#include "internal/numbers.h" /* includes SIZE_MAX */
#include "evp_local.h"
-#ifndef FIPS_MODULE
static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen)
{
ERR_raise(ERR_LIB_EVP, EVP_R_ONLY_ONESHOT_SUPPORTED);
return 0;
}
-#endif
/*
* If we get the "NULL" md then the name comes back as "UNDEF". We want to use
reinit = 0;
if (e == NULL)
ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props);
-#ifndef FIPS_MODULE
else
ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
-#endif
}
if (ctx->pctx == NULL)
return 0;
if (ctx->fetched_digest != NULL) {
ctx->digest = ctx->reqdigest = ctx->fetched_digest;
} else {
-#ifdef FIPS_MODULE
- (void)ERR_clear_last_mark();
- ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
- goto err;
-#else
/* legacy engine support : remove the mark when this is deleted */
ctx->reqdigest = ctx->digest = EVP_get_digestbyname(mdname);
if (ctx->digest == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
-#endif
}
(void)ERR_pop_to_mark();
}
EVP_KEYMGMT_free(tmp_keymgmt);
tmp_keymgmt = NULL;
-#ifdef FIPS_MODULE
- return 0;
-#else
if (type == NULL && mdname != NULL)
type = evp_get_digestbyname_ex(locpctx->libctx, mdname);
ctx->pctx->flag_call_digest_custom = 1;
ret = 1;
-#endif
end:
-#ifndef FIPS_MODULE
if (ret > 0)
ret = evp_pkey_ctx_use_cached_data(locpctx);
-#endif
EVP_KEYMGMT_free(tmp_keymgmt);
return ret > 0 ? 1 : 0;
params);
}
-#ifndef FIPS_MODULE
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0,
NULL);
}
-#endif
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, OSSL_LIB_CTX *libctx,
params);
}
-#ifndef FIPS_MODULE
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1,
NULL);
}
-#endif /* FIPS_MODULE */
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
{
data, dsize);
legacy:
-#ifdef FIPS_MODULE
- ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
- return 0;
-#else
if (pctx != NULL) {
/* do_sigver_init() checked that |digest_custom| is non-NULL */
if (pctx->flag_call_digest_custom
}
return EVP_DigestUpdate(ctx, data, dsize);
-#endif
}
int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
data, dsize);
legacy:
-#ifdef FIPS_MODULE
- ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
- return 0;
-#else
if (pctx != NULL) {
/* do_sigver_init() checked that |digest_custom| is non-NULL */
if (pctx->flag_call_digest_custom
}
return EVP_DigestUpdate(ctx, data, dsize);
-#endif
}
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen)
{
-#ifndef FIPS_MODULE
int sctx = 0;
-#endif
int r = 0;
EVP_PKEY_CTX *dctx = NULL, *pctx = ctx->pctx;
|| pctx->op.sig.signature == NULL)
goto legacy;
-#ifndef FIPS_MODULE
if (sigret != NULL && (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) == 0) {
/* try dup */
dctx = EVP_PKEY_CTX_dup(pctx);
if (dctx != NULL)
pctx = dctx;
}
-#endif
r = pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
sigret, siglen,
sigret == NULL ? 0 : *siglen);
return r;
legacy:
-#ifdef FIPS_MODULE
- ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
- return 0;
-#else
if (pctx == NULL || pctx->pmeth == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
return 0;
}
}
return 1;
-#endif
}
int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
sigret == NULL ? 0 : *siglen,
tbs, tbslen);
}
-#ifdef FIPS_MODULE
- }
- ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
- return 0;
-#else
} else {
/* legacy */
if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestsign != NULL)
if (sigret != NULL && EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0)
return 0;
return EVP_DigestSignFinal(ctx, sigret, siglen);
-#endif
}
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
size_t siglen)
{
-#ifndef FIPS_MODULE
int vctx = 0;
unsigned int mdlen = 0;
unsigned char md[EVP_MAX_MD_SIZE];
-#endif
int r = 0;
EVP_PKEY_CTX *dctx = NULL, *pctx = ctx->pctx;
|| pctx->op.sig.signature == NULL)
goto legacy;
-#ifndef FIPS_MODULE
if ((ctx->flags & EVP_MD_CTX_FLAG_FINALISE) == 0) {
/* try dup */
dctx = EVP_PKEY_CTX_dup(pctx);
if (dctx != NULL)
pctx = dctx;
}
-#endif
r = pctx->op.sig.signature->digest_verify_final(pctx->op.sig.algctx,
sig, siglen);
if (dctx == NULL)
return r;
legacy:
-#ifdef FIPS_MODULE
- ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
- return 0;
-#else
if (pctx == NULL || pctx->pmeth == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
return 0;
if (vctx || !r)
return r;
return EVP_PKEY_verify(pctx, sig, siglen, md, mdlen);
-#endif
}
int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
sigret, siglen,
tbs, tbslen);
}
-#ifdef FIPS_MODULE
- }
- ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
- return 0;
-#else
} else {
/* legacy */
if (ctx->pctx->pmeth != NULL && ctx->pctx->pmeth->digestverify != NULL)
if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0)
return -1;
return EVP_DigestVerifyFinal(ctx, sigret, siglen);
-#endif
}
projects / thirdparty / openssl.git / commitdiff
