OLD | NEW |
1 /* dsa_asn1.c */ | 1 /* dsa_asn1.c */ |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 * project 2000. | 3 * project 2000. |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
11 * | 11 * |
12 * 1. Redistributions of source code must retain the above copyright | 12 * 1. Redistributions of source code must retain the above copyright |
13 * notice, this list of conditions and the following disclaimer. | 13 * notice, this list of conditions and the following disclaimer. |
14 * | 14 * |
15 * 2. Redistributions in binary form must reproduce the above copyright | 15 * 2. Redistributions in binary form must reproduce the above copyright |
16 * notice, this list of conditions and the following disclaimer in | 16 * notice, this list of conditions and the following disclaimer in |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
54 * (eay@cryptsoft.com). This product includes software written by Tim | 54 * (eay@cryptsoft.com). This product includes software written by Tim |
55 * Hudson (tjh@cryptsoft.com). | 55 * Hudson (tjh@cryptsoft.com). |
56 * | 56 * |
57 */ | 57 */ |
58 | 58 |
59 #include <stdio.h> | 59 #include <stdio.h> |
60 #include "cryptlib.h" | 60 #include "cryptlib.h" |
61 #include <openssl/dsa.h> | 61 #include <openssl/dsa.h> |
62 #include <openssl/asn1.h> | 62 #include <openssl/asn1.h> |
63 #include <openssl/asn1t.h> | 63 #include <openssl/asn1t.h> |
64 #include <openssl/bn.h> | |
65 #include <openssl/rand.h> | |
66 #ifdef OPENSSL_FIPS | |
67 #include <openssl/fips.h> | |
68 #endif | |
69 | |
70 | 64 |
71 /* Override the default new methods */ | 65 /* Override the default new methods */ |
72 static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | 66 static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, |
| 67 » » » » » » » » void *exarg) |
73 { | 68 { |
74 if(operation == ASN1_OP_NEW_PRE) { | 69 if(operation == ASN1_OP_NEW_PRE) { |
75 DSA_SIG *sig; | 70 DSA_SIG *sig; |
76 sig = OPENSSL_malloc(sizeof(DSA_SIG)); | 71 sig = OPENSSL_malloc(sizeof(DSA_SIG)); |
| 72 if (!sig) |
| 73 { |
| 74 DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); |
| 75 return 0; |
| 76 } |
77 sig->r = NULL; | 77 sig->r = NULL; |
78 sig->s = NULL; | 78 sig->s = NULL; |
79 *pval = (ASN1_VALUE *)sig; | 79 *pval = (ASN1_VALUE *)sig; |
80 » » if(sig) return 2; | 80 » » return 2; |
81 » » DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); | |
82 » » return 0; | |
83 } | 81 } |
84 return 1; | 82 return 1; |
85 } | 83 } |
86 | 84 |
87 ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { | 85 ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { |
88 ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), | 86 ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), |
89 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) | 87 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) |
90 } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) | 88 } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) |
91 | 89 |
92 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) | 90 IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) |
93 | 91 |
94 /* Override the default free and new methods */ | 92 /* Override the default free and new methods */ |
95 static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | 93 static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, |
| 94 » » » » » » » void *exarg) |
96 { | 95 { |
97 if(operation == ASN1_OP_NEW_PRE) { | 96 if(operation == ASN1_OP_NEW_PRE) { |
98 *pval = (ASN1_VALUE *)DSA_new(); | 97 *pval = (ASN1_VALUE *)DSA_new(); |
99 if(*pval) return 2; | 98 if(*pval) return 2; |
100 return 0; | 99 return 0; |
101 } else if(operation == ASN1_OP_FREE_PRE) { | 100 } else if(operation == ASN1_OP_FREE_PRE) { |
102 DSA_free((DSA *)*pval); | 101 DSA_free((DSA *)*pval); |
103 *pval = NULL; | 102 *pval = NULL; |
104 return 2; | 103 return 2; |
105 } | 104 } |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
138 ASN1_SIMPLE(DSA, g, BIGNUM) | 137 ASN1_SIMPLE(DSA, g, BIGNUM) |
139 } ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal) | 138 } ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal) |
140 | 139 |
141 ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { | 140 ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { |
142 ASN1_SIMPLE(DSA, pub_key, BIGNUM), | 141 ASN1_SIMPLE(DSA, pub_key, BIGNUM), |
143 ASN1_EX_COMBINE(0, 0, dsa_pub_internal) | 142 ASN1_EX_COMBINE(0, 0, dsa_pub_internal) |
144 } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) | 143 } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) |
145 | 144 |
146 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) | 145 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) |
147 | 146 |
148 int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 147 DSA *DSAparams_dup(DSA *dsa) |
149 » unsigned int *siglen, DSA *dsa) | |
150 { | 148 { |
151 » DSA_SIG *s; | 149 » return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa); |
152 #ifdef OPENSSL_FIPS | |
153 » if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | |
154 » » { | |
155 » » DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE)
; | |
156 » » return 0; | |
157 » » } | |
158 #endif | |
159 » RAND_seed(dgst, dlen); | |
160 » s=DSA_do_sign(dgst,dlen,dsa); | |
161 » if (s == NULL) | |
162 » » { | |
163 » » *siglen=0; | |
164 » » return(0); | |
165 » » } | |
166 » *siglen=i2d_DSA_SIG(s,&sig); | |
167 » DSA_SIG_free(s); | |
168 » return(1); | |
169 } | 150 } |
170 | |
171 int DSA_size(const DSA *r) | |
172 { | |
173 int ret,i; | |
174 ASN1_INTEGER bs; | |
175 unsigned char buf[4]; /* 4 bytes looks really small. | |
176 However, i2d_ASN1_INTEGER() will not look | |
177 beyond the first byte, as long as the second | |
178 parameter is NULL. */ | |
179 | |
180 i=BN_num_bits(r->q); | |
181 bs.length=(i+7)/8; | |
182 bs.data=buf; | |
183 bs.type=V_ASN1_INTEGER; | |
184 /* If the top bit is set the asn1 encoding is 1 larger. */ | |
185 buf[0]=0xff; | |
186 | |
187 i=i2d_ASN1_INTEGER(&bs,NULL); | |
188 i+=i; /* r and s */ | |
189 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | |
190 return(ret); | |
191 } | |
192 | |
193 /* data has already been hashed (probably with SHA or SHA-1). */ | |
194 /* returns | |
195 * 1: correct signature | |
196 * 0: incorrect signature | |
197 * -1: error | |
198 */ | |
199 int DSA_verify(int type, const unsigned char *dgst, int dgst_len, | |
200 const unsigned char *sigbuf, int siglen, DSA *dsa) | |
201 { | |
202 DSA_SIG *s; | |
203 int ret=-1; | |
204 #ifdef OPENSSL_FIPS | |
205 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | |
206 { | |
207 DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MOD
E); | |
208 return 0; | |
209 } | |
210 #endif | |
211 | |
212 s = DSA_SIG_new(); | |
213 if (s == NULL) return(ret); | |
214 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; | |
215 ret=DSA_do_verify(dgst,dgst_len,s,dsa); | |
216 err: | |
217 DSA_SIG_free(s); | |
218 return(ret); | |
219 } | |
220 | |
OLD | NEW |