Revision Log

openssl_crypto.c

Revision 707 (checked in by ben, 1 year ago)	Fixes from Cyril Soler.

Line
1	/*
2	* Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
3	* All rights reserved.
4	* Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
5	* their moral rights under the UK Copyright Design and Patents Act 1988 to
6	* be recorded as the authors of this copyright work.
7	*
8	* Licensed under the Apache License, Version 2.0 (the "License"); you may not
9	* use this file except in compliance with the License.
10	*
11	* You may obtain a copy of the License at
12	* http://www.apache.org/licenses/LICENSE-2.0
13	*
14	* Unless required by applicable law or agreed to in writing, software
15	* distributed under the License is distributed on an "AS IS" BASIS,
16	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17	*
18	* See the License for the specific language governing permissions and
19	* limitations under the License.
20	*/
21
22	/** \file
23	*/
24
25	#include <openssl/md5.h>
26	#include <openssl/sha.h>
27	#include <openssl/dsa.h>
28	#include <openssl/rsa.h>
29	#include <openssl/err.h>
30	#include <assert.h>
31	#include <stdlib.h>
32
33	#include <openpgpsdk/configure.h>
34	#include <openpgpsdk/crypto.h>
35	#include <openpgpsdk/keyring.h>
36	#include <openpgpsdk/readerwriter.h>
37	#include "keyring_local.h"
38	#include <openpgpsdk/std_print.h>
39
40	#include <openpgpsdk/final.h>
41
42	static int debug=0;
43
44	void test_secret_key(const ops_secret_key_t *skey)
45	{
46	RSA* test=RSA_new();
47
48	test->n=BN_dup(skey->public_key.key.rsa.n);
49	test->e=BN_dup(skey->public_key.key.rsa.e);
50
51	test->d=BN_dup(skey->key.rsa.d);
52	test->p=BN_dup(skey->key.rsa.p);
53	test->q=BN_dup(skey->key.rsa.q);
54
55	assert(RSA_check_key(test)==1);
56	RSA_free(test);
57	}
58
59	static void md5_init(ops_hash_t *hash)
60	{
61	assert(!hash->data);
62	hash->data=malloc(sizeof(MD5_CTX));
63	MD5_Init(hash->data);
64	}
65
66	static void md5_add(ops_hash_t hash,const unsigned char data,unsigned length)
67	{
68	MD5_Update(hash->data,data,length);
69	}
70
71	static unsigned md5_finish(ops_hash_t hash,unsigned char out)
72	{
73	MD5_Final(out,hash->data);
74	free(hash->data);
75	hash->data=NULL;
76	return 16;
77	}
78
79	static ops_hash_t md5={OPS_HASH_MD5,MD5_DIGEST_LENGTH,"MD5",md5_init,md5_add,
80	md5_finish,NULL};
81
82	/**
83	\ingroup Core_Crypto
84	\brief Initialise to MD5
85	\param hash Hash to initialise
86	*/
87	void ops_hash_md5(ops_hash_t *hash)
88	{
89	*hash=md5;
90	}
91
92	static void sha1_init(ops_hash_t *hash)
93	{
94	if (debug)
95	{
96	fprintf(stderr,"*\n\nsha1_init\n**\n");
97	}
98	assert(!hash->data);
99	hash->data=malloc(sizeof(SHA_CTX));
100	SHA1_Init(hash->data);
101	}
102
103	static void sha1_add(ops_hash_t hash,const unsigned char data,
104	unsigned length)
105	{
106	if (debug)
107	{
108	unsigned int i=0;
109	fprintf(stderr,"adding %d to hash:\n ", length);
110	for (i=0; i<length; i++)
111	{
112	fprintf(stderr,"0x%02x ", data[i]);
113	if (!((i+1) % 16))
114	fprintf(stderr,"\n");
115	else if (!((i+1) % 8))
116	fprintf(stderr," ");
117	}
118	fprintf(stderr,"\n");
119	}
120	SHA1_Update(hash->data,data,length);
121	}
122
123	static unsigned sha1_finish(ops_hash_t hash,unsigned char out)
124	{
125	SHA1_Final(out,hash->data);
126	if (debug)
127	{
128	unsigned i=0;
129	fprintf(stderr,"*\n\nsha1_finish\n**\n");
130	for (i=0; i<SHA_DIGEST_LENGTH; i++)
131	fprintf(stderr,"0x%02x ",out[i]);
132	fprintf(stderr,"\n");
133	}
134	free(hash->data);
135	hash->data=NULL;
136	return SHA_DIGEST_LENGTH;
137	}
138
139	static ops_hash_t sha1={OPS_HASH_SHA1,SHA_DIGEST_LENGTH,"SHA1",sha1_init,
140	sha1_add,sha1_finish,NULL};
141
142	/**
143	\ingroup Core_Crypto
144	\brief Initialise to SHA1
145	\param hash Hash to initialise
146	*/
147	void ops_hash_sha1(ops_hash_t *hash)
148	{
149	*hash=sha1;
150	}
151
152	static void sha256_init(ops_hash_t *hash)
153	{
154	if (debug)
155	{
156	fprintf(stderr,"*\n\nsha256_init\n**\n");
157	}
158	assert(!hash->data);
159	hash->data=malloc(sizeof(SHA256_CTX));
160	SHA256_Init(hash->data);
161	}
162
163	static void sha256_add(ops_hash_t hash,const unsigned char data,
164	unsigned length)
165	{
166	if (debug)
167	{
168	unsigned int i=0;
169	fprintf(stderr,"adding %d to hash:\n ", length);
170	for (i=0; i<length; i++)
171	{
172	fprintf(stderr,"0x%02x ", data[i]);
173	if (!((i+1) % 16))
174	fprintf(stderr,"\n");
175	else if (!((i+1) % 8))
176	fprintf(stderr," ");
177	}
178	fprintf(stderr,"\n");
179	}
180	SHA256_Update(hash->data,data,length);
181	}
182
183	static unsigned sha256_finish(ops_hash_t hash,unsigned char out)
184	{
185	SHA256_Final(out,hash->data);
186	if (debug)
187	{
188	unsigned i=0;
189	fprintf(stderr,"*\n\nsha1_finish\n**\n");
190	for (i=0; i<SHA256_DIGEST_LENGTH; i++)
191	fprintf(stderr,"0x%02x ",out[i]);
192	fprintf(stderr,"\n");
193	}
194	free(hash->data);
195	hash->data=NULL;
196	return SHA256_DIGEST_LENGTH;
197	}
198
199	static ops_hash_t sha256={OPS_HASH_SHA256,SHA256_DIGEST_LENGTH,"SHA256",sha256_init,
200	sha256_add,sha256_finish,NULL};
201
202	void ops_hash_sha256(ops_hash_t *hash)
203	{
204	*hash=sha256;
205	}
206
207	/*
208	* SHA384
209	*/
210
211	static void sha384_init(ops_hash_t *hash)
212	{
213	if (debug)
214	{
215	fprintf(stderr,"*\n\nsha384_init\n**\n");
216	}
217	assert(!hash->data);
218	hash->data=malloc(sizeof(SHA512_CTX));
219	SHA384_Init(hash->data);
220	}
221
222	static void sha384_add(ops_hash_t hash,const unsigned char data,
223	unsigned length)
224	{
225	if (debug)
226	{
227	unsigned int i=0;
228	fprintf(stderr,"adding %d to hash:\n ", length);
229	for (i=0; i<length; i++)
230	{
231	fprintf(stderr,"0x%02x ", data[i]);
232	if (!((i+1) % 16))
233	fprintf(stderr,"\n");
234	else if (!((i+1) % 8))
235	fprintf(stderr," ");
236	}
237	fprintf(stderr,"\n");
238	}
239	SHA384_Update(hash->data,data,length);
240	}
241
242	static unsigned sha384_finish(ops_hash_t hash,unsigned char out)
243	{
244	SHA384_Final(out,hash->data);
245	if (debug)
246	{
247	unsigned i=0;
248	fprintf(stderr,"*\n\nsha1_finish\n**\n");
249	for (i=0; i<SHA384_DIGEST_LENGTH; i++)
250	fprintf(stderr,"0x%02x ",out[i]);
251	fprintf(stderr,"\n");
252	}
253	free(hash->data);
254	hash->data=NULL;
255	return SHA384_DIGEST_LENGTH;
256	}
257
258	static ops_hash_t sha384={OPS_HASH_SHA384,SHA384_DIGEST_LENGTH,"SHA384",sha384_init,
259	sha384_add,sha384_finish,NULL};
260
261	void ops_hash_sha384(ops_hash_t *hash)
262	{
263	*hash=sha384;
264	}
265
266	/*
267	* SHA512
268	*/
269
270	static void sha512_init(ops_hash_t *hash)
271	{
272	if (debug)
273	{
274	fprintf(stderr,"*\n\nsha512_init\n**\n");
275	}
276	assert(!hash->data);
277	hash->data=malloc(sizeof(SHA512_CTX));
278	SHA512_Init(hash->data);
279	}
280
281	static void sha512_add(ops_hash_t hash,const unsigned char data,
282	unsigned length)
283	{
284	if (debug)
285	{
286	unsigned int i=0;
287	fprintf(stderr,"adding %d to hash:\n ", length);
288	for (i=0; i<length; i++)
289	{
290	fprintf(stderr,"0x%02x ", data[i]);
291	if (!((i+1) % 16))
292	fprintf(stderr,"\n");
293	else if (!((i+1) % 8))
294	fprintf(stderr," ");
295	}
296	fprintf(stderr,"\n");
297	}
298	SHA512_Update(hash->data,data,length);
299	}
300
301	static unsigned sha512_finish(ops_hash_t hash,unsigned char out)
302	{
303	SHA512_Final(out,hash->data);
304	if (debug)
305	{
306	unsigned i=0;
307	fprintf(stderr,"*\n\nsha1_finish\n**\n");
308	for (i=0; i<SHA512_DIGEST_LENGTH; i++)
309	fprintf(stderr,"0x%02x ",out[i]);
310	fprintf(stderr,"\n");
311	}
312	free(hash->data);
313	hash->data=NULL;
314	return SHA512_DIGEST_LENGTH;
315	}
316
317	static ops_hash_t sha512={OPS_HASH_SHA512,SHA512_DIGEST_LENGTH,"SHA512",sha512_init,
318	sha512_add,sha512_finish,NULL};
319
320	void ops_hash_sha512(ops_hash_t *hash)
321	{
322	*hash=sha512;
323	}
324
325	/*
326	* SHA224
327	*/
328
329	static void sha224_init(ops_hash_t *hash)
330	{
331	if (debug)
332	{
333	fprintf(stderr,"*\n\nsha1_init\n**\n");
334	}
335	assert(!hash->data);
336	hash->data=malloc(sizeof(SHA256_CTX));
337	SHA224_Init(hash->data);
338	}
339
340	static void sha224_add(ops_hash_t hash,const unsigned char data,
341	unsigned length)
342	{
343	if (debug)
344	{
345	unsigned int i=0;
346	fprintf(stderr,"adding %d to hash:\n ", length);
347	for (i=0; i<length; i++)
348	{
349	fprintf(stderr,"0x%02x ", data[i]);
350	if (!((i+1) % 16))
351	fprintf(stderr,"\n");
352	else if (!((i+1) % 8))
353	fprintf(stderr," ");
354	}
355	fprintf(stderr,"\n");
356	}
357	SHA224_Update(hash->data,data,length);
358	}
359
360	static unsigned sha224_finish(ops_hash_t hash,unsigned char out)
361	{
362	SHA224_Final(out,hash->data);
363	if (debug)
364	{
365	unsigned i=0;
366	fprintf(stderr,"*\n\nsha1_finish\n**\n");
367	for (i=0; i<SHA224_DIGEST_LENGTH; i++)
368	fprintf(stderr,"0x%02x ",out[i]);
369	fprintf(stderr,"\n");
370	}
371	free(hash->data);
372	hash->data=NULL;
373	return SHA224_DIGEST_LENGTH;
374	}
375
376	static ops_hash_t sha224={OPS_HASH_SHA224,SHA224_DIGEST_LENGTH,"SHA224",sha224_init,
377	sha224_add,sha224_finish,NULL};
378
379	void ops_hash_sha224(ops_hash_t *hash)
380	{
381	*hash=sha224;
382	}
383
384	ops_boolean_t ops_dsa_verify(const unsigned char *hash,size_t hash_length,
385	const ops_dsa_signature_t *sig,
386	const ops_dsa_public_key_t *dsa)
387	{
388	DSA_SIG *osig;
389	DSA *odsa;
390	int ret;
391
392	osig=DSA_SIG_new();
393	osig->r=sig->r;
394	osig->s=sig->s;
395
396	odsa=DSA_new();
397	odsa->p=dsa->p;
398	odsa->q=dsa->q;
399	odsa->g=dsa->g;
400	odsa->pub_key=dsa->y;
401
402	if (debug)
403	{
404	fprintf(stderr,"hash passed in:\n");
405	unsigned i;
406	for (i=0; i<hash_length; i++)
407	{
408	fprintf(stderr,"%02x ", hash[i]);
409	}
410	fprintf(stderr,"\n");
411	}
412	//printf("hash_length=%ld\n", hash_length);
413	//printf("Q=%d\n", BN_num_bytes(odsa->q));
414	unsigned int qlen=BN_num_bytes(odsa->q);
415	if (qlen < hash_length)
416	hash_length=qlen;
417	// ret=DSA_do_verify(hash,hash_length,osig,odsa);
418	ret=DSA_do_verify(hash,hash_length,osig,odsa);
419	if (debug)
420	{
421	fprintf(stderr,"ret=%d\n",ret);
422	}
423	assert(ret >= 0);
424
425	odsa->p=odsa->q=odsa->g=odsa->pub_key=NULL;
426	DSA_free(odsa);
427
428	osig->r=osig->s=NULL;
429	DSA_SIG_free(osig);
430
431	return ret != 0;
432	}
433
434	/**
435	\ingroup Core_Crypto
436	\brief Recovers message digest from the signature
437	\param out Where to write decrypted data to
438	\param in Encrypted data
439	\param length Length of encrypted data
440	\param rsa RSA public key
441	\return size of recovered message digest
442	*/
443	int ops_rsa_public_decrypt(unsigned char out,const unsigned char in,
444	size_t length,const ops_rsa_public_key_t *rsa)
445	{
446	RSA *orsa;
447	int n;
448
449	orsa=RSA_new();
450	orsa->n=rsa->n;
451	orsa->e=rsa->e;
452
453	n=RSA_public_decrypt(length,in,out,orsa,RSA_NO_PADDING);
454
455	orsa->n=orsa->e=NULL;
456	RSA_free(orsa);
457
458	return n;
459	}
460
461	/**
462	\ingroup Core_Crypto
463	\brief Signs data with RSA
464	\param out Where to write signature
465	\param in Data to sign
466	\param length Length of data
467	\param srsa RSA secret key
468	\param rsa RSA public key
469	\return number of bytes decrypted
470	*/
471	int ops_rsa_private_encrypt(unsigned char out,const unsigned char in,
472	size_t length,const ops_rsa_secret_key_t *srsa,
473	const ops_rsa_public_key_t *rsa)
474	{
475	RSA *orsa;
476	int n;
477
478	orsa=RSA_new();
479	orsa->n=rsa->n; // XXX: do we need n?
480	orsa->d=srsa->d;
481	orsa->p=srsa->q;
482	orsa->q=srsa->p;
483
484	/* debug */
485	orsa->e=rsa->e;
486	// If this isn't set, it's very likely that the programmer hasn't
487	// decrypted the secret key. RSA_check_key segfaults in that case.
488	// Use ops_decrypt_secret_key_from_data() to do that.
489	assert(orsa->d);
490	assert(RSA_check_key(orsa) == 1);
491	orsa->e=NULL;
492	/* end debug */
493
494	n=RSA_private_encrypt(length,in,out,orsa,RSA_NO_PADDING);
495
496	orsa->n=orsa->d=orsa->p=orsa->q=NULL;
497	RSA_free(orsa);
498
499	return n;
500	}
501
502	/**
503	\ingroup Core_Crypto
504	\brief Decrypts RSA-encrypted data
505	\param out Where to write the plaintext
506	\param in Encrypted data
507	\param length Length of encrypted data
508	\param srsa RSA secret key
509	\param rsa RSA public key
510	\return size of recovered plaintext
511	*/
512	int ops_rsa_private_decrypt(unsigned char out,const unsigned char in,
513	size_t length,const ops_rsa_secret_key_t *srsa,
514	const ops_rsa_public_key_t *rsa)
515	{
516	RSA *orsa;
517	int n;
518	char errbuf[1024];
519
520	orsa=RSA_new();
521	orsa->n=rsa->n; // XXX: do we need n?
522	orsa->d=srsa->d;
523	orsa->p=srsa->q;
524	orsa->q=srsa->p;
525
526	/* debug */
527	orsa->e=rsa->e;
528	assert(RSA_check_key(orsa) == 1);
529	orsa->e=NULL;
530	/* end debug */
531
532	n=RSA_private_decrypt(length,in,out,orsa,RSA_NO_PADDING);
533
534	// printf("ops_rsa_private_decrypt: n=%d\n",n);
535
536	errbuf[0]='\0';
537	if (n==-1)
538	{
539	unsigned long err=ERR_get_error();
540	ERR_error_string(err,&errbuf[0]);
541	fprintf(stderr,"openssl error : %s\n",errbuf);
542	}
543	orsa->n=orsa->d=orsa->p=orsa->q=NULL;
544	RSA_free(orsa);
545
546	return n;
547	}
548
549	/**
550	\ingroup Core_Crypto
551	\brief RSA-encrypts data
552	\param out Where to write the encrypted data
553	\param in Plaintext
554	\param length Size of plaintext
555	\param rsa RSA Public Key
556	*/
557	int ops_rsa_public_encrypt(unsigned char out,const unsigned char in,
558	size_t length,const ops_rsa_public_key_t *rsa)
559	{
560	RSA *orsa;
561	int n;
562
563	// printf("ops_rsa_public_encrypt: length=%ld\n", length);
564
565	orsa=RSA_new();
566	orsa->n=rsa->n;
567	orsa->e=rsa->e;
568
569	// printf("len: %ld\n", length);
570	// ops_print_bn("n: ", orsa->n);
571	// ops_print_bn("e: ", orsa->e);
572	n=RSA_public_encrypt(length,in,out,orsa,RSA_NO_PADDING);
573
574	if (n==-1)
575	{
576	BIO *fd_out;
577	fd_out=BIO_new_fd(fileno(stderr), BIO_NOCLOSE);
578	ERR_print_errors(fd_out);
579	}
580
581	orsa->n=orsa->e=NULL;
582	RSA_free(orsa);
583
584	return n;
585	}
586
587	/**
588	\ingroup Core_Crypto
589	\brief initialises openssl
590	\note Would usually call ops_init() instead
591	\sa ops_init()
592	*/
593	void ops_crypto_init()
594	{
595	#ifdef DMALLOC
596	CRYPTO_malloc_debug_init();
597	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
598	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
599	#endif
600	}
601
602	/**
603	\ingroup Core_Crypto
604	\brief Finalise openssl
605	\note Would usually call ops_finish() instead
606	\sa ops_finish()
607	*/
608	void ops_crypto_finish()
609	{
610	CRYPTO_cleanup_all_ex_data();
611	// FIXME: what should we do instead (function is deprecated)?
612	// ERR_remove_state(0);
613	#ifdef DMALLOC
614	CRYPTO_mem_leaks_fp(stderr);
615	#endif
616	}
617
618	/**
619	\ingroup Core_Hashes
620	\brief Get Hash name
621	\param hash Hash struct
622	\return Hash name
623	*/
624	const char ops_text_from_hash(ops_hash_t hash)
625	{ return hash->name; }
626
627	/**
628	\ingroup HighLevel_KeyGenerate
629	\brief Generates an RSA keypair
630	\param numbits Modulus size
631	\param e Public Exponent
632	\param keydata Pointer to keydata struct to hold new key
633	\return ops_true if key generated successfully; otherwise ops_false
634	\note It is the caller's responsibility to call ops_keydata_free(keydata)
635	*/
636	ops_boolean_t ops_rsa_generate_keypair(const int numbits, const unsigned long e,
637	ops_keydata_t* keydata)
638	{
639	ops_secret_key_t *skey=NULL;
640	RSA *rsa=RSA_new();
641	BN_CTX *ctx=BN_CTX_new();
642	BIGNUM *ebn=BN_new();
643
644	ops_keydata_init(keydata,OPS_PTAG_CT_SECRET_KEY);
645	skey=ops_get_writable_secret_key_from_data(keydata);
646
647	// generate the key pair
648
649	BN_set_word(ebn,e);
650	RSA_generate_key_ex(rsa,numbits,ebn,NULL);
651
652	// populate ops key from ssl key
653
654	skey->public_key.version=4;
655	skey->public_key.creation_time=time(NULL);
656	skey->public_key.days_valid=0;
657	skey->public_key.algorithm= OPS_PKA_RSA;
658
659	skey->public_key.key.rsa.n=BN_dup(rsa->n);
660	skey->public_key.key.rsa.e=BN_dup(rsa->e);
661
662	skey->s2k_usage=OPS_S2KU_ENCRYPTED_AND_HASHED;
663	skey->s2k_specifier=OPS_S2KS_SALTED;
664	//skey->s2k_specifier=OPS_S2KS_SIMPLE;
665	skey->algorithm=OPS_SA_CAST5; // \todo make param
666	skey->hash_algorithm=OPS_HASH_SHA1; // \todo make param
667	skey->octet_count=0;
668	skey->checksum=0;
669
670	skey->key.rsa.d=BN_dup(rsa->d);
671	skey->key.rsa.p=BN_dup(rsa->p);
672	skey->key.rsa.q=BN_dup(rsa->q);
673	skey->key.rsa.u=BN_mod_inverse(NULL,rsa->p, rsa->q, ctx);
674	assert(skey->key.rsa.u);
675	BN_CTX_free(ctx);
676
677	RSA_free(rsa);
678
679	ops_keyid(keydata->key_id, &keydata->key.skey.public_key);
680	ops_fingerprint(&keydata->fingerprint, &keydata->key.skey.public_key);
681
682	// Generate checksum
683
684	ops_create_info_t *cinfo=NULL;
685	ops_memory_t *mem=NULL;
686
687	ops_setup_memory_write(&cinfo, &mem, 128);
688
689	ops_push_skey_checksum_writer(cinfo, skey);
690
691	switch(skey->public_key.algorithm)
692	{
693	// case OPS_PKA_DSA:
694	// return ops_write_mpi(key->key.dsa.x,info);
695
696	case OPS_PKA_RSA:
697	case OPS_PKA_RSA_ENCRYPT_ONLY:
698	case OPS_PKA_RSA_SIGN_ONLY:
699	if(!ops_write_mpi(skey->key.rsa.d,cinfo)
700	\|\| !ops_write_mpi(skey->key.rsa.p,cinfo)
701	\|\| !ops_write_mpi(skey->key.rsa.q,cinfo)
702	\|\| !ops_write_mpi(skey->key.rsa.u,cinfo))
703	return ops_false;
704	break;
705
706	// case OPS_PKA_ELGAMAL:
707	// return ops_write_mpi(key->key.elgamal.x,info);
708
709	default:
710	assert(0);
711	break;
712	}
713
714	// close rather than pop, since its the only one on the stack
715	ops_writer_close(cinfo);
716	ops_teardown_memory_write(cinfo, mem);
717
718	// should now have checksum in skey struct
719
720	// test
721	if (debug)
722	test_secret_key(skey);
723
724	return ops_true;
725	}
726
727	/**
728	\ingroup HighLevel_KeyGenerate
729	\brief Creates a self-signed RSA keypair
730	\param numbits Modulus size
731	\param e Public Exponent
732	\param userid User ID
733	\return The new keypair or NULL
734
735	\note It is the caller's responsibility to call ops_keydata_free(keydata)
736	\sa ops_rsa_generate_keypair()
737	\sa ops_keydata_free()
738	*/
739	ops_keydata_t* ops_rsa_create_selfsigned_keypair(const int numbits, const unsigned long e, ops_user_id_t * userid)
740	{
741	ops_keydata_t *keydata=NULL;
742
743	keydata=ops_keydata_new();
744
745	if (ops_rsa_generate_keypair(numbits, e, keydata) != ops_true
746	\|\| ops_add_selfsigned_userid_to_keydata(keydata, userid) != ops_true)
747	{
748	ops_keydata_free(keydata);
749	free(keydata);
750	return NULL;
751	}
752
753	return keydata;
754	}
755
756	/*
757	int ops_dsa_size(const ops_dsa_public_key_t *dsa)
758	{
759	int size;
760	DSA *odsa;
761	odsa=DSA_new();
762	odsa->p=dsa->p;
763	odsa->q=dsa->q;
764	odsa->g=dsa->g;
765	odsa->pub_key=dsa->y;
766
767	DSAparams_print_fp(stderr, odsa);
768	size=DSA_size(odsa);
769
770	odsa->p=odsa->q=odsa->g=odsa->pub_key=odsa->priv_key=NULL;
771	DSA_free(odsa);
772
773	return size;
774	}
775	*/
776
777	DSA_SIG* ops_dsa_sign(unsigned char* hashbuf, unsigned hashsize, const ops_dsa_secret_key_t sdsa, const ops_dsa_public_key_t dsa)
778	{
779	DSA *odsa;
780	DSA_SIG *dsasig;
781
782	odsa=DSA_new();
783	odsa->p=dsa->p;
784	odsa->q=dsa->q;
785	odsa->g=dsa->g;
786	odsa->pub_key=dsa->y;
787	odsa->priv_key=sdsa->x;
788
789	dsasig=DSA_do_sign(hashbuf,hashsize,odsa);
790
791	odsa->p=odsa->q=odsa->g=odsa->pub_key=odsa->priv_key=NULL;
792	DSA_free(odsa);
793
794	return dsasig;
795	}
796
797	// eof
798

Note: See TracBrowser for help on using the browser.

root/openpgpsdk/trunk/src/lib/openssl_crypto.c

Download in other formats: