2 * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/objects.h>
13 #include <openssl/evp.h>
14 #include "internal/cryptlib.h"
15 #include "internal/evp_int.h"
16 #include "internal/provider.h"
19 static EVP_SIGNATURE
*evp_signature_new(OSSL_PROVIDER
*prov
)
21 EVP_SIGNATURE
*signature
= OPENSSL_zalloc(sizeof(EVP_SIGNATURE
));
23 signature
->lock
= CRYPTO_THREAD_lock_new();
24 if (signature
->lock
== NULL
) {
25 OPENSSL_free(signature
);
28 signature
->prov
= prov
;
29 ossl_provider_up_ref(prov
);
30 signature
->refcnt
= 1;
35 static void *evp_signature_from_dispatch(const char *name
,
36 const OSSL_DISPATCH
*fns
,
41 * Signature functions cannot work without a key, and key management
42 * from the same provider to manage its keys. We therefore fetch
43 * a key management method using the same algorithm and properties
44 * and pass that down to evp_generic_fetch to be passed on to our
45 * evp_signature_from_dispatch, which will attach the key management
46 * method to the newly created key exchange method as long as the
49 struct keymgmt_data_st
*keymgmt_data
= vkeymgmt_data
;
50 EVP_KEYMGMT
*keymgmt
= EVP_KEYMGMT_fetch(keymgmt_data
->ctx
, name
,
51 keymgmt_data
->properties
);
52 EVP_SIGNATURE
*signature
= NULL
;
55 if (keymgmt
== NULL
|| EVP_KEYMGMT_provider(keymgmt
) != prov
) {
56 ERR_raise(ERR_LIB_EVP
, EVP_R_NO_KEYMGMT_AVAILABLE
);
60 if ((signature
= evp_signature_new(prov
)) == NULL
61 || (signature
->name
= OPENSSL_strdup(name
)) == NULL
) {
62 ERR_raise(ERR_LIB_EVP
, ERR_R_MALLOC_FAILURE
);
66 signature
->keymgmt
= keymgmt
;
67 keymgmt
= NULL
; /* avoid double free on failure below */
69 for (; fns
->function_id
!= 0; fns
++) {
70 switch (fns
->function_id
) {
71 case OSSL_FUNC_SIGNATURE_NEWCTX
:
72 if (signature
->newctx
!= NULL
)
74 signature
->newctx
= OSSL_get_OP_signature_newctx(fns
);
77 case OSSL_FUNC_SIGNATURE_SIGN_INIT
:
78 if (signature
->sign_init
!= NULL
)
80 signature
->sign_init
= OSSL_get_OP_signature_sign_init(fns
);
83 case OSSL_FUNC_SIGNATURE_SIGN
:
84 if (signature
->sign
!= NULL
)
86 signature
->sign
= OSSL_get_OP_signature_sign(fns
);
89 case OSSL_FUNC_SIGNATURE_FREECTX
:
90 if (signature
->freectx
!= NULL
)
92 signature
->freectx
= OSSL_get_OP_signature_freectx(fns
);
95 case OSSL_FUNC_SIGNATURE_DUPCTX
:
96 if (signature
->dupctx
!= NULL
)
98 signature
->dupctx
= OSSL_get_OP_signature_dupctx(fns
);
100 case OSSL_FUNC_SIGNATURE_SET_PARAMS
:
101 if (signature
->set_params
!= NULL
)
103 signature
->set_params
= OSSL_get_OP_signature_set_params(fns
);
109 * In order to be a consistent set of functions we must have at least
110 * a complete set of "signature" functions: sign_init, sign, newctx,
111 * and freectx. The dupctx function is optional.
113 ERR_raise(ERR_LIB_EVP
, EVP_R_INVALID_PROVIDER_FUNCTIONS
);
119 EVP_SIGNATURE_free(signature
);
120 EVP_KEYMGMT_free(keymgmt
);
124 void EVP_SIGNATURE_free(EVP_SIGNATURE
*signature
)
126 if (signature
!= NULL
) {
129 CRYPTO_DOWN_REF(&signature
->refcnt
, &i
, signature
->lock
);
132 EVP_KEYMGMT_free(signature
->keymgmt
);
133 ossl_provider_free(signature
->prov
);
134 OPENSSL_free(signature
->name
);
135 CRYPTO_THREAD_lock_free(signature
->lock
);
136 OPENSSL_free(signature
);
140 int EVP_SIGNATURE_up_ref(EVP_SIGNATURE
*signature
)
144 CRYPTO_UP_REF(&signature
->refcnt
, &ref
, signature
->lock
);
148 OSSL_PROVIDER
*EVP_SIGNATURE_provider(const EVP_SIGNATURE
*signature
)
150 return signature
->prov
;
153 EVP_SIGNATURE
*EVP_SIGNATURE_fetch(OPENSSL_CTX
*ctx
, const char *algorithm
,
154 const char *properties
)
156 struct keymgmt_data_st keymgmt_data
;
159 * A signature operation cannot work without a key, so we need key
160 * management from the same provider to manage its keys.
162 keymgmt_data
.ctx
= ctx
;
163 keymgmt_data
.properties
= properties
;
164 return evp_generic_fetch(ctx
, OSSL_OP_SIGNATURE
, algorithm
, properties
,
165 evp_signature_from_dispatch
, &keymgmt_data
,
166 (int (*)(void *))EVP_SIGNATURE_up_ref
,
167 (void (*)(void *))EVP_SIGNATURE_free
);
170 int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX
*ctx
, EVP_SIGNATURE
*signature
)
173 void *provkey
= NULL
;
176 EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
180 ctx
->operation
= EVP_PKEY_OP_SIGN
;
182 if (ctx
->engine
!= NULL
)
185 if (signature
!= NULL
) {
186 if (!EVP_SIGNATURE_up_ref(signature
))
189 int nid
= ctx
->pkey
!= NULL
? ctx
->pkey
->type
: ctx
->pmeth
->pkey_id
;
192 * TODO(3.0): Check for legacy handling. Remove this once all all
193 * algorithms are moved to providers.
195 if (ctx
->pkey
!= NULL
) {
196 switch (ctx
->pkey
->type
) {
200 signature
= EVP_SIGNATURE_fetch(NULL
, OBJ_nid2sn(nid
), NULL
);
205 if (signature
== NULL
) {
206 EVPerr(0, EVP_R_INITIALIZATION_ERROR
);
211 if (ctx
->sigprovctx
!= NULL
&& ctx
->signature
!= NULL
)
212 ctx
->signature
->freectx(ctx
->sigprovctx
);
213 EVP_SIGNATURE_free(ctx
->signature
);
214 ctx
->signature
= signature
;
215 if (ctx
->pkey
!= NULL
) {
216 provkey
= evp_keymgmt_export_to_provider(ctx
->pkey
, signature
->keymgmt
);
217 if (provkey
== NULL
) {
218 EVPerr(0, EVP_R_INITIALIZATION_ERROR
);
222 ctx
->sigprovctx
= signature
->newctx(ossl_provider_ctx(signature
->prov
));
223 if (ctx
->sigprovctx
== NULL
) {
224 /* The provider key can stay in the cache */
225 EVPerr(0, EVP_R_INITIALIZATION_ERROR
);
228 ret
= signature
->sign_init(ctx
->sigprovctx
, provkey
);
232 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
236 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->sign
== NULL
) {
237 EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
241 if (ctx
->pmeth
->sign_init
== NULL
)
243 ret
= ctx
->pmeth
->sign_init(ctx
);
245 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
249 int EVP_PKEY_sign_init(EVP_PKEY_CTX
*ctx
)
251 return EVP_PKEY_sign_init_ex(ctx
, NULL
);
254 int EVP_PKEY_sign(EVP_PKEY_CTX
*ctx
,
255 unsigned char *sig
, size_t *siglen
,
256 const unsigned char *tbs
, size_t tbslen
)
261 EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
265 if (ctx
->operation
!= EVP_PKEY_OP_SIGN
) {
266 EVPerr(0, EVP_R_OPERATON_NOT_INITIALIZED
);
270 if (ctx
->sigprovctx
== NULL
)
273 ret
= ctx
->signature
->sign(ctx
->sigprovctx
, sig
, siglen
, SIZE_MAX
,
279 if (ctx
->pmeth
== NULL
|| ctx
->pmeth
->sign
== NULL
) {
280 EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
284 M_check_autoarg(ctx
, sig
, siglen
, EVP_F_EVP_PKEY_SIGN
)
285 return ctx
->pmeth
->sign(ctx
, sig
, siglen
, tbs
, tbslen
);
288 int EVP_PKEY_verify_init(EVP_PKEY_CTX
*ctx
)
291 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->verify
) {
292 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT
,
293 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
296 ctx
->operation
= EVP_PKEY_OP_VERIFY
;
297 if (!ctx
->pmeth
->verify_init
)
299 ret
= ctx
->pmeth
->verify_init(ctx
);
301 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
305 int EVP_PKEY_verify(EVP_PKEY_CTX
*ctx
,
306 const unsigned char *sig
, size_t siglen
,
307 const unsigned char *tbs
, size_t tbslen
)
309 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->verify
) {
310 EVPerr(EVP_F_EVP_PKEY_VERIFY
,
311 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
314 if (ctx
->operation
!= EVP_PKEY_OP_VERIFY
) {
315 EVPerr(EVP_F_EVP_PKEY_VERIFY
, EVP_R_OPERATON_NOT_INITIALIZED
);
318 return ctx
->pmeth
->verify(ctx
, sig
, siglen
, tbs
, tbslen
);
321 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX
*ctx
)
324 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->verify_recover
) {
325 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT
,
326 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
329 ctx
->operation
= EVP_PKEY_OP_VERIFYRECOVER
;
330 if (!ctx
->pmeth
->verify_recover_init
)
332 ret
= ctx
->pmeth
->verify_recover_init(ctx
);
334 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
338 int EVP_PKEY_verify_recover(EVP_PKEY_CTX
*ctx
,
339 unsigned char *rout
, size_t *routlen
,
340 const unsigned char *sig
, size_t siglen
)
342 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->verify_recover
) {
343 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER
,
344 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
347 if (ctx
->operation
!= EVP_PKEY_OP_VERIFYRECOVER
) {
348 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER
, EVP_R_OPERATON_NOT_INITIALIZED
);
351 M_check_autoarg(ctx
, rout
, routlen
, EVP_F_EVP_PKEY_VERIFY_RECOVER
)
352 return ctx
->pmeth
->verify_recover(ctx
, rout
, routlen
, sig
, siglen
);
355 int EVP_PKEY_encrypt_init(EVP_PKEY_CTX
*ctx
)
358 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->encrypt
) {
359 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT
,
360 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
363 ctx
->operation
= EVP_PKEY_OP_ENCRYPT
;
364 if (!ctx
->pmeth
->encrypt_init
)
366 ret
= ctx
->pmeth
->encrypt_init(ctx
);
368 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
372 int EVP_PKEY_encrypt(EVP_PKEY_CTX
*ctx
,
373 unsigned char *out
, size_t *outlen
,
374 const unsigned char *in
, size_t inlen
)
376 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->encrypt
) {
377 EVPerr(EVP_F_EVP_PKEY_ENCRYPT
,
378 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
381 if (ctx
->operation
!= EVP_PKEY_OP_ENCRYPT
) {
382 EVPerr(EVP_F_EVP_PKEY_ENCRYPT
, EVP_R_OPERATON_NOT_INITIALIZED
);
385 M_check_autoarg(ctx
, out
, outlen
, EVP_F_EVP_PKEY_ENCRYPT
)
386 return ctx
->pmeth
->encrypt(ctx
, out
, outlen
, in
, inlen
);
389 int EVP_PKEY_decrypt_init(EVP_PKEY_CTX
*ctx
)
392 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->decrypt
) {
393 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT
,
394 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
397 ctx
->operation
= EVP_PKEY_OP_DECRYPT
;
398 if (!ctx
->pmeth
->decrypt_init
)
400 ret
= ctx
->pmeth
->decrypt_init(ctx
);
402 ctx
->operation
= EVP_PKEY_OP_UNDEFINED
;
406 int EVP_PKEY_decrypt(EVP_PKEY_CTX
*ctx
,
407 unsigned char *out
, size_t *outlen
,
408 const unsigned char *in
, size_t inlen
)
410 if (!ctx
|| !ctx
->pmeth
|| !ctx
->pmeth
->decrypt
) {
411 EVPerr(EVP_F_EVP_PKEY_DECRYPT
,
412 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE
);
415 if (ctx
->operation
!= EVP_PKEY_OP_DECRYPT
) {
416 EVPerr(EVP_F_EVP_PKEY_DECRYPT
, EVP_R_OPERATON_NOT_INITIALIZED
);
419 M_check_autoarg(ctx
, out
, outlen
, EVP_F_EVP_PKEY_DECRYPT
)
420 return ctx
->pmeth
->decrypt(ctx
, out
, outlen
, in
, inlen
);