wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/dsa/dsa_ameth.c
Dr. Stephen Henson f72f00d495 Parameter copy sanity checks. 
Don't copy parameters is they're already present in the destination.
Return error if an attempt is made to copy different parameters to
destination. Update documentation.

If key type is not initialised return missing parameters

RT#4149

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-31 13:06:16 +01:00

567 lines
14 KiB
C
Raw Blame History

/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include "dsa_locl.h"
#include <openssl/bn.h>
#include <openssl/cms.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
{
const unsigned char *p, *pm;
int pklen, pmlen;
int ptype;
void *pval;
ASN1_STRING *pstr;
X509_ALGOR *palg;
ASN1_INTEGER *public_key = NULL;
DSA *dsa = NULL;
if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
return 0;
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
if (ptype == V_ASN1_SEQUENCE) {
pstr = pval;
pm = pstr->data;
pmlen = pstr->length;
if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
goto err;
}
} else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
if ((dsa = DSA_new()) == NULL) {
DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
goto err;
}
} else {
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
goto err;
}
if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
goto err;
}
if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
goto err;
}
ASN1_INTEGER_free(public_key);
EVP_PKEY_assign_DSA(pkey, dsa);
return 1;
err:
ASN1_INTEGER_free(public_key);
DSA_free(dsa);
return 0;
}
static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
{
DSA *dsa;
int ptype;
unsigned char *penc = NULL;
int penclen;
ASN1_STRING *str = NULL;
ASN1_INTEGER *pubint = NULL;
dsa = pkey->pkey.dsa;
if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
str = ASN1_STRING_new();
if (str == NULL) {
DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
str->length = i2d_DSAparams(dsa, &str->data);
if (str->length <= 0) {
DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
ptype = V_ASN1_SEQUENCE;
} else
ptype = V_ASN1_UNDEF;
pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL);
if (pubint == NULL) {
DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
penclen = i2d_ASN1_INTEGER(pubint, &penc);
ASN1_INTEGER_free(pubint);
if (penclen <= 0) {
DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
ptype, str, penc, penclen))
return 1;
err:
OPENSSL_free(penc);
ASN1_STRING_free(str);
return 0;
}
/*
* In PKCS#8 DSA: you just get a private key integer and parameters in the
* AlgorithmIdentifier the pubkey must be recalculated.
*/
static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
{
const unsigned char *p, *pm;
int pklen, pmlen;
int ptype;
void *pval;
ASN1_STRING *pstr;
X509_ALGOR *palg;
ASN1_INTEGER *privkey = NULL;
BN_CTX *ctx = NULL;
DSA *dsa = NULL;
int ret = 0;
if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
return 0;
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
goto decerr;
if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
goto decerr;
pstr = pval;
pm = pstr->data;
pmlen = pstr->length;
if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
goto decerr;
/* We have parameters now set private key */
if ((dsa->priv_key = BN_secure_new()) == NULL
|| !ASN1_INTEGER_to_BN(privkey, dsa->priv_key)) {
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
goto dsaerr;
}
/* Calculate public key */
if ((dsa->pub_key = BN_new()) == NULL) {
DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
goto dsaerr;
}
if ((ctx = BN_CTX_new()) == NULL) {
DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
goto dsaerr;
}
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
goto dsaerr;
}
EVP_PKEY_assign_DSA(pkey, dsa);
ret = 1;
goto done;
decerr:
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
dsaerr:
DSA_free(dsa);
done:
BN_CTX_free(ctx);
ASN1_STRING_clear_free(privkey);
return ret;
}
static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
{
ASN1_STRING *params = NULL;
ASN1_INTEGER *prkey = NULL;
unsigned char *dp = NULL;
int dplen;
if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
goto err;
}
params = ASN1_STRING_new();
if (params == NULL) {
DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
if (params->length <= 0) {
DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
params->type = V_ASN1_SEQUENCE;
/* Get private key into integer */
prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
if (!prkey) {
DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
goto err;
}
dplen = i2d_ASN1_INTEGER(prkey, &dp);
ASN1_STRING_clear_free(prkey);
prkey = NULL;
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
V_ASN1_SEQUENCE, params, dp, dplen))
goto err;
return 1;
err:
OPENSSL_free(dp);
ASN1_STRING_free(params);
ASN1_STRING_clear_free(prkey);
return 0;
}
static int int_dsa_size(const EVP_PKEY *pkey)
{
return (DSA_size(pkey->pkey.dsa));
}
static int dsa_bits(const EVP_PKEY *pkey)
{
return BN_num_bits(pkey->pkey.dsa->p);
}
static int dsa_security_bits(const EVP_PKEY *pkey)
{
return DSA_security_bits(pkey->pkey.dsa);
}
static int dsa_missing_parameters(const EVP_PKEY *pkey)
{
DSA *dsa;
dsa = pkey->pkey.dsa;
if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
return 1;
return 0;
}
static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
BIGNUM *a;
if (to->pkey.dsa == NULL) {
to->pkey.dsa = DSA_new();
if (to->pkey.dsa == NULL)
return 0;
}
if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
return 0;
BN_free(to->pkey.dsa->p);
to->pkey.dsa->p = a;
if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
return 0;
BN_free(to->pkey.dsa->q);
to->pkey.dsa->q = a;
if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
return 0;
BN_free(to->pkey.dsa->g);
to->pkey.dsa->g = a;
return 1;
}
static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
return 0;
else
return 1;
}
static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
return 0;
else
return 1;
}
static void int_dsa_free(EVP_PKEY *pkey)
{
DSA_free(pkey->pkey.dsa);
}
static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
{
int ret = 0;
const char *ktype = NULL;
const BIGNUM *priv_key, *pub_key;
if (ptype == 2)
priv_key = x->priv_key;
else
priv_key = NULL;
if (ptype > 0)
pub_key = x->pub_key;
else
pub_key = NULL;
if (ptype == 2)
ktype = "Private-Key";
else if (ptype == 1)
ktype = "Public-Key";
else
ktype = "DSA-Parameters";
if (priv_key) {
if (!BIO_indent(bp, off, 128))
goto err;
if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
<= 0)
goto err;
}
if (!ASN1_bn_print(bp, "priv:", priv_key, NULL, off))
goto err;
if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off))
goto err;
if (!ASN1_bn_print(bp, "P: ", x->p, NULL, off))
goto err;
if (!ASN1_bn_print(bp, "Q: ", x->q, NULL, off))
goto err;
if (!ASN1_bn_print(bp, "G: ", x->g, NULL, off))
goto err;
ret = 1;
err:
return (ret);
}
static int dsa_param_decode(EVP_PKEY *pkey,
const unsigned char **pder, int derlen)
{
DSA *dsa;
if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) {
DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
return 0;
}
EVP_PKEY_assign_DSA(pkey, dsa);
return 1;
}
static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
{
return i2d_DSAparams(pkey->pkey.dsa, pder);
}
static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
}
static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
}
static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
}
static int old_dsa_priv_decode(EVP_PKEY *pkey,
const unsigned char **pder, int derlen)
{
DSA *dsa;
if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
return 0;
}
EVP_PKEY_assign_DSA(pkey, dsa);
return 1;
}
static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
{
return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
}
static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
{
DSA_SIG *dsa_sig;
const unsigned char *p;
if (!sig) {
if (BIO_puts(bp, "\n") <= 0)
return 0;
else
return 1;
}
p = sig->data;
dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
if (dsa_sig) {
int rv = 0;
BIGNUM *r, *s;
DSA_SIG_get0(&r, &s, dsa_sig);
if (BIO_write(bp, "\n", 1) != 1)
goto err;
if (!ASN1_bn_print(bp, "r: ", r, NULL, indent))
goto err;
if (!ASN1_bn_print(bp, "s: ", s, NULL, indent))
goto err;
rv = 1;
err:
DSA_SIG_free(dsa_sig);
return rv;
}
return X509_signature_dump(bp, sig, indent);
}
static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
{
switch (op) {
case ASN1_PKEY_CTRL_PKCS7_SIGN:
if (arg1 == 0) {
int snid, hnid;
X509_ALGOR *alg1, *alg2;
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
if (alg1 == NULL || alg1->algorithm == NULL)
return -1;
hnid = OBJ_obj2nid(alg1->algorithm);
if (hnid == NID_undef)
return -1;
if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
return -1;
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
}
return 1;
#ifndef OPENSSL_NO_CMS
case ASN1_PKEY_CTRL_CMS_SIGN:
if (arg1 == 0) {
int snid, hnid;
X509_ALGOR *alg1, *alg2;
CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
if (alg1 == NULL || alg1->algorithm == NULL)
return -1;
hnid = OBJ_obj2nid(alg1->algorithm);
if (hnid == NID_undef)
return -1;
if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
return -1;
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
}
return 1;
case ASN1_PKEY_CTRL_CMS_RI_TYPE:
*(int *)arg2 = CMS_RECIPINFO_NONE;
return 1;
#endif
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
*(int *)arg2 = NID_sha256;
return 2;
default:
return -2;
}
}
/* NB these are sorted in pkey_id order, lowest first */
const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
{
EVP_PKEY_DSA2,
EVP_PKEY_DSA,
ASN1_PKEY_ALIAS},
{
EVP_PKEY_DSA1,
EVP_PKEY_DSA,
ASN1_PKEY_ALIAS},
{
EVP_PKEY_DSA4,
EVP_PKEY_DSA,
ASN1_PKEY_ALIAS},
{
EVP_PKEY_DSA3,
EVP_PKEY_DSA,
ASN1_PKEY_ALIAS},
{
EVP_PKEY_DSA,
EVP_PKEY_DSA,
0,
"DSA",
"OpenSSL DSA method",
dsa_pub_decode,
dsa_pub_encode,
dsa_pub_cmp,
dsa_pub_print,
dsa_priv_decode,
dsa_priv_encode,
dsa_priv_print,
int_dsa_size,
dsa_bits,
dsa_security_bits,
dsa_param_decode,
dsa_param_encode,
dsa_missing_parameters,
dsa_copy_parameters,
dsa_cmp_parameters,
dsa_param_print,
dsa_sig_print,
int_dsa_free,
dsa_pkey_ctrl,
old_dsa_priv_decode,
old_dsa_priv_encode}
};
Reference in a new issue View git blame Copy permalink