2 * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include <openssl/evp.h>
13 #include <openssl/objects.h>
14 #include <openssl/x509.h>
15 #include "internal/evp_int.h"
18 static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
19 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
22 if (ctx->pctx == NULL)
23 ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
24 if (ctx->pctx == NULL)
27 if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {
31 if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
32 type = EVP_get_digestbynid(def_nid);
36 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
42 if (ctx->pctx->pmeth->verifyctx_init) {
43 if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
45 ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
46 } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
49 if (ctx->pctx->pmeth->signctx_init) {
50 if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
52 ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
53 } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
56 if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
60 if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
62 if (!EVP_DigestInit_ex(ctx, type, e))
67 int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
68 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
70 return do_sigver_init(ctx, pctx, type, e, pkey, 0);
73 int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
74 const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
76 return do_sigver_init(ctx, pctx, type, e, pkey, 1);
79 int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
83 EVP_PKEY_CTX *pctx = ctx->pctx;
84 if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) {
86 return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
87 if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE)
88 r = pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
90 EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_dup(ctx->pctx);
93 r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);
94 EVP_PKEY_CTX_free(dctx);
98 if (pctx->pmeth->signctx)
103 unsigned char md[EVP_MAX_MD_SIZE];
104 unsigned int mdlen = 0;
105 if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
107 r = ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx);
109 r = EVP_DigestFinal_ex(ctx, md, &mdlen);
111 EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
114 if (!EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) {
115 EVP_MD_CTX_free(tmp_ctx);
119 r = tmp_ctx->pctx->pmeth->signctx(tmp_ctx->pctx,
120 sigret, siglen, tmp_ctx);
122 r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);
123 EVP_MD_CTX_free(tmp_ctx);
127 if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
131 if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)
134 int s = EVP_MD_size(ctx->digest);
135 if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)
142 int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
145 unsigned char md[EVP_MAX_MD_SIZE];
147 unsigned int mdlen = 0;
150 if (ctx->pctx->pmeth->verifyctx)
154 if (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) {
156 r = ctx->pctx->pmeth->verifyctx(ctx->pctx, sig, siglen, ctx);
158 r = EVP_DigestFinal_ex(ctx, md, &mdlen);
160 EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
163 if (!EVP_MD_CTX_copy_ex(tmp_ctx, ctx)) {
164 EVP_MD_CTX_free(tmp_ctx);
168 r = tmp_ctx->pctx->pmeth->verifyctx(tmp_ctx->pctx,
169 sig, siglen, tmp_ctx);
171 r = EVP_DigestFinal_ex(tmp_ctx, md, &mdlen);
172 EVP_MD_CTX_free(tmp_ctx);
176 return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
projects / oweals / openssl.git / blob