Line data Source code
1 : /* m_sigver.c */
2 : /*
3 : * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4 : * 2006.
5 : */
6 : /* ====================================================================
7 : * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
8 : *
9 : * Redistribution and use in source and binary forms, with or without
10 : * modification, are permitted provided that the following conditions
11 : * are met:
12 : *
13 : * 1. Redistributions of source code must retain the above copyright
14 : * notice, this list of conditions and the following disclaimer.
15 : *
16 : * 2. Redistributions in binary form must reproduce the above copyright
17 : * notice, this list of conditions and the following disclaimer in
18 : * the documentation and/or other materials provided with the
19 : * distribution.
20 : *
21 : * 3. All advertising materials mentioning features or use of this
22 : * software must display the following acknowledgment:
23 : * "This product includes software developed by the OpenSSL Project
24 : * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 : *
26 : * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 : * endorse or promote products derived from this software without
28 : * prior written permission. For written permission, please contact
29 : * licensing@OpenSSL.org.
30 : *
31 : * 5. Products derived from this software may not be called "OpenSSL"
32 : * nor may "OpenSSL" appear in their names without prior written
33 : * permission of the OpenSSL Project.
34 : *
35 : * 6. Redistributions of any form whatsoever must retain the following
36 : * acknowledgment:
37 : * "This product includes software developed by the OpenSSL Project
38 : * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 : *
40 : * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 : * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 : * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 : * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 : * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 : * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 : * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 : * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 : * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 : * OF THE POSSIBILITY OF SUCH DAMAGE.
52 : * ====================================================================
53 : *
54 : * This product includes cryptographic software written by Eric Young
55 : * (eay@cryptsoft.com). This product includes software written by Tim
56 : * Hudson (tjh@cryptsoft.com).
57 : *
58 : */
59 :
60 : #include <stdio.h>
61 : #include "cryptlib.h"
62 : #include <openssl/evp.h>
63 : #include <openssl/objects.h>
64 : #include <openssl/x509.h>
65 : #include "evp_locl.h"
66 :
67 4059 : static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
68 : const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
69 : int ver)
70 : {
71 4059 : if (ctx->pctx == NULL)
72 4059 : ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
73 4059 : if (ctx->pctx == NULL)
74 : return 0;
75 :
76 4059 : if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {
77 :
78 4059 : if (type == NULL) {
79 : int def_nid;
80 0 : if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
81 0 : type = EVP_get_digestbynid(def_nid);
82 : }
83 :
84 4059 : if (type == NULL) {
85 0 : EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
86 0 : return 0;
87 : }
88 : }
89 :
90 4059 : if (ver) {
91 376 : if (ctx->pctx->pmeth->verifyctx_init) {
92 0 : if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
93 : return 0;
94 0 : ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
95 376 : } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
96 : return 0;
97 : } else {
98 3683 : if (ctx->pctx->pmeth->signctx_init) {
99 3675 : if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
100 : return 0;
101 3675 : ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
102 8 : } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
103 : return 0;
104 : }
105 4059 : if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
106 : return 0;
107 4059 : if (pctx)
108 0 : *pctx = ctx->pctx;
109 4059 : if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
110 : return 1;
111 4059 : if (!EVP_DigestInit_ex(ctx, type, e))
112 : return 0;
113 4059 : return 1;
114 : }
115 :
116 3683 : int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
117 : const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
118 : {
119 3683 : return do_sigver_init(ctx, pctx, type, e, pkey, 0);
120 : }
121 :
122 376 : int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
123 : const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
124 : {
125 376 : return do_sigver_init(ctx, pctx, type, e, pkey, 1);
126 : }
127 :
128 10314 : int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
129 : size_t *siglen)
130 : {
131 : int sctx, r = 0;
132 10314 : EVP_PKEY_CTX *pctx = ctx->pctx;
133 10314 : if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) {
134 : EVP_PKEY_CTX *dctx;
135 0 : if (!sigret)
136 0 : return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
137 0 : dctx = EVP_PKEY_CTX_dup(ctx->pctx);
138 0 : if (!dctx)
139 : return 0;
140 0 : r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);
141 0 : EVP_PKEY_CTX_free(dctx);
142 0 : return r;
143 : }
144 10314 : if (pctx->pmeth->signctx)
145 : sctx = 1;
146 : else
147 : sctx = 0;
148 10314 : if (sigret) {
149 : EVP_MD_CTX tmp_ctx;
150 : unsigned char md[EVP_MAX_MD_SIZE];
151 : unsigned int mdlen;
152 10306 : EVP_MD_CTX_init(&tmp_ctx);
153 10306 : if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
154 10298 : return 0;
155 10306 : if (sctx)
156 10298 : r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
157 : sigret, siglen, &tmp_ctx);
158 : else
159 8 : r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
160 10306 : EVP_MD_CTX_cleanup(&tmp_ctx);
161 10306 : if (sctx || !r)
162 : return r;
163 8 : if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
164 : return 0;
165 : } else {
166 8 : if (sctx) {
167 0 : if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)
168 : return 0;
169 : } else {
170 8 : int s = EVP_MD_size(ctx->digest);
171 8 : if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)
172 : return 0;
173 : }
174 : }
175 : return 1;
176 : }
177 :
178 376 : int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
179 : size_t siglen)
180 : {
181 : EVP_MD_CTX tmp_ctx;
182 : unsigned char md[EVP_MAX_MD_SIZE];
183 : int r;
184 : unsigned int mdlen;
185 : int vctx;
186 :
187 376 : if (ctx->pctx->pmeth->verifyctx)
188 : vctx = 1;
189 : else
190 : vctx = 0;
191 376 : EVP_MD_CTX_init(&tmp_ctx);
192 376 : if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
193 : return -1;
194 376 : if (vctx) {
195 0 : r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
196 : sig, siglen, &tmp_ctx);
197 : } else
198 376 : r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
199 376 : EVP_MD_CTX_cleanup(&tmp_ctx);
200 376 : if (vctx || !r)
201 : return r;
202 376 : return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
203 : }
|