]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/dsa/dsa_sign.c
2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DSA low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
16 #include <openssl/bn.h>
17 #include "internal/cryptlib.h"
18 #include "dsa_local.h"
19 #include "crypto/asn1_dsa.h"
20 #include "crypto/dsa.h"
22 DSA_SIG
*DSA_do_sign(const unsigned char *dgst
, int dlen
, DSA
*dsa
)
24 return dsa
->meth
->dsa_do_sign(dgst
, dlen
, dsa
);
27 #ifndef OPENSSL_NO_DEPRECATED_3_0
28 int DSA_sign_setup(DSA
*dsa
, BN_CTX
*ctx_in
, BIGNUM
**kinvp
, BIGNUM
**rp
)
30 return dsa
->meth
->dsa_sign_setup(dsa
, ctx_in
, kinvp
, rp
);
34 DSA_SIG
*DSA_SIG_new(void)
36 DSA_SIG
*sig
= OPENSSL_zalloc(sizeof(*sig
));
41 void DSA_SIG_free(DSA_SIG
*sig
)
45 BN_clear_free(sig
->r
);
46 BN_clear_free(sig
->s
);
50 DSA_SIG
*d2i_DSA_SIG(DSA_SIG
**psig
, const unsigned char **ppin
, long len
)
56 if (psig
!= NULL
&& *psig
!= NULL
) {
67 if (sig
->r
== NULL
|| sig
->s
== NULL
68 || ossl_decode_der_dsa_sig(sig
->r
, sig
->s
, ppin
, (size_t)len
) == 0) {
69 if (psig
== NULL
|| *psig
== NULL
)
73 if (psig
!= NULL
&& *psig
== NULL
)
78 int i2d_DSA_SIG(const DSA_SIG
*sig
, unsigned char **ppout
)
85 if (!WPACKET_init_null(&pkt
, 0))
87 } else if (*ppout
== NULL
) {
88 if ((buf
= BUF_MEM_new()) == NULL
89 || !WPACKET_init_len(&pkt
, buf
, 0)) {
94 if (!WPACKET_init_static_len(&pkt
, *ppout
, SIZE_MAX
, 0))
98 if (!ossl_encode_der_dsa_sig(&pkt
, sig
->r
, sig
->s
)
99 || !WPACKET_get_total_written(&pkt
, &encoded_len
)
100 || !WPACKET_finish(&pkt
)) {
102 WPACKET_cleanup(&pkt
);
107 if (*ppout
== NULL
) {
108 *ppout
= (unsigned char *)buf
->data
;
112 *ppout
+= encoded_len
;
116 return (int)encoded_len
;
119 int DSA_size(const DSA
*dsa
)
124 if (dsa
->params
.q
!= NULL
) {
125 sig
.r
= sig
.s
= dsa
->params
.q
;
126 ret
= i2d_DSA_SIG(&sig
, NULL
);
134 void DSA_SIG_get0(const DSA_SIG
*sig
, const BIGNUM
**pr
, const BIGNUM
**ps
)
142 int DSA_SIG_set0(DSA_SIG
*sig
, BIGNUM
*r
, BIGNUM
*s
)
144 if (r
== NULL
|| s
== NULL
)
146 BN_clear_free(sig
->r
);
147 BN_clear_free(sig
->s
);
153 int ossl_dsa_sign_int(int type
, const unsigned char *dgst
, int dlen
,
154 unsigned char *sig
, unsigned int *siglen
, DSA
*dsa
,
155 unsigned int nonce_type
, const char *digestname
,
156 OSSL_LIB_CTX
*libctx
, const char *propq
)
160 /* legacy case uses the method table */
161 if (dsa
->libctx
== NULL
|| dsa
->meth
!= DSA_get_default_method())
162 s
= DSA_do_sign(dgst
, dlen
, dsa
);
164 s
= ossl_dsa_do_sign_int(dgst
, dlen
, dsa
,
165 nonce_type
, digestname
, libctx
, propq
);
170 *siglen
= i2d_DSA_SIG(s
, sig
!= NULL
? &sig
: NULL
);
175 int DSA_sign(int type
, const unsigned char *dgst
, int dlen
,
176 unsigned char *sig
, unsigned int *siglen
, DSA
*dsa
)
178 return ossl_dsa_sign_int(type
, dgst
, dlen
, sig
, siglen
, dsa
,
179 0, NULL
, NULL
, NULL
);
182 /* data has already been hashed (probably with SHA or SHA-1). */
185 * 1: correct signature
186 * 0: incorrect signature
189 int DSA_verify(int type
, const unsigned char *dgst
, int dgst_len
,
190 const unsigned char *sigbuf
, int siglen
, DSA
*dsa
)
193 const unsigned char *p
= sigbuf
;
194 unsigned char *der
= NULL
;
201 if (d2i_DSA_SIG(&s
, &p
, siglen
) == NULL
)
203 /* Ensure signature uses DER and doesn't have trailing garbage */
204 derlen
= i2d_DSA_SIG(s
, &der
);
205 if (derlen
!= siglen
|| memcmp(sigbuf
, der
, derlen
))
207 ret
= DSA_do_verify(dgst
, dgst_len
, s
, dsa
);
209 OPENSSL_clear_free(der
, derlen
);