C++ (Cpp) EVP_PKEY_set1_DSA Beispiele

Beispiel #1

Datei: dsa_prn.c Projekt: RyunosukeOno/rayjack

int DSAparams_print(BIO *bp, const DSA *x)
	{
	EVP_PKEY *pk;
	int ret;
	pk = EVP_PKEY_new();
	if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
		return 0;
	ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
	EVP_PKEY_free(pk);
	return ret;
	}

Beispiel #2

Datei: dsa_prn.c Projekt: RyunosukeOno/rayjack

int DSA_print(BIO *bp, const DSA *x, int off)
	{
	EVP_PKEY *pk;
	int ret;
	pk = EVP_PKEY_new();
	if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
		return 0;
	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
	EVP_PKEY_free(pk);
	return ret;
	}

Beispiel #3

Datei: pem_all.c Projekt: hrulez/Actiontec-V1000H

int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
                            unsigned char *kstr, int klen,
                            pem_password_cb *cb, void *u)
{
    EVP_PKEY *k;
    int ret;
    k = EVP_PKEY_new();
    if (!k)
        return 0;
    EVP_PKEY_set1_DSA(k, x);
    ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
    EVP_PKEY_free(k);
    return ret;
}

Beispiel #4

Datei: x_pubkey.c Projekt: FelipeFernandes1988/Alice-1121-Modem

int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
{
	EVP_PKEY *pktmp;
	int ret;
	if(!a) return 0;
	pktmp = EVP_PKEY_new();
	if(!pktmp) {
		ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
		return 0;
	}
	EVP_PKEY_set1_DSA(pktmp, a);
	ret = i2d_PUBKEY(pktmp, pp);
	EVP_PKEY_free(pktmp);
	return ret;
}

Beispiel #5

Datei: x_pubkey.c Projekt: krunalsoni01/src

int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
	{
	EVP_PKEY *pktmp;
	int ret;
	if(!a) return 0;
	pktmp = EVP_PKEY_new();
	if(!pktmp)
		{
		OPENSSL_PUT_ERROR(X509, i2d_DSA_PUBKEY,  ERR_R_MALLOC_FAILURE);
		return 0;
		}
	EVP_PKEY_set1_DSA(pktmp, (DSA*) a);
	ret = i2d_PUBKEY(pktmp, pp);
	EVP_PKEY_free(pktmp);
	return ret;
	}

Beispiel #6

Datei: dsa.cpp Projekt: aura1213/netmf-interpreter

int MAIN(int argc, char **argv)
{
    ENGINE *e = NULL;
    int ret=1;
    DSA *dsa=NULL;
    int i,badops=0;
    const EVP_CIPHER *enc=NULL;
    BIO *in=NULL,*out=NULL;
    int informat,outformat,text=0,noout=0;
    int pubin = 0, pubout = 0;
    char *infile,*outfile,*prog;
#ifndef OPENSSL_NO_ENGINE
    char *engine;
#endif
    char *passargin = NULL, *passargout = NULL;
    char *passin = NULL, *passout = NULL;
    int modulus=0;

    int pvk_encr = 2;

    apps_startup();

    if (bio_err == NULL)
        if ((bio_err=BIO_new(BIO_s_file())) != NULL)
            BIO_set_fp(bio_err,OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE|BIO_FP_TEXT);

    if (!load_config(bio_err, NULL))
        goto end;

#ifndef OPENSSL_NO_ENGINE
    engine=NULL;
#endif
    infile=NULL;
    outfile=NULL;
    informat=FORMAT_PEM;
    outformat=FORMAT_PEM;

    prog=argv[0];
    argc--;
    argv++;
    while (argc >= 1)
    {
        if 	(TINYCLR_SSL_STRCMP(*argv,"-inform") == 0)
        {
            if (--argc < 1) goto bad;
            informat=str2fmt(*(++argv));
        }
        else if (TINYCLR_SSL_STRCMP(*argv,"-outform") == 0)
        {
            if (--argc < 1) goto bad;
            outformat=str2fmt(*(++argv));
        }
        else if (TINYCLR_SSL_STRCMP(*argv,"-in") == 0)
        {
            if (--argc < 1) goto bad;
            infile= *(++argv);
        }
        else if (TINYCLR_SSL_STRCMP(*argv,"-out") == 0)
        {
            if (--argc < 1) goto bad;
            outfile= *(++argv);
        }
        else if (TINYCLR_SSL_STRCMP(*argv,"-passin") == 0)
        {
            if (--argc < 1) goto bad;
            passargin= *(++argv);
        }
        else if (TINYCLR_SSL_STRCMP(*argv,"-passout") == 0)
        {
            if (--argc < 1) goto bad;
            passargout= *(++argv);
        }
#ifndef OPENSSL_NO_ENGINE
        else if (TINYCLR_SSL_STRCMP(*argv,"-engine") == 0)
        {
            if (--argc < 1) goto bad;
            engine= *(++argv);
        }
#endif
        else if (TINYCLR_SSL_STRCMP(*argv,"-pvk-strong") == 0)
            pvk_encr=2;
        else if (TINYCLR_SSL_STRCMP(*argv,"-pvk-weak") == 0)
            pvk_encr=1;
        else if (TINYCLR_SSL_STRCMP(*argv,"-pvk-none") == 0)
            pvk_encr=0;
        else if (TINYCLR_SSL_STRCMP(*argv,"-noout") == 0)
            noout=1;
        else if (TINYCLR_SSL_STRCMP(*argv,"-text") == 0)
            text=1;
        else if (TINYCLR_SSL_STRCMP(*argv,"-modulus") == 0)
            modulus=1;
        else if (TINYCLR_SSL_STRCMP(*argv,"-pubin") == 0)
            pubin=1;
        else if (TINYCLR_SSL_STRCMP(*argv,"-pubout") == 0)
            pubout=1;
        else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
        {
            BIO_printf(bio_err,"unknown option %s\n",*argv);
            badops=1;
            break;
        }
        argc--;
        argv++;
    }

    if (badops)
    {
bad:
        BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
        BIO_printf(bio_err,"where options are\n");
        BIO_printf(bio_err," -inform arg     input format - DER or PEM\n");
        BIO_printf(bio_err," -outform arg    output format - DER or PEM\n");
        BIO_printf(bio_err," -in arg         input file\n");
        BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
        BIO_printf(bio_err," -out arg        output file\n");
        BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
#ifndef OPENSSL_NO_ENGINE
        BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
#endif
        BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
        BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
        BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
#endif
#ifndef OPENSSL_NO_AES
        BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
        BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_CAMELLIA
        BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
        BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
#endif
#ifndef OPENSSL_NO_SEED
        BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
#endif
        BIO_printf(bio_err," -text           print the key in text\n");
        BIO_printf(bio_err," -noout          don't print key out\n");
        BIO_printf(bio_err," -modulus        print the DSA public value\n");
        goto end;
    }

    ERR_load_crypto_strings();

#ifndef OPENSSL_NO_ENGINE
    e = setup_engine(bio_err, engine, 0);
#endif

    if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }

    in=BIO_new(BIO_s_file());
    out=BIO_new(BIO_s_file());
    if ((in == NULL) || (out == NULL))
    {
        ERR_print_errors(bio_err);
        goto end;
    }

    if (infile == NULL)
        BIO_set_fp(in,OPENSSL_TYPE__FILE_STDIN,BIO_NOCLOSE);
    else
    {
        if (BIO_read_filename(in,infile) <= 0)
        {
            TINYCLR_SSL_PERROR(infile);
            goto end;
        }
    }

    BIO_printf(bio_err,"read DSA key\n");

    {
        EVP_PKEY	*pkey;

        if (pubin)
            pkey = load_pubkey(bio_err, infile, informat, 1,
                               passin, e, "Public Key");
        else
            pkey = load_key(bio_err, infile, informat, 1,
                            passin, e, "Private Key");

        if (pkey)
        {
            dsa = EVP_PKEY_get1_DSA(pkey);
            EVP_PKEY_free(pkey);
        }
    }
    if (dsa == NULL)
    {
        BIO_printf(bio_err,"unable to load Key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

    if (outfile == NULL)
    {
        BIO_set_fp(out,OPENSSL_TYPE__FILE_STDOUT,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
        {
            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
            out = BIO_push(tmpbio, out);
        }
#endif
    }
    else
    {
        if (BIO_write_filename(out,outfile) <= 0)
        {
            TINYCLR_SSL_PERROR(outfile);
            goto end;
        }
    }

    if (text)
        if (!DSA_print(out,dsa,0))
        {
            TINYCLR_SSL_PERROR(outfile);
            ERR_print_errors(bio_err);
            goto end;
        }

    if (modulus)
    {
        TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDOUT,"Public Key=");
        BN_print(out,dsa->pub_key);
        TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDOUT,"\n");
    }

    if (noout) goto end;
    BIO_printf(bio_err,"writing DSA key\n");
    if 	(outformat == FORMAT_ASN1) {
        if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
        else i=i2d_DSAPrivateKey_bio(out,dsa);
    } else if (outformat == FORMAT_PEM) {
        if(pubin || pubout)
            i=PEM_write_bio_DSA_PUBKEY(out,dsa);
        else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
                                               NULL,0,NULL, passout);
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
    } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
        EVP_PKEY *pk;
        pk = EVP_PKEY_new();
        EVP_PKEY_set1_DSA(pk, dsa);
        if (outformat == FORMAT_PVK)
            i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
        else if (pubin || pubout)
            i = i2b_PublicKey_bio(out, pk);
        else
            i = i2b_PrivateKey_bio(out, pk);
        EVP_PKEY_free(pk);
#endif
    } else {
        BIO_printf(bio_err,"bad output format specified for outfile\n");
        goto end;
    }
    if (i <= 0)
    {
        BIO_printf(bio_err,"unable to write private key\n");
        ERR_print_errors(bio_err);
    }
    else
        ret=0;
end:
    if(in != NULL) BIO_free(in);
    if(out != NULL) BIO_free_all(out);
    if(dsa != NULL) DSA_free(dsa);
    if(passin) OPENSSL_free(passin);
    if(passout) OPENSSL_free(passout);
    apps_shutdown();
    OPENSSL_EXIT(ret);
}

Beispiel #7

Datei: pvkfmt.c Projekt: 277800076/openssl

static EVP_PKEY *b2i_dss(const unsigned char **in,
                         unsigned int bitlen, int ispub)
{
    const unsigned char *p = *in;
    EVP_PKEY *ret = NULL;
    DSA *dsa = NULL;
    BN_CTX *ctx = NULL;
    unsigned int nbyte;
    BIGNUM *pbn = NULL, *qbn = NULL, *gbn = NULL, *priv_key = NULL;
    BIGNUM *pub_key = NULL;

    nbyte = (bitlen + 7) >> 3;

    dsa = DSA_new();
    ret = EVP_PKEY_new();
    if (dsa == NULL || ret == NULL)
        goto memerr;
    if (!read_lebn(&p, nbyte, &pbn))
        goto memerr;

    if (!read_lebn(&p, 20, &qbn))
        goto memerr;

    if (!read_lebn(&p, nbyte, &gbn))
        goto memerr;

    if (ispub) {
        if (!read_lebn(&p, nbyte, &pub_key))
            goto memerr;
    } else {
        if (!read_lebn(&p, 20, &priv_key))
            goto memerr;

        /* Calculate public key */
        pub_key = BN_new();
        if (pub_key == NULL)
            goto memerr;
        if ((ctx = BN_CTX_new()) == NULL)
            goto memerr;

        if (!BN_mod_exp(pub_key, gbn, priv_key, pbn, ctx))
            goto memerr;

        BN_CTX_free(ctx);
    }
    if (!DSA_set0_pqg(dsa, pbn, qbn, gbn))
        goto memerr;
    pbn = qbn = gbn = NULL;
    if (!DSA_set0_key(dsa, pub_key, priv_key))
        goto memerr;

    EVP_PKEY_set1_DSA(ret, dsa);
    DSA_free(dsa);
    *in = p;
    return ret;

 memerr:
    PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
    DSA_free(dsa);
    BN_free(pbn);
    BN_free(qbn);
    BN_free(gbn);
    BN_free(pub_key);
    BN_free(priv_key);
    EVP_PKEY_free(ret);
    BN_CTX_free(ctx);
    return NULL;
}

Beispiel #8

Datei: openssldsa_link.c Projekt: 2014-class/freerouter

static isc_result_t
openssldsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
	dst_key_t *key = dctx->key;
	DSA *dsa = key->keydata.dsa;
	int status = 0;
	unsigned char *cp = sig->base;
	DSA_SIG *dsasig;
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
#if 0
	EVP_PKEY *pkey;
	unsigned char *sigbuf;
#endif
	unsigned int siglen;
#else
	isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
#endif
	unsigned char digest[ISC_SHA1_DIGESTLENGTH];


#if USE_EVP
#if 1
	/* Only use EVP for the digest */
	if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &siglen)) {
		return (ISC_R_FAILURE);
	}
#endif
#else
	isc_sha1_final(sha1ctx, digest);
#endif

	if (sig->length != 2 * ISC_SHA1_DIGESTLENGTH + 1) {
		return (DST_R_VERIFYFAILURE);
	}

	cp++;	/*%< Skip T */
	dsasig = DSA_SIG_new();
	if (dsasig == NULL)
		return (ISC_R_NOMEMORY);
	dsasig->r = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL);
	cp += ISC_SHA1_DIGESTLENGTH;
	dsasig->s = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL);

#if 0
	pkey = EVP_PKEY_new();
	if (pkey == NULL)
		return (ISC_R_NOMEMORY);
	if (!EVP_PKEY_set1_DSA(pkey, dsa)) {
		EVP_PKEY_free(pkey);
		return (ISC_R_FAILURE);
	}
	/* Convert to Dss-Sig-Value (RFC2459). */
	sigbuf = malloc(EVP_PKEY_size(pkey) + 50);
	if (sigbuf == NULL) {
		EVP_PKEY_free(pkey);
		return (ISC_R_NOMEMORY);
	}
	siglen = (unsigned) i2d_DSA_SIG(dsasig, &sigbuf);
	INSIST(EVP_PKEY_size(pkey) >= (int) siglen);
	status = EVP_VerifyFinal(evp_md_ctx, sigbuf, siglen, pkey);
	EVP_PKEY_free(pkey);
	free(sigbuf);
#else
	status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa);
#endif
	DSA_SIG_free(dsasig);
	if (status != 1)
		return (dst__openssl_toresult(DST_R_VERIFYFAILURE));

	return (ISC_R_SUCCESS);
}

Beispiel #9

Datei: openssldsa_link.c Projekt: 2014-class/freerouter

static isc_result_t
openssldsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
	dst_key_t *key = dctx->key;
	DSA *dsa = key->keydata.dsa;
	isc_region_t r;
	DSA_SIG *dsasig;
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
	EVP_PKEY *pkey;
	unsigned char *sigbuf;
	const unsigned char *sb;
	unsigned int siglen;
#else
	isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
	unsigned char digest[ISC_SHA1_DIGESTLENGTH];
#endif

	isc_buffer_availableregion(sig, &r);
	if (r.length < ISC_SHA1_DIGESTLENGTH * 2 + 1)
		return (ISC_R_NOSPACE);

#if USE_EVP
	pkey = EVP_PKEY_new();
	if (pkey == NULL)
		return (ISC_R_NOMEMORY);
	if (!EVP_PKEY_set1_DSA(pkey, dsa)) {
		EVP_PKEY_free(pkey);
		return (ISC_R_FAILURE);
	}
	sigbuf = malloc(EVP_PKEY_size(pkey));
	if (sigbuf == NULL) {
		EVP_PKEY_free(pkey);
		return (ISC_R_NOMEMORY);
	}
	if (!EVP_SignFinal(evp_md_ctx, sigbuf, &siglen, pkey)) {
		EVP_PKEY_free(pkey);
		free(sigbuf);
		return (ISC_R_FAILURE);
	}
	INSIST(EVP_PKEY_size(pkey) >= (int) siglen);
	EVP_PKEY_free(pkey);
	/* Convert from Dss-Sig-Value (RFC2459). */
	dsasig = DSA_SIG_new();
	if (dsasig == NULL) {
		free(sigbuf);
		return (ISC_R_NOMEMORY);
	}
	sb = sigbuf;
	if (d2i_DSA_SIG(&dsasig, &sb, (long) siglen) == NULL) {
		free(sigbuf);
		return (ISC_R_FAILURE);
	}
	free(sigbuf);
#elif 0
	/* Only use EVP for the Digest */
	if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &siglen)) {
		return (ISC_R_FAILURE);
	}
	dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa);
	if (dsasig == NULL)
		return (dst__openssl_toresult(DST_R_SIGNFAILURE));
#else
	isc_sha1_final(sha1ctx, digest);

	dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa);
	if (dsasig == NULL)
		return (dst__openssl_toresult(DST_R_SIGNFAILURE));
#endif
	*r.base++ = (key->key_size - 512)/64;
	BN_bn2bin_fixed(dsasig->r, r.base, ISC_SHA1_DIGESTLENGTH);
	r.base += ISC_SHA1_DIGESTLENGTH;
	BN_bn2bin_fixed(dsasig->s, r.base, ISC_SHA1_DIGESTLENGTH);
	r.base += ISC_SHA1_DIGESTLENGTH;
	DSA_SIG_free(dsasig);
	isc_buffer_add(sig, ISC_SHA1_DIGESTLENGTH * 2 + 1);

	return (ISC_R_SUCCESS);
}

Beispiel #10

Datei: dsa.c Projekt: ajinkya93/OpenBSD

int
dsa_main(int argc, char **argv)
{
	int ret = 1;
	DSA *dsa = NULL;
	int i;
	BIO *in = NULL, *out = NULL;
	char *passin = NULL, *passout = NULL;

	memset(&dsa_config, 0, sizeof(dsa_config));

	dsa_config.pvk_encr = 2;
	dsa_config.informat = FORMAT_PEM;
	dsa_config.outformat = FORMAT_PEM;

	if (options_parse(argc, argv, dsa_options, NULL, NULL) != 0) {
		dsa_usage();
		goto end;
	}

	if (!app_passwd(bio_err, dsa_config.passargin, dsa_config.passargout,
	    &passin, &passout)) {
		BIO_printf(bio_err, "Error getting passwords\n");
		goto end;
	}

	in = BIO_new(BIO_s_file());
	out = BIO_new(BIO_s_file());
	if (in == NULL || out == NULL) {
		ERR_print_errors(bio_err);
		goto end;
	}
	if (dsa_config.infile == NULL)
		BIO_set_fp(in, stdin, BIO_NOCLOSE);
	else {
		if (BIO_read_filename(in, dsa_config.infile) <= 0) {
			perror(dsa_config.infile);
			goto end;
		}
	}

	BIO_printf(bio_err, "read DSA key\n");

	{
		EVP_PKEY *pkey;

		if (dsa_config.pubin)
			pkey = load_pubkey(bio_err, dsa_config.infile,
			    dsa_config.informat, 1, passin, "Public Key");
		else
			pkey = load_key(bio_err, dsa_config.infile,
			    dsa_config.informat, 1, passin, "Private Key");

		if (pkey) {
			dsa = EVP_PKEY_get1_DSA(pkey);
			EVP_PKEY_free(pkey);
		}
	}
	if (dsa == NULL) {
		BIO_printf(bio_err, "unable to load Key\n");
		ERR_print_errors(bio_err);
		goto end;
	}
	if (dsa_config.outfile == NULL) {
		BIO_set_fp(out, stdout, BIO_NOCLOSE);
	} else {
		if (BIO_write_filename(out, dsa_config.outfile) <= 0) {
			perror(dsa_config.outfile);
			goto end;
		}
	}

	if (dsa_config.text) {
		if (!DSA_print(out, dsa, 0)) {
			perror(dsa_config.outfile);
			ERR_print_errors(bio_err);
			goto end;
		}
	}
	if (dsa_config.modulus) {
		fprintf(stdout, "Public Key=");
		BN_print(out, dsa->pub_key);
		fprintf(stdout, "\n");
	}
	if (dsa_config.noout)
		goto end;
	BIO_printf(bio_err, "writing DSA key\n");
	if (dsa_config.outformat == FORMAT_ASN1) {
		if (dsa_config.pubin || dsa_config.pubout)
			i = i2d_DSA_PUBKEY_bio(out, dsa);
		else
			i = i2d_DSAPrivateKey_bio(out, dsa);
	} else if (dsa_config.outformat == FORMAT_PEM) {
		if (dsa_config.pubin || dsa_config.pubout)
			i = PEM_write_bio_DSA_PUBKEY(out, dsa);
		else
			i = PEM_write_bio_DSAPrivateKey(out, dsa, dsa_config.enc,
			    NULL, 0, NULL, passout);
#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
	} else if (dsa_config.outformat == FORMAT_MSBLOB ||
	    dsa_config.outformat == FORMAT_PVK) {
		EVP_PKEY *pk;
		pk = EVP_PKEY_new();
		EVP_PKEY_set1_DSA(pk, dsa);
		if (dsa_config.outformat == FORMAT_PVK)
			i = i2b_PVK_bio(out, pk, dsa_config.pvk_encr, 0,
			    passout);
		else if (dsa_config.pubin || dsa_config.pubout)
			i = i2b_PublicKey_bio(out, pk);
		else
			i = i2b_PrivateKey_bio(out, pk);
		EVP_PKEY_free(pk);
#endif
	} else {
		BIO_printf(bio_err, "bad output format specified for outfile\n");
		goto end;
	}
	if (i <= 0) {
		BIO_printf(bio_err, "unable to write private key\n");
		ERR_print_errors(bio_err);
	} else
		ret = 0;
end:
	BIO_free(in);
	if (out != NULL)
		BIO_free_all(out);
	if (dsa != NULL)
		DSA_free(dsa);
	free(passin);
	free(passout);

	return (ret);
}

Beispiel #11

Datei: dsa_no_digest_size_test.c Projekt: IIJ-NetBSD/netbsd-src

static int sign_and_verify(int len)
{
    /*
     * Per FIPS 186-4, the hash is recommended to be the same length as q.
     * If the hash is longer than q, the leftmost N bits are used; if the hash
     * is shorter, then we left-pad (see appendix C.2.1).
     */
    size_t sigLength;
    int digestlen = BN_num_bytes(DSA_get0_q(dsakey));
    int ok = 0;

    unsigned char *dataToSign = OPENSSL_malloc(len);
    unsigned char *paddedData = OPENSSL_malloc(digestlen);
    unsigned char *signature = NULL;
    EVP_PKEY_CTX *ctx = NULL;
    EVP_PKEY *pkey = NULL;

    if (!TEST_ptr(dataToSign) ||
        !TEST_ptr(paddedData) ||
        !TEST_int_eq(RAND_bytes(dataToSign, len), 1))
        goto end;

    memset(paddedData, 0, digestlen);
    if (len > digestlen)
        memcpy(paddedData, dataToSign, digestlen);
    else
        memcpy(paddedData + digestlen - len, dataToSign, len);

    if (!TEST_ptr(pkey = EVP_PKEY_new()))
        goto end;
    EVP_PKEY_set1_DSA(pkey, dsakey);

    if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
        goto end;
    if (!TEST_int_eq(EVP_PKEY_sign_init(ctx), 1))
        goto end;

    if (EVP_PKEY_sign(ctx, NULL, &sigLength, dataToSign, len) != 1) {
        TEST_error("Failed to get signature length, len=%d", len);
        goto end;
    }

    if (!TEST_ptr(signature = OPENSSL_malloc(sigLength)))
        goto end;

    if (EVP_PKEY_sign(ctx, signature, &sigLength, dataToSign, len) != 1) {
        TEST_error("Failed to sign, len=%d", len);
        goto end;
    }

    /* Check that the signature is okay via the EVP interface */
    if (!TEST_int_eq(EVP_PKEY_verify_init(ctx), 1))
        goto end;

    /* ... using the same data we just signed */
    if (EVP_PKEY_verify(ctx, signature, sigLength, dataToSign, len) != 1) {
        TEST_error("EVP verify with unpadded length %d failed\n", len);
        goto end;
    }

    /* ... padding/truncating the data to the appropriate digest size */
    if (EVP_PKEY_verify(ctx, signature, sigLength, paddedData, digestlen) != 1) {
        TEST_error("EVP verify with length %d failed\n", len);
        goto end;
    }

    /* Verify again using the raw DSA interface */
    if (DSA_verify(0, dataToSign, len, signature, sigLength, dsakey) != 1) {
        TEST_error("Verification with unpadded data failed, len=%d", len);
        goto end;
    }

    if (DSA_verify(0, paddedData, digestlen, signature, sigLength, dsakey) != 1) {
        TEST_error("verify with length %d failed\n", len);
        goto end;
    }

    ok = 1;
end:
    EVP_PKEY_CTX_free(ctx);
    EVP_PKEY_free(pkey);

    OPENSSL_free(signature);
    OPENSSL_free(paddedData);
    OPENSSL_free(dataToSign);

    return ok;
}

Beispiel #12

Datei: pal_evp_pkey_dsa.cpp Projekt: AArnott/corefx

extern "C" int32_t CryptoNative_EvpPkeySetDsa(EVP_PKEY* pkey, DSA* dsa)
{
    return EVP_PKEY_set1_DSA(pkey, dsa);
}

Beispiel #13

Datei: softhsm2-keyconv-ossl.cpp Projekt: GarysExperiments2014/SoftHSMv2

// Save the DSA key as a PKCS#8 file
int save_dsa_pkcs8(char* out_path, char* file_pin, key_material_t* pkey)
{
	DSA* dsa = NULL;
	EVP_PKEY* ossl_pkey = NULL;
	PKCS8_PRIV_KEY_INFO* p8inf = NULL;
	BIO* out = NULL;
	X509_SIG* p8 = NULL;
	int result = 0;

	// See if the key material was found.
	if
	(
		pkey[TAG_PRIME].size <= 0 ||
		pkey[TAG_SUBPRIME].size <= 0 ||
		pkey[TAG_BASE].size <= 0 ||
		pkey[TAG_PRIVVAL].size <= 0 ||
		pkey[TAG_PUBVAL].size <= 0
	)
	{
		fprintf(stderr, "ERROR: Some parts of the key material is missing in the input file.\n");
		return 1;
	}

	dsa = DSA_new();
	dsa->p =        BN_bin2bn((unsigned char*)pkey[TAG_PRIME].big,    pkey[TAG_PRIME].size, NULL);
	dsa->q =        BN_bin2bn((unsigned char*)pkey[TAG_SUBPRIME].big, pkey[TAG_SUBPRIME].size, NULL);
	dsa->g =        BN_bin2bn((unsigned char*)pkey[TAG_BASE].big,     pkey[TAG_BASE].size, NULL);
	dsa->priv_key = BN_bin2bn((unsigned char*)pkey[TAG_PRIVVAL].big,  pkey[TAG_PRIVVAL].size, NULL);
	dsa->pub_key =  BN_bin2bn((unsigned char*)pkey[TAG_PUBVAL].big,   pkey[TAG_PUBVAL].size, NULL);
	ossl_pkey = EVP_PKEY_new();

	// Convert DSA to EVP_PKEY
	if (!EVP_PKEY_set1_DSA(ossl_pkey, dsa))
	{
		fprintf(stderr, "ERROR: Could not convert DSA key to EVP_PKEY.\n");
		DSA_free(dsa);
		EVP_PKEY_free(ossl_pkey);
		return 1;
	}
	DSA_free(dsa);

	// Convert EVP_PKEY to PKCS#8
	if (!(p8inf = EVP_PKEY2PKCS8(ossl_pkey)))
	{
		fprintf(stderr, "ERROR: Could not convert EVP_PKEY to PKCS#8.\n");
		EVP_PKEY_free(ossl_pkey);
		return 1;
	}
	EVP_PKEY_free(ossl_pkey);

	// Open output file
	if (!(out = BIO_new_file (out_path, "wb")))
	{
		fprintf(stderr, "ERROR: Could not open the output file.\n");
		PKCS8_PRIV_KEY_INFO_free(p8inf);
		return 1;
	}

	// Write to disk
	if (file_pin == NULL)
	{
		PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
		printf("The key has been written to %s\n", out_path);
	}
	else
	{
		// Encrypt p8
		if (!(p8 = PKCS8_encrypt(NID_pbeWithMD5AndDES_CBC, NULL,
					file_pin, strlen(file_pin), NULL, 
					0, PKCS12_DEFAULT_ITER, p8inf)))
		{
			fprintf(stderr, "ERROR: Could not encrypt the PKCS#8 file\n");
			result = 1;
		}
		else
		{
			PEM_write_bio_PKCS8(out, p8);
			X509_SIG_free(p8);
			printf("The key has been written to %s\n", out_path);
		}
	}

	PKCS8_PRIV_KEY_INFO_free(p8inf);
	BIO_free_all(out);

	return result;
}

Beispiel #14

Datei: dsa.c Projekt: VaryJames/Sample

int dsa_main(int argc, char **argv)
{
    BIO *out = NULL;
    DSA *dsa = NULL;
    ENGINE *e = NULL;
    const EVP_CIPHER *enc = NULL;
    char *infile = NULL, *outfile = NULL, *prog;
    char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
    OPTION_CHOICE o;
    int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
    int i, modulus = 0, pubin = 0, pubout = 0, pvk_encr = 2, ret = 1;

    prog = opt_init(argc, argv, dsa_options);
    while ((o = opt_next()) != OPT_EOF) {
        switch (o) {
        case OPT_EOF:
        case OPT_ERR:
#ifdef OPENSSL_NO_RC4
        case OPT_PVK_STRONG:
        case OPT_PVK_WEAK:
        case OPT_PVK_NONE:
#endif
 opthelp:
            ret = 0;
            BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
            goto end;
        case OPT_HELP:
            opt_help(dsa_options);
            ret = 0;
            goto end;
        case OPT_INFORM:
            if (!opt_format
                (opt_arg(), OPT_FMT_PEMDER | OPT_FMT_PVK, &informat))
                goto opthelp;
            break;
        case OPT_IN:
            infile = opt_arg();
            break;
        case OPT_OUTFORM:
            if (!opt_format
                (opt_arg(), OPT_FMT_PEMDER | OPT_FMT_PVK, &outformat))
                goto opthelp;
            break;
        case OPT_OUT:
            outfile = opt_arg();
            break;
        case OPT_ENGINE:
            e = setup_engine(opt_arg(), 0);
            break;
        case OPT_PASSIN:
            passinarg = opt_arg();
            break;
        case OPT_PASSOUT:
            passoutarg = opt_arg();
            break;
#ifndef OPENSSL_NO_RC4
        case OPT_PVK_STRONG:
            pvk_encr = 2;
            break;
        case OPT_PVK_WEAK:
            pvk_encr = 1;
            break;
        case OPT_PVK_NONE:
            pvk_encr = 0;
            break;
#endif
        case OPT_NOOUT:
            noout = 1;
            break;
        case OPT_TEXT:
            text = 1;
            break;
        case OPT_MODULUS:
            modulus = 1;
            break;
        case OPT_PUBIN:
            pubin = 1;
            break;
        case OPT_PUBOUT:
            pubout = 1;
            break;
        case OPT_CIPHER:
            if (!opt_cipher(opt_unknown(), &enc))
                goto end;
            break;
        }
    }
    argc = opt_num_rest();
    argv = opt_rest();

    if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
        BIO_printf(bio_err, "Error getting passwords\n");
        goto end;
    }

    BIO_printf(bio_err, "read DSA key\n");
    {
        EVP_PKEY *pkey;

        if (pubin)
            pkey = load_pubkey(infile, informat, 1, passin, e, "Public Key");
        else
            pkey = load_key(infile, informat, 1, passin, e, "Private Key");

        if (pkey) {
            dsa = EVP_PKEY_get1_DSA(pkey);
            EVP_PKEY_free(pkey);
        }
    }
    if (dsa == NULL) {
        BIO_printf(bio_err, "unable to load Key\n");
        ERR_print_errors(bio_err);
        goto end;
    }

    out = bio_open_default(outfile, "w");
    if (out == NULL)
        goto end;

    if (text)
        if (!DSA_print(out, dsa, 0)) {
            perror(outfile);
            ERR_print_errors(bio_err);
            goto end;
        }

    if (modulus) {
        BIO_printf(out, "Public Key=");
        BN_print(out, dsa->pub_key);
        BIO_printf(out, "\n");
    }

    if (noout) {
        ret = 0;
        goto end;
    }
    BIO_printf(bio_err, "writing DSA key\n");
    if (outformat == FORMAT_ASN1) {
        if (pubin || pubout)
            i = i2d_DSA_PUBKEY_bio(out, dsa);
        else
            i = i2d_DSAPrivateKey_bio(out, dsa);
    } else if (outformat == FORMAT_PEM) {
        if (pubin || pubout)
            i = PEM_write_bio_DSA_PUBKEY(out, dsa);
        else
            i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
                                            NULL, 0, NULL, passout);
# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
    } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
        EVP_PKEY *pk;
        pk = EVP_PKEY_new();
        EVP_PKEY_set1_DSA(pk, dsa);
        if (outformat == FORMAT_PVK)
            i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
        else if (pubin || pubout)
            i = i2b_PublicKey_bio(out, pk);
        else
            i = i2b_PrivateKey_bio(out, pk);
        EVP_PKEY_free(pk);
# endif
    } else {
        BIO_printf(bio_err, "bad output format specified for outfile\n");
        goto end;
    }
    if (i <= 0) {
        BIO_printf(bio_err, "unable to write private key\n");
        ERR_print_errors(bio_err);
        goto end;
    }
    ret = 0;
 end:
    BIO_free_all(out);
    DSA_free(dsa);
    if (passin)
        OPENSSL_free(passin);
    if (passout)
        OPENSSL_free(passout);
    return (ret);
}

Beispiel #15

Datei: pvkfmt.cpp Projekt: Wampamba-Nooh/MicroFrameworkSDK-Mono

static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
						unsigned int bitlen, int ispub)
	{
	const unsigned char *p = *in;
	EVP_PKEY *ret = NULL;
	DSA *dsa = NULL;
	BN_CTX *ctx = NULL;
	unsigned int nbyte;
	nbyte = (bitlen + 7) >> 3;

	dsa = DSA_new();
	ret = EVP_PKEY_new();
	if (!dsa || !ret)
		goto memerr;
	if (!read_lebn(&p, nbyte, &dsa->p))
		goto memerr;
	if (!read_lebn(&p, 20, &dsa->q))
		goto memerr;
	if (!read_lebn(&p, nbyte, &dsa->g))
		goto memerr;
	if (ispub)
		{
		if (!read_lebn(&p, nbyte, &dsa->pub_key))
			goto memerr;
		}
	else
		{
		if (!read_lebn(&p, 20, &dsa->priv_key))
			goto memerr;
		/* Calculate public key */
		if (!(dsa->pub_key = BN_new()))
			goto memerr;
		if (!(ctx = BN_CTX_new()))
			goto memerr;
			
		if (!BN_mod_exp(dsa->pub_key, dsa->g,
						 dsa->priv_key, dsa->p, ctx))
			
			goto memerr;
		BN_CTX_free(ctx);
		}

	EVP_PKEY_set1_DSA(ret, dsa);
	DSA_free(dsa);
	*in = p;
	return ret;

	memerr:
	PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
	if (dsa)
		DSA_free(dsa);
	if (ret)
		EVP_PKEY_free(ret);
	if (ctx)
		BN_CTX_free(ctx);
	return NULL;
	}