2 * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include "internal/cryptlib.h"
13 #include <openssl/objects.h>
14 #include <openssl/evp.h>
15 #include "internal/evp_int.h"
17 #define M_check_autoarg(ctx, arg, arglen, err) \
18 if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
20 size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
23 EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/\
31 else if (*arglen < pksize) \
33 EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
38 int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
41 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
42 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
43 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
46 ctx->operation = EVP_PKEY_OP_SIGN;
47 if (!ctx->pmeth->sign_init)
49 ret = ctx->pmeth->sign_init(ctx);
51 ctx->operation = EVP_PKEY_OP_UNDEFINED;
55 int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
56 unsigned char *sig, size_t *siglen,
57 const unsigned char *tbs, size_t tbslen)
59 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
60 EVPerr(EVP_F_EVP_PKEY_SIGN,
61 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
64 if (ctx->operation != EVP_PKEY_OP_SIGN) {
65 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
68 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
69 return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
72 int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
75 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
76 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
77 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
80 ctx->operation = EVP_PKEY_OP_VERIFY;
81 if (!ctx->pmeth->verify_init)
83 ret = ctx->pmeth->verify_init(ctx);
85 ctx->operation = EVP_PKEY_OP_UNDEFINED;
89 int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
90 const unsigned char *sig, size_t siglen,
91 const unsigned char *tbs, size_t tbslen)
93 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
94 EVPerr(EVP_F_EVP_PKEY_VERIFY,
95 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
98 if (ctx->operation != EVP_PKEY_OP_VERIFY) {
99 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
102 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
105 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
108 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
109 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
110 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
113 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
114 if (!ctx->pmeth->verify_recover_init)
116 ret = ctx->pmeth->verify_recover_init(ctx);
118 ctx->operation = EVP_PKEY_OP_UNDEFINED;
122 int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
123 unsigned char *rout, size_t *routlen,
124 const unsigned char *sig, size_t siglen)
126 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
127 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
128 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
131 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
132 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
135 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
136 return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
139 int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
142 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
143 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
147 ctx->operation = EVP_PKEY_OP_ENCRYPT;
148 if (!ctx->pmeth->encrypt_init)
150 ret = ctx->pmeth->encrypt_init(ctx);
152 ctx->operation = EVP_PKEY_OP_UNDEFINED;
156 int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
157 unsigned char *out, size_t *outlen,
158 const unsigned char *in, size_t inlen)
160 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
161 EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
162 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
165 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
166 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
169 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
170 return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
173 int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
176 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
177 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
178 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 ctx->operation = EVP_PKEY_OP_DECRYPT;
182 if (!ctx->pmeth->decrypt_init)
184 ret = ctx->pmeth->decrypt_init(ctx);
186 ctx->operation = EVP_PKEY_OP_UNDEFINED;
190 int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
191 unsigned char *out, size_t *outlen,
192 const unsigned char *in, size_t inlen)
194 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
195 EVPerr(EVP_F_EVP_PKEY_DECRYPT,
196 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
199 if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
200 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
203 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
204 return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
207 int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
210 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
211 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
212 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
215 ctx->operation = EVP_PKEY_OP_DERIVE;
216 if (!ctx->pmeth->derive_init)
218 ret = ctx->pmeth->derive_init(ctx);
220 ctx->operation = EVP_PKEY_OP_UNDEFINED;
224 int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
227 if (!ctx || !ctx->pmeth
228 || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt)
229 || !ctx->pmeth->ctrl) {
230 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
231 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
234 if (ctx->operation != EVP_PKEY_OP_DERIVE
235 && ctx->operation != EVP_PKEY_OP_ENCRYPT
236 && ctx->operation != EVP_PKEY_OP_DECRYPT) {
237 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
238 EVP_R_OPERATON_NOT_INITIALIZED);
242 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
251 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
255 if (ctx->pkey->type != peer->type) {
256 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
261 * ran@cryptocom.ru: For clarity. The error is if parameters in peer are
262 * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
263 * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
264 * (different key types) is impossible here because it is checked earlier.
265 * -2 is OK for us here, as well as 1, so we can check for 0 only.
267 if (!EVP_PKEY_missing_parameters(peer) &&
268 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
269 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
273 EVP_PKEY_free(ctx->peerkey);
276 ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
283 EVP_PKEY_up_ref(peer);
287 int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
289 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
290 EVPerr(EVP_F_EVP_PKEY_DERIVE,
291 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
294 if (ctx->operation != EVP_PKEY_OP_DERIVE) {
295 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
298 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
299 return ctx->pmeth->derive(ctx, key, pkeylen);