1 /*
2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * ECDSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <string.h> /* memcpy */
17 #include <openssl/crypto.h>
18 #include <openssl/core_dispatch.h>
19 #include <openssl/core_names.h>
20 #include <openssl/dsa.h>
21 #include <openssl/params.h>
22 #include <openssl/evp.h>
23 #include <openssl/err.h>
24 #include <openssl/proverr.h>
25 #include "internal/nelem.h"
26 #include "internal/sizes.h"
27 #include "internal/cryptlib.h"
28 #include "prov/providercommon.h"
29 #include "prov/implementations.h"
30 #include "prov/provider_ctx.h"
31 #include "prov/securitycheck.h"
32 #include "crypto/ec.h"
33 #include "prov/der_ec.h"
34
35 static OSSL_FUNC_signature_newctx_fn ecdsa_newctx;
36 static OSSL_FUNC_signature_sign_init_fn ecdsa_sign_init;
37 static OSSL_FUNC_signature_verify_init_fn ecdsa_verify_init;
38 static OSSL_FUNC_signature_sign_fn ecdsa_sign;
39 static OSSL_FUNC_signature_verify_fn ecdsa_verify;
40 static OSSL_FUNC_signature_digest_sign_init_fn ecdsa_digest_sign_init;
41 static OSSL_FUNC_signature_digest_sign_update_fn ecdsa_digest_signverify_update;
42 static OSSL_FUNC_signature_digest_sign_final_fn ecdsa_digest_sign_final;
43 static OSSL_FUNC_signature_digest_verify_init_fn ecdsa_digest_verify_init;
44 static OSSL_FUNC_signature_digest_verify_update_fn ecdsa_digest_signverify_update;
45 static OSSL_FUNC_signature_digest_verify_final_fn ecdsa_digest_verify_final;
46 static OSSL_FUNC_signature_freectx_fn ecdsa_freectx;
47 static OSSL_FUNC_signature_dupctx_fn ecdsa_dupctx;
48 static OSSL_FUNC_signature_get_ctx_params_fn ecdsa_get_ctx_params;
49 static OSSL_FUNC_signature_gettable_ctx_params_fn ecdsa_gettable_ctx_params;
50 static OSSL_FUNC_signature_set_ctx_params_fn ecdsa_set_ctx_params;
51 static OSSL_FUNC_signature_settable_ctx_params_fn ecdsa_settable_ctx_params;
52 static OSSL_FUNC_signature_get_ctx_md_params_fn ecdsa_get_ctx_md_params;
53 static OSSL_FUNC_signature_gettable_ctx_md_params_fn ecdsa_gettable_ctx_md_params;
54 static OSSL_FUNC_signature_set_ctx_md_params_fn ecdsa_set_ctx_md_params;
55 static OSSL_FUNC_signature_settable_ctx_md_params_fn ecdsa_settable_ctx_md_params;
56
57 /*
58 * What's passed as an actual key is defined by the KEYMGMT interface.
59 * We happen to know that our KEYMGMT simply passes DSA structures, so
60 * we use that here too.
61 */
62
63 typedef struct {
64 OSSL_LIB_CTX *libctx;
65 char *propq;
66 EC_KEY *ec;
67 char mdname[OSSL_MAX_NAME_SIZE];
68
69 /*
70 * Flag to determine if the hash function can be changed (1) or not (0)
71 * Because it's dangerous to change during a DigestSign or DigestVerify
72 * operation, this flag is cleared by their Init function, and set again
73 * by their Final function.
74 */
75 unsigned int flag_allow_md : 1;
76
77 /* The Algorithm Identifier of the combined signature algorithm */
78 unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
79 unsigned char *aid;
80 size_t aid_len;
81 size_t mdsize;
82 int operation;
83
84 EVP_MD *md;
85 EVP_MD_CTX *mdctx;
86 /*
87 * Internally used to cache the results of calling the EC group
88 * sign_setup() methods which are then passed to the sign operation.
89 * This is used by CAVS failure tests to terminate a loop if the signature
90 * is not valid.
91 * This could of also been done with a simple flag.
92 */
93 BIGNUM *kinv;
94 BIGNUM *r;
95 #if !defined(OPENSSL_NO_ACVP_TESTS)
96 /*
97 * This indicates that KAT (CAVS) test is running. Externally an app will
98 * override the random callback such that the generated private key and k
99 * are known.
100 * Normal operation will loop to choose a new k if the signature is not
101 * valid - but for this mode of operation it forces a failure instead.
102 */
103 unsigned int kattest;
104 #endif
105 } PROV_ECDSA_CTX;
106
ecdsa_newctx(void * provctx,const char * propq)107 static void *ecdsa_newctx(void *provctx, const char *propq)
108 {
109 PROV_ECDSA_CTX *ctx;
110
111 if (!ossl_prov_is_running())
112 return NULL;
113
114 ctx = OPENSSL_zalloc(sizeof(PROV_ECDSA_CTX));
115 if (ctx == NULL)
116 return NULL;
117
118 ctx->flag_allow_md = 1;
119 ctx->libctx = PROV_LIBCTX_OF(provctx);
120 if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) {
121 OPENSSL_free(ctx);
122 ctx = NULL;
123 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
124 }
125 return ctx;
126 }
127
ecdsa_signverify_init(void * vctx,void * ec,const OSSL_PARAM params[],int operation)128 static int ecdsa_signverify_init(void *vctx, void *ec,
129 const OSSL_PARAM params[], int operation)
130 {
131 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
132
133 if (!ossl_prov_is_running()
134 || ctx == NULL)
135 return 0;
136
137 if (ec == NULL && ctx->ec == NULL) {
138 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
139 return 0;
140 }
141
142 if (ec != NULL) {
143 if (!ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN))
144 return 0;
145 if (!EC_KEY_up_ref(ec))
146 return 0;
147 EC_KEY_free(ctx->ec);
148 ctx->ec = ec;
149 }
150
151 ctx->operation = operation;
152
153 if (!ecdsa_set_ctx_params(ctx, params))
154 return 0;
155
156 return 1;
157 }
158
ecdsa_sign_init(void * vctx,void * ec,const OSSL_PARAM params[])159 static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[])
160 {
161 return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_SIGN);
162 }
163
ecdsa_verify_init(void * vctx,void * ec,const OSSL_PARAM params[])164 static int ecdsa_verify_init(void *vctx, void *ec, const OSSL_PARAM params[])
165 {
166 return ecdsa_signverify_init(vctx, ec, params, EVP_PKEY_OP_VERIFY);
167 }
168
ecdsa_sign(void * vctx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)169 static int ecdsa_sign(void *vctx, unsigned char *sig, size_t *siglen,
170 size_t sigsize, const unsigned char *tbs, size_t tbslen)
171 {
172 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
173 int ret;
174 unsigned int sltmp;
175 size_t ecsize = ECDSA_size(ctx->ec);
176
177 if (!ossl_prov_is_running())
178 return 0;
179
180 if (sig == NULL) {
181 *siglen = ecsize;
182 return 1;
183 }
184
185 #if !defined(OPENSSL_NO_ACVP_TESTS)
186 if (ctx->kattest && !ECDSA_sign_setup(ctx->ec, NULL, &ctx->kinv, &ctx->r))
187 return 0;
188 #endif
189
190 if (sigsize < (size_t)ecsize)
191 return 0;
192
193 if (ctx->mdsize != 0 && tbslen != ctx->mdsize)
194 return 0;
195
196 ret = ECDSA_sign_ex(0, tbs, tbslen, sig, &sltmp, ctx->kinv, ctx->r, ctx->ec);
197 if (ret <= 0)
198 return 0;
199
200 *siglen = sltmp;
201 return 1;
202 }
203
ecdsa_verify(void * vctx,const unsigned char * sig,size_t siglen,const unsigned char * tbs,size_t tbslen)204 static int ecdsa_verify(void *vctx, const unsigned char *sig, size_t siglen,
205 const unsigned char *tbs, size_t tbslen)
206 {
207 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
208
209 if (!ossl_prov_is_running() || (ctx->mdsize != 0 && tbslen != ctx->mdsize))
210 return 0;
211
212 return ECDSA_verify(0, tbs, tbslen, sig, siglen, ctx->ec);
213 }
214
ecdsa_setup_md(PROV_ECDSA_CTX * ctx,const char * mdname,const char * mdprops)215 static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname,
216 const char *mdprops)
217 {
218 EVP_MD *md = NULL;
219 size_t mdname_len;
220 int md_nid, sha1_allowed;
221 WPACKET pkt;
222
223 if (mdname == NULL)
224 return 1;
225
226 mdname_len = strlen(mdname);
227 if (mdname_len >= sizeof(ctx->mdname)) {
228 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
229 "%s exceeds name buffer length", mdname);
230 return 0;
231 }
232 if (mdprops == NULL)
233 mdprops = ctx->propq;
234 md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
235 if (md == NULL) {
236 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
237 "%s could not be fetched", mdname);
238 return 0;
239 }
240 sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
241 md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
242 sha1_allowed);
243 if (md_nid < 0) {
244 ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
245 "digest=%s", mdname);
246 EVP_MD_free(md);
247 return 0;
248 }
249
250 if (!ctx->flag_allow_md) {
251 if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) {
252 ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
253 "digest %s != %s", mdname, ctx->mdname);
254 EVP_MD_free(md);
255 return 0;
256 }
257 EVP_MD_free(md);
258 return 1;
259 }
260
261 EVP_MD_CTX_free(ctx->mdctx);
262 EVP_MD_free(ctx->md);
263
264 ctx->aid_len = 0;
265 if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf))
266 && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec,
267 md_nid)
268 && WPACKET_finish(&pkt)) {
269 WPACKET_get_total_written(&pkt, &ctx->aid_len);
270 ctx->aid = WPACKET_get_curr(&pkt);
271 }
272 WPACKET_cleanup(&pkt);
273 ctx->mdctx = NULL;
274 ctx->md = md;
275 ctx->mdsize = EVP_MD_get_size(ctx->md);
276 OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname));
277
278 return 1;
279 }
280
ecdsa_digest_signverify_init(void * vctx,const char * mdname,void * ec,const OSSL_PARAM params[],int operation)281 static int ecdsa_digest_signverify_init(void *vctx, const char *mdname,
282 void *ec, const OSSL_PARAM params[],
283 int operation)
284 {
285 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
286
287 if (!ossl_prov_is_running())
288 return 0;
289
290 if (!ecdsa_signverify_init(vctx, ec, params, operation)
291 || !ecdsa_setup_md(ctx, mdname, NULL))
292 return 0;
293
294 ctx->flag_allow_md = 0;
295
296 if (ctx->mdctx == NULL) {
297 ctx->mdctx = EVP_MD_CTX_new();
298 if (ctx->mdctx == NULL)
299 goto error;
300 }
301
302 if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params))
303 goto error;
304 return 1;
305 error:
306 EVP_MD_CTX_free(ctx->mdctx);
307 ctx->mdctx = NULL;
308 return 0;
309 }
310
ecdsa_digest_sign_init(void * vctx,const char * mdname,void * ec,const OSSL_PARAM params[])311 static int ecdsa_digest_sign_init(void *vctx, const char *mdname, void *ec,
312 const OSSL_PARAM params[])
313 {
314 return ecdsa_digest_signverify_init(vctx, mdname, ec, params,
315 EVP_PKEY_OP_SIGN);
316 }
317
ecdsa_digest_verify_init(void * vctx,const char * mdname,void * ec,const OSSL_PARAM params[])318 static int ecdsa_digest_verify_init(void *vctx, const char *mdname, void *ec,
319 const OSSL_PARAM params[])
320 {
321 return ecdsa_digest_signverify_init(vctx, mdname, ec, params,
322 EVP_PKEY_OP_VERIFY);
323 }
324
ecdsa_digest_signverify_update(void * vctx,const unsigned char * data,size_t datalen)325 int ecdsa_digest_signverify_update(void *vctx, const unsigned char *data,
326 size_t datalen)
327 {
328 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
329
330 if (ctx == NULL || ctx->mdctx == NULL)
331 return 0;
332
333 return EVP_DigestUpdate(ctx->mdctx, data, datalen);
334 }
335
ecdsa_digest_sign_final(void * vctx,unsigned char * sig,size_t * siglen,size_t sigsize)336 int ecdsa_digest_sign_final(void *vctx, unsigned char *sig, size_t *siglen,
337 size_t sigsize)
338 {
339 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
340 unsigned char digest[EVP_MAX_MD_SIZE];
341 unsigned int dlen = 0;
342
343 if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL)
344 return 0;
345
346 /*
347 * If sig is NULL then we're just finding out the sig size. Other fields
348 * are ignored. Defer to ecdsa_sign.
349 */
350 if (sig != NULL
351 && !EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen))
352 return 0;
353 ctx->flag_allow_md = 1;
354 return ecdsa_sign(vctx, sig, siglen, sigsize, digest, (size_t)dlen);
355 }
356
ecdsa_digest_verify_final(void * vctx,const unsigned char * sig,size_t siglen)357 int ecdsa_digest_verify_final(void *vctx, const unsigned char *sig,
358 size_t siglen)
359 {
360 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
361 unsigned char digest[EVP_MAX_MD_SIZE];
362 unsigned int dlen = 0;
363
364 if (!ossl_prov_is_running() || ctx == NULL || ctx->mdctx == NULL)
365 return 0;
366
367 if (!EVP_DigestFinal_ex(ctx->mdctx, digest, &dlen))
368 return 0;
369 ctx->flag_allow_md = 1;
370 return ecdsa_verify(ctx, sig, siglen, digest, (size_t)dlen);
371 }
372
ecdsa_freectx(void * vctx)373 static void ecdsa_freectx(void *vctx)
374 {
375 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
376
377 OPENSSL_free(ctx->propq);
378 EVP_MD_CTX_free(ctx->mdctx);
379 EVP_MD_free(ctx->md);
380 ctx->propq = NULL;
381 ctx->mdctx = NULL;
382 ctx->md = NULL;
383 ctx->mdsize = 0;
384 EC_KEY_free(ctx->ec);
385 BN_clear_free(ctx->kinv);
386 BN_clear_free(ctx->r);
387 OPENSSL_free(ctx);
388 }
389
ecdsa_dupctx(void * vctx)390 static void *ecdsa_dupctx(void *vctx)
391 {
392 PROV_ECDSA_CTX *srcctx = (PROV_ECDSA_CTX *)vctx;
393 PROV_ECDSA_CTX *dstctx;
394
395 if (!ossl_prov_is_running())
396 return NULL;
397
398 dstctx = OPENSSL_zalloc(sizeof(*srcctx));
399 if (dstctx == NULL)
400 return NULL;
401
402 *dstctx = *srcctx;
403 dstctx->ec = NULL;
404 dstctx->md = NULL;
405 dstctx->mdctx = NULL;
406 dstctx->propq = NULL;
407
408 if (srcctx->ec != NULL && !EC_KEY_up_ref(srcctx->ec))
409 goto err;
410 /* Test KATS should not need to be supported */
411 if (srcctx->kinv != NULL || srcctx->r != NULL)
412 goto err;
413 dstctx->ec = srcctx->ec;
414
415 if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md))
416 goto err;
417 dstctx->md = srcctx->md;
418
419 if (srcctx->mdctx != NULL) {
420 dstctx->mdctx = EVP_MD_CTX_new();
421 if (dstctx->mdctx == NULL
422 || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx))
423 goto err;
424 }
425
426 if (srcctx->propq != NULL) {
427 dstctx->propq = OPENSSL_strdup(srcctx->propq);
428 if (dstctx->propq == NULL)
429 goto err;
430 }
431
432 return dstctx;
433 err:
434 ecdsa_freectx(dstctx);
435 return NULL;
436 }
437
ecdsa_get_ctx_params(void * vctx,OSSL_PARAM * params)438 static int ecdsa_get_ctx_params(void *vctx, OSSL_PARAM *params)
439 {
440 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
441 OSSL_PARAM *p;
442
443 if (ctx == NULL)
444 return 0;
445
446 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
447 if (p != NULL && !OSSL_PARAM_set_octet_string(p, ctx->aid, ctx->aid_len))
448 return 0;
449
450 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
451 if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->mdsize))
452 return 0;
453
454 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
455 if (p != NULL && !OSSL_PARAM_set_utf8_string(p, ctx->md == NULL
456 ? ctx->mdname
457 : EVP_MD_get0_name(ctx->md)))
458 return 0;
459
460 return 1;
461 }
462
463 static const OSSL_PARAM known_gettable_ctx_params[] = {
464 OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
465 OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
466 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
467 OSSL_PARAM_END
468 };
469
ecdsa_gettable_ctx_params(ossl_unused void * vctx,ossl_unused void * provctx)470 static const OSSL_PARAM *ecdsa_gettable_ctx_params(ossl_unused void *vctx,
471 ossl_unused void *provctx)
472 {
473 return known_gettable_ctx_params;
474 }
475
ecdsa_set_ctx_params(void * vctx,const OSSL_PARAM params[])476 static int ecdsa_set_ctx_params(void *vctx, const OSSL_PARAM params[])
477 {
478 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
479 const OSSL_PARAM *p;
480 size_t mdsize = 0;
481
482 if (ctx == NULL)
483 return 0;
484 if (params == NULL)
485 return 1;
486
487 #if !defined(OPENSSL_NO_ACVP_TESTS)
488 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_KAT);
489 if (p != NULL && !OSSL_PARAM_get_uint(p, &ctx->kattest))
490 return 0;
491 #endif
492
493 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST);
494 if (p != NULL) {
495 char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
496 char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
497 const OSSL_PARAM *propsp =
498 OSSL_PARAM_locate_const(params,
499 OSSL_SIGNATURE_PARAM_PROPERTIES);
500
501 if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname)))
502 return 0;
503 if (propsp != NULL
504 && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops)))
505 return 0;
506 if (!ecdsa_setup_md(ctx, mdname, mdprops))
507 return 0;
508 }
509
510 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
511 if (p != NULL) {
512 if (!OSSL_PARAM_get_size_t(p, &mdsize)
513 || (!ctx->flag_allow_md && mdsize != ctx->mdsize))
514 return 0;
515 ctx->mdsize = mdsize;
516 }
517
518 return 1;
519 }
520
521 static const OSSL_PARAM settable_ctx_params[] = {
522 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
523 OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
524 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0),
525 OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),
526 OSSL_PARAM_END
527 };
528
529 static const OSSL_PARAM settable_ctx_params_no_digest[] = {
530 OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_KAT, NULL),
531 OSSL_PARAM_END
532 };
533
ecdsa_settable_ctx_params(void * vctx,ossl_unused void * provctx)534 static const OSSL_PARAM *ecdsa_settable_ctx_params(void *vctx,
535 ossl_unused void *provctx)
536 {
537 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
538
539 if (ctx != NULL && !ctx->flag_allow_md)
540 return settable_ctx_params_no_digest;
541 return settable_ctx_params;
542 }
543
ecdsa_get_ctx_md_params(void * vctx,OSSL_PARAM * params)544 static int ecdsa_get_ctx_md_params(void *vctx, OSSL_PARAM *params)
545 {
546 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
547
548 if (ctx->mdctx == NULL)
549 return 0;
550
551 return EVP_MD_CTX_get_params(ctx->mdctx, params);
552 }
553
ecdsa_gettable_ctx_md_params(void * vctx)554 static const OSSL_PARAM *ecdsa_gettable_ctx_md_params(void *vctx)
555 {
556 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
557
558 if (ctx->md == NULL)
559 return 0;
560
561 return EVP_MD_gettable_ctx_params(ctx->md);
562 }
563
ecdsa_set_ctx_md_params(void * vctx,const OSSL_PARAM params[])564 static int ecdsa_set_ctx_md_params(void *vctx, const OSSL_PARAM params[])
565 {
566 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
567
568 if (ctx->mdctx == NULL)
569 return 0;
570
571 return EVP_MD_CTX_set_params(ctx->mdctx, params);
572 }
573
ecdsa_settable_ctx_md_params(void * vctx)574 static const OSSL_PARAM *ecdsa_settable_ctx_md_params(void *vctx)
575 {
576 PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
577
578 if (ctx->md == NULL)
579 return 0;
580
581 return EVP_MD_settable_ctx_params(ctx->md);
582 }
583
584 const OSSL_DISPATCH ossl_ecdsa_signature_functions[] = {
585 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))ecdsa_newctx },
586 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))ecdsa_sign_init },
587 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))ecdsa_sign },
588 { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))ecdsa_verify_init },
589 { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))ecdsa_verify },
590 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
591 (void (*)(void))ecdsa_digest_sign_init },
592 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
593 (void (*)(void))ecdsa_digest_signverify_update },
594 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
595 (void (*)(void))ecdsa_digest_sign_final },
596 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
597 (void (*)(void))ecdsa_digest_verify_init },
598 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
599 (void (*)(void))ecdsa_digest_signverify_update },
600 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
601 (void (*)(void))ecdsa_digest_verify_final },
602 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))ecdsa_freectx },
603 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))ecdsa_dupctx },
604 { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))ecdsa_get_ctx_params },
605 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS,
606 (void (*)(void))ecdsa_gettable_ctx_params },
607 { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))ecdsa_set_ctx_params },
608 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS,
609 (void (*)(void))ecdsa_settable_ctx_params },
610 { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS,
611 (void (*)(void))ecdsa_get_ctx_md_params },
612 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS,
613 (void (*)(void))ecdsa_gettable_ctx_md_params },
614 { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS,
615 (void (*)(void))ecdsa_set_ctx_md_params },
616 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS,
617 (void (*)(void))ecdsa_settable_ctx_md_params },
618 { 0, NULL }
619 };
620