[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Mon Jun 13 19:48:26 UTC 2016
The branch master has been updated
via bbaa9dd850152bc85cad094e0aa0c685553d149c (commit)
via 1d454d58a80971eac941911965e894fdf1621cd8 (commit)
via 7ca3ea22c1773633644b6255731bf80e76133358 (commit)
via 6a571a18dd4381940d61a3c2f0d65d2b6515c693 (commit)
from d356dc561925ec9cecc58a69e2280c18a49ec41a (commit)
- Log -----------------------------------------------------------------
commit bbaa9dd850152bc85cad094e0aa0c685553d149c
Author: TJ Saunders <tj at castaglia.org>
Date: Fri Jun 10 00:36:45 2016 -0700
Ensure that NULL r and s parameters cannot be set on DSA_SIG/ECDSA_SIGs.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Emilia Käsper <emilia at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
commit 1d454d58a80971eac941911965e894fdf1621cd8
Author: TJ Saunders <tj at castaglia.org>
Date: Thu Jun 9 14:53:23 2016 -0700
Forgot to update the setter argument ordering in the public headers.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Emilia Käsper <emilia at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
commit 7ca3ea22c1773633644b6255731bf80e76133358
Author: TJ Saunders <tj at castaglia.org>
Date: Thu Jun 9 14:52:04 2016 -0700
Reorder the setter arguments to more consistently match that of other APIs,
per review comments.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Emilia Käsper <emilia at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
commit 6a571a18dd4381940d61a3c2f0d65d2b6515c693
Author: TJ Saunders <tj at castaglia.org>
Date: Wed Jun 8 13:54:22 2016 -0700
Implement DSA_SIG_set0() and ECDSA_SIG_set0(), for setting signature values.
SSH2 implementations which use DSA_do_verify() and ECDSA_do_verify() are given
the R and S values, and the data to be signed, by the client. Thus in order
to validate these signatures, SSH2 implementations will digest and sign
the data -- and then pass in properly provisioned DSA_SIG and ECDSA_SIG objects.
Unfortunately, the existing OpenSSL-1.1.0 APIs do not allow for directly setting
those R and S values in these objects, which makes using OpenSSL for such
SSH2 implementations much more difficult.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Emilia Käsper <emilia at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1193)
-----------------------------------------------------------------------
Summary of changes:
crypto/dsa/dsa_asn1.c | 11 +++++++++++
crypto/ec/ec_asn1.c | 11 +++++++++++
doc/crypto/DSA_SIG_new.pod | 9 +++++++++
doc/crypto/ECDSA_SIG_new.pod | 9 +++++++++
include/openssl/dsa.h | 1 +
include/openssl/ec.h | 7 +++++++
6 files changed, 48 insertions(+)
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 93ce85f..f79e1d1 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -32,6 +32,17 @@ void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const DSA_SIG *sig)
*ps = sig->s;
}
+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
+{
+ if (r == NULL || s == NULL)
+ return 0;
+ BN_clear_free(sig->r);
+ BN_clear_free(sig->s);
+ sig->r = r;
+ sig->s = s;
+ return 1;
+}
+
/* Override the default free and new methods */
static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
void *exarg)
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 9272e1f..9f7e837 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1180,6 +1180,17 @@ void ECDSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const ECDSA_SIG *sig)
*ps = sig->s;
}
+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
+{
+ if (r == NULL || s == NULL)
+ return 0;
+ BN_clear_free(sig->r);
+ BN_clear_free(sig->s);
+ sig->r = r;
+ sig->s = s;
+ return 1;
+}
+
int ECDSA_size(const EC_KEY *r)
{
int ret, i;
diff --git a/doc/crypto/DSA_SIG_new.pod b/doc/crypto/DSA_SIG_new.pod
index d12b088..345c02c 100644
--- a/doc/crypto/DSA_SIG_new.pod
+++ b/doc/crypto/DSA_SIG_new.pod
@@ -11,6 +11,7 @@ DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects
DSA_SIG *DSA_SIG_new(void);
void DSA_SIG_free(DSA_SIG *a);
void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const DSA_SIG *sig);
+ int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
=head1 DESCRIPTION
@@ -22,6 +23,12 @@ values are erased before the memory is returned to the system.
DSA_SIG_get0() returns internal pointers the B<r> and B<s> values contained
in B<sig>. The values can then be examined or initialised.
+The B<r> and B<s> values can be set by calling DSA_SIG_set0() and passing the
+new values for B<r> and B<s> as parameters to the function. Calling this
+function transfers the memory management of the values to the DSA_SIG object,
+and therefore the values that have been passed in should not be freed directly
+after this function has been called.
+
=head1 RETURN VALUES
If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
@@ -31,6 +38,8 @@ to the newly allocated structure.
DSA_SIG_free() returns no value.
+DSA_SIG_set0() returns 1 on success or 0 on failure.
+
=head1 SEE ALSO
L<dsa(3)>, L<ERR_get_error(3)>,
diff --git a/doc/crypto/ECDSA_SIG_new.pod b/doc/crypto/ECDSA_SIG_new.pod
index 6919890..d3e181d 100644
--- a/doc/crypto/ECDSA_SIG_new.pod
+++ b/doc/crypto/ECDSA_SIG_new.pod
@@ -14,6 +14,7 @@ algorithm (ECDSA) functions
ECDSA_SIG *ECDSA_SIG_new(void);
void ECDSA_SIG_free(ECDSA_SIG *sig);
void ECDSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const ECDSA_SIG *sig);
+ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
int ECDSA_size(const EC_KEY *eckey);
@@ -53,6 +54,12 @@ ECDSA_SIG_free() frees the B<ECDSA_SIG> structure B<sig>.
ECDSA_SIG_get0() returns internal pointers the B<r> and B<s> values contained
in B<sig>. The values can then be examined or initialised.
+The B<r> and B<s> values can be set by calling ECDSA_SIG_set0() and passing the
+new values for B<r> and B<s> as parameters to the function. Calling this
+function transfers the memory management of the values to the ECDSA_SIG object,
+and therefore the values that have been passed in should not be freed directly
+after this function has been called.
+
i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature B<sig> and
writes the encoded signature to B<*pp> (note: if B<pp> is NULL i2d_ECDSA_SIG()
returns the expected length in bytes of the DER encoded signature).
@@ -106,6 +113,8 @@ returned as a newly allocated B<ECDSA_SIG> structure (or NULL on error).
=head1 RETURN VALUES
+ECDSA_SIG_set0() returns 1 on success or 0 on failure.
+
ECDSA_size() returns the maximum length signature or 0 on error.
ECDSA_sign(), ECDSA_sign_ex() and ECDSA_sign_setup() return 1 if successful
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index 48d2b56..ce1346c 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -82,6 +82,7 @@ void DSA_SIG_free(DSA_SIG *a);
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const DSA_SIG *sig);
+int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
int DSA_do_verify(const unsigned char *dgst, int dgst_len,
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 9c74053..db78a34 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1080,6 +1080,13 @@ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
*/
void ECDSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const ECDSA_SIG *sig);
+/** Setter for r and s fields of ECDSA_SIG
+ * \param sig pointer to ECDSA_SIG pointer
+ * \param r pointer to BIGNUM for r (may be NULL)
+ * \param s pointer to BIGNUM for s (may be NULL)
+ */
+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
+
/** Computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
More information about the openssl-commits
mailing list