dsa_sign.c 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
  1. /*
  2. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * DSA low level APIs are deprecated for public use, but still ok for
  11. * internal use.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <openssl/bn.h>
  15. #include "internal/cryptlib.h"
  16. #include "dsa_local.h"
  17. #include "crypto/asn1_dsa.h"
  18. #include "crypto/dsa.h"
  19. DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
  20. {
  21. return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
  22. }
  23. #ifndef OPENSSL_NO_DEPRECATED_3_0
  24. int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
  25. {
  26. return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
  27. }
  28. #endif
  29. DSA_SIG *DSA_SIG_new(void)
  30. {
  31. DSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig));
  32. return sig;
  33. }
  34. void DSA_SIG_free(DSA_SIG *sig)
  35. {
  36. if (sig == NULL)
  37. return;
  38. BN_clear_free(sig->r);
  39. BN_clear_free(sig->s);
  40. OPENSSL_free(sig);
  41. }
  42. DSA_SIG *d2i_DSA_SIG(DSA_SIG **psig, const unsigned char **ppin, long len)
  43. {
  44. DSA_SIG *sig;
  45. if (len < 0)
  46. return NULL;
  47. if (psig != NULL && *psig != NULL) {
  48. sig = *psig;
  49. } else {
  50. sig = DSA_SIG_new();
  51. if (sig == NULL)
  52. return NULL;
  53. }
  54. if (sig->r == NULL)
  55. sig->r = BN_new();
  56. if (sig->s == NULL)
  57. sig->s = BN_new();
  58. if (sig->r == NULL || sig->s == NULL
  59. || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
  60. if (psig == NULL || *psig == NULL)
  61. DSA_SIG_free(sig);
  62. return NULL;
  63. }
  64. if (psig != NULL && *psig == NULL)
  65. *psig = sig;
  66. return sig;
  67. }
  68. int i2d_DSA_SIG(const DSA_SIG *sig, unsigned char **ppout)
  69. {
  70. BUF_MEM *buf = NULL;
  71. size_t encoded_len;
  72. WPACKET pkt;
  73. if (ppout == NULL) {
  74. if (!WPACKET_init_null(&pkt, 0))
  75. return -1;
  76. } else if (*ppout == NULL) {
  77. if ((buf = BUF_MEM_new()) == NULL
  78. || !WPACKET_init_len(&pkt, buf, 0)) {
  79. BUF_MEM_free(buf);
  80. return -1;
  81. }
  82. } else {
  83. if (!WPACKET_init_static_len(&pkt, *ppout, SIZE_MAX, 0))
  84. return -1;
  85. }
  86. if (!ossl_encode_der_dsa_sig(&pkt, sig->r, sig->s)
  87. || !WPACKET_get_total_written(&pkt, &encoded_len)
  88. || !WPACKET_finish(&pkt)) {
  89. BUF_MEM_free(buf);
  90. WPACKET_cleanup(&pkt);
  91. return -1;
  92. }
  93. if (ppout != NULL) {
  94. if (*ppout == NULL) {
  95. *ppout = (unsigned char *)buf->data;
  96. buf->data = NULL;
  97. BUF_MEM_free(buf);
  98. } else {
  99. *ppout += encoded_len;
  100. }
  101. }
  102. return (int)encoded_len;
  103. }
  104. int DSA_size(const DSA *dsa)
  105. {
  106. int ret = -1;
  107. DSA_SIG sig;
  108. if (dsa->params.q != NULL) {
  109. sig.r = sig.s = dsa->params.q;
  110. ret = i2d_DSA_SIG(&sig, NULL);
  111. if (ret < 0)
  112. ret = 0;
  113. }
  114. return ret;
  115. }
  116. void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
  117. {
  118. if (pr != NULL)
  119. *pr = sig->r;
  120. if (ps != NULL)
  121. *ps = sig->s;
  122. }
  123. int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
  124. {
  125. if (r == NULL || s == NULL)
  126. return 0;
  127. BN_clear_free(sig->r);
  128. BN_clear_free(sig->s);
  129. sig->r = r;
  130. sig->s = s;
  131. return 1;
  132. }
  133. int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen,
  134. unsigned char *sig, unsigned int *siglen, DSA *dsa,
  135. unsigned int nonce_type, const char *digestname,
  136. OSSL_LIB_CTX *libctx, const char *propq)
  137. {
  138. DSA_SIG *s;
  139. /* legacy case uses the method table */
  140. if (dsa->libctx == NULL || dsa->meth != DSA_get_default_method())
  141. s = DSA_do_sign(dgst, dlen, dsa);
  142. else
  143. s = ossl_dsa_do_sign_int(dgst, dlen, dsa,
  144. nonce_type, digestname, libctx, propq);
  145. if (s == NULL) {
  146. *siglen = 0;
  147. return 0;
  148. }
  149. *siglen = i2d_DSA_SIG(s, sig != NULL ? &sig : NULL);
  150. DSA_SIG_free(s);
  151. return 1;
  152. }
  153. int DSA_sign(int type, const unsigned char *dgst, int dlen,
  154. unsigned char *sig, unsigned int *siglen, DSA *dsa)
  155. {
  156. return ossl_dsa_sign_int(type, dgst, dlen, sig, siglen, dsa,
  157. 0, NULL, NULL, NULL);
  158. }
  159. /* data has already been hashed (probably with SHA or SHA-1). */
  160. /*-
  161. * returns
  162. * 1: correct signature
  163. * 0: incorrect signature
  164. * -1: error
  165. */
  166. int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
  167. const unsigned char *sigbuf, int siglen, DSA *dsa)
  168. {
  169. DSA_SIG *s;
  170. const unsigned char *p = sigbuf;
  171. unsigned char *der = NULL;
  172. int derlen = -1;
  173. int ret = -1;
  174. s = DSA_SIG_new();
  175. if (s == NULL)
  176. return ret;
  177. if (d2i_DSA_SIG(&s, &p, siglen) == NULL)
  178. goto err;
  179. /* Ensure signature uses DER and doesn't have trailing garbage */
  180. derlen = i2d_DSA_SIG(s, &der);
  181. if (derlen != siglen || memcmp(sigbuf, der, derlen))
  182. goto err;
  183. ret = DSA_do_verify(dgst, dgst_len, s, dsa);
  184. err:
  185. OPENSSL_clear_free(der, derlen);
  186. DSA_SIG_free(s);
  187. return ret;
  188. }