From 357d5de5b9c3a84f170ce91abeafa71c26fefdd9 Mon Sep 17 00:00:00 2001 From: Nils Larsch Date: Sat, 3 Feb 2007 14:41:12 +0000 Subject: [PATCH] add support for DSA with SHA2 --- CHANGES | 5 ++ crypto/dsa/Makefile | 2 +- crypto/dsa/dsa.h | 2 + crypto/dsa/dsa_ameth.c | 13 ++-- crypto/dsa/dsa_gen.c | 115 ++++++++++++++++++++++-------------- crypto/dsa/dsa_locl.h | 59 ++++++++++++++++++ crypto/dsa/dsa_ossl.c | 43 ++++++++++++-- crypto/dsa/dsa_pmeth.c | 51 +++++++++++++--- crypto/dsa/dsa_sign.c | 4 -- crypto/dsa/dsa_vrf.c | 5 -- crypto/objects/obj_dat.h | 22 +++++-- crypto/objects/obj_mac.h | 10 ++++ crypto/objects/obj_mac.num | 2 + crypto/objects/obj_xref.h | 4 ++ crypto/objects/obj_xref.txt | 3 + crypto/objects/objects.txt | 5 ++ 16 files changed, 270 insertions(+), 75 deletions(-) create mode 100644 crypto/dsa/dsa_locl.h diff --git a/CHANGES b/CHANGES index 567fc7e702..ec1cf226f5 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,11 @@ Changes between 0.9.8e and 0.9.9 [xx XXX xxxx] + *) Add support for dsa-with-SHA224 and dsa-with-SHA256. + Use the leftmost N bytes of the signature input if the input is + larger than the prime q (with N being the size in bytes of q). + [Nils Larsch] + *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses it yet and it is largely untested. [Steve Henson] diff --git a/crypto/dsa/Makefile b/crypto/dsa/Makefile index b80048fa5c..cd3126e16c 100644 --- a/crypto/dsa/Makefile +++ b/crypto/dsa/Makefile @@ -25,7 +25,7 @@ LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ SRC= $(LIBSRC) EXHEADER= dsa.h -HEADER= $(EXHEADER) +HEADER= dsa_locl.h $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 43fa855f10..27bc5b91ca 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -254,6 +254,8 @@ DH *DSA_dup_DH(const DSA *r); EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) #define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1) +#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2) +#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3) /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index d39833ca0d..fab5d55f76 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -537,12 +537,17 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) case ASN1_PKEY_CTRL_PKCS7_SIGN: if (arg1 == 0) { + int snid, hnid; X509_ALGOR *alg1, *alg2; PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); - X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_sha1), - V_ASN1_NULL, 0); - X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_dsaWithSHA1), - V_ASN1_UNDEF, 0); + if (alg1 == NULL || alg1->algorithm == NULL) + return -1; + hnid = OBJ_obj2nid(alg1->algorithm); + if (hnid == NID_undef) + return -1; + if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) + return -1; + X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); } return 1; diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 6a6be3b575..aa0995564d 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -74,17 +74,12 @@ #ifndef OPENSSL_NO_SHA #include -#include #include "cryptlib.h" #include #include -#include #include #include - -static int dsa_builtin_paramgen(DSA *ret, int bits, - unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); +#include "dsa_locl.h" int DSA_generate_parameters_ex(DSA *ret, int bits, unsigned char *seed_in, int seed_len, @@ -93,41 +88,72 @@ int DSA_generate_parameters_ex(DSA *ret, int bits, if(ret->meth->dsa_paramgen) return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, counter_ret, h_ret, cb); - return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, - counter_ret, h_ret, cb); + else + { + const EVP_MD *evpmd; + size_t qbits = bits >= 2048 ? 256 : 160; + + if (bits >= 2048) + { + qbits = 256; + evpmd = EVP_sha256(); + } + else + { + qbits = 160; + evpmd = EVP_sha1(); + } + + return dsa_builtin_paramgen(ret, bits, qbits, evpmd, + seed_in, seed_len, counter_ret, h_ret, cb); + } } -static int dsa_builtin_paramgen(DSA *ret, int bits, - unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) +int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, + const EVP_MD *evpmd, unsigned char *seed_in, size_t seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { int ok=0; - unsigned char seed[SHA_DIGEST_LENGTH]; - unsigned char md[SHA_DIGEST_LENGTH]; - unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; + unsigned char seed[SHA256_DIGEST_LENGTH]; + unsigned char md[SHA256_DIGEST_LENGTH]; + unsigned char buf[SHA256_DIGEST_LENGTH],buf2[SHA256_DIGEST_LENGTH]; BIGNUM *r0,*W,*X,*c,*test; BIGNUM *g=NULL,*q=NULL,*p=NULL; BN_MONT_CTX *mont=NULL; - int k,n=0,i,b,m=0; + size_t i; + int k,n=0,b,m=0, qsize = qbits >> 3; int counter=0; int r=0; BN_CTX *ctx=NULL; unsigned int h=2; - if (bits < 512) bits=512; - bits=(bits+63)/64*64; + if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH && + qsize != SHA256_DIGEST_LENGTH) + /* invalid q size */ + return 0; - if (seed_len < 20) - seed_in = NULL; /* seed buffer too small -- ignore */ - if (seed_len > 20) - seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits*/ - if ((seed_in != NULL) && (seed_len == 20)) - memcpy(seed,seed_in,seed_len); + if (evpmd == NULL) + /* use SHA1 as default */ + evpmd = EVP_sha1(); - if ((ctx=BN_CTX_new()) == NULL) goto err; + if (bits < 512) + bits = 512; - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; + bits = (bits+63)/64*64; + + if (seed_len < qsize) + seed_in = NULL; /* seed buffer too small -- ignore */ + if (seed_len > qsize) + seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, + * but our internal buffers are restricted to 160 bits*/ + if (seed_in != NULL) + memcpy(seed, seed_in, seed_len); + + if ((ctx=BN_CTX_new()) == NULL) + goto err; + + if ((mont=BN_MONT_CTX_new()) == NULL) + goto err; BN_CTX_start(ctx); r0 = BN_CTX_get(ctx); @@ -154,7 +180,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, if (!seed_len) { - RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH); + RAND_pseudo_bytes(seed, qsize); seed_is_random = 1; } else @@ -162,25 +188,27 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, seed_is_random = 0; seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ } - memcpy(buf,seed,SHA_DIGEST_LENGTH); - memcpy(buf2,seed,SHA_DIGEST_LENGTH); + memcpy(buf , seed, qsize); + memcpy(buf2, seed, qsize); /* precompute "SEED + 1" for step 7: */ - for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) + for (i = qsize-1; i >= 0; i--) { buf[i]++; - if (buf[i] != 0) break; + if (buf[i] != 0) + break; } /* step 2 */ - EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); - EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); - for (i=0; i= 0; i--) + for (i = qsize-1; i >= 0; i--) { buf[i]++; - if (buf[i] != 0) break; + if (buf[i] != 0) + break; } - EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); + EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL); /* step 8 */ - if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) + if (!BN_bin2bn(md, qsize, r0)) goto err; - if (!BN_lshift(r0,r0,160*k)) goto err; + if (!BN_lshift(r0,r0,(qsize << 3)*k)) goto err; if (!BN_add(W,W,r0)) goto err; } @@ -300,7 +329,7 @@ err: ok=0; goto err; } - if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); + if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed, qsize); if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_locl.h new file mode 100644 index 0000000000..f1bbf72fb8 --- /dev/null +++ b/crypto/dsa/dsa_locl.h @@ -0,0 +1,59 @@ +/* ==================================================================== + * Copyright (c) 2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include + +int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, + const EVP_MD *evpmd, unsigned char *seed_in, size_t seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 36220a6a55..96df46b70d 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -61,6 +61,7 @@ #include #include "cryptlib.h" #include +#include #include #include #include @@ -133,7 +134,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) BIGNUM m; BIGNUM xr; BN_CTX *ctx=NULL; - int i,reason=ERR_R_BN_LIB; + int i, j, reason=ERR_R_BN_LIB; DSA_SIG *ret=NULL; BN_init(&m); @@ -148,8 +149,9 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) s=BN_new(); if (s == NULL) goto err; - i=BN_num_bytes(dsa->q); /* should be 20 */ - if ((dlen > i) || (dlen > 50)) + /* reject a excessive digest length (currently at most + * dsa-with-SHA256 is supported) */ + if (dlen > SHA256_DIGEST_LENGTH) { reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; goto err; @@ -170,7 +172,17 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) dsa->r=NULL; } - if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; + if (BN_bin2bn(dgst,dlen,&m) == NULL) + goto err; + i = BN_num_bytes(dsa->q); + if (dlen > i) + { + /* if the digest length is greater than the size of q use the + * BN_num_bits(dsa->q) leftmost bits of the digest, see + * fips 186-3, 4.2 */ + if (!BN_rshift(&m, &m, (dlen - i) << 3)) + goto err; + } /* Compute s = inv(k) (m + xr) mod q */ if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ @@ -296,14 +308,16 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, BN_CTX *ctx; BIGNUM u1,u2,t1; BN_MONT_CTX *mont=NULL; - int ret = -1; + int ret = -1, i, j; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS); return -1; } - if (BN_num_bits(dsa->q) != 160) + i = BN_num_bits(dsa->q); + /* fips 186-3 allows only different sizes for q */ + if (i != 160 && i != 224 && i != 256) { DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); return -1; @@ -315,6 +329,14 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, return -1; } + /* reject a excessive digest length (currently at most + * dsa-with-SHA256 is supported) */ + if (dgst_len > SHA256_DIGEST_LENGTH) + { + DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + return -1; + } + BN_init(&u1); BN_init(&u2); BN_init(&t1); @@ -340,6 +362,15 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, /* save M in u1 */ if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; + j = dgst_len << 3; + if (j > i) + { + /* if the digest length is greater than the size of q use the + * BN_num_bits(dsa->q) leftmost bits of the digest, see + * fips 186-3, 4.2 */ + if (!BN_rshift(&u1, &u1, j - i)) + goto err; + } /* u1 = M * w mod q */ if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err; diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index bd4ee72339..935258b24d 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -59,20 +59,22 @@ #include "cryptlib.h" #include #include -#include #include #include "evp_locl.h" +#include "dsa_locl.h" /* DSA pkey context structure */ typedef struct { /* Parameter gen parameters */ - int nbits; + int nbits; /* size of p in bits (default: 1024) */ + int qbits; /* size of q in bits (default: 160) */ + const EVP_MD *pmd; /* MD for parameter generation */ /* Keygen callback info */ int gentmp[2]; /* message digest */ - const EVP_MD *md; + const EVP_MD *md; /* MD for the signature */ } DSA_PKEY_CTX; static int pkey_dsa_init(EVP_PKEY_CTX *ctx) @@ -82,6 +84,8 @@ static int pkey_dsa_init(EVP_PKEY_CTX *ctx) if (!dctx) return 0; dctx->nbits = 1024; + dctx->qbits = 160; + dctx->pmd = NULL; dctx->md = NULL; ctx->data = dctx; @@ -99,7 +103,9 @@ static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) sctx = src->data; dctx = dst->data; dctx->nbits = sctx->nbits; - dctx->md = sctx->md; + dctx->qbits = sctx->qbits; + dctx->pmd = sctx->pmd; + dctx->md = sctx->md; return 1; } @@ -160,8 +166,27 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) dctx->nbits = p1; return 1; + case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS: + if (p1 != 160 && p1 != 224 && p1 && p1 != 256) + return -2; + dctx->qbits = p1; + return 1; + + case EVP_PKEY_CTRL_DSA_PARAMGEN_MD: + if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && + EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && + EVP_MD_type((const EVP_MD *)p2) != NID_sha256) + { + DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE); + return 0; + } + dctx->md = p2; + return 1; + case EVP_PKEY_CTRL_MD: - if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1) + if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && + EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && + EVP_MD_type((const EVP_MD *)p2) != NID_sha256) { DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE); return 0; @@ -187,6 +212,18 @@ static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx, nbits = atoi(value); return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits); } + if (!strcmp(type, "dsa_paramgen_q_bits")) + { + int qbits = atoi(value); + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL); + } + if (!strcmp(type, "dsa_paramgen_md")) + { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, + (void *)EVP_get_digestbyname(value)); + } return -2; } @@ -206,8 +243,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) dsa = DSA_new(); if (!dsa) return 0; - ret = DSA_generate_parameters_ex(dsa, dctx->nbits, NULL, 0, NULL, NULL, - pcb); + ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, + NULL, 0, NULL, NULL, pcb); if (ret) EVP_PKEY_assign_DSA(pkey, dsa); else diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c index 89205026f0..6ac8e486e8 100644 --- a/crypto/dsa/dsa_sign.c +++ b/crypto/dsa/dsa_sign.c @@ -58,12 +58,8 @@ /* Original version from Steven Schoch */ -#include #include "cryptlib.h" -#include #include -#include -#include DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c index c4aeddd056..226a75ff3f 100644 --- a/crypto/dsa/dsa_vrf.c +++ b/crypto/dsa/dsa_vrf.c @@ -58,13 +58,8 @@ /* Original version from Steven Schoch */ -#include #include "cryptlib.h" -#include #include -#include -#include -#include int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 7e0a63c265..9c6bad7891 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 833 -#define NUM_SN 829 -#define NUM_LN 829 -#define NUM_OBJ 785 +#define NUM_NID 835 +#define NUM_SN 831 +#define NUM_LN 831 +#define NUM_OBJ 787 -static unsigned char lvalues[5542]={ +static unsigned char lvalues[5560]={ 0x00, /* [ 0] OBJ_undef */ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ @@ -853,6 +853,8 @@ static unsigned char lvalues[5542]={ 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5517] OBJ_ecdsa_with_SHA256 */ 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5525] OBJ_ecdsa_with_SHA384 */ 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5533] OBJ_ecdsa_with_SHA512 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5541] OBJ_dsa_with_SHA224 */ +0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5550] OBJ_dsa_with_SHA256 */ }; static ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2202,6 +2204,10 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ &(lvalues[5525]),0}, {"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8, &(lvalues[5533]),0}, +{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9, + &(lvalues[5541]),0}, +{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9, + &(lvalues[5550]),0}, }; static ASN1_OBJECT *sn_objs[NUM_SN]={ @@ -2452,6 +2458,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ &(nid_objs[470]),/* "documentVersion" */ &(nid_objs[392]),/* "domain" */ &(nid_objs[452]),/* "domainRelatedObject" */ +&(nid_objs[833]),/* "dsa_with_SHA224" */ +&(nid_objs[834]),/* "dsa_with_SHA256" */ &(nid_objs[827]),/* "ecdsa-with-Recommended" */ &(nid_objs[416]),/* "ecdsa-with-SHA1" */ &(nid_objs[829]),/* "ecdsa-with-SHA224" */ @@ -3304,6 +3312,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ &(nid_objs[66]),/* "dsaWithSHA" */ &(nid_objs[113]),/* "dsaWithSHA1" */ &(nid_objs[70]),/* "dsaWithSHA1-old" */ +&(nid_objs[833]),/* "dsa_with_SHA224" */ +&(nid_objs[834]),/* "dsa_with_SHA256" */ &(nid_objs[297]),/* "dvcs" */ &(nid_objs[827]),/* "ecdsa-with-Recommended" */ &(nid_objs[416]),/* "ecdsa-with-SHA1" */ @@ -4486,6 +4496,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ &(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ &(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ &(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */ +&(nid_objs[833]),/* OBJ_dsa_with_SHA224 2 16 840 1 101 3 4 3 1 */ +&(nid_objs[834]),/* OBJ_dsa_with_SHA256 2 16 840 1 101 3 4 3 2 */ &(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ &(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ &(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index c471c2faeb..db846f49c0 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -2497,6 +2497,16 @@ #define NID_sha224 675 #define OBJ_sha224 OBJ_nist_hashalgs,4L +#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L + +#define SN_dsa_with_SHA224 "dsa_with_SHA224" +#define NID_dsa_with_SHA224 833 +#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L + +#define SN_dsa_with_SHA256 "dsa_with_SHA256" +#define NID_dsa_with_SHA256 834 +#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L + #define SN_hold_instruction_code "holdInstructionCode" #define LN_hold_instruction_code "Hold Instruction Code" #define NID_hold_instruction_code 430 diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 147bfc1d2a..1a200207ff 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -830,3 +830,5 @@ ecdsa_with_SHA224 829 ecdsa_with_SHA256 830 ecdsa_with_SHA384 831 ecdsa_with_SHA512 832 +dsa_with_SHA224 833 +dsa_with_SHA256 834 diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h index b385083df1..c5d75c34fa 100644 --- a/crypto/objects/obj_xref.h +++ b/crypto/objects/obj_xref.h @@ -30,6 +30,8 @@ static const nid_triple sigoid_srt[] = {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey}, + {NID_dsa_with_SHA224, NID_sha224, NID_dsa}, + {NID_dsa_with_SHA256, NID_sha256, NID_dsa}, }; static const nid_triple * const sigoid_srt_xref[] = @@ -50,12 +52,14 @@ static const nid_triple * const sigoid_srt_xref[] = &sigoid_srt[10], &sigoid_srt[11], &sigoid_srt[13], + &sigoid_srt[28], &sigoid_srt[24], &sigoid_srt[14], &sigoid_srt[25], &sigoid_srt[15], &sigoid_srt[26], &sigoid_srt[16], + &sigoid_srt[27], &sigoid_srt[23], &sigoid_srt[17], &sigoid_srt[18], diff --git a/crypto/objects/obj_xref.txt b/crypto/objects/obj_xref.txt index 01a0adbb59..e45b3d34b9 100644 --- a/crypto/objects/obj_xref.txt +++ b/crypto/objects/obj_xref.txt @@ -33,6 +33,9 @@ ecdsa_with_SHA512 sha512 X9_62_id_ecPublicKey ecdsa_with_Recommended undef X9_62_id_ecPublicKey ecdsa_with_Specified undef X9_62_id_ecPublicKey +dsa_with_SHA224 sha224 dsa +dsa_with_SHA256 sha256 dsa + id_GostR3411_94_with_GostR3410_2001 id_GostR3411_94 id_GostR3410_2001 id_GostR3411_94_with_GostR3410_94 id_GostR3411_94 id_GostR3410_94 id_GostR3411_94_with_GostR3410_94_cc id_GostR3411_94 id_GostR3410_94_cc diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 7425196b99..e2a6c24c4c 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -831,6 +831,11 @@ nist_hashalgs 2 : SHA384 : sha384 nist_hashalgs 3 : SHA512 : sha512 nist_hashalgs 4 : SHA224 : sha224 +# OIDs for dsa-with-sha224 and dsa-with-sha256 +!Alias dsa_with_sha2 nistAlgorithms 3 +dsa_with_sha2 1 : dsa_with_SHA224 +dsa_with_sha2 2 : dsa_with_SHA256 + # Hold instruction CRL entry extension !Cname hold-instruction-code id-ce 23 : holdInstructionCode : Hold Instruction Code -- 2.25.1