/src/libressl/crypto/evp/m_sigver.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* $OpenBSD: m_sigver.c,v 1.9 2021/05/09 14:25:40 tb Exp $ */ |
2 | | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 | | * project 2006. |
4 | | */ |
5 | | /* ==================================================================== |
6 | | * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved. |
7 | | * |
8 | | * Redistribution and use in source and binary forms, with or without |
9 | | * modification, are permitted provided that the following conditions |
10 | | * are met: |
11 | | * |
12 | | * 1. Redistributions of source code must retain the above copyright |
13 | | * notice, this list of conditions and the following disclaimer. |
14 | | * |
15 | | * 2. Redistributions in binary form must reproduce the above copyright |
16 | | * notice, this list of conditions and the following disclaimer in |
17 | | * the documentation and/or other materials provided with the |
18 | | * distribution. |
19 | | * |
20 | | * 3. All advertising materials mentioning features or use of this |
21 | | * software must display the following acknowledgment: |
22 | | * "This product includes software developed by the OpenSSL Project |
23 | | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
24 | | * |
25 | | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
26 | | * endorse or promote products derived from this software without |
27 | | * prior written permission. For written permission, please contact |
28 | | * licensing@OpenSSL.org. |
29 | | * |
30 | | * 5. Products derived from this software may not be called "OpenSSL" |
31 | | * nor may "OpenSSL" appear in their names without prior written |
32 | | * permission of the OpenSSL Project. |
33 | | * |
34 | | * 6. Redistributions of any form whatsoever must retain the following |
35 | | * acknowledgment: |
36 | | * "This product includes software developed by the OpenSSL Project |
37 | | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
38 | | * |
39 | | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
40 | | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
41 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
42 | | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
43 | | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
44 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
45 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
46 | | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
47 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
48 | | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
49 | | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
50 | | * OF THE POSSIBILITY OF SUCH DAMAGE. |
51 | | * ==================================================================== |
52 | | * |
53 | | * This product includes cryptographic software written by Eric Young |
54 | | * (eay@cryptsoft.com). This product includes software written by Tim |
55 | | * Hudson (tjh@cryptsoft.com). |
56 | | * |
57 | | */ |
58 | | |
59 | | #include <stdio.h> |
60 | | |
61 | | #include <openssl/err.h> |
62 | | #include <openssl/evp.h> |
63 | | #include <openssl/objects.h> |
64 | | #include <openssl/x509.h> |
65 | | |
66 | | #include "evp_locl.h" |
67 | | |
68 | | static int |
69 | | do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, |
70 | | ENGINE *e, EVP_PKEY *pkey, int ver) |
71 | 14.1k | { |
72 | 14.1k | if (ctx->pctx == NULL) |
73 | 6.00k | ctx->pctx = EVP_PKEY_CTX_new(pkey, e); |
74 | 14.1k | if (ctx->pctx == NULL) |
75 | 0 | return 0; |
76 | | |
77 | 14.1k | if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) { |
78 | 14.1k | if (type == NULL) { |
79 | 0 | int def_nid; |
80 | 0 | if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0) |
81 | 0 | type = EVP_get_digestbynid(def_nid); |
82 | 0 | } |
83 | | |
84 | 14.1k | if (type == NULL) { |
85 | 0 | EVPerror(EVP_R_NO_DEFAULT_DIGEST); |
86 | 0 | return 0; |
87 | 0 | } |
88 | 14.1k | } |
89 | | |
90 | 14.1k | if (ver) { |
91 | 0 | if (ctx->pctx->pmeth->verifyctx_init) { |
92 | 0 | if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, |
93 | 0 | ctx) <=0) |
94 | 0 | return 0; |
95 | 0 | ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; |
96 | 0 | } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0) |
97 | 0 | return 0; |
98 | 14.1k | } else { |
99 | 14.1k | if (ctx->pctx->pmeth->signctx_init) { |
100 | 10.7k | if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0) |
101 | 0 | return 0; |
102 | 10.7k | ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; |
103 | 10.7k | } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0) |
104 | 0 | return 0; |
105 | 14.1k | } |
106 | 14.1k | if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0) |
107 | 0 | return 0; |
108 | 14.1k | if (pctx) |
109 | 3.33k | *pctx = ctx->pctx; |
110 | 14.1k | if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) |
111 | 0 | return 1; |
112 | 14.1k | if (!EVP_DigestInit_ex(ctx, type, e)) |
113 | 0 | return 0; |
114 | 14.1k | return 1; |
115 | 14.1k | } |
116 | | |
117 | | int |
118 | | EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, |
119 | | ENGINE *e, EVP_PKEY *pkey) |
120 | 14.1k | { |
121 | 14.1k | return do_sigver_init(ctx, pctx, type, e, pkey, 0); |
122 | 14.1k | } |
123 | | |
124 | | int |
125 | | EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, |
126 | | ENGINE *e, EVP_PKEY *pkey) |
127 | 0 | { |
128 | 0 | return do_sigver_init(ctx, pctx, type, e, pkey, 1); |
129 | 0 | } |
130 | | |
131 | | int |
132 | | EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) |
133 | 17.3k | { |
134 | 17.3k | EVP_PKEY_CTX *pctx = ctx->pctx; |
135 | 17.3k | int sctx; |
136 | 17.3k | int r = 0; |
137 | | |
138 | 17.3k | if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) { |
139 | 0 | EVP_PKEY_CTX *dctx; |
140 | |
|
141 | 0 | if (sigret == NULL) |
142 | 0 | return pctx->pmeth->signctx(pctx, sigret, siglen, ctx); |
143 | | |
144 | | /* XXX - support EVP_MD_CTX_FLAG_FINALISE? */ |
145 | 0 | if ((dctx = EVP_PKEY_CTX_dup(ctx->pctx)) == NULL) |
146 | 0 | return 0; |
147 | 0 | r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx); |
148 | 0 | EVP_PKEY_CTX_free(dctx); |
149 | |
|
150 | 0 | return r; |
151 | 0 | } |
152 | | |
153 | 17.3k | if (ctx->pctx->pmeth->signctx) |
154 | 10.6k | sctx = 1; |
155 | 6.66k | else |
156 | 6.66k | sctx = 0; |
157 | 17.3k | if (sigret) { |
158 | 13.9k | EVP_MD_CTX tmp_ctx; |
159 | 13.9k | unsigned char md[EVP_MAX_MD_SIZE]; |
160 | 13.9k | unsigned int mdlen = 0; |
161 | 13.9k | EVP_MD_CTX_init(&tmp_ctx); |
162 | 13.9k | if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) |
163 | 0 | return 0; |
164 | 13.9k | if (sctx) |
165 | 10.6k | r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, |
166 | 10.6k | sigret, siglen, &tmp_ctx); |
167 | 3.33k | else |
168 | 3.33k | r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); |
169 | 13.9k | EVP_MD_CTX_cleanup(&tmp_ctx); |
170 | 13.9k | if (sctx || !r) |
171 | 10.6k | return r; |
172 | 3.33k | if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0) |
173 | 0 | return 0; |
174 | 3.34k | } else { |
175 | 3.34k | if (sctx) { |
176 | 7 | if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, |
177 | 7 | siglen, ctx) <= 0) |
178 | 0 | return 0; |
179 | 3.33k | } else { |
180 | 3.33k | int s = EVP_MD_size(ctx->digest); |
181 | 3.33k | if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, |
182 | 3.33k | NULL, s) <= 0) |
183 | 0 | return 0; |
184 | 3.33k | } |
185 | 3.34k | } |
186 | 6.67k | return 1; |
187 | 17.3k | } |
188 | | |
189 | | int |
190 | | EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, |
191 | | const unsigned char *tbs, size_t tbslen) |
192 | 0 | { |
193 | 0 | if (sigret != NULL) { |
194 | 0 | if (EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0) |
195 | 0 | return 0; |
196 | 0 | } |
197 | | |
198 | 0 | return EVP_DigestSignFinal(ctx, sigret, siglen); |
199 | 0 | } |
200 | | |
201 | | int |
202 | | EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen) |
203 | 0 | { |
204 | 0 | EVP_MD_CTX tmp_ctx; |
205 | 0 | unsigned char md[EVP_MAX_MD_SIZE]; |
206 | 0 | int r; |
207 | 0 | unsigned int mdlen = 0; |
208 | 0 | int vctx; |
209 | |
|
210 | 0 | if (ctx->pctx->pmeth->verifyctx) |
211 | 0 | vctx = 1; |
212 | 0 | else |
213 | 0 | vctx = 0; |
214 | 0 | EVP_MD_CTX_init(&tmp_ctx); |
215 | 0 | if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) |
216 | 0 | return -1; |
217 | 0 | if (vctx) { |
218 | 0 | r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig, |
219 | 0 | siglen, &tmp_ctx); |
220 | 0 | } else |
221 | 0 | r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); |
222 | 0 | EVP_MD_CTX_cleanup(&tmp_ctx); |
223 | 0 | if (vctx || !r) |
224 | 0 | return r; |
225 | 0 | return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); |
226 | 0 | } |
227 | | |
228 | | int |
229 | | EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, |
230 | | const unsigned char *tbs, size_t tbslen) |
231 | 0 | { |
232 | 0 | if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0) |
233 | 0 | return -1; |
234 | | |
235 | 0 | return EVP_DigestVerifyFinal(ctx, sigret, siglen); |
236 | 0 | } |