static int constructDSASigningKey(struct pgpDigKeyDSA_s *key)
{
int rc;
if (key->dsa_key) {
/* We've already constructed it, so just reuse it */
return 1;
}
/* Create the DSA key */
DSA *dsa = DSA_new();
if (!dsa) return 0;
if (!DSA_set0_pqg(dsa, key->p, key->q, key->g)) {
rc = 0;
goto done;
}
if (!DSA_set0_key(dsa, key->y, NULL)) {
rc = 0;
goto done;
}
key->dsa_key = dsa;
rc = 1;
done:
if (rc == 0) {
DSA_free(dsa);
}
return rc;
}
// Create the OpenSSL representation of the key
void OSSLDSAPublicKey::createOSSLKey()
{
if (dsa != NULL) return;
dsa = DSA_new();
if (dsa == NULL)
{
ERROR_MSG("Could not create DSA object");
return;
}
// Use the OpenSSL implementation and not any engine
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#ifdef WITH_FIPS
if (FIPS_mode())
DSA_set_method(dsa, FIPS_dsa_openssl());
else
DSA_set_method(dsa, DSA_OpenSSL());
#else
DSA_set_method(dsa, DSA_OpenSSL());
#endif
#else
DSA_set_method(dsa, DSA_OpenSSL());
#endif
BIGNUM* bn_p = OSSL::byteString2bn(p);
BIGNUM* bn_q = OSSL::byteString2bn(q);
BIGNUM* bn_g = OSSL::byteString2bn(g);
BIGNUM* bn_pub_key = OSSL::byteString2bn(y);
DSA_set0_pqg(dsa, bn_p, bn_q, bn_g);
DSA_set0_key(dsa, bn_pub_key, NULL);
}
int32_t CryptoNative_DsaKeyCreateByExplicitParameters(
DSA** outDsa,
uint8_t* p,
int32_t pLength,
uint8_t* q,
int32_t qLength,
uint8_t* g,
int32_t gLength,
uint8_t* y,
int32_t yLength,
uint8_t* x,
int32_t xLength)
{
if (!outDsa)
{
assert(false);
return 0;
}
*outDsa = DSA_new();
if (!*outDsa)
{
return 0;
}
DSA* dsa = *outDsa;
BIGNUM* bnP = MakeBignum(p, pLength);
BIGNUM* bnQ = MakeBignum(q, qLength);
BIGNUM* bnG = MakeBignum(g, gLength);
if (!DSA_set0_pqg(dsa, bnP, bnQ, bnG))
{
// BN_free handles NULL input
BN_free(bnP);
BN_free(bnQ);
BN_free(bnG);
return 0;
}
// Control was transferred, do not free.
bnP = NULL;
bnQ = NULL;
bnG = NULL;
BIGNUM* bnY = MakeBignum(y, yLength);
BIGNUM* bnX = MakeBignum(x, xLength);
if (!DSA_set0_key(dsa, bnY, bnX))
{
BN_free(bnY);
BN_free(bnX);
return 0;
}
return 1;
}
int
_libssh2_dsa_new(libssh2_dsa_ctx ** dsactx,
const unsigned char *p,
unsigned long p_len,
const unsigned char *q,
unsigned long q_len,
const unsigned char *g,
unsigned long g_len,
const unsigned char *y,
unsigned long y_len,
const unsigned char *x, unsigned long x_len)
{
BIGNUM * p_bn;
BIGNUM * q_bn;
BIGNUM * g_bn;
BIGNUM * pub_key;
BIGNUM * priv_key = NULL;
p_bn = BN_new();
BN_bin2bn(p, p_len, p_bn);
q_bn = BN_new();
BN_bin2bn(q, q_len, q_bn);
g_bn = BN_new();
BN_bin2bn(g, g_len, g_bn);
pub_key = BN_new();
BN_bin2bn(y, y_len, pub_key);
if(x_len) {
priv_key = BN_new();
BN_bin2bn(x, x_len, priv_key);
}
*dsactx = DSA_new();
#ifdef HAVE_OPAQUE_STRUCTS
DSA_set0_pqg(*dsactx, p_bn, q_bn, g_bn);
#else
(*dsactx)->p = p_bn;
(*dsactx)->g = g_bn;
(*dsactx)->q = q_bn;
#endif
#ifdef HAVE_OPAQUE_STRUCTS
DSA_set0_key(*dsactx, pub_key, priv_key);
#else
(*dsactx)->pub_key = pub_key;
(*dsactx)->priv_key = priv_key;
#endif
return 0;
}
/*
* Returns VAL_NO_ERROR on success, other values on failure
*/
static int
dsasha1_parse_public_key(const u_char *buf, size_t buflen, DSA * dsa)
{
u_char T;
int index = 0;
BIGNUM *bn_p, *bn_q, *bn_g, *bn_y;
if (!dsa || buflen == 0) {
return VAL_BAD_ARGUMENT;
}
T = (u_char) (buf[index]);
index++;
if (index+20 > buflen)
return VAL_BAD_ARGUMENT;
bn_q = BN_bin2bn(buf + index, 20, NULL);
index += 20;
if (index+64 + (T * 8) > buflen)
return VAL_BAD_ARGUMENT;
bn_p = BN_bin2bn(buf + index, 64 + (T * 8), NULL);
index += (64 + (T * 8));
if (index+64 + (T * 8) > buflen)
return VAL_BAD_ARGUMENT;
bn_g = BN_bin2bn(buf + index, 64 + (T * 8), NULL);
index += (64 + (T * 8));
if (index+64 + (T * 8) > buflen)
return VAL_BAD_ARGUMENT;
bn_y = BN_bin2bn(buf + index, 64 + (T * 8), NULL);
index += (64 + (T * 8));
DSA_set0_pqg(dsa, bn_p, bn_q, bn_g);
DSA_set0_key(dsa, bn_y, NULL);
return VAL_NO_ERROR; /* success */
}
static EVP_PKEY *b2i_dss(const unsigned char **in,
unsigned int bitlen, int ispub)
{
const unsigned char *p = *in;
EVP_PKEY *ret = NULL;
DSA *dsa = NULL;
BN_CTX *ctx = NULL;
unsigned int nbyte;
BIGNUM *pbn = NULL, *qbn = NULL, *gbn = NULL, *priv_key = NULL;
BIGNUM *pub_key = NULL;
nbyte = (bitlen + 7) >> 3;
dsa = DSA_new();
ret = EVP_PKEY_new();
if (dsa == NULL || ret == NULL)
goto memerr;
if (!read_lebn(&p, nbyte, &pbn))
goto memerr;
if (!read_lebn(&p, 20, &qbn))
goto memerr;
if (!read_lebn(&p, nbyte, &gbn))
goto memerr;
if (ispub) {
if (!read_lebn(&p, nbyte, &pub_key))
goto memerr;
} else {
if (!read_lebn(&p, 20, &priv_key))
goto memerr;
/* Calculate public key */
pub_key = BN_new();
if (pub_key == NULL)
goto memerr;
if ((ctx = BN_CTX_new()) == NULL)
goto memerr;
if (!BN_mod_exp(pub_key, gbn, priv_key, pbn, ctx))
goto memerr;
BN_CTX_free(ctx);
}
if (!DSA_set0_pqg(dsa, pbn, qbn, gbn))
goto memerr;
pbn = qbn = gbn = NULL;
if (!DSA_set0_key(dsa, pub_key, priv_key))
goto memerr;
EVP_PKEY_set1_DSA(ret, dsa);
DSA_free(dsa);
*in = p;
return ret;
memerr:
PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
DSA_free(dsa);
BN_free(pbn);
BN_free(qbn);
BN_free(gbn);
BN_free(pub_key);
BN_free(priv_key);
EVP_PKEY_free(ret);
BN_CTX_free(ctx);
return NULL;
}
DSA *
sldns_key_buf2dsa_raw(unsigned char* key, size_t len)
{
uint8_t T;
uint16_t length;
uint16_t offset;
DSA *dsa;
BIGNUM *Q; BIGNUM *P;
BIGNUM *G; BIGNUM *Y;
if(len == 0)
return NULL;
T = (uint8_t)key[0];
length = (64 + T * 8);
offset = 1;
if (T > 8) {
return NULL;
}
if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length)
return NULL;
Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL);
offset += SHA_DIGEST_LENGTH;
P = BN_bin2bn(key+offset, (int)length, NULL);
offset += length;
G = BN_bin2bn(key+offset, (int)length, NULL);
offset += length;
Y = BN_bin2bn(key+offset, (int)length, NULL);
/* create the key and set its properties */
if(!Q || !P || !G || !Y || !(dsa = DSA_new())) {
BN_free(Q);
BN_free(P);
BN_free(G);
BN_free(Y);
return NULL;
}
#if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
#ifndef S_SPLINT_S
dsa->p = P;
dsa->q = Q;
dsa->g = G;
dsa->pub_key = Y;
#endif /* splint */
#else /* OPENSSL_VERSION_NUMBER */
if (!DSA_set0_pqg(dsa, P, Q, G)) {
/* QPG not yet attached, need to free */
BN_free(Q);
BN_free(P);
BN_free(G);
DSA_free(dsa);
BN_free(Y);
return NULL;
}
if (!DSA_set0_key(dsa, Y, NULL)) {
/* QPG attached, cleaned up by DSA_fre() */
DSA_free(dsa);
BN_free(Y);
return NULL;
}
#endif
return dsa;
}
