]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/dsa/dsa_ameth.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add the ability to perform signatures in a provider
[thirdparty/openssl.git] / crypto / dsa / dsa_ameth.c
1 /*
2 * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/x509.h>
13 #include <openssl/asn1.h>
14 #include "dsa_locl.h"
15 #include <openssl/bn.h>
16 #include <openssl/cms.h>
17 #include "internal/asn1_int.h"
18 #include "internal/evp_int.h"
19
20 static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
21 {
22 const unsigned char *p, *pm;
23 int pklen, pmlen;
24 int ptype;
25 const void *pval;
26 const ASN1_STRING *pstr;
27 X509_ALGOR *palg;
28 ASN1_INTEGER *public_key = NULL;
29
30 DSA *dsa = NULL;
31
32 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
33 return 0;
34 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
35
36 if (ptype == V_ASN1_SEQUENCE) {
37 pstr = pval;
38 pm = pstr->data;
39 pmlen = pstr->length;
40
41 if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
42 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
43 goto err;
44 }
45
46 } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
47 if ((dsa = DSA_new()) == NULL) {
48 DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
49 goto err;
50 }
51 } else {
52 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
53 goto err;
54 }
55
56 if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
57 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
58 goto err;
59 }
60
61 if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
62 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
63 goto err;
64 }
65
66 ASN1_INTEGER_free(public_key);
67 EVP_PKEY_assign_DSA(pkey, dsa);
68 return 1;
69
70 err:
71 ASN1_INTEGER_free(public_key);
72 DSA_free(dsa);
73 return 0;
74
75 }
76
77 static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
78 {
79 DSA *dsa;
80 int ptype;
81 unsigned char *penc = NULL;
82 int penclen;
83 ASN1_STRING *str = NULL;
84 ASN1_INTEGER *pubint = NULL;
85 ASN1_OBJECT *aobj;
86
87 dsa = pkey->pkey.dsa;
88 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
89 str = ASN1_STRING_new();
90 if (str == NULL) {
91 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
92 goto err;
93 }
94 str->length = i2d_DSAparams(dsa, &str->data);
95 if (str->length <= 0) {
96 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
97 goto err;
98 }
99 ptype = V_ASN1_SEQUENCE;
100 } else
101 ptype = V_ASN1_UNDEF;
102
103 pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL);
104
105 if (pubint == NULL) {
106 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
107 goto err;
108 }
109
110 penclen = i2d_ASN1_INTEGER(pubint, &penc);
111 ASN1_INTEGER_free(pubint);
112
113 if (penclen <= 0) {
114 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
115 goto err;
116 }
117
118 aobj = OBJ_nid2obj(EVP_PKEY_DSA);
119 if (aobj == NULL)
120 goto err;
121
122 if (X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
123 return 1;
124
125 err:
126 OPENSSL_free(penc);
127 ASN1_STRING_free(str);
128
129 return 0;
130 }
131
132 /*
133 * In PKCS#8 DSA: you just get a private key integer and parameters in the
134 * AlgorithmIdentifier the pubkey must be recalculated.
135 */
136
137 static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
138 {
139 const unsigned char *p, *pm;
140 int pklen, pmlen;
141 int ptype;
142 const void *pval;
143 const ASN1_STRING *pstr;
144 const X509_ALGOR *palg;
145 ASN1_INTEGER *privkey = NULL;
146 BN_CTX *ctx = NULL;
147
148 DSA *dsa = NULL;
149
150 int ret = 0;
151
152 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
153 return 0;
154 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
155
156 if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
157 goto decerr;
158 if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
159 goto decerr;
160
161 pstr = pval;
162 pm = pstr->data;
163 pmlen = pstr->length;
164 if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
165 goto decerr;
166 /* We have parameters now set private key */
167 if ((dsa->priv_key = BN_secure_new()) == NULL
168 || !ASN1_INTEGER_to_BN(privkey, dsa->priv_key)) {
169 DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
170 goto dsaerr;
171 }
172 /* Calculate public key */
173 if ((dsa->pub_key = BN_new()) == NULL) {
174 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
175 goto dsaerr;
176 }
177 if ((ctx = BN_CTX_new()) == NULL) {
178 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
179 goto dsaerr;
180 }
181
182 BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
183 if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
184 DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
185 goto dsaerr;
186 }
187
188 EVP_PKEY_assign_DSA(pkey, dsa);
189
190 ret = 1;
191 goto done;
192
193 decerr:
194 DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
195 dsaerr:
196 DSA_free(dsa);
197 done:
198 BN_CTX_free(ctx);
199 ASN1_STRING_clear_free(privkey);
200 return ret;
201 }
202
203 static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
204 {
205 ASN1_STRING *params = NULL;
206 ASN1_INTEGER *prkey = NULL;
207 unsigned char *dp = NULL;
208 int dplen;
209
210 if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
211 DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
212 goto err;
213 }
214
215 params = ASN1_STRING_new();
216
217 if (params == NULL) {
218 DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
219 goto err;
220 }
221
222 params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
223 if (params->length <= 0) {
224 DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
225 goto err;
226 }
227 params->type = V_ASN1_SEQUENCE;
228
229 /* Get private key into integer */
230 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
231
232 if (!prkey) {
233 DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
234 goto err;
235 }
236
237 dplen = i2d_ASN1_INTEGER(prkey, &dp);
238
239 ASN1_STRING_clear_free(prkey);
240 prkey = NULL;
241
242 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
243 V_ASN1_SEQUENCE, params, dp, dplen))
244 goto err;
245
246 return 1;
247
248 err:
249 OPENSSL_free(dp);
250 ASN1_STRING_free(params);
251 ASN1_STRING_clear_free(prkey);
252 return 0;
253 }
254
255 static int int_dsa_size(const EVP_PKEY *pkey)
256 {
257 return DSA_size(pkey->pkey.dsa);
258 }
259
260 static int dsa_bits(const EVP_PKEY *pkey)
261 {
262 return DSA_bits(pkey->pkey.dsa);
263 }
264
265 static int dsa_security_bits(const EVP_PKEY *pkey)
266 {
267 return DSA_security_bits(pkey->pkey.dsa);
268 }
269
270 static int dsa_missing_parameters(const EVP_PKEY *pkey)
271 {
272 DSA *dsa;
273 dsa = pkey->pkey.dsa;
274 if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
275 return 1;
276 return 0;
277 }
278
279 static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
280 {
281 BIGNUM *a;
282
283 if (to->pkey.dsa == NULL) {
284 to->pkey.dsa = DSA_new();
285 if (to->pkey.dsa == NULL)
286 return 0;
287 }
288
289 if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
290 return 0;
291 BN_free(to->pkey.dsa->p);
292 to->pkey.dsa->p = a;
293
294 if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
295 return 0;
296 BN_free(to->pkey.dsa->q);
297 to->pkey.dsa->q = a;
298
299 if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
300 return 0;
301 BN_free(to->pkey.dsa->g);
302 to->pkey.dsa->g = a;
303 return 1;
304 }
305
306 static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
307 {
308 if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
309 BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
310 BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
311 return 0;
312 else
313 return 1;
314 }
315
316 static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
317 {
318 if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
319 return 0;
320 else
321 return 1;
322 }
323
324 static void int_dsa_free(EVP_PKEY *pkey)
325 {
326 DSA_free(pkey->pkey.dsa);
327 }
328
329 static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
330 {
331 int ret = 0;
332 const char *ktype = NULL;
333 const BIGNUM *priv_key, *pub_key;
334
335 if (ptype == 2)
336 priv_key = x->priv_key;
337 else
338 priv_key = NULL;
339
340 if (ptype > 0)
341 pub_key = x->pub_key;
342 else
343 pub_key = NULL;
344
345 if (ptype == 2)
346 ktype = "Private-Key";
347 else if (ptype == 1)
348 ktype = "Public-Key";
349 else
350 ktype = "DSA-Parameters";
351
352 if (priv_key) {
353 if (!BIO_indent(bp, off, 128))
354 goto err;
355 if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
356 <= 0)
357 goto err;
358 }
359
360 if (!ASN1_bn_print(bp, "priv:", priv_key, NULL, off))
361 goto err;
362 if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off))
363 goto err;
364 if (!ASN1_bn_print(bp, "P: ", x->p, NULL, off))
365 goto err;
366 if (!ASN1_bn_print(bp, "Q: ", x->q, NULL, off))
367 goto err;
368 if (!ASN1_bn_print(bp, "G: ", x->g, NULL, off))
369 goto err;
370 ret = 1;
371 err:
372 return ret;
373 }
374
375 static int dsa_param_decode(EVP_PKEY *pkey,
376 const unsigned char **pder, int derlen)
377 {
378 DSA *dsa;
379
380 if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) {
381 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
382 return 0;
383 }
384 EVP_PKEY_assign_DSA(pkey, dsa);
385 return 1;
386 }
387
388 static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
389 {
390 return i2d_DSAparams(pkey->pkey.dsa, pder);
391 }
392
393 static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
394 ASN1_PCTX *ctx)
395 {
396 return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
397 }
398
399 static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
400 ASN1_PCTX *ctx)
401 {
402 return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
403 }
404
405 static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
406 ASN1_PCTX *ctx)
407 {
408 return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
409 }
410
411 static int old_dsa_priv_decode(EVP_PKEY *pkey,
412 const unsigned char **pder, int derlen)
413 {
414 DSA *dsa;
415
416 if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
417 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
418 return 0;
419 }
420 EVP_PKEY_assign_DSA(pkey, dsa);
421 return 1;
422 }
423
424 static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
425 {
426 return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
427 }
428
429 static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
430 const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
431 {
432 DSA_SIG *dsa_sig;
433 const unsigned char *p;
434
435 if (!sig) {
436 if (BIO_puts(bp, "\n") <= 0)
437 return 0;
438 else
439 return 1;
440 }
441 p = sig->data;
442 dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
443 if (dsa_sig) {
444 int rv = 0;
445 const BIGNUM *r, *s;
446
447 DSA_SIG_get0(dsa_sig, &r, &s);
448
449 if (BIO_write(bp, "\n", 1) != 1)
450 goto err;
451
452 if (!ASN1_bn_print(bp, "r: ", r, NULL, indent))
453 goto err;
454 if (!ASN1_bn_print(bp, "s: ", s, NULL, indent))
455 goto err;
456 rv = 1;
457 err:
458 DSA_SIG_free(dsa_sig);
459 return rv;
460 }
461 if (BIO_puts(bp, "\n") <= 0)
462 return 0;
463 return X509_signature_dump(bp, sig, indent);
464 }
465
466 static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
467 {
468 switch (op) {
469 case ASN1_PKEY_CTRL_PKCS7_SIGN:
470 if (arg1 == 0) {
471 int snid, hnid;
472 X509_ALGOR *alg1, *alg2;
473 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
474 if (alg1 == NULL || alg1->algorithm == NULL)
475 return -1;
476 hnid = OBJ_obj2nid(alg1->algorithm);
477 if (hnid == NID_undef)
478 return -1;
479 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
480 return -1;
481 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
482 }
483 return 1;
484 #ifndef OPENSSL_NO_CMS
485 case ASN1_PKEY_CTRL_CMS_SIGN:
486 if (arg1 == 0) {
487 int snid, hnid;
488 X509_ALGOR *alg1, *alg2;
489 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
490 if (alg1 == NULL || alg1->algorithm == NULL)
491 return -1;
492 hnid = OBJ_obj2nid(alg1->algorithm);
493 if (hnid == NID_undef)
494 return -1;
495 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
496 return -1;
497 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
498 }
499 return 1;
500
501 case ASN1_PKEY_CTRL_CMS_RI_TYPE:
502 *(int *)arg2 = CMS_RECIPINFO_NONE;
503 return 1;
504 #endif
505
506 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
507 *(int *)arg2 = NID_sha256;
508 return 1;
509
510 default:
511 return -2;
512
513 }
514
515 }
516
517 /* NB these are sorted in pkey_id order, lowest first */
518
519 const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5] = {
520
521 {
522 EVP_PKEY_DSA2,
523 EVP_PKEY_DSA,
524 ASN1_PKEY_ALIAS},
525
526 {
527 EVP_PKEY_DSA1,
528 EVP_PKEY_DSA,
529 ASN1_PKEY_ALIAS},
530
531 {
532 EVP_PKEY_DSA4,
533 EVP_PKEY_DSA,
534 ASN1_PKEY_ALIAS},
535
536 {
537 EVP_PKEY_DSA3,
538 EVP_PKEY_DSA,
539 ASN1_PKEY_ALIAS},
540
541 {
542 EVP_PKEY_DSA,
543 EVP_PKEY_DSA,
544 0,
545
546 "DSA",
547 "OpenSSL DSA method",
548
549 dsa_pub_decode,
550 dsa_pub_encode,
551 dsa_pub_cmp,
552 dsa_pub_print,
553
554 dsa_priv_decode,
555 dsa_priv_encode,
556 dsa_priv_print,
557
558 int_dsa_size,
559 dsa_bits,
560 dsa_security_bits,
561
562 dsa_param_decode,
563 dsa_param_encode,
564 dsa_missing_parameters,
565 dsa_copy_parameters,
566 dsa_cmp_parameters,
567 dsa_param_print,
568 dsa_sig_print,
569
570 int_dsa_free,
571 dsa_pkey_ctrl,
572 old_dsa_priv_decode,
573 old_dsa_priv_encode}
574 };
A mirror of the official openssl repository