Coverage Report

Created: 2024-11-21 07:03

/src/boringssl/crypto/evp/p_ed25519.c
Line
Count
Source (jump to first uncovered line)
1
/* Copyright (c) 2017, Google Inc.
2
 *
3
 * Permission to use, copy, modify, and/or distribute this software for any
4
 * purpose with or without fee is hereby granted, provided that the above
5
 * copyright notice and this permission notice appear in all copies.
6
 *
7
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10
 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15
#include <openssl/evp.h>
16
17
#include <openssl/curve25519.h>
18
#include <openssl/err.h>
19
#include <openssl/mem.h>
20
21
#include "internal.h"
22
23
24
// Ed25519 has no parameters to copy.
25
0
static int pkey_ed25519_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { return 1; }
26
27
0
static int pkey_ed25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) {
28
0
  ED25519_KEY *key = OPENSSL_malloc(sizeof(ED25519_KEY));
29
0
  if (key == NULL) {
30
0
    return 0;
31
0
  }
32
33
0
  evp_pkey_set_method(pkey, &ed25519_asn1_meth);
34
35
0
  uint8_t pubkey_unused[32];
36
0
  ED25519_keypair(pubkey_unused, key->key);
37
0
  key->has_private = 1;
38
39
0
  OPENSSL_free(pkey->pkey);
40
0
  pkey->pkey = key;
41
0
  return 1;
42
0
}
43
44
static int pkey_ed25519_sign_message(EVP_PKEY_CTX *ctx, uint8_t *sig,
45
                                     size_t *siglen, const uint8_t *tbs,
46
0
                                     size_t tbslen) {
47
0
  const ED25519_KEY *key = ctx->pkey->pkey;
48
0
  if (!key->has_private) {
49
0
    OPENSSL_PUT_ERROR(EVP, EVP_R_NOT_A_PRIVATE_KEY);
50
0
    return 0;
51
0
  }
52
53
0
  if (sig == NULL) {
54
0
    *siglen = 64;
55
0
    return 1;
56
0
  }
57
58
0
  if (*siglen < 64) {
59
0
    OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL);
60
0
    return 0;
61
0
  }
62
63
0
  if (!ED25519_sign(sig, tbs, tbslen, key->key)) {
64
0
    return 0;
65
0
  }
66
67
0
  *siglen = 64;
68
0
  return 1;
69
0
}
70
71
static int pkey_ed25519_verify_message(EVP_PKEY_CTX *ctx, const uint8_t *sig,
72
                                       size_t siglen, const uint8_t *tbs,
73
0
                                       size_t tbslen) {
74
0
  const ED25519_KEY *key = ctx->pkey->pkey;
75
0
  if (siglen != 64 ||
76
0
      !ED25519_verify(tbs, tbslen, sig, key->key + ED25519_PUBLIC_KEY_OFFSET)) {
77
0
    OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_SIGNATURE);
78
0
    return 0;
79
0
  }
80
81
0
  return 1;
82
0
}
83
84
const EVP_PKEY_METHOD ed25519_pkey_meth = {
85
    EVP_PKEY_ED25519,
86
    NULL /* init */,
87
    pkey_ed25519_copy,
88
    NULL /* cleanup */,
89
    pkey_ed25519_keygen,
90
    NULL /* sign */,
91
    pkey_ed25519_sign_message,
92
    NULL /* verify */,
93
    pkey_ed25519_verify_message,
94
    NULL /* verify_recover */,
95
    NULL /* encrypt */,
96
    NULL /* decrypt */,
97
    NULL /* derive */,
98
    NULL /* paramgen */,
99
    NULL /* ctrl */,
100
};