--- /dev/null
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdlib.h>
+
+#include <openssl/objects.h>
+#include "crypto/dsa.h"
+
+#define ASN1_SEQUENCE 0x30
+#define ASN1_OID 0x06
+
+/* dsaWithSHA OIDs are of the form: (1 3 14 3 2 |n|) */
+#define ENCODE_ALGORITHMIDENTIFIER_SHA(name, n) \
+ static const unsigned char algorithmidentifier_##name##_der[] = { \
+ ASN1_SEQUENCE, 0x07, \
+ ASN1_OID, 0x05, 1 * 40 + 3, 14, 3, 2, n \
+}
+
+ENCODE_ALGORITHMIDENTIFIER_SHA(sha, 13);
+ENCODE_ALGORITHMIDENTIFIER_SHA(sha1, 27);
+
+/* dsaWithSHA OIDs are of the form: (2 16 840 1 101 3 4 3 |n|) */
+#define ENCODE_ALGORITHMIDENTIFIER_SHAx(name, n) \
+ static const unsigned char algorithmidentifier_##name##_der[] = { \
+ ASN1_SEQUENCE, 0x0b, \
+ ASN1_OID, 0x09, 2 * 40 + 16, 0x86, 0x48, 1, 101, 3, 4, 3, n \
+}
+
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha224, 1);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha256, 2);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha384, 3);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha512, 4);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_224, 5);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_256, 6);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_384, 7);
+ENCODE_ALGORITHMIDENTIFIER_SHAx(sha3_512, 8);
+
+#define MD_CASE(name) \
+ case NID_##name: \
+ *len = sizeof(algorithmidentifier_##name##_der); \
+ return algorithmidentifier_##name##_der
+
+const unsigned char *dsa_algorithmidentifier_encoding(int md_nid, size_t *len)
+{
+ switch (md_nid) {
+ MD_CASE(sha);
+ MD_CASE(sha1);
+ MD_CASE(sha224);
+ MD_CASE(sha256);
+ MD_CASE(sha384);
+ MD_CASE(sha512);
+ MD_CASE(sha3_224);
+ MD_CASE(sha3_256);
+ MD_CASE(sha3_384);
+ MD_CASE(sha3_512);
+ default:
+ return NULL;
+ }
+}
* https://www.openssl.org/source/license.html
*/
+#include <string.h>
+
#include <openssl/crypto.h>
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
+#include <openssl/err.h>
#include <openssl/dsa.h>
#include <openssl/params.h>
#include <openssl/evp.h>
+#include "internal/nelem.h"
#include "internal/sizes.h"
+#include "prov/providercommonerr.h"
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "crypto/dsa.h"
DSA *dsa;
size_t mdsize;
char mdname[OSSL_MAX_NAME_SIZE];
+
+ /* The Algorithm Identifier of the combined signature agorithm */
+ unsigned char aid[OSSL_MAX_ALGORITHM_ID_SIZE];
+ size_t aid_len;
+
+ /* main digest */
EVP_MD *md;
EVP_MD_CTX *mdctx;
} PROV_DSA_CTX;
return DSA_verify(0, tbs, tbslen, sig, siglen, pdsactx->dsa);
}
+static int get_md_nid(const EVP_MD *md)
+{
+ /*
+ * Because the DSA library deals with NIDs, we need to translate.
+ * We do so using EVP_MD_is_a(), and therefore need a name to NID
+ * map.
+ */
+ static const OSSL_ITEM name_to_nid[] = {
+ { NID_sha1, OSSL_DIGEST_NAME_SHA1 },
+ { NID_sha224, OSSL_DIGEST_NAME_SHA2_224 },
+ { NID_sha256, OSSL_DIGEST_NAME_SHA2_256 },
+ { NID_sha384, OSSL_DIGEST_NAME_SHA2_384 },
+ { NID_sha512, OSSL_DIGEST_NAME_SHA2_512 },
+ { NID_sha3_224, OSSL_DIGEST_NAME_SHA3_224 },
+ { NID_sha3_256, OSSL_DIGEST_NAME_SHA3_256 },
+ { NID_sha3_384, OSSL_DIGEST_NAME_SHA3_384 },
+ { NID_sha3_512, OSSL_DIGEST_NAME_SHA3_512 },
+ };
+ size_t i;
+ int mdnid = NID_undef;
+
+ if (md == NULL)
+ goto end;
+
+ for (i = 0; i < OSSL_NELEM(name_to_nid); i++) {
+ if (EVP_MD_is_a(md, name_to_nid[i].ptr)) {
+ mdnid = (int)name_to_nid[i].id;
+ break;
+ }
+ }
+
+ if (mdnid == NID_undef)
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST);
+
+ end:
+ return mdnid;
+}
+
static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
const char *props, void *vdsa)
{
PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
- EVP_MD *md;
+ size_t algorithmidentifier_len = 0;
+ const unsigned char *algorithmidentifier;
+
+ EVP_MD_CTX_free(pdsactx->mdctx);
+ EVP_MD_free(pdsactx->md);
+ pdsactx->mdctx = NULL;
+ pdsactx->mdsize = 0;
+ pdsactx->md = NULL;
if (!dsa_signature_init(vpdsactx, vdsa))
return 0;
- md = EVP_MD_fetch(pdsactx->libctx, mdname, props);
- if (md == NULL)
- return 0;
- pdsactx->md = md;
- pdsactx->mdsize = EVP_MD_size(md);
+ pdsactx->md = EVP_MD_fetch(pdsactx->libctx, mdname, props);
+ algorithmidentifier =
+ dsa_algorithmidentifier_encoding(get_md_nid(pdsactx->md),
+ &algorithmidentifier_len);
+
+ if (algorithmidentifier == NULL)
+ goto error;
+
+ pdsactx->mdsize = EVP_MD_size(pdsactx->md);
pdsactx->mdctx = EVP_MD_CTX_new();
if (pdsactx->mdctx == NULL)
- return 0;
+ goto error;
- if (!EVP_DigestInit_ex(pdsactx->mdctx, md, NULL))
- return 0;
+ memcpy(pdsactx->aid, algorithmidentifier, algorithmidentifier_len);
+ pdsactx->aid_len = algorithmidentifier_len;
+
+ if (!EVP_DigestInit_ex(pdsactx->mdctx, pdsactx->md, NULL))
+ goto error;
return 1;
+
+ error:
+ EVP_MD_CTX_free(pdsactx->mdctx);
+ EVP_MD_free(pdsactx->md);
+ pdsactx->mdctx = NULL;
+ pdsactx->mdsize = 0;
+ pdsactx->md = NULL;
+ return 0;
}
int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data,
if (pdsactx == NULL || params == NULL)
return 0;
+ p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
+ if (p != NULL
+ && !OSSL_PARAM_set_octet_string(p, pdsactx->aid, pdsactx->aid_len))
+ return 0;
+
p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST_SIZE);
if (p != NULL && !OSSL_PARAM_set_size_t(p, pdsactx->mdsize))
return 0;
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
+ OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
OSSL_PARAM_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE, NULL),
OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_END
projects / oweals / openssl.git / commitdiff