ecdsa.c 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593
  1. /*
  2. * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * ECDSA low level APIs are deprecated for public use, but still ok for
  11. * internal use.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <string.h> /* memcpy */
  15. #include <openssl/crypto.h>
  16. #include <openssl/core_dispatch.h>
  17. #include <openssl/core_names.h>
  18. #include <openssl/dsa.h>
  19. #include <openssl/params.h>
  20. #include <openssl/evp.h>
  21. #include <openssl/err.h>
  22. #include <openssl/proverr.h>
  23. #include "internal/nelem.h"
  24. #include "internal/sizes.h"
  25. #include "internal/cryptlib.h"
  26. #include "prov/providercommon.h"
  27. #include "prov/implementations.h"
  28. #include "prov/provider_ctx.h"
  29. #include "prov/securitycheck.h"
  30. #include "crypto/ec.h"
  31. #include "prov/der_ec.h"
  32. static OSSL_FUNC_signature_newctx_fn ecdsa_newctx;
  33. static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init;
  34. static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init;
  35. static OSSL_FUNC_signature_sign_fn ecdsa_sign;
  36. static OSSL_FUNC_signature_verify_fn ecdsa_verify;
  37. static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_sign_init;
  38. static OSSL_FUNC_signature_digest_sign_update_fn ecdsa_digest_signverify_update;
  39. static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final;
  40. static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init;
  41. static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update;
  42. static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final;
  43. static OSSL_FUNC_signature_freectx_fn ecdsa_freectx;
  44. static OSSL_FUNC_signature_dupctx_fn ecdsa_dupctx;
  45. static OSSL_FUNC_signature_get_ctx_params_fn ecdsa_get_ctx_params;
  46. static OSSL_FUNC_signature_gettable_ctx_params_fn ecdsa_gettable_ctx_params;
  47. static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_set_ctx_params;
  48. static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_settable_ctx_params;
  49. static OSSL_FUNC_signature_get_ctx_md_params_fn ecdsa_get_ctx_md_params;
  50. static OSSL_FUNC_signature_gettable_ctx_md_params_fn ecdsa_gettable_ctx_md_params;
  51. static OSSL_FUNC_signature_set_ctx_md_params_fn ecdsa_set_ctx_md_params;
  52. static OSSL_FUNC_signature_settable_ctx_md_params_fn ecdsa_settable_ctx_md_params;
  53. /*
  54. * What's passed as an actual key is defined by the KEYMGMT interface.
  55. * We happen to know that our KEYMGMT simply passes DSA structures, so
  56. * we use that here too.
  57. */
  58. typedef struct {
  59. OSSL_LIB_CTX *libctx;
  60. char *propq;
  61. EC_KEY *ec;
  62. char mdname[OSSL_MAX_NAME_SIZE];
  63. /*
  64. * Flag to determine if the hash function can be changed (1) or not (0)
  65. * Because it's dangerous to change during a DigestSign or DigestVerify
  66. * operation, this flag is cleared by their Init function, and set again
  67. * by their Final function.
  68. */
  69. unsigned int flag_allow_md : 1;
  70. /* The Algorithm Identifier of the combined signature algorithm */
  71. unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
  72. unsigned char *aid;
  73. size_t aid_len;
  74. size_t mdsize;
  75. int operation;
  76. EVP_MD *md;
  77. EVP_MD_CTX *mdctx;
  78. /*
  79. * Internally used to cache the results of calling the EC group
  80. * sign_setup() methods which are then passed to the sign operation.
  81. * This is used by CAVS failure tests to terminate a loop if the signature
  82. * is not valid.
  83. * This could of also been done with a simple flag.
  84. */
  85. BIGNUM *kinv;
  86. BIGNUM *r;
  87. #if !defined(OPENSSL_NO_ACVP_TESTS)
  88. /*
  89. * This indicates that KAT (CAVS) test is running. Externally an app will
  90. * override the random callback such that the generated private key and k
  91. * are known.
  92. * Normal operation will loop to choose a new k if the signature is not
  93. * valid - but for this mode of operation it forces a failure instead.
  94. */
  95. unsigned int kattest;
  96. #endif
  97. } PROV_ECDSA_CTX;
  98. static void *ecdsa_newctx(void *provctx, const char *propq)
  99. {
  100. PROV_ECDSA_CTX *ctx;
  101. if (!ossl_prov_is_running())
  102. return NULL;
  103. ctx = OPENSSL_zalloc(sizeof(PROV_ECDSA_CTX));
  104. if (ctx == NULL)
  105. return NULL;
  106. ctx->flag_allow_md = 1;
  107. ctx->libctx = PROV_LIBCTX_OF(provctx);
  108. if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) {
  109. OPENSSL_free(ctx);
  110. ctx = NULL;
  111. ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
  112. }
  113. return ctx;
  114. }
  115. static int ecdsa_signverify_init(void *vctx, void *ec,
  116. const OSSL_PARAM params[], int operation)
  117. {
  118. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  119. if (!ossl_prov_is_running()
  120. || ctx == NULL
  121. || ec == NULL
  122. || !EC_KEY_up_ref(ec))
  123. return 0;
  124. EC_KEY_free(ctx->ec);
  125. ctx->ec = ec;
  126. ctx->operation = operation;
  127. if (!ecdsa_set_ctx_params(ctx, params))
  128. return 0;
  129. return ossl_ec_check_key(ec, operation == EVP_PKEY_OP_SIGN);
  130. }
  131. static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[])
  132. {
  133. return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_SIGN);
  134. }
  135. static int ecdsa_verify_init(void *vctx, void *ec, const OSSL_PARAM params[])
  136. {
  137. return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_VERIFY);
  138. }
  139. static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen,
  140. size_t sigsize, const unsigned char *tbs, size_t tbslen)
  141. {
  142. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  143. int ret;
  144. unsigned int sltmp;
  145. size_t ecsize = ECDSA_size(ctx->ec);
  146. if (!ossl_prov_is_running())
  147. return 0;
  148. if (sig == NULL) {
  149. *siglen = ecsize;
  150. return 1;
  151. }
  152. #if !defined(OPENSSL_NO_ACVP_TESTS)
  153. if (ctx->kattest && !ECDSA_sign_setup(ctx->ec, NULL, &ctx->kinv, &ctx->r))
  154. return 0;
  155. #endif
  156. if (sigsize < (size_t)ecsize)
  157. return 0;
  158. if (ctx->mdsize != 0 && tbslen != ctx->mdsize)
  159. return 0;
  160. ret = ECDSA_sign_ex(0, tbs, tbslen, sig, &sltmp, ctx->kinv, ctx->r, ctx->ec);
  161. if (ret <= 0)
  162. return 0;
  163. *siglen = sltmp;
  164. return 1;
  165. }
  166. static int ecdsa_verify(void *vctx, const unsigned char *sig, size_t siglen,
  167. const unsigned char *tbs, size_t tbslen)
  168. {
  169. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  170. if (!ossl_prov_is_running() || (ctx->mdsize != 0 && tbslen != ctx->mdsize))
  171. return 0;
  172. return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->ec);
  173. }
  174. static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname,
  175. const char *mdprops)
  176. {
  177. EVP_MD *md = NULL;
  178. size_t mdname_len;
  179. int md_nid, sha1_allowed;
  180. WPACKET pkt;
  181. if (mdname == NULL)
  182. return 1;
  183. mdname_len = strlen(mdname);
  184. if (mdname_len >= sizeof(ctx->mdname)) {
  185. ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
  186. "%s exceeds name buffer length", mdname);
  187. return 0;
  188. }
  189. if (mdprops == NULL)
  190. mdprops = ctx->propq;
  191. md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
  192. if (md == NULL) {
  193. ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
  194. "%s could not be fetched", mdname);
  195. return 0;
  196. }
  197. sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
  198. md_nid = ossl_digest_get_approved_nid_with_sha1(md, sha1_allowed);
  199. if (md_nid == NID_undef) {
  200. ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
  201. "digest=%s", mdname);
  202. EVP_MD_free(md);
  203. return 0;
  204. }
  205. EVP_MD_CTX_free(ctx->mdctx);
  206. EVP_MD_free(ctx->md);
  207. ctx->aid_len = 0;
  208. if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf))
  209. && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec,
  210. md_nid)
  211. && WPACKET_finish(&pkt)) {
  212. WPACKET_get_total_written(&pkt, &ctx->aid_len);
  213. ctx->aid = WPACKET_get_curr(&pkt);
  214. }
  215. WPACKET_cleanup(&pkt);
  216. ctx->mdctx = NULL;
  217. ctx->md = md;
  218. ctx->mdsize = EVP_MD_size(ctx->md);
  219. OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname));
  220. return 1;
  221. }
  222. static int ecdsa_digest_signverify_init(void *vctx, const char *mdname,
  223. void *ec, const OSSL_PARAM params[],
  224. int operation)
  225. {
  226. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  227. if (!ossl_prov_is_running())
  228. return 0;
  229. ctx->flag_allow_md = 0;
  230. if (!ecdsa_signverify_init(vctx, ec, params, operation)
  231. || !ecdsa_setup_md(ctx, mdname, NULL))
  232. return 0;
  233. ctx->mdctx = EVP_MD_CTX_new();
  234. if (ctx->mdctx == NULL)
  235. goto error;
  236. if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params))
  237. goto error;
  238. return 1;
  239. error:
  240. EVP_MD_CTX_free(ctx->mdctx);
  241. EVP_MD_free(ctx->md);
  242. ctx->mdctx = NULL;
  243. ctx->md = NULL;
  244. return 0;
  245. }
  246. static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec,
  247. const OSSL_PARAM params[])
  248. {
  249. return ecdsa_digest_signverify_init(vctx, mdname, ec, params,
  250. EVP_PKEY_OP_SIGN);
  251. }
  252. static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec,
  253. const OSSL_PARAM params[])
  254. {
  255. return ecdsa_digest_signverify_init(vctx, mdname, ec, params,
  256. EVP_PKEY_OP_VERIFY);
  257. }
  258. int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data,
  259. size_t datalen)
  260. {
  261. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  262. if (ctx == NULL || ctx->mdctx == NULL)
  263. return 0;
  264. return EVP_DigestUpdate(ctx->mdctx, data, datalen);
  265. }
  266. int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen,
  267. size_t sigsize)
  268. {
  269. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  270. unsigned char digest[EVP_MAX_MD_SIZE];
  271. unsigned int dlen = 0;
  272. if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL)
  273. return 0;
  274. /*
  275. * If sig is NULL then we're just finding out the sig size. Other fields
  276. * are ignored. Defer to ecdsa_sign.
  277. */
  278. if (sig != NULL
  279. && !EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen))
  280. return 0;
  281. ctx->flag_allow_md = 1;
  282. return ecdsa_sign(vctx, sig, siglen, sigsize, digest, (size_t)dlen);
  283. }
  284. int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig,
  285. size_t siglen)
  286. {
  287. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  288. unsigned char digest[EVP_MAX_MD_SIZE];
  289. unsigned int dlen = 0;
  290. if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL)
  291. return 0;
  292. if (!EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen))
  293. return 0;
  294. ctx->flag_allow_md = 1;
  295. return ecdsa_verify(ctx, sig, siglen, digest, (size_t)dlen);
  296. }
  297. static void ecdsa_freectx(void *vctx)
  298. {
  299. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  300. OPENSSL_free(ctx->propq);
  301. EVP_MD_CTX_free(ctx->mdctx);
  302. EVP_MD_free(ctx->md);
  303. ctx->propq = NULL;
  304. ctx->mdctx = NULL;
  305. ctx->md = NULL;
  306. ctx->mdsize = 0;
  307. EC_KEY_free(ctx->ec);
  308. BN_clear_free(ctx->kinv);
  309. BN_clear_free(ctx->r);
  310. OPENSSL_free(ctx);
  311. }
  312. static void *ecdsa_dupctx(void *vctx)
  313. {
  314. PROV_ECDSA_CTX *srcctx = (PROV_ECDSA_CTX *)vctx;
  315. PROV_ECDSA_CTX *dstctx;
  316. if (!ossl_prov_is_running())
  317. return NULL;
  318. dstctx = OPENSSL_zalloc(sizeof(*srcctx));
  319. if (dstctx == NULL)
  320. return NULL;
  321. *dstctx = *srcctx;
  322. dstctx->ec = NULL;
  323. dstctx->md = NULL;
  324. dstctx->mdctx = NULL;
  325. dstctx->propq = NULL;
  326. if (srcctx->ec != NULL && !EC_KEY_up_ref(srcctx->ec))
  327. goto err;
  328. /* Test KATS should not need to be supported */
  329. if (srcctx->kinv != NULL || srcctx->r != NULL)
  330. goto err;
  331. dstctx->ec = srcctx->ec;
  332. if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md))
  333. goto err;
  334. dstctx->md = srcctx->md;
  335. if (srcctx->mdctx != NULL) {
  336. dstctx->mdctx = EVP_MD_CTX_new();
  337. if (dstctx->mdctx == NULL
  338. || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx))
  339. goto err;
  340. }
  341. if (srcctx->propq != NULL) {
  342. dstctx->propq = OPENSSL_strdup(srcctx->propq);
  343. if (dstctx->propq == NULL)
  344. goto err;
  345. }
  346. return dstctx;
  347. err:
  348. ecdsa_freectx(dstctx);
  349. return NULL;
  350. }
  351. static int ecdsa_get_ctx_params(void *vctx, OSSL_PARAM *params)
  352. {
  353. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  354. OSSL_PARAM *p;
  355. if (ctx == NULL)
  356. return 0;
  357. p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
  358. if (p != NULL && !OSSL_PARAM_set_octet_string(p, ctx->aid, ctx->aid_len))
  359. return 0;
  360. p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
  361. if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->mdsize))
  362. return 0;
  363. p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
  364. if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL
  365. ? ctx->mdname
  366. : EVP_MD_name(ctx->md)))
  367. return 0;
  368. return 1;
  369. }
  370. static const OSSL_PARAM known_gettable_ctx_params[] = {
  371. OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
  372. OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
  373. OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
  374. OSSL_PARAM_END
  375. };
  376. static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *vctx,
  377. ossl_unused void *provctx)
  378. {
  379. return known_gettable_ctx_params;
  380. }
  381. static int ecdsa_set_ctx_params(void *vctx, const OSSL_PARAM params[])
  382. {
  383. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  384. const OSSL_PARAM *p;
  385. if (ctx == NULL)
  386. return 0;
  387. if (params == NULL)
  388. return 1;
  389. #if !defined(OPENSSL_NO_ACVP_TESTS)
  390. p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_KAT);
  391. if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->kattest))
  392. return 0;
  393. #endif
  394. p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST);
  395. /* Not allowed during certain operations */
  396. if (p != NULL && !ctx->flag_allow_md)
  397. return 0;
  398. if (p != NULL) {
  399. char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
  400. char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
  401. const OSSL_PARAM *propsp =
  402. OSSL_PARAM_locate_const(params,
  403. OSSL_SIGNATURE_PARAM_PROPERTIES);
  404. if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname)))
  405. return 0;
  406. if (propsp != NULL
  407. && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops)))
  408. return 0;
  409. if (!ecdsa_setup_md(ctx, mdname, mdprops))
  410. return 0;
  411. }
  412. p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
  413. if (p != NULL
  414. && (!ctx->flag_allow_md
  415. || !OSSL_PARAM_get_size_t(p, &ctx->mdsize)))
  416. return 0;
  417. return 1;
  418. }
  419. static const OSSL_PARAM settable_ctx_params[] = {
  420. OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
  421. OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
  422. OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0),
  423. OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),
  424. OSSL_PARAM_END
  425. };
  426. static const OSSL_PARAM settable_ctx_params_no_digest[] = {
  427. OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),
  428. OSSL_PARAM_END
  429. };
  430. static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx,
  431. ossl_unused void *provctx)
  432. {
  433. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  434. if (ctx != NULL && !ctx->flag_allow_md)
  435. return settable_ctx_params_no_digest;
  436. return settable_ctx_params;
  437. }
  438. static int ecdsa_get_ctx_md_params(void *vctx, OSSL_PARAM *params)
  439. {
  440. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  441. if (ctx->mdctx == NULL)
  442. return 0;
  443. return EVP_MD_CTX_get_params(ctx->mdctx, params);
  444. }
  445. static const OSSL_PARAM *ecdsa_gettable_ctx_md_params(void *vctx)
  446. {
  447. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  448. if (ctx->md == NULL)
  449. return 0;
  450. return EVP_MD_gettable_ctx_params(ctx->md);
  451. }
  452. static int ecdsa_set_ctx_md_params(void *vctx, const OSSL_PARAM params[])
  453. {
  454. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  455. if (ctx->mdctx == NULL)
  456. return 0;
  457. return EVP_MD_CTX_set_params(ctx->mdctx, params);
  458. }
  459. static const OSSL_PARAM *ecdsa_settable_ctx_md_params(void *vctx)
  460. {
  461. PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
  462. if (ctx->md == NULL)
  463. return 0;
  464. return EVP_MD_settable_ctx_params(ctx->md);
  465. }
  466. const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = {
  467. { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx },
  468. { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init },
  469. { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign },
  470. { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init },
  471. { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify },
  472. { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
  473. (void (*)(void))ecdsa_digest_sign_init },
  474. { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
  475. (void (*)(void))ecdsa_digest_signverify_update },
  476. { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
  477. (void (*)(void))ecdsa_digest_sign_final },
  478. { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
  479. (void (*)(void))ecdsa_digest_verify_init },
  480. { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
  481. (void (*)(void))ecdsa_digest_signverify_update },
  482. { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
  483. (void (*)(void))ecdsa_digest_verify_final },
  484. { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx },
  485. { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx },
  486. { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))ecdsa_get_ctx_params },
  487. { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS,
  488. (void (*)(void))ecdsa_gettable_ctx_params },
  489. { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))ecdsa_set_ctx_params },
  490. { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS,
  491. (void (*)(void))ecdsa_settable_ctx_params },
  492. { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS,
  493. (void (*)(void))ecdsa_get_ctx_md_params },
  494. { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS,
  495. (void (*)(void))ecdsa_gettable_ctx_md_params },
  496. { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS,
  497. (void (*)(void))ecdsa_set_ctx_md_params },
  498. { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS,
  499. (void (*)(void))ecdsa_settable_ctx_md_params },
  500. { 0, NULL }
  501. };