2015-01-22 11:40:55 +08:00
|
|
|
/*
|
2020-04-23 20:55:52 +08:00
|
|
|
* Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
|
2006-03-20 20:22:24 +08:00
|
|
|
*
|
2018-12-06 20:36:26 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 02:51:26 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
|
* https://www.openssl.org/source/license.html
|
2006-03-20 20:22:24 +08:00
|
|
|
*/
|
|
|
|
|
|
2020-01-30 05:23:39 +08:00
|
|
|
/*
|
|
|
|
|
* DSA low level APIs are deprecated for public use, but still ok for
|
|
|
|
|
* internal use.
|
|
|
|
|
*/
|
|
|
|
|
#include "internal/deprecated.h"
|
|
|
|
|
|
2006-03-20 20:22:24 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <openssl/x509.h>
|
|
|
|
|
#include <openssl/asn1.h>
|
2008-03-17 05:05:46 +08:00
|
|
|
#include <openssl/bn.h>
|
2019-08-30 20:33:37 +08:00
|
|
|
#include <openssl/core_names.h>
|
2020-04-15 19:02:52 +08:00
|
|
|
#include <openssl/param_build.h>
|
2019-08-30 20:33:37 +08:00
|
|
|
#include "internal/cryptlib.h"
|
2019-09-28 06:45:33 +08:00
|
|
|
#include "crypto/asn1.h"
|
2020-03-23 12:40:47 +08:00
|
|
|
#include "crypto/dsa.h"
|
2019-09-28 06:45:33 +08:00
|
|
|
#include "crypto/evp.h"
|
2020-03-23 12:40:47 +08:00
|
|
|
#include "internal/ffc.h"
|
2019-09-28 06:45:40 +08:00
|
|
|
#include "dsa_local.h"
|
2006-03-20 20:22:24 +08:00
|
|
|
|
2020-05-25 00:28:06 +08:00
|
|
|
static int dsa_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
const unsigned char *p, *pm;
|
|
|
|
|
int pklen, pmlen;
|
|
|
|
|
int ptype;
|
2016-08-17 03:18:04 +08:00
|
|
|
const void *pval;
|
|
|
|
|
const ASN1_STRING *pstr;
|
2015-01-22 11:40:55 +08:00
|
|
|
X509_ALGOR *palg;
|
|
|
|
|
ASN1_INTEGER *public_key = NULL;
|
|
|
|
|
|
|
|
|
|
DSA *dsa = NULL;
|
|
|
|
|
|
|
|
|
|
if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
|
|
|
|
|
return 0;
|
|
|
|
|
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
|
|
|
|
|
|
|
|
|
|
if (ptype == V_ASN1_SEQUENCE) {
|
|
|
|
|
pstr = pval;
|
|
|
|
|
pm = pstr->data;
|
|
|
|
|
pmlen = pstr->length;
|
|
|
|
|
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_DECODE_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((dsa = DSA_new()) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_PARAMETER_ENCODING_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_DECODE_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_BN_DECODE_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-30 20:33:37 +08:00
|
|
|
dsa->dirty_cnt++;
|
2015-01-22 11:40:55 +08:00
|
|
|
ASN1_INTEGER_free(public_key);
|
|
|
|
|
EVP_PKEY_assign_DSA(pkey, dsa);
|
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
err:
|
2015-04-30 23:30:03 +08:00
|
|
|
ASN1_INTEGER_free(public_key);
|
2015-03-24 22:17:37 +08:00
|
|
|
DSA_free(dsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
}
|
2006-03-20 20:22:24 +08:00
|
|
|
|
2006-03-21 01:56:05 +08:00
|
|
|
static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
DSA *dsa;
|
|
|
|
|
int ptype;
|
|
|
|
|
unsigned char *penc = NULL;
|
|
|
|
|
int penclen;
|
2015-03-12 04:19:08 +08:00
|
|
|
ASN1_STRING *str = NULL;
|
2015-03-26 22:35:49 +08:00
|
|
|
ASN1_INTEGER *pubint = NULL;
|
2017-10-27 21:18:06 +08:00
|
|
|
ASN1_OBJECT *aobj;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
dsa = pkey->pkey.dsa;
|
2020-01-24 12:09:33 +08:00
|
|
|
if (pkey->save_parameters
|
|
|
|
|
&& dsa->params.p != NULL
|
|
|
|
|
&& dsa->params.q != NULL
|
|
|
|
|
&& dsa->params.g != NULL) {
|
2015-01-22 11:40:55 +08:00
|
|
|
str = ASN1_STRING_new();
|
2015-10-30 19:12:26 +08:00
|
|
|
if (str == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-03-12 04:19:08 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
str->length = i2d_DSAparams(dsa, &str->data);
|
|
|
|
|
if (str->length <= 0) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
ptype = V_ASN1_SEQUENCE;
|
|
|
|
|
} else
|
|
|
|
|
ptype = V_ASN1_UNDEF;
|
|
|
|
|
|
2015-03-26 22:35:49 +08:00
|
|
|
pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-03-26 22:35:49 +08:00
|
|
|
if (pubint == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-03-26 22:35:49 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
penclen = i2d_ASN1_INTEGER(pubint, &penc);
|
|
|
|
|
ASN1_INTEGER_free(pubint);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
if (penclen <= 0) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-27 21:18:06 +08:00
|
|
|
aobj = OBJ_nid2obj(EVP_PKEY_DSA);
|
|
|
|
|
if (aobj == NULL)
|
|
|
|
|
goto err;
|
|
|
|
|
|
|
|
|
|
if (X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
|
2015-01-22 11:40:55 +08:00
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
err:
|
2015-05-01 22:02:07 +08:00
|
|
|
OPENSSL_free(penc);
|
2015-03-24 19:52:24 +08:00
|
|
|
ASN1_STRING_free(str);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* In PKCS#8 DSA: you just get a private key integer and parameters in the
|
2006-03-20 20:22:24 +08:00
|
|
|
* AlgorithmIdentifier the pubkey must be recalculated.
|
|
|
|
|
*/
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2016-08-17 07:21:55 +08:00
|
|
|
static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2016-02-18 21:18:48 +08:00
|
|
|
const unsigned char *p, *pm;
|
2015-01-22 11:40:55 +08:00
|
|
|
int pklen, pmlen;
|
|
|
|
|
int ptype;
|
2016-08-17 03:18:04 +08:00
|
|
|
const void *pval;
|
|
|
|
|
const ASN1_STRING *pstr;
|
2016-08-17 07:21:55 +08:00
|
|
|
const X509_ALGOR *palg;
|
2015-01-22 11:40:55 +08:00
|
|
|
ASN1_INTEGER *privkey = NULL;
|
|
|
|
|
BN_CTX *ctx = NULL;
|
|
|
|
|
|
|
|
|
|
DSA *dsa = NULL;
|
|
|
|
|
|
2016-02-18 21:09:24 +08:00
|
|
|
int ret = 0;
|
|
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
|
|
|
|
|
return 0;
|
|
|
|
|
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
|
|
|
|
|
|
2016-02-18 21:09:24 +08:00
|
|
|
if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
|
|
|
|
|
goto decerr;
|
2016-02-18 21:18:48 +08:00
|
|
|
if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
|
2016-02-18 21:09:24 +08:00
|
|
|
goto decerr;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
pstr = pval;
|
|
|
|
|
pm = pstr->data;
|
|
|
|
|
pmlen = pstr->length;
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
|
2015-01-22 11:40:55 +08:00
|
|
|
goto decerr;
|
|
|
|
|
/* We have parameters now set private key */
|
2015-04-25 04:39:40 +08:00
|
|
|
if ((dsa->priv_key = BN_secure_new()) == NULL
|
|
|
|
|
|| !ASN1_INTEGER_to_BN(privkey, dsa->priv_key)) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_BN_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto dsaerr;
|
|
|
|
|
}
|
|
|
|
|
/* Calculate public key */
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((dsa->pub_key = BN_new()) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto dsaerr;
|
|
|
|
|
}
|
2015-05-07 01:43:59 +08:00
|
|
|
if ((ctx = BN_CTX_new()) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto dsaerr;
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-29 19:29:25 +08:00
|
|
|
BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
|
2020-01-24 12:09:33 +08:00
|
|
|
if (!BN_mod_exp(dsa->pub_key, dsa->params.g, dsa->priv_key, dsa->params.p,
|
|
|
|
|
ctx)) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_BN_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto dsaerr;
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-30 20:33:37 +08:00
|
|
|
dsa->dirty_cnt++;
|
2015-01-22 11:40:55 +08:00
|
|
|
EVP_PKEY_assign_DSA(pkey, dsa);
|
|
|
|
|
|
2016-02-18 21:09:24 +08:00
|
|
|
ret = 1;
|
|
|
|
|
goto done;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
decerr:
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_DECODE_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
dsaerr:
|
2016-02-18 21:09:24 +08:00
|
|
|
DSA_free(dsa);
|
|
|
|
|
done:
|
2015-01-22 11:40:55 +08:00
|
|
|
BN_CTX_free(ctx);
|
2015-04-30 23:30:03 +08:00
|
|
|
ASN1_STRING_clear_free(privkey);
|
2016-02-18 21:09:24 +08:00
|
|
|
return ret;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-03-20 20:22:24 +08:00
|
|
|
|
2006-03-21 01:56:05 +08:00
|
|
|
static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
|
2006-03-20 20:22:24 +08:00
|
|
|
{
|
2015-01-22 11:40:55 +08:00
|
|
|
ASN1_STRING *params = NULL;
|
|
|
|
|
ASN1_INTEGER *prkey = NULL;
|
|
|
|
|
unsigned char *dp = NULL;
|
|
|
|
|
int dplen;
|
|
|
|
|
|
2019-09-17 03:28:57 +08:00
|
|
|
if (pkey->pkey.dsa == NULL|| pkey->pkey.dsa->priv_key == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_MISSING_PARAMETERS);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
params = ASN1_STRING_new();
|
|
|
|
|
|
2015-10-30 19:12:26 +08:00
|
|
|
if (params == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data);
|
|
|
|
|
if (params->length <= 0) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
params->type = V_ASN1_SEQUENCE;
|
|
|
|
|
|
|
|
|
|
/* Get private key into integer */
|
|
|
|
|
prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
|
|
|
|
|
|
2019-09-17 03:28:57 +08:00
|
|
|
if (prkey == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, DSA_R_BN_ERROR);
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dplen = i2d_ASN1_INTEGER(prkey, &dp);
|
|
|
|
|
|
2015-03-03 22:20:23 +08:00
|
|
|
ASN1_STRING_clear_free(prkey);
|
2015-07-30 05:28:19 +08:00
|
|
|
prkey = NULL;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
|
|
|
|
|
V_ASN1_SEQUENCE, params, dp, dplen))
|
|
|
|
|
goto err;
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
|
|
err:
|
2015-05-01 22:02:07 +08:00
|
|
|
OPENSSL_free(dp);
|
2015-03-24 19:52:24 +08:00
|
|
|
ASN1_STRING_free(params);
|
2015-04-30 23:30:03 +08:00
|
|
|
ASN1_STRING_clear_free(prkey);
|
2015-01-22 11:40:55 +08:00
|
|
|
return 0;
|
2006-03-20 20:22:24 +08:00
|
|
|
}
|
|
|
|
|
|
2006-03-21 01:56:05 +08:00
|
|
|
static int int_dsa_size(const EVP_PKEY *pkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2017-10-17 22:04:09 +08:00
|
|
|
return DSA_size(pkey->pkey.dsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-03-21 01:56:05 +08:00
|
|
|
|
|
|
|
|
static int dsa_bits(const EVP_PKEY *pkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2016-08-02 01:37:03 +08:00
|
|
|
return DSA_bits(pkey->pkey.dsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-03-21 01:56:05 +08:00
|
|
|
|
2014-01-18 22:51:40 +08:00
|
|
|
static int dsa_security_bits(const EVP_PKEY *pkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return DSA_security_bits(pkey->pkey.dsa);
|
|
|
|
|
}
|
2014-01-18 22:51:40 +08:00
|
|
|
|
2006-03-21 01:56:05 +08:00
|
|
|
static int dsa_missing_parameters(const EVP_PKEY *pkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
DSA *dsa;
|
|
|
|
|
dsa = pkey->pkey.dsa;
|
2020-01-24 12:09:33 +08:00
|
|
|
return dsa == NULL
|
|
|
|
|
|| dsa->params.p == NULL
|
|
|
|
|
|| dsa->params.q == NULL
|
|
|
|
|
|| dsa->params.g == NULL;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-03-21 01:56:05 +08:00
|
|
|
|
|
|
|
|
static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2015-12-14 01:28:40 +08:00
|
|
|
if (to->pkey.dsa == NULL) {
|
|
|
|
|
to->pkey.dsa = DSA_new();
|
|
|
|
|
if (to->pkey.dsa == NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
ffc: add _ossl to exported but internal functions
The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)
2020-09-30 13:07:24 +08:00
|
|
|
if (!ossl_ffc_params_copy(&to->pkey.dsa->params, &from->pkey.dsa->params))
|
2015-01-22 11:40:55 +08:00
|
|
|
return 0;
|
|
|
|
|
|
2019-08-30 20:33:37 +08:00
|
|
|
to->pkey.dsa->dirty_cnt++;
|
2015-01-22 11:40:55 +08:00
|
|
|
return 1;
|
|
|
|
|
}
|
2006-03-21 01:56:05 +08:00
|
|
|
|
|
|
|
|
static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
ffc: add _ossl to exported but internal functions
The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)
2020-09-30 13:07:24 +08:00
|
|
|
return ossl_ffc_params_cmp(&a->pkey.dsa->params, &b->pkey.dsa->params, 1);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-03-21 01:56:05 +08:00
|
|
|
|
2006-04-13 01:01:19 +08:00
|
|
|
static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2020-01-24 12:09:33 +08:00
|
|
|
return BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) == 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-04-13 01:01:19 +08:00
|
|
|
|
2006-03-21 01:56:05 +08:00
|
|
|
static void int_dsa_free(EVP_PKEY *pkey)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
DSA_free(pkey->pkey.dsa);
|
|
|
|
|
}
|
2006-03-21 01:56:05 +08:00
|
|
|
|
2006-08-29 01:01:04 +08:00
|
|
|
static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
const char *ktype = NULL;
|
|
|
|
|
const BIGNUM *priv_key, *pub_key;
|
2019-09-23 18:44:56 +08:00
|
|
|
int mod_len = 0;
|
|
|
|
|
|
2020-01-24 12:09:33 +08:00
|
|
|
if (x->params.p != NULL)
|
|
|
|
|
mod_len = DSA_bits(x);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
if (ptype == 2)
|
|
|
|
|
priv_key = x->priv_key;
|
|
|
|
|
else
|
|
|
|
|
priv_key = NULL;
|
|
|
|
|
|
|
|
|
|
if (ptype > 0)
|
|
|
|
|
pub_key = x->pub_key;
|
|
|
|
|
else
|
|
|
|
|
pub_key = NULL;
|
|
|
|
|
|
|
|
|
|
if (ptype == 2)
|
|
|
|
|
ktype = "Private-Key";
|
|
|
|
|
else if (ptype == 1)
|
|
|
|
|
ktype = "Public-Key";
|
|
|
|
|
else
|
|
|
|
|
ktype = "DSA-Parameters";
|
|
|
|
|
|
2020-01-24 12:09:33 +08:00
|
|
|
if (priv_key != NULL) {
|
2015-01-22 11:40:55 +08:00
|
|
|
if (!BIO_indent(bp, off, 128))
|
|
|
|
|
goto err;
|
2020-01-24 12:09:33 +08:00
|
|
|
if (BIO_printf(bp, "%s: (%d bit)\n", ktype, mod_len) <= 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
2019-09-23 18:44:56 +08:00
|
|
|
} else {
|
|
|
|
|
if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len) <= 0)
|
|
|
|
|
goto err;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
|
|
2016-02-14 11:33:56 +08:00
|
|
|
if (!ASN1_bn_print(bp, "priv:", priv_key, NULL, off))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
2016-02-14 11:33:56 +08:00
|
|
|
if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
ffc: add _ossl to exported but internal functions
The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)
2020-09-30 13:07:24 +08:00
|
|
|
if (!ossl_ffc_params_print(bp, &x->params, off))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
ret = 1;
|
|
|
|
|
err:
|
2017-10-17 22:04:09 +08:00
|
|
|
return ret;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-03-22 21:09:35 +08:00
|
|
|
|
2006-03-28 22:35:32 +08:00
|
|
|
static int dsa_param_decode(EVP_PKEY *pkey,
|
2015-01-22 11:40:55 +08:00
|
|
|
const unsigned char **pder, int derlen)
|
|
|
|
|
{
|
|
|
|
|
DSA *dsa;
|
2015-05-07 01:43:59 +08:00
|
|
|
|
2020-10-17 00:16:30 +08:00
|
|
|
if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL)
|
2015-01-22 11:40:55 +08:00
|
|
|
return 0;
|
2020-10-17 00:16:30 +08:00
|
|
|
|
2019-08-30 20:33:37 +08:00
|
|
|
dsa->dirty_cnt++;
|
2015-01-22 11:40:55 +08:00
|
|
|
EVP_PKEY_assign_DSA(pkey, dsa);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
2006-03-28 22:35:32 +08:00
|
|
|
|
|
|
|
|
static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return i2d_DSAparams(pkey->pkey.dsa, pder);
|
|
|
|
|
}
|
2006-03-22 21:09:35 +08:00
|
|
|
|
|
|
|
|
static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
|
2015-01-22 11:40:55 +08:00
|
|
|
ASN1_PCTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
|
|
|
|
|
}
|
2006-03-22 21:09:35 +08:00
|
|
|
|
|
|
|
|
static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
|
2015-01-22 11:40:55 +08:00
|
|
|
ASN1_PCTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
|
|
|
|
|
}
|
2006-03-22 21:09:35 +08:00
|
|
|
|
|
|
|
|
static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
|
2015-01-22 11:40:55 +08:00
|
|
|
ASN1_PCTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
|
|
|
|
|
}
|
2006-03-22 21:09:35 +08:00
|
|
|
|
2006-03-24 02:02:23 +08:00
|
|
|
static int old_dsa_priv_decode(EVP_PKEY *pkey,
|
2015-01-22 11:40:55 +08:00
|
|
|
const unsigned char **pder, int derlen)
|
|
|
|
|
{
|
|
|
|
|
DSA *dsa;
|
2015-05-07 01:43:59 +08:00
|
|
|
|
|
|
|
|
if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
|
2020-11-04 19:23:19 +08:00
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_DSA_LIB);
|
2015-01-22 11:40:55 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
2019-08-30 20:33:37 +08:00
|
|
|
dsa->dirty_cnt++;
|
2015-01-22 11:40:55 +08:00
|
|
|
EVP_PKEY_assign_DSA(pkey, dsa);
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
2006-03-24 02:02:23 +08:00
|
|
|
|
|
|
|
|
static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
|
|
|
|
|
}
|
2006-03-24 02:02:23 +08:00
|
|
|
|
2010-03-07 02:05:05 +08:00
|
|
|
static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
|
2015-01-22 11:40:55 +08:00
|
|
|
const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
|
|
|
|
|
{
|
|
|
|
|
DSA_SIG *dsa_sig;
|
|
|
|
|
const unsigned char *p;
|
2016-02-14 11:33:56 +08:00
|
|
|
|
2020-01-24 12:09:33 +08:00
|
|
|
if (sig == NULL) {
|
2015-01-22 11:40:55 +08:00
|
|
|
if (BIO_puts(bp, "\n") <= 0)
|
|
|
|
|
return 0;
|
|
|
|
|
else
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
p = sig->data;
|
|
|
|
|
dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
|
2020-01-24 12:09:33 +08:00
|
|
|
if (dsa_sig != NULL) {
|
2015-01-22 11:40:55 +08:00
|
|
|
int rv = 0;
|
2016-06-10 05:09:48 +08:00
|
|
|
const BIGNUM *r, *s;
|
2016-03-04 10:39:50 +08:00
|
|
|
|
2016-06-10 05:09:48 +08:00
|
|
|
DSA_SIG_get0(dsa_sig, &r, &s);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
if (BIO_write(bp, "\n", 1) != 1)
|
|
|
|
|
goto err;
|
|
|
|
|
|
2016-03-04 10:39:50 +08:00
|
|
|
if (!ASN1_bn_print(bp, "r: ", r, NULL, indent))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
2016-03-04 10:39:50 +08:00
|
|
|
if (!ASN1_bn_print(bp, "s: ", s, NULL, indent))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto err;
|
|
|
|
|
rv = 1;
|
|
|
|
|
err:
|
|
|
|
|
DSA_SIG_free(dsa_sig);
|
|
|
|
|
return rv;
|
|
|
|
|
}
|
2018-01-29 23:54:40 +08:00
|
|
|
if (BIO_puts(bp, "\n") <= 0)
|
|
|
|
|
return 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
return X509_signature_dump(bp, sig, indent);
|
|
|
|
|
}
|
2010-03-07 02:05:05 +08:00
|
|
|
|
2006-04-18 01:12:23 +08:00
|
|
|
static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
|
switch (op) {
|
|
|
|
|
case ASN1_PKEY_CTRL_PKCS7_SIGN:
|
|
|
|
|
if (arg1 == 0) {
|
|
|
|
|
int snid, hnid;
|
|
|
|
|
X509_ALGOR *alg1, *alg2;
|
|
|
|
|
PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
|
|
|
|
|
if (alg1 == NULL || alg1->algorithm == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
hnid = OBJ_obj2nid(alg1->algorithm);
|
|
|
|
|
if (hnid == NID_undef)
|
|
|
|
|
return -1;
|
|
|
|
|
if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
|
|
|
|
|
return -1;
|
|
|
|
|
X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
|
|
|
|
|
}
|
|
|
|
|
return 1;
|
2006-04-18 01:12:23 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
|
|
|
|
|
*(int *)arg2 = NID_sha256;
|
2019-05-27 22:52:03 +08:00
|
|
|
return 1;
|
2006-05-08 01:09:39 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
default:
|
|
|
|
|
return -2;
|
2006-04-18 01:12:23 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-04-18 01:12:23 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2006-04-18 01:12:23 +08:00
|
|
|
|
2019-08-30 20:33:37 +08:00
|
|
|
static size_t dsa_pkey_dirty_cnt(const EVP_PKEY *pkey)
|
|
|
|
|
{
|
|
|
|
|
return pkey->pkey.dsa->dirty_cnt;
|
|
|
|
|
}
|
|
|
|
|
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
|
2020-10-15 17:55:50 +08:00
|
|
|
EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx,
|
2020-04-06 23:05:24 +08:00
|
|
|
const char *propq)
|
2019-08-30 20:33:37 +08:00
|
|
|
{
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
DSA *dsa = from->pkey.dsa;
|
2020-03-26 07:28:01 +08:00
|
|
|
OSSL_PARAM_BLD *tmpl;
|
2019-08-30 20:33:37 +08:00
|
|
|
const BIGNUM *p = DSA_get0_p(dsa), *g = DSA_get0_g(dsa);
|
|
|
|
|
const BIGNUM *q = DSA_get0_q(dsa), *pub_key = DSA_get0_pub_key(dsa);
|
|
|
|
|
const BIGNUM *priv_key = DSA_get0_priv_key(dsa);
|
|
|
|
|
OSSL_PARAM *params;
|
2020-03-20 05:29:10 +08:00
|
|
|
int selection = 0;
|
2020-03-26 07:28:01 +08:00
|
|
|
int rv = 0;
|
2019-08-30 20:33:37 +08:00
|
|
|
|
EVP: Check that key methods aren't foreign when exporting
The EVP_PKEY_ASN1_METHOD function export_to() must check that the key
we're trying to export has a known libcrypto method, i.e. is a built
in RSA_METHOD, DSA_METHOD, etc. Otherwise, the method may be defined
by the calling application, by an engine, by another library, and we
simply cannot know all the quirks hidden behind that method, if we
have access to the key data, or much anything.
Such keys are simply deemed impossible to export to provider keys,
i.e. have export_to() return 0. This cascades back to functions like
evp_pkey_export_to_provider() and evp_pkey_upgrade_to_provider() and
their callers. In most cases, this is fine, but if these get mixed in
with provider side keys in any function, that function will fail.
Fixes #11179
Fixes #9915
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11193)
2020-02-27 17:51:45 +08:00
|
|
|
/*
|
|
|
|
|
* If the DSA method is foreign, then we can't be sure of anything, and
|
|
|
|
|
* can therefore not export or pretend to export.
|
|
|
|
|
*/
|
|
|
|
|
if (DSA_get_method(dsa) != DSA_OpenSSL())
|
|
|
|
|
return 0;
|
|
|
|
|
|
2019-08-30 20:33:37 +08:00
|
|
|
if (p == NULL || q == NULL || g == NULL)
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
return 0;
|
2019-08-30 20:33:37 +08:00
|
|
|
|
2020-03-26 07:28:01 +08:00
|
|
|
tmpl = OSSL_PARAM_BLD_new();
|
|
|
|
|
if (tmpl == NULL)
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
return 0;
|
2020-03-26 07:28:01 +08:00
|
|
|
|
|
|
|
|
if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
|
|
|
|
|
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q)
|
|
|
|
|
|| !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g))
|
|
|
|
|
goto err;
|
2020-03-20 05:29:10 +08:00
|
|
|
selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
|
|
|
|
|
if (pub_key != NULL) {
|
2020-03-26 07:28:01 +08:00
|
|
|
if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY,
|
2020-03-20 05:29:10 +08:00
|
|
|
pub_key))
|
2020-03-26 07:28:01 +08:00
|
|
|
goto err;
|
2020-03-20 05:29:10 +08:00
|
|
|
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
|
|
|
|
|
}
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
if (priv_key != NULL) {
|
2020-03-26 07:28:01 +08:00
|
|
|
if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY,
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
priv_key))
|
2020-03-26 07:28:01 +08:00
|
|
|
goto err;
|
2020-03-20 05:29:10 +08:00
|
|
|
selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
|
2019-08-30 20:33:37 +08:00
|
|
|
}
|
|
|
|
|
|
2020-03-26 07:28:01 +08:00
|
|
|
if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
|
|
|
|
|
goto err;
|
2019-08-30 20:33:37 +08:00
|
|
|
|
|
|
|
|
/* We export, the provider imports */
|
2020-03-20 05:29:10 +08:00
|
|
|
rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
|
2019-08-30 20:33:37 +08:00
|
|
|
|
2020-03-26 07:28:01 +08:00
|
|
|
OSSL_PARAM_BLD_free_params(params);
|
|
|
|
|
err:
|
|
|
|
|
OSSL_PARAM_BLD_free(tmpl);
|
Redesign the KEYMGMT libcrypto <-> provider interface - the basics
The KEYMGMT libcrypto <-> provider interface currently makes a few
assumptions:
1. provider side domain parameters and key data isn't mutable. In
other words, as soon as a key has been created in any (loaded,
imported data, ...), it's set in stone.
2. provider side domain parameters can be strictly separated from the
key data.
This does work for the most part, but there are places where that's a
bit too rigid for the functionality that the EVP_PKEY API delivers.
Key data needs to be mutable to allow the flexibility that functions
like EVP_PKEY_copy_parameters promise, as well as to provide the
combinations of data that an EVP_PKEY is generally assumed to be able
to hold:
- domain parameters only
- public key only
- public key + private key
- domain parameters + public key
- domain parameters + public key + private key
To remedy all this, we:
1. let go of the distinction between domain parameters and key
material proper in the libcrypto <-> provider interface.
As a consequence, functions that still need it gain a selection
argument, which is a set of bits that indicate what parts of the
key object are to be considered in a specific call. This allows
a reduction of very similar functions into one.
2. Rework the libcrypto <-> provider interface so provider side key
objects are created and destructed with a separate function, and
get their data filled and extracted in through import and export.
(future work will see other key object constructors and other
functions to fill them with data)
Fixes #10979
squash! Redesign the KEYMGMT libcrypto <-> provider interface - the basics
Remedy 1 needs a rewrite:
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11006)
2020-02-03 01:56:07 +08:00
|
|
|
return rv;
|
2019-08-30 20:33:37 +08:00
|
|
|
}
|
|
|
|
|
|
2020-04-11 01:28:24 +08:00
|
|
|
static int dsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
|
2020-03-23 12:40:47 +08:00
|
|
|
{
|
2020-04-11 01:28:24 +08:00
|
|
|
EVP_PKEY_CTX *pctx = vpctx;
|
|
|
|
|
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
|
|
|
|
|
DSA *dsa = dsa_new_with_ctx(pctx->libctx);
|
2020-03-23 12:40:47 +08:00
|
|
|
|
|
|
|
|
if (dsa == NULL) {
|
|
|
|
|
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-15 19:02:52 +08:00
|
|
|
if (!dsa_ffc_params_fromdata(dsa, params)
|
2020-03-23 12:40:47 +08:00
|
|
|
|| !dsa_key_fromdata(dsa, params)
|
|
|
|
|
|| !EVP_PKEY_assign_DSA(pkey, dsa)) {
|
|
|
|
|
DSA_free(dsa);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2006-03-20 20:22:24 +08:00
|
|
|
/* NB these are sorted in pkey_id order, lowest first */
|
|
|
|
|
|
2016-05-28 03:10:05 +08:00
|
|
|
const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5] = {
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
|
{
|
|
|
|
|
EVP_PKEY_DSA2,
|
|
|
|
|
EVP_PKEY_DSA,
|
|
|
|
|
ASN1_PKEY_ALIAS},
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
EVP_PKEY_DSA1,
|
|
|
|
|
EVP_PKEY_DSA,
|
|
|
|
|
ASN1_PKEY_ALIAS},
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
EVP_PKEY_DSA4,
|
|
|
|
|
EVP_PKEY_DSA,
|
|
|
|
|
ASN1_PKEY_ALIAS},
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
EVP_PKEY_DSA3,
|
|
|
|
|
EVP_PKEY_DSA,
|
|
|
|
|
ASN1_PKEY_ALIAS},
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
EVP_PKEY_DSA,
|
|
|
|
|
EVP_PKEY_DSA,
|
|
|
|
|
0,
|
|
|
|
|
|
|
|
|
|
"DSA",
|
|
|
|
|
"OpenSSL DSA method",
|
|
|
|
|
|
|
|
|
|
dsa_pub_decode,
|
|
|
|
|
dsa_pub_encode,
|
|
|
|
|
dsa_pub_cmp,
|
|
|
|
|
dsa_pub_print,
|
|
|
|
|
|
|
|
|
|
dsa_priv_decode,
|
|
|
|
|
dsa_priv_encode,
|
|
|
|
|
dsa_priv_print,
|
|
|
|
|
|
|
|
|
|
int_dsa_size,
|
|
|
|
|
dsa_bits,
|
|
|
|
|
dsa_security_bits,
|
|
|
|
|
|
|
|
|
|
dsa_param_decode,
|
|
|
|
|
dsa_param_encode,
|
|
|
|
|
dsa_missing_parameters,
|
|
|
|
|
dsa_copy_parameters,
|
|
|
|
|
dsa_cmp_parameters,
|
|
|
|
|
dsa_param_print,
|
|
|
|
|
dsa_sig_print,
|
|
|
|
|
|
|
|
|
|
int_dsa_free,
|
|
|
|
|
dsa_pkey_ctrl,
|
|
|
|
|
old_dsa_priv_decode,
|
2019-08-30 20:33:37 +08:00
|
|
|
old_dsa_priv_encode,
|
|
|
|
|
|
|
|
|
|
NULL, NULL, NULL,
|
|
|
|
|
NULL, NULL, NULL,
|
|
|
|
|
NULL, NULL, NULL, NULL,
|
|
|
|
|
|
|
|
|
|
dsa_pkey_dirty_cnt,
|
2020-03-23 12:40:47 +08:00
|
|
|
dsa_pkey_export_to,
|
|
|
|
|
dsa_pkey_import_from
|
2019-08-30 20:33:37 +08:00
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
};
|
