]>
Commit | Line | Data |
---|---|---|
2039c421 | 1 | /* |
38fc02a7 | 2 | * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. |
d02b48c6 | 3 | * |
365a2d99 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2039c421 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
11 | #include <time.h> | |
b379fe6c | 12 | #include <sys/types.h> |
d02b48c6 | 13 | |
b39fc560 | 14 | #include "internal/cryptlib.h" |
17f389bb | 15 | |
ec577822 BM |
16 | #include <openssl/bn.h> |
17 | #include <openssl/x509.h> | |
18 | #include <openssl/objects.h> | |
19 | #include <openssl/buffer.h> | |
20 | #include <openssl/evp.h> | |
25f2138b DMSP |
21 | #include "crypto/asn1.h" |
22 | #include "crypto/evp.h" | |
376a8c3f | 23 | #include "crypto/rsa.h" |
d02b48c6 | 24 | |
12d99aac | 25 | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
73e92de5 | 26 | |
8bb826ee | 27 | int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, |
0f113f3e MC |
28 | char *data, EVP_PKEY *pkey) |
29 | { | |
bfb0641f | 30 | EVP_MD_CTX *ctx = EVP_MD_CTX_new(); |
0f113f3e MC |
31 | const EVP_MD *type; |
32 | unsigned char *p, *buf_in = NULL; | |
33 | int ret = -1, i, inl; | |
34 | ||
6e59a892 | 35 | if (ctx == NULL) { |
9311d0c4 | 36 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
6e59a892 RL |
37 | goto err; |
38 | } | |
0f113f3e MC |
39 | i = OBJ_obj2nid(a->algorithm); |
40 | type = EVP_get_digestbyname(OBJ_nid2sn(i)); | |
41 | if (type == NULL) { | |
9311d0c4 | 42 | ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); |
0f113f3e MC |
43 | goto err; |
44 | } | |
45 | ||
46 | if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { | |
9311d0c4 | 47 | ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); |
0f113f3e MC |
48 | goto err; |
49 | } | |
50 | ||
51 | inl = i2d(data, NULL); | |
da84249b | 52 | if (inl <= 0) { |
9311d0c4 | 53 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
da84249b F |
54 | goto err; |
55 | } | |
0f113f3e MC |
56 | buf_in = OPENSSL_malloc((unsigned int)inl); |
57 | if (buf_in == NULL) { | |
9311d0c4 | 58 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
59 | goto err; |
60 | } | |
61 | p = buf_in; | |
62 | ||
63 | i2d(data, &p); | |
6e59a892 RL |
64 | ret = EVP_VerifyInit_ex(ctx, type, NULL) |
65 | && EVP_VerifyUpdate(ctx, (unsigned char *)buf_in, inl); | |
0f113f3e | 66 | |
4b45c6e5 | 67 | OPENSSL_clear_free(buf_in, (unsigned int)inl); |
0f113f3e MC |
68 | |
69 | if (!ret) { | |
9311d0c4 | 70 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
0f113f3e MC |
71 | goto err; |
72 | } | |
73 | ret = -1; | |
74 | ||
6e59a892 | 75 | if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data, |
0f113f3e | 76 | (unsigned int)signature->length, pkey) <= 0) { |
9311d0c4 | 77 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
0f113f3e MC |
78 | ret = 0; |
79 | goto err; | |
80 | } | |
0f113f3e MC |
81 | ret = 1; |
82 | err: | |
bfb0641f | 83 | EVP_MD_CTX_free(ctx); |
26a7d938 | 84 | return ret; |
0f113f3e | 85 | } |
09ab755c | 86 | |
73e92de5 DSH |
87 | #endif |
88 | ||
ded346fa DDO |
89 | int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg, |
90 | const ASN1_BIT_STRING *signature, const void *data, | |
91 | EVP_PKEY *pkey) | |
0f113f3e | 92 | { |
d8652be0 | 93 | return ASN1_item_verify_ex(it, alg, signature, data, NULL, pkey, NULL, NULL); |
ded346fa DDO |
94 | } |
95 | ||
d8652be0 MC |
96 | int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg, |
97 | const ASN1_BIT_STRING *signature, const void *data, | |
98 | const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, | |
b4250010 | 99 | OSSL_LIB_CTX *libctx, const char *propq) |
ded346fa DDO |
100 | { |
101 | EVP_MD_CTX *ctx; | |
bbaddbc0 | 102 | int rv = -1; |
bbaddbc0 | 103 | |
d8652be0 | 104 | if ((ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq)) != NULL) { |
ded346fa | 105 | rv = ASN1_item_verify_ctx(it, alg, signature, data, ctx); |
ed576acd | 106 | EVP_PKEY_CTX_free(EVP_MD_CTX_get_pkey_ctx(ctx)); |
ded346fa | 107 | EVP_MD_CTX_free(ctx); |
bbaddbc0 | 108 | } |
bbaddbc0 RL |
109 | return rv; |
110 | } | |
111 | ||
ded346fa DDO |
112 | int ASN1_item_verify_ctx(const ASN1_ITEM *it, const X509_ALGOR *alg, |
113 | const ASN1_BIT_STRING *signature, const void *data, | |
bbaddbc0 RL |
114 | EVP_MD_CTX *ctx) |
115 | { | |
116 | EVP_PKEY *pkey; | |
0f113f3e | 117 | unsigned char *buf_in = NULL; |
75394189 | 118 | int ret = -1, inl = 0; |
0f113f3e | 119 | int mdnid, pknid; |
da84249b | 120 | size_t inll = 0; |
0f113f3e | 121 | |
ed576acd | 122 | pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_get_pkey_ctx(ctx)); |
bbaddbc0 | 123 | |
8267becb | 124 | if (pkey == NULL) { |
9311d0c4 | 125 | ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_NULL_PARAMETER); |
0f113f3e MC |
126 | return -1; |
127 | } | |
128 | ||
129 | if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { | |
9311d0c4 | 130 | ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_BIT_STRING_BITS_LEFT); |
0f113f3e MC |
131 | return -1; |
132 | } | |
133 | ||
0f113f3e | 134 | /* Convert signature OID into digest and public key OIDs */ |
ded346fa | 135 | if (!OBJ_find_sigid_algs(OBJ_obj2nid(alg->algorithm), &mdnid, &pknid)) { |
9311d0c4 | 136 | ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); |
0f113f3e MC |
137 | goto err; |
138 | } | |
bbaddbc0 | 139 | |
376a8c3f | 140 | if (mdnid == NID_undef && evp_pkey_is_legacy(pkey)) { |
12a765a5 | 141 | if (pkey->ameth == NULL || pkey->ameth->item_verify == NULL) { |
9311d0c4 | 142 | ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); |
0f113f3e MC |
143 | goto err; |
144 | } | |
ded346fa | 145 | ret = pkey->ameth->item_verify(ctx, it, data, alg, signature, pkey); |
0f113f3e | 146 | /* |
bbaddbc0 RL |
147 | * Return values meaning: |
148 | * <=0: error. | |
149 | * 1: method does everything. | |
150 | * 2: carry on as normal, method has called EVP_DigestVerifyInit() | |
0f113f3e | 151 | */ |
bbaddbc0 | 152 | if (ret <= 0) |
9311d0c4 | 153 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
bbaddbc0 | 154 | if (ret <= 1) |
0f113f3e | 155 | goto err; |
0f113f3e | 156 | } else { |
376a8c3f | 157 | const EVP_MD *type = NULL; |
da84249b | 158 | |
376a8c3f MC |
159 | /* |
160 | * We don't yet have the ability for providers to be able to handle | |
161 | * X509_ALGOR style parameters. Fortunately the only one that needs this | |
162 | * so far is RSA-PSS, so we just special case this for now. In some | |
163 | * future version of OpenSSL we should push this to the provider. | |
164 | */ | |
165 | if (mdnid == NID_undef && pknid == EVP_PKEY_RSA_PSS) { | |
166 | if (!EVP_PKEY_is_a(pkey, "RSA") && !EVP_PKEY_is_a(pkey, "RSA-PSS")) { | |
167 | ERR_raise(ERR_LIB_ASN1, ASN1_R_WRONG_PUBLIC_KEY_TYPE); | |
168 | goto err; | |
169 | } | |
170 | /* This function also calls EVP_DigestVerifyInit */ | |
171 | if (ossl_rsa_pss_to_ctx(ctx, NULL, alg, pkey) <= 0) { | |
172 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); | |
173 | goto err; | |
174 | } | |
175 | } else { | |
176 | /* Check public key OID matches public key type */ | |
177 | if (!EVP_PKEY_is_a(pkey, OBJ_nid2sn(pknid))) { | |
178 | ERR_raise(ERR_LIB_ASN1, ASN1_R_WRONG_PUBLIC_KEY_TYPE); | |
179 | goto err; | |
180 | } | |
181 | ||
182 | if (mdnid != NID_undef) { | |
183 | type = EVP_get_digestbynid(mdnid); | |
184 | if (type == NULL) { | |
185 | ERR_raise(ERR_LIB_ASN1, | |
186 | ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); | |
187 | goto err; | |
188 | } | |
189 | } | |
190 | ||
191 | /* | |
192 | * Note that some algorithms (notably Ed25519 and Ed448) may allow | |
193 | * a NULL digest value. | |
194 | */ | |
195 | if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) { | |
196 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); | |
197 | ret = 0; | |
198 | goto err; | |
199 | } | |
0f113f3e | 200 | } |
0f113f3e MC |
201 | } |
202 | ||
ded346fa | 203 | inl = ASN1_item_i2d(data, &buf_in, it); |
da84249b | 204 | if (inl <= 0) { |
9311d0c4 | 205 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
da84249b F |
206 | goto err; |
207 | } | |
0f113f3e | 208 | if (buf_in == NULL) { |
9311d0c4 | 209 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
210 | goto err; |
211 | } | |
da84249b | 212 | inll = inl; |
0f113f3e | 213 | |
75394189 DSH |
214 | ret = EVP_DigestVerify(ctx, signature->data, (size_t)signature->length, |
215 | buf_in, inl); | |
216 | if (ret <= 0) { | |
9311d0c4 | 217 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
0f113f3e MC |
218 | goto err; |
219 | } | |
0f113f3e MC |
220 | ret = 1; |
221 | err: | |
da84249b | 222 | OPENSSL_clear_free(buf_in, inll); |
75394189 | 223 | return ret; |
0f113f3e | 224 | } |