[openssl] master update
tomas at openssl.org
tomas at openssl.org
Fri Nov 12 15:40:26 UTC 2021
The branch master has been updated
via 3641f04fb06e9679a67da113bab65e5f1bb5e9ba (commit)
via 8cbfc4f67b4e97d423ab4784dbbb54d454c6342a (commit)
via 3ffd23e9529d725903bc97fd45489a77b831876f (commit)
via 816f72d08834ee35ba2615f624b4a29f2717d1c7 (commit)
via ae6b68b761b9c5f30897747487ea943ccfab53ba (commit)
from 680827a15f12c3b37a6335fcb992555cf300730e (commit)
- Log -----------------------------------------------------------------
commit 3641f04fb06e9679a67da113bab65e5f1bb5e9ba
Author: Tomas Mraz <tomas at openssl.org>
Date: Fri Nov 5 14:14:45 2021 +0100
doc: Document outcome of multiple digestsign/digestverify calls
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)
commit 8cbfc4f67b4e97d423ab4784dbbb54d454c6342a
Author: Tomas Mraz <tomas at openssl.org>
Date: Fri Nov 5 14:04:25 2021 +0100
evp_extra_test: Add SIPHASH MAC digestsign test with reinitialization
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)
commit 3ffd23e9529d725903bc97fd45489a77b831876f
Author: Tomas Mraz <tomas at openssl.org>
Date: Thu Nov 4 15:38:51 2021 +0100
providers: Allow possible reinitialization in all signature algorithms
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)
commit 816f72d08834ee35ba2615f624b4a29f2717d1c7
Author: Tomas Mraz <tomas at openssl.org>
Date: Thu Nov 4 15:35:40 2021 +0100
test: Add testing of reinitialization via EVP_DigestSignInit()
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)
commit ae6b68b761b9c5f30897747487ea943ccfab53ba
Author: Tomas Mraz <tomas at openssl.org>
Date: Thu Nov 4 11:06:26 2021 +0100
do_sigver_init: Allow reinitialization of an existing operation.
Fixes #16936
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16964)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/m_sigver.c | 38 ++++++++---
doc/man3/EVP_DigestSignInit.pod | 7 ++-
doc/man3/EVP_DigestVerifyInit.pod | 9 +--
providers/implementations/signature/dsa_sig.c | 40 +++++++-----
providers/implementations/signature/ecdsa_sig.c | 36 +++++++----
providers/implementations/signature/eddsa_sig.c | 9 +++
.../implementations/signature/mac_legacy_sig.c | 18 ++++--
providers/implementations/signature/rsa_sig.c | 31 +++++----
providers/implementations/signature/sm2_sig.c | 33 +++++++---
test/evp_extra_test.c | 73 +++++++++++++++++++++-
10 files changed, 223 insertions(+), 71 deletions(-)
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 80570973dd..9188edbc21 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -49,7 +49,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *supported_sig = NULL;
char locmdname[80] = ""; /* 80 chars should be enough */
void *provkey = NULL;
- int ret, iter;
+ int ret, iter, reinit = 1;
if (ctx->algctx != NULL) {
if (!ossl_assert(ctx->digest != NULL)) {
@@ -62,6 +62,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
}
if (ctx->pctx == NULL) {
+ reinit = 0;
if (e == NULL)
ctx->pctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, props);
else
@@ -71,22 +72,37 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
return 0;
locpctx = ctx->pctx;
- evp_pkey_ctx_free_old_ops(locpctx);
-
- if (props == NULL)
- props = locpctx->propquery;
-
ERR_set_mark();
if (evp_pkey_ctx_is_legacy(locpctx))
goto legacy;
+ /* do not reinitialize if pkey is set or operation is different */
+ if (reinit
+ && (pkey != NULL
+ || locpctx->operation != (ver ? EVP_PKEY_OP_VERIFYCTX
+ : EVP_PKEY_OP_SIGNCTX)
+ || (signature = locpctx->op.sig.signature) == NULL
+ || locpctx->op.sig.algctx == NULL))
+ reinit = 0;
+
+ if (props == NULL)
+ props = locpctx->propquery;
+
if (locpctx->pkey == NULL) {
ERR_clear_last_mark();
ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
goto err;
}
+ if (!reinit) {
+ evp_pkey_ctx_free_old_ops(locpctx);
+ } else {
+ if (mdname == NULL && type == NULL)
+ mdname = canon_mdname(EVP_MD_get0_name(ctx->reqdigest));
+ goto reinitialize;
+ }
+
/*
* Try to derive the supported signature from |locpctx->keymgmt|.
*/
@@ -183,9 +199,6 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
/* No more legacy from here down to legacy: */
- if (pctx != NULL)
- *pctx = locpctx;
-
locpctx->op.sig.signature = signature;
locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX
: EVP_PKEY_OP_SIGNCTX;
@@ -195,12 +208,17 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
goto err;
}
+
+ reinitialize:
+ if (pctx != NULL)
+ *pctx = locpctx;
+
if (type != NULL) {
ctx->reqdigest = type;
if (mdname == NULL)
mdname = canon_mdname(EVP_MD_get0_name(type));
} else {
- if (mdname == NULL) {
+ if (mdname == NULL && !reinit) {
if (evp_keymgmt_util_get_deflt_digest_name(tmp_keymgmt, provkey,
locmdname,
sizeof(locmdname)) > 0) {
diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod
index c8385949fb..228e9d1c5f 100644
--- a/doc/man3/EVP_DigestSignInit.pod
+++ b/doc/man3/EVP_DigestSignInit.pod
@@ -167,9 +167,10 @@ The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_DigestSignUpdate() and
EVP_DigestSignFinal() can be called later to digest and sign additional data.
-Since only a copy of the digest context is ever finalized, the context must
-be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak
-will occur.
+EVP_DigestSignInit() and EVP_DigestSignInit_ex() functions can be called
+multiple times on a context and the parameters set by previous calls should be
+preserved if the I<pkey> parameter is NULL. The call then just resets the state
+of the I<ctx>.
The use of EVP_PKEY_get_size() with these functions is discouraged because some
signature operations may have a signature length which depends on the
diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod
index 9a02f12e37..398146b5b8 100644
--- a/doc/man3/EVP_DigestVerifyInit.pod
+++ b/doc/man3/EVP_DigestVerifyInit.pod
@@ -57,7 +57,7 @@ EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by
EVP_DigestVerifyInit_ex then it will use the B<OSSL_LIB_CTX> specified
in I<libctx> and the property query string specified in I<props>.
-No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the
+No B<EVP_PKEY_CTX> will be created by EVP_DigestVerifyInit_ex() if the
passed B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
@@ -156,9 +156,10 @@ The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
be called later to digest and verify additional data.
-Since only a copy of the digest context is ever finalized, the context must
-be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak
-will occur.
+EVP_DigestVerifyInit() and EVP_DigestVerifyInit_ex() functions can be called
+multiple times on a context and the parameters set by previous calls should be
+preserved if the I<pkey> parameter is NULL. The call then just resets the state
+of the I<ctx>.
=head1 SEE ALSO
diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c
index 2acab0b481..28fd7c498e 100644
--- a/providers/implementations/signature/dsa_sig.c
+++ b/providers/implementations/signature/dsa_sig.c
@@ -189,22 +189,31 @@ static int dsa_signverify_init(void *vpdsactx, void *vdsa,
PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
if (!ossl_prov_is_running()
- || pdsactx == NULL
- || vdsa == NULL
- || !DSA_up_ref(vdsa))
+ || pdsactx == NULL)
return 0;
- DSA_free(pdsactx->dsa);
- pdsactx->dsa = vdsa;
+
+ if (vdsa == NULL && pdsactx->dsa == NULL) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
+ return 0;
+ }
+
+ if (vdsa != NULL) {
+ if (!ossl_dsa_check_key(pdsactx->libctx, vdsa,
+ operation == EVP_PKEY_OP_SIGN)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ if (!DSA_up_ref(vdsa))
+ return 0;
+ DSA_free(pdsactx->dsa);
+ pdsactx->dsa = vdsa;
+ }
+
pdsactx->operation = operation;
if (!dsa_set_ctx_params(pdsactx, params))
return 0;
- if (!ossl_dsa_check_key(pdsactx->libctx, vdsa,
- operation == EVP_PKEY_OP_SIGN)) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
return 1;
}
@@ -278,9 +287,12 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
return 0;
pdsactx->flag_allow_md = 0;
- pdsactx->mdctx = EVP_MD_CTX_new();
- if (pdsactx->mdctx == NULL)
- goto error;
+
+ if (pdsactx->mdctx == NULL) {
+ pdsactx->mdctx = EVP_MD_CTX_new();
+ if (pdsactx->mdctx == NULL)
+ goto error;
+ }
if (!EVP_DigestInit_ex2(pdsactx->mdctx, pdsactx->md, params))
goto error;
@@ -289,9 +301,7 @@ static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
error:
EVP_MD_CTX_free(pdsactx->mdctx);
- EVP_MD_free(pdsactx->md);
pdsactx->mdctx = NULL;
- pdsactx->md = NULL;
return 0;
}
diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c
index 64be0657c3..865d49d100 100644
--- a/providers/implementations/signature/ecdsa_sig.c
+++ b/providers/implementations/signature/ecdsa_sig.c
@@ -131,16 +131,29 @@ static int ecdsa_signverify_init(void *vctx, void *ec,
PROV_ECDSA_CTX *ctx = (PROV_ECDSA_CTX *)vctx;
if (!ossl_prov_is_running()
- || ctx == NULL
- || ec == NULL
- || !EC_KEY_up_ref(ec))
+ || ctx == NULL)
return 0;
- EC_KEY_free(ctx->ec);
- ctx->ec = ec;
+
+ if (ec == NULL && ctx->ec == NULL) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
+ return 0;
+ }
+
+ if (ec != NULL) {
+ if (!ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN))
+ return 0;
+ if (!EC_KEY_up_ref(ec))
+ return 0;
+ EC_KEY_free(ctx->ec);
+ ctx->ec = ec;
+ }
+
ctx->operation = operation;
+
if (!ecdsa_set_ctx_params(ctx, params))
return 0;
- return ossl_ec_check_key(ctx->libctx, ec, operation == EVP_PKEY_OP_SIGN);
+
+ return 1;
}
static int ecdsa_sign_init(void *vctx, void *ec, const OSSL_PARAM params[])
@@ -279,18 +292,19 @@ static int ecdsa_digest_signverify_init(void *vctx, const char *mdname,
return 0;
ctx->flag_allow_md = 0;
- ctx->mdctx = EVP_MD_CTX_new();
- if (ctx->mdctx == NULL)
- goto error;
+
+ if (ctx->mdctx == NULL) {
+ ctx->mdctx = EVP_MD_CTX_new();
+ if (ctx->mdctx == NULL)
+ goto error;
+ }
if (!EVP_DigestInit_ex2(ctx->mdctx, ctx->md, params))
goto error;
return 1;
error:
EVP_MD_CTX_free(ctx->mdctx);
- EVP_MD_free(ctx->md);
ctx->mdctx = NULL;
- ctx->md = NULL;
return 0;
}
diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c
index 148c143cc0..eb1a769128 100644
--- a/providers/implementations/signature/eddsa_sig.c
+++ b/providers/implementations/signature/eddsa_sig.c
@@ -100,6 +100,14 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname,
return 0;
}
+ if (edkey == NULL) {
+ if (peddsactx->key != NULL)
+ /* there is nothing to do on reinit */
+ return 1;
+ ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
+ return 0;
+ }
+
if (!ossl_ecx_key_up_ref(edkey)) {
ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
return 0;
@@ -124,6 +132,7 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname,
default:
/* Should never happen */
ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
+ ossl_ecx_key_free(edkey);
return 0;
}
if (ret && WPACKET_finish(&pkt)) {
diff --git a/providers/implementations/signature/mac_legacy_sig.c b/providers/implementations/signature/mac_legacy_sig.c
index 06f79505ff..6be605c8c6 100644
--- a/providers/implementations/signature/mac_legacy_sig.c
+++ b/providers/implementations/signature/mac_legacy_sig.c
@@ -16,6 +16,7 @@
#include <openssl/core_names.h>
#include <openssl/params.h>
#include <openssl/err.h>
+#include <openssl/proverr.h>
#ifndef FIPS_MODULE
# include <openssl/engine.h>
#endif
@@ -101,13 +102,20 @@ static int mac_digest_sign_init(void *vpmacctx, const char *mdname, void *vkey,
const char *ciphername = NULL, *engine = NULL;
if (!ossl_prov_is_running()
- || pmacctx == NULL
- || vkey == NULL
- || !ossl_mac_key_up_ref(vkey))
+ || pmacctx == NULL)
return 0;
- ossl_mac_key_free(pmacctx->key);
- pmacctx->key = vkey;
+ if (pmacctx->key == NULL && vkey == NULL) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
+ return 0;
+ }
+
+ if (vkey != NULL) {
+ if (!ossl_mac_key_up_ref(vkey))
+ return 0;
+ ossl_mac_key_free(pmacctx->key);
+ pmacctx->key = vkey;
+ }
if (pmacctx->key->cipher.cipher != NULL)
ciphername = (char *)EVP_CIPHER_get0_name(pmacctx->key->cipher.cipher);
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c
index 2ebf17a609..f2d5d36928 100644
--- a/providers/implementations/signature/rsa_sig.c
+++ b/providers/implementations/signature/rsa_sig.c
@@ -386,19 +386,24 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa,
{
PROV_RSA_CTX *prsactx = (PROV_RSA_CTX *)vprsactx;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || prsactx == NULL)
return 0;
- if (prsactx == NULL || vrsa == NULL)
+ if (vrsa == NULL && prsactx->rsa == NULL) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
return 0;
+ }
- if (!ossl_rsa_check_key(prsactx->libctx, vrsa, operation))
- return 0;
+ if (vrsa != NULL) {
+ if (!ossl_rsa_check_key(prsactx->libctx, vrsa, operation))
+ return 0;
+
+ if (!RSA_up_ref(vrsa))
+ return 0;
+ RSA_free(prsactx->rsa);
+ prsactx->rsa = vrsa;
+ }
- if (!RSA_up_ref(vrsa))
- return 0;
- RSA_free(prsactx->rsa);
- prsactx->rsa = vrsa;
prsactx->operation = operation;
if (!rsa_set_ctx_params(prsactx, params))
@@ -842,6 +847,7 @@ static int rsa_digest_signverify_init(void *vprsactx, const char *mdname,
if (!rsa_signverify_init(vprsactx, vrsa, params, operation))
return 0;
+
if (mdname != NULL
/* was rsa_setup_md already called in rsa_signverify_init()? */
&& (mdname[0] == '\0' || strcasecmp(prsactx->mdname, mdname) != 0)
@@ -849,10 +855,11 @@ static int rsa_digest_signverify_init(void *vprsactx, const char *mdname,
return 0;
prsactx->flag_allow_md = 0;
- prsactx->mdctx = EVP_MD_CTX_new();
+
if (prsactx->mdctx == NULL) {
- ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
- goto error;
+ prsactx->mdctx = EVP_MD_CTX_new();
+ if (prsactx->mdctx == NULL)
+ goto error;
}
if (!EVP_DigestInit_ex2(prsactx->mdctx, prsactx->md, params))
@@ -862,9 +869,7 @@ static int rsa_digest_signverify_init(void *vprsactx, const char *mdname,
error:
EVP_MD_CTX_free(prsactx->mdctx);
- EVP_MD_free(prsactx->md);
prsactx->mdctx = NULL;
- prsactx->md = NULL;
return 0;
}
diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c
index 10a9496904..3c700ac887 100644
--- a/providers/implementations/signature/sm2_sig.c
+++ b/providers/implementations/signature/sm2_sig.c
@@ -27,6 +27,7 @@
#include "internal/cryptlib.h"
#include "internal/sm3.h"
#include "prov/implementations.h"
+#include "prov/providercommon.h"
#include "prov/provider_ctx.h"
#include "crypto/ec.h"
#include "crypto/sm2.h"
@@ -97,6 +98,9 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname)
if (psm2ctx->md == NULL)
return 0;
+ if (mdname == NULL)
+ return 1;
+
if (strlen(mdname) >= sizeof(psm2ctx->mdname)
|| !EVP_MD_is_a(psm2ctx->md, mdname)) {
ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST, "digest=%s",
@@ -131,10 +135,22 @@ static int sm2sig_signature_init(void *vpsm2ctx, void *ec,
{
PROV_SM2_CTX *psm2ctx = (PROV_SM2_CTX *)vpsm2ctx;
- if (psm2ctx == NULL || ec == NULL || !EC_KEY_up_ref(ec))
+ if (!ossl_prov_is_running()
+ || psm2ctx == NULL)
+ return 0;
+
+ if (ec == NULL && psm2ctx->ec == NULL) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
return 0;
- EC_KEY_free(psm2ctx->ec);
- psm2ctx->ec = ec;
+ }
+
+ if (ec != NULL) {
+ if (!EC_KEY_up_ref(ec))
+ return 0;
+ EC_KEY_free(psm2ctx->ec);
+ psm2ctx->ec = ec;
+ }
+
return sm2sig_set_ctx_params(psm2ctx, params);
}
@@ -197,10 +213,11 @@ static int sm2sig_digest_signverify_init(void *vpsm2ctx, const char *mdname,
|| !sm2sig_set_mdname(ctx, mdname))
return ret;
- EVP_MD_CTX_free(ctx->mdctx);
- ctx->mdctx = EVP_MD_CTX_new();
- if (ctx->mdctx == NULL)
- goto error;
+ if (ctx->mdctx == NULL) {
+ ctx->mdctx = EVP_MD_CTX_new();
+ if (ctx->mdctx == NULL)
+ goto error;
+ }
md_nid = EVP_MD_get_type(ctx->md);
@@ -228,8 +245,6 @@ static int sm2sig_digest_signverify_init(void *vpsm2ctx, const char *mdname,
ret = 1;
error:
- if (!ret)
- free_md(ctx);
return ret;
}
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index df97f448ab..8ac8a4299d 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1143,6 +1143,7 @@ err:
* Test 12: Use EVP_DigestSign (Implicit fetch digest, RSA)
* Test 13: Use EVP_DigestSign (Implicit fetch digest, DSA)
* Test 14: Use EVP_DigestSign (Implicit fetch digest, HMAC)
+ * Test 15-29: Same as above with reinitialization
*/
static int test_EVP_DigestSignInit(int tst)
{
@@ -1156,10 +1157,16 @@ static int test_EVP_DigestSignInit(int tst)
size_t written;
const EVP_MD *md;
EVP_MD *mdexp = NULL;
+ int reinit = 0;
if (nullprov != NULL)
return TEST_skip("Test does not support a non-default library context");
+ if (tst >= 15) {
+ reinit = 1;
+ tst -= 15;
+ }
+
if (tst >= 6 && tst <= 8) {
membio = BIO_new(BIO_s_mem());
mdbio = BIO_new(BIO_f_md());
@@ -1198,6 +1205,9 @@ static int test_EVP_DigestSignInit(int tst)
if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
goto out;
+ if (reinit && !TEST_true(EVP_DigestSignInit(md_ctx, NULL, NULL, NULL, NULL)))
+ goto out;
+
if (tst >= 6 && tst <= 8) {
if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
goto out;
@@ -1316,6 +1326,13 @@ static int test_EVP_DigestVerifyInit(void)
|| !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
sizeof(kSignature))))
goto out;
+
+ /* test with reinitialization */
+ if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, NULL, NULL, NULL))
+ || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
+ || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
+ sizeof(kSignature))))
+ goto out;
ret = 1;
out:
@@ -1324,6 +1341,57 @@ static int test_EVP_DigestVerifyInit(void)
return ret;
}
+#ifndef OPENSSL_NO_SIPHASH
+/* test SIPHASH MAC via EVP_PKEY with non-default parameters and reinit */
+static int test_siphash_digestsign(void)
+{
+ unsigned char key[16];
+ unsigned char buf[8], digest[8];
+ unsigned char expected[8] = {
+ 0x6d, 0x3e, 0x54, 0xc2, 0x2f, 0xf1, 0xfe, 0xe2
+ };
+ EVP_PKEY *pkey = NULL;
+ EVP_MD_CTX *mdctx = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
+ int ret = 0;
+ size_t len = 8;
+
+ if (nullprov != NULL)
+ return TEST_skip("Test does not support a non-default library context");
+
+ memset(buf, 0, 8);
+ memset(key, 1, 16);
+ if (!TEST_ptr(pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_SIPHASH, NULL,
+ key, 16)))
+ goto out;
+
+ if (!TEST_ptr(mdctx = EVP_MD_CTX_create()))
+ goto out;
+
+ if (!TEST_true(EVP_DigestSignInit(mdctx, &ctx, NULL, NULL, pkey)))
+ goto out;
+ if (!TEST_int_eq(EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_SIGNCTX,
+ EVP_PKEY_CTRL_SET_DIGEST_SIZE,
+ 8, NULL), 1))
+ goto out;
+ /* reinitialize */
+ if (!TEST_true(EVP_DigestSignInit(mdctx, NULL, NULL, NULL, NULL)))
+ goto out;
+ if (!TEST_true(EVP_DigestSignUpdate(mdctx, buf, 8)))
+ goto out;
+ if (!TEST_true(EVP_DigestSignFinal(mdctx, digest, &len)))
+ goto out;
+ if (!TEST_mem_eq(digest, len, expected, sizeof(expected)))
+ goto out;
+
+ ret = 1;
+ out:
+ EVP_PKEY_free(pkey);
+ EVP_MD_CTX_free(mdctx);
+ return ret;
+}
+#endif
+
/*
* Test corner cases of EVP_DigestInit/Update/Final API call behavior.
*/
@@ -4175,8 +4243,11 @@ int setup_tests(void)
}
ADD_TEST(test_EVP_set_default_properties);
- ADD_ALL_TESTS(test_EVP_DigestSignInit, 15);
+ ADD_ALL_TESTS(test_EVP_DigestSignInit, 30);
ADD_TEST(test_EVP_DigestVerifyInit);
+#ifndef OPENSSL_NO_SIPHASH
+ ADD_TEST(test_siphash_digestsign);
+#endif
ADD_TEST(test_EVP_Digest);
ADD_ALL_TESTS(test_EVP_PKEY_sign, 3);
ADD_ALL_TESTS(test_EVP_Enveloped, 2);
More information about the openssl-commits
mailing list