]>
Commit | Line | Data |
---|---|---|
4889dadc | 1 | /* |
33388b44 | 2 | * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. |
4889dadc MC |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
f41ac0ee P |
10 | /* |
11 | * DSA low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
505b41fc RL |
16 | #include <string.h> |
17 | ||
4889dadc MC |
18 | #include <openssl/crypto.h> |
19 | #include <openssl/core_numbers.h> | |
20 | #include <openssl/core_names.h> | |
505b41fc | 21 | #include <openssl/err.h> |
4889dadc MC |
22 | #include <openssl/dsa.h> |
23 | #include <openssl/params.h> | |
45a845e4 | 24 | #include <openssl/evp.h> |
8bee6512 | 25 | #include <openssl/err.h> |
505b41fc | 26 | #include "internal/nelem.h" |
c24937d5 | 27 | #include "internal/sizes.h" |
8c555803 | 28 | #include "internal/cryptlib.h" |
505b41fc | 29 | #include "prov/providercommonerr.h" |
af3e7e1b | 30 | #include "prov/implementations.h" |
8bee6512 | 31 | #include "prov/providercommonerr.h" |
ddd21319 | 32 | #include "prov/provider_ctx.h" |
e683582b | 33 | #include "crypto/dsa.h" |
8c555803 | 34 | #include "prov/der_dsa.h" |
4889dadc MC |
35 | |
36 | static OSSL_OP_signature_newctx_fn dsa_newctx; | |
390acbeb MC |
37 | static OSSL_OP_signature_sign_init_fn dsa_signature_init; |
38 | static OSSL_OP_signature_verify_init_fn dsa_signature_init; | |
4889dadc | 39 | static OSSL_OP_signature_sign_fn dsa_sign; |
45a845e4 MC |
40 | static OSSL_OP_signature_verify_fn dsa_verify; |
41 | static OSSL_OP_signature_digest_sign_init_fn dsa_digest_signverify_init; | |
42 | static OSSL_OP_signature_digest_sign_update_fn dsa_digest_signverify_update; | |
43 | static OSSL_OP_signature_digest_sign_final_fn dsa_digest_sign_final; | |
44 | static OSSL_OP_signature_digest_verify_init_fn dsa_digest_signverify_init; | |
45 | static OSSL_OP_signature_digest_verify_update_fn dsa_digest_signverify_update; | |
46 | static OSSL_OP_signature_digest_verify_final_fn dsa_digest_verify_final; | |
4889dadc MC |
47 | static OSSL_OP_signature_freectx_fn dsa_freectx; |
48 | static OSSL_OP_signature_dupctx_fn dsa_dupctx; | |
9c45222d MC |
49 | static OSSL_OP_signature_get_ctx_params_fn dsa_get_ctx_params; |
50 | static OSSL_OP_signature_gettable_ctx_params_fn dsa_gettable_ctx_params; | |
51 | static OSSL_OP_signature_set_ctx_params_fn dsa_set_ctx_params; | |
52 | static OSSL_OP_signature_settable_ctx_params_fn dsa_settable_ctx_params; | |
45a845e4 MC |
53 | static OSSL_OP_signature_get_ctx_md_params_fn dsa_get_ctx_md_params; |
54 | static OSSL_OP_signature_gettable_ctx_md_params_fn dsa_gettable_ctx_md_params; | |
55 | static OSSL_OP_signature_set_ctx_md_params_fn dsa_set_ctx_md_params; | |
56 | static OSSL_OP_signature_settable_ctx_md_params_fn dsa_settable_ctx_md_params; | |
4889dadc MC |
57 | |
58 | /* | |
59 | * What's passed as an actual key is defined by the KEYMGMT interface. | |
60 | * We happen to know that our KEYMGMT simply passes DSA structures, so | |
61 | * we use that here too. | |
62 | */ | |
63 | ||
64 | typedef struct { | |
45a845e4 | 65 | OPENSSL_CTX *libctx; |
2c6094ba | 66 | char *propq; |
4889dadc | 67 | DSA *dsa; |
8bee6512 RL |
68 | |
69 | /* | |
70 | * Flag to determine if the hash function can be changed (1) or not (0) | |
71 | * Because it's dangerous to change during a DigestSign or DigestVerify | |
72 | * operation, this flag is cleared by their Init function, and set again | |
73 | * by their Final function. | |
74 | */ | |
75 | unsigned int flag_allow_md : 1; | |
76 | ||
c24937d5 | 77 | char mdname[OSSL_MAX_NAME_SIZE]; |
505b41fc | 78 | |
edd3b7a3 | 79 | /* The Algorithm Identifier of the combined signature algorithm */ |
8c555803 RL |
80 | unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; |
81 | unsigned char *aid; | |
505b41fc RL |
82 | size_t aid_len; |
83 | ||
84 | /* main digest */ | |
45a845e4 MC |
85 | EVP_MD *md; |
86 | EVP_MD_CTX *mdctx; | |
8bee6512 | 87 | size_t mdsize; |
4889dadc MC |
88 | } PROV_DSA_CTX; |
89 | ||
8bee6512 RL |
90 | static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx) |
91 | { | |
92 | if (pdsactx->md != NULL) | |
93 | return EVP_MD_size(pdsactx->md); | |
94 | return 0; | |
95 | } | |
96 | ||
97 | static int dsa_get_md_nid(const EVP_MD *md) | |
98 | { | |
99 | /* | |
100 | * Because the DSA library deals with NIDs, we need to translate. | |
101 | * We do so using EVP_MD_is_a(), and therefore need a name to NID | |
102 | * map. | |
103 | */ | |
104 | static const OSSL_ITEM name_to_nid[] = { | |
105 | { NID_sha1, OSSL_DIGEST_NAME_SHA1 }, | |
106 | { NID_sha224, OSSL_DIGEST_NAME_SHA2_224 }, | |
107 | { NID_sha256, OSSL_DIGEST_NAME_SHA2_256 }, | |
108 | { NID_sha384, OSSL_DIGEST_NAME_SHA2_384 }, | |
109 | { NID_sha512, OSSL_DIGEST_NAME_SHA2_512 }, | |
110 | { NID_sha3_224, OSSL_DIGEST_NAME_SHA3_224 }, | |
111 | { NID_sha3_256, OSSL_DIGEST_NAME_SHA3_256 }, | |
112 | { NID_sha3_384, OSSL_DIGEST_NAME_SHA3_384 }, | |
113 | { NID_sha3_512, OSSL_DIGEST_NAME_SHA3_512 }, | |
114 | }; | |
115 | size_t i; | |
116 | int mdnid = NID_undef; | |
117 | ||
118 | if (md == NULL) | |
119 | goto end; | |
120 | ||
121 | for (i = 0; i < OSSL_NELEM(name_to_nid); i++) { | |
122 | if (EVP_MD_is_a(md, name_to_nid[i].ptr)) { | |
123 | mdnid = (int)name_to_nid[i].id; | |
124 | break; | |
125 | } | |
126 | } | |
127 | ||
128 | if (mdnid == NID_undef) | |
129 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST); | |
130 | ||
131 | end: | |
132 | return mdnid; | |
133 | } | |
134 | ||
2c6094ba | 135 | static void *dsa_newctx(void *provctx, const char *propq) |
4889dadc | 136 | { |
45a845e4 MC |
137 | PROV_DSA_CTX *pdsactx = OPENSSL_zalloc(sizeof(PROV_DSA_CTX)); |
138 | ||
139 | if (pdsactx == NULL) | |
140 | return NULL; | |
141 | ||
142 | pdsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); | |
8bee6512 | 143 | pdsactx->flag_allow_md = 1; |
2c6094ba RL |
144 | if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) { |
145 | OPENSSL_free(pdsactx); | |
146 | pdsactx = NULL; | |
147 | ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); | |
148 | } | |
45a845e4 | 149 | return pdsactx; |
4889dadc MC |
150 | } |
151 | ||
8bee6512 RL |
152 | static int dsa_setup_md(PROV_DSA_CTX *ctx, |
153 | const char *mdname, const char *mdprops) | |
154 | { | |
2c6094ba RL |
155 | if (mdprops == NULL) |
156 | mdprops = ctx->propq; | |
157 | ||
8bee6512 RL |
158 | if (mdname != NULL) { |
159 | EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); | |
160 | int md_nid = dsa_get_md_nid(md); | |
8c555803 | 161 | WPACKET pkt; |
8bee6512 | 162 | |
8c555803 | 163 | if (md == NULL || md_nid == NID_undef) { |
8bee6512 RL |
164 | EVP_MD_free(md); |
165 | return 0; | |
166 | } | |
167 | ||
8c555803 RL |
168 | EVP_MD_CTX_free(ctx->mdctx); |
169 | EVP_MD_free(ctx->md); | |
170 | ||
171 | /* | |
172 | * TODO(3.0) Should we care about DER writing errors? | |
173 | * All it really means is that for some reason, there's no | |
174 | * AlgorithmIdentifier to be had, but the operation itself is | |
175 | * still valid, just as long as it's not used to construct | |
176 | * anything that needs an AlgorithmIdentifier. | |
177 | */ | |
178 | ctx->aid_len = 0; | |
179 | if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) | |
180 | && DER_w_algorithmIdentifier_DSA_with(&pkt, -1, ctx->dsa, md_nid) | |
181 | && WPACKET_finish(&pkt)) { | |
182 | WPACKET_get_total_written(&pkt, &ctx->aid_len); | |
183 | ctx->aid = WPACKET_get_curr(&pkt); | |
184 | } | |
185 | WPACKET_cleanup(&pkt); | |
186 | ||
187 | ctx->mdctx = NULL; | |
8bee6512 RL |
188 | ctx->md = md; |
189 | OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname)); | |
190 | } | |
191 | return 1; | |
192 | } | |
193 | ||
390acbeb | 194 | static int dsa_signature_init(void *vpdsactx, void *vdsa) |
4889dadc MC |
195 | { |
196 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
197 | ||
198 | if (pdsactx == NULL || vdsa == NULL || !DSA_up_ref(vdsa)) | |
199 | return 0; | |
200 | DSA_free(pdsactx->dsa); | |
201 | pdsactx->dsa = vdsa; | |
202 | return 1; | |
203 | } | |
204 | ||
205 | static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen, | |
206 | size_t sigsize, const unsigned char *tbs, size_t tbslen) | |
207 | { | |
208 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
209 | int ret; | |
210 | unsigned int sltmp; | |
211 | size_t dsasize = DSA_size(pdsactx->dsa); | |
8bee6512 | 212 | size_t mdsize = dsa_get_md_size(pdsactx); |
4889dadc MC |
213 | |
214 | if (sig == NULL) { | |
215 | *siglen = dsasize; | |
216 | return 1; | |
217 | } | |
218 | ||
219 | if (sigsize < (size_t)dsasize) | |
220 | return 0; | |
221 | ||
8bee6512 | 222 | if (mdsize != 0 && tbslen != mdsize) |
4889dadc MC |
223 | return 0; |
224 | ||
8083fd3a | 225 | ret = dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa); |
4889dadc MC |
226 | if (ret <= 0) |
227 | return 0; | |
228 | ||
229 | *siglen = sltmp; | |
230 | return 1; | |
231 | } | |
232 | ||
390acbeb MC |
233 | static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen, |
234 | const unsigned char *tbs, size_t tbslen) | |
235 | { | |
236 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
8bee6512 | 237 | size_t mdsize = dsa_get_md_size(pdsactx); |
390acbeb | 238 | |
8bee6512 | 239 | if (mdsize != 0 && tbslen != mdsize) |
390acbeb MC |
240 | return 0; |
241 | ||
242 | return DSA_verify(0, tbs, tbslen, sig, siglen, pdsactx->dsa); | |
243 | } | |
244 | ||
45a845e4 | 245 | static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, |
2c6094ba | 246 | void *vdsa) |
45a845e4 MC |
247 | { |
248 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
45a845e4 | 249 | |
8bee6512 | 250 | pdsactx->flag_allow_md = 0; |
45a845e4 MC |
251 | if (!dsa_signature_init(vpdsactx, vdsa)) |
252 | return 0; | |
253 | ||
2c6094ba | 254 | if (!dsa_setup_md(pdsactx, mdname, NULL)) |
8bee6512 | 255 | return 0; |
505b41fc | 256 | |
45a845e4 MC |
257 | pdsactx->mdctx = EVP_MD_CTX_new(); |
258 | if (pdsactx->mdctx == NULL) | |
505b41fc | 259 | goto error; |
45a845e4 | 260 | |
505b41fc RL |
261 | if (!EVP_DigestInit_ex(pdsactx->mdctx, pdsactx->md, NULL)) |
262 | goto error; | |
45a845e4 MC |
263 | |
264 | return 1; | |
505b41fc RL |
265 | |
266 | error: | |
267 | EVP_MD_CTX_free(pdsactx->mdctx); | |
268 | EVP_MD_free(pdsactx->md); | |
269 | pdsactx->mdctx = NULL; | |
505b41fc RL |
270 | pdsactx->md = NULL; |
271 | return 0; | |
45a845e4 MC |
272 | } |
273 | ||
274 | int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data, | |
275 | size_t datalen) | |
276 | { | |
277 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
278 | ||
279 | if (pdsactx == NULL || pdsactx->mdctx == NULL) | |
280 | return 0; | |
281 | ||
282 | return EVP_DigestUpdate(pdsactx->mdctx, data, datalen); | |
283 | } | |
284 | ||
285 | int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen, | |
286 | size_t sigsize) | |
287 | { | |
288 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
289 | unsigned char digest[EVP_MAX_MD_SIZE]; | |
290 | unsigned int dlen = 0; | |
291 | ||
292 | if (pdsactx == NULL || pdsactx->mdctx == NULL) | |
293 | return 0; | |
294 | ||
295 | /* | |
296 | * If sig is NULL then we're just finding out the sig size. Other fields | |
297 | * are ignored. Defer to dsa_sign. | |
298 | */ | |
299 | if (sig != NULL) { | |
300 | /* | |
301 | * TODO(3.0): There is the possibility that some externally provided | |
302 | * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow - | |
303 | * but that problem is much larger than just in DSA. | |
304 | */ | |
305 | if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen)) | |
306 | return 0; | |
307 | } | |
308 | ||
8bee6512 RL |
309 | pdsactx->flag_allow_md = 1; |
310 | ||
45a845e4 MC |
311 | return dsa_sign(vpdsactx, sig, siglen, sigsize, digest, (size_t)dlen); |
312 | } | |
313 | ||
314 | ||
315 | int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig, | |
316 | size_t siglen) | |
317 | { | |
318 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
319 | unsigned char digest[EVP_MAX_MD_SIZE]; | |
320 | unsigned int dlen = 0; | |
321 | ||
322 | if (pdsactx == NULL || pdsactx->mdctx == NULL) | |
323 | return 0; | |
324 | ||
325 | /* | |
326 | * TODO(3.0): There is the possibility that some externally provided | |
327 | * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow - | |
328 | * but that problem is much larger than just in DSA. | |
329 | */ | |
330 | if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen)) | |
331 | return 0; | |
332 | ||
8bee6512 RL |
333 | pdsactx->flag_allow_md = 1; |
334 | ||
45a845e4 MC |
335 | return dsa_verify(vpdsactx, sig, siglen, digest, (size_t)dlen); |
336 | } | |
390acbeb | 337 | |
4889dadc MC |
338 | static void dsa_freectx(void *vpdsactx) |
339 | { | |
340 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
341 | ||
342 | DSA_free(pdsactx->dsa); | |
45a845e4 MC |
343 | EVP_MD_CTX_free(pdsactx->mdctx); |
344 | EVP_MD_free(pdsactx->md); | |
4889dadc MC |
345 | |
346 | OPENSSL_free(pdsactx); | |
347 | } | |
348 | ||
349 | static void *dsa_dupctx(void *vpdsactx) | |
350 | { | |
351 | PROV_DSA_CTX *srcctx = (PROV_DSA_CTX *)vpdsactx; | |
352 | PROV_DSA_CTX *dstctx; | |
353 | ||
354 | dstctx = OPENSSL_zalloc(sizeof(*srcctx)); | |
355 | if (dstctx == NULL) | |
356 | return NULL; | |
357 | ||
358 | *dstctx = *srcctx; | |
45a845e4 MC |
359 | dstctx->dsa = NULL; |
360 | dstctx->md = NULL; | |
361 | dstctx->mdctx = NULL; | |
362 | ||
363 | if (srcctx->dsa != NULL && !DSA_up_ref(srcctx->dsa)) | |
364 | goto err; | |
365 | dstctx->dsa = srcctx->dsa; | |
366 | ||
367 | if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) | |
368 | goto err; | |
369 | dstctx->md = srcctx->md; | |
370 | ||
371 | if (srcctx->mdctx != NULL) { | |
372 | dstctx->mdctx = EVP_MD_CTX_new(); | |
373 | if (dstctx->mdctx == NULL | |
374 | || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) | |
375 | goto err; | |
4889dadc MC |
376 | } |
377 | ||
378 | return dstctx; | |
45a845e4 MC |
379 | err: |
380 | dsa_freectx(dstctx); | |
381 | return NULL; | |
4889dadc MC |
382 | } |
383 | ||
9c45222d MC |
384 | static int dsa_get_ctx_params(void *vpdsactx, OSSL_PARAM *params) |
385 | { | |
386 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
387 | OSSL_PARAM *p; | |
388 | ||
389 | if (pdsactx == NULL || params == NULL) | |
390 | return 0; | |
391 | ||
505b41fc RL |
392 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); |
393 | if (p != NULL | |
394 | && !OSSL_PARAM_set_octet_string(p, pdsactx->aid, pdsactx->aid_len)) | |
395 | return 0; | |
396 | ||
9c45222d | 397 | p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); |
8bee6512 | 398 | if (p != NULL && !OSSL_PARAM_set_utf8_string(p, pdsactx->mdname)) |
9c45222d MC |
399 | return 0; |
400 | ||
401 | return 1; | |
402 | } | |
403 | ||
404 | static const OSSL_PARAM known_gettable_ctx_params[] = { | |
505b41fc | 405 | OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0), |
9c45222d MC |
406 | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), |
407 | OSSL_PARAM_END | |
408 | }; | |
409 | ||
410 | static const OSSL_PARAM *dsa_gettable_ctx_params(void) | |
411 | { | |
412 | return known_gettable_ctx_params; | |
413 | } | |
414 | ||
415 | static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[]) | |
4889dadc MC |
416 | { |
417 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
418 | const OSSL_PARAM *p; | |
4889dadc MC |
419 | |
420 | if (pdsactx == NULL || params == NULL) | |
421 | return 0; | |
422 | ||
9c45222d | 423 | p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); |
8bee6512 RL |
424 | /* Not allowed during certain operations */ |
425 | if (p != NULL && !pdsactx->flag_allow_md) | |
9c45222d | 426 | return 0; |
8bee6512 RL |
427 | if (p != NULL) { |
428 | char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname; | |
429 | char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops; | |
430 | const OSSL_PARAM *propsp = | |
431 | OSSL_PARAM_locate_const(params, | |
432 | OSSL_SIGNATURE_PARAM_PROPERTIES); | |
433 | ||
434 | if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) | |
435 | return 0; | |
436 | if (propsp != NULL | |
437 | && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) | |
438 | return 0; | |
439 | if (!dsa_setup_md(pdsactx, mdname, mdprops)) | |
440 | return 0; | |
441 | } | |
4889dadc MC |
442 | |
443 | return 1; | |
444 | } | |
445 | ||
9c45222d | 446 | static const OSSL_PARAM known_settable_ctx_params[] = { |
9c45222d MC |
447 | OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), |
448 | OSSL_PARAM_END | |
449 | }; | |
450 | ||
451 | static const OSSL_PARAM *dsa_settable_ctx_params(void) | |
452 | { | |
45a845e4 MC |
453 | /* |
454 | * TODO(3.0): Should this function return a different set of settable ctx | |
455 | * params if the ctx is being used for a DigestSign/DigestVerify? In that | |
456 | * case it is not allowed to set the digest size/digest name because the | |
457 | * digest is explicitly set as part of the init. | |
458 | */ | |
9c45222d MC |
459 | return known_settable_ctx_params; |
460 | } | |
461 | ||
45a845e4 MC |
462 | static int dsa_get_ctx_md_params(void *vpdsactx, OSSL_PARAM *params) |
463 | { | |
464 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
465 | ||
466 | if (pdsactx->mdctx == NULL) | |
467 | return 0; | |
468 | ||
469 | return EVP_MD_CTX_get_params(pdsactx->mdctx, params); | |
470 | } | |
471 | ||
472 | static const OSSL_PARAM *dsa_gettable_ctx_md_params(void *vpdsactx) | |
473 | { | |
474 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
475 | ||
476 | if (pdsactx->md == NULL) | |
477 | return 0; | |
478 | ||
479 | return EVP_MD_gettable_ctx_params(pdsactx->md); | |
480 | } | |
481 | ||
482 | static int dsa_set_ctx_md_params(void *vpdsactx, const OSSL_PARAM params[]) | |
483 | { | |
484 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
485 | ||
486 | if (pdsactx->mdctx == NULL) | |
487 | return 0; | |
488 | ||
489 | return EVP_MD_CTX_set_params(pdsactx->mdctx, params); | |
490 | } | |
491 | ||
492 | static const OSSL_PARAM *dsa_settable_ctx_md_params(void *vpdsactx) | |
493 | { | |
494 | PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; | |
495 | ||
496 | if (pdsactx->md == NULL) | |
497 | return 0; | |
498 | ||
499 | return EVP_MD_settable_ctx_params(pdsactx->md); | |
500 | } | |
501 | ||
4889dadc MC |
502 | const OSSL_DISPATCH dsa_signature_functions[] = { |
503 | { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx }, | |
390acbeb | 504 | { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_signature_init }, |
4889dadc | 505 | { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign }, |
390acbeb MC |
506 | { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_signature_init }, |
507 | { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify }, | |
45a845e4 MC |
508 | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, |
509 | (void (*)(void))dsa_digest_signverify_init }, | |
510 | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, | |
511 | (void (*)(void))dsa_digest_signverify_update }, | |
512 | { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, | |
513 | (void (*)(void))dsa_digest_sign_final }, | |
514 | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, | |
515 | (void (*)(void))dsa_digest_signverify_init }, | |
516 | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, | |
517 | (void (*)(void))dsa_digest_signverify_update }, | |
518 | { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, | |
519 | (void (*)(void))dsa_digest_verify_final }, | |
4889dadc MC |
520 | { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))dsa_freectx }, |
521 | { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))dsa_dupctx }, | |
9c45222d MC |
522 | { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))dsa_get_ctx_params }, |
523 | { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, | |
524 | (void (*)(void))dsa_gettable_ctx_params }, | |
525 | { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))dsa_set_ctx_params }, | |
526 | { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, | |
527 | (void (*)(void))dsa_settable_ctx_params }, | |
45a845e4 MC |
528 | { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, |
529 | (void (*)(void))dsa_get_ctx_md_params }, | |
530 | { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, | |
531 | (void (*)(void))dsa_gettable_ctx_md_params }, | |
532 | { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, | |
533 | (void (*)(void))dsa_set_ctx_md_params }, | |
534 | { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, | |
535 | (void (*)(void))dsa_settable_ctx_md_params }, | |
4889dadc MC |
536 | { 0, NULL } |
537 | }; |