diff options
author | Matt Caswell <matt@openssl.org> | 2021-07-20 09:58:53 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-07-22 13:52:46 +0200 |
commit | 5dc6489bb6026b679eb6cbe696e4227da9c7032e (patch) | |
tree | a567173607b9708303fbf01061e52c33800006df /crypto/ec | |
parent | 981a5b7ce3bcdf4748162073c3dbd096c82d3c69 (diff) |
Update our EVP_PKEY_METHODs to get low level keys via public APIs
It is possible to call built-in EVP_PKEY_METHOD functions with a provided
key. For example this might occur if a custom EVP_PKEY_METHOD is in use
that wraps a built-in EVP_PKEY_METHOD. Therefore our EVP_PKEY_METHOD
functions should not assume that we are using a legacy key. Instead we
get the low level key using EVP_PKEY_get0_RSA() or other similar functions.
This "does the right thing" if the key is actually provided.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16118)
Diffstat (limited to 'crypto/ec')
-rw-r--r-- | crypto/ec/ec_pmeth.c | 30 | ||||
-rw-r--r-- | crypto/ec/ecx_meth.c | 20 |
2 files changed, 35 insertions, 15 deletions
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index ce658e14ca..19e2f0d0c0 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -109,7 +109,12 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, int ret, type; unsigned int sltmp; EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; + /* + * Discard const. Its marked as const because this may be a cached copy of + * the "real" key. These calls don't make any modifications that need to + * be reflected back in the "original" key. + */ + EC_KEY *ec = (EC_KEY *)EVP_PKEY_get0_EC_KEY(ctx->pkey); const int sig_sz = ECDSA_size(ec); /* ensure cast to size_t is safe */ @@ -142,7 +147,12 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx, { int ret, type; EC_PKEY_CTX *dctx = ctx->data; - EC_KEY *ec = ctx->pkey->pkey.ec; + /* + * Discard const. Its marked as const because this may be a cached copy of + * the "real" key. These calls don't make any modifications that need to + * be reflected back in the "original" key. + */ + EC_KEY *ec = (EC_KEY *)EVP_PKEY_get0_EC_KEY(ctx->pkey); if (dctx->md) type = EVP_MD_get_type(dctx->md); @@ -174,7 +184,8 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) return 0; } - eckey = dctx->co_key ? dctx->co_key : ctx->pkey->pkey.ec; + eckey = dctx->co_key ? dctx->co_key + : (EC_KEY *)EVP_PKEY_get0_EC_KEY(ctx->pkey); if (!key) { const EC_GROUP *group; @@ -266,14 +277,23 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) if (dctx->cofactor_mode != -1) return dctx->cofactor_mode; else { - EC_KEY *ec_key = ctx->pkey->pkey.ec; + const EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(ctx->pkey); return EC_KEY_get_flags(ec_key) & EC_FLAG_COFACTOR_ECDH ? 1 : 0; } } else if (p1 < -1 || p1 > 1) return -2; dctx->cofactor_mode = p1; if (p1 != -1) { - EC_KEY *ec_key = ctx->pkey->pkey.ec; + EC_KEY *ec_key = (EC_KEY *)EVP_PKEY_get0_EC_KEY(ctx->pkey); + + /* + * We discarded the "const" above. This will only work if the key is + * a "real" legacy key, and not a cached copy of a provided key + */ + if (evp_pkey_is_provided(ctx->pkey)) { + ERR_raise(ERR_LIB_EC, ERR_R_UNSUPPORTED); + return 0; + } if (!ec_key->group) return -2; /* If cofactor is 1 cofactor mode does nothing */ diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index c4bbb0a535..9098decf2f 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -732,8 +732,8 @@ static int validate_ecx_derive(EVP_PKEY_CTX *ctx, unsigned char *key, ERR_raise(ERR_LIB_EC, EC_R_KEYS_NOT_SET); return 0; } - ecxkey = ctx->pkey->pkey.ecx; - peerkey = EVP_PKEY_get0(ctx->peerkey); + ecxkey = evp_pkey_get_legacy(ctx->pkey); + peerkey = evp_pkey_get_legacy(ctx->peerkey); if (ecxkey == NULL || ecxkey->privkey == NULL) { ERR_raise(ERR_LIB_EC, EC_R_INVALID_PRIVATE_KEY); return 0; @@ -806,7 +806,7 @@ static int pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); if (sig == NULL) { *siglen = ED25519_SIGSIZE; @@ -828,7 +828,7 @@ static int pkey_ecd_digestsign448(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); if (sig == NULL) { *siglen = ED448_SIGSIZE; @@ -850,7 +850,7 @@ static int pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); if (siglen != ED25519_SIGSIZE) return 0; @@ -863,7 +863,7 @@ static int pkey_ecd_digestverify448(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); if (siglen != ED448_SIGSIZE) return 0; @@ -1177,7 +1177,7 @@ static int s390x_pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, } ed25519; unsigned long long buff[512]; } param; - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); int rc; if (sig == NULL) { @@ -1217,7 +1217,7 @@ static int s390x_pkey_ecd_digestsign448(EVP_MD_CTX *ctx, } ed448; unsigned long long buff[512]; } param; - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); int rc; if (sig == NULL) { @@ -1260,7 +1260,7 @@ static int s390x_pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, } ed25519; unsigned long long buff[512]; } param; - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); if (siglen != ED25519_SIGSIZE) return 0; @@ -1287,7 +1287,7 @@ static int s390x_pkey_ecd_digestverify448(EVP_MD_CTX *ctx, } ed448; unsigned long long buff[512]; } param; - const ECX_KEY *edkey = EVP_MD_CTX_get_pkey_ctx(ctx)->pkey->pkey.ecx; + const ECX_KEY *edkey = evp_pkey_get_legacy(EVP_MD_CTX_get_pkey_ctx(ctx)->pkey); if (siglen != ED448_SIGSIZE) return 0; |