From: Dr. Stephen Henson Date: Wed, 2 Feb 2011 14:21:33 +0000 (+0000) Subject: Add sign/verify digest API to handle an explicit digest instead of finalising X-Git-Tag: OpenSSL-fips-2_0-rc1~810 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a5b196a22c62d9d1d113bff6d8fc8c17d5f5734a;p=oweals%2Fopenssl.git Add sign/verify digest API to handle an explicit digest instead of finalising a context. --- diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 06a7b1431d..b68fbce169 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -209,7 +209,10 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *); #ifdef OPENSSL_FIPS DSA * FIPS_dsa_new(void); void FIPS_dsa_free (DSA *r); +DSA_SIG * FIPS_dsa_sign_digest(DSA *dsa, const unsigned char *dig, int dlen); DSA_SIG * FIPS_dsa_sign_ctx(DSA *dsa, EVP_MD_CTX *ctx); +int FIPS_dsa_verify_digest(DSA *dsa, + const unsigned char *dig, int dlen, DSA_SIG *s); int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s); #endif diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 47ba358eb6..4287b83f8a 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -321,9 +321,17 @@ void FIPS_rsa_free(RSA *r); int FIPS_rsa_sign_ctx(RSA *rsa, EVP_MD_CTX *ctx, int rsa_pad_mode, int saltlen, const EVP_MD *mgf1Hash, unsigned char *sigret, unsigned int *siglen); +int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len, + const EVP_MD *mhash, int rsa_pad_mode, int saltlen, + const EVP_MD *mgf1Hash, + unsigned char *sigret, unsigned int *siglen); int FIPS_rsa_verify_ctx(RSA *rsa, EVP_MD_CTX *ctx, int rsa_pad_mode, int saltlen, const EVP_MD *mgf1Hash, unsigned char *sigbuf, unsigned int siglen); +int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen, + const EVP_MD *mhash, int rsa_pad_mode, int saltlen, + const EVP_MD *mgf1Hash, + unsigned char *sigbuf, unsigned int siglen); #endif void RSA_set_default_method(const RSA_METHOD *meth); diff --git a/fips/dsa/fips_dsa_sign.c b/fips/dsa/fips_dsa_sign.c index 7223589af3..2875752e01 100644 --- a/fips/dsa/fips_dsa_sign.c +++ b/fips/dsa/fips_dsa_sign.c @@ -82,6 +82,11 @@ DSA_SIG * FIPS_dsa_sign_ctx(DSA *dsa, EVP_MD_CTX *ctx) return s; } +DSA_SIG * FIPS_dsa_sign_digest(DSA *dsa, const unsigned char *dig, int dlen) + { + return dsa->meth->dsa_do_sign(dig, dlen, dsa); + } + int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s) { int ret=-1; @@ -93,4 +98,10 @@ int FIPS_dsa_verify_ctx(DSA *dsa, EVP_MD_CTX *ctx, DSA_SIG *s) return ret; } +int FIPS_dsa_verify_digest(DSA *dsa, + const unsigned char *dig, int dlen, DSA_SIG *s) + { + return dsa->meth->dsa_do_verify(dig,dlen,s,dsa); + } + #endif diff --git a/fips/rsa/fips_rsa_sign.c b/fips/rsa/fips_rsa_sign.c index 4e5b4bf1db..e9f7a2bba7 100644 --- a/fips/rsa/fips_rsa_sign.c +++ b/fips/rsa/fips_rsa_sign.c @@ -191,38 +191,48 @@ static const unsigned char *fips_digestinfo_nn_encoding(int nid, unsigned int *l } } - int FIPS_rsa_sign_ctx(RSA *rsa, EVP_MD_CTX *ctx, int rsa_pad_mode, int saltlen, const EVP_MD *mgf1Hash, unsigned char *sigret, unsigned int *siglen) { + unsigned int md_len, rv; + unsigned char md[EVP_MAX_MD_SIZE]; + EVP_DigestFinal_ex(ctx, md, &md_len); + rv = FIPS_rsa_sign_digest(rsa, md, md_len, + M_EVP_MD_CTX_md(ctx), + rsa_pad_mode, saltlen, + mgf1Hash, sigret, siglen); + OPENSSL_cleanse(md, md_len); + return rv; + } + + +int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len, + const EVP_MD *mhash, int rsa_pad_mode, int saltlen, + const EVP_MD *mgf1Hash, + unsigned char *sigret, unsigned int *siglen) + { int i=0,j,ret=0; unsigned int dlen; const unsigned char *der; - unsigned int m_len; - const EVP_MD *mhash; int md_type; /* Largest DigestInfo: 19 (max encoding) + max MD */ unsigned char tmpdinfo[19 + EVP_MAX_MD_SIZE]; - unsigned char md[EVP_MAX_MD_SIZE + 1]; - EVP_DigestFinal_ex(ctx, md, &m_len); - - mhash = M_EVP_MD_CTX_md(ctx); md_type = M_EVP_MD_type(mhash); if (rsa_pad_mode == RSA_X931_PADDING) { int hash_id; - memcpy(tmpdinfo, md, m_len); + memcpy(tmpdinfo, md, md_len); hash_id = RSA_X931_hash_id(md_type); if (hash_id == -1) { RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); return 0; } - tmpdinfo[m_len] = (unsigned char)hash_id; - i = m_len + 1; + tmpdinfo[md_len] = (unsigned char)hash_id; + i = md_len + 1; } else if (rsa_pad_mode == RSA_PKCS1_PADDING) { @@ -235,9 +245,9 @@ int FIPS_rsa_sign_ctx(RSA *rsa, EVP_MD_CTX *ctx, return 0; } memcpy(tmpdinfo, der, dlen); - memcpy(tmpdinfo + dlen, md, m_len); + memcpy(tmpdinfo + dlen, md, md_len); - i = dlen + m_len; + i = dlen + md_len; } else if (rsa_pad_mode == RSA_PKCS1_PSS_PADDING) @@ -260,7 +270,6 @@ int FIPS_rsa_sign_ctx(RSA *rsa, EVP_MD_CTX *ctx, *siglen=j; } psserr: - OPENSSL_cleanse(md,m_len); OPENSSL_cleanse(sbuf, i); OPENSSL_free(sbuf); return ret; @@ -282,7 +291,6 @@ int FIPS_rsa_sign_ctx(RSA *rsa, EVP_MD_CTX *ctx, done: OPENSSL_cleanse(tmpdinfo,i); - OPENSSL_cleanse(md,m_len); return ret; } @@ -290,12 +298,25 @@ int FIPS_rsa_verify_ctx(RSA *rsa, EVP_MD_CTX *ctx, int rsa_pad_mode, int saltlen, const EVP_MD *mgf1Hash, unsigned char *sigbuf, unsigned int siglen) { + unsigned int md_len, rv; + unsigned char md[EVP_MAX_MD_SIZE]; + EVP_DigestFinal_ex(ctx, md, &md_len); + rv = FIPS_rsa_verify_digest(rsa, md, md_len, M_EVP_MD_CTX_md(ctx), + rsa_pad_mode, saltlen, mgf1Hash, + sigbuf, siglen); + OPENSSL_cleanse(md, md_len); + return rv; + } + +int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen, + const EVP_MD *mhash, int rsa_pad_mode, int saltlen, + const EVP_MD *mgf1Hash, + unsigned char *sigbuf, unsigned int siglen) + { int i,ret=0; - unsigned int dlen, diglen; + unsigned int dlen; unsigned char *s; const unsigned char *der; - unsigned char dig[EVP_MAX_MD_SIZE]; - const EVP_MD *mhash; int md_type; int rsa_dec_pad_mode; @@ -305,11 +326,8 @@ int FIPS_rsa_verify_ctx(RSA *rsa, EVP_MD_CTX *ctx, return(0); } - mhash = M_EVP_MD_CTX_md(ctx); md_type = M_EVP_MD_type(mhash); - EVP_DigestFinal_ex(ctx, dig, &diglen); - s= OPENSSL_malloc((unsigned int)siglen); if (s == NULL) {