8 jaren geleden · d64880eeb1
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@@ -450,6 +450,7 @@ int dsa_set_pqg(const unsigned char *p,  unsigned long plen,
 
				                 const unsigned char *q,  unsigned long qlen,
			
 
				                 const unsigned char *g,  unsigned long glen,
			
 
				                 dsa_key *key);
			
 
				+int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen, dsa_key *key);
			
 
				 int dsa_generate_pqg(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
			
 
				 
			
 
				 int dsa_set_key(const unsigned char *pub, unsigned long publen,
			
--- a/src/pk/dsa/dsa_set.c
+++ b/src/pk/dsa/dsa_set.c
@@ -60,6 +60,56 @@ LBL_ERR:
 
				    return err;
			
 
				 }
			
 
				 
			
 
				+/**
			
 
				+  Import DSA's p, q & g from dsaparam
			
 
				+
			
 
				+      dsaparam data: openssl dsaparam -outform DER -out dsaparam.der 2048
			
 
				+
			
 
				+  @param dsaparam    The DSA param DER encoded data
			
 
				+  @param dsaparamlen The length of dhparam data
			
 
				+  @param key         [out] the destination for the imported key
			
 
				+  @return CRYPT_OK if successful, upon error allocated memory is freed
			
 
				+*/
			
 
				+int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen,
			
 
				+                         dsa_key *key)
			
 
				+{
			
 
				+   int err;
			
 
				+
			
 
				+   LTC_ARGCHK(dsaparam    != NULL);
			
 
				+   LTC_ARGCHK(key         != NULL);
			
 
				+   LTC_ARGCHK(key->x      == NULL);
			
 
				+   LTC_ARGCHK(key->y      == NULL);
			
 
				+   LTC_ARGCHK(key->p      == NULL);
			
 
				+   LTC_ARGCHK(key->g      == NULL);
			
 
				+   LTC_ARGCHK(key->q      == NULL);
			
 
				+   LTC_ARGCHK(key->qord   == 0);
			
 
				+   LTC_ARGCHK(ltc_mp.name != NULL);
			
 
				+
			
 
				+   /* init key */
			
 
				+   err = mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
			
 
				+   if (err != CRYPT_OK) return err;
			
 
				+
			
 
				+   if ((err = der_decode_sequence_multi(dsaparam, dsaparamlen,
			
 
				+                                        LTC_ASN1_INTEGER, 1UL, key->p,
			
 
				+                                        LTC_ASN1_INTEGER, 1UL, key->q,
			
 
				+                                        LTC_ASN1_INTEGER, 1UL, key->g,
			
 
				+                                        LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
			
 
				+      goto LBL_ERR;
			
 
				+   }
			
 
				+
			
 
				+   key->qord = mp_unsigned_bin_size(key->q);
			
 
				+
			
 
				+   if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
			
 
				+      (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
			
 
				+      err = CRYPT_INVALID_PACKET;
			
 
				+      goto LBL_ERR;
			
 
				+   }
			
 
				+   return CRYPT_OK;
			
 
				+
			
 
				+LBL_ERR:
			
 
				+   dsa_free(key);
			
 
				+   return err;
			
 
				+}
			
 
				 
			
 
				 /**
			
 
				   Import DSA public or private key from raw numbers
			
--- a/tests/dsa_test.c
+++ b/tests/dsa_test.c
@@ -100,6 +100,35 @@ static const unsigned char openssl_pub_dsa[] = {
 
				   0xeb, 0x6d, 0x41, 0x27, 0xd7, 0x0d, 0x74, 0xaf, 0xa0, 0x35
			
 
				 };
			
 
				 
			
 
				+static unsigned char dsaparam_der[] = {
			
 
				+   0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81, 0x00, 0xc5, 0x0a, 0x37, 0x51,
			
 
				+   0x5c, 0xab, 0xd6, 0x18, 0xd5, 0xa2, 0x70, 0xbd, 0x4a, 0x6f, 0x6b, 0x4a,
			
 
				+   0xf9, 0xe1, 0x39, 0x95, 0x0f, 0x2b, 0x99, 0x38, 0x7d, 0x9a, 0x64, 0xd6,
			
 
				+   0x4c, 0xb5, 0x96, 0x7a, 0xdc, 0xed, 0xac, 0xa8, 0xac, 0xc6, 0x1b, 0x65,
			
 
				+   0x5a, 0xde, 0xdb, 0x00, 0x61, 0x25, 0x1a, 0x18, 0x2c, 0xee, 0xa1, 0x07,
			
 
				+   0x90, 0x62, 0x5e, 0x4d, 0x12, 0x31, 0x90, 0xc7, 0x03, 0x21, 0xfa, 0x09,
			
 
				+   0xe7, 0xb1, 0x73, 0xd7, 0x8e, 0xaf, 0xdb, 0xfd, 0xbf, 0xb3, 0xef, 0xad,
			
 
				+   0xd1, 0xa1, 0x2a, 0x03, 0x6d, 0xe7, 0x06, 0x92, 0x4a, 0x85, 0x2a, 0xff,
			
 
				+   0x7a, 0x01, 0x66, 0x53, 0x1f, 0xea, 0xc6, 0x67, 0x41, 0x84, 0x5a, 0xc0,
			
 
				+   0x6c, 0xed, 0x62, 0xf9, 0xc2, 0x62, 0x62, 0x05, 0xa4, 0xfa, 0x48, 0xa0,
			
 
				+   0x66, 0xec, 0x35, 0xc9, 0xa8, 0x11, 0xfe, 0xb9, 0x81, 0xab, 0xee, 0xbe,
			
 
				+   0x31, 0xb6, 0xbf, 0xcf, 0x02, 0x15, 0x00, 0xaa, 0x5b, 0xd7, 0xf4, 0xe5,
			
 
				+   0x06, 0x24, 0x13, 0xe5, 0x88, 0x35, 0xca, 0x00, 0xc7, 0xa6, 0x35, 0x71,
			
 
				+   0x61, 0x94, 0xc5, 0x02, 0x81, 0x80, 0x3b, 0x92, 0xe4, 0xff, 0x59, 0x29,
			
 
				+   0x15, 0x0b, 0x08, 0x99, 0x5a, 0x7b, 0xf2, 0xad, 0x14, 0x40, 0x55, 0x6f,
			
 
				+   0xa0, 0x47, 0xff, 0x90, 0x99, 0xb3, 0x44, 0xb3, 0xd4, 0xfc, 0x45, 0x15,
			
 
				+   0x05, 0xae, 0x67, 0x22, 0x43, 0x9c, 0xba, 0x37, 0x10, 0xa5, 0x89, 0x47,
			
 
				+   0x37, 0xec, 0xcc, 0xf5, 0xae, 0xad, 0xa8, 0xb4, 0x7a, 0x35, 0xcb, 0x9d,
			
 
				+   0x93, 0x5c, 0xed, 0xe6, 0xb0, 0x7e, 0x96, 0x94, 0xc4, 0xa6, 0x0c, 0x7d,
			
 
				+   0xd6, 0x70, 0x8a, 0x09, 0x4f, 0x81, 0x4a, 0x0e, 0xc2, 0x13, 0xfb, 0xeb,
			
 
				+   0x16, 0xbf, 0xea, 0xa4, 0xf4, 0x56, 0xff, 0x72, 0x30, 0x05, 0xde, 0x8a,
			
 
				+   0x44, 0x3f, 0xbe, 0xc6, 0x85, 0x26, 0x55, 0xd6, 0x2d, 0x1d, 0x1e, 0xdb,
			
 
				+   0x15, 0xda, 0xa4, 0x45, 0x83, 0x3c, 0x17, 0x97, 0x98, 0x0b, 0x8d, 0x87,
			
 
				+   0xf3, 0x49, 0x0d, 0x90, 0xbd, 0xa9, 0xab, 0x67, 0x6e, 0x87, 0x68, 0x72,
			
 
				+   0x23, 0xdc
			
 
				+ };
			
 
				+
			
 
				+
			
 
				 static int _dsa_compat_test(void)
			
 
				 {
			
 
				   dsa_key key = LTC_DSA_KEY_INITIALIZER;
			
@@ -107,6 +136,7 @@ static int _dsa_compat_test(void)
 
				   unsigned long x, len;
			
 
				   unsigned char key_parts[5][256];
			
 
				   unsigned long key_lens[5];
			
 
				+  int stat;
			
 
				 
			
 
				   DO(dsa_import(openssl_priv_dsa, sizeof(openssl_priv_dsa), &key));
			
 
				 
			
@@ -176,6 +206,43 @@ static int _dsa_compat_test(void)
 
				   }
			
 
				   dsa_free(&key);
			
 
				 
			
 
				+  /* try import dsaparam */
			
 
				+  DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
			
 
				+  DO(dsa_make_key_ex(&yarrow_prng, find_prng("yarrow"), &key));
			
 
				+  /* verify it */
			
 
				+  DO(dsa_verify_key(&key, &stat));
			
 
				+  if (stat == 0) {
			
 
				+     fprintf(stderr, "dsa_verify_key after dsa_set_pqg_dsaparam()");
			
 
				+     return CRYPT_FAIL_TESTVECTOR;
			
 
				+  }
			
 
				+  dsa_free(&key);
			
 
				+
			
 
				+  /* try import dsaparam - our public key */
			
 
				+  DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
			
 
				+  DO(dsa_set_key(key_parts[3], key_lens[3],
			
 
				+                 NULL, 0,
			
 
				+                 &key));
			
 
				+  len = sizeof(buf);
			
 
				+  DO(dsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
			
 
				+  if (compare_testvector(buf, len, openssl_pub_dsa, sizeof(openssl_pub_dsa),
			
 
				+                         "DSA public export failed from dsa_set_pqg_dsaparam()\n", 0)) {
			
 
				+     return CRYPT_FAIL_TESTVECTOR;
			
 
				+  }
			
 
				+  dsa_free(&key);
			
 
				+
			
 
				+  /* try import dsaparam - our private key */
			
 
				+  DO(dsa_set_pqg_dsaparam(dsaparam_der, sizeof(dsaparam_der), &key));
			
 
				+  DO(dsa_set_key(key_parts[3], key_lens[3],
			
 
				+                 key_parts[4], key_lens[4],
			
 
				+                 &key));
			
 
				+  len = sizeof(buf);
			
 
				+  DO(dsa_export(buf, &len, PK_PRIVATE | PK_STD, &key));
			
 
				+  if (compare_testvector(buf, len, openssl_priv_dsa, sizeof(openssl_priv_dsa),
			
 
				+                         "DSA private export failed from dsa_set_pqg_dsaparam()\n", 0)) {
			
 
				+     return CRYPT_FAIL_TESTVECTOR;
			
 
				+  }
			
 
				+  dsa_free(&key);
			
 
				+
			
 
				   return CRYPT_OK;
			
 
				 }