/src/openssl32/crypto/asn1/a_sign.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include <time.h> |
12 | | #include <sys/types.h> |
13 | | |
14 | | #include "internal/cryptlib.h" |
15 | | |
16 | | #include <openssl/bn.h> |
17 | | #include <openssl/evp.h> |
18 | | #include <openssl/x509.h> |
19 | | #include <openssl/objects.h> |
20 | | #include <openssl/buffer.h> |
21 | | #include <openssl/core_names.h> |
22 | | #include "crypto/asn1.h" |
23 | | #include "crypto/evp.h" |
24 | | |
25 | | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
26 | | |
27 | | int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, |
28 | | ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, |
29 | | const EVP_MD *type) |
30 | 0 | { |
31 | 0 | EVP_MD_CTX *ctx = EVP_MD_CTX_new(); |
32 | 0 | unsigned char *p, *buf_in = NULL, *buf_out = NULL; |
33 | 0 | int i, inl = 0, outl = 0; |
34 | 0 | size_t inll = 0, outll = 0; |
35 | 0 | X509_ALGOR *a; |
36 | |
|
37 | 0 | if (ctx == NULL) { |
38 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
39 | 0 | goto err; |
40 | 0 | } |
41 | 0 | for (i = 0; i < 2; i++) { |
42 | 0 | if (i == 0) |
43 | 0 | a = algor1; |
44 | 0 | else |
45 | 0 | a = algor2; |
46 | 0 | if (a == NULL) |
47 | 0 | continue; |
48 | 0 | if (type->pkey_type == NID_dsaWithSHA1) { |
49 | | /* |
50 | | * special case: RFC 2459 tells us to omit 'parameters' with |
51 | | * id-dsa-with-sha1 |
52 | | */ |
53 | 0 | ASN1_TYPE_free(a->parameter); |
54 | 0 | a->parameter = NULL; |
55 | 0 | } else if ((a->parameter == NULL) || |
56 | 0 | (a->parameter->type != V_ASN1_NULL)) { |
57 | 0 | ASN1_TYPE_free(a->parameter); |
58 | 0 | if ((a->parameter = ASN1_TYPE_new()) == NULL) |
59 | 0 | goto err; |
60 | 0 | a->parameter->type = V_ASN1_NULL; |
61 | 0 | } |
62 | 0 | ASN1_OBJECT_free(a->algorithm); |
63 | 0 | a->algorithm = OBJ_nid2obj(type->pkey_type); |
64 | 0 | if (a->algorithm == NULL) { |
65 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_OBJECT_TYPE); |
66 | 0 | goto err; |
67 | 0 | } |
68 | 0 | if (a->algorithm->length == 0) { |
69 | 0 | ERR_raise(ERR_LIB_ASN1, |
70 | 0 | ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); |
71 | 0 | goto err; |
72 | 0 | } |
73 | 0 | } |
74 | 0 | inl = i2d(data, NULL); |
75 | 0 | if (inl <= 0) { |
76 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
77 | 0 | goto err; |
78 | 0 | } |
79 | 0 | inll = (size_t)inl; |
80 | 0 | buf_in = OPENSSL_malloc(inll); |
81 | 0 | outll = outl = EVP_PKEY_get_size(pkey); |
82 | 0 | buf_out = OPENSSL_malloc(outll); |
83 | 0 | if (buf_in == NULL || buf_out == NULL) { |
84 | 0 | outl = 0; |
85 | 0 | goto err; |
86 | 0 | } |
87 | 0 | p = buf_in; |
88 | |
|
89 | 0 | i2d(data, &p); |
90 | 0 | if (!EVP_SignInit_ex(ctx, type, NULL) |
91 | 0 | || !EVP_SignUpdate(ctx, (unsigned char *)buf_in, inl) |
92 | 0 | || !EVP_SignFinal(ctx, (unsigned char *)buf_out, |
93 | 0 | (unsigned int *)&outl, pkey)) { |
94 | 0 | outl = 0; |
95 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
96 | 0 | goto err; |
97 | 0 | } |
98 | 0 | ASN1_STRING_set0(signature, buf_out, outl); |
99 | 0 | buf_out = NULL; |
100 | | /* |
101 | | * In the interests of compatibility, I'll make sure that the bit string |
102 | | * has a 'not-used bits' value of 0 |
103 | | */ |
104 | 0 | ossl_asn1_string_set_bits_left(signature, 0); |
105 | 0 | err: |
106 | 0 | EVP_MD_CTX_free(ctx); |
107 | 0 | OPENSSL_clear_free((char *)buf_in, inll); |
108 | 0 | OPENSSL_clear_free((char *)buf_out, outll); |
109 | 0 | return outl; |
110 | 0 | } |
111 | | |
112 | | #endif |
113 | | |
114 | | int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, |
115 | | ASN1_BIT_STRING *signature, const void *data, |
116 | | EVP_PKEY *pkey, const EVP_MD *md) |
117 | 0 | { |
118 | 0 | return ASN1_item_sign_ex(it, algor1, algor2, signature, data, NULL, pkey, |
119 | 0 | md, NULL, NULL); |
120 | 0 | } |
121 | | |
122 | | int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, |
123 | | X509_ALGOR *algor2, ASN1_BIT_STRING *signature, |
124 | | const void *data, const ASN1_OCTET_STRING *id, |
125 | | EVP_PKEY *pkey, const EVP_MD *md, OSSL_LIB_CTX *libctx, |
126 | | const char *propq) |
127 | 0 | { |
128 | 0 | int rv = 0; |
129 | 0 | EVP_MD_CTX *ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq); |
130 | |
|
131 | 0 | if (ctx == NULL) { |
132 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
133 | 0 | return 0; |
134 | 0 | } |
135 | | /* We can use the non _ex variant here since the pkey is already setup */ |
136 | 0 | if (!EVP_DigestSignInit(ctx, NULL, md, NULL, pkey)) |
137 | 0 | goto err; |
138 | | |
139 | 0 | rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, data, ctx); |
140 | |
|
141 | 0 | err: |
142 | 0 | EVP_PKEY_CTX_free(EVP_MD_CTX_get_pkey_ctx(ctx)); |
143 | 0 | EVP_MD_CTX_free(ctx); |
144 | 0 | return rv; |
145 | 0 | } |
146 | | |
147 | | int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, |
148 | | X509_ALGOR *algor2, ASN1_BIT_STRING *signature, |
149 | | const void *data, EVP_MD_CTX *ctx) |
150 | 0 | { |
151 | 0 | const EVP_MD *md; |
152 | 0 | EVP_PKEY *pkey; |
153 | 0 | unsigned char *buf_in = NULL, *buf_out = NULL; |
154 | 0 | size_t inl = 0, outl = 0, outll = 0; |
155 | 0 | int signid, paramtype, buf_len = 0; |
156 | 0 | int rv, pkey_id; |
157 | |
|
158 | 0 | md = EVP_MD_CTX_get0_md(ctx); |
159 | 0 | pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_get_pkey_ctx(ctx)); |
160 | |
|
161 | 0 | if (pkey == NULL) { |
162 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); |
163 | 0 | goto err; |
164 | 0 | } |
165 | | |
166 | 0 | if (pkey->ameth == NULL) { |
167 | 0 | EVP_PKEY_CTX *pctx = EVP_MD_CTX_get_pkey_ctx(ctx); |
168 | 0 | OSSL_PARAM params[2]; |
169 | 0 | unsigned char aid[128]; |
170 | 0 | size_t aid_len = 0; |
171 | |
|
172 | 0 | if (pctx == NULL |
173 | 0 | || !EVP_PKEY_CTX_IS_SIGNATURE_OP(pctx)) { |
174 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); |
175 | 0 | goto err; |
176 | 0 | } |
177 | | |
178 | 0 | params[0] = |
179 | 0 | OSSL_PARAM_construct_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, |
180 | 0 | aid, sizeof(aid)); |
181 | 0 | params[1] = OSSL_PARAM_construct_end(); |
182 | |
|
183 | 0 | if (EVP_PKEY_CTX_get_params(pctx, params) <= 0) |
184 | 0 | goto err; |
185 | | |
186 | 0 | if ((aid_len = params[0].return_size) == 0) { |
187 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
188 | 0 | goto err; |
189 | 0 | } |
190 | | |
191 | 0 | if (algor1 != NULL) { |
192 | 0 | const unsigned char *pp = aid; |
193 | |
|
194 | 0 | if (d2i_X509_ALGOR(&algor1, &pp, aid_len) == NULL) { |
195 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
196 | 0 | goto err; |
197 | 0 | } |
198 | 0 | } |
199 | | |
200 | 0 | if (algor2 != NULL) { |
201 | 0 | const unsigned char *pp = aid; |
202 | |
|
203 | 0 | if (d2i_X509_ALGOR(&algor2, &pp, aid_len) == NULL) { |
204 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
205 | 0 | goto err; |
206 | 0 | } |
207 | 0 | } |
208 | | |
209 | 0 | rv = 3; |
210 | 0 | } else if (pkey->ameth->item_sign) { |
211 | 0 | rv = pkey->ameth->item_sign(ctx, it, data, algor1, algor2, signature); |
212 | 0 | if (rv == 1) |
213 | 0 | outl = signature->length; |
214 | | /*- |
215 | | * Return value meanings: |
216 | | * <=0: error. |
217 | | * 1: method does everything. |
218 | | * 2: carry on as normal. |
219 | | * 3: ASN1 method sets algorithm identifiers: just sign. |
220 | | */ |
221 | 0 | if (rv <= 0) |
222 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
223 | 0 | if (rv <= 1) |
224 | 0 | goto err; |
225 | 0 | } else { |
226 | 0 | rv = 2; |
227 | 0 | } |
228 | | |
229 | 0 | if (rv == 2) { |
230 | 0 | if (md == NULL) { |
231 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); |
232 | 0 | goto err; |
233 | 0 | } |
234 | | |
235 | 0 | pkey_id = |
236 | 0 | #ifndef OPENSSL_NO_SM2 |
237 | 0 | EVP_PKEY_get_id(pkey) == NID_sm2 ? NID_sm2 : |
238 | 0 | #endif |
239 | 0 | pkey->ameth->pkey_id; |
240 | |
|
241 | 0 | if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(md), pkey_id)) { |
242 | 0 | ERR_raise(ERR_LIB_ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
243 | 0 | goto err; |
244 | 0 | } |
245 | | |
246 | 0 | paramtype = pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL ? |
247 | 0 | V_ASN1_NULL : V_ASN1_UNDEF; |
248 | 0 | if (algor1 != NULL |
249 | 0 | && !X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL)) |
250 | 0 | goto err; |
251 | 0 | if (algor2 != NULL |
252 | 0 | && !X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL)) |
253 | 0 | goto err; |
254 | 0 | } |
255 | | |
256 | 0 | buf_len = ASN1_item_i2d(data, &buf_in, it); |
257 | 0 | if (buf_len <= 0) { |
258 | 0 | outl = 0; |
259 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
260 | 0 | goto err; |
261 | 0 | } |
262 | 0 | inl = buf_len; |
263 | 0 | if (!EVP_DigestSign(ctx, NULL, &outll, buf_in, inl)) { |
264 | 0 | outl = 0; |
265 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
266 | 0 | goto err; |
267 | 0 | } |
268 | 0 | outl = outll; |
269 | 0 | buf_out = OPENSSL_malloc(outll); |
270 | 0 | if (buf_in == NULL || buf_out == NULL) { |
271 | 0 | outl = 0; |
272 | 0 | goto err; |
273 | 0 | } |
274 | | |
275 | 0 | if (!EVP_DigestSign(ctx, buf_out, &outl, buf_in, inl)) { |
276 | 0 | outl = 0; |
277 | 0 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
278 | 0 | goto err; |
279 | 0 | } |
280 | 0 | ASN1_STRING_set0(signature, buf_out, outl); |
281 | 0 | buf_out = NULL; |
282 | | /* |
283 | | * In the interests of compatibility, I'll make sure that the bit string |
284 | | * has a 'not-used bits' value of 0 |
285 | | */ |
286 | 0 | ossl_asn1_string_set_bits_left(signature, 0); |
287 | 0 | err: |
288 | 0 | OPENSSL_clear_free((char *)buf_in, inl); |
289 | 0 | OPENSSL_clear_free((char *)buf_out, outll); |
290 | 0 | return outl; |
291 | 0 | } |