/*
* Copyright (C) 2014-2017 Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
#ifdef PKCS11CRYPTO
#include <config.h>
#ifndef PK11_DSA_DISABLE
#include <string.h>
#include "dst_internal.h"
#include "dst_parse.h"
#include "dst_pkcs11.h"
#include <pk11/internal.h>
/*
* FIPS 186-2 DSA keys:
* mechanisms:
* CKM_DSA_SHA1,
* CKM_DSA_KEY_PAIR_GEN,
* CKM_DSA_PARAMETER_GEN
* domain parameters:
* object class CKO_DOMAIN_PARAMETERS
* key type CKK_DSA
* attribute CKA_PRIME (prime p)
* attribute CKA_SUBPRIME (subprime q)
* attribute CKA_BASE (base g)
* optional attribute CKA_PRIME_BITS (p length in bits)
* public keys:
* object class CKO_PUBLIC_KEY
* key type CKK_DSA
* attribute CKA_PRIME (prime p)
* attribute CKA_SUBPRIME (subprime q)
* attribute CKA_BASE (base g)
* attribute CKA_VALUE (public value y)
* private keys:
* object class CKO_PRIVATE_KEY
* key type CKK_DSA
* attribute CKA_PRIME (prime p)
* attribute CKA_SUBPRIME (subprime q)
* attribute CKA_BASE (base g)
* attribute CKA_VALUE (private value x)
* reuse CKA_PRIVATE_EXPONENT for key pair private value
*/
static isc_result_t
{
{ CKA_SUBPRIME, NULL, 0 },
};
unsigned int i;
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
if (ret != ISC_R_SUCCESS)
goto err;
goto token_key;
}
case CKA_PRIME:
attr->ulValueLen);
attr->ulValueLen);
break;
case CKA_SUBPRIME:
attr->ulValueLen);
attr->ulValueLen);
break;
case CKA_BASE:
attr->ulValueLen);
attr->ulValueLen);
break;
case CKA_VALUE2:
attr->ulValueLen);
attr->ulValueLen);
break;
}
for (i = 6; i <= 9; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ISC_R_SUCCESS);
err:
for (i = 6; i <= 9; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ret);
}
static isc_result_t
{
{ CKA_SUBPRIME, NULL, 0 },
};
unsigned int i;
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
if (ret != ISC_R_SUCCESS)
goto err;
goto token_key;
}
case CKA_PRIME:
attr->ulValueLen);
attr->ulValueLen);
break;
case CKA_SUBPRIME:
attr->ulValueLen);
attr->ulValueLen);
break;
case CKA_BASE:
attr->ulValueLen);
attr->ulValueLen);
break;
case CKA_VALUE:
attr->ulValueLen);
attr->ulValueLen);
break;
}
for (i = 5; i <= 8; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ISC_R_SUCCESS);
err:
for (i = 5; i <= 8; i++)
keyTemplate[i].ulValueLen);
keyTemplate[i].pValue,
keyTemplate[i].ulValueLen);
}
return (ret);
}
static isc_result_t
else
}
static void
}
}
static isc_result_t
else
return (ret);
}
static isc_result_t
isc_region_t r;
unsigned int klen;
return (ISC_R_NOSPACE);
return (DST_R_SIGNFAILURE);
if (klen > 255)
return (ISC_R_FAILURE);
err:
return (ret);
}
static isc_result_t
return (ret);
}
static isc_boolean_t
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
attr1->ulValueLen))
return (ISC_FALSE);
return (ISC_TRUE);
attr1->ulValueLen))
return (ISC_FALSE);
return (ISC_TRUE);
attr1->ulValueLen))
return (ISC_FALSE);
return (ISC_TRUE);
attr1->ulValueLen))
return (ISC_FALSE);
attr1->ulValueLen)))
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
}
static isc_result_t
{
};
{
{ CKA_SUBPRIME, NULL, 0 },
};
{
};
unsigned int i;
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
if (ret != ISC_R_SUCCESS)
goto err;
for (i = 0; i <= 2; i++) {
}
attr += 3;
attr++;
return (ISC_R_SUCCESS);
err:
if (priv != CK_INVALID_HANDLE)
if (pub != CK_INVALID_HANDLE)
if (dp != CK_INVALID_HANDLE)
return (ret);
}
static isc_boolean_t
return (ISC_FALSE);
}
static void
return;
case CKA_PRIME:
case CKA_SUBPRIME:
case CKA_BASE:
case CKA_VALUE:
case CKA_VALUE2:
attr->ulValueLen);
attr->ulValueLen);
}
break;
}
}
}
static isc_result_t
isc_region_t r;
int dnslen;
unsigned int t, p_bytes;
case CKA_PRIME:
break;
case CKA_SUBPRIME:
break;
case CKA_BASE:
break;
case CKA_VALUE:
break;
}
if (t > 8)
return (DST_R_INVALIDPUBLICKEY);
return (ISC_R_NOSPACE);
*r.base = t;
isc_region_consume(&r, 1);
isc_region_consume(&r, p_bytes);
isc_region_consume(&r, p_bytes);
isc_region_consume(&r, p_bytes);
return (ISC_R_SUCCESS);
}
static isc_result_t
isc_region_t r;
unsigned int t, p_bytes;
if (r.length == 0)
return (ISC_R_SUCCESS);
return (ISC_R_NOMEMORY);
t = (unsigned int) *r.base;
isc_region_consume(&r, 1);
if (t > 8) {
return (DST_R_INVALIDPUBLICKEY);
}
return (DST_R_INVALIDPUBLICKEY);
}
isc_region_consume(&r, p_bytes);
isc_region_consume(&r, p_bytes);
isc_region_consume(&r, p_bytes);
goto nomemory;
goto nomemory;
goto nomemory;
goto nomemory;
goto nomemory;
return (ISC_R_SUCCESS);
case CKA_PRIME:
case CKA_SUBPRIME:
case CKA_BASE:
case CKA_VALUE:
attr->ulValueLen);
attr->ulValueLen);
}
break;
}
}
return (ISC_R_NOMEMORY);
}
static isc_result_t
int cnt = 0;
return (DST_R_NULLKEY);
}
case CKA_PRIME:
break;
case CKA_SUBPRIME:
break;
case CKA_BASE:
break;
case CKA_VALUE:
break;
case CKA_VALUE2:
break;
}
return (DST_R_NULLKEY);
cnt++;
cnt++;
cnt++;
cnt++;
cnt++;
}
static isc_result_t
int i;
/* read private key file */
if (ret != ISC_R_SUCCESS)
return (ret);
return (ISC_R_SUCCESS);
}
case TAG_DSA_PRIME:
break;
case TAG_DSA_SUBPRIME:
break;
case TAG_DSA_BASE:
break;
case TAG_DSA_PRIVATE:
break;
case TAG_DSA_PUBLIC:
break;
}
}
return (ISC_R_SUCCESS);
err:
return (ret);
}
NULL, /*%< createctx2 */
NULL, /*%< verify2 */
NULL, /*%< computesecret */
NULL, /*%< paramcompare */
NULL, /*%< cleanup */
NULL, /*%< fromlabel */
NULL, /*%< dump */
NULL, /*%< restore */
};
*funcp = &pkcs11dsa_functions;
return (ISC_R_SUCCESS);
}
#endif /* !PK11_DSA_DISABLE */
#else /* PKCS11CRYPTO */
#endif /* PKCS11CRYPTO */
/*! \file */