diff options
| author | Matt Caswell <matt@openssl.org> | 2020-03-05 15:40:48 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-03-09 07:59:05 +0000 |
| commit | eea1e780a1c2c6952af7b9e00129f5aaefb7207e (patch) | |
| tree | 378a61a302214743bdd6ee95efd028d21a3e1846 /crypto/evp/signature.c | |
| parent | af6d8dd30ff48046f5af7d84095f30356c33264a (diff) | |
Add provider awareness of EVP_DigestSign() and EVP_DigestVerify()
These "one-shot" functions are the only ones supported by Ed25519 and
Ed448, so we need to ensure that libcrypto can handle provider
based implementations of these functions.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11261)
Diffstat (limited to 'crypto/evp/signature.c')
| -rw-r--r-- | crypto/evp/signature.c | 32 |
1 files changed, 26 insertions, 6 deletions
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c index 3dfd4041e7..c01f076609 100644 --- a/crypto/evp/signature.c +++ b/crypto/evp/signature.c @@ -105,7 +105,6 @@ static void *evp_signature_from_dispatch(int name_id, break; signature->digest_sign_init = OSSL_get_OP_signature_digest_sign_init(fns); - digsignfncnt++; break; case OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE: if (signature->digest_sign_update != NULL) @@ -121,12 +120,17 @@ static void *evp_signature_from_dispatch(int name_id, = OSSL_get_OP_signature_digest_sign_final(fns); digsignfncnt++; break; + case OSSL_FUNC_SIGNATURE_DIGEST_SIGN: + if (signature->digest_sign != NULL) + break; + signature->digest_sign + = OSSL_get_OP_signature_digest_sign(fns); + break; case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT: if (signature->digest_verify_init != NULL) break; signature->digest_verify_init = OSSL_get_OP_signature_digest_verify_init(fns); - digverifyfncnt++; break; case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE: if (signature->digest_verify_update != NULL) @@ -142,6 +146,12 @@ static void *evp_signature_from_dispatch(int name_id, = OSSL_get_OP_signature_digest_verify_final(fns); digverifyfncnt++; break; + case OSSL_FUNC_SIGNATURE_DIGEST_VERIFY: + if (signature->digest_verify != NULL) + break; + signature->digest_verify + = OSSL_get_OP_signature_digest_verify(fns); + break; case OSSL_FUNC_SIGNATURE_FREECTX: if (signature->freectx != NULL) break; @@ -216,12 +226,20 @@ static void *evp_signature_from_dispatch(int name_id, && verifyfncnt == 0 && verifyrecfncnt == 0 && digsignfncnt == 0 - && digverifyfncnt == 0) + && digverifyfncnt == 0 + && signature->digest_sign == NULL + && signature->digest_verify == NULL) || (signfncnt != 0 && signfncnt != 2) || (verifyfncnt != 0 && verifyfncnt != 2) || (verifyrecfncnt != 0 && verifyrecfncnt != 2) - || (digsignfncnt != 0 && digsignfncnt != 3) - || (digverifyfncnt != 0 && digverifyfncnt != 3) + || (digsignfncnt != 0 && digsignfncnt != 2) + || (digsignfncnt == 2 && signature->digest_sign_init == NULL) + || (digverifyfncnt != 0 && digverifyfncnt != 2) + || (digverifyfncnt == 2 && signature->digest_verify_init == NULL) + || (signature->digest_sign != NULL + && signature->digest_sign_init == NULL) + || (signature->digest_verify != NULL + && signature->digest_verify_init == NULL) || (gparamfncnt != 0 && gparamfncnt != 2) || (sparamfncnt != 0 && sparamfncnt != 2) || (gmdparamfncnt != 0 && gmdparamfncnt != 2) @@ -234,7 +252,9 @@ static void *evp_signature_from_dispatch(int name_id, * (verify_init verify) or * (verify_recover_init, verify_recover) or * (digest_sign_init, digest_sign_update, digest_sign_final) or - * (digest_verify_init, digest_verify_update, digest_verify_final). + * (digest_verify_init, digest_verify_update, digest_verify_final) or + * (digest_sign_init, digest_sign) or + * (digest_verify_init, digest_verify). * * set_ctx_params and settable_ctx_params are optional, but if one of * them is present then the other one must also be present. The same |