From 0e52100400e647aeb5b8ac1b92c74d53918d39a0 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Wed, 30 Oct 2019 16:59:34 +0100 Subject: [PATCH] EVP: Make the SIGNATURE implementation leaner Because the algorithm to use is decided already when creating an EVP_PKEY_CTX regardless of how it was created, it turns out that it's unnecessary to provide the SIGNATURE method explicitly, and rather always have it be fetched implicitly. This means fewer changes for applications that want to use new signature algorithms / implementations. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10303) --- crypto/evp/evp_local.h | 2 - crypto/evp/m_sigver.c | 122 +++++++++++++++------------ crypto/evp/pmeth_fn.c | 116 ++++++++----------------- doc/man3/EVP_DigestSignInit.pod | 83 +++++++++--------- doc/man3/EVP_PKEY_sign.pod | 32 +++---- doc/man3/EVP_PKEY_verify.pod | 27 ++---- doc/man3/EVP_PKEY_verify_recover.pod | 37 +++----- include/openssl/evp.h | 9 +- util/libcrypto.num | 6 +- 9 files changed, 181 insertions(+), 253 deletions(-) diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h index 5795dcbe51..259805db80 100644 --- a/crypto/evp/evp_local.h +++ b/crypto/evp/evp_local.h @@ -118,8 +118,6 @@ struct evp_signature_st { CRYPTO_REF_COUNT refcnt; CRYPTO_RWLOCK *lock; - EVP_KEYMGMT *keymgmt; - OSSL_OP_signature_newctx_fn *newctx; OSSL_OP_signature_sign_init_fn *sign_init; OSSL_OP_signature_sign_fn *sign; diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index c02325cf6b..7a21f680b9 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -27,9 +27,10 @@ static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen) static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, const char *mdname, const char *props, ENGINE *e, EVP_PKEY *pkey, - EVP_SIGNATURE *signature, int ver) + int ver) { EVP_PKEY_CTX *locpctx = NULL; + EVP_SIGNATURE *signature = NULL; void *provkey = NULL; int ret; @@ -43,51 +44,69 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ctx->provctx = NULL; } - if (ctx->pctx == NULL) { + if (ctx->pctx == NULL) ctx->pctx = EVP_PKEY_CTX_new(pkey, e); - if (ctx->pctx == NULL) - return 0; - } else if (pkey != NULL) { - if (!EVP_PKEY_up_ref(pkey)) - return 0; - EVP_PKEY_free(ctx->pctx->pkey); - ctx->pctx->pkey = pkey; - } + if (ctx->pctx == NULL) + return 0; + locpctx = ctx->pctx; evp_pkey_ctx_free_old_ops(locpctx); - if (locpctx->pkey == NULL) - goto legacy; - if (e != NULL || locpctx->engine != NULL) + if (locpctx->algorithm == NULL) goto legacy; - if (signature != NULL) { - if (!EVP_SIGNATURE_up_ref(signature)) - goto err; - } else { - /* - * TODO(3.0): Check for legacy handling. Remove this once all all - * algorithms are moved to providers. - */ - switch (locpctx->pkey->type) { - case NID_dsa: - break; - default: - goto legacy; + if (mdname == NULL) { + if (type != NULL) { + mdname = EVP_MD_name(type); + } else if (pkey != NULL) { + /* + * TODO(v3.0) work out a better way for EVP_PKEYs with no legacy + * component. + */ + if (pkey->pkey.ptr != NULL) { + int def_nid; + if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0) + mdname = OBJ_nid2sn(def_nid); + } } - signature - = EVP_SIGNATURE_fetch(NULL, OBJ_nid2sn(locpctx->pkey->type), NULL); + } - if (signature == NULL) { - ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); - goto err; - } + /* + * Because we cleared out old ops, we shouldn't need to worry about + * checking if signature is already there. Keymgmt is a different + * matter, as it isn't tied to a specific EVP_PKEY op. + */ + signature = EVP_SIGNATURE_fetch(locpctx->libctx, locpctx->algorithm, + locpctx->propquery); + if (signature != NULL && locpctx->keymgmt == NULL) { + int name_id = EVP_SIGNATURE_number(signature); + + locpctx->keymgmt = + evp_keymgmt_fetch_by_number(locpctx->libctx, name_id, + locpctx->propquery); } - locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX - : EVP_PKEY_OP_SIGNCTX; + + if (locpctx->keymgmt == NULL + || signature == NULL + || (EVP_KEYMGMT_provider(locpctx->keymgmt) + != EVP_SIGNATURE_provider(signature))) { + /* + * We don't have the full support we need with provided methods, + * let's go see if legacy does. Also, we don't need to free + * ctx->keymgmt here, as it's not necessarily tied to this + * operation. It will be freed by EVP_PKEY_CTX_free(). + */ + EVP_SIGNATURE_free(signature); + goto legacy; + } + + /* No more legacy from here down to legacy: */ locpctx->op.sig.signature = signature; + locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX + : EVP_PKEY_OP_SIGNCTX; + locpctx->op.sig.sigprovctx = signature->newctx(ossl_provider_ctx(signature->prov)); if (locpctx->op.sig.sigprovctx == NULL) { @@ -95,14 +114,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, goto err; } provkey = - evp_keymgmt_export_to_provider(locpctx->pkey, signature->keymgmt, 0); + evp_keymgmt_export_to_provider(locpctx->pkey, locpctx->keymgmt, 0); if (provkey == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - if (mdname == NULL) { - mdname = EVP_MD_name(type); + if (type != NULL) { ctx->reqdigest = type; } else { /* @@ -111,11 +129,8 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, * man pages), i.e. the ref count is not updated so the EVP_MD should * not be used beyound the lifetime of the EVP_MD_CTX. */ - ctx->reqdigest - = ctx->fetched_digest - = EVP_MD_fetch( - ossl_provider_library_context(EVP_SIGNATURE_provider(signature)), - mdname, props); + ctx->reqdigest = ctx->fetched_digest = + EVP_MD_fetch(locpctx->libctx, mdname, props); } if (ver) { @@ -123,15 +138,15 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - ret = signature->digest_verify_init(locpctx->op.sig.sigprovctx, mdname, - props, provkey); + ret = signature->digest_verify_init(locpctx->op.sig.sigprovctx, + mdname, props, provkey); } else { if (signature->digest_sign_init == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); goto err; } - ret = signature->digest_sign_init(locpctx->op.sig.sigprovctx, mdname, - props, provkey); + ret = signature->digest_sign_init(locpctx->op.sig.sigprovctx, + mdname, props, provkey); } return ret ? 1 : 0; @@ -197,31 +212,28 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey, - EVP_SIGNATURE *signature) + const char *mdname, const char *props, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, signature, - 0); + return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, 0); } int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 0); + return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, 0); } int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const char *mdname, const char *props, - EVP_PKEY *pkey, EVP_SIGNATURE *signature) + EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, signature, - 1); + return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, 1); } int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 1); + return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, 1); } #endif /* FIPS_MDOE */ diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c index d06edb218b..4a8ece5fac 100644 --- a/crypto/evp/pmeth_fn.c +++ b/crypto/evp/pmeth_fn.c @@ -35,39 +35,19 @@ static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov) static void *evp_signature_from_dispatch(int name_id, const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov, - void *vkeymgmt_data) + void *unused) { - /* - * Signature functions cannot work without a key, and key management - * from the same provider to manage its keys. We therefore fetch - * a key management method using the same algorithm and properties - * and pass that down to evp_generic_fetch to be passed on to our - * evp_signature_from_dispatch, which will attach the key management - * method to the newly created key exchange method as long as the - * provider matches. - */ - struct keymgmt_data_st *keymgmt_data = vkeymgmt_data; - EVP_KEYMGMT *keymgmt = - evp_keymgmt_fetch_by_number(keymgmt_data->ctx, name_id, - keymgmt_data->properties); EVP_SIGNATURE *signature = NULL; int ctxfncnt = 0, signfncnt = 0, verifyfncnt = 0, verifyrecfncnt = 0; int digsignfncnt = 0, digverifyfncnt = 0; int gparamfncnt = 0, sparamfncnt = 0, gmdparamfncnt = 0, smdparamfncnt = 0; - if (keymgmt == NULL || EVP_KEYMGMT_provider(keymgmt) != prov) { - ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEYMGMT_AVAILABLE); - goto err; - } - if ((signature = evp_signature_new(prov)) == NULL) { ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); goto err; } signature->name_id = name_id; - signature->keymgmt = keymgmt; - keymgmt = NULL; /* avoid double free on failure below */ for (; fns->function_id != 0; fns++) { switch (fns->function_id) { @@ -263,7 +243,6 @@ static void *evp_signature_from_dispatch(int name_id, return signature; err: EVP_SIGNATURE_free(signature); - EVP_KEYMGMT_free(keymgmt); return NULL; } @@ -275,7 +254,6 @@ void EVP_SIGNATURE_free(EVP_SIGNATURE *signature) CRYPTO_DOWN_REF(&signature->refcnt, &i, signature->lock); if (i > 0) return; - EVP_KEYMGMT_free(signature->keymgmt); ossl_provider_free(signature->prov); CRYPTO_THREAD_lock_free(signature->lock); OPENSSL_free(signature); @@ -298,16 +276,8 @@ OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature) EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties) { - struct keymgmt_data_st keymgmt_data; - - /* - * A signature operation cannot work without a key, so we need key - * management from the same provider to manage its keys. - */ - keymgmt_data.ctx = ctx; - keymgmt_data.properties = properties; return evp_generic_fetch(ctx, OSSL_OP_SIGNATURE, algorithm, properties, - evp_signature_from_dispatch, &keymgmt_data, + evp_signature_from_dispatch, NULL, (int (*)(void *))EVP_SIGNATURE_up_ref, (void (*)(void *))EVP_SIGNATURE_free); } @@ -327,13 +297,9 @@ void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, void *arg), void *arg) { - struct keymgmt_data_st keymgmt_data; - - keymgmt_data.ctx = libctx; - keymgmt_data.properties = NULL; evp_generic_do_all(libctx, OSSL_OP_SIGNATURE, (void (*)(void *, void *))fn, arg, - evp_signature_from_dispatch, &keymgmt_data, + evp_signature_from_dispatch, NULL, (void (*)(void *))EVP_SIGNATURE_free); } @@ -346,11 +312,11 @@ void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature, evp_names_do_all(signature->prov, signature->name_id, fn, data); } -static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature, - int operation) +static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation) { int ret = 0; void *provkey = NULL; + EVP_SIGNATURE *signature = NULL; if (ctx == NULL) { EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); @@ -360,41 +326,42 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature, evp_pkey_ctx_free_old_ops(ctx); ctx->operation = operation; - if (ctx->engine != NULL) + if (ctx->algorithm == NULL) goto legacy; - if (signature != NULL) { - if (!EVP_SIGNATURE_up_ref(signature)) - goto err; - } else { - int nid = ctx->pkey != NULL ? ctx->pkey->type : ctx->pmeth->pkey_id; + /* + * Because we cleared out old ops, we shouldn't need to worry about + * checking if signature is already there. Keymgmt is a different + * matter, as it isn't tied to a specific EVP_PKEY op. + */ + signature = EVP_SIGNATURE_fetch(ctx->libctx, ctx->algorithm, + ctx->propquery); + if (signature != NULL && ctx->keymgmt == NULL) { + int name_id = EVP_SIGNATURE_number(signature); + + ctx->keymgmt = evp_keymgmt_fetch_by_number(ctx->libctx, name_id, + ctx->propquery); + } + if (ctx->keymgmt == NULL + || signature == NULL + || (EVP_KEYMGMT_provider(ctx->keymgmt) + != EVP_SIGNATURE_provider(signature))) { /* - * TODO(3.0): Check for legacy handling. Remove this once all all - * algorithms are moved to providers. + * We don't have the full support we need with provided methods, + * let's go see if legacy does. Also, we don't need to free + * ctx->keymgmt here, as it's not necessarily tied to this + * operation. It will be freed by EVP_PKEY_CTX_free(). */ - if (ctx->pkey != NULL) { - switch (ctx->pkey->type) { - case NID_dsa: - break; - default: - goto legacy; - } - signature = EVP_SIGNATURE_fetch(NULL, OBJ_nid2sn(nid), NULL); - } else { - goto legacy; - } - - if (signature == NULL) { - EVPerr(0, EVP_R_INITIALIZATION_ERROR); - goto err; - } + EVP_SIGNATURE_free(signature); + goto legacy; } ctx->op.sig.signature = signature; + if (ctx->pkey != NULL) { provkey = - evp_keymgmt_export_to_provider(ctx->pkey, signature->keymgmt, 0); + evp_keymgmt_export_to_provider(ctx->pkey, ctx->keymgmt, 0); if (provkey == NULL) { EVPerr(0, EVP_R_INITIALIZATION_ERROR); goto err; @@ -483,14 +450,9 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature, return ret; } -int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature) -{ - return evp_pkey_signature_init(ctx, signature, EVP_PKEY_OP_SIGN); -} - int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { - return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_SIGN); + return evp_pkey_signature_init(ctx, EVP_PKEY_OP_SIGN); } int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, @@ -527,14 +489,9 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen); } -int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature) -{ - return evp_pkey_signature_init(ctx, signature, EVP_PKEY_OP_VERIFY); -} - int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { - return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_VERIFY); + return evp_pkey_signature_init(ctx, EVP_PKEY_OP_VERIFY); } int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, @@ -569,14 +526,9 @@ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen); } -int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature) -{ - return evp_pkey_signature_init(ctx, signature, EVP_PKEY_OP_VERIFYRECOVER); -} - int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx) { - return evp_pkey_signature_init(ctx, NULL, EVP_PKEY_OP_VERIFYRECOVER); + return evp_pkey_signature_init(ctx, EVP_PKEY_OP_VERIFYRECOVER); } int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index f730ba7b03..dbcd38e7ca 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -11,7 +11,7 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const char *mdname, const char *props, - EVP_PKEY *pkey, EVP_SIGNATURE *signature); + EVP_PKEY *pkey); int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -26,41 +26,38 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions The EVP signature routines are a high level interface to digital signatures. Input data is digested first before the signing takes place. -EVP_DigestSignInit_ex() sets up signing context B to use a digest with the -name B and private key B. The signature algorithm B -will be used for the actual signing which must be compatible with the private -key. The name of the digest to be used is passed to the provider of the -signature algorithm in use. How that provider interprets the digest name is -provider specific. The provider may implement that digest directly itself or it -may (optionally) choose to fetch it (which could result in a digest from a -different provider being selected). If the provider supports fetching the digest -then it may use the B argument for the properties to be used during the -fetch. - -The B parameter may be NULL in which case a suitable signature -algorithm implementation will be implicitly fetched based on the type of key in -use. See L for further information about providers and fetching -algorithms. +EVP_DigestSignInit_ex() sets up signing context I to use a digest with the +name I and private key I. The name of the digest to be used is +passed to the provider of the signature algorithm in use. How that provider +interprets the digest name is provider specific. The provider may implement +that digest directly itself or it may (optionally) choose to fetch it (which +could result in a digest from a different provider being selected). If the +provider supports fetching the digest then it may use the I argument for +the properties to be used during the fetch. + +The I algorithm is used to fetch a B method implicitly, to +be used for the actual signing. See L for +more information about implict fetches. The OpenSSL default and legacy providers support fetching digests and can fetch those digests from any available provider. The OpenSSL fips provider also supports fetching digests but will only fetch digests that are themselves implemented inside the fips provider. -B must be created with EVP_MD_CTX_new() before calling this function. If -B is not NULL, the EVP_PKEY_CTX of the signing operation will be written -to B<*pctx>: this can be used to set alternative signing options. Note that any -existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must -not be freed directly by the application if B is not assigned an +I must be created with EVP_MD_CTX_new() before calling this function. If +I is not NULL, the EVP_PKEY_CTX of the signing operation will be written +to I<*pctx>: this can be used to set alternative signing options. Note that any +existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must +not be freed directly by the application if I is not assigned an EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). -The digest B may be NULL if the signing algorithm supports it. The -B argument can always be NULL. +The digest I may be NULL if the signing algorithm supports it. The +I argument can always be NULL. No B will be created by EVP_DigestSignInit_ex() if the passed -B has already been assigned one via L. See also +I has already been assigned one via L. See also L. Only EVP_PKEY types that support signing can be used with these functions. This @@ -82,7 +79,7 @@ Supports SHA1, SHA224, SHA256, SHA384, SHA512 and SM3 =item RSA with no padding -Supports no digests (the digest B must be NULL) +Supports no digests (the digest I must be NULL) =item RSA with X931 padding @@ -95,7 +92,7 @@ SHA3-224, SHA3-256, SHA3-384, SHA3-512 =item Ed25519 and Ed448 -Support no digests (the digest B must be NULL) +Support no digests (the digest I must be NULL) =item HMAC @@ -110,23 +107,23 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except -that the B parameter will be inferred from the supplied digest B, -and B will be NULL. Where supplied the ENGINE B will be used for the -signing and digest algorithm implementations. B may be NULL. - -EVP_DigestSignUpdate() hashes B bytes of data at B into the -signature context B. This function can be called several times on the -same B to include additional data. - -EVP_DigestSignFinal() signs the data in B and places the signature in B. -If B is B then the maximum size of the output buffer is written to -the B parameter. If B is not B then before the call the -B parameter should contain the length of the B buffer. If the -call is successful the signature is written to B and the amount of data -written to B. - -EVP_DigestSign() signs B bytes of data at B and places the -signature in B and its length in B in a similar way to +that the I parameter will be inferred from the supplied digest I, +and I will be NULL. Where supplied the ENGINE I will be used for the +signing and digest algorithm implementations. I may be NULL. + +EVP_DigestSignUpdate() hashes I bytes of data at I into the +signature context I. This function can be called several times on the +same I to include additional data. + +EVP_DigestSignFinal() signs the data in I and places the signature in I. +If I is NULL then the maximum size of the output buffer is written to +the I parameter. If I is not NULL then before the call the +I parameter should contain the length of the I buffer. If the +call is successful the signature is written to I and the amount of data +written to I. + +EVP_DigestSign() signs I bytes of data at I and places the +signature in I and its length in I in a similar way to EVP_DigestSignFinal(). =head1 RETURN VALUES diff --git a/doc/man3/EVP_PKEY_sign.pod b/doc/man3/EVP_PKEY_sign.pod index f30affd459..68788921da 100644 --- a/doc/man3/EVP_PKEY_sign.pod +++ b/doc/man3/EVP_PKEY_sign.pod @@ -2,14 +2,13 @@ =head1 NAME -EVP_PKEY_sign_init_ex, EVP_PKEY_sign_init, EVP_PKEY_sign +EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm =head1 SYNOPSIS #include - int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, @@ -17,26 +16,19 @@ EVP_PKEY_sign_init_ex, EVP_PKEY_sign_init, EVP_PKEY_sign =head1 DESCRIPTION -The EVP_PKEY_sign_init_ex() function initializes a public key algorithm -context for performing signing using the signature algorithm B. -The signature algorithm B should be fetched using a call to -L. -The EVP_PKEY object associated with B must be compatible with that -algorithm. -B may be NULL in which case the EVP_SIGNATURE algorithm is fetched -implicitly based on the type of EVP_PKEY associated with B. -See L for more information about implict fetches. - -The EVP_PKEY_sign_init() function is the same as EVP_PKEY_sign_init_ex() except -that the EVP_SIGNATURE algorithm is always implicitly fetched. +EVP_PKEY_sign_init() initializes a public key algorithm context I for +signing using the algorithm given when the context was created +using L or variants thereof. The algorithm is used to +fetch a B method implicitly, see L +for more information about implict fetches. The EVP_PKEY_sign() function performs a public key signing operation -using B. The data to be signed is specified using the B and -B parameters. If B is B then the maximum size of the output -buffer is written to the B parameter. If B is not B then -before the call the B parameter should contain the length of the -B buffer, if the call is successful the signature is written to -B and the amount of data written to B. +using I. The data to be signed is specified using the I and +I parameters. If I is NULL then the maximum size of the output +buffer is written to the I parameter. If I is not NULL then +before the call the I parameter should contain the length of the +I buffer, if the call is successful the signature is written to +I and the amount of data written to I. =head1 NOTES diff --git a/doc/man3/EVP_PKEY_verify.pod b/doc/man3/EVP_PKEY_verify.pod index 1e04a85ca9..ed63cdae84 100644 --- a/doc/man3/EVP_PKEY_verify.pod +++ b/doc/man3/EVP_PKEY_verify.pod @@ -2,14 +2,13 @@ =head1 NAME -EVP_PKEY_verify_init_ex, EVP_PKEY_verify_init, EVP_PKEY_verify +EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm =head1 SYNOPSIS #include - int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, @@ -17,24 +16,16 @@ EVP_PKEY_verify_init_ex, EVP_PKEY_verify_init, EVP_PKEY_verify =head1 DESCRIPTION -The EVP_PKEY_verify_init_ex() function initializes a public key algorithm -context for performing signature verification using the signature algorithm -B. -The signature algorithm B should be fetched using a call to -L. -The EVP_PKEY object associated with B must be compatible with that -algorithm. -B may be NULL in which case the EVP_SIGNATURE algorithm is fetched -implicitly based on the type of EVP_PKEY associated with B. -See L for more information about implict fetches. - -The EVP_PKEY_verify_init() function is the same as EVP_PKEY_verify_init_ex() -except that the EVP_SIGNATURE algorithm is always implicitly fetched. +EVP_PKEY_verify_init() initializes a public key algorithm context I for +signing using the algorithm given when the context was created +using L or variants thereof. The algorithm is used to +fetch a B method implicitly, see L +for more information about implict fetches. The EVP_PKEY_verify() function performs a public key verification operation -using B. The signature is specified using the B and -B parameters. The verified data (i.e. the data believed originally -signed) is specified using the B and B parameters. +using I. The signature is specified using the I and +I parameters. The verified data (i.e. the data believed originally +signed) is specified using the I and I parameters. =head1 NOTES diff --git a/doc/man3/EVP_PKEY_verify_recover.pod b/doc/man3/EVP_PKEY_verify_recover.pod index 737c372dd1..8be999333b 100644 --- a/doc/man3/EVP_PKEY_verify_recover.pod +++ b/doc/man3/EVP_PKEY_verify_recover.pod @@ -2,15 +2,13 @@ =head1 NAME -EVP_PKEY_verify_recover_init_ex, EVP_PKEY_verify_recover_init, -EVP_PKEY_verify_recover - recover signature using a public key algorithm +EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover +- recover signature using a public key algorithm =head1 SYNOPSIS #include - int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx, - EVP_SIGNATURE *signature); int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, @@ -18,28 +16,19 @@ EVP_PKEY_verify_recover - recover signature using a public key algorithm =head1 DESCRIPTION -The EVP_PKEY_verify_recover_init_ex() function initializes a public key -algorithm context for performing signature signed data recovery using the -signature algorithm B. -The signature algorithm B should be fetched using a call to -L. -The EVP_PKEY object associated with B must be compatible with that -algorithm. -B may be NULL in which case the EVP_SIGNATURE algorithm is fetched -implicitly based on the type of EVP_PKEY associated with B. -See L for more information about implict fetches. - -The EVP_PKEY_verify_recover_init() function is the same as -EVP_PKEY_verify_recover_init_ex() except that the EVP_SIGNATURE algorithm is -always implicitly fetched. +EVP_PKEY_verify_recover_init() initializes a public key algorithm context +I for signing using the algorithm given when the context was created +using L or variants thereof. The algorithm is used to +fetch a B method implicitly, see L +for more information about implict fetches. The EVP_PKEY_verify_recover() function recovers signed data -using B. The signature is specified using the B and -B parameters. If B is B then the maximum size of the output -buffer is written to the B parameter. If B is not B then -before the call the B parameter should contain the length of the -B buffer, if the call is successful recovered data is written to -B and the amount of data written to B. +using I. The signature is specified using the I and +I parameters. If I is NULL then the maximum size of the output +buffer is written to the I parameter. If I is not NULL then +before the call the I parameter should contain the length of the +I buffer, if the call is successful recovered data is written to +I and the amount of data written to I. =head1 NOTES diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 5de6f8b08e..c1c253c1e3 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -678,8 +678,8 @@ __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t tbslen); int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey, - EVP_SIGNATURE *signature); + const char *mdname, const char *props, + EVP_PKEY *pkey); /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -689,7 +689,7 @@ __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const char *mdname, const char *props, - EVP_PKEY *pkey, EVP_SIGNATURE *signature); + EVP_PKEY *pkey); __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -1526,17 +1526,14 @@ void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature, void (*fn)(const char *name, void *data), void *data); -int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, diff --git a/util/libcrypto.num b/util/libcrypto.num index 737a2aba98..f63949484c 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4742,10 +4742,10 @@ EVP_SIGNATURE_free 4858 3_0_0 EXIST::FUNCTION: EVP_SIGNATURE_up_ref 4859 3_0_0 EXIST::FUNCTION: EVP_SIGNATURE_provider 4860 3_0_0 EXIST::FUNCTION: EVP_SIGNATURE_fetch 4861 3_0_0 EXIST::FUNCTION: -EVP_PKEY_sign_init_ex 4862 3_0_0 EXIST::FUNCTION: +EVP_PKEY_sign_init_ex 4862 3_0_0 NOEXIST::FUNCTION: EVP_PKEY_CTX_set_signature_md 4863 3_0_0 EXIST::FUNCTION: -EVP_PKEY_verify_init_ex 4864 3_0_0 EXIST::FUNCTION: -EVP_PKEY_verify_recover_init_ex 4865 3_0_0 EXIST::FUNCTION: +EVP_PKEY_verify_init_ex 4864 3_0_0 NOEXIST::FUNCTION: +EVP_PKEY_verify_recover_init_ex 4865 3_0_0 NOEXIST::FUNCTION: EVP_PKEY_CTX_get_signature_md 4866 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get_params 4867 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_gettable_params 4868 3_0_0 EXIST::FUNCTION: -- 2.25.1