lib/dns/openssleddsa_link.c

5832599943147268f9a4383d3dde39f8489bf339Evan Hunt/*
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt * Copyright (C) 2017  Internet Systems Consortium, Inc. ("ISC")
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt *
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt * This Source Code Form is subject to the terms of the Mozilla Public
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt * License, v. 2.0. If a copy of the MPL was not distributed with this
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt * file, You can obtain one at http://mozilla.org/MPL/2.0/.
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <config.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#if defined(OPENSSL) && \
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    (defined(HAVE_OPENSSL_ED25519) || defined(HAVE_OPENSSL_ED448))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <isc/entropy.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <isc/mem.h>
b5252fcde512405a68dd4becfe683d9763bd0feaMukund Sivaraman#include <isc/safe.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <isc/sha2.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <isc/string.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <isc/util.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <dns/keyvalues.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <dst/result.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include "dst_internal.h"
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include "dst_openssl.h"
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include "dst_parse.h"
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <openssl/err.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <openssl/objects.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <openssl/evp.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <openssl/x509.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#ifndef NID_ED25519
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#error "Ed25519 group is not known (NID_ED25519)"
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#endif
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#ifndef NID_ED448
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#error "Ed448 group is not known (NID_ED448)"
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#endif
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#define DST_RET(a) {ret = a; goto err;}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt/* OpenSSL doesn't provide direct access to key values */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#define PUBPREFIXLEN    12
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic const unsigned char ed25519_pub_prefix[] = {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x70, 0x03, 0x21, 0x00
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt};
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic EVP_PKEY *pub_ed25519_to_ossl(const unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PUBPREFIXLEN + DNS_KEY_ED25519SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    const unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf, ed25519_pub_prefix, PUBPREFIXLEN);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf + PUBPREFIXLEN, key, DNS_KEY_ED25519SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (d2i_PUBKEY(NULL, &p, PUBPREFIXLEN + DNS_KEY_ED25519SIZE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t pub_ed25519_from_ossl(EVP_PKEY *pkey,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                      unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PUBPREFIXLEN + DNS_KEY_ED25519SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PUBKEY(pkey, NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED25519SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PUBPREFIXLEN + DNS_KEY_ED25519SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PUBKEY(pkey, &p);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED25519SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PUBPREFIXLEN + DNS_KEY_ED25519SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(key, buf + len - DNS_KEY_ED25519SIZE, DNS_KEY_ED25519SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic const unsigned char ed448_pub_prefix[] = {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x30, 0x2a, 0x30, 0x05, 0x06, 0x03, 0x2b, 0x65,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x71, 0x03, 0x21, 0x00
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt};
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic EVP_PKEY *pub_ed448_to_ossl(const unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PUBPREFIXLEN + DNS_KEY_ED448SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    const unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf, ed448_pub_prefix, PUBPREFIXLEN);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf + PUBPREFIXLEN, key, DNS_KEY_ED448SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (d2i_PUBKEY(NULL, &p, PUBPREFIXLEN + DNS_KEY_ED448SIZE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t pub_ed448_from_ossl(EVP_PKEY *pkey,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                    unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PUBPREFIXLEN + DNS_KEY_ED448SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PUBKEY(pkey, NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED448SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PUBPREFIXLEN + DNS_KEY_ED448SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PUBKEY(pkey, &p);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED448SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PUBPREFIXLEN + DNS_KEY_ED448SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(key, buf + len - DNS_KEY_ED448SIZE, DNS_KEY_ED448SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#define PRIVPREFIXLEN   16
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic const unsigned char ed25519_priv_prefix[] = {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x03, 0x2b, 0x65, 0x70, 0x04, 0x22, 0x04, 0x20
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt};
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic EVP_PKEY *priv_ed25519_to_ossl(const unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PRIVPREFIXLEN + DNS_KEY_ED25519SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    const unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf, ed25519_priv_prefix, PRIVPREFIXLEN);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf + PRIVPREFIXLEN, key, DNS_KEY_ED25519SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (d2i_PrivateKey(NID_ED25519, NULL, &p,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                   PRIVPREFIXLEN + DNS_KEY_ED25519SIZE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t priv_ed25519_from_ossl(EVP_PKEY *pkey,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                      unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PRIVPREFIXLEN + DNS_KEY_ED25519SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PrivateKey(pkey, NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED25519SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PRIVPREFIXLEN + DNS_KEY_ED25519SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PrivateKey(pkey, &p);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED25519SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PRIVPREFIXLEN + DNS_KEY_ED25519SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(key, buf + len - DNS_KEY_ED25519SIZE, DNS_KEY_ED25519SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic const unsigned char ed448_priv_prefix[] = {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x30, 0x2e, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    0x03, 0x2b, 0x65, 0x71, 0x04, 0x22, 0x04, 0x20
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt};
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic EVP_PKEY *priv_ed448_to_ossl(const unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PRIVPREFIXLEN + DNS_KEY_ED448SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    const unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf, ed448_priv_prefix, PRIVPREFIXLEN);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(buf + PRIVPREFIXLEN, key, DNS_KEY_ED448SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (d2i_PrivateKey(NID_ED448, NULL, &p,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                   PRIVPREFIXLEN + DNS_KEY_ED448SIZE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t priv_ed448_from_ossl(EVP_PKEY *pkey,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                    unsigned char *key)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char buf[PRIVPREFIXLEN + DNS_KEY_ED448SIZE];
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char *p;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PrivateKey(pkey, NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED448SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PRIVPREFIXLEN + DNS_KEY_ED448SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    p = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PrivateKey(pkey, &p);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if ((len <= DNS_KEY_ED448SIZE) ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        (len > PRIVPREFIXLEN + DNS_KEY_ED448SIZE))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_OPENSSLFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    memmove(key, buf + len - DNS_KEY_ED448SIZE, DNS_KEY_ED448SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t openssleddsa_todns(const dst_key_t *key,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                       isc_buffer_t *data);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_createctx(dst_key_t *key, dst_context_t *dctx) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_t *buf = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t result;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    UNUSED(key);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(dctx->key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        dctx->key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    result = isc_buffer_allocate(dctx->mctx, &buf, 64);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dctx->ctxdata.generic = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (result);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic void
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_destroyctx(dst_context_t *dctx) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_t *buf = (isc_buffer_t *) dctx->ctxdata.generic;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(dctx->key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        dctx->key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (buf != NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        isc_buffer_free(&buf);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dctx->ctxdata.generic = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_t *buf = (isc_buffer_t *) dctx->ctxdata.generic;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_t *nbuf = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_region_t r;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned int length;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t result;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(dctx->key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        dctx->key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    result = isc_buffer_copyregion(buf, data);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (result == ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    length = isc_buffer_length(buf) + data->length + 64;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    result = isc_buffer_allocate(dctx->mctx, &nbuf, length);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (result != ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (result);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_usedregion(buf, &r);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    (void) isc_buffer_copyregion(nbuf, &r);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    (void) isc_buffer_copyregion(nbuf, data);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_free(&buf);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dctx->ctxdata.generic = nbuf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t ret;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dst_key_t *key = dctx->key;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_region_t tbsreg;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_region_t sigreg;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_MD_CTX* ctx = EVP_MD_CTX_new();
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_t *buf = (isc_buffer_t *) dctx->ctxdata.generic;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    size_t siglen;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ctx == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_NOMEMORY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->key_alg == DST_ALG_ED25519)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        siglen = DNS_SIG_ED25519SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    else
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        siglen = DNS_SIG_ED448SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_availableregion(sig, &sigreg);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (sigreg.length < (unsigned int) siglen)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET(ISC_R_NOSPACE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_usedregion(buf, &tbsreg);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (!EVP_DigestSignInit(ctx, NULL, NULL, NULL, pkey))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET(dst__openssl_toresult3(dctx->category,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           "EVP_DigestSignInit",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           ISC_R_FAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (!EVP_DigestSign(ctx, sigreg.base, &siglen,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                tbsreg.base, tbsreg.length))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET(dst__openssl_toresult3(dctx->category,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           "EVP_DigestSign",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           DST_R_SIGNFAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_add(sig, (unsigned int) siglen);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    ret = ISC_R_SUCCESS;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt err:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ctx != NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        EVP_MD_CTX_free(ctx);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_free(&buf);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dctx->ctxdata.generic = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ret);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t ret;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dst_key_t *key = dctx->key;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int status;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_region_t tbsreg;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_MD_CTX* ctx = EVP_MD_CTX_new();
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_t *buf = (isc_buffer_t *) dctx->ctxdata.generic;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned int siglen;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ctx == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_NOMEMORY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->key_alg == DST_ALG_ED25519)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        siglen = DNS_SIG_ED25519SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    else
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        siglen = DNS_SIG_ED448SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (sig->length != siglen)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_VERIFYFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_usedregion(buf, &tbsreg);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (!EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey))
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET(dst__openssl_toresult3(dctx->category,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           "EVP_DigestVerifyInit",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           ISC_R_FAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    status = EVP_DigestVerify(ctx, sig->base, siglen,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                  tbsreg.base, tbsreg.length);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    switch (status) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    case 1:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = ISC_R_SUCCESS;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        break;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    case 0:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = dst__openssl_toresult(DST_R_VERIFYFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        break;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    default:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = dst__openssl_toresult3(dctx->category,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                         "EVP_DigestVerify",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                         DST_R_VERIFYFAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        break;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt err:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ctx != NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        EVP_MD_CTX_free(ctx);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_free(&buf);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dctx->ctxdata.generic = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ret);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_boolean_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int status;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey1 = key1->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey2 = key2->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (pkey1 == NULL && pkey2 == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_TRUE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    else if (pkey1 == NULL || pkey2 == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_FALSE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    status = EVP_PKEY_cmp(pkey1, pkey2);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (status == 1)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_TRUE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_FALSE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t ret;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY_CTX *ctx = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int nid, status;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    UNUSED(unused);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    UNUSED(callback);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->key_alg == DST_ALG_ED25519) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        nid = NID_ED25519;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_size = DNS_KEY_ED25519SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    } else {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        nid = NID_ED448;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_size = DNS_KEY_ED448SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    ctx = EVP_PKEY_CTX_new_id(nid, NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ctx == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (dst__openssl_toresult2("EVP_PKEY_CTX_new_id",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                           DST_R_OPENSSLFAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    status = EVP_PKEY_keygen_init(ctx);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (status != 1)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET (dst__openssl_toresult2("EVP_PKEY_keygen_init",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                        DST_R_OPENSSLFAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    status = EVP_PKEY_keygen(ctx, &pkey);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (status != 1)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET (dst__openssl_toresult2("EVP_PKEY_keygen",
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt                        DST_R_OPENSSLFAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    key->keydata.pkey = pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    ret = ISC_R_SUCCESS;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt err:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ctx != NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        EVP_PKEY_CTX_free(ctx);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ret);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_boolean_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_isprivate(const dst_key_t *key) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned long err;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (pkey == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_FALSE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    len = i2d_PrivateKey(pkey, NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (len > 0)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_TRUE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    /* can check if first error is EC_R_INVALID_PRIVATE_KEY */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    while ((err = ERR_get_error()) != 0)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        /**/;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_FALSE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic void
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_destroy(dst_key_t *key) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY_free(pkey);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    key->keydata.pkey = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_todns(const dst_key_t *key, isc_buffer_t *data) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_region_t r;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t result;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(pkey != NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    switch (key->key_alg) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    case DST_ALG_ED25519:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        isc_buffer_availableregion(data, &r);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (r.length < DNS_KEY_ED25519SIZE)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            return (ISC_R_NOSPACE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        result = pub_ed25519_from_ossl(pkey, r.base);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (result == ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            isc_buffer_add(data, DNS_KEY_ED25519SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (result);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    case DST_ALG_ED448:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        isc_buffer_availableregion(data, &r);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (r.length < DNS_KEY_ED448SIZE)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            return (ISC_R_NOSPACE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        result = pub_ed448_from_ossl(pkey, r.base);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (result == ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            isc_buffer_add(data, DNS_KEY_ED448SIZE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (result);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    default:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        INSIST(0);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_region_t r;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_remainingregion(data, &r);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (r.length == 0)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->key_alg == DST_ALG_ED25519) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        len = DNS_KEY_ED25519SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (r.length < len)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            return (DST_R_INVALIDPUBLICKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        pkey = pub_ed25519_to_ossl(r.base);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    } else {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        len = DNS_KEY_ED448SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (r.length < len)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            return (DST_R_INVALIDPUBLICKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        pkey = pub_ed448_to_ossl(r.base);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (pkey == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (dst__openssl_toresult(ISC_R_FAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_buffer_forward(data, len);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    key->keydata.pkey = pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    key->key_size = len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_tofile(const dst_key_t *key, const char *directory) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t ret;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dst_private_t priv;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned char *buf = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->keydata.pkey == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (DST_R_NULLKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->external) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.nelements = 0;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (dst__privstruct_writefile(key, &priv, directory));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    pkey = key->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->key_alg == DST_ALG_ED25519) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        len = DNS_KEY_ED25519SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        buf = isc_mem_get(key->mctx, len);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (buf == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            return (ISC_R_NOMEMORY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.elements[0].tag = TAG_EDDSA_PRIVATEKEY;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.elements[0].length = len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = priv_ed25519_from_ossl(pkey, buf);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (ret != ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            DST_RET (dst__openssl_toresult(ret));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.elements[0].data = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.nelements = 1;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = dst__privstruct_writefile(key, &priv, directory);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    } else {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        len = DNS_KEY_ED448SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        buf = isc_mem_get(key->mctx, len);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (buf == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            return (ISC_R_NOMEMORY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.elements[0].tag = TAG_EDDSA_PRIVATEKEY;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.elements[0].length = len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = priv_ed448_from_ossl(pkey, buf);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (ret != ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            DST_RET (dst__openssl_toresult(ret));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.elements[0].data = buf;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        priv.nelements = 1;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        ret = dst__privstruct_writefile(key, &priv, directory);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt err:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (buf != NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        isc_mem_put(key->mctx, buf, len);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ret);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Hunteddsa_check(EVP_PKEY *privkey, dst_key_t *pub)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt{
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (pub == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    pkey = pub->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (pkey == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (EVP_PKEY_cmp(privkey, pkey) == 1)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_FAILURE);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic isc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntopenssleddsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dst_private_t priv;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_result_t ret;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    EVP_PKEY *pkey = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    unsigned int len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    isc_mem_t *mctx = key->mctx;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(key->key_alg == DST_ALG_ED25519 ||
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->key_alg == DST_ALG_ED448);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    /* read private key file */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    ret = dst__privstruct_parse(key, DST_ALG_ED25519, lexer, mctx, &priv);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (ret != ISC_R_SUCCESS)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        goto err;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->external) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (priv.nelements != 0)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            DST_RET(DST_R_INVALIDPRIVATEKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (pub == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            DST_RET(DST_R_INVALIDPRIVATEKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        key->keydata.pkey = pub->keydata.pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        pub->keydata.pkey = NULL;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        dst__privstruct_free(&priv, mctx);
b5252fcde512405a68dd4becfe683d9763bd0feaMukund Sivaraman        isc_safe_memwipe(&priv, sizeof(priv));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (key->key_alg == DST_ALG_ED25519) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        len = DNS_KEY_ED25519SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (priv.elements[0].length < len)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            DST_RET(DST_R_INVALIDPRIVATEKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        pkey = priv_ed25519_to_ossl(priv.elements[0].data);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    } else {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        len = DNS_KEY_ED448SIZE;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        if (priv.elements[0].length < len)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt            DST_RET(DST_R_INVALIDPRIVATEKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        pkey = priv_ed448_to_ossl(priv.elements[0].data);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (pkey == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (eddsa_check(pkey, pub) != ISC_R_SUCCESS) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        EVP_PKEY_free(pkey);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        DST_RET(DST_R_INVALIDPRIVATEKEY);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    }
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    key->keydata.pkey = pkey;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    key->key_size = len;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    ret = ISC_R_SUCCESS;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt err:
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    dst__privstruct_free(&priv, mctx);
b5252fcde512405a68dd4becfe683d9763bd0feaMukund Sivaraman    isc_safe_memwipe(&priv, sizeof(priv));
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ret);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntstatic dst_func_t openssleddsa_functions = {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_createctx,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< createctx2 */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_destroyctx,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_adddata,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_sign,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_verify,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< verify2 */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< computesecret */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_compare,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< paramcompare */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_generate,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_isprivate,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_destroy,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_todns,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_fromdns,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_tofile,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    openssleddsa_parse,
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< cleanup */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< fromlabel */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< dump */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    NULL, /*%< restore */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt};
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Huntisc_result_t
5832599943147268f9a4383d3dde39f8489bf339Evan Huntdst__openssleddsa_init(dst_func_t **funcp) {
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    REQUIRE(funcp != NULL);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    if (*funcp == NULL)
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt        *funcp = &openssleddsa_functions;
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt    return (ISC_R_SUCCESS);
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt}
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#else /* HAVE_OPENSSL_EDxxx */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#include <isc/util.h>
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan HuntEMPTY_TRANSLATION_UNIT
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt#endif /* HAVE_OPENSSL_EDxxx */
5832599943147268f9a4383d3dde39f8489bf339Evan Hunt/*! \file */