xref: /third_party/openssl/crypto/evp/signature.c

308 EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
311     return evp_generic_fetch(ctx, OSSL_OP_SIGNATURE, algorithm, properties,
394 static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation,
405     if (ctx == NULL) {
410     evp_pkey_ctx_free_old_ops(ctx);
411     ctx->operation = operation;
415     if (evp_pkey_ctx_is_legacy(ctx))
418     if (ctx->pkey == NULL) {
425      * Try to derive the supported signature from |ctx->keymgmt|.
427     if (!ossl_assert(ctx->pkey->keymgmt == NULL
428                      || ctx->pkey->keymgmt == ctx->keymgmt)) {
433     supported_sig = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
447      *     as |ctx->keymgmt|
450      * signature, and try to export |ctx->pkey| to that keymgmt (when
451      * this keymgmt happens to be the same as |ctx->keymgmt|, the export
472                 EVP_SIGNATURE_fetch(ctx->libctx, supported_sig, ctx->propquery);
477             tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt);
480                                               supported_sig, ctx->propquery);
491          * |ctx->pkey|, but from the provider of the signature method, using
493          * With the keymgmt we found (if we did), we try to export |ctx->pkey|
496          * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt)
500                                         EVP_KEYMGMT_get0_name(ctx->keymgmt),
501                                         ctx->propquery);
503             provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
504                                                   &tmp_keymgmt, ctx->propquery);
518     ctx->op.sig.signature = signature;
519     ctx->op.sig.algctx =
520         signature->newctx(ossl_provider_ctx(signature->prov), ctx->propquery);
521     if (ctx->op.sig.algctx == NULL) {
534         ret = signature->sign_init(ctx->op.sig.algctx, provkey, params);
542         ret = signature->verify_init(ctx->op.sig.algctx, provkey, params);
550         ret = signature->verify_recover_init(ctx->op.sig.algctx, provkey,
559         signature->freectx(ctx->op.sig.algctx);
560         ctx->op.sig.algctx = NULL;
574     if (ctx->pmeth == NULL
575             || (operation == EVP_PKEY_OP_SIGN && ctx->pmeth->sign == NULL)
576             || (operation == EVP_PKEY_OP_VERIFY && ctx->pmeth->verify == NULL)
578                 && ctx->pmeth->verify_recover == NULL)) {
585         if (ctx->pmeth->sign_init == NULL)
587         ret = ctx->pmeth->sign_init(ctx);
590         if (ctx->pmeth->verify_init == NULL)
592         ret = ctx->pmeth->verify_init(ctx);
595         if (ctx->pmeth->verify_recover_init == NULL)
597         ret = ctx->pmeth->verify_recover_init(ctx);
608         ret = evp_pkey_ctx_use_cached_data(ctx);
614     evp_pkey_ctx_free_old_ops(ctx);
615     ctx->operation = EVP_PKEY_OP_UNDEFINED;
620 int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
622     return evp_pkey_signature_init(ctx, EVP_PKEY_OP_SIGN, NULL);
625 int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
627     return evp_pkey_signature_init(ctx, EVP_PKEY_OP_SIGN, params);
630 int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
636     if (ctx == NULL) {
641     if (ctx->operation != EVP_PKEY_OP_SIGN) {
646     if (ctx->op.sig.algctx == NULL)
649     ret = ctx->op.sig.signature->sign(ctx->op.sig.algctx, sig, siglen,
655     if (ctx->pmeth == NULL || ctx->pmeth->sign == NULL) {
660     M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
661         return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
664 int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
666     return evp_pkey_signature_init(ctx, EVP_PKEY_OP_VERIFY, NULL);
669 int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
671     return evp_pkey_signature_init(ctx, EVP_PKEY_OP_VERIFY, params);
674 int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
680     if (ctx == NULL) {
685     if (ctx->operation != EVP_PKEY_OP_VERIFY) {
690     if (ctx->op.sig.algctx == NULL)
693     ret = ctx->op.sig.signature->verify(ctx->op.sig.algctx, sig, siglen,
698     if (ctx->pmeth == NULL || ctx->pmeth->verify == NULL) {
703     return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
706 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
708     return evp_pkey_signature_init(ctx, EVP_PKEY_OP_VERIFYRECOVER, NULL);
711 int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx,
714     return evp_pkey_signature_init(ctx, EVP_PKEY_OP_VERIFYRECOVER, params);
717 int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
723     if (ctx == NULL) {
728     if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
733     if (ctx->op.sig.algctx == NULL)
736     ret = ctx->op.sig.signature->verify_recover(ctx->op.sig.algctx, rout,
742     if (ctx->pmeth == NULL || ctx->pmeth->verify_recover == NULL) {
746     M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
747         return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);

Indexes created Thu Nov 07 10:32:03 CST 2024