kris
/
boringssl
1
0
Derivar 0
Código Questões 0 Pedidos de integração 0 Lançamentos 0 Wiki Trabalho
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
607 Cometimentos
12 Ramos
38 MiB
 
 
 
 
 
 
Árvore: e1cf3f1579
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de 'e1cf3f1579'
${ noResults }
boringssl/crypto/dsa/dsa.c

368 linhas
10 KiB
Em bruto Responsabilidade Histórico 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.]

  56.  *

  57.  * The DSS routines are based on patches supplied by

  58.  * Steven Schoch <schoch@sheba.arc.nasa.gov>. */

  59. 

  60. #include <openssl/dsa.h>

  61. 

  62. #include <openssl/asn1.h>

  63. #include <openssl/dh.h>

  64. #include <openssl/engine.h>

  65. #include <openssl/err.h>

  66. #include <openssl/ex_data.h>

  67. #include <openssl/mem.h>

  68. 

  69. #include "internal.h"

  70. 

  71. extern const DSA_METHOD DSA_default_method;

  72. 

  73. DSA *DSA_new(void) { return DSA_new_method(NULL); }

  74. 

  75. DSA *DSA_new_method(const ENGINE *engine) {

  76.   DSA *dsa = (DSA *)OPENSSL_malloc(sizeof(DSA));

  77.   if (dsa == NULL) {

  78.     OPENSSL_PUT_ERROR(DSA, DSA_new_method, ERR_R_MALLOC_FAILURE);

  79.     return NULL;

  80.   }

  81. 

  82.   memset(dsa, 0, sizeof(DSA));

  83. 

  84.   if (engine) {

  85.     dsa->meth = ENGINE_get_DSA_method(engine);

  86.   }

  87. 

  88.   if (dsa->meth == NULL) {

  89.     dsa->meth = (DSA_METHOD*) &DSA_default_method;

  90.   }

  91.   METHOD_ref(dsa->meth);

  92. 

  93.   dsa->write_params = 1;

  94.   dsa->references = 1;

  95. 

  96.   if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data)) {

  97.     METHOD_unref(dsa->meth);

  98.     OPENSSL_free(dsa);

  99.     return NULL;

  100.   }

  101. 

  102.   if (dsa->meth->init && !dsa->meth->init(dsa)) {

  103.     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data);

  104.     METHOD_unref(dsa->meth);

  105.     OPENSSL_free(dsa);

  106.     return NULL;

  107.   }

  108. 

  109.   return dsa;

  110. }

  111. 

  112. void DSA_free(DSA *dsa) {

  113.   if (dsa == NULL) {

  114.     return;

  115.   }

  116. 

  117.   if (CRYPTO_add(&dsa->references, -1, CRYPTO_LOCK_DSA) > 0) {

  118.     return;

  119.   }

  120. 

  121.   if (dsa->meth->finish) {

  122.     dsa->meth->finish(dsa);

  123.   }

  124.   METHOD_unref(dsa->meth);

  125. 

  126.   CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data);

  127. 

  128.   if (dsa->p != NULL)

  129.     BN_clear_free(dsa->p);

  130.   if (dsa->q != NULL)

  131.     BN_clear_free(dsa->q);

  132.   if (dsa->g != NULL)

  133.     BN_clear_free(dsa->g);

  134.   if (dsa->pub_key != NULL)

  135.     BN_clear_free(dsa->pub_key);

  136.   if (dsa->priv_key != NULL)

  137.     BN_clear_free(dsa->priv_key);

  138.   if (dsa->kinv != NULL)

  139.     BN_clear_free(dsa->kinv);

  140.   if (dsa->r != NULL)

  141.     BN_clear_free(dsa->r);

  142.   OPENSSL_free(dsa);

  143. }

  144. 

  145. int DSA_up_ref(DSA *dsa) {

  146.   CRYPTO_add(&dsa->references, 1, CRYPTO_LOCK_DSA);

  147.   return 1;

  148. }

  149. 

  150. int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, const uint8_t *seed_in,

  151.                                size_t seed_len, int *out_counter,

  152.                                unsigned long *out_h, BN_GENCB *cb) {

  153.   if (dsa->meth->generate_parameters) {

  154.     return dsa->meth->generate_parameters(dsa, bits, seed_in, seed_len,

  155.                                           out_counter, out_h, cb);

  156.   }

  157.   return DSA_default_method.generate_parameters(dsa, bits, seed_in, seed_len,

  158.                                                 out_counter, out_h, cb);

  159. }

  160. 

  161. int DSA_generate_key(DSA *dsa) {

  162.   if (dsa->meth->keygen) {

  163.     return dsa->meth->keygen(dsa);

  164.   }

  165.   return DSA_default_method.keygen(dsa);

  166. }

  167. 

  168. DSA_SIG *DSA_SIG_new(void) {

  169.   DSA_SIG *sig;

  170.   sig = OPENSSL_malloc(sizeof(DSA_SIG));

  171.   if (!sig) {

  172.     return NULL;

  173.   }

  174.   sig->r = NULL;

  175.   sig->s = NULL;

  176.   return sig;

  177. }

  178. 

  179. void DSA_SIG_free(DSA_SIG *sig) {

  180.   if (!sig) {

  181.     return;

  182.   }

  183. 

  184.   if (sig->r) {

  185.     BN_free(sig->r);

  186.   }

  187.   if (sig->s) {

  188.     BN_free(sig->s);

  189.   }

  190.   OPENSSL_free(sig);

  191. }

  192. 

  193. DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, DSA *dsa) {

  194.   if (dsa->meth->sign) {

  195.     return dsa->meth->sign(digest, digest_len, dsa);

  196.   }

  197.   return DSA_default_method.sign(digest, digest_len, dsa);

  198. }

  199. 

  200. int DSA_do_verify(const uint8_t *digest, size_t digest_len, DSA_SIG *sig,

  201.                   const DSA *dsa) {

  202.   int valid, ret;

  203. 

  204.   if (dsa->meth->verify) {

  205.     ret = dsa->meth->verify(&valid, digest, digest_len, sig, dsa);

  206.   } else {

  207.     ret = DSA_default_method.verify(&valid, digest, digest_len, sig, dsa);

  208.   }

  209. 

  210.   if (!ret) {

  211.     return -1;

  212.   } else if (!valid) {

  213.     return 0;

  214.   }

  215.   return 1;

  216. }

  217. 

  218. int DSA_do_check_signature(int *out_valid, const uint8_t *digest,

  219.                            size_t digest_len, DSA_SIG *sig, const DSA *dsa) {

  220.   if (dsa->meth->verify) {

  221.     return dsa->meth->verify(out_valid, digest, digest_len, sig, dsa);

  222.   }

  223. 

  224.   return DSA_default_method.verify(out_valid, digest, digest_len, sig, dsa);

  225. }

  226. 

  227. int DSA_sign(int type, const uint8_t *digest, size_t digest_len,

  228.              uint8_t *out_sig, unsigned int *out_siglen, DSA *dsa) {

  229.   DSA_SIG *s;

  230. 

  231.   s = DSA_do_sign(digest, digest_len, dsa);

  232.   if (s == NULL) {

  233.     *out_siglen = 0;

  234.     return 0;

  235.   }

  236. 

  237.   *out_siglen = i2d_DSA_SIG(s, &out_sig);

  238.   DSA_SIG_free(s);

  239.   return 1;

  240. }

  241. 

  242. int DSA_verify(int type, const uint8_t *digest, size_t digest_len,

  243.                const uint8_t *sig, size_t sig_len, const DSA *dsa) {

  244.   DSA_SIG *s = NULL;

  245.   int ret = -1, valid;

  246. 

  247.   s = DSA_SIG_new();

  248.   if (s == NULL) {

  249.     goto err;

  250.   }

  251. 

  252.   if (d2i_DSA_SIG(&s, &sig, sig_len) == NULL) {

  253.     goto err;

  254.   }

  255. 

  256.   if (!DSA_do_check_signature(&valid, digest, digest_len, s, dsa)) {

  257.     goto err;

  258.   }

  259. 

  260.   ret = valid;

  261. 

  262. err:

  263.   if (s) {

  264.     DSA_SIG_free(s);

  265.   }

  266.   return ret;

  267. }

  268. 

  269. int DSA_check_signature(int *out_valid, const uint8_t *digest,

  270.                         size_t digest_len, const uint8_t *sig, size_t sig_len,

  271.                         const DSA *dsa) {

  272.   DSA_SIG *s = NULL;

  273.   int ret = 0;

  274. 

  275.   s = DSA_SIG_new();

  276.   if (s == NULL) {

  277.     goto err;

  278.   }

  279. 

  280.   if (d2i_DSA_SIG(&s, &sig, sig_len) == NULL) {

  281.     goto err;

  282.   }

  283. 

  284.   ret = DSA_do_check_signature(out_valid, digest, digest_len, s, dsa);

  285. 

  286. err:

  287.   if (s) {

  288.     DSA_SIG_free(s);

  289.   }

  290.   return ret;

  291. }

  292. 

  293. int DSA_size(const DSA *dsa) {

  294.   int ret, i;

  295.   ASN1_INTEGER bs;

  296.   unsigned char buf[4]; /* 4 bytes looks really small.

  297.                            However, i2d_ASN1_INTEGER() will not look

  298.                            beyond the first byte, as long as the second

  299.                            parameter is NULL. */

  300. 

  301.   i = BN_num_bits(dsa->q);

  302.   bs.length = (i + 7) / 8;

  303.   bs.data = buf;

  304.   bs.type = V_ASN1_INTEGER;

  305.   /* If the top bit is set the asn1 encoding is 1 larger. */

  306.   buf[0] = 0xff;

  307. 

  308.   i = i2d_ASN1_INTEGER(&bs, NULL);

  309.   i += i; /* r and s */

  310.   ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);

  311.   return ret;

  312. }

  313. 

  314. int DSA_sign_setup(const DSA *dsa, BN_CTX *ctx, BIGNUM **out_kinv,

  315.                    BIGNUM **out_r) {

  316.   if (dsa->meth->sign_setup) {

  317.     return dsa->meth->sign_setup(dsa, ctx, out_kinv, out_r, NULL, 0);

  318.   }

  319. 

  320.   return DSA_default_method.sign_setup(dsa, ctx, out_kinv, out_r, NULL, 0);

  321. }

  322. 

  323. int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,

  324.                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) {

  325.   return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp, new_func,

  326.                                  dup_func, free_func);

  327. }

  328. 

  329. int DSA_set_ex_data(DSA *d, int idx, void *arg) {

  330.   return CRYPTO_set_ex_data(&d->ex_data, idx, arg);

  331. }

  332. 

  333. void *DSA_get_ex_data(const DSA *d, int idx) {

  334.   return CRYPTO_get_ex_data(&d->ex_data, idx);

  335. }

  336. 

  337. DH *DSA_dup_DH(const DSA *r) {

  338.   DH *ret = NULL;

  339. 

  340.   if (r == NULL) {

  341.     goto err;

  342.   }

  343.   ret = DH_new();

  344.   if (ret == NULL) {

  345.     goto err;

  346.   }

  347.   if (r->q != NULL) {

  348.     ret->priv_length = BN_num_bits(r->q);

  349.     if ((ret->q = BN_dup(r->q)) == NULL) {

  350.       goto err;

  351.     }

  352.   }

  353.   if ((r->p != NULL && (ret->p = BN_dup(r->p)) == NULL) ||

  354.       (r->g != NULL && (ret->g = BN_dup(r->g)) == NULL) ||

  355.       (r->pub_key != NULL && (ret->pub_key = BN_dup(r->pub_key)) == NULL) ||

  356.       (r->priv_key != NULL && (ret->priv_key = BN_dup(r->priv_key)) == NULL)) {

  357.       goto err;

  358.   }

  359. 

  360.   return ret;

  361. 

  362. err:

  363.   if (ret != NULL) {

  364.     DH_free(ret);

  365.   }

  366.   return NULL;

  367. }