openssldsa_link.c 14.8 KB
Newer Older
1
/*
Automatic Updater's avatar
Automatic Updater committed
2
 * Portions Copyright (C) 2004-2009, 2011  Internet Systems Consortium, Inc. ("ISC")
Mark Andrews's avatar
Mark Andrews committed
3
 * Portions Copyright (C) 1999-2002  Internet Software Consortium.
Automatic Updater's avatar
Automatic Updater committed
4 5 6 7 8 9 10 11 12 13 14 15 16
 *
 * Permission to use, copy, modify, and/or distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE
 * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
17 18
 * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
 *
Automatic Updater's avatar
Automatic Updater committed
19
 * Permission to use, copy, modify, and/or distribute this software for any
20 21 22
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
Mark Andrews's avatar
Mark Andrews committed
23 24 25 26 27 28 29
 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE
 * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
30 31
 */

Mark Andrews's avatar
Mark Andrews committed
32
/* $Id$ */
33

34
#ifdef OPENSSL
Francis Dupont's avatar
Francis Dupont committed
35 36 37
#ifndef USE_EVP
#define USE_EVP 1
#endif
38 39 40 41 42 43 44 45 46 47 48 49 50

#include <config.h>

#include <string.h>

#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/sha1.h>
#include <isc/util.h>

#include <dst/result.h>

#include "dst_internal.h"
51
#include "dst_openssl.h"
52 53 54 55 56 57 58 59
#include "dst_parse.h"

#include <openssl/dsa.h>

static isc_result_t openssldsa_todns(const dst_key_t *key, isc_buffer_t *data);

static isc_result_t
openssldsa_createctx(dst_key_t *key, dst_context_t *dctx) {
Francis Dupont's avatar
Francis Dupont committed
60 61
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx;
Automatic Updater's avatar
Automatic Updater committed
62

Francis Dupont's avatar
Francis Dupont committed
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77
	UNUSED(key);

	evp_md_ctx = EVP_MD_CTX_create();
	if (evp_md_ctx == NULL)
		return (ISC_R_NOMEMORY);

	if (!EVP_DigestInit_ex(evp_md_ctx, EVP_dss1(), NULL)) {
		EVP_MD_CTX_destroy(evp_md_ctx);
			return (ISC_R_FAILURE);
	}

	dctx->ctxdata.evp_md_ctx = evp_md_ctx;

	return (ISC_R_SUCCESS);
#else
78 79 80 81 82 83
	isc_sha1_t *sha1ctx;

	UNUSED(key);

	sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
	isc_sha1_init(sha1ctx);
84
	dctx->ctxdata.sha1ctx = sha1ctx;
85
	return (ISC_R_SUCCESS);
Francis Dupont's avatar
Francis Dupont committed
86
#endif
87 88 89 90
}

static void
openssldsa_destroyctx(dst_context_t *dctx) {
Francis Dupont's avatar
Francis Dupont committed
91 92 93 94 95 96 97 98
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;

	if (evp_md_ctx != NULL) {
		EVP_MD_CTX_destroy(evp_md_ctx);
		dctx->ctxdata.evp_md_ctx = NULL;
	}
#else
99
	isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
100 101 102 103

	if (sha1ctx != NULL) {
		isc_sha1_invalidate(sha1ctx);
		isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t));
104
		dctx->ctxdata.sha1ctx = NULL;
105
	}
Francis Dupont's avatar
Francis Dupont committed
106
#endif
107 108 109 110
}

static isc_result_t
openssldsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
Francis Dupont's avatar
Francis Dupont committed
111 112 113 114 115 116 117
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;

	if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) {
		return (ISC_R_FAILURE);
	}
#else
118
	isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
119 120

	isc_sha1_update(sha1ctx, data->base, data->length);
Francis Dupont's avatar
Francis Dupont committed
121
#endif
122 123 124 125 126 127 128 129 130 131 132 133 134 135 136
	return (ISC_R_SUCCESS);
}

static int
BN_bn2bin_fixed(BIGNUM *bn, unsigned char *buf, int size) {
	int bytes = size - BN_num_bytes(bn);
	while (bytes-- > 0)
		*buf++ = 0;
	BN_bn2bin(bn, buf);
	return (size);
}

static isc_result_t
openssldsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
	dst_key_t *key = dctx->key;
137
	DSA *dsa = key->keydata.dsa;
138
	isc_region_t r;
Francis Dupont's avatar
Francis Dupont committed
139 140
	DSA_SIG *dsasig;
#if USE_EVP
Automatic Updater's avatar
Automatic Updater committed
141 142
	EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
	EVP_PKEY *pkey;
Francis Dupont's avatar
Francis Dupont committed
143 144 145 146 147
	unsigned char *sigbuf;
	const unsigned char *sb;
	unsigned int siglen;
#else
	isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
148
	unsigned char digest[ISC_SHA1_DIGESTLENGTH];
Francis Dupont's avatar
Francis Dupont committed
149
#endif
150 151 152 153 154

	isc_buffer_availableregion(sig, &r);
	if (r.length < ISC_SHA1_DIGESTLENGTH * 2 + 1)
		return (ISC_R_NOSPACE);

Francis Dupont's avatar
Francis Dupont committed
155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195
#if USE_EVP
	pkey = EVP_PKEY_new();
	if (pkey == NULL)
		return (ISC_R_NOMEMORY);
	if (!EVP_PKEY_set1_DSA(pkey, dsa)) {
		EVP_PKEY_free(pkey);
		return (ISC_R_FAILURE);
	}
	sigbuf = malloc(EVP_PKEY_size(pkey));
	if (sigbuf == NULL) {
		EVP_PKEY_free(pkey);
		return (ISC_R_NOMEMORY);
	}
	if (!EVP_SignFinal(evp_md_ctx, sigbuf, &siglen, pkey)) {
		EVP_PKEY_free(pkey);
		free(sigbuf);
		return (ISC_R_FAILURE);
	}
	INSIST(EVP_PKEY_size(pkey) >= (int) siglen);
	EVP_PKEY_free(pkey);
	/* Convert from Dss-Sig-Value (RFC2459). */
	dsasig = DSA_SIG_new();
	if (dsasig == NULL) {
		free(sigbuf);
		return (ISC_R_NOMEMORY);
	}
	sb = sigbuf;
	if (d2i_DSA_SIG(&dsasig, &sb, (long) siglen) == NULL) {
		free(sigbuf);
		return (ISC_R_FAILURE);
	}
	free(sigbuf);
#elif 0
	/* Only use EVP for the Digest */
	if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &siglen)) {
		return (ISC_R_FAILURE);
	}
	dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa);
	if (dsasig == NULL)
		return (dst__openssl_toresult(DST_R_SIGNFAILURE));
#else
196 197 198 199
	isc_sha1_final(sha1ctx, digest);

	dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa);
	if (dsasig == NULL)
200
		return (dst__openssl_toresult(DST_R_SIGNFAILURE));
Francis Dupont's avatar
Francis Dupont committed
201
#endif
202 203 204 205 206 207 208 209 210 211 212 213 214 215
	*r.base++ = (key->key_size - 512)/64;
	BN_bn2bin_fixed(dsasig->r, r.base, ISC_SHA1_DIGESTLENGTH);
	r.base += ISC_SHA1_DIGESTLENGTH;
	BN_bn2bin_fixed(dsasig->s, r.base, ISC_SHA1_DIGESTLENGTH);
	r.base += ISC_SHA1_DIGESTLENGTH;
	DSA_SIG_free(dsasig);
	isc_buffer_add(sig, ISC_SHA1_DIGESTLENGTH * 2 + 1);

	return (ISC_R_SUCCESS);
}

static isc_result_t
openssldsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
	dst_key_t *key = dctx->key;
216
	DSA *dsa = key->keydata.dsa;
217 218
	int status = 0;
	unsigned char *cp = sig->base;
Francis Dupont's avatar
Francis Dupont committed
219 220 221 222 223 224 225 226 227 228 229 230
	DSA_SIG *dsasig;
#if USE_EVP
	EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
#if 0
	EVP_PKEY *pkey;
	unsigned char *sigbuf;
#endif
	unsigned int siglen;
#else
	isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
#endif
	unsigned char digest[ISC_SHA1_DIGESTLENGTH];
231

Francis Dupont's avatar
Francis Dupont committed
232 233 234 235 236 237 238 239 240

#if USE_EVP
#if 1
	/* Only use EVP for the digest */
	if (!EVP_DigestFinal_ex(evp_md_ctx, digest, &siglen)) {
		return (ISC_R_FAILURE);
	}
#endif
#else
241
	isc_sha1_final(sha1ctx, digest);
Francis Dupont's avatar
Francis Dupont committed
242
#endif
243

Francis Dupont's avatar
Francis Dupont committed
244
	if (sig->length != 2 * ISC_SHA1_DIGESTLENGTH + 1) {
245
		return (DST_R_VERIFYFAILURE);
Francis Dupont's avatar
Francis Dupont committed
246
	}
247

248
	cp++;	/*%< Skip T */
249
	dsasig = DSA_SIG_new();
Francis Dupont's avatar
Francis Dupont committed
250 251
	if (dsasig == NULL)
		return (ISC_R_NOMEMORY);
252 253 254 255
	dsasig->r = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL);
	cp += ISC_SHA1_DIGESTLENGTH;
	dsasig->s = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL);

Francis Dupont's avatar
Francis Dupont committed
256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275
#if 0
	pkey = EVP_PKEY_new();
	if (pkey == NULL)
		return (ISC_R_NOMEMORY);
	if (!EVP_PKEY_set1_DSA(pkey, dsa)) {
		EVP_PKEY_free(pkey);
		return (ISC_R_FAILURE);
	}
	/* Convert to Dss-Sig-Value (RFC2459). */
	sigbuf = malloc(EVP_PKEY_size(pkey) + 50);
	if (sigbuf == NULL) {
		EVP_PKEY_free(pkey);
		return (ISC_R_NOMEMORY);
	}
	siglen = (unsigned) i2d_DSA_SIG(dsasig, &sigbuf);
	INSIST(EVP_PKEY_size(pkey) >= (int) siglen);
	status = EVP_VerifyFinal(evp_md_ctx, sigbuf, siglen, pkey);
	EVP_PKEY_free(pkey);
	free(sigbuf);
#else
276
	status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa);
Francis Dupont's avatar
Francis Dupont committed
277
#endif
278
	DSA_SIG_free(dsasig);
Francis Dupont's avatar
Francis Dupont committed
279
	if (status != 1)
280
		return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
281 282 283 284 285 286 287 288 289

	return (ISC_R_SUCCESS);
}

static isc_boolean_t
openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
	int status;
	DSA *dsa1, *dsa2;

290 291
	dsa1 = key1->keydata.dsa;
	dsa2 = key2->keydata.dsa;
292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314

	if (dsa1 == NULL && dsa2 == NULL)
		return (ISC_TRUE);
	else if (dsa1 == NULL || dsa2 == NULL)
		return (ISC_FALSE);

	status = BN_cmp(dsa1->p, dsa2->p) ||
		 BN_cmp(dsa1->q, dsa2->q) ||
		 BN_cmp(dsa1->g, dsa2->g) ||
		 BN_cmp(dsa1->pub_key, dsa2->pub_key);

	if (status != 0)
		return (ISC_FALSE);

	if (dsa1->priv_key != NULL || dsa2->priv_key != NULL) {
		if (dsa1->priv_key == NULL || dsa2->priv_key == NULL)
			return (ISC_FALSE);
		if (BN_cmp(dsa1->priv_key, dsa2->priv_key))
			return (ISC_FALSE);
	}
	return (ISC_TRUE);
}

315
#if OPENSSL_VERSION_NUMBER > 0x00908000L
316 317 318
static int
progress_cb(int p, int n, BN_GENCB *cb)
{
319 320 321 322
	union {
		void *dptr;
		void (*fptr)(int);
	} u;
323 324

	UNUSED(n);
325 326 327 328

	u.dptr = cb->arg;
	if (u.fptr != NULL)
		u.fptr(p);
329 330
	return (1);
}
331
#endif
332 333 334

static isc_result_t
openssldsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
335 336 337
	DSA *dsa;
	unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];
	isc_result_t result;
338 339
#if OPENSSL_VERSION_NUMBER > 0x00908000L
	BN_GENCB cb;
340 341 342 343
	union {
		void *dptr;
		void (*fptr)(int);
	} u;
344

345
#else
346

347 348
	UNUSED(callback);
#endif
349 350 351 352 353 354 355
	UNUSED(unused);

	result = dst__entropy_getdata(rand_array, sizeof(rand_array),
				      ISC_FALSE);
	if (result != ISC_R_SUCCESS)
		return (result);

356
#if OPENSSL_VERSION_NUMBER > 0x00908000L
Automatic Updater's avatar
Automatic Updater committed
357
	dsa = DSA_new();
358 359 360
	if (dsa == NULL)
		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));

361 362 363
	if (callback == NULL) {
		BN_GENCB_set_old(&cb, NULL, NULL);
	} else {
364 365
		u.fptr = callback;
		BN_GENCB_set(&cb, &progress_cb, u.dptr);
366
	}
Automatic Updater's avatar
Automatic Updater committed
367

368 369 370 371
	if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array,
					ISC_SHA1_DIGESTLENGTH,  NULL, NULL,
					&cb))
	{
372 373 374 375
		DSA_free(dsa);
		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
	}
#else
376 377 378 379
	dsa = DSA_generate_parameters(key->key_size, rand_array,
				      ISC_SHA1_DIGESTLENGTH, NULL, NULL,
				      NULL, NULL);
	if (dsa == NULL)
380
		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
381
#endif
382 383 384

	if (DSA_generate_key(dsa) == 0) {
		DSA_free(dsa);
385
		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
386 387 388
	}
	dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;

389
	key->keydata.dsa = dsa;
390 391 392 393 394 395

	return (ISC_R_SUCCESS);
}

static isc_boolean_t
openssldsa_isprivate(const dst_key_t *key) {
396
	DSA *dsa = key->keydata.dsa;
Brian Wellington's avatar
Brian Wellington committed
397
	return (ISC_TF(dsa != NULL && dsa->priv_key != NULL));
398 399 400 401
}

static void
openssldsa_destroy(dst_key_t *key) {
402
	DSA *dsa = key->keydata.dsa;
403
	DSA_free(dsa);
404
	key->keydata.dsa = NULL;
405 406 407 408 409 410 411 412 413 414
}


static isc_result_t
openssldsa_todns(const dst_key_t *key, isc_buffer_t *data) {
	DSA *dsa;
	isc_region_t r;
	int dnslen;
	unsigned int t, p_bytes;

415
	REQUIRE(key->keydata.dsa != NULL);
416

417
	dsa = key->keydata.dsa;
418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490

	isc_buffer_availableregion(data, &r);

	t = (BN_num_bytes(dsa->p) - 64) / 8;
	if (t > 8)
		return (DST_R_INVALIDPUBLICKEY);
	p_bytes = 64 + 8 * t;

	dnslen = 1 + (key->key_size * 3)/8 + ISC_SHA1_DIGESTLENGTH;
	if (r.length < (unsigned int) dnslen)
		return (ISC_R_NOSPACE);

	*r.base++ = t;
	BN_bn2bin_fixed(dsa->q, r.base, ISC_SHA1_DIGESTLENGTH);
	r.base += ISC_SHA1_DIGESTLENGTH;
	BN_bn2bin_fixed(dsa->p, r.base, key->key_size/8);
	r.base += p_bytes;
	BN_bn2bin_fixed(dsa->g, r.base, key->key_size/8);
	r.base += p_bytes;
	BN_bn2bin_fixed(dsa->pub_key, r.base, key->key_size/8);
	r.base += p_bytes;

	isc_buffer_add(data, dnslen);

	return (ISC_R_SUCCESS);
}

static isc_result_t
openssldsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
	DSA *dsa;
	isc_region_t r;
	unsigned int t, p_bytes;
	isc_mem_t *mctx = key->mctx;

	UNUSED(mctx);

	isc_buffer_remainingregion(data, &r);
	if (r.length == 0)
		return (ISC_R_SUCCESS);

	dsa = DSA_new();
	if (dsa == NULL)
		return (ISC_R_NOMEMORY);
	dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;

	t = (unsigned int) *r.base++;
	if (t > 8) {
		DSA_free(dsa);
		return (DST_R_INVALIDPUBLICKEY);
	}
	p_bytes = 64 + 8 * t;

	if (r.length < 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes) {
		DSA_free(dsa);
		return (DST_R_INVALIDPUBLICKEY);
	}

	dsa->q = BN_bin2bn(r.base, ISC_SHA1_DIGESTLENGTH, NULL);
	r.base += ISC_SHA1_DIGESTLENGTH;

	dsa->p = BN_bin2bn(r.base, p_bytes, NULL);
	r.base += p_bytes;

	dsa->g = BN_bin2bn(r.base, p_bytes, NULL);
	r.base += p_bytes;

	dsa->pub_key = BN_bin2bn(r.base, p_bytes, NULL);
	r.base += p_bytes;

	key->key_size = p_bytes * 8;

	isc_buffer_forward(data, 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes);

491
	key->keydata.dsa = dsa;
492 493 494 495 496 497 498 499 500 501 502 503

	return (ISC_R_SUCCESS);
}


static isc_result_t
openssldsa_tofile(const dst_key_t *key, const char *directory) {
	int cnt = 0;
	DSA *dsa;
	dst_private_t priv;
	unsigned char bufs[5][128];

504
	if (key->keydata.dsa == NULL)
505 506
		return (DST_R_NULLKEY);

507
	dsa = key->keydata.dsa;
508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543

	priv.elements[cnt].tag = TAG_DSA_PRIME;
	priv.elements[cnt].length = BN_num_bytes(dsa->p);
	BN_bn2bin(dsa->p, bufs[cnt]);
	priv.elements[cnt].data = bufs[cnt];
	cnt++;

	priv.elements[cnt].tag = TAG_DSA_SUBPRIME;
	priv.elements[cnt].length = BN_num_bytes(dsa->q);
	BN_bn2bin(dsa->q, bufs[cnt]);
	priv.elements[cnt].data = bufs[cnt];
	cnt++;

	priv.elements[cnt].tag = TAG_DSA_BASE;
	priv.elements[cnt].length = BN_num_bytes(dsa->g);
	BN_bn2bin(dsa->g, bufs[cnt]);
	priv.elements[cnt].data = bufs[cnt];
	cnt++;

	priv.elements[cnt].tag = TAG_DSA_PRIVATE;
	priv.elements[cnt].length = BN_num_bytes(dsa->priv_key);
	BN_bn2bin(dsa->priv_key, bufs[cnt]);
	priv.elements[cnt].data = bufs[cnt];
	cnt++;

	priv.elements[cnt].tag = TAG_DSA_PUBLIC;
	priv.elements[cnt].length = BN_num_bytes(dsa->pub_key);
	BN_bn2bin(dsa->pub_key, bufs[cnt]);
	priv.elements[cnt].data = bufs[cnt];
	cnt++;

	priv.nelements = cnt;
	return (dst__privstruct_writefile(key, &priv, directory));
}

static isc_result_t
544
openssldsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
545 546 547 548 549 550 551
	dst_private_t priv;
	isc_result_t ret;
	int i;
	DSA *dsa = NULL;
	isc_mem_t *mctx = key->mctx;
#define DST_RET(a) {ret = a; goto err;}

552
	UNUSED(pub);
553
	/* read private key file */
554
	ret = dst__privstruct_parse(key, DST_ALG_DSA, lexer, mctx, &priv);
555 556 557 558 559 560 561
	if (ret != ISC_R_SUCCESS)
		return (ret);

	dsa = DSA_new();
	if (dsa == NULL)
		DST_RET(ISC_R_NOMEMORY);
	dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;
562
	key->keydata.dsa = dsa;
563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586

	for (i=0; i < priv.nelements; i++) {
		BIGNUM *bn;
		bn = BN_bin2bn(priv.elements[i].data,
			       priv.elements[i].length, NULL);
		if (bn == NULL)
			DST_RET(ISC_R_NOMEMORY);

		switch (priv.elements[i].tag) {
			case TAG_DSA_PRIME:
				dsa->p = bn;
				break;
			case TAG_DSA_SUBPRIME:
				dsa->q = bn;
				break;
			case TAG_DSA_BASE:
				dsa->g = bn;
				break;
			case TAG_DSA_PRIVATE:
				dsa->priv_key = bn;
				break;
			case TAG_DSA_PUBLIC:
				dsa->pub_key = bn;
				break;
Brian Wellington's avatar
Brian Wellington committed
587
		}
588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607
	}
	dst__privstruct_free(&priv, mctx);

	key->key_size = BN_num_bits(dsa->p);

	return (ISC_R_SUCCESS);

 err:
	openssldsa_destroy(key);
	dst__privstruct_free(&priv, mctx);
	memset(&priv, 0, sizeof(priv));
	return (ret);
}

static dst_func_t openssldsa_functions = {
	openssldsa_createctx,
	openssldsa_destroyctx,
	openssldsa_adddata,
	openssldsa_sign,
	openssldsa_verify,
608
	NULL, /*%< computesecret */
609
	openssldsa_compare,
610
	NULL, /*%< paramcompare */
611 612 613 614 615 616
	openssldsa_generate,
	openssldsa_isprivate,
	openssldsa_destroy,
	openssldsa_todns,
	openssldsa_fromdns,
	openssldsa_tofile,
617
	openssldsa_parse,
618
	NULL, /*%< cleanup */
Francis Dupont's avatar
Francis Dupont committed
619
	NULL, /*%< fromlabel */
620 621
	NULL, /*%< dump */
	NULL, /*%< restore */
622 623 624 625
};

isc_result_t
dst__openssldsa_init(dst_func_t **funcp) {
626 627 628
	REQUIRE(funcp != NULL);
	if (*funcp == NULL)
		*funcp = &openssldsa_functions;
629 630 631
	return (ISC_R_SUCCESS);
}

632 633 634 635
#else /* OPENSSL */

#include <isc/util.h>

Mark Andrews's avatar
Mark Andrews committed
636
EMPTY_TRANSLATION_UNIT
637

638
#endif /* OPENSSL */
639
/*! \file */