2 * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/objects.h>
13 #include <openssl/evp.h>
14 #include "internal/numbers.h" /* includes SIZE_MAX */
15 #include "internal/cryptlib.h"
16 #include "internal/provider.h"
17 #include "internal/core.h"
18 #include "crypto/evp.h"
19 #include "evp_local.h"
21 static EVP_SIGNATURE
*evp_signature_new(OSSL_PROVIDER
*prov
)
23 EVP_SIGNATURE
*signature
= OPENSSL_zalloc(sizeof(EVP_SIGNATURE
));
25 if (signature
== NULL
) {
26 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
30 signature
->lock
= CRYPTO_THREAD_lock_new();
31 if (signature
->lock
== NULL
) {
32 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
33 OPENSSL_free(signature
);
36 signature
->prov
= prov
;
37 ossl_provider_up_ref(prov
);
38 signature
->refcnt
= 1;
43 static void *evp_signature_from_algorithm(int name_id
,
44 const OSSL_ALGORITHM
*algodef
,
47 const OSSL_DISPATCH
*fns
= algodef
->implementation
;
48 EVP_SIGNATURE
*signature
= NULL
;
49 int ctxfncnt
= 0, signfncnt
= 0, verifyfncnt
= 0, verifyrecfncnt
= 0;
50 int digsignfncnt
= 0, digverifyfncnt
= 0;
51 int gparamfncnt
= 0, sparamfncnt
= 0, gmdparamfncnt
= 0, smdparamfncnt
= 0;
53 if ((signature
= evp_signature_new(prov
)) == NULL
) {
54 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
58 signature
->name_id
= name_id
;
59 if ((signature
->type_name
= ossl_algorithm_get1_first_name(algodef
)) == NULL
)
61 signature
->description
= algodef
->algorithm_description
;
63 for (; fns
->function_id
!= 0; fns
++) {
64 switch (fns
->function_id
) {
65 case OSSL_FUNC_SIGNATURE_NEWCTX
:
66 if (signature
->newctx
!= NULL
)
68 signature
->newctx
= OSSL_FUNC_signature_newctx(fns
);
71 case OSSL_FUNC_SIGNATURE_SIGN_INIT
:
72 if (signature
->sign_init
!= NULL
)
74 signature
->sign_init
= OSSL_FUNC_signature_sign_init(fns
);
77 case OSSL_FUNC_SIGNATURE_SIGN
:
78 if (signature
->sign
!= NULL
)
80 signature
->sign
= OSSL_FUNC_signature_sign(fns
);
83 case OSSL_FUNC_SIGNATURE_VERIFY_INIT
:
84 if (signature
->verify_init
!= NULL
)
86 signature
->verify_init
= OSSL_FUNC_signature_verify_init(fns
);
89 case OSSL_FUNC_SIGNATURE_VERIFY
:
90 if (signature
->verify
!= NULL
)
92 signature
->verify
= OSSL_FUNC_signature_verify(fns
);
95 case OSSL_FUNC_SIGNATURE_VERIFY_RECOVER_INIT
:
96 if (signature
->verify_recover_init
!= NULL
)
98 signature
->verify_recover_init
99 = OSSL_FUNC_signature_verify_recover_init(fns
);
102 case OSSL_FUNC_SIGNATURE_VERIFY_RECOVER
:
103 if (signature
->verify_recover
!= NULL
)
105 signature
->verify_recover
106 = OSSL_FUNC_signature_verify_recover(fns
);
109 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT
:
110 if (signature
->digest_sign_init
!= NULL
)
112 signature
->digest_sign_init
113 = OSSL_FUNC_signature_digest_sign_init(fns
);
115 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE
:
116 if (signature
->digest_sign_update
!= NULL
)
118 signature
->digest_sign_update
119 = OSSL_FUNC_signature_digest_sign_update(fns
);
122 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL
:
123 if (signature
->digest_sign_final
!= NULL
)
125 signature
->digest_sign_final
126 = OSSL_FUNC_signature_digest_sign_final(fns
);
129 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN
:
130 if (signature
->digest_sign
!= NULL
)
132 signature
->digest_sign
133 = OSSL_FUNC_signature_digest_sign(fns
);
135 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT
:
136 if (signature
->digest_verify_init
!= NULL
)
138 signature
->digest_verify_init
139 = OSSL_FUNC_signature_digest_verify_init(fns
);
141 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE
:
142 if (signature
->digest_verify_update
!= NULL
)
144 signature
->digest_verify_update
145 = OSSL_FUNC_signature_digest_verify_update(fns
);
148 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL
:
149 if (signature
->digest_verify_final
!= NULL
)
151 signature
->digest_verify_final
152 = OSSL_FUNC_signature_digest_verify_final(fns
);
155 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY
:
156 if (signature
->digest_verify
!= NULL
)
158 signature
->digest_verify
159 = OSSL_FUNC_signature_digest_verify(fns
);
161 case OSSL_FUNC_SIGNATURE_FREECTX
:
162 if (signature
->freectx
!= NULL
)
164 signature
->freectx
= OSSL_FUNC_signature_freectx(fns
);
167 case OSSL_FUNC_SIGNATURE_DUPCTX
:
168 if (signature
->dupctx
!= NULL
)
170 signature
->dupctx
= OSSL_FUNC_signature_dupctx(fns
);
172 case OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS
:
173 if (signature
->get_ctx_params
!= NULL
)
175 signature
->get_ctx_params
176 = OSSL_FUNC_signature_get_ctx_params(fns
);
179 case OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS
:
180 if (signature
->gettable_ctx_params
!= NULL
)
182 signature
->gettable_ctx_params
183 = OSSL_FUNC_signature_gettable_ctx_params(fns
);
186 case OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS
:
187 if (signature
->set_ctx_params
!= NULL
)
189 signature
->set_ctx_params
190 = OSSL_FUNC_signature_set_ctx_params(fns
);
193 case OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS
:
194 if (signature
->settable_ctx_params
!= NULL
)
196 signature
->settable_ctx_params
197 = OSSL_FUNC_signature_settable_ctx_params(fns
);
200 case OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS
:
201 if (signature
->get_ctx_md_params
!= NULL
)
203 signature
->get_ctx_md_params
204 = OSSL_FUNC_signature_get_ctx_md_params(fns
);
207 case OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS
:
208 if (signature
->gettable_ctx_md_params
!= NULL
)
210 signature
->gettable_ctx_md_params
211 = OSSL_FUNC_signature_gettable_ctx_md_params(fns
);
214 case OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS
:
215 if (signature
->set_ctx_md_params
!= NULL
)
217 signature
->set_ctx_md_params
218 = OSSL_FUNC_signature_set_ctx_md_params(fns
);
221 case OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS
:
222 if (signature
->settable_ctx_md_params
!= NULL
)
224 signature
->settable_ctx_md_params
225 = OSSL_FUNC_signature_settable_ctx_md_params(fns
);
233 && verifyrecfncnt
== 0
235 && digverifyfncnt
== 0
236 && signature
->digest_sign
== NULL
237 && signature
->digest_verify
== NULL
)
238 || (signfncnt
!= 0 && signfncnt
!= 2)
239 || (verifyfncnt
!= 0 && verifyfncnt
!= 2)
240 || (verifyrecfncnt
!= 0 && verifyrecfncnt
!= 2)
241 || (digsignfncnt
!= 0 && digsignfncnt
!= 2)
242 || (digsignfncnt
== 2 && signature
->digest_sign_init
== NULL
)
243 || (digverifyfncnt
!= 0 && digverifyfncnt
!= 2)
244 || (digverifyfncnt
== 2 && signature
->digest_verify_init
== NULL
)
245 || (signature
->digest_sign
!= NULL
246 && signature
->digest_sign_init
== NULL
)
247 || (signature
->digest_verify
!= NULL
248 && signature
->digest_verify_init
== NULL
)
249 || (gparamfncnt
!= 0 && gparamfncnt
!= 2)
250 || (sparamfncnt
!= 0 && sparamfncnt
!= 2)
251 || (gmdparamfncnt
!= 0 && gmdparamfncnt
!= 2)
252 || (smdparamfncnt
!= 0 && smdparamfncnt
!= 2)) {
254 * In order to be a consistent set of functions we must have at least
255 * a set of context functions (newctx and freectx) as well as a set of
256 * "signature" functions:
257 * (sign_init, sign) or
258 * (verify_init verify) or
259 * (verify_recover_init, verify_recover) or
260 * (digest_sign_init, digest_sign_update, digest_sign_final) or
261 * (digest_verify_init, digest_verify_update, digest_verify_final) or
262 * (digest_sign_init, digest_sign) or
263 * (digest_verify_init, digest_verify).
265 * set_ctx_params and settable_ctx_params are optional, but if one of
266 * them is present then the other one must also be present. The same
267 * applies to get_ctx_params and gettable_ctx_params. The same rules
268 * apply to the "md_params" functions. The dupctx function is optional.
270 ERR_raise(ERR_LIB_EVP
, EVP_R_INVALID_PROVIDER_FUNCTIONS
);
276 EVP_SIGNATURE_free(signature
);
280 void EVP_SIGNATURE_free(EVP_SIGNATURE
*signature
)
284 if (signature
== NULL
)
286 CRYPTO_DOWN_REF(&signature
->refcnt
, &i
, signature
->lock
);
289 OPENSSL_free(signature
->type_name
);
290 ossl_provider_free(signature
->prov
);
291 CRYPTO_THREAD_lock_free(signature
->lock
);
292 OPENSSL_free(signature
);
295 int EVP_SIGNATURE_up_ref(EVP_SIGNATURE
*signature
)
299 CRYPTO_UP_REF(&signature
->refcnt
, &ref
, signature
->lock
);
303 OSSL_PROVIDER
*EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE
*signature
)
305 return signature
->prov
;
308 EVP_SIGNATURE
*EVP_SIGNATURE_fetch(OSSL_LIB_CTX
*ctx
, const char *algorithm
,
309 const char *properties
)
311 return evp_generic_fetch(ctx
, OSSL_OP_SIGNATURE
, algorithm
, properties
,
312 evp_signature_from_algorithm
,
313 (int (*)(void *))EVP_SIGNATURE_up_ref
,
314 (void (*)(void *))EVP_SIGNATURE_free
);
317 EVP_SIGNATURE
*evp_signature_fetch_from_prov(OSSL_PROVIDER
*prov
,
318 const char *algorithm
,
319 const char *properties
)
321 return evp_generic_fetch_from_prov(prov
, OSSL_OP_SIGNATURE
,
322 algorithm
, properties
,
323 evp_signature_from_algorithm
,
324 (int (*)(void *))EVP_SIGNATURE_up_ref
,
325 (void (*)(void *))EVP_SIGNATURE_free
);
328 int EVP_SIGNATURE_is_a(const EVP_SIGNATURE
*signature
, const char *name
)
330 return signature
!= NULL
331 && evp_is_a(signature
->prov
, signature
->name_id
, NULL
, name
);
334 int evp_signature_get_number(const EVP_SIGNATURE
*signature
)
336 return signature
->name_id
;
339 const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE
*signature
)
341 return signature
->type_name
;
344 const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE
*signature
)
346 return signature
->description
;
349 void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX
*libctx
,
350 void (*fn
)(EVP_SIGNATURE
*signature
,
354 evp_generic_do_all(libctx
, OSSL_OP_SIGNATURE
,
355 (void (*)(void *, void *))fn
, arg
,
356 evp_signature_from_algorithm
,
357 (int (*)(void *))EVP_SIGNATURE_up_ref
,
358 (void (*)(void *))EVP_SIGNATURE_free
);
362 int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE
*signature
,
363 void (*fn
)(const char *name
, void *data
),
366 if (signature
->prov
!= NULL
)
367 return evp_names_do_all(signature
->prov
, signature
->name_id
, fn
, data
);
372 const OSSL_PARAM
*EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE
*sig
)
376 if (sig
== NULL
|| sig
->gettable_ctx_params
== NULL
)
379 provctx
= ossl_provider_ctx(EVP_SIGNATURE_get0_provider(sig
));
380 return sig
->gettable_ctx_params(NULL
, provctx
);
383 const OSSL_PARAM
*EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE
*sig
)
387 if (sig
== NULL
|| sig
->settable_ctx_params
== NULL
)
390 provctx
= ossl_provider_ctx(EVP_SIGNATURE_get0_provider(sig
));
391 return sig
->settable_ctx_params(NULL
, provctx
);
394 static int evp_pkey_signature_init(EVP_PKEY_CTX
*ctx
, int operation
,
395 const OSSL_PARAM params
[])
398 void *provkey
= NULL
;
399 EVP_SIGNATURE
*signature
= NULL
;
400 EVP_KEYMGMT
*tmp_keymgmt
= NULL
;
401 const OSSL_PROVIDER
*tmp_prov
= NULL
;
402 const char *supported_sig
= NULL
;
406 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
410 evp_pkey_ctx_free_old_ops(ctx
);
411 ctx
->operation
= operation
;
415 if (evp_pkey_ctx_is_legacy(ctx
))
418 if (ctx
->pkey
== NULL
) {
419 ERR_clear_last_mark();
420 ERR_raise(ERR_LIB_EVP
, EVP_R_NO_KEY_SET
);
425 * Try to derive the supported signature from |ctx->keymgmt|.
427 if (!ossl_assert(ctx
->pkey
->keymgmt
== NULL
428 || ctx
->pkey
->keymgmt
== ctx
->keymgmt
)) {
429 ERR_clear_last_mark();
430 ERR_raise(ERR_LIB_EVP
, ERR_R_INTERNAL_ERROR
);
433 supported_sig
= evp_keymgmt_util_query_operation_name(ctx
->keymgmt
,
435 if (supported_sig
== NULL
) {
436 ERR_clear_last_mark();
437 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
442 * We perform two iterations:
444 * 1. Do the normal signature fetch, using the fetching data given by
446 * 2. Do the provider specific signature fetch, from the same provider
449 * We then try to fetch the keymgmt from the same provider as the
450 * signature, and try to export |ctx->pkey| to that keymgmt (when
451 * this keymgmt happens to be the same as |ctx->keymgmt|, the export
452 * is a no-op, but we call it anyway to not complicate the code even
454 * If the export call succeeds (returns a non-NULL provider key pointer),
455 * we're done and can perform the operation itself. If not, we perform
456 * the second iteration, or jump to legacy.
458 for (iter
= 1; iter
< 3 && provkey
== NULL
; iter
++) {
459 EVP_KEYMGMT
*tmp_keymgmt_tofree
= NULL
;
462 * If we're on the second iteration, free the results from the first.
463 * They are NULL on the first iteration, so no need to check what
464 * iteration we're on.
466 EVP_SIGNATURE_free(signature
);
467 EVP_KEYMGMT_free(tmp_keymgmt
);
472 EVP_SIGNATURE_fetch(ctx
->libctx
, supported_sig
, ctx
->propquery
);
473 if (signature
!= NULL
)
474 tmp_prov
= EVP_SIGNATURE_get0_provider(signature
);
477 tmp_prov
= EVP_KEYMGMT_get0_provider(ctx
->keymgmt
);
479 evp_signature_fetch_from_prov((OSSL_PROVIDER
*)tmp_prov
,
480 supported_sig
, ctx
->propquery
);
481 if (signature
== NULL
)
485 if (signature
== NULL
)
489 * Ensure that the key is provided, either natively, or as a cached
490 * export. We start by fetching the keymgmt with the same name as
491 * |ctx->pkey|, but from the provider of the signature method, using
492 * the same property query as when fetching the signature method.
493 * With the keymgmt we found (if we did), we try to export |ctx->pkey|
494 * to it (evp_pkey_export_to_provider() is smart enough to only actually
496 * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt)
498 tmp_keymgmt_tofree
= tmp_keymgmt
=
499 evp_keymgmt_fetch_from_prov((OSSL_PROVIDER
*)tmp_prov
,
500 EVP_KEYMGMT_get0_name(ctx
->keymgmt
),
502 if (tmp_keymgmt
!= NULL
)
503 provkey
= evp_pkey_export_to_provider(ctx
->pkey
, ctx
->libctx
,
504 &tmp_keymgmt
, ctx
->propquery
);
505 if (tmp_keymgmt
== NULL
)
506 EVP_KEYMGMT_free(tmp_keymgmt_tofree
);
509 if (provkey
== NULL
) {
510 EVP_SIGNATURE_free(signature
);
516 /* No more legacy from here down to legacy: */
518 ctx
->op
.sig
.signature
= signature
;
520 signature
->newctx(ossl_provider_ctx(signature
->prov
), ctx
->propquery
);
521 if (ctx
->op
.sig
.algctx
== NULL
) {
522 /* The provider key can stay in the cache */
523 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
528 case EVP_PKEY_OP_SIGN
:
529 if (signature
->sign_init
== NULL
) {
530 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
534 ret
= signature
->sign_init(ctx
->op
.sig
.algctx
, provkey
, params
);
536 case EVP_PKEY_OP_VERIFY
:
537 if (signature
->verify_init
== NULL
) {
538 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
542 ret
= signature
->verify_init(ctx
->op
.sig
.algctx
, provkey
, params
);
544 case EVP_PKEY_OP_VERIFYRECOVER
:
545 if (signature
->verify_recover_init
== NULL
) {
546 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
550 ret
= signature
->verify_recover_init(ctx
->op
.sig
.algctx
, provkey
,
554 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
559 signature
->freectx(ctx
->op
.sig
.algctx
);
560 ctx
->op
.sig
.algctx
= NULL
;
567 * If we don't have the full support we need with provided methods,
568 * let's go see if legacy does.
571 EVP_KEYMGMT_free(tmp_keymgmt
);
574 if (ctx
->pmeth
== NULL
575 || (operation
== EVP_PKEY_OP_SIGN
&& ctx
->pmeth
->sign
== NULL
)
576 || (operation
== EVP_PKEY_OP_VERIFY
&& ctx
->pmeth
->verify
== NULL
)
577 || (operation
== EVP_PKEY_OP_VERIFYRECOVER
578 && ctx
->pmeth
->verify_recover
== NULL
)) {
579 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
584 case EVP_PKEY_OP_SIGN
:
585 if (ctx
->pmeth
->sign_init
== NULL
)
587 ret
= ctx
->pmeth
->sign_init(ctx
);
589 case EVP_PKEY_OP_VERIFY
:
590 if (ctx
->pmeth
->verify_init
== NULL
)
592 ret
= ctx
->pmeth
->verify_init(ctx
);
594 case EVP_PKEY_OP_VERIFYRECOVER
:
595 if (ctx
->pmeth
->verify_recover_init
== NULL
)
597 ret
= ctx
->pmeth
->verify_recover_init(ctx
);
600 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
608 ret
= evp_pkey_ctx_use_cached_data(ctx
);
611 EVP_KEYMGMT_free(tmp_keymgmt
);
614 evp_pkey_ctx_free_old_ops(ctx
);
615 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
616 EVP_KEYMGMT_free(tmp_keymgmt
);
620 int EVP_PKEY_sign_init(EVP_PKEY_CTX
*ctx
)
622 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_SIGN
, NULL
);
625 int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX
*ctx
, const OSSL_PARAM params
[])
627 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_SIGN
, params
);
630 int EVP_PKEY_sign(EVP_PKEY_CTX
*ctx
,
631 unsigned char *sig
, size_t *siglen
,
632 const unsigned char *tbs
, size_t tbslen
)
637 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
641 if (ctx
->operation
!= EVP_PKEY_OP_SIGN
) {
642 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_INITIALIZED
);
646 if (ctx
->op
.sig
.algctx
== NULL
)
649 ret
= ctx
->op
.sig
.signature
->sign(ctx
->op
.sig
.algctx
, sig
, siglen
,
650 (sig
== NULL
) ? 0 : *siglen
, tbs
, tbslen
);
655 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->sign
== NULL
) {
656 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
660 M_check_autoarg(ctx
, sig
, siglen
, EVP_F_EVP_PKEY_SIGN
)
661 return ctx
->pmeth
->sign(ctx
, sig
, siglen
, tbs
, tbslen
);
664 int EVP_PKEY_verify_init(EVP_PKEY_CTX
*ctx
)
666 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFY
, NULL
);
669 int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX
*ctx
, const OSSL_PARAM params
[])
671 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFY
, params
);
674 int EVP_PKEY_verify(EVP_PKEY_CTX
*ctx
,
675 const unsigned char *sig
, size_t siglen
,
676 const unsigned char *tbs
, size_t tbslen
)
681 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
685 if (ctx
->operation
!= EVP_PKEY_OP_VERIFY
) {
686 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_INITIALIZED
);
690 if (ctx
->op
.sig
.algctx
== NULL
)
693 ret
= ctx
->op
.sig
.signature
->verify(ctx
->op
.sig
.algctx
, sig
, siglen
,
698 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->verify
== NULL
) {
699 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
703 return ctx
->pmeth
->verify(ctx
, sig
, siglen
, tbs
, tbslen
);
706 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX
*ctx
)
708 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFYRECOVER
, NULL
);
711 int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX
*ctx
,
712 const OSSL_PARAM params
[])
714 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFYRECOVER
, params
);
717 int EVP_PKEY_verify_recover(EVP_PKEY_CTX
*ctx
,
718 unsigned char *rout
, size_t *routlen
,
719 const unsigned char *sig
, size_t siglen
)
724 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
728 if (ctx
->operation
!= EVP_PKEY_OP_VERIFYRECOVER
) {
729 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_INITIALIZED
);
733 if (ctx
->op
.sig
.algctx
== NULL
)
736 ret
= ctx
->op
.sig
.signature
->verify_recover(ctx
->op
.sig
.algctx
, rout
,
738 (rout
== NULL
? 0 : *routlen
),
742 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->verify_recover
== NULL
) {
743 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
746 M_check_autoarg(ctx
, rout
, routlen
, EVP_F_EVP_PKEY_VERIFY_RECOVER
)
747 return ctx
->pmeth
->verify_recover(ctx
, rout
, routlen
, sig
, siglen
);