summaryrefslogtreecommitdiffstats
path: root/crypto/evp/m_sigver.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2017-05-19 22:31:46 +0200
committerDr. Stephen Henson <steve@openssl.org>2017-05-30 21:38:19 +0200
commitf723c98e2d6d932e4cb95b3ac0e398bdbe61ee98 (patch)
tree36ff5822d19379606b90c372dfe2f15735a69930 /crypto/evp/m_sigver.c
parentsha/keccak1600.c: implement lane complementing transform (diff)
downloadopenssl-f723c98e2d6d932e4cb95b3ac0e398bdbe61ee98.tar.xz
openssl-f723c98e2d6d932e4cb95b3ac0e398bdbe61ee98.zip
Add support for custom digestsign/digestverify methods.
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
Diffstat (limited to 'crypto/evp/m_sigver.c')
-rw-r--r--crypto/evp/m_sigver.c22
1 files changed, 20 insertions, 2 deletions
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index d53e1d6bd2..be6bb21ff9 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -15,6 +15,12 @@
#include "internal/evp_int.h"
#include "evp_locl.h"
+static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen)
+{
+ EVPerr(EVP_F_UPDATE, EVP_R_ONLY_ONESHOT_SUPPORTED);
+ return 0;
+}
+
static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
int ver)
@@ -43,15 +49,23 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
return 0;
ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
- } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
+ } else if (ctx->pctx->pmeth->digestverify != 0) {
+ ctx->pctx->operation = EVP_PKEY_OP_VERIFY;
+ ctx->update = update;
+ } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0) {
return 0;
+ }
} else {
if (ctx->pctx->pmeth->signctx_init) {
if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
return 0;
ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
- } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
+ } else if (ctx->pctx->pmeth->digestsign != 0) {
+ ctx->pctx->operation = EVP_PKEY_OP_SIGN;
+ ctx->update = update;
+ } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0) {
return 0;
+ }
}
if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
return 0;
@@ -138,6 +152,8 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
const unsigned char *tbs, size_t tbslen)
{
+ if (ctx->pctx->pmeth->digestsign != NULL)
+ return ctx->pctx->pmeth->digestsign(ctx, sigret, siglen, tbs, tbslen);
if (sigret != NULL && EVP_DigestSignUpdate(ctx, tbs, tbslen) <= 0)
return 0;
return EVP_DigestSignFinal(ctx, sigret, siglen);
@@ -179,6 +195,8 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
size_t siglen, const unsigned char *tbs, size_t tbslen)
{
+ if (ctx->pctx->pmeth->digestverify != NULL)
+ return ctx->pctx->pmeth->digestverify(ctx, sigret, siglen, tbs, tbslen);
if (EVP_DigestVerifyUpdate(ctx, tbs, tbslen) <= 0)
return -1;
return EVP_DigestVerifyFinal(ctx, sigret, siglen);