summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/evp/evp.h3
-rw-r--r--src/lib/libcrypto/evp/evp_err.c3
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h7
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c23
4 files changed, 32 insertions, 4 deletions
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index 31c26b4444..f4702ab433 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp.h,v 1.109 2022/11/10 14:46:44 jsing Exp $ */ 1/* $OpenBSD: evp.h,v 1.110 2022/11/10 15:17:30 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1447,6 +1447,7 @@ void ERR_load_EVP_strings(void);
1447#define EVP_R_NO_OPERATION_SET 149 1447#define EVP_R_NO_OPERATION_SET 149
1448#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 1448#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
1449#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 1449#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
1450#define EVP_R_ONLY_ONESHOT_SUPPORTED 177
1450#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150 1451#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
1451#define EVP_R_OPERATON_NOT_INITIALIZED 151 1452#define EVP_R_OPERATON_NOT_INITIALIZED 151
1452#define EVP_R_OUTPUT_ALIASES_INPUT 172 1453#define EVP_R_OUTPUT_ALIASES_INPUT 172
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
index 109d2d4b2e..9cf89f47fb 100644
--- a/src/lib/libcrypto/evp/evp_err.c
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_err.c,v 1.29 2022/11/10 14:46:44 jsing Exp $ */ 1/* $OpenBSD: evp_err.c,v 1.30 2022/11/10 15:17:30 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -123,6 +123,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
123 {ERR_REASON(EVP_R_NO_OPERATION_SET) , "no operation set"}, 123 {ERR_REASON(EVP_R_NO_OPERATION_SET) , "no operation set"},
124 {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"}, 124 {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"},
125 {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"}, 125 {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"},
126 {ERR_REASON(EVP_R_ONLY_ONESHOT_SUPPORTED), "only oneshot supported"},
126 {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"}, 127 {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
127 {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"}, 128 {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
128 {ERR_REASON(EVP_R_OUTPUT_ALIASES_INPUT) , "output aliases input"}, 129 {ERR_REASON(EVP_R_OUTPUT_ALIASES_INPUT) , "output aliases input"},
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
index 1e79af4c6d..dd7d2522e6 100644
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ b/src/lib/libcrypto/evp/evp_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_locl.h,v 1.28 2022/09/13 04:59:18 jsing Exp $ */ 1/* $OpenBSD: evp_locl.h,v 1.29 2022/11/10 15:17:30 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -260,6 +260,11 @@ struct evp_pkey_method_st {
260 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); 260 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
261 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); 261 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
262 262
263 int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
264 const unsigned char *tbs, size_t tbslen);
265 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
266 size_t siglen, const unsigned char *tbs, size_t tbslen);
267
263 int (*check)(EVP_PKEY *pkey); 268 int (*check)(EVP_PKEY *pkey);
264 int (*public_check)(EVP_PKEY *pkey); 269 int (*public_check)(EVP_PKEY *pkey);
265 int (*param_check)(EVP_PKEY *pkey); 270 int (*param_check)(EVP_PKEY *pkey);
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
index bd9374651a..5be924bed5 100644
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: m_sigver.c,v 1.9 2021/05/09 14:25:40 tb Exp $ */ 1/* $OpenBSD: m_sigver.c,v 1.10 2022/11/10 15:17:30 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -66,6 +66,13 @@
66#include "evp_locl.h" 66#include "evp_locl.h"
67 67
68static int 68static int
69update_oneshot_only(EVP_MD_CTX *ctx, const void *data, size_t datalen)
70{
71 EVPerror(EVP_R_ONLY_ONESHOT_SUPPORTED);
72 return 0;
73}
74
75static int
69do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, 76do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
70 ENGINE *e, EVP_PKEY *pkey, int ver) 77 ENGINE *e, EVP_PKEY *pkey, int ver)
71{ 78{
@@ -93,6 +100,9 @@ do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
93 ctx) <=0) 100 ctx) <=0)
94 return 0; 101 return 0;
95 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; 102 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
103 } else if (ctx->pctx->pmeth->digestverify != NULL) {
104 ctx->pctx->operation = EVP_PKEY_OP_VERIFY;
105 ctx->update = update_oneshot_only;
96 } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0) 106 } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
97 return 0; 107 return 0;
98 } else { 108 } else {
@@ -100,6 +110,9 @@ do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
100 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0) 110 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
101 return 0; 111 return 0;
102 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; 112 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
113 } else if (ctx->pctx->pmeth->digestsign != NULL) {
114 ctx->pctx->operation = EVP_PKEY_OP_SIGN;
115 ctx->update = update_oneshot_only;
103 } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0) 116 } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
104 return 0; 117 return 0;
105 } 118 }
@@ -190,6 +203,10 @@ int
190EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, 203EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
191 const unsigned char *tbs, size_t tbslen) 204 const unsigned char *tbs, size_t tbslen)
192{ 205{
206 if (ctx->pctx->pmeth->digestsign != NULL)
207 return ctx->pctx->pmeth->digestsign(ctx, sigret, siglen,
208 tbs, tbslen);
209
193 if (sigret != NULL) { 210 if (sigret != NULL) {
194 if (EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0) 211 if (EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0)
195 return 0; 212 return 0;
@@ -229,6 +246,10 @@ int
229EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, 246EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen,
230 const unsigned char *tbs, size_t tbslen) 247 const unsigned char *tbs, size_t tbslen)
231{ 248{
249 if (ctx->pctx->pmeth->digestverify != NULL)
250 return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen,
251 tbs, tbslen);
252
232 if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0) 253 if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0)
233 return -1; 254 return -1;
234 255
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-18 10:56:48 +0000