Strona główna Odkrywaj Pomoc
Zaloguj się
OWEALs
/
openssl
kopia lustrzana git://git.openssl.org/openssl.git
2
0
Forkuj 0
Pliki Problemy 1 Wiki
Drzewo: 6594baf645
Gałęzie Tagi
openssl
/
crypto
/
dsa
/
dsa_pmeth.c

dsa_pmeth.c 8.0 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307 
  1. /*
    2. 

  2.  * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. /*
    11. 

  11.  * DSA low level APIs are deprecated for public use, but still ok for
    12. 

  12.  * internal use.
    13. 

  13.  */
    14. 

  14. #include "internal/deprecated.h"
    15. 

  15. 

  16. #include <stdio.h>
    17. 

  17. #include "internal/cryptlib.h"
    18. 

  18. #include <openssl/asn1t.h>
    19. 

  19. #include <openssl/x509.h>
    20. 

  20. #include <openssl/evp.h>
    21. 

  21. #include <openssl/bn.h>
    22. 

  22. #include "crypto/evp.h"
    23. 

  23. #include "dsa_local.h"
    24. 

  24. 

  25. /* DSA pkey context structure */
    26. 

  26. 

  27. typedef struct {
    28. 

  28.     /* Parameter gen parameters */
    29. 

  29.     int nbits;                  /* size of p in bits (default: 2048) */
    30. 

  30.     int qbits;                  /* size of q in bits (default: 224) */
    31. 

  31.     const EVP_MD *pmd;          /* MD for parameter generation */
    32. 

  32.     /* Keygen callback info */
    33. 

  33.     int gentmp[2];
    34. 

  34.     /* message digest */
    35. 

  35.     const EVP_MD *md;           /* MD for the signature */
    36. 

  36. } DSA_PKEY_CTX;
    37. 

  37. 

  38. static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
    39. 

  39. {
    40. 

  40.     DSA_PKEY_CTX *dctx = OPENSSL_malloc(sizeof(*dctx));
    41. 

  41. 

  42.     if (dctx == NULL)
    43. 

  43.         return 0;
    44. 

  44.     dctx->nbits = 2048;
    45. 

  45.     dctx->qbits = 224;
    46. 

  46.     dctx->pmd = NULL;
    47. 

  47.     dctx->md = NULL;
    48. 

  48. 

  49.     ctx->data = dctx;
    50. 

  50.     ctx->keygen_info = dctx->gentmp;
    51. 

  51.     ctx->keygen_info_count = 2;
    52. 

  52. 

  53.     return 1;
    54. 

  54. }
    55. 

  55. 

  56. static int pkey_dsa_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
    57. 

  57. {
    58. 

  58.     DSA_PKEY_CTX *dctx, *sctx;
    59. 

  59. 

  60.     if (!pkey_dsa_init(dst))
    61. 

  61.         return 0;
    62. 

  62.     sctx = src->data;
    63. 

  63.     dctx = dst->data;
    64. 

  64.     dctx->nbits = sctx->nbits;
    65. 

  65.     dctx->qbits = sctx->qbits;
    66. 

  66.     dctx->pmd = sctx->pmd;
    67. 

  67.     dctx->md = sctx->md;
    68. 

  68.     return 1;
    69. 

  69. }
    70. 

  70. 

  71. static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
    72. 

  72. {
    73. 

  73.     DSA_PKEY_CTX *dctx = ctx->data;
    74. 

  74.     OPENSSL_free(dctx);
    75. 

  75. }
    76. 

  76. 

  77. static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
    78. 

  78.                          size_t *siglen, const unsigned char *tbs,
    79. 

  79.                          size_t tbslen)
    80. 

  80. {
    81. 

  81.     int ret, md_size;
    82. 

  82.     unsigned int sltmp;
    83. 

  83.     DSA_PKEY_CTX *dctx = ctx->data;
    84. 

  84.     /*
    85. 

  85.      * Discard const. Its marked as const because this may be a cached copy of
    86. 

  86.      * the "real" key. These calls don't make any modifications that need to
    87. 

  87.      * be reflected back in the "original" key.
    88. 

  88.      */
    89. 

  89.     DSA *dsa = (DSA *)EVP_PKEY_get0_DSA(ctx->pkey);
    90. 

  90. 

  91.     if (dctx->md != NULL) {
    92. 

  92.         md_size = EVP_MD_get_size(dctx->md);
    93. 

  93.         if (md_size <= 0)
    94. 

  94.             return 0;
    95. 

  95.         if (tbslen != (size_t)md_size)
    96. 

  96.             return 0;
    97. 

  97.     }
    98. 

  98. 

  99.     ret = DSA_sign(0, tbs, tbslen, sig, &sltmp, dsa);
    100. 

  100. 

  101.     if (ret <= 0)
    102. 

  102.         return ret;
    103. 

  103.     *siglen = sltmp;
    104. 

  104.     return 1;
    105. 

  105. }
    106. 

  106. 

  107. static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
    108. 

  108.                            const unsigned char *sig, size_t siglen,
    109. 

  109.                            const unsigned char *tbs, size_t tbslen)
    110. 

  110. {
    111. 

  111.     int ret, md_size;
    112. 

  112.     DSA_PKEY_CTX *dctx = ctx->data;
    113. 

  113.     /*
    114. 

  114.      * Discard const. Its marked as const because this may be a cached copy of
    115. 

  115.      * the "real" key. These calls don't make any modifications that need to
    116. 

  116.      * be reflected back in the "original" key.
    117. 

  117.      */
    118. 

  118.     DSA *dsa = (DSA *)EVP_PKEY_get0_DSA(ctx->pkey);
    119. 

  119. 

  120.     if (dctx->md != NULL) {
    121. 

  121.         md_size = EVP_MD_get_size(dctx->md);
    122. 

  122.         if (md_size <= 0)
    123. 

  123.             return 0;
    124. 

  124.         if (tbslen != (size_t)md_size)
    125. 

  125.             return 0;
    126. 

  126.     }
    127. 

  127. 

  128.     ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
    129. 

  129. 

  130.     return ret;
    131. 

  131. }
    132. 

  132. 

  133. static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
    134. 

  134. {
    135. 

  135.     DSA_PKEY_CTX *dctx = ctx->data;
    136. 

  136. 

  137.     switch (type) {
    138. 

  138.     case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
    139. 

  139.         if (p1 < 256)
    140. 

  140.             return -2;
    141. 

  141.         dctx->nbits = p1;
    142. 

  142.         return 1;
    143. 

  143. 

  144.     case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
    145. 

  145.         if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
    146. 

  146.             return -2;
    147. 

  147.         dctx->qbits = p1;
    148. 

  148.         return 1;
    149. 

  149. 

  150.     case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
    151. 

  151.         if (EVP_MD_get_type((const EVP_MD *)p2) != NID_sha1 &&
    152. 

  152.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha224 &&
    153. 

  153.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha256) {
    154. 

  154.             ERR_raise(ERR_LIB_DSA, DSA_R_INVALID_DIGEST_TYPE);
    155. 

  155.             return 0;
    156. 

  156.         }
    157. 

  157.         dctx->pmd = p2;
    158. 

  158.         return 1;
    159. 

  159. 

  160.     case EVP_PKEY_CTRL_MD:
    161. 

  161.         if (EVP_MD_get_type((const EVP_MD *)p2) != NID_sha1 &&
    162. 

  162.             EVP_MD_get_type((const EVP_MD *)p2) != NID_dsa &&
    163. 

  163.             EVP_MD_get_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
    164. 

  164.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha224 &&
    165. 

  165.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha256 &&
    166. 

  166.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha384 &&
    167. 

  167.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha512 &&
    168. 

  168.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha3_224 &&
    169. 

  169.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha3_256 &&
    170. 

  170.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha3_384 &&
    171. 

  171.             EVP_MD_get_type((const EVP_MD *)p2) != NID_sha3_512) {
    172. 

  172.             ERR_raise(ERR_LIB_DSA, DSA_R_INVALID_DIGEST_TYPE);
    173. 

  173.             return 0;
    174. 

  174.         }
    175. 

  175.         dctx->md = p2;
    176. 

  176.         return 1;
    177. 

  177. 

  178.     case EVP_PKEY_CTRL_GET_MD:
    179. 

  179.         *(const EVP_MD **)p2 = dctx->md;
    180. 

  180.         return 1;
    181. 

  181. 

  182.     case EVP_PKEY_CTRL_DIGESTINIT:
    183. 

  183.     case EVP_PKEY_CTRL_PKCS7_SIGN:
    184. 

  184.     case EVP_PKEY_CTRL_CMS_SIGN:
    185. 

  185.         return 1;
    186. 

  186. 

  187.     case EVP_PKEY_CTRL_PEER_KEY:
    188. 

  188.         ERR_raise(ERR_LIB_DSA, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
    189. 

  189.         return -2;
    190. 

  190.     default:
    191. 

  191.         return -2;
    192. 

  192. 

  193.     }
    194. 

  194. }
    195. 

  195. 

  196. static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
    197. 

  197.                              const char *type, const char *value)
    198. 

  198. {
    199. 

  199.     if (strcmp(type, "dsa_paramgen_bits") == 0) {
    200. 

  200.         int nbits;
    201. 

  201.         nbits = atoi(value);
    202. 

  202.         return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
    203. 

  203.     }
    204. 

  204.     if (strcmp(type, "dsa_paramgen_q_bits") == 0) {
    205. 

  205.         int qbits = atoi(value);
    206. 

  206.         return EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits);
    207. 

  207.     }
    208. 

  208.     if (strcmp(type, "dsa_paramgen_md") == 0) {
    209. 

  209.         const EVP_MD *md = EVP_get_digestbyname(value);
    210. 

  210. 

  211.         if (md == NULL) {
    212. 

  212.             ERR_raise(ERR_LIB_DSA, DSA_R_INVALID_DIGEST_TYPE);
    213. 

  213.             return 0;
    214. 

  214.         }
    215. 

  215.         return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md);
    216. 

  216.     }
    217. 

  217.     return -2;
    218. 

  218. }
    219. 

  219. 

  220. static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
    221. 

  221. {
    222. 

  222.     DSA *dsa = NULL;
    223. 

  223.     DSA_PKEY_CTX *dctx = ctx->data;
    224. 

  224.     BN_GENCB *pcb;
    225. 

  225.     int ret, res;
    226. 

  226. 

  227.     if (ctx->pkey_gencb) {
    228. 

  228.         pcb = BN_GENCB_new();
    229. 

  229.         if (pcb == NULL)
    230. 

  230.             return 0;
    231. 

  231.         evp_pkey_set_cb_translate(pcb, ctx);
    232. 

  232.     } else
    233. 

  233.         pcb = NULL;
    234. 

  234.     dsa = DSA_new();
    235. 

  235.     if (dsa == NULL) {
    236. 

  236.         BN_GENCB_free(pcb);
    237. 

  237.         return 0;
    238. 

  238.     }
    239. 

  239.     if (dctx->md != NULL)
    240. 

  240.         ossl_ffc_set_digest(&dsa->params, EVP_MD_get0_name(dctx->md), NULL);
    241. 

  241. 

  242.     ret = ossl_ffc_params_FIPS186_4_generate(NULL, &dsa->params,
    243. 

  243.                                              FFC_PARAM_TYPE_DSA, dctx->nbits,
    244. 

  244.                                              dctx->qbits, &res, pcb);
    245. 

  245.     BN_GENCB_free(pcb);
    246. 

  246.     if (ret > 0)
    247. 

  247.         EVP_PKEY_assign_DSA(pkey, dsa);
    248. 

  248.     else
    249. 

  249.         DSA_free(dsa);
    250. 

  250.     return ret;
    251. 

  251. }
    252. 

  252. 

  253. static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
    254. 

  254. {
    255. 

  255.     DSA *dsa = NULL;
    256. 

  256. 

  257.     if (ctx->pkey == NULL) {
    258. 

  258.         ERR_raise(ERR_LIB_DSA, DSA_R_NO_PARAMETERS_SET);
    259. 

  259.         return 0;
    260. 

  260.     }
    261. 

  261.     dsa = DSA_new();
    262. 

  262.     if (dsa == NULL)
    263. 

  263.         return 0;
    264. 

  264.     EVP_PKEY_assign_DSA(pkey, dsa);
    265. 

  265.     /* Note: if error return, pkey is freed by parent routine */
    266. 

  266.     if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
    267. 

  267.         return 0;
    268. 

  268.     return DSA_generate_key((DSA *)EVP_PKEY_get0_DSA(pkey));
    269. 

  269. }
    270. 

  270. 

  271. static const EVP_PKEY_METHOD dsa_pkey_meth = {
    272. 

  272.     EVP_PKEY_DSA,
    273. 

  273.     EVP_PKEY_FLAG_AUTOARGLEN,
    274. 

  274.     pkey_dsa_init,
    275. 

  275.     pkey_dsa_copy,
    276. 

  276.     pkey_dsa_cleanup,
    277. 

  277. 

  278.     0,
    279. 

  279.     pkey_dsa_paramgen,
    280. 

  280. 

  281.     0,
    282. 

  282.     pkey_dsa_keygen,
    283. 

  283. 

  284.     0,
    285. 

  285.     pkey_dsa_sign,
    286. 

  286. 

  287.     0,
    288. 

  288.     pkey_dsa_verify,
    289. 

  289. 

  290.     0, 0,
    291. 

  291. 

  292.     0, 0, 0, 0,
    293. 

  293. 

  294.     0, 0,
    295. 

  295. 

  296.     0, 0,
    297. 

  297. 

  298.     0, 0,
    299. 

  299. 

  300.     pkey_dsa_ctrl,
    301. 

  301.     pkey_dsa_ctrl_str
    302. 

  302. };
    303. 

  303. 

  304. const EVP_PKEY_METHOD *ossl_dsa_pkey_method(void)
    305. 

  305. {
    306. 

  306.     return &dsa_pkey_meth;
    307. 

  307. }
    308.