static int constructDSASigningKey(struct pgpDigKeyDSA_s *key) { int rc; if (key->dsa_key) { /* We've already constructed it, so just reuse it */ return 1; } /* Create the DSA key */ DSA *dsa = DSA_new(); if (!dsa) return 0; if (!DSA_set0_pqg(dsa, key->p, key->q, key->g)) { rc = 0; goto done; } if (!DSA_set0_key(dsa, key->y, NULL)) { rc = 0; goto done; } key->dsa_key = dsa; rc = 1; done: if (rc == 0) { DSA_free(dsa); } return rc; }
// Create the OpenSSL representation of the key void OSSLDSAPublicKey::createOSSLKey() { if (dsa != NULL) return; dsa = DSA_new(); if (dsa == NULL) { ERROR_MSG("Could not create DSA object"); return; } // Use the OpenSSL implementation and not any engine #if OPENSSL_VERSION_NUMBER < 0x10100000L #ifdef WITH_FIPS if (FIPS_mode()) DSA_set_method(dsa, FIPS_dsa_openssl()); else DSA_set_method(dsa, DSA_OpenSSL()); #else DSA_set_method(dsa, DSA_OpenSSL()); #endif #else DSA_set_method(dsa, DSA_OpenSSL()); #endif BIGNUM* bn_p = OSSL::byteString2bn(p); BIGNUM* bn_q = OSSL::byteString2bn(q); BIGNUM* bn_g = OSSL::byteString2bn(g); BIGNUM* bn_pub_key = OSSL::byteString2bn(y); DSA_set0_pqg(dsa, bn_p, bn_q, bn_g); DSA_set0_key(dsa, bn_pub_key, NULL); }
int32_t CryptoNative_DsaKeyCreateByExplicitParameters( DSA** outDsa, uint8_t* p, int32_t pLength, uint8_t* q, int32_t qLength, uint8_t* g, int32_t gLength, uint8_t* y, int32_t yLength, uint8_t* x, int32_t xLength) { if (!outDsa) { assert(false); return 0; } *outDsa = DSA_new(); if (!*outDsa) { return 0; } DSA* dsa = *outDsa; BIGNUM* bnP = MakeBignum(p, pLength); BIGNUM* bnQ = MakeBignum(q, qLength); BIGNUM* bnG = MakeBignum(g, gLength); if (!DSA_set0_pqg(dsa, bnP, bnQ, bnG)) { // BN_free handles NULL input BN_free(bnP); BN_free(bnQ); BN_free(bnG); return 0; } // Control was transferred, do not free. bnP = NULL; bnQ = NULL; bnG = NULL; BIGNUM* bnY = MakeBignum(y, yLength); BIGNUM* bnX = MakeBignum(x, xLength); if (!DSA_set0_key(dsa, bnY, bnX)) { BN_free(bnY); BN_free(bnX); return 0; } return 1; }
int _libssh2_dsa_new(libssh2_dsa_ctx ** dsactx, const unsigned char *p, unsigned long p_len, const unsigned char *q, unsigned long q_len, const unsigned char *g, unsigned long g_len, const unsigned char *y, unsigned long y_len, const unsigned char *x, unsigned long x_len) { BIGNUM * p_bn; BIGNUM * q_bn; BIGNUM * g_bn; BIGNUM * pub_key; BIGNUM * priv_key = NULL; p_bn = BN_new(); BN_bin2bn(p, p_len, p_bn); q_bn = BN_new(); BN_bin2bn(q, q_len, q_bn); g_bn = BN_new(); BN_bin2bn(g, g_len, g_bn); pub_key = BN_new(); BN_bin2bn(y, y_len, pub_key); if(x_len) { priv_key = BN_new(); BN_bin2bn(x, x_len, priv_key); } *dsactx = DSA_new(); #ifdef HAVE_OPAQUE_STRUCTS DSA_set0_pqg(*dsactx, p_bn, q_bn, g_bn); #else (*dsactx)->p = p_bn; (*dsactx)->g = g_bn; (*dsactx)->q = q_bn; #endif #ifdef HAVE_OPAQUE_STRUCTS DSA_set0_key(*dsactx, pub_key, priv_key); #else (*dsactx)->pub_key = pub_key; (*dsactx)->priv_key = priv_key; #endif return 0; }
/* * Returns VAL_NO_ERROR on success, other values on failure */ static int dsasha1_parse_public_key(const u_char *buf, size_t buflen, DSA * dsa) { u_char T; int index = 0; BIGNUM *bn_p, *bn_q, *bn_g, *bn_y; if (!dsa || buflen == 0) { return VAL_BAD_ARGUMENT; } T = (u_char) (buf[index]); index++; if (index+20 > buflen) return VAL_BAD_ARGUMENT; bn_q = BN_bin2bn(buf + index, 20, NULL); index += 20; if (index+64 + (T * 8) > buflen) return VAL_BAD_ARGUMENT; bn_p = BN_bin2bn(buf + index, 64 + (T * 8), NULL); index += (64 + (T * 8)); if (index+64 + (T * 8) > buflen) return VAL_BAD_ARGUMENT; bn_g = BN_bin2bn(buf + index, 64 + (T * 8), NULL); index += (64 + (T * 8)); if (index+64 + (T * 8) > buflen) return VAL_BAD_ARGUMENT; bn_y = BN_bin2bn(buf + index, 64 + (T * 8), NULL); index += (64 + (T * 8)); DSA_set0_pqg(dsa, bn_p, bn_q, bn_g); DSA_set0_key(dsa, bn_y, NULL); return VAL_NO_ERROR; /* success */ }
static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int bitlen, int ispub) { const unsigned char *p = *in; EVP_PKEY *ret = NULL; DSA *dsa = NULL; BN_CTX *ctx = NULL; unsigned int nbyte; BIGNUM *pbn = NULL, *qbn = NULL, *gbn = NULL, *priv_key = NULL; BIGNUM *pub_key = NULL; nbyte = (bitlen + 7) >> 3; dsa = DSA_new(); ret = EVP_PKEY_new(); if (dsa == NULL || ret == NULL) goto memerr; if (!read_lebn(&p, nbyte, &pbn)) goto memerr; if (!read_lebn(&p, 20, &qbn)) goto memerr; if (!read_lebn(&p, nbyte, &gbn)) goto memerr; if (ispub) { if (!read_lebn(&p, nbyte, &pub_key)) goto memerr; } else { if (!read_lebn(&p, 20, &priv_key)) goto memerr; /* Calculate public key */ pub_key = BN_new(); if (pub_key == NULL) goto memerr; if ((ctx = BN_CTX_new()) == NULL) goto memerr; if (!BN_mod_exp(pub_key, gbn, priv_key, pbn, ctx)) goto memerr; BN_CTX_free(ctx); } if (!DSA_set0_pqg(dsa, pbn, qbn, gbn)) goto memerr; pbn = qbn = gbn = NULL; if (!DSA_set0_key(dsa, pub_key, priv_key)) goto memerr; EVP_PKEY_set1_DSA(ret, dsa); DSA_free(dsa); *in = p; return ret; memerr: PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); DSA_free(dsa); BN_free(pbn); BN_free(qbn); BN_free(gbn); BN_free(pub_key); BN_free(priv_key); EVP_PKEY_free(ret); BN_CTX_free(ctx); return NULL; }
DSA * sldns_key_buf2dsa_raw(unsigned char* key, size_t len) { uint8_t T; uint16_t length; uint16_t offset; DSA *dsa; BIGNUM *Q; BIGNUM *P; BIGNUM *G; BIGNUM *Y; if(len == 0) return NULL; T = (uint8_t)key[0]; length = (64 + T * 8); offset = 1; if (T > 8) { return NULL; } if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length) return NULL; Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL); offset += SHA_DIGEST_LENGTH; P = BN_bin2bn(key+offset, (int)length, NULL); offset += length; G = BN_bin2bn(key+offset, (int)length, NULL); offset += length; Y = BN_bin2bn(key+offset, (int)length, NULL); /* create the key and set its properties */ if(!Q || !P || !G || !Y || !(dsa = DSA_new())) { BN_free(Q); BN_free(P); BN_free(G); BN_free(Y); return NULL; } #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) #ifndef S_SPLINT_S dsa->p = P; dsa->q = Q; dsa->g = G; dsa->pub_key = Y; #endif /* splint */ #else /* OPENSSL_VERSION_NUMBER */ if (!DSA_set0_pqg(dsa, P, Q, G)) { /* QPG not yet attached, need to free */ BN_free(Q); BN_free(P); BN_free(G); DSA_free(dsa); BN_free(Y); return NULL; } if (!DSA_set0_key(dsa, Y, NULL)) { /* QPG attached, cleaned up by DSA_fre() */ DSA_free(dsa); BN_free(Y); return NULL; } #endif return dsa; }