[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Fri Apr 6 09:13:44 UTC 2018
The branch master has been updated
via e65c959f1fd5469ba96fceb68ce8b7c8d52edb39 (commit)
via a6f5b1163452a36da1c8378eab3f29ae234e5c7f (commit)
from bbf27cd58337116c57a1c942153330ff83d5540a (commit)
- Log -----------------------------------------------------------------
commit e65c959f1fd5469ba96fceb68ce8b7c8d52edb39
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 5 13:03:37 2018 +0100
Add a note and better error if using Ed25519/Ed448 in dgst
Fixes #5873
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)
commit a6f5b1163452a36da1c8378eab3f29ae234e5c7f
Author: Matt Caswell <matt at openssl.org>
Date: Thu Apr 5 12:33:34 2018 +0100
Support EVP_PKEY_sign() and EVP_PKEY_verify() for EdDSA
Adding support for these operations for the EdDSA implementations
makes pkeyutl usable for signing/verifying for these algorithms.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5880)
-----------------------------------------------------------------------
Summary of changes:
apps/dgst.c | 11 +++++++
crypto/ec/ec_err.c | 2 ++
crypto/ec/ecx_meth.c | 79 ++++++++++++++++++++++++++++++++++++-------------
crypto/err/openssl.txt | 2 ++
doc/man1/dgst.pod | 4 ++-
include/openssl/ecerr.h | 2 ++
6 files changed, 79 insertions(+), 21 deletions(-)
diff --git a/apps/dgst.c b/apps/dgst.c
index 4bf20f3..d158a0c 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -235,6 +235,8 @@ int dgst_main(int argc, char **argv)
}
if (keyfile != NULL) {
+ int type;
+
if (want_pub)
sigkey = load_pubkey(keyfile, keyform, 0, NULL, e, "key file");
else
@@ -245,6 +247,15 @@ int dgst_main(int argc, char **argv)
*/
goto end;
}
+ type = EVP_PKEY_id(sigkey);
+ if (type == EVP_PKEY_ED25519 || type == EVP_PKEY_ED448) {
+ /*
+ * We implement PureEdDSA for these which doesn't have a separate
+ * digest, and only supports one shot.
+ */
+ BIO_printf(bio_err, "Key type not supported for this operation\n");
+ goto end;
+ }
}
if (mac_name != NULL) {
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index 475f4e1..fba986d 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -249,6 +249,8 @@ static const ERR_STRING_DATA EC_str_functs[] = {
"pkey_ecd_digestsign25519"},
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECD_DIGESTSIGN448, 0),
"pkey_ecd_digestsign448"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECD_SIGN25519, 0), "pkey_ecd_sign25519"},
+ {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECD_SIGN448, 0), "pkey_ecd_sign448"},
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECX_DERIVE, 0), "pkey_ecx_derive"},
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL, 0), "pkey_ec_ctrl"},
{ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL_STR, 0), "pkey_ec_ctrl_str"},
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index 4de8876..501daec 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -675,18 +675,18 @@ const EVP_PKEY_METHOD ecx448_pkey_meth = {
0
};
-static int pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbslen)
+static int pkey_ecd_sign25519(EVP_PKEY_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen)
{
- const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx;
+ const ECX_KEY *edkey = ctx->pkey->pkey.ecx;
if (sig == NULL) {
*siglen = ED25519_SIGSIZE;
return 1;
}
if (*siglen < ED25519_SIGSIZE) {
- ECerr(EC_F_PKEY_ECD_DIGESTSIGN25519, EC_R_BUFFER_TOO_SMALL);
+ ECerr(EC_F_PKEY_ECD_SIGN25519, EC_R_BUFFER_TOO_SMALL);
return 0;
}
@@ -696,18 +696,26 @@ static int pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, unsigned char *sig,
return 1;
}
-static int pkey_ecd_digestsign448(EVP_MD_CTX *ctx, unsigned char *sig,
- size_t *siglen, const unsigned char *tbs,
- size_t tbslen)
+static int pkey_ecd_digestsign25519(EVP_MD_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen)
+{
+ return pkey_ecd_sign25519(EVP_MD_CTX_pkey_ctx(ctx), sig, siglen, tbs,
+ tbslen);
+}
+
+static int pkey_ecd_sign448(EVP_PKEY_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen)
{
- const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx;
+ const ECX_KEY *edkey = ctx->pkey->pkey.ecx;
if (sig == NULL) {
*siglen = ED448_SIGSIZE;
return 1;
}
if (*siglen < ED448_SIGSIZE) {
- ECerr(EC_F_PKEY_ECD_DIGESTSIGN448, EC_R_BUFFER_TOO_SMALL);
+ ECerr(EC_F_PKEY_ECD_SIGN448, EC_R_BUFFER_TOO_SMALL);
return 0;
}
@@ -718,11 +726,18 @@ static int pkey_ecd_digestsign448(EVP_MD_CTX *ctx, unsigned char *sig,
return 1;
}
-static int pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen)
+static int pkey_ecd_digestsign448(EVP_MD_CTX *ctx, unsigned char *sig,
+ size_t *siglen, const unsigned char *tbs,
+ size_t tbslen)
+{
+ return pkey_ecd_sign448(EVP_MD_CTX_pkey_ctx(ctx), sig, siglen, tbs, tbslen);
+}
+
+static int pkey_ecd_verify25519(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen)
{
- const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx;
+ const ECX_KEY *edkey = ctx->pkey->pkey.ecx;
if (siglen != ED25519_SIGSIZE)
return 0;
@@ -730,11 +745,19 @@ static int pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, const unsigned char *sig,
return ED25519_verify(tbs, tbslen, sig, edkey->pubkey);
}
-static int pkey_ecd_digestverify448(EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen)
+static int pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen)
+{
+ return pkey_ecd_verify25519(EVP_MD_CTX_pkey_ctx(ctx), sig, siglen, tbs,
+ tbslen);
+}
+
+static int pkey_ecd_verify448(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen)
{
- const ECX_KEY *edkey = EVP_MD_CTX_pkey_ctx(ctx)->pkey->pkey.ecx;
+ const ECX_KEY *edkey = ctx->pkey->pkey.ecx;
if (siglen != ED448_SIGSIZE)
return 0;
@@ -742,6 +765,14 @@ static int pkey_ecd_digestverify448(EVP_MD_CTX *ctx, const unsigned char *sig,
return ED448_verify(tbs, tbslen, sig, edkey->pubkey, NULL, 0);
}
+static int pkey_ecd_digestverify448(EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen)
+{
+ return pkey_ecd_verify448(EVP_MD_CTX_pkey_ctx(ctx), sig, siglen, tbs,
+ tbslen);
+}
+
static int pkey_ecd_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
switch (type) {
@@ -762,7 +793,11 @@ const EVP_PKEY_METHOD ed25519_pkey_meth = {
EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM,
0, 0, 0, 0, 0, 0,
pkey_ecx_keygen,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0,
+ pkey_ecd_sign25519,
+ 0,
+ pkey_ecd_verify25519,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
pkey_ecd_ctrl,
0,
pkey_ecd_digestsign25519,
@@ -773,7 +808,11 @@ const EVP_PKEY_METHOD ed448_pkey_meth = {
EVP_PKEY_ED448, EVP_PKEY_FLAG_SIGCTX_CUSTOM,
0, 0, 0, 0, 0, 0,
pkey_ecx_keygen,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0,
+ pkey_ecd_sign448,
+ 0,
+ pkey_ecd_verify448,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
pkey_ecd_ctrl,
0,
pkey_ecd_digestsign448,
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index b238cd7..e134585 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -634,6 +634,8 @@ EC_F_PKEY_ECD_CTRL:271:pkey_ecd_ctrl
EC_F_PKEY_ECD_DIGESTSIGN:272:pkey_ecd_digestsign
EC_F_PKEY_ECD_DIGESTSIGN25519:276:pkey_ecd_digestsign25519
EC_F_PKEY_ECD_DIGESTSIGN448:277:pkey_ecd_digestsign448
+EC_F_PKEY_ECD_SIGN25519:284:pkey_ecd_sign25519
+EC_F_PKEY_ECD_SIGN448:285:pkey_ecd_sign448
EC_F_PKEY_ECX_DERIVE:269:pkey_ecx_derive
EC_F_PKEY_EC_CTRL:197:pkey_ec_ctrl
EC_F_PKEY_EC_CTRL_STR:198:pkey_ec_ctrl_str
diff --git a/doc/man1/dgst.pod b/doc/man1/dgst.pod
index 5cad243..3d546f0 100644
--- a/doc/man1/dgst.pod
+++ b/doc/man1/dgst.pod
@@ -86,7 +86,9 @@ Filename to output to, or standard output by default.
=item B<-sign filename>
-Digitally sign the digest using the private key in "filename".
+Digitally sign the digest using the private key in "filename". Note this option
+does not support Ed25519 or Ed448 private keys. Use the B<pkeyutl> command
+instead for this.
=item B<-keyform arg>
diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h
index 2bd4ee9..202088d 100644
--- a/include/openssl/ecerr.h
+++ b/include/openssl/ecerr.h
@@ -172,6 +172,8 @@ int ERR_load_EC_strings(void);
# define EC_F_PKEY_ECD_DIGESTSIGN 272
# define EC_F_PKEY_ECD_DIGESTSIGN25519 276
# define EC_F_PKEY_ECD_DIGESTSIGN448 277
+# define EC_F_PKEY_ECD_SIGN25519 284
+# define EC_F_PKEY_ECD_SIGN448 285
# define EC_F_PKEY_ECX_DERIVE 269
# define EC_F_PKEY_EC_CTRL 197
# define EC_F_PKEY_EC_CTRL_STR 198
More information about the openssl-commits
mailing list