dsa_asn1.c 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217
  1. /*
  2. * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include "dsa_local.h"
  12. #include <openssl/asn1.h>
  13. #include <openssl/asn1t.h>
  14. #include <openssl/rand.h>
  15. #include "crypto/asn1_dsa.h"
  16. DSA_SIG *DSA_SIG_new(void)
  17. {
  18. DSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig));
  19. if (sig == NULL)
  20. DSAerr(DSA_F_DSA_SIG_NEW, ERR_R_MALLOC_FAILURE);
  21. return sig;
  22. }
  23. void DSA_SIG_free(DSA_SIG *sig)
  24. {
  25. if (sig == NULL)
  26. return;
  27. BN_clear_free(sig->r);
  28. BN_clear_free(sig->s);
  29. OPENSSL_free(sig);
  30. }
  31. DSA_SIG *d2i_DSA_SIG(DSA_SIG **psig, const unsigned char **ppin, long len)
  32. {
  33. DSA_SIG *sig;
  34. if (len < 0)
  35. return NULL;
  36. if (psig != NULL && *psig != NULL) {
  37. sig = *psig;
  38. } else {
  39. sig = DSA_SIG_new();
  40. if (sig == NULL)
  41. return NULL;
  42. }
  43. if (sig->r == NULL)
  44. sig->r = BN_new();
  45. if (sig->s == NULL)
  46. sig->s = BN_new();
  47. if (decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
  48. if (psig == NULL || *psig == NULL)
  49. DSA_SIG_free(sig);
  50. return NULL;
  51. }
  52. if (psig != NULL && *psig == NULL)
  53. *psig = sig;
  54. return sig;
  55. }
  56. int i2d_DSA_SIG(const DSA_SIG *sig, unsigned char **ppout)
  57. {
  58. BUF_MEM *buf = NULL;
  59. size_t encoded_len;
  60. WPACKET pkt;
  61. if (ppout == NULL) {
  62. if (!WPACKET_init_null(&pkt, 0))
  63. return -1;
  64. } else if (*ppout == NULL) {
  65. if ((buf = BUF_MEM_new()) == NULL
  66. || !WPACKET_init_len(&pkt, buf, 0)) {
  67. BUF_MEM_free(buf);
  68. return -1;
  69. }
  70. } else {
  71. if (!WPACKET_init_static_len(&pkt, *ppout, SIZE_MAX, 0))
  72. return -1;
  73. }
  74. if (!encode_der_dsa_sig(&pkt, sig->r, sig->s)
  75. || !WPACKET_get_total_written(&pkt, &encoded_len)
  76. || !WPACKET_finish(&pkt)) {
  77. BUF_MEM_free(buf);
  78. WPACKET_cleanup(&pkt);
  79. return -1;
  80. }
  81. if (ppout != NULL) {
  82. if (*ppout == NULL) {
  83. *ppout = (unsigned char *)buf->data;
  84. buf->data = NULL;
  85. BUF_MEM_free(buf);
  86. } else {
  87. *ppout += encoded_len;
  88. }
  89. }
  90. return (int)encoded_len;
  91. }
  92. void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
  93. {
  94. if (pr != NULL)
  95. *pr = sig->r;
  96. if (ps != NULL)
  97. *ps = sig->s;
  98. }
  99. int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
  100. {
  101. if (r == NULL || s == NULL)
  102. return 0;
  103. BN_clear_free(sig->r);
  104. BN_clear_free(sig->s);
  105. sig->r = r;
  106. sig->s = s;
  107. return 1;
  108. }
  109. /* Override the default free and new methods */
  110. static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
  111. void *exarg)
  112. {
  113. if (operation == ASN1_OP_NEW_PRE) {
  114. *pval = (ASN1_VALUE *)DSA_new();
  115. if (*pval != NULL)
  116. return 2;
  117. return 0;
  118. } else if (operation == ASN1_OP_FREE_PRE) {
  119. DSA_free((DSA *)*pval);
  120. *pval = NULL;
  121. return 2;
  122. }
  123. return 1;
  124. }
  125. ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
  126. ASN1_EMBED(DSA, version, INT32),
  127. ASN1_SIMPLE(DSA, p, BIGNUM),
  128. ASN1_SIMPLE(DSA, q, BIGNUM),
  129. ASN1_SIMPLE(DSA, g, BIGNUM),
  130. ASN1_SIMPLE(DSA, pub_key, BIGNUM),
  131. ASN1_SIMPLE(DSA, priv_key, CBIGNUM)
  132. } static_ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
  133. IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPrivateKey, DSAPrivateKey)
  134. ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
  135. ASN1_SIMPLE(DSA, p, BIGNUM),
  136. ASN1_SIMPLE(DSA, q, BIGNUM),
  137. ASN1_SIMPLE(DSA, g, BIGNUM),
  138. } static_ASN1_SEQUENCE_END_cb(DSA, DSAparams)
  139. IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAparams, DSAparams)
  140. ASN1_SEQUENCE_cb(DSAPublicKey, dsa_cb) = {
  141. ASN1_SIMPLE(DSA, pub_key, BIGNUM),
  142. ASN1_SIMPLE(DSA, p, BIGNUM),
  143. ASN1_SIMPLE(DSA, q, BIGNUM),
  144. ASN1_SIMPLE(DSA, g, BIGNUM)
  145. } static_ASN1_SEQUENCE_END_cb(DSA, DSAPublicKey)
  146. IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DSA, DSAPublicKey, DSAPublicKey)
  147. DSA *DSAparams_dup(const DSA *dsa)
  148. {
  149. return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
  150. }
  151. int DSA_sign(int type, const unsigned char *dgst, int dlen,
  152. unsigned char *sig, unsigned int *siglen, DSA *dsa)
  153. {
  154. DSA_SIG *s;
  155. s = DSA_do_sign(dgst, dlen, dsa);
  156. if (s == NULL) {
  157. *siglen = 0;
  158. return 0;
  159. }
  160. *siglen = i2d_DSA_SIG(s, &sig);
  161. DSA_SIG_free(s);
  162. return 1;
  163. }
  164. /* data has already been hashed (probably with SHA or SHA-1). */
  165. /*-
  166. * returns
  167. * 1: correct signature
  168. * 0: incorrect signature
  169. * -1: error
  170. */
  171. int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
  172. const unsigned char *sigbuf, int siglen, DSA *dsa)
  173. {
  174. DSA_SIG *s;
  175. const unsigned char *p = sigbuf;
  176. unsigned char *der = NULL;
  177. int derlen = -1;
  178. int ret = -1;
  179. s = DSA_SIG_new();
  180. if (s == NULL)
  181. return ret;
  182. if (d2i_DSA_SIG(&s, &p, siglen) == NULL)
  183. goto err;
  184. /* Ensure signature uses DER and doesn't have trailing garbage */
  185. derlen = i2d_DSA_SIG(s, &der);
  186. if (derlen != siglen || memcmp(sigbuf, der, derlen))
  187. goto err;
  188. ret = DSA_do_verify(dgst, dgst_len, s, dsa);
  189. err:
  190. OPENSSL_clear_free(der, derlen);
  191. DSA_SIG_free(s);
  192. return ret;
  193. }