pmeth_lib.c 68 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039
  1. /*
  2. * Copyright 2006-2024 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * Low level key APIs (DH etc) are deprecated for public use, but still ok for
  11. * internal use.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <stdio.h>
  15. #include <stdlib.h>
  16. #ifndef FIPS_MODULE
  17. # include <openssl/engine.h>
  18. #endif
  19. #include <openssl/evp.h>
  20. #include <openssl/core_names.h>
  21. #include <openssl/dh.h>
  22. #include <openssl/rsa.h>
  23. #include <openssl/kdf.h>
  24. #include "internal/cryptlib.h"
  25. #ifndef FIPS_MODULE
  26. # include "crypto/asn1.h"
  27. #endif
  28. #include "crypto/evp.h"
  29. #include "crypto/dh.h"
  30. #include "crypto/ec.h"
  31. #include "internal/ffc.h"
  32. #include "internal/numbers.h"
  33. #include "internal/provider.h"
  34. #include "evp_local.h"
  35. #ifndef FIPS_MODULE
  36. static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx,
  37. int keytype, int optype,
  38. int cmd, const char *name,
  39. const void *data, size_t data_len);
  40. static void evp_pkey_ctx_free_cached_data(EVP_PKEY_CTX *ctx,
  41. int cmd, const char *name);
  42. static void evp_pkey_ctx_free_all_cached_data(EVP_PKEY_CTX *ctx);
  43. typedef const EVP_PKEY_METHOD *(*pmeth_fn)(void);
  44. typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
  45. static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
  46. /* This array needs to be in order of NIDs */
  47. static pmeth_fn standard_methods[] = {
  48. ossl_rsa_pkey_method,
  49. # ifndef OPENSSL_NO_DH
  50. ossl_dh_pkey_method,
  51. # endif
  52. # ifndef OPENSSL_NO_DSA
  53. ossl_dsa_pkey_method,
  54. # endif
  55. # ifndef OPENSSL_NO_EC
  56. ossl_ec_pkey_method,
  57. # endif
  58. ossl_rsa_pss_pkey_method,
  59. # ifndef OPENSSL_NO_DH
  60. ossl_dhx_pkey_method,
  61. # endif
  62. # ifndef OPENSSL_NO_ECX
  63. ossl_ecx25519_pkey_method,
  64. ossl_ecx448_pkey_method,
  65. ossl_ed25519_pkey_method,
  66. ossl_ed448_pkey_method,
  67. # endif
  68. };
  69. DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func);
  70. static int pmeth_func_cmp(const EVP_PKEY_METHOD *const *a, pmeth_fn const *b)
  71. {
  72. return ((*a)->pkey_id - ((**b)())->pkey_id);
  73. }
  74. IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, pmeth_fn, pmeth_func);
  75. static int pmeth_cmp(const EVP_PKEY_METHOD *const *a,
  76. const EVP_PKEY_METHOD *const *b)
  77. {
  78. return ((*a)->pkey_id - (*b)->pkey_id);
  79. }
  80. static const EVP_PKEY_METHOD *evp_pkey_meth_find_added_by_application(int type)
  81. {
  82. if (app_pkey_methods != NULL) {
  83. int idx;
  84. EVP_PKEY_METHOD tmp;
  85. tmp.pkey_id = type;
  86. idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
  87. if (idx >= 0)
  88. return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
  89. }
  90. return NULL;
  91. }
  92. const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
  93. {
  94. pmeth_fn *ret;
  95. EVP_PKEY_METHOD tmp;
  96. const EVP_PKEY_METHOD *t;
  97. if ((t = evp_pkey_meth_find_added_by_application(type)) != NULL)
  98. return t;
  99. tmp.pkey_id = type;
  100. t = &tmp;
  101. ret = OBJ_bsearch_pmeth_func(&t, standard_methods,
  102. OSSL_NELEM(standard_methods));
  103. if (ret == NULL || *ret == NULL)
  104. return NULL;
  105. return (**ret)();
  106. }
  107. EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
  108. {
  109. EVP_PKEY_METHOD *pmeth;
  110. pmeth = OPENSSL_zalloc(sizeof(*pmeth));
  111. if (pmeth == NULL)
  112. return NULL;
  113. pmeth->pkey_id = id;
  114. pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
  115. return pmeth;
  116. }
  117. #endif /* FIPS_MODULE */
  118. int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx)
  119. {
  120. if (ctx->operation == EVP_PKEY_OP_UNDEFINED)
  121. return EVP_PKEY_STATE_UNKNOWN;
  122. if ((EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
  123. && ctx->op.kex.algctx != NULL)
  124. || (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
  125. && ctx->op.sig.algctx != NULL)
  126. || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
  127. && ctx->op.ciph.algctx != NULL)
  128. || (EVP_PKEY_CTX_IS_GEN_OP(ctx)
  129. && ctx->op.keymgmt.genctx != NULL)
  130. || (EVP_PKEY_CTX_IS_KEM_OP(ctx)
  131. && ctx->op.encap.algctx != NULL))
  132. return EVP_PKEY_STATE_PROVIDER;
  133. return EVP_PKEY_STATE_LEGACY;
  134. }
  135. static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
  136. EVP_PKEY *pkey, ENGINE *e,
  137. const char *keytype, const char *propquery,
  138. int id)
  139. {
  140. EVP_PKEY_CTX *ret = NULL;
  141. const EVP_PKEY_METHOD *pmeth = NULL, *app_pmeth = NULL;
  142. EVP_KEYMGMT *keymgmt = NULL;
  143. /* Code below to be removed when legacy support is dropped. */
  144. /* BEGIN legacy */
  145. if (id == -1) {
  146. if (pkey != NULL && !evp_pkey_is_provided(pkey)) {
  147. id = pkey->type;
  148. } else {
  149. if (pkey != NULL) {
  150. /* Must be provided if we get here */
  151. keytype = EVP_KEYMGMT_get0_name(pkey->keymgmt);
  152. }
  153. #ifndef FIPS_MODULE
  154. if (keytype != NULL) {
  155. id = evp_pkey_name2type(keytype);
  156. if (id == NID_undef)
  157. id = -1;
  158. }
  159. #endif
  160. }
  161. }
  162. /* If no ID was found here, we can only resort to find a keymgmt */
  163. if (id == -1) {
  164. #ifndef FIPS_MODULE
  165. /* Using engine with a key without id will not work */
  166. if (e != NULL) {
  167. ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM);
  168. return NULL;
  169. }
  170. #endif
  171. goto common;
  172. }
  173. #ifndef FIPS_MODULE
  174. /*
  175. * Here, we extract what information we can for the purpose of
  176. * supporting usage with implementations from providers, to make
  177. * for a smooth transition from legacy stuff to provider based stuff.
  178. *
  179. * If an engine is given, this is entirely legacy, and we should not
  180. * pretend anything else, so we clear the name.
  181. */
  182. if (e != NULL)
  183. keytype = NULL;
  184. if (e == NULL && (pkey == NULL || pkey->foreign == 0))
  185. keytype = OBJ_nid2sn(id);
  186. # ifndef OPENSSL_NO_ENGINE
  187. if (e == NULL && pkey != NULL)
  188. e = pkey->pmeth_engine != NULL ? pkey->pmeth_engine : pkey->engine;
  189. /* Try to find an ENGINE which implements this method */
  190. if (e != NULL) {
  191. if (!ENGINE_init(e)) {
  192. ERR_raise(ERR_LIB_EVP, ERR_R_ENGINE_LIB);
  193. return NULL;
  194. }
  195. } else {
  196. e = ENGINE_get_pkey_meth_engine(id);
  197. }
  198. /*
  199. * If an ENGINE handled this method look it up. Otherwise use internal
  200. * tables.
  201. */
  202. if (e != NULL)
  203. pmeth = ENGINE_get_pkey_meth(e, id);
  204. else
  205. # endif /* OPENSSL_NO_ENGINE */
  206. if (pkey != NULL && pkey->foreign)
  207. pmeth = EVP_PKEY_meth_find(id);
  208. else
  209. app_pmeth = pmeth = evp_pkey_meth_find_added_by_application(id);
  210. /* END legacy */
  211. #endif /* FIPS_MODULE */
  212. common:
  213. /*
  214. * If there's no engine and no app supplied pmeth and there's a name, we try
  215. * fetching a provider implementation.
  216. */
  217. if (e == NULL && app_pmeth == NULL && keytype != NULL) {
  218. /*
  219. * If |pkey| is given and is provided, we take a reference to its
  220. * keymgmt. Otherwise, we fetch one for the keytype we got. This
  221. * is to ensure that operation init functions can access what they
  222. * need through this single pointer.
  223. */
  224. if (pkey != NULL && pkey->keymgmt != NULL) {
  225. if (!EVP_KEYMGMT_up_ref(pkey->keymgmt))
  226. ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
  227. else
  228. keymgmt = pkey->keymgmt;
  229. } else {
  230. keymgmt = EVP_KEYMGMT_fetch(libctx, keytype, propquery);
  231. }
  232. if (keymgmt == NULL)
  233. return NULL; /* EVP_KEYMGMT_fetch() recorded an error */
  234. #ifndef FIPS_MODULE
  235. /*
  236. * Chase down the legacy NID, as that might be needed for diverse
  237. * purposes, such as ensure that EVP_PKEY_type() can return sensible
  238. * values. We go through all keymgmt names, because the keytype
  239. * that's passed to this function doesn't necessarily translate
  240. * directly.
  241. */
  242. if (keymgmt != NULL) {
  243. int tmp_id = evp_keymgmt_get_legacy_alg(keymgmt);
  244. if (tmp_id != NID_undef) {
  245. if (id == -1) {
  246. id = tmp_id;
  247. } else {
  248. /*
  249. * It really really shouldn't differ. If it still does,
  250. * something is very wrong.
  251. */
  252. if (!ossl_assert(id == tmp_id)) {
  253. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  254. EVP_KEYMGMT_free(keymgmt);
  255. return NULL;
  256. }
  257. }
  258. }
  259. }
  260. #endif
  261. }
  262. if (pmeth == NULL && keymgmt == NULL) {
  263. ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_ALGORITHM);
  264. } else {
  265. ret = OPENSSL_zalloc(sizeof(*ret));
  266. }
  267. #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
  268. if ((ret == NULL || pmeth == NULL) && e != NULL)
  269. ENGINE_finish(e);
  270. #endif
  271. if (ret == NULL) {
  272. EVP_KEYMGMT_free(keymgmt);
  273. return NULL;
  274. }
  275. if (propquery != NULL) {
  276. ret->propquery = OPENSSL_strdup(propquery);
  277. if (ret->propquery == NULL) {
  278. OPENSSL_free(ret);
  279. EVP_KEYMGMT_free(keymgmt);
  280. return NULL;
  281. }
  282. }
  283. ret->libctx = libctx;
  284. ret->keytype = keytype;
  285. ret->keymgmt = keymgmt;
  286. ret->legacy_keytype = id;
  287. ret->engine = e;
  288. ret->pmeth = pmeth;
  289. ret->operation = EVP_PKEY_OP_UNDEFINED;
  290. ret->pkey = pkey;
  291. if (pkey != NULL)
  292. EVP_PKEY_up_ref(pkey);
  293. if (pmeth != NULL && pmeth->init != NULL) {
  294. if (pmeth->init(ret) <= 0) {
  295. ret->pmeth = NULL;
  296. EVP_PKEY_CTX_free(ret);
  297. return NULL;
  298. }
  299. }
  300. return ret;
  301. }
  302. /*- All methods below can also be used in FIPS_MODULE */
  303. EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OSSL_LIB_CTX *libctx,
  304. const char *name,
  305. const char *propquery)
  306. {
  307. return int_ctx_new(libctx, NULL, NULL, name, propquery, -1);
  308. }
  309. EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey,
  310. const char *propquery)
  311. {
  312. return int_ctx_new(libctx, pkey, NULL, NULL, propquery, -1);
  313. }
  314. void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx)
  315. {
  316. if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
  317. if (ctx->op.sig.algctx != NULL && ctx->op.sig.signature != NULL)
  318. ctx->op.sig.signature->freectx(ctx->op.sig.algctx);
  319. EVP_SIGNATURE_free(ctx->op.sig.signature);
  320. ctx->op.sig.algctx = NULL;
  321. ctx->op.sig.signature = NULL;
  322. } else if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
  323. if (ctx->op.kex.algctx != NULL && ctx->op.kex.exchange != NULL)
  324. ctx->op.kex.exchange->freectx(ctx->op.kex.algctx);
  325. EVP_KEYEXCH_free(ctx->op.kex.exchange);
  326. ctx->op.kex.algctx = NULL;
  327. ctx->op.kex.exchange = NULL;
  328. } else if (EVP_PKEY_CTX_IS_KEM_OP(ctx)) {
  329. if (ctx->op.encap.algctx != NULL && ctx->op.encap.kem != NULL)
  330. ctx->op.encap.kem->freectx(ctx->op.encap.algctx);
  331. EVP_KEM_free(ctx->op.encap.kem);
  332. ctx->op.encap.algctx = NULL;
  333. ctx->op.encap.kem = NULL;
  334. }
  335. else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)) {
  336. if (ctx->op.ciph.algctx != NULL && ctx->op.ciph.cipher != NULL)
  337. ctx->op.ciph.cipher->freectx(ctx->op.ciph.algctx);
  338. EVP_ASYM_CIPHER_free(ctx->op.ciph.cipher);
  339. ctx->op.ciph.algctx = NULL;
  340. ctx->op.ciph.cipher = NULL;
  341. } else if (EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
  342. if (ctx->op.keymgmt.genctx != NULL && ctx->keymgmt != NULL)
  343. evp_keymgmt_gen_cleanup(ctx->keymgmt, ctx->op.keymgmt.genctx);
  344. }
  345. }
  346. void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
  347. {
  348. if (ctx == NULL)
  349. return;
  350. if (ctx->pmeth && ctx->pmeth->cleanup)
  351. ctx->pmeth->cleanup(ctx);
  352. evp_pkey_ctx_free_old_ops(ctx);
  353. #ifndef FIPS_MODULE
  354. evp_pkey_ctx_free_all_cached_data(ctx);
  355. #endif
  356. EVP_KEYMGMT_free(ctx->keymgmt);
  357. OPENSSL_free(ctx->propquery);
  358. EVP_PKEY_free(ctx->pkey);
  359. EVP_PKEY_free(ctx->peerkey);
  360. #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
  361. ENGINE_finish(ctx->engine);
  362. #endif
  363. BN_free(ctx->rsa_pubexp);
  364. OPENSSL_free(ctx);
  365. }
  366. #ifndef FIPS_MODULE
  367. void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
  368. const EVP_PKEY_METHOD *meth)
  369. {
  370. if (ppkey_id)
  371. *ppkey_id = meth->pkey_id;
  372. if (pflags)
  373. *pflags = meth->flags;
  374. }
  375. void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
  376. {
  377. int pkey_id = dst->pkey_id;
  378. int flags = dst->flags;
  379. *dst = *src;
  380. /* We only copy the function pointers so restore the other values */
  381. dst->pkey_id = pkey_id;
  382. dst->flags = flags;
  383. }
  384. void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
  385. {
  386. if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
  387. OPENSSL_free(pmeth);
  388. }
  389. EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
  390. {
  391. return int_ctx_new(NULL, pkey, e, NULL, NULL, -1);
  392. }
  393. EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
  394. {
  395. return int_ctx_new(NULL, NULL, e, NULL, NULL, id);
  396. }
  397. EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
  398. {
  399. EVP_PKEY_CTX *rctx;
  400. # ifndef OPENSSL_NO_ENGINE
  401. /* Make sure it's safe to copy a pkey context using an ENGINE */
  402. if (pctx->engine && !ENGINE_init(pctx->engine)) {
  403. ERR_raise(ERR_LIB_EVP, ERR_R_ENGINE_LIB);
  404. return 0;
  405. }
  406. # endif
  407. rctx = OPENSSL_zalloc(sizeof(*rctx));
  408. if (rctx == NULL)
  409. return NULL;
  410. if (pctx->pkey != NULL)
  411. EVP_PKEY_up_ref(pctx->pkey);
  412. rctx->pkey = pctx->pkey;
  413. rctx->operation = pctx->operation;
  414. rctx->libctx = pctx->libctx;
  415. rctx->keytype = pctx->keytype;
  416. rctx->propquery = NULL;
  417. if (pctx->propquery != NULL) {
  418. rctx->propquery = OPENSSL_strdup(pctx->propquery);
  419. if (rctx->propquery == NULL)
  420. goto err;
  421. }
  422. rctx->legacy_keytype = pctx->legacy_keytype;
  423. if (EVP_PKEY_CTX_IS_DERIVE_OP(pctx)) {
  424. if (pctx->op.kex.exchange != NULL) {
  425. rctx->op.kex.exchange = pctx->op.kex.exchange;
  426. if (!EVP_KEYEXCH_up_ref(rctx->op.kex.exchange))
  427. goto err;
  428. }
  429. if (pctx->op.kex.algctx != NULL) {
  430. if (!ossl_assert(pctx->op.kex.exchange != NULL))
  431. goto err;
  432. if (pctx->op.kex.exchange->dupctx != NULL)
  433. rctx->op.kex.algctx
  434. = pctx->op.kex.exchange->dupctx(pctx->op.kex.algctx);
  435. if (rctx->op.kex.algctx == NULL) {
  436. EVP_KEYEXCH_free(rctx->op.kex.exchange);
  437. rctx->op.kex.exchange = NULL;
  438. goto err;
  439. }
  440. return rctx;
  441. }
  442. } else if (EVP_PKEY_CTX_IS_SIGNATURE_OP(pctx)) {
  443. if (pctx->op.sig.signature != NULL) {
  444. rctx->op.sig.signature = pctx->op.sig.signature;
  445. if (!EVP_SIGNATURE_up_ref(rctx->op.sig.signature))
  446. goto err;
  447. }
  448. if (pctx->op.sig.algctx != NULL) {
  449. if (!ossl_assert(pctx->op.sig.signature != NULL))
  450. goto err;
  451. if (pctx->op.sig.signature->dupctx != NULL)
  452. rctx->op.sig.algctx
  453. = pctx->op.sig.signature->dupctx(pctx->op.sig.algctx);
  454. if (rctx->op.sig.algctx == NULL) {
  455. EVP_SIGNATURE_free(rctx->op.sig.signature);
  456. rctx->op.sig.signature = NULL;
  457. goto err;
  458. }
  459. return rctx;
  460. }
  461. } else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(pctx)) {
  462. if (pctx->op.ciph.cipher != NULL) {
  463. rctx->op.ciph.cipher = pctx->op.ciph.cipher;
  464. if (!EVP_ASYM_CIPHER_up_ref(rctx->op.ciph.cipher))
  465. goto err;
  466. }
  467. if (pctx->op.ciph.algctx != NULL) {
  468. if (!ossl_assert(pctx->op.ciph.cipher != NULL))
  469. goto err;
  470. if (pctx->op.ciph.cipher->dupctx != NULL)
  471. rctx->op.ciph.algctx
  472. = pctx->op.ciph.cipher->dupctx(pctx->op.ciph.algctx);
  473. if (rctx->op.ciph.algctx == NULL) {
  474. EVP_ASYM_CIPHER_free(rctx->op.ciph.cipher);
  475. rctx->op.ciph.cipher = NULL;
  476. goto err;
  477. }
  478. return rctx;
  479. }
  480. } else if (EVP_PKEY_CTX_IS_KEM_OP(pctx)) {
  481. if (pctx->op.encap.kem != NULL) {
  482. rctx->op.encap.kem = pctx->op.encap.kem;
  483. if (!EVP_KEM_up_ref(rctx->op.encap.kem))
  484. goto err;
  485. }
  486. if (pctx->op.encap.algctx != NULL) {
  487. if (!ossl_assert(pctx->op.encap.kem != NULL))
  488. goto err;
  489. if (pctx->op.encap.kem->dupctx != NULL)
  490. rctx->op.encap.algctx
  491. = pctx->op.encap.kem->dupctx(pctx->op.encap.algctx);
  492. if (rctx->op.encap.algctx == NULL) {
  493. EVP_KEM_free(rctx->op.encap.kem);
  494. rctx->op.encap.kem = NULL;
  495. goto err;
  496. }
  497. return rctx;
  498. }
  499. } else if (EVP_PKEY_CTX_IS_GEN_OP(pctx)) {
  500. /* Not supported - This would need a gen_dupctx() to work */
  501. goto err;
  502. }
  503. rctx->pmeth = pctx->pmeth;
  504. # ifndef OPENSSL_NO_ENGINE
  505. rctx->engine = pctx->engine;
  506. # endif
  507. if (pctx->peerkey != NULL)
  508. EVP_PKEY_up_ref(pctx->peerkey);
  509. rctx->peerkey = pctx->peerkey;
  510. if (pctx->pmeth == NULL) {
  511. if (rctx->operation == EVP_PKEY_OP_UNDEFINED) {
  512. EVP_KEYMGMT *tmp_keymgmt = pctx->keymgmt;
  513. void *provkey;
  514. provkey = evp_pkey_export_to_provider(pctx->pkey, pctx->libctx,
  515. &tmp_keymgmt, pctx->propquery);
  516. if (provkey == NULL)
  517. goto err;
  518. if (!EVP_KEYMGMT_up_ref(tmp_keymgmt))
  519. goto err;
  520. EVP_KEYMGMT_free(rctx->keymgmt);
  521. rctx->keymgmt = tmp_keymgmt;
  522. return rctx;
  523. }
  524. } else if (pctx->pmeth->copy(rctx, pctx) > 0) {
  525. return rctx;
  526. }
  527. err:
  528. rctx->pmeth = NULL;
  529. EVP_PKEY_CTX_free(rctx);
  530. return NULL;
  531. }
  532. int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
  533. {
  534. if (app_pkey_methods == NULL) {
  535. app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
  536. if (app_pkey_methods == NULL) {
  537. ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
  538. return 0;
  539. }
  540. }
  541. if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) {
  542. ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
  543. return 0;
  544. }
  545. sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
  546. return 1;
  547. }
  548. void evp_app_cleanup_int(void)
  549. {
  550. if (app_pkey_methods != NULL)
  551. sk_EVP_PKEY_METHOD_pop_free(app_pkey_methods, EVP_PKEY_meth_free);
  552. }
  553. int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth)
  554. {
  555. const EVP_PKEY_METHOD *ret;
  556. ret = sk_EVP_PKEY_METHOD_delete_ptr(app_pkey_methods, pmeth);
  557. return ret == NULL ? 0 : 1;
  558. }
  559. size_t EVP_PKEY_meth_get_count(void)
  560. {
  561. size_t rv = OSSL_NELEM(standard_methods);
  562. if (app_pkey_methods)
  563. rv += sk_EVP_PKEY_METHOD_num(app_pkey_methods);
  564. return rv;
  565. }
  566. const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx)
  567. {
  568. if (idx < OSSL_NELEM(standard_methods))
  569. return (standard_methods[idx])();
  570. if (app_pkey_methods == NULL)
  571. return NULL;
  572. idx -= OSSL_NELEM(standard_methods);
  573. if (idx >= (size_t)sk_EVP_PKEY_METHOD_num(app_pkey_methods))
  574. return NULL;
  575. return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
  576. }
  577. #endif
  578. int EVP_PKEY_CTX_is_a(EVP_PKEY_CTX *ctx, const char *keytype)
  579. {
  580. #ifndef FIPS_MODULE
  581. if (evp_pkey_ctx_is_legacy(ctx))
  582. return (ctx->pmeth->pkey_id == evp_pkey_name2type(keytype));
  583. #endif
  584. return EVP_KEYMGMT_is_a(ctx->keymgmt, keytype);
  585. }
  586. int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
  587. {
  588. switch (evp_pkey_ctx_state(ctx)) {
  589. case EVP_PKEY_STATE_PROVIDER:
  590. if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
  591. && ctx->op.kex.exchange != NULL
  592. && ctx->op.kex.exchange->set_ctx_params != NULL)
  593. return
  594. ctx->op.kex.exchange->set_ctx_params(ctx->op.kex.algctx,
  595. params);
  596. if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
  597. && ctx->op.sig.signature != NULL
  598. && ctx->op.sig.signature->set_ctx_params != NULL)
  599. return
  600. ctx->op.sig.signature->set_ctx_params(ctx->op.sig.algctx,
  601. params);
  602. if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
  603. && ctx->op.ciph.cipher != NULL
  604. && ctx->op.ciph.cipher->set_ctx_params != NULL)
  605. return
  606. ctx->op.ciph.cipher->set_ctx_params(ctx->op.ciph.algctx,
  607. params);
  608. if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
  609. && ctx->keymgmt != NULL
  610. && ctx->keymgmt->gen_set_params != NULL)
  611. return
  612. evp_keymgmt_gen_set_params(ctx->keymgmt, ctx->op.keymgmt.genctx,
  613. params);
  614. if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
  615. && ctx->op.encap.kem != NULL
  616. && ctx->op.encap.kem->set_ctx_params != NULL)
  617. return
  618. ctx->op.encap.kem->set_ctx_params(ctx->op.encap.algctx,
  619. params);
  620. break;
  621. #ifndef FIPS_MODULE
  622. case EVP_PKEY_STATE_UNKNOWN:
  623. case EVP_PKEY_STATE_LEGACY:
  624. return evp_pkey_ctx_set_params_to_ctrl(ctx, params);
  625. #endif
  626. }
  627. return 0;
  628. }
  629. int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
  630. {
  631. switch (evp_pkey_ctx_state(ctx)) {
  632. case EVP_PKEY_STATE_PROVIDER:
  633. if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
  634. && ctx->op.kex.exchange != NULL
  635. && ctx->op.kex.exchange->get_ctx_params != NULL)
  636. return
  637. ctx->op.kex.exchange->get_ctx_params(ctx->op.kex.algctx,
  638. params);
  639. if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
  640. && ctx->op.sig.signature != NULL
  641. && ctx->op.sig.signature->get_ctx_params != NULL)
  642. return
  643. ctx->op.sig.signature->get_ctx_params(ctx->op.sig.algctx,
  644. params);
  645. if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
  646. && ctx->op.ciph.cipher != NULL
  647. && ctx->op.ciph.cipher->get_ctx_params != NULL)
  648. return
  649. ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.algctx,
  650. params);
  651. if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
  652. && ctx->op.encap.kem != NULL
  653. && ctx->op.encap.kem->get_ctx_params != NULL)
  654. return
  655. ctx->op.encap.kem->get_ctx_params(ctx->op.encap.algctx,
  656. params);
  657. break;
  658. #ifndef FIPS_MODULE
  659. case EVP_PKEY_STATE_UNKNOWN:
  660. case EVP_PKEY_STATE_LEGACY:
  661. return evp_pkey_ctx_get_params_to_ctrl(ctx, params);
  662. #endif
  663. }
  664. return 0;
  665. }
  666. #ifndef FIPS_MODULE
  667. const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(const EVP_PKEY_CTX *ctx)
  668. {
  669. void *provctx;
  670. if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
  671. && ctx->op.kex.exchange != NULL
  672. && ctx->op.kex.exchange->gettable_ctx_params != NULL) {
  673. provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange));
  674. return ctx->op.kex.exchange->gettable_ctx_params(ctx->op.kex.algctx,
  675. provctx);
  676. }
  677. if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
  678. && ctx->op.sig.signature != NULL
  679. && ctx->op.sig.signature->gettable_ctx_params != NULL) {
  680. provctx = ossl_provider_ctx(
  681. EVP_SIGNATURE_get0_provider(ctx->op.sig.signature));
  682. return ctx->op.sig.signature->gettable_ctx_params(ctx->op.sig.algctx,
  683. provctx);
  684. }
  685. if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
  686. && ctx->op.ciph.cipher != NULL
  687. && ctx->op.ciph.cipher->gettable_ctx_params != NULL) {
  688. provctx = ossl_provider_ctx(
  689. EVP_ASYM_CIPHER_get0_provider(ctx->op.ciph.cipher));
  690. return ctx->op.ciph.cipher->gettable_ctx_params(ctx->op.ciph.algctx,
  691. provctx);
  692. }
  693. if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
  694. && ctx->op.encap.kem != NULL
  695. && ctx->op.encap.kem->gettable_ctx_params != NULL) {
  696. provctx = ossl_provider_ctx(EVP_KEM_get0_provider(ctx->op.encap.kem));
  697. return ctx->op.encap.kem->gettable_ctx_params(ctx->op.encap.algctx,
  698. provctx);
  699. }
  700. return NULL;
  701. }
  702. const OSSL_PARAM *EVP_PKEY_CTX_settable_params(const EVP_PKEY_CTX *ctx)
  703. {
  704. void *provctx;
  705. if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
  706. && ctx->op.kex.exchange != NULL
  707. && ctx->op.kex.exchange->settable_ctx_params != NULL) {
  708. provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange));
  709. return ctx->op.kex.exchange->settable_ctx_params(ctx->op.kex.algctx,
  710. provctx);
  711. }
  712. if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
  713. && ctx->op.sig.signature != NULL
  714. && ctx->op.sig.signature->settable_ctx_params != NULL) {
  715. provctx = ossl_provider_ctx(
  716. EVP_SIGNATURE_get0_provider(ctx->op.sig.signature));
  717. return ctx->op.sig.signature->settable_ctx_params(ctx->op.sig.algctx,
  718. provctx);
  719. }
  720. if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
  721. && ctx->op.ciph.cipher != NULL
  722. && ctx->op.ciph.cipher->settable_ctx_params != NULL) {
  723. provctx = ossl_provider_ctx(
  724. EVP_ASYM_CIPHER_get0_provider(ctx->op.ciph.cipher));
  725. return ctx->op.ciph.cipher->settable_ctx_params(ctx->op.ciph.algctx,
  726. provctx);
  727. }
  728. if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
  729. && ctx->keymgmt != NULL
  730. && ctx->keymgmt->gen_settable_params != NULL) {
  731. provctx = ossl_provider_ctx(EVP_KEYMGMT_get0_provider(ctx->keymgmt));
  732. return ctx->keymgmt->gen_settable_params(ctx->op.keymgmt.genctx,
  733. provctx);
  734. }
  735. if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
  736. && ctx->op.encap.kem != NULL
  737. && ctx->op.encap.kem->settable_ctx_params != NULL) {
  738. provctx = ossl_provider_ctx(EVP_KEM_get0_provider(ctx->op.encap.kem));
  739. return ctx->op.encap.kem->settable_ctx_params(ctx->op.encap.algctx,
  740. provctx);
  741. }
  742. return NULL;
  743. }
  744. /*
  745. * Internal helpers for stricter EVP_PKEY_CTX_{set,get}_params().
  746. *
  747. * Return 1 on success, 0 or negative for errors.
  748. *
  749. * In particular they return -2 if any of the params is not supported.
  750. *
  751. * They are not available in FIPS_MODULE as they depend on
  752. * - EVP_PKEY_CTX_{get,set}_params()
  753. * - EVP_PKEY_CTX_{gettable,settable}_params()
  754. *
  755. */
  756. int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
  757. {
  758. if (ctx == NULL || params == NULL)
  759. return 0;
  760. /*
  761. * We only check for provider side EVP_PKEY_CTX. For #legacy, we
  762. * depend on the translation that happens in EVP_PKEY_CTX_set_params()
  763. * call, and that the resulting ctrl call will return -2 if it doesn't
  764. * known the ctrl command number.
  765. */
  766. if (evp_pkey_ctx_is_provided(ctx)) {
  767. const OSSL_PARAM *settable = EVP_PKEY_CTX_settable_params(ctx);
  768. const OSSL_PARAM *p;
  769. for (p = params; p->key != NULL; p++) {
  770. /* Check the ctx actually understands this parameter */
  771. if (OSSL_PARAM_locate_const(settable, p->key) == NULL)
  772. return -2;
  773. }
  774. }
  775. return EVP_PKEY_CTX_set_params(ctx, params);
  776. }
  777. int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
  778. {
  779. if (ctx == NULL || params == NULL)
  780. return 0;
  781. /*
  782. * We only check for provider side EVP_PKEY_CTX. For #legacy, we
  783. * depend on the translation that happens in EVP_PKEY_CTX_get_params()
  784. * call, and that the resulting ctrl call will return -2 if it doesn't
  785. * known the ctrl command number.
  786. */
  787. if (evp_pkey_ctx_is_provided(ctx)) {
  788. const OSSL_PARAM *gettable = EVP_PKEY_CTX_gettable_params(ctx);
  789. const OSSL_PARAM *p;
  790. for (p = params; p->key != NULL; p++) {
  791. /* Check the ctx actually understands this parameter */
  792. if (OSSL_PARAM_locate_const(gettable, p->key) == NULL)
  793. return -2;
  794. }
  795. }
  796. return EVP_PKEY_CTX_get_params(ctx, params);
  797. }
  798. int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
  799. {
  800. OSSL_PARAM sig_md_params[2], *p = sig_md_params;
  801. /* 80 should be big enough */
  802. char name[80] = "";
  803. const EVP_MD *tmp;
  804. if (ctx == NULL || !EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
  805. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  806. /* Uses the same return values as EVP_PKEY_CTX_ctrl */
  807. return -2;
  808. }
  809. if (ctx->op.sig.algctx == NULL)
  810. return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,
  811. EVP_PKEY_CTRL_GET_MD, 0, (void *)(md));
  812. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
  813. name,
  814. sizeof(name));
  815. *p = OSSL_PARAM_construct_end();
  816. if (!EVP_PKEY_CTX_get_params(ctx, sig_md_params))
  817. return 0;
  818. tmp = evp_get_digestbyname_ex(ctx->libctx, name);
  819. if (tmp == NULL)
  820. return 0;
  821. *md = tmp;
  822. return 1;
  823. }
  824. static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
  825. int fallback, const char *param, int op,
  826. int ctrl)
  827. {
  828. OSSL_PARAM md_params[2], *p = md_params;
  829. const char *name;
  830. if (ctx == NULL || (ctx->operation & op) == 0) {
  831. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  832. /* Uses the same return values as EVP_PKEY_CTX_ctrl */
  833. return -2;
  834. }
  835. if (fallback)
  836. return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md));
  837. if (md == NULL) {
  838. name = "";
  839. } else {
  840. name = EVP_MD_get0_name(md);
  841. }
  842. *p++ = OSSL_PARAM_construct_utf8_string(param,
  843. /*
  844. * Cast away the const. This is read
  845. * only so should be safe
  846. */
  847. (char *)name, 0);
  848. *p = OSSL_PARAM_construct_end();
  849. return EVP_PKEY_CTX_set_params(ctx, md_params);
  850. }
  851. int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
  852. {
  853. return evp_pkey_ctx_set_md(ctx, md, ctx->op.sig.algctx == NULL,
  854. OSSL_SIGNATURE_PARAM_DIGEST,
  855. EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD);
  856. }
  857. int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
  858. {
  859. return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.algctx == NULL,
  860. OSSL_KDF_PARAM_DIGEST,
  861. EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_TLS_MD);
  862. }
  863. static int evp_pkey_ctx_set1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
  864. const char *param, int op, int ctrl,
  865. const unsigned char *data,
  866. int datalen)
  867. {
  868. OSSL_PARAM octet_string_params[2], *p = octet_string_params;
  869. if (ctx == NULL || (ctx->operation & op) == 0) {
  870. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  871. /* Uses the same return values as EVP_PKEY_CTX_ctrl */
  872. return -2;
  873. }
  874. /* Code below to be removed when legacy support is dropped. */
  875. if (fallback)
  876. return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, datalen, (void *)(data));
  877. /* end of legacy support */
  878. if (datalen < 0) {
  879. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
  880. return 0;
  881. }
  882. *p++ = OSSL_PARAM_construct_octet_string(param,
  883. /*
  884. * Cast away the const. This is read
  885. * only so should be safe
  886. */
  887. (unsigned char *)data,
  888. (size_t)datalen);
  889. *p = OSSL_PARAM_construct_end();
  890. return EVP_PKEY_CTX_set_params(ctx, octet_string_params);
  891. }
  892. static int evp_pkey_ctx_add1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
  893. const char *param, int op, int ctrl,
  894. const unsigned char *data,
  895. int datalen)
  896. {
  897. OSSL_PARAM os_params[2];
  898. unsigned char *info = NULL;
  899. size_t info_len = 0;
  900. size_t info_alloc = 0;
  901. int ret = 0;
  902. if (ctx == NULL || (ctx->operation & op) == 0) {
  903. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  904. /* Uses the same return values as EVP_PKEY_CTX_ctrl */
  905. return -2;
  906. }
  907. /* Code below to be removed when legacy support is dropped. */
  908. if (fallback)
  909. return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, datalen, (void *)(data));
  910. /* end of legacy support */
  911. if (datalen < 0) {
  912. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_LENGTH);
  913. return 0;
  914. } else if (datalen == 0) {
  915. return 1;
  916. }
  917. /* Get the original value length */
  918. os_params[0] = OSSL_PARAM_construct_octet_string(param, NULL, 0);
  919. os_params[1] = OSSL_PARAM_construct_end();
  920. if (!EVP_PKEY_CTX_get_params(ctx, os_params))
  921. return 0;
  922. /* Older provider that doesn't support getting this parameter */
  923. if (os_params[0].return_size == OSSL_PARAM_UNMODIFIED)
  924. return evp_pkey_ctx_set1_octet_string(ctx, fallback, param, op, ctrl, data, datalen);
  925. info_alloc = os_params[0].return_size + datalen;
  926. if (info_alloc == 0)
  927. return 0;
  928. info = OPENSSL_zalloc(info_alloc);
  929. if (info == NULL)
  930. return 0;
  931. info_len = os_params[0].return_size;
  932. os_params[0] = OSSL_PARAM_construct_octet_string(param, info, info_alloc);
  933. /* if we have data, then go get it */
  934. if (info_len > 0) {
  935. if (!EVP_PKEY_CTX_get_params(ctx, os_params))
  936. goto error;
  937. }
  938. /* Copy the input data */
  939. memcpy(&info[info_len], data, datalen);
  940. ret = EVP_PKEY_CTX_set_params(ctx, os_params);
  941. error:
  942. OPENSSL_clear_free(info, info_alloc);
  943. return ret;
  944. }
  945. int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *ctx,
  946. const unsigned char *sec, int seclen)
  947. {
  948. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  949. OSSL_KDF_PARAM_SECRET,
  950. EVP_PKEY_OP_DERIVE,
  951. EVP_PKEY_CTRL_TLS_SECRET,
  952. sec, seclen);
  953. }
  954. int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *ctx,
  955. const unsigned char *seed, int seedlen)
  956. {
  957. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  958. OSSL_KDF_PARAM_SEED,
  959. EVP_PKEY_OP_DERIVE,
  960. EVP_PKEY_CTRL_TLS_SEED,
  961. seed, seedlen);
  962. }
  963. int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
  964. {
  965. return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.algctx == NULL,
  966. OSSL_KDF_PARAM_DIGEST,
  967. EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_MD);
  968. }
  969. int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
  970. const unsigned char *salt, int saltlen)
  971. {
  972. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  973. OSSL_KDF_PARAM_SALT,
  974. EVP_PKEY_OP_DERIVE,
  975. EVP_PKEY_CTRL_HKDF_SALT,
  976. salt, saltlen);
  977. }
  978. int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
  979. const unsigned char *key, int keylen)
  980. {
  981. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  982. OSSL_KDF_PARAM_KEY,
  983. EVP_PKEY_OP_DERIVE,
  984. EVP_PKEY_CTRL_HKDF_KEY,
  985. key, keylen);
  986. }
  987. int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
  988. const unsigned char *info, int infolen)
  989. {
  990. return evp_pkey_ctx_add1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  991. OSSL_KDF_PARAM_INFO,
  992. EVP_PKEY_OP_DERIVE,
  993. EVP_PKEY_CTRL_HKDF_INFO,
  994. info, infolen);
  995. }
  996. int EVP_PKEY_CTX_set_hkdf_mode(EVP_PKEY_CTX *ctx, int mode)
  997. {
  998. OSSL_PARAM int_params[2], *p = int_params;
  999. if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
  1000. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1001. /* Uses the same return values as EVP_PKEY_CTX_ctrl */
  1002. return -2;
  1003. }
  1004. /* Code below to be removed when legacy support is dropped. */
  1005. if (ctx->op.kex.algctx == NULL)
  1006. return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE,
  1007. EVP_PKEY_CTRL_HKDF_MODE, mode, NULL);
  1008. /* end of legacy support */
  1009. if (mode < 0) {
  1010. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
  1011. return 0;
  1012. }
  1013. *p++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_MODE, &mode);
  1014. *p = OSSL_PARAM_construct_end();
  1015. return EVP_PKEY_CTX_set_params(ctx, int_params);
  1016. }
  1017. int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
  1018. int passlen)
  1019. {
  1020. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  1021. OSSL_KDF_PARAM_PASSWORD,
  1022. EVP_PKEY_OP_DERIVE,
  1023. EVP_PKEY_CTRL_PASS,
  1024. (const unsigned char *)pass, passlen);
  1025. }
  1026. int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *ctx,
  1027. const unsigned char *salt, int saltlen)
  1028. {
  1029. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
  1030. OSSL_KDF_PARAM_SALT,
  1031. EVP_PKEY_OP_DERIVE,
  1032. EVP_PKEY_CTRL_SCRYPT_SALT,
  1033. salt, saltlen);
  1034. }
  1035. static int evp_pkey_ctx_set_uint64(EVP_PKEY_CTX *ctx, const char *param,
  1036. int op, int ctrl, uint64_t val)
  1037. {
  1038. OSSL_PARAM uint64_params[2], *p = uint64_params;
  1039. if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
  1040. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1041. /* Uses the same return values as EVP_PKEY_CTX_ctrl */
  1042. return -2;
  1043. }
  1044. /* Code below to be removed when legacy support is dropped. */
  1045. if (ctx->op.kex.algctx == NULL)
  1046. return EVP_PKEY_CTX_ctrl_uint64(ctx, -1, op, ctrl, val);
  1047. /* end of legacy support */
  1048. *p++ = OSSL_PARAM_construct_uint64(param, &val);
  1049. *p = OSSL_PARAM_construct_end();
  1050. return EVP_PKEY_CTX_set_params(ctx, uint64_params);
  1051. }
  1052. int EVP_PKEY_CTX_set_scrypt_N(EVP_PKEY_CTX *ctx, uint64_t n)
  1053. {
  1054. return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_N,
  1055. EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_N,
  1056. n);
  1057. }
  1058. int EVP_PKEY_CTX_set_scrypt_r(EVP_PKEY_CTX *ctx, uint64_t r)
  1059. {
  1060. return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_R,
  1061. EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_R,
  1062. r);
  1063. }
  1064. int EVP_PKEY_CTX_set_scrypt_p(EVP_PKEY_CTX *ctx, uint64_t p)
  1065. {
  1066. return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_P,
  1067. EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_SCRYPT_P,
  1068. p);
  1069. }
  1070. int EVP_PKEY_CTX_set_scrypt_maxmem_bytes(EVP_PKEY_CTX *ctx,
  1071. uint64_t maxmem_bytes)
  1072. {
  1073. return evp_pkey_ctx_set_uint64(ctx, OSSL_KDF_PARAM_SCRYPT_MAXMEM,
  1074. EVP_PKEY_OP_DERIVE,
  1075. EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES,
  1076. maxmem_bytes);
  1077. }
  1078. int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key,
  1079. int keylen)
  1080. {
  1081. return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.keymgmt.genctx == NULL,
  1082. OSSL_PKEY_PARAM_PRIV_KEY,
  1083. EVP_PKEY_OP_KEYGEN,
  1084. EVP_PKEY_CTRL_SET_MAC_KEY,
  1085. key, keylen);
  1086. }
  1087. int EVP_PKEY_CTX_set_kem_op(EVP_PKEY_CTX *ctx, const char *op)
  1088. {
  1089. OSSL_PARAM params[2], *p = params;
  1090. if (ctx == NULL || op == NULL) {
  1091. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_VALUE);
  1092. return 0;
  1093. }
  1094. if (!EVP_PKEY_CTX_IS_KEM_OP(ctx)) {
  1095. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1096. return -2;
  1097. }
  1098. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KEM_PARAM_OPERATION,
  1099. (char *)op, 0);
  1100. *p = OSSL_PARAM_construct_end();
  1101. return EVP_PKEY_CTX_set_params(ctx, params);
  1102. }
  1103. int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, const void *id, int len)
  1104. {
  1105. return EVP_PKEY_CTX_ctrl(ctx, -1, -1,
  1106. EVP_PKEY_CTRL_SET1_ID, (int)len, (void*)(id));
  1107. }
  1108. int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id)
  1109. {
  1110. return EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_GET1_ID, 0, (void*)id);
  1111. }
  1112. int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len)
  1113. {
  1114. return EVP_PKEY_CTX_ctrl(ctx, -1, -1,
  1115. EVP_PKEY_CTRL_GET1_ID_LEN, 0, (void*)id_len);
  1116. }
  1117. static int evp_pkey_ctx_ctrl_int(EVP_PKEY_CTX *ctx, int keytype, int optype,
  1118. int cmd, int p1, void *p2)
  1119. {
  1120. int ret = 0;
  1121. /*
  1122. * If the method has a |digest_custom| function, we can relax the
  1123. * operation type check, since this can be called before the operation
  1124. * is initialized.
  1125. */
  1126. if (ctx->pmeth == NULL || ctx->pmeth->digest_custom == NULL) {
  1127. if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
  1128. ERR_raise(ERR_LIB_EVP, EVP_R_NO_OPERATION_SET);
  1129. return -1;
  1130. }
  1131. if ((optype != -1) && !(ctx->operation & optype)) {
  1132. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
  1133. return -1;
  1134. }
  1135. }
  1136. switch (evp_pkey_ctx_state(ctx)) {
  1137. case EVP_PKEY_STATE_PROVIDER:
  1138. return evp_pkey_ctx_ctrl_to_param(ctx, keytype, optype, cmd, p1, p2);
  1139. case EVP_PKEY_STATE_UNKNOWN:
  1140. case EVP_PKEY_STATE_LEGACY:
  1141. if (ctx->pmeth == NULL || ctx->pmeth->ctrl == NULL) {
  1142. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1143. return -2;
  1144. }
  1145. if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
  1146. return -1;
  1147. ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
  1148. if (ret == -2)
  1149. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1150. break;
  1151. }
  1152. return ret;
  1153. }
  1154. int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
  1155. int cmd, int p1, void *p2)
  1156. {
  1157. int ret = 0;
  1158. if (ctx == NULL) {
  1159. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1160. return -2;
  1161. }
  1162. /* If unsupported, we don't want that reported here */
  1163. ERR_set_mark();
  1164. ret = evp_pkey_ctx_store_cached_data(ctx, keytype, optype,
  1165. cmd, NULL, p2, p1);
  1166. if (ret == -2) {
  1167. ERR_pop_to_mark();
  1168. } else {
  1169. ERR_clear_last_mark();
  1170. /*
  1171. * If there was an error, there was an error.
  1172. * If the operation isn't initialized yet, we also return, as
  1173. * the saved values will be used then anyway.
  1174. */
  1175. if (ret < 1 || ctx->operation == EVP_PKEY_OP_UNDEFINED)
  1176. return ret;
  1177. }
  1178. return evp_pkey_ctx_ctrl_int(ctx, keytype, optype, cmd, p1, p2);
  1179. }
  1180. int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
  1181. int cmd, uint64_t value)
  1182. {
  1183. return EVP_PKEY_CTX_ctrl(ctx, keytype, optype, cmd, 0, &value);
  1184. }
  1185. static int evp_pkey_ctx_ctrl_str_int(EVP_PKEY_CTX *ctx,
  1186. const char *name, const char *value)
  1187. {
  1188. int ret = 0;
  1189. if (ctx == NULL) {
  1190. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1191. return -2;
  1192. }
  1193. switch (evp_pkey_ctx_state(ctx)) {
  1194. case EVP_PKEY_STATE_PROVIDER:
  1195. return evp_pkey_ctx_ctrl_str_to_param(ctx, name, value);
  1196. case EVP_PKEY_STATE_UNKNOWN:
  1197. case EVP_PKEY_STATE_LEGACY:
  1198. if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->ctrl_str == NULL) {
  1199. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1200. return -2;
  1201. }
  1202. if (strcmp(name, "digest") == 0)
  1203. ret = EVP_PKEY_CTX_md(ctx,
  1204. EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT,
  1205. EVP_PKEY_CTRL_MD, value);
  1206. else
  1207. ret = ctx->pmeth->ctrl_str(ctx, name, value);
  1208. break;
  1209. }
  1210. return ret;
  1211. }
  1212. int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
  1213. const char *name, const char *value)
  1214. {
  1215. int ret = 0;
  1216. /* If unsupported, we don't want that reported here */
  1217. ERR_set_mark();
  1218. ret = evp_pkey_ctx_store_cached_data(ctx, -1, -1, -1,
  1219. name, value, strlen(value) + 1);
  1220. if (ret == -2) {
  1221. ERR_pop_to_mark();
  1222. } else {
  1223. ERR_clear_last_mark();
  1224. /*
  1225. * If there was an error, there was an error.
  1226. * If the operation isn't initialized yet, we also return, as
  1227. * the saved values will be used then anyway.
  1228. */
  1229. if (ret < 1 || ctx->operation == EVP_PKEY_OP_UNDEFINED)
  1230. return ret;
  1231. }
  1232. return evp_pkey_ctx_ctrl_str_int(ctx, name, value);
  1233. }
  1234. static int decode_cmd(int cmd, const char *name)
  1235. {
  1236. if (cmd == -1) {
  1237. /*
  1238. * The consequence of the assertion not being true is that this
  1239. * function will return -1, which will cause the calling functions
  1240. * to signal that the command is unsupported... in non-debug mode.
  1241. */
  1242. if (ossl_assert(name != NULL))
  1243. if (strcmp(name, "distid") == 0 || strcmp(name, "hexdistid") == 0)
  1244. cmd = EVP_PKEY_CTRL_SET1_ID;
  1245. }
  1246. return cmd;
  1247. }
  1248. static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx,
  1249. int keytype, int optype,
  1250. int cmd, const char *name,
  1251. const void *data, size_t data_len)
  1252. {
  1253. /*
  1254. * Check that it's one of the supported commands. The ctrl commands
  1255. * number cases here must correspond to the cases in the bottom switch
  1256. * in this function.
  1257. */
  1258. switch (cmd = decode_cmd(cmd, name)) {
  1259. case EVP_PKEY_CTRL_SET1_ID:
  1260. break;
  1261. default:
  1262. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1263. return -2;
  1264. }
  1265. if (keytype != -1) {
  1266. switch (evp_pkey_ctx_state(ctx)) {
  1267. case EVP_PKEY_STATE_PROVIDER:
  1268. if (ctx->keymgmt == NULL) {
  1269. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1270. return -2;
  1271. }
  1272. if (!EVP_KEYMGMT_is_a(ctx->keymgmt,
  1273. evp_pkey_type2name(keytype))) {
  1274. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
  1275. return -1;
  1276. }
  1277. break;
  1278. case EVP_PKEY_STATE_UNKNOWN:
  1279. case EVP_PKEY_STATE_LEGACY:
  1280. if (ctx->pmeth == NULL) {
  1281. ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
  1282. return -2;
  1283. }
  1284. if (EVP_PKEY_type(ctx->pmeth->pkey_id) != EVP_PKEY_type(keytype)) {
  1285. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
  1286. return -1;
  1287. }
  1288. break;
  1289. }
  1290. }
  1291. if (optype != -1 && (ctx->operation & optype) == 0) {
  1292. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_OPERATION);
  1293. return -1;
  1294. }
  1295. switch (cmd) {
  1296. case EVP_PKEY_CTRL_SET1_ID:
  1297. evp_pkey_ctx_free_cached_data(ctx, cmd, name);
  1298. if (name != NULL) {
  1299. ctx->cached_parameters.dist_id_name = OPENSSL_strdup(name);
  1300. if (ctx->cached_parameters.dist_id_name == NULL)
  1301. return 0;
  1302. }
  1303. if (data_len > 0) {
  1304. ctx->cached_parameters.dist_id = OPENSSL_memdup(data, data_len);
  1305. if (ctx->cached_parameters.dist_id == NULL)
  1306. return 0;
  1307. }
  1308. ctx->cached_parameters.dist_id_set = 1;
  1309. ctx->cached_parameters.dist_id_len = data_len;
  1310. break;
  1311. }
  1312. return 1;
  1313. }
  1314. static void evp_pkey_ctx_free_cached_data(EVP_PKEY_CTX *ctx,
  1315. int cmd, const char *name)
  1316. {
  1317. cmd = decode_cmd(cmd, name);
  1318. switch (cmd) {
  1319. case EVP_PKEY_CTRL_SET1_ID:
  1320. OPENSSL_free(ctx->cached_parameters.dist_id);
  1321. OPENSSL_free(ctx->cached_parameters.dist_id_name);
  1322. ctx->cached_parameters.dist_id = NULL;
  1323. ctx->cached_parameters.dist_id_name = NULL;
  1324. break;
  1325. }
  1326. }
  1327. static void evp_pkey_ctx_free_all_cached_data(EVP_PKEY_CTX *ctx)
  1328. {
  1329. evp_pkey_ctx_free_cached_data(ctx, EVP_PKEY_CTRL_SET1_ID, NULL);
  1330. }
  1331. int evp_pkey_ctx_use_cached_data(EVP_PKEY_CTX *ctx)
  1332. {
  1333. int ret = 1;
  1334. if (ret && ctx->cached_parameters.dist_id_set) {
  1335. const char *name = ctx->cached_parameters.dist_id_name;
  1336. const void *val = ctx->cached_parameters.dist_id;
  1337. size_t len = ctx->cached_parameters.dist_id_len;
  1338. if (name != NULL)
  1339. ret = evp_pkey_ctx_ctrl_str_int(ctx, name, val);
  1340. else
  1341. ret = evp_pkey_ctx_ctrl_int(ctx, -1, ctx->operation,
  1342. EVP_PKEY_CTRL_SET1_ID,
  1343. (int)len, (void *)val);
  1344. }
  1345. return ret;
  1346. }
  1347. OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx)
  1348. {
  1349. return ctx->libctx;
  1350. }
  1351. const char *EVP_PKEY_CTX_get0_propq(const EVP_PKEY_CTX *ctx)
  1352. {
  1353. return ctx->propquery;
  1354. }
  1355. const OSSL_PROVIDER *EVP_PKEY_CTX_get0_provider(const EVP_PKEY_CTX *ctx)
  1356. {
  1357. if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
  1358. if (ctx->op.sig.signature != NULL)
  1359. return EVP_SIGNATURE_get0_provider(ctx->op.sig.signature);
  1360. } else if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
  1361. if (ctx->op.kex.exchange != NULL)
  1362. return EVP_KEYEXCH_get0_provider(ctx->op.kex.exchange);
  1363. } else if (EVP_PKEY_CTX_IS_KEM_OP(ctx)) {
  1364. if (ctx->op.encap.kem != NULL)
  1365. return EVP_KEM_get0_provider(ctx->op.encap.kem);
  1366. } else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)) {
  1367. if (ctx->op.ciph.cipher != NULL)
  1368. return EVP_ASYM_CIPHER_get0_provider(ctx->op.ciph.cipher);
  1369. } else if (EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
  1370. if (ctx->keymgmt != NULL)
  1371. return EVP_KEYMGMT_get0_provider(ctx->keymgmt);
  1372. }
  1373. return NULL;
  1374. }
  1375. /* Utility functions to send a string of hex string to a ctrl */
  1376. int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str)
  1377. {
  1378. size_t len;
  1379. len = strlen(str);
  1380. if (len > INT_MAX)
  1381. return -1;
  1382. return ctx->pmeth->ctrl(ctx, cmd, len, (void *)str);
  1383. }
  1384. int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex)
  1385. {
  1386. unsigned char *bin;
  1387. long binlen;
  1388. int rv = -1;
  1389. bin = OPENSSL_hexstr2buf(hex, &binlen);
  1390. if (bin == NULL)
  1391. return 0;
  1392. if (binlen <= INT_MAX)
  1393. rv = ctx->pmeth->ctrl(ctx, cmd, binlen, bin);
  1394. OPENSSL_free(bin);
  1395. return rv;
  1396. }
  1397. /* Pass a message digest to a ctrl */
  1398. int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md)
  1399. {
  1400. const EVP_MD *m;
  1401. if (md == NULL || (m = EVP_get_digestbyname(md)) == NULL) {
  1402. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
  1403. return 0;
  1404. }
  1405. return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, 0, (void *)m);
  1406. }
  1407. int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
  1408. {
  1409. return ctx->operation;
  1410. }
  1411. void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
  1412. {
  1413. ctx->keygen_info = dat;
  1414. ctx->keygen_info_count = datlen;
  1415. }
  1416. void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
  1417. {
  1418. ctx->data = data;
  1419. }
  1420. void *EVP_PKEY_CTX_get_data(const EVP_PKEY_CTX *ctx)
  1421. {
  1422. return ctx->data;
  1423. }
  1424. EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
  1425. {
  1426. return ctx->pkey;
  1427. }
  1428. EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
  1429. {
  1430. return ctx->peerkey;
  1431. }
  1432. void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
  1433. {
  1434. ctx->app_data = data;
  1435. }
  1436. void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
  1437. {
  1438. return ctx->app_data;
  1439. }
  1440. void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
  1441. int (*init) (EVP_PKEY_CTX *ctx))
  1442. {
  1443. pmeth->init = init;
  1444. }
  1445. void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
  1446. int (*copy) (EVP_PKEY_CTX *dst,
  1447. const EVP_PKEY_CTX *src))
  1448. {
  1449. pmeth->copy = copy;
  1450. }
  1451. void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
  1452. void (*cleanup) (EVP_PKEY_CTX *ctx))
  1453. {
  1454. pmeth->cleanup = cleanup;
  1455. }
  1456. void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
  1457. int (*paramgen_init) (EVP_PKEY_CTX *ctx),
  1458. int (*paramgen) (EVP_PKEY_CTX *ctx,
  1459. EVP_PKEY *pkey))
  1460. {
  1461. pmeth->paramgen_init = paramgen_init;
  1462. pmeth->paramgen = paramgen;
  1463. }
  1464. void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
  1465. int (*keygen_init) (EVP_PKEY_CTX *ctx),
  1466. int (*keygen) (EVP_PKEY_CTX *ctx,
  1467. EVP_PKEY *pkey))
  1468. {
  1469. pmeth->keygen_init = keygen_init;
  1470. pmeth->keygen = keygen;
  1471. }
  1472. void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
  1473. int (*sign_init) (EVP_PKEY_CTX *ctx),
  1474. int (*sign) (EVP_PKEY_CTX *ctx,
  1475. unsigned char *sig, size_t *siglen,
  1476. const unsigned char *tbs,
  1477. size_t tbslen))
  1478. {
  1479. pmeth->sign_init = sign_init;
  1480. pmeth->sign = sign;
  1481. }
  1482. void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
  1483. int (*verify_init) (EVP_PKEY_CTX *ctx),
  1484. int (*verify) (EVP_PKEY_CTX *ctx,
  1485. const unsigned char *sig,
  1486. size_t siglen,
  1487. const unsigned char *tbs,
  1488. size_t tbslen))
  1489. {
  1490. pmeth->verify_init = verify_init;
  1491. pmeth->verify = verify;
  1492. }
  1493. void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
  1494. int (*verify_recover_init) (EVP_PKEY_CTX
  1495. *ctx),
  1496. int (*verify_recover) (EVP_PKEY_CTX
  1497. *ctx,
  1498. unsigned char
  1499. *sig,
  1500. size_t *siglen,
  1501. const unsigned
  1502. char *tbs,
  1503. size_t tbslen))
  1504. {
  1505. pmeth->verify_recover_init = verify_recover_init;
  1506. pmeth->verify_recover = verify_recover;
  1507. }
  1508. void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
  1509. int (*signctx_init) (EVP_PKEY_CTX *ctx,
  1510. EVP_MD_CTX *mctx),
  1511. int (*signctx) (EVP_PKEY_CTX *ctx,
  1512. unsigned char *sig,
  1513. size_t *siglen,
  1514. EVP_MD_CTX *mctx))
  1515. {
  1516. pmeth->signctx_init = signctx_init;
  1517. pmeth->signctx = signctx;
  1518. }
  1519. void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
  1520. int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
  1521. EVP_MD_CTX *mctx),
  1522. int (*verifyctx) (EVP_PKEY_CTX *ctx,
  1523. const unsigned char *sig,
  1524. int siglen,
  1525. EVP_MD_CTX *mctx))
  1526. {
  1527. pmeth->verifyctx_init = verifyctx_init;
  1528. pmeth->verifyctx = verifyctx;
  1529. }
  1530. void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
  1531. int (*encrypt_init) (EVP_PKEY_CTX *ctx),
  1532. int (*encryptfn) (EVP_PKEY_CTX *ctx,
  1533. unsigned char *out,
  1534. size_t *outlen,
  1535. const unsigned char *in,
  1536. size_t inlen))
  1537. {
  1538. pmeth->encrypt_init = encrypt_init;
  1539. pmeth->encrypt = encryptfn;
  1540. }
  1541. void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
  1542. int (*decrypt_init) (EVP_PKEY_CTX *ctx),
  1543. int (*decrypt) (EVP_PKEY_CTX *ctx,
  1544. unsigned char *out,
  1545. size_t *outlen,
  1546. const unsigned char *in,
  1547. size_t inlen))
  1548. {
  1549. pmeth->decrypt_init = decrypt_init;
  1550. pmeth->decrypt = decrypt;
  1551. }
  1552. void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
  1553. int (*derive_init) (EVP_PKEY_CTX *ctx),
  1554. int (*derive) (EVP_PKEY_CTX *ctx,
  1555. unsigned char *key,
  1556. size_t *keylen))
  1557. {
  1558. pmeth->derive_init = derive_init;
  1559. pmeth->derive = derive;
  1560. }
  1561. void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
  1562. int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
  1563. void *p2),
  1564. int (*ctrl_str) (EVP_PKEY_CTX *ctx,
  1565. const char *type,
  1566. const char *value))
  1567. {
  1568. pmeth->ctrl = ctrl;
  1569. pmeth->ctrl_str = ctrl_str;
  1570. }
  1571. void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
  1572. int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
  1573. const unsigned char *tbs, size_t tbslen))
  1574. {
  1575. pmeth->digestsign = digestsign;
  1576. }
  1577. void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
  1578. int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
  1579. size_t siglen, const unsigned char *tbs,
  1580. size_t tbslen))
  1581. {
  1582. pmeth->digestverify = digestverify;
  1583. }
  1584. void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
  1585. int (*check) (EVP_PKEY *pkey))
  1586. {
  1587. pmeth->check = check;
  1588. }
  1589. void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
  1590. int (*check) (EVP_PKEY *pkey))
  1591. {
  1592. pmeth->public_check = check;
  1593. }
  1594. void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
  1595. int (*check) (EVP_PKEY *pkey))
  1596. {
  1597. pmeth->param_check = check;
  1598. }
  1599. void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
  1600. int (*digest_custom) (EVP_PKEY_CTX *ctx,
  1601. EVP_MD_CTX *mctx))
  1602. {
  1603. pmeth->digest_custom = digest_custom;
  1604. }
  1605. void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
  1606. int (**pinit) (EVP_PKEY_CTX *ctx))
  1607. {
  1608. *pinit = pmeth->init;
  1609. }
  1610. void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
  1611. int (**pcopy) (EVP_PKEY_CTX *dst,
  1612. const EVP_PKEY_CTX *src))
  1613. {
  1614. *pcopy = pmeth->copy;
  1615. }
  1616. void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
  1617. void (**pcleanup) (EVP_PKEY_CTX *ctx))
  1618. {
  1619. *pcleanup = pmeth->cleanup;
  1620. }
  1621. void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
  1622. int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
  1623. int (**pparamgen) (EVP_PKEY_CTX *ctx,
  1624. EVP_PKEY *pkey))
  1625. {
  1626. if (pparamgen_init)
  1627. *pparamgen_init = pmeth->paramgen_init;
  1628. if (pparamgen)
  1629. *pparamgen = pmeth->paramgen;
  1630. }
  1631. void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
  1632. int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
  1633. int (**pkeygen) (EVP_PKEY_CTX *ctx,
  1634. EVP_PKEY *pkey))
  1635. {
  1636. if (pkeygen_init)
  1637. *pkeygen_init = pmeth->keygen_init;
  1638. if (pkeygen)
  1639. *pkeygen = pmeth->keygen;
  1640. }
  1641. void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
  1642. int (**psign_init) (EVP_PKEY_CTX *ctx),
  1643. int (**psign) (EVP_PKEY_CTX *ctx,
  1644. unsigned char *sig, size_t *siglen,
  1645. const unsigned char *tbs,
  1646. size_t tbslen))
  1647. {
  1648. if (psign_init)
  1649. *psign_init = pmeth->sign_init;
  1650. if (psign)
  1651. *psign = pmeth->sign;
  1652. }
  1653. void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
  1654. int (**pverify_init) (EVP_PKEY_CTX *ctx),
  1655. int (**pverify) (EVP_PKEY_CTX *ctx,
  1656. const unsigned char *sig,
  1657. size_t siglen,
  1658. const unsigned char *tbs,
  1659. size_t tbslen))
  1660. {
  1661. if (pverify_init)
  1662. *pverify_init = pmeth->verify_init;
  1663. if (pverify)
  1664. *pverify = pmeth->verify;
  1665. }
  1666. void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
  1667. int (**pverify_recover_init) (EVP_PKEY_CTX
  1668. *ctx),
  1669. int (**pverify_recover) (EVP_PKEY_CTX
  1670. *ctx,
  1671. unsigned char
  1672. *sig,
  1673. size_t *siglen,
  1674. const unsigned
  1675. char *tbs,
  1676. size_t tbslen))
  1677. {
  1678. if (pverify_recover_init)
  1679. *pverify_recover_init = pmeth->verify_recover_init;
  1680. if (pverify_recover)
  1681. *pverify_recover = pmeth->verify_recover;
  1682. }
  1683. void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
  1684. int (**psignctx_init) (EVP_PKEY_CTX *ctx,
  1685. EVP_MD_CTX *mctx),
  1686. int (**psignctx) (EVP_PKEY_CTX *ctx,
  1687. unsigned char *sig,
  1688. size_t *siglen,
  1689. EVP_MD_CTX *mctx))
  1690. {
  1691. if (psignctx_init)
  1692. *psignctx_init = pmeth->signctx_init;
  1693. if (psignctx)
  1694. *psignctx = pmeth->signctx;
  1695. }
  1696. void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
  1697. int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
  1698. EVP_MD_CTX *mctx),
  1699. int (**pverifyctx) (EVP_PKEY_CTX *ctx,
  1700. const unsigned char *sig,
  1701. int siglen,
  1702. EVP_MD_CTX *mctx))
  1703. {
  1704. if (pverifyctx_init)
  1705. *pverifyctx_init = pmeth->verifyctx_init;
  1706. if (pverifyctx)
  1707. *pverifyctx = pmeth->verifyctx;
  1708. }
  1709. void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
  1710. int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
  1711. int (**pencryptfn) (EVP_PKEY_CTX *ctx,
  1712. unsigned char *out,
  1713. size_t *outlen,
  1714. const unsigned char *in,
  1715. size_t inlen))
  1716. {
  1717. if (pencrypt_init)
  1718. *pencrypt_init = pmeth->encrypt_init;
  1719. if (pencryptfn)
  1720. *pencryptfn = pmeth->encrypt;
  1721. }
  1722. void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
  1723. int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
  1724. int (**pdecrypt) (EVP_PKEY_CTX *ctx,
  1725. unsigned char *out,
  1726. size_t *outlen,
  1727. const unsigned char *in,
  1728. size_t inlen))
  1729. {
  1730. if (pdecrypt_init)
  1731. *pdecrypt_init = pmeth->decrypt_init;
  1732. if (pdecrypt)
  1733. *pdecrypt = pmeth->decrypt;
  1734. }
  1735. void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
  1736. int (**pderive_init) (EVP_PKEY_CTX *ctx),
  1737. int (**pderive) (EVP_PKEY_CTX *ctx,
  1738. unsigned char *key,
  1739. size_t *keylen))
  1740. {
  1741. if (pderive_init)
  1742. *pderive_init = pmeth->derive_init;
  1743. if (pderive)
  1744. *pderive = pmeth->derive;
  1745. }
  1746. void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
  1747. int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
  1748. void *p2),
  1749. int (**pctrl_str) (EVP_PKEY_CTX *ctx,
  1750. const char *type,
  1751. const char *value))
  1752. {
  1753. if (pctrl)
  1754. *pctrl = pmeth->ctrl;
  1755. if (pctrl_str)
  1756. *pctrl_str = pmeth->ctrl_str;
  1757. }
  1758. void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth,
  1759. int (**digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
  1760. const unsigned char *tbs, size_t tbslen))
  1761. {
  1762. if (digestsign)
  1763. *digestsign = pmeth->digestsign;
  1764. }
  1765. void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth,
  1766. int (**digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
  1767. size_t siglen, const unsigned char *tbs,
  1768. size_t tbslen))
  1769. {
  1770. if (digestverify)
  1771. *digestverify = pmeth->digestverify;
  1772. }
  1773. void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
  1774. int (**pcheck) (EVP_PKEY *pkey))
  1775. {
  1776. if (pcheck != NULL)
  1777. *pcheck = pmeth->check;
  1778. }
  1779. void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
  1780. int (**pcheck) (EVP_PKEY *pkey))
  1781. {
  1782. if (pcheck != NULL)
  1783. *pcheck = pmeth->public_check;
  1784. }
  1785. void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
  1786. int (**pcheck) (EVP_PKEY *pkey))
  1787. {
  1788. if (pcheck != NULL)
  1789. *pcheck = pmeth->param_check;
  1790. }
  1791. void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth,
  1792. int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
  1793. EVP_MD_CTX *mctx))
  1794. {
  1795. if (pdigest_custom != NULL)
  1796. *pdigest_custom = pmeth->digest_custom;
  1797. }
  1798. #endif /* FIPS_MODULE */