Commit bf85a3db authored by Niels Möller's avatar Niels Möller
Browse files

Convert DER decoding functions to new DSA interface.

parent c4752123
2014-03-26 Niels Möller <nisse@lysator.liu.se> 2014-03-26 Niels Möller <nisse@lysator.liu.se>
* der2dsa.c (dsa_params_from_der_iterator): Converted to new DSA
interface. Allow q_size == 0, meaning any q < p is allowed.
Additional validity checks.
(dsa_public_key_from_der_iterator): Converted to new DSA
interface. Also check that the public value is in the correct
range.
(dsa_openssl_private_key_from_der_iterator): Converted
to new DSA interface. Additional validity checks.
(dsa_openssl_private_key_from_der): Converted to new DSA
interface.
* tools/pkcs1-conv.c (convert_dsa_private_key): Update to use
struct dsa_params, and adapt to the der decoding changes.
(convert_public_key): Likewise.
* examples/hogweed-benchmark.c: Update dsa benchmarking to use new * examples/hogweed-benchmark.c: Update dsa benchmarking to use new
DSA interface. DSA interface.
......
...@@ -6,6 +6,7 @@ ...@@ -6,6 +6,7 @@
/* nettle, low-level cryptographics library /* nettle, low-level cryptographics library
* *
* Copyright (C) 2005, 2009 Niels Möller, Magnus Holmgren * Copyright (C) 2005, 2009 Niels Möller, Magnus Holmgren
* Copyright (C) 2014 Niels Möller
* *
* The nettle library is free software; you can redistribute it and/or modify * The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by * it under the terms of the GNU Lesser General Public License as published by
...@@ -38,9 +39,10 @@ ...@@ -38,9 +39,10 @@
&& asn1_der_get_bignum((i), (x), (l)) \ && asn1_der_get_bignum((i), (x), (l)) \
&& mpz_sgn((x)) > 0) && mpz_sgn((x)) > 0)
/* If q_bits > 0, q is required to be of exactly this size. */
int int
dsa_params_from_der_iterator(struct dsa_public_key *pub, dsa_params_from_der_iterator(struct dsa_params *params,
unsigned p_max_bits, unsigned max_bits, unsigned q_bits,
struct asn1_der_iterator *i) struct asn1_der_iterator *i)
{ {
/* Dss-Parms ::= SEQUENCE { /* Dss-Parms ::= SEQUENCE {
...@@ -49,30 +51,41 @@ dsa_params_from_der_iterator(struct dsa_public_key *pub, ...@@ -49,30 +51,41 @@ dsa_params_from_der_iterator(struct dsa_public_key *pub,
g INTEGER g INTEGER
} }
*/ */
return (i->type == ASN1_INTEGER if (i->type == ASN1_INTEGER
&& asn1_der_get_bignum(i, pub->p, p_max_bits) && asn1_der_get_bignum(i, params->p, max_bits)
&& mpz_sgn(pub->p) > 0 && mpz_sgn(params->p) > 0)
&& GET(i, pub->q, DSA_SHA1_Q_BITS) {
&& GET(i, pub->g, p_max_bits) unsigned p_bits = mpz_sizeinbase (params->p, 2);
&& asn1_der_iterator_next(i) == ASN1_ITERATOR_END); return (GET(i, params->q, q_bits ? q_bits : p_bits)
&& (q_bits == 0 || mpz_sizeinbase(params->q, 2) == q_bits)
&& mpz_cmp (params->q, params->p) < 0
&& GET(i, params->g, p_bits)
&& mpz_cmp (params->g, params->p) < 0
&& asn1_der_iterator_next(i) == ASN1_ITERATOR_END);
}
else
return 0;
} }
int int
dsa_public_key_from_der_iterator(struct dsa_public_key *pub, dsa_public_key_from_der_iterator(const struct dsa_params *params,
unsigned p_max_bits, mpz_t pub,
struct asn1_der_iterator *i) struct asn1_der_iterator *i)
{ {
/* DSAPublicKey ::= INTEGER /* DSAPublicKey ::= INTEGER
*/ */
return (i->type == ASN1_INTEGER return (i->type == ASN1_INTEGER
&& asn1_der_get_bignum(i, pub->y, p_max_bits) && asn1_der_get_bignum(i, pub,
&& mpz_sgn(pub->y) > 0); mpz_sizeinbase (params->p, 2))
&& mpz_sgn(pub) > 0
&& mpz_cmp(pub, params->p) < 0);
} }
int int
dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub, dsa_openssl_private_key_from_der_iterator(struct dsa_params *params,
struct dsa_private_key *priv, mpz_t pub,
mpz_t priv,
unsigned p_max_bits, unsigned p_max_bits,
struct asn1_der_iterator *i) struct asn1_der_iterator *i)
{ {
...@@ -87,23 +100,31 @@ dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub, ...@@ -87,23 +100,31 @@ dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub,
*/ */
uint32_t version; uint32_t version;
return (i->type == ASN1_SEQUENCE if (i->type == ASN1_SEQUENCE
&& asn1_der_decode_constructed_last(i) == ASN1_ITERATOR_PRIMITIVE && asn1_der_decode_constructed_last(i) == ASN1_ITERATOR_PRIMITIVE
&& i->type == ASN1_INTEGER && i->type == ASN1_INTEGER
&& asn1_der_get_uint32(i, &version) && asn1_der_get_uint32(i, &version)
&& version == 0 && version == 0
&& GET(i, pub->p, p_max_bits) && GET(i, params->p, p_max_bits))
&& GET(i, pub->q, DSA_SHA1_Q_BITS) {
&& GET(i, pub->g, p_max_bits) unsigned p_bits = mpz_sizeinbase (params->p, 2);
&& GET(i, pub->y, p_max_bits) return (GET(i, params->q, DSA_SHA1_Q_BITS)
&& GET(i, priv->x, DSA_SHA1_Q_BITS) && GET(i, params->g, p_bits)
&& asn1_der_iterator_next(i) == ASN1_ITERATOR_END); && mpz_cmp (params->g, params->p) < 0
&& GET(i, pub, p_bits)
&& mpz_cmp (pub, params->p) < 0
&& GET(i, priv, DSA_SHA1_Q_BITS)
&& asn1_der_iterator_next(i) == ASN1_ITERATOR_END);
}
else
return 0;
} }
int int
dsa_openssl_private_key_from_der(struct dsa_public_key *pub, dsa_openssl_private_key_from_der(struct dsa_params *params,
struct dsa_private_key *priv, mpz_t pub,
mpz_t priv,
unsigned p_max_bits, unsigned p_max_bits,
size_t length, const uint8_t *data) size_t length, const uint8_t *data)
{ {
...@@ -113,5 +134,6 @@ dsa_openssl_private_key_from_der(struct dsa_public_key *pub, ...@@ -113,5 +134,6 @@ dsa_openssl_private_key_from_der(struct dsa_public_key *pub,
res = asn1_der_iterator_first(&i, length, data); res = asn1_der_iterator_first(&i, length, data);
return (res == ASN1_ITERATOR_CONSTRUCTED return (res == ASN1_ITERATOR_CONSTRUCTED
&& dsa_openssl_private_key_from_der_iterator(pub, priv, p_max_bits, &i)); && dsa_openssl_private_key_from_der_iterator(params, pub, priv,
p_max_bits, &i));
} }
...@@ -293,23 +293,26 @@ dsa_sha256_keypair_from_sexp(struct dsa_params *params, ...@@ -293,23 +293,26 @@ dsa_sha256_keypair_from_sexp(struct dsa_params *params,
struct asn1_der_iterator; struct asn1_der_iterator;
int int
dsa_params_from_der_iterator(struct dsa_public_key *pub, dsa_params_from_der_iterator(struct dsa_params *params,
unsigned p_max_bits, unsigned max_bits, unsigned q_bits,
struct asn1_der_iterator *i); struct asn1_der_iterator *i);
int int
dsa_public_key_from_der_iterator(struct dsa_public_key *pub, dsa_public_key_from_der_iterator(const struct dsa_params *params,
unsigned p_max_bits, mpz_t pub,
struct asn1_der_iterator *i); struct asn1_der_iterator *i);
int int
dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub, dsa_openssl_private_key_from_der_iterator(struct dsa_params *params,
struct dsa_private_key *priv, mpz_t pub,
mpz_t priv,
unsigned p_max_bits, unsigned p_max_bits,
struct asn1_der_iterator *i); struct asn1_der_iterator *i);
int int
dsa_openssl_private_key_from_der(struct dsa_public_key *pub, dsa_openssl_private_key_from_der(struct dsa_params *params,
struct dsa_private_key *priv, mpz_t pub,
mpz_t priv,
unsigned p_max_bits, unsigned p_max_bits,
size_t length, const uint8_t *data); size_t length, const uint8_t *data);
......
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
/* nettle, low-level cryptographics library /* nettle, low-level cryptographics library
* *
* Copyright (C) 2005, 2009 Niels Möller, Magnus Holmgren * Copyright (C) 2005, 2009 Niels Möller, Magnus Holmgren
* Copyright (C) 2014 Niels Möller
* *
* The nettle library is free software; you can redistribute it and/or modify * The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by * it under the terms of the GNU Lesser General Public License as published by
...@@ -311,29 +312,30 @@ convert_rsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8 ...@@ -311,29 +312,30 @@ convert_rsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8
static int static int
convert_dsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data) convert_dsa_private_key(struct nettle_buffer *buffer, size_t length, const uint8_t *data)
{ {
struct dsa_public_key pub; struct dsa_params params;
struct dsa_private_key priv; mpz_t pub;
mpz_t priv;
int res; int res;
dsa_public_key_init(&pub);
dsa_private_key_init(&priv);
if (dsa_openssl_private_key_from_der(&pub, &priv, 0, dsa_params_init (&params);
mpz_init (pub);
mpz_init (priv);
if (dsa_openssl_private_key_from_der(&params, pub, priv, 0,
length, data)) length, data))
{ {
/* Reuses the buffer */ /* Reuses the buffer */
nettle_buffer_reset(buffer); nettle_buffer_reset(buffer);
res = dsa_keypair_to_sexp(buffer, NULL, res = dsa_keypair_to_sexp(buffer, NULL, &params, pub, priv);
(const struct dsa_params *) &pub,
pub.y, priv.x);
} }
else else
{ {
werror("Invalid OpenSSL private key.\n"); werror("Invalid OpenSSL private key.\n");
res = 0; res = 0;
} }
dsa_public_key_clear(&pub); dsa_params_clear (&params);
dsa_private_key_clear(&priv); mpz_clear (pub);
mpz_clear (priv);
return res; return res;
} }
...@@ -407,19 +409,21 @@ convert_public_key(struct nettle_buffer *buffer, size_t length, const uint8_t *d ...@@ -407,19 +409,21 @@ convert_public_key(struct nettle_buffer *buffer, size_t length, const uint8_t *d
if (asn1_der_iterator_next(&j) == ASN1_ITERATOR_CONSTRUCTED if (asn1_der_iterator_next(&j) == ASN1_ITERATOR_CONSTRUCTED
&& asn1_der_decode_constructed_last(&j) == ASN1_ITERATOR_PRIMITIVE) && asn1_der_decode_constructed_last(&j) == ASN1_ITERATOR_PRIMITIVE)
{ {
struct dsa_public_key pub; struct dsa_params params;
mpz_t pub;
dsa_public_key_init(&pub); dsa_params_init (&params);
mpz_init (pub);
if (dsa_params_from_der_iterator(&pub, 0, &i) if (dsa_params_from_der_iterator(&params, 0, 0, &i)
&& dsa_public_key_from_der_iterator(&pub, 0, &j)) && dsa_public_key_from_der_iterator(&params, pub, &j))
{ {
nettle_buffer_reset(buffer); nettle_buffer_reset(buffer);
res = dsa_keypair_to_sexp(buffer, NULL, res = dsa_keypair_to_sexp(buffer, NULL,
(const struct dsa_params *) &pub, &params, pub, NULL) > 0;
pub.y, NULL) > 0;
} }
dsa_public_key_clear(&pub); dsa_params_clear(&params);
mpz_clear(pub);
} }
if (!res) if (!res)
werror("SubjectPublicKeyInfo: Invalid DSA key.\n"); werror("SubjectPublicKeyInfo: Invalid DSA key.\n");
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment