openssl/crypto/evp/p_sign.c

/*
 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include "crypto/evp.h"

int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *sigret,
                     unsigned int *siglen, EVP_PKEY *pkey, OSSL_LIB_CTX *libctx,
                     const char *propq)
{
    unsigned char m[EVP_MAX_MD_SIZE];
    unsigned int m_len = 0;
    int i = 0;
    size_t sltmp;
    EVP_PKEY_CTX *pkctx = NULL;

    *siglen = 0;
    if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {
        if (!EVP_DigestFinal_ex(ctx, m, &m_len))
            goto err;
    } else {
        int rv = 0;
        EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();

        if (tmp_ctx == NULL) {
            ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
            return 0;
        }
        rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
        if (rv)
            rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);
        EVP_MD_CTX_free(tmp_ctx);
        if (!rv)
            return 0;
    }

    sltmp = (size_t)EVP_PKEY_size(pkey);
    i = 0;
    pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
    if (pkctx == NULL)
        goto err;
    if (EVP_PKEY_sign_init(pkctx) <= 0)
        goto err;
    if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_get0_md(ctx)) <= 0)
        goto err;
    if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
        goto err;
    *siglen = sltmp;
    i = 1;
 err:
    EVP_PKEY_CTX_free(pkctx);
    return i;
}

int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
                  unsigned int *siglen, EVP_PKEY *pkey)
{
    return EVP_SignFinal_ex(ctx, sigret, siglen, pkey, NULL, NULL);
}
Copyright consolidation 04/10 Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 02:24:46 +08:00			`/*`
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14986) 2021-04-22 21:38:44 +08:00			`* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00			`*`
Following the license change, modify the boilerplates in crypto/evp/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7794) 2018-12-06 20:40:06 +08:00			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
Copyright consolidation 04/10 Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 02:24:46 +08:00			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00			`*/`

			`#include <stdio.h>`
Identify and move common internal libcrypto header files There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-05-14 22:56:48 +08:00			`#include "internal/cryptlib.h"`
Change #include filenames from <foo.h> to <openssl.h>. Submitted by: Reviewed by: PR: 1999-04-24 06:13:45 +08:00			`#include <openssl/evp.h>`
			`#include <openssl/objects.h>`
			`#include <openssl/x509.h>`
Reorganize private crypto header files Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333) 2019-09-28 06:45:33 +08:00			`#include "crypto/evp.h"`
Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 18:52:47 +08:00
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970) 2020-09-24 17:42:23 +08:00			`int EVP_SignFinal_ex(EVP_MD_CTX ctx, unsigned char sigret,`
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621) 2020-10-15 17:55:50 +08:00			`unsigned int siglen, EVP_PKEY pkey, OSSL_LIB_CTX *libctx,`
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970) 2020-09-24 17:42:23 +08:00			`const char *propq)`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`{`
			`unsigned char m[EVP_MAX_MD_SIZE];`
Initialize potentially uninitialized local variables Compiling OpenSSL code with MSVC and /W4 results in a number of warnings. One category of warnings is particularly interesting - C4701 (potentially uninitialized local variable 'name' used). This warning pretty much means that there's a code path which results in uninitialized variables being used or returned. Depending on compiler, its options, OS, values in registers and/or stack, the results can be nondeterministic. Cases like this are very hard to debug so it's rational to fix these issues. This patch contains a set of trivial fixes for all the C4701 warnings (just initializing variables to 0 or NULL or appropriate error code) to make sure that deterministic values will be returned from all the execution paths. RT#3835 Signed-off-by: Matt Caswell <matt@openssl.org> Matt's note: All of these appear to be bogus warnings, i.e. there isn't actually a code path where an unitialised variable could be used - its just that the compiler hasn't been able to figure that out from the logic. So this commit is just about silencing spurious warnings. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-05-06 17:16:55 +08:00			`unsigned int m_len = 0;`
Remove legacy sign/verify from EVP_MD. Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-12-02 21:57:04 +08:00			`int i = 0;`
			`size_t sltmp;`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`EVP_PKEY_CTX *pkctx = NULL;`
Remove link between digests and signature algorithms. Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate the need for algorithm specific code. 2006-04-20 01:05:59 +08:00
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`*siglen = 0;`
Have other crypto/evp files include evp_locl.h Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:17:50 +08:00			`if (EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_FINALISE)) {`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`if (!EVP_DigestFinal_ex(ctx, m, &m_len))`
			`goto err;`
			`} else {`
Initialize potentially uninitialized local variables Compiling OpenSSL code with MSVC and /W4 results in a number of warnings. One category of warnings is particularly interesting - C4701 (potentially uninitialized local variable 'name' used). This warning pretty much means that there's a code path which results in uninitialized variables being used or returned. Depending on compiler, its options, OS, values in registers and/or stack, the results can be nondeterministic. Cases like this are very hard to debug so it's rational to fix these issues. This patch contains a set of trivial fixes for all the C4701 warnings (just initializing variables to 0 or NULL or appropriate error code) to make sure that deterministic values will be returned from all the execution paths. RT#3835 Signed-off-by: Matt Caswell <matt@openssl.org> Matt's note: All of these appear to be bogus warnings, i.e. there isn't actually a code path where an unitialised variable could be used - its just that the compiler hasn't been able to figure that out from the logic. So this commit is just about silencing spurious warnings. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-05-06 17:16:55 +08:00			`int rv = 0;`
Cleanup: fix all sources that used EVP_MD_CTX_(create\|init\|destroy) Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-12-02 07:49:35 +08:00			`EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();`
Add EVP signature with libctx methods. -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884) 2020-07-26 15:32:05 +08:00
Have other crypto/evp files include evp_locl.h Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:17:50 +08:00			`if (tmp_ctx == NULL) {`
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318) 2020-11-04 19:23:19 +08:00			`ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);`
Have other crypto/evp files include evp_locl.h Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:17:50 +08:00			`return 0;`
			`}`
			`rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`if (rv)`
Have other crypto/evp files include evp_locl.h Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:17:50 +08:00			`rv = EVP_DigestFinal_ex(tmp_ctx, m, &m_len);`
Cleanup: fix all sources that used EVP_MD_CTX_(create\|init\|destroy) Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-12-02 07:49:35 +08:00			`EVP_MD_CTX_free(tmp_ctx);`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`if (!rv)`
			`return 0;`
			`}`
Remove link between digests and signature algorithms. Use cross reference table in ASN1_item_sign(), ASN1_item_verify() to eliminate the need for algorithm specific code. 2006-04-20 01:05:59 +08:00
Remove legacy sign/verify from EVP_MD. Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-12-02 21:57:04 +08:00			`sltmp = (size_t)EVP_PKEY_size(pkey);`
			`i = 0;`
Add EVP signature with libctx methods. -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884) 2020-07-26 15:32:05 +08:00			`pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);`
Remove legacy sign/verify from EVP_MD. Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-12-02 21:57:04 +08:00			`if (pkctx == NULL)`
			`goto err;`
			`if (EVP_PKEY_sign_init(pkctx) <= 0)`
			`goto err;`
Add "origin" field to EVP_CIPHER, EVP_MD Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193) 2021-02-17 06:51:56 +08:00			`if (EVP_PKEY_CTX_set_signature_md(pkctx, EVP_MD_CTX_get0_md(ctx)) <= 0)`
Remove legacy sign/verify from EVP_MD. Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-12-02 21:57:04 +08:00			`goto err;`
			`if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)`
			`goto err;`
			`*siglen = sltmp;`
			`i = 1;`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`err:`
Have other crypto/evp files include evp_locl.h Note: this does not include the files in crypto/evp that are just instanciations of EVP_MD. Reviewed-by: Rich Salz <rsalz@openssl.org> 2015-11-27 21:17:50 +08:00			`EVP_PKEY_CTX_free(pkctx);`
			`return i;`
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org> 2015-01-22 11:40:55 +08:00			`}`
Add EVP signature with libctx methods. -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884) 2020-07-26 15:32:05 +08:00
			`int EVP_SignFinal(EVP_MD_CTX ctx, unsigned char sigret,`
			`unsigned int siglen, EVP_PKEY pkey)`
			`{`
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970) 2020-09-24 17:42:23 +08:00			`return EVP_SignFinal_ex(ctx, sigret, siglen, pkey, NULL, NULL);`
Add EVP signature with libctx methods. -Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884) 2020-07-26 15:32:05 +08:00			`}`