static int constructDSASignature(struct pgpDigSigDSA_s *sig)
{
int rc;
if (sig->dsa_sig) {
/* We've already constructed it, so just reuse it */
return 1;
}
/* Create the DSA signature */
DSA_SIG *dsa_sig = DSA_SIG_new();
if (!dsa_sig) return 0;
if (!DSA_SIG_set0(dsa_sig, sig->r, sig->s)) {
rc = 0;
goto done;
}
sig->dsa_sig = dsa_sig;
rc = 1;
done:
if (rc == 0) {
DSA_SIG_free(sig->dsa_sig);
}
return rc;
}
int
_libssh2_dsa_sha1_verify(libssh2_dsa_ctx * dsactx,
const unsigned char *sig,
const unsigned char *m, unsigned long m_len)
{
unsigned char hash[SHA_DIGEST_LENGTH];
DSA_SIG * dsasig;
BIGNUM * r;
BIGNUM * s;
int ret = -1;
r = BN_new();
BN_bin2bn(sig, 20, r);
s = BN_new();
BN_bin2bn(sig + 20, 20, s);
dsasig = DSA_SIG_new();
#ifdef HAVE_OPAQUE_STRUCTS
DSA_SIG_set0(dsasig, r, s);
#else
dsasig->r = r;
dsasig->s = s;
#endif
if(!_libssh2_sha1(m, m_len, hash))
/* _libssh2_sha1() succeeded */
ret = DSA_do_verify(hash, SHA_DIGEST_LENGTH, dsasig, dsactx);
DSA_SIG_free(dsasig);
return (ret == 1) ? 0 : -1;
}
int HsOpenSSL_dsa_verify(DSA *dsa, const unsigned char *ddata, int dlen,
const BIGNUM *r, const BIGNUM *s) {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
DSA_SIG* sig = DSA_SIG_new();
DSA_SIG_set0(sig, BN_dup(r), BN_dup(s));
int res = DSA_do_verify(ddata, dlen, sig, dsa);
DSA_SIG_free(sig);
return res;
#else
DSA_SIG sig;
sig.r = (BIGNUM *)r;
sig.s = (BIGNUM *)s;
return dsa->meth->dsa_do_verify(ddata, dlen, &sig, dsa);
#endif
}
/* Unpack signature according to cryptopro rules */
DSA_SIG *unpack_cp_signature(const unsigned char *sigbuf, size_t siglen)
{
DSA_SIG *sig;
BIGNUM *r = NULL, *s = NULL;
sig = DSA_SIG_new();
if (sig == NULL) {
GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, ERR_R_MALLOC_FAILURE);
return NULL;
}
s = BN_bin2bn(sigbuf, siglen / 2, NULL);
r = BN_bin2bn(sigbuf + siglen / 2, siglen / 2, NULL);
DSA_SIG_set0(sig, r, s);
return sig;
}
/**
* Setup DSA key digest in DER encoding ...
* @param sig: input is signature output alloced ptr (unless failure).
* caller must free alloced ptr if this routine returns true.
* @param len: input is initial siglen, output is output len.
* @return false on failure.
*/
static int
setup_dsa_sig(unsigned char** sig, unsigned int* len)
{
unsigned char* orig = *sig;
unsigned int origlen = *len;
int newlen;
BIGNUM *R, *S;
DSA_SIG *dsasig;
/* extract the R and S field from the sig buffer */
if(origlen < 1 + 2*SHA_DIGEST_LENGTH)
return 0;
R = BN_new();
if(!R) return 0;
(void) BN_bin2bn(orig + 1, SHA_DIGEST_LENGTH, R);
S = BN_new();
if(!S) return 0;
(void) BN_bin2bn(orig + 21, SHA_DIGEST_LENGTH, S);
dsasig = DSA_SIG_new();
if(!dsasig) return 0;
#ifdef HAVE_DSA_SIG_SET0
if(!DSA_SIG_set0(dsasig, R, S)) return 0;
#else
dsasig->r = R;
dsasig->s = S;
#endif
*sig = NULL;
newlen = i2d_DSA_SIG(dsasig, sig);
if(newlen < 0) {
DSA_SIG_free(dsasig);
free(*sig);
return 0;
}
*len = (unsigned int)newlen;
DSA_SIG_free(dsasig);
return 1;
}
static
DSA_SIG *
__pkcs11h_openssl_dsa_do_sign(
IN const unsigned char *dgst,
IN int dlen,
OUT DSA *dsa
) {
pkcs11h_certificate_t certificate = __pkcs11h_openssl_dsa_get_pkcs11h_certificate (dsa);
unsigned char *sigbuf = NULL;
size_t siglen;
DSA_SIG *sig = NULL;
DSA_SIG *ret = NULL;
BIGNUM *r = NULL;
BIGNUM *s = NULL;
CK_RV rv = CKR_FUNCTION_FAILED;
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: __pkcs11h_openssl_dsa_do_sign - entered dgst=%p, dlen=%d, dsa=%p",
(void *)dgst,
dlen,
(void *)dsa
);
_PKCS11H_ASSERT (dgst!=NULL);
_PKCS11H_ASSERT (dsa!=NULL);
_PKCS11H_ASSERT (certificate!=NULL);
if (
(rv = pkcs11h_certificate_signAny (
certificate,
CKM_DSA,
dgst,
(size_t)dlen,
NULL,
&siglen
)) != CKR_OK
) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot perform signature %ld:'%s'", rv, pkcs11h_getMessage (rv));
goto cleanup;
}
if ((rv = _pkcs11h_mem_malloc ((void *)&sigbuf, siglen)) != CKR_OK) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot cannot allocate signature buffer");
goto cleanup;
}
if (
(rv = pkcs11h_certificate_signAny (
certificate,
CKM_DSA,
dgst,
(size_t)dlen,
sigbuf,
&siglen
)) != CKR_OK
) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot perform signature %ld:'%s'", rv, pkcs11h_getMessage (rv));
goto cleanup;
}
if ((sig = DSA_SIG_new ()) == NULL) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot allocate DSA_SIG");
goto cleanup;
}
if ((r = BN_bin2bn (&sigbuf[0], siglen/2, NULL)) == NULL) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot convert dsa r");
goto cleanup;
}
if ((s = BN_bin2bn (&sigbuf[siglen/2], siglen/2, NULL)) == NULL) {
_PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot convert dsa s");
goto cleanup;
}
DSA_SIG_set0 (sig, r, s);
ret = sig;
sig = NULL;
r = NULL;
s = NULL;
cleanup:
if (sigbuf != NULL) {
_pkcs11h_mem_free ((void *)&sigbuf);
}
if (sig != NULL) {
DSA_SIG_free (sig);
sig = NULL;
}
if (r != NULL) {
BN_clear_free (r);
}
if (s != NULL) {
BN_clear_free (s);
}
_PKCS11H_DEBUG (
PKCS11H_LOG_DEBUG2,
"PKCS#11: __pkcs11h_openssl_dsa_do_sign - return sig=%p",
(void *)sig
);
return ret;
}
