]>
Commit | Line | Data |
---|---|---|
12603de6 SL |
1 | /* |
2 | * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <stdio.h> | |
11 | #include <stdlib.h> | |
12 | #include "internal/cryptlib.h" | |
13 | #include <openssl/objects.h> | |
14 | #include <openssl/evp.h> | |
15 | #include "crypto/bn.h" | |
16 | #include "crypto/asn1.h" | |
17 | #include "crypto/evp.h" | |
18 | #include "evp_local.h" | |
19 | ||
dc56dedd RL |
20 | /* |
21 | * Returns: | |
22 | * 1 True | |
23 | * 0 False | |
24 | * -1 Unsupported (use legacy path) | |
25 | */ | |
26 | static int try_provided_check(EVP_PKEY_CTX *ctx, int selection) | |
27 | { | |
28 | EVP_KEYMGMT *keymgmt; | |
29 | void *keydata; | |
30 | ||
31 | if (evp_pkey_ctx_is_legacy(ctx)) | |
32 | return -1; | |
33 | ||
34 | keymgmt = ctx->keymgmt; | |
35 | keydata = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx, | |
36 | &keymgmt, ctx->propquery); | |
37 | if (keydata == NULL) { | |
38 | ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); | |
39 | return 0; | |
40 | } | |
41 | ||
42 | return evp_keymgmt_validate(keymgmt, keydata, selection); | |
43 | } | |
44 | ||
12603de6 SL |
45 | int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx) |
46 | { | |
47 | EVP_PKEY *pkey = ctx->pkey; | |
dc56dedd | 48 | int ok; |
12603de6 SL |
49 | |
50 | if (pkey == NULL) { | |
9311d0c4 | 51 | ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); |
12603de6 SL |
52 | return 0; |
53 | } | |
54 | ||
dc56dedd RL |
55 | if ((ok = try_provided_check(ctx, OSSL_KEYMGMT_SELECT_PUBLIC_KEY)) != -1) |
56 | return ok; | |
12603de6 | 57 | |
adc9f731 RL |
58 | if (pkey->type == EVP_PKEY_NONE) |
59 | goto not_supported; | |
60 | ||
f844f9eb | 61 | #ifndef FIPS_MODULE |
12603de6 SL |
62 | /* legacy */ |
63 | /* call customized public key check function first */ | |
64 | if (ctx->pmeth->public_check != NULL) | |
65 | return ctx->pmeth->public_check(pkey); | |
66 | ||
67 | /* use default public key check function in ameth */ | |
adc9f731 RL |
68 | if (pkey->ameth == NULL || pkey->ameth->pkey_public_check == NULL) |
69 | goto not_supported; | |
12603de6 SL |
70 | |
71 | return pkey->ameth->pkey_public_check(pkey); | |
adc9f731 RL |
72 | #endif |
73 | not_supported: | |
9311d0c4 | 74 | ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); |
adc9f731 | 75 | return -2; |
12603de6 SL |
76 | } |
77 | ||
78 | int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx) | |
79 | { | |
80 | EVP_PKEY *pkey = ctx->pkey; | |
dc56dedd | 81 | int ok; |
12603de6 SL |
82 | |
83 | if (pkey == NULL) { | |
9311d0c4 | 84 | ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); |
12603de6 SL |
85 | return 0; |
86 | } | |
87 | ||
dc56dedd RL |
88 | if ((ok = try_provided_check(ctx, |
89 | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS)) != -1) | |
90 | return ok; | |
12603de6 | 91 | |
adc9f731 RL |
92 | if (pkey->type == EVP_PKEY_NONE) |
93 | goto not_supported; | |
94 | ||
f844f9eb | 95 | #ifndef FIPS_MODULE |
adc9f731 | 96 | /* legacy */ |
12603de6 SL |
97 | /* call customized param check function first */ |
98 | if (ctx->pmeth->param_check != NULL) | |
99 | return ctx->pmeth->param_check(pkey); | |
100 | ||
12603de6 | 101 | /* use default param check function in ameth */ |
adc9f731 RL |
102 | if (pkey->ameth == NULL || pkey->ameth->pkey_param_check == NULL) |
103 | goto not_supported; | |
12603de6 SL |
104 | |
105 | return pkey->ameth->pkey_param_check(pkey); | |
adc9f731 RL |
106 | #endif |
107 | not_supported: | |
9311d0c4 | 108 | ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); |
adc9f731 | 109 | return -2; |
12603de6 SL |
110 | } |
111 | ||
112 | int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx) | |
113 | { | |
114 | EVP_PKEY *pkey = ctx->pkey; | |
dc56dedd | 115 | int ok; |
12603de6 SL |
116 | |
117 | if (pkey == NULL) { | |
9311d0c4 | 118 | ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); |
12603de6 SL |
119 | return 0; |
120 | } | |
121 | ||
dc56dedd RL |
122 | if ((ok = try_provided_check(ctx, OSSL_KEYMGMT_SELECT_PRIVATE_KEY)) != -1) |
123 | return ok; | |
12603de6 | 124 | |
12603de6 | 125 | /* not supported for legacy keys */ |
9311d0c4 | 126 | ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); |
12603de6 SL |
127 | return -2; |
128 | } | |
129 | ||
130 | int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx) | |
131 | { | |
132 | EVP_PKEY *pkey = ctx->pkey; | |
dc56dedd | 133 | int ok; |
12603de6 SL |
134 | |
135 | if (pkey == NULL) { | |
9311d0c4 | 136 | ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); |
12603de6 SL |
137 | return 0; |
138 | } | |
139 | ||
dc56dedd RL |
140 | if ((ok = try_provided_check(ctx, OSSL_KEYMGMT_SELECT_KEYPAIR)) != -1) |
141 | return ok; | |
12603de6 | 142 | |
12603de6 | 143 | /* not supported for legacy keys */ |
9311d0c4 | 144 | ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); |
12603de6 SL |
145 | return -2; |
146 | } | |
147 | ||
148 | int EVP_PKEY_check(EVP_PKEY_CTX *ctx) | |
149 | { | |
150 | EVP_PKEY *pkey = ctx->pkey; | |
dc56dedd | 151 | int ok; |
12603de6 SL |
152 | |
153 | if (pkey == NULL) { | |
9311d0c4 | 154 | ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); |
12603de6 SL |
155 | return 0; |
156 | } | |
157 | ||
dc56dedd RL |
158 | if ((ok = try_provided_check(ctx, OSSL_KEYMGMT_SELECT_KEYPAIR)) != -1) |
159 | return ok; | |
12603de6 | 160 | |
adc9f731 RL |
161 | if (pkey->type == EVP_PKEY_NONE) |
162 | goto not_supported; | |
163 | ||
f844f9eb | 164 | #ifndef FIPS_MODULE |
12603de6 SL |
165 | /* legacy */ |
166 | /* call customized check function first */ | |
167 | if (ctx->pmeth->check != NULL) | |
168 | return ctx->pmeth->check(pkey); | |
169 | ||
170 | /* use default check function in ameth */ | |
adc9f731 RL |
171 | if (pkey->ameth == NULL || pkey->ameth->pkey_check == NULL) |
172 | goto not_supported; | |
12603de6 SL |
173 | |
174 | return pkey->ameth->pkey_check(pkey); | |
adc9f731 RL |
175 | #endif |
176 | not_supported: | |
9311d0c4 | 177 | ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); |
adc9f731 | 178 | return -2; |
12603de6 SL |
179 | } |
180 |