Strona główna Odkrywaj Pomoc
Zaloguj się
OWEALs
/
openssl
kopia lustrzana git://git.openssl.org/openssl.git
2
0
Forkuj 0
Pliki Problemy 1 Wiki
Drzewo: a28d06f3e9
Gałęzie Tagi
openssl
/
apps
/
pkeyutl.c

pkeyutl.c 25 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805 
  1. /*
    2. 

  2.  * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include "apps.h"
    11. 

  11. #include "progs.h"
    12. 

  12. #include <string.h>
    13. 

  13. #include <openssl/err.h>
    14. 

  14. #include <openssl/pem.h>
    15. 

  15. #include <openssl/evp.h>
    16. 

  16. #include <sys/stat.h>
    17. 

  17. 

  18. #define KEY_NONE        0
    19. 

  19. #define KEY_PRIVKEY     1
    20. 

  20. #define KEY_PUBKEY      2
    21. 

  21. #define KEY_CERT        3
    22. 

  22. 

  23. static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
    24. 

  24.                               const char *keyfile, int keyform, int key_type,
    25. 

  25.                               char *passinarg, int pkey_op, ENGINE *e,
    26. 

  26.                               const int impl, int rawin, EVP_PKEY **ppkey,
    27. 

  27.                               OSSL_LIB_CTX *libctx);
    28. 

  28. 

  29. static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file,
    30. 

  30.                       ENGINE *e);
    31. 

  31. 

  32. static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
    33. 

  33.                     unsigned char *out, size_t *poutlen,
    34. 

  34.                     const unsigned char *in, size_t inlen);
    35. 

  35. 

  36. static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx,
    37. 

  37.                         const EVP_MD *md, EVP_PKEY *pkey, BIO *in,
    38. 

  38.                         int filesize, unsigned char *sig, int siglen,
    39. 

  39.                         unsigned char **out, size_t *poutlen);
    40. 

  40. 

  41. typedef enum OPTION_choice {
    42. 

  42.     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
    43. 

  43.     OPT_ENGINE, OPT_ENGINE_IMPL, OPT_IN, OPT_OUT,
    44. 

  44.     OPT_PUBIN, OPT_CERTIN, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_SIGN,
    45. 

  45.     OPT_VERIFY, OPT_VERIFYRECOVER, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT,
    46. 

  46.     OPT_DERIVE, OPT_SIGFILE, OPT_INKEY, OPT_PEERKEY, OPT_PASSIN,
    47. 

  47.     OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_PKEYOPT_PASSIN, OPT_KDF,
    48. 

  48.     OPT_KDFLEN, OPT_R_ENUM, OPT_PROV_ENUM,
    49. 

  49.     OPT_CONFIG,
    50. 

  50.     OPT_RAWIN, OPT_DIGEST
    51. 

  51. } OPTION_CHOICE;
    52. 

  52. 

  53. const OPTIONS pkeyutl_options[] = {
    54. 

  54.     OPT_SECTION("General"),
    55. 

  55.     {"help", OPT_HELP, '-', "Display this summary"},
    56. 

  56. #ifndef OPENSSL_NO_ENGINE
    57. 

  57.     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
    58. 

  58.     {"engine_impl", OPT_ENGINE_IMPL, '-',
    59. 

  59.      "Also use engine given by -engine for crypto operations"},
    60. 

  60. #endif
    61. 

  61.     {"sign", OPT_SIGN, '-', "Sign input data with private key"},
    62. 

  62.     {"verify", OPT_VERIFY, '-', "Verify with public key"},
    63. 

  63.     {"encrypt", OPT_ENCRYPT, '-', "Encrypt input data with public key"},
    64. 

  64.     {"decrypt", OPT_DECRYPT, '-', "Decrypt input data with private key"},
    65. 

  65.     {"derive", OPT_DERIVE, '-', "Derive shared secret"},
    66. 

  66.     OPT_CONFIG_OPTION,
    67. 

  67. 

  68.     OPT_SECTION("Input"),
    69. 

  69.     {"in", OPT_IN, '<', "Input file - default stdin"},
    70. 

  70.     {"rawin", OPT_RAWIN, '-', "Indicate the input data is in raw form"},
    71. 

  71.     {"pubin", OPT_PUBIN, '-', "Input is a public key"},
    72. 

  72.     {"inkey", OPT_INKEY, 's', "Input private key file"},
    73. 

  73.     {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
    74. 

  74.     {"peerkey", OPT_PEERKEY, 's', "Peer key file used in key derivation"},
    75. 

  75.     {"peerform", OPT_PEERFORM, 'E', "Peer key format (DER/PEM/P12/ENGINE)"},
    76. 

  76.     {"certin", OPT_CERTIN, '-', "Input is a cert with a public key"},
    77. 

  77.     {"rev", OPT_REV, '-', "Reverse the order of the input buffer"},
    78. 

  78.     {"sigfile", OPT_SIGFILE, '<', "Signature file (verify operation only)"},
    79. 

  79.     {"keyform", OPT_KEYFORM, 'E', "Private key format (ENGINE, other values ignored)"},
    80. 

  80. 

  81.     OPT_SECTION("Output"),
    82. 

  82.     {"out", OPT_OUT, '>', "Output file - default stdout"},
    83. 

  83.     {"asn1parse", OPT_ASN1PARSE, '-', "asn1parse the output data"},
    84. 

  84.     {"hexdump", OPT_HEXDUMP, '-', "Hex dump output"},
    85. 

  85.     {"verifyrecover", OPT_VERIFYRECOVER, '-',
    86. 

  86.      "Verify with public key, recover original data"},
    87. 

  87. 

  88.     OPT_SECTION("Signing/Derivation"),
    89. 

  89.     {"digest", OPT_DIGEST, 's',
    90. 

  90.      "Specify the digest algorithm when signing the raw input data"},
    91. 

  91.     {"pkeyopt", OPT_PKEYOPT, 's', "Public key options as opt:value"},
    92. 

  92.     {"pkeyopt_passin", OPT_PKEYOPT_PASSIN, 's',
    93. 

  93.      "Public key option that is read as a passphrase argument opt:passphrase"},
    94. 

  94.     {"kdf", OPT_KDF, 's', "Use KDF algorithm"},
    95. 

  95.     {"kdflen", OPT_KDFLEN, 'p', "KDF algorithm output length"},
    96. 

  96. 

  97.     OPT_R_OPTIONS,
    98. 

  98.     OPT_PROV_OPTIONS,
    99. 

  99.     {NULL}
    100. 

  100. };
    101. 

  101. 

  102. int pkeyutl_main(int argc, char **argv)
    103. 

  103. {
    104. 

  104.     CONF *conf = NULL;
    105. 

  105.     BIO *in = NULL, *out = NULL;
    106. 

  106.     ENGINE *e = NULL;
    107. 

  107.     EVP_PKEY_CTX *ctx = NULL;
    108. 

  108.     EVP_PKEY *pkey = NULL;
    109. 

  109.     char *infile = NULL, *outfile = NULL, *sigfile = NULL, *passinarg = NULL;
    110. 

  110.     char hexdump = 0, asn1parse = 0, rev = 0, *prog;
    111. 

  111.     unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
    112. 

  112.     OPTION_CHOICE o;
    113. 

  113.     int buf_inlen = 0, siglen = -1, keyform = FORMAT_PEM, peerform = FORMAT_PEM;
    114. 

  114.     int keysize = -1, pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
    115. 

  115.     int engine_impl = 0;
    116. 

  116.     int ret = 1, rv = -1;
    117. 

  117.     size_t buf_outlen;
    118. 

  118.     const char *inkey = NULL;
    119. 

  119.     const char *peerkey = NULL;
    120. 

  120.     const char *kdfalg = NULL, *digestname = NULL;
    121. 

  121.     int kdflen = 0;
    122. 

  122.     STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
    123. 

  123.     STACK_OF(OPENSSL_STRING) *pkeyopts_passin = NULL;
    124. 

  124.     int rawin = 0;
    125. 

  125.     const EVP_MD *md = NULL;
    126. 

  126.     int filesize = -1;
    127. 

  127.     OSSL_LIB_CTX *libctx = app_get0_libctx();
    128. 

  128. 

  129.     prog = opt_init(argc, argv, pkeyutl_options);
    130. 

  130.     while ((o = opt_next()) != OPT_EOF) {
    131. 

  131.         switch (o) {
    132. 

  132.         case OPT_EOF:
    133. 

  133.         case OPT_ERR:
    134. 

  134.  opthelp:
    135. 

  135.             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
    136. 

  136.             goto end;
    137. 

  137.         case OPT_HELP:
    138. 

  138.             opt_help(pkeyutl_options);
    139. 

  139.             ret = 0;
    140. 

  140.             goto end;
    141. 

  141.         case OPT_IN:
    142. 

  142.             infile = opt_arg();
    143. 

  143.             break;
    144. 

  144.         case OPT_OUT:
    145. 

  145.             outfile = opt_arg();
    146. 

  146.             break;
    147. 

  147.         case OPT_SIGFILE:
    148. 

  148.             sigfile = opt_arg();
    149. 

  149.             break;
    150. 

  150.         case OPT_ENGINE_IMPL:
    151. 

  151.             engine_impl = 1;
    152. 

  152.             break;
    153. 

  153.         case OPT_INKEY:
    154. 

  154.             inkey = opt_arg();
    155. 

  155.             break;
    156. 

  156.         case OPT_PEERKEY:
    157. 

  157.             peerkey = opt_arg();
    158. 

  158.             break;
    159. 

  159.         case OPT_PASSIN:
    160. 

  160.             passinarg = opt_arg();
    161. 

  161.             break;
    162. 

  162.         case OPT_PEERFORM:
    163. 

  163.             if (!opt_format(opt_arg(), OPT_FMT_ANY, &peerform))
    164. 

  164.                 goto opthelp;
    165. 

  165.             break;
    166. 

  166.         case OPT_KEYFORM:
    167. 

  167.             if (!opt_format(opt_arg(), OPT_FMT_ANY, &keyform))
    168. 

  168.                 goto opthelp;
    169. 

  169.             break;
    170. 

  170.         case OPT_R_CASES:
    171. 

  171.             if (!opt_rand(o))
    172. 

  172.                 goto end;
    173. 

  173.             break;
    174. 

  174.         case OPT_CONFIG:
    175. 

  175.             conf = app_load_config_modules(opt_arg());
    176. 

  176.             if (conf == NULL)
    177. 

  177.                 goto end;
    178. 

  178.             break;
    179. 

  179.         case OPT_PROV_CASES:
    180. 

  180.             if (!opt_provider(o))
    181. 

  181.                 goto end;
    182. 

  182.             break;
    183. 

  183.         case OPT_ENGINE:
    184. 

  184.             e = setup_engine(opt_arg(), 0);
    185. 

  185.             break;
    186. 

  186.         case OPT_PUBIN:
    187. 

  187.             key_type = KEY_PUBKEY;
    188. 

  188.             break;
    189. 

  189.         case OPT_CERTIN:
    190. 

  190.             key_type = KEY_CERT;
    191. 

  191.             break;
    192. 

  192.         case OPT_ASN1PARSE:
    193. 

  193.             asn1parse = 1;
    194. 

  194.             break;
    195. 

  195.         case OPT_HEXDUMP:
    196. 

  196.             hexdump = 1;
    197. 

  197.             break;
    198. 

  198.         case OPT_SIGN:
    199. 

  199.             pkey_op = EVP_PKEY_OP_SIGN;
    200. 

  200.             break;
    201. 

  201.         case OPT_VERIFY:
    202. 

  202.             pkey_op = EVP_PKEY_OP_VERIFY;
    203. 

  203.             break;
    204. 

  204.         case OPT_VERIFYRECOVER:
    205. 

  205.             pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
    206. 

  206.             break;
    207. 

  207.         case OPT_ENCRYPT:
    208. 

  208.             pkey_op = EVP_PKEY_OP_ENCRYPT;
    209. 

  209.             break;
    210. 

  210.         case OPT_DECRYPT:
    211. 

  211.             pkey_op = EVP_PKEY_OP_DECRYPT;
    212. 

  212.             break;
    213. 

  213.         case OPT_DERIVE:
    214. 

  214.             pkey_op = EVP_PKEY_OP_DERIVE;
    215. 

  215.             break;
    216. 

  216.         case OPT_KDF:
    217. 

  217.             pkey_op = EVP_PKEY_OP_DERIVE;
    218. 

  218.             key_type = KEY_NONE;
    219. 

  219.             kdfalg = opt_arg();
    220. 

  220.             break;
    221. 

  221.         case OPT_KDFLEN:
    222. 

  222.             kdflen = atoi(opt_arg());
    223. 

  223.             break;
    224. 

  224.         case OPT_REV:
    225. 

  225.             rev = 1;
    226. 

  226.             break;
    227. 

  227.         case OPT_PKEYOPT:
    228. 

  228.             if ((pkeyopts == NULL &&
    229. 

  229.                  (pkeyopts = sk_OPENSSL_STRING_new_null()) == NULL) ||
    230. 

  230.                 sk_OPENSSL_STRING_push(pkeyopts, opt_arg()) == 0) {
    231. 

  231.                 BIO_puts(bio_err, "out of memory\n");
    232. 

  232.                 goto end;
    233. 

  233.             }
    234. 

  234.             break;
    235. 

  235.         case OPT_PKEYOPT_PASSIN:
    236. 

  236.             if ((pkeyopts_passin == NULL &&
    237. 

  237.                  (pkeyopts_passin = sk_OPENSSL_STRING_new_null()) == NULL) ||
    238. 

  238.                 sk_OPENSSL_STRING_push(pkeyopts_passin, opt_arg()) == 0) {
    239. 

  239.                 BIO_puts(bio_err, "out of memory\n");
    240. 

  240.                 goto end;
    241. 

  241.             }
    242. 

  242.             break;
    243. 

  243.         case OPT_RAWIN:
    244. 

  244.             rawin = 1;
    245. 

  245.             break;
    246. 

  246.         case OPT_DIGEST:
    247. 

  247.             digestname = opt_arg();
    248. 

  248.             break;
    249. 

  249.         }
    250. 

  250.     }
    251. 

  251. 

  252.     /* No extra arguments. */
    253. 

  253.     argc = opt_num_rest();
    254. 

  254.     if (argc != 0)
    255. 

  255.         goto opthelp;
    256. 

  256. 

  257.     app_RAND_load();
    258. 

  258.     if (digestname != NULL) {
    259. 

  259.         if (!opt_md(digestname, &md))
    260. 

  260.             goto end;
    261. 

  261.     }
    262. 

  262. 

  263.     if (rawin && pkey_op != EVP_PKEY_OP_SIGN && pkey_op != EVP_PKEY_OP_VERIFY) {
    264. 

  264.         BIO_printf(bio_err,
    265. 

  265.                    "%s: -rawin can only be used with -sign or -verify\n",
    266. 

  266.                    prog);
    267. 

  267.         goto opthelp;
    268. 

  268.     }
    269. 

  269. 

  270.     if (md != NULL && !rawin) {
    271. 

  271.         BIO_printf(bio_err,
    272. 

  272.                    "%s: -digest can only be used with -rawin\n",
    273. 

  273.                    prog);
    274. 

  274.         goto opthelp;
    275. 

  275.     }
    276. 

  276. 

  277.     if (rawin && rev) {
    278. 

  278.         BIO_printf(bio_err, "%s: -rev cannot be used with raw input\n",
    279. 

  279.                    prog);
    280. 

  280.         goto opthelp;
    281. 

  281.     }
    282. 

  282. 

  283.     if (kdfalg != NULL) {
    284. 

  284.         if (kdflen == 0) {
    285. 

  285.             BIO_printf(bio_err,
    286. 

  286.                        "%s: no KDF length given (-kdflen parameter).\n", prog);
    287. 

  287.             goto opthelp;
    288. 

  288.         }
    289. 

  289.     } else if (inkey == NULL) {
    290. 

  290.         BIO_printf(bio_err,
    291. 

  291.                    "%s: no private key given (-inkey parameter).\n", prog);
    292. 

  292.         goto opthelp;
    293. 

  293.     } else if (peerkey != NULL && pkey_op != EVP_PKEY_OP_DERIVE) {
    294. 

  294.         BIO_printf(bio_err,
    295. 

  295.                    "%s: no peer key given (-peerkey parameter).\n", prog);
    296. 

  296.         goto opthelp;
    297. 

  297.     }
    298. 

  298.     ctx = init_ctx(kdfalg, &keysize, inkey, keyform, key_type,
    299. 

  299.                    passinarg, pkey_op, e, engine_impl, rawin, &pkey,
    300. 

  300.                    libctx);
    301. 

  301.     if (ctx == NULL) {
    302. 

  302.         BIO_printf(bio_err, "%s: Error initializing context\n", prog);
    303. 

  303.         ERR_print_errors(bio_err);
    304. 

  304.         goto end;
    305. 

  305.     }
    306. 

  306.     if (peerkey != NULL && !setup_peer(ctx, peerform, peerkey, e)) {
    307. 

  307.         BIO_printf(bio_err, "%s: Error setting up peer key\n", prog);
    308. 

  308.         ERR_print_errors(bio_err);
    309. 

  309.         goto end;
    310. 

  310.     }
    311. 

  311.     if (pkeyopts != NULL) {
    312. 

  312.         int num = sk_OPENSSL_STRING_num(pkeyopts);
    313. 

  313.         int i;
    314. 

  314. 

  315.         for (i = 0; i < num; ++i) {
    316. 

  316.             const char *opt = sk_OPENSSL_STRING_value(pkeyopts, i);
    317. 

  317. 

  318.             if (pkey_ctrl_string(ctx, opt) <= 0) {
    319. 

  319.                 BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
    320. 

  320.                            prog, opt);
    321. 

  321.                 ERR_print_errors(bio_err);
    322. 

  322.                 goto end;
    323. 

  323.             }
    324. 

  324.         }
    325. 

  325.     }
    326. 

  326.     if (pkeyopts_passin != NULL) {
    327. 

  327.         int num = sk_OPENSSL_STRING_num(pkeyopts_passin);
    328. 

  328.         int i;
    329. 

  329. 

  330.         for (i = 0; i < num; i++) {
    331. 

  331.             char *opt = sk_OPENSSL_STRING_value(pkeyopts_passin, i);
    332. 

  332.             char *passin = strchr(opt, ':');
    333. 

  333.             char *passwd;
    334. 

  334. 

  335.             if (passin == NULL) {
    336. 

  336.                 /* Get password interactively */
    337. 

  337.                 char passwd_buf[4096];
    338. 

  338.                 int r;
    339. 

  339. 

  340.                 BIO_snprintf(passwd_buf, sizeof(passwd_buf), "Enter %s: ", opt);
    341. 

  341.                 r = EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
    342. 

  342.                                        passwd_buf, 0);
    343. 

  343.                 if (r < 0) {
    344. 

  344.                     if (r == -2)
    345. 

  345.                         BIO_puts(bio_err, "user abort\n");
    346. 

  346.                     else
    347. 

  347.                         BIO_puts(bio_err, "entry failed\n");
    348. 

  348.                     goto end;
    349. 

  349.                 }
    350. 

  350.                 passwd = OPENSSL_strdup(passwd_buf);
    351. 

  351.                 if (passwd == NULL) {
    352. 

  352.                     BIO_puts(bio_err, "out of memory\n");
    353. 

  353.                     goto end;
    354. 

  354.                 }
    355. 

  355.             } else {
    356. 

  356.                 /* Get password as a passin argument: First split option name
    357. 

  357.                  * and passphrase argument into two strings */
    358. 

  358.                 *passin = 0;
    359. 

  359.                 passin++;
    360. 

  360.                 if (app_passwd(passin, NULL, &passwd, NULL) == 0) {
    361. 

  361.                     BIO_printf(bio_err, "failed to get '%s'\n", opt);
    362. 

  362.                     goto end;
    363. 

  363.                 }
    364. 

  364.             }
    365. 

  365. 

  366.             if (EVP_PKEY_CTX_ctrl_str(ctx, opt, passwd) <= 0) {
    367. 

  367.                 BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
    368. 

  368.                            prog, opt);
    369. 

  369.                 goto end;
    370. 

  370.             }
    371. 

  371.             OPENSSL_free(passwd);
    372. 

  372.         }
    373. 

  373.     }
    374. 

  374. 

  375.     if (sigfile != NULL && (pkey_op != EVP_PKEY_OP_VERIFY)) {
    376. 

  376.         BIO_printf(bio_err,
    377. 

  377.                    "%s: Signature file specified for non verify\n", prog);
    378. 

  378.         goto end;
    379. 

  379.     }
    380. 

  380. 

  381.     if (sigfile == NULL && (pkey_op == EVP_PKEY_OP_VERIFY)) {
    382. 

  382.         BIO_printf(bio_err,
    383. 

  383.                    "%s: No signature file specified for verify\n", prog);
    384. 

  384.         goto end;
    385. 

  385.     }
    386. 

  386. 

  387.     if (pkey_op != EVP_PKEY_OP_DERIVE) {
    388. 

  388.         in = bio_open_default(infile, 'r', FORMAT_BINARY);
    389. 

  389.         if (infile != NULL) {
    390. 

  390.             struct stat st;
    391. 

  391. 

  392.             if (stat(infile, &st) == 0 && st.st_size <= INT_MAX)
    393. 

  393.                 filesize = (int)st.st_size;
    394. 

  394.         }
    395. 

  395.         if (in == NULL)
    396. 

  396.             goto end;
    397. 

  397.     }
    398. 

  398.     out = bio_open_default(outfile, 'w', FORMAT_BINARY);
    399. 

  399.     if (out == NULL)
    400. 

  400.         goto end;
    401. 

  401. 

  402.     if (sigfile != NULL) {
    403. 

  403.         BIO *sigbio = BIO_new_file(sigfile, "rb");
    404. 

  404. 

  405.         if (sigbio == NULL) {
    406. 

  406.             BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
    407. 

  407.             goto end;
    408. 

  408.         }
    409. 

  409.         siglen = bio_to_mem(&sig, keysize * 10, sigbio);
    410. 

  410.         BIO_free(sigbio);
    411. 

  411.         if (siglen < 0) {
    412. 

  412.             BIO_printf(bio_err, "Error reading signature data\n");
    413. 

  413.             goto end;
    414. 

  414.         }
    415. 

  415.     }
    416. 

  416. 

  417.     /* Raw input data is handled elsewhere */
    418. 

  418.     if (in != NULL && !rawin) {
    419. 

  419.         /* Read the input data */
    420. 

  420.         buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
    421. 

  421.         if (buf_inlen < 0) {
    422. 

  422.             BIO_printf(bio_err, "Error reading input Data\n");
    423. 

  423.             goto end;
    424. 

  424.         }
    425. 

  425.         if (rev) {
    426. 

  426.             size_t i;
    427. 

  427.             unsigned char ctmp;
    428. 

  428.             size_t l = (size_t)buf_inlen;
    429. 

  429.             for (i = 0; i < l / 2; i++) {
    430. 

  430.                 ctmp = buf_in[i];
    431. 

  431.                 buf_in[i] = buf_in[l - 1 - i];
    432. 

  432.                 buf_in[l - 1 - i] = ctmp;
    433. 

  433.             }
    434. 

  434.         }
    435. 

  435.     }
    436. 

  436. 

  437.     /* Sanity check the input if the input is not raw */
    438. 

  438.     if (!rawin
    439. 

  439.             && buf_inlen > EVP_MAX_MD_SIZE
    440. 

  440.             && (pkey_op == EVP_PKEY_OP_SIGN
    441. 

  441.                 || pkey_op == EVP_PKEY_OP_VERIFY)) {
    442. 

  442.         BIO_printf(bio_err,
    443. 

  443.                    "Error: The input data looks too long to be a hash\n");
    444. 

  444.         goto end;
    445. 

  445.     }
    446. 

  446. 

  447.     if (pkey_op == EVP_PKEY_OP_VERIFY) {
    448. 

  448.         if (rawin) {
    449. 

  449.             rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, filesize, sig, siglen,
    450. 

  450.                               NULL, 0);
    451. 

  451.         } else {
    452. 

  452.             rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
    453. 

  453.                                  buf_in, (size_t)buf_inlen);
    454. 

  454.         }
    455. 

  455.         if (rv == 1) {
    456. 

  456.             BIO_puts(out, "Signature Verified Successfully\n");
    457. 

  457.             ret = 0;
    458. 

  458.         } else {
    459. 

  459.             BIO_puts(out, "Signature Verification Failure\n");
    460. 

  460.         }
    461. 

  461.         goto end;
    462. 

  462.     }
    463. 

  463.     if (kdflen != 0) {
    464. 

  464.         buf_outlen = kdflen;
    465. 

  465.         rv = 1;
    466. 

  466.     } else {
    467. 

  467.         if (rawin) {
    468. 

  468.             /* rawin allocates the buffer in do_raw_keyop() */
    469. 

  469.             rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, filesize, NULL, 0,
    470. 

  470.                               &buf_out, (size_t *)&buf_outlen);
    471. 

  471.         } else {
    472. 

  472.             rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
    473. 

  473.                           buf_in, (size_t)buf_inlen);
    474. 

  474.             if (rv > 0 && buf_outlen != 0) {
    475. 

  475.                 buf_out = app_malloc(buf_outlen, "buffer output");
    476. 

  476.                 rv = do_keyop(ctx, pkey_op,
    477. 

  477.                               buf_out, (size_t *)&buf_outlen,
    478. 

  478.                               buf_in, (size_t)buf_inlen);
    479. 

  479.             }
    480. 

  480.         }
    481. 

  481.     }
    482. 

  482.     if (rv <= 0) {
    483. 

  483.         if (pkey_op != EVP_PKEY_OP_DERIVE) {
    484. 

  484.             BIO_puts(bio_err, "Public Key operation error\n");
    485. 

  485.         } else {
    486. 

  486.             BIO_puts(bio_err, "Key derivation failed\n");
    487. 

  487.         }
    488. 

  488.         ERR_print_errors(bio_err);
    489. 

  489.         goto end;
    490. 

  490.     }
    491. 

  491.     ret = 0;
    492. 

  492. 

  493.     if (asn1parse) {
    494. 

  494.         if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
    495. 

  495.             ERR_print_errors(bio_err);
    496. 

  496.     } else if (hexdump) {
    497. 

  497.         BIO_dump(out, (char *)buf_out, buf_outlen);
    498. 

  498.     } else {
    499. 

  499.         BIO_write(out, buf_out, buf_outlen);
    500. 

  500.     }
    501. 

  501. 

  502.  end:
    503. 

  503.     EVP_PKEY_CTX_free(ctx);
    504. 

  504.     release_engine(e);
    505. 

  505.     BIO_free(in);
    506. 

  506.     BIO_free_all(out);
    507. 

  507.     OPENSSL_free(buf_in);
    508. 

  508.     OPENSSL_free(buf_out);
    509. 

  509.     OPENSSL_free(sig);
    510. 

  510.     sk_OPENSSL_STRING_free(pkeyopts);
    511. 

  511.     sk_OPENSSL_STRING_free(pkeyopts_passin);
    512. 

  512.     NCONF_free(conf);
    513. 

  513.     return ret;
    514. 

  514. }
    515. 

  515. 

  516. static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
    517. 

  517.                               const char *keyfile, int keyform, int key_type,
    518. 

  518.                               char *passinarg, int pkey_op, ENGINE *e,
    519. 

  519.                               const int engine_impl, int rawin,
    520. 

  520.                               EVP_PKEY **ppkey,
    521. 

  521.                               OSSL_LIB_CTX *libctx)
    522. 

  522. {
    523. 

  523.     EVP_PKEY *pkey = NULL;
    524. 

  524.     EVP_PKEY_CTX *ctx = NULL;
    525. 

  525.     ENGINE *impl = NULL;
    526. 

  526.     char *passin = NULL;
    527. 

  527.     int rv = -1;
    528. 

  528.     X509 *x;
    529. 

  529. 

  530.     if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
    531. 

  531.          || (pkey_op == EVP_PKEY_OP_DERIVE))
    532. 

  532.         && (key_type != KEY_PRIVKEY && kdfalg == NULL)) {
    533. 

  533.         BIO_printf(bio_err, "A private key is needed for this operation\n");
    534. 

  534.         goto end;
    535. 

  535.     }
    536. 

  536.     if (!app_passwd(passinarg, NULL, &passin, NULL)) {
    537. 

  537.         BIO_printf(bio_err, "Error getting password\n");
    538. 

  538.         goto end;
    539. 

  539.     }
    540. 

  540.     switch (key_type) {
    541. 

  541.     case KEY_PRIVKEY:
    542. 

  542.         pkey = load_key(keyfile, keyform, 0, passin, e, "private key");
    543. 

  543.         break;
    544. 

  544. 

  545.     case KEY_PUBKEY:
    546. 

  546.         pkey = load_pubkey(keyfile, keyform, 0, NULL, e, "public key");
    547. 

  547.         break;
    548. 

  548. 

  549.     case KEY_CERT:
    550. 

  550.         x = load_cert(keyfile, "Certificate");
    551. 

  551.         if (x) {
    552. 

  552.             pkey = X509_get_pubkey(x);
    553. 

  553.             X509_free(x);
    554. 

  554.         }
    555. 

  555.         break;
    556. 

  556. 

  557.     case KEY_NONE:
    558. 

  558.         break;
    559. 

  559. 

  560.     }
    561. 

  561. 

  562. #ifndef OPENSSL_NO_ENGINE
    563. 

  563.     if (engine_impl)
    564. 

  564.         impl = e;
    565. 

  565. #endif
    566. 

  566. 

  567.     if (kdfalg != NULL) {
    568. 

  568.         int kdfnid = OBJ_sn2nid(kdfalg);
    569. 

  569. 

  570.         if (kdfnid == NID_undef) {
    571. 

  571.             kdfnid = OBJ_ln2nid(kdfalg);
    572. 

  572.             if (kdfnid == NID_undef) {
    573. 

  573.                 BIO_printf(bio_err, "The given KDF \"%s\" is unknown.\n",
    574. 

  574.                            kdfalg);
    575. 

  575.                 goto end;
    576. 

  576.             }
    577. 

  577.         }
    578. 

  578.         if (impl != NULL)
    579. 

  579.             ctx = EVP_PKEY_CTX_new_id(kdfnid, impl);
    580. 

  580.         else
    581. 

  581.             ctx = EVP_PKEY_CTX_new_from_name(libctx, kdfalg, app_get0_propq());
    582. 

  582.     } else {
    583. 

  583.         if (pkey == NULL)
    584. 

  584.             goto end;
    585. 

  585. 

  586.         *pkeysize = EVP_PKEY_size(pkey);
    587. 

  587.         if (impl != NULL)
    588. 

  588.             ctx = EVP_PKEY_CTX_new(pkey, impl);
    589. 

  589.         else
    590. 

  590.             ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, app_get0_propq());
    591. 

  591.         if (ppkey != NULL)
    592. 

  592.             *ppkey = pkey;
    593. 

  593.         EVP_PKEY_free(pkey);
    594. 

  594.     }
    595. 

  595. 

  596.     if (ctx == NULL)
    597. 

  597.         goto end;
    598. 

  598. 

  599.     /*
    600. 

  600.      * If rawin then we don't need to actually initialise the EVP_PKEY_CTX
    601. 

  601.      * itself. That will get initialised during EVP_DigestSignInit or
    602. 

  602.      * EVP_DigestVerifyInit.
    603. 

  603.      */
    604. 

  604.     if (rawin) {
    605. 

  605.         rv = 1;
    606. 

  606.     } else {
    607. 

  607.         switch (pkey_op) {
    608. 

  608.         case EVP_PKEY_OP_SIGN:
    609. 

  609.             rv = EVP_PKEY_sign_init(ctx);
    610. 

  610.             break;
    611. 

  611. 

  612.         case EVP_PKEY_OP_VERIFY:
    613. 

  613.             rv = EVP_PKEY_verify_init(ctx);
    614. 

  614.             break;
    615. 

  615. 

  616.         case EVP_PKEY_OP_VERIFYRECOVER:
    617. 

  617.             rv = EVP_PKEY_verify_recover_init(ctx);
    618. 

  618.             break;
    619. 

  619. 

  620.         case EVP_PKEY_OP_ENCRYPT:
    621. 

  621.             rv = EVP_PKEY_encrypt_init(ctx);
    622. 

  622.             break;
    623. 

  623. 

  624.         case EVP_PKEY_OP_DECRYPT:
    625. 

  625.             rv = EVP_PKEY_decrypt_init(ctx);
    626. 

  626.             break;
    627. 

  627. 

  628.         case EVP_PKEY_OP_DERIVE:
    629. 

  629.             rv = EVP_PKEY_derive_init(ctx);
    630. 

  630.             break;
    631. 

  631.         }
    632. 

  632.     }
    633. 

  633. 

  634.     if (rv <= 0) {
    635. 

  635.         EVP_PKEY_CTX_free(ctx);
    636. 

  636.         ctx = NULL;
    637. 

  637.     }
    638. 

  638. 

  639.  end:
    640. 

  640.     OPENSSL_free(passin);
    641. 

  641.     return ctx;
    642. 

  642. 

  643. }
    644. 

  644. 

  645. static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file,
    646. 

  646.                       ENGINE *e)
    647. 

  647. {
    648. 

  648.     EVP_PKEY *peer = NULL;
    649. 

  649.     ENGINE *engine = NULL;
    650. 

  650.     int ret;
    651. 

  651. 

  652.     if (peerform == FORMAT_ENGINE)
    653. 

  653.         engine = e;
    654. 

  654.     peer = load_pubkey(file, peerform, 0, NULL, engine, "peer key");
    655. 

  655.     if (peer == NULL) {
    656. 

  656.         BIO_printf(bio_err, "Error reading peer key %s\n", file);
    657. 

  657.         ERR_print_errors(bio_err);
    658. 

  658.         return 0;
    659. 

  659.     }
    660. 

  660. 

  661.     ret = EVP_PKEY_derive_set_peer(ctx, peer);
    662. 

  662. 

  663.     EVP_PKEY_free(peer);
    664. 

  664.     if (ret <= 0)
    665. 

  665.         ERR_print_errors(bio_err);
    666. 

  666.     return ret;
    667. 

  667. }
    668. 

  668. 

  669. static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
    670. 

  670.                     unsigned char *out, size_t *poutlen,
    671. 

  671.                     const unsigned char *in, size_t inlen)
    672. 

  672. {
    673. 

  673.     int rv = 0;
    674. 

  674.     switch (pkey_op) {
    675. 

  675.     case EVP_PKEY_OP_VERIFYRECOVER:
    676. 

  676.         rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
    677. 

  677.         break;
    678. 

  678. 

  679.     case EVP_PKEY_OP_SIGN:
    680. 

  680.         rv = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
    681. 

  681.         break;
    682. 

  682. 

  683.     case EVP_PKEY_OP_ENCRYPT:
    684. 

  684.         rv = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
    685. 

  685.         break;
    686. 

  686. 

  687.     case EVP_PKEY_OP_DECRYPT:
    688. 

  688.         rv = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
    689. 

  689.         break;
    690. 

  690. 

  691.     case EVP_PKEY_OP_DERIVE:
    692. 

  692.         rv = EVP_PKEY_derive(ctx, out, poutlen);
    693. 

  693.         break;
    694. 

  694. 

  695.     }
    696. 

  696.     return rv;
    697. 

  697. }
    698. 

  698. 

  699. #define TBUF_MAXSIZE 2048
    700. 

  700. 

  701. static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx,
    702. 

  702.                         const EVP_MD *md, EVP_PKEY *pkey, BIO *in,
    703. 

  703.                         int filesize, unsigned char *sig, int siglen,
    704. 

  704.                         unsigned char **out, size_t *poutlen)
    705. 

  705. {
    706. 

  706.     int rv = 0;
    707. 

  707.     EVP_MD_CTX *mctx = NULL;
    708. 

  708.     unsigned char tbuf[TBUF_MAXSIZE];
    709. 

  709.     unsigned char *mbuf = NULL;
    710. 

  710.     int buf_len = 0;
    711. 

  711. 

  712.     if ((mctx = EVP_MD_CTX_new()) == NULL) {
    713. 

  713.         BIO_printf(bio_err, "Error: out of memory\n");
    714. 

  714.         return rv;
    715. 

  715.     }
    716. 

  716.     EVP_MD_CTX_set_pkey_ctx(mctx, ctx);
    717. 

  717. 

  718.     /* Some algorithms only support oneshot digests */
    719. 

  719.     if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519
    720. 

  720.             || EVP_PKEY_id(pkey) == EVP_PKEY_ED448) {
    721. 

  721.         if (filesize < 0) {
    722. 

  722.             BIO_printf(bio_err,
    723. 

  723.                        "Error: unable to determine file size for oneshot operation\n");
    724. 

  724.             goto end;
    725. 

  725.         }
    726. 

  726.         mbuf = app_malloc(filesize, "oneshot sign/verify buffer");
    727. 

  727.         switch(pkey_op) {
    728. 

  728.         case EVP_PKEY_OP_VERIFY:
    729. 

  729.             if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1)
    730. 

  730.                 goto end;
    731. 

  731.             buf_len = BIO_read(in, mbuf, filesize);
    732. 

  732.             if (buf_len != filesize) {
    733. 

  733.                 BIO_printf(bio_err, "Error reading raw input data\n");
    734. 

  734.                 goto end;
    735. 

  735.             }
    736. 

  736.             rv = EVP_DigestVerify(mctx, sig, (size_t)siglen, mbuf, buf_len);
    737. 

  737.             break;
    738. 

  738.         case EVP_PKEY_OP_SIGN:
    739. 

  739.             if (EVP_DigestSignInit(mctx, NULL, md, NULL, pkey) != 1)
    740. 

  740.                 goto end;
    741. 

  741.             buf_len = BIO_read(in, mbuf, filesize);
    742. 

  742.             if (buf_len != filesize) {
    743. 

  743.                 BIO_printf(bio_err, "Error reading raw input data\n");
    744. 

  744.                 goto end;
    745. 

  745.             }
    746. 

  746.             rv = EVP_DigestSign(mctx, NULL, poutlen, mbuf, buf_len);
    747. 

  747.             if (rv == 1 && out != NULL) {
    748. 

  748.                 *out = app_malloc(*poutlen, "buffer output");
    749. 

  749.                 rv = EVP_DigestSign(mctx, *out, poutlen, mbuf, buf_len);
    750. 

  750.             }
    751. 

  751.             break;
    752. 

  752.         }
    753. 

  753.         goto end;
    754. 

  754.     }
    755. 

  755. 

  756.     switch(pkey_op) {
    757. 

  757.     case EVP_PKEY_OP_VERIFY:
    758. 

  758.         if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1)
    759. 

  759.             goto end;
    760. 

  760.         for (;;) {
    761. 

  761.             buf_len = BIO_read(in, tbuf, TBUF_MAXSIZE);
    762. 

  762.             if (buf_len == 0)
    763. 

  763.                 break;
    764. 

  764.             if (buf_len < 0) {
    765. 

  765.                 BIO_printf(bio_err, "Error reading raw input data\n");
    766. 

  766.                 goto end;
    767. 

  767.             }
    768. 

  768.             rv = EVP_DigestVerifyUpdate(mctx, tbuf, (size_t)buf_len);
    769. 

  769.             if (rv != 1) {
    770. 

  770.                 BIO_printf(bio_err, "Error verifying raw input data\n");
    771. 

  771.                 goto end;
    772. 

  772.             }
    773. 

  773.         }
    774. 

  774.         rv = EVP_DigestVerifyFinal(mctx, sig, (size_t)siglen);
    775. 

  775.         break;
    776. 

  776.     case EVP_PKEY_OP_SIGN:
    777. 

  777.         if (EVP_DigestSignInit(mctx, NULL, md, NULL, pkey) != 1)
    778. 

  778.             goto end;
    779. 

  779.         for (;;) {
    780. 

  780.             buf_len = BIO_read(in, tbuf, TBUF_MAXSIZE);
    781. 

  781.             if (buf_len == 0)
    782. 

  782.                 break;
    783. 

  783.             if (buf_len < 0) {
    784. 

  784.                 BIO_printf(bio_err, "Error reading raw input data\n");
    785. 

  785.                 goto end;
    786. 

  786.             }
    787. 

  787.             rv = EVP_DigestSignUpdate(mctx, tbuf, (size_t)buf_len);
    788. 

  788.             if (rv != 1) {
    789. 

  789.                 BIO_printf(bio_err, "Error signing raw input data\n");
    790. 

  790.                 goto end;
    791. 

  791.             }
    792. 

  792.         }
    793. 

  793.         rv = EVP_DigestSignFinal(mctx, NULL, poutlen);
    794. 

  794.         if (rv == 1 && out != NULL) {
    795. 

  795.             *out = app_malloc(*poutlen, "buffer output");
    796. 

  796.             rv = EVP_DigestSignFinal(mctx, *out, poutlen);
    797. 

  797.         }
    798. 

  798.         break;
    799. 

  799.     }
    800. 

  800. 

  801.  end:
    802. 

  802.     OPENSSL_free(mbuf);
    803. 

  803.     EVP_MD_CTX_free(mctx);
    804. 

  804.     return rv;
    805. 

  805. }
    806.