1/* pmeth_fn.c */ 2/* 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 4 * 2006. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59 60#include <stdio.h> 61#include <stdlib.h> 62#include "cryptlib.h" 63#include <openssl/objects.h> 64#include <openssl/evp.h> 65#include "evp_locl.h" 66 67#define M_check_autoarg(ctx, arg, arglen, err) \ 68 if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \ 69 { \ 70 size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \ 71 if (!arg) \ 72 { \ 73 *arglen = pksize; \ 74 return 1; \ 75 } \ 76 else if (*arglen < pksize) \ 77 { \ 78 EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\ 79 return 0; \ 80 } \ 81 } 82 83int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) 84{ 85 int ret; 86 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { 87 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT, 88 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 89 return -2; 90 } 91 ctx->operation = EVP_PKEY_OP_SIGN; 92 if (!ctx->pmeth->sign_init) 93 return 1; 94 ret = ctx->pmeth->sign_init(ctx); 95 if (ret <= 0) 96 ctx->operation = EVP_PKEY_OP_UNDEFINED; 97 return ret; 98} 99 100int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, 101 unsigned char *sig, size_t *siglen, 102 const unsigned char *tbs, size_t tbslen) 103{ 104 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { 105 EVPerr(EVP_F_EVP_PKEY_SIGN, 106 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 107 return -2; 108 } 109 if (ctx->operation != EVP_PKEY_OP_SIGN) { 110 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED); 111 return -1; 112 } 113 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) 114 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); 115} 116 117int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) 118{ 119 int ret; 120 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { 121 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT, 122 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 123 return -2; 124 } 125 ctx->operation = EVP_PKEY_OP_VERIFY; 126 if (!ctx->pmeth->verify_init) 127 return 1; 128 ret = ctx->pmeth->verify_init(ctx); 129 if (ret <= 0) 130 ctx->operation = EVP_PKEY_OP_UNDEFINED; 131 return ret; 132} 133 134int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, 135 const unsigned char *sig, size_t siglen, 136 const unsigned char *tbs, size_t tbslen) 137{ 138 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { 139 EVPerr(EVP_F_EVP_PKEY_VERIFY, 140 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 141 return -2; 142 } 143 if (ctx->operation != EVP_PKEY_OP_VERIFY) { 144 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED); 145 return -1; 146 } 147 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen); 148} 149 150int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) 151{ 152 int ret; 153 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { 154 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT, 155 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 156 return -2; 157 } 158 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; 159 if (!ctx->pmeth->verify_recover_init) 160 return 1; 161 ret = ctx->pmeth->verify_recover_init(ctx); 162 if (ret <= 0) 163 ctx->operation = EVP_PKEY_OP_UNDEFINED; 164 return ret; 165} 166 167int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, 168 unsigned char *rout, size_t *routlen, 169 const unsigned char *sig, size_t siglen) 170{ 171 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { 172 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, 173 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 174 return -2; 175 } 176 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) { 177 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED); 178 return -1; 179 } 180 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) 181 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen); 182} 183 184int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) 185{ 186 int ret; 187 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { 188 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT, 189 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 190 return -2; 191 } 192 ctx->operation = EVP_PKEY_OP_ENCRYPT; 193 if (!ctx->pmeth->encrypt_init) 194 return 1; 195 ret = ctx->pmeth->encrypt_init(ctx); 196 if (ret <= 0) 197 ctx->operation = EVP_PKEY_OP_UNDEFINED; 198 return ret; 199} 200 201int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, 202 unsigned char *out, size_t *outlen, 203 const unsigned char *in, size_t inlen) 204{ 205 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { 206 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, 207 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 208 return -2; 209 } 210 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { 211 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 212 return -1; 213 } 214 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) 215 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); 216} 217 218int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) 219{ 220 int ret; 221 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { 222 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT, 223 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 224 return -2; 225 } 226 ctx->operation = EVP_PKEY_OP_DECRYPT; 227 if (!ctx->pmeth->decrypt_init) 228 return 1; 229 ret = ctx->pmeth->decrypt_init(ctx); 230 if (ret <= 0) 231 ctx->operation = EVP_PKEY_OP_UNDEFINED; 232 return ret; 233} 234 235int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, 236 unsigned char *out, size_t *outlen, 237 const unsigned char *in, size_t inlen) 238{ 239 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { 240 EVPerr(EVP_F_EVP_PKEY_DECRYPT, 241 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 242 return -2; 243 } 244 if (ctx->operation != EVP_PKEY_OP_DECRYPT) { 245 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 246 return -1; 247 } 248 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) 249 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); 250} 251 252int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) 253{ 254 int ret; 255 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { 256 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT, 257 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 258 return -2; 259 } 260 ctx->operation = EVP_PKEY_OP_DERIVE; 261 if (!ctx->pmeth->derive_init) 262 return 1; 263 ret = ctx->pmeth->derive_init(ctx); 264 if (ret <= 0) 265 ctx->operation = EVP_PKEY_OP_UNDEFINED; 266 return ret; 267} 268 269int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) 270{ 271 int ret; 272 if (!ctx || !ctx->pmeth 273 || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) 274 || !ctx->pmeth->ctrl) { 275 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 276 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 277 return -2; 278 } 279 if (ctx->operation != EVP_PKEY_OP_DERIVE 280 && ctx->operation != EVP_PKEY_OP_ENCRYPT 281 && ctx->operation != EVP_PKEY_OP_DECRYPT) { 282 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 283 EVP_R_OPERATON_NOT_INITIALIZED); 284 return -1; 285 } 286 287 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer); 288 289 if (ret <= 0) 290 return ret; 291 292 if (ret == 2) 293 return 1; 294 295 if (!ctx->pkey) { 296 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET); 297 return -1; 298 } 299 300 if (ctx->pkey->type != peer->type) { 301 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES); 302 return -1; 303 } 304 305 /* 306 * ran@cryptocom.ru: For clarity. The error is if parameters in peer are 307 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return 308 * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1 309 * (different key types) is impossible here because it is checked earlier. 310 * -2 is OK for us here, as well as 1, so we can check for 0 only. 311 */ 312 if (!EVP_PKEY_missing_parameters(peer) && 313 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { 314 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS); 315 return -1; 316 } 317 318 if (ctx->peerkey) 319 EVP_PKEY_free(ctx->peerkey); 320 ctx->peerkey = peer; 321 322 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer); 323 324 if (ret <= 0) { 325 ctx->peerkey = NULL; 326 return ret; 327 } 328 329 CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY); 330 return 1; 331} 332 333int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen) 334{ 335 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { 336 EVPerr(EVP_F_EVP_PKEY_DERIVE, 337 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); 338 return -2; 339 } 340 if (ctx->operation != EVP_PKEY_OP_DERIVE) { 341 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED); 342 return -1; 343 } 344 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE) 345 return ctx->pmeth->derive(ctx, key, pkeylen); 346} 347