diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c index f270e4378a48e9d7a7bc7cafef0dea913cb80329..b05e77b8a1009e6db9be5da95299a4ecb3c914a0 100644 --- a/crypto/ct/ct_vfy.c +++ b/crypto/ct/ct_vfy.c @@ -122,8 +122,9 @@ int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct) if (ctx == NULL) goto end; - if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->propq, sctx->pkey, - sctx->libctx)) + if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL, + "SHA2-256", sctx->libctx, sctx->propq, + sctx->pkey)) goto end; if (!sct_ctx_update(ctx, sctx, sct)) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 58cd1605025721e2fd8b5f518a2f67f1ba1c9278..7476efd9bc3cfe5126b676fa4fef0f37d350972a 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -295,8 +295,9 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate(). * Some code calls EVP_DigestUpdate() directly even when initialised - * with EVP_DigestSignInit_ex() or EVP_DigestVerifyInit_ex(), so we - * detect that and redirect to the correct EVP_Digest*Update() function + * with EVP_DigestSignInit_with_libctx() or + * EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to + * the correct EVP_Digest*Update() function */ if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX) return EVP_DigestSignUpdate(ctx, data, count); diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 8d37f19d6c205843450e1e3134a2135dedf8d693..04ac121e25a4ab83d8564dc8633d98872201c264 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -38,8 +38,8 @@ static const char *canon_mdname(const char *mdname) static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, const char *mdname, - const char *props, ENGINE *e, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, int ver) + OPENSSL_CTX *libctx, const char *props, + ENGINE *e, EVP_PKEY *pkey, int ver) { EVP_PKEY_CTX *locpctx = NULL; EVP_SIGNATURE *signature = NULL; @@ -285,31 +285,32 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, return 1; } -int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey, - OPENSSL_CTX *libctx) +int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, - 0); + return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0); } int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 0); + return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0); } -int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx) +int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, NULL, mdname, props, NULL, pkey, libctx, 1); + return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1); } int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey) { - return do_sigver_init(ctx, pctx, type, NULL, NULL, e, pkey, NULL, 1); + return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 1); } #endif /* FIPS_MDOE */ diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 44a69083b21920b4aab73990a0f5c09a43bcddc6..2c4f49a5284e00abefa13f6b981300f1227f02c9 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -14,8 +14,9 @@ #include #include "crypto/evp.h" -int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey) +int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret, + unsigned int *siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; @@ -30,8 +31,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, } else { int rv = 0; EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); + if (tmp_ctx == NULL) { - EVPerr(EVP_F_EVP_SIGNFINAL, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); return 0; } rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); @@ -44,7 +46,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, sltmp = (size_t)EVP_PKEY_size(pkey); i = 0; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); + pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); if (pkctx == NULL) goto err; if (EVP_PKEY_sign_init(pkctx) <= 0) @@ -59,3 +61,9 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, EVP_PKEY_CTX_free(pkctx); return i; } + +int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, + unsigned int *siglen, EVP_PKEY *pkey) +{ + return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL); +} diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index fe4b7b568d36c292cc808bc6be04600372a28652..db14866af071d0f7d6f050604224f5bcf8d165bf 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -14,8 +14,9 @@ #include #include "crypto/evp.h" -int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey) +int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; @@ -28,8 +29,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, } else { int rv = 0; EVP_MD_CTX *tmp_ctx = EVP_MD_CTX_new(); + if (tmp_ctx == NULL) { - EVPerr(EVP_F_EVP_VERIFYFINAL, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); return 0; } rv = EVP_MD_CTX_copy_ex(tmp_ctx, ctx); @@ -41,7 +43,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, } i = -1; - pkctx = EVP_PKEY_CTX_new(pkey, NULL); + pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); if (pkctx == NULL) goto err; if (EVP_PKEY_verify_init(pkctx) <= 0) @@ -53,3 +55,9 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, EVP_PKEY_CTX_free(pkctx); return i; } + +int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey) +{ + return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL); +} diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index 69dec1c74d4947e8d79d83f0af593b95743af3c5..923de31a31390e0b9d30c0ad087dac9ca60a958a 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -2,16 +2,17 @@ =head1 NAME -EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate, +EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions =head1 SYNOPSIS #include - int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx); + int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -26,12 +27,12 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signing takes place. -EVP_DigestSignInit_ex() sets up signing context I to use a digest with the -name I and private key I. The name of the digest to be used is -passed to the provider of the signature algorithm in use. How that provider -interprets the digest name is provider specific. The provider may implement -that digest directly itself or it may (optionally) choose to fetch it (which -could result in a digest from a different provider being selected). If the +EVP_DigestSignInit_with_libctx() sets up signing context I to use a digest +with the name I and private key I. The name of the digest to be +used is passed to the provider of the signature algorithm in use. How that +provider interprets the digest name is provider specific. The provider may +implement that digest directly itself or it may (optionally) choose to fetch it +(which could result in a digest from a different provider being selected). If the provider supports fetching the digest then it may use the I argument for the properties to be used during the fetch. @@ -49,18 +50,19 @@ I is not NULL, the EVP_PKEY_CTX of the signing operation will be written to I<*pctx>: this can be used to set alternative signing options. Note that any existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if I is not assigned an -EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() (which means -the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed -automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is -created by EVP_DigestSignInit_ex then it will use the B specified -in I and the property query string specified in I. +EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx() +(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx() +and it will be freed automatically when the EVP_MD_CTX is freed). If the +EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it +will use the B specified in I and the property query string +specified in I. The digest I may be NULL if the signing algorithm supports it. The I argument can always be NULL. -No B will be created by EVP_DigestSignInit_ex() if the passed -I has already been assigned one via L. See also -L. +No B will be created by EVP_DigestSignInit_with_libctx() if the +passed I has already been assigned one via L. +See also L. Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of @@ -108,10 +110,10 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. -EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except -that the I parameter will be inferred from the supplied digest I, -and I will be NULL. Where supplied the ENGINE I will be used for the -signing and digest algorithm implementations. I may be NULL. +EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx() +except that the I parameter will be inferred from the supplied +digest I, and I will be NULL. Where supplied the ENGINE I will +be used for the signing and digest algorithm implementations. I may be NULL. EVP_DigestSignUpdate() hashes I bytes of data at I into the signature context I. This function can be called several times on the @@ -182,7 +184,7 @@ L EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0. -EVP_DigestSignInit_ex() was added in OpenSSL 3.0. +EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0. EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index 9ea0014a5add97fb2599b4eac04583efa199302a..f0061f45482421aed005cd8778fbd40fe7c0dbeb 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -2,16 +2,17 @@ =head1 NAME -EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, +EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions =head1 SYNOPSIS #include - int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx); + int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -25,9 +26,9 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signature verification takes place. -EVP_DigestVerifyInit_ex() sets up verification context B to use a digest -with the name B and public key B. The name of the digest to be -used is passed to the provider of the signature algorithm in use. How that +EVP_DigestVerifyInit_with_libctx() sets up verification context B to use a +digest with the name B and public key B. The name of the digest to +be used is passed to the provider of the signature algorithm in use. How that provider interprets the digest name is provider specific. The provider may implement that digest directly itself or it may (optionally) choose to fetch it (which could result in a digest from a different provider being selected). If @@ -48,15 +49,16 @@ B is not NULL, the EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this can be used to set alternative verification options. Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if B is not assigned -an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which -means the EVP_PKEY_CTX is created inside EVP_DigestVerifyInit_ex() and it will -be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be -used is created by EVP_DigestVerifyInit_ex then it will use the B -specified in I and the property query string specified in I. +an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx() +(which means the EVP_PKEY_CTX is created inside +EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the +EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by +EVP_DigestVerifyInit_with_libctx then it will use the B specified +in I and the property query string specified in I. -No B will be created by EVP_DigestSignInit_ex() if the passed -B has already been assigned one via L. See also -L. +No B will be created by EVP_DigestSignInit_with_libctx() if the +passed B has already been assigned one via L. +See also L. Not all digests can be used for all key types. The following combinations apply. @@ -99,10 +101,11 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. -EVP_DigestVerifyInit() works in the same way as EVP_DigestVerifyInit_ex() except -that the B parameter will be inferred from the supplied digest B, -and B will be NULL. Where supplied the ENGINE B will be used for the -signature verification and digest algorithm implementations. B may be NULL. +EVP_DigestVerifyInit() works in the same way as +EVP_DigestVerifyInit_with_libctx() except that the B parameter will be +inferred from the supplied digest B, and B will be NULL. Where +supplied the ENGINE B will be used for the signature verification and digest +algorithm implementations. B may be NULL. EVP_DigestVerifyUpdate() hashes B bytes of data at B into the verification context B. This function can be called several times on the @@ -170,7 +173,7 @@ L EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0. -EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0. +EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0. EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod index 13bba5b50701b2f487a300fd9ffe8dc66a2c6b68..f6165f0468b23996f1972ad77c362018ee515dc0 100644 --- a/doc/man3/EVP_SignInit.pod +++ b/doc/man3/EVP_SignInit.pod @@ -2,7 +2,8 @@ =head1 NAME -EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal +EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, +EVP_SignFinal_with_libctx, EVP_SignFinal - EVP signing functions =head1 SYNOPSIS @@ -11,7 +12,11 @@ EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey); + int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, + unsigned int *s, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); + int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, + EVP_PKEY *pkey); void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type); @@ -28,20 +33,25 @@ EVP_SignUpdate() hashes I bytes of data at I into the signature context I. This function can be called several times on the same I to include additional data. -EVP_SignFinal() signs the data in I using the private key I and -places the signature in I. I must be at least C -bytes in size. I is an OUT parameter, and not used as an IN parameter. +EVP_SignFinal_with_libctx() signs the data in I using the private key +I and places the signature in I. The library context I and +property query I are used when creating a context to use with the key +I. I must be at least C bytes in size. I is +an OUT parameter, and not used as an IN parameter. The number of bytes of data written (i.e. the length of the signature) will be written to the integer at I, at most C bytes will be written. +EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default +values of NULL for the library context I and the property query I. + EVP_SignInit() initializes a signing context I to use the default implementation of digest I. =head1 RETURN VALUES -EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 -for success and 0 for failure. +EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and +EVP_SignFinal() return 1 for success and 0 for failure. The error codes can be obtained by L. @@ -87,6 +97,10 @@ L, L, L, L, L, L, L, L +=head1 HISTORY + +The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod index 3686980b2f64ab615649ae895d06a01d7ba31c3b..be5332a55d069b6e2b2d588355b382a83cd2621c 100644 --- a/doc/man3/EVP_VerifyInit.pod +++ b/doc/man3/EVP_VerifyInit.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_VerifyInit_ex, -EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal +EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal - EVP signature verification functions =head1 SYNOPSIS @@ -12,6 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); + int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); @@ -22,27 +25,32 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal The EVP signature verification routines are a high-level interface to digital signatures. -EVP_VerifyInit_ex() sets up verification context B to use digest -B from ENGINE B. B must be created by calling +EVP_VerifyInit_ex() sets up verification context I to use digest +I from ENGINE I. I must be created by calling EVP_MD_CTX_new() before calling this function. -EVP_VerifyUpdate() hashes B bytes of data at B into the -verification context B. This function can be called several times on the -same B to include additional data. +EVP_VerifyUpdate() hashes I bytes of data at I into the +verification context I. This function can be called several times on the +same I to include additional data. -EVP_VerifyFinal() verifies the data in B using the public key B -and against the B bytes at B. +EVP_VerifyFinal_with_libctx() verifies the data in I using the public key +I and I bytes in I. +The library context I and property query I are used when creating +a context to use with the key I. -EVP_VerifyInit() initializes verification context B to use the default -implementation of digest B. +EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default +values of NULL for the library context I and the property query I. + +EVP_VerifyInit() initializes verification context I to use the default +implementation of digest I. =head1 RETURN VALUES EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure. -EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some -other error occurred. +EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct +signature, 0 for failure and -1 if some other error occurred. The error codes can be obtained by L. @@ -83,6 +91,10 @@ L, L, L, L, L, L, L, L +head1 HISTORY + +The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 0d21c035fe5cf7a60a8ac573ee88bca180e4b891..6ff1e5602ee3676e08d2a63774942f1f020ed815 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -637,6 +637,7 @@ __owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, __owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties); + int EVP_MD_up_ref(EVP_MD *md); void EVP_MD_free(EVP_MD *md); @@ -697,6 +698,9 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, __owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, EVP_PKEY *pkey); +__owur int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, + unsigned int *s, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, @@ -704,14 +708,19 @@ __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, __owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); +__owur int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, + const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen); -int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, EVP_PKEY *pkey, - OPENSSL_CTX *libctx); +int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -719,9 +728,10 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize); __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); -int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, const char *props, - EVP_PKEY *pkey, OPENSSL_CTX *libctx); +int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, + OPENSSL_CTX *libctx, const char *props, + EVP_PKEY *pkey); __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 90863486183681d67b14c6da7d3cc65d0bc2204b..1a8e3cf829ac4a7cbcd73bee7793aa3b241314a2 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1610,8 +1610,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, binderout = tmpbinder; bindersize = hashsize; - if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->propq, - mackey, s->ctx->libctx) <= 0 + if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + mackey) <= 0 || EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0 || EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0 || bindersize != hashsize) { diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 27ddef9aaf0c2f1fe8194eb11bfbec6d2092bec2..3eeafef828fd1ca5cc8a06bd29f20ec15a550dae 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -784,8 +784,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } hmaclen = SHA256_DIGEST_LENGTH; - if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey, - s->ctx->libctx) <= 0 + if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", + s->ctx->libctx, s->ctx->propq, pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, data, rawlen - SHA256_DIGEST_LENGTH) <= 0 || hmaclen != SHA256_DIGEST_LENGTH) { @@ -1873,8 +1873,9 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, goto err; } - if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->propq, pkey, - s->ctx->libctx) <= 0 + if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", + s->ctx->libctx, s->ctx->propq, + pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, cookie, totcookielen) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 4cd85ef609b7af8c4da1db081ecd51a9dd95f83e..ff48759436f2d587a4f7050f271e4b1672cd419c 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2377,9 +2377,10 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) goto err; } - if (EVP_DigestVerifyInit_ex(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index d8aab20e9291c9076a2e2221da6094f2dae59619..39ec4a92fd26c8eb3efa0e83dda71945b5ad5107 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -277,9 +277,10 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_ex(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestSignInit_with_libctx(mctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB); goto err; @@ -472,9 +473,10 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) OSSL_TRACE1(TLS, "Using client verify alg %s\n", md == NULL ? "n/a" : EVP_MD_name(md)); - if (EVP_DigestVerifyInit_ex(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB); goto err; diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index b329e893794441ceae28b2105d087019babba208..c46254c85862d144bb22f4b70777032e67742e33 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2807,9 +2807,10 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_ex(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->propq, pkey, s->ctx->libctx) <= 0) { + if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, + pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 11eea82fffe36e9a534cabc9ec9c50e51ed89624..8285e5cd27ff203301362f59243404e2368f4f67 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -380,9 +380,9 @@ int tls1_change_cipher_state(SSL *s, int which) mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret, (int)*mac_secret_size); if (mac_key == NULL - || EVP_DigestSignInit_ex(mac_ctx, NULL, - EVP_MD_name(m), s->ctx->propq, - mac_key, s->ctx->libctx) <= 0) { + || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m), + s->ctx->libctx, s->ctx->propq, + mac_key) <= 0) { EVP_PKEY_free(mac_key); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); diff --git a/test/acvp_test.c b/test/acvp_test.c index 737d2c61bba361367d095041bf8ae41472ef9891..b33881d4dbf621ef0311a61479607881000a0edd 100644 --- a/test/acvp_test.c +++ b/test/acvp_test.c @@ -92,8 +92,9 @@ static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name, if (!TEST_ptr(sig = OPENSSL_malloc(sz)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) - || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, NULL, - pkey, libctx), 1) + || !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL, + digest_name, libctx, NULL, + pkey), 1) || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0)) goto err; *sig_out = sig; @@ -296,8 +297,9 @@ static int ecdsa_sigver_test(int id) ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0) && TEST_ptr(md_ctx = EVP_MD_CTX_new()) - && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg, - NULL, pkey, libctx) + && TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL, + tst->digest_alg, + libctx, NULL, pkey) && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len, tst->msg, tst->msg_len), tst->pass)); err: @@ -1238,8 +1240,9 @@ static int rsa_sigver_test(int id) || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len, tst->e, tst->e_len, NULL, 0, bn_ctx)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) - || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, tst->digest_alg, - NULL, pkey, libctx) + || !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx, + tst->digest_alg, + libctx, NULL, pkey) || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params)) || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len, tst->msg, tst->msg_len), tst->pass))) diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 51b517fb955a9ae238d2d56cb3dc5ab4e3edad63..de615c80ab11c9d05ce2072848f0fdb8b44ec70e 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -1461,8 +1461,9 @@ static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey) */ mdctx = EVP_MD_CTX_new(); if (!TEST_ptr(mdctx) - || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey, - NULL))) + || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL, + "SHA1", NULL, NULL, + pkey))) goto err; /*