dsa_asn1.c revision 194206
1/* dsa_asn1.c */ 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 2000. 4 */ 5/* ==================================================================== 6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59#include <stdio.h> 60#include "cryptlib.h" 61#include <openssl/dsa.h> 62#include <openssl/asn1.h> 63#include <openssl/asn1t.h> 64#include <openssl/bn.h> 65#ifdef OPENSSL_FIPS 66#include <openssl/fips.h> 67#endif 68 69 70/* Override the default new methods */ 71static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 72{ 73 if(operation == ASN1_OP_NEW_PRE) { 74 DSA_SIG *sig; 75 sig = OPENSSL_malloc(sizeof(DSA_SIG)); 76 sig->r = NULL; 77 sig->s = NULL; 78 *pval = (ASN1_VALUE *)sig; 79 if(sig) return 2; 80 DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); 81 return 0; 82 } 83 return 1; 84} 85 86ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { 87 ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), 88 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) 89} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) 90 91IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) 92 93/* Override the default free and new methods */ 94static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 95{ 96 if(operation == ASN1_OP_NEW_PRE) { 97 *pval = (ASN1_VALUE *)DSA_new(); 98 if(*pval) return 2; 99 return 0; 100 } else if(operation == ASN1_OP_FREE_PRE) { 101 DSA_free((DSA *)*pval); 102 *pval = NULL; 103 return 2; 104 } 105 return 1; 106} 107 108ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { 109 ASN1_SIMPLE(DSA, version, LONG), 110 ASN1_SIMPLE(DSA, p, BIGNUM), 111 ASN1_SIMPLE(DSA, q, BIGNUM), 112 ASN1_SIMPLE(DSA, g, BIGNUM), 113 ASN1_SIMPLE(DSA, pub_key, BIGNUM), 114 ASN1_SIMPLE(DSA, priv_key, BIGNUM) 115} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey) 116 117IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey) 118 119ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { 120 ASN1_SIMPLE(DSA, p, BIGNUM), 121 ASN1_SIMPLE(DSA, q, BIGNUM), 122 ASN1_SIMPLE(DSA, g, BIGNUM), 123} ASN1_SEQUENCE_END_cb(DSA, DSAparams) 124 125IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams) 126 127/* DSA public key is a bit trickier... its effectively a CHOICE type 128 * decided by a field called write_params which can either write out 129 * just the public key as an INTEGER or the parameters and public key 130 * in a SEQUENCE 131 */ 132 133ASN1_SEQUENCE(dsa_pub_internal) = { 134 ASN1_SIMPLE(DSA, pub_key, BIGNUM), 135 ASN1_SIMPLE(DSA, p, BIGNUM), 136 ASN1_SIMPLE(DSA, q, BIGNUM), 137 ASN1_SIMPLE(DSA, g, BIGNUM) 138} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal) 139 140ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { 141 ASN1_SIMPLE(DSA, pub_key, BIGNUM), 142 ASN1_EX_COMBINE(0, 0, dsa_pub_internal) 143} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) 144 145IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) 146 147int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, 148 unsigned int *siglen, DSA *dsa) 149 { 150 DSA_SIG *s; 151#ifdef OPENSSL_FIPS 152 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) 153 { 154 DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); 155 return 0; 156 } 157#endif 158 s=DSA_do_sign(dgst,dlen,dsa); 159 if (s == NULL) 160 { 161 *siglen=0; 162 return(0); 163 } 164 *siglen=i2d_DSA_SIG(s,&sig); 165 DSA_SIG_free(s); 166 return(1); 167 } 168 169int DSA_size(const DSA *r) 170 { 171 int ret,i; 172 ASN1_INTEGER bs; 173 unsigned char buf[4]; /* 4 bytes looks really small. 174 However, i2d_ASN1_INTEGER() will not look 175 beyond the first byte, as long as the second 176 parameter is NULL. */ 177 178 i=BN_num_bits(r->q); 179 bs.length=(i+7)/8; 180 bs.data=buf; 181 bs.type=V_ASN1_INTEGER; 182 /* If the top bit is set the asn1 encoding is 1 larger. */ 183 buf[0]=0xff; 184 185 i=i2d_ASN1_INTEGER(&bs,NULL); 186 i+=i; /* r and s */ 187 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); 188 return(ret); 189 } 190 191/* data has already been hashed (probably with SHA or SHA-1). */ 192/* returns 193 * 1: correct signature 194 * 0: incorrect signature 195 * -1: error 196 */ 197int DSA_verify(int type, const unsigned char *dgst, int dgst_len, 198 const unsigned char *sigbuf, int siglen, DSA *dsa) 199 { 200 DSA_SIG *s; 201 int ret=-1; 202#ifdef OPENSSL_FIPS 203 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) 204 { 205 DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); 206 return 0; 207 } 208#endif 209 210 s = DSA_SIG_new(); 211 if (s == NULL) return(ret); 212 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; 213 ret=DSA_do_verify(dgst,dgst_len,s,dsa); 214err: 215 DSA_SIG_free(s); 216 return(ret); 217 } 218 219