summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/m_sigver.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp/m_sigver.c')
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c125
1 files changed, 58 insertions, 67 deletions
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
index 7e2731f4a4..0274a72c1c 100644
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -10,7 +10,7 @@
10 * are met: 10 * are met:
11 * 11 *
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in 16 * notice, this list of conditions and the following disclaimer in
@@ -63,50 +63,42 @@
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64#include "evp_locl.h" 64#include "evp_locl.h"
65 65
66static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, 66static int
67 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey, 67do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
68 int ver) 68 ENGINE *e, EVP_PKEY *pkey, int ver)
69 { 69{
70 if (ctx->pctx == NULL) 70 if (ctx->pctx == NULL)
71 ctx->pctx = EVP_PKEY_CTX_new(pkey, e); 71 ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
72 if (ctx->pctx == NULL) 72 if (ctx->pctx == NULL)
73 return 0; 73 return 0;
74 74
75 if (type == NULL) 75 if (type == NULL) {
76 {
77 int def_nid; 76 int def_nid;
78 if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0) 77 if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
79 type = EVP_get_digestbynid(def_nid); 78 type = EVP_get_digestbynid(def_nid);
80 } 79 }
81 80
82 if (type == NULL) 81 if (type == NULL) {
83 {
84 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST); 82 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
85 return 0; 83 return 0;
86 } 84 }
87 85
88 if (ver) 86 if (ver) {
89 { 87 if (ctx->pctx->pmeth->verifyctx_init) {
90 if (ctx->pctx->pmeth->verifyctx_init) 88 if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx,
91 { 89 ctx) <=0)
92 if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <=0)
93 return 0; 90 return 0;
94 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; 91 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
95 } 92 } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
96 else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
97 return 0; 93 return 0;
98 } 94 } else {
99 else 95 if (ctx->pctx->pmeth->signctx_init) {
100 {
101 if (ctx->pctx->pmeth->signctx_init)
102 {
103 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0) 96 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
104 return 0; 97 return 0;
105 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; 98 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
106 } 99 } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
107 else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
108 return 0; 100 return 0;
109 } 101 }
110 if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0) 102 if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
111 return 0; 103 return 0;
112 if (pctx) 104 if (pctx)
@@ -114,65 +106,66 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
114 if (!EVP_DigestInit_ex(ctx, type, e)) 106 if (!EVP_DigestInit_ex(ctx, type, e))
115 return 0; 107 return 0;
116 return 1; 108 return 1;
117 } 109}
118 110
119int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, 111int
120 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) 112EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
121 { 113 ENGINE *e, EVP_PKEY *pkey)
114{
122 return do_sigver_init(ctx, pctx, type, e, pkey, 0); 115 return do_sigver_init(ctx, pctx, type, e, pkey, 0);
123 } 116}
124 117
125int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, 118int
126 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) 119EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
127 { 120 ENGINE *e, EVP_PKEY *pkey)
121{
128 return do_sigver_init(ctx, pctx, type, e, pkey, 1); 122 return do_sigver_init(ctx, pctx, type, e, pkey, 1);
129 } 123}
130 124
131int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen) 125int
132 { 126EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
127{
133 int sctx, r = 0; 128 int sctx, r = 0;
129
134 if (ctx->pctx->pmeth->signctx) 130 if (ctx->pctx->pmeth->signctx)
135 sctx = 1; 131 sctx = 1;
136 else 132 else
137 sctx = 0; 133 sctx = 0;
138 if (sigret) 134 if (sigret) {
139 {
140 EVP_MD_CTX tmp_ctx; 135 EVP_MD_CTX tmp_ctx;
141 unsigned char md[EVP_MAX_MD_SIZE]; 136 unsigned char md[EVP_MAX_MD_SIZE];
142 unsigned int mdlen; 137 unsigned int mdlen;
143 EVP_MD_CTX_init(&tmp_ctx); 138 EVP_MD_CTX_init(&tmp_ctx);
144 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) 139 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
145 return 0; 140 return 0;
146 if (sctx) 141 if (sctx)
147 r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, 142 r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
148 sigret, siglen, &tmp_ctx); 143 sigret, siglen, &tmp_ctx);
149 else 144 else
150 r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen); 145 r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
151 EVP_MD_CTX_cleanup(&tmp_ctx); 146 EVP_MD_CTX_cleanup(&tmp_ctx);
152 if (sctx || !r) 147 if (sctx || !r)
153 return r; 148 return r;
154 if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0) 149 if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
155 return 0; 150 return 0;
156 } 151 } else {
157 else 152 if (sctx) {
158 { 153 if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret,
159 if (sctx) 154 siglen, ctx) <= 0)
160 {
161 if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <= 0)
162 return 0; 155 return 0;
163 } 156 } else {
164 else
165 {
166 int s = EVP_MD_size(ctx->digest); 157 int s = EVP_MD_size(ctx->digest);
167 if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0) 158 if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen,
159 NULL, s) <= 0)
168 return 0; 160 return 0;
169 }
170 } 161 }
171 return 1;
172 } 162 }
163 return 1;
164}
173 165
174int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen) 166int
175 { 167EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
168{
176 EVP_MD_CTX tmp_ctx; 169 EVP_MD_CTX tmp_ctx;
177 unsigned char md[EVP_MAX_MD_SIZE]; 170 unsigned char md[EVP_MAX_MD_SIZE];
178 int r; 171 int r;
@@ -184,17 +177,15 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
184 else 177 else
185 vctx = 0; 178 vctx = 0;
186 EVP_MD_CTX_init(&tmp_ctx); 179 EVP_MD_CTX_init(&tmp_ctx);
187 if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx)) 180 if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
188 return -1; 181 return -1;
189 if (vctx) 182 if (vctx) {
190 { 183 r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig,
191 r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, 184 siglen, &tmp_ctx);
192 sig, siglen, &tmp_ctx); 185 } else
193 } 186 r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
194 else
195 r = EVP_DigestFinal_ex(&tmp_ctx,md,&mdlen);
196 EVP_MD_CTX_cleanup(&tmp_ctx); 187 EVP_MD_CTX_cleanup(&tmp_ctx);
197 if (vctx || !r) 188 if (vctx || !r)
198 return r; 189 return r;
199 return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen); 190 return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
200 } 191}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 08:36:00 +0000