From: Niels Möller Date: Tue, 25 Mar 2014 15:38:55 +0000 (+0100) Subject: Moved old interface to dsa-compat.h. Killed struct dsa_value. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b8b9db2deca4a83c8bac28e5884f40e326bd1d8e;p=thirdparty%2Fnettle.git Moved old interface to dsa-compat.h. Killed struct dsa_value. --- diff --git a/ChangeLog b/ChangeLog index de5d37e0..92c70aae 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,18 @@ +2014-03-25 Niels Möller + + * dsa.h: Deleted old interface (moved to dsa-compat.h). + (struct dsa_value): Deleted. Updated many files. + + * Makefile.in (hogweed_SOURCES): Add dsa-compat.c and + dsa-compat-keygen.c, remove dsa-keygen-old.c. + (HEADERS): Add dsa-compat.h. + + * dsa-compat.c: New file. + * dsa-compat.h: New file. Include in corresponding C files. + + * dsa-compat-keygen.c: Renamed file, ... + * dsa-keygen-old.c: ... old name. + 2014-03-11 Niels Möller * examples/hogweed-benchmark.c: Update dsa benchmarking to use new diff --git a/Makefile.in b/Makefile.in index 0ae8d297..b3d4bad9 100644 --- a/Makefile.in +++ b/Makefile.in @@ -130,8 +130,8 @@ hogweed_SOURCES = sexp.c sexp-format.c \ rsa-keygen.c rsa-compat.c rsa-blind.c \ rsa2sexp.c sexp2rsa.c \ dsa.c dsa-gen-params.c \ - dsa-sign.c dsa-verify.c dsa-keygen.c dsa-keygen-old.c \ - dsa-hash.c \ + dsa-hash.c dsa-sign.c dsa-verify.c dsa-keygen.c \ + dsa-compat.c dsa-compat-keygen.c \ dsa-sha1-sign.c dsa-sha1-verify.c \ dsa-sha256-sign.c dsa-sha256-verify.c \ dsa2sexp.c sexp2dsa.c \ @@ -152,7 +152,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ HEADERS = aes.h arcfour.h arctwo.h asn1.h bignum.h blowfish.h \ base16.h base64.h buffer.h camellia.h cast128.h \ cbc.h ctr.h \ - des.h des-compat.h dsa.h eax.h ecc-curve.h ecc.h ecdsa.h \ + des.h des-compat.h dsa.h dsa-compat.h eax.h ecc-curve.h ecc.h ecdsa.h \ gcm.h gosthash94.h hmac.h \ knuth-lfib.h \ macros.h \ diff --git a/der2dsa.c b/der2dsa.c index 83df2bc4..dba89f77 100644 --- a/der2dsa.c +++ b/der2dsa.c @@ -69,23 +69,24 @@ dsa_params_from_der_iterator(struct dsa_params *params, } int -dsa_public_key_from_der_iterator(struct dsa_value *pub, +dsa_public_key_from_der_iterator(const struct dsa_params *params, + mpz_t pub, struct asn1_der_iterator *i) { /* DSAPublicKey ::= INTEGER */ return (i->type == ASN1_INTEGER - && asn1_der_get_bignum(i, pub->x, - mpz_sizeinbase (pub->params->p, 2)) - && mpz_sgn(pub->x) > 0 - && mpz_cmp(pub->x, pub->params->p) < 0); + && asn1_der_get_bignum(i, pub, + mpz_sizeinbase (params->p, 2)) + && mpz_sgn(pub) > 0 + && mpz_cmp(pub, params->p) < 0); } int dsa_openssl_private_key_from_der_iterator(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, struct asn1_der_iterator *i) { @@ -101,8 +102,6 @@ dsa_openssl_private_key_from_der_iterator(struct dsa_params *params, uint32_t version; - assert (pub->params == params); - assert (priv->params == params); if (i->type == ASN1_SEQUENCE && asn1_der_decode_constructed_last(i) == ASN1_ITERATOR_PRIMITIVE && i->type == ASN1_INTEGER @@ -114,9 +113,9 @@ dsa_openssl_private_key_from_der_iterator(struct dsa_params *params, return (GET(i, params->q, DSA_SHA1_Q_BITS) && GET(i, params->g, p_bits) && mpz_cmp (params->g, params->p) < 0 - && GET(i, pub->x, p_bits) - && mpz_cmp (pub->x, params->p) < 0 - && GET(i, priv->x, DSA_SHA1_Q_BITS) + && GET(i, pub, p_bits) + && mpz_cmp (pub, params->p) < 0 + && GET(i, priv, DSA_SHA1_Q_BITS) && asn1_der_iterator_next(i) == ASN1_ITERATOR_END); } else @@ -125,8 +124,8 @@ dsa_openssl_private_key_from_der_iterator(struct dsa_params *params, int dsa_openssl_private_key_from_der(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, size_t length, const uint8_t *data) { diff --git a/dsa-keygen-old.c b/dsa-compat-keygen.c similarity index 74% rename from dsa-keygen-old.c rename to dsa-compat-keygen.c index 213739a0..5668bc8d 100644 --- a/dsa-keygen-old.c +++ b/dsa-compat-keygen.c @@ -1,4 +1,4 @@ -/* dsa-keygen.c +/* dsa-compat-keygen.c * * Generation of DSA keypairs */ @@ -30,7 +30,7 @@ #include #include -#include "dsa.h" +#include "dsa-compat.h" #include "bignum.h" @@ -38,16 +38,14 @@ /* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224), (2048, 256), (3072, 256). */ int -dsa_generate_keypair_old(struct dsa_public_key *pub, - struct dsa_private_key *key, - void *random_ctx, nettle_random_func *random, - void *progress_ctx, nettle_progress_func *progress, - unsigned p_bits, unsigned q_bits) +dsa_compat_generate_keypair(struct dsa_public_key *pub, + struct dsa_private_key *key, + void *random_ctx, nettle_random_func *random, + void *progress_ctx, nettle_progress_func *progress, + unsigned p_bits, unsigned q_bits) { struct dsa_params *params; - struct dsa_value vpub; - struct dsa_value vkey; - + switch (q_bits) { case 160: @@ -72,15 +70,7 @@ dsa_generate_keypair_old(struct dsa_public_key *pub, p_bits, q_bits)) return 0; - dsa_value_init (&vpub, params); - dsa_value_init (&vkey, params); - - dsa_generate_keypair (&vpub, &vkey, random_ctx, random); - mpz_swap (pub->y, vpub.x); - mpz_swap (key->x, vkey.x); - - dsa_value_clear (&vpub); - dsa_value_clear (&vkey); + dsa_generate_keypair_new (params, pub->y, key->x, random_ctx, random); return 1; } diff --git a/dsa-compat.c b/dsa-compat.c new file mode 100644 index 00000000..35e309e2 --- /dev/null +++ b/dsa-compat.c @@ -0,0 +1,58 @@ +/* dsa-compat.c + * + * The DSA publickey algorithm, old interface. + */ + + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2002 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02111-1301, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include "dsa-compat.h" + +void +dsa_public_key_init(struct dsa_public_key *key) +{ + dsa_params_init ((struct dsa_params *) key); + mpz_init(key->y); +} + +void +dsa_public_key_clear(struct dsa_public_key *key) +{ + dsa_params_clear ((struct dsa_params *) key); + mpz_clear(key->y); +} + + +void +dsa_private_key_init(struct dsa_private_key *key) +{ + mpz_init(key->x); +} + +void +dsa_private_key_clear(struct dsa_private_key *key) +{ + mpz_clear(key->x); +} diff --git a/dsa-compat.h b/dsa-compat.h new file mode 100644 index 00000000..427c15d8 --- /dev/null +++ b/dsa-compat.h @@ -0,0 +1,176 @@ +/* dsa-compat.h + * + * Old DSA publickey interface. + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2002, 2013, 2014 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02111-1301, USA. + */ + +#ifndef NETTLE_DSA_COMPAT_H_INCLUDED +#define NETTLE_DSA_COMPAT_H_INCLUDED + +#include "dsa.h" + +#include "sha1.h" +#include "sha2.h" + +/* Name mangling */ +#define dsa_public_key_init nettle_dsa_public_key_init +#define dsa_public_key_clear nettle_dsa_public_key_clear +#define dsa_private_key_init nettle_dsa_private_key_init +#define dsa_private_key_clear nettle_dsa_private_key_clear +#define dsa_sha1_sign nettle_dsa_sha1_sign +#define dsa_sha1_verify nettle_dsa_sha1_verify +#define dsa_sha256_sign nettle_dsa_sha256_sign +#define dsa_sha256_verify nettle_dsa_sha256_verify +#define dsa_sha1_sign_digest nettle_dsa_sha1_sign_digest +#define dsa_sha1_verify_digest nettle_dsa_sha1_verify_digest +#define dsa_sha256_sign_digest nettle_dsa_sha256_sign_digest +#define dsa_sha256_verify_digest nettle_dsa_sha256_verify_digest +#define dsa_compat_generate_keypair nettle_dsa_compat_generate_keypair + +/* Switch meaning of dsa_generate_keypair */ +#undef dsa_generate_keypair +#define dsa_generate_keypair nettle_dsa_compat_generate_keypair +#define dsa_generate_keypair_new nettle_dsa_generate_keypair + +#ifdef __cplusplus +extern "C" { +#endif + +struct dsa_public_key +{ + /* Same as struct dsa_params, but can't use that struct here without + breaking backwards compatibility. Layout must be identical, since + this is cast to a struct dsa_param pointer for calling _dsa_sign + and _dsa_verify */ + mpz_t p; + mpz_t q; + mpz_t g; + + /* Public value */ + mpz_t y; +}; + +struct dsa_private_key +{ + /* Unlike an rsa public key, private key operations will need both + * the private and the public information. */ + mpz_t x; +}; + +/* Signing a message works as follows: + * + * Store the private key in a dsa_private_key struct. + * + * Initialize a hashing context, by callling + * sha1_init + * + * Hash the message by calling + * sha1_update + * + * Create the signature by calling + * dsa_sha1_sign + * + * The signature is represented as a struct dsa_signature. This call also + * resets the hashing context. + * + * When done with the key and signature, don't forget to call + * dsa_signature_clear. + */ + +/* Calls mpz_init to initialize bignum storage. */ +void +dsa_public_key_init(struct dsa_public_key *key); + +/* Calls mpz_clear to deallocate bignum storage. */ +void +dsa_public_key_clear(struct dsa_public_key *key); + + +/* Calls mpz_init to initialize bignum storage. */ +void +dsa_private_key_init(struct dsa_private_key *key); + +/* Calls mpz_clear to deallocate bignum storage. */ +void +dsa_private_key_clear(struct dsa_private_key *key); + +int +dsa_sha1_sign(const struct dsa_public_key *pub, + const struct dsa_private_key *key, + void *random_ctx, nettle_random_func *random, + struct sha1_ctx *hash, + struct dsa_signature *signature); + +int +dsa_sha256_sign(const struct dsa_public_key *pub, + const struct dsa_private_key *key, + void *random_ctx, nettle_random_func *random, + struct sha256_ctx *hash, + struct dsa_signature *signature); + +int +dsa_sha1_verify(const struct dsa_public_key *key, + struct sha1_ctx *hash, + const struct dsa_signature *signature); + +int +dsa_sha256_verify(const struct dsa_public_key *key, + struct sha256_ctx *hash, + const struct dsa_signature *signature); + +int +dsa_sha1_sign_digest(const struct dsa_public_key *pub, + const struct dsa_private_key *key, + void *random_ctx, nettle_random_func *random, + const uint8_t *digest, + struct dsa_signature *signature); +int +dsa_sha256_sign_digest(const struct dsa_public_key *pub, + const struct dsa_private_key *key, + void *random_ctx, nettle_random_func *random, + const uint8_t *digest, + struct dsa_signature *signature); + +int +dsa_sha1_verify_digest(const struct dsa_public_key *key, + const uint8_t *digest, + const struct dsa_signature *signature); + +int +dsa_sha256_verify_digest(const struct dsa_public_key *key, + const uint8_t *digest, + const struct dsa_signature *signature); + +/* Key generation */ +int +dsa_generate_keypair(struct dsa_public_key *pub, + struct dsa_private_key *key, + + void *random_ctx, nettle_random_func *random, + void *progress_ctx, nettle_progress_func *progress, + unsigned p_bits, unsigned q_bits); + +#ifdef __cplusplus +} +#endif + +#endif /* NETTLE_DSA_COMPAT_H_INCLUDED */ diff --git a/dsa-keygen.c b/dsa-keygen.c index 0b82d422..4e432c2d 100644 --- a/dsa-keygen.c +++ b/dsa-keygen.c @@ -27,7 +27,6 @@ # include "config.h" #endif -#include #include #include "dsa.h" @@ -39,22 +38,18 @@ (2048, 256), (3072, 256). Currenty, we use only q_bits of 160 or 256. */ void -dsa_generate_keypair (struct dsa_value *pub, - struct dsa_value *key, +dsa_generate_keypair (const struct dsa_params *params, + mpz_t pub, mpz_t key, void *random_ctx, nettle_random_func *random) { - const struct dsa_params *params; mpz_t r; - assert (pub->params == key->params); - params = pub->params; - mpz_init_set(r, params->q); mpz_sub_ui(r, r, 2); - nettle_mpz_random(key->x, random_ctx, random, r); + nettle_mpz_random(key, random_ctx, random, r); - mpz_add_ui(key->x, key->x, 1); - mpz_powm(pub->x, params->g, key->x, params->p); + mpz_add_ui(key, key, 1); + mpz_powm(pub, params->g, key, params->p); mpz_clear (r); } diff --git a/dsa-sha1-sign.c b/dsa-sha1-sign.c index 28843889..7b831d07 100644 --- a/dsa-sha1-sign.c +++ b/dsa-sha1-sign.c @@ -27,7 +27,7 @@ # include "config.h" #endif -#include "dsa.h" +#include "dsa-compat.h" int dsa_sha1_sign_digest(const struct dsa_public_key *pub, @@ -36,9 +36,9 @@ dsa_sha1_sign_digest(const struct dsa_public_key *pub, const uint8_t *digest, struct dsa_signature *signature) { - return _dsa_sign((const struct dsa_params *) pub, key->x, - random_ctx, random, - SHA1_DIGEST_SIZE, digest, signature); + return dsa_sign((const struct dsa_params *) pub, key->x, + random_ctx, random, + SHA1_DIGEST_SIZE, digest, signature); } @@ -52,7 +52,7 @@ dsa_sha1_sign(const struct dsa_public_key *pub, uint8_t digest[SHA1_DIGEST_SIZE]; sha1_digest(hash, sizeof(digest), digest); - return _dsa_sign((const struct dsa_params *) pub, key->x, - random_ctx, random, - sizeof(digest), digest, signature); + return dsa_sign((const struct dsa_params *) pub, key->x, + random_ctx, random, + sizeof(digest), digest, signature); } diff --git a/dsa-sha1-verify.c b/dsa-sha1-verify.c index f6767a85..44046a54 100644 --- a/dsa-sha1-verify.c +++ b/dsa-sha1-verify.c @@ -27,17 +27,15 @@ # include "config.h" #endif -#include - -#include "dsa.h" +#include "dsa-compat.h" int dsa_sha1_verify_digest(const struct dsa_public_key *key, const uint8_t *digest, const struct dsa_signature *signature) { - return _dsa_verify((const struct dsa_params *) key, key->y, - SHA1_DIGEST_SIZE, digest, signature); + return dsa_verify((const struct dsa_params *) key, key->y, + SHA1_DIGEST_SIZE, digest, signature); } int @@ -48,6 +46,6 @@ dsa_sha1_verify(const struct dsa_public_key *key, uint8_t digest[SHA1_DIGEST_SIZE]; sha1_digest(hash, sizeof(digest), digest); - return _dsa_verify((const struct dsa_params *) key, key->y, - sizeof(digest), digest, signature); + return dsa_verify((const struct dsa_params *) key, key->y, + sizeof(digest), digest, signature); } diff --git a/dsa-sha256-sign.c b/dsa-sha256-sign.c index 56f5d2f7..cb187fcf 100644 --- a/dsa-sha256-sign.c +++ b/dsa-sha256-sign.c @@ -27,7 +27,7 @@ # include "config.h" #endif -#include "dsa.h" +#include "dsa-compat.h" int dsa_sha256_sign_digest(const struct dsa_public_key *pub, @@ -36,9 +36,9 @@ dsa_sha256_sign_digest(const struct dsa_public_key *pub, const uint8_t *digest, struct dsa_signature *signature) { - return _dsa_sign((const struct dsa_params *) pub, key->x, - random_ctx, random, - SHA256_DIGEST_SIZE, digest, signature); + return dsa_sign((const struct dsa_params *) pub, key->x, + random_ctx, random, + SHA256_DIGEST_SIZE, digest, signature); } int @@ -51,7 +51,7 @@ dsa_sha256_sign(const struct dsa_public_key *pub, uint8_t digest[SHA256_DIGEST_SIZE]; sha256_digest(hash, sizeof(digest), digest); - return _dsa_sign((const struct dsa_params *) pub, key->x, - random_ctx, random, - sizeof(digest), digest, signature); + return dsa_sign((const struct dsa_params *) pub, key->x, + random_ctx, random, + sizeof(digest), digest, signature); } diff --git a/dsa-sha256-verify.c b/dsa-sha256-verify.c index 231e5ae5..a9c64cde 100644 --- a/dsa-sha256-verify.c +++ b/dsa-sha256-verify.c @@ -27,17 +27,15 @@ # include "config.h" #endif -#include - -#include "dsa.h" +#include "dsa-compat.h" int dsa_sha256_verify_digest(const struct dsa_public_key *key, const uint8_t *digest, const struct dsa_signature *signature) { - return _dsa_verify((const struct dsa_params *) key, key->y, - SHA256_DIGEST_SIZE, digest, signature); + return dsa_verify((const struct dsa_params *) key, key->y, + SHA256_DIGEST_SIZE, digest, signature); } int @@ -48,6 +46,6 @@ dsa_sha256_verify(const struct dsa_public_key *key, uint8_t digest[SHA256_DIGEST_SIZE]; sha256_digest(hash, sizeof(digest), digest); - return _dsa_verify((const struct dsa_params *) key, key->y, - sizeof(digest), digest, signature); + return dsa_verify((const struct dsa_params *) key, key->y, + sizeof(digest), digest, signature); } diff --git a/dsa-sign.c b/dsa-sign.c index ba54ea0a..d8f67e50 100644 --- a/dsa-sign.c +++ b/dsa-sign.c @@ -36,12 +36,12 @@ int -_dsa_sign(const struct dsa_params *params, - const mpz_t key, - void *random_ctx, nettle_random_func *random, - size_t digest_size, - const uint8_t *digest, - struct dsa_signature *signature) +dsa_sign(const struct dsa_params *params, + const mpz_t key, + void *random_ctx, nettle_random_func *random, + size_t digest_size, + const uint8_t *digest, + struct dsa_signature *signature) { mpz_t k; mpz_t h; @@ -85,15 +85,3 @@ _dsa_sign(const struct dsa_params *params, return res; } - -int -dsa_sign(const struct dsa_value *key, - void *random_ctx, nettle_random_func *random, - size_t digest_size, - const uint8_t *digest, - struct dsa_signature *signature) -{ - return _dsa_sign (key->params, key->x, - random_ctx, random, - digest_size, digest, signature); -} diff --git a/dsa-verify.c b/dsa-verify.c index e56ed661..5248f361 100644 --- a/dsa-verify.c +++ b/dsa-verify.c @@ -34,7 +34,7 @@ #include "bignum.h" int -_dsa_verify(const struct dsa_params *params, +dsa_verify(const struct dsa_params *params, const mpz_t key, size_t digest_size, const uint8_t *digest, @@ -97,14 +97,3 @@ _dsa_verify(const struct dsa_params *params, return res; } - -int -dsa_verify(const struct dsa_value *pub, - size_t digest_size, - const uint8_t *digest, - const struct dsa_signature *signature) -{ - return _dsa_verify (pub->params, pub->x, - digest_size, digest, - signature); -} diff --git a/dsa.c b/dsa.c index fc574ff9..8b07c177 100644 --- a/dsa.c +++ b/dsa.c @@ -1,4 +1,4 @@ -/* dsa.h +/* dsa.c * * The DSA publickey algorithm. */ @@ -47,47 +47,6 @@ dsa_params_clear (struct dsa_params *params) mpz_clear(params->g); } -void -dsa_value_init (struct dsa_value *value, const struct dsa_params *params) -{ - value->params = params; - mpz_init (value->x); -} - -void -dsa_value_clear (struct dsa_value *value) -{ - mpz_clear (value->x); -} - -void -dsa_public_key_init(struct dsa_public_key *key) -{ - dsa_params_init ((struct dsa_params *) key); - mpz_init(key->y); -} - -void -dsa_public_key_clear(struct dsa_public_key *key) -{ - dsa_params_clear ((struct dsa_params *) key); - mpz_clear(key->y); -} - - -void -dsa_private_key_init(struct dsa_private_key *key) -{ - mpz_init(key->x); -} - -void -dsa_private_key_clear(struct dsa_private_key *key) -{ - mpz_clear(key->x); -} - - void dsa_signature_init(struct dsa_signature *signature) { diff --git a/dsa.h b/dsa.h index 24707902..b43ef1f5 100644 --- a/dsa.h +++ b/dsa.h @@ -30,9 +30,6 @@ #include "nettle-types.h" -#include "sha1.h" -#include "sha2.h" - #ifdef __cplusplus extern "C" { #endif @@ -40,29 +37,12 @@ extern "C" { /* Name mangling */ #define dsa_params_init nettle_dsa_params_init #define dsa_params_clear nettle_dsa_params_clear -#define dsa_value_init nettle_dsa_value_init -#define dsa_value_clear nettle_dsa_value_clear -#define dsa_public_key_init nettle_dsa_public_key_init -#define dsa_public_key_clear nettle_dsa_public_key_clear -#define dsa_private_key_init nettle_dsa_private_key_init -#define dsa_private_key_clear nettle_dsa_private_key_clear #define dsa_signature_init nettle_dsa_signature_init #define dsa_signature_clear nettle_dsa_signature_clear -#define dsa_sha1_sign nettle_dsa_sha1_sign -#define dsa_sha1_verify nettle_dsa_sha1_verify -#define dsa_sha256_sign nettle_dsa_sha256_sign -#define dsa_sha256_verify nettle_dsa_sha256_verify #define dsa_sign nettle_dsa_sign #define dsa_verify nettle_dsa_verify -#define _dsa_sign _nettle_dsa_sign -#define _dsa_verify _nettle_dsa_verify -#define dsa_sha1_sign_digest nettle_dsa_sha1_sign_digest -#define dsa_sha1_verify_digest nettle_dsa_sha1_verify_digest -#define dsa_sha256_sign_digest nettle_dsa_sha256_sign_digest -#define dsa_sha256_verify_digest nettle_dsa_sha256_verify_digest #define dsa_generate_params nettle_dsa_generate_params #define dsa_generate_keypair nettle_dsa_generate_keypair -#define dsa_generate_keypair_old nettle_dsa_generate_keypair_old #define dsa_signature_from_sexp nettle_dsa_signature_from_sexp #define dsa_keypair_to_sexp nettle_dsa_keypair_to_sexp #define dsa_keypair_from_sexp_alist nettle_dsa_keypair_from_sexp_alist @@ -102,26 +82,12 @@ struct dsa_signature mpz_t s; }; -struct dsa_value -{ - const struct dsa_params *params; - /* For private keys, represents an exponent (0 < x < q). For public - keys, represents a group element, 0 < x < p) */ - mpz_t x; -}; - void dsa_params_init (struct dsa_params *params); void dsa_params_clear (struct dsa_params *params); -void -dsa_value_init (struct dsa_value *value, const struct dsa_params *params); - -void -dsa_value_clear (struct dsa_value *value); - /* Calls mpz_init to initialize bignum storage. */ void dsa_signature_init(struct dsa_signature *signature); @@ -131,14 +97,16 @@ void dsa_signature_clear(struct dsa_signature *signature); int -dsa_sign(const struct dsa_value *key, +dsa_sign(const struct dsa_params *params, + const mpz_t priv, void *random_ctx, nettle_random_func *random, size_t digest_size, const uint8_t *digest, struct dsa_signature *signature); int -dsa_verify(const struct dsa_value *pub, +dsa_verify(const struct dsa_params *params, + const mpz_t pub, size_t digest_size, const uint8_t *digest, const struct dsa_signature *signature); @@ -150,8 +118,8 @@ dsa_generate_params (struct dsa_params *params, unsigned p_bits, unsigned q_bits); void -dsa_generate_keypair (struct dsa_value *pub, - struct dsa_value *key, +dsa_generate_keypair (const struct dsa_params *params, + mpz_t pub, mpz_t key, void *random_ctx, nettle_random_func *random); @@ -163,8 +131,9 @@ struct nettle_buffer; int dsa_keypair_to_sexp(struct nettle_buffer *buffer, const char *algorithm_name, /* NULL means "dsa" */ - const struct dsa_value *pub, - const struct dsa_value *priv); + const struct dsa_params *params, + const mpz_t pub, + const mpz_t priv); struct sexp_iterator; @@ -175,8 +144,8 @@ dsa_signature_from_sexp(struct dsa_signature *rs, int dsa_keypair_from_sexp_alist(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned max_bits, unsigned q_bits, struct sexp_iterator *i); @@ -187,15 +156,15 @@ dsa_keypair_from_sexp_alist(struct dsa_params *params, /* Keys must be initialized before calling this function, as usual. */ int dsa_sha1_keypair_from_sexp(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, size_t length, const uint8_t *expr); int dsa_sha256_keypair_from_sexp(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, size_t length, const uint8_t *expr); @@ -207,20 +176,21 @@ dsa_params_from_der_iterator(struct dsa_params *params, unsigned max_bits, unsigned q_bits, struct asn1_der_iterator *i); int -dsa_public_key_from_der_iterator(struct dsa_value *pub, +dsa_public_key_from_der_iterator(const struct dsa_params *params, + mpz_t pub, struct asn1_der_iterator *i); int dsa_openssl_private_key_from_der_iterator(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, struct asn1_der_iterator *i); int dsa_openssl_private_key_from_der(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, size_t length, const uint8_t *data); @@ -230,138 +200,6 @@ void _dsa_hash (mpz_t h, unsigned bit_size, size_t length, const uint8_t *digest); -int -_dsa_sign(const struct dsa_params *params, - const mpz_t key, - void *random_ctx, nettle_random_func *random, - size_t digest_size, - const uint8_t *digest, - struct dsa_signature *signature); - -int -_dsa_verify(const struct dsa_params *params, - const mpz_t pub, - size_t digest_size, - const uint8_t *digest, - const struct dsa_signature *signature); - -/* Old nettle interface, kept for backwards compatibility */ - -struct dsa_public_key -{ - /* Same as struct dsa_params, but can't use that struct here without - breaking backwards compatibility. Layout must be identical, since - this is cast to a struct dsa_param pointer for calling _dsa_sign - and _dsa_verify */ - mpz_t p; - mpz_t q; - mpz_t g; - - /* Public value */ - mpz_t y; -}; - -struct dsa_private_key -{ - /* Unlike an rsa public key, private key operations will need both - * the private and the public information. */ - mpz_t x; -}; - -/* Signing a message works as follows: - * - * Store the private key in a dsa_private_key struct. - * - * Initialize a hashing context, by callling - * sha1_init - * - * Hash the message by calling - * sha1_update - * - * Create the signature by calling - * dsa_sha1_sign - * - * The signature is represented as a struct dsa_signature. This call also - * resets the hashing context. - * - * When done with the key and signature, don't forget to call - * dsa_signature_clear. - */ - -/* Calls mpz_init to initialize bignum storage. */ -void -dsa_public_key_init(struct dsa_public_key *key); - -/* Calls mpz_clear to deallocate bignum storage. */ -void -dsa_public_key_clear(struct dsa_public_key *key); - - -/* Calls mpz_init to initialize bignum storage. */ -void -dsa_private_key_init(struct dsa_private_key *key); - -/* Calls mpz_clear to deallocate bignum storage. */ -void -dsa_private_key_clear(struct dsa_private_key *key); - -int -dsa_sha1_sign(const struct dsa_public_key *pub, - const struct dsa_private_key *key, - void *random_ctx, nettle_random_func *random, - struct sha1_ctx *hash, - struct dsa_signature *signature); - -int -dsa_sha256_sign(const struct dsa_public_key *pub, - const struct dsa_private_key *key, - void *random_ctx, nettle_random_func *random, - struct sha256_ctx *hash, - struct dsa_signature *signature); - -int -dsa_sha1_verify(const struct dsa_public_key *key, - struct sha1_ctx *hash, - const struct dsa_signature *signature); - -int -dsa_sha256_verify(const struct dsa_public_key *key, - struct sha256_ctx *hash, - const struct dsa_signature *signature); - -int -dsa_sha1_sign_digest(const struct dsa_public_key *pub, - const struct dsa_private_key *key, - void *random_ctx, nettle_random_func *random, - const uint8_t *digest, - struct dsa_signature *signature); -int -dsa_sha256_sign_digest(const struct dsa_public_key *pub, - const struct dsa_private_key *key, - void *random_ctx, nettle_random_func *random, - const uint8_t *digest, - struct dsa_signature *signature); - -int -dsa_sha1_verify_digest(const struct dsa_public_key *key, - const uint8_t *digest, - const struct dsa_signature *signature); - -int -dsa_sha256_verify_digest(const struct dsa_public_key *key, - const uint8_t *digest, - const struct dsa_signature *signature); - -/* Key generation */ - -int -dsa_generate_keypair_old(struct dsa_public_key *pub, - struct dsa_private_key *key, - - void *random_ctx, nettle_random_func *random, - void *progress_ctx, nettle_progress_func *progress, - unsigned p_bits, unsigned q_bits); - #ifdef __cplusplus } #endif diff --git a/dsa2sexp.c b/dsa2sexp.c index 45cbb2e2..a9ba0d15 100644 --- a/dsa2sexp.c +++ b/dsa2sexp.c @@ -35,26 +35,25 @@ int dsa_keypair_to_sexp(struct nettle_buffer *buffer, const char *algorithm_name, - const struct dsa_value *pub, - const struct dsa_value *priv) + const struct dsa_params *params, + const mpz_t pub, + const mpz_t priv) { - const struct dsa_params *params = pub->params; if (!algorithm_name) algorithm_name = "dsa"; if (priv) { - assert (priv->params == params); return sexp_format(buffer, "(private-key(%0s(p%b)(q%b)" "(g%b)(y%b)(x%b)))", algorithm_name, params->p, params->q, - params->g, pub->x, priv->x); + params->g, pub, priv); } else return sexp_format(buffer, "(public-key(%0s(p%b)(q%b)" "(g%b)(y%b)))", algorithm_name, params->p, params->q, - params->g, pub->x); + params->g, pub); } diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c index 3f57a5db..5f2caa16 100644 --- a/examples/hogweed-benchmark.c +++ b/examples/hogweed-benchmark.c @@ -266,8 +266,8 @@ bench_rsa_clear (void *p) struct dsa_ctx { struct dsa_params params; - struct dsa_value pub; - struct dsa_value key; + mpz_t pub; + mpz_t key; struct knuth_lfib_ctx lfib; struct dsa_signature s; uint8_t *digest; @@ -294,8 +294,8 @@ bench_dsa_init (unsigned size) ctx = xalloc(sizeof(*ctx)); dsa_params_init (&ctx->params); - dsa_value_init (&ctx->pub, &ctx->params); - dsa_value_init (&ctx->key, &ctx->params); + mpz_init (ctx->pub); + mpz_init (ctx->key); dsa_signature_init (&ctx->s); knuth_lfib_init (&ctx->lfib, 1); @@ -305,12 +305,12 @@ bench_dsa_init (unsigned size) if (! (sexp_transport_iterator_first (&i, sizeof(dsa1024) - 1, dsa1024) && sexp_iterator_check_type (&i, "private-key") && sexp_iterator_check_type (&i, "dsa") - && dsa_keypair_from_sexp_alist (&ctx->params, &ctx->pub, &ctx->key, 0, DSA_SHA1_Q_BITS, &i)) ) + && dsa_keypair_from_sexp_alist (&ctx->params, ctx->pub, ctx->key, 0, DSA_SHA1_Q_BITS, &i)) ) die ("Internal error.\n"); ctx->digest = hash_string (&nettle_sha1, 3, "foo"); - dsa_sign (&ctx->key, + dsa_sign (&ctx->params, ctx->key, &ctx->lfib, (nettle_random_func *)knuth_lfib_random, SHA1_DIGEST_SIZE, ctx->digest, &ctx->s); @@ -324,7 +324,7 @@ bench_dsa_sign (void *p) struct dsa_signature s; dsa_signature_init (&s); - dsa_sign (&ctx->key, + dsa_sign (&ctx->params, ctx->key, &ctx->lfib, (nettle_random_func *)knuth_lfib_random, SHA1_DIGEST_SIZE, ctx->digest, &s); dsa_signature_clear (&s); @@ -334,7 +334,7 @@ static void bench_dsa_verify (void *p) { struct dsa_ctx *ctx = p; - if (! dsa_verify (&ctx->pub, SHA1_DIGEST_SIZE, ctx->digest, &ctx->s)) + if (! dsa_verify (&ctx->params, ctx->pub, SHA1_DIGEST_SIZE, ctx->digest, &ctx->s)) die ("Internal error, dsa_sha1_verify_digest failed.\n"); } @@ -342,9 +342,9 @@ static void bench_dsa_clear (void *p) { struct dsa_ctx *ctx = p; - dsa_value_clear (&ctx->pub); - dsa_value_clear (&ctx->key); dsa_params_clear (&ctx->params); + mpz_clear (ctx->pub); + mpz_clear (ctx->key); dsa_signature_clear (&ctx->s); free (ctx->digest); free (ctx); diff --git a/sexp2dsa.c b/sexp2dsa.c index de7f6b73..82614b99 100644 --- a/sexp2dsa.c +++ b/sexp2dsa.c @@ -49,8 +49,8 @@ do { \ int dsa_keypair_from_sexp_alist(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, unsigned q_bits, struct sexp_iterator *i) @@ -60,7 +60,7 @@ dsa_keypair_from_sexp_alist(struct dsa_params *params, struct sexp_iterator values[5]; unsigned nvalues = priv ? 5 : 4; unsigned p_bits; - assert (pub->params == params); + if (!sexp_iterator_assoc(i, nvalues, names, values)) return 0; @@ -74,15 +74,14 @@ dsa_keypair_from_sexp_alist(struct dsa_params *params, GET(params->g, p_bits, &values[2]); if (mpz_cmp (params->g, params->p) >= 0) return 0; - GET(pub->x, p_bits, &values[3]); - if (mpz_cmp (pub->x, params->p) >= 0) + GET(pub, p_bits, &values[3]); + if (mpz_cmp (pub, params->p) >= 0) return 0; if (priv) { - assert (priv->params == params); - GET(priv->x, mpz_sizeinbase (params->q, 2), &values[4]); - if (mpz_cmp (priv->x, params->q) >= 0) + GET(priv, mpz_sizeinbase (params->q, 2), &values[4]); + if (mpz_cmp (priv, params->q) >= 0) return 0; } @@ -91,8 +90,8 @@ dsa_keypair_from_sexp_alist(struct dsa_params *params, int dsa_sha1_keypair_from_sexp(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, size_t length, const uint8_t *expr) { @@ -107,8 +106,8 @@ dsa_sha1_keypair_from_sexp(struct dsa_params *params, int dsa_sha256_keypair_from_sexp(struct dsa_params *params, - struct dsa_value *pub, - struct dsa_value *priv, + mpz_t pub, + mpz_t priv, unsigned p_max_bits, size_t length, const uint8_t *expr) { diff --git a/testsuite/dsa-keygen-test.c b/testsuite/dsa-keygen-test.c index a34abd3f..6a4f6fc3 100644 --- a/testsuite/dsa-keygen-test.c +++ b/testsuite/dsa-keygen-test.c @@ -21,31 +21,31 @@ test_main(void) knuth_lfib_init(&lfib, 13); - ASSERT (dsa_generate_keypair_old(&pub, &key, + ASSERT (dsa_compat_generate_keypair(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, NULL, verbose ? progress : NULL, 1024, 160)); - test_dsa_key(&pub, &key, 160); + test_dsa_key((const struct dsa_params *) &pub, pub.y, key.x, 160); test_dsa160(&pub, &key, NULL); - ASSERT (dsa_generate_keypair_old(&pub, &key, + ASSERT (dsa_compat_generate_keypair(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, NULL, verbose ? progress : NULL, 2048, 256)); - test_dsa_key(&pub, &key, 256); + test_dsa_key((const struct dsa_params *) &pub, pub.y, key.x, 256); test_dsa256(&pub, &key, NULL); - ASSERT (dsa_generate_keypair_old(&pub, &key, + ASSERT (dsa_compat_generate_keypair(&pub, &key, &lfib, (nettle_random_func *) knuth_lfib_random, NULL, verbose ? progress : NULL, 2048, 224)); - test_dsa_key(&pub, &key, 224); + test_dsa_key((const struct dsa_params *) &pub, pub.y, key.x, 224); test_dsa256(&pub, &key, NULL); dsa_public_key_clear(&pub); diff --git a/testsuite/dsa-test.c b/testsuite/dsa-test.c index df81b5ef..9a80c967 100644 --- a/testsuite/dsa-test.c +++ b/testsuite/dsa-test.c @@ -6,7 +6,8 @@ test_main(void) struct dsa_public_key pub; struct dsa_private_key key; struct dsa_signature signature; - + struct dsa_params *params = (struct dsa_params *) &pub; + dsa_public_key_init(&pub); dsa_private_key_init(&key); dsa_signature_init(&signature); @@ -37,7 +38,7 @@ test_main(void) mpz_set_str(key.x, "56c6efaf878d06eef21dc070fab71da6ec1e30a6", 16); - test_dsa_key(&pub, &key, 160); + test_dsa_key(params, pub.y, key.x, 160); mpz_set_str(signature.r, "180342f8d4fb5bd0311ebf205bdee6e556014eaf", 16); mpz_set_str(signature.s, "392dc6566b2735531a8460966171464ef7ddfe12", 16); @@ -87,7 +88,7 @@ test_main(void) "39f84f88569da55c6bee7e18175b539ea9b7ee24fabd85a7" "1fa8c93b7181545b", 16); - test_dsa_key(&pub, &key, 256); + test_dsa_key(params, pub.y, key.x, 256); mpz_set_str(signature.r, "03fe95c9dbbe1be019d7914e45c37c70" @@ -127,7 +128,7 @@ test_main(void) mpz_set_str(signature.r, "50ed0e810e3f1c7cb6ac62332058448bd8b284c0", 16); mpz_set_str(signature.s, "c6aded17216b46b7e4b6f2a97c1ad7cc3da83fde", 16); - test_dsa_verify(&pub, &nettle_sha1, + test_dsa_verify(params, pub.y, &nettle_sha1, SHEX("3b46736d559bd4e0c2c1b2553a33ad3c6cf23cac998d3d0c" "0e8fa4b19bca06f2f386db2dcff9dca4f40ad8f561ffc308" "b46c5f31a7735b5fa7e0f9e6cb512e63d7eea05538d66a75" @@ -146,7 +147,7 @@ test_main(void) mpz_set_str(signature.r, "a26c00b5750a2d27fe7435b93476b35438b4d8ab", 16); mpz_set_str(signature.s, "61c9bfcb2938755afa7dad1d1e07c6288617bf70", 16); - test_dsa_verify(&pub, &nettle_sha1, + test_dsa_verify(params, pub.y, &nettle_sha1, SHEX("d2bcb53b044b3e2e4b61ba2f91c0995fb83a6a97525e6644" "1a3b489d9594238bc740bdeea0f718a769c977e2de003877" "b5d7dc25b182ae533db33e78f2c3ff0645f2137abc137d4e" @@ -180,7 +181,7 @@ test_main(void) "7011f2285f794557", 16); mpz_set_str(signature.r, "afee719e7f848b54349ccc3b4fb26065833a4d8e", 16); mpz_set_str(signature.s, "734efe992256f31325e749bc32a24a1f957b3a1b", 16); - test_dsa_verify(&pub, &nettle_sha224, + test_dsa_verify(params, pub.y, &nettle_sha224, SHEX("fb2128052509488cad0745ed3e6312850dd96ddaf791f1e6" "24e22a6b9beaa65319c325c78ef59cacba0ccfa722259f24" "f92c17b77a8f6d8e97c93d880d2d8dbbbedcf6acefa06b0e" @@ -214,7 +215,7 @@ test_main(void) "85183889205591e8", 16); mpz_set_str(signature.r, "76683a085d6742eadf95a61af75f881276cfd26a", 16); mpz_set_str(signature.s, "3b9da7f9926eaaad0bebd4845c67fcdb64d12453", 16); - test_dsa_verify(&pub, &nettle_sha256, + test_dsa_verify(params, pub.y, &nettle_sha256, SHEX("812172f09cbae62517804885754125fc6066e9a902f9db20" "41eeddd7e8da67e4a2e65d0029c45ecacea6002f9540eb10" "04c883a8f900fd84a98b5c449ac49c56f3a91d8bed3f08f4" @@ -266,7 +267,7 @@ test_main(void) "45df2f423e94bf155dd4e1d9e63f315ea606dd38527d4cf6328738c8", 16); mpz_set_str(signature.s, "59b3e8efa5bc0ccbf4a3cbb6515c4b9bf784cfacdcc101dc9f81d31f", 16); - test_dsa_verify(&pub, &nettle_sha1, + test_dsa_verify(params, pub.y, &nettle_sha1, SHEX("edc6fd9b6c6e8a59f283016f7f29ee16deeaa609b5737927" "162aef34fed985d0bcb550275637ba67831a2d4efccb3529" "6dfe730f4a0b4f4728d1d7d1bb8f4a36238a5c94311fa113" @@ -317,7 +318,7 @@ test_main(void) "65102e8f64ecb11f06017b1a0c0def3c29897c277c4a948b1f4da6b9", 16); mpz_set_str(signature.s, "21ad0abb27bd3c21166cb96aef70c0dbd5f3079cab0dd543d4125bd1", 16); - test_dsa_verify(&pub, &nettle_sha224, + test_dsa_verify(params, pub.y, &nettle_sha224, SHEX("e920fc1610718f2b0213d301c0092a51f3c6b0107bbbd824" "3a9689c044e2d142f202d9d195a5faef4be5acadc9ff6f7d" "2261e58b517139bcb9489b110423c2e59eb181294ffdae8a" @@ -369,7 +370,7 @@ test_main(void) "9c5fa46879ddaf5c14f07dfb5320715f67a6fec179e3ad53342fb6d1", 16); mpz_set_str(signature.s, "c3e17e7b3c4d0ac8d49f4dd0f04c16a094f42da0afcc6c90f5f1bbc8", 16); - test_dsa_verify(&pub, &nettle_sha256, + test_dsa_verify(params, pub.y, &nettle_sha256, SHEX("cec8d2843dee7cb5f9119b75562585e05c5ce2f4e6457e9b" "cc3c1c781ccd2c0442b6282aea610f7161dcede176e77486" "1f7d2691be6c894ac3ebf80c0fab21e52a3e63ae0b350257" @@ -424,7 +425,7 @@ test_main(void) mpz_set_str(signature.s, "4916d91b2927294e429d537c06dd2463d1845018cca2873e" "90a6c837b445fdde", 16); - test_dsa_verify(&pub, &nettle_sha1, + test_dsa_verify(params, pub.y, &nettle_sha1, SHEX("de3605dbefde353cbe05e0d6098647b6d041460dfd4c0003" "12be1afe7551fd3b93fed76a9763c34e004564b8f7dcacbd" "99e85030632c94e9b0a032046523b7aacdf934a2dbbdcfce" @@ -479,7 +480,7 @@ test_main(void) mpz_set_str(signature.s, "4bd41c84a724cc86e4f0194ec0fbf379e654d0d7f6a1f08b" "d468139422a5c353", 16); - test_dsa_verify(&pub, &nettle_sha224, + test_dsa_verify(params, pub.y, &nettle_sha224, SHEX("39f2d8d503aae8cd17854456ecfad49a18900d4375412bc6" "89181ed9c2ccafea98dca689a72dc75e5367d3d3abfc2169" "700d5891cff70f69d9aca093b061b9f5057f94636bc27831" @@ -534,7 +535,7 @@ test_main(void) mpz_set_str(signature.s, "2bbf68317660ec1e4b154915027b0bc00ee19cfc0bf75d01" "930504f2ce10a8b0", 16); - test_dsa_verify(&pub, &nettle_sha256, + test_dsa_verify(params, pub.y, &nettle_sha256, SHEX("4e3a28bcf90d1d2e75f075d9fbe55b36c5529b17bc3a9cca" "ba6935c9e20548255b3dfae0f91db030c12f2c344b3a29c4" "151c5b209f5e319fdf1c23b190f64f1fe5b330cb7c8fa952" @@ -589,7 +590,7 @@ test_main(void) mpz_set_str(signature.s, "5f56869cee7bf64fec5d5d6ea15bb1fa1169003a87eccc16" "21b90a1b892226f2", 16); - test_dsa_verify(&pub, &nettle_sha384, + test_dsa_verify(params, pub.y, &nettle_sha384, SHEX("8c78cffdcf25d8230b835b30512684c9b252115870b603d1" "b4ba2eb5d35b33f26d96b684126ec34fff67dfe5c8c856ac" "fe3a9ff45ae11d415f30449bcdc3bf9a9fb5a7e48afeaba6" @@ -659,7 +660,7 @@ test_main(void) mpz_set_str(signature.s, "73e48b77a3aa44307483c2dd895cb51db2112177c185c59c" "b1dcff32fda02a4f", 16); - test_dsa_verify(&pub, &nettle_sha1, + test_dsa_verify(params, pub.y, &nettle_sha1, SHEX("ca84af5c9adbc0044db00d7acfb1b493aab0388ffbad47b3" "8cd3e9e3111cfe2cda2a45f751c46862f05bdcec4b698adf" "d2e1606e484c3be4ac0c379d4fbc7c2cda43e922811d7f6c" @@ -729,7 +730,7 @@ test_main(void) mpz_set_str(signature.s, "49f3a74e953e77a7941af3aefeef4ed499be209976a0edb3" "fa5e7cb961b0c112", 16); - test_dsa_verify(&pub, &nettle_sha256, + test_dsa_verify(params, pub.y, &nettle_sha256, SHEX("cb06e02234263c22b80e832d6dc5a1bee5ea8af3bc2da752" "441c04027f176158bfe68372bd67f84d489c0d49b07d4025" "962976be60437be1a2d01d3be0992afa5abe0980e26a9da4" @@ -799,7 +800,7 @@ test_main(void) mpz_set_str(signature.s, "3dae01154ecff7b19007a953f185f0663ef7f2537f0b15e0" "4fb343c961f36de2", 16); - test_dsa_verify(&pub, &nettle_sha384, + test_dsa_verify(params, pub.y, &nettle_sha384, SHEX("ed9a64d3109ef8a9292956b946873ca4bd887ce624b81be8" "1b82c69c67aaddf5655f70fe4768114db2834c71787f858e" "5165da1a7fa961d855ad7e5bc4b7be31b97dbe770798ef79" @@ -868,7 +869,7 @@ test_main(void) mpz_set_str(signature.s, "6478050977ec585980454e0a2f26a03037b921ca588a78a4" "daff7e84d49a8a6c", 16); - test_dsa_verify(&pub, &nettle_sha512, + test_dsa_verify(params, pub.y, &nettle_sha512, SHEX("494180eed0951371bbaf0a850ef13679df49c1f13fe3770b" "6c13285bf3ad93dc4ab018aab9139d74200808e9c55bf883" "00324cc697efeaa641d37f3acf72d8c97bff0182a35b9401" diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 09e49a45..3846ec68 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -1162,7 +1162,8 @@ test_dsa_sign(const struct dsa_public_key *pub, #endif void -test_dsa_verify(const struct dsa_public_key *pub, +test_dsa_verify(const struct dsa_params *params, + const mpz_t pub, const struct nettle_hash *hash, struct tstring *msg, const struct dsa_signature *ref) @@ -1181,21 +1182,21 @@ test_dsa_verify(const struct dsa_public_key *pub, mpz_set (signature.r, ref->r); mpz_set (signature.s, ref->s); - ASSERT (_dsa_verify ((struct dsa_params *) pub, pub->y, + ASSERT (dsa_verify (params, pub, hash->digest_size, digest, &signature)); /* Try bad signature */ mpz_combit(signature.r, 17); - ASSERT (!_dsa_verify ((struct dsa_params *) pub, pub->y, - hash->digest_size, digest, - &signature)); + ASSERT (!dsa_verify (params, pub, + hash->digest_size, digest, + &signature)); /* Try bad data */ digest[hash->digest_size / 2-1] ^= 8; - ASSERT (!_dsa_verify ((struct dsa_params *) pub, pub->y, - hash->digest_size, digest, - ref)); + ASSERT (!dsa_verify (params, pub, + hash->digest_size, digest, + ref)); free (ctx); free (digest); @@ -1203,32 +1204,33 @@ test_dsa_verify(const struct dsa_public_key *pub, } void -test_dsa_key(struct dsa_public_key *pub, - struct dsa_private_key *key, +test_dsa_key(const struct dsa_params *params, + const mpz_t pub, + const mpz_t key, unsigned q_size) { mpz_t t; mpz_init(t); - ASSERT(mpz_sizeinbase(pub->q, 2) == q_size); - ASSERT(mpz_sizeinbase(pub->p, 2) >= DSA_SHA1_MIN_P_BITS); + ASSERT(mpz_sizeinbase(params->q, 2) == q_size); + ASSERT(mpz_sizeinbase(params->p, 2) >= DSA_SHA1_MIN_P_BITS); - ASSERT(mpz_probab_prime_p(pub->p, 10)); + ASSERT(mpz_probab_prime_p(params->p, 10)); - ASSERT(mpz_probab_prime_p(pub->q, 10)); + ASSERT(mpz_probab_prime_p(params->q, 10)); - mpz_fdiv_r(t, pub->p, pub->q); + mpz_fdiv_r(t, params->p, params->q); ASSERT(0 == mpz_cmp_ui(t, 1)); - ASSERT(mpz_cmp_ui(pub->g, 1) > 0); + ASSERT(mpz_cmp_ui(params->g, 1) > 0); - mpz_powm(t, pub->g, pub->q, pub->p); + mpz_powm(t, params->g, params->q, params->p); ASSERT(0 == mpz_cmp_ui(t, 1)); - mpz_powm(t, pub->g, key->x, pub->p); - ASSERT(0 == mpz_cmp(t, pub->y)); + mpz_powm(t, params->g, key, params->p); + ASSERT(0 == mpz_cmp(t, pub)); mpz_clear(t); } diff --git a/testsuite/testutils.h b/testsuite/testutils.h index 39685017..6e64165b 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -18,12 +18,15 @@ #if WITH_HOGWEED # include "rsa.h" -# include "dsa.h" +# include "dsa-compat.h" # include "ecc-curve.h" # include "ecc.h" # include "ecc-internal.h" # include "ecdsa.h" # include "gmp-glue.h" + +/* Undo some dsa-compat name mangling */ +#undef dsa_generate_keypair #endif #include "nettle-meta.h" @@ -198,20 +201,23 @@ test_dsa256(const struct dsa_public_key *pub, const struct dsa_signature *expected); void -test_dsa_sign(const struct dsa_public_key *pub, - const struct dsa_private_key *key, +test_dsa_sign(const struct dsa_params *params, + const mpz_t pub, + const mpz_t key, const struct nettle_hash *hash, const struct dsa_signature *expected); void -test_dsa_verify(const struct dsa_public_key *pub, +test_dsa_verify(const struct dsa_params *params, + const mpz_t pub, const struct nettle_hash *hash, struct tstring *msg, const struct dsa_signature *ref); void -test_dsa_key(struct dsa_public_key *pub, - struct dsa_private_key *key, +test_dsa_key(const struct dsa_params *params, + const mpz_t pub, + const mpz_t key, unsigned q_size); extern const struct ecc_curve * const ecc_curves[]; diff --git a/tools/pkcs1-conv.c b/tools/pkcs1-conv.c index 71dbf7a8..ca7f6951 100644 --- a/tools/pkcs1-conv.c +++ b/tools/pkcs1-conv.c @@ -312,29 +312,30 @@ static int convert_dsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data) { struct dsa_params params; - struct dsa_value pub; - struct dsa_value priv; + mpz_t pub; + mpz_t priv; int res; dsa_params_init (¶ms); - dsa_value_init (&pub, ¶ms); - dsa_value_init (&priv, ¶ms); + mpz_init (pub); + mpz_init (priv); - if (dsa_openssl_private_key_from_der(¶ms, &pub, &priv, 0, + if (dsa_openssl_private_key_from_der(¶ms, pub, priv, 0, length, data)) { /* Reuses the buffer */ nettle_buffer_reset(buffer); - res = dsa_keypair_to_sexp(buffer, NULL, &pub, &priv); + res = dsa_keypair_to_sexp(buffer, NULL, ¶ms, pub, priv); } else { werror("Invalid OpenSSL private key.\n"); res = 0; } - dsa_value_clear (&pub); - dsa_value_clear (&priv); dsa_params_clear (¶ms); + mpz_clear (pub); + mpz_clear (priv); + return res; } @@ -408,19 +409,19 @@ convert_public_key(struct nettle_buffer *buffer, size_t length, const uint8_t *d && asn1_der_decode_constructed_last(&j) == ASN1_ITERATOR_PRIMITIVE) { struct dsa_params params; - struct dsa_value pub; + mpz_t pub; dsa_params_init (¶ms); - dsa_value_init (&pub, ¶ms); + mpz_init (pub); if (dsa_params_from_der_iterator(¶ms, 0, 0, &i) - && dsa_public_key_from_der_iterator(&pub, &j)) + && dsa_public_key_from_der_iterator(¶ms, pub, &j)) { nettle_buffer_reset(buffer); - res = dsa_keypair_to_sexp(buffer, NULL, &pub, NULL) > 0; + res = dsa_keypair_to_sexp(buffer, NULL, ¶ms, pub, NULL) > 0; } - dsa_value_clear(&pub); dsa_params_clear(¶ms); + mpz_clear(pub); } if (!res) werror("SubjectPublicKeyInfo: Invalid DSA key.\n");