1 | /* |
2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at |
7 | * https://www.openssl.org/source/license.html |
8 | */ |
9 | |
10 | #include <stdio.h> |
11 | #include <time.h> |
12 | #include <sys/types.h> |
13 | |
14 | #include "internal/cryptlib.h" |
15 | |
16 | #include <openssl/bn.h> |
17 | #include <openssl/evp.h> |
18 | #include <openssl/x509.h> |
19 | #include <openssl/objects.h> |
20 | #include <openssl/buffer.h> |
21 | #include "crypto/asn1.h" |
22 | #include "crypto/evp.h" |
23 | |
24 | #ifndef NO_ASN1_OLD |
25 | |
26 | int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, |
27 | ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, |
28 | const EVP_MD *type) |
29 | { |
30 | EVP_MD_CTX *ctx = EVP_MD_CTX_new(); |
31 | unsigned char *p, *buf_in = NULL, *buf_out = NULL; |
32 | int i, inl = 0, outl = 0; |
33 | size_t inll = 0, outll = 0; |
34 | X509_ALGOR *a; |
35 | |
36 | if (ctx == NULL) { |
37 | ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE); |
38 | goto err; |
39 | } |
40 | for (i = 0; i < 2; i++) { |
41 | if (i == 0) |
42 | a = algor1; |
43 | else |
44 | a = algor2; |
45 | if (a == NULL) |
46 | continue; |
47 | if (type->pkey_type == NID_dsaWithSHA1) { |
48 | /* |
49 | * special case: RFC 2459 tells us to omit 'parameters' with |
50 | * id-dsa-with-sha1 |
51 | */ |
52 | ASN1_TYPE_free(a->parameter); |
53 | a->parameter = NULL; |
54 | } else if ((a->parameter == NULL) || |
55 | (a->parameter->type != V_ASN1_NULL)) { |
56 | ASN1_TYPE_free(a->parameter); |
57 | if ((a->parameter = ASN1_TYPE_new()) == NULL) |
58 | goto err; |
59 | a->parameter->type = V_ASN1_NULL; |
60 | } |
61 | ASN1_OBJECT_free(a->algorithm); |
62 | a->algorithm = OBJ_nid2obj(type->pkey_type); |
63 | if (a->algorithm == NULL) { |
64 | ASN1err(ASN1_F_ASN1_SIGN, ASN1_R_UNKNOWN_OBJECT_TYPE); |
65 | goto err; |
66 | } |
67 | if (a->algorithm->length == 0) { |
68 | ASN1err(ASN1_F_ASN1_SIGN, |
69 | ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); |
70 | goto err; |
71 | } |
72 | } |
73 | inl = i2d(data, NULL); |
74 | if (inl <= 0) { |
75 | ASN1err(ASN1_F_ASN1_SIGN, ERR_R_INTERNAL_ERROR); |
76 | goto err; |
77 | } |
78 | inll = (size_t)inl; |
79 | buf_in = OPENSSL_malloc(inll); |
80 | outll = outl = EVP_PKEY_size(pkey); |
81 | buf_out = OPENSSL_malloc(outll); |
82 | if (buf_in == NULL || buf_out == NULL) { |
83 | outl = 0; |
84 | ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE); |
85 | goto err; |
86 | } |
87 | p = buf_in; |
88 | |
89 | i2d(data, &p); |
90 | if (!EVP_SignInit_ex(ctx, type, NULL) |
91 | || !EVP_SignUpdate(ctx, (unsigned char *)buf_in, inl) |
92 | || !EVP_SignFinal(ctx, (unsigned char *)buf_out, |
93 | (unsigned int *)&outl, pkey)) { |
94 | outl = 0; |
95 | ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB); |
96 | goto err; |
97 | } |
98 | OPENSSL_free(signature->data); |
99 | signature->data = buf_out; |
100 | buf_out = NULL; |
101 | signature->length = outl; |
102 | /* |
103 | * In the interests of compatibility, I'll make sure that the bit string |
104 | * has a 'not-used bits' value of 0 |
105 | */ |
106 | signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); |
107 | signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; |
108 | err: |
109 | EVP_MD_CTX_free(ctx); |
110 | OPENSSL_clear_free((char *)buf_in, inll); |
111 | OPENSSL_clear_free((char *)buf_out, outll); |
112 | return outl; |
113 | } |
114 | |
115 | #endif |
116 | |
117 | int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, |
118 | X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn, |
119 | EVP_PKEY *pkey, const EVP_MD *type) |
120 | { |
121 | int rv; |
122 | EVP_MD_CTX *ctx = EVP_MD_CTX_new(); |
123 | |
124 | if (ctx == NULL) { |
125 | ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE); |
126 | return 0; |
127 | } |
128 | if (!EVP_DigestSignInit(ctx, NULL, type, NULL, pkey)) { |
129 | EVP_MD_CTX_free(ctx); |
130 | return 0; |
131 | } |
132 | |
133 | rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx); |
134 | |
135 | EVP_MD_CTX_free(ctx); |
136 | return rv; |
137 | } |
138 | |
139 | int ASN1_item_sign_ctx(const ASN1_ITEM *it, |
140 | X509_ALGOR *algor1, X509_ALGOR *algor2, |
141 | ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx) |
142 | { |
143 | const EVP_MD *type; |
144 | EVP_PKEY *pkey; |
145 | unsigned char *buf_in = NULL, *buf_out = NULL; |
146 | size_t inl = 0, outl = 0, outll = 0; |
147 | int signid, paramtype, buf_len = 0; |
148 | int rv, pkey_id; |
149 | |
150 | type = EVP_MD_CTX_md(ctx); |
151 | pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)); |
152 | |
153 | if (pkey == NULL) { |
154 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); |
155 | goto err; |
156 | } |
157 | |
158 | if (pkey->ameth == NULL) { |
159 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
160 | goto err; |
161 | } |
162 | |
163 | if (pkey->ameth->item_sign) { |
164 | rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, signature); |
165 | if (rv == 1) |
166 | outl = signature->length; |
167 | /*- |
168 | * Return value meanings: |
169 | * <=0: error. |
170 | * 1: method does everything. |
171 | * 2: carry on as normal. |
172 | * 3: ASN1 method sets algorithm identifiers: just sign. |
173 | */ |
174 | if (rv <= 0) |
175 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); |
176 | if (rv <= 1) |
177 | goto err; |
178 | } else { |
179 | rv = 2; |
180 | } |
181 | |
182 | if (rv == 2) { |
183 | if (type == NULL) { |
184 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); |
185 | goto err; |
186 | } |
187 | |
188 | pkey_id = |
189 | #ifndef OPENSSL_NO_SM2 |
190 | EVP_PKEY_id(pkey) == NID_sm2 ? NID_sm2 : |
191 | #endif |
192 | pkey->ameth->pkey_id; |
193 | |
194 | if (!OBJ_find_sigid_by_algs(&signid, EVP_MD_nid(type), pkey_id)) { |
195 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, |
196 | ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); |
197 | goto err; |
198 | } |
199 | |
200 | if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) |
201 | paramtype = V_ASN1_NULL; |
202 | else |
203 | paramtype = V_ASN1_UNDEF; |
204 | |
205 | if (algor1) |
206 | X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL); |
207 | if (algor2) |
208 | X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL); |
209 | |
210 | } |
211 | |
212 | buf_len = ASN1_item_i2d(asn, &buf_in, it); |
213 | if (buf_len <= 0) { |
214 | outl = 0; |
215 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_INTERNAL_ERROR); |
216 | goto err; |
217 | } |
218 | inl = buf_len; |
219 | outll = outl = EVP_PKEY_size(pkey); |
220 | buf_out = OPENSSL_malloc(outll); |
221 | if (buf_in == NULL || buf_out == NULL) { |
222 | outl = 0; |
223 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE); |
224 | goto err; |
225 | } |
226 | |
227 | if (!EVP_DigestSign(ctx, buf_out, &outl, buf_in, inl)) { |
228 | outl = 0; |
229 | ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); |
230 | goto err; |
231 | } |
232 | OPENSSL_free(signature->data); |
233 | signature->data = buf_out; |
234 | buf_out = NULL; |
235 | signature->length = outl; |
236 | /* |
237 | * In the interests of compatibility, I'll make sure that the bit string |
238 | * has a 'not-used bits' value of 0 |
239 | */ |
240 | signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); |
241 | signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; |
242 | err: |
243 | OPENSSL_clear_free((char *)buf_in, inl); |
244 | OPENSSL_clear_free((char *)buf_out, outll); |
245 | return outl; |
246 | } |
247 | |