Coverage Report

Created: 2026-05-30 06:06

next uncovered line (L), next uncovered region (R), next uncovered branch (B)
/src/openssl/crypto/evp/signature.c
Line
Count
Source
1
/*
2
 * Copyright 2006-2026 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#include <openssl/err.h>
11
#include <stdio.h>
12
#include <stdlib.h>
13
#include <openssl/core_names.h>
14
#include <openssl/objects.h>
15
#include <openssl/evp.h>
16
#include "internal/numbers.h" /* includes SIZE_MAX */
17
#include "internal/cryptlib.h"
18
#include "internal/provider.h"
19
#include "internal/core.h"
20
#include "crypto/evp.h"
21
#include "evp_local.h"
22
23
static void evp_signature_free(void *data)
24
0
{
25
0
    EVP_SIGNATURE_free(data);
26
0
}
27
28
static int evp_signature_up_ref(void *data)
29
0
{
30
0
    return EVP_SIGNATURE_up_ref(data);
31
0
}
32
33
static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov)
34
0
{
35
0
    EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE));
36
37
0
    if (signature == NULL)
38
0
        return NULL;
39
40
0
    if (!CRYPTO_NEW_REF(&signature->refcnt, 1)
41
0
        || !ossl_provider_up_ref(prov)) {
42
0
        CRYPTO_FREE_REF(&signature->refcnt);
43
0
        OPENSSL_free(signature);
44
0
        return NULL;
45
0
    }
46
47
0
    signature->prov = prov;
48
49
0
    return signature;
50
0
}
51
52
static void *evp_signature_from_algorithm(int name_id,
53
    const OSSL_ALGORITHM *algodef,
54
    OSSL_PROVIDER *prov)
55
0
{
56
0
    const OSSL_DISPATCH *fns = algodef->implementation;
57
0
    EVP_SIGNATURE *signature = NULL;
58
0
    const char *desc;
59
    /* Counts newctx / freectx */
60
0
    int ctxfncnt = 0;
61
    /* Counts all init functions  */
62
0
    int initfncnt = 0;
63
    /* Counts all parameter functions */
64
0
    int gparamfncnt = 0, sparamfncnt = 0, gmdparamfncnt = 0, smdparamfncnt = 0;
65
0
    int valid = 0;
66
67
0
    if ((signature = evp_signature_new(prov)) == NULL) {
68
0
        ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
69
0
        goto err;
70
0
    }
71
72
0
    signature->name_id = name_id;
73
0
    if ((signature->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
74
0
        goto err;
75
0
    signature->description = algodef->algorithm_description;
76
0
    desc = signature->description != NULL ? signature->description : "";
77
78
0
    for (; fns->function_id != 0; fns++) {
79
0
        switch (fns->function_id) {
80
0
        case OSSL_FUNC_SIGNATURE_NEWCTX:
81
0
            if (signature->newctx != NULL)
82
0
                break;
83
0
            signature->newctx = OSSL_FUNC_signature_newctx(fns);
84
0
            ctxfncnt++;
85
0
            break;
86
0
        case OSSL_FUNC_SIGNATURE_SIGN_INIT:
87
0
            if (signature->sign_init != NULL)
88
0
                break;
89
0
            signature->sign_init = OSSL_FUNC_signature_sign_init(fns);
90
0
            initfncnt++;
91
0
            break;
92
0
        case OSSL_FUNC_SIGNATURE_SIGN:
93
0
            if (signature->sign != NULL)
94
0
                break;
95
0
            signature->sign = OSSL_FUNC_signature_sign(fns);
96
0
            break;
97
0
        case OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_INIT:
98
0
            if (signature->sign_message_init != NULL)
99
0
                break;
100
0
            signature->sign_message_init
101
0
                = OSSL_FUNC_signature_sign_message_init(fns);
102
0
            initfncnt++;
103
0
            break;
104
0
        case OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_UPDATE:
105
0
            if (signature->sign_message_update != NULL)
106
0
                break;
107
0
            signature->sign_message_update
108
0
                = OSSL_FUNC_signature_sign_message_update(fns);
109
0
            break;
110
0
        case OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_FINAL:
111
0
            if (signature->sign_message_final != NULL)
112
0
                break;
113
0
            signature->sign_message_final
114
0
                = OSSL_FUNC_signature_sign_message_final(fns);
115
0
            break;
116
0
        case OSSL_FUNC_SIGNATURE_VERIFY_INIT:
117
0
            if (signature->verify_init != NULL)
118
0
                break;
119
0
            signature->verify_init = OSSL_FUNC_signature_verify_init(fns);
120
0
            initfncnt++;
121
0
            break;
122
0
        case OSSL_FUNC_SIGNATURE_VERIFY:
123
0
            if (signature->verify != NULL)
124
0
                break;
125
0
            signature->verify = OSSL_FUNC_signature_verify(fns);
126
0
            break;
127
0
        case OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT:
128
0
            if (signature->verify_message_init != NULL)
129
0
                break;
130
0
            signature->verify_message_init
131
0
                = OSSL_FUNC_signature_verify_message_init(fns);
132
0
            initfncnt++;
133
0
            break;
134
0
        case OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_UPDATE:
135
0
            if (signature->verify_message_update != NULL)
136
0
                break;
137
0
            signature->verify_message_update
138
0
                = OSSL_FUNC_signature_verify_message_update(fns);
139
0
            break;
140
0
        case OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_FINAL:
141
0
            if (signature->verify_message_final != NULL)
142
0
                break;
143
0
            signature->verify_message_final
144
0
                = OSSL_FUNC_signature_verify_message_final(fns);
145
0
            break;
146
0
        case OSSL_FUNC_SIGNATURE_VERIFY_RECOVER_INIT:
147
0
            if (signature->verify_recover_init != NULL)
148
0
                break;
149
0
            signature->verify_recover_init
150
0
                = OSSL_FUNC_signature_verify_recover_init(fns);
151
0
            initfncnt++;
152
0
            break;
153
0
        case OSSL_FUNC_SIGNATURE_VERIFY_RECOVER:
154
0
            if (signature->verify_recover != NULL)
155
0
                break;
156
0
            signature->verify_recover
157
0
                = OSSL_FUNC_signature_verify_recover(fns);
158
0
            break;
159
0
        case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT:
160
0
            if (signature->digest_sign_init != NULL)
161
0
                break;
162
0
            signature->digest_sign_init
163
0
                = OSSL_FUNC_signature_digest_sign_init(fns);
164
0
            initfncnt++;
165
0
            break;
166
0
        case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE:
167
0
            if (signature->digest_sign_update != NULL)
168
0
                break;
169
0
            signature->digest_sign_update
170
0
                = OSSL_FUNC_signature_digest_sign_update(fns);
171
0
            break;
172
0
        case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL:
173
0
            if (signature->digest_sign_final != NULL)
174
0
                break;
175
0
            signature->digest_sign_final
176
0
                = OSSL_FUNC_signature_digest_sign_final(fns);
177
0
            break;
178
0
        case OSSL_FUNC_SIGNATURE_DIGEST_SIGN:
179
0
            if (signature->digest_sign != NULL)
180
0
                break;
181
0
            signature->digest_sign
182
0
                = OSSL_FUNC_signature_digest_sign(fns);
183
0
            break;
184
0
        case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT:
185
0
            if (signature->digest_verify_init != NULL)
186
0
                break;
187
0
            signature->digest_verify_init
188
0
                = OSSL_FUNC_signature_digest_verify_init(fns);
189
0
            initfncnt++;
190
0
            break;
191
0
        case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE:
192
0
            if (signature->digest_verify_update != NULL)
193
0
                break;
194
0
            signature->digest_verify_update
195
0
                = OSSL_FUNC_signature_digest_verify_update(fns);
196
0
            break;
197
0
        case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL:
198
0
            if (signature->digest_verify_final != NULL)
199
0
                break;
200
0
            signature->digest_verify_final
201
0
                = OSSL_FUNC_signature_digest_verify_final(fns);
202
0
            break;
203
0
        case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY:
204
0
            if (signature->digest_verify != NULL)
205
0
                break;
206
0
            signature->digest_verify
207
0
                = OSSL_FUNC_signature_digest_verify(fns);
208
0
            break;
209
0
        case OSSL_FUNC_SIGNATURE_FREECTX:
210
0
            if (signature->freectx != NULL)
211
0
                break;
212
0
            signature->freectx = OSSL_FUNC_signature_freectx(fns);
213
0
            ctxfncnt++;
214
0
            break;
215
0
        case OSSL_FUNC_SIGNATURE_DUPCTX:
216
0
            if (signature->dupctx != NULL)
217
0
                break;
218
0
            signature->dupctx = OSSL_FUNC_signature_dupctx(fns);
219
0
            break;
220
0
        case OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS:
221
0
            if (signature->get_ctx_params != NULL)
222
0
                break;
223
0
            signature->get_ctx_params
224
0
                = OSSL_FUNC_signature_get_ctx_params(fns);
225
0
            gparamfncnt++;
226
0
            break;
227
0
        case OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS:
228
0
            if (signature->gettable_ctx_params != NULL)
229
0
                break;
230
0
            signature->gettable_ctx_params
231
0
                = OSSL_FUNC_signature_gettable_ctx_params(fns);
232
0
            gparamfncnt++;
233
0
            break;
234
0
        case OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS:
235
0
            if (signature->set_ctx_params != NULL)
236
0
                break;
237
0
            signature->set_ctx_params
238
0
                = OSSL_FUNC_signature_set_ctx_params(fns);
239
0
            sparamfncnt++;
240
0
            break;
241
0
        case OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS:
242
0
            if (signature->settable_ctx_params != NULL)
243
0
                break;
244
0
            signature->settable_ctx_params
245
0
                = OSSL_FUNC_signature_settable_ctx_params(fns);
246
0
            sparamfncnt++;
247
0
            break;
248
0
        case OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS:
249
0
            if (signature->get_ctx_md_params != NULL)
250
0
                break;
251
0
            signature->get_ctx_md_params
252
0
                = OSSL_FUNC_signature_get_ctx_md_params(fns);
253
0
            gmdparamfncnt++;
254
0
            break;
255
0
        case OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS:
256
0
            if (signature->gettable_ctx_md_params != NULL)
257
0
                break;
258
0
            signature->gettable_ctx_md_params
259
0
                = OSSL_FUNC_signature_gettable_ctx_md_params(fns);
260
0
            gmdparamfncnt++;
261
0
            break;
262
0
        case OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS:
263
0
            if (signature->set_ctx_md_params != NULL)
264
0
                break;
265
0
            signature->set_ctx_md_params
266
0
                = OSSL_FUNC_signature_set_ctx_md_params(fns);
267
0
            smdparamfncnt++;
268
0
            break;
269
0
        case OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS:
270
0
            if (signature->settable_ctx_md_params != NULL)
271
0
                break;
272
0
            signature->settable_ctx_md_params
273
0
                = OSSL_FUNC_signature_settable_ctx_md_params(fns);
274
0
            smdparamfncnt++;
275
0
            break;
276
0
        case OSSL_FUNC_SIGNATURE_QUERY_KEY_TYPES:
277
0
            if (signature->query_key_types != NULL)
278
0
                break;
279
0
            signature->query_key_types
280
0
                = OSSL_FUNC_signature_query_key_types(fns);
281
0
            break;
282
0
        }
283
0
    }
284
    /*
285
     * In order to be a consistent set of functions we must have at least
286
     * a set of context functions (newctx and freectx) as well as a set of
287
     * "signature" functions.  Because there's an overlap between some sets
288
     * of functions, counters don't always cut it, we must test known
289
     * combinations.
290
     * We start by assuming the implementation is valid, and then look for
291
     * reasons it's not.
292
     */
293
0
    valid = 1;
294
    /* Start with the ones where counters say enough */
295
0
    if (ctxfncnt != 2) {
296
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
297
0
            "missing %s newctx or freectx:%s", signature->type_name, desc);
298
0
        valid = 0;
299
0
    }
300
0
    if (valid
301
0
        && ((gparamfncnt != 0 && gparamfncnt != 2)
302
0
            || (sparamfncnt != 0 && sparamfncnt != 2)
303
0
            || (gmdparamfncnt != 0 && gmdparamfncnt != 2)
304
0
            || (smdparamfncnt != 0 && smdparamfncnt != 2))) {
305
        /*
306
         * Params functions are optional, but if defined, they must
307
         * be pairwise complete sets, i.e. a getter must have an
308
         * associated gettable, etc
309
         */
310
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
311
0
            "missing %s params getter or setter:%s", signature->type_name, desc);
312
0
        valid = 0;
313
0
    }
314
0
    if (valid && initfncnt == 0) {
315
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
316
0
            "missing %s init:%s", signature->type_name, desc);
317
0
        valid = 0;
318
0
    }
319
320
    /* Now we check for function combinations */
321
0
    if (valid
322
0
        && ((signature->sign_init != NULL
323
0
                && signature->sign == NULL)
324
0
            || (signature->sign_message_init != NULL
325
0
                && signature->sign == NULL
326
0
                && (signature->sign_message_update == NULL
327
0
                    || signature->sign_message_final == NULL)))) {
328
        /* sign_init function(s) with no signing function?  That's weird */
329
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
330
0
            "missing %s signing function:%s", signature->type_name, desc);
331
0
        valid = 0;
332
0
    }
333
0
    if (valid
334
0
        && (signature->sign != NULL
335
0
            || signature->sign_message_update != NULL
336
0
            || signature->sign_message_final != NULL)
337
0
        && signature->sign_init == NULL
338
0
        && signature->sign_message_init == NULL) {
339
        /* signing function(s) with no sign_init? That's odd */
340
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
341
0
            "missing %s sign_init or sign_message_init:%s", signature->type_name, desc);
342
0
        valid = 0;
343
0
    }
344
345
0
    if (valid
346
0
        && ((signature->verify_init != NULL
347
0
                && signature->verify == NULL)
348
0
            || (signature->verify_message_init != NULL
349
0
                && signature->verify == NULL
350
0
                && (signature->verify_message_update == NULL
351
0
                    || signature->verify_message_final == NULL)))) {
352
        /* verify_init function(s) with no verification function?  That's weird */
353
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
354
0
            "missing %s verification function:%s", signature->type_name, desc);
355
0
        valid = 0;
356
0
    }
357
0
    if (valid
358
0
        && (signature->verify != NULL
359
0
            || signature->verify_message_update != NULL
360
0
            || signature->verify_message_final != NULL)
361
0
        && signature->verify_init == NULL
362
0
        && signature->verify_message_init == NULL) {
363
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
364
0
            "missing %s verify_init or verify_message_init:%s",
365
0
            signature->type_name, desc);
366
        /* verification function(s) with no verify_init? That's odd */
367
0
        valid = 0;
368
0
    }
369
370
0
    if (valid
371
0
        && (signature->verify_recover_init != NULL)
372
0
        && (signature->verify_recover == NULL)) {
373
        /* verify_recover_init function with no verify_recover?  How quaint */
374
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
375
0
            "missing %s verify_recover:%s", signature->type_name, desc);
376
0
        valid = 0;
377
0
    }
378
379
0
    if (valid
380
0
        && (signature->digest_sign_init != NULL
381
0
            && signature->digest_sign == NULL
382
0
            && (signature->digest_sign_update == NULL
383
0
                || signature->digest_sign_final == NULL))) {
384
        /* You can't have a digest_sign_init without *some* performing functions */
385
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
386
0
            "missing %s digest_sign function:%s", signature->type_name, desc);
387
0
        valid = 0;
388
0
    }
389
390
0
    if (valid
391
0
        && ((signature->digest_verify_init != NULL
392
0
            && signature->digest_verify == NULL
393
0
            && (signature->digest_verify_update == NULL
394
0
                || signature->digest_verify_final == NULL)))) {
395
        /* You can't have a digest_verify_init without *some* performing functions */
396
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
397
0
            "missing %s digest_verify function:%s", signature->type_name, desc);
398
0
        valid = 0;
399
0
    }
400
401
0
    if (!valid)
402
0
        goto err;
403
404
0
    if ((signature->digest_sign != NULL
405
0
            || signature->digest_sign_update != NULL
406
0
            || signature->digest_sign_final != NULL)
407
0
        && signature->digest_sign_init == NULL) {
408
        /* digest signing function(s) with no digest_sign_init? That's odd */
409
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
410
0
            "missing %s digest_sign_init:%s", signature->type_name, desc);
411
0
        goto err;
412
0
    }
413
414
0
    if ((signature->digest_verify != NULL
415
0
            || signature->digest_verify_update != NULL
416
0
            || signature->digest_verify_final != NULL)
417
0
        && signature->digest_verify_init == NULL) {
418
        /* digest verification function(s) with no digest_verify_init? That's odd */
419
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
420
0
            "missing %s digest_verify_init:%s", signature->type_name, desc);
421
0
        goto err;
422
0
    }
423
424
0
    if ((signature->sign_message_update == NULL) != (signature->sign_message_final == NULL)) {
425
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
426
0
            "only one of %s message signing update and final available:%s",
427
0
            signature->type_name, desc);
428
0
        goto err;
429
0
    }
430
0
    if ((signature->verify_message_update == NULL) != (signature->verify_message_final == NULL)) {
431
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
432
0
            "only one of %s message verification update and final available:%s",
433
0
            signature->type_name, desc);
434
0
        goto err;
435
0
    }
436
0
    if ((signature->digest_sign_update == NULL) != (signature->digest_sign_final == NULL)) {
437
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
438
0
            "only one of %s digest signing update and final available:%s",
439
0
            signature->type_name, desc);
440
0
        goto err;
441
0
    }
442
0
    if ((signature->digest_verify_update == NULL) != (signature->digest_verify_final == NULL)) {
443
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS,
444
0
            "only one of %s digest verification update and final available:%s",
445
0
            signature->type_name, desc);
446
0
        goto err;
447
0
    }
448
449
0
    return signature;
450
0
err:
451
0
    EVP_SIGNATURE_free(signature);
452
0
    return NULL;
453
0
}
454
455
void EVP_SIGNATURE_free(EVP_SIGNATURE *signature)
456
0
{
457
0
    int i;
458
459
0
    if (signature == NULL)
460
0
        return;
461
0
    CRYPTO_DOWN_REF(&signature->refcnt, &i);
462
0
    if (i > 0)
463
0
        return;
464
0
    OPENSSL_free(signature->type_name);
465
0
    ossl_provider_free(signature->prov);
466
0
    CRYPTO_FREE_REF(&signature->refcnt);
467
0
    OPENSSL_free(signature);
468
0
}
469
470
int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature)
471
0
{
472
0
    int ref = 0;
473
474
0
    CRYPTO_UP_REF(&signature->refcnt, &ref);
475
0
    return 1;
476
0
}
477
478
OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature)
479
0
{
480
0
    return signature->prov;
481
0
}
482
483
EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
484
    const char *properties)
485
0
{
486
0
    return evp_generic_fetch(ctx, OSSL_OP_SIGNATURE, algorithm, properties,
487
0
        evp_signature_from_algorithm,
488
0
        evp_signature_up_ref,
489
0
        evp_signature_free);
490
0
}
491
492
EVP_SIGNATURE *evp_signature_fetch_from_prov(OSSL_PROVIDER *prov,
493
    const char *algorithm,
494
    const char *properties)
495
0
{
496
0
    return evp_generic_fetch_from_prov(prov, OSSL_OP_SIGNATURE,
497
0
        algorithm, properties,
498
0
        evp_signature_from_algorithm,
499
0
        evp_signature_up_ref,
500
0
        evp_signature_free);
501
0
}
502
503
int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name)
504
0
{
505
0
    return signature != NULL
506
0
        && evp_is_a(signature->prov, signature->name_id, NULL, name);
507
0
}
508
509
int EVP_SIGNATURE_has_message_update(const EVP_SIGNATURE *signature)
510
0
{
511
0
    return signature->verify_message_update != NULL
512
0
        && signature->sign_message_update != NULL;
513
0
}
514
515
int evp_signature_get_number(const EVP_SIGNATURE *signature)
516
0
{
517
0
    return signature->name_id;
518
0
}
519
520
const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature)
521
0
{
522
0
    return signature->type_name;
523
0
}
524
525
const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature)
526
0
{
527
0
    return signature->description;
528
0
}
529
530
void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
531
    void (*fn)(EVP_SIGNATURE *signature,
532
        void *arg),
533
    void *arg)
534
0
{
535
0
    struct EVP_SIGNATURE_do_all_provided_thunk t;
536
537
0
    t.fn = fn;
538
0
    t.arg = arg;
539
0
    evp_generic_do_all(libctx, OSSL_OP_SIGNATURE,
540
0
        EVP_SIGNATURE_do_all_provided_thunk, &t,
541
0
        evp_signature_from_algorithm,
542
0
        evp_signature_up_ref,
543
0
        evp_signature_free);
544
0
}
545
546
int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
547
    void (*fn)(const char *name, void *data),
548
    void *data)
549
0
{
550
0
    if (signature->prov != NULL)
551
0
        return evp_names_do_all(signature->prov, signature->name_id, fn, data);
552
553
0
    return 1;
554
0
}
555
556
const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig)
557
0
{
558
0
    void *provctx;
559
560
0
    if (sig == NULL || sig->gettable_ctx_params == NULL)
561
0
        return NULL;
562
563
0
    provctx = ossl_provider_ctx(EVP_SIGNATURE_get0_provider(sig));
564
0
    return sig->gettable_ctx_params(NULL, provctx);
565
0
}
566
567
const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig)
568
0
{
569
0
    void *provctx;
570
571
0
    if (sig == NULL || sig->settable_ctx_params == NULL)
572
0
        return NULL;
573
574
0
    provctx = ossl_provider_ctx(EVP_SIGNATURE_get0_provider(sig));
575
0
    return sig->settable_ctx_params(NULL, provctx);
576
0
}
577
578
static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature,
579
    int operation, const OSSL_PARAM params[])
580
0
{
581
0
    const char *desc;
582
0
    int ret = 0;
583
0
    void *provkey = NULL;
584
0
    EVP_KEYMGMT *tmp_keymgmt = NULL;
585
0
    const OSSL_PROVIDER *tmp_prov = NULL;
586
0
    const char *supported_sig = NULL;
587
0
    int iter;
588
589
0
    if (ctx == NULL) {
590
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
591
0
        return -1;
592
0
    }
593
594
0
    evp_pkey_ctx_free_old_ops(ctx);
595
0
    ctx->operation = operation;
596
597
0
    if (signature != NULL) {
598
        /*
599
         * It's important to figure out what the key type should be, and if
600
         * that is what we have in ctx.
601
         */
602
603
0
        EVP_KEYMGMT *tmp_keymgmt_tofree = NULL;
604
605
0
        if (ctx->pkey == NULL) {
606
0
            ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
607
0
            goto err;
608
0
        }
609
610
        /*
611
         * Ensure that the key is provided, either natively, or as a
612
         * cached export.  We start by fetching the keymgmt with the same
613
         * name as |ctx->pkey|, but from the provider of the signature
614
         * method, using the same property query as when fetching the
615
         * signature method.  With the keymgmt we found (if we did), we
616
         * try to export |ctx->pkey| to it (evp_pkey_export_to_provider()
617
         * is smart enough to only actually export it if |tmp_keymgmt|
618
         * is different from |ctx->pkey|'s keymgmt)
619
         */
620
0
        tmp_prov = EVP_SIGNATURE_get0_provider(signature);
621
0
        tmp_keymgmt_tofree = tmp_keymgmt = evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
622
0
            EVP_KEYMGMT_get0_name(ctx->keymgmt),
623
0
            ctx->propquery);
624
0
        if (tmp_keymgmt != NULL)
625
0
            provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
626
0
                &tmp_keymgmt, ctx->propquery);
627
0
        if (tmp_keymgmt == NULL)
628
0
            EVP_KEYMGMT_free(tmp_keymgmt_tofree);
629
630
0
        if (provkey == NULL)
631
0
            goto end;
632
633
        /*
634
         * Check that the signature matches the given key.  This is not
635
         * designed to work with legacy keys, so has to be done after we've
636
         * ensured that the key is at least exported to a provider (above).
637
         */
638
0
        if (signature->query_key_types != NULL) {
639
            /* This is expected to be a NULL-terminated array */
640
0
            const char **keytypes;
641
642
0
            keytypes = signature->query_key_types();
643
0
            for (; *keytypes != NULL; keytypes++)
644
0
                if (EVP_PKEY_CTX_is_a(ctx, *keytypes))
645
0
                    break;
646
0
            if (*keytypes == NULL) {
647
0
                ERR_raise(ERR_LIB_EVP, EVP_R_SIGNATURE_TYPE_AND_KEY_TYPE_INCOMPATIBLE);
648
0
                ret = -2;
649
0
                goto end;
650
0
            }
651
0
        } else {
652
            /*
653
             * Fallback 1:
654
             * check if the keytype is the same as the signature algorithm name
655
             */
656
0
            const char *keytype = EVP_KEYMGMT_get0_name(ctx->keymgmt);
657
0
            int ok = EVP_SIGNATURE_is_a(signature, keytype);
658
659
            /*
660
             * Fallback 2:
661
             * query the pkey for a default signature algorithm name, and check
662
             * if it matches the signature implementation
663
             */
664
0
            if (!ok) {
665
0
                const char *signame
666
0
                    = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
667
0
                        OSSL_OP_SIGNATURE);
668
669
0
                ok = EVP_SIGNATURE_is_a(signature, signame);
670
0
            }
671
672
            /* If none of the fallbacks helped, we're lost */
673
0
            if (!ok) {
674
0
                ERR_raise(ERR_LIB_EVP, EVP_R_SIGNATURE_TYPE_AND_KEY_TYPE_INCOMPATIBLE);
675
0
                ret = -2;
676
0
                goto end;
677
0
            }
678
0
        }
679
680
0
        if (!EVP_SIGNATURE_up_ref(signature))
681
0
            goto err;
682
0
    } else {
683
        /* Without a pre-fetched signature, it must be figured out somehow */
684
0
        ERR_set_mark();
685
686
0
        if (evp_pkey_ctx_is_legacy(ctx))
687
0
            goto notsupported;
688
689
0
        if (ctx->pkey == NULL) {
690
0
            ERR_clear_last_mark();
691
0
            ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
692
0
            goto err;
693
0
        }
694
695
        /*
696
         * Try to derive the supported signature from |ctx->keymgmt|.
697
         */
698
0
        if (!ossl_assert(ctx->pkey->keymgmt == NULL
699
0
                || ctx->pkey->keymgmt == ctx->keymgmt)) {
700
0
            ERR_clear_last_mark();
701
0
            ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
702
0
            goto err;
703
0
        }
704
0
        supported_sig
705
0
            = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
706
0
                OSSL_OP_SIGNATURE);
707
0
        if (supported_sig == NULL) {
708
0
            ERR_clear_last_mark();
709
0
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
710
0
            goto err;
711
0
        }
712
713
        /*
714
         * We perform two iterations:
715
         *
716
         * 1.  Do the normal signature fetch, using the fetching data given by
717
         *     the EVP_PKEY_CTX.
718
         * 2.  Do the provider specific signature fetch, from the same provider
719
         *     as |ctx->keymgmt|
720
         *
721
         * We then try to fetch the keymgmt from the same provider as the
722
         * signature, and try to export |ctx->pkey| to that keymgmt (when
723
         * this keymgmt happens to be the same as |ctx->keymgmt|, the export
724
         * is a no-op, but we call it anyway to not complicate the code even
725
         * more).
726
         * If the export call succeeds (returns a non-NULL provider key pointer),
727
         * we're done and can perform the operation itself.  If not, we perform
728
         * the second iteration, or jump to legacy.
729
         */
730
0
        for (iter = 1; iter < 3 && provkey == NULL; iter++) {
731
0
            EVP_KEYMGMT *tmp_keymgmt_tofree = NULL;
732
733
            /*
734
             * If we're on the second iteration, free the results from the first.
735
             * They are NULL on the first iteration, so no need to check what
736
             * iteration we're on.
737
             */
738
0
            EVP_SIGNATURE_free(signature);
739
0
            EVP_KEYMGMT_free(tmp_keymgmt);
740
741
0
            switch (iter) {
742
0
            case 1:
743
0
                signature = EVP_SIGNATURE_fetch(ctx->libctx, supported_sig, ctx->propquery);
744
0
                if (signature != NULL)
745
0
                    tmp_prov = EVP_SIGNATURE_get0_provider(signature);
746
0
                break;
747
0
            case 2:
748
0
                tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt);
749
0
                signature = evp_signature_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
750
0
                    supported_sig, ctx->propquery);
751
0
                if (signature == NULL)
752
0
                    goto notsupported;
753
0
                break;
754
0
            }
755
0
            if (signature == NULL)
756
0
                continue;
757
758
            /*
759
             * Ensure that the key is provided, either natively, or as a
760
             * cached export.  We start by fetching the keymgmt with the same
761
             * name as |ctx->pkey|, but from the provider of the signature
762
             * method, using the same property query as when fetching the
763
             * signature method.  With the keymgmt we found (if we did), we
764
             * try to export |ctx->pkey| to it (evp_pkey_export_to_provider()
765
             * is smart enough to only actually export it if |tmp_keymgmt|
766
             * is different from |ctx->pkey|'s keymgmt)
767
             */
768
0
            tmp_keymgmt_tofree = tmp_keymgmt = evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
769
0
                EVP_KEYMGMT_get0_name(ctx->keymgmt),
770
0
                ctx->propquery);
771
0
            if (tmp_keymgmt != NULL)
772
0
                provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
773
0
                    &tmp_keymgmt, ctx->propquery);
774
0
            if (tmp_keymgmt == NULL)
775
0
                EVP_KEYMGMT_free(tmp_keymgmt_tofree);
776
0
        }
777
778
0
        if (provkey == NULL) {
779
0
            EVP_SIGNATURE_free(signature);
780
0
            goto notsupported;
781
0
        }
782
783
0
        ERR_pop_to_mark();
784
0
    }
785
786
    /* No more legacy from here down to legacy: */
787
788
0
    ctx->op.sig.signature = signature;
789
0
    desc = signature->description != NULL ? signature->description : "";
790
791
0
    ctx->op.sig.algctx = signature->newctx(ossl_provider_ctx(signature->prov), ctx->propquery);
792
0
    if (ctx->op.sig.algctx == NULL) {
793
        /* The provider key can stay in the cache */
794
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
795
0
        goto err;
796
0
    }
797
798
0
    switch (operation) {
799
0
    case EVP_PKEY_OP_SIGN:
800
0
        if (signature->sign_init == NULL) {
801
0
            ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
802
0
                "%s sign_init:%s", signature->type_name, desc);
803
0
            ret = -2;
804
0
            goto err;
805
0
        }
806
0
        ret = signature->sign_init(ctx->op.sig.algctx, provkey, params);
807
0
        break;
808
0
    case EVP_PKEY_OP_SIGNMSG:
809
0
        if (signature->sign_message_init == NULL) {
810
0
            ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
811
0
                "%s sign_message_init:%s", signature->type_name, desc);
812
0
            ret = -2;
813
0
            goto err;
814
0
        }
815
0
        ret = signature->sign_message_init(ctx->op.sig.algctx, provkey, params);
816
0
        break;
817
0
    case EVP_PKEY_OP_VERIFY:
818
0
        if (signature->verify_init == NULL) {
819
0
            ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
820
0
                "%s verify_init:%s", signature->type_name, desc);
821
0
            ret = -2;
822
0
            goto err;
823
0
        }
824
0
        ret = signature->verify_init(ctx->op.sig.algctx, provkey, params);
825
0
        break;
826
0
    case EVP_PKEY_OP_VERIFYMSG:
827
0
        if (signature->verify_message_init == NULL) {
828
0
            ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
829
0
                "%s verify_message_init:%s", signature->type_name, desc);
830
0
            ret = -2;
831
0
            goto err;
832
0
        }
833
0
        ret = signature->verify_message_init(ctx->op.sig.algctx, provkey, params);
834
0
        break;
835
0
    case EVP_PKEY_OP_VERIFYRECOVER:
836
0
        if (signature->verify_recover_init == NULL) {
837
0
            ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
838
0
                "%s verify_recover_init:%s", signature->type_name, desc);
839
0
            ret = -2;
840
0
            goto err;
841
0
        }
842
0
        ret = signature->verify_recover_init(ctx->op.sig.algctx, provkey, params);
843
0
        break;
844
0
    default:
845
0
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
846
0
        goto err;
847
0
    }
848
849
0
    if (ret <= 0) {
850
0
        signature->freectx(ctx->op.sig.algctx);
851
0
        ctx->op.sig.algctx = NULL;
852
0
        goto err;
853
0
    }
854
0
    goto end;
855
856
0
notsupported:
857
    /*
858
     * If we don't have the full support we need with provided methods,
859
     * let's go see if legacy does.
860
     */
861
0
    ERR_pop_to_mark();
862
0
    EVP_KEYMGMT_free(tmp_keymgmt);
863
0
    tmp_keymgmt = NULL;
864
865
0
    ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
866
0
    return -2;
867
868
0
end:
869
0
#ifndef FIPS_MODULE
870
0
    if (ret > 0)
871
0
        ret = evp_pkey_ctx_use_cached_data(ctx);
872
0
#endif
873
874
0
    EVP_KEYMGMT_free(tmp_keymgmt);
875
0
    return ret;
876
0
err:
877
0
    evp_pkey_ctx_free_old_ops(ctx);
878
0
    ctx->operation = EVP_PKEY_OP_UNDEFINED;
879
0
    EVP_KEYMGMT_free(tmp_keymgmt);
880
0
    return ret;
881
0
}
882
883
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
884
0
{
885
0
    return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_SIGN, NULL);
886
0
}
887
888
int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
889
0
{
890
0
    return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_SIGN, params);
891
0
}
892
893
int EVP_PKEY_sign_init_ex2(EVP_PKEY_CTX *ctx,
894
    EVP_SIGNATURE *algo, const OSSL_PARAM params[])
895
0
{
896
0
    return evp_pkey_signature_init(ctx, algo, EVP_PKEY_OP_SIGN, params);
897
0
}
898
899
int EVP_PKEY_sign_message_init(EVP_PKEY_CTX *ctx,
900
    EVP_SIGNATURE *algo, const OSSL_PARAM params[])
901
0
{
902
0
    return evp_pkey_signature_init(ctx, algo, EVP_PKEY_OP_SIGNMSG, params);
903
0
}
904
905
int EVP_PKEY_sign_message_update(EVP_PKEY_CTX *ctx,
906
    const unsigned char *in, size_t inlen)
907
0
{
908
0
    EVP_SIGNATURE *signature;
909
0
    const char *desc;
910
0
    int ret;
911
912
0
    if (ctx == NULL) {
913
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
914
0
        return -1;
915
0
    }
916
917
0
    if (ctx->operation != EVP_PKEY_OP_SIGNMSG) {
918
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
919
0
        return -1;
920
0
    }
921
922
0
    signature = ctx->op.sig.signature;
923
0
    desc = signature->description != NULL ? signature->description : "";
924
0
    if (signature->sign_message_update == NULL) {
925
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
926
0
            "%s sign_message_update:%s", signature->type_name, desc);
927
0
        return -2;
928
0
    }
929
930
0
    ret = signature->sign_message_update(ctx->op.sig.algctx, in, inlen);
931
0
    if (ret <= 0)
932
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
933
0
            "%s sign_message_update:%s", signature->type_name, desc);
934
0
    return ret;
935
0
}
936
937
int EVP_PKEY_sign_message_final(EVP_PKEY_CTX *ctx,
938
    unsigned char *sig, size_t *siglen)
939
0
{
940
0
    EVP_SIGNATURE *signature;
941
0
    const char *desc;
942
0
    int ret;
943
944
0
    if (ctx == NULL) {
945
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
946
0
        return -1;
947
0
    }
948
949
0
    if (ctx->operation != EVP_PKEY_OP_SIGNMSG) {
950
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
951
0
        return -1;
952
0
    }
953
954
0
    signature = ctx->op.sig.signature;
955
0
    desc = signature->description != NULL ? signature->description : "";
956
0
    if (signature->sign_message_final == NULL) {
957
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
958
0
            "%s sign_message_final:%s", signature->type_name, desc);
959
0
        return -2;
960
0
    }
961
962
0
    ret = signature->sign_message_final(ctx->op.sig.algctx, sig, siglen,
963
0
        (sig == NULL) ? 0 : *siglen);
964
0
    if (ret <= 0)
965
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
966
0
            "%s sign_message_final:%s", signature->type_name, desc);
967
0
    return ret;
968
0
}
969
970
int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
971
    unsigned char *sig, size_t *siglen,
972
    const unsigned char *tbs, size_t tbslen)
973
0
{
974
0
    EVP_SIGNATURE *signature;
975
0
    const char *desc;
976
0
    int ret;
977
978
0
    if (ctx == NULL) {
979
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
980
0
        return -1;
981
0
    }
982
983
0
    if (ctx->operation != EVP_PKEY_OP_SIGN
984
0
        && ctx->operation != EVP_PKEY_OP_SIGNMSG) {
985
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
986
0
        return -1;
987
0
    }
988
989
0
    if (ctx->op.sig.algctx == NULL) {
990
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
991
0
        return -2;
992
0
    }
993
994
0
    signature = ctx->op.sig.signature;
995
0
    desc = signature->description != NULL ? signature->description : "";
996
0
    if (signature->sign == NULL) {
997
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
998
0
            "%s sign:%s", signature->type_name, desc);
999
0
        return -2;
1000
0
    }
1001
1002
0
    ret = signature->sign(ctx->op.sig.algctx, sig, siglen,
1003
0
        (sig == NULL) ? 0 : *siglen, tbs, tbslen);
1004
0
    if (ret <= 0)
1005
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
1006
0
            "%s sign:%s", signature->type_name, desc);
1007
0
    return ret;
1008
0
}
1009
1010
int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
1011
0
{
1012
0
    return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_VERIFY, NULL);
1013
0
}
1014
1015
int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
1016
0
{
1017
0
    return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_VERIFY, params);
1018
0
}
1019
1020
int EVP_PKEY_verify_init_ex2(EVP_PKEY_CTX *ctx,
1021
    EVP_SIGNATURE *algo, const OSSL_PARAM params[])
1022
0
{
1023
0
    return evp_pkey_signature_init(ctx, algo, EVP_PKEY_OP_VERIFY, params);
1024
0
}
1025
1026
int EVP_PKEY_verify_message_init(EVP_PKEY_CTX *ctx,
1027
    EVP_SIGNATURE *algo, const OSSL_PARAM params[])
1028
0
{
1029
0
    return evp_pkey_signature_init(ctx, algo, EVP_PKEY_OP_VERIFYMSG, params);
1030
0
}
1031
1032
int EVP_PKEY_CTX_set_signature(EVP_PKEY_CTX *ctx,
1033
    const unsigned char *sig, size_t siglen)
1034
0
{
1035
0
    OSSL_PARAM sig_params[2], *p = sig_params;
1036
1037
0
    if (ctx == NULL) {
1038
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
1039
0
        return 0;
1040
0
    }
1041
1042
0
    *p++ = OSSL_PARAM_construct_octet_string(OSSL_SIGNATURE_PARAM_SIGNATURE,
1043
        /*
1044
         * Cast away the const. This is
1045
         * read only so should be safe
1046
         */
1047
0
        (char *)sig, siglen);
1048
0
    *p = OSSL_PARAM_construct_end();
1049
1050
0
    return EVP_PKEY_CTX_set_params(ctx, sig_params);
1051
0
}
1052
1053
int EVP_PKEY_verify_message_update(EVP_PKEY_CTX *ctx,
1054
    const unsigned char *in, size_t inlen)
1055
0
{
1056
0
    EVP_SIGNATURE *signature;
1057
0
    const char *desc;
1058
0
    int ret;
1059
1060
0
    if (ctx == NULL) {
1061
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
1062
0
        return -1;
1063
0
    }
1064
1065
0
    if (ctx->operation != EVP_PKEY_OP_VERIFYMSG) {
1066
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
1067
0
        return -1;
1068
0
    }
1069
1070
0
    signature = ctx->op.sig.signature;
1071
0
    desc = signature->description != NULL ? signature->description : "";
1072
0
    if (signature->verify_message_update == NULL) {
1073
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
1074
0
            "%s verify_message_update:%s", signature->type_name, desc);
1075
0
        return -2;
1076
0
    }
1077
1078
0
    ret = signature->verify_message_update(ctx->op.sig.algctx, in, inlen);
1079
0
    if (ret <= 0)
1080
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
1081
0
            "%s verify_message_update:%s", signature->type_name, desc);
1082
0
    return ret;
1083
0
}
1084
1085
int EVP_PKEY_verify_message_final(EVP_PKEY_CTX *ctx)
1086
0
{
1087
0
    EVP_SIGNATURE *signature;
1088
0
    const char *desc;
1089
0
    int ret;
1090
1091
0
    if (ctx == NULL) {
1092
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
1093
0
        return -1;
1094
0
    }
1095
1096
0
    if (ctx->operation != EVP_PKEY_OP_VERIFYMSG) {
1097
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
1098
0
        return -1;
1099
0
    }
1100
1101
0
    signature = ctx->op.sig.signature;
1102
0
    desc = signature->description != NULL ? signature->description : "";
1103
0
    if (signature->verify_message_final == NULL) {
1104
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
1105
0
            "%s verify_message_final:%s", signature->type_name, desc);
1106
0
        return -2;
1107
0
    }
1108
1109
    /* The signature must have been set with EVP_PKEY_CTX_set_signature() */
1110
0
    ret = signature->verify_message_final(ctx->op.sig.algctx);
1111
0
    if (ret <= 0)
1112
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
1113
0
            "%s verify_message_final:%s", signature->type_name, desc);
1114
0
    return ret;
1115
0
}
1116
1117
int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
1118
    const unsigned char *sig, size_t siglen,
1119
    const unsigned char *tbs, size_t tbslen)
1120
0
{
1121
0
    EVP_SIGNATURE *signature;
1122
0
    const char *desc;
1123
0
    int ret;
1124
1125
0
    if (ctx == NULL) {
1126
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
1127
0
        return -1;
1128
0
    }
1129
1130
0
    if (ctx->operation != EVP_PKEY_OP_VERIFY
1131
0
        && ctx->operation != EVP_PKEY_OP_VERIFYMSG) {
1132
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
1133
0
        return -1;
1134
0
    }
1135
1136
0
    if (ctx->op.sig.algctx == NULL) {
1137
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
1138
0
        return -2;
1139
0
    }
1140
1141
0
    signature = ctx->op.sig.signature;
1142
0
    desc = signature->description != NULL ? signature->description : "";
1143
0
    if (signature->verify == NULL) {
1144
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
1145
0
            "%s verify:%s", signature->type_name, desc);
1146
0
        return -2;
1147
0
    }
1148
1149
0
    ret = ctx->op.sig.signature->verify(ctx->op.sig.algctx, sig, siglen,
1150
0
        tbs, tbslen);
1151
0
    if (ret <= 0)
1152
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
1153
0
            "%s verify:%s", signature->type_name, desc);
1154
1155
0
    return ret;
1156
0
}
1157
1158
int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
1159
0
{
1160
0
    return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_VERIFYRECOVER, NULL);
1161
0
}
1162
1163
int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx,
1164
    const OSSL_PARAM params[])
1165
0
{
1166
0
    return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_VERIFYRECOVER, params);
1167
0
}
1168
1169
int EVP_PKEY_verify_recover_init_ex2(EVP_PKEY_CTX *ctx,
1170
    EVP_SIGNATURE *algo, const OSSL_PARAM params[])
1171
0
{
1172
0
    return evp_pkey_signature_init(ctx, algo, EVP_PKEY_OP_VERIFYRECOVER, params);
1173
0
}
1174
1175
int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
1176
    unsigned char *rout, size_t *routlen,
1177
    const unsigned char *sig, size_t siglen)
1178
0
{
1179
0
    EVP_SIGNATURE *signature;
1180
0
    const char *desc;
1181
0
    int ret;
1182
1183
0
    if (ctx == NULL) {
1184
0
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
1185
0
        return -1;
1186
0
    }
1187
1188
0
    if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
1189
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
1190
0
        return -1;
1191
0
    }
1192
1193
0
    if (ctx->op.sig.algctx == NULL) {
1194
0
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
1195
0
        return -2;
1196
0
    }
1197
1198
0
    signature = ctx->op.sig.signature;
1199
0
    desc = signature->description != NULL ? signature->description : "";
1200
0
    if (signature->verify_recover == NULL) {
1201
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_NOT_SUPPORTED,
1202
0
            "%s verify_recover:%s", signature->type_name, desc);
1203
0
        return -2;
1204
0
    }
1205
1206
0
    ret = signature->verify_recover(ctx->op.sig.algctx, rout, routlen,
1207
0
        (rout == NULL ? 0 : *routlen), sig, siglen);
1208
0
    if (ret <= 0)
1209
0
        ERR_raise_data(ERR_LIB_EVP, EVP_R_PROVIDER_SIGNATURE_FAILURE,
1210
0
            "%s verify_recover:%s", signature->type_name, desc);
1211
0
    return ret;
1212
0
}