diff options
| -rw-r--r-- | crypto/ct/ct_vfy.c | 5 | ||||
| -rw-r--r-- | crypto/evp/digest.c | 5 | ||||
| -rw-r--r-- | crypto/evp/m_sigver.c | 27 | ||||
| -rw-r--r-- | crypto/evp/p_sign.c | 16 | ||||
| -rw-r--r-- | crypto/evp/p_verify.c | 16 | ||||
| -rw-r--r-- | doc/man3/EVP_DigestSignInit.pod | 48 | ||||
| -rw-r--r-- | doc/man3/EVP_DigestVerifyInit.pod | 43 | ||||
| -rw-r--r-- | doc/man3/EVP_SignInit.pod | 28 | ||||
| -rw-r--r-- | doc/man3/EVP_VerifyInit.pod | 36 | ||||
| -rw-r--r-- | include/openssl/evp.h | 22 | ||||
| -rw-r--r-- | ssl/statem/extensions.c | 5 | ||||
| -rw-r--r-- | ssl/statem/extensions_srvr.c | 9 | ||||
| -rw-r--r-- | ssl/statem/statem_clnt.c | 7 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 14 | ||||
| -rw-r--r-- | ssl/statem/statem_srvr.c | 7 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 6 | ||||
| -rw-r--r-- | test/acvp_test.c | 15 | ||||
| -rw-r--r-- | test/evp_extra_test.c | 5 |
18 files changed, 192 insertions, 122 deletions
diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c index f270e4378a..b05e77b8a1 100644 --- a/crypto/ct/ct_vfy.c +++ b/crypto/ct/ct_vfy.c @@ -122,8 +122,9 @@ int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct) if (ctx == NULL) goto end; - if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->propq, sctx->pkey, - sctx->libctx)) + if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL, + "SHA2-256", sctx->libctx, sctx->propq, + sctx->pkey)) goto end; if (!sct_ctx_update(ctx, sctx, sct)) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 58cd160502..7476efd9bc 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -295,8 +295,9 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate(). * Some code calls EVP_DigestUpdate() directly even when initialised - * with EVP_DigestSignInit_ex() or EVP_DigestVerifyInit_ex(), so we - * detect that and redirect to the correct EVP_Digest*Update() function + * with EVP_DigestSignInit_with_libctx() or + * EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to + * the correct EVP_Digest*Update() function */ if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX) return EVP_DigestSignUpdate(ctx, data, count); diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 8d37f19d6c..04ac121e25 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -38,8 +38,8 @@ static const char *canon_mdname(const char *mdname) static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, const char *mdname, - const char *props, ENGINE *e, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, int ver) + OPENSSL_CTX *libctx, const char *props, + ENGINE *e, EVP_PKEY *pkey, int ver) { EVP_PKEY_CTX *locpctx = NULL; EVP_SIGNATURE *signature = NULL; @@ -285,31 +285,32 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, return 1; } -int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey, - OPENSSL_CTX *libctx) +int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, - 0); + return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0); } int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 0); + return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0); } -int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx) +int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, 1); + return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1); } int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 1); + return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1); } #endif /* FIPS_MDOE */ diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 44a69083b2..2c4f49a528 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -14,8 +14,9 @@ #include <openssl/x509.h> #include "crypto/evp.h" -int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey) +int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret, + unsigned int *siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; @@ -30,8 +31,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, } else { int rv = 0; EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); + if (tmp_ctx == NULL) { - EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); return 0; } rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); @@ -44,7 +46,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, sltmp = (size_t)EVP_PKEY_size(pkey); i = 0; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); + pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); if (pkctx == NULL) goto err; if (EVP_PKEY_sign_init(pkctx) <= 0) @@ -59,3 +61,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, EVP_PKEY_CTX_free(pkctx); return i; } + +int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, + unsigned int *siglen, EVP_PKEY *pkey) +{ + return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL); +} diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index fe4b7b568d..db14866af0 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -14,8 +14,9 @@ #include <openssl/x509.h> #include "crypto/evp.h" -int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey) +int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; @@ -28,8 +29,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, } else { int rv = 0; EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); + if (tmp_ctx == NULL) { - EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); return 0; } rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); @@ -41,7 +43,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, } i = -1; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); + pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); if (pkctx == NULL) goto err; if (EVP_PKEY_verify_init(pkctx) <= 0) @@ -53,3 +55,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, EVP_PKEY_CTX_free(pkctx); return i; } + +int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey) +{ + return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL); +} diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index 69dec1c74d..923de31a31 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -2,16 +2,17 @@ =head1 NAME -EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate, +EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions =head1 SYNOPSIS #include <openssl/evp.h> - int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx); + int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -26,12 +27,12 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signing takes place. -EVP_DigestSignInit_ex() sets up signing context I<ctx> to use a digest with the -name I<mdname> and private key I<pkey>. The name of the digest to be used is -passed to the provider of the signature algorithm in use. How that provider -interprets the digest name is provider specific. The provider may implement -that digest directly itself or it may (optionally) choose to fetch it (which -could result in a digest from a different provider being selected). If the +EVP_DigestSignInit_with_libctx() sets up signing context I<ctx> to use a digest +with the name I<mdname> and private key I<pkey>. The name of the digest to be +used is passed to the provider of the signature algorithm in use. How that +provider interprets the digest name is provider specific. The provider may +implement that digest directly itself or it may (optionally) choose to fetch it +(which could result in a digest from a different provider being selected). If the provider supports fetching the digest then it may use the I<props> argument for the properties to be used during the fetch. @@ -49,18 +50,19 @@ I<pctx> is not NULL, the EVP_PKEY_CTX of the signing operation will be written to I<*pctx>: this can be used to set alternative signing options. Note that any existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if I<ctx> is not assigned an -EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() (which means -the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed -automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is -created by EVP_DigestSignInit_ex then it will use the B<OPENSSL_CTX> specified -in I<libctx> and the property query string specified in I<props>. +EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx() +(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx() +and it will be freed automatically when the EVP_MD_CTX is freed). If the +EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it +will use the B<OPENSSL_CTX> specified in I<libctx> and the property query string +specified in I<props>. The digest I<mdname> may be NULL if the signing algorithm supports it. The I<props> argument can always be NULL. -No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the passed -I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. See also -L<SM2(7)>. +No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the +passed I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. +See also L<SM2(7)>. Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of @@ -108,10 +110,10 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. -EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except -that the I<mdname> parameter will be inferred from the supplied digest I<type>, -and I<props> will be NULL. Where supplied the ENGINE I<e> will be used for the -signing and digest algorithm implementations. I<e> may be NULL. +EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx() +except that the I<mdname> parameter will be inferred from the supplied +digest I<type>, and I<props> will be NULL. Where supplied the ENGINE I<e> will +be used for the signing and digest algorithm implementations. I<e> may be NULL. EVP_DigestSignUpdate() hashes I<cnt> bytes of data at I<d> into the signature context I<ctx>. This function can be called several times on the @@ -182,7 +184,7 @@ L<RAND(7)> EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0. -EVP_DigestSignInit_ex() was added in OpenSSL 3.0. +EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0. EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index 9ea0014a5a..f0061f4548 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -2,16 +2,17 @@ =head1 NAME -EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, +EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions =head1 SYNOPSIS #include <openssl/evp.h> - int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx); + int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -25,9 +26,9 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signature verification takes place. -EVP_DigestVerifyInit_ex() sets up verification context B<ctx> to use a digest -with the name B<mdname> and public key B<pkey>. The name of the digest to be -used is passed to the provider of the signature algorithm in use. How that +EVP_DigestVerifyInit_with_libctx() sets up verification context B<ctx> to use a +digest with the name B<mdname> and public key B<pkey>. The name of the digest to +be used is passed to the provider of the signature algorithm in use. How that provider interprets the digest name is provider specific. The provider may implement that digest directly itself or it may (optionally) choose to fetch it (which could result in a digest from a different provider being selected). If @@ -48,15 +49,16 @@ B<pctx> is not NULL, the EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this can be used to set alternative verification options. Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if B<ctx> is not assigned -an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which -means the EVP_PKEY_CTX is created inside EVP_DigestVerifyInit_ex() and it will -be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be -used is created by EVP_DigestVerifyInit_ex then it will use the B<OPENSSL_CTX> -specified in I<libctx> and the property query string specified in I<props>. +an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx() +(which means the EVP_PKEY_CTX is created inside +EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the +EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by +EVP_DigestVerifyInit_with_libctx then it will use the B<OPENSSL_CTX> specified +in I<libctx> and the property query string specified in I<props>. -No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the passed -B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. See also -L<SM2(7)>. +No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the +passed B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. +See also L<SM2(7)>. Not all digests can be used for all key types. The following combinations apply. @@ -99,10 +101,11 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. -EVP_DigestVerifyInit() works in the same way as EVP_DigestVerifyInit_ex() except -that the B<mdname> parameter will be inferred from the supplied digest B<type>, -and B<props> will be NULL. Where supplied the ENGINE B<e> will be used for the -signature verification and digest algorithm implementations. B<e> may be NULL. +EVP_DigestVerifyInit() works in the same way as +EVP_DigestVerifyInit_with_libctx() except that the B<mdname> parameter will be +inferred from the supplied digest B<type>, and B<props> will be NULL. Where +supplied the ENGINE B<e> will be used for the signature verification and digest +algorithm implementations. B<e> may be NULL. EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the verification context B<ctx>. This function can be called several times on the @@ -170,7 +173,7 @@ L<RAND(7)> EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0. -EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0. +EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0. EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod index 13bba5b507..f6165f0468 100644 --- a/doc/man3/EVP_SignInit.pod +++ b/doc/man3/EVP_SignInit.pod @@ -2,7 +2,8 @@ =head1 NAME -EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal +EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, +EVP_SignFinal_with_libctx, EVP_SignFinal - EVP signing functions =head1 SYNOPSIS @@ -11,7 +12,11 @@ EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey); + int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, + unsigned int *s, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); + int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, + EVP_PKEY *pkey); void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type); @@ -28,20 +33,25 @@ EVP_SignUpdate() hashes I<cnt> bytes of data at I<d> into the signature context I<ctx>. This function can be called several times on the same I<ctx> to include additional data. -EVP_SignFinal() signs the data in I<ctx> using the private key I<pkey> and -places the signature in I<sig>. I<sig> must be at least C<EVP_PKEY_size(pkey)> -bytes in size. I<s> is an OUT parameter, and not used as an IN parameter. +EVP_SignFinal_with_libctx() signs the data in I<ctx> using the private key +I<pkey> and places the signature in I<sig>. The library context I<libctx> and +property query I<propq> are used when creating a context to use with the key +I<pkey>. I<sig> must be at least C<EVP_PKEY_size(pkey)> bytes in size. I<s> is +an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at I<s>, at most C<EVP_PKEY_size(pkey)> bytes will be written. +EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default +values of NULL for the library context I<libctx> and the property query I<propq>. + EVP_SignInit() initializes a signing context I<ctx> to use the default implementation of digest I<type>. =head1 RETURN VALUES -EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 -for success and 0 for failure. +EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and +EVP_SignFinal() return 1 for success and 0 for failure. The error codes can be obtained by L<ERR_get_error(3)>. @@ -87,6 +97,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>, L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>, L<SHA1(3)>, L<openssl-dgst(1)> +=head1 HISTORY + +The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod index 3686980b2f..be5332a55d 100644 --- a/doc/man3/EVP_VerifyInit.pod +++ b/doc/man3/EVP_VerifyInit.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_VerifyInit_ex, -EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal +EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal - EVP signature verification functions =head1 SYNOPSIS @@ -12,6 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); + int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); @@ -22,27 +25,32 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal The EVP signature verification routines are a high-level interface to digital signatures. -EVP_VerifyInit_ex() sets up verification context B<ctx> to use digest -B<type> from ENGINE B<impl>. B<ctx> must be created by calling +EVP_VerifyInit_ex() sets up verification context I<ctx> to use digest +I<type> from ENGINE I<impl>. I<ctx> must be created by calling EVP_MD_CTX_new() before calling this function. -EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the -verification context B<ctx>. This function can be called several times on the -same B<ctx> to include additional data. +EVP_VerifyUpdate() hashes I<cnt> bytes of data at I<d> into the +verification context I<ctx>. This function can be called several times on the +same I<ctx> to include additional data. -EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey> -and against the B<siglen> bytes at B<sigbuf>. +EVP_VerifyFinal_with_libctx() verifies the data in I<ctx> using the public key +I<pkey> and I<siglen> bytes in I<sigbuf>. +The library context I<libctx> and property query I<propq> are used when creating +a context to use with the key I<pkey>. -EVP_VerifyInit() initializes verification context B<ctx> to use the default -implementation of digest B<type>. +EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default +values of NULL for the library context I<libctx> and the property query I<propq>. + +EVP_VerifyInit() initializes verification context I<ctx> to use the default +implementation of digest I<type>. =head1 RETURN VALUES EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure. -EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some -other error occurred. +EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct +signature, 0 for failure and -1 if some other error occurred. The error codes can be obtained by L<ERR_get_error(3)>. @@ -83,6 +91,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>, L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>, L<SHA1(3)>, L<openssl-dgst(1)> +head1 HISTORY + +The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 0d21c035fe..6ff1e5602e 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -637,6 +637,7 @@ __owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, __owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties); + int EVP_MD_up_ref(EVP_MD *md); void EVP_MD_free(EVP_MD *md); @@ -697,6 +698,9 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, __owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, EVP_PKEY *pkey); +__owur int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, + unsigned int *s, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, @@ -704,14 +708,19 @@ __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, __owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); +__owur int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, + const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen); -int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey, - OPENSSL_CTX *libctx); +int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -719,9 +728,10 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize); __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); -int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx); +int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 9086348618..1a8e3cf829 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1610,8 +1610,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, binderout = tmpbinder; bindersize = hashsize; - if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->propq, - mackey, s->ctx->libctx) <= 0 + if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + mackey) <= 0 || EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0 || EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0 || bindersize != hashsize) { diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 27ddef9aaf..3eeafef828 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -784,8 +784,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } hmaclen = SHA256_DIGEST_LENGTH; - if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey, - s->ctx->libctx) <= 0 + if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", + s->ctx->libctx, s->ctx->propq, pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, data, rawlen - SHA256_DIGEST_LENGTH) <= 0 || hmaclen != SHA256_DIGEST_LENGTH) { @@ -1873,8 +1873,9 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, goto err; } - if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey, - s->ctx->libctx) <= 0 + if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", + s->ctx->libctx, s->ctx->propq, + pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, cookie, totcookielen) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 4cd85ef609..ff48759436 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2377,9 +2377,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) goto err; } - if (EVP_DigestVerifyInit_ex(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index d8aab20e92..39ec4a92fd 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -277,9 +277,10 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_ex(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestSignInit_with_libctx(mctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB); goto err; @@ -472,9 +473,10 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) OSSL_TRACE1(TLS, "Using client verify alg %s\n", md == NULL ? "n/a" : EVP_MD_name(md)); - if (EVP_DigestVerifyInit_ex(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB); goto err; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index b329e89379..c46254c858 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2807,9 +2807,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_ex(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 11eea82fff..8285e5cd27 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -380,9 +380,9 @@ int tls1_change_cipher_state(SSL *s, int which) mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret, (int)*mac_secret_size); if (mac_key == NULL - || EVP_DigestSignInit_ex(mac_ctx, NULL, - EVP_MD_name(m), s->ctx->propq, - mac_key, s->ctx->libctx) <= 0) { + || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m), + s->ctx->libctx, s->ctx->propq, + mac_key) <= 0) { EVP_PKEY_free(mac_key); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); diff --git a/test/acvp_test.c b/test/acvp_test.c index 737d2c61bb..b33881d4db 100644 --- a/test/acvp_test.c +++ b/test/acvp_test.c @@ -92,8 +92,9 @@ static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name, if (!TEST_ptr(sig = OPENSSL_malloc(sz)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) - || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, NULL, - pkey, libctx), 1) + || !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL, + digest_name, libctx, NULL, + pkey), 1) || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0)) goto err; *sig_out = sig; @@ -296,8 +297,9 @@ static int ecdsa_sigver_test(int id) ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0) && TEST_ptr(md_ctx = EVP_MD_CTX_new()) - && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg, - NULL, pkey, libctx) + && TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL, + tst->digest_alg, + libctx, NULL, pkey) && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len, tst->msg, tst->msg_len), tst->pass)); err: @@ -1238,8 +1240,9 @@ static int rsa_sigver_test(int id) || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len, tst->e, tst->e_len, NULL, 0, bn_ctx)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) - || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, tst->digest_alg, - NULL, pkey, libctx) + || !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx, + tst->digest_alg, + libctx, NULL, pkey) || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params)) || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len, tst->msg, tst->msg_len), tst->pass))) diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 51b517fb95..de615c80ab 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -1461,8 +1461,9 @@ static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey) */ mdctx = EVP_MD_CTX_new(); if (!TEST_ptr(mdctx) - || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey, - NULL))) + || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL, + "SHA1", NULL, NULL, + pkey))) goto err; /* |