1 | /*
|
---|
2 | * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
---|
3 | *
|
---|
4 | * Licensed under the OpenSSL license (the "License"). You may not use
|
---|
5 | * this file except in compliance with the License. You can obtain a copy
|
---|
6 | * in the file LICENSE in the source distribution or at
|
---|
7 | * https://www.openssl.org/source/license.html
|
---|
8 | */
|
---|
9 |
|
---|
10 | #include <stdio.h>
|
---|
11 | #include "internal/cryptlib.h"
|
---|
12 | #include <openssl/x509.h>
|
---|
13 | #include <openssl/asn1.h>
|
---|
14 | #include "dsa_locl.h"
|
---|
15 | #include <openssl/bn.h>
|
---|
16 | #include <openssl/cms.h>
|
---|
17 | #include "internal/asn1_int.h"
|
---|
18 | #include "internal/evp_int.h"
|
---|
19 |
|
---|
20 | static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
|
---|
21 | {
|
---|
22 | const unsigned char *p, *pm;
|
---|
23 | int pklen, pmlen;
|
---|
24 | int ptype;
|
---|
25 | const void *pval;
|
---|
26 | const ASN1_STRING *pstr;
|
---|
27 | X509_ALGOR *palg;
|
---|
28 | ASN1_INTEGER *public_key = NULL;
|
---|
29 |
|
---|
30 | DSA *dsa = NULL;
|
---|
31 |
|
---|
32 | if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
|
---|
33 | return 0;
|
---|
34 | X509_ALGOR_get0(NULL, &ptype, &pval, palg);
|
---|
35 |
|
---|
36 | if (ptype == V_ASN1_SEQUENCE) {
|
---|
37 | pstr = pval;
|
---|
38 | pm = pstr->data;
|
---|
39 | pmlen = pstr->length;
|
---|
40 |
|
---|
41 | if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
|
---|
42 | DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
|
---|
43 | goto err;
|
---|
44 | }
|
---|
45 |
|
---|
46 | } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
|
---|
47 | if ((dsa = DSA_new()) == NULL) {
|
---|
48 | DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
|
---|
49 | goto err;
|
---|
50 | }
|
---|
51 | } else {
|
---|
52 | DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
|
---|
53 | goto err;
|
---|
54 | }
|
---|
55 |
|
---|
56 | if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
|
---|
57 | DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
|
---|
58 | goto err;
|
---|
59 | }
|
---|
60 |
|
---|
61 | if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
|
---|
62 | DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
|
---|
63 | goto err;
|
---|
64 | }
|
---|
65 |
|
---|
66 | ASN1_INTEGER_free(public_key);
|
---|
67 | EVP_PKEY_assign_DSA(pkey, dsa);
|
---|
68 | return 1;
|
---|
69 |
|
---|
70 | err:
|
---|
71 | ASN1_INTEGER_free(public_key);
|
---|
72 | DSA_free(dsa);
|
---|
73 | return 0;
|
---|
74 |
|
---|
75 | }
|
---|
76 |
|
---|
77 | static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
|
---|
78 | {
|
---|
79 | DSA *dsa;
|
---|
80 | int ptype;
|
---|
81 | unsigned char *penc = NULL;
|
---|
82 | int penclen;
|
---|
83 | ASN1_STRING *str = NULL;
|
---|
84 | ASN1_INTEGER *pubint = NULL;
|
---|
85 |
|
---|
86 | dsa = pkey->pkey.dsa;
|
---|
87 | if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
|
---|
88 | str = ASN1_STRING_new();
|
---|
89 | if (str == NULL) {
|
---|
90 | DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
|
---|
91 | goto err;
|
---|
92 | }
|
---|
93 | str->length = i2d_DSAparams(dsa, &str->data);
|
---|
94 | if (str->length <= 0) {
|
---|
95 | DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
|
---|
96 | goto err;
|
---|
97 | }
|
---|
98 | ptype = V_ASN1_SEQUENCE;
|
---|
99 | } else
|
---|
100 | ptype = V_ASN1_UNDEF;
|
---|
101 |
|
---|
102 | pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL);
|
---|
103 |
|
---|
104 | if (pubint == NULL) {
|
---|
105 | DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
|
---|
106 | goto err;
|
---|
107 | }
|
---|
108 |
|
---|
109 | penclen = i2d_ASN1_INTEGER(pubint, &penc);
|
---|
110 | ASN1_INTEGER_free(pubint);
|
---|
111 |
|
---|
112 | if (penclen <= 0) {
|
---|
113 | DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
|
---|
114 | goto err;
|
---|
115 | }
|
---|
116 |
|
---|
117 | if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
|
---|
118 | ptype, str, penc, penclen))
|
---|
119 | return 1;
|
---|
120 |
|
---|
121 | err:
|
---|
122 | OPENSSL_free(penc);
|
---|
123 | ASN1_STRING_free(str);
|
---|
124 |
|
---|
125 | return 0;
|
---|
126 | }
|
---|
127 |
|
---|
128 | /*
|
---|
129 | * In PKCS#8 DSA: you just get a private key integer and parameters in the
|
---|
130 | * AlgorithmIdentifier the pubkey must be recalculated.
|
---|
131 | */
|
---|
132 |
|
---|
133 | static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
|
---|
134 | {
|
---|
135 | const unsigned char *p, *pm;
|
---|
136 | int pklen, pmlen;
|
---|
137 | int ptype;
|
---|
138 | const void *pval;
|
---|
139 | const ASN1_STRING *pstr;
|
---|
140 | const X509_ALGOR *palg;
|
---|
141 | ASN1_INTEGER *privkey = NULL;
|
---|
142 | BN_CTX *ctx = NULL;
|
---|
143 |
|
---|
144 | DSA *dsa = NULL;
|
---|
145 |
|
---|
146 | int ret = 0;
|
---|
147 |
|
---|
148 | if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
|
---|
149 | return 0;
|
---|
150 | X509_ALGOR_get0(NULL, &ptype, &pval, palg);
|
---|
151 |
|
---|
152 | if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
|
---|
153 | goto decerr;
|
---|
154 | if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
|
---|
155 | goto decerr;
|
---|
156 |
|
---|
157 | pstr = pval;
|
---|
158 | pm = pstr->data;
|
---|
159 | pmlen = pstr->length;
|
---|
160 | if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
|
---|
161 | goto decerr;
|
---|
162 | /* We have parameters now set private key */
|
---|
163 | if ((dsa->priv_key = BN_secure_new()) == NULL
|
---|
164 | || !ASN1_INTEGER_to_BN(privkey, dsa->priv_key)) {
|
---|
165 | DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
|
---|
166 | goto dsaerr;
|
---|
167 | }
|
---|
168 | /* Calculate public key */
|
---|
169 | if ((dsa->pub_key = BN_new()) == NULL) {
|
---|
170 | DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
|
---|
171 | goto dsaerr;
|
---|
172 | }
|
---|
173 | if ((ctx = BN_CTX_new()) == NULL) {
|
---|
174 | DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
|
---|
175 | goto dsaerr;
|
---|
176 | }
|
---|
177 |
|
---|
178 | if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
|
---|
179 | DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
|
---|
180 | goto dsaerr;
|
---|
181 | }
|
---|
182 |
|
---|
183 | EVP_PKEY_assign_DSA(pkey, dsa);
|
---|
184 |
|
---|
185 | ret = 1;
|
---|
186 | goto done;
|
---|
187 |
|
---|
188 | decerr:
|
---|
189 | DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
|
---|
190 | dsaerr:
|
---|
191 | DSA_free(dsa);
|
---|
192 | done:
|
---|
193 | BN_CTX_free(ctx);
|
---|
194 | ASN1_STRING_clear_free(privkey);
|
---|
195 | return ret;
|
---|
196 | }
|
---|
197 |
|
---|
198 | static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
|
---|
199 | {
|
---|
200 | ASN1_STRING *params = NULL;
|
---|
201 | ASN1_INTEGER *prkey = NULL;
|
---|
202 | unsigned char *dp = NULL;
|
---|
203 | int dplen;
|
---|
204 |
|
---|
205 | if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
|
---|
206 | DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
|
---|
207 | goto err;
|
---|
208 | }
|
---|
209 |
|
---|
210 | params = ASN1_STRING_new();
|
---|
211 |
|
---|
212 | if (params == NULL) {
|
---|
213 | DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
|
---|
214 | goto err;
|
---|
215 | }
|
---|
216 |
|
---|
217 | params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data);
|
---|
218 | if (params->length <= 0) {
|
---|
219 | DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
|
---|
220 | goto err;
|
---|
221 | }
|
---|
222 | params->type = V_ASN1_SEQUENCE;
|
---|
223 |
|
---|
224 | /* Get private key into integer */
|
---|
225 | prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
|
---|
226 |
|
---|
227 | if (!prkey) {
|
---|
228 | DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
|
---|
229 | goto err;
|
---|
230 | }
|
---|
231 |
|
---|
232 | dplen = i2d_ASN1_INTEGER(prkey, &dp);
|
---|
233 |
|
---|
234 | ASN1_STRING_clear_free(prkey);
|
---|
235 | prkey = NULL;
|
---|
236 |
|
---|
237 | if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
|
---|
238 | V_ASN1_SEQUENCE, params, dp, dplen))
|
---|
239 | goto err;
|
---|
240 |
|
---|
241 | return 1;
|
---|
242 |
|
---|
243 | err:
|
---|
244 | OPENSSL_free(dp);
|
---|
245 | ASN1_STRING_free(params);
|
---|
246 | ASN1_STRING_clear_free(prkey);
|
---|
247 | return 0;
|
---|
248 | }
|
---|
249 |
|
---|
250 | static int int_dsa_size(const EVP_PKEY *pkey)
|
---|
251 | {
|
---|
252 | return (DSA_size(pkey->pkey.dsa));
|
---|
253 | }
|
---|
254 |
|
---|
255 | static int dsa_bits(const EVP_PKEY *pkey)
|
---|
256 | {
|
---|
257 | return DSA_bits(pkey->pkey.dsa);
|
---|
258 | }
|
---|
259 |
|
---|
260 | static int dsa_security_bits(const EVP_PKEY *pkey)
|
---|
261 | {
|
---|
262 | return DSA_security_bits(pkey->pkey.dsa);
|
---|
263 | }
|
---|
264 |
|
---|
265 | static int dsa_missing_parameters(const EVP_PKEY *pkey)
|
---|
266 | {
|
---|
267 | DSA *dsa;
|
---|
268 | dsa = pkey->pkey.dsa;
|
---|
269 | if (dsa == NULL || dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
|
---|
270 | return 1;
|
---|
271 | return 0;
|
---|
272 | }
|
---|
273 |
|
---|
274 | static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
|
---|
275 | {
|
---|
276 | BIGNUM *a;
|
---|
277 |
|
---|
278 | if (to->pkey.dsa == NULL) {
|
---|
279 | to->pkey.dsa = DSA_new();
|
---|
280 | if (to->pkey.dsa == NULL)
|
---|
281 | return 0;
|
---|
282 | }
|
---|
283 |
|
---|
284 | if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
|
---|
285 | return 0;
|
---|
286 | BN_free(to->pkey.dsa->p);
|
---|
287 | to->pkey.dsa->p = a;
|
---|
288 |
|
---|
289 | if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
|
---|
290 | return 0;
|
---|
291 | BN_free(to->pkey.dsa->q);
|
---|
292 | to->pkey.dsa->q = a;
|
---|
293 |
|
---|
294 | if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
|
---|
295 | return 0;
|
---|
296 | BN_free(to->pkey.dsa->g);
|
---|
297 | to->pkey.dsa->g = a;
|
---|
298 | return 1;
|
---|
299 | }
|
---|
300 |
|
---|
301 | static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
|
---|
302 | {
|
---|
303 | if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
|
---|
304 | BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
|
---|
305 | BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
|
---|
306 | return 0;
|
---|
307 | else
|
---|
308 | return 1;
|
---|
309 | }
|
---|
310 |
|
---|
311 | static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
|
---|
312 | {
|
---|
313 | if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
|
---|
314 | return 0;
|
---|
315 | else
|
---|
316 | return 1;
|
---|
317 | }
|
---|
318 |
|
---|
319 | static void int_dsa_free(EVP_PKEY *pkey)
|
---|
320 | {
|
---|
321 | DSA_free(pkey->pkey.dsa);
|
---|
322 | }
|
---|
323 |
|
---|
324 | static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
|
---|
325 | {
|
---|
326 | int ret = 0;
|
---|
327 | const char *ktype = NULL;
|
---|
328 | const BIGNUM *priv_key, *pub_key;
|
---|
329 |
|
---|
330 | if (ptype == 2)
|
---|
331 | priv_key = x->priv_key;
|
---|
332 | else
|
---|
333 | priv_key = NULL;
|
---|
334 |
|
---|
335 | if (ptype > 0)
|
---|
336 | pub_key = x->pub_key;
|
---|
337 | else
|
---|
338 | pub_key = NULL;
|
---|
339 |
|
---|
340 | if (ptype == 2)
|
---|
341 | ktype = "Private-Key";
|
---|
342 | else if (ptype == 1)
|
---|
343 | ktype = "Public-Key";
|
---|
344 | else
|
---|
345 | ktype = "DSA-Parameters";
|
---|
346 |
|
---|
347 | if (priv_key) {
|
---|
348 | if (!BIO_indent(bp, off, 128))
|
---|
349 | goto err;
|
---|
350 | if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
|
---|
351 | <= 0)
|
---|
352 | goto err;
|
---|
353 | }
|
---|
354 |
|
---|
355 | if (!ASN1_bn_print(bp, "priv:", priv_key, NULL, off))
|
---|
356 | goto err;
|
---|
357 | if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off))
|
---|
358 | goto err;
|
---|
359 | if (!ASN1_bn_print(bp, "P: ", x->p, NULL, off))
|
---|
360 | goto err;
|
---|
361 | if (!ASN1_bn_print(bp, "Q: ", x->q, NULL, off))
|
---|
362 | goto err;
|
---|
363 | if (!ASN1_bn_print(bp, "G: ", x->g, NULL, off))
|
---|
364 | goto err;
|
---|
365 | ret = 1;
|
---|
366 | err:
|
---|
367 | return (ret);
|
---|
368 | }
|
---|
369 |
|
---|
370 | static int dsa_param_decode(EVP_PKEY *pkey,
|
---|
371 | const unsigned char **pder, int derlen)
|
---|
372 | {
|
---|
373 | DSA *dsa;
|
---|
374 |
|
---|
375 | if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) {
|
---|
376 | DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
|
---|
377 | return 0;
|
---|
378 | }
|
---|
379 | EVP_PKEY_assign_DSA(pkey, dsa);
|
---|
380 | return 1;
|
---|
381 | }
|
---|
382 |
|
---|
383 | static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
|
---|
384 | {
|
---|
385 | return i2d_DSAparams(pkey->pkey.dsa, pder);
|
---|
386 | }
|
---|
387 |
|
---|
388 | static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
|
---|
389 | ASN1_PCTX *ctx)
|
---|
390 | {
|
---|
391 | return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
|
---|
392 | }
|
---|
393 |
|
---|
394 | static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
|
---|
395 | ASN1_PCTX *ctx)
|
---|
396 | {
|
---|
397 | return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
|
---|
398 | }
|
---|
399 |
|
---|
400 | static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
|
---|
401 | ASN1_PCTX *ctx)
|
---|
402 | {
|
---|
403 | return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
|
---|
404 | }
|
---|
405 |
|
---|
406 | static int old_dsa_priv_decode(EVP_PKEY *pkey,
|
---|
407 | const unsigned char **pder, int derlen)
|
---|
408 | {
|
---|
409 | DSA *dsa;
|
---|
410 |
|
---|
411 | if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
|
---|
412 | DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
|
---|
413 | return 0;
|
---|
414 | }
|
---|
415 | EVP_PKEY_assign_DSA(pkey, dsa);
|
---|
416 | return 1;
|
---|
417 | }
|
---|
418 |
|
---|
419 | static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
|
---|
420 | {
|
---|
421 | return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
|
---|
422 | }
|
---|
423 |
|
---|
424 | static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
|
---|
425 | const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
|
---|
426 | {
|
---|
427 | DSA_SIG *dsa_sig;
|
---|
428 | const unsigned char *p;
|
---|
429 |
|
---|
430 | if (!sig) {
|
---|
431 | if (BIO_puts(bp, "\n") <= 0)
|
---|
432 | return 0;
|
---|
433 | else
|
---|
434 | return 1;
|
---|
435 | }
|
---|
436 | p = sig->data;
|
---|
437 | dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
|
---|
438 | if (dsa_sig) {
|
---|
439 | int rv = 0;
|
---|
440 | const BIGNUM *r, *s;
|
---|
441 |
|
---|
442 | DSA_SIG_get0(dsa_sig, &r, &s);
|
---|
443 |
|
---|
444 | if (BIO_write(bp, "\n", 1) != 1)
|
---|
445 | goto err;
|
---|
446 |
|
---|
447 | if (!ASN1_bn_print(bp, "r: ", r, NULL, indent))
|
---|
448 | goto err;
|
---|
449 | if (!ASN1_bn_print(bp, "s: ", s, NULL, indent))
|
---|
450 | goto err;
|
---|
451 | rv = 1;
|
---|
452 | err:
|
---|
453 | DSA_SIG_free(dsa_sig);
|
---|
454 | return rv;
|
---|
455 | }
|
---|
456 | return X509_signature_dump(bp, sig, indent);
|
---|
457 | }
|
---|
458 |
|
---|
459 | static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
|
---|
460 | {
|
---|
461 | switch (op) {
|
---|
462 | case ASN1_PKEY_CTRL_PKCS7_SIGN:
|
---|
463 | if (arg1 == 0) {
|
---|
464 | int snid, hnid;
|
---|
465 | X509_ALGOR *alg1, *alg2;
|
---|
466 | PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
|
---|
467 | if (alg1 == NULL || alg1->algorithm == NULL)
|
---|
468 | return -1;
|
---|
469 | hnid = OBJ_obj2nid(alg1->algorithm);
|
---|
470 | if (hnid == NID_undef)
|
---|
471 | return -1;
|
---|
472 | if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
|
---|
473 | return -1;
|
---|
474 | X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
|
---|
475 | }
|
---|
476 | return 1;
|
---|
477 | #ifndef OPENSSL_NO_CMS
|
---|
478 | case ASN1_PKEY_CTRL_CMS_SIGN:
|
---|
479 | if (arg1 == 0) {
|
---|
480 | int snid, hnid;
|
---|
481 | X509_ALGOR *alg1, *alg2;
|
---|
482 | CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
|
---|
483 | if (alg1 == NULL || alg1->algorithm == NULL)
|
---|
484 | return -1;
|
---|
485 | hnid = OBJ_obj2nid(alg1->algorithm);
|
---|
486 | if (hnid == NID_undef)
|
---|
487 | return -1;
|
---|
488 | if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
|
---|
489 | return -1;
|
---|
490 | X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
|
---|
491 | }
|
---|
492 | return 1;
|
---|
493 |
|
---|
494 | case ASN1_PKEY_CTRL_CMS_RI_TYPE:
|
---|
495 | *(int *)arg2 = CMS_RECIPINFO_NONE;
|
---|
496 | return 1;
|
---|
497 | #endif
|
---|
498 |
|
---|
499 | case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
|
---|
500 | *(int *)arg2 = NID_sha256;
|
---|
501 | return 2;
|
---|
502 |
|
---|
503 | default:
|
---|
504 | return -2;
|
---|
505 |
|
---|
506 | }
|
---|
507 |
|
---|
508 | }
|
---|
509 |
|
---|
510 | /* NB these are sorted in pkey_id order, lowest first */
|
---|
511 |
|
---|
512 | const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5] = {
|
---|
513 |
|
---|
514 | {
|
---|
515 | EVP_PKEY_DSA2,
|
---|
516 | EVP_PKEY_DSA,
|
---|
517 | ASN1_PKEY_ALIAS},
|
---|
518 |
|
---|
519 | {
|
---|
520 | EVP_PKEY_DSA1,
|
---|
521 | EVP_PKEY_DSA,
|
---|
522 | ASN1_PKEY_ALIAS},
|
---|
523 |
|
---|
524 | {
|
---|
525 | EVP_PKEY_DSA4,
|
---|
526 | EVP_PKEY_DSA,
|
---|
527 | ASN1_PKEY_ALIAS},
|
---|
528 |
|
---|
529 | {
|
---|
530 | EVP_PKEY_DSA3,
|
---|
531 | EVP_PKEY_DSA,
|
---|
532 | ASN1_PKEY_ALIAS},
|
---|
533 |
|
---|
534 | {
|
---|
535 | EVP_PKEY_DSA,
|
---|
536 | EVP_PKEY_DSA,
|
---|
537 | 0,
|
---|
538 |
|
---|
539 | "DSA",
|
---|
540 | "OpenSSL DSA method",
|
---|
541 |
|
---|
542 | dsa_pub_decode,
|
---|
543 | dsa_pub_encode,
|
---|
544 | dsa_pub_cmp,
|
---|
545 | dsa_pub_print,
|
---|
546 |
|
---|
547 | dsa_priv_decode,
|
---|
548 | dsa_priv_encode,
|
---|
549 | dsa_priv_print,
|
---|
550 |
|
---|
551 | int_dsa_size,
|
---|
552 | dsa_bits,
|
---|
553 | dsa_security_bits,
|
---|
554 |
|
---|
555 | dsa_param_decode,
|
---|
556 | dsa_param_encode,
|
---|
557 | dsa_missing_parameters,
|
---|
558 | dsa_copy_parameters,
|
---|
559 | dsa_cmp_parameters,
|
---|
560 | dsa_param_print,
|
---|
561 | dsa_sig_print,
|
---|
562 |
|
---|
563 | int_dsa_free,
|
---|
564 | dsa_pkey_ctrl,
|
---|
565 | old_dsa_priv_decode,
|
---|
566 | old_dsa_priv_encode}
|
---|
567 | };
|
---|