Coverage Report

Created: 2024-11-21 07:03

/src/openssl/providers/implementations/signature/ecdsa_sig.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
/*
11
 * ECDSA low level APIs are deprecated for public use, but still ok for
12
 * internal use.
13
 */
14
#include "internal/deprecated.h"
15
16
#include <string.h> /* memcpy */
17
#include <openssl/crypto.h>
18
#include <openssl/core_dispatch.h>
19
#include <openssl/core_names.h>
20
#include <openssl/dsa.h>
21
#include <openssl/params.h>
22
#include <openssl/evp.h>
23
#include <openssl/err.h>
24
#include <openssl/proverr.h>
25
#include "internal/nelem.h"
26
#include "internal/sizes.h"
27
#include "internal/cryptlib.h"
28
#include "internal/deterministic_nonce.h"
29
#include "prov/providercommon.h"
30
#include "prov/implementations.h"
31
#include "prov/provider_ctx.h"
32
#include "prov/securitycheck.h"
33
#include "prov/der_ec.h"
34
#include "crypto/ec.h"
35
36
static OSSL_FUNC_signature_newctx_fn ecdsa_newctx;
37
static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init;
38
static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init;
39
static OSSL_FUNC_signature_sign_fn ecdsa_sign;
40
static OSSL_FUNC_signature_sign_message_update_fn ecdsa_signverify_message_update;
41
static OSSL_FUNC_signature_sign_message_final_fn ecdsa_sign_message_final;
42
static OSSL_FUNC_signature_verify_fn ecdsa_verify;
43
static OSSL_FUNC_signature_verify_message_update_fn ecdsa_signverify_message_update;
44
static OSSL_FUNC_signature_verify_message_final_fn ecdsa_verify_message_final;
45
static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_sign_init;
46
static OSSL_FUNC_signature_digest_sign_update_fn ecdsa_digest_signverify_update;
47
static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final;
48
static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init;
49
static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update;
50
static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final;
51
static OSSL_FUNC_signature_freectx_fn ecdsa_freectx;
52
static OSSL_FUNC_signature_dupctx_fn ecdsa_dupctx;
53
static OSSL_FUNC_signature_query_key_types_fn ecdsa_sigalg_query_key_types;
54
static OSSL_FUNC_signature_get_ctx_params_fn ecdsa_get_ctx_params;
55
static OSSL_FUNC_signature_gettable_ctx_params_fn ecdsa_gettable_ctx_params;
56
static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_set_ctx_params;
57
static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_settable_ctx_params;
58
static OSSL_FUNC_signature_get_ctx_md_params_fn ecdsa_get_ctx_md_params;
59
static OSSL_FUNC_signature_gettable_ctx_md_params_fn ecdsa_gettable_ctx_md_params;
60
static OSSL_FUNC_signature_set_ctx_md_params_fn ecdsa_set_ctx_md_params;
61
static OSSL_FUNC_signature_settable_ctx_md_params_fn ecdsa_settable_ctx_md_params;
62
static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_sigalg_set_ctx_params;
63
static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_sigalg_settable_ctx_params;
64
65
/*
66
 * What's passed as an actual key is defined by the KEYMGMT interface.
67
 * We happen to know that our KEYMGMT simply passes DSA structures, so
68
 * we use that here too.
69
 */
70
71
typedef struct {
72
    OSSL_LIB_CTX *libctx;
73
    char *propq;
74
    EC_KEY *ec;
75
    /* |operation| reuses EVP's operation bitfield */
76
    int operation;
77
78
    /*
79
     * Flag to determine if a full sigalg is run (1) or if a composable
80
     * signature algorithm is run (0).
81
     *
82
     * When a full sigalg is run (1), this currently affects the following
83
     * other flags, which are to remain untouched after their initialization:
84
     *
85
     * - flag_allow_md (initialized to 0)
86
     */
87
    unsigned int flag_sigalg : 1;
88
    /*
89
     * Flag to determine if the hash function can be changed (1) or not (0)
90
     * Because it's dangerous to change during a DigestSign or DigestVerify
91
     * operation, this flag is cleared by their Init function, and set again
92
     * by their Final function.
93
     */
94
    unsigned int flag_allow_md : 1;
95
96
    /* The Algorithm Identifier of the combined signature algorithm */
97
    unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
98
    size_t  aid_len;
99
100
    /* main digest */
101
    char mdname[OSSL_MAX_NAME_SIZE];
102
    EVP_MD *md;
103
    EVP_MD_CTX *mdctx;
104
    size_t mdsize;
105
106
    /* Signature, for verification */
107
    unsigned char *sig;
108
    size_t siglen;
109
110
    /*
111
     * Internally used to cache the results of calling the EC group
112
     * sign_setup() methods which are then passed to the sign operation.
113
     * This is used by CAVS failure tests to terminate a loop if the signature
114
     * is not valid.
115
     * This could of also been done with a simple flag.
116
     */
117
    BIGNUM *kinv;
118
    BIGNUM *r;
119
#if !defined(OPENSSL_NO_ACVP_TESTS)
120
    /*
121
     * This indicates that KAT (CAVS) test is running. Externally an app will
122
     * override the random callback such that the generated private key and k
123
     * are known.
124
     * Normal operation will loop to choose a new k if the signature is not
125
     * valid - but for this mode of operation it forces a failure instead.
126
     */
127
    unsigned int kattest;
128
#endif
129
#ifdef FIPS_MODULE
130
    /*
131
     * FIPS 140-3 IG 2.4.B mandates that verification based on a digest of a
132
     * message is not permitted.  However, signing based on a digest is still
133
     * permitted.
134
     */
135
    int verify_message;
136
#endif
137
    /* If this is set then the generated k is not random */
138
    unsigned int nonce_type;
139
    OSSL_FIPS_IND_DECLARE
140
} PROV_ECDSA_CTX;
141
142
static void *ecdsa_newctx(void *provctx, const char *propq)
143
0
{
144
0
    PROV_ECDSA_CTX *ctx;
145
146
0
    if (!ossl_prov_is_running())
147
0
        return NULL;
148
149
0
    ctx = OPENSSL_zalloc(sizeof(PROV_ECDSA_CTX));
150
0
    if (ctx == NULL)
151
0
        return NULL;
152
153
0
    OSSL_FIPS_IND_INIT(ctx)
154
0
    ctx->flag_allow_md = 1;
155
#ifdef FIPS_MODULE
156
    ctx->verify_message = 1;
157
#endif
158
0
    ctx->libctx = PROV_LIBCTX_OF(provctx);
159
0
    if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) {
160
0
        OPENSSL_free(ctx);
161
0
        ctx = NULL;
162
0
    }
163
0
    return ctx;
164
0
}
165
166
static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx,
167
                          const char *mdname, const char *mdprops,
168
                          const char *desc)
169
0
{
170
0
    EVP_MD *md = NULL;
171
0
    size_t mdname_len;
172
0
    int md_nid, md_size;
173
0
    WPACKET pkt;
174
0
    unsigned char *aid = NULL;
175
176
0
    if (mdname == NULL)
177
0
        return 1;
178
179
0
    mdname_len = strlen(mdname);
180
0
    if (mdname_len >= sizeof(ctx->mdname)) {
181
0
        ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
182
0
                       "%s exceeds name buffer length", mdname);
183
0
        return 0;
184
0
    }
185
0
    if (mdprops == NULL)
186
0
        mdprops = ctx->propq;
187
0
    md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
188
0
    if (md == NULL) {
189
0
        ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
190
0
                       "%s could not be fetched", mdname);
191
0
        return 0;
192
0
    }
193
0
    md_size = EVP_MD_get_size(md);
194
0
    if (md_size <= 0) {
195
0
        ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
196
0
                       "%s has invalid md size %d", mdname, md_size);
197
0
        goto err;
198
0
    }
199
0
    md_nid = ossl_digest_get_approved_nid(md);
200
0
    if (md_nid == NID_undef) {
201
0
        ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
202
0
                       "digest=%s", mdname);
203
0
        goto err;
204
0
    }
205
    /* XOF digests don't work */
206
0
    if (EVP_MD_xof(md)) {
207
0
        ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
208
0
        goto err;
209
0
    }
210
211
#ifdef FIPS_MODULE
212
    {
213
        int sha1_allowed
214
            = ((ctx->operation
215
                & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_SIGNMSG)) == 0);
216
217
        if (!ossl_fips_ind_digest_sign_check(OSSL_FIPS_IND_GET(ctx),
218
                                             OSSL_FIPS_IND_SETTABLE1,
219
                                             ctx->libctx,
220
                                             md_nid, sha1_allowed, desc,
221
                                             ossl_fips_config_signature_digest_check))
222
            goto err;
223
    }
224
#endif
225
226
0
    if (!ctx->flag_allow_md) {
227
0
        if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) {
228
0
            ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
229
0
                           "digest %s != %s", mdname, ctx->mdname);
230
0
            goto err;
231
0
        }
232
0
        EVP_MD_free(md);
233
0
        return 1;
234
0
    }
235
236
0
    EVP_MD_CTX_free(ctx->mdctx);
237
0
    EVP_MD_free(ctx->md);
238
239
0
    ctx->aid_len = 0;
240
0
    if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf))
241
0
        && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec,
242
0
                                                        md_nid)
243
0
        && WPACKET_finish(&pkt)) {
244
0
        WPACKET_get_total_written(&pkt, &ctx->aid_len);
245
0
        aid = WPACKET_get_curr(&pkt);
246
0
    }
247
0
    WPACKET_cleanup(&pkt);
248
0
    if (aid != NULL && ctx->aid_len != 0)
249
0
        memmove(ctx->aid_buf, aid, ctx->aid_len);
250
251
0
    ctx->mdctx = NULL;
252
0
    ctx->md = md;
253
0
    ctx->mdsize = (size_t)md_size;
254
0
    OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname));
255
256
0
    return 1;
257
0
 err:
258
0
    EVP_MD_free(md);
259
0
    return 0;
260
0
}
261
262
static int
263
ecdsa_signverify_init(PROV_ECDSA_CTX *ctx, void *ec,
264
                      OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params,
265
                      const OSSL_PARAM params[], int operation,
266
                      const char *desc)
267
0
{
268
0
    if (!ossl_prov_is_running()
269
0
            || ctx == NULL)
270
0
        return 0;
271
272
0
    if (ec == NULL && ctx->ec == NULL) {
273
0
        ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
274
0
        return 0;
275
0
    }
276
277
0
    if (ec != NULL) {
278
0
        if (!EC_KEY_up_ref(ec))
279
0
            return 0;
280
0
        EC_KEY_free(ctx->ec);
281
0
        ctx->ec = ec;
282
0
    }
283
284
0
    ctx->operation = operation;
285
286
0
    OSSL_FIPS_IND_SET_APPROVED(ctx)
287
0
    if (!set_ctx_params(ctx, params))
288
0
        return 0;
289
#ifdef FIPS_MODULE
290
    if (!ossl_fips_ind_ec_key_check(OSSL_FIPS_IND_GET(ctx),
291
                                    OSSL_FIPS_IND_SETTABLE0, ctx->libctx,
292
                                    EC_KEY_get0_group(ctx->ec), desc,
293
                                    (operation & (EVP_PKEY_OP_SIGN
294
                                                  | EVP_PKEY_OP_SIGNMSG)) != 0))
295
        return 0;
296
#endif
297
0
    return 1;
298
0
}
299
300
static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[])
301
0
{
302
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
303
304
#ifdef FIPS_MODULE
305
    ctx->verify_message = 1;
306
#endif
307
0
    return ecdsa_signverify_init(ctx, ec, ecdsa_set_ctx_params, params,
308
0
                                 EVP_PKEY_OP_SIGN, "ECDSA Sign Init");
309
0
}
310
311
/*
312
 * Sign tbs without digesting it first.  This is suitable for "primitive"
313
 * signing and signing the digest of a message.
314
 */
315
static int ecdsa_sign_directly(void *vctx,
316
                               unsigned char *sig, size_t *siglen, size_t sigsize,
317
                               const unsigned char *tbs, size_t tbslen)
318
0
{
319
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
320
0
    int ret;
321
0
    unsigned int sltmp;
322
0
    size_t ecsize = ECDSA_size(ctx->ec);
323
324
0
    if (!ossl_prov_is_running())
325
0
        return 0;
326
327
0
    if (sig == NULL) {
328
0
        *siglen = ecsize;
329
0
        return 1;
330
0
    }
331
332
#if !defined(OPENSSL_NO_ACVP_TESTS)
333
    if (ctx->kattest && !ECDSA_sign_setup(ctx->ec, NULL, &ctx->kinv, &ctx->r))
334
        return 0;
335
#endif
336
337
0
    if (sigsize < (size_t)ecsize)
338
0
        return 0;
339
340
0
    if (ctx->mdsize != 0 && tbslen != ctx->mdsize)
341
0
        return 0;
342
343
0
    if (ctx->nonce_type != 0) {
344
0
        const char *mdname = NULL;
345
346
0
        if (ctx->mdname[0] != '\0')
347
0
            mdname = ctx->mdname;
348
0
        ret = ossl_ecdsa_deterministic_sign(tbs, tbslen, sig, &sltmp,
349
0
                                            ctx->ec, ctx->nonce_type,
350
0
                                            mdname,
351
0
                                            ctx->libctx, ctx->propq);
352
0
    } else {
353
0
        ret = ECDSA_sign_ex(0, tbs, tbslen, sig, &sltmp, ctx->kinv, ctx->r,
354
0
                            ctx->ec);
355
0
    }
356
0
    if (ret <= 0)
357
0
        return 0;
358
359
0
    *siglen = sltmp;
360
0
    return 1;
361
0
}
362
363
static int ecdsa_signverify_message_update(void *vctx,
364
                                         const unsigned char *data,
365
                                         size_t datalen)
366
0
{
367
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
368
369
0
    if (ctx == NULL)
370
0
        return 0;
371
372
0
    return EVP_DigestUpdate(ctx->mdctx, data, datalen);
373
0
}
374
375
static int ecdsa_sign_message_final(void *vctx, unsigned char *sig,
376
                                  size_t *siglen, size_t sigsize)
377
0
{
378
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
379
0
    unsigned char digest[EVP_MAX_MD_SIZE];
380
0
    unsigned int dlen = 0;
381
382
0
    if (!ossl_prov_is_running() || ctx == NULL)
383
0
        return 0;
384
0
    if (ctx->mdctx == NULL)
385
0
        return 0;
386
    /*
387
     * If sig is NULL then we're just finding out the sig size. Other fields
388
     * are ignored. Defer to ecdsa_sign.
389
     */
390
0
    if (sig != NULL
391
0
        && !EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen))
392
0
        return 0;
393
0
    return ecdsa_sign_directly(vctx, sig, siglen, sigsize, digest, dlen);
394
0
}
395
396
/*
397
 * If signing a message, digest tbs and sign the result.
398
 * Otherwise, sign tbs directly.
399
 */
400
static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen,
401
                    size_t sigsize, const unsigned char *tbs, size_t tbslen)
402
0
{
403
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
404
405
0
    if (ctx->operation == EVP_PKEY_OP_SIGNMSG) {
406
        /*
407
         * If |sig| is NULL, the caller is only looking for the sig length.
408
         * DO NOT update the input in this case.
409
         */
410
0
        if (sig == NULL)
411
0
            return ecdsa_sign_message_final(ctx, sig, siglen, sigsize);
412
413
0
        if (ecdsa_signverify_message_update(ctx, tbs, tbslen) <= 0)
414
0
            return 0;
415
0
        return ecdsa_sign_message_final(ctx, sig, siglen, sigsize);
416
0
    }
417
0
    return ecdsa_sign_directly(ctx, sig, siglen, sigsize, tbs, tbslen);
418
0
}
419
420
static int ecdsa_verify_init(void *vctx, void *ec, const OSSL_PARAM params[])
421
0
{
422
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
423
424
#ifdef FIPS_MODULE
425
    ctx->verify_message = 0;
426
#endif
427
0
    return ecdsa_signverify_init(ctx, ec, ecdsa_set_ctx_params, params,
428
0
                                 EVP_PKEY_OP_VERIFY, "ECDSA Verify Init");
429
0
}
430
431
static int ecdsa_verify_directly(void *vctx,
432
                                 const unsigned char *sig, size_t siglen,
433
                                 const unsigned char *tbs, size_t tbslen)
434
0
{
435
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
436
437
0
    if (!ossl_prov_is_running() || (ctx->mdsize != 0 && tbslen != ctx->mdsize))
438
0
        return 0;
439
440
0
    return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->ec);
441
0
}
442
443
static int ecdsa_verify_set_sig(void *vctx,
444
                                const unsigned char *sig, size_t siglen)
445
0
{
446
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
447
0
    OSSL_PARAM params[2];
448
449
0
    params[0] =
450
0
        OSSL_PARAM_construct_octet_string(OSSL_SIGNATURE_PARAM_SIGNATURE,
451
0
                                          (unsigned char *)sig, siglen);
452
0
    params[1] = OSSL_PARAM_construct_end();
453
0
    return ecdsa_sigalg_set_ctx_params(ctx, params);
454
0
}
455
456
static int ecdsa_verify_message_final(void *vctx)
457
0
{
458
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
459
0
    unsigned char digest[EVP_MAX_MD_SIZE];
460
0
    unsigned int dlen = 0;
461
462
0
    if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL)
463
0
        return 0;
464
465
    /*
466
     * The digests used here are all known (see ecdsa_get_md_nid()), so they
467
     * should not exceed the internal buffer size of EVP_MAX_MD_SIZE.
468
     */
469
0
    if (!EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen))
470
0
        return 0;
471
472
0
    return ecdsa_verify_directly(vctx, ctx->sig, ctx->siglen,
473
0
                               digest, dlen);
474
0
}
475
476
/*
477
 * If verifying a message, digest tbs and verify the result.
478
 * Otherwise, verify tbs directly.
479
 */
480
static int ecdsa_verify(void *vctx,
481
                      const unsigned char *sig, size_t siglen,
482
                      const unsigned char *tbs, size_t tbslen)
483
0
{
484
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
485
486
0
    if (ctx->operation == EVP_PKEY_OP_VERIFYMSG) {
487
0
        if (ecdsa_verify_set_sig(ctx, sig, siglen) <= 0)
488
0
            return 0;
489
0
        if (ecdsa_signverify_message_update(ctx, tbs, tbslen) <= 0)
490
0
            return 0;
491
0
        return ecdsa_verify_message_final(ctx);
492
0
    }
493
0
    return ecdsa_verify_directly(ctx, sig, siglen, tbs, tbslen);
494
0
}
495
496
/* DigestSign/DigestVerify wrappers */
497
498
static int ecdsa_digest_signverify_init(void *vctx, const char *mdname,
499
                                        void *ec, const OSSL_PARAM params[],
500
                                        int operation, const char *desc)
501
0
{
502
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
503
504
0
    if (!ossl_prov_is_running())
505
0
        return 0;
506
507
#ifdef FIPS_MODULE
508
    ctx->verify_message = 1;
509
#endif
510
0
    if (!ecdsa_signverify_init(vctx, ec, ecdsa_set_ctx_params, params,
511
0
                               operation, desc))
512
0
        return 0;
513
514
0
    if (mdname != NULL
515
        /* was ecdsa_setup_md already called in ecdsa_signverify_init()? */
516
0
        && (mdname[0] == '\0' || OPENSSL_strcasecmp(ctx->mdname, mdname) != 0)
517
0
        && !ecdsa_setup_md(ctx, mdname, NULL, desc))
518
0
        return 0;
519
520
0
    ctx->flag_allow_md = 0;
521
522
0
    if (ctx->mdctx == NULL) {
523
0
        ctx->mdctx = EVP_MD_CTX_new();
524
0
        if (ctx->mdctx == NULL)
525
0
            goto error;
526
0
    }
527
528
0
    if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params))
529
0
        goto error;
530
0
    return 1;
531
0
error:
532
0
    EVP_MD_CTX_free(ctx->mdctx);
533
0
    ctx->mdctx = NULL;
534
0
    return 0;
535
0
}
536
537
static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec,
538
                                  const OSSL_PARAM params[])
539
0
{
540
0
    return ecdsa_digest_signverify_init(vctx, mdname, ec, params,
541
0
                                        EVP_PKEY_OP_SIGNMSG,
542
0
                                        "ECDSA Digest Sign Init");
543
0
}
544
545
static int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data,
546
                                          size_t datalen)
547
0
{
548
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
549
550
0
    if (ctx == NULL || ctx->mdctx == NULL)
551
0
        return 0;
552
    /* Sigalg implementations shouldn't do digest_sign */
553
0
    if (ctx->flag_sigalg)
554
0
        return 0;
555
556
0
    return ecdsa_signverify_message_update(vctx, data, datalen);
557
0
}
558
559
int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen,
560
                            size_t sigsize)
561
0
{
562
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
563
0
    int ok = 0;
564
565
0
    if (ctx == NULL)
566
0
        return 0;
567
    /* Sigalg implementations shouldn't do digest_sign */
568
0
    if (ctx->flag_sigalg)
569
0
        return 0;
570
571
0
    ok = ecdsa_sign_message_final(ctx, sig, siglen, sigsize);
572
573
0
    ctx->flag_allow_md = 1;
574
575
0
    return ok;
576
0
}
577
578
static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec,
579
                                    const OSSL_PARAM params[])
580
0
{
581
0
    return ecdsa_digest_signverify_init(vctx, mdname, ec, params,
582
0
                                        EVP_PKEY_OP_VERIFYMSG,
583
0
                                        "ECDSA Digest Verify Init");
584
0
}
585
586
int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig,
587
                              size_t siglen)
588
0
{
589
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
590
0
    int ok = 0;
591
592
0
    if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL)
593
0
        return 0;
594
595
    /* Sigalg implementations shouldn't do digest_verify */
596
0
    if (ctx->flag_sigalg)
597
0
        return 0;
598
599
0
    if (ecdsa_verify_set_sig(ctx, sig, siglen))
600
0
        ok = ecdsa_verify_message_final(ctx);
601
602
0
    ctx->flag_allow_md = 1;
603
604
0
    return ok;
605
0
}
606
607
static void ecdsa_freectx(void *vctx)
608
0
{
609
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
610
611
0
    EVP_MD_CTX_free(ctx->mdctx);
612
0
    EVP_MD_free(ctx->md);
613
0
    OPENSSL_free(ctx->propq);
614
0
    OPENSSL_free(ctx->sig);
615
0
    EC_KEY_free(ctx->ec);
616
0
    BN_clear_free(ctx->kinv);
617
0
    BN_clear_free(ctx->r);
618
0
    OPENSSL_free(ctx);
619
0
}
620
621
static void *ecdsa_dupctx(void *vctx)
622
0
{
623
0
    PROV_ECDSA_CTX *srcctx = (PROV_ECDSA_CTX *)vctx;
624
0
    PROV_ECDSA_CTX *dstctx;
625
626
0
    if (!ossl_prov_is_running())
627
0
        return NULL;
628
629
0
    dstctx = OPENSSL_zalloc(sizeof(*srcctx));
630
0
    if (dstctx == NULL)
631
0
        return NULL;
632
633
0
    *dstctx = *srcctx;
634
0
    dstctx->ec = NULL;
635
0
    dstctx->propq = NULL;
636
637
0
    if (srcctx->ec != NULL && !EC_KEY_up_ref(srcctx->ec))
638
0
        goto err;
639
    /* Test KATS should not need to be supported */
640
0
    if (srcctx->kinv != NULL || srcctx->r != NULL)
641
0
        goto err;
642
0
    dstctx->ec = srcctx->ec;
643
644
0
    if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md))
645
0
        goto err;
646
0
    dstctx->md = srcctx->md;
647
648
0
    if (srcctx->mdctx != NULL) {
649
0
        dstctx->mdctx = EVP_MD_CTX_new();
650
0
        if (dstctx->mdctx == NULL
651
0
                || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx))
652
0
            goto err;
653
0
    }
654
655
0
    if (srcctx->propq != NULL) {
656
0
        dstctx->propq = OPENSSL_strdup(srcctx->propq);
657
0
        if (dstctx->propq == NULL)
658
0
            goto err;
659
0
    }
660
661
0
    return dstctx;
662
0
 err:
663
0
    ecdsa_freectx(dstctx);
664
0
    return NULL;
665
0
}
666
667
static int ecdsa_get_ctx_params(void *vctx, OSSL_PARAM *params)
668
0
{
669
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
670
0
    OSSL_PARAM *p;
671
672
0
    if (ctx == NULL)
673
0
        return 0;
674
675
0
    p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
676
0
    if (p != NULL && !OSSL_PARAM_set_octet_string(p,
677
0
                                                  ctx->aid_len == 0 ? NULL : ctx->aid_buf,
678
0
                                                  ctx->aid_len))
679
0
        return 0;
680
681
0
    p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
682
0
    if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->mdsize))
683
0
        return 0;
684
685
0
    p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
686
0
    if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL
687
0
                                                    ? ctx->mdname
688
0
                                                    : EVP_MD_get0_name(ctx->md)))
689
0
        return 0;
690
691
0
    p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_NONCE_TYPE);
692
0
    if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->nonce_type))
693
0
        return 0;
694
695
#ifdef FIPS_MODULE
696
    p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE);
697
    if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->verify_message))
698
        return 0;
699
#endif
700
701
0
    if (!OSSL_FIPS_IND_GET_CTX_PARAM(ctx, params))
702
0
        return 0;
703
0
    return 1;
704
0
}
705
706
static const OSSL_PARAM known_gettable_ctx_params[] = {
707
    OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
708
    OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
709
    OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
710
    OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_NONCE_TYPE, NULL),
711
#ifdef FIPS_MODULE
712
    OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE, NULL),
713
#endif
714
    OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
715
    OSSL_PARAM_END
716
};
717
718
static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *vctx,
719
                                                   ossl_unused void *provctx)
720
0
{
721
0
    return known_gettable_ctx_params;
722
0
}
723
724
/**
725
 * @brief Set up common params for ecdsa_set_ctx_params and
726
 * ecdsa_sigalg_set_ctx_params. The caller is responsible for checking |vctx| is
727
 * not NULL and |params| is not empty.
728
 */
729
static int ecdsa_common_set_ctx_params(void *vctx, const OSSL_PARAM params[])
730
0
{
731
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
732
0
    const OSSL_PARAM *p;
733
734
0
    if (!OSSL_FIPS_IND_SET_CTX_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, params,
735
0
                                     OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK))
736
0
        return 0;
737
0
    if (!OSSL_FIPS_IND_SET_CTX_PARAM(ctx, OSSL_FIPS_IND_SETTABLE1, params,
738
0
                                     OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK))
739
0
        return 0;
740
741
#if !defined(OPENSSL_NO_ACVP_TESTS)
742
    p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_KAT);
743
    if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->kattest))
744
        return 0;
745
#endif
746
747
0
    p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_NONCE_TYPE);
748
0
    if (p != NULL
749
0
        && !OSSL_PARAM_get_uint(p, &ctx->nonce_type))
750
0
        return 0;
751
0
    return 1;
752
0
}
753
754
#define ECDSA_COMMON_SETTABLE_CTX_PARAMS                                      \
755
    OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),                          \
756
    OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_NONCE_TYPE, NULL),                   \
757
    OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK)     \
758
    OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK)  \
759
    OSSL_PARAM_END
760
761
static int ecdsa_set_ctx_params(void *vctx, const OSSL_PARAM params[])
762
0
{
763
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
764
0
    const OSSL_PARAM *p;
765
0
    size_t mdsize = 0;
766
0
    int ret;
767
768
0
    if (ctx == NULL)
769
0
        return 0;
770
0
    if (ossl_param_is_empty(params))
771
0
        return 1;
772
773
0
    if ((ret = ecdsa_common_set_ctx_params(ctx, params)) <= 0)
774
0
        return ret;
775
776
0
    p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST);
777
0
    if (p != NULL) {
778
0
        char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
779
0
        char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
780
0
        const OSSL_PARAM *propsp =
781
0
            OSSL_PARAM_locate_const(params,
782
0
                                    OSSL_SIGNATURE_PARAM_PROPERTIES);
783
784
0
        if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname)))
785
0
            return 0;
786
0
        if (propsp != NULL
787
0
            && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops)))
788
0
            return 0;
789
0
        if (!ecdsa_setup_md(ctx, mdname, mdprops, "ECDSA Set Ctx"))
790
0
            return 0;
791
0
    }
792
793
0
    p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
794
0
    if (p != NULL) {
795
0
        if (!OSSL_PARAM_get_size_t(p, &mdsize)
796
0
            || (!ctx->flag_allow_md && mdsize != ctx->mdsize))
797
0
            return 0;
798
0
        ctx->mdsize = mdsize;
799
0
    }
800
0
    return 1;
801
0
}
802
803
static const OSSL_PARAM settable_ctx_params[] = {
804
    OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
805
    OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
806
    OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0),
807
    ECDSA_COMMON_SETTABLE_CTX_PARAMS
808
};
809
810
static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx,
811
                                                   ossl_unused void *provctx)
812
0
{
813
0
    return settable_ctx_params;
814
0
}
815
816
static int ecdsa_get_ctx_md_params(void *vctx, OSSL_PARAM *params)
817
0
{
818
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
819
820
0
    if (ctx->mdctx == NULL)
821
0
        return 0;
822
823
0
    return EVP_MD_CTX_get_params(ctx->mdctx, params);
824
0
}
825
826
static const OSSL_PARAM *ecdsa_gettable_ctx_md_params(void *vctx)
827
0
{
828
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
829
830
0
    if (ctx->md == NULL)
831
0
        return 0;
832
833
0
    return EVP_MD_gettable_ctx_params(ctx->md);
834
0
}
835
836
static int ecdsa_set_ctx_md_params(void *vctx, const OSSL_PARAM params[])
837
0
{
838
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
839
840
0
    if (ctx->mdctx == NULL)
841
0
        return 0;
842
843
0
    return EVP_MD_CTX_set_params(ctx->mdctx, params);
844
0
}
845
846
static const OSSL_PARAM *ecdsa_settable_ctx_md_params(void *vctx)
847
0
{
848
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
849
850
0
    if (ctx->md == NULL)
851
0
        return 0;
852
853
0
    return EVP_MD_settable_ctx_params(ctx->md);
854
0
}
855
856
const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = {
857
    { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx },
858
    { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init },
859
    { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign },
860
    { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init },
861
    { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify },
862
    { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
863
      (void (*)(void))ecdsa_digest_sign_init },
864
    { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
865
      (void (*)(void))ecdsa_digest_signverify_update },
866
    { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
867
      (void (*)(void))ecdsa_digest_sign_final },
868
    { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
869
      (void (*)(void))ecdsa_digest_verify_init },
870
    { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
871
      (void (*)(void))ecdsa_digest_signverify_update },
872
    { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
873
      (void (*)(void))ecdsa_digest_verify_final },
874
    { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx },
875
    { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx },
876
    { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))ecdsa_get_ctx_params },
877
    { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS,
878
      (void (*)(void))ecdsa_gettable_ctx_params },
879
    { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))ecdsa_set_ctx_params },
880
    { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS,
881
      (void (*)(void))ecdsa_settable_ctx_params },
882
    { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS,
883
      (void (*)(void))ecdsa_get_ctx_md_params },
884
    { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS,
885
      (void (*)(void))ecdsa_gettable_ctx_md_params },
886
    { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS,
887
      (void (*)(void))ecdsa_set_ctx_md_params },
888
    { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS,
889
      (void (*)(void))ecdsa_settable_ctx_md_params },
890
    OSSL_DISPATCH_END
891
};
892
893
/* ------------------------------------------------------------------ */
894
895
/*
896
 * So called sigalgs (composite ECDSA+hash) implemented below.  They
897
 * are pretty much hard coded.
898
 */
899
900
static OSSL_FUNC_signature_query_key_types_fn ecdsa_sigalg_query_key_types;
901
static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_sigalg_settable_ctx_params;
902
static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_sigalg_set_ctx_params;
903
904
/*
905
 * ecdsa_sigalg_signverify_init() is almost like ecdsa_digest_signverify_init(),
906
 * just doesn't allow fetching an MD from whatever the user chooses.
907
 */
908
static int ecdsa_sigalg_signverify_init(void *vctx, void *vec,
909
                                      OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params,
910
                                      const OSSL_PARAM params[],
911
                                      const char *mdname,
912
                                      int operation, const char *desc)
913
0
{
914
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
915
916
0
    if (!ossl_prov_is_running())
917
0
        return 0;
918
919
0
    if (!ecdsa_signverify_init(vctx, vec, set_ctx_params, params, operation,
920
0
                               desc))
921
0
        return 0;
922
923
0
    if (!ecdsa_setup_md(ctx, mdname, NULL, desc))
924
0
        return 0;
925
926
0
    ctx->flag_sigalg = 1;
927
0
    ctx->flag_allow_md = 0;
928
929
0
    if (ctx->mdctx == NULL) {
930
0
        ctx->mdctx = EVP_MD_CTX_new();
931
0
        if (ctx->mdctx == NULL)
932
0
            goto error;
933
0
    }
934
935
0
    if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params))
936
0
        goto error;
937
938
0
    return 1;
939
940
0
 error:
941
0
    EVP_MD_CTX_free(ctx->mdctx);
942
0
    ctx->mdctx = NULL;
943
0
    return 0;
944
0
}
945
946
static const char **ecdsa_sigalg_query_key_types(void)
947
0
{
948
0
    static const char *keytypes[] = { "EC", NULL };
949
950
0
    return keytypes;
951
0
}
952
953
static const OSSL_PARAM settable_sigalg_ctx_params[] = {
954
    OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_SIGNATURE, NULL, 0),
955
    ECDSA_COMMON_SETTABLE_CTX_PARAMS
956
};
957
958
static const OSSL_PARAM *ecdsa_sigalg_settable_ctx_params(void *vctx,
959
                                                        ossl_unused void *provctx)
960
0
{
961
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
962
963
0
    if (ctx != NULL && ctx->operation == EVP_PKEY_OP_VERIFYMSG)
964
0
        return settable_sigalg_ctx_params;
965
0
    return NULL;
966
0
}
967
968
static int ecdsa_sigalg_set_ctx_params(void *vctx, const OSSL_PARAM params[])
969
0
{
970
0
    PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
971
0
    const OSSL_PARAM *p;
972
0
    int ret;
973
974
0
    if (ctx == NULL)
975
0
        return 0;
976
0
    if (ossl_param_is_empty(params))
977
0
        return 1;
978
979
0
    if ((ret = ecdsa_common_set_ctx_params(ctx, params)) <= 0)
980
0
        return ret;
981
982
0
    if (ctx->operation == EVP_PKEY_OP_VERIFYMSG) {
983
0
        p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_SIGNATURE);
984
0
        if (p != NULL) {
985
0
            OPENSSL_free(ctx->sig);
986
0
            ctx->sig = NULL;
987
0
            ctx->siglen = 0;
988
0
            if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->sig,
989
0
                                             0, &ctx->siglen))
990
0
                return 0;
991
0
        }
992
0
    }
993
0
    return 1;
994
0
}
995
996
#define IMPL_ECDSA_SIGALG(md, MD)                                       \
997
    static OSSL_FUNC_signature_sign_init_fn ecdsa_##md##_sign_init;     \
998
    static OSSL_FUNC_signature_sign_message_init_fn                     \
999
        ecdsa_##md##_sign_message_init;                                 \
1000
    static OSSL_FUNC_signature_verify_init_fn ecdsa_##md##_verify_init; \
1001
    static OSSL_FUNC_signature_verify_message_init_fn                   \
1002
        ecdsa_##md##_verify_message_init;                               \
1003
                                                                        \
1004
    static int                                                          \
1005
    ecdsa_##md##_sign_init(void *vctx, void *vec,                       \
1006
                         const OSSL_PARAM params[])                     \
1007
0
    {                                                                   \
1008
0
        static const char desc[] = "ECDSA-" #MD " Sign Init";           \
1009
0
                                                                        \
1010
0
        return ecdsa_sigalg_signverify_init(vctx, vec,                  \
1011
0
                                            ecdsa_sigalg_set_ctx_params, \
1012
0
                                            params, #MD,                \
1013
0
                                            EVP_PKEY_OP_SIGN,           \
1014
0
                                            desc);                      \
1015
0
    }                                                                   \
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha1_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha224_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha256_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha384_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha512_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_224_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_256_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_384_sign_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_512_sign_init
1016
                                                                        \
1017
    static int                                                          \
1018
    ecdsa_##md##_sign_message_init(void *vctx, void *vec,               \
1019
                                   const OSSL_PARAM params[])           \
1020
0
    {                                                                   \
1021
0
        static const char desc[] = "ECDSA-" #MD " Sign Message Init";   \
1022
0
                                                                        \
1023
0
        return ecdsa_sigalg_signverify_init(vctx, vec,                  \
1024
0
                                            ecdsa_sigalg_set_ctx_params, \
1025
0
                                            params, #MD,                \
1026
0
                                            EVP_PKEY_OP_SIGNMSG,        \
1027
0
                                            desc);                      \
1028
0
    }                                                                   \
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha1_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha224_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha256_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha384_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha512_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_224_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_256_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_384_sign_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_512_sign_message_init
1029
                                                                        \
1030
    static int                                                          \
1031
    ecdsa_##md##_verify_init(void *vctx, void *vec,                     \
1032
                           const OSSL_PARAM params[])                   \
1033
0
    {                                                                   \
1034
0
        static const char desc[] = "ECDSA-" #MD " Verify Init";         \
1035
0
                                                                        \
1036
0
        return ecdsa_sigalg_signverify_init(vctx, vec,                  \
1037
0
                                            ecdsa_sigalg_set_ctx_params, \
1038
0
                                            params, #MD,                \
1039
0
                                            EVP_PKEY_OP_VERIFY,         \
1040
0
                                            desc);                      \
1041
0
    }                                                                   \
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha1_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha224_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha256_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha384_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha512_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_224_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_256_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_384_verify_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_512_verify_init
1042
                                                                        \
1043
    static int                                                          \
1044
    ecdsa_##md##_verify_message_init(void *vctx, void *vec,             \
1045
                                     const OSSL_PARAM params[])         \
1046
0
    {                                                                   \
1047
0
        static const char desc[] = "ECDSA-" #MD " Verify Message Init"; \
1048
0
                                                                        \
1049
0
        return ecdsa_sigalg_signverify_init(vctx, vec,                  \
1050
0
                                            ecdsa_sigalg_set_ctx_params, \
1051
0
                                            params, #MD,                \
1052
0
                                            EVP_PKEY_OP_VERIFYMSG,      \
1053
0
                                            desc);                      \
1054
0
    }                                                                   \
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha1_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha224_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha256_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha384_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha512_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_224_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_256_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_384_verify_message_init
Unexecuted instantiation: ecdsa_sig.c:ecdsa_sha3_512_verify_message_init
1055
                                                                        \
1056
    const OSSL_DISPATCH ossl_ecdsa_##md##_signature_functions[] = {     \
1057
        { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx },   \
1058
        { OSSL_FUNC_SIGNATURE_SIGN_INIT,                                \
1059
          (void (*)(void))ecdsa_##md##_sign_init },                     \
1060
        { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign },       \
1061
        { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_INIT,                        \
1062
          (void (*)(void))ecdsa_##md##_sign_message_init },             \
1063
        { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_UPDATE,                      \
1064
          (void (*)(void))ecdsa_signverify_message_update },            \
1065
        { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_FINAL,                       \
1066
          (void (*)(void))ecdsa_sign_message_final },                   \
1067
        { OSSL_FUNC_SIGNATURE_VERIFY_INIT,                              \
1068
          (void (*)(void))ecdsa_##md##_verify_init },                   \
1069
        { OSSL_FUNC_SIGNATURE_VERIFY,                                   \
1070
          (void (*)(void))ecdsa_verify },                               \
1071
        { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT,                      \
1072
          (void (*)(void))ecdsa_##md##_verify_message_init },           \
1073
        { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_UPDATE,                    \
1074
          (void (*)(void))ecdsa_signverify_message_update },            \
1075
        { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_FINAL,                     \
1076
          (void (*)(void))ecdsa_verify_message_final },                 \
1077
        { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx }, \
1078
        { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx },   \
1079
        { OSSL_FUNC_SIGNATURE_QUERY_KEY_TYPES,                          \
1080
          (void (*)(void))ecdsa_sigalg_query_key_types },               \
1081
        { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS,                           \
1082
          (void (*)(void))ecdsa_get_ctx_params },                       \
1083
        { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS,                      \
1084
          (void (*)(void))ecdsa_gettable_ctx_params },                  \
1085
        { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS,                           \
1086
          (void (*)(void))ecdsa_sigalg_set_ctx_params },                \
1087
        { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS,                      \
1088
          (void (*)(void))ecdsa_sigalg_settable_ctx_params },           \
1089
        OSSL_DISPATCH_END                                               \
1090
    }
1091
1092
IMPL_ECDSA_SIGALG(sha1, SHA1);
1093
IMPL_ECDSA_SIGALG(sha224, SHA2-224);
1094
IMPL_ECDSA_SIGALG(sha256, SHA2-256);
1095
IMPL_ECDSA_SIGALG(sha384, SHA2-384);
1096
IMPL_ECDSA_SIGALG(sha512, SHA2-512);
1097
IMPL_ECDSA_SIGALG(sha3_224, SHA3-224);
1098
IMPL_ECDSA_SIGALG(sha3_256, SHA3-256);
1099
IMPL_ECDSA_SIGALG(sha3_384, SHA3-384);
1100
IMPL_ECDSA_SIGALG(sha3_512, SHA3-512);