kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
66 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Struktur: 114a711f8b
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „114a711f8b“
${ noResults }
boringssl/crypto/evp/evp_ctx.c

549 Zeilen
16 KiB
Originalformat Blame Verlauf 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/evp.h>

  58. 

  59. #include <stdio.h>

  60. 

  61. #include <openssl/err.h>

  62. #include <openssl/mem.h>

  63. #include <openssl/obj.h>

  64. 

  65. #include "internal.h"

  66. 

  67. 

  68. extern const EVP_PKEY_METHOD rsa_pkey_meth;

  69. extern const EVP_PKEY_METHOD hmac_pkey_meth;

  70. extern const EVP_PKEY_METHOD ec_pkey_meth;

  71. 

  72. static const EVP_PKEY_METHOD *evp_methods[] = {

  73.   &rsa_pkey_meth,

  74.   &hmac_pkey_meth,

  75.   &ec_pkey_meth,

  76. };

  77. 

  78. static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) {

  79.   unsigned i;

  80. 

  81.   for (i = 0; i < sizeof(evp_methods)/sizeof(EVP_PKEY_METHOD*); i++) {

  82.     if (evp_methods[i]->pkey_id == type) {

  83.       return evp_methods[i];

  84.     }

  85.   }

  86. 

  87.   return NULL;

  88. }

  89. 

  90. static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) {

  91.   EVP_PKEY_CTX *ret;

  92.   const EVP_PKEY_METHOD *pmeth;

  93. 

  94.   if (id == -1) {

  95.     if (!pkey || !pkey->ameth) {

  96.       return NULL;

  97.     }

  98.     id = pkey->ameth->pkey_id;

  99.   }

  100. 

  101.   pmeth = evp_pkey_meth_find(id);

  102. 

  103.   if (pmeth == NULL) {

  104.     OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, EVP_R_UNSUPPORTED_ALGORITHM);

  105.     const char *name = OBJ_nid2sn(id);

  106.     ERR_add_error_dataf("algorithm %d (%s)", id, name);

  107.     return NULL;

  108.   }

  109. 

  110.   ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));

  111.   if (!ret) {

  112.     OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, ERR_R_MALLOC_FAILURE);

  113.     return NULL;

  114.   }

  115.   memset(ret, 0, sizeof(EVP_PKEY_CTX));

  116. 

  117.   ret->engine = e;

  118.   ret->pmeth = pmeth;

  119.   ret->operation = EVP_PKEY_OP_UNDEFINED;

  120. 

  121.   if (pkey) {

  122.     ret->pkey = pkey;

  123.     CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);

  124.   }

  125. 

  126.   if (pmeth->init) {

  127.     if (pmeth->init(ret) <= 0) {

  128.       EVP_PKEY_CTX_free(ret);

  129.       return NULL;

  130.     }

  131.   }

  132. 

  133.   return ret;

  134. }

  135. 

  136. EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) {

  137.   return evp_pkey_ctx_new(pkey, e, -1);

  138. }

  139. 

  140. EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) {

  141.   return evp_pkey_ctx_new(NULL, e, id);

  142. }

  143. 

  144. void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) {

  145.   if (ctx == NULL) {

  146.     return;

  147.   }

  148.   if (ctx->pmeth && ctx->pmeth->cleanup) {

  149.     ctx->pmeth->cleanup(ctx);

  150.   }

  151.   if (ctx->pkey) {

  152.     EVP_PKEY_free(ctx->pkey);

  153.   }

  154.   if (ctx->peerkey) {

  155.     EVP_PKEY_free(ctx->peerkey);

  156.   }

  157.   OPENSSL_free(ctx);

  158. }

  159. 

  160. EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) {

  161.   EVP_PKEY_CTX *rctx;

  162. 

  163.   if (!pctx->pmeth || !pctx->pmeth->copy) {

  164.     return NULL;

  165.   }

  166. 

  167.   rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));

  168.   if (!rctx) {

  169.     return NULL;

  170.   }

  171. 

  172.   memset(rctx, 0, sizeof(EVP_PKEY_CTX));

  173. 

  174.   rctx->pmeth = pctx->pmeth;

  175.   rctx->engine = pctx->engine;

  176.   rctx->operation = pctx->operation;

  177. 

  178.   if (pctx->pkey) {

  179.     CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);

  180.   }

  181.   rctx->pkey = pctx->pkey;

  182. 

  183.   if (pctx->peerkey) {

  184.     CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);

  185.   }

  186.   rctx->peerkey = pctx->peerkey;

  187. 

  188.   if (pctx->pmeth->copy(rctx, pctx) > 0) {

  189.     return rctx;

  190.   }

  191. 

  192.   EVP_PKEY_CTX_free(rctx);

  193.   return NULL;

  194. }

  195. 

  196. EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) { return ctx->pkey; }

  197. 

  198. void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data) {

  199.   ctx->app_data = data;

  200. }

  201. 

  202. void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; }

  203. 

  204. int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,

  205.                       int p1, void *p2) {

  206.   int ret;

  207.   if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {

  208.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_COMMAND_NOT_SUPPORTED);

  209.     return -2;

  210.   }

  211.   if (keytype != -1 && ctx->pmeth->pkey_id != keytype) {

  212.     return -1;

  213.   }

  214. 

  215.   if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {

  216.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_NO_OPERATION_SET);

  217.     return -1;

  218.   }

  219. 

  220.   if (optype != -1 && !(ctx->operation & optype)) {

  221.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_INVALID_OPERATION);

  222.     return -1;

  223.   }

  224. 

  225.   ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);

  226. 

  227.   if (ret == -2) {

  228.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_COMMAND_NOT_SUPPORTED);

  229.   }

  230. 

  231.   return ret;

  232. }

  233. 

  234. int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) {

  235.   int ret;

  236.   if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {

  237.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign_init,

  238.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  239.     return 0;

  240.   }

  241. 

  242.   ctx->operation = EVP_PKEY_OP_SIGN;

  243.   if (!ctx->pmeth->sign_init) {

  244.     return 1;

  245.   }

  246. 

  247.   ret = ctx->pmeth->sign_init(ctx);

  248.   /* TODO(fork): normalise the return value convention. */

  249.   if (ret <= 0) {

  250.     ctx->operation = EVP_PKEY_OP_UNDEFINED;

  251.     return 0;

  252.   }

  253. 

  254.   return ret;

  255. }

  256. 

  257. static int check_autoarg(const EVP_PKEY_CTX *ctx, const uint8_t *arg,

  258.                          size_t *arg_len) {

  259.   size_t size;

  260. 

  261.   if (0 == (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN)) {

  262.     return 1;

  263.   }

  264. 

  265.   size = EVP_PKEY_size(ctx->pkey);

  266.   if (arg == NULL) {

  267.     *arg_len = size;

  268.     return 1;

  269.   }

  270. 

  271.   if (*arg_len < size) {

  272.     return 0;

  273.   }

  274. 

  275.   return 1;

  276. }

  277. 

  278. int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len,

  279.                   const uint8_t *data, size_t data_len) {

  280.   if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {

  281.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign,

  282.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  283.     return 0;

  284.   }

  285.   if (ctx->operation != EVP_PKEY_OP_SIGN) {

  286.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, EVP_R_OPERATON_NOT_INITIALIZED);

  287.     return 0;

  288.   }

  289.   if (!check_autoarg(ctx, sig, sig_len)) {

  290.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign,

  291.                       EVP_R_BUFFER_TOO_SMALL);

  292.     return 0;

  293.   }

  294.   return ctx->pmeth->sign(ctx, sig, sig_len, data, data_len);

  295. }

  296. 

  297. int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) {

  298.   int ret;

  299. 

  300.   if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {

  301.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify_init,

  302.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  303.     return -2;

  304.   }

  305.   ctx->operation = EVP_PKEY_OP_VERIFY;

  306.   if (!ctx->pmeth->verify_init) {

  307.     return 1;

  308.   }

  309.   ret = ctx->pmeth->verify_init(ctx);

  310.   if (ret <= 0) {

  311.     ctx->operation = EVP_PKEY_OP_UNDEFINED;

  312.   }

  313.   return ret;

  314. }

  315. 

  316. int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len,

  317.                     const uint8_t *data, size_t data_len) {

  318.   if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {

  319.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify,

  320.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  321.     return -2;

  322.   }

  323.   if (ctx->operation != EVP_PKEY_OP_VERIFY) {

  324.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, EVP_R_OPERATON_NOT_INITIALIZED);

  325.     return -1;

  326.   }

  327.   return ctx->pmeth->verify(ctx, sig, sig_len, data, data_len);

  328. }

  329. 

  330. int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) {

  331.   int ret;

  332.   if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {

  333.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt_init,

  334.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  335.     return -2;

  336.   }

  337.   ctx->operation = EVP_PKEY_OP_ENCRYPT;

  338.   if (!ctx->pmeth->encrypt_init) {

  339.     return 1;

  340.   }

  341.   ret = ctx->pmeth->encrypt_init(ctx);

  342.   if (ret <= 0) {

  343.     ctx->operation = EVP_PKEY_OP_UNDEFINED;

  344.   }

  345.   return ret;

  346. }

  347. 

  348. int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen,

  349.                      const uint8_t *in, size_t inlen) {

  350.   if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {

  351.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt,

  352.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  353.     return -2;

  354.   }

  355.   if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {

  356.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, EVP_R_OPERATON_NOT_INITIALIZED);

  357.     return -1;

  358.   }

  359.   if (!check_autoarg(ctx, out, outlen)) {

  360.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, EVP_R_BUFFER_TOO_SMALL);

  361.     return 0;

  362.   }

  363.   return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);

  364. }

  365. 

  366. int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) {

  367.   int ret;

  368. 

  369.   if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {

  370.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt_init,

  371.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  372.     return -2;

  373.   }

  374.   ctx->operation = EVP_PKEY_OP_DECRYPT;

  375.   if (!ctx->pmeth->decrypt_init) {

  376.     return 1;

  377.   }

  378.   ret = ctx->pmeth->decrypt_init(ctx);

  379.   if (ret <= 0) {

  380.     ctx->operation = EVP_PKEY_OP_UNDEFINED;

  381.   }

  382.   return ret;

  383. }

  384. 

  385. int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen,

  386.                      const uint8_t *in, size_t inlen) {

  387.   if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {

  388.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt,

  389.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  390.     return -2;

  391.   }

  392.   if (ctx->operation != EVP_PKEY_OP_DECRYPT) {

  393.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, EVP_R_OPERATON_NOT_INITIALIZED);

  394.     return -1;

  395.   }

  396.   if (!check_autoarg(ctx, out, outlen)) {

  397.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, EVP_R_BUFFER_TOO_SMALL);

  398.     return 0;

  399.   }

  400.   return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);

  401. }

  402. 

  403. int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) {

  404.   int ret;

  405.   if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {

  406.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_init,

  407.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  408.     return -2;

  409.   }

  410.   ctx->operation = EVP_PKEY_OP_DERIVE;

  411.   if (!ctx->pmeth->derive_init) {

  412.     return 1;

  413.   }

  414.   ret = ctx->pmeth->derive_init(ctx);

  415.   if (ret <= 0) {

  416.     ctx->operation = EVP_PKEY_OP_UNDEFINED;

  417.   }

  418.   return ret;

  419. }

  420. 

  421. int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) {

  422.   int ret;

  423.   if (!ctx || !ctx->pmeth ||

  424.       !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||

  425.       !ctx->pmeth->ctrl) {

  426.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer,

  427.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  428.     return -2;

  429.   }

  430.   if (ctx->operation != EVP_PKEY_OP_DERIVE &&

  431.       ctx->operation != EVP_PKEY_OP_ENCRYPT &&

  432.       ctx->operation != EVP_PKEY_OP_DECRYPT) {

  433.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer,

  434.                       EVP_R_OPERATON_NOT_INITIALIZED);

  435.     return -1;

  436.   }

  437. 

  438.   ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);

  439. 

  440.   if (ret <= 0) {

  441.     return ret;

  442.   }

  443. 

  444.   if (ret == 2) {

  445.     return 1;

  446.   }

  447. 

  448.   if (!ctx->pkey) {

  449.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_NO_KEY_SET);

  450.     return -1;

  451.   }

  452. 

  453.   if (ctx->pkey->type != peer->type) {

  454.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_DIFFERENT_KEY_TYPES);

  455.     return -1;

  456.   }

  457. 

  458.   /* ran@cryptocom.ru: For clarity.  The error is if parameters in peer are

  459.    * present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return

  460.    * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1

  461.    * (different key types) is impossible here because it is checked earlier.

  462.    * -2 is OK for us here, as well as 1, so we can check for 0 only. */

  463.   if (!EVP_PKEY_missing_parameters(peer) &&

  464.       !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {

  465.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer,

  466.                       EVP_R_DIFFERENT_PARAMETERS);

  467.     return -1;

  468.   }

  469. 

  470.   if (ctx->peerkey) {

  471.     EVP_PKEY_free(ctx->peerkey);

  472.   }

  473.   ctx->peerkey = peer;

  474. 

  475.   ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);

  476. 

  477.   if (ret <= 0) {

  478.     ctx->peerkey = NULL;

  479.     return ret;

  480.   }

  481. 

  482.   CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);

  483.   return 1;

  484. }

  485. 

  486. int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) {

  487.   if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {

  488.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive,

  489.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  490.     return -2;

  491.   }

  492.   if (ctx->operation != EVP_PKEY_OP_DERIVE) {

  493.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, EVP_R_OPERATON_NOT_INITIALIZED);

  494.     return -1;

  495.   }

  496.   if (!check_autoarg(ctx, key, out_key_len)) {

  497.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, EVP_R_BUFFER_TOO_SMALL);

  498.     return 0;

  499.   }

  500.   return ctx->pmeth->derive(ctx, key, out_key_len);

  501. }

  502. 

  503. int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) {

  504.   int ret;

  505.   if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {

  506.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen_init,

  507.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  508.     return -2;

  509.   }

  510.   ctx->operation = EVP_PKEY_OP_KEYGEN;

  511.   if (!ctx->pmeth->keygen_init) {

  512.     return 1;

  513.   }

  514.   ret = ctx->pmeth->keygen_init(ctx);

  515.   if (ret <= 0) {

  516.     ctx->operation = EVP_PKEY_OP_UNDEFINED;

  517.   }

  518.   return ret;

  519. }

  520. 

  521. int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) {

  522.   int ret;

  523. 

  524.   if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {

  525.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen,

  526.                       EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  527.     return -2;

  528.   }

  529.   if (ctx->operation != EVP_PKEY_OP_KEYGEN) {

  530.     OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, EVP_R_OPERATON_NOT_INITIALIZED);

  531.     return -1;

  532.   }

  533. 

  534.   if (!ppkey) {

  535.     return -1;

  536.   }

  537. 

  538.   if (!*ppkey) {

  539.     *ppkey = EVP_PKEY_new();

  540.   }

  541. 

  542.   ret = ctx->pmeth->keygen(ctx, *ppkey);

  543.   if (ret <= 0) {

  544.     EVP_PKEY_free(*ppkey);

  545.     *ppkey = NULL;

  546.   }

  547.   return ret;

  548. }