Make `openssl check -rsa ...` to work for both RSA and RSA-PSS.

Fixes openssl#17167 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17920) (cherry picked from commit 5d1f357a01)
2022-03-16 20:30:38 +01:00 · 2022-03-16 20:30:38 +01:00 · 388d6f4506
parent 3b5b91992c
commit 388d6f4506
2 changed files with 12 additions and 2 deletions
--- a/apps/rsa.c
+++ b/apps/rsa.c
@ -255,7 +255,7 @@ int rsa_main(int argc, char **argv)
        ERR_print_errors(bio_err);
        goto end;
    }
-    if (!EVP_PKEY_is_a(pkey, "RSA")) {
+    if (!EVP_PKEY_is_a(pkey, "RSA") && !EVP_PKEY_is_a(pkey, "RSA-PSS")) {
        BIO_printf(bio_err, "Not an RSA key\n");
        goto end;
    }
--- a/test/recipes/15-test_rsapss.t
+++ b/test/recipes/15-test_rsapss.t
@ -16,7 +16,7 @@ use OpenSSL::Test::Utils;

 setup("test_rsapss");

-plan tests => 7;
+plan tests => 9;

 #using test/testrsa.pem which happens to be a 512 bit RSA
 ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1',
@ -64,3 +64,13 @@ ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'),
            '-signature', 'testrsapss-unrestricted.sig',
            srctop_file('test', 'testrsa.pem')])),
   "openssl dgst -prverify [plain RSA key, PSS padding mode, no PSS restrictions]");
+
+# Test that RSA-PSS keys are supported by genpkey and rsa commands.
+{
+   my $rsapss = "rsapss.key";
+   ok(run(app(['openssl', 'genpkey', '-algorithm', 'RSA-PSS',
+               '-pkeyopt', 'rsa_keygen_bits:1024',
+               '--out', $rsapss])));
+   ok(run(app(['openssl', 'rsa', '-check',
+               '-in', $rsapss])));
+}