static isc_result_t
openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
isc_buffer_t *secret)
{
DH *dhpub, *dhpriv;
int ret;
isc_region_t r;
unsigned int len;
REQUIRE(pub->keydata.dh != NULL);
REQUIRE(priv->keydata.dh != NULL);
dhpub = pub->keydata.dh;
dhpriv = priv->keydata.dh;
len = DH_size(dhpriv);
isc_buffer_availableregion(secret, &r);
if (r.length < len)
return (ISC_R_NOSPACE);
ret = DH_compute_key(r.base, dhpub->pub_key, dhpriv);
if (ret <= 0)
return (dst__openssl_toresult2("DH_compute_key",
DST_R_COMPUTESECRETFAILURE));
isc_buffer_add(secret, len);
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslgost_fromdns(dst_key_t *key, isc_buffer_t *data) {
isc_region_t r;
EVP_PKEY *pkey = NULL;
unsigned char der[37 + 64];
const unsigned char *p;
isc_buffer_remainingregion(data, &r);
if (r.length == 0)
return (ISC_R_SUCCESS);
if (r.length != 64)
return (DST_R_INVALIDPUBLICKEY);
memcpy(der, gost_prefix, 37);
memcpy(der + 37, r.base, 64);
isc_buffer_forward(data, 64);
p = der;
if (d2i_PUBKEY(&pkey, &p, (long) sizeof(der)) == NULL)
return (dst__openssl_toresult2("d2i_PUBKEY",
DST_R_OPENSSLFAILURE));
key->keydata.pkey = pkey;
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslgost_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
isc_mem_t *mctx = key->mctx;
EVP_PKEY *pkey = NULL;
const unsigned char *p;
UNUSED(pub);
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_ECCGOST, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
INSIST(priv.elements[0].tag == TAG_GOST_PRIVASN1);
p = priv.elements[0].data;
if (d2i_PrivateKey(NID_id_GostR3410_2001, &pkey, &p,
(long) priv.elements[0].length) == NULL)
DST_RET(dst__openssl_toresult2("d2i_PrivateKey",
DST_R_INVALIDPRIVATEKEY));
key->keydata.pkey = pkey;
key->key_size = EVP_PKEY_bits(pkey);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
err:
if (pkey != NULL)
EVP_PKEY_free(pkey);
opensslgost_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static isc_result_t
opensslecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
isc_result_t ret;
EVP_PKEY *pkey;
EC_KEY *eckey = NULL;
int group_nid;
REQUIRE(key->key_alg == DST_ALG_ECDSA256 ||
key->key_alg == DST_ALG_ECDSA384);
UNUSED(unused);
UNUSED(callback);
if (key->key_alg == DST_ALG_ECDSA256) {
group_nid = NID_X9_62_prime256v1;
key->key_size = DNS_KEY_ECDSA256SIZE * 4;
} else {
group_nid = NID_secp384r1;
key->key_size = DNS_KEY_ECDSA384SIZE * 4;
}
eckey = EC_KEY_new_by_curve_name(group_nid);
if (eckey == NULL)
return (dst__openssl_toresult2("EC_KEY_new_by_curve_name",
DST_R_OPENSSLFAILURE));
if (EC_KEY_generate_key(eckey) != 1)
DST_RET (dst__openssl_toresult2("EC_KEY_generate_key",
DST_R_OPENSSLFAILURE));
pkey = EVP_PKEY_new();
if (pkey == NULL)
DST_RET (ISC_R_NOMEMORY);
if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) {
EVP_PKEY_free(pkey);
DST_RET (ISC_R_FAILURE);
}
key->keydata.pkey = pkey;
ret = ISC_R_SUCCESS;
err:
if (eckey != NULL)
EC_KEY_free(eckey);
return (ret);
}
isc_result_t
dst__opensslgost_init(dst_func_t **funcp) {
isc_result_t ret;
REQUIRE(funcp != NULL);
/* check if the gost engine works properly */
e = ENGINE_by_id("gost");
if (e == NULL)
return (dst__openssl_toresult2("ENGINE_by_id",
DST_R_OPENSSLFAILURE));
if (ENGINE_init(e) <= 0) {
ENGINE_free(e);
e = NULL;
return (dst__openssl_toresult2("ENGINE_init",
DST_R_OPENSSLFAILURE));
}
/* better than to rely on digest_gost symbol */
opensslgost_digest = ENGINE_get_digest(e, NID_id_GostR3411_94);
if (opensslgost_digest == NULL)
DST_RET(dst__openssl_toresult2("ENGINE_get_digest",
DST_R_OPENSSLFAILURE));
/* from openssl.cnf */
if (ENGINE_register_pkey_asn1_meths(e) <= 0)
DST_RET(dst__openssl_toresult2(
"ENGINE_register_pkey_asn1_meths",
DST_R_OPENSSLFAILURE));
if (ENGINE_ctrl_cmd_string(e,
"CRYPT_PARAMS",
"id-Gost28147-89-CryptoPro-A-ParamSet",
0) <= 0)
DST_RET(dst__openssl_toresult2("ENGINE_ctrl_cmd_string",
DST_R_OPENSSLFAILURE));
if (*funcp == NULL)
*funcp = &opensslgost_functions;
return (ISC_R_SUCCESS);
err:
ENGINE_finish(e);
ENGINE_free(e);
e = NULL;
return (ret);
}
static isc_result_t
opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
#if USE_EVP
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
#endif
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) {
return (dst__openssl_toresult2("EVP_DigestUpdate",
ISC_R_FAILURE));
}
#else
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
{
isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
isc_md5_update(md5ctx, data->base, data->length);
}
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
{
isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
isc_sha1_update(sha1ctx, data->base, data->length);
}
break;
case DST_ALG_RSASHA256:
{
isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
isc_sha256_update(sha256ctx, data->base, data->length);
}
break;
case DST_ALG_RSASHA512:
{
isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
isc_sha512_update(sha512ctx, data->base, data->length);
}
break;
default:
INSIST(0);
}
#endif
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslgost_generate(dst_key_t *key, int unused, void (*callback)(int)) {
EVP_PKEY_CTX *ctx;
union {
void *dptr;
void (*fptr)(int);
} u;
EVP_PKEY *pkey = NULL;
isc_result_t ret;
UNUSED(unused);
ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, NULL);
if (ctx == NULL)
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_new_id",
DST_R_OPENSSLFAILURE));
if (callback != NULL) {
u.fptr = callback;
EVP_PKEY_CTX_set_app_data(ctx, u.dptr);
EVP_PKEY_CTX_set_cb(ctx, &progress_cb);
}
if (EVP_PKEY_keygen_init(ctx) <= 0)
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
DST_R_OPENSSLFAILURE));
if (EVP_PKEY_CTX_ctrl_str(ctx, "paramset", "A") <= 0)
DST_RET(dst__openssl_toresult2("EVP_PKEY_CTX_ctrl_str",
DST_R_OPENSSLFAILURE));
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
DST_R_OPENSSLFAILURE));
key->keydata.pkey = pkey;
key->key_size = EVP_PKEY_bits(pkey);
EVP_PKEY_CTX_free(ctx);
return (ISC_R_SUCCESS);
err:
if (pkey != NULL)
EVP_PKEY_free(pkey);
if (ctx != NULL)
EVP_PKEY_CTX_free(ctx);
return (ret);
}
static isc_result_t
opensslgost_verify(dst_context_t *dctx, const isc_region_t *sig) {
dst_key_t *key = dctx->key;
int status = 0;
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
EVP_PKEY *pkey = key->keydata.pkey;
status = EVP_VerifyFinal(evp_md_ctx, sig->base, sig->length, pkey);
switch (status) {
case 1:
return (ISC_R_SUCCESS);
case 0:
return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
default:
return (dst__openssl_toresult2("EVP_VerifyFinal",
DST_R_VERIFYFAILURE));
}
}
static isc_result_t
opensslgost_tofile(const dst_key_t *key, const char *directory) {
EVP_PKEY *pkey;
dst_private_t priv;
isc_result_t result;
unsigned char *der, *p;
int len;
if (key->keydata.pkey == NULL)
return (DST_R_NULLKEY);
if (key->external) {
priv.nelements = 0;
return (dst__privstruct_writefile(key, &priv, directory));
}
pkey = key->keydata.pkey;
len = i2d_PrivateKey(pkey, NULL);
der = isc_mem_get(key->mctx, (size_t) len);
if (der == NULL)
return (ISC_R_NOMEMORY);
p = der;
if (i2d_PrivateKey(pkey, &p) != len) {
result = dst__openssl_toresult2("i2d_PrivateKey",
DST_R_OPENSSLFAILURE);
goto fail;
}
priv.elements[0].tag = TAG_GOST_PRIVASN1;
priv.elements[0].length = len;
priv.elements[0].data = der;
priv.nelements = 1;
result = dst__privstruct_writefile(key, &priv, directory);
fail:
if (der != NULL)
isc_mem_put(key->mctx, der, (size_t) len);
return (result);
}
static isc_result_t
opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
int i;
RSA *rsa = NULL, *pubrsa = NULL;
#ifdef USE_ENGINE
ENGINE *ep = NULL;
const BIGNUM *ex = NULL;
#endif
isc_mem_t *mctx = key->mctx;
const char *engine = NULL, *label = NULL;
#if defined(USE_ENGINE) || USE_EVP
EVP_PKEY *pkey = NULL;
#endif
BIGNUM *n = NULL, *e = NULL, *d = NULL;
BIGNUM *p = NULL, *q = NULL;
BIGNUM *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL;
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
goto err;
if (key->external) {
if (priv.nelements != 0)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pub == NULL)
DST_RET(DST_R_INVALIDPRIVATEKEY);
key->keydata.pkey = pub->keydata.pkey;
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
}
#if USE_EVP
if (pub != NULL && pub->keydata.pkey != NULL)
pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey);
#else
if (pub != NULL && pub->keydata.rsa != NULL) {
pubrsa = pub->keydata.rsa;
pub->keydata.rsa = NULL;
}
#endif
for (i = 0; i < priv.nelements; i++) {
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
engine = (char *)priv.elements[i].data;
break;
case TAG_RSA_LABEL:
label = (char *)priv.elements[i].data;
break;
default:
break;
}
}
/*
* Is this key is stored in a HSM?
* See if we can fetch it.
*/
if (label != NULL) {
#ifdef USE_ENGINE
if (engine == NULL)
DST_RET(DST_R_NOENGINE);
ep = dst__openssl_getengine(engine);
if (ep == NULL)
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_private_key(ep, label, NULL, NULL);
if (pkey == NULL)
DST_RET(dst__openssl_toresult2(
"ENGINE_load_private_key",
ISC_R_NOTFOUND));
key->engine = isc_mem_strdup(key->mctx, engine);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
key->label = isc_mem_strdup(key->mctx, label);
if (key->label == NULL)
DST_RET(ISC_R_NOMEMORY);
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
RSA_get0_key(rsa, NULL, &ex, NULL);
if (BN_num_bits(ex) > RSA_MAX_PUBEXP_BITS)
DST_RET(ISC_R_RANGE);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->key_size = EVP_PKEY_bits(pkey);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
EVP_PKEY_free(pkey);
#endif
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
#else
DST_RET(DST_R_NOENGINE);
#endif
}
rsa = RSA_new();
if (rsa == NULL)
DST_RET(ISC_R_NOMEMORY);
SET_FLAGS(rsa);
#if USE_EVP
pkey = EVP_PKEY_new();
if (pkey == NULL)
DST_RET(ISC_R_NOMEMORY);
if (!EVP_PKEY_set1_RSA(pkey, rsa))
DST_RET(ISC_R_FAILURE);
key->keydata.pkey = pkey;
#else
key->keydata.rsa = rsa;
#endif
for (i = 0; i < priv.nelements; i++) {
BIGNUM *bn;
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
continue;
case TAG_RSA_LABEL:
continue;
default:
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
n = bn;
break;
case TAG_RSA_PUBLICEXPONENT:
e = bn;
break;
case TAG_RSA_PRIVATEEXPONENT:
d = bn;
break;
case TAG_RSA_PRIME1:
p = bn;
break;
case TAG_RSA_PRIME2:
q = bn;
break;
case TAG_RSA_EXPONENT1:
dmp1 = bn;
break;
case TAG_RSA_EXPONENT2:
dmq1 = bn;
break;
case TAG_RSA_COEFFICIENT:
iqmp = bn;
break;
}
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
if (RSA_set0_key(rsa, n, e, d) == 0) {
if (n != NULL) BN_free(n);
if (e != NULL) BN_free(e);
if (d != NULL) BN_free(d);
}
if (RSA_set0_factors(rsa, p, q) == 0) {
if (p != NULL) BN_free(p);
if (q != NULL) BN_free(q);
}
if (RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp) == 0) {
if (dmp1 != NULL) BN_free(dmp1);
if (dmq1 != NULL) BN_free(dmq1);
if (iqmp != NULL) BN_free(iqmp);
}
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (BN_num_bits(e) > RSA_MAX_PUBEXP_BITS)
DST_RET(ISC_R_RANGE);
key->key_size = BN_num_bits(n);
if (pubrsa != NULL)
RSA_free(pubrsa);
#if USE_EVP
RSA_free(rsa);
#endif
return (ISC_R_SUCCESS);
err:
#if USE_EVP
if (pkey != NULL)
EVP_PKEY_free(pkey);
#endif
if (rsa != NULL)
RSA_free(rsa);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->keydata.generic = NULL;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static isc_result_t
opensslgost_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
isc_mem_t *mctx = key->mctx;
EVP_PKEY *pkey = NULL;
EC_KEY *eckey;
const EC_POINT *pubkey = NULL;
BIGNUM *privkey = NULL;
const unsigned char *p;
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_ECCGOST, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
return (ret);
if (key->external) {
if (priv.nelements != 0)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pub == NULL)
DST_RET(DST_R_INVALIDPRIVATEKEY);
key->keydata.pkey = pub->keydata.pkey;
pub->keydata.pkey = NULL;
key->key_size = pub->key_size;
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
}
INSIST((priv.elements[0].tag == TAG_GOST_PRIVASN1) ||
(priv.elements[0].tag == TAG_GOST_PRIVRAW));
if (priv.elements[0].tag == TAG_GOST_PRIVASN1) {
p = priv.elements[0].data;
if (d2i_PrivateKey(NID_id_GostR3410_2001, &pkey, &p,
(long) priv.elements[0].length) == NULL)
DST_RET(dst__openssl_toresult2(
"d2i_PrivateKey",
DST_R_INVALIDPRIVATEKEY));
} else {
if ((pub != NULL) && (pub->keydata.pkey != NULL)) {
eckey = EVP_PKEY_get0(pub->keydata.pkey);
pubkey = EC_KEY_get0_public_key(eckey);
}
privkey = BN_bin2bn(priv.elements[0].data,
priv.elements[0].length, NULL);
if (privkey == NULL)
DST_RET(ISC_R_NOMEMORY);
/* can't create directly the whole key */
p = gost_dummy_key;
if (d2i_PrivateKey(NID_id_GostR3410_2001, &pkey, &p,
(long) sizeof(gost_dummy_key)) == NULL)
DST_RET(dst__openssl_toresult2(
"d2i_PrivateKey",
DST_R_INVALIDPRIVATEKEY));
eckey = EVP_PKEY_get0(pkey);
if (eckey == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (!EC_KEY_set_private_key(eckey, privkey))
DST_RET(ISC_R_NOMEMORY);
/* have to (re)set the public key */
#ifdef notyet
(void) gost2001_compute_public(eckey);
#else
if ((pubkey != NULL) && !EC_KEY_set_public_key(eckey, pubkey))
DST_RET(ISC_R_NOMEMORY);
#endif
BN_clear_free(privkey);
privkey = NULL;
}
key->keydata.pkey = pkey;
key->key_size = EVP_PKEY_bits(pkey);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
err:
if (privkey != NULL)
BN_clear_free(privkey);
if (pkey != NULL)
EVP_PKEY_free(pkey);
opensslgost_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static isc_result_t
opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
#if OPENSSL_VERSION_NUMBER > 0x00908000L
isc_result_t ret = DST_R_OPENSSLFAILURE;
BN_GENCB cb;
union {
void *dptr;
void (*fptr)(int);
} u;
RSA *rsa = RSA_new();
BIGNUM *e = BN_new();
#if USE_EVP
EVP_PKEY *pkey = EVP_PKEY_new();
#endif
if (rsa == NULL || e == NULL)
goto err;
#if USE_EVP
if (pkey == NULL)
goto err;
if (!EVP_PKEY_set1_RSA(pkey, rsa))
goto err;
#endif
if (exp == 0) {
/* RSA_F4 0x10001 */
BN_set_bit(e, 0);
BN_set_bit(e, 16);
} else {
/* F5 0x100000001 */
BN_set_bit(e, 0);
BN_set_bit(e, 32);
}
if (callback == NULL) {
BN_GENCB_set_old(&cb, NULL, NULL);
} else {
u.fptr = callback;
BN_GENCB_set(&cb, &progress_cb, u.dptr);
}
if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) {
BN_free(e);
SET_FLAGS(rsa);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
#endif
return (ISC_R_SUCCESS);
}
ret = dst__openssl_toresult2("RSA_generate_key_ex",
DST_R_OPENSSLFAILURE);
err:
#if USE_EVP
if (pkey != NULL)
EVP_PKEY_free(pkey);
#endif
if (e != NULL)
BN_free(e);
if (rsa != NULL)
RSA_free(rsa);
return (dst__openssl_toresult(ret));
#else
RSA *rsa;
unsigned long e;
#if USE_EVP
EVP_PKEY *pkey = EVP_PKEY_new();
UNUSED(callback);
if (pkey == NULL)
return (ISC_R_NOMEMORY);
#else
UNUSED(callback);
#endif
if (exp == 0)
e = RSA_F4;
else
e = 0x40000003;
rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
if (rsa == NULL) {
#if USE_EVP
EVP_PKEY_free(pkey);
#endif
return (dst__openssl_toresult2("RSA_generate_key",
DST_R_OPENSSLFAILURE));
}
SET_FLAGS(rsa);
#if USE_EVP
if (!EVP_PKEY_set1_RSA(pkey, rsa)) {
EVP_PKEY_free(pkey);
RSA_free(rsa);
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
#endif
return (ISC_R_SUCCESS);
#endif
}
static isc_result_t
openssldh_generate(dst_key_t *key, int generator, void (*callback)(int)) {
DH *dh = NULL;
#if OPENSSL_VERSION_NUMBER > 0x00908000L
BN_GENCB *cb;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
BN_GENCB _cb;
#endif
union {
void *dptr;
void (*fptr)(int);
} u;
#else
UNUSED(callback);
#endif
if (generator == 0) {
if (key->key_size == 768 ||
key->key_size == 1024 ||
key->key_size == 1536)
{
dh = DH_new();
if (dh == NULL)
return (dst__openssl_toresult(ISC_R_NOMEMORY));
if (key->key_size == 768)
dh->p = bn768;
else if (key->key_size == 1024)
dh->p = bn1024;
else
dh->p = bn1536;
dh->g = bn2;
} else
generator = 2;
}
if (generator != 0) {
#if OPENSSL_VERSION_NUMBER > 0x00908000L
dh = DH_new();
if (dh == NULL)
return (dst__openssl_toresult(ISC_R_NOMEMORY));
cb = BN_GENCB_new();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (cb == NULL) {
DH_free(dh);
return (dst__openssl_toresult(ISC_R_NOMEMORY));
}
#endif
if (callback == NULL) {
BN_GENCB_set_old(cb, NULL, NULL);
} else {
u.fptr = callback;
BN_GENCB_set(cb, &progress_cb, u.dptr);
}
if (!DH_generate_parameters_ex(dh, key->key_size, generator,
cb)) {
DH_free(dh);
BN_GENCB_free(cb);
return (dst__openssl_toresult2(
"DH_generate_parameters_ex",
DST_R_OPENSSLFAILURE));
}
BN_GENCB_free(cb);
#else
dh = DH_generate_parameters(key->key_size, generator,
NULL, NULL);
if (dh == NULL)
return (dst__openssl_toresult2(
"DH_generate_parameters",
DST_R_OPENSSLFAILURE));
#endif
}
if (DH_generate_key(dh) == 0) {
DH_free(dh);
return (dst__openssl_toresult2("DH_generate_key",
DST_R_OPENSSLFAILURE));
}
dh->flags &= ~DH_FLAG_CACHE_MONT_P;
key->keydata.dh = dh;
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
dst_key_t *key = dctx->key;
isc_region_t r;
unsigned int siglen = 0;
#if USE_EVP
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
EVP_PKEY *pkey = key->keydata.pkey;
#else
RSA *rsa = key->keydata.rsa;
/* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */
unsigned char digest[PREFIXLEN + ISC_SHA512_DIGESTLENGTH];
int status;
int type = 0;
unsigned int digestlen = 0;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
unsigned int prefixlen = 0;
const unsigned char *prefix = NULL;
#endif
#endif
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
isc_buffer_availableregion(sig, &r);
#if USE_EVP
if (r.length < (unsigned int) EVP_PKEY_size(pkey))
return (ISC_R_NOSPACE);
if (!EVP_SignFinal(evp_md_ctx, r.base, &siglen, pkey)) {
return (dst__openssl_toresult2("EVP_SignFinal",
ISC_R_FAILURE));
}
#else
if (r.length < (unsigned int) RSA_size(rsa))
return (ISC_R_NOSPACE);
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
{
isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
isc_md5_final(md5ctx, digest);
type = NID_md5;
digestlen = ISC_MD5_DIGESTLENGTH;
}
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
{
isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
isc_sha1_final(sha1ctx, digest);
type = NID_sha1;
digestlen = ISC_SHA1_DIGESTLENGTH;
}
break;
case DST_ALG_RSASHA256:
{
isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
isc_sha256_final(digest, sha256ctx);
digestlen = ISC_SHA256_DIGESTLENGTH;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
prefix = sha256_prefix;
prefixlen = sizeof(sha256_prefix);
#else
type = NID_sha256;
#endif
}
break;
case DST_ALG_RSASHA512:
{
isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
isc_sha512_final(digest, sha512ctx);
digestlen = ISC_SHA512_DIGESTLENGTH;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
prefix = sha512_prefix;
prefixlen = sizeof(sha512_prefix);
#else
type = NID_sha512;
#endif
}
break;
default:
INSIST(0);
}
#if OPENSSL_VERSION_NUMBER < 0x00908000L
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
INSIST(type != 0);
status = RSA_sign(type, digest, digestlen, r.base,
&siglen, rsa);
break;
case DST_ALG_RSASHA256:
case DST_ALG_RSASHA512:
INSIST(prefix != NULL);
INSIST(prefixlen != 0);
INSIST(prefixlen + digestlen <= sizeof(digest));
memmove(digest + prefixlen, digest, digestlen);
memcpy(digest, prefix, prefixlen);
status = RSA_private_encrypt(digestlen + prefixlen,
digest, r.base, rsa,
RSA_PKCS1_PADDING);
if (status < 0)
status = 0;
else
siglen = status;
break;
default:
INSIST(0);
}
#else
INSIST(type != 0);
status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa);
#endif
if (status == 0)
return (dst__openssl_toresult2("RSA_sign",
DST_R_OPENSSLFAILURE));
#endif
isc_buffer_add(sig, siglen);
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
dst_key_t *key = dctx->key;
int status = 0;
#if USE_EVP
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
EVP_PKEY *pkey = key->keydata.pkey;
#else
/* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */
unsigned char digest[ISC_SHA512_DIGESTLENGTH];
int type = 0;
unsigned int digestlen = 0;
RSA *rsa = key->keydata.rsa;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
unsigned int prefixlen = 0;
const unsigned char *prefix = NULL;
#endif
#endif
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
status = EVP_VerifyFinal(evp_md_ctx, sig->base, sig->length, pkey);
#else
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
{
isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
isc_md5_final(md5ctx, digest);
type = NID_md5;
digestlen = ISC_MD5_DIGESTLENGTH;
}
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
{
isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
isc_sha1_final(sha1ctx, digest);
type = NID_sha1;
digestlen = ISC_SHA1_DIGESTLENGTH;
}
break;
case DST_ALG_RSASHA256:
{
isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
isc_sha256_final(digest, sha256ctx);
digestlen = ISC_SHA256_DIGESTLENGTH;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
prefix = sha256_prefix;
prefixlen = sizeof(sha256_prefix);
#else
type = NID_sha256;
#endif
}
break;
case DST_ALG_RSASHA512:
{
isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
isc_sha512_final(digest, sha512ctx);
digestlen = ISC_SHA512_DIGESTLENGTH;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
prefix = sha512_prefix;
prefixlen = sizeof(sha512_prefix);
#else
type = NID_sha512;
#endif
}
break;
default:
INSIST(0);
}
if (sig->length != (unsigned int) RSA_size(rsa))
return (DST_R_VERIFYFAILURE);
#if OPENSSL_VERSION_NUMBER < 0x00908000L
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
INSIST(type != 0);
status = RSA_verify(type, digest, digestlen, sig->base,
RSA_size(rsa), rsa);
break;
case DST_ALG_RSASHA256:
case DST_ALG_RSASHA512:
{
/*
* 1024 is big enough for all valid RSA bit sizes
* for use with DNSSEC.
*/
unsigned char original[PREFIXLEN + 1024];
INSIST(prefix != NULL);
INSIST(prefixlen != 0U);
if (RSA_size(rsa) > (int)sizeof(original))
return (DST_R_VERIFYFAILURE);
status = RSA_public_decrypt(sig->length, sig->base,
original, rsa,
RSA_PKCS1_PADDING);
if (status <= 0)
return (dst__openssl_toresult2(
"RSA_public_decrypt",
DST_R_VERIFYFAILURE));
if (status != (int)(prefixlen + digestlen))
return (DST_R_VERIFYFAILURE);
if (memcmp(original, prefix, prefixlen))
return (DST_R_VERIFYFAILURE);
if (memcmp(original + prefixlen, digest, digestlen))
return (DST_R_VERIFYFAILURE);
status = 1;
}
break;
default:
INSIST(0);
}
#else
INSIST(type != 0);
status = RSA_verify(type, digest, digestlen, sig->base,
RSA_size(rsa), rsa);
#endif
#endif
if (status != 1)
return (dst__openssl_toresult2("RSA_verify",
DST_R_VERIFYFAILURE));
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
#if OPENSSL_VERSION_NUMBER > 0x00908000L
isc_result_t ret = DST_R_OPENSSLFAILURE;
union {
void *dptr;
void (*fptr)(int);
} u;
RSA *rsa = RSA_new();
BIGNUM *e = BN_new();
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
BN_GENCB _cb;
#endif
BN_GENCB *cb = BN_GENCB_new();
#if USE_EVP
EVP_PKEY *pkey = EVP_PKEY_new();
#endif
/*
* Reject incorrect RSA key lengths.
*/
switch (key->key_alg) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
/* From RFC 3110 */
if (key->key_size > 4096)
goto err;
break;
case DST_ALG_RSASHA256:
/* From RFC 5702 */
if ((key->key_size < 512) ||
(key->key_size > 4096))
goto err;
break;
case DST_ALG_RSASHA512:
/* From RFC 5702 */
if ((key->key_size < 1024) ||
(key->key_size > 4096))
goto err;
break;
default:
INSIST(0);
}
if (rsa == NULL || e == NULL || cb == NULL)
goto err;
#if USE_EVP
if (pkey == NULL)
goto err;
if (!EVP_PKEY_set1_RSA(pkey, rsa))
goto err;
#endif
if (exp == 0) {
/* RSA_F4 0x10001 */
BN_set_bit(e, 0);
BN_set_bit(e, 16);
} else {
/* (phased-out) F5 0x100000001 */
BN_set_bit(e, 0);
BN_set_bit(e, 32);
}
if (callback == NULL) {
BN_GENCB_set_old(cb, NULL, NULL);
} else {
u.fptr = callback;
BN_GENCB_set(cb, &progress_cb, u.dptr);
}
if (RSA_generate_key_ex(rsa, key->key_size, e, cb)) {
BN_free(e);
BN_GENCB_free(cb);
SET_FLAGS(rsa);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
#endif
return (ISC_R_SUCCESS);
}
BN_GENCB_free(cb);
ret = dst__openssl_toresult2("RSA_generate_key_ex",
DST_R_OPENSSLFAILURE);
err:
#if USE_EVP
if (pkey != NULL)
EVP_PKEY_free(pkey);
#endif
if (e != NULL)
BN_free(e);
if (rsa != NULL)
RSA_free(rsa);
if (cb != NULL)
BN_GENCB_free(cb);
return (dst__openssl_toresult(ret));
#else
RSA *rsa;
unsigned long e;
#if USE_EVP
EVP_PKEY *pkey = EVP_PKEY_new();
UNUSED(callback);
if (pkey == NULL)
return (ISC_R_NOMEMORY);
#else
UNUSED(callback);
#endif
if (exp == 0)
e = RSA_F4;
else
e = 0x40000003;
rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
if (rsa == NULL) {
#if USE_EVP
EVP_PKEY_free(pkey);
#endif
return (dst__openssl_toresult2("RSA_generate_key",
DST_R_OPENSSLFAILURE));
}
SET_FLAGS(rsa);
#if USE_EVP
if (!EVP_PKEY_set1_RSA(pkey, rsa)) {
EVP_PKEY_free(pkey);
RSA_free(rsa);
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
#endif
return (ISC_R_SUCCESS);
#endif
}
static isc_result_t
opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
const char *pin)
{
#ifdef USE_ENGINE
ENGINE *e = NULL;
isc_result_t ret;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL, *pubrsa = NULL;
char *colon;
UNUSED(pin);
if (engine == NULL)
DST_RET(DST_R_NOENGINE);
e = dst__openssl_getengine(engine);
if (e == NULL)
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_public_key(e, label, NULL, NULL);
if (pkey != NULL) {
pubrsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
if (pubrsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
pkey = ENGINE_load_private_key(e, label, NULL, NULL);
if (pkey == NULL)
DST_RET(dst__openssl_toresult2("ENGINE_load_private_key",
ISC_R_NOTFOUND));
if (engine != NULL) {
key->engine = isc_mem_strdup(key->mctx, engine);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
} else {
key->engine = isc_mem_strdup(key->mctx, label);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
colon = strchr(key->engine, ':');
if (colon != NULL)
*colon = '\0';
}
key->label = isc_mem_strdup(key->mctx, label);
if (key->label == NULL)
DST_RET(ISC_R_NOMEMORY);
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->key_size = EVP_PKEY_bits(pkey);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
EVP_PKEY_free(pkey);
#endif
return (ISC_R_SUCCESS);
err:
if (rsa != NULL)
RSA_free(rsa);
if (pubrsa != NULL)
RSA_free(pubrsa);
if (pkey != NULL)
EVP_PKEY_free(pkey);
return (ret);
#else
UNUSED(key);
UNUSED(engine);
UNUSED(label);
UNUSED(pin);
return(DST_R_NOENGINE);
#endif
}
static isc_result_t
opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
#if USE_EVP
EVP_MD_CTX *evp_md_ctx;
const EVP_MD *type = NULL;
#endif
UNUSED(key);
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
dctx->key->key_alg == DST_ALG_RSASHA256 ||
dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
evp_md_ctx = EVP_MD_CTX_create();
if (evp_md_ctx == NULL)
return (ISC_R_NOMEMORY);
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
type = EVP_md5(); /* MD5 + RSA */
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
type = EVP_sha1(); /* SHA1 + RSA */
break;
#ifdef HAVE_EVP_SHA256
case DST_ALG_RSASHA256:
type = EVP_sha256(); /* SHA256 + RSA */
break;
#endif
#ifdef HAVE_EVP_SHA512
case DST_ALG_RSASHA512:
type = EVP_sha512();
break;
#endif
default:
INSIST(0);
}
if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) {
EVP_MD_CTX_destroy(evp_md_ctx);
return (dst__openssl_toresult2("EVP_DigestInit_ex",
ISC_R_FAILURE));
}
dctx->ctxdata.evp_md_ctx = evp_md_ctx;
#else
switch (dctx->key->key_alg) {
case DST_ALG_RSAMD5:
{
isc_md5_t *md5ctx;
md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t));
if (md5ctx == NULL)
return (ISC_R_NOMEMORY);
isc_md5_init(md5ctx);
dctx->ctxdata.md5ctx = md5ctx;
}
break;
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
{
isc_sha1_t *sha1ctx;
sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
if (sha1ctx == NULL)
return (ISC_R_NOMEMORY);
isc_sha1_init(sha1ctx);
dctx->ctxdata.sha1ctx = sha1ctx;
}
break;
case DST_ALG_RSASHA256:
{
isc_sha256_t *sha256ctx;
sha256ctx = isc_mem_get(dctx->mctx,
sizeof(isc_sha256_t));
if (sha256ctx == NULL)
return (ISC_R_NOMEMORY);
isc_sha256_init(sha256ctx);
dctx->ctxdata.sha256ctx = sha256ctx;
}
break;
case DST_ALG_RSASHA512:
{
isc_sha512_t *sha512ctx;
sha512ctx = isc_mem_get(dctx->mctx,
sizeof(isc_sha512_t));
if (sha512ctx == NULL)
return (ISC_R_NOMEMORY);
isc_sha512_init(sha512ctx);
dctx->ctxdata.sha512ctx = sha512ctx;
}
break;
default:
INSIST(0);
}
#endif
return (ISC_R_SUCCESS);
}
static isc_result_t
opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv;
isc_result_t ret;
int i;
RSA *rsa = NULL, *pubrsa = NULL;
#ifdef USE_ENGINE
ENGINE *e = NULL;
#endif
isc_mem_t *mctx = key->mctx;
const char *engine = NULL, *label = NULL;
#if defined(USE_ENGINE) || USE_EVP
EVP_PKEY *pkey = NULL;
#endif
#if USE_EVP
if (pub != NULL && pub->keydata.pkey != NULL)
pubrsa = EVP_PKEY_get1_RSA(pub->keydata.pkey);
#else
if (pub != NULL && pub->keydata.rsa != NULL) {
pubrsa = pub->keydata.rsa;
pub->keydata.rsa = NULL;
}
#endif
/* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS)
goto err;
for (i = 0; i < priv.nelements; i++) {
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
engine = (char *)priv.elements[i].data;
break;
case TAG_RSA_LABEL:
label = (char *)priv.elements[i].data;
break;
default:
break;
}
}
/*
* Is this key is stored in a HSM?
* See if we can fetch it.
*/
if (label != NULL) {
#ifdef USE_ENGINE
if (engine == NULL)
DST_RET(DST_R_NOENGINE);
e = dst__openssl_getengine(engine);
if (e == NULL)
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_private_key(e, label, NULL, NULL);
if (pkey == NULL)
DST_RET(dst__openssl_toresult2(
"ENGINE_load_private_key",
ISC_R_NOTFOUND));
key->engine = isc_mem_strdup(key->mctx, engine);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
key->label = isc_mem_strdup(key->mctx, label);
if (key->label == NULL)
DST_RET(ISC_R_NOMEMORY);
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL)
DST_RET(dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
if (pubrsa != NULL)
RSA_free(pubrsa);
key->key_size = EVP_PKEY_bits(pkey);
#if USE_EVP
key->keydata.pkey = pkey;
RSA_free(rsa);
#else
key->keydata.rsa = rsa;
EVP_PKEY_free(pkey);
#endif
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ISC_R_SUCCESS);
#else
DST_RET(DST_R_NOENGINE);
#endif
}
rsa = RSA_new();
if (rsa == NULL)
DST_RET(ISC_R_NOMEMORY);
SET_FLAGS(rsa);
#if USE_EVP
pkey = EVP_PKEY_new();
if (pkey == NULL)
DST_RET(ISC_R_NOMEMORY);
if (!EVP_PKEY_set1_RSA(pkey, rsa))
DST_RET(ISC_R_FAILURE);
key->keydata.pkey = pkey;
#else
key->keydata.rsa = rsa;
#endif
for (i = 0; i < priv.nelements; i++) {
BIGNUM *bn;
switch (priv.elements[i].tag) {
case TAG_RSA_ENGINE:
continue;
case TAG_RSA_LABEL:
continue;
case TAG_RSA_PIN:
continue;
default:
bn = BN_bin2bn(priv.elements[i].data,
priv.elements[i].length, NULL);
if (bn == NULL)
DST_RET(ISC_R_NOMEMORY);
}
switch (priv.elements[i].tag) {
case TAG_RSA_MODULUS:
rsa->n = bn;
break;
case TAG_RSA_PUBLICEXPONENT:
rsa->e = bn;
break;
case TAG_RSA_PRIVATEEXPONENT:
rsa->d = bn;
break;
case TAG_RSA_PRIME1:
rsa->p = bn;
break;
case TAG_RSA_PRIME2:
rsa->q = bn;
break;
case TAG_RSA_EXPONENT1:
rsa->dmp1 = bn;
break;
case TAG_RSA_EXPONENT2:
rsa->dmq1 = bn;
break;
case TAG_RSA_COEFFICIENT:
rsa->iqmp = bn;
break;
}
}
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
if (rsa_check(rsa, pubrsa) != ISC_R_SUCCESS)
DST_RET(DST_R_INVALIDPRIVATEKEY);
key->key_size = BN_num_bits(rsa->n);
if (pubrsa != NULL)
RSA_free(pubrsa);
#if USE_EVP
RSA_free(rsa);
#endif
return (ISC_R_SUCCESS);
err:
#if USE_EVP
if (pkey != NULL)
EVP_PKEY_free(pkey);
#endif
if (rsa != NULL)
RSA_free(rsa);
if (pubrsa != NULL)
RSA_free(pubrsa);
opensslrsa_destroy(key);
dst__privstruct_free(&priv, mctx);
memset(&priv, 0, sizeof(priv));
return (ret);
}
static isc_result_t
openssldsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
DSA *dsa;
unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];
isc_result_t result;
#if OPENSSL_VERSION_NUMBER > 0x00908000L
BN_GENCB *cb;
#if OPENSSL_VERSION_NUMBER < 0x10100000L
BN_GENCB _cb;
#endif
union {
void *dptr;
void (*fptr)(int);
} u;
#else
UNUSED(callback);
#endif
UNUSED(unused);
result = dst__entropy_getdata(rand_array, sizeof(rand_array),
ISC_FALSE);
if (result != ISC_R_SUCCESS)
return (result);
#if OPENSSL_VERSION_NUMBER > 0x00908000L
dsa = DSA_new();
if (dsa == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
cb = BN_GENCB_new();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (cb == NULL) {
DSA_free(dsa);
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
#endif
if (callback == NULL) {
BN_GENCB_set_old(cb, NULL, NULL);
} else {
u.fptr = callback;
BN_GENCB_set(cb, &progress_cb, u.dptr);
}
if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array,
ISC_SHA1_DIGESTLENGTH, NULL, NULL,
cb))
{
DSA_free(dsa);
BN_GENCB_free(cb);
return (dst__openssl_toresult2("DSA_generate_parameters_ex",
DST_R_OPENSSLFAILURE));
}
BN_GENCB_free(cb);
#else
dsa = DSA_generate_parameters(key->key_size, rand_array,
ISC_SHA1_DIGESTLENGTH, NULL, NULL,
NULL, NULL);
if (dsa == NULL)
return (dst__openssl_toresult2("DSA_generate_parameters",
DST_R_OPENSSLFAILURE));
#endif
if (DSA_generate_key(dsa) == 0) {
DSA_free(dsa);
return (dst__openssl_toresult2("DSA_generate_key",
DST_R_OPENSSLFAILURE));
}
dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;
key->keydata.dsa = dsa;
return (ISC_R_SUCCESS);
}
