mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add EVP signature with libctx methods.

Browse Source 
-Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx()
-Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to
  EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx()

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11884)
This commit is contained in:
Shane Lontis 2020-07-26 17:32:05 +10:00
parent 11eef7e766
commit 0ab18e7924
18 changed files with 192 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/ct/ct_vfy.c
View File

@ -122,8 +122,9 @@ int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct)
if (ctx == NULL)
goto end;
if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->propq, sctx->pkey,
sctx->libctx))
if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL,
"SHA2-256", sctx->libctx, sctx->propq,
sctx->pkey))
goto end;
if (!sct_ctx_update(ctx, sctx, sct))

5
crypto/evp/digest.c
View File

@ -295,8 +295,9 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
* Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and
* EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate().
* Some code calls EVP_DigestUpdate() directly even when initialised
* with EVP_DigestSignInit_ex() or EVP_DigestVerifyInit_ex(), so we
* detect that and redirect to the correct EVP_Digest*Update() function
* with EVP_DigestSignInit_with_libctx() or
* EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to
* the correct EVP_Digest*Update() function
*/
if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX)
return EVP_DigestSignUpdate(ctx, data, count);

27
crypto/evp/m_sigver.c
View File

@ -38,8 +38,8 @@ static const char *canon_mdname(const char *mdname)
static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, const char *mdname,
const char *props, ENGINE *e, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, int ver)
OPENSSL_CTX *libctx, const char *props,
ENGINE *e, EVP_PKEY *pkey, int ver)
{
EVP_PKEY_CTX *locpctx = NULL;
EVP_SIGNATURE *signature = NULL;
@ -285,31 +285,32 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
return 1;
}
int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, const char *props, EVP_PKEY *pkey,
OPENSSL_CTX *libctx)
int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx,
0);
return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0);
}
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 0);
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0);
}
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, const char *props,
EVP_PKEY *pkey, OPENSSL_CTX *libctx)
int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, 1);
return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1);
}
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 1);
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1);
}
#endif /* FIPS_MDOE */

16
crypto/evp/p_sign.c
View File

@ -14,8 +14,9 @@
#include <openssl/x509.h>
#include "crypto/evp.h"
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey)
int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
@ -30,8 +31,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
} else {
int rv = 0;
EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
if (tmp_ctx == NULL) {
EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE);
EVPerr(0, ERR_R_MALLOC_FAILURE);
return 0;
}
rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
@ -44,7 +46,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
sltmp = (size_t)EVP_PKEY_size(pkey);
i = 0;
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
if (pkctx == NULL)
goto err;
if (EVP_PKEY_sign_init(pkctx) <= 0)
@ -59,3 +61,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
EVP_PKEY_CTX_free(pkctx);
return i;
}
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey)
{
return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL);
}

16
crypto/evp/p_verify.c
View File

@ -14,8 +14,9 @@
#include <openssl/x509.h>
#include "crypto/evp.h"
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey)
int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
@ -28,8 +29,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
} else {
int rv = 0;
EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new();
if (tmp_ctx == NULL) {
EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE);
EVPerr(0, ERR_R_MALLOC_FAILURE);
return 0;
}
rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx);
@ -41,7 +43,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
}
i = -1;
pkctx = EVP_PKEY_CTX_new(pkey, NULL);
pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
if (pkctx == NULL)
goto err;
if (EVP_PKEY_verify_init(pkctx) <= 0)
@ -53,3 +55,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
EVP_PKEY_CTX_free(pkctx);
return i;
}
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey)
{
return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL);
}

48
doc/man3/EVP_DigestSignInit.pod
View File

@ -2,16 +2,17 @@
=head1 NAME
EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate,
EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate,
EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, const char *props,
EVP_PKEY *pkey, OPENSSL_CTX *libctx);
int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey);
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@ -26,12 +27,12 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
The EVP signature routines are a high-level interface to digital signatures.
Input data is digested first before the signing takes place.
EVP_DigestSignInit_ex() sets up signing context I<ctx> to use a digest with the
name I<mdname> and private key I<pkey>. The name of the digest to be used is
passed to the provider of the signature algorithm in use. How that provider
interprets the digest name is provider specific. The provider may implement
that digest directly itself or it may (optionally) choose to fetch it (which
could result in a digest from a different provider being selected). If the
EVP_DigestSignInit_with_libctx() sets up signing context I<ctx> to use a digest
with the name I<mdname> and private key I<pkey>. The name of the digest to be
used is passed to the provider of the signature algorithm in use. How that
provider interprets the digest name is provider specific. The provider may
implement that digest directly itself or it may (optionally) choose to fetch it
(which could result in a digest from a different provider being selected). If the
provider supports fetching the digest then it may use the I<props> argument for
the properties to be used during the fetch.
@ -49,18 +50,19 @@ I<pctx> is not NULL, the EVP_PKEY_CTX of the signing operation will be written
to I<*pctx>: this can be used to set alternative signing options. Note that any
existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must
not be freed directly by the application if I<ctx> is not assigned an
EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() (which means
the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed
automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is
created by EVP_DigestSignInit_ex then it will use the B<OPENSSL_CTX> specified
in I<libctx> and the property query string specified in I<props>.
EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx()
(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx()
and it will be freed automatically when the EVP_MD_CTX is freed). If the
EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it
will use the B<OPENSSL_CTX> specified in I<libctx> and the property query string
specified in I<props>.
The digest I<mdname> may be NULL if the signing algorithm supports it. The
I<props> argument can always be NULL.
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the passed
I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. See also
L<SM2(7)>.
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
passed I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
Only EVP_PKEY types that support signing can be used with these functions. This
includes MAC algorithms where the MAC generation is considered as a form of
@ -108,10 +110,10 @@ Will ignore any digest provided.
If RSA-PSS is used and restrictions apply then the digest must match.
EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except
that the I<mdname> parameter will be inferred from the supplied digest I<type>,
and I<props> will be NULL. Where supplied the ENGINE I<e> will be used for the
signing and digest algorithm implementations. I<e> may be NULL.
EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx()
except that the I<mdname> parameter will be inferred from the supplied
digest I<type>, and I<props> will be NULL. Where supplied the ENGINE I<e> will
be used for the signing and digest algorithm implementations. I<e> may be NULL.
EVP_DigestSignUpdate() hashes I<cnt> bytes of data at I<d> into the
signature context I<ctx>. This function can be called several times on the
@ -182,7 +184,7 @@ L<RAND(7)>
EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
were added in OpenSSL 1.0.0.
EVP_DigestSignInit_ex() was added in OpenSSL 3.0.
EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0.
EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0.

43
doc/man3/EVP_DigestVerifyInit.pod
View File

@ -2,16 +2,17 @@
=head1 NAME
EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, const char *props,
EVP_PKEY *pkey, OPENSSL_CTX *libctx);
int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey);
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@ -25,9 +26,9 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
The EVP signature routines are a high-level interface to digital signatures.
Input data is digested first before the signature verification takes place.
EVP_DigestVerifyInit_ex() sets up verification context B<ctx> to use a digest
with the name B<mdname> and public key B<pkey>. The name of the digest to be
used is passed to the provider of the signature algorithm in use. How that
EVP_DigestVerifyInit_with_libctx() sets up verification context B<ctx> to use a
digest with the name B<mdname> and public key B<pkey>. The name of the digest to
be used is passed to the provider of the signature algorithm in use. How that
provider interprets the digest name is provider specific. The provider may
implement that digest directly itself or it may (optionally) choose to fetch it
(which could result in a digest from a different provider being selected). If
@ -48,15 +49,16 @@ B<pctx> is not NULL, the EVP_PKEY_CTX of the verification operation will be
written to B<*pctx>: this can be used to set alternative verification options.
Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value
returned must not be freed directly by the application if B<ctx> is not assigned
an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which
means the EVP_PKEY_CTX is created inside EVP_DigestVerifyInit_ex() and it will
be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be
used is created by EVP_DigestVerifyInit_ex then it will use the B<OPENSSL_CTX>
specified in I<libctx> and the property query string specified in I<props>.
an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx()
(which means the EVP_PKEY_CTX is created inside
EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the
EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by
EVP_DigestVerifyInit_with_libctx then it will use the B<OPENSSL_CTX> specified
in I<libctx> and the property query string specified in I<props>.
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the passed
B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>. See also
L<SM2(7)>.
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
passed B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
Not all digests can be used for all key types. The following combinations apply.
@ -99,10 +101,11 @@ Will ignore any digest provided.
If RSA-PSS is used and restrictions apply then the digest must match.
EVP_DigestVerifyInit() works in the same way as EVP_DigestVerifyInit_ex() except
that the B<mdname> parameter will be inferred from the supplied digest B<type>,
and B<props> will be NULL. Where supplied the ENGINE B<e> will be used for the
signature verification and digest algorithm implementations. B<e> may be NULL.
EVP_DigestVerifyInit() works in the same way as
EVP_DigestVerifyInit_with_libctx() except that the B<mdname> parameter will be
inferred from the supplied digest B<type>, and B<props> will be NULL. Where
supplied the ENGINE B<e> will be used for the signature verification and digest
algorithm implementations. B<e> may be NULL.
EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
verification context B<ctx>. This function can be called several times on the
@ -170,7 +173,7 @@ L<RAND(7)>
EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
were added in OpenSSL 1.0.0.
EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0.
EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0.
EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL
3.0.

28
doc/man3/EVP_SignInit.pod
View File

@ -2,7 +2,8 @@
=head1 NAME
EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal
EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate,
EVP_SignFinal_with_libctx, EVP_SignFinal
- EVP signing functions
=head1 SYNOPSIS
@ -11,7 +12,11 @@ EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal
int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s,
EVP_PKEY *pkey);
void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
@ -28,20 +33,25 @@ EVP_SignUpdate() hashes I<cnt> bytes of data at I<d> into the
signature context I<ctx>. This function can be called several times on the
same I<ctx> to include additional data.
EVP_SignFinal() signs the data in I<ctx> using the private key I<pkey> and
places the signature in I<sig>. I<sig> must be at least C<EVP_PKEY_size(pkey)>
bytes in size. I<s> is an OUT parameter, and not used as an IN parameter.
EVP_SignFinal_with_libctx() signs the data in I<ctx> using the private key
I<pkey> and places the signature in I<sig>. The library context I<libctx> and
property query I<propq> are used when creating a context to use with the key
I<pkey>. I<sig> must be at least C<EVP_PKEY_size(pkey)> bytes in size. I<s> is
an OUT parameter, and not used as an IN parameter.
The number of bytes of data written (i.e. the length of the signature)
will be written to the integer at I<s>, at most C<EVP_PKEY_size(pkey)> bytes
will be written.
EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
EVP_SignInit() initializes a signing context I<ctx> to use the default
implementation of digest I<type>.
=head1 RETURN VALUES
EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
for success and 0 for failure.
EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and
EVP_SignFinal() return 1 for success and 0 for failure.
The error codes can be obtained by L<ERR_get_error(3)>.
@ -87,6 +97,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
L<SHA1(3)>, L<openssl-dgst(1)>
=head1 HISTORY
The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.

36
doc/man3/EVP_VerifyInit.pod
View File

@ -3,7 +3,7 @@
=head1 NAME
EVP_VerifyInit_ex,
EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal
- EVP signature verification functions
=head1 SYNOPSIS
@ -12,6 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
EVP_PKEY *pkey);
@ -22,27 +25,32 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
The EVP signature verification routines are a high-level interface to digital
signatures.
EVP_VerifyInit_ex() sets up verification context B<ctx> to use digest
B<type> from ENGINE B<impl>. B<ctx> must be created by calling
EVP_VerifyInit_ex() sets up verification context I<ctx> to use digest
I<type> from ENGINE I<impl>. I<ctx> must be created by calling
EVP_MD_CTX_new() before calling this function.
EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
verification context B<ctx>. This function can be called several times on the
same B<ctx> to include additional data.
EVP_VerifyUpdate() hashes I<cnt> bytes of data at I<d> into the
verification context I<ctx>. This function can be called several times on the
same I<ctx> to include additional data.
EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
and against the B<siglen> bytes at B<sigbuf>.
EVP_VerifyFinal_with_libctx() verifies the data in I<ctx> using the public key
I<pkey> and I<siglen> bytes in I<sigbuf>.
The library context I<libctx> and property query I<propq> are used when creating
a context to use with the key I<pkey>.
EVP_VerifyInit() initializes verification context B<ctx> to use the default
implementation of digest B<type>.
EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
EVP_VerifyInit() initializes verification context I<ctx> to use the default
implementation of digest I<type>.
=head1 RETURN VALUES
EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
failure.
EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
other error occurred.
EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct
signature, 0 for failure and -1 if some other error occurred.
The error codes can be obtained by L<ERR_get_error(3)>.
@ -83,6 +91,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
L<SHA1(3)>, L<openssl-dgst(1)>
head1 HISTORY
The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.

22
include/openssl/evp.h
View File

@ -637,6 +637,7 @@ __owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md,
__owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm,
const char *properties);
int EVP_MD_up_ref(EVP_MD *md);
void EVP_MD_free(EVP_MD *md);
@ -697,6 +698,9 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
EVP_PKEY *pkey);
__owur int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
__owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen, const unsigned char *tbs,
@ -704,14 +708,19 @@ __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey);
__owur int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx,
const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
__owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
size_t siglen, const unsigned char *tbs,
size_t tbslen);
int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, const char *props, EVP_PKEY *pkey,
OPENSSL_CTX *libctx);
int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey);
/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e,
EVP_PKEY *pkey);
@ -719,9 +728,10 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize);
__owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen);
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, const char *props,
EVP_PKEY *pkey, OPENSSL_CTX *libctx);
int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey);
__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e,
EVP_PKEY *pkey);

5
ssl/statem/extensions.c
View File

@ -1610,8 +1610,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
binderout = tmpbinder;
bindersize = hashsize;
if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->propq,
mackey, s->ctx->libctx) <= 0
if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md),
s->ctx->libctx, s->ctx->propq,
mackey) <= 0
|| EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0
|| EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0
|| bindersize != hashsize) {

9
ssl/statem/extensions_srvr.c
View File

@ -784,8 +784,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
}
hmaclen = SHA256_DIGEST_LENGTH;
if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
s->ctx->libctx) <= 0
if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
s->ctx->libctx, s->ctx->propq, pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, data,
rawlen - SHA256_DIGEST_LENGTH) <= 0
|| hmaclen != SHA256_DIGEST_LENGTH) {
@ -1873,8 +1873,9 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context,
goto err;
}
if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey,
s->ctx->libctx) <= 0
if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
s->ctx->libctx, s->ctx->propq,
pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, cookie,
totcookielen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,

7
ssl/statem/statem_clnt.c
View File

@ -2377,9 +2377,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)
goto err;
}
if (EVP_DigestVerifyInit_ex(md_ctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->libctx, s->ctx->propq,
pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE,
ERR_R_EVP_LIB);
goto err;

14
ssl/statem/statem_lib.c
View File

@ -277,9 +277,10 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt)
goto err;
}
if (EVP_DigestSignInit_ex(mctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->libctx, s->ctx->propq,
pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
ERR_R_EVP_LIB);
goto err;
@ -472,9 +473,10 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
OSSL_TRACE1(TLS, "Using client verify alg %s\n",
md == NULL ? "n/a" : EVP_MD_name(md));
if (EVP_DigestVerifyInit_ex(mctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->libctx, s->ctx->propq,
pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
ERR_R_EVP_LIB);
goto err;

7
ssl/statem/statem_srvr.c
View File

@ -2807,9 +2807,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
goto err;
}
if (EVP_DigestSignInit_ex(md_ctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->propq, pkey, s->ctx->libctx) <= 0) {
if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx,
md == NULL ? NULL : EVP_MD_name(md),
s->ctx->libctx, s->ctx->propq,
pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);

6
ssl/t1_enc.c
View File

@ -380,9 +380,9 @@ int tls1_change_cipher_state(SSL *s, int which)
mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
(int)*mac_secret_size);
if (mac_key == NULL
|| EVP_DigestSignInit_ex(mac_ctx, NULL,
EVP_MD_name(m), s->ctx->propq,
mac_key, s->ctx->libctx) <= 0) {
|| EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m),
s->ctx->libctx, s->ctx->propq,
mac_key) <= 0) {
EVP_PKEY_free(mac_key);
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
ERR_R_INTERNAL_ERROR);

15
test/acvp_test.c
View File

@ -92,8 +92,9 @@ static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name,
if (!TEST_ptr(sig = OPENSSL_malloc(sz))
|| !TEST_ptr(md_ctx = EVP_MD_CTX_new())
|| !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, NULL,
pkey, libctx), 1)
|| !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL,
digest_name, libctx, NULL,
pkey), 1)
|| !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0))
goto err;
*sig_out = sig;
@ -296,8 +297,9 @@ static int ecdsa_sigver_test(int id)
ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0)
&& TEST_ptr(md_ctx = EVP_MD_CTX_new())
&& TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg,
NULL, pkey, libctx)
&& TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL,
tst->digest_alg,
libctx, NULL, pkey)
&& TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len,
tst->msg, tst->msg_len), tst->pass));
err:
@ -1238,8 +1240,9 @@ static int rsa_sigver_test(int id)
|| !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len,
tst->e, tst->e_len, NULL, 0, bn_ctx))
|| !TEST_ptr(md_ctx = EVP_MD_CTX_new())
|| !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, tst->digest_alg,
NULL, pkey, libctx)
|| !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx,
tst->digest_alg,
libctx, NULL, pkey)
|| !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params))
|| !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len,
tst->msg, tst->msg_len), tst->pass)))

5
test/evp_extra_test.c
View File

@ -1461,8 +1461,9 @@ static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
*/
mdctx = EVP_MD_CTX_new();
if (!TEST_ptr(mdctx)
|| !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey,
NULL)))
|| !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL,
"SHA1", NULL, NULL,
pkey)))
goto err;
/*