Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	lib/libcrypto/evp/pmeth_lib.c	Lines:	85	223	38.1 %
Date:	2017-11-13	Branches:	46	108	42.6 %


/* $OpenBSD: pmeth_lib.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
/* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <openssl/opensslconf.h>

#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/objects.h>

#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif

#include "asn1_locl.h"
#include "evp_locl.h"

typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);

DECLARE_STACK_OF(EVP_PKEY_METHOD)
STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;

extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
extern const EVP_PKEY_METHOD gostimit_pkey_meth, gostr01_pkey_meth;

static const EVP_PKEY_METHOD *standard_methods[] = {
#ifndef OPENSSL_NO_RSA
	&rsa_pkey_meth,
#endif
#ifndef OPENSSL_NO_DH
	&dh_pkey_meth,
#endif
#ifndef OPENSSL_NO_DSA
	&dsa_pkey_meth,
#endif
#ifndef OPENSSL_NO_EC
	&ec_pkey_meth,
#endif
#ifndef OPENSSL_NO_GOST
	&gostr01_pkey_meth,
	&gostimit_pkey_meth,
#endif
	&hmac_pkey_meth,
	&cmac_pkey_meth,
};

static int pmeth_cmp_BSEARCH_CMP_FN(const void *, const void *);
static int pmeth_cmp(const EVP_PKEY_METHOD * const *, const EVP_PKEY_METHOD * const *);
static const EVP_PKEY_METHOD * *OBJ_bsearch_pmeth(const EVP_PKEY_METHOD * *key, const EVP_PKEY_METHOD * const *base, int num);

static int
pmeth_cmp(const EVP_PKEY_METHOD * const *a, const EVP_PKEY_METHOD * const *b)
{
	return ((*a)->pkey_id - (*b)->pkey_id);
}


static int
pmeth_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
{
	const EVP_PKEY_METHOD * const *a = a_;
	const EVP_PKEY_METHOD * const *b = b_;
	return pmeth_cmp(a, b);
}

static const EVP_PKEY_METHOD * *
OBJ_bsearch_pmeth(const EVP_PKEY_METHOD * *key, const EVP_PKEY_METHOD * const *base, int num)
{
	return (const EVP_PKEY_METHOD * *)OBJ_bsearch_(key, base, num, sizeof(const EVP_PKEY_METHOD *),
	    pmeth_cmp_BSEARCH_CMP_FN);
}

const EVP_PKEY_METHOD *
EVP_PKEY_meth_find(int type)
{
	EVP_PKEY_METHOD tmp;
	const EVP_PKEY_METHOD *t = &tmp, **ret;

	tmp.pkey_id = type;
	if (app_pkey_methods) {
		int idx;
		idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
		if (idx >= 0)
			return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
	}
	ret = OBJ_bsearch_pmeth(&t, standard_methods,
	    sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
	if (!ret || !*ret)
		return NULL;
	return *ret;
}

static EVP_PKEY_CTX *
int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
{
	EVP_PKEY_CTX *ret;
	const EVP_PKEY_METHOD *pmeth;

	if (id == -1) {
		if (!pkey || !pkey->ameth)
			return NULL;
		id = pkey->ameth->pkey_id;
	}
#ifndef OPENSSL_NO_ENGINE
	if (pkey && pkey->engine)
		e = pkey->engine;
	/* Try to find an ENGINE which implements this method */
	if (e) {
		if (!ENGINE_init(e)) {
			EVPerror(ERR_R_ENGINE_LIB);
			return NULL;
		}
	} else
		e = ENGINE_get_pkey_meth_engine(id);

	/* If an ENGINE handled this method look it up. Othewise
	 * use internal tables.
	 */

	if (e)
		pmeth = ENGINE_get_pkey_meth(e, id);
	else
#endif
		pmeth = EVP_PKEY_meth_find(id);

	if (pmeth == NULL) {
		EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
		return NULL;
	}

	ret = malloc(sizeof(EVP_PKEY_CTX));
	if (!ret) {
#ifndef OPENSSL_NO_ENGINE
		if (e)
			ENGINE_finish(e);
#endif
		EVPerror(ERR_R_MALLOC_FAILURE);
		return NULL;
	}
	ret->engine = e;
	ret->pmeth = pmeth;
	ret->operation = EVP_PKEY_OP_UNDEFINED;
	ret->pkey = pkey;
	ret->peerkey = NULL;
	ret->pkey_gencb = 0;
	if (pkey)
		CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
	ret->data = NULL;

	if (pmeth->init) {
		if (pmeth->init(ret) <= 0) {
			EVP_PKEY_CTX_free(ret);
			return NULL;
		}
	}

	return ret;
}

EVP_PKEY_METHOD*
EVP_PKEY_meth_new(int id, int flags)
{
	EVP_PKEY_METHOD *pmeth;

	pmeth = calloc(1, sizeof(EVP_PKEY_METHOD));
	if (!pmeth)
		return NULL;

	pmeth->pkey_id = id;
	pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;

	pmeth->init = 0;
	pmeth->copy = 0;
	pmeth->cleanup = 0;
	pmeth->paramgen_init = 0;
	pmeth->paramgen = 0;
	pmeth->keygen_init = 0;
	pmeth->keygen = 0;
	pmeth->sign_init = 0;
	pmeth->sign = 0;
	pmeth->verify_init = 0;
	pmeth->verify = 0;
	pmeth->verify_recover_init = 0;
	pmeth->verify_recover = 0;
	pmeth->signctx_init = 0;
	pmeth->signctx = 0;
	pmeth->verifyctx_init = 0;
	pmeth->verifyctx = 0;
	pmeth->encrypt_init = 0;
	pmeth->encrypt = 0;
	pmeth->decrypt_init = 0;
	pmeth->decrypt = 0;
	pmeth->derive_init = 0;
	pmeth->derive = 0;
	pmeth->ctrl = 0;
	pmeth->ctrl_str = 0;

	return pmeth;
}

void
EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
{
	if (ppkey_id)
		*ppkey_id = meth->pkey_id;
	if (pflags)
		*pflags = meth->flags;
}

void
EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
{
	dst->init = src->init;
	dst->copy = src->copy;
	dst->cleanup = src->cleanup;

	dst->paramgen_init = src->paramgen_init;
	dst->paramgen = src->paramgen;

	dst->keygen_init = src->keygen_init;
	dst->keygen = src->keygen;

	dst->sign_init = src->sign_init;
	dst->sign = src->sign;

	dst->verify_init = src->verify_init;
	dst->verify = src->verify;

	dst->verify_recover_init = src->verify_recover_init;
	dst->verify_recover = src->verify_recover;

	dst->signctx_init = src->signctx_init;
	dst->signctx = src->signctx;

	dst->verifyctx_init = src->verifyctx_init;
	dst->verifyctx = src->verifyctx;

	dst->encrypt_init = src->encrypt_init;
	dst->encrypt = src->encrypt;

	dst->decrypt_init = src->decrypt_init;
	dst->decrypt = src->decrypt;

	dst->derive_init = src->derive_init;
	dst->derive = src->derive;

	dst->ctrl = src->ctrl;
	dst->ctrl_str = src->ctrl_str;
}

void
EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
{
	if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
		free(pmeth);
}

EVP_PKEY_CTX *
EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
{
	return int_ctx_new(pkey, e, -1);
}

EVP_PKEY_CTX *
EVP_PKEY_CTX_new_id(int id, ENGINE *e)
{
	return int_ctx_new(NULL, e, id);
}

EVP_PKEY_CTX *
EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
{
	EVP_PKEY_CTX *rctx;

	if (!pctx->pmeth || !pctx->pmeth->copy)
		return NULL;
#ifndef OPENSSL_NO_ENGINE
	/* Make sure it's safe to copy a pkey context using an ENGINE */
	if (pctx->engine && !ENGINE_init(pctx->engine)) {
		EVPerror(ERR_R_ENGINE_LIB);
		return 0;
	}
#endif
	rctx = malloc(sizeof(EVP_PKEY_CTX));
	if (!rctx)
		return NULL;

	rctx->pmeth = pctx->pmeth;
#ifndef OPENSSL_NO_ENGINE
	rctx->engine = pctx->engine;
#endif

	if (pctx->pkey)
		CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);

	rctx->pkey = pctx->pkey;

	if (pctx->peerkey)
		CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);

	rctx->peerkey = pctx->peerkey;

	rctx->data = NULL;
	rctx->app_data = NULL;
	rctx->operation = pctx->operation;

	if (pctx->pmeth->copy(rctx, pctx) > 0)
		return rctx;

	EVP_PKEY_CTX_free(rctx);
	return NULL;
}

int
EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
{
	if (app_pkey_methods == NULL) {
		app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
		if (!app_pkey_methods)
			return 0;
	}
	if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
		return 0;
	sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
	return 1;
}

void
EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
{
	if (ctx == NULL)
		return;
	if (ctx->pmeth && ctx->pmeth->cleanup)
		ctx->pmeth->cleanup(ctx);
	EVP_PKEY_free(ctx->pkey);
	EVP_PKEY_free(ctx->peerkey);
#ifndef OPENSSL_NO_ENGINE
	if (ctx->engine)
		/* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
		 * functional reference we held for this reason. */
		ENGINE_finish(ctx->engine);
#endif
	free(ctx);
}

int
EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
    int p1, void *p2)
{
	int ret;

	if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
		EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
		return -2;
	}
	if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
		return -1;

	if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
		EVPerror(EVP_R_NO_OPERATION_SET);
		return -1;
	}

	if ((optype != -1) && !(ctx->operation & optype)) {
		EVPerror(EVP_R_INVALID_OPERATION);
		return -1;
	}

	ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);

	if (ret == -2)
		EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);

	return ret;

}

int
EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value)
{
	if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
		EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
		return -2;
	}
	if (!strcmp(name, "digest")) {
		const EVP_MD *md;
		if (!value || !(md = EVP_get_digestbyname(value))) {
			EVPerror(EVP_R_INVALID_DIGEST);
			return 0;
		}
		return EVP_PKEY_CTX_set_signature_md(ctx, md);
	}
	return ctx->pmeth->ctrl_str(ctx, name, value);
}

int
EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
{
	return ctx->operation;
}

void
EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
{
	ctx->keygen_info = dat;
	ctx->keygen_info_count = datlen;
}

void
EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
{
	ctx->data = data;
}

void *
EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
{
	return ctx->data;
}

EVP_PKEY *
EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
{
	return ctx->pkey;
}

EVP_PKEY *
EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
{
	return ctx->peerkey;
}

void
EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
{
	ctx->app_data = data;
}

void *
EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
{
	return ctx->app_data;
}

void
EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
    int (*init)(EVP_PKEY_CTX *ctx))
{
	pmeth->init = init;
}

void
EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
    int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
{
	pmeth->copy = copy;
}

void
EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
    void (*cleanup)(EVP_PKEY_CTX *ctx))
{
	pmeth->cleanup = cleanup;
}

void
EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
    int (*paramgen_init)(EVP_PKEY_CTX *ctx),
    int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
	pmeth->paramgen_init = paramgen_init;
	pmeth->paramgen = paramgen;
}

void
EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
    int (*keygen_init)(EVP_PKEY_CTX *ctx),
    int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
{
	pmeth->keygen_init = keygen_init;
	pmeth->keygen = keygen;
}

void
EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
    int (*sign_init)(EVP_PKEY_CTX *ctx),
    int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
    const unsigned char *tbs, size_t tbslen))
{
	pmeth->sign_init = sign_init;
	pmeth->sign = sign;
}

void
EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
    int (*verify_init)(EVP_PKEY_CTX *ctx),
    int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
    const unsigned char *tbs, size_t tbslen))
{
	pmeth->verify_init = verify_init;
	pmeth->verify = verify;
}

void
EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
    int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
    int (*verify_recover)(EVP_PKEY_CTX *ctx,
    unsigned char *sig, size_t *siglen,
    const unsigned char *tbs, size_t tbslen))
{
	pmeth->verify_recover_init = verify_recover_init;
	pmeth->verify_recover = verify_recover;
}

void
EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
    int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
    int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
    EVP_MD_CTX *mctx))
{
	pmeth->signctx_init = signctx_init;
	pmeth->signctx = signctx;
}

void
EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
    int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
    int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
    EVP_MD_CTX *mctx))
{
	pmeth->verifyctx_init = verifyctx_init;
	pmeth->verifyctx = verifyctx;
}

void
EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
    int (*encrypt_init)(EVP_PKEY_CTX *ctx),
    int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
    const unsigned char *in, size_t inlen))
{
	pmeth->encrypt_init = encrypt_init;
	pmeth->encrypt = encryptfn;
}

void
EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
    int (*decrypt_init)(EVP_PKEY_CTX *ctx),
    int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
    const unsigned char *in, size_t inlen))
{
	pmeth->decrypt_init = decrypt_init;
	pmeth->decrypt = decrypt;
}

void
EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
    int (*derive_init)(EVP_PKEY_CTX *ctx),
    int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
{
	pmeth->derive_init = derive_init;
	pmeth->derive = derive;
}

void
EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
    int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
    int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
{
	pmeth->ctrl = ctrl;
	pmeth->ctrl_str = ctrl_str;
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: pmeth_lib.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2			/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3			* project 2006.
4			*/
5			/* ====================================================================
6			* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7			*
8			* Redistribution and use in source and binary forms, with or without
9			* modification, are permitted provided that the following conditions
10			* are met:
11			*
12			* 1. Redistributions of source code must retain the above copyright
13			* notice, this list of conditions and the following disclaimer.
14			*
15			* 2. Redistributions in binary form must reproduce the above copyright
16			* notice, this list of conditions and the following disclaimer in
17			* the documentation and/or other materials provided with the
18			* distribution.
19			*
20			* 3. All advertising materials mentioning features or use of this
21			* software must display the following acknowledgment:
22			* "This product includes software developed by the OpenSSL Project
23			* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24			*
25			* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26			* endorse or promote products derived from this software without
27			* prior written permission. For written permission, please contact
28			* licensing@OpenSSL.org.
29			*
30			* 5. Products derived from this software may not be called "OpenSSL"
31			* nor may "OpenSSL" appear in their names without prior written
32			* permission of the OpenSSL Project.
33			*
34			* 6. Redistributions of any form whatsoever must retain the following
35			* acknowledgment:
36			* "This product includes software developed by the OpenSSL Project
37			* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38			*
39			* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40			* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42			* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43			* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44			* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45			* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48			* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49			* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50			* OF THE POSSIBILITY OF SUCH DAMAGE.
51			* ====================================================================
52			*
53			* This product includes cryptographic software written by Eric Young
54			* (eay@cryptsoft.com). This product includes software written by Tim
55			* Hudson (tjh@cryptsoft.com).
56			*
57			*/
58
59			#include <stdio.h>
60			#include <stdlib.h>
61			#include <string.h>
62
63			#include <openssl/opensslconf.h>
64
65			#include <openssl/err.h>
66			#include <openssl/evp.h>
67			#include <openssl/objects.h>
68
69			#ifndef OPENSSL_NO_ENGINE
70			#include <openssl/engine.h>
71			#endif
72
73			#include "asn1_locl.h"
74			#include "evp_locl.h"
75
76			typedef int sk_cmp_fn_type(const char * const a, const char const *b);
77
78			DECLARE_STACK_OF(EVP_PKEY_METHOD)
79			STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
80
81			extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
82			extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
83			extern const EVP_PKEY_METHOD gostimit_pkey_meth, gostr01_pkey_meth;
84
85			static const EVP_PKEY_METHOD *standard_methods[] = {
86			#ifndef OPENSSL_NO_RSA
87			&rsa_pkey_meth,
88			#endif
89			#ifndef OPENSSL_NO_DH
90			&dh_pkey_meth,
91			#endif
92			#ifndef OPENSSL_NO_DSA
93			&dsa_pkey_meth,
94			#endif
95			#ifndef OPENSSL_NO_EC
96			&ec_pkey_meth,
97			#endif
98			#ifndef OPENSSL_NO_GOST
99			&gostr01_pkey_meth,
100			&gostimit_pkey_meth,
101			#endif
102			&hmac_pkey_meth,
103			&cmac_pkey_meth,
104			};
105
106			static int pmeth_cmp_BSEARCH_CMP_FN(const void , const void );
107			static int pmeth_cmp(const EVP_PKEY_METHOD * const , const EVP_PKEY_METHOD const *);
108			static const EVP_PKEY_METHOD * OBJ_bsearch_pmeth(const EVP_PKEY_METHOD key, const EVP_PKEY_METHOD const *base, int num);
109
110			static int
111			pmeth_cmp(const EVP_PKEY_METHOD * const a, const EVP_PKEY_METHOD const *b)
112			{
113		577810	return ((a)->pkey_id - (b)->pkey_id);
114			}
115
116
117			static int
118			pmeth_cmp_BSEARCH_CMP_FN(const void a_, const void b_)
119			{
120		577810	const EVP_PKEY_METHOD * const *a = a_;
121		288905	const EVP_PKEY_METHOD * const *b = b_;
122		288905	return pmeth_cmp(a, b);
123			}
124
125			static const EVP_PKEY_METHOD * *
126			OBJ_bsearch_pmeth(const EVP_PKEY_METHOD * key, const EVP_PKEY_METHOD const *base, int num)
127			{
128		284390	return (const EVP_PKEY_METHOD * )OBJ_bsearch_(key, base, num, sizeof(const EVP_PKEY_METHOD ),
129			pmeth_cmp_BSEARCH_CMP_FN);
130			}
131
132			const EVP_PKEY_METHOD *
133			EVP_PKEY_meth_find(int type)
134			{
135		284390	EVP_PKEY_METHOD tmp;
136		142195	const EVP_PKEY_METHOD t = &tmp, *ret;
137
138		142195	tmp.pkey_id = type;
139	✗✓	142195	if (app_pkey_methods) {
140			int idx;
141			idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
142			if (idx >= 0)
143			return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
144			}
145		142195	ret = OBJ_bsearch_pmeth(&t, standard_methods,
146			sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
147	✓✗✗✓	284390	if (!ret \|\| !*ret)
148			return NULL;
149		142195	return *ret;
150		142195	}
151
152			static EVP_PKEY_CTX *
153			int_ctx_new(EVP_PKEY pkey, ENGINE e, int id)
154			{
155			EVP_PKEY_CTX *ret;
156			const EVP_PKEY_METHOD *pmeth;
157
158	✓✓	282172	if (id == -1) {
159	✓✗✗✓	143820	if (!pkey \|\| !pkey->ameth)
160			return NULL;
161		71910	id = pkey->ameth->pkey_id;
162		71910	}
163			#ifndef OPENSSL_NO_ENGINE
164	✓✓✗✓	212996	if (pkey && pkey->engine)
165			e = pkey->engine;
166			/* Try to find an ENGINE which implements this method */
167	✗✓	141086	if (e) {
168			if (!ENGINE_init(e)) {
169			EVPerror(ERR_R_ENGINE_LIB);
170			return NULL;
171			}
172			} else
173		141086	e = ENGINE_get_pkey_meth_engine(id);
174
175			/* If an ENGINE handled this method look it up. Othewise
176			* use internal tables.
177			*/
178
179	✗✓	141086	if (e)
180			pmeth = ENGINE_get_pkey_meth(e, id);
181			else
182			#endif
183		141086	pmeth = EVP_PKEY_meth_find(id);
184
185	✗✓	141086	if (pmeth == NULL) {
186			EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
187			return NULL;
188			}
189
190		141086	ret = malloc(sizeof(EVP_PKEY_CTX));
191	✗✓	141086	if (!ret) {
192			#ifndef OPENSSL_NO_ENGINE
193			if (e)
194			ENGINE_finish(e);
195			#endif
196			EVPerror(ERR_R_MALLOC_FAILURE);
197			return NULL;
198			}
199		141086	ret->engine = e;
200		141086	ret->pmeth = pmeth;
201		141086	ret->operation = EVP_PKEY_OP_UNDEFINED;
202		141086	ret->pkey = pkey;
203		141086	ret->peerkey = NULL;
204		141086	ret->pkey_gencb = 0;
205	✓✓	141086	if (pkey)
206		71910	CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
207		141086	ret->data = NULL;
208
209	✓✗	141086	if (pmeth->init) {
210	✗✓	141086	if (pmeth->init(ret) <= 0) {
211			EVP_PKEY_CTX_free(ret);
212			return NULL;
213			}
214			}
215
216		141086	return ret;
217		141086	}
218
219			EVP_PKEY_METHOD*
220			EVP_PKEY_meth_new(int id, int flags)
221			{
222			EVP_PKEY_METHOD *pmeth;
223
224			pmeth = calloc(1, sizeof(EVP_PKEY_METHOD));
225			if (!pmeth)
226			return NULL;
227
228			pmeth->pkey_id = id;
229			pmeth->flags = flags \| EVP_PKEY_FLAG_DYNAMIC;
230
231			pmeth->init = 0;
232			pmeth->copy = 0;
233			pmeth->cleanup = 0;
234			pmeth->paramgen_init = 0;
235			pmeth->paramgen = 0;
236			pmeth->keygen_init = 0;
237			pmeth->keygen = 0;
238			pmeth->sign_init = 0;
239			pmeth->sign = 0;
240			pmeth->verify_init = 0;
241			pmeth->verify = 0;
242			pmeth->verify_recover_init = 0;
243			pmeth->verify_recover = 0;
244			pmeth->signctx_init = 0;
245			pmeth->signctx = 0;
246			pmeth->verifyctx_init = 0;
247			pmeth->verifyctx = 0;
248			pmeth->encrypt_init = 0;
249			pmeth->encrypt = 0;
250			pmeth->decrypt_init = 0;
251			pmeth->decrypt = 0;
252			pmeth->derive_init = 0;
253			pmeth->derive = 0;
254			pmeth->ctrl = 0;
255			pmeth->ctrl_str = 0;
256
257			return pmeth;
258			}
259
260			void
261			EVP_PKEY_meth_get0_info(int ppkey_id, int pflags, const EVP_PKEY_METHOD *meth)
262			{
263			if (ppkey_id)
264			*ppkey_id = meth->pkey_id;
265			if (pflags)
266			*pflags = meth->flags;
267			}
268
269			void
270			EVP_PKEY_meth_copy(EVP_PKEY_METHOD dst, const EVP_PKEY_METHOD src)
271			{
272			dst->init = src->init;
273			dst->copy = src->copy;
274			dst->cleanup = src->cleanup;
275
276			dst->paramgen_init = src->paramgen_init;
277			dst->paramgen = src->paramgen;
278
279			dst->keygen_init = src->keygen_init;
280			dst->keygen = src->keygen;
281
282			dst->sign_init = src->sign_init;
283			dst->sign = src->sign;
284
285			dst->verify_init = src->verify_init;
286			dst->verify = src->verify;
287
288			dst->verify_recover_init = src->verify_recover_init;
289			dst->verify_recover = src->verify_recover;
290
291			dst->signctx_init = src->signctx_init;
292			dst->signctx = src->signctx;
293
294			dst->verifyctx_init = src->verifyctx_init;
295			dst->verifyctx = src->verifyctx;
296
297			dst->encrypt_init = src->encrypt_init;
298			dst->encrypt = src->encrypt;
299
300			dst->decrypt_init = src->decrypt_init;
301			dst->decrypt = src->decrypt;
302
303			dst->derive_init = src->derive_init;
304			dst->derive = src->derive;
305
306			dst->ctrl = src->ctrl;
307			dst->ctrl_str = src->ctrl_str;
308			}
309
310			void
311			EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
312			{
313			if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
314			free(pmeth);
315			}
316
317			EVP_PKEY_CTX *
318			EVP_PKEY_CTX_new(EVP_PKEY pkey, ENGINE e)
319			{
320		143820	return int_ctx_new(pkey, e, -1);
321			}
322
323			EVP_PKEY_CTX *
324			EVP_PKEY_CTX_new_id(int id, ENGINE *e)
325			{
326		138352	return int_ctx_new(NULL, e, id);
327			}
328
329			EVP_PKEY_CTX *
330			EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
331			{
332			EVP_PKEY_CTX *rctx;
333
334	✓✗✗✓	562194	if (!pctx->pmeth \|\| !pctx->pmeth->copy)
335			return NULL;
336			#ifndef OPENSSL_NO_ENGINE
337			/* Make sure it's safe to copy a pkey context using an ENGINE */
338	✗✓✗✗	187398	if (pctx->engine && !ENGINE_init(pctx->engine)) {
339			EVPerror(ERR_R_ENGINE_LIB);
340			return 0;
341			}
342			#endif
343		187398	rctx = malloc(sizeof(EVP_PKEY_CTX));
344	✗✓	187398	if (!rctx)
345			return NULL;
346
347		187398	rctx->pmeth = pctx->pmeth;
348			#ifndef OPENSSL_NO_ENGINE
349		187398	rctx->engine = pctx->engine;
350			#endif
351
352	✓✗	187398	if (pctx->pkey)
353		187398	CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
354
355		187398	rctx->pkey = pctx->pkey;
356
357	✗✓	187398	if (pctx->peerkey)
358			CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
359
360		187398	rctx->peerkey = pctx->peerkey;
361
362		187398	rctx->data = NULL;
363		187398	rctx->app_data = NULL;
364		187398	rctx->operation = pctx->operation;
365
366	✓✗	187398	if (pctx->pmeth->copy(rctx, pctx) > 0)
367		187398	return rctx;
368
369			EVP_PKEY_CTX_free(rctx);
370			return NULL;
371		187398	}
372
373			int
374			EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
375			{
376			if (app_pkey_methods == NULL) {
377			app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
378			if (!app_pkey_methods)
379			return 0;
380			}
381			if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
382			return 0;
383			sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
384			return 1;
385			}
386
387			void
388			EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
389			{
390	✓✓	9652290	if (ctx == NULL)
391			return;
392	✓✗✓✗	656968	if (ctx->pmeth && ctx->pmeth->cleanup)
393		328484	ctx->pmeth->cleanup(ctx);
394		328484	EVP_PKEY_free(ctx->pkey);
395		328484	EVP_PKEY_free(ctx->peerkey);
396			#ifndef OPENSSL_NO_ENGINE
397	✗✓	328484	if (ctx->engine)
398			/* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
399			* functional reference we held for this reason. */
400			ENGINE_finish(ctx->engine);
401			#endif
402		328484	free(ctx);
403		5154629	}
404
405			int
406			EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
407			int p1, void *p2)
408			{
409			int ret;
410
411	✓✗✓✗ ✗✓	1774672	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->ctrl) {
412			EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
413			return -2;
414			}
415	✓✓✗✓	443726	if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
416			return -1;
417
418	✗✓	443668	if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
419			EVPerror(EVP_R_NO_OPERATION_SET);
420			return -1;
421			}
422
423	✓✓✗✓	887300	if ((optype != -1) && !(ctx->operation & optype)) {
424			EVPerror(EVP_R_INVALID_OPERATION);
425			return -1;
426			}
427
428		443668	ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
429
430	✓✓	443668	if (ret == -2)
431		52	EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
432
433		443668	return ret;
434
435		443668	}
436
437			int
438			EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX ctx, const char name, const char *value)
439			{
440	✓✗✓✗ ✗✓	248	if (!ctx \|\| !ctx->pmeth \|\| !ctx->pmeth->ctrl_str) {
441			EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
442			return -2;
443			}
444	✗✓	62	if (!strcmp(name, "digest")) {
445			const EVP_MD *md;
446			if (!value \|\| !(md = EVP_get_digestbyname(value))) {
447			EVPerror(EVP_R_INVALID_DIGEST);
448			return 0;
449			}
450			return EVP_PKEY_CTX_set_signature_md(ctx, md);
451			}
452		62	return ctx->pmeth->ctrl_str(ctx, name, value);
453		62	}
454
455			int
456			EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
457			{
458			return ctx->operation;
459			}
460
461			void
462			EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX ctx, int dat, int datlen)
463			{
464			ctx->keygen_info = dat;
465			ctx->keygen_info_count = datlen;
466			}
467
468			void
469			EVP_PKEY_CTX_set_data(EVP_PKEY_CTX ctx, void data)
470			{
471		144	ctx->data = data;
472		72	}
473
474			void *
475			EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
476			{
477		432	return ctx->data;
478			}
479
480			EVP_PKEY *
481			EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
482			{
483		124	return ctx->pkey;
484			}
485
486			EVP_PKEY *
487			EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
488			{
489			return ctx->peerkey;
490			}
491
492			void
493			EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX ctx, void data)
494			{
495		56	ctx->app_data = data;
496		28	}
497
498			void *
499			EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
500			{
501		24540	return ctx->app_data;
502			}
503
504			void
505			EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
506			int (init)(EVP_PKEY_CTX ctx))
507			{
508			pmeth->init = init;
509			}
510
511			void
512			EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
513			int (copy)(EVP_PKEY_CTX dst, EVP_PKEY_CTX *src))
514			{
515			pmeth->copy = copy;
516			}
517
518			void
519			EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
520			void (cleanup)(EVP_PKEY_CTX ctx))
521			{
522			pmeth->cleanup = cleanup;
523			}
524
525			void
526			EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
527			int (paramgen_init)(EVP_PKEY_CTX ctx),
528			int (paramgen)(EVP_PKEY_CTX ctx, EVP_PKEY *pkey))
529			{
530			pmeth->paramgen_init = paramgen_init;
531			pmeth->paramgen = paramgen;
532			}
533
534			void
535			EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
536			int (keygen_init)(EVP_PKEY_CTX ctx),
537			int (keygen)(EVP_PKEY_CTX ctx, EVP_PKEY *pkey))
538			{
539			pmeth->keygen_init = keygen_init;
540			pmeth->keygen = keygen;
541			}
542
543			void
544			EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
545			int (sign_init)(EVP_PKEY_CTX ctx),
546			int (sign)(EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen,
547			const unsigned char *tbs, size_t tbslen))
548			{
549			pmeth->sign_init = sign_init;
550			pmeth->sign = sign;
551			}
552
553			void
554			EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
555			int (verify_init)(EVP_PKEY_CTX ctx),
556			int (verify)(EVP_PKEY_CTX ctx, const unsigned char *sig, size_t siglen,
557			const unsigned char *tbs, size_t tbslen))
558			{
559			pmeth->verify_init = verify_init;
560			pmeth->verify = verify;
561			}
562
563			void
564			EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
565			int (verify_recover_init)(EVP_PKEY_CTX ctx),
566			int (verify_recover)(EVP_PKEY_CTX ctx,
567			unsigned char sig, size_t siglen,
568			const unsigned char *tbs, size_t tbslen))
569			{
570			pmeth->verify_recover_init = verify_recover_init;
571			pmeth->verify_recover = verify_recover;
572			}
573
574			void
575			EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
576			int (signctx_init)(EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx),
577			int (signctx)(EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen,
578			EVP_MD_CTX *mctx))
579			{
580			pmeth->signctx_init = signctx_init;
581			pmeth->signctx = signctx;
582			}
583
584			void
585			EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
586			int (verifyctx_init)(EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx),
587			int (verifyctx)(EVP_PKEY_CTX ctx, const unsigned char *sig, int siglen,
588			EVP_MD_CTX *mctx))
589			{
590			pmeth->verifyctx_init = verifyctx_init;
591			pmeth->verifyctx = verifyctx;
592			}
593
594			void
595			EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
596			int (encrypt_init)(EVP_PKEY_CTX ctx),
597			int (encryptfn)(EVP_PKEY_CTX ctx, unsigned char out, size_t outlen,
598			const unsigned char *in, size_t inlen))
599			{
600			pmeth->encrypt_init = encrypt_init;
601			pmeth->encrypt = encryptfn;
602			}
603
604			void
605			EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
606			int (decrypt_init)(EVP_PKEY_CTX ctx),
607			int (decrypt)(EVP_PKEY_CTX ctx, unsigned char out, size_t outlen,
608			const unsigned char *in, size_t inlen))
609			{
610			pmeth->decrypt_init = decrypt_init;
611			pmeth->decrypt = decrypt;
612			}
613
614			void
615			EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
616			int (derive_init)(EVP_PKEY_CTX ctx),
617			int (derive)(EVP_PKEY_CTX ctx, unsigned char key, size_t keylen))
618			{
619			pmeth->derive_init = derive_init;
620			pmeth->derive = derive;
621			}
622
623			void
624			EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
625			int (ctrl)(EVP_PKEY_CTX ctx, int type, int p1, void *p2),
626			int (ctrl_str)(EVP_PKEY_CTX ctx, const char type, const char value))
627			{
628			pmeth->ctrl = ctrl;
629			pmeth->ctrl_str = ctrl_str;
630			}