summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa/dsa_ameth.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/dsa/dsa_ameth.c459
1 files changed, 224 insertions, 235 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index d11565a737..c6707b9427 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ameth.c,v 1.8 2014/06/12 15:49:28 deraadt Exp $ */ 1/* $OpenBSD: dsa_ameth.c,v 1.9 2014/07/09 10:16:24 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -67,8 +67,9 @@
67#endif 67#endif
68#include "asn1_locl.h" 68#include "asn1_locl.h"
69 69
70static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) 70static int
71 { 71dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
72{
72 const unsigned char *p, *pm; 73 const unsigned char *p, *pm;
73 int pklen, pmlen; 74 int pklen, pmlen;
74 int ptype; 75 int ptype;
@@ -83,112 +84,99 @@ static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
83 return 0; 84 return 0;
84 X509_ALGOR_get0(NULL, &ptype, &pval, palg); 85 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
85 86
86 87 if (ptype == V_ASN1_SEQUENCE) {
87 if (ptype == V_ASN1_SEQUENCE)
88 {
89 pstr = pval; 88 pstr = pval;
90 pm = pstr->data; 89 pm = pstr->data;
91 pmlen = pstr->length; 90 pmlen = pstr->length;
92 91
93 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) 92 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
94 {
95 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR); 93 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
96 goto err; 94 goto err;
97 }
98
99 } 95 }
100 else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) 96 } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) {
101 { 97 if (!(dsa = DSA_new())) {
102 if (!(dsa = DSA_new()))
103 {
104 DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE); 98 DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
105 goto err; 99 goto err;
106 } 100 }
107 } 101 } else {
108 else
109 {
110 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR); 102 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
111 goto err; 103 goto err;
112 } 104 }
113 105
114 if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) 106 if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) {
115 {
116 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR); 107 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
117 goto err; 108 goto err;
118 } 109 }
119 110
120 if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) 111 if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
121 {
122 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR); 112 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
123 goto err; 113 goto err;
124 } 114 }
125 115
126 ASN1_INTEGER_free(public_key); 116 ASN1_INTEGER_free(public_key);
127 EVP_PKEY_assign_DSA(pkey, dsa); 117 EVP_PKEY_assign_DSA(pkey, dsa);
128 return 1; 118 return 1;
129 119
130 err: 120err:
131 if (public_key) 121 if (public_key)
132 ASN1_INTEGER_free(public_key); 122 ASN1_INTEGER_free(public_key);
133 if (dsa) 123 if (dsa)
134 DSA_free(dsa); 124 DSA_free(dsa);
135 return 0; 125 return 0;
126}
136 127
137 } 128static int
138 129dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
139static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) 130{
140 {
141 DSA *dsa; 131 DSA *dsa;
142 void *pval = NULL; 132 void *pval = NULL;
143 int ptype; 133 int ptype;
144 unsigned char *penc = NULL; 134 unsigned char *penc = NULL;
145 int penclen; 135 int penclen;
146 136
147 dsa=pkey->pkey.dsa; 137 dsa = pkey->pkey.dsa;
148 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) 138 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
149 {
150 ASN1_STRING *str; 139 ASN1_STRING *str;
140
151 str = ASN1_STRING_new(); 141 str = ASN1_STRING_new();
152 str->length = i2d_DSAparams(dsa, &str->data); 142 str->length = i2d_DSAparams(dsa, &str->data);
153 if (str->length <= 0) 143 if (str->length <= 0) {
154 {
155 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); 144 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
156 goto err; 145 goto err;
157 } 146 }
158 pval = str; 147 pval = str;
159 ptype = V_ASN1_SEQUENCE; 148 ptype = V_ASN1_SEQUENCE;
160 } 149 } else
161 else
162 ptype = V_ASN1_UNDEF; 150 ptype = V_ASN1_UNDEF;
163 151
164 dsa->write_params=0; 152 dsa->write_params = 0;
165 153
166 penclen = i2d_DSAPublicKey(dsa, &penc); 154 penclen = i2d_DSAPublicKey(dsa, &penc);
167 155
168 if (penclen <= 0) 156 if (penclen <= 0) {
169 {
170 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); 157 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
171 goto err; 158 goto err;
172 } 159 }
173 160
174 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), 161 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, pval,
175 ptype, pval, penc, penclen)) 162 penc, penclen))
176 return 1; 163 return 1;
177 164
178 err: 165err:
179 free(penc); 166 free(penc);
180 if (pval) 167 if (pval)
181 ASN1_STRING_free(pval); 168 ASN1_STRING_free(pval);
182 169
183 return 0; 170 return 0;
184 } 171}
185 172
186/* In PKCS#8 DSA: you just get a private key integer and parameters in the 173/* In PKCS#8 DSA: you just get a private key integer and parameters in the
187 * AlgorithmIdentifier the pubkey must be recalculated. 174 * AlgorithmIdentifier the pubkey must be recalculated.
188 */ 175 */
189 176
190static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) 177static int
191 { 178dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
179{
192 const unsigned char *p, *pm; 180 const unsigned char *p, *pm;
193 int pklen, pmlen; 181 int pklen, pmlen;
194 int ptype; 182 int ptype;
@@ -197,7 +185,6 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
197 X509_ALGOR *palg; 185 X509_ALGOR *palg;
198 ASN1_INTEGER *privkey = NULL; 186 ASN1_INTEGER *privkey = NULL;
199 BN_CTX *ctx = NULL; 187 BN_CTX *ctx = NULL;
200
201 STACK_OF(ASN1_TYPE) *ndsa = NULL; 188 STACK_OF(ASN1_TYPE) *ndsa = NULL;
202 DSA *dsa = NULL; 189 DSA *dsa = NULL;
203 190
@@ -206,26 +193,24 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
206 X509_ALGOR_get0(NULL, &ptype, &pval, palg); 193 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
207 194
208 /* Check for broken DSA PKCS#8, UGH! */ 195 /* Check for broken DSA PKCS#8, UGH! */
209 if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) 196 if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
210 {
211 ASN1_TYPE *t1, *t2; 197 ASN1_TYPE *t1, *t2;
212 if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen))) 198 if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
213 goto decerr; 199 goto decerr;
214 if (sk_ASN1_TYPE_num(ndsa) != 2) 200 if (sk_ASN1_TYPE_num(ndsa) != 2)
215 goto decerr; 201 goto decerr;
216 /* Handle Two broken types: 202 /*
203 * Handle Two broken types:
217 * SEQUENCE {parameters, priv_key} 204 * SEQUENCE {parameters, priv_key}
218 * SEQUENCE {pub_key, priv_key} 205 * SEQUENCE {pub_key, priv_key}
219 */ 206 */
220 207
221 t1 = sk_ASN1_TYPE_value(ndsa, 0); 208 t1 = sk_ASN1_TYPE_value(ndsa, 0);
222 t2 = sk_ASN1_TYPE_value(ndsa, 1); 209 t2 = sk_ASN1_TYPE_value(ndsa, 1);
223 if (t1->type == V_ASN1_SEQUENCE) 210 if (t1->type == V_ASN1_SEQUENCE) {
224 {
225 p8->broken = PKCS8_EMBEDDED_PARAM; 211 p8->broken = PKCS8_EMBEDDED_PARAM;
226 pval = t1->value.ptr; 212 pval = t1->value.ptr;
227 } 213 } else if (ptype == V_ASN1_SEQUENCE)
228 else if (ptype == V_ASN1_SEQUENCE)
229 p8->broken = PKCS8_NS_DB; 214 p8->broken = PKCS8_NS_DB;
230 else 215 else
231 goto decerr; 216 goto decerr;
@@ -234,22 +219,20 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
234 goto decerr; 219 goto decerr;
235 220
236 privkey = t2->value.integer; 221 privkey = t2->value.integer;
237 } 222 } else {
238 else
239 {
240 const unsigned char *q = p; 223 const unsigned char *q = p;
224
241 if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen))) 225 if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
242 goto decerr; 226 goto decerr;
243 if (privkey->type == V_ASN1_NEG_INTEGER) 227 if (privkey->type == V_ASN1_NEG_INTEGER) {
244 {
245 p8->broken = PKCS8_NEG_PRIVKEY; 228 p8->broken = PKCS8_NEG_PRIVKEY;
246 ASN1_INTEGER_free(privkey); 229 ASN1_INTEGER_free(privkey);
247 if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen))) 230 if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
248 goto decerr; 231 goto decerr;
249 } 232 }
250 if (ptype != V_ASN1_SEQUENCE) 233 if (ptype != V_ASN1_SEQUENCE)
251 goto decerr; 234 goto decerr;
252 } 235 }
253 236
254 pstr = pval; 237 pstr = pval;
255 pm = pstr->data; 238 pm = pstr->data;
@@ -257,50 +240,47 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
257 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) 240 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
258 goto decerr; 241 goto decerr;
259 /* We have parameters now set private key */ 242 /* We have parameters now set private key */
260 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) 243 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
261 {
262 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR); 244 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
263 goto dsaerr; 245 goto dsaerr;
264 } 246 }
265 /* Calculate public key */ 247 /* Calculate public key */
266 if (!(dsa->pub_key = BN_new())) 248 if (!(dsa->pub_key = BN_new())) {
267 {
268 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE); 249 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
269 goto dsaerr; 250 goto dsaerr;
270 } 251 }
271 if (!(ctx = BN_CTX_new())) 252 if (!(ctx = BN_CTX_new())) {
272 {
273 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE); 253 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
274 goto dsaerr; 254 goto dsaerr;
275 } 255 }
276 256
277 if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) 257 if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
278 {
279 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR); 258 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
280 goto dsaerr; 259 goto dsaerr;
281 } 260 }
282 261
283 EVP_PKEY_assign_DSA(pkey, dsa); 262 EVP_PKEY_assign_DSA(pkey, dsa);
284 BN_CTX_free (ctx); 263 BN_CTX_free (ctx);
285 if(ndsa) 264 if (ndsa)
286 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 265 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
287 else 266 else
288 ASN1_INTEGER_free(privkey); 267 ASN1_INTEGER_free(privkey);
289 268
290 return 1; 269 return 1;
291 270
292 decerr: 271decerr:
293 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); 272 DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
294 dsaerr: 273dsaerr:
295 BN_CTX_free (ctx); 274 BN_CTX_free (ctx);
296 if (privkey) 275 if (privkey)
297 ASN1_INTEGER_free(privkey); 276 ASN1_INTEGER_free(privkey);
298 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); 277 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
299 DSA_free(dsa); 278 DSA_free(dsa);
300 return 0; 279 return 0;
301 } 280}
302 281
303static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) 282static int
283dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
304{ 284{
305 ASN1_STRING *params = NULL; 285 ASN1_STRING *params = NULL;
306 ASN1_INTEGER *prkey = NULL; 286 ASN1_INTEGER *prkey = NULL;
@@ -308,36 +288,31 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
308 int dplen; 288 int dplen;
309 289
310 params = ASN1_STRING_new(); 290 params = ASN1_STRING_new();
311 291 if (!params) {
312 if (!params) 292 DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
313 {
314 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
315 goto err; 293 goto err;
316 } 294 }
317 295
318 params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data); 296 params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
319 if (params->length <= 0) 297 if (params->length <= 0) {
320 { 298 DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
321 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
322 goto err; 299 goto err;
323 } 300 }
324 params->type = V_ASN1_SEQUENCE; 301 params->type = V_ASN1_SEQUENCE;
325 302
326 /* Get private key into integer */ 303 /* Get private key into integer */
327 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); 304 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
328 305 if (!prkey) {
329 if (!prkey) 306 DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
330 {
331 DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_BN_ERROR);
332 goto err; 307 goto err;
333 } 308 }
334 309
335 dplen = i2d_ASN1_INTEGER(prkey, &dp); 310 dplen = i2d_ASN1_INTEGER(prkey, &dp);
336 311
337 ASN1_INTEGER_free(prkey); 312 ASN1_INTEGER_free(prkey);
338 313
339 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, 314 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE,
340 V_ASN1_SEQUENCE, params, dp, dplen)) 315 params, dp, dplen))
341 goto err; 316 goto err;
342 317
343 return 1; 318 return 1;
@@ -351,88 +326,98 @@ err:
351 return 0; 326 return 0;
352} 327}
353 328
354static int int_dsa_size(const EVP_PKEY *pkey) 329static int
355 { 330int_dsa_size(const EVP_PKEY *pkey)
356 return(DSA_size(pkey->pkey.dsa)); 331{
357 } 332 return DSA_size(pkey->pkey.dsa);
333}
358 334
359static int dsa_bits(const EVP_PKEY *pkey) 335static int
360 { 336dsa_bits(const EVP_PKEY *pkey)
337{
361 return BN_num_bits(pkey->pkey.dsa->p); 338 return BN_num_bits(pkey->pkey.dsa->p);
362 } 339}
363 340
364static int dsa_missing_parameters(const EVP_PKEY *pkey) 341static int
365 { 342dsa_missing_parameters(const EVP_PKEY *pkey)
343{
366 DSA *dsa; 344 DSA *dsa;
367 dsa=pkey->pkey.dsa; 345
368 if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) 346 dsa = pkey->pkey.dsa;
369 return 1; 347 if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
348 return 1;
370 return 0; 349 return 0;
371 } 350}
372 351
373static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 352static int
374 { 353dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
354{
375 BIGNUM *a; 355 BIGNUM *a;
376 356
377 if ((a=BN_dup(from->pkey.dsa->p)) == NULL) 357 if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
378 return 0; 358 return 0;
379 if (to->pkey.dsa->p != NULL) 359 if (to->pkey.dsa->p != NULL)
380 BN_free(to->pkey.dsa->p); 360 BN_free(to->pkey.dsa->p);
381 to->pkey.dsa->p=a; 361 to->pkey.dsa->p = a;
382 362
383 if ((a=BN_dup(from->pkey.dsa->q)) == NULL) 363 if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
384 return 0; 364 return 0;
385 if (to->pkey.dsa->q != NULL) 365 if (to->pkey.dsa->q != NULL)
386 BN_free(to->pkey.dsa->q); 366 BN_free(to->pkey.dsa->q);
387 to->pkey.dsa->q=a; 367 to->pkey.dsa->q = a;
388 368
389 if ((a=BN_dup(from->pkey.dsa->g)) == NULL) 369 if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
390 return 0; 370 return 0;
391 if (to->pkey.dsa->g != NULL) 371 if (to->pkey.dsa->g != NULL)
392 BN_free(to->pkey.dsa->g); 372 BN_free(to->pkey.dsa->g);
393 to->pkey.dsa->g=a; 373 to->pkey.dsa->g = a;
394 return 1; 374 return 1;
395 } 375}
396 376
397static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 377static int
398 { 378dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
399 if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) || 379{
400 BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) || 380 if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
401 BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g)) 381 BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
382 BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
402 return 0; 383 return 0;
403 else 384 else
404 return 1; 385 return 1;
405 } 386}
406 387
407static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 388static int
408 { 389dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
409 if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0) 390{
391 if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
410 return 0; 392 return 0;
411 else 393 else
412 return 1; 394 return 1;
413 } 395}
414 396
415static void int_dsa_free(EVP_PKEY *pkey) 397static void
416 { 398int_dsa_free(EVP_PKEY *pkey)
399{
417 DSA_free(pkey->pkey.dsa); 400 DSA_free(pkey->pkey.dsa);
418 } 401}
419 402
420static void update_buflen(const BIGNUM *b, size_t *pbuflen) 403static void
421 { 404update_buflen(const BIGNUM *b, size_t *pbuflen)
405{
422 size_t i; 406 size_t i;
407
423 if (!b) 408 if (!b)
424 return; 409 return;
425 if (*pbuflen < (i = (size_t)BN_num_bytes(b))) 410 if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
426 *pbuflen = i; 411 *pbuflen = i;
427 } 412}
428 413
429static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) 414static int
430 { 415do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
431 unsigned char *m=NULL; 416{
432 int ret=0; 417 unsigned char *m = NULL;
433 size_t buf_len=0; 418 int ret = 0;
419 size_t buf_len = 0;
434 const char *ktype = NULL; 420 const char *ktype = NULL;
435
436 const BIGNUM *priv_key, *pub_key; 421 const BIGNUM *priv_key, *pub_key;
437 422
438 if (ptype == 2) 423 if (ptype == 2)
@@ -458,183 +443,187 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
458 update_buflen(priv_key, &buf_len); 443 update_buflen(priv_key, &buf_len);
459 update_buflen(pub_key, &buf_len); 444 update_buflen(pub_key, &buf_len);
460 445
461 m = malloc(buf_len+10); 446 m = malloc(buf_len + 10);
462 if (m == NULL) 447 if (m == NULL) {
463 { 448 DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
464 DSAerr(DSA_F_DO_DSA_PRINT,ERR_R_MALLOC_FAILURE);
465 goto err; 449 goto err;
466 } 450 }
467 451
468 if (priv_key) 452 if (priv_key) {
469 { 453 if (!BIO_indent(bp, off, 128))
470 if(!BIO_indent(bp,off,128)) 454 goto err;
471 goto err; 455 if (BIO_printf(bp, "%s: (%d bit)\n", ktype,
472 if (BIO_printf(bp,"%s: (%d bit)\n",ktype, BN_num_bits(x->p)) 456 BN_num_bits(x->p)) <= 0)
473 <= 0) goto err; 457 goto err;
474 } 458 }
475 459
476 if (!ASN1_bn_print(bp,"priv:",priv_key,m,off)) 460 if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
461 goto err;
462 if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
463 goto err;
464 if (!ASN1_bn_print(bp, "P: ", x->p, m, off))
477 goto err; 465 goto err;
478 if (!ASN1_bn_print(bp,"pub: ",pub_key,m,off)) 466 if (!ASN1_bn_print(bp, "Q: ", x->q, m, off))
479 goto err; 467 goto err;
480 if (!ASN1_bn_print(bp,"P: ",x->p,m,off)) goto err; 468 if (!ASN1_bn_print(bp, "G: ", x->g, m, off))
481 if (!ASN1_bn_print(bp,"Q: ",x->q,m,off)) goto err; 469 goto err;
482 if (!ASN1_bn_print(bp,"G: ",x->g,m,off)) goto err; 470 ret = 1;
483 ret=1;
484err: 471err:
485 free(m); 472 free(m);
486 return(ret); 473 return(ret);
487 } 474}
488 475
489static int dsa_param_decode(EVP_PKEY *pkey, 476static int
490 const unsigned char **pder, int derlen) 477dsa_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
491 { 478{
492 DSA *dsa; 479 DSA *dsa;
493 if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) 480
494 { 481 if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
495 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB); 482 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
496 return 0; 483 return 0;
497 } 484 }
498 EVP_PKEY_assign_DSA(pkey, dsa); 485 EVP_PKEY_assign_DSA(pkey, dsa);
499 return 1; 486 return 1;
500 } 487}
501 488
502static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder) 489static int
503 { 490dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
491{
504 return i2d_DSAparams(pkey->pkey.dsa, pder); 492 return i2d_DSAparams(pkey->pkey.dsa, pder);
505 } 493}
506 494
507static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, 495static int
508 ASN1_PCTX *ctx) 496dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
509 { 497{
510 return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); 498 return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
511 } 499}
512 500
513static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, 501static int
514 ASN1_PCTX *ctx) 502dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
515 { 503{
516 return do_dsa_print(bp, pkey->pkey.dsa, indent, 1); 504 return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
517 } 505}
518
519 506
520static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, 507static int
521 ASN1_PCTX *ctx) 508dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
522 { 509{
523 return do_dsa_print(bp, pkey->pkey.dsa, indent, 2); 510 return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
524 } 511}
525 512
526static int old_dsa_priv_decode(EVP_PKEY *pkey, 513static int
527 const unsigned char **pder, int derlen) 514old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
528 { 515{
529 DSA *dsa; 516 DSA *dsa;
530 if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen))) 517
531 { 518 if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen))) {
532 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB); 519 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
533 return 0; 520 return 0;
534 } 521 }
535 EVP_PKEY_assign_DSA(pkey, dsa); 522 EVP_PKEY_assign_DSA(pkey, dsa);
536 return 1; 523 return 1;
537 } 524}
538 525
539static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) 526static int
540 { 527old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
528{
541 return i2d_DSAPrivateKey(pkey->pkey.dsa, pder); 529 return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
542 } 530}
543 531
544static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, 532static int
545 const ASN1_STRING *sig, 533dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig,
546 int indent, ASN1_PCTX *pctx) 534 int indent, ASN1_PCTX *pctx)
547 { 535{
548 DSA_SIG *dsa_sig; 536 DSA_SIG *dsa_sig;
549 const unsigned char *p; 537 const unsigned char *p;
550 if (!sig) 538
551 { 539 if (!sig) {
552 if (BIO_puts(bp, "\n") <= 0) 540 if (BIO_puts(bp, "\n") <= 0)
553 return 0; 541 return 0;
554 else 542 else
555 return 1; 543 return 1;
556 } 544 }
557 p = sig->data; 545 p = sig->data;
558 dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); 546 dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
559 if (dsa_sig) 547 if (dsa_sig) {
560 {
561 int rv = 0; 548 int rv = 0;
562 size_t buf_len = 0; 549 size_t buf_len = 0;
563 unsigned char *m=NULL; 550 unsigned char *m = NULL;
551
564 update_buflen(dsa_sig->r, &buf_len); 552 update_buflen(dsa_sig->r, &buf_len);
565 update_buflen(dsa_sig->s, &buf_len); 553 update_buflen(dsa_sig->s, &buf_len);
566 m = malloc(buf_len+10); 554 m = malloc(buf_len + 10);
567 if (m == NULL) 555 if (m == NULL) {
568 { 556 DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
569 DSAerr(DSA_F_DSA_SIG_PRINT,ERR_R_MALLOC_FAILURE);
570 goto err; 557 goto err;
571 } 558 }
572 559
573 if (BIO_write(bp, "\n", 1) != 1) 560 if (BIO_write(bp, "\n", 1) != 1)
574 goto err; 561 goto err;
575 562
576 if (!ASN1_bn_print(bp,"r: ",dsa_sig->r,m,indent)) 563 if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent))
577 goto err; 564 goto err;
578 if (!ASN1_bn_print(bp,"s: ",dsa_sig->s,m,indent)) 565 if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent))
579 goto err; 566 goto err;
580 rv = 1; 567 rv = 1;
581 err: 568err:
582 free(m); 569 free(m);
583 DSA_SIG_free(dsa_sig); 570 DSA_SIG_free(dsa_sig);
584 return rv; 571 return rv;
585 }
586 return X509_signature_dump(bp, sig, indent);
587 } 572 }
573 return X509_signature_dump(bp, sig, indent);
574}
588 575
589static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) 576static int
590 { 577dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
591 switch (op) 578{
592 { 579 switch (op) {
593 case ASN1_PKEY_CTRL_PKCS7_SIGN: 580 case ASN1_PKEY_CTRL_PKCS7_SIGN:
594 if (arg1 == 0) 581 if (arg1 == 0) {
595 {
596 int snid, hnid; 582 int snid, hnid;
597 X509_ALGOR *alg1, *alg2; 583 X509_ALGOR *alg1, *alg2;
584
598 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); 585 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
599 if (alg1 == NULL || alg1->algorithm == NULL) 586 if (alg1 == NULL || alg1->algorithm == NULL)
600 return -1; 587 return -1;
601 hnid = OBJ_obj2nid(alg1->algorithm); 588 hnid = OBJ_obj2nid(alg1->algorithm);
602 if (hnid == NID_undef) 589 if (hnid == NID_undef)
603 return -1; 590 return -1;
604 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) 591 if (!OBJ_find_sigid_by_algs(&snid, hnid,
592 EVP_PKEY_id(pkey)))
605 return -1; 593 return -1;
606 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); 594 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF,
607 } 595 0);
596 }
608 return 1; 597 return 1;
609#ifndef OPENSSL_NO_CMS 598#ifndef OPENSSL_NO_CMS
610 case ASN1_PKEY_CTRL_CMS_SIGN: 599 case ASN1_PKEY_CTRL_CMS_SIGN:
611 if (arg1 == 0) 600 if (arg1 == 0) {
612 {
613 int snid, hnid; 601 int snid, hnid;
614 X509_ALGOR *alg1, *alg2; 602 X509_ALGOR *alg1, *alg2;
603
615 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); 604 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
616 if (alg1 == NULL || alg1->algorithm == NULL) 605 if (alg1 == NULL || alg1->algorithm == NULL)
617 return -1; 606 return -1;
618 hnid = OBJ_obj2nid(alg1->algorithm); 607 hnid = OBJ_obj2nid(alg1->algorithm);
619 if (hnid == NID_undef) 608 if (hnid == NID_undef)
620 return -1; 609 return -1;
621 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) 610 if (!OBJ_find_sigid_by_algs(&snid, hnid,
611 EVP_PKEY_id(pkey)))
622 return -1; 612 return -1;
623 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); 613 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF,
624 } 614 0);
615 }
625 return 1; 616 return 1;
626#endif 617#endif
627 618
628 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: 619 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
629 *(int *)arg2 = NID_sha1; 620 *(int *)arg2 = NID_sha1;
630 return 2; 621 return 2;
631 622
632 default: 623 default:
633 return -2; 624 return -2;
634
635 }
636
637 } 625 }
626}
638 627
639/* NB these are sorted in pkey_id order, lowest first */ 628/* NB these are sorted in pkey_id order, lowest first */
640 629
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-09 08:20:40 +0000