From 4b0555ec9d322abec2ddf769387e1228dc9a440b Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 23 Feb 2016 15:02:34 +0000 Subject: [PATCH] Add no signing flag. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Add a flag to EC_METHOD for curves which do not support signing. New function EC_KEY_can_sign() returns 1 is key can be used for signing. Return an explicit error is an attempt is made to sign with no signing curves. Reviewed-by: Rich Salz Reviewed-by: Emilia Käsper --- crypto/ec/ec_25519.c | 2 +- crypto/ec/ec_key.c | 8 ++++++++ crypto/ec/ec_lcl.h | 3 +++ crypto/ec/ecdsa_ossl.c | 15 +++++++++++++++ include/openssl/ec.h | 6 ++++++ 5 files changed, 33 insertions(+), 1 deletion(-) diff --git a/crypto/ec/ec_25519.c b/crypto/ec/ec_25519.c index 539a8e1af7..3e6609ad9c 100644 --- a/crypto/ec/ec_25519.c +++ b/crypto/ec/ec_25519.c @@ -326,7 +326,7 @@ static int x25519_compute_key(void *out, size_t outlen, const EC_METHOD *ec_x25519_meth(void) { static const EC_METHOD ret = { - EC_FLAGS_CUSTOM_CURVE, + EC_FLAGS_CUSTOM_CURVE | EC_FLAGS_NO_SIGN, NID_undef, x25519_group_init, /* group_init */ 0, /* group_finish */ diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index f09edbbc05..e59d2c6d6a 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -631,3 +631,11 @@ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf) *pbuf = buf; return len; } + +int EC_KEY_can_sign(const EC_KEY *eckey) +{ + if (eckey->group == NULL || eckey->group->meth == NULL + || (eckey->group->meth->flags & EC_FLAGS_NO_SIGN)) + return 0; + return 1; +} diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h index efdfabe1e1..42cf07961e 100644 --- a/crypto/ec/ec_lcl.h +++ b/crypto/ec/ec_lcl.h @@ -86,6 +86,9 @@ /* Use custom formats for EC_GROUP, EC_POINT and EC_KEY */ #define EC_FLAGS_CUSTOM_CURVE 0x2 +/* Curve does not support signing operations */ +#define EC_FLAGS_NO_SIGN 0x4 + /* * Structure details are not part of the exported interface, so all this may * change in future versions. diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index 3e755fbafa..113bcdfa20 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -95,6 +95,11 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, return 0; } + if (!EC_KEY_can_sign(eckey)) { + ECerr(EC_F_ECDSA_SIGN_SETUP, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); + return 0; + } + if (ctx_in == NULL) { if ((ctx = BN_CTX_new()) == NULL) { ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); @@ -254,6 +259,11 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, return NULL; } + if (!EC_KEY_can_sign(eckey)) { + ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); + return NULL; + } + ret = ECDSA_SIG_new(); if (ret == NULL) { ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); @@ -391,6 +401,11 @@ int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, return -1; } + if (!EC_KEY_can_sign(eckey)) { + ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING); + return -1; + } + ctx = BN_CTX_new(); if (ctx == NULL) { ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_MALLOC_FAILURE); diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 8530c569a4..ccd410f772 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -901,6 +901,12 @@ int EC_KEY_generate_key(EC_KEY *key); */ int EC_KEY_check_key(const EC_KEY *key); +/** Indicates if an EC_KEY can be used for signing. + * \param key the EC_KEY object + * \return 1 if can can sign and 0 otherwise. + */ +int EC_KEY_can_sign(const EC_KEY *eckey); + /** Sets a public key from affine coordindates performing * necessary NIST PKV tests. * \param key the EC_KEY object -- 2.40.0