Adds `RsaPssSaltlen` enum to encode the special values
This commit is contained in:
Bastian Köcher
parent
b0ea53184d
commit
a5ba1a0007
|
|
@ -79,6 +79,29 @@ use ffi::{EVP_MD_CTX_free, EVP_MD_CTX_new};
|
|||
#[cfg(any(ossl101, ossl102))]
|
||||
use ffi::{EVP_MD_CTX_create as EVP_MD_CTX_new, EVP_MD_CTX_destroy as EVP_MD_CTX_free};
|
||||
|
||||
/// Salt lengths that must be used with `set_rsa_pss_saltlen`.
|
||||
pub enum RsaPssSaltlen {
|
||||
/// The salt length is set to the digest length.
|
||||
/// Corresponds to the special value `-1`.
|
||||
DigestLength,
|
||||
/// The salt length is set to the maximum permissible value.
|
||||
/// Corresponds to the special value `-2`.
|
||||
MaximumLength,
|
||||
/// Sets the salt length to the given value.
|
||||
Custom(u32)
|
||||
}
|
||||
|
||||
impl RsaPssSaltlen {
|
||||
/// Returns the integer representation of `Oid`.
|
||||
fn as_raw(&self) -> c_int {
|
||||
match *self {
|
||||
RsaPssSaltlen::DigestLength => -1,
|
||||
RsaPssSaltlen::MaximumLength => -2,
|
||||
RsaPssSaltlen::Custom(val) => val as c_int,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// A type which computes cryptographic signatures of data.
|
||||
pub struct Signer<'a> {
|
||||
md_ctx: *mut ffi::EVP_MD_CTX,
|
||||
|
|
@ -168,11 +191,11 @@ impl<'a> Signer<'a> {
|
|||
/// This corresponds to [`EVP_PKEY_CTX_set_rsa_pss_saltlen`].
|
||||
///
|
||||
/// [`EVP_PKEY_CTX_set_rsa_pss_saltlen`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
|
||||
pub fn set_rsa_pss_saltlen(&mut self, len: c_int) -> Result<(), ErrorStack> {
|
||||
pub fn set_rsa_pss_saltlen(&mut self, len: RsaPssSaltlen) -> Result<(), ErrorStack> {
|
||||
unsafe {
|
||||
cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
|
||||
self.pctx,
|
||||
len,
|
||||
len.as_raw(),
|
||||
)).map(|_| ())
|
||||
}
|
||||
}
|
||||
|
|
@ -360,11 +383,11 @@ impl<'a> Verifier<'a> {
|
|||
/// This corresponds to [`EVP_PKEY_CTX_set_rsa_pss_saltlen`].
|
||||
///
|
||||
/// [`EVP_PKEY_CTX_set_rsa_pss_saltlen`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_CTX_set_rsa_pss_saltlen.html
|
||||
pub fn set_rsa_pss_saltlen(&mut self, len: c_int) -> Result<(), ErrorStack> {
|
||||
pub fn set_rsa_pss_saltlen(&mut self, len: RsaPssSaltlen) -> Result<(), ErrorStack> {
|
||||
unsafe {
|
||||
cvt(ffi::EVP_PKEY_CTX_set_rsa_pss_saltlen(
|
||||
self.pctx,
|
||||
len,
|
||||
len.as_raw(),
|
||||
)).map(|_| ())
|
||||
}
|
||||
}
|
||||
|
|
@ -451,7 +474,7 @@ mod test {
|
|||
use std::iter;
|
||||
|
||||
use hash::MessageDigest;
|
||||
use sign::{Signer, Verifier};
|
||||
use sign::{Signer, Verifier, RsaPssSaltlen};
|
||||
use ec::{EcGroup, EcKey};
|
||||
use nid::Nid;
|
||||
use rsa::{Padding, Rsa};
|
||||
|
|
@ -634,14 +657,14 @@ mod test {
|
|||
let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap();
|
||||
signer.set_rsa_padding(Padding::PKCS1_PSS).unwrap();
|
||||
assert_eq!(signer.rsa_padding().unwrap(), Padding::PKCS1_PSS);
|
||||
signer.set_rsa_pss_saltlen(-1).unwrap();
|
||||
signer.set_rsa_pss_saltlen(RsaPssSaltlen::DigestLength).unwrap();
|
||||
signer.set_rsa_mgf1_md(MessageDigest::sha256()).unwrap();
|
||||
signer.update(&Vec::from_hex(INPUT).unwrap()).unwrap();
|
||||
let signature = signer.sign_to_vec().unwrap();
|
||||
|
||||
let mut verifier = Verifier::new(MessageDigest::sha256(), &pkey).unwrap();
|
||||
verifier.set_rsa_padding(Padding::PKCS1_PSS).unwrap();
|
||||
verifier.set_rsa_pss_saltlen(-1).unwrap();
|
||||
verifier.set_rsa_pss_saltlen(RsaPssSaltlen::DigestLength).unwrap();
|
||||
verifier.set_rsa_mgf1_md(MessageDigest::sha256()).unwrap();
|
||||
verifier.update(&Vec::from_hex(INPUT).unwrap()).unwrap();
|
||||
assert!(verifier.verify(&signature).unwrap());
|
||||
|
|
|
|||
Loading…
Reference in New Issue