From 29db322e8f2b0568322b80e3be28446463d74010 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 10 Apr 2006 11:48:35 +0000
Subject: [PATCH] Beginnings of PSS support.

---
 crypto/evp/evp.h       | 14 ++++++++------
 crypto/rsa/rsa.h       |  2 ++
 crypto/rsa/rsa_pmeth.c | 17 ++++++++++++++---
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 52f41c2502..7d089fe931 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -915,19 +915,21 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
 #define EVP_PKEY_OP_DECRYPT		(1<<9)
 #define EVP_PKEY_OP_DERIVE		(1<<10)
 
-#define EVP_PKEY_OP_TYPE_SIGNATURE	\
+#define EVP_PKEY_OP_TYPE_SIG	\
 	(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
 		| EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
 
-#define EVP_PKEY_OP_TYPE_CRYPTO \
-	(EVP_PKEY_OP_SIGNATURE | EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT \
-		| EVP_PKEY_OP_DERIVE)
+#define EVP_PKEY_OP_TYPE_CRYPT \
+	(EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
 
-#define EVP_PKEY_OP_TYPE_GENERATE \
+#define EVP_PKEY_OP_TYPE_NOGEN \
+	(EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
+
+#define EVP_PKEY_OP_TYPE_GEN \
 		(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
 
 #define	 EVP_PKEY_CTX_set_signature_md(ctx, md)	\
-		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIGNATURE,  \
+		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
 					EVP_PKEY_CTRL_MD, 0, (void *)md)
 
 #define EVP_PKEY_CTRL_MD		1
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 02fdcd732e..6df1e67fb6 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -204,6 +204,8 @@ struct rsa_st
 #define RSA_NO_PADDING		3
 #define RSA_PKCS1_OAEP_PADDING	4
 #define RSA_X931_PADDING	5
+/* EVP_PKEY_ only */
+#define RSA_PKCS1_PSS_PADDING	6
 
 #define RSA_PKCS1_PADDING_SIZE	11
 
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 696eef9332..989a7d794d 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -79,6 +79,8 @@ typedef struct
 	int pad_mode;
 	/* message digest */
 	const EVP_MD *md;
+	/* PSS seedlength */
+	int pss_seedlen;
 	/* Temp buffer */
 	unsigned char *tbuf;
 	} RSA_PKEY_CTX;
@@ -95,6 +97,8 @@ static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
 	rctx->md = NULL;
 	rctx->tbuf = NULL;
 
+	rctx->pss_seedlen = 0;
+
 	ctx->data = rctx;
 	
 	return 1;
@@ -321,13 +325,18 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 	switch (type)
 		{
 		case EVP_PKEY_CTRL_RSA_PADDING:
-		/* TODO: add PSS support */
-		if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_X931_PADDING))
+		if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING))
 			{
-			if (ctx->operation == EVP_PKEY_OP_KEYGEN)
+			if (ctx->operation & EVP_PKEY_OP_TYPE_GEN)
 				return -2;
 			if (!check_padding_md(rctx->md, p1))
 				return 0;
+			if ((p1 == RSA_PKCS1_PSS_PADDING) 
+				&& !(ctx->operation & EVP_PKEY_OP_TYPE_SIG))
+				return -2;
+			if ((p1 == RSA_PKCS1_OAEP_PADDING) 
+				&& !(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
+				return -2;
 			rctx->pad_mode = p1;
 			return 1;
 			}
@@ -363,6 +372,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
 			pm = RSA_PKCS1_OAEP_PADDING;
 		else if (!strcmp(value, "x931"))
 			pm = RSA_X931_PADDING;
+		else if (!strcmp(value, "pss"))
+			pm = RSA_PKCS1_PSS_PADDING;
 		else
 			return -2;
 		return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);
-- 
2.25.1