1 1.1 christos /* 2 1.1 christos * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * 4 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.1 christos * this file except in compliance with the License. You can obtain a copy 6 1.1 christos * in the file LICENSE in the source distribution or at 7 1.1 christos * https://www.openssl.org/source/license.html 8 1.1 christos */ 9 1.1 christos 10 1.1 christos /* 11 1.1 christos * ECDSA low level APIs are deprecated for public use, but still ok for 12 1.1 christos * internal use. 13 1.1 christos */ 14 1.1 christos #include "internal/deprecated.h" 15 1.1 christos 16 1.1 christos #include <string.h> /* memcpy */ 17 1.1 christos #include <openssl/crypto.h> 18 1.1 christos #include <openssl/core_dispatch.h> 19 1.1 christos #include <openssl/core_names.h> 20 1.1 christos #include <openssl/dsa.h> 21 1.1 christos #include <openssl/params.h> 22 1.1 christos #include <openssl/evp.h> 23 1.1 christos #include <openssl/err.h> 24 1.1 christos #include <openssl/proverr.h> 25 1.1 christos #include "internal/nelem.h" 26 1.1 christos #include "internal/sizes.h" 27 1.1 christos #include "internal/cryptlib.h" 28 1.1 christos #include "prov/providercommon.h" 29 1.1 christos #include "prov/implementations.h" 30 1.1 christos #include "prov/provider_ctx.h" 31 1.1 christos #include "prov/securitycheck.h" 32 1.1 christos #include "crypto/ec.h" 33 1.1 christos #include "prov/der_ec.h" 34 1.1 christos 35 1.1 christos static OSSL_FUNC_signature_newctx_fn ecdsa_newctx; 36 1.1 christos static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init; 37 1.1 christos static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init; 38 1.1 christos static OSSL_FUNC_signature_sign_fn ecdsa_sign; 39 1.1 christos static OSSL_FUNC_signature_verify_fn ecdsa_verify; 40 1.1 christos static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_sign_init; 41 1.1 christos static OSSL_FUNC_signature_digest_sign_update_fn ecdsa_digest_signverify_update; 42 1.1 christos static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final; 43 1.1 christos static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init; 44 1.1 christos static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update; 45 1.1 christos static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final; 46 1.1 christos static OSSL_FUNC_signature_freectx_fn ecdsa_freectx; 47 1.1 christos static OSSL_FUNC_signature_dupctx_fn ecdsa_dupctx; 48 1.1 christos static OSSL_FUNC_signature_get_ctx_params_fn ecdsa_get_ctx_params; 49 1.1 christos static OSSL_FUNC_signature_gettable_ctx_params_fn ecdsa_gettable_ctx_params; 50 1.1 christos static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_set_ctx_params; 51 1.1 christos static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_settable_ctx_params; 52 1.1 christos static OSSL_FUNC_signature_get_ctx_md_params_fn ecdsa_get_ctx_md_params; 53 1.1 christos static OSSL_FUNC_signature_gettable_ctx_md_params_fn ecdsa_gettable_ctx_md_params; 54 1.1 christos static OSSL_FUNC_signature_set_ctx_md_params_fn ecdsa_set_ctx_md_params; 55 1.1 christos static OSSL_FUNC_signature_settable_ctx_md_params_fn ecdsa_settable_ctx_md_params; 56 1.1 christos 57 1.1 christos /* 58 1.1 christos * What's passed as an actual key is defined by the KEYMGMT interface. 59 1.1 christos * We happen to know that our KEYMGMT simply passes DSA structures, so 60 1.1 christos * we use that here too. 61 1.1 christos */ 62 1.1 christos 63 1.1 christos typedef struct { 64 1.1 christos OSSL_LIB_CTX *libctx; 65 1.1 christos char *propq; 66 1.1 christos EC_KEY *ec; 67 1.1 christos char mdname[OSSL_MAX_NAME_SIZE]; 68 1.1 christos 69 1.1 christos /* 70 1.1 christos * Flag to determine if the hash function can be changed (1) or not (0) 71 1.1 christos * Because it's dangerous to change during a DigestSign or DigestVerify 72 1.1 christos * operation, this flag is cleared by their Init function, and set again 73 1.1 christos * by their Final function. 74 1.1 christos */ 75 1.1 christos unsigned int flag_allow_md : 1; 76 1.1 christos 77 1.1 christos /* The Algorithm Identifier of the combined signature algorithm */ 78 1.1 christos unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE]; 79 1.1 christos unsigned char *aid; 80 1.1 christos size_t aid_len; 81 1.1 christos size_t mdsize; 82 1.1 christos int operation; 83 1.1 christos 84 1.1 christos EVP_MD *md; 85 1.1 christos EVP_MD_CTX *mdctx; 86 1.1 christos /* 87 1.1 christos * Internally used to cache the results of calling the EC group 88 1.1 christos * sign_setup() methods which are then passed to the sign operation. 89 1.1 christos * This is used by CAVS failure tests to terminate a loop if the signature 90 1.1 christos * is not valid. 91 1.1 christos * This could of also been done with a simple flag. 92 1.1 christos */ 93 1.1 christos BIGNUM *kinv; 94 1.1 christos BIGNUM *r; 95 1.1 christos #if !defined(OPENSSL_NO_ACVP_TESTS) 96 1.1 christos /* 97 1.1 christos * This indicates that KAT (CAVS) test is running. Externally an app will 98 1.1 christos * override the random callback such that the generated private key and k 99 1.1 christos * are known. 100 1.1 christos * Normal operation will loop to choose a new k if the signature is not 101 1.1 christos * valid - but for this mode of operation it forces a failure instead. 102 1.1 christos */ 103 1.1 christos unsigned int kattest; 104 1.1 christos #endif 105 1.1 christos } PROV_ECDSA_CTX; 106 1.1 christos 107 1.1 christos static void *ecdsa_newctx(void *provctx, const char *propq) 108 1.1 christos { 109 1.1 christos PROV_ECDSA_CTX *ctx; 110 1.1 christos 111 1.1 christos if (!ossl_prov_is_running()) 112 1.1 christos return NULL; 113 1.1 christos 114 1.1 christos ctx = OPENSSL_zalloc(sizeof(PROV_ECDSA_CTX)); 115 1.1 christos if (ctx == NULL) 116 1.1 christos return NULL; 117 1.1 christos 118 1.1 christos ctx->flag_allow_md = 1; 119 1.1 christos ctx->libctx = PROV_LIBCTX_OF(provctx); 120 1.1 christos if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { 121 1.1 christos OPENSSL_free(ctx); 122 1.1 christos ctx = NULL; 123 1.1 christos ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); 124 1.1 christos } 125 1.1 christos return ctx; 126 1.1 christos } 127 1.1 christos 128 1.1 christos static int ecdsa_signverify_init(void *vctx, void *ec, 129 1.1 christos const OSSL_PARAM params[], int operation) 130 1.1 christos { 131 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 132 1.1 christos 133 1.1 christos if (!ossl_prov_is_running() 134 1.1 christos || ctx == NULL) 135 1.1 christos return 0; 136 1.1 christos 137 1.1 christos if (ec == NULL && ctx->ec == NULL) { 138 1.1 christos ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); 139 1.1 christos return 0; 140 1.1 christos } 141 1.1 christos 142 1.1 christos if (ec != NULL) { 143 1.1 christos if (!ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN)) 144 1.1 christos return 0; 145 1.1 christos if (!EC_KEY_up_ref(ec)) 146 1.1 christos return 0; 147 1.1 christos EC_KEY_free(ctx->ec); 148 1.1 christos ctx->ec = ec; 149 1.1 christos } 150 1.1 christos 151 1.1 christos ctx->operation = operation; 152 1.1 christos 153 1.1 christos if (!ecdsa_set_ctx_params(ctx, params)) 154 1.1 christos return 0; 155 1.1 christos 156 1.1 christos return 1; 157 1.1 christos } 158 1.1 christos 159 1.1 christos static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[]) 160 1.1 christos { 161 1.1 christos return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_SIGN); 162 1.1 christos } 163 1.1 christos 164 1.1 christos static int ecdsa_verify_init(void *vctx, void *ec, const OSSL_PARAM params[]) 165 1.1 christos { 166 1.1 christos return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_VERIFY); 167 1.1 christos } 168 1.1 christos 169 1.1 christos static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen, 170 1.1 christos size_t sigsize, const unsigned char *tbs, size_t tbslen) 171 1.1 christos { 172 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 173 1.1 christos int ret; 174 1.1 christos unsigned int sltmp; 175 1.1 christos size_t ecsize = ECDSA_size(ctx->ec); 176 1.1 christos 177 1.1 christos if (!ossl_prov_is_running()) 178 1.1 christos return 0; 179 1.1 christos 180 1.1 christos if (sig == NULL) { 181 1.1 christos *siglen = ecsize; 182 1.1 christos return 1; 183 1.1 christos } 184 1.1 christos 185 1.1 christos #if !defined(OPENSSL_NO_ACVP_TESTS) 186 1.1 christos if (ctx->kattest && !ECDSA_sign_setup(ctx->ec, NULL, &ctx->kinv, &ctx->r)) 187 1.1 christos return 0; 188 1.1 christos #endif 189 1.1 christos 190 1.1 christos if (sigsize < (size_t)ecsize) 191 1.1 christos return 0; 192 1.1 christos 193 1.1 christos if (ctx->mdsize != 0 && tbslen != ctx->mdsize) 194 1.1 christos return 0; 195 1.1 christos 196 1.1 christos ret = ECDSA_sign_ex(0, tbs, tbslen, sig, &sltmp, ctx->kinv, ctx->r, ctx->ec); 197 1.1 christos if (ret <= 0) 198 1.1 christos return 0; 199 1.1 christos 200 1.1 christos *siglen = sltmp; 201 1.1 christos return 1; 202 1.1 christos } 203 1.1 christos 204 1.1 christos static int ecdsa_verify(void *vctx, const unsigned char *sig, size_t siglen, 205 1.1 christos const unsigned char *tbs, size_t tbslen) 206 1.1 christos { 207 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 208 1.1 christos 209 1.1 christos if (!ossl_prov_is_running() || (ctx->mdsize != 0 && tbslen != ctx->mdsize)) 210 1.1 christos return 0; 211 1.1 christos 212 1.1 christos return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->ec); 213 1.1 christos } 214 1.1 christos 215 1.1 christos static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, 216 1.1 christos const char *mdprops) 217 1.1 christos { 218 1.1 christos EVP_MD *md = NULL; 219 1.1 christos size_t mdname_len; 220 1.1 christos int md_nid, sha1_allowed; 221 1.1 christos WPACKET pkt; 222 1.1 christos 223 1.1 christos if (mdname == NULL) 224 1.1 christos return 1; 225 1.1 christos 226 1.1 christos mdname_len = strlen(mdname); 227 1.1 christos if (mdname_len >= sizeof(ctx->mdname)) { 228 1.1 christos ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, 229 1.1 christos "%s exceeds name buffer length", mdname); 230 1.1 christos return 0; 231 1.1 christos } 232 1.1 christos if (mdprops == NULL) 233 1.1 christos mdprops = ctx->propq; 234 1.1 christos md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); 235 1.1 christos if (md == NULL) { 236 1.1 christos ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, 237 1.1 christos "%s could not be fetched", mdname); 238 1.1 christos return 0; 239 1.1 christos } 240 1.1 christos sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); 241 1.1 christos md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md, 242 1.1 christos sha1_allowed); 243 1.1 christos if (md_nid < 0) { 244 1.1 christos ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, 245 1.1 christos "digest=%s", mdname); 246 1.1 christos EVP_MD_free(md); 247 1.1 christos return 0; 248 1.1 christos } 249 1.1 christos 250 1.1 christos if (!ctx->flag_allow_md) { 251 1.1 christos if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) { 252 1.1 christos ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, 253 1.1 christos "digest %s != %s", mdname, ctx->mdname); 254 1.1 christos EVP_MD_free(md); 255 1.1 christos return 0; 256 1.1 christos } 257 1.1 christos EVP_MD_free(md); 258 1.1 christos return 1; 259 1.1 christos } 260 1.1 christos 261 1.1 christos EVP_MD_CTX_free(ctx->mdctx); 262 1.1 christos EVP_MD_free(ctx->md); 263 1.1 christos 264 1.1 christos ctx->aid_len = 0; 265 1.1 christos if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) 266 1.1 christos && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec, 267 1.1 christos md_nid) 268 1.1 christos && WPACKET_finish(&pkt)) { 269 1.1 christos WPACKET_get_total_written(&pkt, &ctx->aid_len); 270 1.1 christos ctx->aid = WPACKET_get_curr(&pkt); 271 1.1 christos } 272 1.1 christos WPACKET_cleanup(&pkt); 273 1.1 christos ctx->mdctx = NULL; 274 1.1 christos ctx->md = md; 275 1.1 christos ctx->mdsize = EVP_MD_get_size(ctx->md); 276 1.1 christos OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname)); 277 1.1 christos 278 1.1 christos return 1; 279 1.1 christos } 280 1.1 christos 281 1.1 christos static int ecdsa_digest_signverify_init(void *vctx, const char *mdname, 282 1.1 christos void *ec, const OSSL_PARAM params[], 283 1.1 christos int operation) 284 1.1 christos { 285 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 286 1.1 christos 287 1.1 christos if (!ossl_prov_is_running()) 288 1.1 christos return 0; 289 1.1 christos 290 1.1 christos if (!ecdsa_signverify_init(vctx, ec, params, operation) 291 1.1 christos || !ecdsa_setup_md(ctx, mdname, NULL)) 292 1.1 christos return 0; 293 1.1 christos 294 1.1 christos ctx->flag_allow_md = 0; 295 1.1 christos 296 1.1 christos if (ctx->mdctx == NULL) { 297 1.1 christos ctx->mdctx = EVP_MD_CTX_new(); 298 1.1 christos if (ctx->mdctx == NULL) 299 1.1 christos goto error; 300 1.1 christos } 301 1.1 christos 302 1.1 christos if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params)) 303 1.1 christos goto error; 304 1.1 christos return 1; 305 1.1 christos error: 306 1.1 christos EVP_MD_CTX_free(ctx->mdctx); 307 1.1 christos ctx->mdctx = NULL; 308 1.1 christos return 0; 309 1.1 christos } 310 1.1 christos 311 1.1 christos static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec, 312 1.1 christos const OSSL_PARAM params[]) 313 1.1 christos { 314 1.1 christos return ecdsa_digest_signverify_init(vctx, mdname, ec, params, 315 1.1 christos EVP_PKEY_OP_SIGN); 316 1.1 christos } 317 1.1 christos 318 1.1 christos static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec, 319 1.1 christos const OSSL_PARAM params[]) 320 1.1 christos { 321 1.1 christos return ecdsa_digest_signverify_init(vctx, mdname, ec, params, 322 1.1 christos EVP_PKEY_OP_VERIFY); 323 1.1 christos } 324 1.1 christos 325 1.1 christos int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data, 326 1.1 christos size_t datalen) 327 1.1 christos { 328 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 329 1.1 christos 330 1.1 christos if (ctx == NULL || ctx->mdctx == NULL) 331 1.1 christos return 0; 332 1.1 christos 333 1.1 christos return EVP_DigestUpdate(ctx->mdctx, data, datalen); 334 1.1 christos } 335 1.1 christos 336 1.1 christos int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen, 337 1.1 christos size_t sigsize) 338 1.1 christos { 339 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 340 1.1 christos unsigned char digest[EVP_MAX_MD_SIZE]; 341 1.1 christos unsigned int dlen = 0; 342 1.1 christos 343 1.1 christos if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL) 344 1.1 christos return 0; 345 1.1 christos 346 1.1 christos /* 347 1.1 christos * If sig is NULL then we're just finding out the sig size. Other fields 348 1.1 christos * are ignored. Defer to ecdsa_sign. 349 1.1 christos */ 350 1.1 christos if (sig != NULL 351 1.1 christos && !EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen)) 352 1.1 christos return 0; 353 1.1 christos ctx->flag_allow_md = 1; 354 1.1 christos return ecdsa_sign(vctx, sig, siglen, sigsize, digest, (size_t)dlen); 355 1.1 christos } 356 1.1 christos 357 1.1 christos int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig, 358 1.1 christos size_t siglen) 359 1.1 christos { 360 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 361 1.1 christos unsigned char digest[EVP_MAX_MD_SIZE]; 362 1.1 christos unsigned int dlen = 0; 363 1.1 christos 364 1.1 christos if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL) 365 1.1 christos return 0; 366 1.1 christos 367 1.1 christos if (!EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen)) 368 1.1 christos return 0; 369 1.1 christos ctx->flag_allow_md = 1; 370 1.1 christos return ecdsa_verify(ctx, sig, siglen, digest, (size_t)dlen); 371 1.1 christos } 372 1.1 christos 373 1.1 christos static void ecdsa_freectx(void *vctx) 374 1.1 christos { 375 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 376 1.1 christos 377 1.1 christos OPENSSL_free(ctx->propq); 378 1.1 christos EVP_MD_CTX_free(ctx->mdctx); 379 1.1 christos EVP_MD_free(ctx->md); 380 1.1 christos ctx->propq = NULL; 381 1.1 christos ctx->mdctx = NULL; 382 1.1 christos ctx->md = NULL; 383 1.1 christos ctx->mdsize = 0; 384 1.1 christos EC_KEY_free(ctx->ec); 385 1.1 christos BN_clear_free(ctx->kinv); 386 1.1 christos BN_clear_free(ctx->r); 387 1.1 christos OPENSSL_free(ctx); 388 1.1 christos } 389 1.1 christos 390 1.1 christos static void *ecdsa_dupctx(void *vctx) 391 1.1 christos { 392 1.1 christos PROV_ECDSA_CTX *srcctx = (PROV_ECDSA_CTX *)vctx; 393 1.1 christos PROV_ECDSA_CTX *dstctx; 394 1.1 christos 395 1.1 christos if (!ossl_prov_is_running()) 396 1.1 christos return NULL; 397 1.1 christos 398 1.1 christos dstctx = OPENSSL_zalloc(sizeof(*srcctx)); 399 1.1 christos if (dstctx == NULL) 400 1.1 christos return NULL; 401 1.1 christos 402 1.1 christos *dstctx = *srcctx; 403 1.1 christos dstctx->ec = NULL; 404 1.1 christos dstctx->md = NULL; 405 1.1 christos dstctx->mdctx = NULL; 406 1.1 christos dstctx->propq = NULL; 407 1.1 christos 408 1.1 christos if (srcctx->ec != NULL && !EC_KEY_up_ref(srcctx->ec)) 409 1.1 christos goto err; 410 1.1 christos /* Test KATS should not need to be supported */ 411 1.1 christos if (srcctx->kinv != NULL || srcctx->r != NULL) 412 1.1 christos goto err; 413 1.1 christos dstctx->ec = srcctx->ec; 414 1.1 christos 415 1.1 christos if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md)) 416 1.1 christos goto err; 417 1.1 christos dstctx->md = srcctx->md; 418 1.1 christos 419 1.1 christos if (srcctx->mdctx != NULL) { 420 1.1 christos dstctx->mdctx = EVP_MD_CTX_new(); 421 1.1 christos if (dstctx->mdctx == NULL 422 1.1 christos || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) 423 1.1 christos goto err; 424 1.1 christos } 425 1.1 christos 426 1.1 christos if (srcctx->propq != NULL) { 427 1.1 christos dstctx->propq = OPENSSL_strdup(srcctx->propq); 428 1.1 christos if (dstctx->propq == NULL) 429 1.1 christos goto err; 430 1.1 christos } 431 1.1 christos 432 1.1 christos return dstctx; 433 1.1 christos err: 434 1.1 christos ecdsa_freectx(dstctx); 435 1.1 christos return NULL; 436 1.1 christos } 437 1.1 christos 438 1.1 christos static int ecdsa_get_ctx_params(void *vctx, OSSL_PARAM *params) 439 1.1 christos { 440 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 441 1.1 christos OSSL_PARAM *p; 442 1.1 christos 443 1.1 christos if (ctx == NULL) 444 1.1 christos return 0; 445 1.1 christos 446 1.1 christos p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID); 447 1.1 christos if (p != NULL && !OSSL_PARAM_set_octet_string(p, ctx->aid, ctx->aid_len)) 448 1.1 christos return 0; 449 1.1 christos 450 1.1 christos p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); 451 1.1 christos if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->mdsize)) 452 1.1 christos return 0; 453 1.1 christos 454 1.1 christos p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST); 455 1.1 christos if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL 456 1.1 christos ? ctx->mdname 457 1.1 christos : EVP_MD_get0_name(ctx->md))) 458 1.1 christos return 0; 459 1.1 christos 460 1.1 christos return 1; 461 1.1 christos } 462 1.1 christos 463 1.1 christos static const OSSL_PARAM known_gettable_ctx_params[] = { 464 1.1 christos OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0), 465 1.1 christos OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL), 466 1.1 christos OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), 467 1.1 christos OSSL_PARAM_END 468 1.1 christos }; 469 1.1 christos 470 1.1 christos static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *vctx, 471 1.1 christos ossl_unused void *provctx) 472 1.1 christos { 473 1.1 christos return known_gettable_ctx_params; 474 1.1 christos } 475 1.1 christos 476 1.1 christos static int ecdsa_set_ctx_params(void *vctx, const OSSL_PARAM params[]) 477 1.1 christos { 478 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 479 1.1 christos const OSSL_PARAM *p; 480 1.1 christos size_t mdsize = 0; 481 1.1 christos 482 1.1 christos if (ctx == NULL) 483 1.1 christos return 0; 484 1.1 christos if (params == NULL) 485 1.1 christos return 1; 486 1.1 christos 487 1.1 christos #if !defined(OPENSSL_NO_ACVP_TESTS) 488 1.1 christos p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_KAT); 489 1.1 christos if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->kattest)) 490 1.1 christos return 0; 491 1.1 christos #endif 492 1.1 christos 493 1.1 christos p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST); 494 1.1 christos if (p != NULL) { 495 1.1 christos char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname; 496 1.1 christos char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops; 497 1.1 christos const OSSL_PARAM *propsp = 498 1.1 christos OSSL_PARAM_locate_const(params, 499 1.1 christos OSSL_SIGNATURE_PARAM_PROPERTIES); 500 1.1 christos 501 1.1 christos if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname))) 502 1.1 christos return 0; 503 1.1 christos if (propsp != NULL 504 1.1 christos && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops))) 505 1.1 christos return 0; 506 1.1 christos if (!ecdsa_setup_md(ctx, mdname, mdprops)) 507 1.1 christos return 0; 508 1.1 christos } 509 1.1 christos 510 1.1 christos p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE); 511 1.1 christos if (p != NULL) { 512 1.1 christos if (!OSSL_PARAM_get_size_t(p, &mdsize) 513 1.1 christos || (!ctx->flag_allow_md && mdsize != ctx->mdsize)) 514 1.1 christos return 0; 515 1.1 christos ctx->mdsize = mdsize; 516 1.1 christos } 517 1.1 christos 518 1.1 christos return 1; 519 1.1 christos } 520 1.1 christos 521 1.1 christos static const OSSL_PARAM settable_ctx_params[] = { 522 1.1 christos OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0), 523 1.1 christos OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL), 524 1.1 christos OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0), 525 1.1 christos OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL), 526 1.1 christos OSSL_PARAM_END 527 1.1 christos }; 528 1.1 christos 529 1.1 christos static const OSSL_PARAM settable_ctx_params_no_digest[] = { 530 1.1 christos OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL), 531 1.1 christos OSSL_PARAM_END 532 1.1 christos }; 533 1.1 christos 534 1.1 christos static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx, 535 1.1 christos ossl_unused void *provctx) 536 1.1 christos { 537 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 538 1.1 christos 539 1.1 christos if (ctx != NULL && !ctx->flag_allow_md) 540 1.1 christos return settable_ctx_params_no_digest; 541 1.1 christos return settable_ctx_params; 542 1.1 christos } 543 1.1 christos 544 1.1 christos static int ecdsa_get_ctx_md_params(void *vctx, OSSL_PARAM *params) 545 1.1 christos { 546 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 547 1.1 christos 548 1.1 christos if (ctx->mdctx == NULL) 549 1.1 christos return 0; 550 1.1 christos 551 1.1 christos return EVP_MD_CTX_get_params(ctx->mdctx, params); 552 1.1 christos } 553 1.1 christos 554 1.1 christos static const OSSL_PARAM *ecdsa_gettable_ctx_md_params(void *vctx) 555 1.1 christos { 556 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 557 1.1 christos 558 1.1 christos if (ctx->md == NULL) 559 1.1 christos return 0; 560 1.1 christos 561 1.1 christos return EVP_MD_gettable_ctx_params(ctx->md); 562 1.1 christos } 563 1.1 christos 564 1.1 christos static int ecdsa_set_ctx_md_params(void *vctx, const OSSL_PARAM params[]) 565 1.1 christos { 566 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 567 1.1 christos 568 1.1 christos if (ctx->mdctx == NULL) 569 1.1 christos return 0; 570 1.1 christos 571 1.1 christos return EVP_MD_CTX_set_params(ctx->mdctx, params); 572 1.1 christos } 573 1.1 christos 574 1.1 christos static const OSSL_PARAM *ecdsa_settable_ctx_md_params(void *vctx) 575 1.1 christos { 576 1.1 christos PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx; 577 1.1 christos 578 1.1 christos if (ctx->md == NULL) 579 1.1 christos return 0; 580 1.1 christos 581 1.1 christos return EVP_MD_settable_ctx_params(ctx->md); 582 1.1 christos } 583 1.1 christos 584 1.1 christos const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = { 585 1.1 christos { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx }, 586 1.1 christos { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init }, 587 1.1 christos { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign }, 588 1.1 christos { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init }, 589 1.1 christos { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify }, 590 1.1 christos { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, 591 1.1 christos (void (*)(void))ecdsa_digest_sign_init }, 592 1.1 christos { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, 593 1.1 christos (void (*)(void))ecdsa_digest_signverify_update }, 594 1.1 christos { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, 595 1.1 christos (void (*)(void))ecdsa_digest_sign_final }, 596 1.1 christos { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, 597 1.1 christos (void (*)(void))ecdsa_digest_verify_init }, 598 1.1 christos { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, 599 1.1 christos (void (*)(void))ecdsa_digest_signverify_update }, 600 1.1 christos { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL, 601 1.1 christos (void (*)(void))ecdsa_digest_verify_final }, 602 1.1 christos { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx }, 603 1.1 christos { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx }, 604 1.1 christos { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))ecdsa_get_ctx_params }, 605 1.1 christos { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, 606 1.1 christos (void (*)(void))ecdsa_gettable_ctx_params }, 607 1.1 christos { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))ecdsa_set_ctx_params }, 608 1.1 christos { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, 609 1.1 christos (void (*)(void))ecdsa_settable_ctx_params }, 610 1.1 christos { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS, 611 1.1 christos (void (*)(void))ecdsa_get_ctx_md_params }, 612 1.1 christos { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS, 613 1.1 christos (void (*)(void))ecdsa_gettable_ctx_md_params }, 614 1.1 christos { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS, 615 1.1 christos (void (*)(void))ecdsa_set_ctx_md_params }, 616 1.1 christos { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS, 617 1.1 christos (void (*)(void))ecdsa_settable_ctx_md_params }, 618 1.1 christos { 0, NULL } 619 1.1 christos }; 620