VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/pkix-signature-builtin.cpp@ 100442

Last change on this file since 100442 was 100442, checked in by vboxsync, 17 months ago

IPRT,OpenSSL: Support ECDSA for verficiation purposes when IPRT links with OpenSSL. This required quite a bit of cleanups, so not entirely no-risk. bugref:10479 ticketref:21621

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 5.2 KB
Line 
1/* $Id: pkix-signature-builtin.cpp 100442 2023-07-08 11:10:51Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - Public Key Signature Schemas, Built-in providers.
4 */
5
6/*
7 * Copyright (C) 2006-2023 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * The contents of this file may alternatively be used under the terms
26 * of the Common Development and Distribution License Version 1.0
27 * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
28 * in the VirtualBox distribution, in which case the provisions of the
29 * CDDL are applicable instead of those of the GPL.
30 *
31 * You may elect to license modified versions of this file under the
32 * terms and conditions of either the GPL or the CDDL or both.
33 *
34 * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
35 */
36
37
38/*********************************************************************************************************************************
39* Header Files *
40*********************************************************************************************************************************/
41#include "internal/iprt.h"
42#include <iprt/crypto/pkix.h>
43
44#include <iprt/errcore.h>
45#include <iprt/string.h>
46
47#ifdef IPRT_WITH_OPENSSL
48# include "internal/iprt-openssl.h"
49# include "internal/openssl-pre.h"
50# include <openssl/evp.h>
51# include "internal/openssl-post.h"
52#endif
53
54#include "pkix-signature-builtin.h"
55
56
57/*********************************************************************************************************************************
58* Global Variables *
59*********************************************************************************************************************************/
60/**
61 * Array of built in message digest vtables.
62 */
63static PCRTCRPKIXSIGNATUREDESC const g_apPkixSignatureDescriptors[] =
64{
65 &g_rtCrPkixSigningHashWithRsaDesc,
66#ifdef IPRT_WITH_OPENSSL
67 &g_rtCrPkixSigningHashWithEcdsaDesc,
68#endif
69};
70
71
72
73PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjIdString(const char *pszObjId, void **ppvOpaque)
74{
75 if (ppvOpaque)
76 *ppvOpaque = NULL;
77
78 /*
79 * Primary OIDs.
80 */
81 uint32_t i = RT_ELEMENTS(g_apPkixSignatureDescriptors);
82 while (i-- > 0)
83 if (strcmp(g_apPkixSignatureDescriptors[i]->pszObjId, pszObjId) == 0)
84 return g_apPkixSignatureDescriptors[i];
85
86 /*
87 * Alias OIDs.
88 */
89 i = RT_ELEMENTS(g_apPkixSignatureDescriptors);
90 while (i-- > 0)
91 {
92 const char * const *ppszAliases = g_apPkixSignatureDescriptors[i]->papszObjIdAliases;
93 if (ppszAliases)
94 for (; *ppszAliases; ppszAliases++)
95 if (strcmp(*ppszAliases, pszObjId) == 0)
96 return g_apPkixSignatureDescriptors[i];
97 }
98
99#if 0//def IPRT_WITH_OPENSSL
100 /*
101 * Try EVP and see if it knows the algorithm.
102 */
103 if (ppvOpaque)
104 {
105 rtCrOpenSslInit();
106 int iAlgoNid = OBJ_txt2nid(pszObjId);
107 if (iAlgoNid != NID_undef)
108 {
109 const char *pszAlogSn = OBJ_nid2sn(iAlgoNid);
110 const EVP_MD *pEvpMdType = EVP_get_digestbyname(pszAlogSn);
111 if (pEvpMdType)
112 {
113 /*
114 * Return the OpenSSL provider descriptor and the EVP_MD address.
115 */
116 Assert(pEvpMdType->md_size);
117 *ppvOpaque = (void *)pEvpMdType;
118 return &g_rtCrPkixSignatureOpenSslDesc;
119 }
120 }
121 }
122#endif
123 return NULL;
124}
125
126
127PCRTCRPKIXSIGNATUREDESC RTCrPkixSignatureFindByObjId(PCRTASN1OBJID pObjId, void **ppvOpaque)
128{
129 return RTCrPkixSignatureFindByObjIdString(pObjId->szObjId, ppvOpaque);
130}
131
132
133RTDECL(int) RTCrPkixSignatureCreateByObjIdString(PRTCRPKIXSIGNATURE phSignature, const char *pszObjId,
134 RTCRKEY hKey, PCRTASN1DYNTYPE pParams, bool fSigning)
135{
136 void *pvOpaque;
137 PCRTCRPKIXSIGNATUREDESC pDesc = RTCrPkixSignatureFindByObjIdString(pszObjId, &pvOpaque);
138 if (pDesc)
139 return RTCrPkixSignatureCreate(phSignature, pDesc, pvOpaque, fSigning, hKey, pParams);
140 return VERR_NOT_FOUND;
141}
142
143
144RTDECL(int) RTCrPkixSignatureCreateByObjId(PRTCRPKIXSIGNATURE phSignature, PCRTASN1OBJID pObjId,
145 RTCRKEY hKey, PCRTASN1DYNTYPE pParams, bool fSigning)
146{
147 void *pvOpaque;
148 PCRTCRPKIXSIGNATUREDESC pDesc = RTCrPkixSignatureFindByObjId(pObjId, &pvOpaque);
149 if (pDesc)
150 return RTCrPkixSignatureCreate(phSignature, pDesc, pvOpaque, fSigning, hKey, pParams);
151 return VERR_NOT_FOUND;
152}
153
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette