/src/openssl32/providers/implementations/signature/ecdsa_sig.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * ECDSA low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <string.h> /* memcpy */ |
17 | | #include <openssl/crypto.h> |
18 | | #include <openssl/core_dispatch.h> |
19 | | #include <openssl/core_names.h> |
20 | | #include <openssl/dsa.h> |
21 | | #include <openssl/params.h> |
22 | | #include <openssl/evp.h> |
23 | | #include <openssl/err.h> |
24 | | #include <openssl/proverr.h> |
25 | | #include "internal/nelem.h" |
26 | | #include "internal/sizes.h" |
27 | | #include "internal/cryptlib.h" |
28 | | #include "internal/deterministic_nonce.h" |
29 | | #include "prov/providercommon.h" |
30 | | #include "prov/implementations.h" |
31 | | #include "prov/provider_ctx.h" |
32 | | #include "prov/securitycheck.h" |
33 | | #include "crypto/ec.h" |
34 | | #include "prov/der_ec.h" |
35 | | |
36 | | static OSSL_FUNC_signature_newctx_fn ecdsa_newctx; |
37 | | static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init; |
38 | | static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init; |
39 | | static OSSL_FUNC_signature_sign_fn ecdsa_sign; |
40 | | static OSSL_FUNC_signature_verify_fn ecdsa_verify; |
41 | | static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_sign_init; |
42 | | static OSSL_FUNC_signature_digest_sign_update_fn ecdsa_digest_signverify_update; |
43 | | static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final; |
44 | | static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init; |
45 | | static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update; |
46 | | static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final; |
47 | | static OSSL_FUNC_signature_freectx_fn ecdsa_freectx; |
48 | | static OSSL_FUNC_signature_dupctx_fn ecdsa_dupctx; |
49 | | static OSSL_FUNC_signature_get_ctx_params_fn ecdsa_get_ctx_params; |
50 | | static OSSL_FUNC_signature_gettable_ctx_params_fn ecdsa_gettable_ctx_params; |
51 | | static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_set_ctx_params; |
52 | | static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_settable_ctx_params; |
53 | | static OSSL_FUNC_signature_get_ctx_md_params_fn ecdsa_get_ctx_md_params; |
54 | | static OSSL_FUNC_signature_gettable_ctx_md_params_fn ecdsa_gettable_ctx_md_params; |
55 | | static OSSL_FUNC_signature_set_ctx_md_params_fn ecdsa_set_ctx_md_params; |
56 | | static OSSL_FUNC_signature_settable_ctx_md_params_fn ecdsa_settable_ctx_md_params; |
57 | | |
58 | | /* |
59 | | * What's passed as an actual key is defined by the KEYMGMT interface. |
60 | | * We happen to know that our KEYMGMT simply passes DSA structures, so |
61 | | * we use that here too. |
62 | | */ |
63 | | |
64 | | typedef struct { |
65 | | OSSL_LIB_CTX *libctx; |
66 | | char *propq; |
67 | | EC_KEY *ec; |
68 | | char mdname[OSSL_MAX_NAME_SIZE]; |
69 | | |
70 | | /* |
71 | | * Flag to determine if the hash function can be changed (1) or not (0) |
72 | | * Because it's dangerous to change during a DigestSign or DigestVerify |
73 | | * operation, this flag is cleared by their Init function, and set again |
74 | | * by their Final function. |
75 | | */ |
76 | | unsigned int flag_allow_md : 1; |
77 | | |
78 | | /* The Algorithm Identifier of the combined signature algorithm */ |
79 | | unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; |
80 | | unsigned char *aid; |
81 | | size_t aid_len; |
82 | | size_t mdsize; |
83 | | int operation; |
84 | | |
85 | | EVP_MD *md; |
86 | | EVP_MD_CTX *mdctx; |
87 | | /* |
88 | | * Internally used to cache the results of calling the EC group |
89 | | * sign_setup() methods which are then passed to the sign operation. |
90 | | * This is used by CAVS failure tests to terminate a loop if the signature |
91 | | * is not valid. |
92 | | * This could of also been done with a simple flag. |
93 | | */ |
94 | | BIGNUM *kinv; |
95 | | BIGNUM *r; |
96 | | #if !defined(OPENSSL_NO_ACVP_TESTS) |
97 | | /* |
98 | | * This indicates that KAT (CAVS) test is running. Externally an app will |
99 | | * override the random callback such that the generated private key and k |
100 | | * are known. |
101 | | * Normal operation will loop to choose a new k if the signature is not |
102 | | * valid - but for this mode of operation it forces a failure instead. |
103 | | */ |
104 | | unsigned int kattest; |
105 | | #endif |
106 | | /* If this is set then the generated k is not random */ |
107 | | unsigned int nonce_type; |
108 | | } PROV_ECDSA_CTX; |
109 | | |
110 | | static void *ecdsa_newctx(void *provctx, const char *propq) |
111 | 10.8k | { |
112 | 10.8k | PROV_ECDSA_CTX *ctx; |
113 | | |
114 | 10.8k | if (!ossl_prov_is_running()) |
115 | 0 | return NULL; |
116 | | |
117 | 10.8k | ctx = OPENSSL_zalloc(sizeof(PROV_ECDSA_CTX)); |
118 | 10.8k | if (ctx == NULL) |
119 | 0 | return NULL; |
120 | | |
121 | 10.8k | ctx->flag_allow_md = 1; |
122 | 10.8k | ctx->libctx = PROV_LIBCTX_OF(provctx); |
123 | 10.8k | if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { |
124 | 0 | OPENSSL_free(ctx); |
125 | 0 | ctx = NULL; |
126 | 0 | } |
127 | 10.8k | return ctx; |
128 | 10.8k | } |
129 | | |
130 | | static int ecdsa_signverify_init(void *vctx, void *ec, |
131 | | const OSSL_PARAM params[], int operation) |
132 | 7.45k | { |
133 | 7.45k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
134 | | |
135 | 7.45k | if (!ossl_prov_is_running() |
136 | 7.45k | || ctx == NULL) |
137 | 0 | return 0; |
138 | | |
139 | 7.45k | if (ec == NULL && ctx->ec == NULL) { |
140 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); |
141 | 0 | return 0; |
142 | 0 | } |
143 | | |
144 | 7.45k | if (ec != NULL) { |
145 | 7.45k | if (!ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN)) |
146 | 0 | return 0; |
147 | 7.45k | if (!EC_KEY_up_ref(ec)) |
148 | 0 | return 0; |
149 | 7.45k | EC_KEY_free(ctx->ec); |
150 | 7.45k | ctx->ec = ec; |
151 | 7.45k | } |
152 | | |
153 | 7.45k | ctx->operation = operation; |
154 | | |
155 | 7.45k | if (!ecdsa_set_ctx_params(ctx, params)) |
156 | 0 | return 0; |
157 | | |
158 | 7.45k | return 1; |
159 | 7.45k | } |
160 | | |
161 | | static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[]) |
162 | 0 | { |
163 | 0 | return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_SIGN); |
164 | 0 | } |
165 | | |
166 | | static int ecdsa_verify_init(void *vctx, void *ec, const OSSL_PARAM params[]) |
167 | 0 | { |
168 | 0 | return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_VERIFY); |
169 | 0 | } |
170 | | |
171 | | static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen, |
172 | | size_t sigsize, const unsigned char *tbs, size_t tbslen) |
173 | 1.37k | { |
174 | 1.37k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
175 | 1.37k | int ret; |
176 | 1.37k | unsigned int sltmp; |
177 | 1.37k | size_t ecsize = ECDSA_size(ctx->ec); |
178 | | |
179 | 1.37k | if (!ossl_prov_is_running()) |
180 | 0 | return 0; |
181 | | |
182 | 1.37k | if (sig == NULL) { |
183 | 686 | *siglen = ecsize; |
184 | 686 | return 1; |
185 | 686 | } |
186 | | |
187 | | #if !defined(OPENSSL_NO_ACVP_TESTS) |
188 | | if (ctx->kattest && !ECDSA_sign_setup(ctx->ec, NULL, &ctx->kinv, &ctx->r)) |
189 | | return 0; |
190 | | #endif |
191 | | |
192 | 686 | if (sigsize < (size_t)ecsize) |
193 | 0 | return 0; |
194 | | |
195 | 686 | if (ctx->mdsize != 0 && tbslen != ctx->mdsize) |
196 | 0 | return 0; |
197 | | |
198 | 686 | if (ctx->nonce_type != 0) { |
199 | 0 | const char *mdname = NULL; |
200 | |
|
201 | 0 | if (ctx->mdname[0] != '\0') |
202 | 0 | mdname = ctx->mdname; |
203 | 0 | ret = ossl_ecdsa_deterministic_sign(tbs, tbslen, sig, &sltmp, |
204 | 0 | ctx->ec, ctx->nonce_type, |
205 | 0 | mdname, |
206 | 0 | ctx->libctx, ctx->propq); |
207 | 686 | } else { |
208 | 686 | ret = ECDSA_sign_ex(0, tbs, tbslen, sig, &sltmp, ctx->kinv, ctx->r, |
209 | 686 | ctx->ec); |
210 | 686 | } |
211 | 686 | if (ret <= 0) |
212 | 0 | return 0; |
213 | | |
214 | 686 | *siglen = sltmp; |
215 | 686 | return 1; |
216 | 686 | } |
217 | | |
218 | | static int ecdsa_verify(void *vctx, const unsigned char *sig, size_t siglen, |
219 | | const unsigned char *tbs, size_t tbslen) |
220 | 990 | { |
221 | 990 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
222 | | |
223 | 990 | if (!ossl_prov_is_running() || (ctx->mdsize != 0 && tbslen != ctx->mdsize)) |
224 | 0 | return 0; |
225 | | |
226 | 990 | return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->ec); |
227 | 990 | } |
228 | | |
229 | | static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, |
230 | | const char *mdprops) |
231 | 7.45k | { |
232 | 7.45k | EVP_MD *md = NULL; |
233 | 7.45k | size_t mdname_len; |
234 | 7.45k | int md_nid, sha1_allowed; |
235 | 7.45k | WPACKET pkt; |
236 | | |
237 | 7.45k | if (mdname == NULL) |
238 | 0 | return 1; |
239 | | |
240 | 7.45k | mdname_len = strlen(mdname); |
241 | 7.45k | if (mdname_len >= sizeof(ctx->mdname)) { |
242 | 0 | ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, |
243 | 0 | "%s exceeds name buffer length", mdname); |
244 | 0 | return 0; |
245 | 0 | } |
246 | 7.45k | if (mdprops == NULL) |
247 | 7.45k | mdprops = ctx->propq; |
248 | 7.45k | md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); |
249 | 7.45k | if (md == NULL) { |
250 | 0 | ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, |
251 | 0 | "%s could not be fetched", mdname); |
252 | 0 | return 0; |
253 | 0 | } |
254 | 7.45k | sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); |
255 | 7.45k | md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md, |
256 | 7.45k | sha1_allowed); |
257 | 7.45k | if (md_nid < 0) { |
258 | 0 | ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, |
259 | 0 | "digest=%s", mdname); |
260 | 0 | EVP_MD_free(md); |
261 | 0 | return 0; |
262 | 0 | } |
263 | | |
264 | 7.45k | if (!ctx->flag_allow_md) { |
265 | 0 | if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) { |
266 | 0 | ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, |
267 | 0 | "digest %s != %s", mdname, ctx->mdname); |
268 | 0 | EVP_MD_free(md); |
269 | 0 | return 0; |
270 | 0 | } |
271 | 0 | EVP_MD_free(md); |
272 | 0 | return 1; |
273 | 0 | } |
274 | | |
275 | 7.45k | EVP_MD_CTX_free(ctx->mdctx); |
276 | 7.45k | EVP_MD_free(ctx->md); |
277 | | |
278 | 7.45k | ctx->aid_len = 0; |
279 | 7.45k | if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) |
280 | 7.45k | && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec, |
281 | 7.45k | md_nid) |
282 | 7.45k | && WPACKET_finish(&pkt)) { |
283 | 7.45k | WPACKET_get_total_written(&pkt, &ctx->aid_len); |
284 | 7.45k | ctx->aid = WPACKET_get_curr(&pkt); |
285 | 7.45k | } |
286 | 7.45k | WPACKET_cleanup(&pkt); |
287 | 7.45k | ctx->mdctx = NULL; |
288 | 7.45k | ctx->md = md; |
289 | 7.45k | ctx->mdsize = EVP_MD_get_size(ctx->md); |
290 | 7.45k | OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname)); |
291 | | |
292 | 7.45k | return 1; |
293 | 7.45k | } |
294 | | |
295 | | static int ecdsa_digest_signverify_init(void *vctx, const char *mdname, |
296 | | void *ec, const OSSL_PARAM params[], |
297 | | int operation) |
298 | 7.45k | { |
299 | 7.45k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
300 | | |
301 | 7.45k | if (!ossl_prov_is_running()) |
302 | 0 | return 0; |
303 | | |
304 | 7.45k | if (!ecdsa_signverify_init(vctx, ec, params, operation) |
305 | 7.45k | || !ecdsa_setup_md(ctx, mdname, NULL)) |
306 | 0 | return 0; |
307 | | |
308 | 7.45k | ctx->flag_allow_md = 0; |
309 | | |
310 | 7.45k | if (ctx->mdctx == NULL) { |
311 | 7.45k | ctx->mdctx = EVP_MD_CTX_new(); |
312 | 7.45k | if (ctx->mdctx == NULL) |
313 | 0 | goto error; |
314 | 7.45k | } |
315 | | |
316 | 7.45k | if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params)) |
317 | 0 | goto error; |
318 | 7.45k | return 1; |
319 | 0 | error: |
320 | 0 | EVP_MD_CTX_free(ctx->mdctx); |
321 | 0 | ctx->mdctx = NULL; |
322 | 0 | return 0; |
323 | 7.45k | } |
324 | | |
325 | | static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec, |
326 | | const OSSL_PARAM params[]) |
327 | 9.54k | { |
328 | 9.54k | return ecdsa_digest_signverify_init(vctx, mdname, ec, params, |
329 | 9.54k | EVP_PKEY_OP_SIGN); |
330 | 9.54k | } |
331 | | |
332 | | static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec, |
333 | | const OSSL_PARAM params[]) |
334 | 1.28k | { |
335 | 1.28k | return ecdsa_digest_signverify_init(vctx, mdname, ec, params, |
336 | 1.28k | EVP_PKEY_OP_VERIFY); |
337 | 1.28k | } |
338 | | |
339 | | int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data, |
340 | | size_t datalen) |
341 | 2.84k | { |
342 | 2.84k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
343 | | |
344 | 2.84k | if (ctx == NULL || ctx->mdctx == NULL) |
345 | 0 | return 0; |
346 | | |
347 | 2.84k | return EVP_DigestUpdate(ctx->mdctx, data, datalen); |
348 | 2.84k | } |
349 | | |
350 | | int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen, |
351 | | size_t sigsize) |
352 | 3.70k | { |
353 | 3.70k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
354 | 3.70k | unsigned char digest[EVP_MAX_MD_SIZE]; |
355 | 3.70k | unsigned int dlen = 0; |
356 | | |
357 | 3.70k | if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL) |
358 | 0 | return 0; |
359 | | |
360 | | /* |
361 | | * If sig is NULL then we're just finding out the sig size. Other fields |
362 | | * are ignored. Defer to ecdsa_sign. |
363 | | */ |
364 | 3.70k | if (sig != NULL |
365 | 3.70k | && !EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen)) |
366 | 0 | return 0; |
367 | 3.70k | ctx->flag_allow_md = 1; |
368 | 3.70k | return ecdsa_sign(vctx, sig, siglen, sigsize, digest, (size_t)dlen); |
369 | 3.70k | } |
370 | | |
371 | | int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig, |
372 | | size_t siglen) |
373 | 990 | { |
374 | 990 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
375 | 990 | unsigned char digest[EVP_MAX_MD_SIZE]; |
376 | 990 | unsigned int dlen = 0; |
377 | | |
378 | 990 | if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL) |
379 | 0 | return 0; |
380 | | |
381 | 990 | if (!EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen)) |
382 | 0 | return 0; |
383 | 990 | ctx->flag_allow_md = 1; |
384 | 990 | return ecdsa_verify(ctx, sig, siglen, digest, (size_t)dlen); |
385 | 990 | } |
386 | | |
387 | | static void ecdsa_freectx(void *vctx) |
388 | 15.0k | { |
389 | 15.0k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
390 | | |
391 | 15.0k | OPENSSL_free(ctx->propq); |
392 | 15.0k | EVP_MD_CTX_free(ctx->mdctx); |
393 | 15.0k | EVP_MD_free(ctx->md); |
394 | 15.0k | ctx->propq = NULL; |
395 | 15.0k | ctx->mdctx = NULL; |
396 | 15.0k | ctx->md = NULL; |
397 | 15.0k | ctx->mdsize = 0; |
398 | 15.0k | EC_KEY_free(ctx->ec); |
399 | 15.0k | BN_clear_free(ctx->kinv); |
400 | 15.0k | BN_clear_free(ctx->r); |
401 | 15.0k | OPENSSL_free(ctx); |
402 | 15.0k | } |
403 | | |
404 | | static void *ecdsa_dupctx(void *vctx) |
405 | 4.21k | { |
406 | 4.21k | PROV_ECDSA_CTX *srcctx = (PROV_ECDSA_CTX *)vctx; |
407 | 4.21k | PROV_ECDSA_CTX *dstctx; |
408 | | |
409 | 4.21k | if (!ossl_prov_is_running()) |
410 | 0 | return NULL; |
411 | | |
412 | 4.21k | dstctx = OPENSSL_zalloc(sizeof(*srcctx)); |
413 | 4.21k | if (dstctx == NULL) |
414 | 0 | return NULL; |
415 | | |
416 | 4.21k | *dstctx = *srcctx; |
417 | 4.21k | dstctx->ec = NULL; |
418 | 4.21k | dstctx->md = NULL; |
419 | 4.21k | dstctx->mdctx = NULL; |
420 | 4.21k | dstctx->propq = NULL; |
421 | | |
422 | 4.21k | if (srcctx->ec != NULL && !EC_KEY_up_ref(srcctx->ec)) |
423 | 0 | goto err; |
424 | | /* Test KATS should not need to be supported */ |
425 | 4.21k | if (srcctx->kinv != NULL || srcctx->r != NULL) |
426 | 0 | goto err; |
427 | 4.21k | dstctx->ec = srcctx->ec; |
428 | | |
429 | 4.21k | if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) |
430 | 0 | goto err; |
431 | 4.21k | dstctx->md = srcctx->md; |
432 | | |
433 | 4.21k | if (srcctx->mdctx != NULL) { |
434 | 4.21k | dstctx->mdctx = EVP_MD_CTX_new(); |
435 | 4.21k | if (dstctx->mdctx == NULL |
436 | 4.21k | || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) |
437 | 0 | goto err; |
438 | 4.21k | } |
439 | | |
440 | 4.21k | if (srcctx->propq != NULL) { |
441 | 0 | dstctx->propq = OPENSSL_strdup(srcctx->propq); |
442 | 0 | if (dstctx->propq == NULL) |
443 | 0 | goto err; |
444 | 0 | } |
445 | | |
446 | 4.21k | return dstctx; |
447 | 0 | err: |
448 | 0 | ecdsa_freectx(dstctx); |
449 | 0 | return NULL; |
450 | 4.21k | } |
451 | | |
452 | | static int ecdsa_get_ctx_params(void *vctx, OSSL_PARAM *params) |
453 | 0 | { |
454 | 0 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
455 | 0 | OSSL_PARAM *p; |
456 | |
|
457 | 0 | if (ctx == NULL) |
458 | 0 | return 0; |
459 | | |
460 | 0 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); |
461 | 0 | if (p != NULL && !OSSL_PARAM_set_octet_string(p, ctx->aid, ctx->aid_len)) |
462 | 0 | return 0; |
463 | | |
464 | 0 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); |
465 | 0 | if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->mdsize)) |
466 | 0 | return 0; |
467 | | |
468 | 0 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); |
469 | 0 | if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL |
470 | 0 | ? ctx->mdname |
471 | 0 | : EVP_MD_get0_name(ctx->md))) |
472 | 0 | return 0; |
473 | | |
474 | 0 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_NONCE_TYPE); |
475 | 0 | if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->nonce_type)) |
476 | 0 | return 0; |
477 | | |
478 | 0 | return 1; |
479 | 0 | } |
480 | | |
481 | | static const OSSL_PARAM known_gettable_ctx_params[] = { |
482 | | OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0), |
483 | | OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL), |
484 | | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), |
485 | | OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_NONCE_TYPE, NULL), |
486 | | OSSL_PARAM_END |
487 | | }; |
488 | | |
489 | | static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *vctx, |
490 | | ossl_unused void *provctx) |
491 | 0 | { |
492 | 0 | return known_gettable_ctx_params; |
493 | 0 | } |
494 | | |
495 | | static int ecdsa_set_ctx_params(void *vctx, const OSSL_PARAM params[]) |
496 | 2.57k | { |
497 | 2.57k | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
498 | 2.57k | const OSSL_PARAM *p; |
499 | 2.57k | size_t mdsize = 0; |
500 | | |
501 | 2.57k | if (ctx == NULL) |
502 | 0 | return 0; |
503 | 2.57k | if (params == NULL) |
504 | 2.57k | return 1; |
505 | | |
506 | | #if !defined(OPENSSL_NO_ACVP_TESTS) |
507 | | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_KAT); |
508 | | if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->kattest)) |
509 | | return 0; |
510 | | #endif |
511 | | |
512 | 0 | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); |
513 | 0 | if (p != NULL) { |
514 | 0 | char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname; |
515 | 0 | char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops; |
516 | 0 | const OSSL_PARAM *propsp = |
517 | 0 | OSSL_PARAM_locate_const(params, |
518 | 0 | OSSL_SIGNATURE_PARAM_PROPERTIES); |
519 | |
|
520 | 0 | if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) |
521 | 0 | return 0; |
522 | 0 | if (propsp != NULL |
523 | 0 | && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) |
524 | 0 | return 0; |
525 | 0 | if (!ecdsa_setup_md(ctx, mdname, mdprops)) |
526 | 0 | return 0; |
527 | 0 | } |
528 | | |
529 | 0 | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); |
530 | 0 | if (p != NULL) { |
531 | 0 | if (!OSSL_PARAM_get_size_t(p, &mdsize) |
532 | 0 | || (!ctx->flag_allow_md && mdsize != ctx->mdsize)) |
533 | 0 | return 0; |
534 | 0 | ctx->mdsize = mdsize; |
535 | 0 | } |
536 | 0 | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_NONCE_TYPE); |
537 | 0 | if (p != NULL |
538 | 0 | && !OSSL_PARAM_get_uint(p, &ctx->nonce_type)) |
539 | 0 | return 0; |
540 | | |
541 | 0 | return 1; |
542 | 0 | } |
543 | | |
544 | | static const OSSL_PARAM settable_ctx_params[] = { |
545 | | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), |
546 | | OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL), |
547 | | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0), |
548 | | OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL), |
549 | | OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_NONCE_TYPE, NULL), |
550 | | OSSL_PARAM_END |
551 | | }; |
552 | | |
553 | | static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx, |
554 | | ossl_unused void *provctx) |
555 | 1 | { |
556 | 1 | return settable_ctx_params; |
557 | 1 | } |
558 | | |
559 | | static int ecdsa_get_ctx_md_params(void *vctx, OSSL_PARAM *params) |
560 | 0 | { |
561 | 0 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
562 | |
|
563 | 0 | if (ctx->mdctx == NULL) |
564 | 0 | return 0; |
565 | | |
566 | 0 | return EVP_MD_CTX_get_params(ctx->mdctx, params); |
567 | 0 | } |
568 | | |
569 | | static const OSSL_PARAM *ecdsa_gettable_ctx_md_params(void *vctx) |
570 | 0 | { |
571 | 0 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
572 | |
|
573 | 0 | if (ctx->md == NULL) |
574 | 0 | return 0; |
575 | | |
576 | 0 | return EVP_MD_gettable_ctx_params(ctx->md); |
577 | 0 | } |
578 | | |
579 | | static int ecdsa_set_ctx_md_params(void *vctx, const OSSL_PARAM params[]) |
580 | 0 | { |
581 | 0 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
582 | |
|
583 | 0 | if (ctx->mdctx == NULL) |
584 | 0 | return 0; |
585 | | |
586 | 0 | return EVP_MD_CTX_set_params(ctx->mdctx, params); |
587 | 0 | } |
588 | | |
589 | | static const OSSL_PARAM *ecdsa_settable_ctx_md_params(void *vctx) |
590 | 0 | { |
591 | 0 | PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; |
592 | |
|
593 | 0 | if (ctx->md == NULL) |
594 | 0 | return 0; |
595 | | |
596 | 0 | return EVP_MD_settable_ctx_params(ctx->md); |
597 | 0 | } |
598 | | |
599 | | const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = { |
600 | | { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx }, |
601 | | { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init }, |
602 | | { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign }, |
603 | | { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init }, |
604 | | { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify }, |
605 | | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, |
606 | | (void (*)(void))ecdsa_digest_sign_init }, |
607 | | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, |
608 | | (void (*)(void))ecdsa_digest_signverify_update }, |
609 | | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, |
610 | | (void (*)(void))ecdsa_digest_sign_final }, |
611 | | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, |
612 | | (void (*)(void))ecdsa_digest_verify_init }, |
613 | | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, |
614 | | (void (*)(void))ecdsa_digest_signverify_update }, |
615 | | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, |
616 | | (void (*)(void))ecdsa_digest_verify_final }, |
617 | | { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx }, |
618 | | { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx }, |
619 | | { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))ecdsa_get_ctx_params }, |
620 | | { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, |
621 | | (void (*)(void))ecdsa_gettable_ctx_params }, |
622 | | { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))ecdsa_set_ctx_params }, |
623 | | { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, |
624 | | (void (*)(void))ecdsa_settable_ctx_params }, |
625 | | { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, |
626 | | (void (*)(void))ecdsa_get_ctx_md_params }, |
627 | | { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, |
628 | | (void (*)(void))ecdsa_gettable_ctx_md_params }, |
629 | | { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, |
630 | | (void (*)(void))ecdsa_set_ctx_md_params }, |
631 | | { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, |
632 | | (void (*)(void))ecdsa_settable_ctx_md_params }, |
633 | | OSSL_DISPATCH_END |
634 | | }; |