1 files changed, 0 insertions, 271 deletions
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
deleted file mode 100644
index a3353854f1..0000000000
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/* $OpenBSD: m_sigver.c,v 1.27 2024/04/09 13:52:41 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006,2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include "evp_local.h"
-static int
-update_oneshot_only(EVP_MD_CTX *ctx, const void *data, size_t datalen)
-{
-        EVPerror(EVP_R_ONLY_ONESHOT_SUPPORTED);
-        return 0;
-}
-static int
-do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
-    EVP_PKEY *pkey, int ver)
-{
-        if (ctx->pctx == NULL)
-                ctx->pctx = EVP_PKEY_CTX_new(pkey, NULL);
-        if (ctx->pctx == NULL)
-                return 0;
-        if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {
-                if (type == NULL) {
-                        int def_nid;
-                        if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
-                                type = EVP_get_digestbynid(def_nid);
-                }
-                if (type == NULL) {
-                        EVPerror(EVP_R_NO_DEFAULT_DIGEST);
-                        return 0;
-                }
-        }
-        if (ver) {
-                if (ctx->pctx->pmeth->digestverify != NULL) {
-                        ctx->pctx->operation = EVP_PKEY_OP_VERIFY;
-                        ctx->update = update_oneshot_only;
-                } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
-                        return 0;
-        } else {
-                if (ctx->pctx->pmeth->signctx_init) {
-                        if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
-                                return 0;
-                        ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
-                } else if (ctx->pctx->pmeth->digestsign != NULL) {
-                        ctx->pctx->operation = EVP_PKEY_OP_SIGN;
-                        ctx->update = update_oneshot_only;
-                } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
-                        return 0;
-        }
-        if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
-                return 0;
-        if (pctx)
-                *pctx = ctx->pctx;
-        if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
-                return 1;
-        if (!EVP_DigestInit_ex(ctx, type, NULL))
-                return 0;
-        return 1;
-}
-int
-EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
-    ENGINE *e, EVP_PKEY *pkey)
-{
-        return do_sigver_init(ctx, pctx, type, pkey, 0);
-}
-LCRYPTO_ALIAS(EVP_DigestSignInit);
-int
-EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
-    ENGINE *e, EVP_PKEY *pkey)
-{
-        return do_sigver_init(ctx, pctx, type, pkey, 1);
-}
-LCRYPTO_ALIAS(EVP_DigestVerifyInit);
-static int
-evp_digestsignfinal_sigctx_custom(EVP_MD_CTX *ctx, unsigned char *sigret,
-    size_t *siglen)
-{
-        EVP_PKEY_CTX *pctx = ctx->pctx;
-        EVP_PKEY_CTX *dctx = NULL;
-        int ret = 0;
-        if (sigret == NULL)
-                return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
-        /* XXX - support EVP_MD_CTX_FLAG_FINALISE? */
-        if ((dctx = EVP_PKEY_CTX_dup(pctx)) == NULL)
-                goto err;
-        if (!dctx->pmeth->signctx(dctx, sigret, siglen, ctx))
-                goto err;
-        ret = 1;
- err:
-        EVP_PKEY_CTX_free(dctx);
-        return ret;
-}
-int
-EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
-{
-        EVP_PKEY_CTX *pctx = ctx->pctx;
-        EVP_MD_CTX *md_ctx = NULL;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        unsigned int mdlen = 0;
-        int s;
-        int ret = 0;
-        if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
-                return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen);
-        if (sigret == NULL) {
-                if (ctx->pctx->pmeth->signctx != NULL) {
-                        if (ctx->pctx->pmeth->signctx(ctx->pctx, NULL,
-                            siglen, ctx) <= 0)
-                                return 0;
-                        return 1;
-                }
-                if ((s = EVP_MD_size(ctx->digest)) < 0)
-                        return 0;
-                if (EVP_PKEY_sign(ctx->pctx, NULL, siglen, NULL, s) <= 0)
-                        return 0;
-                return 1;
-        }
-        /* Use a copy since EVP_DigestFinal_ex() clears secrets. */
-        if ((md_ctx = EVP_MD_CTX_new()) == NULL)
-                goto err;
-        if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
-                goto err;
-        if (md_ctx->pctx->pmeth->signctx != NULL) {
-                if (md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
-                    sigret, siglen, md_ctx) <= 0)
-                        goto err;
-        } else {
-                if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
-                        goto err;
-                /* Use the original ctx since secrets were cleared. */
-                if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
-                        goto err;
-        }
-        ret = 1;
- err:
-        EVP_MD_CTX_free(md_ctx);
-        return ret;
-}
-LCRYPTO_ALIAS(EVP_DigestSignFinal);
-int
-EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-        if (ctx->pctx->pmeth->digestsign != NULL)
-                return ctx->pctx->pmeth->digestsign(ctx, sigret, siglen,
-                    tbs, tbslen);
-        if (sigret != NULL) {
-                if (EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0)
-                        return 0;
-        }
-        return EVP_DigestSignFinal(ctx, sigret, siglen);
-}
-LCRYPTO_ALIAS(EVP_DigestSign);
-int
-EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen)
-{
-        EVP_MD_CTX tmp_ctx;
-        unsigned char md[EVP_MAX_MD_SIZE];
-        int r;
-        unsigned int mdlen = 0;
-        EVP_MD_CTX_legacy_clear(&tmp_ctx);
-        if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-                return -1;
-        r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
-        EVP_MD_CTX_cleanup(&tmp_ctx);
-        if (!r)
-                return r;
-        return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
-}
-LCRYPTO_ALIAS(EVP_DigestVerifyFinal);
-int
-EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-        if (ctx->pctx->pmeth->digestverify != NULL)
-                return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen,
-                    tbs, tbslen);
-        if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0)
-                return -1;
-        return EVP_DigestVerifyFinal(ctx, sigret, siglen);
-}
-LCRYPTO_ALIAS(EVP_DigestVerify);

diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c deleted file mode 100644 index a3353854f1..0000000000 --- a/src/lib/libcrypto/evp/m_sigver.c +++ /dev/null
@@ -1,271 +0,0 @@
1	/* $OpenBSD: m_sigver.c,v 1.27 2024/04/09 13:52:41 beck Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.
4	*/
5	/* ====================================================================
6	* Copyright (c) 2006,2007 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58
59	#include <stdio.h>
60
61	#include <openssl/err.h>
62	#include <openssl/evp.h>
63	#include <openssl/objects.h>
64	#include <openssl/x509.h>
65
66	#include "evp_local.h"
67
68	static int
69	update_oneshot_only(EVP_MD_CTX ctx, const void data, size_t datalen)
70	{
71	EVPerror(EVP_R_ONLY_ONESHOT_SUPPORTED);
72	return 0;
73	}
74
75	static int
76	do_sigver_init(EVP_MD_CTX ctx, EVP_PKEY_CTX pctx, const EVP_MD type,
77	EVP_PKEY *pkey, int ver)
78	{
79	if (ctx->pctx == NULL)
80	ctx->pctx = EVP_PKEY_CTX_new(pkey, NULL);
81	if (ctx->pctx == NULL)
82	return 0;
83
84	if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {
85	if (type == NULL) {
86	int def_nid;
87	if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
88	type = EVP_get_digestbynid(def_nid);
89	}
90
91	if (type == NULL) {
92	EVPerror(EVP_R_NO_DEFAULT_DIGEST);
93	return 0;
94	}
95	}
96
97	if (ver) {
98	if (ctx->pctx->pmeth->digestverify != NULL) {
99	ctx->pctx->operation = EVP_PKEY_OP_VERIFY;
100	ctx->update = update_oneshot_only;
101	} else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
102	return 0;
103	} else {
104	if (ctx->pctx->pmeth->signctx_init) {
105	if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
106	return 0;
107	ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
108	} else if (ctx->pctx->pmeth->digestsign != NULL) {
109	ctx->pctx->operation = EVP_PKEY_OP_SIGN;
110	ctx->update = update_oneshot_only;
111	} else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
112	return 0;
113	}
114	if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
115	return 0;
116	if (pctx)
117	*pctx = ctx->pctx;
118	if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
119	return 1;
120	if (!EVP_DigestInit_ex(ctx, type, NULL))
121	return 0;
122	return 1;
123	}
124
125	int
126	EVP_DigestSignInit(EVP_MD_CTX ctx, EVP_PKEY_CTX pctx, const EVP_MD type,
127	ENGINE e, EVP_PKEY pkey)
128	{
129	return do_sigver_init(ctx, pctx, type, pkey, 0);
130	}
131	LCRYPTO_ALIAS(EVP_DigestSignInit);
132
133	int
134	EVP_DigestVerifyInit(EVP_MD_CTX ctx, EVP_PKEY_CTX pctx, const EVP_MD type,
135	ENGINE e, EVP_PKEY pkey)
136	{
137	return do_sigver_init(ctx, pctx, type, pkey, 1);
138	}
139	LCRYPTO_ALIAS(EVP_DigestVerifyInit);
140
141	static int
142	evp_digestsignfinal_sigctx_custom(EVP_MD_CTX ctx, unsigned char sigret,
143	size_t *siglen)
144	{
145	EVP_PKEY_CTX *pctx = ctx->pctx;
146	EVP_PKEY_CTX *dctx = NULL;
147	int ret = 0;
148
149	if (sigret == NULL)
150	return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
151
152	/* XXX - support EVP_MD_CTX_FLAG_FINALISE? */
153	if ((dctx = EVP_PKEY_CTX_dup(pctx)) == NULL)
154	goto err;
155
156	if (!dctx->pmeth->signctx(dctx, sigret, siglen, ctx))
157	goto err;
158
159	ret = 1;
160
161	err:
162	EVP_PKEY_CTX_free(dctx);
163
164	return ret;
165	}
166
167	int
168	EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen)
169	{
170	EVP_PKEY_CTX *pctx = ctx->pctx;
171	EVP_MD_CTX *md_ctx = NULL;
172	unsigned char md[EVP_MAX_MD_SIZE];
173	unsigned int mdlen = 0;
174	int s;
175	int ret = 0;
176
177	if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
178	return evp_digestsignfinal_sigctx_custom(ctx, sigret, siglen);
179
180	if (sigret == NULL) {
181	if (ctx->pctx->pmeth->signctx != NULL) {
182	if (ctx->pctx->pmeth->signctx(ctx->pctx, NULL,
183	siglen, ctx) <= 0)
184	return 0;
185	return 1;
186	}
187
188	if ((s = EVP_MD_size(ctx->digest)) < 0)
189	return 0;
190	if (EVP_PKEY_sign(ctx->pctx, NULL, siglen, NULL, s) <= 0)
191	return 0;
192
193	return 1;
194	}
195
196	/* Use a copy since EVP_DigestFinal_ex() clears secrets. */
197	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
198	goto err;
199	if (!EVP_MD_CTX_copy_ex(md_ctx, ctx))
200	goto err;
201	if (md_ctx->pctx->pmeth->signctx != NULL) {
202	if (md_ctx->pctx->pmeth->signctx(md_ctx->pctx,
203	sigret, siglen, md_ctx) <= 0)
204	goto err;
205	} else {
206	if (!EVP_DigestFinal_ex(md_ctx, md, &mdlen))
207	goto err;
208	/* Use the original ctx since secrets were cleared. */
209	if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
210	goto err;
211	}
212
213	ret = 1;
214
215	err:
216	EVP_MD_CTX_free(md_ctx);
217
218	return ret;
219	}
220	LCRYPTO_ALIAS(EVP_DigestSignFinal);
221
222	int
223	EVP_DigestSign(EVP_MD_CTX ctx, unsigned char sigret, size_t *siglen,
224	const unsigned char *tbs, size_t tbslen)
225	{
226	if (ctx->pctx->pmeth->digestsign != NULL)
227	return ctx->pctx->pmeth->digestsign(ctx, sigret, siglen,
228	tbs, tbslen);
229
230	if (sigret != NULL) {
231	if (EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0)
232	return 0;
233	}
234
235	return EVP_DigestSignFinal(ctx, sigret, siglen);
236	}
237	LCRYPTO_ALIAS(EVP_DigestSign);
238
239	int
240	EVP_DigestVerifyFinal(EVP_MD_CTX ctx, const unsigned char sig, size_t siglen)
241	{
242	EVP_MD_CTX tmp_ctx;
243	unsigned char md[EVP_MAX_MD_SIZE];
244	int r;
245	unsigned int mdlen = 0;
246
247	EVP_MD_CTX_legacy_clear(&tmp_ctx);
248	if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
249	return -1;
250	r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
251	EVP_MD_CTX_cleanup(&tmp_ctx);
252	if (!r)
253	return r;
254	return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
255	}
256	LCRYPTO_ALIAS(EVP_DigestVerifyFinal);
257
258	int
259	EVP_DigestVerify(EVP_MD_CTX ctx, const unsigned char sigret, size_t siglen,
260	const unsigned char *tbs, size_t tbslen)
261	{
262	if (ctx->pctx->pmeth->digestverify != NULL)
263	return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen,
264	tbs, tbslen);
265
266	if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0)
267	return -1;
268
269	return EVP_DigestVerifyFinal(ctx, sigret, siglen);
270	}
271	LCRYPTO_ALIAS(EVP_DigestVerify);