Startsida Utforska Hjälp
Logga in
OWEALs
/
openssl
spegling av git://git.openssl.org/openssl.git
2
0
Fork 0
Filer Ärenden 1 Wiki
Träd: bd0c71298a
Grenar Taggar
openssl
/
apps
/
pkeyutl.c

pkeyutl.c 25 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800 
  1. /*
    2. 

  2.  * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include "apps.h"
    11. 

  11. #include "progs.h"
    12. 

  12. #include <string.h>
    13. 

  13. #include <openssl/err.h>
    14. 

  14. #include <openssl/pem.h>
    15. 

  15. #include <openssl/evp.h>
    16. 

  16. #include <sys/stat.h>
    17. 

  17. 

  18. #define KEY_NONE        0
    19. 

  19. #define KEY_PRIVKEY     1
    20. 

  20. #define KEY_PUBKEY      2
    21. 

  21. #define KEY_CERT        3
    22. 

  22. 

  23. static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
    24. 

  24.                               const char *keyfile, int keyform, int key_type,
    25. 

  25.                               char *passinarg, int pkey_op, ENGINE *e,
    26. 

  26.                               const int impl, int rawin, EVP_PKEY **ppkey,
    27. 

  27.                               OSSL_LIB_CTX *libctx, const char *propq);
    28. 

  28. 

  29. static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file,
    30. 

  30.                       ENGINE *e);
    31. 

  31. 

  32. static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
    33. 

  33.                     unsigned char *out, size_t *poutlen,
    34. 

  34.                     const unsigned char *in, size_t inlen);
    35. 

  35. 

  36. static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx,
    37. 

  37.                         const EVP_MD *md, EVP_PKEY *pkey, BIO *in,
    38. 

  38.                         int filesize, unsigned char *sig, int siglen,
    39. 

  39.                         unsigned char **out, size_t *poutlen);
    40. 

  40. 

  41. typedef enum OPTION_choice {
    42. 

  42.     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
    43. 

  43.     OPT_ENGINE, OPT_ENGINE_IMPL, OPT_IN, OPT_OUT,
    44. 

  44.     OPT_PUBIN, OPT_CERTIN, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_SIGN,
    45. 

  45.     OPT_VERIFY, OPT_VERIFYRECOVER, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT,
    46. 

  46.     OPT_DERIVE, OPT_SIGFILE, OPT_INKEY, OPT_PEERKEY, OPT_PASSIN,
    47. 

  47.     OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_PKEYOPT_PASSIN, OPT_KDF,
    48. 

  48.     OPT_KDFLEN, OPT_R_ENUM, OPT_PROV_ENUM,
    49. 

  49.     OPT_CONFIG,
    50. 

  50.     OPT_RAWIN, OPT_DIGEST
    51. 

  51. } OPTION_CHOICE;
    52. 

  52. 

  53. const OPTIONS pkeyutl_options[] = {
    54. 

  54.     OPT_SECTION("General"),
    55. 

  55.     {"help", OPT_HELP, '-', "Display this summary"},
    56. 

  56. #ifndef OPENSSL_NO_ENGINE
    57. 

  57.     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
    58. 

  58.     {"engine_impl", OPT_ENGINE_IMPL, '-',
    59. 

  59.      "Also use engine given by -engine for crypto operations"},
    60. 

  60. #endif
    61. 

  61.     {"sign", OPT_SIGN, '-', "Sign input data with private key"},
    62. 

  62.     {"verify", OPT_VERIFY, '-', "Verify with public key"},
    63. 

  63.     {"encrypt", OPT_ENCRYPT, '-', "Encrypt input data with public key"},
    64. 

  64.     {"decrypt", OPT_DECRYPT, '-', "Decrypt input data with private key"},
    65. 

  65.     {"derive", OPT_DERIVE, '-', "Derive shared secret"},
    66. 

  66.     OPT_CONFIG_OPTION,
    67. 

  67. 

  68.     OPT_SECTION("Input"),
    69. 

  69.     {"in", OPT_IN, '<', "Input file - default stdin"},
    70. 

  70.     {"rawin", OPT_RAWIN, '-', "Indicate the input data is in raw form"},
    71. 

  71.     {"pubin", OPT_PUBIN, '-', "Input is a public key"},
    72. 

  72.     {"inkey", OPT_INKEY, 's', "Input private key file"},
    73. 

  73.     {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
    74. 

  74.     {"peerkey", OPT_PEERKEY, 's', "Peer key file used in key derivation"},
    75. 

  75.     {"peerform", OPT_PEERFORM, 'E', "Peer key format (DER/PEM/P12/ENGINE)"},
    76. 

  76.     {"certin", OPT_CERTIN, '-', "Input is a cert with a public key"},
    77. 

  77.     {"rev", OPT_REV, '-', "Reverse the order of the input buffer"},
    78. 

  78.     {"sigfile", OPT_SIGFILE, '<', "Signature file (verify operation only)"},
    79. 

  79.     {"keyform", OPT_KEYFORM, 'E', "Private key format (ENGINE, other values ignored)"},
    80. 

  80. 

  81.     OPT_SECTION("Output"),
    82. 

  82.     {"out", OPT_OUT, '>', "Output file - default stdout"},
    83. 

  83.     {"asn1parse", OPT_ASN1PARSE, '-', "asn1parse the output data"},
    84. 

  84.     {"hexdump", OPT_HEXDUMP, '-', "Hex dump output"},
    85. 

  85.     {"verifyrecover", OPT_VERIFYRECOVER, '-',
    86. 

  86.      "Verify with public key, recover original data"},
    87. 

  87. 

  88.     OPT_SECTION("Signing/Derivation"),
    89. 

  89.     {"digest", OPT_DIGEST, 's',
    90. 

  90.      "Specify the digest algorithm when signing the raw input data"},
    91. 

  91.     {"pkeyopt", OPT_PKEYOPT, 's', "Public key options as opt:value"},
    92. 

  92.     {"pkeyopt_passin", OPT_PKEYOPT_PASSIN, 's',
    93. 

  93.      "Public key option that is read as a passphrase argument opt:passphrase"},
    94. 

  94.     {"kdf", OPT_KDF, 's', "Use KDF algorithm"},
    95. 

  95.     {"kdflen", OPT_KDFLEN, 'p', "KDF algorithm output length"},
    96. 

  96. 

  97.     OPT_R_OPTIONS,
    98. 

  98.     OPT_PROV_OPTIONS,
    99. 

  99.     {NULL}
    100. 

  100. };
    101. 

  101. 

  102. int pkeyutl_main(int argc, char **argv)
    103. 

  103. {
    104. 

  104.     CONF *conf = NULL;
    105. 

  105.     BIO *in = NULL, *out = NULL;
    106. 

  106.     ENGINE *e = NULL;
    107. 

  107.     EVP_PKEY_CTX *ctx = NULL;
    108. 

  108.     EVP_PKEY *pkey = NULL;
    109. 

  109.     char *infile = NULL, *outfile = NULL, *sigfile = NULL, *passinarg = NULL;
    110. 

  110.     char hexdump = 0, asn1parse = 0, rev = 0, *prog;
    111. 

  111.     unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
    112. 

  112.     OPTION_CHOICE o;
    113. 

  113.     int buf_inlen = 0, siglen = -1, keyform = FORMAT_PEM, peerform = FORMAT_PEM;
    114. 

  114.     int keysize = -1, pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
    115. 

  115.     int engine_impl = 0;
    116. 

  116.     int ret = 1, rv = -1;
    117. 

  117.     size_t buf_outlen;
    118. 

  118.     const char *inkey = NULL;
    119. 

  119.     const char *peerkey = NULL;
    120. 

  120.     const char *kdfalg = NULL;
    121. 

  121.     int kdflen = 0;
    122. 

  122.     STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
    123. 

  123.     STACK_OF(OPENSSL_STRING) *pkeyopts_passin = NULL;
    124. 

  124.     int rawin = 0;
    125. 

  125.     const EVP_MD *md = NULL;
    126. 

  126.     int filesize = -1;
    127. 

  127.     OSSL_LIB_CTX *libctx = app_get0_libctx();
    128. 

  128.     const char *propq = NULL;
    129. 

  129. 

  130.     prog = opt_init(argc, argv, pkeyutl_options);
    131. 

  131.     while ((o = opt_next()) != OPT_EOF) {
    132. 

  132.         switch (o) {
    133. 

  133.         case OPT_EOF:
    134. 

  134.         case OPT_ERR:
    135. 

  135.  opthelp:
    136. 

  136.             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
    137. 

  137.             goto end;
    138. 

  138.         case OPT_HELP:
    139. 

  139.             opt_help(pkeyutl_options);
    140. 

  140.             ret = 0;
    141. 

  141.             goto end;
    142. 

  142.         case OPT_IN:
    143. 

  143.             infile = opt_arg();
    144. 

  144.             break;
    145. 

  145.         case OPT_OUT:
    146. 

  146.             outfile = opt_arg();
    147. 

  147.             break;
    148. 

  148.         case OPT_SIGFILE:
    149. 

  149.             sigfile = opt_arg();
    150. 

  150.             break;
    151. 

  151.         case OPT_ENGINE_IMPL:
    152. 

  152.             engine_impl = 1;
    153. 

  153.             break;
    154. 

  154.         case OPT_INKEY:
    155. 

  155.             inkey = opt_arg();
    156. 

  156.             break;
    157. 

  157.         case OPT_PEERKEY:
    158. 

  158.             peerkey = opt_arg();
    159. 

  159.             break;
    160. 

  160.         case OPT_PASSIN:
    161. 

  161.             passinarg = opt_arg();
    162. 

  162.             break;
    163. 

  163.         case OPT_PEERFORM:
    164. 

  164.             if (!opt_format(opt_arg(), OPT_FMT_ANY, &peerform))
    165. 

  165.                 goto opthelp;
    166. 

  166.             break;
    167. 

  167.         case OPT_KEYFORM:
    168. 

  168.             if (!opt_format(opt_arg(), OPT_FMT_ANY, &keyform))
    169. 

  169.                 goto opthelp;
    170. 

  170.             break;
    171. 

  171.         case OPT_R_CASES:
    172. 

  172.             if (!opt_rand(o))
    173. 

  173.                 goto end;
    174. 

  174.             break;
    175. 

  175.         case OPT_CONFIG:
    176. 

  176.             conf = app_load_config_modules(opt_arg());
    177. 

  177.             if (conf == NULL)
    178. 

  178.                 goto end;
    179. 

  179.             break;
    180. 

  180.         case OPT_PROV_CASES:
    181. 

  181.             if (!opt_provider(o))
    182. 

  182.                 goto end;
    183. 

  183.             break;
    184. 

  184.         case OPT_ENGINE:
    185. 

  185.             e = setup_engine(opt_arg(), 0);
    186. 

  186.             break;
    187. 

  187.         case OPT_PUBIN:
    188. 

  188.             key_type = KEY_PUBKEY;
    189. 

  189.             break;
    190. 

  190.         case OPT_CERTIN:
    191. 

  191.             key_type = KEY_CERT;
    192. 

  192.             break;
    193. 

  193.         case OPT_ASN1PARSE:
    194. 

  194.             asn1parse = 1;
    195. 

  195.             break;
    196. 

  196.         case OPT_HEXDUMP:
    197. 

  197.             hexdump = 1;
    198. 

  198.             break;
    199. 

  199.         case OPT_SIGN:
    200. 

  200.             pkey_op = EVP_PKEY_OP_SIGN;
    201. 

  201.             break;
    202. 

  202.         case OPT_VERIFY:
    203. 

  203.             pkey_op = EVP_PKEY_OP_VERIFY;
    204. 

  204.             break;
    205. 

  205.         case OPT_VERIFYRECOVER:
    206. 

  206.             pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
    207. 

  207.             break;
    208. 

  208.         case OPT_ENCRYPT:
    209. 

  209.             pkey_op = EVP_PKEY_OP_ENCRYPT;
    210. 

  210.             break;
    211. 

  211.         case OPT_DECRYPT:
    212. 

  212.             pkey_op = EVP_PKEY_OP_DECRYPT;
    213. 

  213.             break;
    214. 

  214.         case OPT_DERIVE:
    215. 

  215.             pkey_op = EVP_PKEY_OP_DERIVE;
    216. 

  216.             break;
    217. 

  217.         case OPT_KDF:
    218. 

  218.             pkey_op = EVP_PKEY_OP_DERIVE;
    219. 

  219.             key_type = KEY_NONE;
    220. 

  220.             kdfalg = opt_arg();
    221. 

  221.             break;
    222. 

  222.         case OPT_KDFLEN:
    223. 

  223.             kdflen = atoi(opt_arg());
    224. 

  224.             break;
    225. 

  225.         case OPT_REV:
    226. 

  226.             rev = 1;
    227. 

  227.             break;
    228. 

  228.         case OPT_PKEYOPT:
    229. 

  229.             if ((pkeyopts == NULL &&
    230. 

  230.                  (pkeyopts = sk_OPENSSL_STRING_new_null()) == NULL) ||
    231. 

  231.                 sk_OPENSSL_STRING_push(pkeyopts, opt_arg()) == 0) {
    232. 

  232.                 BIO_puts(bio_err, "out of memory\n");
    233. 

  233.                 goto end;
    234. 

  234.             }
    235. 

  235.             break;
    236. 

  236.         case OPT_PKEYOPT_PASSIN:
    237. 

  237.             if ((pkeyopts_passin == NULL &&
    238. 

  238.                  (pkeyopts_passin = sk_OPENSSL_STRING_new_null()) == NULL) ||
    239. 

  239.                 sk_OPENSSL_STRING_push(pkeyopts_passin, opt_arg()) == 0) {
    240. 

  240.                 BIO_puts(bio_err, "out of memory\n");
    241. 

  241.                 goto end;
    242. 

  242.             }
    243. 

  243.             break;
    244. 

  244.         case OPT_RAWIN:
    245. 

  245.             rawin = 1;
    246. 

  246.             break;
    247. 

  247.         case OPT_DIGEST:
    248. 

  248.             if (!opt_md(opt_arg(), &md))
    249. 

  249.                 goto end;
    250. 

  250.             break;
    251. 

  251.         }
    252. 

  252.     }
    253. 

  253. 

  254.     /* No extra arguments. */
    255. 

  255.     argc = opt_num_rest();
    256. 

  256.     if (argc != 0)
    257. 

  257.         goto opthelp;
    258. 

  258. 

  259.     if (rawin && pkey_op != EVP_PKEY_OP_SIGN && pkey_op != EVP_PKEY_OP_VERIFY) {
    260. 

  260.         BIO_printf(bio_err,
    261. 

  261.                    "%s: -rawin can only be used with -sign or -verify\n",
    262. 

  262.                    prog);
    263. 

  263.         goto opthelp;
    264. 

  264.     }
    265. 

  265. 

  266.     if (md != NULL && !rawin) {
    267. 

  267.         BIO_printf(bio_err,
    268. 

  268.                    "%s: -digest can only be used with -rawin\n",
    269. 

  269.                    prog);
    270. 

  270.         goto opthelp;
    271. 

  271.     }
    272. 

  272. 

  273.     if (rawin && rev) {
    274. 

  274.         BIO_printf(bio_err, "%s: -rev cannot be used with raw input\n",
    275. 

  275.                    prog);
    276. 

  276.         goto opthelp;
    277. 

  277.     }
    278. 

  278. 

  279.     if (kdfalg != NULL) {
    280. 

  280.         if (kdflen == 0) {
    281. 

  281.             BIO_printf(bio_err,
    282. 

  282.                        "%s: no KDF length given (-kdflen parameter).\n", prog);
    283. 

  283.             goto opthelp;
    284. 

  284.         }
    285. 

  285.     } else if (inkey == NULL) {
    286. 

  286.         BIO_printf(bio_err,
    287. 

  287.                    "%s: no private key given (-inkey parameter).\n", prog);
    288. 

  288.         goto opthelp;
    289. 

  289.     } else if (peerkey != NULL && pkey_op != EVP_PKEY_OP_DERIVE) {
    290. 

  290.         BIO_printf(bio_err,
    291. 

  291.                    "%s: no peer key given (-peerkey parameter).\n", prog);
    292. 

  292.         goto opthelp;
    293. 

  293.     }
    294. 

  294.     ctx = init_ctx(kdfalg, &keysize, inkey, keyform, key_type,
    295. 

  295.                    passinarg, pkey_op, e, engine_impl, rawin, &pkey,
    296. 

  296.                    libctx, propq);
    297. 

  297.     if (ctx == NULL) {
    298. 

  298.         BIO_printf(bio_err, "%s: Error initializing context\n", prog);
    299. 

  299.         ERR_print_errors(bio_err);
    300. 

  300.         goto end;
    301. 

  301.     }
    302. 

  302.     if (peerkey != NULL && !setup_peer(ctx, peerform, peerkey, e)) {
    303. 

  303.         BIO_printf(bio_err, "%s: Error setting up peer key\n", prog);
    304. 

  304.         ERR_print_errors(bio_err);
    305. 

  305.         goto end;
    306. 

  306.     }
    307. 

  307.     if (pkeyopts != NULL) {
    308. 

  308.         int num = sk_OPENSSL_STRING_num(pkeyopts);
    309. 

  309.         int i;
    310. 

  310. 

  311.         for (i = 0; i < num; ++i) {
    312. 

  312.             const char *opt = sk_OPENSSL_STRING_value(pkeyopts, i);
    313. 

  313. 

  314.             if (pkey_ctrl_string(ctx, opt) <= 0) {
    315. 

  315.                 BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
    316. 

  316.                            prog, opt);
    317. 

  317.                 ERR_print_errors(bio_err);
    318. 

  318.                 goto end;
    319. 

  319.             }
    320. 

  320.         }
    321. 

  321.     }
    322. 

  322.     if (pkeyopts_passin != NULL) {
    323. 

  323.         int num = sk_OPENSSL_STRING_num(pkeyopts_passin);
    324. 

  324.         int i;
    325. 

  325. 

  326.         for (i = 0; i < num; i++) {
    327. 

  327.             char *opt = sk_OPENSSL_STRING_value(pkeyopts_passin, i);
    328. 

  328.             char *passin = strchr(opt, ':');
    329. 

  329.             char *passwd;
    330. 

  330. 

  331.             if (passin == NULL) {
    332. 

  332.                 /* Get password interactively */
    333. 

  333.                 char passwd_buf[4096];
    334. 

  334.                 int r;
    335. 

  335. 

  336.                 BIO_snprintf(passwd_buf, sizeof(passwd_buf), "Enter %s: ", opt);
    337. 

  337.                 r = EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
    338. 

  338.                                        passwd_buf, 0);
    339. 

  339.                 if (r < 0) {
    340. 

  340.                     if (r == -2)
    341. 

  341.                         BIO_puts(bio_err, "user abort\n");
    342. 

  342.                     else
    343. 

  343.                         BIO_puts(bio_err, "entry failed\n");
    344. 

  344.                     goto end;
    345. 

  345.                 }
    346. 

  346.                 passwd = OPENSSL_strdup(passwd_buf);
    347. 

  347.                 if (passwd == NULL) {
    348. 

  348.                     BIO_puts(bio_err, "out of memory\n");
    349. 

  349.                     goto end;
    350. 

  350.                 }
    351. 

  351.             } else {
    352. 

  352.                 /* Get password as a passin argument: First split option name
    353. 

  353.                  * and passphrase argument into two strings */
    354. 

  354.                 *passin = 0;
    355. 

  355.                 passin++;
    356. 

  356.                 if (app_passwd(passin, NULL, &passwd, NULL) == 0) {
    357. 

  357.                     BIO_printf(bio_err, "failed to get '%s'\n", opt);
    358. 

  358.                     goto end;
    359. 

  359.                 }
    360. 

  360.             }
    361. 

  361. 

  362.             if (EVP_PKEY_CTX_ctrl_str(ctx, opt, passwd) <= 0) {
    363. 

  363.                 BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
    364. 

  364.                            prog, opt);
    365. 

  365.                 goto end;
    366. 

  366.             }
    367. 

  367.             OPENSSL_free(passwd);
    368. 

  368.         }
    369. 

  369.     }
    370. 

  370. 

  371.     if (sigfile != NULL && (pkey_op != EVP_PKEY_OP_VERIFY)) {
    372. 

  372.         BIO_printf(bio_err,
    373. 

  373.                    "%s: Signature file specified for non verify\n", prog);
    374. 

  374.         goto end;
    375. 

  375.     }
    376. 

  376. 

  377.     if (sigfile == NULL && (pkey_op == EVP_PKEY_OP_VERIFY)) {
    378. 

  378.         BIO_printf(bio_err,
    379. 

  379.                    "%s: No signature file specified for verify\n", prog);
    380. 

  380.         goto end;
    381. 

  381.     }
    382. 

  382. 

  383.     if (pkey_op != EVP_PKEY_OP_DERIVE) {
    384. 

  384.         in = bio_open_default(infile, 'r', FORMAT_BINARY);
    385. 

  385.         if (infile != NULL) {
    386. 

  386.             struct stat st;
    387. 

  387. 

  388.             if (stat(infile, &st) == 0 && st.st_size <= INT_MAX)
    389. 

  389.                 filesize = (int)st.st_size;
    390. 

  390.         }
    391. 

  391.         if (in == NULL)
    392. 

  392.             goto end;
    393. 

  393.     }
    394. 

  394.     out = bio_open_default(outfile, 'w', FORMAT_BINARY);
    395. 

  395.     if (out == NULL)
    396. 

  396.         goto end;
    397. 

  397. 

  398.     if (sigfile != NULL) {
    399. 

  399.         BIO *sigbio = BIO_new_file(sigfile, "rb");
    400. 

  400. 

  401.         if (sigbio == NULL) {
    402. 

  402.             BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
    403. 

  403.             goto end;
    404. 

  404.         }
    405. 

  405.         siglen = bio_to_mem(&sig, keysize * 10, sigbio);
    406. 

  406.         BIO_free(sigbio);
    407. 

  407.         if (siglen < 0) {
    408. 

  408.             BIO_printf(bio_err, "Error reading signature data\n");
    409. 

  409.             goto end;
    410. 

  410.         }
    411. 

  411.     }
    412. 

  412. 

  413.     /* Raw input data is handled elsewhere */
    414. 

  414.     if (in != NULL && !rawin) {
    415. 

  415.         /* Read the input data */
    416. 

  416.         buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
    417. 

  417.         if (buf_inlen < 0) {
    418. 

  418.             BIO_printf(bio_err, "Error reading input Data\n");
    419. 

  419.             goto end;
    420. 

  420.         }
    421. 

  421.         if (rev) {
    422. 

  422.             size_t i;
    423. 

  423.             unsigned char ctmp;
    424. 

  424.             size_t l = (size_t)buf_inlen;
    425. 

  425.             for (i = 0; i < l / 2; i++) {
    426. 

  426.                 ctmp = buf_in[i];
    427. 

  427.                 buf_in[i] = buf_in[l - 1 - i];
    428. 

  428.                 buf_in[l - 1 - i] = ctmp;
    429. 

  429.             }
    430. 

  430.         }
    431. 

  431.     }
    432. 

  432. 

  433.     /* Sanity check the input if the input is not raw */
    434. 

  434.     if (!rawin
    435. 

  435.             && buf_inlen > EVP_MAX_MD_SIZE
    436. 

  436.             && (pkey_op == EVP_PKEY_OP_SIGN
    437. 

  437.                 || pkey_op == EVP_PKEY_OP_VERIFY)) {
    438. 

  438.         BIO_printf(bio_err,
    439. 

  439.                    "Error: The input data looks too long to be a hash\n");
    440. 

  440.         goto end;
    441. 

  441.     }
    442. 

  442. 

  443.     if (pkey_op == EVP_PKEY_OP_VERIFY) {
    444. 

  444.         if (rawin) {
    445. 

  445.             rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, filesize, sig, siglen,
    446. 

  446.                               NULL, 0);
    447. 

  447.         } else {
    448. 

  448.             rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
    449. 

  449.                                  buf_in, (size_t)buf_inlen);
    450. 

  450.         }
    451. 

  451.         if (rv == 1) {
    452. 

  452.             BIO_puts(out, "Signature Verified Successfully\n");
    453. 

  453.             ret = 0;
    454. 

  454.         } else {
    455. 

  455.             BIO_puts(out, "Signature Verification Failure\n");
    456. 

  456.         }
    457. 

  457.         goto end;
    458. 

  458.     }
    459. 

  459.     if (kdflen != 0) {
    460. 

  460.         buf_outlen = kdflen;
    461. 

  461.         rv = 1;
    462. 

  462.     } else {
    463. 

  463.         if (rawin) {
    464. 

  464.             /* rawin allocates the buffer in do_raw_keyop() */
    465. 

  465.             rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, filesize, NULL, 0,
    466. 

  466.                               &buf_out, (size_t *)&buf_outlen);
    467. 

  467.         } else {
    468. 

  468.             rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
    469. 

  469.                           buf_in, (size_t)buf_inlen);
    470. 

  470.             if (rv > 0 && buf_outlen != 0) {
    471. 

  471.                 buf_out = app_malloc(buf_outlen, "buffer output");
    472. 

  472.                 rv = do_keyop(ctx, pkey_op,
    473. 

  473.                               buf_out, (size_t *)&buf_outlen,
    474. 

  474.                               buf_in, (size_t)buf_inlen);
    475. 

  475.             }
    476. 

  476.         }
    477. 

  477.     }
    478. 

  478.     if (rv <= 0) {
    479. 

  479.         if (pkey_op != EVP_PKEY_OP_DERIVE) {
    480. 

  480.             BIO_puts(bio_err, "Public Key operation error\n");
    481. 

  481.         } else {
    482. 

  482.             BIO_puts(bio_err, "Key derivation failed\n");
    483. 

  483.         }
    484. 

  484.         ERR_print_errors(bio_err);
    485. 

  485.         goto end;
    486. 

  486.     }
    487. 

  487.     ret = 0;
    488. 

  488. 

  489.     if (asn1parse) {
    490. 

  490.         if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
    491. 

  491.             ERR_print_errors(bio_err);
    492. 

  492.     } else if (hexdump) {
    493. 

  493.         BIO_dump(out, (char *)buf_out, buf_outlen);
    494. 

  494.     } else {
    495. 

  495.         BIO_write(out, buf_out, buf_outlen);
    496. 

  496.     }
    497. 

  497. 

  498.  end:
    499. 

  499.     EVP_PKEY_CTX_free(ctx);
    500. 

  500.     release_engine(e);
    501. 

  501.     BIO_free(in);
    502. 

  502.     BIO_free_all(out);
    503. 

  503.     OPENSSL_free(buf_in);
    504. 

  504.     OPENSSL_free(buf_out);
    505. 

  505.     OPENSSL_free(sig);
    506. 

  506.     sk_OPENSSL_STRING_free(pkeyopts);
    507. 

  507.     sk_OPENSSL_STRING_free(pkeyopts_passin);
    508. 

  508.     NCONF_free(conf);
    509. 

  509.     return ret;
    510. 

  510. }
    511. 

  511. 

  512. static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
    513. 

  513.                               const char *keyfile, int keyform, int key_type,
    514. 

  514.                               char *passinarg, int pkey_op, ENGINE *e,
    515. 

  515.                               const int engine_impl, int rawin,
    516. 

  516.                               EVP_PKEY **ppkey,
    517. 

  517.                               OSSL_LIB_CTX *libctx, const char *propq)
    518. 

  518. {
    519. 

  519.     EVP_PKEY *pkey = NULL;
    520. 

  520.     EVP_PKEY_CTX *ctx = NULL;
    521. 

  521.     ENGINE *impl = NULL;
    522. 

  522.     char *passin = NULL;
    523. 

  523.     int rv = -1;
    524. 

  524.     X509 *x;
    525. 

  525.     if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
    526. 

  526.          || (pkey_op == EVP_PKEY_OP_DERIVE))
    527. 

  527.         && (key_type != KEY_PRIVKEY && kdfalg == NULL)) {
    528. 

  528.         BIO_printf(bio_err, "A private key is needed for this operation\n");
    529. 

  529.         goto end;
    530. 

  530.     }
    531. 

  531.     if (!app_passwd(passinarg, NULL, &passin, NULL)) {
    532. 

  532.         BIO_printf(bio_err, "Error getting password\n");
    533. 

  533.         goto end;
    534. 

  534.     }
    535. 

  535.     switch (key_type) {
    536. 

  536.     case KEY_PRIVKEY:
    537. 

  537.         pkey = load_key(keyfile, keyform, 0, passin, e, "private key");
    538. 

  538.         break;
    539. 

  539. 

  540.     case KEY_PUBKEY:
    541. 

  541.         pkey = load_pubkey(keyfile, keyform, 0, NULL, e, "public key");
    542. 

  542.         break;
    543. 

  543. 

  544.     case KEY_CERT:
    545. 

  545.         x = load_cert(keyfile, "Certificate");
    546. 

  546.         if (x) {
    547. 

  547.             pkey = X509_get_pubkey(x);
    548. 

  548.             X509_free(x);
    549. 

  549.         }
    550. 

  550.         break;
    551. 

  551. 

  552.     case KEY_NONE:
    553. 

  553.         break;
    554. 

  554. 

  555.     }
    556. 

  556. 

  557. #ifndef OPENSSL_NO_ENGINE
    558. 

  558.     if (engine_impl)
    559. 

  559.         impl = e;
    560. 

  560. #endif
    561. 

  561. 

  562.     if (kdfalg != NULL) {
    563. 

  563.         int kdfnid = OBJ_sn2nid(kdfalg);
    564. 

  564. 

  565.         if (kdfnid == NID_undef) {
    566. 

  566.             kdfnid = OBJ_ln2nid(kdfalg);
    567. 

  567.             if (kdfnid == NID_undef) {
    568. 

  568.                 BIO_printf(bio_err, "The given KDF \"%s\" is unknown.\n",
    569. 

  569.                            kdfalg);
    570. 

  570.                 goto end;
    571. 

  571.             }
    572. 

  572.         }
    573. 

  573.         if (impl != NULL)
    574. 

  574.             ctx = EVP_PKEY_CTX_new_id(kdfnid, impl);
    575. 

  575.         else
    576. 

  576.             ctx = EVP_PKEY_CTX_new_from_name(libctx, kdfalg, propq);
    577. 

  577.     } else {
    578. 

  578.         if (pkey == NULL)
    579. 

  579.             goto end;
    580. 

  580. 

  581.         *pkeysize = EVP_PKEY_size(pkey);
    582. 

  582.         if (impl != NULL)
    583. 

  583.             ctx = EVP_PKEY_CTX_new(pkey, impl);
    584. 

  584.         else
    585. 

  585.             ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
    586. 

  586.         if (ppkey != NULL)
    587. 

  587.             *ppkey = pkey;
    588. 

  588.         EVP_PKEY_free(pkey);
    589. 

  589.     }
    590. 

  590. 

  591.     if (ctx == NULL)
    592. 

  592.         goto end;
    593. 

  593. 

  594.     /*
    595. 

  595.      * If rawin then we don't need to actually initialise the EVP_PKEY_CTX
    596. 

  596.      * itself. That will get initialised during EVP_DigestSignInit or
    597. 

  597.      * EVP_DigestVerifyInit.
    598. 

  598.      */
    599. 

  599.     if (rawin) {
    600. 

  600.         rv = 1;
    601. 

  601.     } else {
    602. 

  602.         switch (pkey_op) {
    603. 

  603.         case EVP_PKEY_OP_SIGN:
    604. 

  604.             rv = EVP_PKEY_sign_init(ctx);
    605. 

  605.             break;
    606. 

  606. 

  607.         case EVP_PKEY_OP_VERIFY:
    608. 

  608.             rv = EVP_PKEY_verify_init(ctx);
    609. 

  609.             break;
    610. 

  610. 

  611.         case EVP_PKEY_OP_VERIFYRECOVER:
    612. 

  612.             rv = EVP_PKEY_verify_recover_init(ctx);
    613. 

  613.             break;
    614. 

  614. 

  615.         case EVP_PKEY_OP_ENCRYPT:
    616. 

  616.             rv = EVP_PKEY_encrypt_init(ctx);
    617. 

  617.             break;
    618. 

  618. 

  619.         case EVP_PKEY_OP_DECRYPT:
    620. 

  620.             rv = EVP_PKEY_decrypt_init(ctx);
    621. 

  621.             break;
    622. 

  622. 

  623.         case EVP_PKEY_OP_DERIVE:
    624. 

  624.             rv = EVP_PKEY_derive_init(ctx);
    625. 

  625.             break;
    626. 

  626.         }
    627. 

  627.     }
    628. 

  628. 

  629.     if (rv <= 0) {
    630. 

  630.         EVP_PKEY_CTX_free(ctx);
    631. 

  631.         ctx = NULL;
    632. 

  632.     }
    633. 

  633. 

  634.  end:
    635. 

  635.     OPENSSL_free(passin);
    636. 

  636.     return ctx;
    637. 

  637. 

  638. }
    639. 

  639. 

  640. static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file,
    641. 

  641.                       ENGINE *e)
    642. 

  642. {
    643. 

  643.     EVP_PKEY *peer = NULL;
    644. 

  644.     ENGINE *engine = NULL;
    645. 

  645.     int ret;
    646. 

  646. 

  647.     if (peerform == FORMAT_ENGINE)
    648. 

  648.         engine = e;
    649. 

  649.     peer = load_pubkey(file, peerform, 0, NULL, engine, "peer key");
    650. 

  650.     if (peer == NULL) {
    651. 

  651.         BIO_printf(bio_err, "Error reading peer key %s\n", file);
    652. 

  652.         ERR_print_errors(bio_err);
    653. 

  653.         return 0;
    654. 

  654.     }
    655. 

  655. 

  656.     ret = EVP_PKEY_derive_set_peer(ctx, peer);
    657. 

  657. 

  658.     EVP_PKEY_free(peer);
    659. 

  659.     if (ret <= 0)
    660. 

  660.         ERR_print_errors(bio_err);
    661. 

  661.     return ret;
    662. 

  662. }
    663. 

  663. 

  664. static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
    665. 

  665.                     unsigned char *out, size_t *poutlen,
    666. 

  666.                     const unsigned char *in, size_t inlen)
    667. 

  667. {
    668. 

  668.     int rv = 0;
    669. 

  669.     switch (pkey_op) {
    670. 

  670.     case EVP_PKEY_OP_VERIFYRECOVER:
    671. 

  671.         rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
    672. 

  672.         break;
    673. 

  673. 

  674.     case EVP_PKEY_OP_SIGN:
    675. 

  675.         rv = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
    676. 

  676.         break;
    677. 

  677. 

  678.     case EVP_PKEY_OP_ENCRYPT:
    679. 

  679.         rv = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
    680. 

  680.         break;
    681. 

  681. 

  682.     case EVP_PKEY_OP_DECRYPT:
    683. 

  683.         rv = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
    684. 

  684.         break;
    685. 

  685. 

  686.     case EVP_PKEY_OP_DERIVE:
    687. 

  687.         rv = EVP_PKEY_derive(ctx, out, poutlen);
    688. 

  688.         break;
    689. 

  689. 

  690.     }
    691. 

  691.     return rv;
    692. 

  692. }
    693. 

  693. 

  694. #define TBUF_MAXSIZE 2048
    695. 

  695. 

  696. static int do_raw_keyop(int pkey_op, EVP_PKEY_CTX *ctx,
    697. 

  697.                         const EVP_MD *md, EVP_PKEY *pkey, BIO *in,
    698. 

  698.                         int filesize, unsigned char *sig, int siglen,
    699. 

  699.                         unsigned char **out, size_t *poutlen)
    700. 

  700. {
    701. 

  701.     int rv = 0;
    702. 

  702.     EVP_MD_CTX *mctx = NULL;
    703. 

  703.     unsigned char tbuf[TBUF_MAXSIZE];
    704. 

  704.     unsigned char *mbuf = NULL;
    705. 

  705.     int buf_len = 0;
    706. 

  706. 

  707.     if ((mctx = EVP_MD_CTX_new()) == NULL) {
    708. 

  708.         BIO_printf(bio_err, "Error: out of memory\n");
    709. 

  709.         return rv;
    710. 

  710.     }
    711. 

  711.     EVP_MD_CTX_set_pkey_ctx(mctx, ctx);
    712. 

  712. 

  713.     /* Some algorithms only support oneshot digests */
    714. 

  714.     if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519
    715. 

  715.             || EVP_PKEY_id(pkey) == EVP_PKEY_ED448) {
    716. 

  716.         if (filesize < 0) {
    717. 

  717.             BIO_printf(bio_err,
    718. 

  718.                        "Error: unable to determine file size for oneshot operation\n");
    719. 

  719.             goto end;
    720. 

  720.         }
    721. 

  721.         mbuf = app_malloc(filesize, "oneshot sign/verify buffer");
    722. 

  722.         switch(pkey_op) {
    723. 

  723.         case EVP_PKEY_OP_VERIFY:
    724. 

  724.             if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1)
    725. 

  725.                 goto end;
    726. 

  726.             buf_len = BIO_read(in, mbuf, filesize);
    727. 

  727.             if (buf_len != filesize) {
    728. 

  728.                 BIO_printf(bio_err, "Error reading raw input data\n");
    729. 

  729.                 goto end;
    730. 

  730.             }
    731. 

  731.             rv = EVP_DigestVerify(mctx, sig, (size_t)siglen, mbuf, buf_len);
    732. 

  732.             break;
    733. 

  733.         case EVP_PKEY_OP_SIGN:
    734. 

  734.             if (EVP_DigestSignInit(mctx, NULL, md, NULL, pkey) != 1)
    735. 

  735.                 goto end;
    736. 

  736.             buf_len = BIO_read(in, mbuf, filesize);
    737. 

  737.             if (buf_len != filesize) {
    738. 

  738.                 BIO_printf(bio_err, "Error reading raw input data\n");
    739. 

  739.                 goto end;
    740. 

  740.             }
    741. 

  741.             rv = EVP_DigestSign(mctx, NULL, poutlen, mbuf, buf_len);
    742. 

  742.             if (rv == 1 && out != NULL) {
    743. 

  743.                 *out = app_malloc(*poutlen, "buffer output");
    744. 

  744.                 rv = EVP_DigestSign(mctx, *out, poutlen, mbuf, buf_len);
    745. 

  745.             }
    746. 

  746.             break;
    747. 

  747.         }
    748. 

  748.         goto end;
    749. 

  749.     }
    750. 

  750. 

  751.     switch(pkey_op) {
    752. 

  752.     case EVP_PKEY_OP_VERIFY:
    753. 

  753.         if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1)
    754. 

  754.             goto end;
    755. 

  755.         for (;;) {
    756. 

  756.             buf_len = BIO_read(in, tbuf, TBUF_MAXSIZE);
    757. 

  757.             if (buf_len == 0)
    758. 

  758.                 break;
    759. 

  759.             if (buf_len < 0) {
    760. 

  760.                 BIO_printf(bio_err, "Error reading raw input data\n");
    761. 

  761.                 goto end;
    762. 

  762.             }
    763. 

  763.             rv = EVP_DigestVerifyUpdate(mctx, tbuf, (size_t)buf_len);
    764. 

  764.             if (rv != 1) {
    765. 

  765.                 BIO_printf(bio_err, "Error verifying raw input data\n");
    766. 

  766.                 goto end;
    767. 

  767.             }
    768. 

  768.         }
    769. 

  769.         rv = EVP_DigestVerifyFinal(mctx, sig, (size_t)siglen);
    770. 

  770.         break;
    771. 

  771.     case EVP_PKEY_OP_SIGN:
    772. 

  772.         if (EVP_DigestSignInit(mctx, NULL, md, NULL, pkey) != 1)
    773. 

  773.             goto end;
    774. 

  774.         for (;;) {
    775. 

  775.             buf_len = BIO_read(in, tbuf, TBUF_MAXSIZE);
    776. 

  776.             if (buf_len == 0)
    777. 

  777.                 break;
    778. 

  778.             if (buf_len < 0) {
    779. 

  779.                 BIO_printf(bio_err, "Error reading raw input data\n");
    780. 

  780.                 goto end;
    781. 

  781.             }
    782. 

  782.             rv = EVP_DigestSignUpdate(mctx, tbuf, (size_t)buf_len);
    783. 

  783.             if (rv != 1) {
    784. 

  784.                 BIO_printf(bio_err, "Error signing raw input data\n");
    785. 

  785.                 goto end;
    786. 

  786.             }
    787. 

  787.         }
    788. 

  788.         rv = EVP_DigestSignFinal(mctx, NULL, poutlen);
    789. 

  789.         if (rv == 1 && out != NULL) {
    790. 

  790.             *out = app_malloc(*poutlen, "buffer output");
    791. 

  791.             rv = EVP_DigestSignFinal(mctx, *out, poutlen);
    792. 

  792.         }
    793. 

  793.         break;
    794. 

  794.     }
    795. 

  795. 

  796.  end:
    797. 

  797.     OPENSSL_free(mbuf);
    798. 

  798.     EVP_MD_CTX_free(mctx);
    799. 

  799.     return rv;
    800. 

  800. }
    801.