A local copy of OpenSSL from GitHub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

273 lines
6.9 KiB

  1. /*
  2. * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/asn1t.h>
  12. #include <openssl/x509.h>
  13. #include <openssl/evp.h>
  14. #include <openssl/bn.h>
  15. #include "internal/evp_int.h"
  16. #include "dsa_locl.h"
  17. /* DSA pkey context structure */
  18. typedef struct {
  19. /* Parameter gen parameters */
  20. int nbits; /* size of p in bits (default: 1024) */
  21. int qbits; /* size of q in bits (default: 160) */
  22. const EVP_MD *pmd; /* MD for parameter generation */
  23. /* Keygen callback info */
  24. int gentmp[2];
  25. /* message digest */
  26. const EVP_MD *md; /* MD for the signature */
  27. } DSA_PKEY_CTX;
  28. static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
  29. {
  30. DSA_PKEY_CTX *dctx;
  31. dctx = OPENSSL_malloc(sizeof(*dctx));
  32. if (dctx == NULL)
  33. return 0;
  34. dctx->nbits = 1024;
  35. dctx->qbits = 160;
  36. dctx->pmd = NULL;
  37. dctx->md = NULL;
  38. ctx->data = dctx;
  39. ctx->keygen_info = dctx->gentmp;
  40. ctx->keygen_info_count = 2;
  41. return 1;
  42. }
  43. static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
  44. {
  45. DSA_PKEY_CTX *dctx, *sctx;
  46. if (!pkey_dsa_init(dst))
  47. return 0;
  48. sctx = src->data;
  49. dctx = dst->data;
  50. dctx->nbits = sctx->nbits;
  51. dctx->qbits = sctx->qbits;
  52. dctx->pmd = sctx->pmd;
  53. dctx->md = sctx->md;
  54. return 1;
  55. }
  56. static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
  57. {
  58. DSA_PKEY_CTX *dctx = ctx->data;
  59. OPENSSL_free(dctx);
  60. }
  61. static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
  62. size_t *siglen, const unsigned char *tbs,
  63. size_t tbslen)
  64. {
  65. int ret;
  66. unsigned int sltmp;
  67. DSA_PKEY_CTX *dctx = ctx->data;
  68. DSA *dsa = ctx->pkey->pkey.dsa;
  69. if (dctx->md) {
  70. if (tbslen != (size_t)EVP_MD_size(dctx->md))
  71. return 0;
  72. } else {
  73. if (tbslen != SHA_DIGEST_LENGTH)
  74. return 0;
  75. }
  76. ret = DSA_sign(0, tbs, tbslen, sig, &sltmp, dsa);
  77. if (ret <= 0)
  78. return ret;
  79. *siglen = sltmp;
  80. return 1;
  81. }
  82. static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
  83. const unsigned char *sig, size_t siglen,
  84. const unsigned char *tbs, size_t tbslen)
  85. {
  86. int ret;
  87. DSA_PKEY_CTX *dctx = ctx->data;
  88. DSA *dsa = ctx->pkey->pkey.dsa;
  89. if (dctx->md) {
  90. if (tbslen != (size_t)EVP_MD_size(dctx->md))
  91. return 0;
  92. } else {
  93. if (tbslen != SHA_DIGEST_LENGTH)
  94. return 0;
  95. }
  96. ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
  97. return ret;
  98. }
  99. static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
  100. {
  101. DSA_PKEY_CTX *dctx = ctx->data;
  102. switch (type) {
  103. case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
  104. if (p1 < 256)
  105. return -2;
  106. dctx->nbits = p1;
  107. return 1;
  108. case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
  109. if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
  110. return -2;
  111. dctx->qbits = p1;
  112. return 1;
  113. case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
  114. if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
  115. EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
  116. EVP_MD_type((const EVP_MD *)p2) != NID_sha256) {
  117. DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
  118. return 0;
  119. }
  120. dctx->md = p2;
  121. return 1;
  122. case EVP_PKEY_CTRL_MD:
  123. if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
  124. EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
  125. EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
  126. EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
  127. EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
  128. EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
  129. EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
  130. DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
  131. return 0;
  132. }
  133. dctx->md = p2;
  134. return 1;
  135. case EVP_PKEY_CTRL_GET_MD:
  136. *(const EVP_MD **)p2 = dctx->md;
  137. return 1;
  138. case EVP_PKEY_CTRL_DIGESTINIT:
  139. case EVP_PKEY_CTRL_PKCS7_SIGN:
  140. case EVP_PKEY_CTRL_CMS_SIGN:
  141. return 1;
  142. case EVP_PKEY_CTRL_PEER_KEY:
  143. DSAerr(DSA_F_PKEY_DSA_CTRL,
  144. EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
  145. return -2;
  146. default:
  147. return -2;
  148. }
  149. }
  150. static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
  151. const char *type, const char *value)
  152. {
  153. if (strcmp(type, "dsa_paramgen_bits") == 0) {
  154. int nbits;
  155. nbits = atoi(value);
  156. return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
  157. }
  158. if (strcmp(type, "dsa_paramgen_q_bits") == 0) {
  159. int qbits = atoi(value);
  160. return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
  161. EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits,
  162. NULL);
  163. }
  164. if (strcmp(type, "dsa_paramgen_md") == 0) {
  165. return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
  166. EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
  167. (void *)EVP_get_digestbyname(value));
  168. }
  169. return -2;
  170. }
  171. static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
  172. {
  173. DSA *dsa = NULL;
  174. DSA_PKEY_CTX *dctx = ctx->data;
  175. BN_GENCB *pcb;
  176. int ret;
  177. if (ctx->pkey_gencb) {
  178. pcb = BN_GENCB_new();
  179. if (pcb == NULL)
  180. return 0;
  181. evp_pkey_set_cb_translate(pcb, ctx);
  182. } else
  183. pcb = NULL;
  184. dsa = DSA_new();
  185. if (dsa == NULL) {
  186. BN_GENCB_free(pcb);
  187. return 0;
  188. }
  189. ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
  190. NULL, 0, NULL, NULL, NULL, pcb);
  191. BN_GENCB_free(pcb);
  192. if (ret)
  193. EVP_PKEY_assign_DSA(pkey, dsa);
  194. else
  195. DSA_free(dsa);
  196. return ret;
  197. }
  198. static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
  199. {
  200. DSA *dsa = NULL;
  201. if (ctx->pkey == NULL) {
  202. DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
  203. return 0;
  204. }
  205. dsa = DSA_new();
  206. if (dsa == NULL)
  207. return 0;
  208. EVP_PKEY_assign_DSA(pkey, dsa);
  209. /* Note: if error return, pkey is freed by parent routine */
  210. if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
  211. return 0;
  212. return DSA_generate_key(pkey->pkey.dsa);
  213. }
  214. const EVP_PKEY_METHOD dsa_pkey_meth = {
  215. EVP_PKEY_DSA,
  216. EVP_PKEY_FLAG_AUTOARGLEN,
  217. pkey_dsa_init,
  218. pkey_dsa_copy,
  219. pkey_dsa_cleanup,
  220. 0,
  221. pkey_dsa_paramgen,
  222. 0,
  223. pkey_dsa_keygen,
  224. 0,
  225. pkey_dsa_sign,
  226. 0,
  227. pkey_dsa_verify,
  228. 0, 0,
  229. 0, 0, 0, 0,
  230. 0, 0,
  231. 0, 0,
  232. 0, 0,
  233. pkey_dsa_ctrl,
  234. pkey_dsa_ctrl_str
  235. };