typedef struct {
OPENSSL_CTX *libctx;
+ char *propq;
EC_KEY *ec;
char mdname[OSSL_MAX_NAME_SIZE];
EVP_MD *md;
EVP_MD_CTX *mdctx;
- /*
- * This indicates that KAT (CAVS) test is running. Externally an app will
- * override the random callback such that the generated private key and k
- * are known.
- * Normal operation will loop to choose a new k if the signature is not
- * valid - but for this mode of operation it forces a failure instead.
- */
- unsigned int kattest;
/*
* Internally used to cache the results of calling the EC group
* sign_setup() methods which are then passed to the sign operation.
*/
BIGNUM *kinv;
BIGNUM *r;
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
+ /*
+ * This indicates that KAT (CAVS) test is running. Externally an app will
+ * override the random callback such that the generated private key and k
+ * are known.
+ * Normal operation will loop to choose a new k if the signature is not
+ * valid - but for this mode of operation it forces a failure instead.
+ */
+ unsigned int kattest;
+#endif
} PROV_ECDSA_CTX;
-static void *ecdsa_newctx(void *provctx)
+static void *ecdsa_newctx(void *provctx, const char *propq)
{
PROV_ECDSA_CTX *ctx = OPENSSL_zalloc(sizeof(PROV_ECDSA_CTX));
return NULL;
ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
+ if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) {
+ OPENSSL_free(ctx);
+ ctx = NULL;
+ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ }
return ctx;
}
return 1;
}
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
if (ctx->kattest && !ECDSA_sign_setup(ctx->ec, NULL, &ctx->kinv, &ctx->r))
return 0;
+#endif
if (sigsize < (size_t)ecsize)
return 0;
static void free_md(PROV_ECDSA_CTX *ctx)
{
+ OPENSSL_free(ctx->propq);
EVP_MD_CTX_free(ctx->mdctx);
EVP_MD_free(ctx->md);
+ ctx->propq = NULL;
ctx->mdctx = NULL;
ctx->md = NULL;
ctx->mdsize = 0;
}
static int ecdsa_digest_signverify_init(void *vctx, const char *mdname,
- const char *props, void *ec)
+ void *ec)
{
PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
int md_nid = NID_undef;
if (!ecdsa_signature_init(vctx, ec))
return 0;
- ctx->md = EVP_MD_fetch(ctx->libctx, mdname, props);
+ ctx->md = EVP_MD_fetch(ctx->libctx, mdname, ctx->propq);
if ((md_nid = get_md_nid(ctx->md)) == NID_undef)
goto error;
*/
ctx->aid_len = 0;
if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf))
- && DER_w_algorithmIdentifier_ECDSA_with(&pkt, -1, ctx->ec, md_nid)
+ && DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec, md_nid)
&& WPACKET_finish(&pkt)) {
WPACKET_get_total_written(&pkt, &ctx->aid_len);
ctx->aid = WPACKET_get_curr(&pkt);
*/
return 1;
}
-
+#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_KAT);
if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->kattest))
return 0;
+#endif
p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
if (p != NULL && !OSSL_PARAM_get_size_t(p, &ctx->mdsize))