OLD | NEW |
| (Empty) |
1 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | |
2 * project 2006. | |
3 */ | |
4 /* ==================================================================== | |
5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. | |
6 * | |
7 * Redistribution and use in source and binary forms, with or without | |
8 * modification, are permitted provided that the following conditions | |
9 * are met: | |
10 * | |
11 * 1. Redistributions of source code must retain the above copyright | |
12 * notice, this list of conditions and the following disclaimer. | |
13 * | |
14 * 2. Redistributions in binary form must reproduce the above copyright | |
15 * notice, this list of conditions and the following disclaimer in | |
16 * the documentation and/or other materials provided with the | |
17 * distribution. | |
18 * | |
19 * 3. All advertising materials mentioning features or use of this | |
20 * software must display the following acknowledgment: | |
21 * "This product includes software developed by the OpenSSL Project | |
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
23 * | |
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
25 * endorse or promote products derived from this software without | |
26 * prior written permission. For written permission, please contact | |
27 * licensing@OpenSSL.org. | |
28 * | |
29 * 5. Products derived from this software may not be called "OpenSSL" | |
30 * nor may "OpenSSL" appear in their names without prior written | |
31 * permission of the OpenSSL Project. | |
32 * | |
33 * 6. Redistributions of any form whatsoever must retain the following | |
34 * acknowledgment: | |
35 * "This product includes software developed by the OpenSSL Project | |
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
37 * | |
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
49 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
50 * ==================================================================== | |
51 * | |
52 * This product includes cryptographic software written by Eric Young | |
53 * (eay@cryptsoft.com). This product includes software written by Tim | |
54 * Hudson (tjh@cryptsoft.com). | |
55 * | |
56 */ | |
57 | |
58 #include <stdio.h> | |
59 #include "cryptlib.h" | |
60 #include <openssl/x509.h> | |
61 #include <openssl/asn1.h> | |
62 #include <openssl/dsa.h> | |
63 #include <openssl/bn.h> | |
64 #ifndef OPENSSL_NO_CMS | |
65 #include <openssl/cms.h> | |
66 #endif | |
67 #include "asn1_locl.h" | |
68 | |
69 static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) | |
70 { | |
71 const unsigned char *p, *pm; | |
72 int pklen, pmlen; | |
73 int ptype; | |
74 void *pval; | |
75 ASN1_STRING *pstr; | |
76 X509_ALGOR *palg; | |
77 ASN1_INTEGER *public_key = NULL; | |
78 | |
79 DSA *dsa = NULL; | |
80 | |
81 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) | |
82 return 0; | |
83 X509_ALGOR_get0(NULL, &ptype, &pval, palg); | |
84 | |
85 | |
86 if (ptype == V_ASN1_SEQUENCE) | |
87 { | |
88 pstr = pval; | |
89 pm = pstr->data; | |
90 pmlen = pstr->length; | |
91 | |
92 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) | |
93 { | |
94 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR); | |
95 goto err; | |
96 } | |
97 | |
98 } | |
99 else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) | |
100 { | |
101 if (!(dsa = DSA_new())) | |
102 { | |
103 DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE); | |
104 goto err; | |
105 } | |
106 } | |
107 else | |
108 { | |
109 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR); | |
110 goto err; | |
111 } | |
112 | |
113 if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) | |
114 { | |
115 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR); | |
116 goto err; | |
117 } | |
118 | |
119 if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) | |
120 { | |
121 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR); | |
122 goto err; | |
123 } | |
124 | |
125 ASN1_INTEGER_free(public_key); | |
126 EVP_PKEY_assign_DSA(pkey, dsa); | |
127 return 1; | |
128 | |
129 err: | |
130 if (public_key) | |
131 ASN1_INTEGER_free(public_key); | |
132 if (dsa) | |
133 DSA_free(dsa); | |
134 return 0; | |
135 | |
136 } | |
137 | |
138 static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) | |
139 { | |
140 DSA *dsa; | |
141 void *pval = NULL; | |
142 int ptype; | |
143 unsigned char *penc = NULL; | |
144 int penclen; | |
145 | |
146 dsa=pkey->pkey.dsa; | |
147 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) | |
148 { | |
149 ASN1_STRING *str; | |
150 str = ASN1_STRING_new(); | |
151 str->length = i2d_DSAparams(dsa, &str->data); | |
152 if (str->length <= 0) | |
153 { | |
154 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); | |
155 goto err; | |
156 } | |
157 pval = str; | |
158 ptype = V_ASN1_SEQUENCE; | |
159 } | |
160 else | |
161 ptype = V_ASN1_UNDEF; | |
162 | |
163 dsa->write_params=0; | |
164 | |
165 penclen = i2d_DSAPublicKey(dsa, &penc); | |
166 | |
167 if (penclen <= 0) | |
168 { | |
169 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); | |
170 goto err; | |
171 } | |
172 | |
173 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), | |
174 ptype, pval, penc, penclen)) | |
175 return 1; | |
176 | |
177 err: | |
178 if (penc) | |
179 OPENSSL_free(penc); | |
180 if (pval) | |
181 ASN1_STRING_free(pval); | |
182 | |
183 return 0; | |
184 } | |
185 | |
186 /* In PKCS#8 DSA: you just get a private key integer and parameters in the | |
187 * AlgorithmIdentifier the pubkey must be recalculated. | |
188 */ | |
189 | |
190 static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) | |
191 { | |
192 const unsigned char *p, *pm; | |
193 int pklen, pmlen; | |
194 int ptype; | |
195 void *pval; | |
196 ASN1_STRING *pstr; | |
197 X509_ALGOR *palg; | |
198 ASN1_INTEGER *privkey = NULL; | |
199 BN_CTX *ctx = NULL; | |
200 | |
201 STACK_OF(ASN1_TYPE) *ndsa = NULL; | |
202 DSA *dsa = NULL; | |
203 | |
204 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) | |
205 return 0; | |
206 X509_ALGOR_get0(NULL, &ptype, &pval, palg); | |
207 | |
208 /* Check for broken DSA PKCS#8, UGH! */ | |
209 if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) | |
210 { | |
211 ASN1_TYPE *t1, *t2; | |
212 if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen))) | |
213 goto decerr; | |
214 if (sk_ASN1_TYPE_num(ndsa) != 2) | |
215 goto decerr; | |
216 /* Handle Two broken types: | |
217 * SEQUENCE {parameters, priv_key} | |
218 * SEQUENCE {pub_key, priv_key} | |
219 */ | |
220 | |
221 t1 = sk_ASN1_TYPE_value(ndsa, 0); | |
222 t2 = sk_ASN1_TYPE_value(ndsa, 1); | |
223 if (t1->type == V_ASN1_SEQUENCE) | |
224 { | |
225 p8->broken = PKCS8_EMBEDDED_PARAM; | |
226 pval = t1->value.ptr; | |
227 } | |
228 else if (ptype == V_ASN1_SEQUENCE) | |
229 p8->broken = PKCS8_NS_DB; | |
230 else | |
231 goto decerr; | |
232 | |
233 if (t2->type != V_ASN1_INTEGER) | |
234 goto decerr; | |
235 | |
236 privkey = t2->value.integer; | |
237 } | |
238 else | |
239 { | |
240 const unsigned char *q = p; | |
241 if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen))) | |
242 goto decerr; | |
243 if (privkey->type == V_ASN1_NEG_INTEGER) | |
244 { | |
245 p8->broken = PKCS8_NEG_PRIVKEY; | |
246 ASN1_INTEGER_free(privkey); | |
247 if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen))) | |
248 goto decerr; | |
249 } | |
250 if (ptype != V_ASN1_SEQUENCE) | |
251 goto decerr; | |
252 } | |
253 | |
254 pstr = pval; | |
255 pm = pstr->data; | |
256 pmlen = pstr->length; | |
257 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) | |
258 goto decerr; | |
259 /* We have parameters now set private key */ | |
260 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) | |
261 { | |
262 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR); | |
263 goto dsaerr; | |
264 } | |
265 /* Calculate public key */ | |
266 if (!(dsa->pub_key = BN_new())) | |
267 { | |
268 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE); | |
269 goto dsaerr; | |
270 } | |
271 if (!(ctx = BN_CTX_new())) | |
272 { | |
273 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE); | |
274 goto dsaerr; | |
275 } | |
276 | |
277 if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) | |
278 { | |
279 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR); | |
280 goto dsaerr; | |
281 } | |
282 | |
283 EVP_PKEY_assign_DSA(pkey, dsa); | |
284 BN_CTX_free (ctx); | |
285 if(ndsa) | |
286 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
287 else | |
288 ASN1_INTEGER_free(privkey); | |
289 | |
290 return 1; | |
291 | |
292 decerr: | |
293 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); | |
294 dsaerr: | |
295 BN_CTX_free (ctx); | |
296 if (privkey) | |
297 ASN1_INTEGER_free(privkey); | |
298 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); | |
299 DSA_free(dsa); | |
300 return 0; | |
301 } | |
302 | |
303 static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) | |
304 { | |
305 ASN1_STRING *params = NULL; | |
306 ASN1_INTEGER *prkey = NULL; | |
307 unsigned char *dp = NULL; | |
308 int dplen; | |
309 | |
310 params = ASN1_STRING_new(); | |
311 | |
312 if (!params) | |
313 { | |
314 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE); | |
315 goto err; | |
316 } | |
317 | |
318 params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); | |
319 if (params->length <= 0) | |
320 { | |
321 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE); | |
322 goto err; | |
323 } | |
324 params->type = V_ASN1_SEQUENCE; | |
325 | |
326 /* Get private key into integer */ | |
327 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); | |
328 | |
329 if (!prkey) | |
330 { | |
331 DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_BN_ERROR); | |
332 goto err; | |
333 } | |
334 | |
335 dplen = i2d_ASN1_INTEGER(prkey, &dp); | |
336 | |
337 ASN1_INTEGER_free(prkey); | |
338 | |
339 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, | |
340 V_ASN1_SEQUENCE, params, dp, dplen)) | |
341 goto err; | |
342 | |
343 return 1; | |
344 | |
345 err: | |
346 if (dp != NULL) | |
347 OPENSSL_free(dp); | |
348 if (params != NULL) | |
349 ASN1_STRING_free(params); | |
350 if (prkey != NULL) | |
351 ASN1_INTEGER_free(prkey); | |
352 return 0; | |
353 } | |
354 | |
355 static int int_dsa_size(const EVP_PKEY *pkey) | |
356 { | |
357 return(DSA_size(pkey->pkey.dsa)); | |
358 } | |
359 | |
360 static int dsa_bits(const EVP_PKEY *pkey) | |
361 { | |
362 return BN_num_bits(pkey->pkey.dsa->p); | |
363 } | |
364 | |
365 static int dsa_missing_parameters(const EVP_PKEY *pkey) | |
366 { | |
367 DSA *dsa; | |
368 dsa=pkey->pkey.dsa; | |
369 if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) | |
370 return 1; | |
371 return 0; | |
372 } | |
373 | |
374 static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) | |
375 { | |
376 BIGNUM *a; | |
377 | |
378 if ((a=BN_dup(from->pkey.dsa->p)) == NULL) | |
379 return 0; | |
380 if (to->pkey.dsa->p != NULL) | |
381 BN_free(to->pkey.dsa->p); | |
382 to->pkey.dsa->p=a; | |
383 | |
384 if ((a=BN_dup(from->pkey.dsa->q)) == NULL) | |
385 return 0; | |
386 if (to->pkey.dsa->q != NULL) | |
387 BN_free(to->pkey.dsa->q); | |
388 to->pkey.dsa->q=a; | |
389 | |
390 if ((a=BN_dup(from->pkey.dsa->g)) == NULL) | |
391 return 0; | |
392 if (to->pkey.dsa->g != NULL) | |
393 BN_free(to->pkey.dsa->g); | |
394 to->pkey.dsa->g=a; | |
395 return 1; | |
396 } | |
397 | |
398 static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) | |
399 { | |
400 if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) || | |
401 BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) || | |
402 BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g)) | |
403 return 0; | |
404 else | |
405 return 1; | |
406 } | |
407 | |
408 static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) | |
409 { | |
410 if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0) | |
411 return 0; | |
412 else | |
413 return 1; | |
414 } | |
415 | |
416 static void int_dsa_free(EVP_PKEY *pkey) | |
417 { | |
418 DSA_free(pkey->pkey.dsa); | |
419 } | |
420 | |
421 static void update_buflen(const BIGNUM *b, size_t *pbuflen) | |
422 { | |
423 size_t i; | |
424 if (!b) | |
425 return; | |
426 if (*pbuflen < (i = (size_t)BN_num_bytes(b))) | |
427 *pbuflen = i; | |
428 } | |
429 | |
430 static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) | |
431 { | |
432 unsigned char *m=NULL; | |
433 int ret=0; | |
434 size_t buf_len=0; | |
435 const char *ktype = NULL; | |
436 | |
437 const BIGNUM *priv_key, *pub_key; | |
438 | |
439 if (ptype == 2) | |
440 priv_key = x->priv_key; | |
441 else | |
442 priv_key = NULL; | |
443 | |
444 if (ptype > 0) | |
445 pub_key = x->pub_key; | |
446 else | |
447 pub_key = NULL; | |
448 | |
449 if (ptype == 2) | |
450 ktype = "Private-Key"; | |
451 else if (ptype == 1) | |
452 ktype = "Public-Key"; | |
453 else | |
454 ktype = "DSA-Parameters"; | |
455 | |
456 update_buflen(x->p, &buf_len); | |
457 update_buflen(x->q, &buf_len); | |
458 update_buflen(x->g, &buf_len); | |
459 update_buflen(priv_key, &buf_len); | |
460 update_buflen(pub_key, &buf_len); | |
461 | |
462 m=(unsigned char *)OPENSSL_malloc(buf_len+10); | |
463 if (m == NULL) | |
464 { | |
465 DSAerr(DSA_F_DO_DSA_PRINT,ERR_R_MALLOC_FAILURE); | |
466 goto err; | |
467 } | |
468 | |
469 if (priv_key) | |
470 { | |
471 if(!BIO_indent(bp,off,128)) | |
472 goto err; | |
473 if (BIO_printf(bp,"%s: (%d bit)\n",ktype, BN_num_bits(x->p)) | |
474 <= 0) goto err; | |
475 } | |
476 | |
477 if (!ASN1_bn_print(bp,"priv:",priv_key,m,off)) | |
478 goto err; | |
479 if (!ASN1_bn_print(bp,"pub: ",pub_key,m,off)) | |
480 goto err; | |
481 if (!ASN1_bn_print(bp,"P: ",x->p,m,off)) goto err; | |
482 if (!ASN1_bn_print(bp,"Q: ",x->q,m,off)) goto err; | |
483 if (!ASN1_bn_print(bp,"G: ",x->g,m,off)) goto err; | |
484 ret=1; | |
485 err: | |
486 if (m != NULL) OPENSSL_free(m); | |
487 return(ret); | |
488 } | |
489 | |
490 static int dsa_param_decode(EVP_PKEY *pkey, | |
491 const unsigned char **pder, int derlen) | |
492 { | |
493 DSA *dsa; | |
494 if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) | |
495 { | |
496 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB); | |
497 return 0; | |
498 } | |
499 EVP_PKEY_assign_DSA(pkey, dsa); | |
500 return 1; | |
501 } | |
502 | |
503 static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder) | |
504 { | |
505 return i2d_DSAparams(pkey->pkey.dsa, pder); | |
506 } | |
507 | |
508 static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, | |
509 ASN1_PCTX *ctx) | |
510 { | |
511 return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); | |
512 } | |
513 | |
514 static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, | |
515 ASN1_PCTX *ctx) | |
516 { | |
517 return do_dsa_print(bp, pkey->pkey.dsa, indent, 1); | |
518 } | |
519 | |
520 | |
521 static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, | |
522 ASN1_PCTX *ctx) | |
523 { | |
524 return do_dsa_print(bp, pkey->pkey.dsa, indent, 2); | |
525 } | |
526 | |
527 static int old_dsa_priv_decode(EVP_PKEY *pkey, | |
528 const unsigned char **pder, int derlen) | |
529 { | |
530 DSA *dsa; | |
531 if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen))) | |
532 { | |
533 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB); | |
534 return 0; | |
535 } | |
536 EVP_PKEY_assign_DSA(pkey, dsa); | |
537 return 1; | |
538 } | |
539 | |
540 static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) | |
541 { | |
542 return i2d_DSAPrivateKey(pkey->pkey.dsa, pder); | |
543 } | |
544 | |
545 static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, | |
546 const ASN1_STRING *sig, | |
547 int indent, ASN1_PCTX *pctx) | |
548 { | |
549 DSA_SIG *dsa_sig; | |
550 const unsigned char *p; | |
551 if (!sig) | |
552 { | |
553 if (BIO_puts(bp, "\n") <= 0) | |
554 return 0; | |
555 else | |
556 return 1; | |
557 } | |
558 p = sig->data; | |
559 dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); | |
560 if (dsa_sig) | |
561 { | |
562 int rv = 0; | |
563 size_t buf_len = 0; | |
564 unsigned char *m=NULL; | |
565 update_buflen(dsa_sig->r, &buf_len); | |
566 update_buflen(dsa_sig->s, &buf_len); | |
567 m = OPENSSL_malloc(buf_len+10); | |
568 if (m == NULL) | |
569 { | |
570 DSAerr(DSA_F_DSA_SIG_PRINT,ERR_R_MALLOC_FAILURE); | |
571 goto err; | |
572 } | |
573 | |
574 if (BIO_write(bp, "\n", 1) != 1) | |
575 goto err; | |
576 | |
577 if (!ASN1_bn_print(bp,"r: ",dsa_sig->r,m,indent)) | |
578 goto err; | |
579 if (!ASN1_bn_print(bp,"s: ",dsa_sig->s,m,indent)) | |
580 goto err; | |
581 rv = 1; | |
582 err: | |
583 if (m) | |
584 OPENSSL_free(m); | |
585 DSA_SIG_free(dsa_sig); | |
586 return rv; | |
587 } | |
588 return X509_signature_dump(bp, sig, indent); | |
589 } | |
590 | |
591 static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) | |
592 { | |
593 switch (op) | |
594 { | |
595 case ASN1_PKEY_CTRL_PKCS7_SIGN: | |
596 if (arg1 == 0) | |
597 { | |
598 int snid, hnid; | |
599 X509_ALGOR *alg1, *alg2; | |
600 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); | |
601 if (alg1 == NULL || alg1->algorithm == NULL) | |
602 return -1; | |
603 hnid = OBJ_obj2nid(alg1->algorithm); | |
604 if (hnid == NID_undef) | |
605 return -1; | |
606 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pke
y))) | |
607 return -1; | |
608 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0
); | |
609 } | |
610 return 1; | |
611 #ifndef OPENSSL_NO_CMS | |
612 case ASN1_PKEY_CTRL_CMS_SIGN: | |
613 if (arg1 == 0) | |
614 { | |
615 int snid, hnid; | |
616 X509_ALGOR *alg1, *alg2; | |
617 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2)
; | |
618 if (alg1 == NULL || alg1->algorithm == NULL) | |
619 return -1; | |
620 hnid = OBJ_obj2nid(alg1->algorithm); | |
621 if (hnid == NID_undef) | |
622 return -1; | |
623 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pke
y))) | |
624 return -1; | |
625 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0
); | |
626 } | |
627 return 1; | |
628 #endif | |
629 | |
630 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: | |
631 *(int *)arg2 = NID_sha1; | |
632 return 2; | |
633 | |
634 default: | |
635 return -2; | |
636 | |
637 } | |
638 | |
639 } | |
640 | |
641 /* NB these are sorted in pkey_id order, lowest first */ | |
642 | |
643 const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = | |
644 { | |
645 | |
646 { | |
647 EVP_PKEY_DSA2, | |
648 EVP_PKEY_DSA, | |
649 ASN1_PKEY_ALIAS | |
650 }, | |
651 | |
652 { | |
653 EVP_PKEY_DSA1, | |
654 EVP_PKEY_DSA, | |
655 ASN1_PKEY_ALIAS | |
656 }, | |
657 | |
658 { | |
659 EVP_PKEY_DSA4, | |
660 EVP_PKEY_DSA, | |
661 ASN1_PKEY_ALIAS | |
662 }, | |
663 | |
664 { | |
665 EVP_PKEY_DSA3, | |
666 EVP_PKEY_DSA, | |
667 ASN1_PKEY_ALIAS | |
668 }, | |
669 | |
670 { | |
671 EVP_PKEY_DSA, | |
672 EVP_PKEY_DSA, | |
673 0, | |
674 | |
675 "DSA", | |
676 "OpenSSL DSA method", | |
677 | |
678 dsa_pub_decode, | |
679 dsa_pub_encode, | |
680 dsa_pub_cmp, | |
681 dsa_pub_print, | |
682 | |
683 dsa_priv_decode, | |
684 dsa_priv_encode, | |
685 dsa_priv_print, | |
686 | |
687 int_dsa_size, | |
688 dsa_bits, | |
689 | |
690 dsa_param_decode, | |
691 dsa_param_encode, | |
692 dsa_missing_parameters, | |
693 dsa_copy_parameters, | |
694 dsa_cmp_parameters, | |
695 dsa_param_print, | |
696 dsa_sig_print, | |
697 | |
698 int_dsa_free, | |
699 dsa_pkey_ctrl, | |
700 old_dsa_priv_decode, | |
701 old_dsa_priv_encode | |
702 } | |
703 }; | |
704 | |
OLD | NEW |