Coverage Report

Created: 2024-11-21 07:03

/src/openssl/crypto/dsa/dsa_sign.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
/*
11
 * DSA low level APIs are deprecated for public use, but still ok for
12
 * internal use.
13
 */
14
#include "internal/deprecated.h"
15
16
#include <openssl/bn.h>
17
#include "internal/cryptlib.h"
18
#include "dsa_local.h"
19
#include "crypto/asn1_dsa.h"
20
#include "crypto/dsa.h"
21
22
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
23
133
{
24
133
    return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
25
133
}
26
27
#ifndef OPENSSL_NO_DEPRECATED_3_0
28
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
29
0
{
30
0
    return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
31
0
}
32
#endif
33
34
DSA_SIG *DSA_SIG_new(void)
35
622
{
36
622
    DSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig));
37
38
622
    return sig;
39
622
}
40
41
void DSA_SIG_free(DSA_SIG *sig)
42
528
{
43
528
    if (sig == NULL)
44
89
        return;
45
439
    BN_clear_free(sig->r);
46
439
    BN_clear_free(sig->s);
47
439
    OPENSSL_free(sig);
48
439
}
49
50
DSA_SIG *d2i_DSA_SIG(DSA_SIG **psig, const unsigned char **ppin, long len)
51
179
{
52
179
    DSA_SIG *sig;
53
54
179
    if (len < 0)
55
0
        return NULL;
56
179
    if (psig != NULL && *psig != NULL) {
57
127
        sig = *psig;
58
127
    } else {
59
52
        sig = DSA_SIG_new();
60
52
        if (sig == NULL)
61
0
            return NULL;
62
52
    }
63
179
    if (sig->r == NULL)
64
179
        sig->r = BN_new();
65
179
    if (sig->s == NULL)
66
179
        sig->s = BN_new();
67
179
    if (sig->r == NULL || sig->s == NULL
68
179
        || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) {
69
0
        if (psig == NULL || *psig == NULL)
70
0
            DSA_SIG_free(sig);
71
0
        return NULL;
72
0
    }
73
179
    if (psig != NULL && *psig == NULL)
74
0
        *psig = sig;
75
179
    return sig;
76
179
}
77
78
int i2d_DSA_SIG(const DSA_SIG *sig, unsigned char **ppout)
79
439
{
80
439
    BUF_MEM *buf = NULL;
81
439
    size_t encoded_len;
82
439
    WPACKET pkt;
83
84
439
    if (ppout == NULL) {
85
133
        if (!WPACKET_init_null(&pkt, 0))
86
0
            return -1;
87
306
    } else if (*ppout == NULL) {
88
254
        if ((buf = BUF_MEM_new()) == NULL
89
254
                || !WPACKET_init_len(&pkt, buf, 0)) {
90
0
            BUF_MEM_free(buf);
91
0
            return -1;
92
0
        }
93
254
    } else {
94
52
        if (!WPACKET_init_static_len(&pkt, *ppout, SIZE_MAX, 0))
95
0
            return -1;
96
52
    }
97
98
439
    if (!ossl_encode_der_dsa_sig(&pkt, sig->r, sig->s)
99
439
            || !WPACKET_get_total_written(&pkt, &encoded_len)
100
439
            || !WPACKET_finish(&pkt)) {
101
0
        BUF_MEM_free(buf);
102
0
        WPACKET_cleanup(&pkt);
103
0
        return -1;
104
0
    }
105
106
439
    if (ppout != NULL) {
107
306
        if (*ppout == NULL) {
108
254
            *ppout = (unsigned char *)buf->data;
109
254
            buf->data = NULL;
110
254
            BUF_MEM_free(buf);
111
254
        } else {
112
52
            *ppout += encoded_len;
113
52
        }
114
306
    }
115
116
439
    return (int)encoded_len;
117
439
}
118
119
int DSA_size(const DSA *dsa)
120
133
{
121
133
    int ret = -1;
122
133
    DSA_SIG sig;
123
124
133
    if (dsa->params.q != NULL) {
125
133
        sig.r = sig.s = dsa->params.q;
126
133
        ret = i2d_DSA_SIG(&sig, NULL);
127
128
133
        if (ret < 0)
129
0
            ret = 0;
130
133
    }
131
133
    return ret;
132
133
}
133
134
void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
135
116
{
136
116
    if (pr != NULL)
137
116
        *pr = sig->r;
138
116
    if (ps != NULL)
139
116
        *ps = sig->s;
140
116
}
141
142
int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
143
188
{
144
188
    if (r == NULL || s == NULL)
145
0
        return 0;
146
188
    BN_clear_free(sig->r);
147
188
    BN_clear_free(sig->s);
148
188
    sig->r = r;
149
188
    sig->s = s;
150
188
    return 1;
151
188
}
152
153
int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen,
154
                      unsigned char *sig, unsigned int *siglen, DSA *dsa,
155
                      unsigned int nonce_type, const char *digestname,
156
                      OSSL_LIB_CTX *libctx, const char *propq)
157
133
{
158
133
    DSA_SIG *s;
159
160
133
    if (sig == NULL) {
161
0
        *siglen = DSA_size(dsa);
162
0
        return 1;
163
0
    }
164
165
    /* legacy case uses the method table */
166
133
    if (dsa->libctx == NULL || dsa->meth != DSA_get_default_method())
167
133
        s = DSA_do_sign(dgst, dlen, dsa);
168
0
    else
169
0
        s = ossl_dsa_do_sign_int(dgst, dlen, dsa,
170
0
                                 nonce_type, digestname, libctx, propq);
171
133
    if (s == NULL) {
172
81
        *siglen = 0;
173
81
        return 0;
174
81
    }
175
52
    *siglen = i2d_DSA_SIG(s, &sig);
176
52
    DSA_SIG_free(s);
177
52
    return 1;
178
133
}
179
180
int DSA_sign(int type, const unsigned char *dgst, int dlen,
181
             unsigned char *sig, unsigned int *siglen, DSA *dsa)
182
133
{
183
133
    return ossl_dsa_sign_int(type, dgst, dlen, sig, siglen, dsa,
184
133
                             0, NULL, NULL, NULL);
185
133
}
186
187
/* data has already been hashed (probably with SHA or SHA-1). */
188
/*-
189
 * returns
190
 *      1: correct signature
191
 *      0: incorrect signature
192
 *     -1: error
193
 */
194
int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
195
               const unsigned char *sigbuf, int siglen, DSA *dsa)
196
127
{
197
127
    DSA_SIG *s;
198
127
    const unsigned char *p = sigbuf;
199
127
    unsigned char *der = NULL;
200
127
    int derlen = -1;
201
127
    int ret = -1;
202
203
127
    s = DSA_SIG_new();
204
127
    if (s == NULL)
205
0
        return ret;
206
127
    if (d2i_DSA_SIG(&s, &p, siglen) == NULL)
207
0
        goto err;
208
    /* Ensure signature uses DER and doesn't have trailing garbage */
209
127
    derlen = i2d_DSA_SIG(s, &der);
210
127
    if (derlen != siglen || memcmp(sigbuf, der, derlen))
211
0
        goto err;
212
127
    ret = DSA_do_verify(dgst, dgst_len, s, dsa);
213
127
 err:
214
127
    OPENSSL_clear_free(der, derlen);
215
127
    DSA_SIG_free(s);
216
127
    return ret;
217
127
}