Crypt-OpenSSL-DSA-0.15/0000755000000000000000000000000012464241552012225 5ustar rootCrypt-OpenSSL-DSA-0.15/Changes0000755000000000000000000000303112464236563013526 0ustar rootRevision history for Perl extension Crypt::OpenSSL::DSA. 0.15 2015/02/03 - #84367 Win32 compatibility patch - #80369 fix errors in POD. Mainly just missing =over/=back - #80368 Makefile.PL: unneeded -lssl in LIBS 0.14 2012/10/16 - compiling with -Werror=format-security now works (Jerome Quelin, #48446) - Use Digest::SHA instead of Digest::SHA1 (Ansgar Burchardt, #60271) - Security fix, CVE-2009-0129: Missing error check in do_verify (Havard Eidnes, #79958) 0.13 2005/10/15 - made t/90-openssl-compat.t windows compatible (Rob) 0.12 2005/05/22 - Removed all use of strlen() in DSA.xs so signatures with nulls, as commonly generated with sha1, could be signed/verified, and added more tests (Brad Fitzpatrick ) 0.11 2003/01/06 - Added -DPERL5 to Makefile.PL required for perl-5.8/gcc-3.2 0.10 2002/09/25 - Fixed Memory leak with signature object. - Added set_p, set_q, set_g, set_pub_key, set_priv_key (Olaf Kolkman) - Added set_r and set_s methods to Crypt::OpenSSL::DSA::Signature - Renamed Signature.pm to Signature.pod 0.04 2002/09/24 - Fixed bug in verify method - Added read_priv_key_str and read_pub_key_str 0.03 2002/02/06 - Added Crypt::OpenSSL::DSA::Signature interface 0.02 2001/09/24 - Added more docs - seed is now optional argument in generate_parameters 0.01 2001/09/18 - original version; created by h2xs Crypt-OpenSSL-DSA-0.15/DSA.xs0000755000000000000000000002247512037371116013221 0ustar root/* $Id: */ #ifdef __cplusplus extern "C" { #endif #include "EXTERN.h" #include "perl.h" #include "XSUB.h" #include #include #include #include #include #ifdef __cplusplus } #endif MODULE = Crypt::OpenSSL::DSA PACKAGE = Crypt::OpenSSL::DSA PROTOTYPES: DISABLE BOOT: ERR_load_crypto_strings(); DSA * new(CLASS) char * CLASS CODE: RETVAL = DSA_new(); OUTPUT: RETVAL void DESTROY(dsa) DSA *dsa CODE: DSA_free(dsa); DSA * generate_parameters(CLASS, bits, seed = NULL) char * CLASS int bits SV * seed PREINIT: DSA * dsa; int seed_len = 0; char * seedpv = NULL; CODE: if (seed) { seedpv = SvPV(seed, seed_len); } dsa = DSA_generate_parameters(bits, seedpv, seed_len, NULL, NULL, NULL, NULL); if (!dsa) croak("%s", ERR_reason_error_string(ERR_get_error())); RETVAL = dsa; OUTPUT: RETVAL int generate_key(dsa) DSA * dsa CODE: RETVAL = DSA_generate_key(dsa); OUTPUT: RETVAL DSA_SIG * do_sign(dsa, dgst) DSA * dsa SV * dgst PREINIT: DSA_SIG * sig; char * CLASS = "Crypt::OpenSSL::DSA::Signature"; char * dgst_pv = NULL; int dgst_len = 0; CODE: dgst_pv = SvPV(dgst, dgst_len); if (!(sig = DSA_do_sign((const unsigned char *) dgst_pv, dgst_len, dsa))) { croak("Error in dsa_sign: %s",ERR_error_string(ERR_get_error(), NULL)); } RETVAL = sig; OUTPUT: RETVAL SV * sign(dsa, dgst) DSA * dsa SV * dgst PREINIT: unsigned char *sigret; unsigned int siglen; char * dgst_pv = NULL; int dgst_len = 0; CODE: siglen = DSA_size(dsa); sigret = malloc(siglen); dgst_pv = SvPV(dgst, dgst_len); /* warn("Length of sign [%s] is %d\n", dgst_pv, dgst_len); */ if (!(DSA_sign(0, (const unsigned char *) dgst_pv, dgst_len, sigret, &siglen, dsa))) { croak("Error in DSA_sign: %s",ERR_error_string(ERR_get_error(), NULL)); } RETVAL = newSVpvn(sigret, siglen); free(sigret); OUTPUT: RETVAL int verify(dsa, dgst, sigbuf) DSA * dsa SV *dgst SV *sigbuf PREINIT: char * dgst_pv = NULL; int dgst_len = 0; char * sig_pv = NULL; int sig_len = 0; CODE: dgst_pv = SvPV(dgst, dgst_len); sig_pv = SvPV(sigbuf, sig_len); RETVAL = DSA_verify(0, dgst_pv, dgst_len, sig_pv, sig_len, dsa); if (RETVAL == -1) croak("Error in DSA_verify: %s",ERR_error_string(ERR_get_error(), NULL)); OUTPUT: RETVAL int do_verify(dsa, dgst, sig) DSA *dsa SV *dgst DSA_SIG *sig PREINIT: char * dgst_pv = NULL; int dgst_len = 0; CODE: dgst_pv = SvPV(dgst, dgst_len); RETVAL = DSA_do_verify(dgst_pv, dgst_len, sig, dsa); if (RETVAL == -1) croak("Error in DSA_do_verify: %s",ERR_error_string(ERR_get_error(), NULL)); OUTPUT: RETVAL DSA * read_params(CLASS, filename) char *CLASS char *filename PREINIT: FILE *f; CODE: if(!(f = fopen(filename, "r"))) croak("Can't open file %s", filename); RETVAL = PEM_read_DSAparams(f, NULL, NULL, NULL); fclose(f); OUTPUT: RETVAL int write_params(dsa, filename) DSA * dsa char *filename PREINIT: FILE *f; CODE: if(!(f = fopen(filename, "w"))) croak("Can't open file %s", filename); RETVAL = PEM_write_DSAparams(f, dsa); fclose(f); OUTPUT: RETVAL DSA * _load_key(CLASS, private_flag_SV, key_string_SV) char *CLASS; SV * private_flag_SV; SV * key_string_SV; PREINIT: int key_string_length; /* Needed to pass to SvPV */ char *key_string; char private_flag; BIO *stringBIO; CODE: private_flag = SvTRUE( private_flag_SV ); key_string = SvPV( key_string_SV, key_string_length ); if( (stringBIO = BIO_new_mem_buf(key_string, key_string_length)) == NULL ) croak( "Failed to create memory BIO %s", ERR_error_string(ERR_get_error(), NULL)); RETVAL = private_flag ? PEM_read_bio_DSAPrivateKey( stringBIO, NULL, NULL, NULL ) : PEM_read_bio_DSA_PUBKEY( stringBIO, NULL, NULL, NULL ); BIO_set_close(stringBIO, BIO_CLOSE); BIO_free( stringBIO ); if ( RETVAL == NULL ) croak( "Failed to read key %s", ERR_error_string(ERR_get_error(), NULL)); OUTPUT: RETVAL DSA * read_pub_key(CLASS, filename) char *CLASS char *filename PREINIT: FILE *f; CODE: if(!(f = fopen(filename, "r"))) croak("Can't open file %s", filename); RETVAL = PEM_read_DSA_PUBKEY(f, NULL, NULL, NULL); fclose(f); OUTPUT: RETVAL int write_pub_key(dsa, filename) DSA * dsa char *filename PREINIT: FILE *f; CODE: if(!(f = fopen(filename, "w"))) croak("Can't open file %s", filename); RETVAL = PEM_write_DSA_PUBKEY(f, dsa); fclose(f); OUTPUT: RETVAL DSA * read_priv_key(CLASS, filename) char *CLASS char *filename PREINIT: FILE *f; CODE: if(!(f = fopen(filename, "r"))) croak("Can't open file %s", filename); RETVAL = PEM_read_DSAPrivateKey(f, NULL, NULL, NULL); fclose(f); OUTPUT: RETVAL int write_priv_key(dsa, filename) DSA * dsa char *filename PREINIT: FILE *f; CODE: if(!(f = fopen(filename, "w"))) croak("Can't open file %s", filename); RETVAL = PEM_write_DSAPrivateKey(f, dsa, NULL, NULL, 0, NULL, NULL); fclose(f); OUTPUT: RETVAL SV * get_p(dsa) DSA *dsa PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 128); len = BN_bn2bin(dsa->p, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL SV * get_q(dsa) DSA *dsa PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 20); len = BN_bn2bin(dsa->q, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL SV * get_g(dsa) DSA *dsa PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 128); len = BN_bn2bin(dsa->g, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL SV * get_pub_key(dsa) DSA *dsa PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 128); len = BN_bn2bin(dsa->pub_key, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL SV * get_priv_key(dsa) DSA *dsa PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 128); len = BN_bn2bin(dsa->priv_key, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL void set_p(dsa, p_SV) DSA *dsa SV * p_SV PREINIT: int len; CODE: len = SvCUR(p_SV); dsa->p = BN_bin2bn(SvPV(p_SV, len), len, NULL); void set_q(dsa, q_SV) DSA *dsa SV * q_SV PREINIT: int len; CODE: len = SvCUR(q_SV); dsa->q = BN_bin2bn(SvPV(q_SV, len), len, NULL); void set_g(dsa, g_SV) DSA *dsa SV * g_SV PREINIT: int len; CODE: len = SvCUR(g_SV); dsa->g = BN_bin2bn(SvPV(g_SV, len), len, NULL); void set_pub_key(dsa, pub_key_SV) DSA *dsa SV * pub_key_SV PREINIT: int len; CODE: len = SvCUR(pub_key_SV); dsa->pub_key = BN_bin2bn(SvPV(pub_key_SV, len), len, NULL); void set_priv_key(dsa, priv_key_SV) DSA *dsa SV * priv_key_SV PREINIT: int len; CODE: len = SvCUR(priv_key_SV); dsa->priv_key = BN_bin2bn(SvPV(priv_key_SV, len), len, NULL); MODULE = Crypt::OpenSSL::DSA PACKAGE = Crypt::OpenSSL::DSA::Signature DSA_SIG * new(CLASS) char * CLASS CODE: RETVAL = DSA_SIG_new(); OUTPUT: RETVAL void DESTROY(dsa_sig) DSA_SIG *dsa_sig CODE: DSA_SIG_free(dsa_sig); SV * get_r(dsa_sig) DSA_SIG *dsa_sig PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 128); len = BN_bn2bin(dsa_sig->r, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL SV * get_s(dsa_sig) DSA_SIG *dsa_sig PREINIT: char *to; int len; CODE: to = malloc(sizeof(char) * 128); len = BN_bn2bin(dsa_sig->s, to); RETVAL = newSVpvn(to, len); free(to); OUTPUT: RETVAL void set_r(dsa_sig, r_SV) DSA_SIG *dsa_sig SV * r_SV PREINIT: int len; CODE: len = SvCUR(r_SV); dsa_sig->r = BN_bin2bn(SvPV(r_SV, len), len, NULL); void set_s(dsa_sig, s_SV) DSA_SIG *dsa_sig SV * s_SV PREINIT: int len; CODE: len = SvCUR(s_SV); dsa_sig->s = BN_bin2bn(SvPV(s_SV, len), len, NULL); Crypt-OpenSSL-DSA-0.15/hints/0000755000000000000000000000000012464241534013352 5ustar rootCrypt-OpenSSL-DSA-0.15/hints/MSWin32.pl0000755000000000000000000000017312464235647015065 0ustar rootuse Config; $self->{LIBS} = ['-llibeay32'] if $Config{cc} =~ /cl/; $self->{LIBS} = ['-leay32'] if $Config{cc} =~ /gcc/; Crypt-OpenSSL-DSA-0.15/lib/0000755000000000000000000000000012464241534012773 5ustar rootCrypt-OpenSSL-DSA-0.15/lib/Crypt/0000755000000000000000000000000012464241534014074 5ustar rootCrypt-OpenSSL-DSA-0.15/lib/Crypt/OpenSSL/0000755000000000000000000000000012464241534015357 5ustar rootCrypt-OpenSSL-DSA-0.15/lib/Crypt/OpenSSL/DSA/0000755000000000000000000000000012464241534015766 5ustar rootCrypt-OpenSSL-DSA-0.15/lib/Crypt/OpenSSL/DSA/Signature.pod0000755000000000000000000000222212464240710020427 0ustar root=head1 NAME Crypt::OpenSSL::DSA::Signature - Digital Signature Object =head1 SYNOPSIS use Crypt::OpenSSL::DSA; my $dsa_priv = Crypt::OpenSSL::DSA->read_priv_key( $filename ); my $sig_obj = $dsa_priv->do_sign($message); my $dsa_pub = Crypt::OpenSSL::DSA->read_pub_key( $filename ); my $valid = $dsa_pub->do_verify($message, $sig_obj); my $r = $sig_obj->get_r; my $s = $sig_obj->get_s; my $sig_obj2 = Crypt::OpenSSL::DSA::Signature->new(); $sig_obj2->set_r($r); $sig_obj2->set_s($s); my $valid = $dsa_pub->do_verify($message, $sig_obj2); =head1 CLASS METHODS =over =item $sig_obj = Crypt::OpenSSL::DSA::Signature->new(); Create a new DSA Signature Object. You will need to call set_r and set_s after you create this. =back =head1 OBJECT METHODS =over =item $r = $sig_obj->get_r; Gets first member of signature pair. =item $s = $sig_obj->get_s; Gets second member of signature pair. =item $r = $sig_obj->set_r; Sets first member of signature pair. =item $s = $sig_obj->set_s; Sets second member of signature pair. =back =head1 AUTHOR T.J. Mather, Etjmather@maxmind.comE =head1 SEE ALSO L =cut Crypt-OpenSSL-DSA-0.15/lib/Crypt/OpenSSL/DSA.pm0000755000000000000000000001172712464236610016336 0ustar rootpackage Crypt::OpenSSL::DSA; use strict; use warnings; require DynaLoader; use vars qw(@ISA $VERSION); @ISA = qw(DynaLoader); $VERSION = '0.15'; bootstrap Crypt::OpenSSL::DSA $VERSION; sub read_pub_key_str { my ($class, $key_str) = @_; $class->_load_key(0, $key_str); } sub read_priv_key_str { my ($class, $key_str) = @_; $class->_load_key(1, $key_str); } 1; __END__ =head1 NAME Crypt::OpenSSL::DSA - Digital Signature Algorithm using OpenSSL =head1 SYNOPSIS use Crypt::OpenSSL::DSA; # generate keys and write out to PEM files my $dsa = Crypt::OpenSSL::DSA->generate_parameters( 512 ); $dsa->generate_key; $dsa->write_pub_key( $filename ); $dsa->write_priv_key( $filename ); # using keys from PEM files my $dsa_priv = Crypt::OpenSSL::DSA->read_priv_key( $filename ); my $sig = $dsa_priv->sign($message); my $dsa_pub = Crypt::OpenSSL::DSA->read_pub_key( $filename ); my $valid = $dsa_pub->verify($message, $sig); # using keys from PEM strings my $dsa_priv = Crypt::OpenSSL::DSA->read_priv_key_str( $key_string ); my $sig = $dsa_priv->sign($message); my $dsa_pub = Crypt::OpenSSL::DSA->read_pub_key_str( $key_string ); my $valid = $dsa_pub->verify($message, $sig); =head1 DESCRIPTION Crypt::OpenSSL::DSA implements the DSA (Digital Signature Algorithm) signature verification system. It is a thin XS wrapper to the DSA functions contained in the OpenSSL crypto library, located at http://www.openssl.org =head1 CLASS METHODS =over 4 =item $dsa = Crypt::OpenSSL::DSA->generate_parameters( $bits, $seed ); Returns a new DSA object and generates the p, q and g parameters necessary to generate keys. bits is the length of the prime to be generated; the DSS allows a maximum of 1024 bits. =item $dsa = Crypt::OpenSSL::DSA->read_params( $filename ); Reads in a parameter PEM file and returns a new DSA object with the p, q and g parameters necessary to generate keys. =item $dsa = Crypt::OpenSSL::DSA->read_pub_key( $filename ); Reads in a public key PEM file and returns a new DSA object that can be used to verify DSA signatures. =item $dsa = Crypt::OpenSSL::DSA->read_priv_key( $filename ); Reads in a private key PEM file and returns a new DSA object that can be used to sign messages. =item $dsa = Crypt::OpenSSL::DSA->read_pub_key_str( $key_string ); Reads in a public key PEM string and returns a new DSA object that can be used to verify DSA signatures. The string should include the -----BEGIN...----- and -----END...----- lines. =item $dsa = Crypt::OpenSSL::DSA->read_priv_key_str( $key_string ); Reads in a private key PEM string and returns a new DSA object that can be used to sign messages. The string should include the -----BEGIN...----- and -----END...----- lines. =back =head1 OBJECT METHODS =over 4 =item $dsa->generate_key; Generates private and public keys, assuming that $dsa is the return value of generate_parameters. =item $sig = $dsa->sign( $message ); Signs $message, returning the signature. Note that $meesage cannot exceed 20 characters in length. $dsa is the signer's private key. =item $sig_obj = $dsa->do_sign( $message ); Similar to C, but returns a L object. =item $valid = $dsa->verify( $message, $sig ); Verifies that the $sig signature for $message is valid. $dsa is the signer's public key. Note: it croaks if the underlying library call returns error (-1). =item $valid = $dsa->do_verify( $message, $sig_obj ); Similar to C, but uses a L object. Note: it croaks if the underlying library call returns error (-1). =item $dsa->write_params( $filename ); Writes the parameters into a PEM file. =item $dsa->write_pub_key( $filename ); Writes the public key into a PEM file. =item $dsa->write_priv_key( $filename ); Writes the private key into a PEM file. =item $p = $dsa->get_p, $dsa->set_p($p) Gets/sets the prime number in binary format. =item $q = $dsa->get_q, $dsa->set_q($q) Gets/sets the subprime number (q | p-1) in binary format. =item $g = $dsa->get_g, $dsa->set_g($g) Gets/sets the generator of subgroup in binary format. =item $pub_key = $dsa->get_pub_key, $dsa->set_pub_key($pub_key) Gets/sets the public key (y = g^x) in binary format. =item $priv_key = $dsa->get_priv_key, $dsa->set_priv_key($priv_key) Gets/sets the private key in binary format. =back =head1 NOTES L is a more mature Perl DSA module, but can be difficult to install, because of the L requirement. Comments, suggestions, and patches welcome. =head1 AUTHOR T.J. Mather, Etjmather@maxmind.comE =head1 COPYRIGHT Copyright (c) 2002 T.J. Mather. Crypt::OpenSSL::DSA is free software; you may redistribute it and/or modify it under the same terms as Perl itself. Paid support is available from directly from the author of this package. Please see L for more details. =head1 SEE ALSO L L, L L =cut Crypt-OpenSSL-DSA-0.15/Makefile.PL0000755000000000000000000000122312464241464014202 0ustar rootuse ExtUtils::MakeMaker; # See lib/ExtUtils/MakeMaker.pm for details of how to influence # the contents of the Makefile that is written. WriteMakefile( 'NAME' => 'Crypt::OpenSSL::DSA', 'VERSION_FROM' => 'lib/Crypt/OpenSSL/DSA.pm', # finds $VERSION 'PREREQ_PM' => {}, # e.g., Module::Name => 1.1 'AUTHOR' => 'T.J. Mather', 'LIBS' => ['-lcrypto'], 'DEFINE' => '-DPERL5', # perl-5.8/gcc-3.2 needs this 'META_MERGE' => { resources => { repository => 'https://github.com/kmx/perl-Crypt-OpenSSL-DSA', }, }, dist => { TARFLAGS => '--owner=0 --group=0 -cvf' }, ); Crypt-OpenSSL-DSA-0.15/MANIFEST0000644000000000000000000000046712464241553013366 0ustar rootChanges DSA.xs hints/MSWin32.pl lib/Crypt/OpenSSL/DSA.pm lib/Crypt/OpenSSL/DSA/Signature.pod Makefile.PL MANIFEST META.yml Module meta-data (added by MakeMaker) README t/00-use.t t/10-selftest.t t/90-openssl-compat.t typemap META.json Module JSON meta-data (added by MakeMaker) Crypt-OpenSSL-DSA-0.15/META.json0000644000000000000000000000163012464241552013646 0ustar root{ "abstract" : "unknown", "author" : [ "T.J. Mather" ], "dynamic_config" : 1, "generated_by" : "ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 2.143240", "license" : [ "unknown" ], "meta-spec" : { "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec", "version" : "2" }, "name" : "Crypt-OpenSSL-DSA", "no_index" : { "directory" : [ "t", "inc" ] }, "prereqs" : { "build" : { "requires" : { "ExtUtils::MakeMaker" : "0" } }, "configure" : { "requires" : { "ExtUtils::MakeMaker" : "0" } }, "runtime" : { "requires" : {} } }, "release_status" : "stable", "resources" : { "repository" : { "url" : "https://github.com/kmx/perl-Crypt-OpenSSL-DSA" } }, "version" : "0.15" } Crypt-OpenSSL-DSA-0.15/META.yml0000644000000000000000000000100612464241541013471 0ustar root--- abstract: unknown author: - 'T.J. Mather' build_requires: ExtUtils::MakeMaker: '0' configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 1 generated_by: 'ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 2.143240' license: unknown meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html version: '1.4' name: Crypt-OpenSSL-DSA no_index: directory: - t - inc requires: {} resources: repository: https://github.com/kmx/perl-Crypt-OpenSSL-DSA version: '0.15' Crypt-OpenSSL-DSA-0.15/README0000755000000000000000000000153710324302275013107 0ustar rootCrypt::OpenSSL::DSA version 0.13 ================================ DESCRIPTION Crypt::OpenSSL::DSA implements the DSA (Digital Signature Algorithm) signature verification system. It is a thin XS wrapper to the DSA functions contained in the OpenSSL crypto library, located at http://www.openssl.org INSTALLATION To install this module type the following: perl Makefile.PL make make test make install DEPENDENCIES This module requires these other modules and libraries: openssl, available from http://www.openssl.org/ COPYRIGHT AND LICENCE Copyright (c) 2002 T.J. Mather. Crypt::OpenSSL::DSA is free software; you may redistribute it and/or modify it under the same terms as Perl itself. Paid support is available from directly from the author of this package. Please see http://www.maxmind.com/app/opensourceservices for more details. Crypt-OpenSSL-DSA-0.15/t/0000755000000000000000000000000012464241534012470 5ustar rootCrypt-OpenSSL-DSA-0.15/t/00-use.t0000755000000000000000000000056210244237741013673 0ustar root# -*- Mode: Perl; -*- # test file added by Brad Fitzpatrick in response to bugs found by Karl Koscher # related to null bytes in SHA1 signatures, and strlen truncating the message # being signed/verified use strict; use Test; use Crypt::OpenSSL::DSA; BEGIN { plan tests => 1 }; my $dsa = Crypt::OpenSSL::DSA->generate_parameters( 512 ); $dsa->generate_key; ok(1); Crypt-OpenSSL-DSA-0.15/t/10-selftest.t0000755000000000000000000000535110244236703014727 0ustar root# -*- Mode: Perl; -*- use strict; use Test; use Crypt::OpenSSL::DSA; BEGIN { plan tests => 30 } my $message = "foo bar"; my $dsa = Crypt::OpenSSL::DSA->generate_parameters( 512, "foo" ); $dsa->generate_key; my $dsa_sig1 = $dsa->sign($message); my $dsa_sig_obj1 = $dsa->do_sign($message); my $bogus_sig = $dsa_sig1; $bogus_sig =~ s!.a$!ba!; $bogus_sig =~ s!.$!a!; my $p = $dsa->get_p; my $q = $dsa->get_q; my $g = $dsa->get_g; my $pub_key = $dsa->get_pub_key; my $priv_key = $dsa->get_priv_key; my $r = $dsa_sig_obj1->get_r; my $s = $dsa_sig_obj1->get_s; my $dsa_sig_obj2 = Crypt::OpenSSL::DSA::Signature->new(); $dsa_sig_obj2->set_r($r); $dsa_sig_obj2->set_s($s); my $dsa_sig_obj_bogus = Crypt::OpenSSL::DSA::Signature->new(); $dsa_sig_obj_bogus->set_r($s); $dsa_sig_obj_bogus->set_s($r); ok($dsa->verify($message, $dsa_sig1), 1); ok($dsa->verify($message, $bogus_sig), 0); ok($dsa->do_verify($message, $dsa_sig_obj1), 1); ok($dsa->do_verify($message, $dsa_sig_obj2), 1); ok($dsa->do_verify($message, $dsa_sig_obj_bogus), 0); ok($dsa->write_params("dsa.param.pem"), 1); ok($dsa->write_pub_key("dsa.pub.pem"), 1); ok($dsa->write_priv_key("dsa.priv.pem"), 1); my ($priv_key_str, $pub_key_str); { local($/) = undef; open PRIV, "dsa.priv.pem"; $priv_key_str = ; close PRIV; open PUB, "dsa.pub.pem"; $pub_key_str = ; close PUB; } my $dsa2 = Crypt::OpenSSL::DSA->read_priv_key("dsa.priv.pem"); my $dsa_sig2 = $dsa2->sign($message); my $dsa3 = Crypt::OpenSSL::DSA->read_pub_key("dsa.pub.pem"); my $dsa4 = Crypt::OpenSSL::DSA->read_priv_key_str($priv_key_str); my $dsa5 = Crypt::OpenSSL::DSA->read_pub_key_str($pub_key_str); my $dsa6 = Crypt::OpenSSL::DSA->new(); $dsa6->set_p($p); $dsa6->set_q($q); $dsa6->set_g($g); $dsa6->set_pub_key($pub_key); ok($dsa6->get_p,$p); ok($dsa6->get_q,$q); ok($dsa6->get_g,$g); ok($dsa6->get_pub_key,$pub_key); ok($dsa->verify($message, $dsa_sig2), 1); ok($dsa2->verify($message, $dsa_sig2), 1); ok($dsa2->verify($message, $dsa_sig1), 1); ok($dsa3->verify($message, $dsa_sig1), 1); ok($dsa3->verify($message, $dsa_sig2), 1); ok($dsa4->verify($message, $dsa_sig2), 1); ok($dsa4->verify($message, $dsa_sig1), 1); ok($dsa5->verify($message, $dsa_sig1), 1); ok($dsa5->verify($message, $dsa_sig2), 1); ok($dsa6->verify($message, $dsa_sig1), 1); ok($dsa6->verify($message, $dsa_sig2), 1); $dsa6->set_priv_key($priv_key); ok($dsa6->get_priv_key,$priv_key); my $dsa_sig3 = $dsa6->sign($message); ok($dsa->verify($message, $dsa_sig3), 1); ok($dsa2->verify($message, $dsa_sig3), 1); ok($dsa3->verify($message, $dsa_sig3), 1); ok($dsa4->verify($message, $dsa_sig3), 1); ok($dsa5->verify($message, $dsa_sig3), 1); ok($dsa6->verify($message, $dsa_sig3), 1); unlink("dsa.param.pem"); unlink("dsa.priv.pem"); unlink("dsa.pub.pem"); Crypt-OpenSSL-DSA-0.15/t/90-openssl-compat.t0000755000000000000000000000447312037371000016046 0ustar root# -*- Mode: Perl; -*- # test file added by Brad Fitzpatrick in response to bugs found by Karl Koscher # related to null bytes in SHA1 signatures, and strlen truncating the message # being signed/verified use strict; use Test; use Crypt::OpenSSL::DSA; BEGIN { plan tests => 84 } my $HAS_SHA1 = eval "use Digest::SHA; 1;"; my ($OPEN_SSL, $testable); if($^O !~ /mswin32/i) { $OPEN_SSL = `which openssl` || "/usr/bin/openssl"; chomp $OPEN_SSL; $testable = -x $OPEN_SSL && $HAS_SHA1; } else { $OPEN_SSL = "openssl"; eval{`openssl version`}; if(!$@) {$testable = 1 && $HAS_SHA1} } my $why_skip = $HAS_SHA1 ? "Need openssl binary in path" : "Need Digest::SHA to test"; my $dsa = Crypt::OpenSSL::DSA->generate_parameters( 512, "foo" ); $dsa->generate_key; ok($dsa->write_pub_key("dsa.pub.pem"), 1); ok($dsa->write_priv_key("dsa.priv.pem"), 1); my $dsa_pub = Crypt::OpenSSL::DSA->read_pub_key("dsa.pub.pem"); ok($dsa_pub); my $dsa_priv = Crypt::OpenSSL::DSA->read_priv_key("dsa.priv.pem"); ok($dsa_priv); my $to_do = 500; my $of_each = 20; if ($testable) { my %done; # { zero => $ct, nonzero => $ct } for (1..$to_do) { my $plain = "This is test number $_"; my $msg = Digest::SHA::sha1($plain); my $type = ($msg =~ /\x00/) ? "zero" : "nonzero"; next if $done{$type}++ >= $of_each; my $sig = $dsa_priv->sign($msg); my $we_think = $dsa_pub->verify($msg, $sig); my $openssl_think = openssl_verify("dsa.pub.pem", $sig, $plain); ok($we_think, 1); ok($openssl_think, 1); } } else { for (1..($of_each*4)) { print "ok # Skip $why_skip\n"; } } unlink("dsa.priv.pem"); unlink("dsa.pub.pem"); sub openssl_verify { my ($public_pem_file, $sig, $msg_plain) = @_; require File::Temp; my $sig_temp = new File::Temp(TEMPLATE => "tmp.signatureXXXX") or die; my $msg_temp = new File::Temp(TEMPLATE => "tmp.msgXXXX") or die; syswrite($sig_temp,$sig); syswrite($msg_temp,$msg_plain); # FIXME: shutup openssl from spewing to STDOUT the "Verification # OK". can we depend on reading "Verification OK" from the # open("-|", "openssl") open mode due to portability? my $rv = system("openssl", "dgst", "-dss1", "-verify", $public_pem_file, "-signature", "$sig_temp", "$msg_temp"); return 0 if $rv; return 1; } Crypt-OpenSSL-DSA-0.15/typemap0000755000000000000000000000100612464241114013621 0ustar rootTYPEMAP DSA * O_OBJECT DSA_SIG * O_OBJECT INPUT O_OBJECT if( sv_isobject($arg) && (SvTYPE(SvRV($arg)) == SVt_PVMG) ) $var = INT2PTR($type, SvIV((SV*)SvRV( $arg ))); else{ warn( \"${Package}::$func_name() -- $var is not a blessed SV reference\" ); XSRETURN_UNDEF; } OUTPUT # The Perl object is blessed into 'CLASS', which should be a # char* having the name of the package for the blessing. O_OBJECT sv_setref_pv( $arg, (char *)CLASS, (void*)$var );