Initial DSA EVP_PKEY_METHOD. Fixup some error codes.

This commit is contained in:
Dr. Stephen Henson 2006-04-12 10:20:47 +00:00
parent 4700aea951
commit c927df3fa1
12 changed files with 270 additions and 18 deletions

View File

@ -18,9 +18,9 @@ APPS=
LIB=$(TOP)/libcrypto.a
LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_prn.c
dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c
LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_prn.o
dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o
SRC= $(LIBSRC)

View File

@ -245,6 +245,12 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off);
DH *DSA_dup_DH(const DSA *r);
#endif
#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@ -272,6 +278,7 @@ void ERR_load_DSA_strings(void);
#define DSA_F_DSA_SIG_NEW 109
#define DSA_F_DSA_VERIFY 108
#define DSA_F_I2D_DSA_SIG 111
#define DSA_F_PKEY_DSA_CTRL 120
#define DSA_F_SIG_CB 114
/* Reason codes. */
@ -279,6 +286,7 @@ void ERR_load_DSA_strings(void);
#define DSA_R_BN_ERROR 103
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
#define DSA_R_DECODE_ERROR 104
#define DSA_R_INVALID_DIGEST_TYPE 106
#define DSA_R_MISSING_PARAMETERS 101
#define DSA_R_PARAMETER_ENCODING_ERROR 105

View File

@ -88,6 +88,7 @@ static ERR_STRING_DATA DSA_str_functs[]=
{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
{ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "PKEY_DSA_CTRL"},
{ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"},
{0,NULL}
};
@ -98,6 +99,7 @@ static ERR_STRING_DATA DSA_str_reasons[]=
{ERR_REASON(DSA_R_BN_ERROR) ,"bn error"},
{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
{ERR_REASON(DSA_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"},
{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
{0,NULL}

233
crypto/dsa/dsa_pmeth.c Normal file
View File

@ -0,0 +1,233 @@
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
* project 2006.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include "evp_locl.h"
/* DSA pkey context structure */
typedef struct
{
/* Parameter gen parameters */
int nbits;
/* Keygen callback info */
int gentmp[2];
/* message digest */
const EVP_MD *md;
} DSA_PKEY_CTX;
static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
{
DSA_PKEY_CTX *dctx;
dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX));
if (!dctx)
return 0;
dctx->nbits = 1024;
dctx->md = NULL;
ctx->data = dctx;
ctx->keygen_info = dctx->gentmp;
ctx->keygen_info_count = 2;
return 1;
}
static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
{
DSA_PKEY_CTX *dctx = ctx->data;
if (dctx)
OPENSSL_free(dctx);
}
static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
const unsigned char *tbs, int tbslen)
{
int ret, type;
unsigned int sltmp;
DSA_PKEY_CTX *dctx = ctx->data;
DSA *dsa = ctx->pkey->pkey.dsa;
if (dctx->md)
type = EVP_MD_type(dctx->md);
else
type = NID_sha1;
ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
if (ret < 0)
return ret;
*siglen = sltmp;
return 1;
}
static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, int siglen,
const unsigned char *tbs, int tbslen)
{
int ret, type;
DSA_PKEY_CTX *dctx = ctx->data;
DSA *dsa = ctx->pkey->pkey.dsa;
if (dctx->md)
type = EVP_MD_type(dctx->md);
else
type = NID_sha1;
ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
return ret;
}
static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
DSA_PKEY_CTX *dctx = ctx->data;
switch (type)
{
case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
if (p1 < 256)
return -2;
dctx->nbits = p1;
return 1;
case EVP_PKEY_CTRL_MD:
if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1)
{
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
dctx->md = p2;
return 1;
default:
return -2;
}
}
static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
const char *type, const char *value)
{
if (!strcmp(type, "dsa_paramgen_bits"))
{
int nbits;
nbits = atoi(value);
return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
}
return -2;
}
static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
DSA *dsa = NULL;
DSA_PKEY_CTX *dctx = ctx->data;
BN_GENCB *pcb, cb;
int ret;
if (ctx->pkey_gencb)
{
pcb = &cb;
evp_pkey_set_cb_translate(pcb, ctx);
}
else
pcb = NULL;
dsa = DSA_new();
if (!dsa)
return 0;
ret = DSA_generate_parameters_ex(dsa, dctx->nbits, NULL, 0, NULL, NULL,
pcb);
if (ret)
EVP_PKEY_assign_DSA(pkey, dsa);
else
DSA_free(dsa);
return ret;
}
const EVP_PKEY_METHOD dsa_pkey_meth =
{
EVP_PKEY_DSA,
0,
pkey_dsa_init,
pkey_dsa_cleanup,
0,
pkey_dsa_paramgen,
0,0,
0,
pkey_dsa_sign,
0,
pkey_dsa_verify,
0,0,
0,0,0,0,
0,0,
0,0,
pkey_dsa_ctrl,
pkey_dsa_ctrl_str
};

View File

@ -1012,10 +1012,13 @@ void ERR_load_EVP_strings(void);
#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
#define EVP_F_EVP_PKEY_CTX_CTRL 137
#define EVP_F_EVP_PKEY_CTX_CTRL_STR 150
#define EVP_F_EVP_PKEY_DECRYPT 104
#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
#define EVP_F_EVP_PKEY_DECRYPT_OLD 151
#define EVP_F_EVP_PKEY_ENCRYPT 105
#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
#define EVP_F_EVP_PKEY_ENCRYPT_OLD 152
#define EVP_F_EVP_PKEY_GET1_DH 119
#define EVP_F_EVP_PKEY_GET1_DSA 120
#define EVP_F_EVP_PKEY_GET1_ECDSA 130

View File

@ -91,20 +91,23 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_KEYGEN"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_KEYGEN_INIT"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_PARAMGEN"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_PARAMGEN_INIT"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},

View File

@ -75,7 +75,7 @@ int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
if (priv->type != EVP_PKEY_RSA)
{
#endif
EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}

View File

@ -75,7 +75,7 @@ int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_le
if (pubk->type != EVP_PKEY_RSA)
{
#endif
EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD,EVP_R_PUBLIC_KEY_NOT_RSA);
#ifndef OPENSSL_NO_RSA
goto err;
}

View File

@ -66,11 +66,12 @@
STACK *app_pkey_methods = NULL;
extern EVP_PKEY_METHOD rsa_pkey_meth;
extern EVP_PKEY_METHOD rsa_pkey_meth, dsa_pkey_meth;
static const EVP_PKEY_METHOD *standard_methods[] =
{
&rsa_pkey_meth
&rsa_pkey_meth,
&dsa_pkey_meth
};
static int pmeth_cmp(const EVP_PKEY_METHOD * const *a,
@ -189,9 +190,10 @@ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
const char *name, const char *value)
{
if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl)
if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str)
{
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
EVP_R_COMMAND_NOT_SUPPORTED);
return -2;
}
if (!strcmp(name, "digest"))
@ -199,7 +201,8 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
const EVP_MD *md;
if (!value || !(md = EVP_get_digestbyname(value)))
{
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_DIGEST);
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
EVP_R_INVALID_DIGEST);
return 0;
}
return EVP_PKEY_CTX_set_signature_md(ctx, md);

View File

@ -370,7 +370,7 @@ void ERR_load_RSA_strings(void);
/* Error codes for the RSA functions. */
/* Function codes. */
#define RSA_F_CHECK_PADDING_NID 140
#define RSA_F_CHECK_PADDING_MD 140
#define RSA_F_MEMORY_LOCK 100
#define RSA_F_PKEY_RSA_SIGN 142
#define RSA_F_PKEY_RSA_VERIFYRECOVER 141

View File

@ -70,7 +70,7 @@
static ERR_STRING_DATA RSA_str_functs[]=
{
{ERR_FUNC(RSA_F_CHECK_PADDING_NID), "CHECK_PADDING_NID"},
{ERR_FUNC(RSA_F_CHECK_PADDING_MD), "CHECK_PADDING_MD"},
{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},

View File

@ -127,8 +127,8 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
BN_free(rctx->pub_exp);
if (rctx->tbuf)
OPENSSL_free(rctx->tbuf);
OPENSSL_free(rctx);
}
OPENSSL_free(rctx);
}
static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
@ -330,7 +330,7 @@ static int check_padding_md(const EVP_MD *md, int padding)
if (padding == RSA_NO_PADDING)
{
RSAerr(RSA_F_CHECK_PADDING_NID, RSA_R_INVALID_PADDING_MODE);
RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
return 0;
}
@ -338,7 +338,7 @@ static int check_padding_md(const EVP_MD *md, int padding)
{
if (RSA_X931_hash_id(EVP_MD_type(md)) == -1)
{
RSAerr(RSA_F_CHECK_PADDING_NID,
RSAerr(RSA_F_CHECK_PADDING_MD,
RSA_R_INVALID_X931_DIGEST);
return 0;
}