Hello,
Please find file attached: EVP_PKEY_asn1_set_item.patch.
This is a patch to allow setting item_verify and item_sign handlers
in the internal structure evp_pkey_asn1_method_st
(see crypto/asn1/asn1_locl.h).
These handlers are called when a signature is encountered requiring
special handling. For example, item_verify and item_sign are used
in the implementation of RSA-PSS (see crypto/rsa/rsa_ameth.c) to deal with
X509_ALGOR mirror-ASN.1 type.
Currently OpenSSL doesn't provide write access to item_verify and
item_sign fields from external engines and special handling for non-standard
signature algorithms is impossible.
Type of request: enhancement request.
Version of OpenSSL: 1.0.2a.
Operating system: doesn't matter.
Affected files:
crypto/evp/evp.h
crypto/asn1/ameth_lib.c
Patch created using the command:
diff -rupN openssl-1.0.2a/ openssl-1.0.2a-EVP_PKEY_asn1_set_item/ >
EVP_PKEY_asn1_set_item.patch
To apply pach use following command in current OpenSSL root dev. directory:
patch -p1 -l -u -b -i EVP_PKEY_asn1_set_item.patch
Sergey Agievich
Belarusian State University
diff -rupN openssl-1.0.2a/crypto/asn1/ameth_lib.c openssl-1.0.2a-EVP_PKEY_asn1_set_item/crypto/asn1/ameth_lib.c
--- openssl-1.0.2a/crypto/asn1/ameth_lib.c 2015-03-19 16:30:36.000000000 +0300
+++ openssl-1.0.2a-EVP_PKEY_asn1_set_item/crypto/asn1/ameth_lib.c 2015-05-26 14:11:20.509424400 +0300
@@ -464,3 +464,21 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN
{
ameth->pkey_ctrl = pkey_ctrl;
}
+
+void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*item_verify) (EVP_MD_CTX *ctx,
+ const ASN1_ITEM *it,
+ void *asn,
+ X509_ALGOR *a,
+ ASN1_BIT_STRING *sig,
+ EVP_PKEY *pkey),
+ int (*item_sign) (EVP_MD_CTX *ctx,
+ const ASN1_ITEM *it,
+ void *asn,
+ X509_ALGOR *alg1,
+ X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig))
+{
+ ameth->item_sign = item_sign;
+ ameth->item_verify = item_verify;
+}
\ No newline at end of file
diff -rupN openssl-1.0.2a/crypto/evp/evp.h openssl-1.0.2a-EVP_PKEY_asn1_set_item/crypto/evp/evp.h
--- openssl-1.0.2a/crypto/evp/evp.h 2015-03-19 16:30:36.000000000 +0300
+++ openssl-1.0.2a-EVP_PKEY_asn1_set_item/crypto/evp/evp.h 2015-05-26 14:16:19.714040500 +0300
@@ -1121,6 +1121,19 @@ void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN
void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
long arg1, void *arg2));
+void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*item_verify) (EVP_MD_CTX *ctx,
+ const ASN1_ITEM *it,
+ void *asn,
+ X509_ALGOR *a,
+ ASN1_BIT_STRING *sig,
+ EVP_PKEY *pkey),
+ int (*item_sign) (EVP_MD_CTX *ctx,
+ const ASN1_ITEM *it,
+ void *asn,
+ X509_ALGOR *alg1,
+ X509_ALGOR *alg2,
+ ASN1_BIT_STRING *sig));
# define EVP_PKEY_OP_UNDEFINED 0
# define EVP_PKEY_OP_PARAMGEN (1<<1)
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
