]>
Commit | Line | Data |
---|---|---|
2039c421 | 1 | /* |
fecb3aae | 2 | * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. |
8df61b50 | 3 | * |
365a2d99 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
2039c421 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8df61b50 | 8 | */ |
d02b48c6 RE |
9 | |
10 | #include <stdio.h> | |
11 | #include <time.h> | |
b379fe6c | 12 | #include <sys/types.h> |
d02b48c6 | 13 | |
b39fc560 | 14 | #include "internal/cryptlib.h" |
17f389bb | 15 | |
ec577822 BM |
16 | #include <openssl/bn.h> |
17 | #include <openssl/evp.h> | |
18 | #include <openssl/x509.h> | |
19 | #include <openssl/objects.h> | |
20 | #include <openssl/buffer.h> | |
d5aef594 | 21 | #include <openssl/core_names.h> |
25f2138b DMSP |
22 | #include "crypto/asn1.h" |
23 | #include "crypto/evp.h" | |
d02b48c6 | 24 | |
12d99aac | 25 | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
73e92de5 | 26 | |
8bb826ee | 27 | int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, |
0f113f3e MC |
28 | ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, |
29 | const EVP_MD *type) | |
30 | { | |
bfb0641f | 31 | EVP_MD_CTX *ctx = EVP_MD_CTX_new(); |
0f113f3e | 32 | unsigned char *p, *buf_in = NULL, *buf_out = NULL; |
da84249b F |
33 | int i, inl = 0, outl = 0; |
34 | size_t inll = 0, outll = 0; | |
0f113f3e | 35 | X509_ALGOR *a; |
d02b48c6 | 36 | |
6e59a892 | 37 | if (ctx == NULL) { |
9311d0c4 | 38 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
6e59a892 RL |
39 | goto err; |
40 | } | |
0f113f3e MC |
41 | for (i = 0; i < 2; i++) { |
42 | if (i == 0) | |
43 | a = algor1; | |
44 | else | |
45 | a = algor2; | |
46 | if (a == NULL) | |
47 | continue; | |
48 | if (type->pkey_type == NID_dsaWithSHA1) { | |
49 | /* | |
50 | * special case: RFC 2459 tells us to omit 'parameters' with | |
51 | * id-dsa-with-sha1 | |
52 | */ | |
53 | ASN1_TYPE_free(a->parameter); | |
54 | a->parameter = NULL; | |
55 | } else if ((a->parameter == NULL) || | |
56 | (a->parameter->type != V_ASN1_NULL)) { | |
57 | ASN1_TYPE_free(a->parameter); | |
58 | if ((a->parameter = ASN1_TYPE_new()) == NULL) | |
59 | goto err; | |
60 | a->parameter->type = V_ASN1_NULL; | |
61 | } | |
62 | ASN1_OBJECT_free(a->algorithm); | |
63 | a->algorithm = OBJ_nid2obj(type->pkey_type); | |
64 | if (a->algorithm == NULL) { | |
9311d0c4 | 65 | ERR_raise(ERR_LIB_ASN1, ASN1_R_UNKNOWN_OBJECT_TYPE); |
0f113f3e MC |
66 | goto err; |
67 | } | |
68 | if (a->algorithm->length == 0) { | |
9311d0c4 RL |
69 | ERR_raise(ERR_LIB_ASN1, |
70 | ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); | |
0f113f3e MC |
71 | goto err; |
72 | } | |
73 | } | |
74 | inl = i2d(data, NULL); | |
da84249b | 75 | if (inl <= 0) { |
9311d0c4 | 76 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
da84249b F |
77 | goto err; |
78 | } | |
79 | inll = (size_t)inl; | |
80 | buf_in = OPENSSL_malloc(inll); | |
ed576acd | 81 | outll = outl = EVP_PKEY_get_size(pkey); |
da84249b F |
82 | buf_out = OPENSSL_malloc(outll); |
83 | if (buf_in == NULL || buf_out == NULL) { | |
0f113f3e | 84 | outl = 0; |
9311d0c4 | 85 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
86 | goto err; |
87 | } | |
88 | p = buf_in; | |
d02b48c6 | 89 | |
0f113f3e | 90 | i2d(data, &p); |
6e59a892 RL |
91 | if (!EVP_SignInit_ex(ctx, type, NULL) |
92 | || !EVP_SignUpdate(ctx, (unsigned char *)buf_in, inl) | |
93 | || !EVP_SignFinal(ctx, (unsigned char *)buf_out, | |
0f113f3e MC |
94 | (unsigned int *)&outl, pkey)) { |
95 | outl = 0; | |
9311d0c4 | 96 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
0f113f3e MC |
97 | goto err; |
98 | } | |
33847508 | 99 | ASN1_STRING_set0(signature, buf_out, outl); |
0f113f3e | 100 | buf_out = NULL; |
0f113f3e MC |
101 | /* |
102 | * In the interests of compatibility, I'll make sure that the bit string | |
103 | * has a 'not-used bits' value of 0 | |
104 | */ | |
7c310e87 | 105 | ossl_asn1_string_set_bits_left(signature, 0); |
0f113f3e | 106 | err: |
bfb0641f | 107 | EVP_MD_CTX_free(ctx); |
da84249b | 108 | OPENSSL_clear_free((char *)buf_in, inll); |
4b45c6e5 | 109 | OPENSSL_clear_free((char *)buf_out, outll); |
26a7d938 | 110 | return outl; |
0f113f3e | 111 | } |
09ab755c | 112 | |
73e92de5 DSH |
113 | #endif |
114 | ||
ded346fa DDO |
115 | int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, |
116 | ASN1_BIT_STRING *signature, const void *data, | |
117 | EVP_PKEY *pkey, const EVP_MD *md) | |
0f113f3e | 118 | { |
d8652be0 MC |
119 | return ASN1_item_sign_ex(it, algor1, algor2, signature, data, NULL, pkey, |
120 | md, NULL, NULL); | |
ded346fa DDO |
121 | } |
122 | ||
d8652be0 MC |
123 | int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, |
124 | X509_ALGOR *algor2, ASN1_BIT_STRING *signature, | |
125 | const void *data, const ASN1_OCTET_STRING *id, | |
b4250010 | 126 | EVP_PKEY *pkey, const EVP_MD *md, OSSL_LIB_CTX *libctx, |
d8652be0 | 127 | const char *propq) |
ded346fa DDO |
128 | { |
129 | int rv = 0; | |
d8652be0 | 130 | EVP_MD_CTX *ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq); |
6e59a892 RL |
131 | |
132 | if (ctx == NULL) { | |
9311d0c4 | 133 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
134 | return 0; |
135 | } | |
e6c2f964 | 136 | /* We can use the non _ex variant here since the pkey is already setup */ |
ded346fa DDO |
137 | if (!EVP_DigestSignInit(ctx, NULL, md, NULL, pkey)) |
138 | goto err; | |
c6aca19b | 139 | |
ded346fa | 140 | rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, data, ctx); |
c6aca19b | 141 | |
ded346fa | 142 | err: |
ed576acd | 143 | EVP_PKEY_CTX_free(EVP_MD_CTX_get_pkey_ctx(ctx)); |
c6aca19b SF |
144 | EVP_MD_CTX_free(ctx); |
145 | return rv; | |
0f113f3e | 146 | } |
85522a07 | 147 | |
ded346fa DDO |
148 | int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, |
149 | X509_ALGOR *algor2, ASN1_BIT_STRING *signature, | |
150 | const void *data, EVP_MD_CTX *ctx) | |
0f113f3e | 151 | { |
ded346fa | 152 | const EVP_MD *md; |
0f113f3e MC |
153 | EVP_PKEY *pkey; |
154 | unsigned char *buf_in = NULL, *buf_out = NULL; | |
155 | size_t inl = 0, outl = 0, outll = 0; | |
da84249b | 156 | int signid, paramtype, buf_len = 0; |
bc42bd62 | 157 | int rv, pkey_id; |
85522a07 | 158 | |
f6c95e46 | 159 | md = EVP_MD_CTX_get0_md(ctx); |
ed576acd | 160 | pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_get_pkey_ctx(ctx)); |
09ab755c | 161 | |
7dd6de9f | 162 | if (pkey == NULL) { |
9311d0c4 | 163 | ERR_raise(ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); |
2c91b3f5 MRA |
164 | goto err; |
165 | } | |
166 | ||
219f3ca6 | 167 | if (pkey->ameth == NULL) { |
ed576acd | 168 | EVP_PKEY_CTX *pctx = EVP_MD_CTX_get_pkey_ctx(ctx); |
d5aef594 RL |
169 | OSSL_PARAM params[2]; |
170 | unsigned char aid[128]; | |
171 | size_t aid_len = 0; | |
172 | ||
173 | if (pctx == NULL | |
174 | || !EVP_PKEY_CTX_IS_SIGNATURE_OP(pctx)) { | |
9311d0c4 | 175 | ERR_raise(ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); |
d5aef594 RL |
176 | goto err; |
177 | } | |
178 | ||
179 | params[0] = | |
180 | OSSL_PARAM_construct_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, | |
181 | aid, sizeof(aid)); | |
182 | params[1] = OSSL_PARAM_construct_end(); | |
183 | ||
184 | if (EVP_PKEY_CTX_get_params(pctx, params) <= 0) | |
185 | goto err; | |
186 | ||
187 | if ((aid_len = params[0].return_size) == 0) { | |
9311d0c4 | 188 | ERR_raise(ERR_LIB_ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
d5aef594 RL |
189 | goto err; |
190 | } | |
191 | ||
192 | if (algor1 != NULL) { | |
193 | const unsigned char *pp = aid; | |
194 | ||
195 | if (d2i_X509_ALGOR(&algor1, &pp, aid_len) == NULL) { | |
9311d0c4 | 196 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
d5aef594 RL |
197 | goto err; |
198 | } | |
199 | } | |
200 | ||
201 | if (algor2 != NULL) { | |
202 | const unsigned char *pp = aid; | |
203 | ||
204 | if (d2i_X509_ALGOR(&algor2, &pp, aid_len) == NULL) { | |
9311d0c4 | 205 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
d5aef594 RL |
206 | goto err; |
207 | } | |
208 | } | |
03919683 | 209 | |
d5aef594 RL |
210 | rv = 3; |
211 | } else if (pkey->ameth->item_sign) { | |
ded346fa | 212 | rv = pkey->ameth->item_sign(ctx, it, data, algor1, algor2, signature); |
0f113f3e MC |
213 | if (rv == 1) |
214 | outl = signature->length; | |
50e735f9 MC |
215 | /*- |
216 | * Return value meanings: | |
217 | * <=0: error. | |
218 | * 1: method does everything. | |
219 | * 2: carry on as normal. | |
220 | * 3: ASN1 method sets algorithm identifiers: just sign. | |
221 | */ | |
0f113f3e | 222 | if (rv <= 0) |
9311d0c4 | 223 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
0f113f3e MC |
224 | if (rv <= 1) |
225 | goto err; | |
7dd6de9f | 226 | } else { |
0f113f3e | 227 | rv = 2; |
7dd6de9f | 228 | } |
03919683 | 229 | |
0f113f3e | 230 | if (rv == 2) { |
ded346fa | 231 | if (md == NULL) { |
9311d0c4 | 232 | ERR_raise(ERR_LIB_ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); |
7dd6de9f DSH |
233 | goto err; |
234 | } | |
bc42bd62 PY |
235 | |
236 | pkey_id = | |
237 | #ifndef OPENSSL_NO_SM2 | |
ed576acd | 238 | EVP_PKEY_get_id(pkey) == NID_sm2 ? NID_sm2 : |
bc42bd62 | 239 | #endif |
d5aef594 | 240 | pkey->ameth->pkey_id; |
bc42bd62 | 241 | |
ded346fa | 242 | if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(md), pkey_id)) { |
9311d0c4 | 243 | ERR_raise(ERR_LIB_ASN1, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
2c91b3f5 | 244 | goto err; |
7f572e95 | 245 | } |
ee1d9ec0 | 246 | |
04bc3c12 DDO |
247 | paramtype = pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL ? |
248 | V_ASN1_NULL : V_ASN1_UNDEF; | |
249 | if (algor1 != NULL | |
250 | && !X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL)) | |
251 | goto err; | |
252 | if (algor2 != NULL | |
253 | && !X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL)) | |
254 | goto err; | |
0f113f3e | 255 | } |
ee1d9ec0 | 256 | |
ded346fa | 257 | buf_len = ASN1_item_i2d(data, &buf_in, it); |
da84249b F |
258 | if (buf_len <= 0) { |
259 | outl = 0; | |
9311d0c4 | 260 | ERR_raise(ERR_LIB_ASN1, ERR_R_INTERNAL_ERROR); |
da84249b F |
261 | goto err; |
262 | } | |
263 | inl = buf_len; | |
9767a3dc RL |
264 | if (!EVP_DigestSign(ctx, NULL, &outll, buf_in, inl)) { |
265 | outl = 0; | |
9311d0c4 | 266 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
9767a3dc RL |
267 | goto err; |
268 | } | |
269 | outl = outll; | |
da84249b F |
270 | buf_out = OPENSSL_malloc(outll); |
271 | if (buf_in == NULL || buf_out == NULL) { | |
0f113f3e | 272 | outl = 0; |
9311d0c4 | 273 | ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
274 | goto err; |
275 | } | |
09ab755c | 276 | |
75394189 | 277 | if (!EVP_DigestSign(ctx, buf_out, &outl, buf_in, inl)) { |
0f113f3e | 278 | outl = 0; |
9311d0c4 | 279 | ERR_raise(ERR_LIB_ASN1, ERR_R_EVP_LIB); |
0f113f3e MC |
280 | goto err; |
281 | } | |
33847508 | 282 | ASN1_STRING_set0(signature, buf_out, outl); |
0f113f3e | 283 | buf_out = NULL; |
0f113f3e MC |
284 | /* |
285 | * In the interests of compatibility, I'll make sure that the bit string | |
286 | * has a 'not-used bits' value of 0 | |
287 | */ | |
7c310e87 | 288 | ossl_asn1_string_set_bits_left(signature, 0); |
0f113f3e | 289 | err: |
da84249b | 290 | OPENSSL_clear_free((char *)buf_in, inl); |
4b45c6e5 | 291 | OPENSSL_clear_free((char *)buf_out, outll); |
26a7d938 | 292 | return outl; |
0f113f3e | 293 | } |