kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5052 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 72bc2328b1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '72bc2328b1'
${ noResults }
boringssl/crypto/evp/evp_ctx.c

447 lines
13 KiB
Raw Blame History 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/evp.h>

  58. 

  59. #include <string.h>

  60. 

  61. #include <openssl/digest.h>

  62. #include <openssl/err.h>

  63. #include <openssl/mem.h>

  64. 

  65. #include "../internal.h"

  66. #include "internal.h"

  67. 

  68. 

  69. static const EVP_PKEY_METHOD *const evp_methods[] = {

  70.   &rsa_pkey_meth,

  71.   &ec_pkey_meth,

  72.   &ed25519_pkey_meth,

  73. };

  74. 

  75. static const EVP_PKEY_METHOD *evp_pkey_meth_find(int type) {

  76.   unsigned i;

  77. 

  78.   for (i = 0; i < sizeof(evp_methods)/sizeof(EVP_PKEY_METHOD*); i++) {

  79.     if (evp_methods[i]->pkey_id == type) {

  80.       return evp_methods[i];

  81.     }

  82.   }

  83. 

  84.   return NULL;

  85. }

  86. 

  87. static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) {

  88.   EVP_PKEY_CTX *ret;

  89.   const EVP_PKEY_METHOD *pmeth;

  90. 

  91.   if (id == -1) {

  92.     if (!pkey || !pkey->ameth) {

  93.       return NULL;

  94.     }

  95.     id = pkey->ameth->pkey_id;

  96.   }

  97. 

  98.   pmeth = evp_pkey_meth_find(id);

  99. 

  100.   if (pmeth == NULL) {

  101.     OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM);

  102.     ERR_add_error_dataf("algorithm %d", id);

  103.     return NULL;

  104.   }

  105. 

  106.   ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));

  107.   if (!ret) {

  108.     OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE);

  109.     return NULL;

  110.   }

  111.   OPENSSL_memset(ret, 0, sizeof(EVP_PKEY_CTX));

  112. 

  113.   ret->engine = e;

  114.   ret->pmeth = pmeth;

  115.   ret->operation = EVP_PKEY_OP_UNDEFINED;

  116. 

  117.   if (pkey) {

  118.     EVP_PKEY_up_ref(pkey);

  119.     ret->pkey = pkey;

  120.   }

  121. 

  122.   if (pmeth->init) {

  123.     if (pmeth->init(ret) <= 0) {

  124.       EVP_PKEY_free(ret->pkey);

  125.       OPENSSL_free(ret);

  126.       return NULL;

  127.     }

  128.   }

  129. 

  130.   return ret;

  131. }

  132. 

  133. EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) {

  134.   return evp_pkey_ctx_new(pkey, e, -1);

  135. }

  136. 

  137. EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) {

  138.   return evp_pkey_ctx_new(NULL, e, id);

  139. }

  140. 

  141. void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) {

  142.   if (ctx == NULL) {

  143.     return;

  144.   }

  145.   if (ctx->pmeth && ctx->pmeth->cleanup) {

  146.     ctx->pmeth->cleanup(ctx);

  147.   }

  148.   EVP_PKEY_free(ctx->pkey);

  149.   EVP_PKEY_free(ctx->peerkey);

  150.   OPENSSL_free(ctx);

  151. }

  152. 

  153. EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx) {

  154.   if (!ctx->pmeth || !ctx->pmeth->copy) {

  155.     return NULL;

  156.   }

  157. 

  158.   EVP_PKEY_CTX *ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));

  159.   if (!ret) {

  160.     return NULL;

  161.   }

  162. 

  163.   OPENSSL_memset(ret, 0, sizeof(EVP_PKEY_CTX));

  164. 

  165.   ret->pmeth = ctx->pmeth;

  166.   ret->engine = ctx->engine;

  167.   ret->operation = ctx->operation;

  168. 

  169.   if (ctx->pkey != NULL) {

  170.     EVP_PKEY_up_ref(ctx->pkey);

  171.     ret->pkey = ctx->pkey;

  172.   }

  173. 

  174.   if (ctx->peerkey != NULL) {

  175.     EVP_PKEY_up_ref(ctx->peerkey);

  176.     ret->peerkey = ctx->peerkey;

  177.   }

  178. 

  179.   if (ctx->pmeth->copy(ret, ctx) <= 0) {

  180.     ret->pmeth = NULL;

  181.     EVP_PKEY_CTX_free(ret);

  182.     OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);

  183.     return NULL;

  184.   }

  185. 

  186.   return ret;

  187. }

  188. 

  189. EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) { return ctx->pkey; }

  190. 

  191. int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,

  192.                       int p1, void *p2) {

  193.   if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {

  194.     OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED);

  195.     return 0;

  196.   }

  197.   if (keytype != -1 && ctx->pmeth->pkey_id != keytype) {

  198.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  199.     return 0;

  200.   }

  201. 

  202.   if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {

  203.     OPENSSL_PUT_ERROR(EVP, EVP_R_NO_OPERATION_SET);

  204.     return 0;

  205.   }

  206. 

  207.   if (optype != -1 && !(ctx->operation & optype)) {

  208.     OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_OPERATION);

  209.     return 0;

  210.   }

  211. 

  212.   return ctx->pmeth->ctrl(ctx, cmd, p1, p2);

  213. }

  214. 

  215. int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) {

  216.   if (ctx == NULL || ctx->pmeth == NULL ||

  217.       (ctx->pmeth->sign == NULL && ctx->pmeth->sign_message == NULL)) {

  218.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  219.     return 0;

  220.   }

  221. 

  222.   ctx->operation = EVP_PKEY_OP_SIGN;

  223.   return 1;

  224. }

  225. 

  226. int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len,

  227.                   const uint8_t *digest, size_t digest_len) {

  228.   if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {

  229.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  230.     return 0;

  231.   }

  232.   if (ctx->operation != EVP_PKEY_OP_SIGN) {

  233.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  234.     return 0;

  235.   }

  236.   return ctx->pmeth->sign(ctx, sig, sig_len, digest, digest_len);

  237. }

  238. 

  239. int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) {

  240.   if (ctx == NULL || ctx->pmeth == NULL ||

  241.       (ctx->pmeth->verify == NULL && ctx->pmeth->verify_message == NULL)) {

  242.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  243.     return 0;

  244.   }

  245.   ctx->operation = EVP_PKEY_OP_VERIFY;

  246.   return 1;

  247. }

  248. 

  249. int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len,

  250.                     const uint8_t *digest, size_t digest_len) {

  251.   if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {

  252.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  253.     return 0;

  254.   }

  255.   if (ctx->operation != EVP_PKEY_OP_VERIFY) {

  256.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  257.     return 0;

  258.   }

  259.   return ctx->pmeth->verify(ctx, sig, sig_len, digest, digest_len);

  260. }

  261. 

  262. int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) {

  263.   if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {

  264.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  265.     return 0;

  266.   }

  267.   ctx->operation = EVP_PKEY_OP_ENCRYPT;

  268.   return 1;

  269. }

  270. 

  271. int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen,

  272.                      const uint8_t *in, size_t inlen) {

  273.   if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {

  274.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  275.     return 0;

  276.   }

  277.   if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {

  278.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  279.     return 0;

  280.   }

  281.   return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);

  282. }

  283. 

  284. int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) {

  285.   if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {

  286.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  287.     return 0;

  288.   }

  289.   ctx->operation = EVP_PKEY_OP_DECRYPT;

  290.   return 1;

  291. }

  292. 

  293. int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen,

  294.                      const uint8_t *in, size_t inlen) {

  295.   if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {

  296.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  297.     return 0;

  298.   }

  299.   if (ctx->operation != EVP_PKEY_OP_DECRYPT) {

  300.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  301.     return 0;

  302.   }

  303.   return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);

  304. }

  305. 

  306. int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) {

  307.   if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {

  308.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  309.     return 0;

  310.   }

  311.   ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;

  312.   return 1;

  313. }

  314. 

  315. int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len,

  316.                             const uint8_t *sig, size_t sig_len) {

  317.   if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {

  318.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  319.     return 0;

  320.   }

  321.   if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {

  322.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  323.     return 0;

  324.   }

  325.   return ctx->pmeth->verify_recover(ctx, out, out_len, sig, sig_len);

  326. }

  327. 

  328. int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) {

  329.   if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {

  330.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  331.     return 0;

  332.   }

  333.   ctx->operation = EVP_PKEY_OP_DERIVE;

  334.   return 1;

  335. }

  336. 

  337. int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) {

  338.   int ret;

  339.   if (!ctx || !ctx->pmeth ||

  340.       !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||

  341.       !ctx->pmeth->ctrl) {

  342.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  343.     return 0;

  344.   }

  345.   if (ctx->operation != EVP_PKEY_OP_DERIVE &&

  346.       ctx->operation != EVP_PKEY_OP_ENCRYPT &&

  347.       ctx->operation != EVP_PKEY_OP_DECRYPT) {

  348.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  349.     return 0;

  350.   }

  351. 

  352.   ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);

  353. 

  354.   if (ret <= 0) {

  355.     return 0;

  356.   }

  357. 

  358.   if (ret == 2) {

  359.     return 1;

  360.   }

  361. 

  362.   if (!ctx->pkey) {

  363.     OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET);

  364.     return 0;

  365.   }

  366. 

  367.   if (ctx->pkey->type != peer->type) {

  368.     OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES);

  369.     return 0;

  370.   }

  371. 

  372.   // ran@cryptocom.ru: For clarity.  The error is if parameters in peer are

  373.   // present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return

  374.   // 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1

  375.   // (different key types) is impossible here because it is checked earlier.

  376.   // -2 is OK for us here, as well as 1, so we can check for 0 only.

  377.   if (!EVP_PKEY_missing_parameters(peer) &&

  378.       !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {

  379.     OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS);

  380.     return 0;

  381.   }

  382. 

  383.   EVP_PKEY_free(ctx->peerkey);

  384.   ctx->peerkey = peer;

  385. 

  386.   ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);

  387. 

  388.   if (ret <= 0) {

  389.     ctx->peerkey = NULL;

  390.     return 0;

  391.   }

  392. 

  393.   EVP_PKEY_up_ref(peer);

  394.   return 1;

  395. }

  396. 

  397. int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) {

  398.   if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {

  399.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  400.     return 0;

  401.   }

  402.   if (ctx->operation != EVP_PKEY_OP_DERIVE) {

  403.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  404.     return 0;

  405.   }

  406.   return ctx->pmeth->derive(ctx, key, out_key_len);

  407. }

  408. 

  409. int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) {

  410.   if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {

  411.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  412.     return 0;

  413.   }

  414.   ctx->operation = EVP_PKEY_OP_KEYGEN;

  415.   return 1;

  416. }

  417. 

  418. int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) {

  419.   if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {

  420.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);

  421.     return 0;

  422.   }

  423.   if (ctx->operation != EVP_PKEY_OP_KEYGEN) {

  424.     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED);

  425.     return 0;

  426.   }

  427. 

  428.   if (!ppkey) {

  429.     return 0;

  430.   }

  431. 

  432.   if (!*ppkey) {

  433.     *ppkey = EVP_PKEY_new();

  434.     if (!*ppkey) {

  435.       OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP);

  436.       return 0;

  437.     }

  438.   }

  439. 

  440.   if (!ctx->pmeth->keygen(ctx, *ppkey)) {

  441.     EVP_PKEY_free(*ppkey);

  442.     *ppkey = NULL;

  443.     return 0;

  444.   }

  445.   return 1;

  446. }