mirror of
https://gitlab.isc.org/isc-projects/bind9
synced 2025-08-22 10:10:06 +00:00
841b25fb62
The DST API has been cleaned up, duplicate functions has been squashed into single call (verify and verify2 functions), and couple of unused functions have been completely removed (createctx2, computesecret, paramcompare, and cleanup).
647 lines
16 KiB
C
647 lines
16 KiB
C
/*
|
|
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
*
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
*
|
|
* See the COPYRIGHT file distributed with this work for additional
|
|
* information regarding copyright ownership.
|
|
*/
|
|
|
|
/*! \file */
|
|
|
|
#include <stdbool.h>
|
|
|
|
#include <openssl/err.h>
|
|
#include <openssl/evp.h>
|
|
#include <openssl/objects.h>
|
|
#include <openssl/x509.h>
|
|
|
|
#include <isc/mem.h>
|
|
#include <isc/result.h>
|
|
#include <isc/safe.h>
|
|
#include <isc/string.h>
|
|
#include <isc/util.h>
|
|
|
|
#include <dns/keyvalues.h>
|
|
|
|
#include "dst_internal.h"
|
|
#include "dst_openssl.h"
|
|
#include "dst_parse.h"
|
|
#include "openssl_shim.h"
|
|
|
|
#define DST_RET(a) \
|
|
{ \
|
|
ret = a; \
|
|
goto err; \
|
|
}
|
|
|
|
#ifndef NID_ED25519
|
|
#error "Ed25519 group is not known (NID_ED25519)"
|
|
#endif /* ifndef NID_ED25519 */
|
|
|
|
#if HAVE_OPENSSL_ED448
|
|
#ifndef NID_ED448
|
|
#error "Ed448 group is not known (NID_ED448)"
|
|
#endif /* ifndef NID_ED448 */
|
|
#endif /* HAVE_OPENSSL_ED448 */
|
|
|
|
typedef struct eddsa_alginfo {
|
|
int pkey_type, nid;
|
|
unsigned int key_size, sig_size;
|
|
} eddsa_alginfo_t;
|
|
|
|
static const eddsa_alginfo_t *
|
|
openssleddsa_alg_info(unsigned int key_alg) {
|
|
if (key_alg == DST_ALG_ED25519) {
|
|
static const eddsa_alginfo_t ed25519_alginfo = {
|
|
.pkey_type = EVP_PKEY_ED25519,
|
|
.nid = NID_ED25519,
|
|
.key_size = DNS_KEY_ED25519SIZE,
|
|
.sig_size = DNS_SIG_ED25519SIZE,
|
|
};
|
|
return &ed25519_alginfo;
|
|
}
|
|
#if HAVE_OPENSSL_ED448
|
|
if (key_alg == DST_ALG_ED448) {
|
|
static const eddsa_alginfo_t ed448_alginfo = {
|
|
.pkey_type = EVP_PKEY_ED448,
|
|
.nid = NID_ED448,
|
|
.key_size = DNS_KEY_ED448SIZE,
|
|
.sig_size = DNS_SIG_ED448SIZE,
|
|
};
|
|
return &ed448_alginfo;
|
|
}
|
|
#endif /* HAVE_OPENSSL_ED448 */
|
|
return NULL;
|
|
}
|
|
|
|
static isc_result_t
|
|
raw_key_to_ossl(const eddsa_alginfo_t *alginfo, int private,
|
|
const unsigned char *key, size_t *key_len, EVP_PKEY **pkey) {
|
|
isc_result_t ret;
|
|
int pkey_type = alginfo->pkey_type;
|
|
size_t len = alginfo->key_size;
|
|
|
|
ret = (private ? DST_R_INVALIDPRIVATEKEY : DST_R_INVALIDPUBLICKEY);
|
|
if (*key_len < len) {
|
|
return ret;
|
|
}
|
|
|
|
if (private) {
|
|
*pkey = EVP_PKEY_new_raw_private_key(pkey_type, NULL, key, len);
|
|
} else {
|
|
*pkey = EVP_PKEY_new_raw_public_key(pkey_type, NULL, key, len);
|
|
}
|
|
if (*pkey == NULL) {
|
|
return dst__openssl_toresult(ret);
|
|
}
|
|
|
|
*key_len = len;
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin);
|
|
|
|
static isc_result_t
|
|
openssleddsa_createctx(dst_key_t *key, dst_context_t *dctx) {
|
|
isc_buffer_t *buf = NULL;
|
|
const eddsa_alginfo_t *alginfo =
|
|
openssleddsa_alg_info(dctx->key->key_alg);
|
|
|
|
UNUSED(key);
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
isc_buffer_allocate(dctx->mctx, &buf, 64);
|
|
dctx->ctxdata.generic = buf;
|
|
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
static void
|
|
openssleddsa_destroyctx(dst_context_t *dctx) {
|
|
isc_buffer_t *buf = (isc_buffer_t *)dctx->ctxdata.generic;
|
|
const eddsa_alginfo_t *alginfo =
|
|
openssleddsa_alg_info(dctx->key->key_alg);
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
if (buf != NULL) {
|
|
isc_buffer_free(&buf);
|
|
}
|
|
dctx->ctxdata.generic = NULL;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
|
|
isc_buffer_t *buf = (isc_buffer_t *)dctx->ctxdata.generic;
|
|
isc_buffer_t *nbuf = NULL;
|
|
isc_region_t r;
|
|
unsigned int length;
|
|
isc_result_t result;
|
|
const eddsa_alginfo_t *alginfo =
|
|
openssleddsa_alg_info(dctx->key->key_alg);
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
result = isc_buffer_copyregion(buf, data);
|
|
if (result == ISC_R_SUCCESS) {
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
length = isc_buffer_length(buf) + data->length + 64;
|
|
isc_buffer_allocate(dctx->mctx, &nbuf, length);
|
|
isc_buffer_usedregion(buf, &r);
|
|
(void)isc_buffer_copyregion(nbuf, &r);
|
|
(void)isc_buffer_copyregion(nbuf, data);
|
|
isc_buffer_free(&buf);
|
|
dctx->ctxdata.generic = nbuf;
|
|
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
|
|
isc_result_t ret;
|
|
dst_key_t *key = dctx->key;
|
|
isc_region_t tbsreg;
|
|
isc_region_t sigreg;
|
|
EVP_PKEY *pkey = key->keydata.pkeypair.priv;
|
|
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
|
|
isc_buffer_t *buf = (isc_buffer_t *)dctx->ctxdata.generic;
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
size_t siglen;
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
if (ctx == NULL) {
|
|
return ISC_R_NOMEMORY;
|
|
}
|
|
|
|
siglen = alginfo->sig_size;
|
|
isc_buffer_availableregion(sig, &sigreg);
|
|
if (sigreg.length < (unsigned int)siglen) {
|
|
DST_RET(ISC_R_NOSPACE);
|
|
}
|
|
|
|
isc_buffer_usedregion(buf, &tbsreg);
|
|
|
|
if (EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey) != 1) {
|
|
DST_RET(dst__openssl_toresult3(
|
|
dctx->category, "EVP_DigestSignInit", ISC_R_FAILURE));
|
|
}
|
|
if (EVP_DigestSign(ctx, sigreg.base, &siglen, tbsreg.base,
|
|
tbsreg.length) != 1)
|
|
{
|
|
DST_RET(dst__openssl_toresult3(dctx->category, "EVP_DigestSign",
|
|
DST_R_SIGNFAILURE));
|
|
}
|
|
isc_buffer_add(sig, (unsigned int)siglen);
|
|
ret = ISC_R_SUCCESS;
|
|
|
|
err:
|
|
EVP_MD_CTX_free(ctx);
|
|
isc_buffer_free(&buf);
|
|
dctx->ctxdata.generic = NULL;
|
|
|
|
return ret;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_verify(dst_context_t *dctx, int maxbits ISC_ATTR_UNUSED,
|
|
const isc_region_t *sig) {
|
|
isc_result_t ret;
|
|
dst_key_t *key = dctx->key;
|
|
int status;
|
|
isc_region_t tbsreg;
|
|
EVP_PKEY *pkey = key->keydata.pkeypair.pub;
|
|
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
|
|
isc_buffer_t *buf = (isc_buffer_t *)dctx->ctxdata.generic;
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
if (ctx == NULL) {
|
|
return dst__openssl_toresult(ISC_R_NOMEMORY);
|
|
}
|
|
|
|
if (sig->length != alginfo->sig_size) {
|
|
DST_RET(DST_R_VERIFYFAILURE);
|
|
}
|
|
|
|
isc_buffer_usedregion(buf, &tbsreg);
|
|
|
|
if (EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey) != 1) {
|
|
DST_RET(dst__openssl_toresult3(
|
|
dctx->category, "EVP_DigestVerifyInit", ISC_R_FAILURE));
|
|
}
|
|
|
|
status = EVP_DigestVerify(ctx, sig->base, sig->length, tbsreg.base,
|
|
tbsreg.length);
|
|
|
|
switch (status) {
|
|
case 1:
|
|
ret = ISC_R_SUCCESS;
|
|
break;
|
|
case 0:
|
|
ret = dst__openssl_toresult(DST_R_VERIFYFAILURE);
|
|
break;
|
|
default:
|
|
ret = dst__openssl_toresult3(dctx->category, "EVP_DigestVerify",
|
|
DST_R_VERIFYFAILURE);
|
|
break;
|
|
}
|
|
|
|
err:
|
|
EVP_MD_CTX_free(ctx);
|
|
isc_buffer_free(&buf);
|
|
dctx->ctxdata.generic = NULL;
|
|
|
|
return ret;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
|
|
isc_result_t ret;
|
|
EVP_PKEY *pkey = NULL;
|
|
EVP_PKEY_CTX *ctx = NULL;
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
int status;
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
UNUSED(unused);
|
|
UNUSED(callback);
|
|
|
|
ctx = EVP_PKEY_CTX_new_id(alginfo->nid, NULL);
|
|
if (ctx == NULL) {
|
|
return dst__openssl_toresult2("EVP_PKEY_CTX_new_id",
|
|
DST_R_OPENSSLFAILURE);
|
|
}
|
|
|
|
status = EVP_PKEY_keygen_init(ctx);
|
|
if (status != 1) {
|
|
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen_init",
|
|
DST_R_OPENSSLFAILURE));
|
|
}
|
|
|
|
status = EVP_PKEY_keygen(ctx, &pkey);
|
|
if (status != 1) {
|
|
DST_RET(dst__openssl_toresult2("EVP_PKEY_keygen",
|
|
DST_R_OPENSSLFAILURE));
|
|
}
|
|
|
|
key->key_size = alginfo->key_size * 8;
|
|
key->keydata.pkeypair.priv = pkey;
|
|
key->keydata.pkeypair.pub = pkey;
|
|
ret = ISC_R_SUCCESS;
|
|
|
|
err:
|
|
EVP_PKEY_CTX_free(ctx);
|
|
return ret;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_todns(const dst_key_t *key, isc_buffer_t *data) {
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
EVP_PKEY *pkey = key->keydata.pkeypair.pub;
|
|
isc_region_t r;
|
|
size_t len;
|
|
|
|
REQUIRE(pkey != NULL);
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
len = alginfo->key_size;
|
|
isc_buffer_availableregion(data, &r);
|
|
if (r.length < len) {
|
|
return ISC_R_NOSPACE;
|
|
}
|
|
|
|
if (EVP_PKEY_get_raw_public_key(pkey, r.base, &len) != 1) {
|
|
return dst__openssl_toresult(ISC_R_FAILURE);
|
|
}
|
|
|
|
isc_buffer_add(data, len);
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
isc_result_t ret;
|
|
isc_region_t r;
|
|
size_t len;
|
|
EVP_PKEY *pkey = NULL;
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
isc_buffer_remainingregion(data, &r);
|
|
if (r.length == 0) {
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
len = r.length;
|
|
ret = raw_key_to_ossl(alginfo, 0, r.base, &len, &pkey);
|
|
if (ret != ISC_R_SUCCESS) {
|
|
return ret;
|
|
}
|
|
|
|
isc_buffer_forward(data, len);
|
|
key->keydata.pkeypair.pub = pkey;
|
|
key->key_size = len * 8;
|
|
return ISC_R_SUCCESS;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_tofile(const dst_key_t *key, const char *directory) {
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
isc_result_t ret;
|
|
dst_private_t priv;
|
|
unsigned char *buf = NULL;
|
|
size_t len;
|
|
int i;
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
if (key->keydata.pkeypair.pub == NULL) {
|
|
return DST_R_NULLKEY;
|
|
}
|
|
|
|
if (key->external) {
|
|
priv.nelements = 0;
|
|
return dst__privstruct_writefile(key, &priv, directory);
|
|
}
|
|
|
|
i = 0;
|
|
|
|
if (dst__openssl_keypair_isprivate(key)) {
|
|
len = alginfo->key_size;
|
|
buf = isc_mem_get(key->mctx, len);
|
|
if (EVP_PKEY_get_raw_private_key(key->keydata.pkeypair.priv,
|
|
buf, &len) != 1)
|
|
{
|
|
DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
|
|
}
|
|
priv.elements[i].tag = TAG_EDDSA_PRIVATEKEY;
|
|
priv.elements[i].length = len;
|
|
priv.elements[i].data = buf;
|
|
i++;
|
|
}
|
|
if (key->label != NULL) {
|
|
priv.elements[i].tag = TAG_EDDSA_LABEL;
|
|
priv.elements[i].length = (unsigned short)strlen(key->label) +
|
|
1;
|
|
priv.elements[i].data = (unsigned char *)key->label;
|
|
i++;
|
|
}
|
|
|
|
priv.nelements = i;
|
|
ret = dst__privstruct_writefile(key, &priv, directory);
|
|
|
|
err:
|
|
if (buf != NULL) {
|
|
isc_mem_put(key->mctx, buf, len);
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
dst_private_t priv;
|
|
isc_result_t ret;
|
|
int i, privkey_index = -1;
|
|
const char *label = NULL;
|
|
EVP_PKEY *pkey = NULL;
|
|
size_t len;
|
|
isc_mem_t *mctx = key->mctx;
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
|
|
/* read private key file */
|
|
ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv);
|
|
if (ret != ISC_R_SUCCESS) {
|
|
goto err;
|
|
}
|
|
|
|
if (key->external) {
|
|
if (priv.nelements != 0) {
|
|
DST_RET(DST_R_INVALIDPRIVATEKEY);
|
|
}
|
|
if (pub == NULL) {
|
|
DST_RET(DST_R_INVALIDPRIVATEKEY);
|
|
}
|
|
key->keydata.pkeypair.priv = pub->keydata.pkeypair.priv;
|
|
key->keydata.pkeypair.pub = pub->keydata.pkeypair.pub;
|
|
pub->keydata.pkeypair.priv = NULL;
|
|
pub->keydata.pkeypair.pub = NULL;
|
|
DST_RET(ISC_R_SUCCESS);
|
|
}
|
|
|
|
for (i = 0; i < priv.nelements; i++) {
|
|
switch (priv.elements[i].tag) {
|
|
case TAG_EDDSA_ENGINE:
|
|
/* The Engine: tag is explicitly ignored */
|
|
break;
|
|
case TAG_EDDSA_LABEL:
|
|
label = (char *)priv.elements[i].data;
|
|
break;
|
|
case TAG_EDDSA_PRIVATEKEY:
|
|
privkey_index = i;
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (label != NULL) {
|
|
ret = openssleddsa_fromlabel(key, label, NULL);
|
|
if (ret != ISC_R_SUCCESS) {
|
|
goto err;
|
|
}
|
|
/* Check that the public component matches if given */
|
|
if (pub != NULL && EVP_PKEY_eq(key->keydata.pkeypair.pub,
|
|
pub->keydata.pkeypair.pub) != 1)
|
|
{
|
|
DST_RET(DST_R_INVALIDPRIVATEKEY);
|
|
}
|
|
DST_RET(ISC_R_SUCCESS);
|
|
}
|
|
|
|
if (privkey_index < 0) {
|
|
DST_RET(DST_R_INVALIDPRIVATEKEY);
|
|
}
|
|
|
|
len = priv.elements[privkey_index].length;
|
|
ret = raw_key_to_ossl(alginfo, 1, priv.elements[privkey_index].data,
|
|
&len, &pkey);
|
|
if (ret != ISC_R_SUCCESS) {
|
|
goto err;
|
|
}
|
|
/* Check that the public component matches if given */
|
|
if (pub != NULL && EVP_PKEY_eq(pkey, pub->keydata.pkeypair.pub) != 1) {
|
|
DST_RET(DST_R_INVALIDPRIVATEKEY);
|
|
}
|
|
|
|
key->keydata.pkeypair.priv = pkey;
|
|
key->keydata.pkeypair.pub = pkey;
|
|
key->key_size = len * 8;
|
|
pkey = NULL;
|
|
ret = ISC_R_SUCCESS;
|
|
|
|
err:
|
|
EVP_PKEY_free(pkey);
|
|
dst__privstruct_free(&priv, mctx);
|
|
isc_safe_memwipe(&priv, sizeof(priv));
|
|
return ret;
|
|
}
|
|
|
|
static isc_result_t
|
|
openssleddsa_fromlabel(dst_key_t *key, const char *label, const char *pin) {
|
|
const eddsa_alginfo_t *alginfo = openssleddsa_alg_info(key->key_alg);
|
|
EVP_PKEY *privpkey = NULL, *pubpkey = NULL;
|
|
isc_result_t ret;
|
|
|
|
REQUIRE(alginfo != NULL);
|
|
UNUSED(pin);
|
|
|
|
ret = dst__openssl_fromlabel(alginfo->pkey_type, label, pin, &pubpkey,
|
|
&privpkey);
|
|
if (ret != ISC_R_SUCCESS) {
|
|
goto err;
|
|
}
|
|
|
|
key->label = isc_mem_strdup(key->mctx, label);
|
|
key->key_size = EVP_PKEY_bits(privpkey);
|
|
key->keydata.pkeypair.priv = privpkey;
|
|
key->keydata.pkeypair.pub = pubpkey;
|
|
privpkey = NULL;
|
|
pubpkey = NULL;
|
|
|
|
err:
|
|
EVP_PKEY_free(privpkey);
|
|
EVP_PKEY_free(pubpkey);
|
|
return ret;
|
|
}
|
|
|
|
static dst_func_t openssleddsa_functions = {
|
|
.createctx = openssleddsa_createctx,
|
|
.destroyctx = openssleddsa_destroyctx,
|
|
.adddata = openssleddsa_adddata,
|
|
.sign = openssleddsa_sign,
|
|
.verify = openssleddsa_verify,
|
|
.compare = dst__openssl_keypair_compare,
|
|
.generate = openssleddsa_generate,
|
|
.isprivate = dst__openssl_keypair_isprivate,
|
|
.destroy = dst__openssl_keypair_destroy,
|
|
.todns = openssleddsa_todns,
|
|
.fromdns = openssleddsa_fromdns,
|
|
.tofile = openssleddsa_tofile,
|
|
.parse = openssleddsa_parse,
|
|
.fromlabel = openssleddsa_fromlabel,
|
|
};
|
|
|
|
/*
|
|
* The test vectors below where generated by util/gen-eddsa-vectors.c
|
|
*/
|
|
#if HAVE_OPENSSL_ED448
|
|
static unsigned char ed448_pub[] =
|
|
"\x0a\x19\x36\xf0\x4c\x2d\xc1\xfe\xbe\xdc\xfa\xf6\xeb\xd2\x8f\x3b\x04"
|
|
"\x14\x2e\x88\xc6\xb5\xdc\xe8\x2a\xc6\xb9\x7c\xa8\x22\xe8\x36\xfb\x06"
|
|
"\x55\xa3\x3c\xdb\x9d\x68\x59\x7e\xa9\x5f\x93\x96\x87\x83\x28\xce\xdd"
|
|
"\x12\xc9\xb8\x78\x02\x80";
|
|
static unsigned char ed448_sig[] =
|
|
"\x7e\xec\x4e\x11\xd9\x79\x89\xd2\xe2\x85\x7a\x1c\xd7\x36\xe8\x24\x1f"
|
|
"\x90\xa0\x9c\x84\xfb\x51\xcd\xdc\xfd\x05\xcd\x8c\x08\x51\x05\x18\xc8"
|
|
"\x85\xb2\x28\x00\xea\xfe\x10\x46\xad\x52\xe6\xe9\x62\x35\x3b\x2a\x14"
|
|
"\x8b\xe7\xf0\x66\x5f\x00\x66\x3c\xa1\x4d\x03\x95\xcc\x73\xfc\xf2\x40"
|
|
"\x4b\x67\x85\x5b\x9f\xa9\x87\xb6\xbb\xa3\x9d\x73\x9f\xcb\x4e\x2c\xd2"
|
|
"\x46\xc7\x84\xd3\x7d\x94\x32\x30\x27\xb0\xa7\xf6\x6d\xf4\x77\xe8\xf5"
|
|
"\xb4\xee\x3f\x0e\x2b\x35\xdd\x5a\x35\xfe\x35\x00";
|
|
#endif
|
|
|
|
static unsigned char ed25519_pub[] =
|
|
"\x66\x5c\x21\x59\xe3\xa0\x6e\xa3\x7d\x82\x7c\xf1\xe7\xa3\xdd\xaf\xd1"
|
|
"\x6d\x92\x81\xfb\x09\x0c\x7c\xfe\x6d\xf8\x87\x24\x7e\x6e\x25";
|
|
static unsigned char ed25519_sig[] =
|
|
"\x26\x70\x5c\xc1\x85\xb6\x5e\x65\xe5\xa7\xd5\x85\x63\xc9\x1d\x45\x56"
|
|
"\x38\xa3\x9c\xa3\x42\x4d\xc8\x89\xff\x84\xea\x2c\xa8\x8b\xfa\x2f\xab"
|
|
"\x75\x7c\x68\x95\xfd\xdf\x62\x60\x4e\x4d\x10\xf8\x3c\xae\xcf\x18\x93"
|
|
"\x90\x05\xa4\x54\x38\x45\x2f\x81\x71\x1e\x0f\x46\x04";
|
|
|
|
static isc_result_t
|
|
check_algorithm(unsigned char algorithm) {
|
|
EVP_MD_CTX *evp_md_ctx = EVP_MD_CTX_create();
|
|
EVP_PKEY *pkey = NULL;
|
|
const eddsa_alginfo_t *alginfo = NULL;
|
|
const unsigned char *key = NULL;
|
|
const unsigned char *sig = NULL;
|
|
const unsigned char test[] = "test";
|
|
isc_result_t ret = ISC_R_SUCCESS;
|
|
size_t key_len, sig_len;
|
|
|
|
if (evp_md_ctx == NULL) {
|
|
DST_RET(ISC_R_NOMEMORY);
|
|
}
|
|
|
|
switch (algorithm) {
|
|
#if HAVE_OPENSSL_ED448
|
|
case DST_ALG_ED448:
|
|
sig = ed448_sig;
|
|
sig_len = sizeof(ed448_sig) - 1;
|
|
key = ed448_pub;
|
|
key_len = sizeof(ed448_pub) - 1;
|
|
alginfo = openssleddsa_alg_info(algorithm);
|
|
break;
|
|
#endif /* HAVE_OPENSSL_ED448 */
|
|
case DST_ALG_ED25519:
|
|
sig = ed25519_sig;
|
|
sig_len = sizeof(ed25519_sig) - 1;
|
|
key = ed25519_pub;
|
|
key_len = sizeof(ed25519_pub) - 1;
|
|
alginfo = openssleddsa_alg_info(algorithm);
|
|
break;
|
|
default:
|
|
DST_RET(ISC_R_NOTIMPLEMENTED);
|
|
}
|
|
|
|
INSIST(alginfo != NULL);
|
|
ret = raw_key_to_ossl(alginfo, 0, key, &key_len, &pkey);
|
|
if (ret != ISC_R_SUCCESS) {
|
|
goto err;
|
|
}
|
|
|
|
/*
|
|
* Check that we can verify the signature.
|
|
*/
|
|
if (EVP_DigestVerifyInit(evp_md_ctx, NULL, NULL, NULL, pkey) != 1 ||
|
|
EVP_DigestVerify(evp_md_ctx, sig, sig_len, test,
|
|
sizeof(test) - 1) != 1)
|
|
{
|
|
DST_RET(ISC_R_NOTIMPLEMENTED);
|
|
}
|
|
|
|
err:
|
|
if (pkey != NULL) {
|
|
EVP_PKEY_free(pkey);
|
|
}
|
|
if (evp_md_ctx != NULL) {
|
|
EVP_MD_CTX_destroy(evp_md_ctx);
|
|
}
|
|
ERR_clear_error();
|
|
return ret;
|
|
}
|
|
|
|
void
|
|
dst__openssleddsa_init(dst_func_t **funcp, unsigned char algorithm) {
|
|
REQUIRE(funcp != NULL);
|
|
|
|
if (*funcp == NULL) {
|
|
if (check_algorithm(algorithm) == ISC_R_SUCCESS) {
|
|
*funcp = &openssleddsa_functions;
|
|
}
|
|
}
|
|
}
|