提交 ceb46789 编写于 作者: D Dr. Stephen Henson

Extend DH ASN1 method to support public key encode/decode and parameter

utilities.
上级 0cb8499b
......@@ -216,13 +216,18 @@ void ERR_load_DH_strings(void);
#define DH_F_DH_BUILTIN_GENPARAMS 106
#define DH_F_DH_NEW_METHOD 105
#define DH_F_DH_PARAM_DECODE 107
#define DH_F_DH_PUB_DECODE 108
#define DH_F_DH_PUB_ENCODE 109
#define DH_F_GENERATE_KEY 103
#define DH_F_GENERATE_PARAMETERS 104
/* Reason codes. */
#define DH_R_BAD_GENERATOR 101
#define DH_R_BN_DECODE_ERROR 103
#define DH_R_DECODE_ERROR 104
#define DH_R_INVALID_PUBKEY 102
#define DH_R_NO_PRIVATE_VALUE 100
#define DH_R_PARAMETER_ENCODING_ERROR 105
#ifdef __cplusplus
}
......
......@@ -67,6 +67,122 @@ static void int_dh_free(EVP_PKEY *pkey)
DH_free(pkey->pkey.dh);
}
static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
{
const unsigned char *p, *pm;
int pklen, pmlen;
int ptype;
void *pval;
ASN1_STRING *pstr;
X509_ALGOR *palg;
ASN1_INTEGER *public_key = NULL;
DH *dh = NULL;
if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
return 0;
X509_ALGOR_get0(NULL, &ptype, &pval, palg);
if (ptype != V_ASN1_SEQUENCE)
{
DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
goto err;
}
pstr = pval;
pm = pstr->data;
pmlen = pstr->length;
if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
{
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
goto err;
}
if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
{
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
goto err;
}
/* We have parameters now set public key */
if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
{
DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
goto err;
}
ASN1_INTEGER_free(public_key);
EVP_PKEY_assign_DH(pkey, dh);
return 1;
err:
if (pubkey)
ASN1_INTEGER_free(public_key);
if (dh)
DH_free(dh);
return 0;
}
static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
{
DH *dh;
void *pval = NULL;
int ptype;
unsigned char *penc = NULL;
int penclen;
ASN1_STRING *str;
ASN1_INTEGER *pub_key = NULL;
dh=pkey->pkey.dh;
str = ASN1_STRING_new();
str->length = i2d_DHparams(dh, &str->data);
if (str->length <= 0)
{
DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
pval = str;
ptype = V_ASN1_SEQUENCE;
pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
if (!pub_key)
goto err;
penclen = i2d_ASN1_INTEGER(pub_key, &penc);
ASN1_INTEGER_free(pub_key);
if (penclen <= 0)
{
DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
ptype, pval, penc, penclen))
return 1;
err:
if (penc)
OPENSSL_free(penc);
if (pval)
ASN1_STRING_free(pval);
return 0;
}
static void update_buflen(const BIGNUM *b, size_t *pbuflen)
{
int i;
if (!b)
return;
if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
*pbuflen = i;
}
static int dh_param_decode(EVP_PKEY *pkey,
const unsigned char **pder, int derlen)
{
......@@ -85,24 +201,47 @@ static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
return i2d_DHparams(pkey->pkey.dh, pder);
}
static int do_dhparam_print(BIO *bp, const DH *x, int indent,
ASN1_PCTX *ctx)
static int do_dh_print(BIO *bp, const DH *x, int indent,
ASN1_PCTX *ctx, int ptype)
{
unsigned char *m=NULL;
int reason=ERR_R_BUF_LIB,ret=0;
size_t buf_len=0, i;
size_t buf_len=0;
const char *ktype = NULL;
BIGNUM *priv_key, *pub_key;
if (x->p)
buf_len = (size_t)BN_num_bytes(x->p);
if (ptype == 2)
priv_key = x->priv_key;
else
priv_key = NULL;
if (ptype > 0)
pub_key = x->pub_key;
else
pub_key = NULL;
update_buflen(x->p, &buf_len);
if (buf_len == 0)
{
reason = ERR_R_PASSED_NULL_PARAMETER;
goto err;
}
if (x->g)
if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
buf_len = i;
m=(unsigned char *)OPENSSL_malloc(buf_len+10);
update_buflen(x->g, &buf_len);
update_buflen(pub_key, &buf_len);
update_buflen(priv_key, &buf_len);
if (ptype == 2)
ktype = "PKCS#3 DH Private-Key";
else if (ptype == 1)
ktype = "PKCS#3 DH Public-Key";
else
ktype = "PKCS#3 DH Parameters";
m= OPENSSL_malloc(buf_len+10);
if (m == NULL)
{
reason=ERR_R_MALLOC_FAILURE;
......@@ -110,10 +249,13 @@ static int do_dhparam_print(BIO *bp, const DH *x, int indent,
}
BIO_indent(bp, indent, 128);
if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
BN_num_bits(x->p)) <= 0)
if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
goto err;
indent += 4;
if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;
if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
if (x->length != 0)
......@@ -122,6 +264,8 @@ static int do_dhparam_print(BIO *bp, const DH *x, int indent,
if (BIO_printf(bp,"recommended-private-length: %d bits\n",
(int)x->length) <= 0) goto err;
}
ret=1;
if (0)
{
......@@ -132,15 +276,75 @@ err:
return(ret);
}
static int int_dh_size(const EVP_PKEY *pkey)
{
return(DH_size(pkey->pkey.dh));
}
static int dh_bits(const EVP_PKEY *pkey)
{
return BN_num_bits(pkey->pkey.dh->p);
}
static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
BIGNUM *a;
if ((a=BN_dup(from->pkey.dh->p)) == NULL)
return 0;
if (to->pkey.dsa->p != NULL)
BN_free(to->pkey.dh->p);
to->pkey.dsa->p=a;
if ((a=BN_dup(from->pkey.dh->g)) == NULL)
return 0;
if (to->pkey.dsa->g != NULL)
BN_free(to->pkey.dh->g);
to->pkey.dh->g=a;
return 1;
}
static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
if ( BN_cmp(a->pkey.dh->p,b->pkey.dsa->p) ||
BN_cmp(a->pkey.dh->g,b->pkey.dsa->g))
return 0;
else
return 1;
}
static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
{
if (dh_cmp_parameters(a, b) == 0)
return 0;
if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
return 0;
else
return 1;
}
static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
return do_dhparam_print(bp, pkey->pkey.dh, indent, ctx);
return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
}
static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
}
static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
}
int DHparams_print(BIO *bp, const DH *x)
{
return do_dhparam_print(bp, x, 4, NULL);
return do_dh_print(bp, x, 4, NULL, 0);
}
const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
......@@ -152,21 +356,23 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
"DH",
"OpenSSL PKCS#3 DH method",
0,
0,
0,
0,
dh_pub_decode,
dh_pub_encode,
dh_pub_cmp,
dh_public_print,
0,
0,
0,
dh_private_print,
0,
0,
int_dh_size,
dh_bits,
dh_param_decode,
dh_param_encode,
0,0,0,
0,
dh_copy_parameters,
dh_cmp_parameters,
dh_param_print,
int_dh_free,
......
......@@ -76,6 +76,8 @@ static ERR_STRING_DATA DH_str_functs[]=
{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
{ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"},
{ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"},
{ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
{ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
{0,NULL}
......@@ -84,8 +86,11 @@ static ERR_STRING_DATA DH_str_functs[]=
static ERR_STRING_DATA DH_str_reasons[]=
{
{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
{ERR_REASON(DH_R_BN_DECODE_ERROR) ,"bn decode error"},
{ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
{0,NULL}
};
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册