1238384Sjkim/* m_sigver.c */
2296341Sdelphij/*
3296341Sdelphij * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4296341Sdelphij * 2006.
5238384Sjkim */
6238384Sjkim/* ====================================================================
7238384Sjkim * Copyright (c) 2006,2007 The OpenSSL Project.  All rights reserved.
8238384Sjkim *
9238384Sjkim * Redistribution and use in source and binary forms, with or without
10238384Sjkim * modification, are permitted provided that the following conditions
11238384Sjkim * are met:
12238384Sjkim *
13238384Sjkim * 1. Redistributions of source code must retain the above copyright
14296341Sdelphij *    notice, this list of conditions and the following disclaimer.
15238384Sjkim *
16238384Sjkim * 2. Redistributions in binary form must reproduce the above copyright
17238384Sjkim *    notice, this list of conditions and the following disclaimer in
18238384Sjkim *    the documentation and/or other materials provided with the
19238384Sjkim *    distribution.
20238384Sjkim *
21238384Sjkim * 3. All advertising materials mentioning features or use of this
22238384Sjkim *    software must display the following acknowledgment:
23238384Sjkim *    "This product includes software developed by the OpenSSL Project
24238384Sjkim *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25238384Sjkim *
26238384Sjkim * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27238384Sjkim *    endorse or promote products derived from this software without
28238384Sjkim *    prior written permission. For written permission, please contact
29238384Sjkim *    licensing@OpenSSL.org.
30238384Sjkim *
31238384Sjkim * 5. Products derived from this software may not be called "OpenSSL"
32238384Sjkim *    nor may "OpenSSL" appear in their names without prior written
33238384Sjkim *    permission of the OpenSSL Project.
34238384Sjkim *
35238384Sjkim * 6. Redistributions of any form whatsoever must retain the following
36238384Sjkim *    acknowledgment:
37238384Sjkim *    "This product includes software developed by the OpenSSL Project
38238384Sjkim *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39238384Sjkim *
40238384Sjkim * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41238384Sjkim * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42238384Sjkim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43238384Sjkim * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
44238384Sjkim * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45238384Sjkim * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46238384Sjkim * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47238384Sjkim * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48238384Sjkim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49238384Sjkim * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50238384Sjkim * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51238384Sjkim * OF THE POSSIBILITY OF SUCH DAMAGE.
52238384Sjkim * ====================================================================
53238384Sjkim *
54238384Sjkim * This product includes cryptographic software written by Eric Young
55238384Sjkim * (eay@cryptsoft.com).  This product includes software written by Tim
56238384Sjkim * Hudson (tjh@cryptsoft.com).
57238384Sjkim *
58238384Sjkim */
59238384Sjkim
60238384Sjkim#include <stdio.h>
61238384Sjkim#include "cryptlib.h"
62238384Sjkim#include <openssl/evp.h>
63238384Sjkim#include <openssl/objects.h>
64238384Sjkim#include <openssl/x509.h>
65238384Sjkim#include "evp_locl.h"
66238384Sjkim
67238384Sjkimstatic int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
68296341Sdelphij                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
69296341Sdelphij                          int ver)
70296341Sdelphij{
71296341Sdelphij    if (ctx->pctx == NULL)
72296341Sdelphij        ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
73296341Sdelphij    if (ctx->pctx == NULL)
74296341Sdelphij        return 0;
75238384Sjkim
76296341Sdelphij    if (type == NULL) {
77296341Sdelphij        int def_nid;
78296341Sdelphij        if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
79296341Sdelphij            type = EVP_get_digestbynid(def_nid);
80296341Sdelphij    }
81238384Sjkim
82296341Sdelphij    if (type == NULL) {
83296341Sdelphij        EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
84296341Sdelphij        return 0;
85296341Sdelphij    }
86238384Sjkim
87296341Sdelphij    if (ver) {
88296341Sdelphij        if (ctx->pctx->pmeth->verifyctx_init) {
89296341Sdelphij            if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
90296341Sdelphij                return 0;
91296341Sdelphij            ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
92296341Sdelphij        } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
93296341Sdelphij            return 0;
94296341Sdelphij    } else {
95296341Sdelphij        if (ctx->pctx->pmeth->signctx_init) {
96296341Sdelphij            if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
97296341Sdelphij                return 0;
98296341Sdelphij            ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
99296341Sdelphij        } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
100296341Sdelphij            return 0;
101296341Sdelphij    }
102296341Sdelphij    if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
103296341Sdelphij        return 0;
104296341Sdelphij    if (pctx)
105296341Sdelphij        *pctx = ctx->pctx;
106296341Sdelphij    if (!EVP_DigestInit_ex(ctx, type, e))
107296341Sdelphij        return 0;
108296341Sdelphij    return 1;
109296341Sdelphij}
110238384Sjkim
111238384Sjkimint EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
112296341Sdelphij                       const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
113296341Sdelphij{
114296341Sdelphij    return do_sigver_init(ctx, pctx, type, e, pkey, 0);
115296341Sdelphij}
116238384Sjkim
117238384Sjkimint EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
118296341Sdelphij                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
119296341Sdelphij{
120296341Sdelphij    return do_sigver_init(ctx, pctx, type, e, pkey, 1);
121296341Sdelphij}
122238384Sjkim
123296341Sdelphijint EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
124296341Sdelphij                        size_t *siglen)
125296341Sdelphij{
126296341Sdelphij    int sctx, r = 0;
127296341Sdelphij    if (ctx->pctx->pmeth->signctx)
128296341Sdelphij        sctx = 1;
129296341Sdelphij    else
130296341Sdelphij        sctx = 0;
131296341Sdelphij    if (sigret) {
132296341Sdelphij        EVP_MD_CTX tmp_ctx;
133296341Sdelphij        unsigned char md[EVP_MAX_MD_SIZE];
134296341Sdelphij        unsigned int mdlen;
135296341Sdelphij        EVP_MD_CTX_init(&tmp_ctx);
136296341Sdelphij        if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
137296341Sdelphij            return 0;
138296341Sdelphij        if (sctx)
139296341Sdelphij            r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
140296341Sdelphij                                             sigret, siglen, &tmp_ctx);
141296341Sdelphij        else
142296341Sdelphij            r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
143296341Sdelphij        EVP_MD_CTX_cleanup(&tmp_ctx);
144296341Sdelphij        if (sctx || !r)
145296341Sdelphij            return r;
146296341Sdelphij        if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
147296341Sdelphij            return 0;
148296341Sdelphij    } else {
149296341Sdelphij        if (sctx) {
150296341Sdelphij            if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret, siglen, ctx) <=
151296341Sdelphij                0)
152296341Sdelphij                return 0;
153296341Sdelphij        } else {
154296341Sdelphij            int s = EVP_MD_size(ctx->digest);
155296341Sdelphij            if (s < 0
156296341Sdelphij                || EVP_PKEY_sign(ctx->pctx, sigret, siglen, NULL, s) <= 0)
157296341Sdelphij                return 0;
158296341Sdelphij        }
159296341Sdelphij    }
160296341Sdelphij    return 1;
161296341Sdelphij}
162238384Sjkim
163238384Sjkimint EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
164296341Sdelphij{
165296341Sdelphij    EVP_MD_CTX tmp_ctx;
166296341Sdelphij    unsigned char md[EVP_MAX_MD_SIZE];
167296341Sdelphij    int r;
168296341Sdelphij    unsigned int mdlen;
169296341Sdelphij    int vctx;
170238384Sjkim
171296341Sdelphij    if (ctx->pctx->pmeth->verifyctx)
172296341Sdelphij        vctx = 1;
173296341Sdelphij    else
174296341Sdelphij        vctx = 0;
175296341Sdelphij    EVP_MD_CTX_init(&tmp_ctx);
176296341Sdelphij    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
177296341Sdelphij        return -1;
178296341Sdelphij    if (vctx) {
179296341Sdelphij        r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
180296341Sdelphij                                           sig, siglen, &tmp_ctx);
181296341Sdelphij    } else
182296341Sdelphij        r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
183296341Sdelphij    EVP_MD_CTX_cleanup(&tmp_ctx);
184296341Sdelphij    if (vctx || !r)
185296341Sdelphij        return r;
186296341Sdelphij    return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
187296341Sdelphij}
188