]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
aa6bb135 | 2 | * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. |
f733a5ef | 3 | * |
4a8b0c55 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
aa6bb135 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
f733a5ef DSH |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
11 | #include <stdlib.h> | |
c20276e4 | 12 | #include <openssl/objects.h> |
f733a5ef | 13 | #include <openssl/evp.h> |
ff64702b | 14 | #include "internal/cryptlib.h" |
27af42f9 | 15 | #include "internal/evp_int.h" |
dfcb5d29 | 16 | #include "internal/provider.h" |
ff64702b | 17 | #include "evp_locl.h" |
b010b7c4 | 18 | |
dfcb5d29 MC |
19 | static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) |
20 | { | |
21 | EVP_SIGNATURE *signature = OPENSSL_zalloc(sizeof(EVP_SIGNATURE)); | |
22 | ||
23 | signature->lock = CRYPTO_THREAD_lock_new(); | |
24 | if (signature->lock == NULL) { | |
25 | OPENSSL_free(signature); | |
26 | return NULL; | |
27 | } | |
28 | signature->prov = prov; | |
29 | ossl_provider_up_ref(prov); | |
30 | signature->refcnt = 1; | |
31 | ||
32 | return signature; | |
33 | } | |
34 | ||
35 | static void *evp_signature_from_dispatch(const char *name, | |
36 | const OSSL_DISPATCH *fns, | |
37 | OSSL_PROVIDER *prov, | |
38 | void *vkeymgmt_data) | |
39 | { | |
40 | /* | |
41 | * Signature functions cannot work without a key, and key management | |
42 | * from the same provider to manage its keys. We therefore fetch | |
43 | * a key management method using the same algorithm and properties | |
44 | * and pass that down to evp_generic_fetch to be passed on to our | |
45 | * evp_signature_from_dispatch, which will attach the key management | |
46 | * method to the newly created key exchange method as long as the | |
47 | * provider matches. | |
48 | */ | |
49 | struct keymgmt_data_st *keymgmt_data = vkeymgmt_data; | |
50 | EVP_KEYMGMT *keymgmt = EVP_KEYMGMT_fetch(keymgmt_data->ctx, name, | |
51 | keymgmt_data->properties); | |
52 | EVP_SIGNATURE *signature = NULL; | |
53 | int fncnt = 0; | |
54 | ||
55 | if (keymgmt == NULL || EVP_KEYMGMT_provider(keymgmt) != prov) { | |
56 | ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEYMGMT_AVAILABLE); | |
57 | goto err; | |
58 | } | |
59 | ||
60 | if ((signature = evp_signature_new(prov)) == NULL | |
61 | || (signature->name = OPENSSL_strdup(name)) == NULL) { | |
62 | ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); | |
63 | goto err; | |
64 | } | |
65 | ||
66 | signature->keymgmt = keymgmt; | |
67 | keymgmt = NULL; /* avoid double free on failure below */ | |
68 | ||
69 | for (; fns->function_id != 0; fns++) { | |
70 | switch (fns->function_id) { | |
71 | case OSSL_FUNC_SIGNATURE_NEWCTX: | |
72 | if (signature->newctx != NULL) | |
73 | break; | |
74 | signature->newctx = OSSL_get_OP_signature_newctx(fns); | |
75 | fncnt++; | |
76 | break; | |
77 | case OSSL_FUNC_SIGNATURE_SIGN_INIT: | |
78 | if (signature->sign_init != NULL) | |
79 | break; | |
80 | signature->sign_init = OSSL_get_OP_signature_sign_init(fns); | |
81 | fncnt++; | |
82 | break; | |
83 | case OSSL_FUNC_SIGNATURE_SIGN: | |
84 | if (signature->sign != NULL) | |
85 | break; | |
86 | signature->sign = OSSL_get_OP_signature_sign(fns); | |
87 | fncnt++; | |
88 | break; | |
89 | case OSSL_FUNC_SIGNATURE_FREECTX: | |
90 | if (signature->freectx != NULL) | |
91 | break; | |
92 | signature->freectx = OSSL_get_OP_signature_freectx(fns); | |
93 | fncnt++; | |
94 | break; | |
95 | case OSSL_FUNC_SIGNATURE_DUPCTX: | |
96 | if (signature->dupctx != NULL) | |
97 | break; | |
98 | signature->dupctx = OSSL_get_OP_signature_dupctx(fns); | |
99 | break; | |
100 | case OSSL_FUNC_SIGNATURE_SET_PARAMS: | |
101 | if (signature->set_params != NULL) | |
102 | break; | |
103 | signature->set_params = OSSL_get_OP_signature_set_params(fns); | |
104 | break; | |
105 | } | |
106 | } | |
107 | if (fncnt != 4) { | |
108 | /* | |
109 | * In order to be a consistent set of functions we must have at least | |
110 | * a complete set of "signature" functions: sign_init, sign, newctx, | |
111 | * and freectx. The dupctx function is optional. | |
112 | */ | |
113 | ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS); | |
114 | goto err; | |
115 | } | |
116 | ||
117 | return signature; | |
118 | err: | |
119 | EVP_SIGNATURE_free(signature); | |
120 | EVP_KEYMGMT_free(keymgmt); | |
121 | return NULL; | |
122 | } | |
123 | ||
124 | void EVP_SIGNATURE_free(EVP_SIGNATURE *signature) | |
125 | { | |
126 | if (signature != NULL) { | |
127 | int i; | |
128 | ||
129 | CRYPTO_DOWN_REF(&signature->refcnt, &i, signature->lock); | |
130 | if (i > 0) | |
131 | return; | |
132 | EVP_KEYMGMT_free(signature->keymgmt); | |
133 | ossl_provider_free(signature->prov); | |
134 | OPENSSL_free(signature->name); | |
135 | CRYPTO_THREAD_lock_free(signature->lock); | |
136 | OPENSSL_free(signature); | |
137 | } | |
138 | } | |
139 | ||
140 | int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature) | |
141 | { | |
142 | int ref = 0; | |
143 | ||
144 | CRYPTO_UP_REF(&signature->refcnt, &ref, signature->lock); | |
145 | return 1; | |
146 | } | |
147 | ||
148 | OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature) | |
149 | { | |
150 | return signature->prov; | |
151 | } | |
152 | ||
153 | EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, | |
154 | const char *properties) | |
155 | { | |
156 | struct keymgmt_data_st keymgmt_data; | |
157 | ||
158 | /* | |
159 | * A signature operation cannot work without a key, so we need key | |
160 | * management from the same provider to manage its keys. | |
161 | */ | |
162 | keymgmt_data.ctx = ctx; | |
163 | keymgmt_data.properties = properties; | |
164 | return evp_generic_fetch(ctx, OSSL_OP_SIGNATURE, algorithm, properties, | |
165 | evp_signature_from_dispatch, &keymgmt_data, | |
166 | (int (*)(void *))EVP_SIGNATURE_up_ref, | |
167 | (void (*)(void *))EVP_SIGNATURE_free); | |
168 | } | |
169 | ||
170 | int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature) | |
0f113f3e MC |
171 | { |
172 | int ret; | |
dfcb5d29 MC |
173 | void *provkey = NULL; |
174 | ||
175 | if (ctx == NULL) { | |
176 | EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
0f113f3e MC |
177 | return -2; |
178 | } | |
dfcb5d29 | 179 | |
0f113f3e | 180 | ctx->operation = EVP_PKEY_OP_SIGN; |
dfcb5d29 MC |
181 | |
182 | if (ctx->engine != NULL) | |
183 | goto legacy; | |
184 | ||
185 | if (signature != NULL) { | |
186 | if (!EVP_SIGNATURE_up_ref(signature)) | |
187 | goto err; | |
188 | } else { | |
189 | int nid = ctx->pkey != NULL ? ctx->pkey->type : ctx->pmeth->pkey_id; | |
190 | ||
191 | /* | |
192 | * TODO(3.0): Check for legacy handling. Remove this once all all | |
193 | * algorithms are moved to providers. | |
194 | */ | |
195 | if (ctx->pkey != NULL) { | |
196 | switch (ctx->pkey->type) { | |
4889dadc MC |
197 | case NID_dsa: |
198 | break; | |
dfcb5d29 MC |
199 | default: |
200 | goto legacy; | |
201 | } | |
202 | signature = EVP_SIGNATURE_fetch(NULL, OBJ_nid2sn(nid), NULL); | |
203 | } else { | |
204 | goto legacy; | |
205 | } | |
206 | ||
207 | if (signature == NULL) { | |
208 | EVPerr(0, EVP_R_INITIALIZATION_ERROR); | |
209 | goto err; | |
210 | } | |
211 | } | |
212 | ||
213 | if (ctx->sigprovctx != NULL && ctx->signature != NULL) | |
214 | ctx->signature->freectx(ctx->sigprovctx); | |
215 | EVP_SIGNATURE_free(ctx->signature); | |
216 | ctx->signature = signature; | |
217 | if (ctx->pkey != NULL) { | |
218 | provkey = evp_keymgmt_export_to_provider(ctx->pkey, signature->keymgmt); | |
219 | if (provkey == NULL) { | |
220 | EVPerr(0, EVP_R_INITIALIZATION_ERROR); | |
221 | goto err; | |
222 | } | |
223 | } | |
224 | ctx->sigprovctx = signature->newctx(ossl_provider_ctx(signature->prov)); | |
225 | if (ctx->sigprovctx == NULL) { | |
226 | /* The provider key can stay in the cache */ | |
227 | EVPerr(0, EVP_R_INITIALIZATION_ERROR); | |
228 | goto err; | |
229 | } | |
230 | ret = signature->sign_init(ctx->sigprovctx, provkey); | |
231 | ||
232 | return ret ? 1 : 0; | |
233 | err: | |
234 | ctx->operation = EVP_PKEY_OP_UNDEFINED; | |
235 | return 0; | |
236 | ||
237 | legacy: | |
238 | if (ctx->pmeth == NULL || ctx->pmeth->sign == NULL) { | |
239 | EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
240 | return -2; | |
241 | } | |
242 | ||
243 | if (ctx->pmeth->sign_init == NULL) | |
0f113f3e MC |
244 | return 1; |
245 | ret = ctx->pmeth->sign_init(ctx); | |
246 | if (ret <= 0) | |
247 | ctx->operation = EVP_PKEY_OP_UNDEFINED; | |
248 | return ret; | |
249 | } | |
f733a5ef | 250 | |
dfcb5d29 MC |
251 | int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) |
252 | { | |
253 | return EVP_PKEY_sign_init_ex(ctx, NULL); | |
254 | } | |
255 | ||
f733a5ef | 256 | int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, |
0f113f3e MC |
257 | unsigned char *sig, size_t *siglen, |
258 | const unsigned char *tbs, size_t tbslen) | |
259 | { | |
dfcb5d29 MC |
260 | int ret; |
261 | ||
262 | if (ctx == NULL) { | |
263 | EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
0f113f3e MC |
264 | return -2; |
265 | } | |
dfcb5d29 | 266 | |
0f113f3e | 267 | if (ctx->operation != EVP_PKEY_OP_SIGN) { |
dfcb5d29 | 268 | EVPerr(0, EVP_R_OPERATON_NOT_INITIALIZED); |
0f113f3e MC |
269 | return -1; |
270 | } | |
dfcb5d29 MC |
271 | |
272 | if (ctx->sigprovctx == NULL) | |
273 | goto legacy; | |
274 | ||
275 | ret = ctx->signature->sign(ctx->sigprovctx, sig, siglen, SIZE_MAX, | |
276 | tbs, tbslen); | |
277 | ||
278 | return ret; | |
279 | legacy: | |
280 | ||
281 | if (ctx->pmeth == NULL || ctx->pmeth->sign == NULL) { | |
282 | EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
283 | return -2; | |
284 | } | |
285 | ||
0f113f3e MC |
286 | M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) |
287 | return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); | |
288 | } | |
f733a5ef | 289 | |
cd763898 | 290 | int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) |
0f113f3e MC |
291 | { |
292 | int ret; | |
293 | if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { | |
294 | EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT, | |
295 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
296 | return -2; | |
297 | } | |
298 | ctx->operation = EVP_PKEY_OP_VERIFY; | |
299 | if (!ctx->pmeth->verify_init) | |
300 | return 1; | |
301 | ret = ctx->pmeth->verify_init(ctx); | |
302 | if (ret <= 0) | |
303 | ctx->operation = EVP_PKEY_OP_UNDEFINED; | |
304 | return ret; | |
305 | } | |
f733a5ef DSH |
306 | |
307 | int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, | |
0f113f3e MC |
308 | const unsigned char *sig, size_t siglen, |
309 | const unsigned char *tbs, size_t tbslen) | |
310 | { | |
311 | if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { | |
312 | EVPerr(EVP_F_EVP_PKEY_VERIFY, | |
313 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
314 | return -2; | |
315 | } | |
316 | if (ctx->operation != EVP_PKEY_OP_VERIFY) { | |
317 | EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED); | |
318 | return -1; | |
319 | } | |
320 | return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen); | |
321 | } | |
f733a5ef | 322 | |
cd763898 | 323 | int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) |
0f113f3e MC |
324 | { |
325 | int ret; | |
326 | if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { | |
327 | EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT, | |
328 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
329 | return -2; | |
330 | } | |
331 | ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; | |
332 | if (!ctx->pmeth->verify_recover_init) | |
333 | return 1; | |
334 | ret = ctx->pmeth->verify_recover_init(ctx); | |
335 | if (ret <= 0) | |
336 | ctx->operation = EVP_PKEY_OP_UNDEFINED; | |
337 | return ret; | |
338 | } | |
f733a5ef DSH |
339 | |
340 | int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, | |
0f113f3e MC |
341 | unsigned char *rout, size_t *routlen, |
342 | const unsigned char *sig, size_t siglen) | |
343 | { | |
344 | if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { | |
345 | EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, | |
346 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
347 | return -2; | |
348 | } | |
349 | if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) { | |
350 | EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED); | |
351 | return -1; | |
352 | } | |
353 | M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) | |
354 | return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen); | |
355 | } | |
f733a5ef | 356 | |
cd763898 | 357 | int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) |
0f113f3e MC |
358 | { |
359 | int ret; | |
360 | if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { | |
361 | EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT, | |
362 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
363 | return -2; | |
364 | } | |
365 | ctx->operation = EVP_PKEY_OP_ENCRYPT; | |
366 | if (!ctx->pmeth->encrypt_init) | |
367 | return 1; | |
368 | ret = ctx->pmeth->encrypt_init(ctx); | |
369 | if (ret <= 0) | |
370 | ctx->operation = EVP_PKEY_OP_UNDEFINED; | |
371 | return ret; | |
372 | } | |
f733a5ef DSH |
373 | |
374 | int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, | |
0f113f3e MC |
375 | unsigned char *out, size_t *outlen, |
376 | const unsigned char *in, size_t inlen) | |
377 | { | |
378 | if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { | |
379 | EVPerr(EVP_F_EVP_PKEY_ENCRYPT, | |
380 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
381 | return -2; | |
382 | } | |
383 | if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { | |
384 | EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED); | |
385 | return -1; | |
386 | } | |
387 | M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) | |
388 | return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); | |
389 | } | |
f733a5ef | 390 | |
cd763898 | 391 | int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) |
0f113f3e MC |
392 | { |
393 | int ret; | |
394 | if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { | |
395 | EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT, | |
396 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
397 | return -2; | |
398 | } | |
399 | ctx->operation = EVP_PKEY_OP_DECRYPT; | |
400 | if (!ctx->pmeth->decrypt_init) | |
401 | return 1; | |
402 | ret = ctx->pmeth->decrypt_init(ctx); | |
403 | if (ret <= 0) | |
404 | ctx->operation = EVP_PKEY_OP_UNDEFINED; | |
405 | return ret; | |
406 | } | |
f733a5ef DSH |
407 | |
408 | int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, | |
0f113f3e MC |
409 | unsigned char *out, size_t *outlen, |
410 | const unsigned char *in, size_t inlen) | |
411 | { | |
412 | if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { | |
413 | EVPerr(EVP_F_EVP_PKEY_DECRYPT, | |
414 | EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); | |
415 | return -2; | |
416 | } | |
417 | if (ctx->operation != EVP_PKEY_OP_DECRYPT) { | |
418 | EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED); | |
419 | return -1; | |
420 | } | |
421 | M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) | |
422 | return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); | |
423 | } |