/src/openssl30/crypto/dsa/dsa_sign.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * DSA low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <openssl/bn.h> |
17 | | #include "internal/cryptlib.h" |
18 | | #include "dsa_local.h" |
19 | | #include "crypto/asn1_dsa.h" |
20 | | #include "crypto/dsa.h" |
21 | | |
22 | | DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
23 | 0 | { |
24 | 0 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); |
25 | 0 | } |
26 | | |
27 | | #ifndef OPENSSL_NO_DEPRECATED_3_0 |
28 | | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) |
29 | 0 | { |
30 | 0 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); |
31 | 0 | } |
32 | | #endif |
33 | | |
34 | | DSA_SIG *DSA_SIG_new(void) |
35 | 12.1k | { |
36 | 12.1k | DSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig)); |
37 | 12.1k | if (sig == NULL) |
38 | 12.1k | ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); |
39 | 12.1k | return sig; |
40 | 12.1k | } |
41 | | |
42 | | void DSA_SIG_free(DSA_SIG *sig) |
43 | 12.1k | { |
44 | 12.1k | if (sig == NULL) |
45 | 0 | return; |
46 | 12.1k | BN_clear_free(sig->r); |
47 | 12.1k | BN_clear_free(sig->s); |
48 | 12.1k | OPENSSL_free(sig); |
49 | 12.1k | } |
50 | | |
51 | | DSA_SIG *d2i_DSA_SIG(DSA_SIG **psig, const unsigned char **ppin, long len) |
52 | 12.1k | { |
53 | 12.1k | DSA_SIG *sig; |
54 | | |
55 | 12.1k | if (len < 0) |
56 | 0 | return NULL; |
57 | 12.1k | if (psig != NULL && *psig != NULL) { |
58 | 0 | sig = *psig; |
59 | 12.1k | } else { |
60 | 12.1k | sig = DSA_SIG_new(); |
61 | 12.1k | if (sig == NULL) |
62 | 0 | return NULL; |
63 | 12.1k | } |
64 | 12.1k | if (sig->r == NULL) |
65 | 12.1k | sig->r = BN_new(); |
66 | 12.1k | if (sig->s == NULL) |
67 | 12.1k | sig->s = BN_new(); |
68 | 12.1k | if (sig->r == NULL || sig->s == NULL |
69 | 12.1k | || ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { |
70 | 12.1k | if (psig == NULL || *psig == NULL) |
71 | 12.1k | DSA_SIG_free(sig); |
72 | 12.1k | return NULL; |
73 | 12.1k | } |
74 | 11 | if (psig != NULL && *psig == NULL) |
75 | 0 | *psig = sig; |
76 | 11 | return sig; |
77 | 12.1k | } |
78 | | |
79 | | int i2d_DSA_SIG(const DSA_SIG *sig, unsigned char **ppout) |
80 | 661 | { |
81 | 661 | BUF_MEM *buf = NULL; |
82 | 661 | size_t encoded_len; |
83 | 661 | WPACKET pkt; |
84 | | |
85 | 661 | if (ppout == NULL) { |
86 | 650 | if (!WPACKET_init_null(&pkt, 0)) |
87 | 0 | return -1; |
88 | 650 | } else if (*ppout == NULL) { |
89 | 11 | if ((buf = BUF_MEM_new()) == NULL |
90 | 11 | || !WPACKET_init_len(&pkt, buf, 0)) { |
91 | 0 | BUF_MEM_free(buf); |
92 | 0 | return -1; |
93 | 0 | } |
94 | 11 | } else { |
95 | 0 | if (!WPACKET_init_static_len(&pkt, *ppout, SIZE_MAX, 0)) |
96 | 0 | return -1; |
97 | 0 | } |
98 | | |
99 | 661 | if (!ossl_encode_der_dsa_sig(&pkt, sig->r, sig->s) |
100 | 661 | || !WPACKET_get_total_written(&pkt, &encoded_len) |
101 | 661 | || !WPACKET_finish(&pkt)) { |
102 | 0 | BUF_MEM_free(buf); |
103 | 0 | WPACKET_cleanup(&pkt); |
104 | 0 | return -1; |
105 | 0 | } |
106 | | |
107 | 661 | if (ppout != NULL) { |
108 | 11 | if (*ppout == NULL) { |
109 | 11 | *ppout = (unsigned char *)buf->data; |
110 | 11 | buf->data = NULL; |
111 | 11 | BUF_MEM_free(buf); |
112 | 11 | } else { |
113 | 0 | *ppout += encoded_len; |
114 | 0 | } |
115 | 11 | } |
116 | | |
117 | 661 | return (int)encoded_len; |
118 | 661 | } |
119 | | |
120 | | int DSA_size(const DSA *dsa) |
121 | 650 | { |
122 | 650 | int ret = -1; |
123 | 650 | DSA_SIG sig; |
124 | | |
125 | 650 | if (dsa->params.q != NULL) { |
126 | 650 | sig.r = sig.s = dsa->params.q; |
127 | 650 | ret = i2d_DSA_SIG(&sig, NULL); |
128 | | |
129 | 650 | if (ret < 0) |
130 | 0 | ret = 0; |
131 | 650 | } |
132 | 650 | return ret; |
133 | 650 | } |
134 | | |
135 | | void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) |
136 | 0 | { |
137 | 0 | if (pr != NULL) |
138 | 0 | *pr = sig->r; |
139 | 0 | if (ps != NULL) |
140 | 0 | *ps = sig->s; |
141 | 0 | } |
142 | | |
143 | | int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) |
144 | 0 | { |
145 | 0 | if (r == NULL || s == NULL) |
146 | 0 | return 0; |
147 | 0 | BN_clear_free(sig->r); |
148 | 0 | BN_clear_free(sig->s); |
149 | 0 | sig->r = r; |
150 | 0 | sig->s = s; |
151 | 0 | return 1; |
152 | 0 | } |
153 | | |
154 | | int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen, |
155 | | unsigned char *sig, unsigned int *siglen, DSA *dsa) |
156 | 0 | { |
157 | 0 | DSA_SIG *s; |
158 | | |
159 | | /* legacy case uses the method table */ |
160 | 0 | if (dsa->libctx == NULL || dsa->meth != DSA_get_default_method()) |
161 | 0 | s = DSA_do_sign(dgst, dlen, dsa); |
162 | 0 | else |
163 | 0 | s = ossl_dsa_do_sign_int(dgst, dlen, dsa); |
164 | 0 | if (s == NULL) { |
165 | 0 | *siglen = 0; |
166 | 0 | return 0; |
167 | 0 | } |
168 | 0 | *siglen = i2d_DSA_SIG(s, sig != NULL ? &sig : NULL); |
169 | 0 | DSA_SIG_free(s); |
170 | 0 | return 1; |
171 | 0 | } |
172 | | |
173 | | int DSA_sign(int type, const unsigned char *dgst, int dlen, |
174 | | unsigned char *sig, unsigned int *siglen, DSA *dsa) |
175 | 0 | { |
176 | 0 | return ossl_dsa_sign_int(type, dgst, dlen, sig, siglen, dsa); |
177 | 0 | } |
178 | | |
179 | | /* data has already been hashed (probably with SHA or SHA-1). */ |
180 | | /*- |
181 | | * returns |
182 | | * 1: correct signature |
183 | | * 0: incorrect signature |
184 | | * -1: error |
185 | | */ |
186 | | int DSA_verify(int type, const unsigned char *dgst, int dgst_len, |
187 | | const unsigned char *sigbuf, int siglen, DSA *dsa) |
188 | 0 | { |
189 | 0 | DSA_SIG *s; |
190 | 0 | const unsigned char *p = sigbuf; |
191 | 0 | unsigned char *der = NULL; |
192 | 0 | int derlen = -1; |
193 | 0 | int ret = -1; |
194 | |
|
195 | 0 | s = DSA_SIG_new(); |
196 | 0 | if (s == NULL) |
197 | 0 | return ret; |
198 | 0 | if (d2i_DSA_SIG(&s, &p, siglen) == NULL) |
199 | 0 | goto err; |
200 | | /* Ensure signature uses DER and doesn't have trailing garbage */ |
201 | 0 | derlen = i2d_DSA_SIG(s, &der); |
202 | 0 | if (derlen != siglen || memcmp(sigbuf, der, derlen)) |
203 | 0 | goto err; |
204 | 0 | ret = DSA_do_verify(dgst, dgst_len, s, dsa); |
205 | 0 | err: |
206 | 0 | OPENSSL_clear_free(der, derlen); |
207 | 0 | DSA_SIG_free(s); |
208 | 0 | return ret; |
209 | 0 | } |