2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <sys/types.h>
14 #include "internal/cryptlib.h"
16 #include <openssl/bn.h>
17 #include <openssl/evp.h>
18 #include <openssl/x509.h>
19 #include <openssl/objects.h>
20 #include <openssl/buffer.h>
21 #include "crypto/asn1.h"
22 #include "crypto/evp.h"
26 int ASN1_sign(i2d_of_void
*i2d
, X509_ALGOR
*algor1
, X509_ALGOR
*algor2
,
27 ASN1_BIT_STRING
*signature
, char *data
, EVP_PKEY
*pkey
,
30 EVP_MD_CTX
*ctx
= EVP_MD_CTX_new();
31 unsigned char *p
, *buf_in
= NULL
, *buf_out
= NULL
;
32 int i
, inl
= 0, outl
= 0;
33 size_t inll
= 0, outll
= 0;
37 ASN1err(ASN1_F_ASN1_SIGN
, ERR_R_MALLOC_FAILURE
);
40 for (i
= 0; i
< 2; i
++) {
47 if (type
->pkey_type
== NID_dsaWithSHA1
) {
49 * special case: RFC 2459 tells us to omit 'parameters' with
52 ASN1_TYPE_free(a
->parameter
);
54 } else if ((a
->parameter
== NULL
) ||
55 (a
->parameter
->type
!= V_ASN1_NULL
)) {
56 ASN1_TYPE_free(a
->parameter
);
57 if ((a
->parameter
= ASN1_TYPE_new()) == NULL
)
59 a
->parameter
->type
= V_ASN1_NULL
;
61 ASN1_OBJECT_free(a
->algorithm
);
62 a
->algorithm
= OBJ_nid2obj(type
->pkey_type
);
63 if (a
->algorithm
== NULL
) {
64 ASN1err(ASN1_F_ASN1_SIGN
, ASN1_R_UNKNOWN_OBJECT_TYPE
);
67 if (a
->algorithm
->length
== 0) {
68 ASN1err(ASN1_F_ASN1_SIGN
,
69 ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD
);
73 inl
= i2d(data
, NULL
);
75 ASN1err(ASN1_F_ASN1_SIGN
, ERR_R_INTERNAL_ERROR
);
79 buf_in
= OPENSSL_malloc(inll
);
80 outll
= outl
= EVP_PKEY_size(pkey
);
81 buf_out
= OPENSSL_malloc(outll
);
82 if (buf_in
== NULL
|| buf_out
== NULL
) {
84 ASN1err(ASN1_F_ASN1_SIGN
, ERR_R_MALLOC_FAILURE
);
90 if (!EVP_SignInit_ex(ctx
, type
, NULL
)
91 || !EVP_SignUpdate(ctx
, (unsigned char *)buf_in
, inl
)
92 || !EVP_SignFinal(ctx
, (unsigned char *)buf_out
,
93 (unsigned int *)&outl
, pkey
)) {
95 ASN1err(ASN1_F_ASN1_SIGN
, ERR_R_EVP_LIB
);
98 OPENSSL_free(signature
->data
);
99 signature
->data
= buf_out
;
101 signature
->length
= outl
;
103 * In the interests of compatibility, I'll make sure that the bit string
104 * has a 'not-used bits' value of 0
106 signature
->flags
&= ~(ASN1_STRING_FLAG_BITS_LEFT
| 0x07);
107 signature
->flags
|= ASN1_STRING_FLAG_BITS_LEFT
;
109 EVP_MD_CTX_free(ctx
);
110 OPENSSL_clear_free((char *)buf_in
, inll
);
111 OPENSSL_clear_free((char *)buf_out
, outll
);
117 int ASN1_item_sign(const ASN1_ITEM
*it
, X509_ALGOR
*algor1
,
118 X509_ALGOR
*algor2
, ASN1_BIT_STRING
*signature
, void *asn
,
119 EVP_PKEY
*pkey
, const EVP_MD
*type
)
122 EVP_MD_CTX
*ctx
= EVP_MD_CTX_new();
125 ASN1err(ASN1_F_ASN1_ITEM_SIGN
, ERR_R_MALLOC_FAILURE
);
128 if (!EVP_DigestSignInit(ctx
, NULL
, type
, NULL
, pkey
)) {
129 EVP_MD_CTX_free(ctx
);
133 rv
= ASN1_item_sign_ctx(it
, algor1
, algor2
, signature
, asn
, ctx
);
135 EVP_MD_CTX_free(ctx
);
139 int ASN1_item_sign_ctx(const ASN1_ITEM
*it
,
140 X509_ALGOR
*algor1
, X509_ALGOR
*algor2
,
141 ASN1_BIT_STRING
*signature
, void *asn
, EVP_MD_CTX
*ctx
)
145 unsigned char *buf_in
= NULL
, *buf_out
= NULL
;
146 size_t inl
= 0, outl
= 0, outll
= 0;
147 int signid
, paramtype
, buf_len
= 0;
150 type
= EVP_MD_CTX_md(ctx
);
151 pkey
= EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx
));
154 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ASN1_R_CONTEXT_NOT_INITIALISED
);
158 if (pkey
->ameth
== NULL
) {
159 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
);
163 if (pkey
->ameth
->item_sign
) {
164 rv
= pkey
->ameth
->item_sign(ctx
, it
, asn
, algor1
, algor2
, signature
);
166 outl
= signature
->length
;
168 * Return value meanings:
170 * 1: method does everything.
171 * 2: carry on as normal.
172 * 3: ASN1 method sets algorithm identifiers: just sign.
175 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ERR_R_EVP_LIB
);
184 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ASN1_R_CONTEXT_NOT_INITIALISED
);
189 #ifndef OPENSSL_NO_SM2
190 EVP_PKEY_id(pkey
) == NID_sm2
? NID_sm2
:
192 pkey
->ameth
->pkey_id
;
194 if (!OBJ_find_sigid_by_algs(&signid
, EVP_MD_nid(type
), pkey_id
)) {
195 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
,
196 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED
);
200 if (pkey
->ameth
->pkey_flags
& ASN1_PKEY_SIGPARAM_NULL
)
201 paramtype
= V_ASN1_NULL
;
203 paramtype
= V_ASN1_UNDEF
;
206 X509_ALGOR_set0(algor1
, OBJ_nid2obj(signid
), paramtype
, NULL
);
208 X509_ALGOR_set0(algor2
, OBJ_nid2obj(signid
), paramtype
, NULL
);
212 buf_len
= ASN1_item_i2d(asn
, &buf_in
, it
);
215 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ERR_R_INTERNAL_ERROR
);
219 outll
= outl
= EVP_PKEY_size(pkey
);
220 buf_out
= OPENSSL_malloc(outll
);
221 if (buf_in
== NULL
|| buf_out
== NULL
) {
223 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ERR_R_MALLOC_FAILURE
);
227 if (!EVP_DigestSign(ctx
, buf_out
, &outl
, buf_in
, inl
)) {
229 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX
, ERR_R_EVP_LIB
);
232 OPENSSL_free(signature
->data
);
233 signature
->data
= buf_out
;
235 signature
->length
= outl
;
237 * In the interests of compatibility, I'll make sure that the bit string
238 * has a 'not-used bits' value of 0
240 signature
->flags
&= ~(ASN1_STRING_FLAG_BITS_LEFT
| 0x07);
241 signature
->flags
|= ASN1_STRING_FLAG_BITS_LEFT
;
243 OPENSSL_clear_free((char *)buf_in
, inl
);
244 OPENSSL_clear_free((char *)buf_out
, outll
);