m_sigver.c 6.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219
  1. /* m_sigver.c */
  2. /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  3. * project 2006.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #include <stdio.h>
  59. #include "cryptlib.h"
  60. #include <openssl/evp.h>
  61. #include <openssl/objects.h>
  62. #include <openssl/x509.h>
  63. #include "evp_locl.h"
  64. static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
  65. const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
  66. int ver)
  67. {
  68. if (ctx->pctx == NULL)
  69. ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
  70. if (ctx->pctx == NULL)
  71. return 0;
  72. if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM))
  73. {
  74. if (type == NULL)
  75. {
  76. int def_nid;
  77. if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
  78. type = EVP_get_digestbynid(def_nid);
  79. }
  80. if (type == NULL)
  81. {
  82. EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
  83. return 0;
  84. }
  85. }
  86. if (ver)
  87. {
  88. if (ctx->pctx->pmeth->verifyctx_init)
  89. {
  90. if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <=0)
  91. return 0;
  92. ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
  93. }
  94. else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
  95. return 0;
  96. }
  97. else
  98. {
  99. if (ctx->pctx->pmeth->signctx_init)
  100. {
  101. if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
  102. return 0;
  103. ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
  104. }
  105. else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
  106. return 0;
  107. }
  108. if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
  109. return 0;
  110. if (pctx)
  111. *pctx = ctx->pctx;
  112. if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
  113. return 1;
  114. if (!EVP_DigestInit_ex(ctx, type, e))
  115. return 0;
  116. return 1;
  117. }
  118. int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
  119. const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
  120. {
  121. return do_sigver_init(ctx, pctx, type, e, pkey, 0);
  122. }
  123. int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
  124. const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
  125. {
  126. return do_sigver_init(ctx, pctx, type, e, pkey, 1);
  127. }
  128. int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
  129. {
  130. int sctx, r = 0;
  131. EVP_PKEY_CTX *pctx = ctx->pctx;
  132. if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
  133. {
  134. EVP_PKEY_CTX *dctx;
  135. if (!sigret)
  136. return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
  137. dctx = EVP_PKEY_CTX_dup(ctx->pctx);
  138. if (!dctx)
  139. return 0;
  140. r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);
  141. EVP_PKEY_CTX_free(dctx);
  142. return r;
  143. }
  144. if (pctx->pmeth->signctx)
  145. sctx = 1;
  146. else
  147. sctx = 0;
  148. if (sigret)
  149. {
  150. EVP_MD_CTX tmp_ctx;
  151. unsigned char md[EVP_MAX_MD_SIZE];
  152. unsigned int mdlen;
  153. EVP_MD_CTX_init(&tmp_ctx);
  154. if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
  155. return 0;
  156. if (sctx)
  157. r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
  158. sigret, siglen, &tmp_ctx);
  159. else
  160. r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
  161. EVP_MD_CTX_cleanup(&tmp_ctx);
  162. if (sctx || !r)
  163. return r;
  164. if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
  165. return 0;
  166. }
  167. else
  168. {
  169. if (sctx)
  170. {
  171. if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)
  172. return 0;
  173. }
  174. else
  175. {
  176. int s = EVP_MD_size(ctx->digest);
  177. if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)
  178. return 0;
  179. }
  180. }
  181. return 1;
  182. }
  183. int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
  184. {
  185. EVP_MD_CTX tmp_ctx;
  186. unsigned char md[EVP_MAX_MD_SIZE];
  187. int r;
  188. unsigned int mdlen;
  189. int vctx;
  190. if (ctx->pctx->pmeth->verifyctx)
  191. vctx = 1;
  192. else
  193. vctx = 0;
  194. EVP_MD_CTX_init(&tmp_ctx);
  195. if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
  196. return -1;
  197. if (vctx)
  198. {
  199. r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
  200. sig, siglen, &tmp_ctx);
  201. }
  202. else
  203. r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
  204. EVP_MD_CTX_cleanup(&tmp_ctx);
  205. if (vctx || !r)
  206. return r;
  207. return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
  208. }