Index: lib/cryptohi/dsautil.c |
=================================================================== |
--- a/lib/cryptohi/dsautil.c |
+++ b/lib/cryptohi/dsautil.c |
@@ -2,266 +2,239 @@ |
* License, v. 2.0. If a copy of the MPL was not distributed with this |
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
#include "cryptohi.h" |
#include "secasn1.h" |
#include "secitem.h" |
#include "prerr.h" |
#ifndef DSA1_SUBPRIME_LEN |
-#define DSA1_SUBPRIME_LEN 20 /* bytes */ |
+#define DSA1_SUBPRIME_LEN 20 /* bytes */ |
#endif |
typedef struct { |
- SECItem r; |
- SECItem s; |
+ SECItem r; |
+ SECItem s; |
} DSA_ASN1Signature; |
-const SEC_ASN1Template DSA_SignatureTemplate[] = |
-{ |
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(DSA_ASN1Signature) }, |
- { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,r) }, |
- { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,s) }, |
- { 0, } |
-}; |
+const SEC_ASN1Template DSA_SignatureTemplate[] = { |
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(DSA_ASN1Signature)}, |
+ {SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature, r)}, |
+ {SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature, s)}, |
+ {0, }}; |
/* Input is variable length multi-byte integer, MSB first (big endian). |
-** Most signficant bit of first byte is NOT treated as a sign bit. |
-** May be one or more leading bytes of zeros. |
+** Most signficant bit of first byte is NOT treated as a sign bit. |
+** May be one or more leading bytes of zeros. |
** Output is variable length multi-byte integer, MSB first (big endian). |
** Most significant bit of first byte will be zero (positive sign bit) |
** No more than one leading zero byte. |
** Caller supplies dest buffer, and assures that it is long enough, |
** e.g. at least one byte longer that src's buffer. |
*/ |
-void |
-DSAU_ConvertUnsignedToSigned(SECItem *dest, SECItem *src) |
-{ |
- unsigned char *pSrc = src->data; |
- unsigned char *pDst = dest->data; |
- unsigned int cntSrc = src->len; |
+void DSAU_ConvertUnsignedToSigned(SECItem *dest, SECItem *src) { |
+ unsigned char *pSrc = src->data; |
+ unsigned char *pDst = dest->data; |
+ unsigned int cntSrc = src->len; |
- /* skip any leading zeros. */ |
- while (cntSrc && !(*pSrc)) { |
- pSrc++; |
- cntSrc--; |
- } |
- if (!cntSrc) { |
- *pDst = 0; |
- dest->len = 1; |
- return; |
- } |
+ /* skip any leading zeros. */ |
+ while (cntSrc && !(*pSrc)) { |
+ pSrc++; |
+ cntSrc--; |
+ } |
+ if (!cntSrc) { |
+ *pDst = 0; |
+ dest->len = 1; |
+ return; |
+ } |
- if (*pSrc & 0x80) |
- *pDst++ = 0; |
+ if (*pSrc & 0x80) *pDst++ = 0; |
- PORT_Memcpy(pDst, pSrc, cntSrc); |
- dest->len = (pDst - dest->data) + cntSrc; |
+ PORT_Memcpy(pDst, pSrc, cntSrc); |
+ dest->len = (pDst - dest->data) + cntSrc; |
} |
/* |
** src is a buffer holding a signed variable length integer. |
** dest is a buffer which will be filled with an unsigned integer, |
** MSB first (big endian) with leading zeros, so that the last byte |
** of src will be the LSB of the integer. The result will be exactly |
** the length specified by the caller in dest->len. |
** src can be shorter than dest. src can be longer than dst, but only |
** if the extra leading bytes are zeros. |
*/ |
-SECStatus |
-DSAU_ConvertSignedToFixedUnsigned(SECItem *dest, SECItem *src) |
-{ |
- unsigned char *pSrc = src->data; |
- unsigned char *pDst = dest->data; |
- unsigned int cntSrc = src->len; |
- unsigned int cntDst = dest->len; |
- int zCount = cntDst - cntSrc; |
+SECStatus DSAU_ConvertSignedToFixedUnsigned(SECItem *dest, SECItem *src) { |
+ unsigned char *pSrc = src->data; |
+ unsigned char *pDst = dest->data; |
+ unsigned int cntSrc = src->len; |
+ unsigned int cntDst = dest->len; |
+ int zCount = cntDst - cntSrc; |
- if (zCount > 0) { |
- PORT_Memset(pDst, 0, zCount); |
- PORT_Memcpy(pDst + zCount, pSrc, cntSrc); |
- return SECSuccess; |
+ if (zCount > 0) { |
+ PORT_Memset(pDst, 0, zCount); |
+ PORT_Memcpy(pDst + zCount, pSrc, cntSrc); |
+ return SECSuccess; |
+ } |
+ if (zCount <= 0) { |
+ /* Source is longer than destination. Check for leading zeros. */ |
+ while (zCount++ < 0) { |
+ if (*pSrc++ != 0) goto loser; |
} |
- if (zCount <= 0) { |
- /* Source is longer than destination. Check for leading zeros. */ |
- while (zCount++ < 0) { |
- if (*pSrc++ != 0) |
- goto loser; |
- } |
- } |
- PORT_Memcpy(pDst, pSrc, cntDst); |
- return SECSuccess; |
+ } |
+ PORT_Memcpy(pDst, pSrc, cntDst); |
+ return SECSuccess; |
loser: |
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR ); |
- return SECFailure; |
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR); |
+ return SECFailure; |
} |
/* src is a "raw" ECDSA or DSA signature, the first half contains r |
* and the second half contains s. dest is the DER encoded signature. |
*/ |
-static SECStatus |
-common_EncodeDerSig(SECItem *dest, SECItem *src) |
-{ |
- SECItem * item; |
- SECItem srcItem; |
- DSA_ASN1Signature sig; |
- unsigned char *signedR; |
- unsigned char *signedS; |
- unsigned int len; |
+static SECStatus common_EncodeDerSig(SECItem *dest, SECItem *src) { |
+ SECItem *item; |
+ SECItem srcItem; |
+ DSA_ASN1Signature sig; |
+ unsigned char *signedR; |
+ unsigned char *signedS; |
+ unsigned int len; |
- /* Allocate memory with room for an extra byte that |
- * may be required if the top bit in the first byte |
- * is already set. |
- */ |
- len = src->len/2; |
- signedR = (unsigned char *) PORT_Alloc(len + 1); |
- if (!signedR) return SECFailure; |
- signedS = (unsigned char *) PORT_ZAlloc(len + 1); |
- if (!signedS) { |
- if (signedR) PORT_Free(signedR); |
- return SECFailure; |
- } |
+ /* Allocate memory with room for an extra byte that |
+ * may be required if the top bit in the first byte |
+ * is already set. |
+ */ |
+ len = src->len / 2; |
+ signedR = (unsigned char *)PORT_Alloc(len + 1); |
+ if (!signedR) return SECFailure; |
+ signedS = (unsigned char *)PORT_ZAlloc(len + 1); |
+ if (!signedS) { |
+ if (signedR) PORT_Free(signedR); |
+ return SECFailure; |
+ } |
- PORT_Memset(&sig, 0, sizeof(sig)); |
+ PORT_Memset(&sig, 0, sizeof(sig)); |
- /* Must convert r and s from "unsigned" integers to "signed" integers. |
- ** If the high order bit of the first byte (MSB) is 1, then must |
- ** prepend with leading zero. |
- ** Must remove all but one leading zero byte from numbers. |
- */ |
- sig.r.type = siUnsignedInteger; |
- sig.r.data = signedR; |
- sig.r.len = sizeof signedR; |
- sig.s.type = siUnsignedInteger; |
- sig.s.data = signedS; |
- sig.s.len = sizeof signedR; |
+ /* Must convert r and s from "unsigned" integers to "signed" integers. |
+ ** If the high order bit of the first byte (MSB) is 1, then must |
+ ** prepend with leading zero. |
+ ** Must remove all but one leading zero byte from numbers. |
+ */ |
+ sig.r.type = siUnsignedInteger; |
+ sig.r.data = signedR; |
+ sig.r.len = sizeof signedR; |
+ sig.s.type = siUnsignedInteger; |
+ sig.s.data = signedS; |
+ sig.s.len = sizeof signedR; |
- srcItem.data = src->data; |
- srcItem.len = len; |
+ srcItem.data = src->data; |
+ srcItem.len = len; |
- DSAU_ConvertUnsignedToSigned(&sig.r, &srcItem); |
- srcItem.data += len; |
- DSAU_ConvertUnsignedToSigned(&sig.s, &srcItem); |
+ DSAU_ConvertUnsignedToSigned(&sig.r, &srcItem); |
+ srcItem.data += len; |
+ DSAU_ConvertUnsignedToSigned(&sig.s, &srcItem); |
- item = SEC_ASN1EncodeItem(NULL, dest, &sig, DSA_SignatureTemplate); |
- if (signedR) PORT_Free(signedR); |
- if (signedS) PORT_Free(signedS); |
- if (item == NULL) |
- return SECFailure; |
+ item = SEC_ASN1EncodeItem(NULL, dest, &sig, DSA_SignatureTemplate); |
+ if (signedR) PORT_Free(signedR); |
+ if (signedS) PORT_Free(signedS); |
+ if (item == NULL) return SECFailure; |
- /* XXX leak item? */ |
- return SECSuccess; |
+ /* XXX leak item? */ |
+ return SECSuccess; |
} |
/* src is a DER-encoded ECDSA or DSA signature. |
** Returns a newly-allocated SECItem structure, pointing at a newly allocated |
** buffer containing the "raw" signature, which is len bytes of r, |
** followed by len bytes of s. For DSA, len is the length of q. |
** For ECDSA, len depends on the key size used to create the signature. |
*/ |
-static SECItem * |
-common_DecodeDerSig(const SECItem *item, unsigned int len) |
-{ |
- SECItem * result = NULL; |
- SECStatus status; |
- DSA_ASN1Signature sig; |
- SECItem dst; |
+static SECItem *common_DecodeDerSig(const SECItem *item, unsigned int len) { |
+ SECItem *result = NULL; |
+ SECStatus status; |
+ DSA_ASN1Signature sig; |
+ SECItem dst; |
- PORT_Memset(&sig, 0, sizeof(sig)); |
+ PORT_Memset(&sig, 0, sizeof(sig)); |
- result = PORT_ZNew(SECItem); |
- if (result == NULL) |
- goto loser; |
+ result = PORT_ZNew(SECItem); |
+ if (result == NULL) goto loser; |
- result->len = 2 * len; |
- result->data = (unsigned char*)PORT_Alloc(2 * len); |
- if (result->data == NULL) |
- goto loser; |
+ result->len = 2 * len; |
+ result->data = (unsigned char *)PORT_Alloc(2 * len); |
+ if (result->data == NULL) goto loser; |
- sig.r.type = siUnsignedInteger; |
- sig.s.type = siUnsignedInteger; |
- status = SEC_ASN1DecodeItem(NULL, &sig, DSA_SignatureTemplate, item); |
- if (status != SECSuccess) |
- goto loser; |
+ sig.r.type = siUnsignedInteger; |
+ sig.s.type = siUnsignedInteger; |
+ status = SEC_ASN1DecodeItem(NULL, &sig, DSA_SignatureTemplate, item); |
+ if (status != SECSuccess) goto loser; |
- /* Convert sig.r and sig.s from variable length signed integers to |
- ** fixed length unsigned integers. |
- */ |
- dst.data = result->data; |
- dst.len = len; |
- status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.r); |
- if (status != SECSuccess) |
- goto loser; |
+ /* Convert sig.r and sig.s from variable length signed integers to |
+ ** fixed length unsigned integers. |
+ */ |
+ dst.data = result->data; |
+ dst.len = len; |
+ status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.r); |
+ if (status != SECSuccess) goto loser; |
- dst.data += len; |
- status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.s); |
- if (status != SECSuccess) |
- goto loser; |
+ dst.data += len; |
+ status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.s); |
+ if (status != SECSuccess) goto loser; |
done: |
- if (sig.r.data != NULL) |
- PORT_Free(sig.r.data); |
- if (sig.s.data != NULL) |
- PORT_Free(sig.s.data); |
+ if (sig.r.data != NULL) PORT_Free(sig.r.data); |
+ if (sig.s.data != NULL) PORT_Free(sig.s.data); |
- return result; |
+ return result; |
loser: |
- if (result != NULL) { |
- SECITEM_FreeItem(result, PR_TRUE); |
- result = NULL; |
- } |
- goto done; |
+ if (result != NULL) { |
+ SECITEM_FreeItem(result, PR_TRUE); |
+ result = NULL; |
+ } |
+ goto done; |
} |
/* src is a "raw" DSA1 signature, 20 bytes of r followed by 20 bytes of s. |
** dest is the signature DER encoded. ? |
*/ |
-SECStatus |
-DSAU_EncodeDerSig(SECItem *dest, SECItem *src) |
-{ |
- PORT_Assert(src->len == 2 * DSA1_SUBPRIME_LEN); |
- if (src->len != 2 * DSA1_SUBPRIME_LEN) { |
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR ); |
- return SECFailure; |
- } |
+SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src) { |
+ PORT_Assert(src->len == 2 * DSA1_SUBPRIME_LEN); |
+ if (src->len != 2 * DSA1_SUBPRIME_LEN) { |
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR); |
+ return SECFailure; |
+ } |
- return common_EncodeDerSig(dest, src); |
+ return common_EncodeDerSig(dest, src); |
} |
/* src is a "raw" DSA signature of length len (len/2 bytes of r followed |
** by len/2 bytes of s). dest is the signature DER encoded. |
*/ |
-SECStatus |
-DSAU_EncodeDerSigWithLen(SECItem *dest, SECItem *src, unsigned int len) |
-{ |
+SECStatus DSAU_EncodeDerSigWithLen(SECItem *dest, SECItem *src, |
+ unsigned int len) { |
- PORT_Assert((src->len == len) && (len % 2 == 0)); |
- if ((src->len != len) || (src->len % 2 != 0)) { |
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR ); |
- return SECFailure; |
- } |
+ PORT_Assert((src->len == len) && (len % 2 == 0)); |
+ if ((src->len != len) || (src->len % 2 != 0)) { |
+ PORT_SetError(PR_INVALID_ARGUMENT_ERROR); |
+ return SECFailure; |
+ } |
- return common_EncodeDerSig(dest, src); |
+ return common_EncodeDerSig(dest, src); |
} |
/* src is a DER-encoded DSA signature. |
** Returns a newly-allocated SECItem structure, pointing at a newly allocated |
** buffer containing the "raw" DSA1 signature, which is 20 bytes of r, |
** followed by 20 bytes of s. |
*/ |
-SECItem * |
-DSAU_DecodeDerSig(const SECItem *item) |
-{ |
- return common_DecodeDerSig(item, DSA1_SUBPRIME_LEN); |
+SECItem *DSAU_DecodeDerSig(const SECItem *item) { |
+ return common_DecodeDerSig(item, DSA1_SUBPRIME_LEN); |
} |
/* src is a DER-encoded ECDSA signature. |
** Returns a newly-allocated SECItem structure, pointing at a newly allocated |
** buffer containing the "raw" ECDSA signature of length len containing |
** r followed by s (both padded to take up exactly len/2 bytes). |
*/ |
-SECItem * |
-DSAU_DecodeDerSigToLen(const SECItem *item, unsigned int len) |
-{ |
- return common_DecodeDerSig(item, len/2); |
+SECItem *DSAU_DecodeDerSigToLen(const SECItem *item, unsigned int len) { |
+ return common_DecodeDerSig(item, len / 2); |
} |