/** Validate a DSA key Yeah, this function should've been called dsa_validate_key() in the first place and for compat-reasons we keep it as it was (for now). @param key The key to validate @param stat [out] Result of test, 1==valid, 0==invalid @return CRYPT_OK if successful */ int dsa_verify_key(dsa_key *key, int *stat) { int err; err = dsa_int_validate_primes(key, stat); if (err != CRYPT_OK || *stat == 0) return err; err = dsa_int_validate_pqg(key, stat); if (err != CRYPT_OK || *stat == 0) return err; return dsa_int_validate_xy(key, stat); }
/** Import DSA's p, q & g from dsaparam dsaparam data: openssl dsaparam -outform DER -out dsaparam.der 2048 @param dsaparam The DSA param DER encoded data @param dsaparamlen The length of dhparam data @param key [out] the destination for the imported key @return CRYPT_OK if successful. */ int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key) { int err, stat; LTC_ARGCHK(dsaparam != NULL); LTC_ARGCHK(key != NULL); LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); if (err != CRYPT_OK) return err; if ((err = der_decode_sequence_multi(dsaparam, dsaparamlen, LTC_ASN1_INTEGER, 1UL, key->p, LTC_ASN1_INTEGER, 1UL, key->q, LTC_ASN1_INTEGER, 1UL, key->g, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } key->qord = mp_unsigned_bin_size(key->q); /* quick p, q, g validation, without primality testing */ if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { goto LBL_ERR; } if (stat == 0) { err = CRYPT_INVALID_PACKET; goto LBL_ERR; } return CRYPT_OK; LBL_ERR: dsa_free(key); return err; }
/** Import DSA's p, q & g from raw numbers @param p DSA's p in binary representation @param plen The length of p @param q DSA's q in binary representation @param qlen The length of q @param g DSA's g in binary representation @param glen The length of g @param key [out] the destination for the imported key @return CRYPT_OK if successful. */ int dsa_set_pqg(const unsigned char *p, unsigned long plen, const unsigned char *q, unsigned long qlen, const unsigned char *g, unsigned long glen, dsa_key *key) { int err, stat; LTC_ARGCHK(p != NULL); LTC_ARGCHK(q != NULL); LTC_ARGCHK(g != NULL); LTC_ARGCHK(key != NULL); LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); if (err != CRYPT_OK) return err; if ((err = mp_read_unsigned_bin(key->p, (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = mp_read_unsigned_bin(key->g, (unsigned char *)g , glen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = mp_read_unsigned_bin(key->q, (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; } key->qord = mp_unsigned_bin_size(key->q); /* do only a quick validation, without primality testing */ if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { goto LBL_ERR; } if (stat == 0) { err = CRYPT_INVALID_PACKET; goto LBL_ERR; } return CRYPT_OK; LBL_ERR: dsa_free(key); return err; }