2
0

dsa_pmeth.c 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273
  1. /*
  2. * Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/asn1t.h>
  12. #include <openssl/x509.h>
  13. #include <openssl/evp.h>
  14. #include <openssl/bn.h>
  15. #include "crypto/evp.h"
  16. #include "dsa_local.h"
  17. /* DSA pkey context structure */
  18. typedef struct {
  19. /* Parameter gen parameters */
  20. int nbits; /* size of p in bits (default: 2048) */
  21. int qbits; /* size of q in bits (default: 224) */
  22. const EVP_MD *pmd; /* MD for parameter generation */
  23. /* Keygen callback info */
  24. int gentmp[2];
  25. /* message digest */
  26. const EVP_MD *md; /* MD for the signature */
  27. } DSA_PKEY_CTX;
  28. static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
  29. {
  30. DSA_PKEY_CTX *dctx = OPENSSL_malloc(sizeof(*dctx));
  31. if (dctx == NULL)
  32. return 0;
  33. dctx->nbits = 2048;
  34. dctx->qbits = 224;
  35. dctx->pmd = NULL;
  36. dctx->md = NULL;
  37. ctx->data = dctx;
  38. ctx->keygen_info = dctx->gentmp;
  39. ctx->keygen_info_count = 2;
  40. return 1;
  41. }
  42. static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
  43. {
  44. DSA_PKEY_CTX *dctx, *sctx;
  45. if (!pkey_dsa_init(dst))
  46. return 0;
  47. sctx = src->data;
  48. dctx = dst->data;
  49. dctx->nbits = sctx->nbits;
  50. dctx->qbits = sctx->qbits;
  51. dctx->pmd = sctx->pmd;
  52. dctx->md = sctx->md;
  53. return 1;
  54. }
  55. static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
  56. {
  57. DSA_PKEY_CTX *dctx = ctx->data;
  58. OPENSSL_free(dctx);
  59. }
  60. static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
  61. size_t *siglen, const unsigned char *tbs,
  62. size_t tbslen)
  63. {
  64. int ret;
  65. unsigned int sltmp;
  66. DSA_PKEY_CTX *dctx = ctx->data;
  67. DSA *dsa = ctx->pkey->pkey.dsa;
  68. if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
  69. return 0;
  70. ret = DSA_sign(0, tbs, tbslen, sig, &sltmp, dsa);
  71. if (ret <= 0)
  72. return ret;
  73. *siglen = sltmp;
  74. return 1;
  75. }
  76. static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
  77. const unsigned char *sig, size_t siglen,
  78. const unsigned char *tbs, size_t tbslen)
  79. {
  80. int ret;
  81. DSA_PKEY_CTX *dctx = ctx->data;
  82. DSA *dsa = ctx->pkey->pkey.dsa;
  83. if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
  84. return 0;
  85. ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
  86. return ret;
  87. }
  88. static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
  89. {
  90. DSA_PKEY_CTX *dctx = ctx->data;
  91. switch (type) {
  92. case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
  93. if (p1 < 256)
  94. return -2;
  95. dctx->nbits = p1;
  96. return 1;
  97. case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
  98. if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
  99. return -2;
  100. dctx->qbits = p1;
  101. return 1;
  102. case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
  103. if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
  104. EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
  105. EVP_MD_type((const EVP_MD *)p2) != NID_sha256) {
  106. DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
  107. return 0;
  108. }
  109. dctx->pmd = p2;
  110. return 1;
  111. case EVP_PKEY_CTRL_MD:
  112. if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
  113. EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
  114. EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
  115. EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
  116. EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
  117. EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
  118. EVP_MD_type((const EVP_MD *)p2) != NID_sha512 &&
  119. EVP_MD_type((const EVP_MD *)p2) != NID_sha3_224 &&
  120. EVP_MD_type((const EVP_MD *)p2) != NID_sha3_256 &&
  121. EVP_MD_type((const EVP_MD *)p2) != NID_sha3_384 &&
  122. EVP_MD_type((const EVP_MD *)p2) != NID_sha3_512) {
  123. DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
  124. return 0;
  125. }
  126. dctx->md = p2;
  127. return 1;
  128. case EVP_PKEY_CTRL_GET_MD:
  129. *(const EVP_MD **)p2 = dctx->md;
  130. return 1;
  131. case EVP_PKEY_CTRL_DIGESTINIT:
  132. case EVP_PKEY_CTRL_PKCS7_SIGN:
  133. case EVP_PKEY_CTRL_CMS_SIGN:
  134. return 1;
  135. case EVP_PKEY_CTRL_PEER_KEY:
  136. DSAerr(DSA_F_PKEY_DSA_CTRL,
  137. EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
  138. return -2;
  139. default:
  140. return -2;
  141. }
  142. }
  143. static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
  144. const char *type, const char *value)
  145. {
  146. if (strcmp(type, "dsa_paramgen_bits") == 0) {
  147. int nbits;
  148. nbits = atoi(value);
  149. return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
  150. }
  151. if (strcmp(type, "dsa_paramgen_q_bits") == 0) {
  152. int qbits = atoi(value);
  153. return EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits);
  154. }
  155. if (strcmp(type, "dsa_paramgen_md") == 0) {
  156. const EVP_MD *md = EVP_get_digestbyname(value);
  157. if (md == NULL) {
  158. DSAerr(DSA_F_PKEY_DSA_CTRL_STR, DSA_R_INVALID_DIGEST_TYPE);
  159. return 0;
  160. }
  161. return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md);
  162. }
  163. return -2;
  164. }
  165. static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
  166. {
  167. DSA *dsa = NULL;
  168. DSA_PKEY_CTX *dctx = ctx->data;
  169. BN_GENCB *pcb;
  170. int ret;
  171. if (ctx->pkey_gencb) {
  172. pcb = BN_GENCB_new();
  173. if (pcb == NULL)
  174. return 0;
  175. evp_pkey_set_cb_translate(pcb, ctx);
  176. } else
  177. pcb = NULL;
  178. dsa = DSA_new();
  179. if (dsa == NULL) {
  180. BN_GENCB_free(pcb);
  181. return 0;
  182. }
  183. ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
  184. NULL, 0, NULL, NULL, NULL, pcb);
  185. BN_GENCB_free(pcb);
  186. if (ret)
  187. EVP_PKEY_assign_DSA(pkey, dsa);
  188. else
  189. DSA_free(dsa);
  190. return ret;
  191. }
  192. static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
  193. {
  194. DSA *dsa = NULL;
  195. if (ctx->pkey == NULL) {
  196. DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
  197. return 0;
  198. }
  199. dsa = DSA_new();
  200. if (dsa == NULL)
  201. return 0;
  202. EVP_PKEY_assign_DSA(pkey, dsa);
  203. /* Note: if error return, pkey is freed by parent routine */
  204. if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
  205. return 0;
  206. return DSA_generate_key(pkey->pkey.dsa);
  207. }
  208. const EVP_PKEY_METHOD dsa_pkey_meth = {
  209. EVP_PKEY_DSA,
  210. EVP_PKEY_FLAG_AUTOARGLEN,
  211. pkey_dsa_init,
  212. pkey_dsa_copy,
  213. pkey_dsa_cleanup,
  214. 0,
  215. pkey_dsa_paramgen,
  216. 0,
  217. pkey_dsa_keygen,
  218. 0,
  219. pkey_dsa_sign,
  220. 0,
  221. pkey_dsa_verify,
  222. 0, 0,
  223. 0, 0, 0, 0,
  224. 0, 0,
  225. 0, 0,
  226. 0, 0,
  227. pkey_dsa_ctrl,
  228. pkey_dsa_ctrl_str
  229. };