2 * Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/evp.h>
13 #include <openssl/objects.h>
14 #include "crypto/evp.h"
15 #include "internal/provider.h"
16 #include "internal/numbers.h" /* includes SIZE_MAX */
17 #include "evp_local.h"
21 static int update(EVP_MD_CTX
*ctx
, const void *data
, size_t datalen
)
23 ERR_raise(ERR_LIB_EVP
, EVP_R_ONLY_ONESHOT_SUPPORTED
);
28 * If we get the "NULL" md then the name comes back as "UNDEF". We want to use
31 static const char *canon_mdname(const char *mdname
)
33 if (mdname
!= NULL
&& strcmp(mdname
, "UNDEF") == 0)
39 static int do_sigver_init(EVP_MD_CTX
*ctx
, EVP_PKEY_CTX
**pctx
,
40 const EVP_MD
*type
, const char *mdname
,
41 OSSL_LIB_CTX
*libctx
, const char *props
,
42 ENGINE
*e
, EVP_PKEY
*pkey
, int ver
,
43 const OSSL_PARAM params
[])
45 EVP_PKEY_CTX
*locpctx
= NULL
;
46 EVP_SIGNATURE
*signature
= NULL
;
47 EVP_KEYMGMT
*tmp_keymgmt
= NULL
;
48 const OSSL_PROVIDER
*tmp_prov
= NULL
;
49 const char *supported_sig
= NULL
;
50 char locmdname
[80] = ""; /* 80 chars should be enough */
52 int ret
, iter
, reinit
= 1;
54 if (!evp_md_ctx_free_algctx(ctx
))
57 if (ctx
->pctx
== NULL
) {
60 ctx
->pctx
= EVP_PKEY_CTX_new_from_pkey(libctx
, pkey
, props
);
62 ctx
->pctx
= EVP_PKEY_CTX_new(pkey
, e
);
64 if (ctx
->pctx
== NULL
)
67 EVP_MD_CTX_clear_flags(ctx
, EVP_MD_CTX_FLAG_FINALISED
);
72 if (evp_pkey_ctx_is_legacy(locpctx
))
75 /* do not reinitialize if pkey is set or operation is different */
78 || locpctx
->operation
!= (ver
? EVP_PKEY_OP_VERIFYCTX
79 : EVP_PKEY_OP_SIGNCTX
)
80 || (signature
= locpctx
->op
.sig
.signature
) == NULL
81 || locpctx
->op
.sig
.algctx
== NULL
))
85 props
= locpctx
->propquery
;
87 if (locpctx
->pkey
== NULL
) {
88 ERR_clear_last_mark();
89 ERR_raise(ERR_LIB_EVP
, EVP_R_NO_KEY_SET
);
94 evp_pkey_ctx_free_old_ops(locpctx
);
96 if (mdname
== NULL
&& type
== NULL
)
97 mdname
= canon_mdname(EVP_MD_get0_name(ctx
->reqdigest
));
102 * Try to derive the supported signature from |locpctx->keymgmt|.
104 if (!ossl_assert(locpctx
->pkey
->keymgmt
== NULL
105 || locpctx
->pkey
->keymgmt
== locpctx
->keymgmt
)) {
106 ERR_clear_last_mark();
107 ERR_raise(ERR_LIB_EVP
, ERR_R_INTERNAL_ERROR
);
110 supported_sig
= evp_keymgmt_util_query_operation_name(locpctx
->keymgmt
,
112 if (supported_sig
== NULL
) {
113 ERR_clear_last_mark();
114 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
119 * We perform two iterations:
121 * 1. Do the normal signature fetch, using the fetching data given by
123 * 2. Do the provider specific signature fetch, from the same provider
126 * We then try to fetch the keymgmt from the same provider as the
127 * signature, and try to export |ctx->pkey| to that keymgmt (when
128 * this keymgmt happens to be the same as |ctx->keymgmt|, the export
129 * is a no-op, but we call it anyway to not complicate the code even
131 * If the export call succeeds (returns a non-NULL provider key pointer),
132 * we're done and can perform the operation itself. If not, we perform
133 * the second iteration, or jump to legacy.
135 for (iter
= 1, provkey
= NULL
; iter
< 3 && provkey
== NULL
; iter
++) {
136 EVP_KEYMGMT
*tmp_keymgmt_tofree
= NULL
;
139 * If we're on the second iteration, free the results from the first.
140 * They are NULL on the first iteration, so no need to check what
141 * iteration we're on.
143 EVP_SIGNATURE_free(signature
);
144 EVP_KEYMGMT_free(tmp_keymgmt
);
148 signature
= EVP_SIGNATURE_fetch(locpctx
->libctx
, supported_sig
,
150 if (signature
!= NULL
)
151 tmp_prov
= EVP_SIGNATURE_get0_provider(signature
);
154 tmp_prov
= EVP_KEYMGMT_get0_provider(locpctx
->keymgmt
);
156 evp_signature_fetch_from_prov((OSSL_PROVIDER
*)tmp_prov
,
157 supported_sig
, locpctx
->propquery
);
158 if (signature
== NULL
)
162 if (signature
== NULL
)
166 * Ensure that the key is provided, either natively, or as a cached
167 * export. We start by fetching the keymgmt with the same name as
168 * |locpctx->pkey|, but from the provider of the signature method, using
169 * the same property query as when fetching the signature method.
170 * With the keymgmt we found (if we did), we try to export |locpctx->pkey|
171 * to it (evp_pkey_export_to_provider() is smart enough to only actually
173 * export it if |tmp_keymgmt| is different from |locpctx->pkey|'s keymgmt)
175 tmp_keymgmt_tofree
= tmp_keymgmt
=
176 evp_keymgmt_fetch_from_prov((OSSL_PROVIDER
*)tmp_prov
,
177 EVP_KEYMGMT_get0_name(locpctx
->keymgmt
),
179 if (tmp_keymgmt
!= NULL
)
180 provkey
= evp_pkey_export_to_provider(locpctx
->pkey
, locpctx
->libctx
,
181 &tmp_keymgmt
, locpctx
->propquery
);
182 if (tmp_keymgmt
== NULL
)
183 EVP_KEYMGMT_free(tmp_keymgmt_tofree
);
186 if (provkey
== NULL
) {
187 EVP_SIGNATURE_free(signature
);
188 ERR_clear_last_mark();
189 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
195 /* No more legacy from here down to legacy: */
197 locpctx
->op
.sig
.signature
= signature
;
198 locpctx
->operation
= ver
? EVP_PKEY_OP_VERIFYCTX
199 : EVP_PKEY_OP_SIGNCTX
;
200 locpctx
->op
.sig
.algctx
201 = signature
->newctx(ossl_provider_ctx(signature
->prov
), props
);
202 if (locpctx
->op
.sig
.algctx
== NULL
) {
203 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
212 ctx
->reqdigest
= type
;
214 mdname
= canon_mdname(EVP_MD_get0_name(type
));
216 if (mdname
== NULL
&& !reinit
) {
217 if (evp_keymgmt_util_get_deflt_digest_name(tmp_keymgmt
, provkey
,
219 sizeof(locmdname
)) > 0) {
220 mdname
= canon_mdname(locmdname
);
224 if (mdname
!= NULL
) {
226 * We're about to get a new digest so clear anything associated with
229 evp_md_ctx_clear_digest(ctx
, 1, 0);
231 /* legacy code support for engines */
234 * This might be requested by a later call to EVP_MD_CTX_get0_md().
235 * In that case the "explicit fetch" rules apply for that
236 * function (as per man pages), i.e. the ref count is not updated
237 * so the EVP_MD should not be used beyond the lifetime of the
240 ctx
->fetched_digest
= EVP_MD_fetch(locpctx
->libctx
, mdname
, props
);
241 if (ctx
->fetched_digest
!= NULL
) {
242 ctx
->digest
= ctx
->reqdigest
= ctx
->fetched_digest
;
244 /* legacy engine support : remove the mark when this is deleted */
245 ctx
->reqdigest
= ctx
->digest
= EVP_get_digestbyname(mdname
);
246 if (ctx
->digest
== NULL
) {
247 (void)ERR_clear_last_mark();
248 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
252 (void)ERR_pop_to_mark();
257 if (signature
->digest_verify_init
== NULL
) {
258 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
261 ret
= signature
->digest_verify_init(locpctx
->op
.sig
.algctx
,
262 mdname
, provkey
, params
);
264 if (signature
->digest_sign_init
== NULL
) {
265 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
268 ret
= signature
->digest_sign_init(locpctx
->op
.sig
.algctx
,
269 mdname
, provkey
, params
);
273 * If the operation was not a success and no digest was found, an error
274 * needs to be raised.
276 if (ret
> 0 || mdname
!= NULL
)
278 if (type
== NULL
) /* This check is redundant but clarifies matters */
279 ERR_raise(ERR_LIB_EVP
, EVP_R_NO_DEFAULT_DIGEST
);
282 evp_pkey_ctx_free_old_ops(locpctx
);
283 locpctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
284 EVP_KEYMGMT_free(tmp_keymgmt
);
289 * If we don't have the full support we need with provided methods,
290 * let's go see if legacy does.
293 EVP_KEYMGMT_free(tmp_keymgmt
);
296 if (type
== NULL
&& mdname
!= NULL
)
297 type
= evp_get_digestbyname_ex(locpctx
->libctx
, mdname
);
299 if (ctx
->pctx
->pmeth
== NULL
) {
300 ERR_raise(ERR_LIB_EVP
, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
304 if (!(ctx
->pctx
->pmeth
->flags
& EVP_PKEY_FLAG_SIGCTX_CUSTOM
)) {
308 if (EVP_PKEY_get_default_digest_nid(pkey
, &def_nid
) > 0)
309 type
= EVP_get_digestbynid(def_nid
);
313 ERR_raise(ERR_LIB_EVP
, EVP_R_NO_DEFAULT_DIGEST
);
319 if (ctx
->pctx
->pmeth
->verifyctx_init
) {
320 if (ctx
->pctx
->pmeth
->verifyctx_init(ctx
->pctx
, ctx
) <= 0)
322 ctx
->pctx
->operation
= EVP_PKEY_OP_VERIFYCTX
;
323 } else if (ctx
->pctx
->pmeth
->digestverify
!= 0) {
324 ctx
->pctx
->operation
= EVP_PKEY_OP_VERIFY
;
325 ctx
->update
= update
;
326 } else if (EVP_PKEY_verify_init(ctx
->pctx
) <= 0) {
330 if (ctx
->pctx
->pmeth
->signctx_init
) {
331 if (ctx
->pctx
->pmeth
->signctx_init(ctx
->pctx
, ctx
) <= 0)
333 ctx
->pctx
->operation
= EVP_PKEY_OP_SIGNCTX
;
334 } else if (ctx
->pctx
->pmeth
->digestsign
!= 0) {
335 ctx
->pctx
->operation
= EVP_PKEY_OP_SIGN
;
336 ctx
->update
= update
;
337 } else if (EVP_PKEY_sign_init(ctx
->pctx
) <= 0) {
341 if (EVP_PKEY_CTX_set_signature_md(ctx
->pctx
, type
) <= 0)
345 if (ctx
->pctx
->pmeth
->flags
& EVP_PKEY_FLAG_SIGCTX_CUSTOM
)
347 if (!EVP_DigestInit_ex(ctx
, type
, e
))
350 * This indicates the current algorithm requires
351 * special treatment before hashing the tbs-message.
353 ctx
->pctx
->flag_call_digest_custom
= 0;
354 if (ctx
->pctx
->pmeth
->digest_custom
!= NULL
)
355 ctx
->pctx
->flag_call_digest_custom
= 1;
362 ret
= evp_pkey_ctx_use_cached_data(locpctx
);
365 EVP_KEYMGMT_free(tmp_keymgmt
);
366 return ret
> 0 ? 1 : 0;
369 int EVP_DigestSignInit_ex(EVP_MD_CTX
*ctx
, EVP_PKEY_CTX
**pctx
,
370 const char *mdname
, OSSL_LIB_CTX
*libctx
,
371 const char *props
, EVP_PKEY
*pkey
,
372 const OSSL_PARAM params
[])
374 return do_sigver_init(ctx
, pctx
, NULL
, mdname
, libctx
, props
, NULL
, pkey
, 0,
378 int EVP_DigestSignInit(EVP_MD_CTX
*ctx
, EVP_PKEY_CTX
**pctx
,
379 const EVP_MD
*type
, ENGINE
*e
, EVP_PKEY
*pkey
)
381 return do_sigver_init(ctx
, pctx
, type
, NULL
, NULL
, NULL
, e
, pkey
, 0,
385 int EVP_DigestVerifyInit_ex(EVP_MD_CTX
*ctx
, EVP_PKEY_CTX
**pctx
,
386 const char *mdname
, OSSL_LIB_CTX
*libctx
,
387 const char *props
, EVP_PKEY
*pkey
,
388 const OSSL_PARAM params
[])
390 return do_sigver_init(ctx
, pctx
, NULL
, mdname
, libctx
, props
, NULL
, pkey
, 1,
394 int EVP_DigestVerifyInit(EVP_MD_CTX
*ctx
, EVP_PKEY_CTX
**pctx
,
395 const EVP_MD
*type
, ENGINE
*e
, EVP_PKEY
*pkey
)
397 return do_sigver_init(ctx
, pctx
, type
, NULL
, NULL
, NULL
, e
, pkey
, 1,
400 #endif /* FIPS_MDOE */
402 int EVP_DigestSignUpdate(EVP_MD_CTX
*ctx
, const void *data
, size_t dsize
)
404 EVP_PKEY_CTX
*pctx
= ctx
->pctx
;
406 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISED
) != 0) {
407 ERR_raise(ERR_LIB_EVP
, EVP_R_UPDATE_ERROR
);
412 || pctx
->operation
!= EVP_PKEY_OP_SIGNCTX
413 || pctx
->op
.sig
.algctx
== NULL
414 || pctx
->op
.sig
.signature
== NULL
)
417 if (pctx
->op
.sig
.signature
->digest_sign_update
== NULL
) {
418 ERR_raise(ERR_LIB_EVP
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
);
422 return pctx
->op
.sig
.signature
->digest_sign_update(pctx
->op
.sig
.algctx
,
427 /* do_sigver_init() checked that |digest_custom| is non-NULL */
428 if (pctx
->flag_call_digest_custom
429 && !ctx
->pctx
->pmeth
->digest_custom(ctx
->pctx
, ctx
))
431 pctx
->flag_call_digest_custom
= 0;
434 return EVP_DigestUpdate(ctx
, data
, dsize
);
437 int EVP_DigestVerifyUpdate(EVP_MD_CTX
*ctx
, const void *data
, size_t dsize
)
439 EVP_PKEY_CTX
*pctx
= ctx
->pctx
;
441 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISED
) != 0) {
442 ERR_raise(ERR_LIB_EVP
, EVP_R_UPDATE_ERROR
);
447 || pctx
->operation
!= EVP_PKEY_OP_VERIFYCTX
448 || pctx
->op
.sig
.algctx
== NULL
449 || pctx
->op
.sig
.signature
== NULL
)
452 if (pctx
->op
.sig
.signature
->digest_verify_update
== NULL
) {
453 ERR_raise(ERR_LIB_EVP
, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
);
457 return pctx
->op
.sig
.signature
->digest_verify_update(pctx
->op
.sig
.algctx
,
462 /* do_sigver_init() checked that |digest_custom| is non-NULL */
463 if (pctx
->flag_call_digest_custom
464 && !ctx
->pctx
->pmeth
->digest_custom(ctx
->pctx
, ctx
))
466 pctx
->flag_call_digest_custom
= 0;
469 return EVP_DigestUpdate(ctx
, data
, dsize
);
473 int EVP_DigestSignFinal(EVP_MD_CTX
*ctx
, unsigned char *sigret
,
477 EVP_PKEY_CTX
*dctx
= NULL
, *pctx
= ctx
->pctx
;
479 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISED
) != 0) {
480 ERR_raise(ERR_LIB_EVP
, EVP_R_FINAL_ERROR
);
485 || pctx
->operation
!= EVP_PKEY_OP_SIGNCTX
486 || pctx
->op
.sig
.algctx
== NULL
487 || pctx
->op
.sig
.signature
== NULL
)
490 if (sigret
!= NULL
&& (ctx
->flags
& EVP_MD_CTX_FLAG_FINALISE
) == 0) {
492 dctx
= EVP_PKEY_CTX_dup(pctx
);
496 r
= pctx
->op
.sig
.signature
->digest_sign_final(pctx
->op
.sig
.algctx
,
498 sigret
== NULL
? 0 : *siglen
);
499 if (dctx
== NULL
&& sigret
!= NULL
)
500 ctx
->flags
|= EVP_MD_CTX_FLAG_FINALISED
;
502 EVP_PKEY_CTX_free(dctx
);
506 if (pctx
== NULL
|| pctx
->pmeth
== NULL
) {
507 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
511 /* do_sigver_init() checked that |digest_custom| is non-NULL */
512 if (pctx
->flag_call_digest_custom
513 && !ctx
->pctx
->pmeth
->digest_custom(ctx
->pctx
, ctx
))
515 pctx
->flag_call_digest_custom
= 0;
517 if (pctx
->pmeth
->flags
& EVP_PKEY_FLAG_SIGCTX_CUSTOM
) {
519 return pctx
->pmeth
->signctx(pctx
, sigret
, siglen
, ctx
);
520 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISE
) != 0) {
521 r
= pctx
->pmeth
->signctx(pctx
, sigret
, siglen
, ctx
);
522 ctx
->flags
|= EVP_MD_CTX_FLAG_FINALISED
;
524 dctx
= EVP_PKEY_CTX_dup(pctx
);
527 r
= dctx
->pmeth
->signctx(dctx
, sigret
, siglen
, ctx
);
528 EVP_PKEY_CTX_free(dctx
);
532 if (pctx
->pmeth
->signctx
!= NULL
)
536 if (sigret
!= NULL
) {
537 unsigned char md
[EVP_MAX_MD_SIZE
];
538 unsigned int mdlen
= 0;
540 if (ctx
->flags
& EVP_MD_CTX_FLAG_FINALISE
) {
542 r
= pctx
->pmeth
->signctx(pctx
, sigret
, siglen
, ctx
);
544 r
= EVP_DigestFinal_ex(ctx
, md
, &mdlen
);
546 EVP_MD_CTX
*tmp_ctx
= EVP_MD_CTX_new();
550 if (!EVP_MD_CTX_copy_ex(tmp_ctx
, ctx
)) {
551 EVP_MD_CTX_free(tmp_ctx
);
555 r
= tmp_ctx
->pctx
->pmeth
->signctx(tmp_ctx
->pctx
,
556 sigret
, siglen
, tmp_ctx
);
558 r
= EVP_DigestFinal_ex(tmp_ctx
, md
, &mdlen
);
559 EVP_MD_CTX_free(tmp_ctx
);
563 if (EVP_PKEY_sign(pctx
, sigret
, siglen
, md
, mdlen
) <= 0)
567 if (pctx
->pmeth
->signctx(pctx
, sigret
, siglen
, ctx
) <= 0)
570 int s
= EVP_MD_get_size(ctx
->digest
);
572 if (s
< 0 || EVP_PKEY_sign(pctx
, sigret
, siglen
, NULL
, s
) <= 0)
579 int EVP_DigestSign(EVP_MD_CTX
*ctx
, unsigned char *sigret
, size_t *siglen
,
580 const unsigned char *tbs
, size_t tbslen
)
582 EVP_PKEY_CTX
*pctx
= ctx
->pctx
;
584 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISED
) != 0) {
585 ERR_raise(ERR_LIB_EVP
, EVP_R_FINAL_ERROR
);
590 && pctx
->operation
== EVP_PKEY_OP_SIGNCTX
591 && pctx
->op
.sig
.algctx
!= NULL
592 && pctx
->op
.sig
.signature
!= NULL
) {
593 if (pctx
->op
.sig
.signature
->digest_sign
!= NULL
) {
595 ctx
->flags
|= EVP_MD_CTX_FLAG_FINALISED
;
596 return pctx
->op
.sig
.signature
->digest_sign(pctx
->op
.sig
.algctx
,
598 sigret
== NULL
? 0 : *siglen
,
603 if (ctx
->pctx
->pmeth
!= NULL
&& ctx
->pctx
->pmeth
->digestsign
!= NULL
)
604 return ctx
->pctx
->pmeth
->digestsign(ctx
, sigret
, siglen
, tbs
, tbslen
);
607 if (sigret
!= NULL
&& EVP_DigestSignUpdate(ctx
, tbs
, tbslen
) <= 0)
609 return EVP_DigestSignFinal(ctx
, sigret
, siglen
);
612 int EVP_DigestVerifyFinal(EVP_MD_CTX
*ctx
, const unsigned char *sig
,
615 unsigned char md
[EVP_MAX_MD_SIZE
];
617 unsigned int mdlen
= 0;
619 EVP_PKEY_CTX
*dctx
= NULL
, *pctx
= ctx
->pctx
;
621 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISED
) != 0) {
622 ERR_raise(ERR_LIB_EVP
, EVP_R_FINAL_ERROR
);
627 || pctx
->operation
!= EVP_PKEY_OP_VERIFYCTX
628 || pctx
->op
.sig
.algctx
== NULL
629 || pctx
->op
.sig
.signature
== NULL
)
632 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISE
) == 0) {
634 dctx
= EVP_PKEY_CTX_dup(pctx
);
638 r
= pctx
->op
.sig
.signature
->digest_verify_final(pctx
->op
.sig
.algctx
,
641 ctx
->flags
|= EVP_MD_CTX_FLAG_FINALISED
;
643 EVP_PKEY_CTX_free(dctx
);
647 if (pctx
== NULL
|| pctx
->pmeth
== NULL
) {
648 ERR_raise(ERR_LIB_EVP
, EVP_R_INITIALIZATION_ERROR
);
652 /* do_sigver_init() checked that |digest_custom| is non-NULL */
653 if (pctx
->flag_call_digest_custom
654 && !ctx
->pctx
->pmeth
->digest_custom(ctx
->pctx
, ctx
))
656 pctx
->flag_call_digest_custom
= 0;
658 if (pctx
->pmeth
->verifyctx
!= NULL
)
662 if (ctx
->flags
& EVP_MD_CTX_FLAG_FINALISE
) {
664 r
= pctx
->pmeth
->verifyctx(pctx
, sig
, siglen
, ctx
);
665 ctx
->flags
|= EVP_MD_CTX_FLAG_FINALISED
;
667 r
= EVP_DigestFinal_ex(ctx
, md
, &mdlen
);
669 EVP_MD_CTX
*tmp_ctx
= EVP_MD_CTX_new();
672 if (!EVP_MD_CTX_copy_ex(tmp_ctx
, ctx
)) {
673 EVP_MD_CTX_free(tmp_ctx
);
677 r
= tmp_ctx
->pctx
->pmeth
->verifyctx(tmp_ctx
->pctx
,
678 sig
, siglen
, tmp_ctx
);
680 r
= EVP_DigestFinal_ex(tmp_ctx
, md
, &mdlen
);
681 EVP_MD_CTX_free(tmp_ctx
);
685 return EVP_PKEY_verify(pctx
, sig
, siglen
, md
, mdlen
);
688 int EVP_DigestVerify(EVP_MD_CTX
*ctx
, const unsigned char *sigret
,
689 size_t siglen
, const unsigned char *tbs
, size_t tbslen
)
691 EVP_PKEY_CTX
*pctx
= ctx
->pctx
;
693 if ((ctx
->flags
& EVP_MD_CTX_FLAG_FINALISED
) != 0) {
694 ERR_raise(ERR_LIB_EVP
, EVP_R_FINAL_ERROR
);
699 && pctx
->operation
== EVP_PKEY_OP_VERIFYCTX
700 && pctx
->op
.sig
.algctx
!= NULL
701 && pctx
->op
.sig
.signature
!= NULL
) {
702 if (pctx
->op
.sig
.signature
->digest_verify
!= NULL
) {
703 ctx
->flags
|= EVP_MD_CTX_FLAG_FINALISED
;
704 return pctx
->op
.sig
.signature
->digest_verify(pctx
->op
.sig
.algctx
,
710 if (ctx
->pctx
->pmeth
!= NULL
&& ctx
->pctx
->pmeth
->digestverify
!= NULL
)
711 return ctx
->pctx
->pmeth
->digestverify(ctx
, sigret
, siglen
, tbs
, tbslen
);
714 if (EVP_DigestVerifyUpdate(ctx
, tbs
, tbslen
) <= 0)
716 return EVP_DigestVerifyFinal(ctx
, sigret
, siglen
);
718 #endif /* FIPS_MODULE */