int
key_verify(struct key *k, u_char *msg, int mlen, u_char *sig, int slen)
{
switch (k->type) {
case KEY_RSA:
if (RSA_verify(NID_sha1, msg, mlen,
sig, slen, (RSA *)k->data) <= 0) {
fprintf(stderr, "RSA verification failed\n");
return (-1);
}
break;
case KEY_DSA:
if (DSA_verify(NID_sha1, msg, mlen,
sig, slen, (DSA *)k->data) <= 0) {
fprintf(stderr, "DSA verification failed\n");
return (-1);
}
break;
default:
fprintf(stderr, "Unknown key type: %d\n", k->type);
return (-1);
}
return (slen);
}
void openssl_dsa_crypt()
{
DSA *d;
unsigned int size, len;
unsigned char inputs[COMM_LEN] = "dsa crypt";
unsigned char outputs[MAX1_LEN] = { 0 };
printf("\nDSA generate key:\n");
d = DSA_new();
DSA_generate_parameters_ex(d, LINE_LEN, NULL, 0, NULL, NULL, NULL);
DSA_generate_key(d);
DSA_print_fp(stdout, d, 0);
DSA_sign(NID_md5_sha1, inputs, 20, outputs, &len, d);
printf("DSA_sign(%s) = ", inputs);
for (size = 0; size < len; size++)
printf("%.02x", outputs[size]);
printf("\n");
DSA_verify(NID_md5_sha1, inputs, 20, outputs, len, d);
printf("DSA_verify(");
for (size = 0; size < len; size++)
printf("%.02x", outputs[size]);
printf(") = %s\n", inputs);
DSA_free(d);
}
/** Verifies a DSA signature to ensure it matches the specified digest.
*
* @param[in] key - The verifying key.
* @param[in] digest - The digest buffer to be verified.
* @param[in] digestlen - The length of @p digest.
* @param[in] signature - The ASN.1 DER encoded signature.
* @param[in] signaturelen - The length of @p signature.
*
* @return True (1) if the signature is value; False (0) if not.
*/
int SLPCryptoDSAVerify(SLPCryptoDSAKey * key, const unsigned char * digest,
int digestlen, const unsigned char * signature, int signaturelen)
{
/* it does not look like the type param is used? */
/* broken DSA_verify() declaration */
return DSA_verify(0, digest, digestlen, (unsigned char *)signature,
signaturelen, key);
}
static int dsa_test(void)
{
BN_GENCB *cb;
DSA *dsa = NULL;
int counter, ret = 0, i, j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
const BIGNUM *p = NULL, *q = NULL, *g = NULL;
if (!TEST_ptr(cb = BN_GENCB_new()))
goto end;
BN_GENCB_set(cb, dsa_cb, NULL);
if (!TEST_ptr(dsa = DSA_new())
|| !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20,
&counter, &h, cb)))
goto end;
if (!TEST_int_eq(counter, 105))
goto end;
if (!TEST_int_eq(h, 2))
goto end;
DSA_get0_pqg(dsa, &p, &q, &g);
i = BN_bn2bin(q, buf);
j = sizeof(out_q);
if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i))
goto end;
i = BN_bn2bin(p, buf);
j = sizeof(out_p);
if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i))
goto end;
i = BN_bn2bin(g, buf);
j = sizeof(out_g);
if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i))
goto end;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa)))
ret = 1;
end:
DSA_free(dsa);
BN_GENCB_free(cb);
return ret;
}
int main()
{
DSA *key;
FILE *fp1, *fp2;
unsigned char digest[8] = "1234567";
int siglen;
unsigned char signature[1000];
int retcode;
key = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);
if (key == NULL)
{
printf("\nFailed to generate parameters\n");
exit(1);
}
fp1 = fopen("params.dat", "w");
DSAparams_print_fp(fp1, key);
fclose(fp1);
DSA_generate_key(key);
if (key == NULL)
{
printf("\nFailed to generate key\n");
exit(1);
}
fp2 = fopen("key.dat", "w");
DSA_print_fp(fp2, key, 0);
fclose(fp2);
retcode = DSA_sign(0, digest, 8, signature, &siglen, key);
if (retcode == 0)
{
printf("\n *** Error in signing ***\n\n");
exit(1);
}
printf("\n%s\n",signature);
retcode = DSA_verify(0, digest, 8, signature, siglen, key);
if (retcode == 1)
printf("\n *** Valid signature ***\n\n");
if (retcode == 0)
printf("\n *** Incorrect signature ***\n\n");
if (retcode == -1)
printf("\n *** Error in verifying ***\n\n");
DSA_free(key);
return 0;
}
int main(int argc, char **argv)
{
DSA *dsa;
unsigned char* input_string;
unsigned char* sign_string;
unsigned int sig_len;
unsigned int i;
if ( argc != 2 )
{
fprintf(stderr, "%s <plain text>\n", argv[0]);
exit(-1);
}
input_string = (unsigned char*)calloc(strlen(argv[1]) + 1, sizeof(unsigned char));
if ( input_string == NULL )
{
fprintf(stderr, "Unable to allocate memory for input_string\n");
exit(-1);
}
strncpy((char *)input_string, argv[1], strlen(argv[1]));
dsa = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);
DSA_generate_key(dsa);
sign_string = (unsigned char *)calloc(DSA_size(dsa), sizeof(unsigned char));
if ( sign_string == NULL )
{
fprintf(stderr, "Unable to allocate memory for sign_string\n");
exit(-1);
}
if ( DSA_sign(0, input_string, strlen((char *)input_string), sign_string, &sig_len, dsa) == 0 )
{
fprintf(stderr, "Sign error\n");
exit(-1);
}
int is_valid_signature = DSA_verify(0, input_string, strlen((char*)input_string), sign_string, sig_len, dsa);
DSAparams_print_fp(stdout, dsa);
printf("input_string = %s\n", input_string);
printf("signed string = ");
for ( i = 0; i < sig_len; i++ )
printf("%x%x", (sign_string[i] >> 4) & 0xf, sign_string[i] & 0xf);
printf("\n");
printf("is_valid_signature? = %d\n", is_valid_signature);
return 0;
}
static int fips_check_dsa(DSA *dsa)
{
static const unsigned char str1[]="12345678901234567890";
unsigned char sig[256];
unsigned int siglen;
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1)
{
FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED);
return 0;
}
return 1;
}
int lm_verify(unsigned char *msg,int msglen,unsigned char *psign,int siglen)
{
int i;
DSA *dsa;
int rv;
unsigned char pubkey[] = { 0x1c,0x54,0xc4,0xe7,0x22,0xdb,0xe8,0xf1,0x92,0x8a,0x7d,0xbb,0xa9,0x8f,0x4d,0x2f,0x58,0xf4,0x9c,0x3f,0x43,0xc3,0x33,0xf6,0x44,0xdb,0xb5,0xe4,0x1e,0x32,0x30,0x19,0x04,0x26,0x9c,0x46,0x23,0x2f,0x9b,0x79,0xc7,0x24,0x33,0x76,0x8c,0x01,0x1c,0x36,0xbc,0xb9,0x8d,0x9f,0x93,0xca,0x51,0x8a,0x6a,0xe6,0xe5,0x2c,0x95,0xe4,0xea,0xa8,0xbb,0x4e,0x22,0x85,0x39,0x3b,0xa7,0x0d,0x60,0xe3,0x4d,0x21,0x02,0xb3,0x7f,0xb3,0x8b,0xfa,0x8f,0x7e,0xf3,0x13,0xbe,0x9a,0xa8,0x36,0x99,0xb5,0x9d,0x0c,0x7a,0xeb,0x4c,0xc8,0x6d,0x56,0x9a,0xfc,0x3b,0xe8,0xb9,0xba,0xd4,0x44,0x42,0x3b,0x5b,0xab,0x5b,0xb0,0x20,0xb1,0x9f,0xc2,0x44,0x76,0x56,0x6c,0x2b,0xd8,0x3d,0xb4,0x17,0xf5 };
unsigned char P[] = { 0x00,0x88,0xba,0x41,0x3b,0xfc,0x42,0x43,0x61,0x1f,0x2e,0x29,0x06,0xf6,0xb9,0xf6,0x7d,0x39,0x3d,0xa1,0xe0,0x3b,0xb5,0x97,0x3d,0x65,0xa8,0x53,0xe4,0xb8,0x8d,0x4f,0x15,0x86,0xe5,0x80,0x6d,0x38,0x3b,0xa5,0x04,0x3d,0x8f,0x27,0x1c,0x18,0x64,0x56,0x9b,0x21,0xa1,0xc9,0xcd,0x9e,0x9c,0x1d,0x47,0x03,0xd3,0xa1,0x28,0x72,0xe2,0x60,0x4d,0x69,0x78,0x9a,0x9f,0x95,0x89,0x7c,0x60,0xc9,0x21,0x67,0x19,0xc5,0xae,0x08,0x66,0x75,0xa0,0xbd,0xe6,0x22,0xfa,0xf8,0x5c,0x6c,0xfc,0x5a,0x97,0x69,0xf2,0x74,0x36,0x71,0xc2,0x11,0x05,0xff,0xac,0x18,0xdf,0x69,0x02,0x08,0xd5,0x5e,0x4f,0x51,0xa6,0x28,0x58,0xeb,0x6f,0x59,0xad,0x35,0xed,0x23,0x3c,0xf8,0x3b,0x35,0x42,0x6a,0x71};
unsigned char Q[] = {00,0xc3,0x19,0x31,0x76,0xb2,0xe4,0xa8,0x1e,0x9e,0xc7,0x7b,0x07,0x0b,0xdc,0x77,0xab,0x9d,0xda,0x31,0x65};
unsigned char G[] = { 0x0b,0x61,0x3c,0xee,0x68,0x48,0x61,0xfe,0x00,0x40,0xfe,0xb9,0xa5,0xbd,0x6a,0xa5,0x6e,0xb4,0x92,0x7c,0x4b,0x36,0x90,0xa0,0x49,0x3a,0xa3,0x52,0xa5,0xd1,0xb5,0xfa,0x3d,0x50,0xd1,0x62,0x23,0xa1,0xfc,0x9d,0x1e,0xc6,0x05,0xba,0x14,0x96,0x4c,0x18,0x7a,0x7e,0x81,0x37,0xd5,0xe9,0xc5,0x40,0x44,0x84,0xac,0x75,0x25,0xea,0xbe,0x6f,0x48,0xf8,0xf5,0x29,0xc0,0xd2,0xd9,0xad,0x64,0xad,0x1a,0x0f,0x6f,0xc7,0x2e,0x76,0x2e,0x61,0x1f,0xf9,0x20,0xe9,0x01,0x3f,0xe1,0x86,0x06,0xf0,0x92,0x15,0xe4,0xc7,0x38,0x99,0xde,0x80,0xd4,0x87,0x41,0xb4,0x71,0x64,0x9e,0x5a,0x10,0xd7,0x7a,0xab,0x7a,0x1b,0xff,0xa9,0x19,0xa0,0x4c,0x48,0xfd,0x83,0x81,0x4f,0x04,0x80,0x84,0xe7};
BIGNUM *bn,*bn2,*bnp,*bnq,*bng;
long publen = sizeof(pubkey);
int dummy=0; /* the value is ignored*/
unsigned char md[SHA_DIGEST_LENGTH];
SHA1(msg, (unsigned long ) msglen,md);
bn = BN_bin2bn(pubkey,publen,NULL);
bnp = BN_bin2bn(P,sizeof(P),NULL);
bnq = BN_bin2bn(Q,sizeof(Q),NULL);
bng = BN_bin2bn(G,sizeof(G),NULL);
dsa = DSA_new();
/* dsa->priv_key = bn;*/
dsa->p = bnp;
dsa->q = bnq;
dsa->g = bng;
dsa->pub_key = bn;
rv = DSA_verify(dummy,md,SHA_DIGEST_LENGTH,psign,siglen,dsa);
if(rv == 1)
{
/* printf("sign verified");*/
DSA_free(dsa);
return 0;
}
else if (rv == 0) {
fprintf(stderr,"Sign incorrect\n");
}
else fprintf(stderr,"Verify error\n");
DSA_free(dsa);
return -1;
}
static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen)
{
int ret;
DSA_PKEY_CTX *dctx = ctx->data;
DSA *dsa = ctx->pkey->pkey.dsa;
if (dctx->md != NULL && tbslen != (size_t)EVP_MD_size(dctx->md))
return 0;
ret = DSA_verify(0, tbs, tbslen, sig, siglen, dsa);
return ret;
}
static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen)
{
int ret, type;
DSA_PKEY_CTX *dctx = ctx->data;
DSA *dsa = ctx->pkey->pkey.dsa;
if (dctx->md)
type = EVP_MD_type(dctx->md);
else
type = NID_sha1;
ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
return ret;
}
/**
valid_dsa_sig
Given some data, the data length, the public key, the public key
length, and the 48-byte signature, we verify it and return 1 for
true and 0 for false, or -1 for error.
*/
int valid_dsa_sig(const void *data, int dlen, const char sig[48])
{
int r;
char hash[20];
SHA1(data, dlen, hash);
r = DSA_verify(0xdecafbad, hash, 20, sig, 48, dispatch);
if(!r) {
print_loc();
io_err("Couldn't verify signature! Info follows:\n");
io_debug("Hexdump of signature:\n");
io_hexdump(stdout, sig, 48);
io_debug("\nHexdump of data follows:\n");
io_hexdump(stdout, data, dlen);
}
return r;
}
static void check_license_signature(license_raw *lptr)
{
unsigned char message_digest[SHA_DIGEST_LENGTH];
SHA_CTX sha_ctx;
DSA *dsa = DSA_new();
SHA1_Init(&sha_ctx);
SHA1_Update(&sha_ctx, lptr, sizeof(*lptr) - sizeof(lptr->dsa_signature));
SHA1_Final(message_digest, &sha_ctx);
dsa->p = BN_bin2bn(dsa_p, sizeof(dsa_p), NULL);
dsa->q = BN_bin2bn(dsa_q, sizeof(dsa_q), NULL);
dsa->g = BN_bin2bn(dsa_g, sizeof(dsa_g), NULL);
dsa->pub_key = BN_bin2bn(dsa_pub_key, sizeof(dsa_pub_key), NULL);
// calculate the right len of the signiture
DSA_SIG *temp_sig=DSA_SIG_new();
int siglen = -1;
const unsigned char *data =lptr->dsa_signature;
if (temp_sig == NULL || d2i_DSA_SIG(&temp_sig,&data,sizeof(lptr->dsa_signature)) == NULL){
fprintf(stderr, "License signature verification failed: %s\n",
ERR_error_string(ERR_get_error(), NULL));
exit(EXIT_FAILURE);
}
unsigned char *tmp_buff= NULL;
siglen = i2d_DSA_SIG(temp_sig, &tmp_buff);
OPENSSL_cleanse(tmp_buff, siglen);
OPENSSL_free(tmp_buff);
DSA_SIG_free(temp_sig);
switch(DSA_verify(0, message_digest, sizeof(message_digest),
lptr->dsa_signature, siglen, dsa)) {
case 0:
fputs("License file is corrupted: invalid DSA signature.\n", stderr);
exit(EXIT_FAILURE);
case 1:
break; /* valid signature */
default:
fprintf(stderr, "License signature verification failed: %s\n",
ERR_error_string(ERR_get_error(), NULL));
exit(EXIT_FAILURE);
}
DSA_free(dsa);
}
bool xr_dsa::verify (public_key_t const & pub_key,
u8 const * data,
u32 const data_size,
shared_str const & dsign)
{
BN_bin2bn(pub_key.m_value, sizeof(pub_key.m_value), m_dsa->pub_key);
BIGNUM* tmp_bn = NULL;
BN_hex2bn (&tmp_bn, dsign.c_str());
int sig_size = tmp_bn->top * sizeof(unsigned long);
u8* sig_buff = static_cast<u8*>(_alloca(sig_size));
VERIFY (sig_size == DSA_size(m_dsa));
BN_bn2bin (tmp_bn, sig_buff);
bool ret = DSA_verify (0, data, data_size, sig_buff, sig_size, m_dsa) == 1 ? true : false;
BN_free(tmp_bn);
return ret;
}
/* DSA: generate key and sign a known digest, then verify the signature
* against the digest
*/
static int FIPS_dsa_test()
{
DSA *dsa = NULL;
unsigned char dgst[] = "etaonrishdlc";
unsigned char sig[256];
unsigned int siglen;
ERR_clear_error();
dsa = DSA_generate_parameters(512,NULL,0,NULL,NULL,NULL,NULL);
if (!dsa)
return 0;
if (!DSA_generate_key(dsa))
return 0;
if ( DSA_sign(0,dgst,sizeof(dgst) - 1,sig,&siglen,dsa) != 1 )
return 0;
if ( DSA_verify(0,dgst,sizeof(dgst) - 1,sig,siglen,dsa) != 1 )
return 0;
DSA_free(dsa);
return 1;
}
int32_t CryptoNative_DsaVerify(
DSA* dsa,
const uint8_t* hash,
int32_t hashLength,
uint8_t* signature,
int32_t signatureLength)
{
int32_t success = DSA_verify(0, hash, hashLength, signature, signatureLength, dsa);
if (success != 1)
{
if (success == -1)
{
// Clear the queue, as we don't check the error information.
// Managed caller expects the error queue to be cleared in case of error.
ERR_clear_error();
}
return 0;
}
return 1;
}
static int verify_dsa(EVP_PKEY* pkey, keymaster_dsa_sign_params_t* sign_params,
const uint8_t* signedData, const size_t signedDataLength,
const uint8_t* signature, const size_t signatureLength) {
if (sign_params->digest_type != DIGEST_NONE) {
ALOGW("Cannot handle digest type %d", sign_params->digest_type);
return -1;
}
Unique_DSA dsa(EVP_PKEY_get1_DSA(pkey));
if (dsa.get() == NULL) {
logOpenSSLError("openssl_verify_dsa");
return -1;
}
if (DSA_verify(0, signedData, signedDataLength, signature, signatureLength, dsa.get()) <= 0) {
logOpenSSLError("openssl_verify_dsa");
return -1;
}
return 0;
}
static int test_verify(const uint8_t *sig, size_t sig_len, int expect) {
int ok = 0;
DSA *dsa = get_fips_dsa();
if (dsa == NULL) {
goto end;
}
int ret = DSA_verify(0, fips_digest, sizeof(fips_digest), sig, sig_len, dsa);
if (ret != expect) {
BIO_printf(bio_err, "DSA_verify returned %d, want %d\n", ret, expect);
goto end;
}
ok = 1;
/* Clear any errorrs from a test with expected failure. */
ERR_clear_error();
end:
if (dsa != NULL) {
DSA_free(dsa);
}
return ok;
}
void
dsasha1_sigverify(val_context_t * ctx,
const u_char *data,
size_t data_len,
const val_dnskey_rdata_t * dnskey,
const val_rrsig_rdata_t * rrsig,
val_astatus_t * key_status, val_astatus_t * sig_status)
{
char buf[1028];
size_t buflen = 1024;
DSA *dsa = NULL;
u_char sha1_hash[SHA_DIGEST_LENGTH];
u_char sig_asn1[2+2*(3+SHA_DIGEST_LENGTH)];
val_log(ctx, LOG_DEBUG,
"dsasha1_sigverify(): parsing the public key...");
if ((dsa = DSA_new()) == NULL) {
val_log(ctx, LOG_INFO,
"dsasha1_sigverify(): could not allocate dsa structure.");
*key_status = VAL_AC_INVALID_KEY;
return;
};
if (dsasha1_parse_public_key
(dnskey->public_key, dnskey->public_key_len,
dsa) != VAL_NO_ERROR) {
val_log(ctx, LOG_INFO,
"dsasha1_sigverify(): Error in parsing public key.");
DSA_free(dsa);
*key_status = VAL_AC_INVALID_KEY;
return;
}
memset(sha1_hash, 0, SHA_DIGEST_LENGTH);
SHA1(data, data_len, sha1_hash);
val_log(ctx, LOG_DEBUG, "dsasha1_sigverify(): SHA-1 hash = %s",
get_hex_string(sha1_hash, SHA_DIGEST_LENGTH, buf, buflen));
val_log(ctx, LOG_DEBUG,
"dsasha1_sigverify(): verifying DSA signature...");
/*
* Fix: courtesy tom.fowler
* First convert the signature into its DER representation
* 0x30, 0x2E, - ASN1 sequence
* 0x02, 0x15, - ASN integer, length 21 bytes
* 0x00, <R bytes> - 1 + 20 bytes per 2536
* 0x02, 0x15, - ASN integer
* 0x00, <S bytes> - 1 + 20 bytes per 2536
*/
if (rrsig->signature_len < (1 + 2*SHA_DIGEST_LENGTH)) {
/* dont have enough data */
val_log(ctx, LOG_INFO,
"dsasha1_sigverify(): Error parsing DSA rrsig.");
DSA_free(dsa);
*sig_status = VAL_AC_INVALID_RRSIG;
return;
}
memcpy(sig_asn1, "\x30\x2E\x02\x15\x00", 5);
memcpy(sig_asn1+5, rrsig->signature+1, SHA_DIGEST_LENGTH);
memcpy(sig_asn1+5+SHA_DIGEST_LENGTH, "\x02\x15\x00", 3);
memcpy(sig_asn1+5+SHA_DIGEST_LENGTH+3,
rrsig->signature+1+SHA_DIGEST_LENGTH, SHA_DIGEST_LENGTH);
if (DSA_verify
(NID_sha1, (u_char *) sha1_hash, SHA_DIGEST_LENGTH,
sig_asn1, sizeof(sig_asn1), dsa) == 1) {
val_log(ctx, LOG_INFO, "dsasha1_sigverify(): returned SUCCESS");
DSA_free(dsa);
*sig_status = VAL_AC_RRSIG_VERIFIED;
} else {
val_log(ctx, LOG_INFO, "dsasha1_sigverify(): returned FAILURE");
DSA_free(dsa);
*sig_status = VAL_AC_RRSIG_VERIFY_FAILED;
}
return;
}
void xr_dsa::generate_params()
{
int counter;
unsigned long long_ret;
string256 random_string;
xr_sprintf (random_string, "%I64d_%s", CPU::QPC(), rnd_seed);
//sprintf_s (random_string, "%s", rnd_seed);
unsigned char* rnd_seed = static_cast<unsigned char*>((void*)random_string);
unsigned int rnd_ssize = xr_strlen(random_string);
DSA* tmp_dsa_params = DSA_generate_parameters(
key_bit_length,
rnd_seed,
rnd_ssize,
&counter,
&long_ret,
dsa_genparams_cb,
NULL
);
DSA_generate_key (tmp_dsa_params);
VERIFY (tmp_dsa_params->p->top * sizeof(u32) == public_key_length);
VERIFY (tmp_dsa_params->q->top * sizeof(u32) == private_key_length);
VERIFY (tmp_dsa_params->g->top * sizeof(u32) == public_key_length);
VERIFY (tmp_dsa_params->pub_key->top * sizeof(u32) == public_key_length);
VERIFY (tmp_dsa_params->priv_key->top * sizeof(u32)== private_key_length);
Msg("// DSA params ");
Msg("u8 const p_number[crypto::xr_dsa::public_key_length] = {");
print_big_number (tmp_dsa_params->p);
Msg("};//p_number");
Msg("u8 const q_number[crypto::xr_dsa::private_key_length] = {");
print_big_number (tmp_dsa_params->q);
Msg("};//q_number");
Msg("u8 const g_number[crypto::xr_dsa::public_key_length] = {");
print_big_number (tmp_dsa_params->g);
Msg("};//g_number");
Msg("u8 const public_key[crypto::xr_dsa::public_key_length] = {");
print_big_number (tmp_dsa_params->pub_key);
Msg("};//public_key");
u8 priv_bin[private_key_length];
BN_bn2bin (tmp_dsa_params->priv_key, priv_bin);
Msg("// Private key:");
for (int i = 0; i < private_key_length; ++i)
{
Msg(" m_private_key.m_value[%d] = 0x%02x;", i, priv_bin[i]);
}
u8 debug_digest[] = "this is a test";
u8 debug_bad_digest[] = "this as a test";
u32 siglen = DSA_size(tmp_dsa_params);
u8* sig = static_cast<u8*>(_alloca(siglen));
BIGNUM bn_sign;
BN_init (&bn_sign);
VERIFY (DSA_sign(0, debug_digest, sizeof(debug_digest), sig, &siglen, tmp_dsa_params) == 1);
BN_bin2bn (sig, siglen, &bn_sign);
shared_str sig_str = BN_bn2hex(&bn_sign);
BIGNUM* bn_rsing = NULL;
ZeroMemory (sig, siglen);
BN_hex2bn (&bn_rsing, sig_str.c_str());
BN_bn2bin (bn_rsing, sig);
BN_free (bn_rsing);
VERIFY (DSA_verify(0, debug_digest, sizeof(debug_digest), sig, siglen, tmp_dsa_params) == 1);
VERIFY (DSA_verify(0, debug_bad_digest, sizeof(debug_bad_digest), sig, siglen, tmp_dsa_params) == 0);
DSA_free(tmp_dsa_params);
}
int main()
{
FILE *fp;
int len, i;
MD5_CTX ctx;
unsigned char buf[1000];
unsigned char md5sum[16];
MD5_Init(&ctx);
if(!( fp = fopen("input.dat", "rb")))
{
printf("\nFailed to open file\n"); return (1);
}
while((len = fread( buf, 1, sizeof(buf), fp ) ) > 0 )
{
MD5_Update(&ctx, buf, len);
}
MD5_Final(md5sum, &ctx);
printf("MD5(input.dat) = ");
for( i = 0; i < 16; i++ )
{
printf("%02x", md5sum[i]);
}
printf("\n");
DSA *key;
FILE *fp1, *fp2;
/*unsigned char digest[8] = "1234567";*/
int siglen;
unsigned char signature[1000];
int retcode;
key = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);
if (key == NULL)
{
printf("\nFailed to generate parameters\n");
exit(1);
}
fp1 = fopen("params.dat", "w");
DSAparams_print_fp(fp1, key);
fclose(fp1);
DSA_generate_key(key);
if (key == NULL)
{
printf("\nFailed to generate key\n");
exit(1);
}
fp2 = fopen("key.dat", "w");
DSA_print_fp(fp2, key, 0);
fclose(fp2);
retcode = DSA_sign(0, md5sum, 8, signature, &siglen, key);
if (retcode == 0)
{
printf("\n *** Error in signing ***\n\n");
exit(1);
}
FILE *fp3;
fp3 = fopen("signature.dat", "w");
fputs(signature, fp3);
fclose(fp3);
printf("\nSignature of the hash = ");
printf("%s\n",signature);
retcode = DSA_verify(0, md5sum, 8, signature, siglen, key);
if (retcode == 1)
printf("\n *** Valid signature ***\n\n");
if (retcode == 0)
printf("\n *** Incorrect signature ***\n\n");
if (retcode == -1)
printf("\n *** Error in verifying ***\n\n");
DSA_free(key);
return 0;
}
static int test_generate(void) {
BN_GENCB cb;
DSA *dsa = NULL;
int counter, ok = 0, i, j;
uint8_t buf[256];
unsigned long h;
uint8_t sig[256];
unsigned int siglen;
BIO_printf(bio_out, "test generation of DSA parameters\n");
BN_GENCB_set(&cb, dsa_cb, bio_out);
dsa = DSA_new();
if (dsa == NULL ||
!DSA_generate_parameters_ex(dsa, 512, seed, 20, &counter, &h, &cb)) {
goto end;
}
BIO_printf(bio_out, "seed\n");
for (i = 0; i < 20; i += 4) {
BIO_printf(bio_out, "%02X%02X%02X%02X ", seed[i], seed[i + 1], seed[i + 2],
seed[i + 3]);
}
BIO_printf(bio_out, "\ncounter=%d h=%ld\n", counter, h);
if (counter != 105) {
BIO_printf(bio_err, "counter should be 105\n");
goto end;
}
if (h != 2) {
BIO_printf(bio_err, "h should be 2\n");
goto end;
}
i = BN_bn2bin(dsa->q, buf);
j = sizeof(fips_q);
if (i != j || memcmp(buf, fips_q, i) != 0) {
BIO_printf(bio_err, "q value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->p, buf);
j = sizeof(fips_p);
if (i != j || memcmp(buf, fips_p, i) != 0) {
BIO_printf(bio_err, "p value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->g, buf);
j = sizeof(fips_g);
if (i != j || memcmp(buf, fips_g, i) != 0) {
BIO_printf(bio_err, "g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
DSA_sign(0, fips_digest, sizeof(fips_digest), sig, &siglen, dsa);
if (DSA_verify(0, fips_digest, sizeof(fips_digest), sig, siglen, dsa) == 1) {
ok = 1;
} else {
BIO_printf(bio_err, "verification failure\n");
}
end:
if (dsa != NULL) {
DSA_free(dsa);
}
return ok;
}
int ssl_test_dsa(int argc, char **argv)
{
BN_GENCB cb;
DSA *dsa=NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
#ifndef OPENSSL_SYS_WINDOWS
bio_err = BIO_new(BIO_s_mem());
if (bio_err == NULL) return(1);
#else
if (bio_err == NULL)
bio_err=BIO_new_fp(OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE);
#endif
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed);
TINYCLR_SSL_PRINTF("test generation of DSA parameters\n");
BN_GENCB_set(&cb, dsa_cb, bio_err);
if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
seed, 20, &counter, &h, &cb))
goto end;
TINYCLR_SSL_PRINTF("seed\n");
for (i=0; i<20; i+=4)
{
TINYCLR_SSL_PRINTF("%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
TINYCLR_SSL_PRINTF("\ncounter=%d h=%ld\n",counter,h);
DSA_print(bio_err,dsa,0);
if (counter != 105)
{
TINYCLR_SSL_PRINTF("counter should be 105\n");
goto end;
}
if (h != 2)
{
TINYCLR_SSL_PRINTF("h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_q,i) != 0))
{
TINYCLR_SSL_PRINTF("q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_p,i) != 0))
{
TINYCLR_SSL_PRINTF("p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_g,i) != 0))
{
TINYCLR_SSL_PRINTF("g value is wrong\n");
goto end;
}
dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret=1;
dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret=1;
end:
if (!ret)
ERR_print_errors(bio_err);
if (dsa != NULL) DSA_free(dsa);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err = NULL;
}
#ifdef OPENSSL_SYS_NETWARE
if (!ret) TINYCLR_SSL_PRINTF("ERROR\n");
#endif
return(0);
}
int main(int argc, char **argv)
{
BN_GENCB *cb;
DSA *dsa = NULL;
int counter, ret = 0, i, j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
BIGNUM *p = NULL, *q = NULL, *g = NULL;
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
RAND_seed(rnd_seed, sizeof rnd_seed);
BIO_printf(bio_err, "test generation of DSA parameters\n");
cb = BN_GENCB_new();
if (!cb)
goto end;
BN_GENCB_set(cb, dsa_cb, bio_err);
if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
seed, 20,
&counter,
&h, cb))
goto end;
BIO_printf(bio_err, "seed\n");
for (i = 0; i < 20; i += 4) {
BIO_printf(bio_err, "%02X%02X%02X%02X ",
seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
}
BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
DSA_print(bio_err, dsa, 0);
if (counter != 105) {
BIO_printf(bio_err, "counter should be 105\n");
goto end;
}
if (h != 2) {
BIO_printf(bio_err, "h should be 2\n");
goto end;
}
DSA_get0_pqg(dsa, &p, &q, &g);
i = BN_bn2bin(q, buf);
j = sizeof(out_q);
if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
BIO_printf(bio_err, "q value is wrong\n");
goto end;
}
i = BN_bn2bin(p, buf);
j = sizeof(out_p);
if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
BIO_printf(bio_err, "p value is wrong\n");
goto end;
}
i = BN_bn2bin(g, buf);
j = sizeof(out_g);
if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
BIO_printf(bio_err, "g value is wrong\n");
goto end;
}
DSA_set_flags(dsa, DSA_FLAG_NO_EXP_CONSTTIME);
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret = 1;
DSA_clear_flags(dsa, DSA_FLAG_NO_EXP_CONSTTIME);
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret = 1;
end:
if (!ret)
ERR_print_errors(bio_err);
DSA_free(dsa);
BN_GENCB_free(cb);
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
if (CRYPTO_mem_leaks(bio_err) <= 0)
ret = 0;
#endif
BIO_free(bio_err);
bio_err = NULL;
EXIT(!ret);
}
/*
* Verify the signature on an assertion; return SIGRESULT_TRUE is
* success, SIGRESULT_FALSE otherwise.
*/
int
keynote_sigverify_assertion(struct assertion *as)
{
int hashtype, enc, intenc, alg = KEYNOTE_ALGORITHM_NONE, hashlen = 0;
unsigned char *sig, *decoded = NULL, *ptr;
unsigned char res2[20];
SHA_CTX shscontext;
MD5_CTX md5context;
int len = 0;
DSA *dsa;
RSA *rsa;
if (as->as_signature == NULL ||
as->as_startofsignature == NULL ||
as->as_allbutsignature == NULL ||
as->as_allbutsignature - as->as_startofsignature <= 0)
return SIGRESULT_FALSE;
alg = keynote_get_sig_algorithm(as->as_signature, &hashtype, &enc,
&intenc);
if (alg == KEYNOTE_ALGORITHM_NONE)
return SIGRESULT_FALSE;
/* Check for matching algorithms */
if ((alg != as->as_signeralgorithm) &&
!((alg == KEYNOTE_ALGORITHM_RSA) &&
(as->as_signeralgorithm == KEYNOTE_ALGORITHM_X509)) &&
!((alg == KEYNOTE_ALGORITHM_X509) &&
(as->as_signeralgorithm == KEYNOTE_ALGORITHM_RSA)))
return SIGRESULT_FALSE;
sig = strchr(as->as_signature, ':'); /* Move forward to the Encoding. We
* are guaranteed to have a ':'
* character, since this is a valid
* signature */
sig++;
switch (hashtype)
{
case KEYNOTE_HASH_SHA1:
hashlen = 20;
memset(res2, 0, hashlen);
SHA1_Init(&shscontext);
SHA1_Update(&shscontext, as->as_startofsignature,
as->as_allbutsignature - as->as_startofsignature);
SHA1_Update(&shscontext, as->as_signature,
(char *) sig - as->as_signature);
SHA1_Final(res2, &shscontext);
break;
case KEYNOTE_HASH_MD5:
hashlen = 16;
memset(res2, 0, hashlen);
MD5_Init(&md5context);
MD5_Update(&md5context, as->as_startofsignature,
as->as_allbutsignature - as->as_startofsignature);
MD5_Update(&md5context, as->as_signature,
(char *) sig - as->as_signature);
MD5_Final(res2, &md5context);
break;
case KEYNOTE_HASH_NONE:
break;
}
/* Remove ASCII encoding */
switch (enc)
{
case ENCODING_NONE:
ptr = NULL;
break;
case ENCODING_HEX:
len = strlen(sig) / 2;
if (kn_decode_hex(sig, (char **) &decoded) != 0)
return -1;
ptr = decoded;
break;
case ENCODING_BASE64:
len = strlen(sig);
if (len % 4) /* Base64 encoding must be a multiple of 4 */
{
keynote_errno = ERROR_SYNTAX;
return -1;
}
len = 3 * (len / 4);
decoded = calloc(len, sizeof(unsigned char));
ptr = decoded;
if (decoded == NULL) {
keynote_errno = ERROR_MEMORY;
return -1;
}
len = kn_decode_base64(sig, decoded, len);
if ((len == -1) || (len == 0) || (len == 1))
return -1;
break;
case ENCODING_NATIVE:
if ((decoded = strdup(sig)) == NULL) {
keynote_errno = ERROR_MEMORY;
return -1;
}
len = strlen(sig);
ptr = decoded;
break;
default:
keynote_errno = ERROR_SYNTAX;
return -1;
}
/* DSA */
if ((alg == KEYNOTE_ALGORITHM_DSA) && (intenc == INTERNAL_ENC_ASN1))
{
dsa = (DSA *) as->as_authorizer;
if (DSA_verify(0, res2, hashlen, decoded, len, dsa) == 1) {
free(ptr);
return SIGRESULT_TRUE;
}
}
else /* RSA */
if ((alg == KEYNOTE_ALGORITHM_RSA) && (intenc == INTERNAL_ENC_PKCS1))
{
rsa = (RSA *) as->as_authorizer;
if (RSA_verify_ASN1_OCTET_STRING(RSA_PKCS1_PADDING, res2, hashlen,
decoded, len, rsa) == 1) {
free(ptr);
return SIGRESULT_TRUE;
}
}
else
if ((alg == KEYNOTE_ALGORITHM_X509) && (intenc == INTERNAL_ENC_ASN1))
{
/* RSA-specific */
rsa = (RSA *) as->as_authorizer;
if (RSA_verify(NID_shaWithRSAEncryption, res2, hashlen, decoded,
len, rsa) == 1) {
free(ptr);
return SIGRESULT_TRUE;
}
}
/* Handle more algorithms here */
free(ptr);
return SIGRESULT_FALSE;
}
static int sign_and_verify(int len)
{
/*
* Per FIPS 186-4, the hash is recommended to be the same length as q.
* If the hash is longer than q, the leftmost N bits are used; if the hash
* is shorter, then we left-pad (see appendix C.2.1).
*/
size_t sigLength;
int digestlen = BN_num_bytes(DSA_get0_q(dsakey));
int ok = 0;
unsigned char *dataToSign = OPENSSL_malloc(len);
unsigned char *paddedData = OPENSSL_malloc(digestlen);
unsigned char *signature = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
if (!TEST_ptr(dataToSign) ||
!TEST_ptr(paddedData) ||
!TEST_int_eq(RAND_bytes(dataToSign, len), 1))
goto end;
memset(paddedData, 0, digestlen);
if (len > digestlen)
memcpy(paddedData, dataToSign, digestlen);
else
memcpy(paddedData + digestlen - len, dataToSign, len);
if (!TEST_ptr(pkey = EVP_PKEY_new()))
goto end;
EVP_PKEY_set1_DSA(pkey, dsakey);
if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
goto end;
if (!TEST_int_eq(EVP_PKEY_sign_init(ctx), 1))
goto end;
if (EVP_PKEY_sign(ctx, NULL, &sigLength, dataToSign, len) != 1) {
TEST_error("Failed to get signature length, len=%d", len);
goto end;
}
if (!TEST_ptr(signature = OPENSSL_malloc(sigLength)))
goto end;
if (EVP_PKEY_sign(ctx, signature, &sigLength, dataToSign, len) != 1) {
TEST_error("Failed to sign, len=%d", len);
goto end;
}
/* Check that the signature is okay via the EVP interface */
if (!TEST_int_eq(EVP_PKEY_verify_init(ctx), 1))
goto end;
/* ... using the same data we just signed */
if (EVP_PKEY_verify(ctx, signature, sigLength, dataToSign, len) != 1) {
TEST_error("EVP verify with unpadded length %d failed\n", len);
goto end;
}
/* ... padding/truncating the data to the appropriate digest size */
if (EVP_PKEY_verify(ctx, signature, sigLength, paddedData, digestlen) != 1) {
TEST_error("EVP verify with length %d failed\n", len);
goto end;
}
/* Verify again using the raw DSA interface */
if (DSA_verify(0, dataToSign, len, signature, sigLength, dsakey) != 1) {
TEST_error("Verification with unpadded data failed, len=%d", len);
goto end;
}
if (DSA_verify(0, paddedData, digestlen, signature, sigLength, dsakey) != 1) {
TEST_error("verify with length %d failed\n", len);
goto end;
}
ok = 1;
end:
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
OPENSSL_free(signature);
OPENSSL_free(paddedData);
OPENSSL_free(dataToSign);
return ok;
}
#ifndef OPENSSL_NO_DSA
if (pkey->type == EVP_PKEY_DSA)
{
j=DSA_verify(pkey->save_type,
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
if (j <= 0)
{
/* bad signature */
al=SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
goto f_err;
}
}
else
#endif
#ifndef OPENSSL_NO_ECDSA
if (pkey->type == EVP_PKEY_EC)
{
j=ECDSA_verify(pkey->save_type,
&(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
SHA_DIGEST_LENGTH,p,i,pkey->pkey.ec);
if (j <= 0)
{
/* bad signature */
al=SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
SSL_R_BAD_ECDSA_SIGNATURE);
goto f_err;
}
}
int main(int argc, char **argv)
{
BN_GENCB *cb;
DSA *dsa = NULL;
int counter, ret = 0, i, j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
if (bio_err == NULL)
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
CRYPTO_set_mem_debug(1);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed);
BIO_printf(bio_err, "test generation of DSA parameters\n");
cb = BN_GENCB_new();
if (!cb)
goto end;
BN_GENCB_set(cb, dsa_cb, bio_err);
if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
seed, 20,
&counter,
&h, cb))
goto end;
BIO_printf(bio_err, "seed\n");
for (i = 0; i < 20; i += 4) {
BIO_printf(bio_err, "%02X%02X%02X%02X ",
seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
}
BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
DSA_print(bio_err, dsa, 0);
if (counter != 105) {
BIO_printf(bio_err, "counter should be 105\n");
goto end;
}
if (h != 2) {
BIO_printf(bio_err, "h should be 2\n");
goto end;
}
i = BN_bn2bin(dsa->q, buf);
j = sizeof(out_q);
if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
BIO_printf(bio_err, "q value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->p, buf);
j = sizeof(out_p);
if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
BIO_printf(bio_err, "p value is wrong\n");
goto end;
}
i = BN_bn2bin(dsa->g, buf);
j = sizeof(out_g);
if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
BIO_printf(bio_err, "g value is wrong\n");
goto end;
}
dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret = 1;
dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret = 1;
end:
if (!ret)
ERR_print_errors(bio_err);
DSA_free(dsa);
BN_GENCB_free(cb);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
CRYPTO_mem_leaks(bio_err);
#endif
BIO_free(bio_err);
bio_err = NULL;
# ifdef OPENSSL_SYS_NETWARE
if (!ret)
printf("ERROR\n");
# endif
EXIT(!ret);
}
int main(int argc, char **argv)
{
DSA *dsa=NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
unsigned long h;
unsigned char sig[256];
unsigned int siglen;
ERR_load_crypto_strings();
RAND_seed(rnd_seed, sizeof rnd_seed);
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
BIO_printf(bio_err,"test generation of DSA parameters\n");
dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
BIO_printf(bio_err,"seed\n");
for (i=0; i<20; i+=4)
{
BIO_printf(bio_err,"%02X%02X%02X%02X ",
seed[i],seed[i+1],seed[i+2],seed[i+3]);
}
BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
if (dsa == NULL) goto end;
DSA_print(bio_err,dsa,0);
if (counter != 105)
{
BIO_printf(bio_err,"counter should be 105\n");
goto end;
}
if (h != 2)
{
BIO_printf(bio_err,"h should be 2\n");
goto end;
}
i=BN_bn2bin(dsa->q,buf);
j=sizeof(out_q);
if ((i != j) || (memcmp(buf,out_q,i) != 0))
{
BIO_printf(bio_err,"q value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->p,buf);
j=sizeof(out_p);
if ((i != j) || (memcmp(buf,out_p,i) != 0))
{
BIO_printf(bio_err,"p value is wrong\n");
goto end;
}
i=BN_bn2bin(dsa->g,buf);
j=sizeof(out_g);
if ((i != j) || (memcmp(buf,out_g,i) != 0))
{
BIO_printf(bio_err,"g value is wrong\n");
goto end;
}
DSA_generate_key(dsa);
DSA_sign(0, str1, 20, sig, &siglen, dsa);
if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
ret=1;
end:
if (!ret)
ERR_print_errors(bio_err);
if (dsa != NULL) DSA_free(dsa);
ERR_remove_state(0);
CRYPTO_mem_leaks(bio_err);
if (bio_err != NULL)
{
BIO_free(bio_err);
bio_err = NULL;
}
exit(!ret);
return(0);
}
inline void dsa_key::verify(const void* _sign, size_t sign_len, const void* buf, size_t buf_len, int type) const
{
error::throw_error_if_not(DSA_verify(type, static_cast<const unsigned char*>(buf), static_cast<int>(buf_len), static_cast<const unsigned char*>(_sign), static_cast<int>(sign_len), ptr().get()) != 0);
}
