Mercurial > dropbear

comparison libtomcrypt/src/pk/dsa/dsa_import.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents f849a5ca2efc
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
3 * LibTomCrypt is a library that provides various cryptographic 3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner. 4 * algorithms in a highly modular and flexible manner.
5 * 5 *
6 * The library is free for all purposes without any express 6 * The library is free for all purposes without any express
7 * guarantee it works. 7 * guarantee it works.
8 *
9 * Tom St Denis, [email protected], http://libtom.org
10 */ 8 */
11 #include "tomcrypt.h" 9 #include "tomcrypt.h"
12 10
13 /** 11 /**
14 @file dsa_import.c 12 @file dsa_import.c
16 */ 14 */
17 15
18 #ifdef LTC_MDSA 16 #ifdef LTC_MDSA
19 17
20 /** 18 /**
21 Import a DSA key 19 Import a DSA key
22 @param in The binary packet to import from 20 @param in The binary packet to import from
23 @param inlen The length of the binary packet 21 @param inlen The length of the binary packet
24 @param key [out] Where to store the imported key 22 @param key [out] Where to store the imported key
25 @return CRYPT_OK if successful, upon error this function will free all allocated memory 23 @return CRYPT_OK if successful, upon error this function will free all allocated memory
26 */ 24 */
27 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) 25 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
28 { 26 {
27 int err, stat;
28 unsigned long zero = 0;
29 unsigned char* tmpbuf = NULL;
29 unsigned char flags[1]; 30 unsigned char flags[1];
30 int err;
31 31
32 LTC_ARGCHK(in != NULL); 32 LTC_ARGCHK(in != NULL);
33 LTC_ARGCHK(key != NULL); 33 LTC_ARGCHK(key != NULL);
34 LTC_ARGCHK(ltc_mp.name != NULL); 34 LTC_ARGCHK(ltc_mp.name != NULL);
35 35
36 /* init key */ 36 /* init key */
37 if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) { 37 if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) {
38 return CRYPT_MEM; 38 return CRYPT_MEM;
39 } 39 }
40 40
41 /* try to match the old libtomcrypt format */
42 err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags,
43 LTC_ASN1_EOL, 0UL, NULL);
44
45 if (err == CRYPT_OK || err == CRYPT_INPUT_TOO_LONG) {
46 /* private key */
47 if (flags[0] == 1) {
48 if ((err = der_decode_sequence_multi(in, inlen,
49 LTC_ASN1_BIT_STRING, 1UL, flags,
50 LTC_ASN1_INTEGER, 1UL, key->g,
51 LTC_ASN1_INTEGER, 1UL, key->p,
52 LTC_ASN1_INTEGER, 1UL, key->q,
53 LTC_ASN1_INTEGER, 1UL, key->y,
54 LTC_ASN1_INTEGER, 1UL, key->x,
55 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
56 goto LBL_ERR;
57 }
58 key->type = PK_PRIVATE;
59 goto LBL_OK;
60 }
61 /* public key */
62 else if (flags[0] == 0) {
63 if ((err = der_decode_sequence_multi(in, inlen,
64 LTC_ASN1_BIT_STRING, 1UL, flags,
65 LTC_ASN1_INTEGER, 1UL, key->g,
66 LTC_ASN1_INTEGER, 1UL, key->p,
67 LTC_ASN1_INTEGER, 1UL, key->q,
68 LTC_ASN1_INTEGER, 1UL, key->y,
69 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
70 goto LBL_ERR;
71 }
72 key->type = PK_PUBLIC;
73 goto LBL_OK;
74 }
75 else {
76 err = CRYPT_INVALID_PACKET;
77 goto LBL_ERR;
78 }
79 }
41 /* get key type */ 80 /* get key type */
42 if ((err = der_decode_sequence_multi(in, inlen, 81 if ((err = der_decode_sequence_multi(in, inlen,
43 LTC_ASN1_BIT_STRING, 1UL, flags, 82 LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
44 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { 83 LTC_ASN1_INTEGER, 1UL, key->p,
45 goto error; 84 LTC_ASN1_INTEGER, 1UL, key->q,
85 LTC_ASN1_INTEGER, 1UL, key->g,
86 LTC_ASN1_INTEGER, 1UL, key->y,
87 LTC_ASN1_INTEGER, 1UL, key->x,
88 LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) {
89
90 key->type = PK_PRIVATE;
91 } else { /* public */
92 ltc_asn1_list params[3];
93 unsigned long tmpbuf_len = inlen;
94
95 LTC_SET_ASN1(params, 0, LTC_ASN1_INTEGER, key->p, 1UL);
96 LTC_SET_ASN1(params, 1, LTC_ASN1_INTEGER, key->q, 1UL);
97 LTC_SET_ASN1(params, 2, LTC_ASN1_INTEGER, key->g, 1UL);
98
99 tmpbuf = XCALLOC(1, tmpbuf_len);
100 if (tmpbuf == NULL) {
101 err = CRYPT_MEM;
102 goto LBL_ERR;
103 }
104
105 err = der_decode_subject_public_key_info(in, inlen, PKA_DSA,
106 tmpbuf, &tmpbuf_len,
107 LTC_ASN1_SEQUENCE, params, 3);
108 if (err != CRYPT_OK) {
109 XFREE(tmpbuf);
110 goto LBL_ERR;
111 }
112
113 if ((err=der_decode_integer(tmpbuf, tmpbuf_len, key->y)) != CRYPT_OK) {
114 XFREE(tmpbuf);
115 goto LBL_ERR;
116 }
117
118 XFREE(tmpbuf);
119 key->type = PK_PUBLIC;
46 } 120 }
47 121
48 if (flags[0] == 1) { 122 LBL_OK:
49 if ((err = der_decode_sequence_multi(in, inlen, 123 key->qord = mp_unsigned_bin_size(key->q);
50 LTC_ASN1_BIT_STRING, 1UL, flags,
51 LTC_ASN1_INTEGER, 1UL, key->g,
52 LTC_ASN1_INTEGER, 1UL, key->p,
53 LTC_ASN1_INTEGER, 1UL, key->q,
54 LTC_ASN1_INTEGER, 1UL, key->y,
55 LTC_ASN1_INTEGER, 1UL, key->x,
56 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
57 goto error;
58 }
59 key->type = PK_PRIVATE;
60 } else {
61 if ((err = der_decode_sequence_multi(in, inlen,
62 LTC_ASN1_BIT_STRING, 1UL, flags,
63 LTC_ASN1_INTEGER, 1UL, key->g,
64 LTC_ASN1_INTEGER, 1UL, key->p,
65 LTC_ASN1_INTEGER, 1UL, key->q,
66 LTC_ASN1_INTEGER, 1UL, key->y,
67 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
68 goto error;
69 }
70 key->type = PK_PUBLIC;
71 }
72 key->qord = mp_unsigned_bin_size(key->q);
73 124
74 if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || 125 /* quick p, q, g validation, without primality testing */
75 (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) { 126 if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) {
127 goto LBL_ERR;
128 }
129 if (stat == 0) {
76 err = CRYPT_INVALID_PACKET; 130 err = CRYPT_INVALID_PACKET;
77 goto error; 131 goto LBL_ERR;
132 }
133 /* validate x, y */
134 if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK) {
135 goto LBL_ERR;
136 }
137 if (stat == 0) {
138 err = CRYPT_INVALID_PACKET;
139 goto LBL_ERR;
78 } 140 }
79 141
80 return CRYPT_OK; 142 return CRYPT_OK;
81 error: 143 LBL_ERR:
82 mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL); 144 dsa_free(key);
83 return err; 145 return err;
84 } 146 }
85 147
86 #endif 148 #endif
87 149
88 /* $Source$ */ 150 /* ref: $Format:%D$ */
89 /* $Revision$ */ 151 /* git commit: $Format:%H$ */
90 /* $Date$ */ 152 /* commit time: $Format:%ai$ */