From 354ae18b989bec352eae83580002a22da841f5a6 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 14 Jan 2022 08:29:06 +0000 Subject: [PATCH] Simplify DSAPublicKey_it This was obtained by porting the OpenSSL commit below and then using expand_crypto_asn1.go to unroll the new ASN.1 macros - actually the ones from 987157f6f63 which fixed the omission of dsa_cb() in the first commit. ok inoguchi jsing commit ea6b07b54c1f8fc2275a121cdda071e2df7bd6c1 Author: Dr. Stephen Henson Date: Thu Mar 26 14:35:49 2015 +0000 Simplify DSA public key handling. DSA public keys could exist in two forms: a single Integer type or a SEQUENCE containing the parameters and public key with a field called "write_params" deciding which form to use. These forms are non standard and were only used by functions containing "DSAPublicKey" in the name. Simplify code to only use the parameter form and encode the public key component directly in the DSA public key method. Reviewed-by: Richard Levitte --- lib/libcrypto/dsa/dsa_ameth.c | 12 +++++-- lib/libcrypto/dsa/dsa_asn1.c | 61 ++++++++--------------------------- lib/libcrypto/dsa/dsa_lib.c | 5 ++- lib/libcrypto/dsa/dsa_locl.h | 3 +- 4 files changed, 25 insertions(+), 56 deletions(-) diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c index 3c7644d2516..5fff2890a2f 100644 --- a/lib/libcrypto/dsa/dsa_ameth.c +++ b/lib/libcrypto/dsa/dsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ameth.c,v 1.30 2022/01/07 09:35:36 tb Exp $ */ +/* $OpenBSD: dsa_ameth.c,v 1.31 2022/01/14 08:29:06 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -133,6 +133,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { DSA *dsa; + ASN1_INTEGER *pubint = NULL; void *pval = NULL; int ptype; unsigned char *penc = NULL; @@ -158,9 +159,14 @@ dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) } else ptype = V_ASN1_UNDEF; - dsa->write_params = 0; - penclen = i2d_DSAPublicKey(dsa, &penc); + if ((pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { + DSAerror(ERR_R_MALLOC_FAILURE); + goto err; + } + + penclen = i2d_ASN1_INTEGER(pubint, &penc); + ASN1_INTEGER_free(pubint); if (penclen <= 0) { DSAerror(ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/dsa/dsa_asn1.c b/lib/libcrypto/dsa/dsa_asn1.c index 3bf044665f1..daa970e316a 100644 --- a/lib/libcrypto/dsa/dsa_asn1.c +++ b/lib/libcrypto/dsa/dsa_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_asn1.c,v 1.23 2022/01/07 09:35:36 tb Exp $ */ +/* $OpenBSD: dsa_asn1.c,v 1.24 2022/01/14 08:29:06 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -329,14 +329,15 @@ i2d_DSAparams_fp(FILE *fp, DSA *a) return ASN1_item_i2d_fp(&DSAparams_it, fp, a); } -/* - * DSA public key is a bit trickier... its effectively a CHOICE type - * decided by a field called write_params which can either write out - * just the public key as an INTEGER or the parameters and public key - * in a SEQUENCE - */ - -static const ASN1_TEMPLATE dsa_pub_internal_seq_tt[] = { +static const ASN1_AUX DSAPublicKey_aux = { + .app_data = NULL, + .flags = 0, + .ref_offset = 0, + .ref_lock = 0, + .asn1_cb = dsa_cb, + .enc_offset = 0, +}; +static const ASN1_TEMPLATE DSAPublicKey_seq_tt[] = { { .flags = 0, .tag = 0, @@ -367,52 +368,16 @@ static const ASN1_TEMPLATE dsa_pub_internal_seq_tt[] = { }, }; -const ASN1_ITEM dsa_pub_internal_it = { +const ASN1_ITEM DSAPublicKey_it = { .itype = ASN1_ITYPE_SEQUENCE, .utype = V_ASN1_SEQUENCE, - .templates = dsa_pub_internal_seq_tt, - .tcount = sizeof(dsa_pub_internal_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = NULL, - .size = sizeof(DSA), - .sname = "DSA", -}; - -static const ASN1_AUX DSAPublicKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAPublicKey_ch_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, pub_key), - .field_name = "pub_key", - .item = &BIGNUM_it, - }, - { - .flags = 0 | ASN1_TFLG_COMBINE, - .tag = 0, - .offset = 0, - .field_name = NULL, - .item = &dsa_pub_internal_it, - }, -}; - -const ASN1_ITEM DSAPublicKey_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = offsetof(DSA, write_params), - .templates = DSAPublicKey_ch_tt, - .tcount = sizeof(DSAPublicKey_ch_tt) / sizeof(ASN1_TEMPLATE), + .templates = DSAPublicKey_seq_tt, + .tcount = sizeof(DSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE), .funcs = &DSAPublicKey_aux, .size = sizeof(DSA), .sname = "DSA", }; - DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **in, long len) { diff --git a/lib/libcrypto/dsa/dsa_lib.c b/lib/libcrypto/dsa/dsa_lib.c index 7a7986b1f7e..1369c6f7452 100644 --- a/lib/libcrypto/dsa/dsa_lib.c +++ b/lib/libcrypto/dsa/dsa_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_lib.c,v 1.33 2022/01/07 09:35:36 tb Exp $ */ +/* $OpenBSD: dsa_lib.c,v 1.34 2022/01/14 08:29:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -154,7 +154,6 @@ DSA_new_method(ENGINE *engine) ret->pad = 0; ret->version = 0; - ret->write_params = 1; ret->p = NULL; ret->q = NULL; ret->g = NULL; @@ -177,7 +176,7 @@ DSA_new_method(ENGINE *engine) free(ret); ret = NULL; } - + return ret; } diff --git a/lib/libcrypto/dsa/dsa_locl.h b/lib/libcrypto/dsa/dsa_locl.h index 29a3901dc78..299c67a6b90 100644 --- a/lib/libcrypto/dsa/dsa_locl.h +++ b/lib/libcrypto/dsa/dsa_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_locl.h,v 1.4 2022/01/14 08:27:23 tb Exp $ */ +/* $OpenBSD: dsa_locl.h,v 1.5 2022/01/14 08:29:06 tb Exp $ */ /* ==================================================================== * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * @@ -90,7 +90,6 @@ struct dsa_st { * a DSA is passed instead of of a EVP_PKEY */ int pad; long version; - int write_params; BIGNUM *p; BIGNUM *q; /* == 20 */ BIGNUM *g; -- 2.20.1