X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=providers%2Fimplementations%2Fsignature%2Fdsa.c;h=81e435c4198a5a8f09027a2297b9b5b7daa5fe89;hb=91593b37840067c588ce38bc628922d4b3400917;hp=f18f90ec6389a2c5619ede947698810522bf1570;hpb=f590a5ea1ad7597c10dacab7c3a8c786cf4a7ea7;p=openssl.git diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c index f18f90ec63..81e435c419 100644 --- a/providers/implementations/signature/dsa.c +++ b/providers/implementations/signature/dsa.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -23,25 +23,26 @@ #include #include #include +#include #include "internal/nelem.h" #include "internal/sizes.h" #include "internal/cryptlib.h" #include "prov/providercommon.h" #include "prov/implementations.h" -#include "prov/providercommonerr.h" #include "prov/provider_ctx.h" +#include "prov/securitycheck.h" #include "crypto/dsa.h" #include "prov/der_dsa.h" static OSSL_FUNC_signature_newctx_fn dsa_newctx; -static OSSL_FUNC_signature_sign_init_fn dsa_signature_init; -static OSSL_FUNC_signature_verify_init_fn dsa_signature_init; +static OSSL_FUNC_signature_sign_init_fn dsa_sign_init; +static OSSL_FUNC_signature_verify_init_fn dsa_verify_init; static OSSL_FUNC_signature_sign_fn dsa_sign; static OSSL_FUNC_signature_verify_fn dsa_verify; -static OSSL_FUNC_signature_digest_sign_init_fn dsa_digest_signverify_init; +static OSSL_FUNC_signature_digest_sign_init_fn dsa_digest_sign_init; static OSSL_FUNC_signature_digest_sign_update_fn dsa_digest_signverify_update; static OSSL_FUNC_signature_digest_sign_final_fn dsa_digest_sign_final; -static OSSL_FUNC_signature_digest_verify_init_fn dsa_digest_signverify_init; +static OSSL_FUNC_signature_digest_verify_init_fn dsa_digest_verify_init; static OSSL_FUNC_signature_digest_verify_update_fn dsa_digest_signverify_update; static OSSL_FUNC_signature_digest_verify_final_fn dsa_digest_verify_final; static OSSL_FUNC_signature_freectx_fn dsa_freectx; @@ -62,7 +63,7 @@ static OSSL_FUNC_signature_settable_ctx_md_params_fn dsa_settable_ctx_md_params; */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; DSA *dsa; @@ -84,9 +85,10 @@ typedef struct { /* main digest */ EVP_MD *md; EVP_MD_CTX *mdctx; - size_t mdsize; + int operation; } PROV_DSA_CTX; + static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx) { if (pdsactx->md != NULL) @@ -94,44 +96,6 @@ static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx) return 0; } -static int dsa_get_md_nid(const EVP_MD *md) -{ - /* - * Because the DSA library deals with NIDs, we need to translate. - * We do so using EVP_MD_is_a(), and therefore need a name to NID - * map. - */ - static const OSSL_ITEM name_to_nid[] = { - { NID_sha1, OSSL_DIGEST_NAME_SHA1 }, - { NID_sha224, OSSL_DIGEST_NAME_SHA2_224 }, - { NID_sha256, OSSL_DIGEST_NAME_SHA2_256 }, - { NID_sha384, OSSL_DIGEST_NAME_SHA2_384 }, - { NID_sha512, OSSL_DIGEST_NAME_SHA2_512 }, - { NID_sha3_224, OSSL_DIGEST_NAME_SHA3_224 }, - { NID_sha3_256, OSSL_DIGEST_NAME_SHA3_256 }, - { NID_sha3_384, OSSL_DIGEST_NAME_SHA3_384 }, - { NID_sha3_512, OSSL_DIGEST_NAME_SHA3_512 }, - }; - size_t i; - int mdnid = NID_undef; - - if (md == NULL) - goto end; - - for (i = 0; i < OSSL_NELEM(name_to_nid); i++) { - if (EVP_MD_is_a(md, name_to_nid[i].ptr)) { - mdnid = (int)name_to_nid[i].id; - break; - } - } - - if (mdnid == NID_undef) - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST); - - end: - return mdnid; -} - static void *dsa_newctx(void *provctx, const char *propq) { PROV_DSA_CTX *pdsactx; @@ -143,7 +107,7 @@ static void *dsa_newctx(void *provctx, const char *propq) if (pdsactx == NULL) return NULL; - pdsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + pdsactx->libctx = PROV_LIBCTX_OF(provctx); pdsactx->flag_allow_md = 1; if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(pdsactx); @@ -160,11 +124,22 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, mdprops = ctx->propq; if (mdname != NULL) { - EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); - int md_nid = dsa_get_md_nid(md); + int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN); WPACKET pkt; + EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); + int md_nid = ossl_digest_get_approved_nid_with_sha1(md, sha1_allowed); + size_t mdname_len = strlen(mdname); if (md == NULL || md_nid == NID_undef) { + if (md == NULL) + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, + "%s could not be fetched", mdname); + if (md_nid == NID_undef) + ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED, + "digest=%s", mdname); + if (mdname_len >= sizeof(ctx->mdname)) + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, + "%s exceeds name buffer length", mdname); EVP_MD_free(md); return 0; } @@ -181,8 +156,8 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, */ ctx->aid_len = 0; if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) - && DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa, - md_nid) + && ossl_DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa, + md_nid) && WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, &ctx->aid_len); ctx->aid = WPACKET_get_curr(&pkt); @@ -196,7 +171,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, return 1; } -static int dsa_signature_init(void *vpdsactx, void *vdsa) +static int dsa_signverify_init(void *vpdsactx, void *vdsa, int operation) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; @@ -207,9 +182,24 @@ static int dsa_signature_init(void *vpdsactx, void *vdsa) return 0; DSA_free(pdsactx->dsa); pdsactx->dsa = vdsa; + pdsactx->operation = operation; + if (!ossl_dsa_check_key(vdsa, operation == EVP_PKEY_OP_SIGN)) { + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); + return 0; + } return 1; } +static int dsa_sign_init(void *vpdsactx, void *vdsa) +{ + return dsa_signverify_init(vpdsactx, vdsa, EVP_PKEY_OP_SIGN); +} + +static int dsa_verify_init(void *vpdsactx, void *vdsa) +{ + return dsa_signverify_init(vpdsactx, vdsa, EVP_PKEY_OP_VERIFY); +} + static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen, size_t sigsize, const unsigned char *tbs, size_t tbslen) { @@ -233,7 +223,7 @@ static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen, if (mdsize != 0 && tbslen != mdsize) return 0; - ret = dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa); + ret = ossl_dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa); if (ret <= 0) return 0; @@ -254,7 +244,7 @@ static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen, } static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, - void *vdsa) + void *vdsa, int operation) { PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx; @@ -262,7 +252,7 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, return 0; pdsactx->flag_allow_md = 0; - if (!dsa_signature_init(vpdsactx, vdsa)) + if (!dsa_signverify_init(vpdsactx, vdsa, operation)) return 0; if (!dsa_setup_md(pdsactx, mdname, NULL)) @@ -285,6 +275,17 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname, return 0; } +static int dsa_digest_sign_init(void *vpdsactx, const char *mdname, + void *vdsa) +{ + return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, EVP_PKEY_OP_SIGN); +} + +static int dsa_digest_verify_init(void *vpdsactx, const char *mdname, void *vdsa) +{ + return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, EVP_PKEY_OP_VERIFY); +} + int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data, size_t datalen) { @@ -359,7 +360,6 @@ static void dsa_freectx(void *vpdsactx) ctx->propq = NULL; ctx->mdctx = NULL; ctx->md = NULL; - ctx->mdsize = 0; DSA_free(ctx->dsa); OPENSSL_free(ctx); } @@ -380,6 +380,7 @@ static void *dsa_dupctx(void *vpdsactx) dstctx->dsa = NULL; dstctx->md = NULL; dstctx->mdctx = NULL; + dstctx->propq = NULL; if (srcctx->dsa != NULL && !DSA_up_ref(srcctx->dsa)) goto err; @@ -395,6 +396,11 @@ static void *dsa_dupctx(void *vpdsactx) || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx)) goto err; } + if (srcctx->propq != NULL) { + dstctx->propq = OPENSSL_strdup(srcctx->propq); + if (dstctx->propq == NULL) + goto err; + } return dstctx; err: @@ -428,7 +434,7 @@ static const OSSL_PARAM known_gettable_ctx_params[] = { OSSL_PARAM_END }; -static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *provctx) +static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *vctx) { return known_gettable_ctx_params; } @@ -477,6 +483,12 @@ static const OSSL_PARAM *dsa_settable_ctx_params(ossl_unused void *provctx) * params if the ctx is being used for a DigestSign/DigestVerify? In that * case it is not allowed to set the digest size/digest name because the * digest is explicitly set as part of the init. + * NOTE: Ideally we would check pdsactx->flag_allow_md, but this is + * problematic because there is no nice way of passing the + * PROV_DSA_CTX down to this function... + * Because we have API's that dont know about their parent.. + * e.g: EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig). + * We could pass NULL for that case (but then how useful is the check?). */ return known_settable_ctx_params; } @@ -521,20 +533,20 @@ static const OSSL_PARAM *dsa_settable_ctx_md_params(void *vpdsactx) return EVP_MD_settable_ctx_params(pdsactx->md); } -const OSSL_DISPATCH dsa_signature_functions[] = { +const OSSL_DISPATCH ossl_dsa_signature_functions[] = { { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx }, - { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_signature_init }, + { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_sign_init }, { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign }, - { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_signature_init }, + { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_verify_init }, { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT, - (void (*)(void))dsa_digest_signverify_init }, + (void (*)(void))dsa_digest_sign_init }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE, (void (*)(void))dsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL, (void (*)(void))dsa_digest_sign_final }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT, - (void (*)(void))dsa_digest_signverify_init }, + (void (*)(void))dsa_digest_verify_init }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE, (void (*)(void))dsa_digest_signverify_update }, { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,