1 /* $OpenBSD: pmeth_lib.c,v 1.35 2023/11/29 21:35:57 tb Exp $ */ 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 2006. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #include <limits.h> 60 #include <stdio.h> 61 #include <stdlib.h> 62 #include <string.h> 63 64 #include <openssl/opensslconf.h> 65 66 #include <openssl/err.h> 67 #include <openssl/evp.h> 68 #include <openssl/objects.h> 69 #include <openssl/x509v3.h> 70 71 #include "asn1_local.h" 72 #include "evp_local.h" 73 74 DECLARE_STACK_OF(EVP_PKEY_METHOD) 75 STACK_OF(EVP_PKEY_METHOD) *pkey_app_methods = NULL; 76 77 extern const EVP_PKEY_METHOD cmac_pkey_meth; 78 extern const EVP_PKEY_METHOD dh_pkey_meth; 79 extern const EVP_PKEY_METHOD dsa_pkey_meth; 80 extern const EVP_PKEY_METHOD ec_pkey_meth; 81 extern const EVP_PKEY_METHOD ed25519_pkey_meth; 82 extern const EVP_PKEY_METHOD gostimit_pkey_meth; 83 extern const EVP_PKEY_METHOD gostr01_pkey_meth; 84 extern const EVP_PKEY_METHOD hkdf_pkey_meth; 85 extern const EVP_PKEY_METHOD hmac_pkey_meth; 86 extern const EVP_PKEY_METHOD rsa_pkey_meth; 87 extern const EVP_PKEY_METHOD rsa_pss_pkey_meth; 88 extern const EVP_PKEY_METHOD x25519_pkey_meth; 89 90 static const EVP_PKEY_METHOD *pkey_methods[] = { 91 &cmac_pkey_meth, 92 &dh_pkey_meth, 93 &dsa_pkey_meth, 94 &ec_pkey_meth, 95 &ed25519_pkey_meth, 96 &gostimit_pkey_meth, 97 &gostr01_pkey_meth, 98 &hkdf_pkey_meth, 99 &hmac_pkey_meth, 100 &rsa_pkey_meth, 101 &rsa_pss_pkey_meth, 102 &x25519_pkey_meth, 103 }; 104 105 static const size_t pkey_methods_count = 106 sizeof(pkey_methods) / sizeof(pkey_methods[0]); 107 108 int 109 evp_pkey_meth_get_count(void) 110 { 111 int num = pkey_methods_count; 112 113 if (pkey_app_methods != NULL) 114 num += sk_EVP_PKEY_METHOD_num(pkey_app_methods); 115 116 return num; 117 } 118 119 const EVP_PKEY_METHOD * 120 evp_pkey_meth_get0(int idx) 121 { 122 int num = pkey_methods_count; 123 124 if (idx < 0) 125 return NULL; 126 if (idx < num) 127 return pkey_methods[idx]; 128 129 idx -= num; 130 131 return sk_EVP_PKEY_METHOD_value(pkey_app_methods, idx); 132 } 133 134 const EVP_PKEY_METHOD * 135 EVP_PKEY_meth_find(int type) 136 { 137 const EVP_PKEY_METHOD *pmeth; 138 int i; 139 140 for (i = evp_pkey_meth_get_count() - 1; i >= 0; i--) { 141 pmeth = evp_pkey_meth_get0(i); 142 if (pmeth->pkey_id == type) 143 return pmeth; 144 } 145 146 return NULL; 147 } 148 149 static EVP_PKEY_CTX * 150 evp_pkey_ctx_new(EVP_PKEY *pkey, int id) 151 { 152 EVP_PKEY_CTX *pkey_ctx = NULL; 153 const EVP_PKEY_METHOD *pmeth; 154 155 if (id == -1) { 156 if (pkey == NULL || pkey->ameth == NULL) 157 return NULL; 158 id = pkey->ameth->pkey_id; 159 } 160 161 if ((pmeth = EVP_PKEY_meth_find(id)) == NULL) { 162 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM); 163 goto err; 164 } 165 166 if ((pkey_ctx = calloc(1, sizeof(*pkey_ctx))) == NULL) { 167 EVPerror(ERR_R_MALLOC_FAILURE); 168 goto err; 169 } 170 pkey_ctx->pmeth = pmeth; 171 pkey_ctx->operation = EVP_PKEY_OP_UNDEFINED; 172 if ((pkey_ctx->pkey = pkey) != NULL) 173 EVP_PKEY_up_ref(pkey_ctx->pkey); 174 175 if (pmeth->init != NULL) { 176 if (pmeth->init(pkey_ctx) <= 0) 177 goto err; 178 } 179 180 return pkey_ctx; 181 182 err: 183 EVP_PKEY_CTX_free(pkey_ctx); 184 185 return NULL; 186 } 187 188 EVP_PKEY_METHOD* 189 EVP_PKEY_meth_new(int id, int flags) 190 { 191 EVP_PKEY_METHOD *pmeth; 192 193 if ((pmeth = calloc(1, sizeof(EVP_PKEY_METHOD))) == NULL) 194 return NULL; 195 196 pmeth->pkey_id = id; 197 pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; 198 199 return pmeth; 200 } 201 202 void 203 EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth) 204 { 205 if (ppkey_id) 206 *ppkey_id = meth->pkey_id; 207 if (pflags) 208 *pflags = meth->flags; 209 } 210 211 void 212 EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) 213 { 214 EVP_PKEY_METHOD preserve; 215 216 preserve.pkey_id = dst->pkey_id; 217 preserve.flags = dst->flags; 218 219 *dst = *src; 220 221 dst->pkey_id = preserve.pkey_id; 222 dst->flags = preserve.flags; 223 } 224 225 void 226 EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) 227 { 228 if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) 229 free(pmeth); 230 } 231 232 EVP_PKEY_CTX * 233 EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *engine) 234 { 235 return evp_pkey_ctx_new(pkey, -1); 236 } 237 238 EVP_PKEY_CTX * 239 EVP_PKEY_CTX_new_id(int id, ENGINE *engine) 240 { 241 return evp_pkey_ctx_new(NULL, id); 242 } 243 244 EVP_PKEY_CTX * 245 EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) 246 { 247 EVP_PKEY_CTX *rctx = NULL; 248 249 if (pctx->pmeth == NULL || pctx->pmeth->copy == NULL) 250 goto err; 251 if ((rctx = calloc(1, sizeof(*rctx))) == NULL) { 252 EVPerror(ERR_R_MALLOC_FAILURE); 253 goto err; 254 } 255 256 rctx->pmeth = pctx->pmeth; 257 258 if ((rctx->pkey = pctx->pkey) != NULL) 259 EVP_PKEY_up_ref(rctx->pkey); 260 if ((rctx->peerkey = pctx->peerkey) != NULL) 261 EVP_PKEY_up_ref(rctx->peerkey); 262 263 rctx->operation = pctx->operation; 264 265 if (pctx->pmeth->copy(rctx, pctx) <= 0) 266 goto err; 267 268 return rctx; 269 270 err: 271 EVP_PKEY_CTX_free(rctx); 272 return NULL; 273 } 274 275 int 276 EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) 277 { 278 if (pkey_app_methods == NULL) { 279 pkey_app_methods = sk_EVP_PKEY_METHOD_new(NULL); 280 if (pkey_app_methods == NULL) 281 return 0; 282 } 283 284 if (!sk_EVP_PKEY_METHOD_push(pkey_app_methods, pmeth)) 285 return 0; 286 287 return 1; 288 } 289 290 void 291 EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) 292 { 293 if (ctx == NULL) 294 return; 295 if (ctx->pmeth && ctx->pmeth->cleanup) 296 ctx->pmeth->cleanup(ctx); 297 EVP_PKEY_free(ctx->pkey); 298 EVP_PKEY_free(ctx->peerkey); 299 free(ctx); 300 } 301 302 int 303 EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd, 304 int p1, void *p2) 305 { 306 int ret; 307 308 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { 309 EVPerror(EVP_R_COMMAND_NOT_SUPPORTED); 310 return -2; 311 } 312 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype)) 313 return -1; 314 315 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { 316 EVPerror(EVP_R_NO_OPERATION_SET); 317 return -1; 318 } 319 320 if ((optype != -1) && !(ctx->operation & optype)) { 321 EVPerror(EVP_R_INVALID_OPERATION); 322 return -1; 323 } 324 325 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2); 326 327 if (ret == -2) 328 EVPerror(EVP_R_COMMAND_NOT_SUPPORTED); 329 330 return ret; 331 332 } 333 334 int 335 EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value) 336 { 337 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) { 338 EVPerror(EVP_R_COMMAND_NOT_SUPPORTED); 339 return -2; 340 } 341 if (!strcmp(name, "digest")) { 342 return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_TYPE_SIG, 343 EVP_PKEY_CTRL_MD, value); 344 } 345 return ctx->pmeth->ctrl_str(ctx, name, value); 346 } 347 348 int 349 EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str) 350 { 351 size_t len; 352 353 if ((len = strlen(str)) > INT_MAX) 354 return -1; 355 356 return ctx->pmeth->ctrl(ctx, cmd, len, (void *)str); 357 } 358 359 int 360 EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hexstr) 361 { 362 unsigned char *hex = NULL; 363 long length; 364 int ret = 0; 365 366 if ((hex = string_to_hex(hexstr, &length)) == NULL) 367 goto err; 368 if (length < 0 || length > INT_MAX) { 369 ret = -1; 370 goto err; 371 } 372 373 ret = ctx->pmeth->ctrl(ctx, cmd, length, hex); 374 375 err: 376 free(hex); 377 return ret; 378 } 379 380 int 381 EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name) 382 { 383 const EVP_MD *md; 384 385 if ((md = EVP_get_digestbyname(md_name)) == NULL) { 386 EVPerror(EVP_R_INVALID_DIGEST); 387 return 0; 388 } 389 return EVP_PKEY_CTX_ctrl(ctx, -1, optype, cmd, 0, (void *)md); 390 } 391 392 int 393 EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx) 394 { 395 return ctx->operation; 396 } 397 398 void 399 EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen) 400 { 401 ctx->keygen_info = dat; 402 ctx->keygen_info_count = datlen; 403 } 404 405 void 406 EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data) 407 { 408 ctx->data = data; 409 } 410 411 void * 412 EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx) 413 { 414 return ctx->data; 415 } 416 417 EVP_PKEY * 418 EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) 419 { 420 return ctx->pkey; 421 } 422 423 EVP_PKEY * 424 EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx) 425 { 426 return ctx->peerkey; 427 } 428 429 void 430 EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data) 431 { 432 ctx->app_data = data; 433 } 434 435 void * 436 EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx) 437 { 438 return ctx->app_data; 439 } 440 441 void 442 EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, 443 int (*init)(EVP_PKEY_CTX *ctx)) 444 { 445 pmeth->init = init; 446 } 447 448 void 449 EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, 450 int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)) 451 { 452 pmeth->copy = copy; 453 } 454 455 void 456 EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, 457 void (*cleanup)(EVP_PKEY_CTX *ctx)) 458 { 459 pmeth->cleanup = cleanup; 460 } 461 462 void 463 EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, 464 int (*paramgen_init)(EVP_PKEY_CTX *ctx), 465 int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) 466 { 467 pmeth->paramgen_init = paramgen_init; 468 pmeth->paramgen = paramgen; 469 } 470 471 void 472 EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, 473 int (*keygen_init)(EVP_PKEY_CTX *ctx), 474 int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)) 475 { 476 pmeth->keygen_init = keygen_init; 477 pmeth->keygen = keygen; 478 } 479 480 void 481 EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, 482 int (*sign_init)(EVP_PKEY_CTX *ctx), 483 int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 484 const unsigned char *tbs, size_t tbslen)) 485 { 486 pmeth->sign_init = sign_init; 487 pmeth->sign = sign; 488 } 489 490 void 491 EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, 492 int (*verify_init)(EVP_PKEY_CTX *ctx), 493 int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, 494 const unsigned char *tbs, size_t tbslen)) 495 { 496 pmeth->verify_init = verify_init; 497 pmeth->verify = verify; 498 } 499 500 void 501 EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, 502 int (*verify_recover_init)(EVP_PKEY_CTX *ctx), 503 int (*verify_recover)(EVP_PKEY_CTX *ctx, 504 unsigned char *sig, size_t *siglen, 505 const unsigned char *tbs, size_t tbslen)) 506 { 507 pmeth->verify_recover_init = verify_recover_init; 508 pmeth->verify_recover = verify_recover; 509 } 510 511 void 512 EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, 513 int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), 514 int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 515 EVP_MD_CTX *mctx)) 516 { 517 pmeth->signctx_init = signctx_init; 518 pmeth->signctx = signctx; 519 } 520 521 void 522 EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, 523 int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), 524 int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, 525 EVP_MD_CTX *mctx)) 526 { 527 pmeth->verifyctx_init = verifyctx_init; 528 pmeth->verifyctx = verifyctx; 529 } 530 531 void 532 EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, 533 int (*encrypt_init)(EVP_PKEY_CTX *ctx), 534 int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 535 const unsigned char *in, size_t inlen)) 536 { 537 pmeth->encrypt_init = encrypt_init; 538 pmeth->encrypt = encryptfn; 539 } 540 541 void 542 EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, 543 int (*decrypt_init)(EVP_PKEY_CTX *ctx), 544 int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 545 const unsigned char *in, size_t inlen)) 546 { 547 pmeth->decrypt_init = decrypt_init; 548 pmeth->decrypt = decrypt; 549 } 550 551 void 552 EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, 553 int (*derive_init)(EVP_PKEY_CTX *ctx), 554 int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)) 555 { 556 pmeth->derive_init = derive_init; 557 pmeth->derive = derive; 558 } 559 560 void 561 EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, 562 int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2), 563 int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)) 564 { 565 pmeth->ctrl = ctrl; 566 pmeth->ctrl_str = ctrl_str; 567 } 568 569 void 570 EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check)(EVP_PKEY *pkey)) 571 { 572 pmeth->check = check; 573 } 574 575 void 576 EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, 577 int (*public_check)(EVP_PKEY *pkey)) 578 { 579 pmeth->public_check = public_check; 580 } 581 582 void 583 EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, 584 int (*param_check)(EVP_PKEY *pkey)) 585 { 586 pmeth->param_check = param_check; 587 } 588