/**
Validate a DSA key
Yeah, this function should've been called dsa_validate_key()
in the first place and for compat-reasons we keep it
as it was (for now).
@param key The key to validate
@param stat [out] Result of test, 1==valid, 0==invalid
@return CRYPT_OK if successful
*/
int dsa_verify_key(dsa_key *key, int *stat)
{
int err;
err = dsa_int_validate_primes(key, stat);
if (err != CRYPT_OK || *stat == 0) return err;
err = dsa_int_validate_pqg(key, stat);
if (err != CRYPT_OK || *stat == 0) return err;
return dsa_int_validate_xy(key, stat);
}
/**
Import DSA's p, q & g from dsaparam
dsaparam data: openssl dsaparam -outform DER -out dsaparam.der 2048
@param dsaparam The DSA param DER encoded data
@param dsaparamlen The length of dhparam data
@param key [out] the destination for the imported key
@return CRYPT_OK if successful.
*/
int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen,
dsa_key *key)
{
int err, stat;
LTC_ARGCHK(dsaparam != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
/* init key */
err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
if (err != CRYPT_OK) return err;
if ((err = der_decode_sequence_multi(dsaparam, dsaparamlen,
LTC_ASN1_INTEGER, 1UL, key->p,
LTC_ASN1_INTEGER, 1UL, key->q,
LTC_ASN1_INTEGER, 1UL, key->g,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
key->qord = mp_unsigned_bin_size(key->q);
/* quick p, q, g validation, without primality testing */
if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) {
goto LBL_ERR;
}
if (stat == 0) {
err = CRYPT_INVALID_PACKET;
goto LBL_ERR;
}
return CRYPT_OK;
LBL_ERR:
dsa_free(key);
return err;
}
/**
Import DSA's p, q & g from raw numbers
@param p DSA's p in binary representation
@param plen The length of p
@param q DSA's q in binary representation
@param qlen The length of q
@param g DSA's g in binary representation
@param glen The length of g
@param key [out] the destination for the imported key
@return CRYPT_OK if successful.
*/
int dsa_set_pqg(const unsigned char *p, unsigned long plen,
const unsigned char *q, unsigned long qlen,
const unsigned char *g, unsigned long glen,
dsa_key *key)
{
int err, stat;
LTC_ARGCHK(p != NULL);
LTC_ARGCHK(q != NULL);
LTC_ARGCHK(g != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
/* init key */
err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
if (err != CRYPT_OK) return err;
if ((err = mp_read_unsigned_bin(key->p, (unsigned char *)p , plen)) != CRYPT_OK) { goto LBL_ERR; }
if ((err = mp_read_unsigned_bin(key->g, (unsigned char *)g , glen)) != CRYPT_OK) { goto LBL_ERR; }
if ((err = mp_read_unsigned_bin(key->q, (unsigned char *)q , qlen)) != CRYPT_OK) { goto LBL_ERR; }
key->qord = mp_unsigned_bin_size(key->q);
/* do only a quick validation, without primality testing */
if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { goto LBL_ERR; }
if (stat == 0) {
err = CRYPT_INVALID_PACKET;
goto LBL_ERR;
}
return CRYPT_OK;
LBL_ERR:
dsa_free(key);
return err;
}
