Lines Matching +full:ecc +full:- +full:engine
8 * (c) NLnet Labs, 2004-2006
27 #include <openssl/engine.h>
34 { LDNS_SIGN_RSASHA1_NSEC3, "RSASHA1-NSEC3-SHA1" },
40 { LDNS_SIGN_ECC_GOST, "ECC-GOST" },
54 { LDNS_SIGN_DSA_NSEC3, "DSA-NSEC3-SHA1" },
56 { LDNS_SIGN_HMACMD5, "hmac-md5.sig-alg.reg.int" },
57 { LDNS_SIGN_HMACSHA1, "hmac-sha1" },
58 { LDNS_SIGN_HMACSHA256, "hmac-sha256" },
59 { LDNS_SIGN_HMACSHA224, "hmac-sha224" },
60 { LDNS_SIGN_HMACSHA384, "hmac-sha384" },
61 { LDNS_SIGN_HMACSHA512, "hmac-sha512" },
72 key_list->_key_count = 0; in ldns_key_list_new()
73 key_list->_keys = NULL; in ldns_key_list_new()
87 /* some defaults - not sure whether to do this */ in ldns_key_new()
112 ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm alg) in ldns_key_new_frm_engine()
119 k->_key.key = ENGINE_load_private_key(e, key_id, UI_OpenSSL(), NULL); in ldns_key_new_frm_engine()
120 if(!k->_key.key) { in ldns_key_new_frm_engine()
125 if (!k->_key.key) { in ldns_key_new_frm_engine()
136 /** store GOST engine reference loaded into OpenSSL library */
137 ENGINE* ldns_gost_engine = NULL;
144 ENGINE* e; in ldns_key_EVP_load_gost_id()
148 /* see if configuration loaded gost implementation from other engine*/ in ldns_key_EVP_load_gost_id()
149 meth = EVP_PKEY_asn1_find_str(NULL, "gost2001", -1); in ldns_key_EVP_load_gost_id()
155 /* see if engine can be loaded already */ in ldns_key_EVP_load_gost_id()
164 /* no gost engine in openssl */ in ldns_key_EVP_load_gost_id()
173 meth = EVP_PKEY_asn1_find_str(&e, "gost2001", -1); in ldns_key_EVP_load_gost_id()
180 /* Note: do not ENGINE_finish and ENGINE_free the acquired engine in ldns_key_EVP_load_gost_id()
212 sizeof(token), line_nr) == -1) in ldns_key_new_frm_fp_gost_l()
217 sizeof(token)-strlen(token), line_nr) == -1) in ldns_key_new_frm_fp_gost_l()
267 sizeof(token), line_nr) == -1) in ldns_key_new_frm_fp_ecdsa_l()
336 /* reverse the pkey into the buf - key is not reversed it seems */ in ldns_ed25519_priv_raw()
338 buf[pre_len+i] = pkey[plen-1-i]; */ in ldns_ed25519_priv_raw()
351 sizeof(token), line_nr) == -1) in ldns_key_new_frm_fp_ed25519_l()
388 /* reverse the pkey into the buf - key is not reversed it seems */ in ldns_ed448_priv_raw()
390 buf[pre_len+i] = pkey[plen-1-i]; */ in ldns_ed448_priv_raw()
403 sizeof(token), line_nr) == -1) in ldns_key_new_frm_fp_ed448_l()
445 * Private-key-format: v1.x. in ldns_key_new_frm_fp_l()
450 if (ldns_fget_keyword_data_l(fp, "Private-key-format", ": ", d, "\n", in ldns_key_new_frm_fp_l()
451 LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_l()
466 LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_l()
489 if (strncmp(d, "4 ECC", 2) == 0) { in ldns_key_new_frm_fp_l()
529 if (strncmp(d, "12 ECC-GOST", 3) == 0) { in ldns_key_new_frm_fp_l()
534 fprintf(stderr, "Warning: ECC-GOST not compiled into this "); in ldns_key_new_frm_fp_l()
535 fprintf(stderr, "version of ldns, use --enable-gost\n"); in ldns_key_new_frm_fp_l()
545 fprintf(stderr, "version of ldns, use --enable-ecdsa\n"); in ldns_key_new_frm_fp_l()
555 fprintf(stderr, "version of ldns, use --enable-ecdsa\n"); in ldns_key_new_frm_fp_l()
565 fprintf(stderr, "version of ldns, use --enable-ed25519\n"); in ldns_key_new_frm_fp_l()
575 fprintf(stderr, "version of ldns, use --enable-ed448\n"); in ldns_key_new_frm_fp_l()
579 if (strncmp(d, "157 HMAC-MD5", 4) == 0) { in ldns_key_new_frm_fp_l()
582 if (strncmp(d, "158 HMAC-SHA1", 4) == 0) { in ldns_key_new_frm_fp_l()
585 if (strncmp(d, "159 HMAC-SHA256", 4) == 0) { in ldns_key_new_frm_fp_l()
588 /* For compatibility with dnssec-keygen */ in ldns_key_new_frm_fp_l()
592 if (strncmp(d, "162 HMAC-SHA224", 4) == 0) { in ldns_key_new_frm_fp_l()
595 /* For compatibility with dnssec-keygen */ in ldns_key_new_frm_fp_l()
599 if (strncmp(d, "164 HMAC-SHA384", 4) == 0) { in ldns_key_new_frm_fp_l()
602 if (strncmp(d, "165 HMAC-SHA512", 4) == 0) { in ldns_key_new_frm_fp_l()
666 if(!k->_key.key) { in ldns_key_new_frm_fp_l()
680 if(!k->_key.key) { in ldns_key_new_frm_fp_l()
693 if(!k->_key.key) { in ldns_key_new_frm_fp_l()
706 if(!k->_key.key) { in ldns_key_new_frm_fp_l()
758 * BIGNUM *dmp1; // d mod (p-1) in ldns_key_new_frm_fp_rsa_l()
759 * BIGNUM *dmq1; // d mod (q-1) in ldns_key_new_frm_fp_rsa_l()
760 * BIGNUM *iqmp; // q^-1 mod p in ldns_key_new_frm_fp_rsa_l()
782 /* Modules, rsa->n */ in ldns_key_new_frm_fp_rsa_l()
783 if (ldns_fget_keyword_data_l(f, "Modulus", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_rsa_l()
793 /* PublicExponent, rsa->e */ in ldns_key_new_frm_fp_rsa_l()
794 …if (ldns_fget_keyword_data_l(f, "PublicExponent", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1)… in ldns_key_new_frm_fp_rsa_l()
803 /* PrivateExponent, rsa->d */ in ldns_key_new_frm_fp_rsa_l()
804 …if (ldns_fget_keyword_data_l(f, "PrivateExponent", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1… in ldns_key_new_frm_fp_rsa_l()
813 /* Prime1, rsa->p */ in ldns_key_new_frm_fp_rsa_l()
814 if (ldns_fget_keyword_data_l(f, "Prime1", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_rsa_l()
823 /* Prime2, rsa->q */ in ldns_key_new_frm_fp_rsa_l()
824 if (ldns_fget_keyword_data_l(f, "Prime2", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_rsa_l()
833 /* Exponent1, rsa->dmp1 */ in ldns_key_new_frm_fp_rsa_l()
834 if (ldns_fget_keyword_data_l(f, "Exponent1", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_rsa_l()
843 /* Exponent2, rsa->dmq1 */ in ldns_key_new_frm_fp_rsa_l()
844 if (ldns_fget_keyword_data_l(f, "Exponent2", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_rsa_l()
853 /* Coefficient, rsa->iqmp */ in ldns_key_new_frm_fp_rsa_l()
854 if (ldns_fget_keyword_data_l(f, "Coefficient", ": ", b, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_rsa_l()
866 rsa->n = n; in ldns_key_new_frm_fp_rsa_l()
867 rsa->e = e; in ldns_key_new_frm_fp_rsa_l()
868 rsa->d = d; in ldns_key_new_frm_fp_rsa_l()
869 rsa->p = p; in ldns_key_new_frm_fp_rsa_l()
870 rsa->q = q; in ldns_key_new_frm_fp_rsa_l()
871 rsa->dmp1 = dmp1; in ldns_key_new_frm_fp_rsa_l()
872 rsa->dmq1 = dmq1; in ldns_key_new_frm_fp_rsa_l()
873 rsa->iqmp = iqmp; in ldns_key_new_frm_fp_rsa_l()
933 /* Prime, dsa->p */ in ldns_key_new_frm_fp_dsa_l()
934 if (ldns_fget_keyword_data_l(f, "Primep", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_dsa_l()
944 /* Subprime, dsa->q */ in ldns_key_new_frm_fp_dsa_l()
945 if (ldns_fget_keyword_data_l(f, "Subprimeq", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_dsa_l()
954 /* Base, dsa->g */ in ldns_key_new_frm_fp_dsa_l()
955 if (ldns_fget_keyword_data_l(f, "Baseg", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_dsa_l()
964 /* Private key, dsa->priv_key */ in ldns_key_new_frm_fp_dsa_l()
965 …if (ldns_fget_keyword_data_l(f, "Private_valuex", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1)… in ldns_key_new_frm_fp_dsa_l()
974 /* Public key, dsa->priv_key */ in ldns_key_new_frm_fp_dsa_l()
975 if (ldns_fget_keyword_data_l(f, "Public_valuey", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { in ldns_key_new_frm_fp_dsa_l()
987 dsa->p = p; in ldns_key_new_frm_fp_dsa_l()
988 dsa->q = q; in ldns_key_new_frm_fp_dsa_l()
989 dsa->g = g; in ldns_key_new_frm_fp_dsa_l()
990 dsa->priv_key = priv_key; in ldns_key_new_frm_fp_dsa_l()
991 dsa->pub_key = pub_key; in ldns_key_new_frm_fp_dsa_l()
1038 LDNS_MAX_LINELEN, line_nr) == -1 in ldns_key_new_frm_fp_hmac_l()
1132 if (EVP_PKEY_keygen(ctx, &k->_key.key) <= 0) { in ldns_key_new_frm_algorithm()
1193 k->_key.key = NULL; in ldns_key_new_frm_algorithm()
1218 memcpy(&hmac[offset], &i, size - offset); in ldns_key_new_frm_algorithm()
1229 if(!k->_key.key) { in ldns_key_new_frm_algorithm()
1256 k->_key.key = EVP_PKEY_new(); in ldns_key_new_frm_algorithm()
1257 if(!k->_key.key) { in ldns_key_new_frm_algorithm()
1262 if (!EVP_PKEY_assign_EC_KEY(k->_key.key, ec)) { in ldns_key_new_frm_algorithm()
1286 if (EVP_PKEY_keygen(ctx, &k->_key.key) <= 0) { in ldns_key_new_frm_algorithm()
1308 if (EVP_PKEY_keygen(ctx, &k->_key.key) <= 0) { in ldns_key_new_frm_algorithm()
1338 k->_alg = l; in ldns_key_set_algorithm()
1344 k->_extra.dnssec.flags = f; in ldns_key_set_flags()
1352 k->_key.key = e; in ldns_key_set_evp_key()
1360 k->_key.key = key; in ldns_key_set_rsa_key()
1369 k->_key.key = key; in ldns_key_set_dsa_key()
1380 k->_key.key = key; in ldns_key_assign_rsa_key()
1389 k->_key.key = key; in ldns_key_assign_dsa_key()
1400 k->_key.hmac.key = hmac; in ldns_key_set_hmac_key()
1406 k->_key.hmac.size = hmac_size; in ldns_key_set_hmac_size()
1412 k->_key.external_key = external_key; in ldns_key_set_external_key()
1418 k->_extra.dnssec.orig_ttl = t; in ldns_key_set_origttl()
1424 k->_extra.dnssec.inception = i; in ldns_key_set_inception()
1430 k->_extra.dnssec.expiration = e; in ldns_key_set_expiration()
1436 k->_pubkey_owner = r; in ldns_key_set_pubkey_owner()
1442 k->_extra.dnssec.keytag = tag; in ldns_key_set_keytag()
1449 return key_list ? key_list->_key_count : 0; in ldns_key_list_key_count()
1456 return key->_keys[nr]; in ldns_key_list_key()
1465 return k->_alg; in ldns_key_algorithm()
1472 k->_use = v; in ldns_key_set_use()
1480 return k->_use; in ldns_key_use()
1490 return k->_key.key; in ldns_key_evp_key()
1496 if (k->_key.key) { in ldns_key_rsa_key()
1497 return EVP_PKEY_get1_RSA(k->_key.key); in ldns_key_rsa_key()
1507 if (k->_key.key) { in ldns_key_dsa_key()
1508 return EVP_PKEY_get1_DSA(k->_key.key); in ldns_key_dsa_key()
1523 if (k->_key.hmac.key) { in ldns_key_hmac_key()
1524 return k->_key.hmac.key; in ldns_key_hmac_key()
1533 if (k->_key.hmac.size) { in ldns_key_hmac_size()
1534 return k->_key.hmac.size; in ldns_key_hmac_size()
1543 return k->_key.external_key; in ldns_key_external_key()
1549 return k->_extra.dnssec.orig_ttl; in ldns_key_origttl()
1555 return k->_extra.dnssec.flags; in ldns_key_flags()
1561 return k->_extra.dnssec.inception; in ldns_key_inception()
1567 return k->_extra.dnssec.expiration; in ldns_key_expiration()
1573 return k->_extra.dnssec.keytag; in ldns_key_keytag()
1579 return k->_pubkey_owner; in ldns_key_pubkey_owner()
1596 key->_key_count = count; in ldns_key_list_set_key_count()
1609 key_list->_keys, ldns_key *, key_count + 1); in ldns_key_list_push_key()
1615 key_list->_keys = keys; in ldns_key_list_push_key()
1616 key_list->_keys[key_count] = key; in ldns_key_list_push_key()
1641 a = LDNS_XREALLOC(key_list->_keys, ldns_key *, key_count - 1); in ldns_key_list_pop_key()
1643 key_list->_keys = a; in ldns_key_list_pop_key()
1646 ldns_key_list_set_key_count(key_list, key_count - 1); in ldns_key_list_pop_key()
1664 n = k->n; in ldns_key_rsa2bin()
1665 e = k->e; in ldns_key_rsa2bin()
1709 p = k->p; q = k->q; g = k->g; in ldns_key_dsa2bin()
1714 pub_key = k->pub_key; priv_key = k->priv_key; in ldns_key_dsa2bin()
1718 T = (*size - 64) / 8; in ldns_key_dsa2bin()
1733 BN_bn2bin(g, data + 21 + *size * 2 - BN_num_bytes(g)); in ldns_key_dsa2bin()
1734 BN_bn2bin(pub_key,data + 21 + *size * 3 - BN_num_bytes(pub_key)); in ldns_key_dsa2bin()
1807 * much as it can, but it does not know about key-flags in ldns_key2rr()
1843 /* zero-th rdf - flags */ in ldns_key2rr()
1847 /* first - proto */ in ldns_key2rr()
1855 /* third - da algorithm */ in ldns_key2rr()
1939 if (!ldns_key_gost2bin(bin, k->_key.key, &size)) { in ldns_key2rr()
1958 ec = EVP_PKEY_get1_EC_KEY(k->_key.key); in ldns_key2rr()
1973 size -= 1; in ldns_key2rr()
1994 if (!ldns_key_ed255192bin(bin, k->_key.key, &size)) { in ldns_key2rr()
2011 if (!ldns_key_ed4482bin(bin, k->_key.key, &size)) { in ldns_key2rr()
2079 LDNS_FREE(key_list->_keys); in ldns_key_list_free()
2156 while(lt->name) { in ldns_key_algo_supported()
2157 if(lt->id == algo) in ldns_key_algo_supported()
2168 /* from bind dnssec-keygen */ in ldns_get_signing_algorithm_by_name()
2169 {LDNS_SIGN_HMACMD5, "HMAC-MD5"}, in ldns_get_signing_algorithm_by_name()
2184 {LDNS_ECC, "ECC"}, in ldns_get_signing_algorithm_by_name()
2193 while(lt->name) { in ldns_get_signing_algorithm_by_name()
2194 if(strcasecmp(lt->name, name) == 0) in ldns_get_signing_algorithm_by_name()
2195 return lt->id; in ldns_get_signing_algorithm_by_name()
2199 while(lt->name) { in ldns_get_signing_algorithm_by_name()
2200 if(strcasecmp(lt->name, name) == 0) in ldns_get_signing_algorithm_by_name()
2201 return lt->id; in ldns_get_signing_algorithm_by_name()