]>
Commit | Line | Data |
---|---|---|
4889dadc MC |
1 | /* |
2 | * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <openssl/crypto.h> | |
11 | #include <openssl/core_numbers.h> | |
12 | #include <openssl/core_names.h> | |
13 | #include <openssl/dsa.h> | |
14 | #include <openssl/params.h> | |
45a845e4 | 15 | #include <openssl/evp.h> |
af3e7e1b | 16 | #include "prov/implementations.h" |
ddd21319 | 17 | #include "prov/provider_ctx.h" |
e683582b | 18 | #include "crypto/dsa.h" |
4889dadc MC |
19 | |
20 | static OSSL_OP_signature_newctx_fn dsa_newctx; | |
390acbeb MC |
21 | static OSSL_OP_signature_sign_init_fn dsa_signature_init; |
22 | static OSSL_OP_signature_verify_init_fn dsa_signature_init; | |
4889dadc | 23 | static OSSL_OP_signature_sign_fn dsa_sign; |
45a845e4 MC |
24 | static OSSL_OP_signature_verify_fn dsa_verify; |
25 | static OSSL_OP_signature_digest_sign_init_fn dsa_digest_signverify_init; | |
26 | static OSSL_OP_signature_digest_sign_update_fn dsa_digest_signverify_update; | |
27 | static OSSL_OP_signature_digest_sign_final_fn dsa_digest_sign_final; | |
28 | static OSSL_OP_signature_digest_verify_init_fn dsa_digest_signverify_init; | |
29 | static OSSL_OP_signature_digest_verify_update_fn dsa_digest_signverify_update; | |
30 | static OSSL_OP_signature_digest_verify_final_fn dsa_digest_verify_final; | |
4889dadc MC |
31 | static OSSL_OP_signature_freectx_fn dsa_freectx; |
32 | static OSSL_OP_signature_dupctx_fn dsa_dupctx; | |
9c45222d MC |
33 | static OSSL_OP_signature_get_ctx_params_fn dsa_get_ctx_params; |
34 | static OSSL_OP_signature_gettable_ctx_params_fn dsa_gettable_ctx_params; | |
35 | static OSSL_OP_signature_set_ctx_params_fn dsa_set_ctx_params; | |
36 | static OSSL_OP_signature_settable_ctx_params_fn dsa_settable_ctx_params; | |
45a845e4 MC |
37 | static OSSL_OP_signature_get_ctx_md_params_fn dsa_get_ctx_md_params; |
38 | static OSSL_OP_signature_gettable_ctx_md_params_fn dsa_gettable_ctx_md_params; | |
39 | static OSSL_OP_signature_set_ctx_md_params_fn dsa_set_ctx_md_params; | |
40 | static OSSL_OP_signature_settable_ctx_md_params_fn dsa_settable_ctx_md_params; | |
4889dadc MC |
41 | |
42 | /* | |
43 | * What's passed as an actual key is defined by the KEYMGMT interface. | |
44 | * We happen to know that our KEYMGMT simply passes DSA structures, so | |
45 | * we use that here too. | |
46 | */ | |
47 | ||
48 | typedef struct { | |
45a845e4 | 49 | OPENSSL_CTX *libctx; |
4889dadc MC |
50 | DSA *dsa; |
51 | size_t mdsize; | |
9c45222d MC |
52 | /* Should be big enough */ |
53 | char mdname[80]; | |
45a845e4 MC |
54 | EVP_MD *md; |
55 | EVP_MD_CTX *mdctx; | |
4889dadc MC |
56 | } PROV_DSA_CTX; |
57 | ||
58 | static void *dsa_newctx(void *provctx) | |
59 | { | |
45a845e4 MC |
60 | PROV_DSA_CTX *pdsactx = OPENSSL_zalloc(sizeof(PROV_DSA_CTX)); |
61 | ||
62 | if (pdsactx == NULL) | |
63 | return NULL; | |
64 | ||
65 | pdsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); | |
66 | return pdsactx; | |
4889dadc MC |
67 | } |
68 | ||
390acbeb | 69 | static int dsa_signature_init(void *vpdsactx, void *vdsa) |
4889dadc MC |
70 | { |
71 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
72 | ||
73 | if (pdsactx == NULL || vdsa == NULL || !DSA_up_ref(vdsa)) | |
74 | return 0; | |
75 | DSA_free(pdsactx->dsa); | |
76 | pdsactx->dsa = vdsa; | |
77 | return 1; | |
78 | } | |
79 | ||
80 | static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen, | |
81 | size_t sigsize, const unsigned char *tbs, size_t tbslen) | |
82 | { | |
83 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
84 | int ret; | |
85 | unsigned int sltmp; | |
86 | size_t dsasize = DSA_size(pdsactx->dsa); | |
87 | ||
88 | if (sig == NULL) { | |
89 | *siglen = dsasize; | |
90 | return 1; | |
91 | } | |
92 | ||
93 | if (sigsize < (size_t)dsasize) | |
94 | return 0; | |
95 | ||
96 | if (pdsactx->mdsize != 0 && tbslen != pdsactx->mdsize) | |
97 | return 0; | |
98 | ||
e683582b SL |
99 | ret = dsa_sign_int(pdsactx->libctx, 0, tbs, tbslen, sig, &sltmp, |
100 | pdsactx->dsa); | |
4889dadc MC |
101 | if (ret <= 0) |
102 | return 0; | |
103 | ||
104 | *siglen = sltmp; | |
105 | return 1; | |
106 | } | |
107 | ||
390acbeb MC |
108 | static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen, |
109 | const unsigned char *tbs, size_t tbslen) | |
110 | { | |
111 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
112 | ||
113 | if (pdsactx->mdsize != 0 && tbslen != pdsactx->mdsize) | |
114 | return 0; | |
115 | ||
116 | return DSA_verify(0, tbs, tbslen, sig, siglen, pdsactx->dsa); | |
117 | } | |
118 | ||
45a845e4 MC |
119 | static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, |
120 | const char *props, void *vdsa) | |
121 | { | |
122 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
123 | EVP_MD *md; | |
124 | ||
125 | if (!dsa_signature_init(vpdsactx, vdsa)) | |
126 | return 0; | |
127 | ||
128 | md = EVP_MD_fetch(pdsactx->libctx, mdname, props); | |
129 | if (md == NULL) | |
130 | return 0; | |
131 | pdsactx->md = md; | |
132 | pdsactx->mdsize = EVP_MD_size(md); | |
133 | pdsactx->mdctx = EVP_MD_CTX_new(); | |
134 | if (pdsactx->mdctx == NULL) | |
135 | return 0; | |
136 | ||
137 | if (!EVP_DigestInit_ex(pdsactx->mdctx, md, NULL)) | |
138 | return 0; | |
139 | ||
140 | return 1; | |
141 | } | |
142 | ||
143 | int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data, | |
144 | size_t datalen) | |
145 | { | |
146 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
147 | ||
148 | if (pdsactx == NULL || pdsactx->mdctx == NULL) | |
149 | return 0; | |
150 | ||
151 | return EVP_DigestUpdate(pdsactx->mdctx, data, datalen); | |
152 | } | |
153 | ||
154 | int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen, | |
155 | size_t sigsize) | |
156 | { | |
157 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
158 | unsigned char digest[EVP_MAX_MD_SIZE]; | |
159 | unsigned int dlen = 0; | |
160 | ||
161 | if (pdsactx == NULL || pdsactx->mdctx == NULL) | |
162 | return 0; | |
163 | ||
164 | /* | |
165 | * If sig is NULL then we're just finding out the sig size. Other fields | |
166 | * are ignored. Defer to dsa_sign. | |
167 | */ | |
168 | if (sig != NULL) { | |
169 | /* | |
170 | * TODO(3.0): There is the possibility that some externally provided | |
171 | * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow - | |
172 | * but that problem is much larger than just in DSA. | |
173 | */ | |
174 | if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen)) | |
175 | return 0; | |
176 | } | |
177 | ||
178 | return dsa_sign(vpdsactx, sig, siglen, sigsize, digest, (size_t)dlen); | |
179 | } | |
180 | ||
181 | ||
182 | int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig, | |
183 | size_t siglen) | |
184 | { | |
185 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
186 | unsigned char digest[EVP_MAX_MD_SIZE]; | |
187 | unsigned int dlen = 0; | |
188 | ||
189 | if (pdsactx == NULL || pdsactx->mdctx == NULL) | |
190 | return 0; | |
191 | ||
192 | /* | |
193 | * TODO(3.0): There is the possibility that some externally provided | |
194 | * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow - | |
195 | * but that problem is much larger than just in DSA. | |
196 | */ | |
197 | if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen)) | |
198 | return 0; | |
199 | ||
200 | return dsa_verify(vpdsactx, sig, siglen, digest, (size_t)dlen); | |
201 | } | |
390acbeb | 202 | |
4889dadc MC |
203 | static void dsa_freectx(void *vpdsactx) |
204 | { | |
205 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
206 | ||
207 | DSA_free(pdsactx->dsa); | |
45a845e4 MC |
208 | EVP_MD_CTX_free(pdsactx->mdctx); |
209 | EVP_MD_free(pdsactx->md); | |
4889dadc MC |
210 | |
211 | OPENSSL_free(pdsactx); | |
212 | } | |
213 | ||
214 | static void *dsa_dupctx(void *vpdsactx) | |
215 | { | |
216 | PROV_DSA_CTX *srcctx = (PROV_DSA_CTX *)vpdsactx; | |
217 | PROV_DSA_CTX *dstctx; | |
218 | ||
219 | dstctx = OPENSSL_zalloc(sizeof(*srcctx)); | |
220 | if (dstctx == NULL) | |
221 | return NULL; | |
222 | ||
223 | *dstctx = *srcctx; | |
45a845e4 MC |
224 | dstctx->dsa = NULL; |
225 | dstctx->md = NULL; | |
226 | dstctx->mdctx = NULL; | |
227 | ||
228 | if (srcctx->dsa != NULL && !DSA_up_ref(srcctx->dsa)) | |
229 | goto err; | |
230 | dstctx->dsa = srcctx->dsa; | |
231 | ||
232 | if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) | |
233 | goto err; | |
234 | dstctx->md = srcctx->md; | |
235 | ||
236 | if (srcctx->mdctx != NULL) { | |
237 | dstctx->mdctx = EVP_MD_CTX_new(); | |
238 | if (dstctx->mdctx == NULL | |
239 | || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) | |
240 | goto err; | |
4889dadc MC |
241 | } |
242 | ||
243 | return dstctx; | |
45a845e4 MC |
244 | err: |
245 | dsa_freectx(dstctx); | |
246 | return NULL; | |
4889dadc MC |
247 | } |
248 | ||
9c45222d MC |
249 | static int dsa_get_ctx_params(void *vpdsactx, OSSL_PARAM *params) |
250 | { | |
251 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
252 | OSSL_PARAM *p; | |
253 | ||
254 | if (pdsactx == NULL || params == NULL) | |
255 | return 0; | |
256 | ||
257 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); | |
258 | if (p != NULL && !OSSL_PARAM_set_size_t(p, pdsactx->mdsize)) | |
259 | return 0; | |
260 | ||
261 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); | |
45a845e4 MC |
262 | if (p != NULL && !OSSL_PARAM_set_utf8_string(p, pdsactx->md == NULL |
263 | ? pdsactx->mdname | |
264 | : EVP_MD_name(pdsactx->md))) | |
9c45222d MC |
265 | return 0; |
266 | ||
267 | return 1; | |
268 | } | |
269 | ||
270 | static const OSSL_PARAM known_gettable_ctx_params[] = { | |
271 | OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL), | |
272 | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), | |
273 | OSSL_PARAM_END | |
274 | }; | |
275 | ||
276 | static const OSSL_PARAM *dsa_gettable_ctx_params(void) | |
277 | { | |
278 | return known_gettable_ctx_params; | |
279 | } | |
280 | ||
281 | static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[]) | |
4889dadc MC |
282 | { |
283 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
284 | const OSSL_PARAM *p; | |
9c45222d | 285 | char *mdname; |
4889dadc MC |
286 | |
287 | if (pdsactx == NULL || params == NULL) | |
288 | return 0; | |
289 | ||
45a845e4 MC |
290 | if (pdsactx->md != NULL) { |
291 | /* | |
292 | * You cannot set the digest name/size when doing a DigestSign or | |
293 | * DigestVerify. | |
294 | */ | |
295 | return 1; | |
296 | } | |
297 | ||
4889dadc | 298 | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); |
9c45222d | 299 | if (p != NULL && !OSSL_PARAM_get_size_t(p, &pdsactx->mdsize)) |
4889dadc MC |
300 | return 0; |
301 | ||
9c45222d MC |
302 | /* |
303 | * We never actually use the mdname, but we do support getting it later. | |
304 | * This can be useful for applications that want to know the MD that they | |
305 | * previously set. | |
306 | */ | |
307 | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); | |
308 | mdname = pdsactx->mdname; | |
309 | if (p != NULL | |
310 | && !OSSL_PARAM_get_utf8_string(p, &mdname, sizeof(pdsactx->mdname))) | |
311 | return 0; | |
4889dadc MC |
312 | |
313 | return 1; | |
314 | } | |
315 | ||
9c45222d MC |
316 | static const OSSL_PARAM known_settable_ctx_params[] = { |
317 | OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL), | |
318 | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), | |
319 | OSSL_PARAM_END | |
320 | }; | |
321 | ||
322 | static const OSSL_PARAM *dsa_settable_ctx_params(void) | |
323 | { | |
45a845e4 MC |
324 | /* |
325 | * TODO(3.0): Should this function return a different set of settable ctx | |
326 | * params if the ctx is being used for a DigestSign/DigestVerify? In that | |
327 | * case it is not allowed to set the digest size/digest name because the | |
328 | * digest is explicitly set as part of the init. | |
329 | */ | |
9c45222d MC |
330 | return known_settable_ctx_params; |
331 | } | |
332 | ||
45a845e4 MC |
333 | static int dsa_get_ctx_md_params(void *vpdsactx, OSSL_PARAM *params) |
334 | { | |
335 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
336 | ||
337 | if (pdsactx->mdctx == NULL) | |
338 | return 0; | |
339 | ||
340 | return EVP_MD_CTX_get_params(pdsactx->mdctx, params); | |
341 | } | |
342 | ||
343 | static const OSSL_PARAM *dsa_gettable_ctx_md_params(void *vpdsactx) | |
344 | { | |
345 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
346 | ||
347 | if (pdsactx->md == NULL) | |
348 | return 0; | |
349 | ||
350 | return EVP_MD_gettable_ctx_params(pdsactx->md); | |
351 | } | |
352 | ||
353 | static int dsa_set_ctx_md_params(void *vpdsactx, const OSSL_PARAM params[]) | |
354 | { | |
355 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
356 | ||
357 | if (pdsactx->mdctx == NULL) | |
358 | return 0; | |
359 | ||
360 | return EVP_MD_CTX_set_params(pdsactx->mdctx, params); | |
361 | } | |
362 | ||
363 | static const OSSL_PARAM *dsa_settable_ctx_md_params(void *vpdsactx) | |
364 | { | |
365 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
366 | ||
367 | if (pdsactx->md == NULL) | |
368 | return 0; | |
369 | ||
370 | return EVP_MD_settable_ctx_params(pdsactx->md); | |
371 | } | |
372 | ||
4889dadc MC |
373 | const OSSL_DISPATCH dsa_signature_functions[] = { |
374 | { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx }, | |
390acbeb | 375 | { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_signature_init }, |
4889dadc | 376 | { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign }, |
390acbeb MC |
377 | { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_signature_init }, |
378 | { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify }, | |
45a845e4 MC |
379 | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, |
380 | (void (*)(void))dsa_digest_signverify_init }, | |
381 | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, | |
382 | (void (*)(void))dsa_digest_signverify_update }, | |
383 | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, | |
384 | (void (*)(void))dsa_digest_sign_final }, | |
385 | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, | |
386 | (void (*)(void))dsa_digest_signverify_init }, | |
387 | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, | |
388 | (void (*)(void))dsa_digest_signverify_update }, | |
389 | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, | |
390 | (void (*)(void))dsa_digest_verify_final }, | |
4889dadc MC |
391 | { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))dsa_freectx }, |
392 | { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))dsa_dupctx }, | |
9c45222d MC |
393 | { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))dsa_get_ctx_params }, |
394 | { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, | |
395 | (void (*)(void))dsa_gettable_ctx_params }, | |
396 | { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))dsa_set_ctx_params }, | |
397 | { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, | |
398 | (void (*)(void))dsa_settable_ctx_params }, | |
45a845e4 MC |
399 | { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, |
400 | (void (*)(void))dsa_get_ctx_md_params }, | |
401 | { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, | |
402 | (void (*)(void))dsa_gettable_ctx_md_params }, | |
403 | { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, | |
404 | (void (*)(void))dsa_set_ctx_md_params }, | |
405 | { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, | |
406 | (void (*)(void))dsa_settable_ctx_md_params }, | |
4889dadc MC |
407 | { 0, NULL } |
408 | }; |