2 * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/objects.h>
13 #include <openssl/evp.h>
14 #include "internal/numbers.h" /* includes SIZE_MAX */
15 #include "internal/cryptlib.h"
16 #include "internal/provider.h"
17 #include "internal/core.h"
18 #include "crypto/evp.h"
19 #include "evp_local.h"
21 static EVP_SIGNATURE
*evp_signature_new(OSSL_PROVIDER
*prov
)
23 EVP_SIGNATURE
*signature
= OPENSSL_zalloc(sizeof(EVP_SIGNATURE
));
25 if (signature
== NULL
) {
26 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
30 signature
->lock
= CRYPTO_THREAD_lock_new();
31 if (signature
->lock
== NULL
) {
32 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
33 OPENSSL_free(signature
);
36 signature
->prov
= prov
;
37 ossl_provider_up_ref(prov
);
38 signature
->refcnt
= 1;
43 static void *evp_signature_from_algorithm(int name_id
,
44 const OSSL_ALGORITHM
*algodef
,
47 const OSSL_DISPATCH
*fns
= algodef
->implementation
;
48 EVP_SIGNATURE
*signature
= NULL
;
49 int ctxfncnt
= 0, signfncnt
= 0, verifyfncnt
= 0, verifyrecfncnt
= 0;
50 int digsignfncnt
= 0, digverifyfncnt
= 0;
51 int gparamfncnt
= 0, sparamfncnt
= 0, gmdparamfncnt
= 0, smdparamfncnt
= 0;
53 if ((signature
= evp_signature_new(prov
)) == NULL
) {
54 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
58 signature
->name_id
= name_id
;
59 if ((signature
->type_name
= ossl_algorithm_get1_first_name(algodef
)) == NULL
)
61 signature
->description
= algodef
->algorithm_description
;
63 for (; fns
->function_id
!= 0; fns
++) {
64 switch (fns
->function_id
) {
65 case OSSL_FUNC_SIGNATURE_NEWCTX
:
66 if (signature
->newctx
!= NULL
)
68 signature
->newctx
= OSSL_FUNC_signature_newctx(fns
);
71 case OSSL_FUNC_SIGNATURE_SIGN_INIT
:
72 if (signature
->sign_init
!= NULL
)
74 signature
->sign_init
= OSSL_FUNC_signature_sign_init(fns
);
77 case OSSL_FUNC_SIGNATURE_SIGN
:
78 if (signature
->sign
!= NULL
)
80 signature
->sign
= OSSL_FUNC_signature_sign(fns
);
83 case OSSL_FUNC_SIGNATURE_VERIFY_INIT
:
84 if (signature
->verify_init
!= NULL
)
86 signature
->verify_init
= OSSL_FUNC_signature_verify_init(fns
);
89 case OSSL_FUNC_SIGNATURE_VERIFY
:
90 if (signature
->verify
!= NULL
)
92 signature
->verify
= OSSL_FUNC_signature_verify(fns
);
95 case OSSL_FUNC_SIGNATURE_VERIFY_RECOVER_INIT
:
96 if (signature
->verify_recover_init
!= NULL
)
98 signature
->verify_recover_init
99 = OSSL_FUNC_signature_verify_recover_init(fns
);
102 case OSSL_FUNC_SIGNATURE_VERIFY_RECOVER
:
103 if (signature
->verify_recover
!= NULL
)
105 signature
->verify_recover
106 = OSSL_FUNC_signature_verify_recover(fns
);
109 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT
:
110 if (signature
->digest_sign_init
!= NULL
)
112 signature
->digest_sign_init
113 = OSSL_FUNC_signature_digest_sign_init(fns
);
115 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE
:
116 if (signature
->digest_sign_update
!= NULL
)
118 signature
->digest_sign_update
119 = OSSL_FUNC_signature_digest_sign_update(fns
);
122 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL
:
123 if (signature
->digest_sign_final
!= NULL
)
125 signature
->digest_sign_final
126 = OSSL_FUNC_signature_digest_sign_final(fns
);
129 case OSSL_FUNC_SIGNATURE_DIGEST_SIGN
:
130 if (signature
->digest_sign
!= NULL
)
132 signature
->digest_sign
133 = OSSL_FUNC_signature_digest_sign(fns
);
135 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT
:
136 if (signature
->digest_verify_init
!= NULL
)
138 signature
->digest_verify_init
139 = OSSL_FUNC_signature_digest_verify_init(fns
);
141 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE
:
142 if (signature
->digest_verify_update
!= NULL
)
144 signature
->digest_verify_update
145 = OSSL_FUNC_signature_digest_verify_update(fns
);
148 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL
:
149 if (signature
->digest_verify_final
!= NULL
)
151 signature
->digest_verify_final
152 = OSSL_FUNC_signature_digest_verify_final(fns
);
155 case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY
:
156 if (signature
->digest_verify
!= NULL
)
158 signature
->digest_verify
159 = OSSL_FUNC_signature_digest_verify(fns
);
161 case OSSL_FUNC_SIGNATURE_FREECTX
:
162 if (signature
->freectx
!= NULL
)
164 signature
->freectx
= OSSL_FUNC_signature_freectx(fns
);
167 case OSSL_FUNC_SIGNATURE_DUPCTX
:
168 if (signature
->dupctx
!= NULL
)
170 signature
->dupctx
= OSSL_FUNC_signature_dupctx(fns
);
172 case OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS
:
173 if (signature
->get_ctx_params
!= NULL
)
175 signature
->get_ctx_params
176 = OSSL_FUNC_signature_get_ctx_params(fns
);
179 case OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS
:
180 if (signature
->gettable_ctx_params
!= NULL
)
182 signature
->gettable_ctx_params
183 = OSSL_FUNC_signature_gettable_ctx_params(fns
);
186 case OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS
:
187 if (signature
->set_ctx_params
!= NULL
)
189 signature
->set_ctx_params
190 = OSSL_FUNC_signature_set_ctx_params(fns
);
193 case OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS
:
194 if (signature
->settable_ctx_params
!= NULL
)
196 signature
->settable_ctx_params
197 = OSSL_FUNC_signature_settable_ctx_params(fns
);
200 case OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS
:
201 if (signature
->get_ctx_md_params
!= NULL
)
203 signature
->get_ctx_md_params
204 = OSSL_FUNC_signature_get_ctx_md_params(fns
);
207 case OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS
:
208 if (signature
->gettable_ctx_md_params
!= NULL
)
210 signature
->gettable_ctx_md_params
211 = OSSL_FUNC_signature_gettable_ctx_md_params(fns
);
214 case OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS
:
215 if (signature
->set_ctx_md_params
!= NULL
)
217 signature
->set_ctx_md_params
218 = OSSL_FUNC_signature_set_ctx_md_params(fns
);
221 case OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS
:
222 if (signature
->settable_ctx_md_params
!= NULL
)
224 signature
->settable_ctx_md_params
225 = OSSL_FUNC_signature_settable_ctx_md_params(fns
);
233 && verifyrecfncnt
== 0
235 && digverifyfncnt
== 0
236 && signature
->digest_sign
== NULL
237 && signature
->digest_verify
== NULL
)
238 || (signfncnt
!= 0 && signfncnt
!= 2)
239 || (verifyfncnt
!= 0 && verifyfncnt
!= 2)
240 || (verifyrecfncnt
!= 0 && verifyrecfncnt
!= 2)
241 || (digsignfncnt
!= 0 && digsignfncnt
!= 2)
242 || (digsignfncnt
== 2 && signature
->digest_sign_init
== NULL
)
243 || (digverifyfncnt
!= 0 && digverifyfncnt
!= 2)
244 || (digverifyfncnt
== 2 && signature
->digest_verify_init
== NULL
)
245 || (signature
->digest_sign
!= NULL
246 && signature
->digest_sign_init
== NULL
)
247 || (signature
->digest_verify
!= NULL
248 && signature
->digest_verify_init
== NULL
)
249 || (gparamfncnt
!= 0 && gparamfncnt
!= 2)
250 || (sparamfncnt
!= 0 && sparamfncnt
!= 2)
251 || (gmdparamfncnt
!= 0 && gmdparamfncnt
!= 2)
252 || (smdparamfncnt
!= 0 && smdparamfncnt
!= 2)) {
254 * In order to be a consistent set of functions we must have at least
255 * a set of context functions (newctx and freectx) as well as a set of
256 * "signature" functions:
257 * (sign_init, sign) or
258 * (verify_init verify) or
259 * (verify_recover_init, verify_recover) or
260 * (digest_sign_init, digest_sign_update, digest_sign_final) or
261 * (digest_verify_init, digest_verify_update, digest_verify_final) or
262 * (digest_sign_init, digest_sign) or
263 * (digest_verify_init, digest_verify).
265 * set_ctx_params and settable_ctx_params are optional, but if one of
266 * them is present then the other one must also be present. The same
267 * applies to get_ctx_params and gettable_ctx_params. The same rules
268 * apply to the "md_params" functions. The dupctx function is optional.
270 ERR_raise(ERR_LIB_EVP
, EVP_R_INVALID_PROVIDER_FUNCTIONS
);
276 EVP_SIGNATURE_free(signature
);
280 void EVP_SIGNATURE_free(EVP_SIGNATURE
*signature
)
284 if (signature
== NULL
)
286 CRYPTO_DOWN_REF(&signature
->refcnt
, &i
, signature
->lock
);
289 OPENSSL_free(signature
->type_name
);
290 ossl_provider_free(signature
->prov
);
291 CRYPTO_THREAD_lock_free(signature
->lock
);
292 OPENSSL_free(signature
);
295 int EVP_SIGNATURE_up_ref(EVP_SIGNATURE
*signature
)
299 CRYPTO_UP_REF(&signature
->refcnt
, &ref
, signature
->lock
);
303 OSSL_PROVIDER
*EVP_SIGNATURE_provider(const EVP_SIGNATURE
*signature
)
305 return signature
->prov
;
308 EVP_SIGNATURE
*EVP_SIGNATURE_fetch(OSSL_LIB_CTX
*ctx
, const char *algorithm
,
309 const char *properties
)
311 return evp_generic_fetch(ctx
, OSSL_OP_SIGNATURE
, algorithm
, properties
,
312 evp_signature_from_algorithm
,
313 (int (*)(void *))EVP_SIGNATURE_up_ref
,
314 (void (*)(void *))EVP_SIGNATURE_free
);
317 int EVP_SIGNATURE_is_a(const EVP_SIGNATURE
*signature
, const char *name
)
319 return evp_is_a(signature
->prov
, signature
->name_id
, NULL
, name
);
322 int EVP_SIGNATURE_number(const EVP_SIGNATURE
*signature
)
324 return signature
->name_id
;
327 const char *EVP_SIGNATURE_name(const EVP_SIGNATURE
*signature
)
329 return signature
->type_name
;
332 const char *EVP_SIGNATURE_description(const EVP_SIGNATURE
*signature
)
334 return signature
->description
;
337 void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX
*libctx
,
338 void (*fn
)(EVP_SIGNATURE
*signature
,
342 evp_generic_do_all(libctx
, OSSL_OP_SIGNATURE
,
343 (void (*)(void *, void *))fn
, arg
,
344 evp_signature_from_algorithm
,
345 (void (*)(void *))EVP_SIGNATURE_free
);
349 int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE
*signature
,
350 void (*fn
)(const char *name
, void *data
),
353 if (signature
->prov
!= NULL
)
354 return evp_names_do_all(signature
->prov
, signature
->name_id
, fn
, data
);
359 const OSSL_PARAM
*EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE
*sig
)
363 if (sig
== NULL
|| sig
->gettable_ctx_params
== NULL
)
366 provctx
= ossl_provider_ctx(EVP_SIGNATURE_provider(sig
));
367 return sig
->gettable_ctx_params(NULL
, provctx
);
370 const OSSL_PARAM
*EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE
*sig
)
374 if (sig
== NULL
|| sig
->settable_ctx_params
== NULL
)
377 provctx
= ossl_provider_ctx(EVP_SIGNATURE_provider(sig
));
378 return sig
->settable_ctx_params(NULL
, provctx
);
381 static int evp_pkey_signature_init(EVP_PKEY_CTX
*ctx
, int operation
,
382 const OSSL_PARAM params
[])
385 void *provkey
= NULL
;
386 EVP_SIGNATURE
*signature
= NULL
;
387 EVP_KEYMGMT
*tmp_keymgmt
= NULL
;
388 const char *supported_sig
= NULL
;
391 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
395 evp_pkey_ctx_free_old_ops(ctx
);
396 ctx
->operation
= operation
;
399 * TODO when we stop falling back to legacy, this and the ERR_pop_to_mark()
400 * calls can be removed.
404 if (evp_pkey_ctx_is_legacy(ctx
))
408 * Ensure that the key is provided, either natively, or as a cached export.
411 tmp_keymgmt
= ctx
->keymgmt
;
412 provkey
= evp_pkey_export_to_provider(ctx
->pkey
, ctx
->libctx
,
413 &tmp_keymgmt
, ctx
->propquery
);
414 if (tmp_keymgmt
== NULL
)
416 if (!EVP_KEYMGMT_up_ref(tmp_keymgmt
)) {
417 ERR_clear_last_mark();
418 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
421 EVP_KEYMGMT_free(ctx
->keymgmt
);
422 ctx
->keymgmt
= tmp_keymgmt
;
424 if (ctx
->keymgmt
->query_operation_name
!= NULL
)
425 supported_sig
= ctx
->keymgmt
->query_operation_name(OSSL_OP_SIGNATURE
);
428 * If we didn't get a supported sig, assume there is one with the
429 * same name as the key type.
431 if (supported_sig
== NULL
)
432 supported_sig
= ctx
->keytype
;
435 * Because we cleared out old ops, we shouldn't need to worry about
436 * checking if signature is already there.
439 EVP_SIGNATURE_fetch(ctx
->libctx
, supported_sig
, ctx
->propquery
);
441 if (signature
== NULL
442 || (EVP_KEYMGMT_provider(ctx
->keymgmt
)
443 != EVP_SIGNATURE_provider(signature
))) {
445 * We don't need to free ctx->keymgmt here, as it's not necessarily
446 * tied to this operation. It will be freed by EVP_PKEY_CTX_free().
448 EVP_SIGNATURE_free(signature
);
453 * TODO remove this when legacy is gone
454 * If we don't have the full support we need with provided methods,
455 * let's go see if legacy does.
459 /* No more legacy from here down to legacy: */
461 ctx
->op
.sig
.signature
= signature
;
463 signature
->newctx(ossl_provider_ctx(signature
->prov
), ctx
->propquery
);
464 if (ctx
->op
.sig
.algctx
== NULL
) {
465 /* The provider key can stay in the cache */
466 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
471 case EVP_PKEY_OP_SIGN
:
472 if (signature
->sign_init
== NULL
) {
473 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
477 ret
= signature
->sign_init(ctx
->op
.sig
.algctx
, provkey
, params
);
479 case EVP_PKEY_OP_VERIFY
:
480 if (signature
->verify_init
== NULL
) {
481 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
485 ret
= signature
->verify_init(ctx
->op
.sig
.algctx
, provkey
, params
);
487 case EVP_PKEY_OP_VERIFYRECOVER
:
488 if (signature
->verify_recover_init
== NULL
) {
489 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
493 ret
= signature
->verify_recover_init(ctx
->op
.sig
.algctx
, provkey
,
497 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
502 signature
->freectx(ctx
->op
.sig
.algctx
);
503 ctx
->op
.sig
.algctx
= NULL
;
510 * TODO remove this when legacy is gone
511 * If we don't have the full support we need with provided methods,
512 * let's go see if legacy does.
516 if (ctx
->pmeth
== NULL
517 || (operation
== EVP_PKEY_OP_SIGN
&& ctx
->pmeth
->sign
== NULL
)
518 || (operation
== EVP_PKEY_OP_VERIFY
&& ctx
->pmeth
->verify
== NULL
)
519 || (operation
== EVP_PKEY_OP_VERIFYRECOVER
520 && ctx
->pmeth
->verify_recover
== NULL
)) {
521 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
526 case EVP_PKEY_OP_SIGN
:
527 if (ctx
->pmeth
->sign_init
== NULL
)
529 ret
= ctx
->pmeth
->sign_init(ctx
);
531 case EVP_PKEY_OP_VERIFY
:
532 if (ctx
->pmeth
->verify_init
== NULL
)
534 ret
= ctx
->pmeth
->verify_init(ctx
);
536 case EVP_PKEY_OP_VERIFYRECOVER
:
537 if (ctx
->pmeth
->verify_recover_init
== NULL
)
539 ret
= ctx
->pmeth
->verify_recover_init(ctx
);
542 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
550 ret
= evp_pkey_ctx_use_cached_data(ctx
);
555 evp_pkey_ctx_free_old_ops(ctx
);
556 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
560 int EVP_PKEY_sign_init(EVP_PKEY_CTX
*ctx
)
562 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_SIGN
, NULL
);
565 int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX
*ctx
, const OSSL_PARAM params
[])
567 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_SIGN
, params
);
570 int EVP_PKEY_sign(EVP_PKEY_CTX
*ctx
,
571 unsigned char *sig
, size_t *siglen
,
572 const unsigned char *tbs
, size_t tbslen
)
577 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
581 if (ctx
->operation
!= EVP_PKEY_OP_SIGN
) {
582 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_INITIALIZED
);
586 if (ctx
->op
.sig
.algctx
== NULL
)
589 ret
= ctx
->op
.sig
.signature
->sign(ctx
->op
.sig
.algctx
, sig
, siglen
,
590 SIZE_MAX
, tbs
, tbslen
);
595 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->sign
== NULL
) {
596 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
600 M_check_autoarg(ctx
, sig
, siglen
, EVP_F_EVP_PKEY_SIGN
)
601 return ctx
->pmeth
->sign(ctx
, sig
, siglen
, tbs
, tbslen
);
604 int EVP_PKEY_verify_init(EVP_PKEY_CTX
*ctx
)
606 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFY
, NULL
);
609 int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX
*ctx
, const OSSL_PARAM params
[])
611 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFY
, params
);
614 int EVP_PKEY_verify(EVP_PKEY_CTX
*ctx
,
615 const unsigned char *sig
, size_t siglen
,
616 const unsigned char *tbs
, size_t tbslen
)
621 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
625 if (ctx
->operation
!= EVP_PKEY_OP_VERIFY
) {
626 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_INITIALIZED
);
630 if (ctx
->op
.sig
.algctx
== NULL
)
633 ret
= ctx
->op
.sig
.signature
->verify(ctx
->op
.sig
.algctx
, sig
, siglen
,
638 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->verify
== NULL
) {
639 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
643 return ctx
->pmeth
->verify(ctx
, sig
, siglen
, tbs
, tbslen
);
646 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX
*ctx
)
648 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFYRECOVER
, NULL
);
651 int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX
*ctx
,
652 const OSSL_PARAM params
[])
654 return evp_pkey_signature_init(ctx
, EVP_PKEY_OP_VERIFYRECOVER
, params
);
657 int EVP_PKEY_verify_recover(EVP_PKEY_CTX
*ctx
,
658 unsigned char *rout
, size_t *routlen
,
659 const unsigned char *sig
, size_t siglen
)
664 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
668 if (ctx
->operation
!= EVP_PKEY_OP_VERIFYRECOVER
) {
669 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_INITIALIZED
);
673 if (ctx
->op
.sig
.algctx
== NULL
)
676 ret
= ctx
->op
.sig
.signature
->verify_recover(ctx
->op
.sig
.algctx
, rout
,
678 (rout
== NULL
? 0 : *routlen
),
682 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->verify_recover
== NULL
) {
683 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
686 M_check_autoarg(ctx
, rout
, routlen
, EVP_F_EVP_PKEY_VERIFY_RECOVER
)
687 return ctx
->pmeth
->verify_recover(ctx
, rout
, routlen
, sig
, siglen
);