static int fips_dsa_sign(int type, const unsigned char *x, int y,
unsigned char *sig, unsigned int *siglen, EVP_MD_SVCTX *sv)
{
DSA *dsa = sv->key;
unsigned char dig[EVP_MAX_MD_SIZE];
unsigned int dlen;
DSA_SIG *s;
EVP_DigestFinal_ex(sv->mctx, dig, &dlen);
s=dsa->meth->dsa_do_sign(dig,dlen,dsa);
OPENSSL_cleanse(dig, dlen);
if (s == NULL)
{
*siglen=0;
return 0;
}
*siglen= FIPS_dsa_sig_encode(sig, s);
DSA_SIG_free(s);
if (*siglen < 0)
return 0;
return 1;
}
static void sigver()
{
DSA *dsa = NULL;
char buf[1024];
char lbuf[1024];
unsigned char msg[1024];
char *keyword, *value;
int nmod = 0, n = 0;
DSA_SIG sg, *sig = &sg;
sig->r = NULL;
sig->s = NULL;
while (fgets(buf, sizeof buf, stdin) != NULL) {
if (!parse_line(&keyword, &value, lbuf, buf)) {
fputs(buf, stdout);
continue;
}
if (!strcmp(keyword, "[mod")) {
nmod = atoi(value);
if (dsa)
FIPS_dsa_free(dsa);
dsa = FIPS_dsa_new();
} else if (!strcmp(keyword, "P"))
dsa->p = hex2bn(value);
else if (!strcmp(keyword, "Q"))
dsa->q = hex2bn(value);
else if (!strcmp(keyword, "G")) {
dsa->g = hex2bn(value);
printf("[mod = %d]\n\n", nmod);
pbn("P", dsa->p);
pbn("Q", dsa->q);
pbn("G", dsa->g);
putc('\n', stdout);
} else if (!strcmp(keyword, "Msg")) {
n = hex2bin(value, msg);
pv("Msg", msg, n);
} else if (!strcmp(keyword, "Y"))
dsa->pub_key = hex2bn(value);
else if (!strcmp(keyword, "R"))
sig->r = hex2bn(value);
else if (!strcmp(keyword, "S")) {
EVP_MD_CTX mctx;
EVP_PKEY pk;
unsigned char sigbuf[60];
unsigned int slen;
int r;
EVP_MD_CTX_init(&mctx);
pk.type = EVP_PKEY_DSA;
pk.pkey.dsa = dsa;
sig->s = hex2bn(value);
pbn("Y", dsa->pub_key);
pbn("R", sig->r);
pbn("S", sig->s);
slen = FIPS_dsa_sig_encode(sigbuf, sig);
EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL);
EVP_VerifyUpdate(&mctx, msg, n);
r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk);
EVP_MD_CTX_cleanup(&mctx);
printf("Result = %c\n", r == 1 ? 'P' : 'F');
putc('\n', stdout);
}
}
}
