VirtualBox

source: vbox/trunk/src/libs/openssl-1.1.1j/crypto/dsa/dsa_ameth.c@ 89508

Last change on this file since 89508 was 87984, checked in by vboxsync, 4 years ago

openssl-1.1.1j: Applied and adjusted our OpenSSL changes to 1.1.1j. bugref:9963

File size: 13.6 KB
Line 
1/*
2 * Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <stdio.h>
11#include "internal/cryptlib.h"
12#include <openssl/x509.h>
13#include <openssl/asn1.h>
14#include "dsa_local.h"
15#include <openssl/bn.h>
16#include <openssl/cms.h>
17#include "crypto/asn1.h"
18#include "crypto/evp.h"
19
20static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
21{
22 const unsigned char *p, *pm;
23 int pklen, pmlen;
24 int ptype;
25 const void *pval;
26 const ASN1_STRING *pstr;
27 X509_ALGOR *palg;
28 ASN1_INTEGER *public_key = NULL;
29
30 DSA *dsa = NULL;
31
32 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
33 return 0;
34 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
35
36 if (ptype == V_ASN1_SEQUENCE) {
37 pstr = pval;
38 pm = pstr->data;
39 pmlen = pstr->length;
40
41 if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
42 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
43 goto err;
44 }
45
46 } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
47 if ((dsa = DSA_new()) == NULL) {
48 DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
49 goto err;
50 }
51 } else {
52 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
53 goto err;
54 }
55
56 if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
57 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
58 goto err;
59 }
60
61 if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
62 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
63 goto err;
64 }
65
66 ASN1_INTEGER_free(public_key);
67 EVP_PKEY_assign_DSA(pkey, dsa);
68 return 1;
69
70 err:
71 ASN1_INTEGER_free(public_key);
72 DSA_free(dsa);
73 return 0;
74
75}
76
77static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
78{
79 DSA *dsa;
80 int ptype;
81 unsigned char *penc = NULL;
82 int penclen;
83 ASN1_STRING *str = NULL;
84 ASN1_INTEGER *pubint = NULL;
85 ASN1_OBJECT *aobj;
86
87 dsa = pkey->pkey.dsa;
88 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
89 str = ASN1_STRING_new();
90 if (str == NULL) {
91 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
92 goto err;
93 }
94 str->length = i2d_DSAparams(dsa, &str->data);
95 if (str->length <= 0) {
96 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
97 goto err;
98 }
99 ptype = V_ASN1_SEQUENCE;
100 } else
101 ptype = V_ASN1_UNDEF;
102
103 pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL);
104
105 if (pubint == NULL) {
106 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
107 goto err;
108 }
109
110 penclen = i2d_ASN1_INTEGER(pubint, &penc);
111 ASN1_INTEGER_free(pubint);
112
113 if (penclen <= 0) {
114 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
115 goto err;
116 }
117
118 aobj = OBJ_nid2obj(EVP_PKEY_DSA);
119 if (aobj == NULL)
120 goto err;
121
122 if (X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
123 return 1;
124
125 err:
126 OPENSSL_free(penc);
127 ASN1_STRING_free(str);
128
129 return 0;
130}
131
132/*
133 * In PKCS#8 DSA: you just get a private key integer and parameters in the
134 * AlgorithmIdentifier the pubkey must be recalculated.
135 */
136
137static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
138{
139 const unsigned char *p, *pm;
140 int pklen, pmlen;
141 int ptype;
142 const void *pval;
143 const ASN1_STRING *pstr;
144 const X509_ALGOR *palg;
145 ASN1_INTEGER *privkey = NULL;
146 BN_CTX *ctx = NULL;
147
148 DSA *dsa = NULL;
149
150 int ret = 0;
151
152 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
153 return 0;
154 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
155
156 if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
157 goto decerr;
158 if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
159 goto decerr;
160
161 pstr = pval;
162 pm = pstr->data;
163 pmlen = pstr->length;
164 if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
165 goto decerr;
166 /* We have parameters now set private key */
167 if ((dsa->priv_key = BN_secure_new()) == NULL
168 || !ASN1_INTEGER_to_BN(privkey, dsa->priv_key)) {
169 DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
170 goto dsaerr;
171 }
172 /* Calculate public key */
173 if ((dsa->pub_key = BN_new()) == NULL) {
174 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
175 goto dsaerr;
176 }
177 if ((ctx = BN_CTX_new()) == NULL) {
178 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
179 goto dsaerr;
180 }
181
182 BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
183 if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
184 DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
185 goto dsaerr;
186 }
187
188 EVP_PKEY_assign_DSA(pkey, dsa);
189
190 ret = 1;
191 goto done;
192
193 decerr:
194 DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
195 dsaerr:
196 DSA_free(dsa);
197 done:
198 BN_CTX_free(ctx);
199 ASN1_STRING_clear_free(privkey);
200 return ret;
201}
202
203static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
204{
205 ASN1_STRING *params = NULL;
206 ASN1_INTEGER *prkey = NULL;
207 unsigned char *dp = NULL;
208 int dplen;
209
210 if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
211 DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
212 goto err;
213 }
214
215 params = ASN1_STRING_new();
216
217 if (params == NULL) {
218 DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
219 goto err;
220 }
221
222 params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
223 if (params->length <= 0) {
224 DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
225 goto err;
226 }
227 params->type = V_ASN1_SEQUENCE;
228
229 /* Get private key into integer */
230 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
231
232 if (!prkey) {
233 DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
234 goto err;
235 }
236
237 dplen = i2d_ASN1_INTEGER(prkey, &dp);
238
239 ASN1_STRING_clear_free(prkey);
240 prkey = NULL;
241
242 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
243 V_ASN1_SEQUENCE, params, dp, dplen))
244 goto err;
245
246 return 1;
247
248 err:
249 OPENSSL_free(dp);
250 ASN1_STRING_free(params);
251 ASN1_STRING_clear_free(prkey);
252 return 0;
253}
254
255static int int_dsa_size(const EVP_PKEY *pkey)
256{
257 return DSA_size(pkey->pkey.dsa);
258}
259
260static int dsa_bits(const EVP_PKEY *pkey)
261{
262 return DSA_bits(pkey->pkey.dsa);
263}
264
265static int dsa_security_bits(const EVP_PKEY *pkey)
266{
267 return DSA_security_bits(pkey->pkey.dsa);
268}
269
270static int dsa_missing_parameters(const EVP_PKEY *pkey)
271{
272 DSA *dsa;
273 dsa = pkey->pkey.dsa;
274 if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
275 return 1;
276 return 0;
277}
278
279static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
280{
281 BIGNUM *a;
282
283 if (to->pkey.dsa == NULL) {
284 to->pkey.dsa = DSA_new();
285 if (to->pkey.dsa == NULL)
286 return 0;
287 }
288
289 if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
290 return 0;
291 BN_free(to->pkey.dsa->p);
292 to->pkey.dsa->p = a;
293
294 if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
295 return 0;
296 BN_free(to->pkey.dsa->q);
297 to->pkey.dsa->q = a;
298
299 if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
300 return 0;
301 BN_free(to->pkey.dsa->g);
302 to->pkey.dsa->g = a;
303 return 1;
304}
305
306static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
307{
308 if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
309 BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
310 BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
311 return 0;
312 else
313 return 1;
314}
315
316static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
317{
318 if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
319 return 0;
320 else
321 return 1;
322}
323
324static void int_dsa_free(EVP_PKEY *pkey)
325{
326 DSA_free(pkey->pkey.dsa);
327}
328
329static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
330{
331 int ret = 0;
332 const char *ktype = NULL;
333 const BIGNUM *priv_key, *pub_key;
334
335 if (ptype == 2)
336 priv_key = x->priv_key;
337 else
338 priv_key = NULL;
339
340 if (ptype > 0)
341 pub_key = x->pub_key;
342 else
343 pub_key = NULL;
344
345 if (ptype == 2)
346 ktype = "Private-Key";
347 else if (ptype == 1)
348 ktype = "Public-Key";
349 else
350 ktype = "DSA-Parameters";
351
352 if (priv_key) {
353 if (!BIO_indent(bp, off, 128))
354 goto err;
355 if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
356 <= 0)
357 goto err;
358 }
359
360 if (!ASN1_bn_print(bp, "priv:", priv_key, NULL, off))
361 goto err;
362 if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off))
363 goto err;
364 if (!ASN1_bn_print(bp, "P: ", x->p, NULL, off))
365 goto err;
366 if (!ASN1_bn_print(bp, "Q: ", x->q, NULL, off))
367 goto err;
368 if (!ASN1_bn_print(bp, "G: ", x->g, NULL, off))
369 goto err;
370 ret = 1;
371 err:
372 return ret;
373}
374
375static int dsa_param_decode(EVP_PKEY *pkey,
376 const unsigned char **pder, int derlen)
377{
378 DSA *dsa;
379
380 if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) {
381 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
382 return 0;
383 }
384 EVP_PKEY_assign_DSA(pkey, dsa);
385 return 1;
386}
387
388static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
389{
390 return i2d_DSAparams(pkey->pkey.dsa, pder);
391}
392
393static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
394 ASN1_PCTX *ctx)
395{
396 return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
397}
398
399static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
400 ASN1_PCTX *ctx)
401{
402 return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
403}
404
405static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
406 ASN1_PCTX *ctx)
407{
408 return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
409}
410
411static int old_dsa_priv_decode(EVP_PKEY *pkey,
412 const unsigned char **pder, int derlen)
413{
414 DSA *dsa;
415
416 if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
417 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
418 return 0;
419 }
420 EVP_PKEY_assign_DSA(pkey, dsa);
421 return 1;
422}
423
424static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
425{
426 return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
427}
428
429static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
430 const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
431{
432 DSA_SIG *dsa_sig;
433 const unsigned char *p;
434
435 if (!sig) {
436 if (BIO_puts(bp, "\n") <= 0)
437 return 0;
438 else
439 return 1;
440 }
441 p = sig->data;
442 dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
443 if (dsa_sig) {
444 int rv = 0;
445 const BIGNUM *r, *s;
446
447 DSA_SIG_get0(dsa_sig, &r, &s);
448
449 if (BIO_write(bp, "\n", 1) != 1)
450 goto err;
451
452 if (!ASN1_bn_print(bp, "r: ", r, NULL, indent))
453 goto err;
454 if (!ASN1_bn_print(bp, "s: ", s, NULL, indent))
455 goto err;
456 rv = 1;
457 err:
458 DSA_SIG_free(dsa_sig);
459 return rv;
460 }
461 return X509_signature_dump(bp, sig, indent);
462}
463
464static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
465{
466 switch (op) {
467 case ASN1_PKEY_CTRL_PKCS7_SIGN:
468 if (arg1 == 0) {
469 int snid, hnid;
470 X509_ALGOR *alg1, *alg2;
471 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
472 if (alg1 == NULL || alg1->algorithm == NULL)
473 return -1;
474 hnid = OBJ_obj2nid(alg1->algorithm);
475 if (hnid == NID_undef)
476 return -1;
477 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
478 return -1;
479 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
480 }
481 return 1;
482#ifndef OPENSSL_NO_CMS
483 case ASN1_PKEY_CTRL_CMS_SIGN:
484 if (arg1 == 0) {
485 int snid, hnid;
486 X509_ALGOR *alg1, *alg2;
487 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
488 if (alg1 == NULL || alg1->algorithm == NULL)
489 return -1;
490 hnid = OBJ_obj2nid(alg1->algorithm);
491 if (hnid == NID_undef)
492 return -1;
493 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
494 return -1;
495 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
496 }
497 return 1;
498
499 case ASN1_PKEY_CTRL_CMS_RI_TYPE:
500 *(int *)arg2 = CMS_RECIPINFO_NONE;
501 return 1;
502#endif
503
504 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
505 *(int *)arg2 = NID_sha256;
506 return 1;
507
508 default:
509 return -2;
510
511 }
512
513}
514
515/* NB these are sorted in pkey_id order, lowest first */
516
517const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5] = {
518
519 {
520 EVP_PKEY_DSA2,
521 EVP_PKEY_DSA,
522 ASN1_PKEY_ALIAS},
523
524 {
525 EVP_PKEY_DSA1,
526 EVP_PKEY_DSA,
527 ASN1_PKEY_ALIAS},
528
529 {
530 EVP_PKEY_DSA4,
531 EVP_PKEY_DSA,
532 ASN1_PKEY_ALIAS},
533
534 {
535 EVP_PKEY_DSA3,
536 EVP_PKEY_DSA,
537 ASN1_PKEY_ALIAS},
538
539 {
540 EVP_PKEY_DSA,
541 EVP_PKEY_DSA,
542 0,
543
544 "DSA",
545 "OpenSSL DSA method",
546
547 dsa_pub_decode,
548 dsa_pub_encode,
549 dsa_pub_cmp,
550 dsa_pub_print,
551
552 dsa_priv_decode,
553 dsa_priv_encode,
554 dsa_priv_print,
555
556 int_dsa_size,
557 dsa_bits,
558 dsa_security_bits,
559
560 dsa_param_decode,
561 dsa_param_encode,
562 dsa_missing_parameters,
563 dsa_copy_parameters,
564 dsa_cmp_parameters,
565 dsa_param_print,
566 dsa_sig_print,
567
568 int_dsa_free,
569 dsa_pkey_ctrl,
570 old_dsa_priv_decode,
571 old_dsa_priv_encode}
572};
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette