From 706a13f112d864b42f28a59f4a207e296fa1be08 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 4 Mar 2016 02:39:50 +0000 Subject: [PATCH] Make DSA_SIG opaque. This adds a new accessor function DSA_SIG_get0. The customisation of DSA_SIG structure initialisation has been removed this means that the 'r' and 's' components are automatically allocated when DSA_SIG_new() is called. Update documentation. Reviewed-by: Rich Salz --- crypto/dsa/dsa_ameth.c | 7 +++-- crypto/dsa/dsa_asn1.c | 30 ++++++-------------- crypto/dsa/dsa_locl.h | 5 ++++ crypto/dsa/dsa_ossl.c | 56 ++++++++++++++++++-------------------- doc/crypto/DSA_SIG_new.pod | 7 +++-- include/openssl/dsa.h | 6 ++-- 6 files changed, 53 insertions(+), 58 deletions(-) diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index e046fe79d3..5661af57b1 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -488,13 +488,16 @@ static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); if (dsa_sig) { int rv = 0; + BIGNUM *r, *s; + + DSA_SIG_get0(&r, &s, dsa_sig); if (BIO_write(bp, "\n", 1) != 1) goto err; - if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, NULL, indent)) + if (!ASN1_bn_print(bp, "r: ", r, NULL, indent)) goto err; - if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, NULL, indent)) + if (!ASN1_bn_print(bp, "s: ", s, NULL, indent)) goto err; rv = 1; err: diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 44696c372f..ddf3259f0e 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -62,33 +62,21 @@ #include #include #include +#include "dsa_locl.h" -/* Override the default new methods */ -static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, - void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - DSA_SIG *sig; - sig = OPENSSL_malloc(sizeof(*sig)); - if (sig == NULL) { - DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); - return 0; - } - sig->r = NULL; - sig->s = NULL; - *pval = (ASN1_VALUE *)sig; - return 2; - } - return 1; -} - -ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { +ASN1_SEQUENCE(DSA_SIG) = { ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) -} static_ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) +} static_ASN1_SEQUENCE_END(DSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) +void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, DSA_SIG *sig) +{ + *pr = sig->r; + *ps = sig->s; +} + /* Override the default free and new methods */ static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_locl.h index 6182495848..7767e74ef9 100644 --- a/crypto/dsa/dsa_locl.h +++ b/crypto/dsa/dsa_locl.h @@ -65,3 +65,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, size_t seed_len, int idx, unsigned char *seed_out, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); + +struct DSA_SIG_st { + BIGNUM *r; + BIGNUM *s; +}; diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index f8b4647f04..31a6d53c9a 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -133,13 +133,15 @@ const DSA_METHOD *DSA_OpenSSL(void) static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) { - BIGNUM *kinv = NULL, *r = NULL, *s = NULL; + BIGNUM *kinv = NULL; BIGNUM *m; BIGNUM *xr; + BIGNUM *r, *s; BN_CTX *ctx = NULL; int reason = ERR_R_BN_LIB; DSA_SIG *ret = NULL; int noredo = 0; + int rv = 0; m = BN_new(); xr = BN_new(); @@ -151,9 +153,12 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) goto err; } - s = BN_new(); - if (s == NULL) + ret = DSA_SIG_new(); + if (ret == NULL) goto err; + + DSA_SIG_get0(&r, &s, ret); + ctx = BN_CTX_new(); if (ctx == NULL) goto err; @@ -193,23 +198,20 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) } goto redo; } - ret = DSA_SIG_new(); - if (ret == NULL) - goto err; - ret->r = r; - ret->s = s; + + rv = 1; err: - if (ret == NULL) { + if (rv == 0) { DSAerr(DSA_F_DSA_DO_SIGN, reason); - BN_free(r); - BN_free(s); + DSA_SIG_free(ret); + ret = NULL; } BN_CTX_free(ctx); BN_clear_free(m); BN_clear_free(xr); BN_clear_free(kinv); - return (ret); + return ret; } static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, @@ -223,7 +225,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, const unsigned char *dgst, int dlen) { BN_CTX *ctx = NULL; - BIGNUM *k, *kq, *K, *kinv = NULL, *r = NULL; + BIGNUM *k, *kq, *K, *kinv = NULL, *r = *rp; int ret = 0; if (!dsa->p || !dsa->q || !dsa->g) { @@ -242,9 +244,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, } else ctx = ctx_in; - if ((r = BN_new()) == NULL) - goto err; - /* Get random k */ do { if (dgst != NULL) { @@ -305,19 +304,15 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BN_clear_free(*kinvp); *kinvp = kinv; kinv = NULL; - BN_clear_free(*rp); - *rp = r; ret = 1; err: - if (!ret) { + if (!ret) DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB); - BN_clear_free(r); - } if (ctx != ctx_in) BN_CTX_free(ctx); BN_clear_free(k); BN_clear_free(kq); - return (ret); + return ret; } static int dsa_do_verify(const unsigned char *dgst, int dgst_len, @@ -326,6 +321,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, BN_CTX *ctx; BIGNUM *u1, *u2, *t1; BN_MONT_CTX *mont = NULL; + BIGNUM *r, *s; int ret = -1, i; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS); @@ -350,13 +346,15 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, if (u1 == NULL || u2 == NULL || t1 == NULL || ctx == NULL) goto err; - if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || - BN_ucmp(sig->r, dsa->q) >= 0) { + DSA_SIG_get0(&r, &s, sig); + + if (BN_is_zero(r) || BN_is_negative(r) || + BN_ucmp(r, dsa->q) >= 0) { ret = 0; goto err; } - if (BN_is_zero(sig->s) || BN_is_negative(sig->s) || - BN_ucmp(sig->s, dsa->q) >= 0) { + if (BN_is_zero(s) || BN_is_negative(s) || + BN_ucmp(s, dsa->q) >= 0) { ret = 0; goto err; } @@ -364,7 +362,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, /* * Calculate W = inv(S) mod Q save W in u2 */ - if ((BN_mod_inverse(u2, sig->s, dsa->q, ctx)) == NULL) + if ((BN_mod_inverse(u2, s, dsa->q, ctx)) == NULL) goto err; /* save M in u1 */ @@ -383,7 +381,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, goto err; /* u2 = r * w mod q */ - if (!BN_mod_mul(u2, sig->r, u2, dsa->q, ctx)) + if (!BN_mod_mul(u2, r, u2, dsa->q, ctx)) goto err; if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { @@ -403,7 +401,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, /* * V is now in u1. If the signature is correct, it will be equal to R. */ - ret = (BN_ucmp(u1, sig->r) == 0); + ret = (BN_ucmp(u1, r) == 0); err: if (ret < 0) diff --git a/doc/crypto/DSA_SIG_new.pod b/doc/crypto/DSA_SIG_new.pod index 91bb513a0b..2d9e2729ed 100644 --- a/doc/crypto/DSA_SIG_new.pod +++ b/doc/crypto/DSA_SIG_new.pod @@ -9,8 +9,8 @@ DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects #include DSA_SIG *DSA_SIG_new(void); - - void DSA_SIG_free(DSA_SIG *a); + void DSA_SIG_free(DSA_SIG *a); + void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, DSA_SIG *sig); =head1 DESCRIPTION @@ -19,6 +19,9 @@ DSA_SIG_new() allocates and initializes a B structure. DSA_SIG_free() frees the B structure and its components. The values are erased before the memory is returned to the system. +DSA_SIG_get0() returns internal pointers the B and B values contained +in B. The values can then be examined or initialised. + =head1 RETURN VALUES If the allocation fails, DSA_SIG_new() returns B and sets an diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h index f10e1c2504..3346853152 100644 --- a/include/openssl/dsa.h +++ b/include/openssl/dsa.h @@ -121,10 +121,7 @@ extern "C" { /* typedef struct dsa_st DSA; */ /* typedef struct dsa_method DSA_METHOD; */ -typedef struct DSA_SIG_st { - BIGNUM *r; - BIGNUM *s; -} DSA_SIG; +typedef struct DSA_SIG_st DSA_SIG; struct dsa_method { const char *name; @@ -187,6 +184,7 @@ DSA_SIG *DSA_SIG_new(void); void DSA_SIG_free(DSA_SIG *a); int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); +void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, DSA_SIG *sig); DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); int DSA_do_verify(const unsigned char *dgst, int dgst_len, -- 2.25.1