diff options
author | Kenny Root <kroot@google.com> | 2015-10-02 16:09:15 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2015-10-02 16:09:49 -0700 |
commit | fe7305364c3369f9222a61646c5c9842eae9bceb (patch) | |
tree | 360ada970b7bb1046ae069d253ba24d9622eb3ad /src/crypto/evp | |
parent | 691ef9d0ff0ece39ffd6a58960a7cd195ef584ae (diff) | |
parent | b452bce3bf2034466cee6206ebf3994409468ee4 (diff) | |
download | external_boringssl-fe7305364c3369f9222a61646c5c9842eae9bceb.zip external_boringssl-fe7305364c3369f9222a61646c5c9842eae9bceb.tar.gz external_boringssl-fe7305364c3369f9222a61646c5c9842eae9bceb.tar.bz2 |
Merge mnc-dr-dev-plus-aosp into mnc-ub-dev
This pulls in the latest version of BoringSSL.
Change-Id: I0ab5c73d60f41a696c9a828fac87670aaca10dec
Diffstat (limited to 'src/crypto/evp')
-rw-r--r-- | src/crypto/evp/CMakeLists.txt | 6 | ||||
-rw-r--r-- | src/crypto/evp/algorithm.c | 18 | ||||
-rw-r--r-- | src/crypto/evp/digestsign.c | 72 | ||||
-rw-r--r-- | src/crypto/evp/evp.c | 53 | ||||
-rw-r--r-- | src/crypto/evp/evp_asn1.c (renamed from src/crypto/evp/asn1.c) | 11 | ||||
-rw-r--r-- | src/crypto/evp/evp_ctx.c | 77 | ||||
-rw-r--r-- | src/crypto/evp/evp_extra_test.cc | 4 | ||||
-rw-r--r-- | src/crypto/evp/evp_test.cc | 64 | ||||
-rw-r--r-- | src/crypto/evp/evp_tests.txt | 5 | ||||
-rw-r--r-- | src/crypto/evp/internal.h | 69 | ||||
-rw-r--r-- | src/crypto/evp/p_dsa_asn1.c | 62 | ||||
-rw-r--r-- | src/crypto/evp/p_ec.c | 52 | ||||
-rw-r--r-- | src/crypto/evp/p_ec_asn1.c | 42 | ||||
-rw-r--r-- | src/crypto/evp/p_hmac.c | 223 | ||||
-rw-r--r-- | src/crypto/evp/p_hmac_asn1.c | 89 | ||||
-rw-r--r-- | src/crypto/evp/p_rsa.c | 49 | ||||
-rw-r--r-- | src/crypto/evp/p_rsa_asn1.c | 116 |
17 files changed, 283 insertions, 729 deletions
diff --git a/src/crypto/evp/CMakeLists.txt b/src/crypto/evp/CMakeLists.txt index 5769fa4..5d2e918 100644 --- a/src/crypto/evp/CMakeLists.txt +++ b/src/crypto/evp/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(. .. ../../include) +include_directories(../../include) add_library( evp @@ -6,15 +6,13 @@ add_library( OBJECT algorithm.c - asn1.c digestsign.c evp.c + evp_asn1.c evp_ctx.c p_dsa_asn1.c p_ec.c p_ec_asn1.c - p_hmac.c - p_hmac_asn1.c p_rsa.c p_rsa_asn1.c pbkdf.c diff --git a/src/crypto/evp/algorithm.c b/src/crypto/evp/algorithm.c index ea28dfa..63bc77a 100644 --- a/src/crypto/evp/algorithm.c +++ b/src/crypto/evp/algorithm.c @@ -74,8 +74,7 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { digest = EVP_MD_CTX_md(ctx); pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); if (!digest || !pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, - EVP_R_CONTEXT_NOT_INITIALISED); + OPENSSL_PUT_ERROR(EVP, EVP_R_CONTEXT_NOT_INITIALISED); return 0; } @@ -97,8 +96,7 @@ int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { * that. */ if (!OBJ_find_sigid_by_algs(&sign_nid, EVP_MD_type(digest), pkey->ameth->pkey_id)) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestSignAlgorithm, - EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); return 0; } @@ -122,24 +120,21 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Convert signature OID into digest and public key OIDs */ if (!OBJ_find_sigid_algs(OBJ_obj2nid(algor->algorithm), &digest_nid, &pkey_nid)) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } /* Check public key OID matches public key type */ ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); if (ameth == NULL || ameth->pkey_id != pkey->ameth->pkey_id) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_WRONG_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_WRONG_PUBLIC_KEY_TYPE); return 0; } /* NID_undef signals that there are custom parameters to set. */ if (digest_nid == NID_undef) { if (!pkey->ameth || !pkey->ameth->digest_verify_init_from_algorithm) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; } @@ -149,8 +144,7 @@ int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, /* Otherwise, initialize with the digest from the OID. */ digest = EVP_get_digestbynid(digest_nid); if (digest == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_DigestVerifyInitFromAlgorithm, - EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); return 0; } diff --git a/src/crypto/evp/digestsign.c b/src/crypto/evp/digestsign.c index c163d40..ccb4de4 100644 --- a/src/crypto/evp/digestsign.c +++ b/src/crypto/evp/digestsign.c @@ -62,17 +62,9 @@ #include "../digest/internal.h" -/* md_begin_digset is a callback from the |EVP_MD_CTX| code that is called when - * a new digest is begun. */ -static int md_begin_digest(EVP_MD_CTX *ctx) { - return EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG, - EVP_PKEY_CTRL_DIGESTINIT, 0, ctx); -} - static const struct evp_md_pctx_ops md_pctx_ops = { EVP_PKEY_CTX_free, EVP_PKEY_CTX_dup, - md_begin_digest, }; static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, @@ -91,26 +83,16 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } if (type == NULL) { - OPENSSL_PUT_ERROR(EVP, do_sigver_init, EVP_R_NO_DEFAULT_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_DEFAULT_DIGEST); return 0; } if (is_verify) { - if (ctx->pctx->pmeth->verifyctx_init) { - if (!ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx)) { - return 0; - } - ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX; - } else if (!EVP_PKEY_verify_init(ctx->pctx)) { + if (!EVP_PKEY_verify_init(ctx->pctx)) { return 0; } } else { - if (ctx->pctx->pmeth->signctx_init) { - if (!ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx)) { - return 0; - } - ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX; - } else if (!EVP_PKEY_sign_init(ctx->pctx)) { + if (!EVP_PKEY_sign_init(ctx->pctx)) { return 0; } } @@ -146,59 +128,37 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) { int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig, size_t *out_sig_len) { - int r = 0; - const int has_signctx = ctx->pctx->pmeth->signctx != NULL; - if (out_sig) { EVP_MD_CTX tmp_ctx; + int ret; uint8_t md[EVP_MAX_MD_SIZE]; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { - return 0; - } - if (has_signctx) { - r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx, out_sig, out_sig_len, &tmp_ctx); - } else { - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - if (r) { - r = EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); - } - } + ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && + EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && + EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, md, mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); - return r; + + return ret; } else { - if (has_signctx) { - return ctx->pctx->pmeth->signctx(ctx->pctx, out_sig, out_sig_len, ctx); - } else { - size_t s = EVP_MD_size(ctx->digest); - return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); - } + size_t s = EVP_MD_size(ctx->digest); + return EVP_PKEY_sign(ctx->pctx, out_sig, out_sig_len, NULL, s); } } int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len) { EVP_MD_CTX tmp_ctx; + int ret; uint8_t md[EVP_MAX_MD_SIZE]; - int r; unsigned int mdlen; EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx)) { - return 0; - } - if (ctx->pctx->pmeth->verifyctx) { - r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig, sig_len, &tmp_ctx); - } else { - r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen); - if (r) { - r = EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); - } - } - + ret = EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) && + EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen) && + EVP_PKEY_verify(ctx->pctx, sig, sig_len, md, mdlen); EVP_MD_CTX_cleanup(&tmp_ctx); - return r; + return ret; } diff --git a/src/crypto/evp/evp.c b/src/crypto/evp/evp.c index 0ad5c27..5822379 100644 --- a/src/crypto/evp/evp.c +++ b/src/crypto/evp/evp.c @@ -75,7 +75,6 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ec_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; EVP_PKEY *EVP_PKEY_new(void) { @@ -83,7 +82,7 @@ EVP_PKEY *EVP_PKEY_new(void) { ret = OPENSSL_malloc(sizeof(EVP_PKEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return NULL; } @@ -159,12 +158,12 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { if (to->type != from->type) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); goto err; } if (EVP_PKEY_missing_parameters(from)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_copy_parameters, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); goto err; } @@ -207,8 +206,6 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, int nid) { case EVP_PKEY_RSA: case EVP_PKEY_RSA2: return &rsa_asn1_meth; - case EVP_PKEY_HMAC: - return &hmac_asn1_meth; case EVP_PKEY_EC: return &ec_asn1_meth; case EVP_PKEY_DSA: @@ -226,32 +223,6 @@ int EVP_PKEY_type(int nid) { return meth->pkey_id; } -EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const uint8_t *mac_key, - size_t mac_key_len) { - EVP_PKEY_CTX *mac_ctx = NULL; - EVP_PKEY *ret = NULL; - - mac_ctx = EVP_PKEY_CTX_new_id(type, e); - if (!mac_ctx) { - return NULL; - } - - if (!EVP_PKEY_keygen_init(mac_ctx) || - !EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN, - EVP_PKEY_CTRL_SET_MAC_KEY, mac_key_len, - (uint8_t *)mac_key) || - !EVP_PKEY_keygen(mac_ctx, &ret)) { - ret = NULL; - goto merr; - } - -merr: - if (mac_ctx) { - EVP_PKEY_CTX_free(mac_ctx); - } - return ret; -} - int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) { if (EVP_PKEY_assign_RSA(pkey, key)) { RSA_up_ref(key); @@ -266,7 +237,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key) { RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_RSA) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY); return NULL; } RSA_up_ref(pkey->pkey.rsa); @@ -287,7 +258,7 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key) { DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DSA) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DSA, EVP_R_EXPECTING_A_DSA_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DSA_KEY); return NULL; } DSA_up_ref(pkey->pkey.dsa); @@ -308,7 +279,7 @@ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_EC) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_EC_KEY, EVP_R_EXPECTING_AN_EC_KEY_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_EC_KEY_KEY); return NULL; } EC_KEY_up_ref(pkey->pkey.ec); @@ -329,7 +300,7 @@ int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key) { DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) { if (pkey->type != EVP_PKEY_DH) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_get1_DH, EVP_R_EXPECTING_A_DH_KEY); + OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DH_KEY); return NULL; } DH_up_ref(pkey->pkey.dh); @@ -349,10 +320,10 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pengine, size_t len) { if (len == 3 && memcmp(name, "RSA", 3) == 0) { return &rsa_asn1_meth; - } else if (len == 4 && memcmp(name, "HMAC", 4) == 0) { - return &hmac_asn1_meth; } if (len == 2 && memcmp(name, "EC", 2) == 0) { return &ec_asn1_meth; + } else if (len == 3 && memcmp(name, "DSA", 3) == 0) { + return &dsa_asn1_meth; } return NULL; } @@ -366,7 +337,7 @@ int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) { ameth = EVP_PKEY_asn1_find(NULL, type); if (ameth == NULL) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_set_type, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); ERR_add_error_dataf("algorithm %d (%s)", type, OBJ_nid2sn(type)); return 0; } @@ -436,10 +407,6 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) { 0, (void *)out_md); } -EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey) { - return EVP_PKEY_up_ref(pkey); -} - void OpenSSL_add_all_algorithms(void) {} void OpenSSL_add_all_ciphers(void) {} diff --git a/src/crypto/evp/asn1.c b/src/crypto/evp/evp_asn1.c index 3df9f52..356c62b 100644 --- a/src/crypto/evp/asn1.c +++ b/src/crypto/evp/evp_asn1.c @@ -71,7 +71,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, if (out == NULL || *out == NULL) { ret = EVP_PKEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EVP_LIB); return NULL; } } else { @@ -79,7 +79,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, } if (!EVP_PKEY_set_type(ret, type)) { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_PUBLIC_KEY_TYPE); goto err; } @@ -94,7 +94,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, const uint8_t **inp, ret = EVP_PKCS82PKEY(p8); PKCS8_PRIV_KEY_INFO_free(p8); } else { - OPENSSL_PUT_ERROR(EVP, d2i_PrivateKey, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_ASN1_LIB); goto err; } } @@ -134,8 +134,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); if (!p8) { - OPENSSL_PUT_ERROR(EVP, d2i_AutoPrivateKey, - EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return NULL; } ret = EVP_PKCS82PKEY(p8); @@ -161,7 +160,7 @@ int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp) { case EVP_PKEY_EC: return i2o_ECPublicKey(key->pkey.ec, outp); default: - OPENSSL_PUT_ERROR(EVP, i2d_PublicKey, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return -1; } } diff --git a/src/crypto/evp/evp_ctx.c b/src/crypto/evp/evp_ctx.c index 9f42274..a8e71fe 100644 --- a/src/crypto/evp/evp_ctx.c +++ b/src/crypto/evp/evp_ctx.c @@ -67,12 +67,10 @@ extern const EVP_PKEY_METHOD rsa_pkey_meth; -extern const EVP_PKEY_METHOD hmac_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth; static const EVP_PKEY_METHOD *const evp_methods[] = { &rsa_pkey_meth, - &hmac_pkey_meth, &ec_pkey_meth, }; @@ -102,7 +100,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { pmeth = evp_pkey_meth_find(id); if (pmeth == NULL) { - OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, EVP_R_UNSUPPORTED_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); const char *name = OBJ_nid2sn(id); ERR_add_error_dataf("algorithm %d (%s)", id, name); return NULL; @@ -110,7 +108,7 @@ static EVP_PKEY_CTX *evp_pkey_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) { ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); if (!ret) { - OPENSSL_PUT_ERROR(EVP, evp_pkey_ctx_new, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EVP_PKEY_CTX)); @@ -192,7 +190,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) { err: EVP_PKEY_CTX_free(rctx); - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_dup, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); return NULL; } @@ -207,7 +205,7 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) { return ctx->app_data; } int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2) { if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } if (keytype != -1 && ctx->pmeth->pkey_id != keytype) { @@ -215,12 +213,12 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, } if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_NO_OPERATION_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_OPERATION_SET); return 0; } if (optype != -1 && !(ctx->operation & optype)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_ctrl, EVP_R_INVALID_OPERATION); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_OPERATION); return 0; } @@ -229,8 +227,7 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -250,12 +247,11 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_SIGN) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_sign, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->sign(ctx, sig, sig_len, data, data_len); @@ -263,8 +259,7 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *sig_len, int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_VERIFY; @@ -282,12 +277,11 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, const uint8_t *data, size_t data_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_VERIFY) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_verify, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->verify(ctx, sig, sig_len, data, data_len); @@ -295,8 +289,7 @@ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t sig_len, int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_ENCRYPT; @@ -313,12 +306,11 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_encrypt, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen); @@ -326,8 +318,7 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DECRYPT; @@ -344,12 +335,11 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, const uint8_t *in, size_t inlen) { if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_decrypt, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen); @@ -357,8 +347,7 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_DERIVE; @@ -377,15 +366,13 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt) || !ctx->pmeth->ctrl) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE && ctx->operation != EVP_PKEY_OP_ENCRYPT && ctx->operation != EVP_PKEY_OP_DECRYPT) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -400,12 +387,12 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { } if (!ctx->pkey) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_NO_KEY_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } if (ctx->pkey->type != peer->type) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, EVP_R_DIFFERENT_KEY_TYPES); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_KEY_TYPES); return 0; } @@ -416,8 +403,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { * -2 is OK for us here, as well as 1, so we can check for 0 only. */ if (!EVP_PKEY_missing_parameters(peer) && !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive_set_peer, - EVP_R_DIFFERENT_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_DIFFERENT_PARAMETERS); return 0; } @@ -437,12 +423,11 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer) { int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_DERIVE) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_derive, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } return ctx->pmeth->derive(ctx, key, out_key_len); @@ -450,8 +435,7 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *out_key_len) { int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen_init, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } ctx->operation = EVP_PKEY_OP_KEYGEN; @@ -467,12 +451,11 @@ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx) { int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, - EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } if (ctx->operation != EVP_PKEY_OP_KEYGEN) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, EVP_R_OPERATON_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATON_NOT_INITIALIZED); return 0; } @@ -483,7 +466,7 @@ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey) { if (!*ppkey) { *ppkey = EVP_PKEY_new(); if (!*ppkey) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_keygen, ERR_LIB_EVP); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); return 0; } } diff --git a/src/crypto/evp/evp_extra_test.cc b/src/crypto/evp/evp_extra_test.cc index 674547d..9c955fa 100644 --- a/src/crypto/evp/evp_extra_test.cc +++ b/src/crypto/evp/evp_extra_test.cc @@ -322,8 +322,8 @@ static const uint8_t kExampleBadECKeyDER[] = { }; static ScopedEVP_PKEY LoadExampleRSAKey() { - const uint8_t *derp = kExampleRSAKeyDER; - ScopedRSA rsa(d2i_RSAPrivateKey(nullptr, &derp, sizeof(kExampleRSAKeyDER))); + ScopedRSA rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER, + sizeof(kExampleRSAKeyDER))); if (!rsa) { return nullptr; } diff --git a/src/crypto/evp/evp_test.cc b/src/crypto/evp/evp_test.cc index 239f868..c7ac908 100644 --- a/src/crypto/evp/evp_test.cc +++ b/src/crypto/evp/evp_test.cc @@ -56,10 +56,19 @@ #include <stdlib.h> #include <string.h> +#if defined(_MSC_VER) +#pragma warning(push) +#pragma warning(disable: 4702) +#endif + #include <map> #include <string> #include <vector> +#if defined(_MSC_VER) +#pragma warning(pop) +#endif + #include <openssl/bio.h> #include <openssl/crypto.h> #include <openssl/digest.h> @@ -72,11 +81,10 @@ #include "../test/stl_compat.h" -// evp_test dispatches between multiple test types. HMAC tests test the legacy -// EVP_PKEY_HMAC API. PrivateKey tests take a key name parameter and single -// block, decode it as a PEM private key, and save it under that key name. -// Decrypt, Sign, and Verify tests take a previously imported key name as -// parameter and test their respective operations. +// evp_test dispatches between multiple test types. PrivateKey tests take a key +// name parameter and single block, decode it as a PEM private key, and save it +// under that key name. Decrypt, Sign, and Verify tests take a previously +// imported key name as parameter and test their respective operations. static const EVP_MD *GetDigest(FileTest *t, const std::string &name) { if (name == "MD5") { @@ -120,54 +128,10 @@ static bool ImportPrivateKey(FileTest *t, KeyMap *key_map) { return true; } -static bool TestHMAC(FileTest *t) { - std::string digest_str; - if (!t->GetAttribute(&digest_str, "HMAC")) { - return false; - } - const EVP_MD *digest = GetDigest(t, digest_str); - if (digest == nullptr) { - return false; - } - - std::vector<uint8_t> key, input, output; - if (!t->GetBytes(&key, "Key") || - !t->GetBytes(&input, "Input") || - !t->GetBytes(&output, "Output")) { - return false; - } - - ScopedEVP_PKEY pkey(EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, nullptr, - bssl::vector_data(&key), - key.size())); - ScopedEVP_MD_CTX mctx; - if (!pkey || - !EVP_DigestSignInit(mctx.get(), nullptr, digest, nullptr, pkey.get()) || - !EVP_DigestSignUpdate(mctx.get(), bssl::vector_data(&input), - input.size())) { - return false; - } - - size_t len; - std::vector<uint8_t> actual; - if (!EVP_DigestSignFinal(mctx.get(), nullptr, &len)) { - return false; - } - actual.resize(len); - if (!EVP_DigestSignFinal(mctx.get(), bssl::vector_data(&actual), &len)) { - return false; - } - actual.resize(len); - return t->ExpectBytesEqual(bssl::vector_data(&output), output.size(), - bssl::vector_data(&actual), actual.size()); -} - static bool TestEVP(FileTest *t, void *arg) { KeyMap *key_map = reinterpret_cast<KeyMap*>(arg); if (t->GetType() == "PrivateKey") { return ImportPrivateKey(t, key_map); - } else if (t->GetType() == "HMAC") { - return TestHMAC(t); } int (*key_op_init)(EVP_PKEY_CTX *ctx); @@ -219,7 +183,7 @@ static bool TestEVP(FileTest *t, void *arg) { bssl::vector_data(&input), input.size())) { // ECDSA sometimes doesn't push an error code. Push one on the error queue // so it's distinguishable from other errors. - ERR_put_error(ERR_LIB_USER, 0, ERR_R_EVP_LIB, __FILE__, __LINE__); + OPENSSL_PUT_ERROR(USER, ERR_R_EVP_LIB); return false; } return true; diff --git a/src/crypto/evp/evp_tests.txt b/src/crypto/evp/evp_tests.txt index cccfa4f..97ddaa0 100644 --- a/src/crypto/evp/evp_tests.txt +++ b/src/crypto/evp/evp_tests.txt @@ -163,12 +163,11 @@ Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800 # This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = public key routines +Error = BAD_SIGNATURE # BER signature Verify = P-256 Digest = SHA1 Input = "0123456789ABCDEF1234" Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 -# This operation fails without an error code, so ERR_R_EVP_LIB is surfaced. -Error = public key routines +Error = BAD_SIGNATURE diff --git a/src/crypto/evp/internal.h b/src/crypto/evp/internal.h index 08a7bfb..60881e3 100644 --- a/src/crypto/evp/internal.h +++ b/src/crypto/evp/internal.h @@ -89,8 +89,7 @@ struct evp_pkey_asn1_method_st { int pkey_base_id; unsigned long pkey_flags; - char *pem_str; - char *info; + const char *pem_str; int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub); int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk); @@ -115,8 +114,8 @@ struct evp_pkey_asn1_method_st { int (*pkey_size)(const EVP_PKEY *pk); int (*pkey_bits)(const EVP_PKEY *pk); - int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen); - int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder); + int (*param_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); + int (*param_encode)(const EVP_PKEY *pkey, uint8_t **pder); int (*param_missing)(const EVP_PKEY *pk); int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from); int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b); @@ -130,9 +129,9 @@ struct evp_pkey_asn1_method_st { /* Legacy functions for old PEM */ - int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder, + int (*old_priv_decode)(EVP_PKEY *pkey, const uint8_t **pder, int derlen); - int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder); + int (*old_priv_encode)(const EVP_PKEY *pkey, uint8_t **pder); /* Converting parameters to/from AlgorithmIdentifier (X509_ALGOR). */ int (*digest_verify_init_from_algorithm)(EVP_MD_CTX *ctx, @@ -153,15 +152,12 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); #define EVP_PKEY_OP_SIGN (1 << 3) #define EVP_PKEY_OP_VERIFY (1 << 4) #define EVP_PKEY_OP_VERIFYRECOVER (1 << 5) -#define EVP_PKEY_OP_SIGNCTX (1 << 6) -#define EVP_PKEY_OP_VERIFYCTX (1 << 7) -#define EVP_PKEY_OP_ENCRYPT (1 << 8) -#define EVP_PKEY_OP_DECRYPT (1 << 9) -#define EVP_PKEY_OP_DERIVE (1 << 10) +#define EVP_PKEY_OP_ENCRYPT (1 << 6) +#define EVP_PKEY_OP_DECRYPT (1 << 7) +#define EVP_PKEY_OP_DERIVE (1 << 8) #define EVP_PKEY_OP_TYPE_SIG \ - (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER | \ - EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX) + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER) #define EVP_PKEY_OP_TYPE_CRYPT (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT) @@ -181,13 +177,8 @@ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, int p1, void *p2); -/* EVP_PKEY_CTRL_DIGESTINIT is an internal value. It's called by - * EVP_DigestInit_ex to signal the |EVP_PKEY| that a digest operation is - * starting. - * - * TODO(davidben): This is only needed to support the deprecated HMAC |EVP_PKEY| - * types. */ -#define EVP_PKEY_CTRL_DIGESTINIT 3 +#define EVP_PKEY_CTRL_MD 1 +#define EVP_PKEY_CTRL_GET_MD 2 /* EVP_PKEY_CTRL_PEER_KEY is called with different values of |p1|: * 0: Is called from |EVP_PKEY_derive_set_peer| and |p2| contains a peer key. @@ -198,21 +189,12 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, * (EC)DH always return one in this case. * 3: Is called with |p2| == NULL to set whether the peer's key was used. * (EC)DH always return one in this case. This was only used for GOST. */ -#define EVP_PKEY_CTRL_PEER_KEY 4 - -/* EVP_PKEY_CTRL_SET_MAC_KEY sets a MAC key. For example, this can be done an - * |EVP_PKEY_CTX| prior to calling |EVP_PKEY_keygen| in order to generate an - * HMAC |EVP_PKEY| with the given key. It returns one on success and zero on - * error. */ -#define EVP_PKEY_CTRL_SET_MAC_KEY 5 +#define EVP_PKEY_CTRL_PEER_KEY 3 /* EVP_PKEY_ALG_CTRL is the base value from which key-type specific ctrl * commands are numbered. */ #define EVP_PKEY_ALG_CTRL 0x1000 -#define EVP_PKEY_CTRL_MD 1 -#define EVP_PKEY_CTRL_GET_MD 2 - #define EVP_PKEY_CTRL_RSA_PADDING (EVP_PKEY_ALG_CTRL + 1) #define EVP_PKEY_CTRL_GET_RSA_PADDING (EVP_PKEY_ALG_CTRL + 2) #define EVP_PKEY_CTRL_RSA_PSS_SALTLEN (EVP_PKEY_ALG_CTRL + 3) @@ -260,34 +242,25 @@ struct evp_pkey_method_st { int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); int (*sign_init)(EVP_PKEY_CTX *ctx); - int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); + int (*sign)(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, + const uint8_t *tbs, size_t tbslen); int (*verify_init)(EVP_PKEY_CTX *ctx); - int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); - - int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx); - - int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx); + int (*verify)(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, + const uint8_t *tbs, size_t tbslen); int (*encrypt_init)(EVP_PKEY_CTX *ctx); - int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); + int (*encrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, + const uint8_t *in, size_t inlen); int (*decrypt_init)(EVP_PKEY_CTX *ctx); - int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); + int (*decrypt)(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, + const uint8_t *in, size_t inlen); int (*derive_init)(EVP_PKEY_CTX *ctx); - int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + int (*derive)(EVP_PKEY_CTX *ctx, uint8_t *key, size_t *keylen); int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value); } /* EVP_PKEY_METHOD */; diff --git a/src/crypto/evp/p_dsa_asn1.c b/src/crypto/evp/p_dsa_asn1.c index 0ac7da7..4790cf6 100644 --- a/src/crypto/evp/p_dsa_asn1.c +++ b/src/crypto/evp/p_dsa_asn1.c @@ -91,29 +91,29 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { dsa = d2i_DSAparams(NULL, &pm, pmlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { dsa = DSA_new(); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } } else { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_PARAMETER_ENCODING_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_PARAMETER_ENCODING_ERROR); goto err; } public_key = d2i_ASN1_INTEGER(NULL, &p, pklen); if (public_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_BN_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_BN_DECODE_ERROR); goto err; } @@ -129,21 +129,37 @@ err: static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { DSA *dsa; - void *pval = NULL; + ASN1_STRING *pval = NULL; uint8_t *penc = NULL; int penclen; dsa = pkey->pkey.dsa; dsa->write_params = 0; - penclen = i2d_DSAPublicKey(dsa, &penc); + int ptype; + if (dsa->p && dsa->q && dsa->g) { + pval = ASN1_STRING_new(); + if (!pval) { + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + goto err; + } + pval->length = i2d_DSAparams(dsa, &pval->data); + if (pval->length <= 0) { + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); + goto err; + } + ptype = V_ASN1_SEQUENCE; + } else { + ptype = V_ASN1_UNDEF; + } + penclen = i2d_DSAPublicKey(dsa, &penc); if (penclen <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } - if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), V_ASN1_UNDEF, pval, + if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, pval, penc, penclen)) { return 1; } @@ -236,23 +252,23 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters. Now set private key */ dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL); if (dsa->priv_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto dsaerr; } /* Calculate public key. */ dsa->pub_key = BN_new(); if (dsa->pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto dsaerr; } ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto dsaerr; } if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto dsaerr; } @@ -264,7 +280,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; decerr: - OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); dsaerr: BN_CTX_free(ctx); @@ -281,19 +297,19 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { int dplen; if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); goto err; } params = ASN1_STRING_new(); if (!params) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); if (params->length <= 0) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } params->type = V_ASN1_SEQUENCE; @@ -302,13 +318,14 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); if (!prkey) { - OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_LIB_BN); + OPENSSL_PUT_ERROR(EVP, ERR_LIB_BN); goto err; } dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_INTEGER_free(prkey); + prkey = NULL; if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) { @@ -421,7 +438,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) { m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, do_dsa_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -450,7 +467,7 @@ static int dsa_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { DSA *dsa; dsa = d2i_DSAparams(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_param_decode, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -481,7 +498,7 @@ static int old_dsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, DSA *dsa; dsa = d2i_DSAPrivateKey(NULL, pder, derlen); if (dsa == NULL) { - OPENSSL_PUT_ERROR(EVP, old_dsa_priv_decode, ERR_R_DSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_DSA_LIB); return 0; } EVP_PKEY_assign_DSA(pkey, dsa); @@ -515,7 +532,7 @@ static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, update_buflen(dsa_sig->s, &buf_len); m = OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, dsa_sig_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -538,7 +555,6 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { 0, "DSA", - "OpenSSL DSA method", dsa_pub_decode, dsa_pub_encode, diff --git a/src/crypto/evp/p_ec.c b/src/crypto/evp/p_ec.c index 73c00d8..77f213d 100644 --- a/src/crypto/evp/p_ec.c +++ b/src/crypto/evp/p_ec.c @@ -125,25 +125,18 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) { static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, const uint8_t *tbs, size_t tbslen) { - int type; unsigned int sltmp; - EC_PKEY_CTX *dctx = ctx->data; EC_KEY *ec = ctx->pkey->pkey.ec; if (!sig) { *siglen = ECDSA_size(ec); return 1; } else if (*siglen < (size_t)ECDSA_size(ec)) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_sign, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } - type = NID_sha1; - if (dctx->md) { - type = EVP_MD_type(dctx->md); - } - - if (!ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec)) { + if (!ECDSA_sign(0, tbs, tbslen, sig, &sltmp, ec)) { return 0; } *siglen = (size_t)sltmp; @@ -152,16 +145,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, static int pkey_ec_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, size_t siglen, const uint8_t *tbs, size_t tbslen) { - int type; - EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; - - type = NID_sha1; - if (dctx->md) { - type = EVP_MD_type(dctx->md); - } - - return ECDSA_verify(type, tbs, tbslen, sig, siglen, ec); + return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->pkey->pkey.ec); } static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, @@ -172,7 +156,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, uint8_t *key, EC_KEY *eckey; if (!ctx->pkey || !ctx->peerkey) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_derive, EVP_R_KEYS_NOT_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } @@ -207,7 +191,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID: group = EC_GROUP_new_by_curve_name(p1); if (group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_CURVE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_CURVE); return 0; } EC_GROUP_free(dctx->gen_group); @@ -221,7 +205,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && EVP_MD_type((const EVP_MD *)p2) != NID_sha512) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_DIGEST_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_TYPE); return 0; } dctx->md = p2; @@ -232,12 +216,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { return 1; case EVP_PKEY_CTRL_PEER_KEY: - /* Default behaviour is OK */ - case EVP_PKEY_CTRL_DIGESTINIT: + /* Default behaviour is OK */ return 1; default: - OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -248,7 +231,7 @@ static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { int ret = 0; if (dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_paramgen, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -268,7 +251,7 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { EC_KEY *ec = NULL; EC_PKEY_CTX *dctx = ctx->data; if (ctx->pkey == NULL && dctx->gen_group == NULL) { - OPENSSL_PUT_ERROR(EVP, pkey_ec_keygen, EVP_R_NO_PARAMETERS_SET); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } ec = EC_KEY_new(); @@ -290,12 +273,11 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD ec_pkey_meth = { - EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, - pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, - pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, - 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, - pkey_ec_verify, 0 /* signctx_init */, 0 /* signctx */, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, - 0 /* derive_init */, pkey_ec_derive, pkey_ec_ctrl, + EVP_PKEY_EC, 0 /* flags */, pkey_ec_init, + pkey_ec_copy, pkey_ec_cleanup, 0 /* paramgen_init */, + pkey_ec_paramgen, 0 /* keygen_init */, pkey_ec_keygen, + 0 /* sign_init */, pkey_ec_sign, 0 /* verify_init */, + pkey_ec_verify, 0 /* encrypt_init */, 0 /* encrypt */, + 0 /* decrypt_init */, 0 /* decrypt */, 0 /* derive_init */, + pkey_ec_derive, pkey_ec_ctrl, }; diff --git a/src/crypto/evp/p_ec_asn1.c b/src/crypto/evp/p_ec_asn1.c index fbbf4e7..9867947 100644 --- a/src/crypto/evp/p_ec_asn1.c +++ b/src/crypto/evp/p_ec_asn1.c @@ -71,13 +71,13 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) { int nid; if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); return 0; } nid = EC_GROUP_get_curve_name(group); if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EVP, eckey_param2type, EVP_R_NO_NID_FOR_CURVE); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_NID_FOR_CURVE); return 0; } @@ -94,7 +94,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { int penclen; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } penclen = i2o_ECPublicKey(ec_key, NULL); @@ -137,7 +137,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { eckey = d2i_ECParameters(NULL, &pm, pmlen); if (eckey == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } } else if (ptype == V_ASN1_OBJECT) { @@ -150,7 +150,7 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) { goto err; } } else { - OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } @@ -177,13 +177,13 @@ static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { eckey = eckey_type2param(ptype, pval); if (!eckey) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* We have parameters now set public key */ if (!o2i_ECPublicKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, eckey_pub_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } @@ -232,7 +232,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto ecerr; } @@ -246,23 +246,23 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (pub_key == NULL) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } priv_key = EC_KEY_get0_private_key(eckey); if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } if (EC_KEY_set_public_key(eckey, pub_key) == 0) { EC_POINT_free(pub_key); - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); goto ecliberr; } EC_POINT_free(pub_key); @@ -272,7 +272,7 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { return 1; ecliberr: - OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); ecerr: if (eckey) { EC_KEY_free(eckey); @@ -290,7 +290,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { ec_key = pkey->pkey.ec; if (!eckey_param2type(&ptype, &pval, ec_key)) { - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } @@ -304,20 +304,20 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { eplen = i2d_ECPrivateKey(ec_key, NULL); if (!eplen) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } ep = (uint8_t *)OPENSSL_malloc(eplen); if (!ep) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } p = ep; if (!i2d_ECPrivateKey(ec_key, &p)) { EC_KEY_set_enc_flags(ec_key, old_flags); OPENSSL_free(ep); - OPENSSL_PUT_ERROR(EVP, eckey_priv_encode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* restore old encoding flags */ @@ -325,6 +325,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, ptype, pval, ep, eplen)) { + OPENSSL_free(ep); return 0; } @@ -478,7 +479,7 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { err: if (!ret) { - OPENSSL_PUT_ERROR(EVP, do_EC_KEY_print, reason); + OPENSSL_PUT_ERROR(EVP, reason); } OPENSSL_free(pub_key_bytes); BN_free(order); @@ -491,7 +492,7 @@ static int eckey_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *eckey; if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, eckey_param_decode, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } EVP_PKEY_assign_EC_KEY(pkey, eckey); @@ -526,7 +527,7 @@ static int old_ec_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *ec; if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) { - OPENSSL_PUT_ERROR(EVP, old_ec_priv_decode, EVP_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } EVP_PKEY_assign_EC_KEY(pkey, ec); @@ -542,7 +543,6 @@ const EVP_PKEY_ASN1_METHOD ec_asn1_meth = { EVP_PKEY_EC, 0, "EC", - "OpenSSL EC algorithm", eckey_pub_decode, eckey_pub_encode, diff --git a/src/crypto/evp/p_hmac.c b/src/crypto/evp/p_hmac.c deleted file mode 100644 index 7d3254a..0000000 --- a/src/crypto/evp/p_hmac.c +++ /dev/null @@ -1,223 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include <openssl/evp.h> - -#include <string.h> - -#include <openssl/asn1.h> -#include <openssl/err.h> -#include <openssl/hmac.h> -#include <openssl/mem.h> -#include <openssl/obj.h> - -#include "internal.h" -#include "../digest/internal.h" - - -typedef struct { - const EVP_MD *md; /* MD for HMAC use */ - ASN1_OCTET_STRING ktmp; /* Temp storage for key */ - HMAC_CTX ctx; -} HMAC_PKEY_CTX; - -static int pkey_hmac_init(EVP_PKEY_CTX *ctx) { - HMAC_PKEY_CTX *hctx; - hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); - if (!hctx) { - return 0; - } - memset(hctx, 0, sizeof(HMAC_PKEY_CTX)); - hctx->ktmp.type = V_ASN1_OCTET_STRING; - HMAC_CTX_init(&hctx->ctx); - - ctx->data = hctx; - - return 1; -} - -static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { - HMAC_PKEY_CTX *sctx, *dctx; - if (!pkey_hmac_init(dst)) { - return 0; - } - sctx = src->data; - dctx = dst->data; - dctx->md = sctx->md; - HMAC_CTX_init(&dctx->ctx); - if (!HMAC_CTX_copy_ex(&dctx->ctx, &sctx->ctx)) { - return 0; - } - if (sctx->ktmp.data) { - if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data, - sctx->ktmp.length)) { - return 0; - } - } - return 1; -} - -static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) { - HMAC_PKEY_CTX *hctx = ctx->data; - - if (hctx == NULL) { - return; - } - - HMAC_CTX_cleanup(&hctx->ctx); - if (hctx->ktmp.data) { - if (hctx->ktmp.length) { - OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); - } - OPENSSL_free(hctx->ktmp.data); - hctx->ktmp.data = NULL; - } - OPENSSL_free(hctx); -} - -static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { - ASN1_OCTET_STRING *hkey = NULL; - HMAC_PKEY_CTX *hctx = ctx->data; - - if (!hctx->ktmp.data) { - return 0; - } - hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp); - if (!hkey) { - return 0; - } - EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey); - - return 1; -} - -static void int_update(EVP_MD_CTX *ctx, const void *data, size_t count) { - HMAC_PKEY_CTX *hctx = ctx->pctx->data; - HMAC_Update(&hctx->ctx, data, count); -} - -static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { - /* |mctx| gets repurposed as a hook to call |HMAC_Update|. Suppress the - * automatic setting of |mctx->update| and the rest of its initialization. */ - EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); - mctx->update = int_update; - return 1; -} - -static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx) { - unsigned int hlen; - HMAC_PKEY_CTX *hctx = ctx->data; - size_t md_size = EVP_MD_CTX_size(mctx); - - if (!sig) { - *siglen = md_size; - return 1; - } else if (*siglen < md_size) { - OPENSSL_PUT_ERROR(EVP, hmac_signctx, EVP_R_BUFFER_TOO_SMALL); - return 0; - } - - if (!HMAC_Final(&hctx->ctx, sig, &hlen)) { - return 0; - } - *siglen = (size_t)hlen; - return 1; -} - -static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { - HMAC_PKEY_CTX *hctx = ctx->data; - ASN1_OCTET_STRING *key; - - switch (type) { - case EVP_PKEY_CTRL_SET_MAC_KEY: - if ((!p2 && p1 > 0) || (p1 < -1)) { - return 0; - } - if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1)) { - return 0; - } - break; - - case EVP_PKEY_CTRL_MD: - hctx->md = p2; - break; - - case EVP_PKEY_CTRL_DIGESTINIT: - key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; - if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, - ctx->engine)) { - return 0; - } - break; - - default: - OPENSSL_PUT_ERROR(EVP, pkey_hmac_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); - return 0; - } - return 1; -} - -const EVP_PKEY_METHOD hmac_pkey_meth = { - EVP_PKEY_HMAC, 0 /* flags */, pkey_hmac_init, - pkey_hmac_copy, pkey_hmac_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_hmac_keygen, - 0 /* sign_init */, 0 /* sign */, 0 /* verify_init */, - 0 /* verify */, hmac_signctx_init, hmac_signctx, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - 0 /* encrypt */, 0 /* decrypt_init */, 0 /* decrypt */, - 0 /* derive_init */, 0 /* derive */, pkey_hmac_ctrl, - 0, -}; diff --git a/src/crypto/evp/p_hmac_asn1.c b/src/crypto/evp/p_hmac_asn1.c deleted file mode 100644 index 8aa6676..0000000 --- a/src/crypto/evp/p_hmac_asn1.c +++ /dev/null @@ -1,89 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2007. - */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#include <openssl/evp.h> - -#include <openssl/asn1.h> -#include <openssl/digest.h> -#include <openssl/mem.h> -#include <openssl/obj.h> - -#include "internal.h" - - -static int hmac_size(const EVP_PKEY *pkey) { return EVP_MAX_MD_SIZE; } - -static void hmac_key_free(EVP_PKEY *pkey) { - ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr; - if (os) { - if (os->data) { - OPENSSL_cleanse(os->data, os->length); - } - ASN1_OCTET_STRING_free(os); - } -} - -const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = { - EVP_PKEY_HMAC, EVP_PKEY_HMAC, 0 /* flags */, - "HMAC", "OpenSSL HMAC method", 0 /* pub_decode */, - 0 /* pub_encode */, 0 /* pub_cmp */, 0 /* pub_print */, - 0 /*priv_decode */, 0 /* priv_encode */, 0 /* priv_print */, - 0 /* pkey_opaque */, 0 /* pkey_supports_digest */, - hmac_size, 0 /* pkey_bits */, 0 /* param_decode */, - 0 /* param_encode*/, 0 /* param_missing*/, 0 /* param_copy*/, - 0 /* param_cmp*/, 0 /* param_print*/, 0 /* sig_print*/, - hmac_key_free, 0 /* old_priv_decode */, - 0 /* old_priv_encode */ -}; diff --git a/src/crypto/evp/p_rsa.c b/src/crypto/evp/p_rsa.c index 5abc075..cfecbfd 100644 --- a/src/crypto/evp/p_rsa.c +++ b/src/crypto/evp/p_rsa.c @@ -174,7 +174,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, } if (*siglen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -182,12 +182,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen, unsigned int out_len; if (tbslen != EVP_MD_size(rctx->md)) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_INVALID_DIGEST_LENGTH); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_DIGEST_LENGTH); return 0; } if (EVP_MD_type(rctx->md) == NID_mdc2) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_sign, EVP_R_NO_MDC2_SUPPORT); + OPENSSL_PUT_ERROR(EVP, EVP_R_NO_MDC2_SUPPORT); return 0; } @@ -268,7 +268,7 @@ static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *outlen, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_encrypt, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -300,7 +300,7 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, } if (*outlen < key_len) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_decrypt, EVP_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; } @@ -333,7 +333,7 @@ static int check_padding_md(const EVP_MD *md, int padding) { } if (padding == RSA_NO_PADDING) { - OPENSSL_PUT_ERROR(EVP, check_padding_md, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } @@ -361,8 +361,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { 0 == (ctx->operation & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY))) || (p1 == RSA_PKCS1_OAEP_PADDING && 0 == (ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, - EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); return 0; } if ((p1 == RSA_PKCS1_PSS_PADDING || p1 == RSA_PKCS1_OAEP_PADDING) && @@ -379,7 +378,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PSS_SALTLEN); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_SALTLEN); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN) { @@ -394,7 +393,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: if (p1 < 256) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_KEYBITS); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_KEYBITS); return 0; } rctx->nbits = p1; @@ -411,7 +410,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_MD: case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) { @@ -436,7 +435,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_MGF1_MD: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_MGF1_MD); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_MGF1_MD); return 0; } if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) { @@ -452,7 +451,7 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } OPENSSL_free(rctx->oaep_label); @@ -469,17 +468,14 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_INVALID_PADDING_MODE); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PADDING_MODE); return 0; } CBS_init((CBS *)p2, rctx->oaep_label, rctx->oaep_labellen); return 1; - case EVP_PKEY_CTRL_DIGESTINIT: - return 1; - default: - OPENSSL_PUT_ERROR(EVP, pkey_rsa_ctrl, EVP_R_COMMAND_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); return 0; } } @@ -509,14 +505,13 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { } const EVP_PKEY_METHOD rsa_pkey_meth = { - EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, - pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, - 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, - 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, - pkey_rsa_verify, 0 /* signctx_init */, 0 /* signctx */, - 0 /* verifyctx_init */, 0 /* verifyctx */, 0 /* encrypt_init */, - pkey_rsa_encrypt, 0 /* decrypt_init */, pkey_rsa_decrypt, - 0 /* derive_init */, 0 /* derive */, pkey_rsa_ctrl, + EVP_PKEY_RSA, 0 /* flags */, pkey_rsa_init, + pkey_rsa_copy, pkey_rsa_cleanup, 0 /* paramgen_init */, + 0 /* paramgen */, 0 /* keygen_init */, pkey_rsa_keygen, + 0 /* sign_init */, pkey_rsa_sign, 0 /* verify_init */, + pkey_rsa_verify, 0 /* encrypt_init */, pkey_rsa_encrypt, + 0 /* decrypt_init */, pkey_rsa_decrypt, 0 /* derive_init */, + 0 /* derive */, pkey_rsa_ctrl, }; int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int padding) { @@ -593,7 +588,7 @@ int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, return -1; } if (CBS_len(&label) > INT_MAX) { - OPENSSL_PUT_ERROR(EVP, EVP_PKEY_CTX_get0_rsa_oaep_label, ERR_R_OVERFLOW); + OPENSSL_PUT_ERROR(EVP, ERR_R_OVERFLOW); return -1; } *out_label = CBS_data(&label); diff --git a/src/crypto/evp/p_rsa_asn1.c b/src/crypto/evp/p_rsa_asn1.c index 1e2d3f6..f60625b 100644 --- a/src/crypto/evp/p_rsa_asn1.c +++ b/src/crypto/evp/p_rsa_asn1.c @@ -57,6 +57,7 @@ #include <openssl/asn1.h> #include <openssl/asn1t.h> +#include <openssl/bytestring.h> #include <openssl/digest.h> #include <openssl/err.h> #include <openssl/mem.h> @@ -69,16 +70,14 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - uint8_t *encoded = NULL; - int len; - len = i2d_RSAPublicKey(pkey->pkey.rsa, &encoded); - - if (len <= 0) { + uint8_t *encoded; + size_t encoded_len; + if (!RSA_public_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { return 0; } if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA), V_ASN1_NULL, NULL, - encoded, len)) { + encoded, encoded_len)) { OPENSSL_free(encoded); return 0; } @@ -89,16 +88,25 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const uint8_t *p; int pklen; - RSA *rsa; - if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey)) { return 0; } - rsa = d2i_RSAPublicKey(NULL, &p, pklen); - if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_pub_decode, ERR_R_RSA_LIB); + + /* Estonian IDs issued between September 2014 to September 2015 are + * broken. See https://crbug.com/532048 and https://crbug.com/534766. + * + * TODO(davidben): Switch this to the strict version in March 2016 or when + * Chromium can force client certificates down a different codepath, whichever + * comes first. */ + CBS cbs; + CBS_init(&cbs, p, pklen); + RSA *rsa = RSA_parse_public_key_buggy(&cbs); + if (rsa == NULL || CBS_len(&cbs) != 0) { + OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); + RSA_free(rsa); return 0; } + EVP_PKEY_assign_RSA(pkey, rsa); return 1; } @@ -109,20 +117,17 @@ static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { } static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { - uint8_t *rk = NULL; - int rklen; - - rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); - - if (rklen <= 0) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); + uint8_t *encoded; + size_t encoded_len; + if (!RSA_private_key_to_bytes(&encoded, &encoded_len, pkey->pkey.rsa)) { return 0; } /* TODO(fork): const correctness in next line. */ if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_rsaEncryption), 0, - V_ASN1_NULL, NULL, rk, rklen)) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_encode, ERR_R_MALLOC_FAILURE); + V_ASN1_NULL, NULL, encoded, encoded_len)) { + OPENSSL_free(encoded); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } @@ -132,16 +137,14 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { const uint8_t *p; int pklen; - RSA *rsa; - if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8)) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); return 0; } - rsa = d2i_RSAPrivateKey(NULL, &p, pklen); + RSA *rsa = RSA_private_key_from_bytes(p, pklen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_priv_decode, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); return 0; } @@ -198,11 +201,24 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, update_buflen(rsa->dmp1, &buf_len); update_buflen(rsa->dmq1, &buf_len); update_buflen(rsa->iqmp, &buf_len); + + if (rsa->additional_primes != NULL) { + size_t i; + + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); + i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + update_buflen(ap->prime, &buf_len); + update_buflen(ap->exp, &buf_len); + update_buflen(ap->coeff, &buf_len); + } + } } m = (uint8_t *)OPENSSL_malloc(buf_len + 10); if (m == NULL) { - OPENSSL_PUT_ERROR(EVP, do_rsa_print, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EVP, ERR_R_MALLOC_FAILURE); goto err; } @@ -241,6 +257,28 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, !ASN1_bn_print(out, "coefficient:", rsa->iqmp, m, off)) { goto err; } + + if (rsa->additional_primes != NULL && + sk_RSA_additional_prime_num(rsa->additional_primes) > 0) { + size_t i; + + if (BIO_printf(out, "otherPrimeInfos:\n") <= 0) { + goto err; + } + for (i = 0; i < sk_RSA_additional_prime_num(rsa->additional_primes); + i++) { + const RSA_additional_prime *ap = + sk_RSA_additional_prime_value(rsa->additional_primes, i); + + if (BIO_printf(out, "otherPrimeInfo (prime %u):\n", + (unsigned)(i + 3)) <= 0 || + !ASN1_bn_print(out, "prime:", ap->prime, m, off) || + !ASN1_bn_print(out, "exponent:", ap->exp, m, off) || + !ASN1_bn_print(out, "coeff:", ap->coeff, m, off)) { + goto err; + } + } + } } ret = 1; @@ -407,18 +445,18 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, return 1; } -static int old_rsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, +static int old_rsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { RSA *rsa = d2i_RSAPrivateKey(NULL, pder, derlen); if (rsa == NULL) { - OPENSSL_PUT_ERROR(EVP, old_rsa_priv_decode, ERR_R_RSA_LIB); + OPENSSL_PUT_ERROR(EVP, ERR_R_RSA_LIB); return 0; } EVP_PKEY_assign_RSA(pkey, rsa); return 1; } -static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) { +static int old_rsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { return i2d_RSAPrivateKey(pkey->pkey.rsa, pder); } @@ -474,7 +512,7 @@ static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg) { } md = EVP_get_digestbyobj(alg->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_algor_to_md, EVP_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_DIGEST); } return md; } @@ -487,16 +525,16 @@ static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash) { } /* Check mask and lookup mask hash algorithm */ if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_ALGORITHM); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_ALGORITHM); return NULL; } if (!maskHash) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNSUPPORTED_MASK_PARAMETER); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_MASK_PARAMETER); return NULL; } md = EVP_get_digestbyobj(maskHash->algorithm); if (md == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_mgf1_to_md, EVP_R_UNKNOWN_MASK_DIGEST); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNKNOWN_MASK_DIGEST); return NULL; } return md; @@ -576,13 +614,13 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg, &maskHash); if (pss == NULL) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_PSS_PARAMETERS); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PSS_PARAMETERS); goto err; } @@ -602,7 +640,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* Could perform more salt length sanity checks but the main * RSA routines will trap other invalid values anyway. */ if (saltlen < 0) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_SALT_LENGTH); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_SALT_LENGTH); goto err; } } @@ -610,7 +648,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { /* low-level routines support only trailer field 0xbc (value 1) * and PKCS#1 says we should reject any other value anyway. */ if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_INVALID_TRAILER); + OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_TRAILER); goto err; } @@ -638,8 +676,7 @@ static int rsa_digest_verify_init_from_algorithm(EVP_MD_CTX *ctx, EVP_PKEY *pkey) { /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { - OPENSSL_PUT_ERROR(EVP, rsa_digest_verify_init_from_algorithm, - EVP_R_UNSUPPORTED_SIGNATURE_TYPE); + OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return 0; } return rsa_pss_to_ctx(ctx, sigalg, pkey); @@ -671,7 +708,6 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meth = { ASN1_PKEY_SIGPARAM_NULL, "RSA", - "OpenSSL RSA method", rsa_pub_decode, rsa_pub_encode, |