8
-#define EVP_PKEY_OP_DECRYPT            9
+#define EVP_PKEY_OP_PARAMGEN           (1<<1)
+#define EVP_PKEY_OP_KEYGEN             (1<<2)
+#define EVP_PKEY_OP_SIGN               (1<<3)
+#define EVP_PKEY_OP_VERIFY             (1<<4)
+#define EVP_PKEY_OP_VERIFYRECOVER      (1<<5)
+#define EVP_PKEY_OP_SIGNCTX            (1<<6)
+#define EVP_PKEY_OP_VERIFYCTX          (1<<7)
+#define EVP_PKEY_OP_ENCRYPT            (1<<8)
+#define EVP_PKEY_OP_DECRYPT            (1<<9)
+#define EVP_PKEY_OP_DERIVE             (1<<10)
+
+#define EVP_PKEY_OP_TYPE_SIGNATURE     \
+       (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+               | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+#define EVP_PKEY_OP_TYPE_CRYPTO \
+       (EVP_PKEY_OP_SIGNATURE | EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT \
+               | EVP_PKEY_OP_DERIVE)
+
+#define EVP_PKEY_OP_TYPE_GENERATE \
+               (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+#define         EVP_PKEY_CTX_set_signature_md(ctx, md) \
+               EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIGNATURE,  \
+                                       EVP_PKEY_CTRL_MD, 0, (void *)md)
 
 #define EVP_PKEY_CTRL_MD               1
 

diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index a76e88b805707626094ba4759cb89d54493ce67c..26a55048cabe309d751b11178f1a828ac3d55d40 100644 (file)
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -156,7 +156,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
                return -1;
                }
 
-       if ((optype != -1) && (ctx->operation != optype))
+       if ((optype != -1) && !(ctx->operation & optype))
                {
                EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
                return -1;
@@ -187,8 +187,7 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
                        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_DIGEST);
                        return 0;
                        }
-               return EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_MD,
-                                                               0, (void *)md);
+               return EVP_PKEY_CTX_set_signature_md(ctx, md);
                }
        return ctx->pmeth->ctrl_str(ctx, name, value);
        }

diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 55019652985f616d7c99c2886c3e95f956cf5a18..696eef9332ad49db44d4cba446a98c47458b8ed0 100644 (file)
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -212,6 +212,7 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
                        ret = int_rsa_verify(EVP_MD_type(rctx->md),
                                                NULL, 0, rout, &sltmp,
                                        sig, siglen, ctx->pkey->pkey.rsa);
+                       ret = sltmp;
                        }
                else
                        return -1;