/src/boringssl/crypto/evp/p_ed25519.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* Copyright (c) 2017, Google Inc. |
2 | | * |
3 | | * Permission to use, copy, modify, and/or distribute this software for any |
4 | | * purpose with or without fee is hereby granted, provided that the above |
5 | | * copyright notice and this permission notice appear in all copies. |
6 | | * |
7 | | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
8 | | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
9 | | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
10 | | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
11 | | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
12 | | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
13 | | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ |
14 | | |
15 | | #include <openssl/evp.h> |
16 | | |
17 | | #include <openssl/curve25519.h> |
18 | | #include <openssl/err.h> |
19 | | #include <openssl/mem.h> |
20 | | |
21 | | #include "internal.h" |
22 | | |
23 | | |
24 | | // Ed25519 has no parameters to copy. |
25 | 0 | static int pkey_ed25519_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { return 1; } |
26 | | |
27 | 0 | static int pkey_ed25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { |
28 | 0 | ED25519_KEY *key = OPENSSL_malloc(sizeof(ED25519_KEY)); |
29 | 0 | if (key == NULL) { |
30 | 0 | return 0; |
31 | 0 | } |
32 | | |
33 | 0 | evp_pkey_set_method(pkey, &ed25519_asn1_meth); |
34 | |
|
35 | 0 | uint8_t pubkey_unused[32]; |
36 | 0 | ED25519_keypair(pubkey_unused, key->key); |
37 | 0 | key->has_private = 1; |
38 | |
|
39 | 0 | OPENSSL_free(pkey->pkey); |
40 | 0 | pkey->pkey = key; |
41 | 0 | return 1; |
42 | 0 | } |
43 | | |
44 | | static int pkey_ed25519_sign_message(EVP_PKEY_CTX *ctx, uint8_t *sig, |
45 | | size_t *siglen, const uint8_t *tbs, |
46 | 0 | size_t tbslen) { |
47 | 0 | const ED25519_KEY *key = ctx->pkey->pkey; |
48 | 0 | if (!key->has_private) { |
49 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_NOT_A_PRIVATE_KEY); |
50 | 0 | return 0; |
51 | 0 | } |
52 | | |
53 | 0 | if (sig == NULL) { |
54 | 0 | *siglen = 64; |
55 | 0 | return 1; |
56 | 0 | } |
57 | | |
58 | 0 | if (*siglen < 64) { |
59 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); |
60 | 0 | return 0; |
61 | 0 | } |
62 | | |
63 | 0 | if (!ED25519_sign(sig, tbs, tbslen, key->key)) { |
64 | 0 | return 0; |
65 | 0 | } |
66 | | |
67 | 0 | *siglen = 64; |
68 | 0 | return 1; |
69 | 0 | } |
70 | | |
71 | | static int pkey_ed25519_verify_message(EVP_PKEY_CTX *ctx, const uint8_t *sig, |
72 | | size_t siglen, const uint8_t *tbs, |
73 | 0 | size_t tbslen) { |
74 | 0 | const ED25519_KEY *key = ctx->pkey->pkey; |
75 | 0 | if (siglen != 64 || |
76 | 0 | !ED25519_verify(tbs, tbslen, sig, key->key + ED25519_PUBLIC_KEY_OFFSET)) { |
77 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_SIGNATURE); |
78 | 0 | return 0; |
79 | 0 | } |
80 | | |
81 | 0 | return 1; |
82 | 0 | } |
83 | | |
84 | | const EVP_PKEY_METHOD ed25519_pkey_meth = { |
85 | | EVP_PKEY_ED25519, |
86 | | NULL /* init */, |
87 | | pkey_ed25519_copy, |
88 | | NULL /* cleanup */, |
89 | | pkey_ed25519_keygen, |
90 | | NULL /* sign */, |
91 | | pkey_ed25519_sign_message, |
92 | | NULL /* verify */, |
93 | | pkey_ed25519_verify_message, |
94 | | NULL /* verify_recover */, |
95 | | NULL /* encrypt */, |
96 | | NULL /* decrypt */, |
97 | | NULL /* derive */, |
98 | | NULL /* paramgen */, |
99 | | NULL /* ctrl */, |
100 | | }; |