Add simple ASN.1 utils for DSA signature DER.

Adds simple utility functions to allow both the default and fips providers to
encode and decode DSA-Sig-Value and ECDSA-Sig-Value (DSA_SIG and ECDSA_SIG
structures) to/from ASN.1 DER without requiring those providers to have a
dependency on the asn1 module.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9111)

3 files changed, 206 insertions, 1 deletions

diff --git a/test/asn1_dsa_internal_test.c b/test/asn1_dsa_internal_test.c
new file mode 100644
index 0000000000..a62f5e4cd4
--- /dev/null
+++ b/test/asn1_dsa_internal_test.c
@@ -0,0 +1,184 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/bn.h>
+#include "internal/asn1_dsa.h"
+#include "testutil.h"
+
+static unsigned char t_dsa_sig[] = {
+    0x30, 0x06,                  /* SEQUENCE tag + length */
+    0x02, 0x01, 0x01,            /* INTEGER tag + length + content */
+    0x02, 0x01, 0x02             /* INTEGER tag + length + content */
+};
+
+static unsigned char t_dsa_sig_extra[] = {
+    0x30, 0x06,                  /* SEQUENCE tag + length */
+    0x02, 0x01, 0x01,            /* INTEGER tag + length + content */
+    0x02, 0x01, 0x02,            /* INTEGER tag + length + content */
+    0x05, 0x00                   /* NULL tag + length */
+};
+
+static unsigned char t_dsa_sig_msb[] = {
+    0x30, 0x08,                  /* SEQUENCE tag + length */
+    0x02, 0x02, 0x00, 0x81,      /* INTEGER tag + length + content */
+    0x02, 0x02, 0x00, 0x82       /* INTEGER tag + length + content */
+};
+
+static unsigned char t_dsa_sig_two[] = {
+    0x30, 0x08,                  /* SEQUENCE tag + length */
+    0x02, 0x02, 0x01, 0x00,      /* INTEGER tag + length + content */
+    0x02, 0x02, 0x02, 0x00       /* INTEGER tag + length + content */
+};
+
+/*
+ * Badly coded ASN.1 INTEGER zero wrapped in a sequence along with another
+ * (valid) INTEGER.
+ */
+static unsigned char t_invalid_int_zero[] = {
+    0x30, 0x05,                  /* SEQUENCE tag + length */
+    0x02, 0x00,                  /* INTEGER tag + length */
+    0x02, 0x01, 0x2a             /* INTEGER tag + length */
+};
+
+/*
+ * Badly coded ASN.1 INTEGER (with leading zeros) wrapped in a sequence along
+ * with another (valid) INTEGER.
+ */
+static unsigned char t_invalid_int[] = {
+    0x30, 0x07,                  /* SEQUENCE tag + length */
+    0x02, 0x02, 0x00, 0x7f,      /* INTEGER tag + length */
+    0x02, 0x01, 0x2a             /* INTEGER tag + length */
+};
+
+/*
+ * Negative ASN.1 INTEGER wrapped in a sequence along with another
+ * (valid) INTEGER.
+ */
+static unsigned char t_neg_int[] = {
+    0x30, 0x06,                  /* SEQUENCE tag + length */
+    0x02, 0x01, 0xaa,            /* INTEGER tag + length */
+    0x02, 0x01, 0x2a             /* INTEGER tag + length */
+};
+
+static unsigned char t_trunc_der[] = {
+    0x30, 0x08,                  /* SEQUENCE tag + length */
+    0x02, 0x02, 0x00, 0x81,      /* INTEGER tag + length */
+    0x02, 0x02, 0x00             /* INTEGER tag + length */
+};
+
+static unsigned char t_trunc_seq[] = {
+    0x30, 0x07,                  /* SEQUENCE tag + length */
+    0x02, 0x02, 0x00, 0x81,      /* INTEGER tag + length */
+    0x02, 0x02, 0x00, 0x82       /* INTEGER tag + length */
+};
+
+static int test_decode(void)
+{
+    int rv = 0;
+    BIGNUM *r;
+    BIGNUM *s;
+    const unsigned char *pder;
+
+    r = BN_new();
+    s = BN_new();
+
+    /* Positive tests */
+    pder = t_dsa_sig;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig)) == 0
+            || !TEST_ptr_eq(pder, (t_dsa_sig + sizeof(t_dsa_sig)))
+            || !TEST_BN_eq_word(r, 1) || !TEST_BN_eq_word(s, 2)) {
+        TEST_info("asn1_dsa test_decode: t_dsa_sig failed");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_dsa_sig_extra;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_extra)) == 0
+            || !TEST_ptr_eq(pder,
+                            (t_dsa_sig_extra + sizeof(t_dsa_sig_extra) - 2))
+            || !TEST_BN_eq_word(r, 1) || !TEST_BN_eq_word(s, 2)) {
+        TEST_info("asn1_dsa test_decode: t_dsa_sig_extra failed");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_dsa_sig_msb;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_msb)) == 0
+            || !TEST_ptr_eq(pder, (t_dsa_sig_msb + sizeof(t_dsa_sig_msb)))
+            || !TEST_BN_eq_word(r, 0x81) || !TEST_BN_eq_word(s, 0x82)) {
+        TEST_info("asn1_dsa test_decode: t_dsa_sig_msb failed");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_dsa_sig_two;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_two)) == 0
+            || !TEST_ptr_eq(pder, (t_dsa_sig_two + sizeof(t_dsa_sig_two)))
+            || !TEST_BN_eq_word(r, 0x100) || !TEST_BN_eq_word(s, 0x200)) {
+        TEST_info("asn1_dsa test_decode: t_dsa_sig_two failed");
+        goto fail;
+    }
+
+    /* Negative tests */
+    pder = t_invalid_int_zero;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_invalid_int_zero)) != 0) {
+        TEST_info("asn1_dsa test_decode: Expected t_invalid_int_zero to fail");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_invalid_int;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_invalid_int)) != 0) {
+        TEST_info("asn1_dsa test_decode: Expected t_invalid_int to fail");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_neg_int;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_neg_int)) != 0) {
+        TEST_info("asn1_dsa test_decode: Expected t_neg_int to fail");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_trunc_der;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_trunc_der)) != 0) {
+        TEST_info("asn1_dsa test_decode: Expected fail t_trunc_der");
+        goto fail;
+    }
+
+    BN_clear(r);
+    BN_clear(s);
+    pder = t_trunc_seq;
+    if (decode_der_dsa_sig(r, s, &pder, sizeof(t_trunc_seq)) != 0) {
+        TEST_info("asn1_dsa test_decode: Expected fail t_trunc_seq");
+        goto fail;
+    }
+
+    rv = 1;
+fail:
+    BN_free(r);
+    BN_free(s);
+    return rv;
+}
+
+int setup_tests(void)
+{
+    ADD_TEST(test_decode);
+    return 1;
+}
diff --git a/test/build.info b/test/build.info
index f5b802da4d..a61c0ce2be 100644
--- a/test/build.info
+++ b/test/build.info
@@ -469,7 +469,8 @@ IF[{- !$disabled{tests} -}]
     PROGRAMS{noinst}=asn1_internal_test modes_internal_test x509_internal_test \
                      tls13encryptiontest wpackettest ctype_internal_test \
                      rdrand_sanitytest property_test \
-                     rsa_sp800_56b_test bn_internal_test
+                     rsa_sp800_56b_test bn_internal_test \
+                     asn1_dsa_internal_test
 
     IF[{- !$disabled{poly1305} -}]
       PROGRAMS{noinst}=poly1305_internal_test
@@ -561,6 +562,10 @@ IF[{- !$disabled{tests} -}]
     SOURCE[bn_internal_test]=bn_internal_test.c
     INCLUDE[bn_internal_test]=.. ../include ../crypto/include ../crypto/bn ../apps/include
     DEPEND[bn_internal_test]=../libcrypto.a libtestutil.a
+
+    SOURCE[asn1_dsa_internal_test]=asn1_dsa_internal_test.c
+    INCLUDE[asn1_dsa_internal_test]=.. ../include ../apps/include ../crypto/include
+    DEPEND[asn1_dsa_internal_test]=../libcrypto.a libtestutil.a
   ENDIF
 
   IF[{- !$disabled{mdc2} -}]
diff --git a/test/recipes/03-test_internal_asn1_dsa.t b/test/recipes/03-test_internal_asn1_dsa.t
new file mode 100644
index 0000000000..ecacac73cb
--- /dev/null
+++ b/test/recipes/03-test_internal_asn1_dsa.t
@@ -0,0 +1,16 @@
+#! /usr/bin/env perl
+# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use OpenSSL::Test;              # get 'plan'
+use OpenSSL::Test::Simple;
+use OpenSSL::Test::Utils;
+
+setup("test_internal_asn1_dsa");
+
+simple_test("test_internal_asn1_dsa", "asn1_dsa_internal_test");