static int fips_dsa_verify(int type, const unsigned char *x, int y, const unsigned char *sigbuf, unsigned int siglen, EVP_MD_SVCTX *sv) { DSA *dsa = sv->key; DSA_SIG *s; int ret=-1; unsigned char dig[EVP_MAX_MD_SIZE]; unsigned int dlen; s = DSA_SIG_new(); if (s == NULL) return ret; if (!FIPS_dsa_sig_decode(s,sigbuf,siglen)) goto err; EVP_DigestFinal_ex(sv->mctx, dig, &dlen); ret=dsa->meth->dsa_do_verify(dig,dlen,s,dsa); OPENSSL_cleanse(dig, dlen); err: DSA_SIG_free(s); return ret; }
static void siggen() { char buf[1024]; char lbuf[1024]; char *keyword, *value; int nmod = 0; DSA *dsa = NULL; while (fgets(buf, sizeof buf, stdin) != NULL) { if (!parse_line(&keyword, &value, lbuf, buf)) { fputs(buf, stdout); continue; } if (!strcmp(keyword, "[mod")) { nmod = atoi(value); printf("[mod = %d]\n\n", nmod); if (dsa) FIPS_dsa_free(dsa); dsa = FIPS_dsa_new(); if (!DSA_generate_parameters_ex (dsa, nmod, NULL, 0, NULL, NULL, NULL)) { do_print_errors(); exit(1); } pbn("P", dsa->p); pbn("Q", dsa->q); pbn("G", dsa->g); putc('\n', stdout); } else if (!strcmp(keyword, "Msg")) { unsigned char msg[1024]; unsigned char sbuf[60]; unsigned int slen; int n; EVP_PKEY pk; EVP_MD_CTX mctx; DSA_SIG *sig; EVP_MD_CTX_init(&mctx); n = hex2bin(value, msg); pv("Msg", msg, n); if (!DSA_generate_key(dsa)) { do_print_errors(); exit(1); } pk.type = EVP_PKEY_DSA; pk.pkey.dsa = dsa; pbn("Y", dsa->pub_key); EVP_SignInit_ex(&mctx, EVP_dss1(), NULL); EVP_SignUpdate(&mctx, msg, n); EVP_SignFinal(&mctx, sbuf, &slen, &pk); sig = DSA_SIG_new(); FIPS_dsa_sig_decode(sig, sbuf, slen); pbn("R", sig->r); pbn("S", sig->s); putc('\n', stdout); DSA_SIG_free(sig); EVP_MD_CTX_cleanup(&mctx); } } if (dsa) FIPS_dsa_free(dsa); }