dsa_asn1.c revision 296341
1/* dsa_asn1.c */ 2/* 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 4 * 2000. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59 60#include <stdio.h> 61#include "cryptlib.h" 62#include <openssl/dsa.h> 63#include <openssl/asn1.h> 64#include <openssl/asn1t.h> 65#include <openssl/rand.h> 66 67/* Override the default new methods */ 68static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 69 void *exarg) 70{ 71 if (operation == ASN1_OP_NEW_PRE) { 72 DSA_SIG *sig; 73 sig = OPENSSL_malloc(sizeof(DSA_SIG)); 74 if (!sig) { 75 DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); 76 return 0; 77 } 78 sig->r = NULL; 79 sig->s = NULL; 80 *pval = (ASN1_VALUE *)sig; 81 return 2; 82 } 83 return 1; 84} 85 86ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { 87 ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), 88 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) 89} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) 90 91IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG) 92 93/* Override the default free and new methods */ 94static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 95 void *exarg) 96{ 97 if (operation == ASN1_OP_NEW_PRE) { 98 *pval = (ASN1_VALUE *)DSA_new(); 99 if (*pval) 100 return 2; 101 return 0; 102 } else if (operation == ASN1_OP_FREE_PRE) { 103 DSA_free((DSA *)*pval); 104 *pval = NULL; 105 return 2; 106 } 107 return 1; 108} 109 110ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { 111 ASN1_SIMPLE(DSA, version, LONG), 112 ASN1_SIMPLE(DSA, p, BIGNUM), 113 ASN1_SIMPLE(DSA, q, BIGNUM), 114 ASN1_SIMPLE(DSA, g, BIGNUM), 115 ASN1_SIMPLE(DSA, pub_key, BIGNUM), 116 ASN1_SIMPLE(DSA, priv_key, BIGNUM) 117} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey) 118 119IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey) 120 121ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { 122 ASN1_SIMPLE(DSA, p, BIGNUM), 123 ASN1_SIMPLE(DSA, q, BIGNUM), 124 ASN1_SIMPLE(DSA, g, BIGNUM), 125} ASN1_SEQUENCE_END_cb(DSA, DSAparams) 126 127IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams) 128 129/* 130 * DSA public key is a bit trickier... its effectively a CHOICE type decided 131 * by a field called write_params which can either write out just the public 132 * key as an INTEGER or the parameters and public key in a SEQUENCE 133 */ 134 135ASN1_SEQUENCE(dsa_pub_internal) = { 136 ASN1_SIMPLE(DSA, pub_key, BIGNUM), 137 ASN1_SIMPLE(DSA, p, BIGNUM), 138 ASN1_SIMPLE(DSA, q, BIGNUM), 139 ASN1_SIMPLE(DSA, g, BIGNUM) 140} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal) 141 142ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { 143 ASN1_SIMPLE(DSA, pub_key, BIGNUM), 144 ASN1_EX_COMBINE(0, 0, dsa_pub_internal) 145} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) 146 147IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) 148 149DSA *DSAparams_dup(DSA *dsa) 150{ 151 return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa); 152} 153 154int DSA_sign(int type, const unsigned char *dgst, int dlen, 155 unsigned char *sig, unsigned int *siglen, DSA *dsa) 156{ 157 DSA_SIG *s; 158 RAND_seed(dgst, dlen); 159 s = DSA_do_sign(dgst, dlen, dsa); 160 if (s == NULL) { 161 *siglen = 0; 162 return (0); 163 } 164 *siglen = i2d_DSA_SIG(s, &sig); 165 DSA_SIG_free(s); 166 return (1); 167} 168 169/* data has already been hashed (probably with SHA or SHA-1). */ 170/*- 171 * returns 172 * 1: correct signature 173 * 0: incorrect signature 174 * -1: error 175 */ 176int DSA_verify(int type, const unsigned char *dgst, int dgst_len, 177 const unsigned char *sigbuf, int siglen, DSA *dsa) 178{ 179 DSA_SIG *s; 180 const unsigned char *p = sigbuf; 181 unsigned char *der = NULL; 182 int derlen = -1; 183 int ret = -1; 184 185 s = DSA_SIG_new(); 186 if (s == NULL) 187 return (ret); 188 if (d2i_DSA_SIG(&s, &p, siglen) == NULL) 189 goto err; 190 /* Ensure signature uses DER and doesn't have trailing garbage */ 191 derlen = i2d_DSA_SIG(s, &der); 192 if (derlen != siglen || memcmp(sigbuf, der, derlen)) 193 goto err; 194 ret = DSA_do_verify(dgst, dgst_len, s, dsa); 195 err: 196 if (derlen > 0) { 197 OPENSSL_cleanse(der, derlen); 198 OPENSSL_free(der); 199 } 200 DSA_SIG_free(s); 201 return (ret); 202} 203