diff --git a/crypto/err/evp.errordata b/crypto/err/evp.errordata index e0346b41..14dd27b0 100644 --- a/crypto/err/evp.errordata +++ b/crypto/err/evp.errordata @@ -1,34 +1,41 @@ -EVP,function,100,EVP_DigestSignAlgorithm -EVP,function,101,EVP_DigestVerifyInitFromAlgorithm -EVP,function,102,EVP_PKEY_CTX_ctrl -EVP,function,103,EVP_PKEY_CTX_dup +EVP,function,160,EVP_DigestSignAlgorithm +EVP,function,161,EVP_DigestVerifyInitFromAlgorithm +EVP,function,162,EVP_PKEY_CTX_ctrl +EVP,function,163,EVP_PKEY_CTX_dup EVP,function,159,EVP_PKEY_CTX_get0_rsa_oaep_label -EVP,function,104,EVP_PKEY_copy_parameters -EVP,function,105,EVP_PKEY_decrypt -EVP,function,106,EVP_PKEY_decrypt_init -EVP,function,107,EVP_PKEY_derive +EVP,function,164,EVP_PKEY_copy_parameters +EVP,function,165,EVP_PKEY_decrypt +EVP,function,166,EVP_PKEY_decrypt_init +EVP,function,167,EVP_PKEY_derive EVP,function,108,EVP_PKEY_derive_init -EVP,function,109,EVP_PKEY_derive_set_peer +EVP,function,168,EVP_PKEY_derive_set_peer EVP,function,110,EVP_PKEY_encrypt EVP,function,111,EVP_PKEY_encrypt_init EVP,function,112,EVP_PKEY_get1_DH -EVP,function,113,EVP_PKEY_get1_DSA +EVP,function,169,EVP_PKEY_get1_DSA EVP,function,114,EVP_PKEY_get1_EC_KEY EVP,function,115,EVP_PKEY_get1_RSA EVP,function,116,EVP_PKEY_keygen -EVP,function,117,EVP_PKEY_keygen_init -EVP,function,118,EVP_PKEY_new -EVP,function,119,EVP_PKEY_set_type +EVP,function,170,EVP_PKEY_keygen_init +EVP,function,171,EVP_PKEY_new +EVP,function,172,EVP_PKEY_set_type EVP,function,120,EVP_PKEY_sign EVP,function,121,EVP_PKEY_sign_init EVP,function,122,EVP_PKEY_verify EVP,function,123,EVP_PKEY_verify_init -EVP,function,124,check_padding_md +EVP,function,173,check_padding_md EVP,function,125,d2i_AutoPrivateKey EVP,function,126,d2i_PrivateKey EVP,function,127,do_EC_KEY_print -EVP,function,128,do_rsa_print +EVP,function,174,do_dsa_print +EVP,function,175,do_rsa_print EVP,function,129,do_sigver_init +EVP,function,176,dsa_param_decode +EVP,function,177,dsa_priv_decode +EVP,function,178,dsa_priv_encode +EVP,function,179,dsa_pub_decode +EVP,function,180,dsa_pub_encode +EVP,function,181,dsa_sig_print EVP,function,130,eckey_param2type EVP,function,131,eckey_param_decode EVP,function,132,eckey_priv_decode @@ -39,6 +46,7 @@ EVP,function,136,eckey_type2param EVP,function,137,evp_pkey_ctx_new EVP,function,138,hmac_signctx EVP,function,139,i2d_PublicKey +EVP,function,182,old_dsa_priv_decode EVP,function,140,old_ec_priv_decode EVP,function,141,old_rsa_priv_decode EVP,function,142,pkey_ec_ctrl @@ -58,15 +66,16 @@ EVP,function,154,rsa_priv_decode EVP,function,155,rsa_priv_encode EVP,function,156,rsa_pss_to_ctx EVP,function,157,rsa_pub_decode +EVP,reason,151,BN_DECODE_ERROR EVP,reason,100,BUFFER_TOO_SMALL EVP,reason,101,COMMAND_NOT_SUPPORTED -EVP,reason,102,CONTEXT_NOT_INITIALISED -EVP,reason,103,DECODE_ERROR +EVP,reason,146,CONTEXT_NOT_INITIALISED +EVP,reason,143,DECODE_ERROR EVP,reason,104,DIFFERENT_KEY_TYPES EVP,reason,105,DIFFERENT_PARAMETERS -EVP,reason,106,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED +EVP,reason,147,DIGEST_AND_KEY_TYPE_NOT_SUPPORTED EVP,reason,107,EXPECTING_AN_EC_KEY_KEY -EVP,reason,108,EXPECTING_AN_RSA_KEY +EVP,reason,141,EXPECTING_AN_RSA_KEY EVP,reason,109,EXPECTING_A_DH_KEY EVP,reason,110,EXPECTING_A_DSA_KEY EVP,reason,111,ILLEGAL_OR_UNSUPPORTED_PADDING_MODE @@ -75,10 +84,10 @@ EVP,reason,113,INVALID_DIGEST_LENGTH EVP,reason,114,INVALID_DIGEST_TYPE EVP,reason,115,INVALID_KEYBITS EVP,reason,116,INVALID_MGF1_MD -EVP,reason,117,INVALID_OPERATION +EVP,reason,142,INVALID_OPERATION EVP,reason,118,INVALID_PADDING_MODE EVP,reason,119,INVALID_PSS_PARAMETERS -EVP,reason,120,INVALID_PSS_SALTLEN +EVP,reason,144,INVALID_PSS_SALTLEN EVP,reason,121,INVALID_SALT_LENGTH EVP,reason,122,INVALID_TRAILER EVP,reason,123,KEYS_NOT_SET @@ -91,14 +100,15 @@ EVP,reason,129,NO_OPERATION_SET EVP,reason,130,NO_PARAMETERS_SET EVP,reason,131,OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE EVP,reason,132,OPERATON_NOT_INITIALIZED +EVP,reason,152,PARAMETER_ENCODING_ERROR EVP,reason,133,UNKNOWN_DIGEST EVP,reason,134,UNKNOWN_MASK_DIGEST -EVP,reason,135,UNKNOWN_MESSAGE_DIGEST_ALGORITHM -EVP,reason,136,UNKNOWN_PUBLIC_KEY_TYPE -EVP,reason,137,UNKNOWN_SIGNATURE_ALGORITHM +EVP,reason,150,UNKNOWN_MESSAGE_DIGEST_ALGORITHM +EVP,reason,145,UNKNOWN_PUBLIC_KEY_TYPE +EVP,reason,149,UNKNOWN_SIGNATURE_ALGORITHM EVP,reason,138,UNSUPPORTED_ALGORITHM EVP,reason,139,UNSUPPORTED_MASK_ALGORITHM EVP,reason,140,UNSUPPORTED_MASK_PARAMETER -EVP,reason,141,UNSUPPORTED_PUBLIC_KEY_TYPE -EVP,reason,142,UNSUPPORTED_SIGNATURE_TYPE -EVP,reason,143,WRONG_PUBLIC_KEY_TYPE +EVP,reason,153,UNSUPPORTED_PUBLIC_KEY_TYPE +EVP,reason,154,UNSUPPORTED_SIGNATURE_TYPE +EVP,reason,148,WRONG_PUBLIC_KEY_TYPE diff --git a/crypto/evp/CMakeLists.txt b/crypto/evp/CMakeLists.txt index 3b97ba6b..3dd1958b 100644 --- a/crypto/evp/CMakeLists.txt +++ b/crypto/evp/CMakeLists.txt @@ -10,6 +10,7 @@ add_library( digestsign.c evp.c evp_ctx.c + p_dsa_asn1.c p_ec.c p_ec_asn1.c p_hmac.c diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c index 49dbd79c..64ffed6d 100644 --- a/crypto/evp/evp.c +++ b/crypto/evp/evp.c @@ -71,6 +71,7 @@ #include "internal.h" +extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ec_asn1_meth; extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meth; @@ -208,6 +209,8 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, int nid) { return &hmac_asn1_meth; case EVP_PKEY_EC: return &ec_asn1_meth; + case EVP_PKEY_DSA: + return &dsa_asn1_meth; default: return NULL; } diff --git a/crypto/evp/evp_test.cc b/crypto/evp/evp_test.cc index e2deed7c..a63f0875 100644 --- a/crypto/evp/evp_test.cc +++ b/crypto/evp/evp_test.cc @@ -86,6 +86,81 @@ static const uint8_t kExampleRSAKeyDER[] = { 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf, }; +static const uint8_t kExampleDSAKeyDER[] = { + 0x30, 0x82, 0x03, 0x56, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, + 0x9e, 0x12, 0xfa, 0xb3, 0xde, 0x12, 0x21, 0x35, 0x01, 0xdd, 0x82, 0xaa, + 0x10, 0xca, 0x2d, 0x10, 0x1d, 0x2d, 0x4e, 0xbf, 0xef, 0x4d, 0x2a, 0x3f, + 0x8d, 0xaa, 0x0f, 0xe0, 0xce, 0xda, 0xd8, 0xd6, 0xaf, 0x85, 0x61, 0x6a, + 0xa2, 0xf3, 0x25, 0x2c, 0x0a, 0x2b, 0x5a, 0x6d, 0xb0, 0x9e, 0x6f, 0x14, + 0x90, 0x0e, 0x0d, 0xdb, 0x83, 0x11, 0x87, 0x6d, 0xd8, 0xf9, 0x66, 0x95, + 0x25, 0xf9, 0x9e, 0xd6, 0x59, 0x49, 0xe1, 0x84, 0xd5, 0x06, 0x47, 0x93, + 0x27, 0x11, 0x69, 0xa2, 0x28, 0x68, 0x0b, 0x95, 0xec, 0x12, 0xf5, 0x9a, + 0x8e, 0x20, 0xb2, 0x1f, 0x2b, 0x58, 0xeb, 0x2a, 0x20, 0x12, 0xd3, 0x5b, + 0xde, 0x2e, 0xe3, 0x51, 0x82, 0x2f, 0xe8, 0xf3, 0x2d, 0x0a, 0x33, 0x05, + 0x65, 0xdc, 0xce, 0x5c, 0x67, 0x2b, 0x72, 0x59, 0xc1, 0x4b, 0x24, 0x33, + 0xd0, 0xb5, 0xb2, 0xca, 0x2b, 0x2d, 0xb0, 0xab, 0x62, 0x6e, 0x8f, 0x13, + 0xf4, 0x7f, 0xe0, 0x34, 0x5d, 0x90, 0x4e, 0x72, 0x94, 0xbb, 0x03, 0x8e, + 0x9c, 0xe2, 0x1a, 0x9e, 0x58, 0x0b, 0x83, 0x35, 0x62, 0x78, 0x70, 0x6c, + 0xfe, 0x76, 0x84, 0x36, 0xc6, 0x9d, 0xe1, 0x49, 0xcc, 0xff, 0x98, 0xb4, + 0xaa, 0xb8, 0xcb, 0x4f, 0x63, 0x85, 0xc9, 0xf1, 0x02, 0xce, 0x59, 0x34, + 0x6e, 0xae, 0xef, 0x27, 0xe0, 0xad, 0x22, 0x2d, 0x53, 0xd6, 0xe8, 0x9c, + 0xc8, 0xcd, 0xe5, 0x77, 0x6d, 0xd0, 0x00, 0x57, 0xb0, 0x3f, 0x2d, 0x88, + 0xab, 0x3c, 0xed, 0xba, 0xfd, 0x7b, 0x58, 0x5f, 0x0b, 0x7f, 0x78, 0x35, + 0xe1, 0x7a, 0x37, 0x28, 0xbb, 0xf2, 0x5e, 0xa6, 0x25, 0x72, 0xf2, 0x45, + 0xdc, 0x11, 0x1f, 0x3c, 0xe3, 0x9c, 0xb6, 0xff, 0xac, 0xc3, 0x1b, 0x0a, + 0x27, 0x90, 0xe7, 0xbd, 0xe9, 0x02, 0x24, 0xea, 0x9b, 0x09, 0x31, 0x53, + 0x62, 0xaf, 0x3d, 0x2b, 0x02, 0x21, 0x00, 0xf3, 0x81, 0xdc, 0xf5, 0x3e, + 0xbf, 0x72, 0x4f, 0x8b, 0x2e, 0x5c, 0xa8, 0x2c, 0x01, 0x0f, 0xb4, 0xb5, + 0xed, 0xa9, 0x35, 0x8d, 0x0f, 0xd8, 0x8e, 0xd2, 0x78, 0x58, 0x94, 0x88, + 0xb5, 0x4f, 0xc3, 0x02, 0x82, 0x01, 0x00, 0x0c, 0x40, 0x2a, 0x72, 0x5d, + 0xcc, 0x3a, 0x62, 0xe0, 0x2b, 0xf4, 0xcf, 0x43, 0xcd, 0x17, 0xf4, 0xa4, + 0x93, 0x59, 0x12, 0x20, 0x22, 0x36, 0x69, 0xcf, 0x41, 0x93, 0xed, 0xab, + 0x42, 0x3a, 0xd0, 0x8d, 0xfb, 0x55, 0x2e, 0x30, 0x8a, 0x6a, 0x57, 0xa5, + 0xff, 0xbc, 0x7c, 0xd0, 0xfb, 0x20, 0x87, 0xf8, 0x1f, 0x8d, 0xf0, 0xcb, + 0x08, 0xab, 0x21, 0x33, 0x28, 0x7d, 0x2b, 0x69, 0x68, 0x71, 0x4a, 0x94, + 0xf6, 0x33, 0xc9, 0x40, 0x84, 0x5a, 0x48, 0xa3, 0xe1, 0x67, 0x08, 0xdd, + 0xe7, 0x61, 0xcc, 0x6a, 0x8e, 0xab, 0x2d, 0x84, 0xdb, 0x21, 0xb6, 0xea, + 0x5b, 0x07, 0x68, 0x14, 0x93, 0xcc, 0x9c, 0x31, 0xfb, 0xc3, 0x68, 0xb2, + 0x43, 0xf6, 0xdd, 0xf8, 0xc9, 0x32, 0xa8, 0xb4, 0x03, 0x8f, 0x44, 0xe7, + 0xb1, 0x5c, 0xa8, 0x76, 0x34, 0x4a, 0x14, 0x78, 0x59, 0xf2, 0xb4, 0x3b, + 0x39, 0x45, 0x86, 0x68, 0xad, 0x5e, 0x0a, 0x1a, 0x9a, 0x66, 0x95, 0x46, + 0xdd, 0x28, 0x12, 0xe3, 0xb3, 0x61, 0x7a, 0x0a, 0xef, 0x99, 0xd5, 0x8e, + 0x3b, 0xb4, 0xcc, 0x87, 0xfd, 0x94, 0x22, 0x5e, 0x01, 0xd2, 0xdc, 0xc4, + 0x69, 0xa7, 0x72, 0x68, 0x14, 0x6c, 0x51, 0x91, 0x8f, 0x18, 0xe8, 0xb4, + 0xd7, 0x0a, 0xa1, 0xf0, 0xc7, 0x62, 0x3b, 0xcc, 0x52, 0xcf, 0x37, 0x31, + 0xd3, 0x86, 0x41, 0xb2, 0xd2, 0x83, 0x0b, 0x7e, 0xec, 0xb2, 0xf0, 0x95, + 0x52, 0xff, 0x13, 0x7d, 0x04, 0x6e, 0x49, 0x4e, 0x7f, 0x33, 0xc3, 0x59, + 0x00, 0x02, 0xb1, 0x6d, 0x1b, 0x97, 0xd9, 0x36, 0xfd, 0xa2, 0x8f, 0x90, + 0xc3, 0xed, 0x3c, 0xa3, 0x53, 0x38, 0x16, 0x8a, 0xc1, 0x6f, 0x77, 0xc3, + 0xc5, 0x7a, 0xdc, 0x2e, 0x8f, 0x7c, 0x6c, 0x22, 0x56, 0xe4, 0x1a, 0x5f, + 0x65, 0x45, 0x05, 0x90, 0xdb, 0xb5, 0xbc, 0xf0, 0x6d, 0x66, 0x61, 0x02, + 0x82, 0x01, 0x00, 0x31, 0x97, 0x31, 0xa1, 0x4e, 0x38, 0x56, 0x88, 0xdb, + 0x94, 0x1d, 0xbf, 0x65, 0x5c, 0xda, 0x4b, 0xc2, 0x10, 0xde, 0x74, 0x20, + 0x03, 0xce, 0x13, 0x60, 0xf2, 0x25, 0x1d, 0x55, 0x7c, 0x5d, 0x94, 0x82, + 0x54, 0x08, 0x53, 0xdb, 0x85, 0x95, 0xbf, 0xdd, 0x5e, 0x50, 0xd5, 0x96, + 0xe0, 0x79, 0x51, 0x1b, 0xbf, 0x4d, 0x4e, 0xb9, 0x3a, 0xc5, 0xee, 0xc4, + 0x5e, 0x98, 0x75, 0x7b, 0xbe, 0xff, 0x30, 0xe6, 0xd0, 0x7b, 0xa6, 0xf1, + 0xbc, 0x29, 0xea, 0xdf, 0xec, 0xf3, 0x8b, 0xfa, 0x83, 0x11, 0x9f, 0x3f, + 0xf0, 0x5d, 0x06, 0x51, 0x32, 0xaa, 0x21, 0xfc, 0x26, 0x17, 0xe7, 0x50, + 0xc2, 0x16, 0xba, 0xfa, 0x54, 0xb7, 0x7e, 0x1d, 0x2c, 0xa6, 0xa3, 0x41, + 0x66, 0x33, 0x94, 0x83, 0xb9, 0xbf, 0xa0, 0x4f, 0xbd, 0xa6, 0xfd, 0x2c, + 0x81, 0x58, 0x35, 0x33, 0x39, 0xc0, 0x6d, 0x33, 0x40, 0x56, 0x64, 0x12, + 0x5a, 0xcd, 0x35, 0x53, 0x21, 0x78, 0x8f, 0x27, 0x24, 0x37, 0x66, 0x8a, + 0xdf, 0x5e, 0x5f, 0x63, 0xfc, 0x8b, 0x2d, 0xef, 0x57, 0xdb, 0x40, 0x25, + 0xd5, 0x17, 0x53, 0x0b, 0xe4, 0xa5, 0xae, 0x54, 0xbf, 0x46, 0x4f, 0xa6, + 0x79, 0xc3, 0x74, 0xfa, 0x1f, 0x85, 0x34, 0x64, 0x6d, 0xc5, 0x03, 0xeb, + 0x72, 0x98, 0x80, 0x7b, 0xc0, 0x8f, 0x35, 0x11, 0xa7, 0x09, 0xeb, 0x51, + 0xe0, 0xb0, 0xac, 0x92, 0x14, 0xf2, 0xad, 0x37, 0x95, 0x5a, 0xba, 0x8c, + 0xc4, 0xdb, 0xed, 0xc4, 0x4e, 0x8b, 0x8f, 0x84, 0x33, 0x64, 0xf8, 0x57, + 0x12, 0xd7, 0x08, 0x7e, 0x90, 0x66, 0xdf, 0x91, 0x50, 0x23, 0xf2, 0x73, + 0xc0, 0x6b, 0xb1, 0x15, 0xdd, 0x64, 0xd7, 0xc9, 0x75, 0x17, 0x73, 0x72, + 0xda, 0x33, 0xc4, 0x6f, 0xa5, 0x47, 0xa1, 0xcc, 0xd1, 0xc6, 0x62, 0xe5, + 0xca, 0xab, 0x5f, 0x2a, 0x8f, 0x6b, 0xcc, 0x02, 0x21, 0x00, 0xb0, 0xc7, + 0x68, 0x70, 0x27, 0x43, 0xbc, 0x51, 0x24, 0x29, 0x93, 0xa9, 0x71, 0xa5, + 0x28, 0x89, 0x79, 0x54, 0x44, 0xf7, 0xc6, 0x45, 0x22, 0x03, 0xd0, 0xce, + 0x84, 0xfe, 0x61, 0x17, 0xd4, 0x6e, +}; + static const uint8_t kMsg[] = {1, 2, 3, 4}; static const uint8_t kSignature[] = { @@ -509,6 +584,13 @@ int main(void) { return 1; } + if (!Testd2i_AutoPrivateKey(kExampleDSAKeyDER, sizeof(kExampleDSAKeyDER), + EVP_PKEY_DSA)) { + fprintf(stderr, "d2i_AutoPrivateKey(kExampleDSAKeyDER) failed\n"); + BIO_print_errors_fp(stderr); + return 1; + } + if (!TestEVP_PKCS82PKEY()) { fprintf(stderr, "TestEVP_PKCS82PKEY failed\n"); BIO_print_errors_fp(stderr); diff --git a/crypto/evp/p_dsa_asn1.c b/crypto/evp/p_dsa_asn1.c new file mode 100644 index 00000000..fce644b4 --- /dev/null +++ b/crypto/evp/p_dsa_asn1.c @@ -0,0 +1,594 @@ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 2006. + */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). */ + +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "../dsa/internal.h" +#include "internal.h" + + +static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { + const uint8_t *p, *pm; + int pklen, pmlen; + int ptype; + void *pval; + ASN1_STRING *pstr; + X509_ALGOR *palg; + ASN1_INTEGER *public_key = NULL; + + DSA *dsa = NULL; + + if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) { + return 0; + } + X509_ALGOR_get0(NULL, &ptype, &pval, palg); + + if (ptype == V_ASN1_SEQUENCE) { + pstr = pval; + pm = pstr->data; + pmlen = pstr->length; + + dsa = d2i_DSAparams(NULL, &pm, pmlen); + if (dsa == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + goto err; + } + } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { + dsa = DSA_new(); + if (dsa == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, ERR_R_MALLOC_FAILURE); + goto err; + } + } else { + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_PARAMETER_ENCODING_ERROR); + goto err; + } + + public_key = d2i_ASN1_INTEGER(NULL, &p, pklen); + if (public_key == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_DECODE_ERROR); + goto err; + } + + dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL); + if (dsa->pub_key == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_decode, EVP_R_BN_DECODE_ERROR); + goto err; + } + + ASN1_INTEGER_free(public_key); + EVP_PKEY_assign_DSA(pkey, dsa); + return 1; + +err: + if (public_key) { + ASN1_INTEGER_free(public_key); + } + if (dsa) { + DSA_free(dsa); + } + return 0; +} + +static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { + DSA *dsa; + void *pval = NULL; + uint8_t *penc = NULL; + int penclen; + + dsa = pkey->pkey.dsa; + dsa->write_params = 0; + + penclen = i2d_DSAPublicKey(dsa, &penc); + + if (penclen <= 0) { + OPENSSL_PUT_ERROR(EVP, dsa_pub_encode, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), V_ASN1_UNDEF, pval, + penc, penclen)) { + return 1; + } + +err: + if (penc) { + OPENSSL_free(penc); + } + if (pval) { + ASN1_STRING_free(pval); + } + + return 0; +} + +static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { + const uint8_t *p, *pm; + int pklen, pmlen; + int ptype; + void *pval; + ASN1_STRING *pstr; + X509_ALGOR *palg; + ASN1_INTEGER *privkey = NULL; + BN_CTX *ctx = NULL; + + /* In PKCS#8 DSA: you just get a private key integer and parameters in the + * AlgorithmIdentifier the pubkey must be recalculated. */ + + STACK_OF(ASN1_TYPE) *ndsa = NULL; + DSA *dsa = NULL; + + if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) { + return 0; + } + X509_ALGOR_get0(NULL, &ptype, &pval, palg); + + /* Check for broken DSA PKCS#8, UGH! */ + if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) { + ASN1_TYPE *t1, *t2; + ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen); + if (ndsa == NULL) { + goto decerr; + } + if (sk_ASN1_TYPE_num(ndsa) != 2) { + goto decerr; + } + + /* Handle Two broken types: + * SEQUENCE {parameters, priv_key} + * SEQUENCE {pub_key, priv_key}. */ + + t1 = sk_ASN1_TYPE_value(ndsa, 0); + t2 = sk_ASN1_TYPE_value(ndsa, 1); + if (t1->type == V_ASN1_SEQUENCE) { + p8->broken = PKCS8_EMBEDDED_PARAM; + pval = t1->value.ptr; + } else if (ptype == V_ASN1_SEQUENCE) { + p8->broken = PKCS8_NS_DB; + } else { + goto decerr; + } + + if (t2->type != V_ASN1_INTEGER) { + goto decerr; + } + + privkey = t2->value.integer; + } else { + const uint8_t *q = p; + privkey = d2i_ASN1_INTEGER(NULL, &p, pklen); + if (privkey == NULL) { + goto decerr; + } + if (privkey->type == V_ASN1_NEG_INTEGER) { + p8->broken = PKCS8_NEG_PRIVKEY; + ASN1_INTEGER_free(privkey); + privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen); + if (privkey == NULL) { + goto decerr; + } + } + if (ptype != V_ASN1_SEQUENCE) { + goto decerr; + } + } + + pstr = pval; + pm = pstr->data; + pmlen = pstr->length; + dsa = d2i_DSAparams(NULL, &pm, pmlen); + if (dsa == NULL) { + goto decerr; + } + /* We have parameters. Now set private key */ + dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL); + if (dsa->priv_key == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + goto dsaerr; + } + /* Calculate public key. */ + dsa->pub_key = BN_new(); + if (dsa->pub_key == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + goto dsaerr; + } + ctx = BN_CTX_new(); + if (ctx == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_R_MALLOC_FAILURE); + goto dsaerr; + } + + if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, ERR_LIB_BN); + goto dsaerr; + } + + EVP_PKEY_assign_DSA(pkey, dsa); + BN_CTX_free(ctx); + if (ndsa) { + sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); + } else { + ASN1_INTEGER_free(privkey); + } + + return 1; + +decerr: + OPENSSL_PUT_ERROR(EVP, dsa_priv_decode, EVP_R_DECODE_ERROR); + +dsaerr: + BN_CTX_free(ctx); + if (privkey) { + ASN1_INTEGER_free(privkey); + } + sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); + DSA_free(dsa); + return 0; +} + +static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { + ASN1_STRING *params = NULL; + ASN1_INTEGER *prkey = NULL; + uint8_t *dp = NULL; + int dplen; + + if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, EVP_R_MISSING_PARAMETERS); + goto err; + } + + params = ASN1_STRING_new(); + if (!params) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + goto err; + } + + params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); + if (params->length <= 0) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_R_MALLOC_FAILURE); + goto err; + } + params->type = V_ASN1_SEQUENCE; + + /* Get private key into integer. */ + prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); + + if (!prkey) { + OPENSSL_PUT_ERROR(EVP, dsa_priv_encode, ERR_LIB_BN); + goto err; + } + + dplen = i2d_ASN1_INTEGER(prkey, &dp); + + ASN1_INTEGER_free(prkey); + + if (!PKCS8_pkey_set0(p8, (ASN1_OBJECT *)OBJ_nid2obj(NID_dsa), 0, + V_ASN1_SEQUENCE, params, dp, dplen)) { + goto err; + } + + return 1; + +err: + if (dp != NULL) { + OPENSSL_free(dp); + } + if (params != NULL) { + ASN1_STRING_free(params); + } + if (prkey != NULL) { + ASN1_INTEGER_free(prkey); + } + return 0; +} + +static int int_dsa_size(const EVP_PKEY *pkey) { + return DSA_size(pkey->pkey.dsa); +} + +static int dsa_bits(const EVP_PKEY *pkey) { + return BN_num_bits(pkey->pkey.dsa->p); +} + +static int dsa_missing_parameters(const EVP_PKEY *pkey) { + DSA *dsa; + dsa = pkey->pkey.dsa; + if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) { + return 1; + } + return 0; +} + +static int dup_bn_into(BIGNUM **out, BIGNUM *src) { + BIGNUM *a; + + a = BN_dup(src); + if (a == NULL) { + return 0; + } + if (*out != NULL) { + BN_free(*out); + } + *out = a; + + return 1; +} + +static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { + if (!dup_bn_into(&to->pkey.dsa->p, from->pkey.dsa->p) || + !dup_bn_into(&to->pkey.dsa->q, from->pkey.dsa->q) || + !dup_bn_into(&to->pkey.dsa->g, from->pkey.dsa->g)) { + return 0; + } + + return 1; +} + +static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { + return BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) == 0 && + BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) == 0 && + BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g) == 0; +} + +static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { + return BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) == 0; +} + +static void int_dsa_free(EVP_PKEY *pkey) { DSA_free(pkey->pkey.dsa); } + +static void update_buflen(const BIGNUM *b, size_t *pbuflen) { + size_t i; + + if (!b) { + return; + } + i = BN_num_bytes(b); + if (*pbuflen < i) { + *pbuflen = i; + } +} + +static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) { + uint8_t *m = NULL; + int ret = 0; + size_t buf_len = 0; + const char *ktype = NULL; + + const BIGNUM *priv_key, *pub_key; + + priv_key = NULL; + if (ptype == 2) { + priv_key = x->priv_key; + } + + pub_key = NULL; + if (ptype > 0) { + pub_key = x->pub_key; + } + + ktype = "DSA-Parameters"; + if (ptype == 2) { + ktype = "Private-Key"; + } else if (ptype == 1) { + ktype = "Public-Key"; + } + + update_buflen(x->p, &buf_len); + update_buflen(x->q, &buf_len); + update_buflen(x->g, &buf_len); + update_buflen(priv_key, &buf_len); + update_buflen(pub_key, &buf_len); + + m = (uint8_t *)OPENSSL_malloc(buf_len + 10); + if (m == NULL) { + OPENSSL_PUT_ERROR(EVP, do_dsa_print, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (priv_key) { + if (!BIO_indent(bp, off, 128) || + BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0) { + goto err; + } + } + + if (!ASN1_bn_print(bp, "priv:", priv_key, m, off) || + !ASN1_bn_print(bp, "pub: ", pub_key, m, off) || + !ASN1_bn_print(bp, "P: ", x->p, m, off) || + !ASN1_bn_print(bp, "Q: ", x->q, m, off) || + !ASN1_bn_print(bp, "G: ", x->g, m, off)) { + goto err; + } + ret = 1; + +err: + if (m != NULL) { + OPENSSL_free(m); + } + return (ret); +} + +static int dsa_param_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { + DSA *dsa; + dsa = d2i_DSAparams(NULL, pder, derlen); + if (dsa == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_param_decode, ERR_R_DSA_LIB); + return 0; + } + EVP_PKEY_assign_DSA(pkey, dsa); + return 1; +} + +static int dsa_param_encode(const EVP_PKEY *pkey, uint8_t **pder) { + return i2d_DSAparams(pkey->pkey.dsa, pder); +} + +static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *ctx) { + return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); +} + +static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *ctx) { + return do_dsa_print(bp, pkey->pkey.dsa, indent, 1); +} + +static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *ctx) { + return do_dsa_print(bp, pkey->pkey.dsa, indent, 2); +} + +static int old_dsa_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, + int derlen) { + DSA *dsa; + dsa = d2i_DSAPrivateKey(NULL, pder, derlen); + if (dsa == NULL) { + OPENSSL_PUT_ERROR(EVP, old_dsa_priv_decode, ERR_R_DSA_LIB); + return 0; + } + EVP_PKEY_assign_DSA(pkey, dsa); + return 1; +} + +static int old_dsa_priv_encode(const EVP_PKEY *pkey, uint8_t **pder) { + return i2d_DSAPrivateKey(pkey->pkey.dsa, pder); +} + +static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, + const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx) { + DSA_SIG *dsa_sig; + const uint8_t *p; + + if (!sig) { + return BIO_puts(bp, "\n") > 0; + } + + p = sig->data; + dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); + if (dsa_sig == NULL) { + return X509_signature_dump(bp, sig, indent); + } + + int rv = 0; + size_t buf_len = 0; + uint8_t *m = NULL; + + update_buflen(dsa_sig->r, &buf_len); + update_buflen(dsa_sig->s, &buf_len); + m = OPENSSL_malloc(buf_len + 10); + if (m == NULL) { + OPENSSL_PUT_ERROR(EVP, dsa_sig_print, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (BIO_write(bp, "\n", 1) != 1 || + !ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent) || + !ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent)) { + goto err; + } + rv = 1; + +err: + if (m) { + OPENSSL_free(m); + } + DSA_SIG_free(dsa_sig); + return rv; +} + +const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { + EVP_PKEY_DSA, + EVP_PKEY_DSA, + 0, + + "DSA", + "OpenSSL DSA method", + + dsa_pub_decode, + dsa_pub_encode, + dsa_pub_cmp, + dsa_pub_print, + + dsa_priv_decode, + dsa_priv_encode, + dsa_priv_print, + + NULL /* pkey_opaque */, + NULL /* pkey_supports_digest */, + + int_dsa_size, + dsa_bits, + + dsa_param_decode, + dsa_param_encode, + dsa_missing_parameters, + dsa_copy_parameters, + dsa_cmp_parameters, + dsa_param_print, + dsa_sig_print, + + int_dsa_free, + old_dsa_priv_decode, + old_dsa_priv_encode, +}; diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 58b00a53..24fd038d 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -695,35 +695,20 @@ struct evp_pkey_st { } /* extern C */ #endif -#define EVP_F_EVP_DigestSignAlgorithm 100 -#define EVP_F_EVP_DigestVerifyInitFromAlgorithm 101 -#define EVP_F_EVP_PKEY_CTX_ctrl 102 -#define EVP_F_EVP_PKEY_CTX_dup 103 -#define EVP_F_EVP_PKEY_copy_parameters 104 -#define EVP_F_EVP_PKEY_decrypt 105 -#define EVP_F_EVP_PKEY_decrypt_init 106 -#define EVP_F_EVP_PKEY_derive 107 #define EVP_F_EVP_PKEY_derive_init 108 -#define EVP_F_EVP_PKEY_derive_set_peer 109 #define EVP_F_EVP_PKEY_encrypt 110 #define EVP_F_EVP_PKEY_encrypt_init 111 #define EVP_F_EVP_PKEY_get1_DH 112 -#define EVP_F_EVP_PKEY_get1_DSA 113 #define EVP_F_EVP_PKEY_get1_EC_KEY 114 #define EVP_F_EVP_PKEY_get1_RSA 115 #define EVP_F_EVP_PKEY_keygen 116 -#define EVP_F_EVP_PKEY_keygen_init 117 -#define EVP_F_EVP_PKEY_new 118 -#define EVP_F_EVP_PKEY_set_type 119 #define EVP_F_EVP_PKEY_sign 120 #define EVP_F_EVP_PKEY_sign_init 121 #define EVP_F_EVP_PKEY_verify 122 #define EVP_F_EVP_PKEY_verify_init 123 -#define EVP_F_check_padding_md 124 #define EVP_F_d2i_AutoPrivateKey 125 #define EVP_F_d2i_PrivateKey 126 #define EVP_F_do_EC_KEY_print 127 -#define EVP_F_do_rsa_print 128 #define EVP_F_do_sigver_init 129 #define EVP_F_eckey_param2type 130 #define EVP_F_eckey_param_decode 131 @@ -755,15 +740,34 @@ struct evp_pkey_st { #define EVP_F_rsa_pub_decode 157 #define EVP_F_pkey_hmac_ctrl 158 #define EVP_F_EVP_PKEY_CTX_get0_rsa_oaep_label 159 +#define EVP_F_EVP_DigestSignAlgorithm 160 +#define EVP_F_EVP_DigestVerifyInitFromAlgorithm 161 +#define EVP_F_EVP_PKEY_CTX_ctrl 162 +#define EVP_F_EVP_PKEY_CTX_dup 163 +#define EVP_F_EVP_PKEY_copy_parameters 164 +#define EVP_F_EVP_PKEY_decrypt 165 +#define EVP_F_EVP_PKEY_decrypt_init 166 +#define EVP_F_EVP_PKEY_derive 167 +#define EVP_F_EVP_PKEY_derive_set_peer 168 +#define EVP_F_EVP_PKEY_get1_DSA 169 +#define EVP_F_EVP_PKEY_keygen_init 170 +#define EVP_F_EVP_PKEY_new 171 +#define EVP_F_EVP_PKEY_set_type 172 +#define EVP_F_check_padding_md 173 +#define EVP_F_do_dsa_print 174 +#define EVP_F_do_rsa_print 175 +#define EVP_F_dsa_param_decode 176 +#define EVP_F_dsa_priv_decode 177 +#define EVP_F_dsa_priv_encode 178 +#define EVP_F_dsa_pub_decode 179 +#define EVP_F_dsa_pub_encode 180 +#define EVP_F_dsa_sig_print 181 +#define EVP_F_old_dsa_priv_decode 182 #define EVP_R_BUFFER_TOO_SMALL 100 #define EVP_R_COMMAND_NOT_SUPPORTED 101 -#define EVP_R_CONTEXT_NOT_INITIALISED 102 -#define EVP_R_DECODE_ERROR 103 #define EVP_R_DIFFERENT_KEY_TYPES 104 #define EVP_R_DIFFERENT_PARAMETERS 105 -#define EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 106 #define EVP_R_EXPECTING_AN_EC_KEY_KEY 107 -#define EVP_R_EXPECTING_AN_RSA_KEY 108 #define EVP_R_EXPECTING_A_DH_KEY 109 #define EVP_R_EXPECTING_A_DSA_KEY 110 #define EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 111 @@ -772,10 +776,8 @@ struct evp_pkey_st { #define EVP_R_INVALID_DIGEST_TYPE 114 #define EVP_R_INVALID_KEYBITS 115 #define EVP_R_INVALID_MGF1_MD 116 -#define EVP_R_INVALID_OPERATION 117 #define EVP_R_INVALID_PADDING_MODE 118 #define EVP_R_INVALID_PSS_PARAMETERS 119 -#define EVP_R_INVALID_PSS_SALTLEN 120 #define EVP_R_INVALID_SALT_LENGTH 121 #define EVP_R_INVALID_TRAILER 122 #define EVP_R_KEYS_NOT_SET 123 @@ -790,14 +792,22 @@ struct evp_pkey_st { #define EVP_R_OPERATON_NOT_INITIALIZED 132 #define EVP_R_UNKNOWN_DIGEST 133 #define EVP_R_UNKNOWN_MASK_DIGEST 134 -#define EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 135 -#define EVP_R_UNKNOWN_PUBLIC_KEY_TYPE 136 -#define EVP_R_UNKNOWN_SIGNATURE_ALGORITHM 137 #define EVP_R_UNSUPPORTED_ALGORITHM 138 #define EVP_R_UNSUPPORTED_MASK_ALGORITHM 139 #define EVP_R_UNSUPPORTED_MASK_PARAMETER 140 -#define EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE 141 -#define EVP_R_UNSUPPORTED_SIGNATURE_TYPE 142 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 143 +#define EVP_R_EXPECTING_AN_RSA_KEY 141 +#define EVP_R_INVALID_OPERATION 142 +#define EVP_R_DECODE_ERROR 143 +#define EVP_R_INVALID_PSS_SALTLEN 144 +#define EVP_R_UNKNOWN_PUBLIC_KEY_TYPE 145 +#define EVP_R_CONTEXT_NOT_INITIALISED 146 +#define EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 147 +#define EVP_R_WRONG_PUBLIC_KEY_TYPE 148 +#define EVP_R_UNKNOWN_SIGNATURE_ALGORITHM 149 +#define EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 150 +#define EVP_R_BN_DECODE_ERROR 151 +#define EVP_R_PARAMETER_ENCODING_ERROR 152 +#define EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE 153 +#define EVP_R_UNSUPPORTED_SIGNATURE_TYPE 154 #endif /* OPENSSL_HEADER_EVP_H */