resolve conflicts

author: djm <> 2009-01-09 12:15:52 +0000
committer: djm <> 2009-01-09 12:15:52 +0000
commit: 23f8d96f0f508b8bef2602049feee9c44228d34c (patch)
tree: a2a7787bc00e8f6a29153b8c6d9eb5e8f73d6269 /src/lib/libcrypto/dh
parent: 30562050421d947c3eb3c10edde6e87730b17471 (diff)
download: openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.tar.gz
openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.tar.bz2
openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.zip
7 files changed, 38 insertions, 11 deletions
diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile
index 950cad9c5b..d01fa960eb 100644
--- a/src/lib/libcrypto/dh/Makefile
+++ b/src/lib/libcrypto/dh/Makefile
@@ -33,7 +33,7 @@ top:
 all:    lib
 lib:    $(LIBOBJ)
-        $(AR) $(LIB) $(LIBOBJ)
+        $(ARX) $(LIB) $(LIBOBJ)
        $(RANLIB) $(LIB) || echo Never mind.
        @touch lib
@@ -129,11 +129,11 @@ dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
 dh_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
 dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h
-dh_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+dh_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
-dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-dh_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-dh_lib.o: ../cryptlib.h dh_lib.c
+dh_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dh_lib.c
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 0afabc7dd3..0a39742773 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -77,6 +77,8 @@
 # define OPENSSL_DH_MAX_MODULUS_BITS    10000
 #endif
+#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
 #define DH_FLAG_CACHE_MONT_P     0x01
 #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
                                       * implementation now uses constant time
@@ -167,6 +169,11 @@ struct dh_st
 const DH_METHOD *DH_OpenSSL(void);
+#ifdef OPENSSL_FIPS
+DH *    FIPS_dh_new(void);
+void    FIPS_dh_free(DH *dh);
+#endif
 void DH_set_default_method(const DH_METHOD *meth);
 const DH_METHOD *DH_get_default_method(void);
 int DH_set_method(DH *dh, const DH_METHOD *meth);
@@ -218,6 +225,9 @@ void ERR_load_DH_strings(void);
 #define DH_F_DHPARAMS_PRINT                              100
 #define DH_F_DHPARAMS_PRINT_FP                           101
 #define DH_F_DH_BUILTIN_GENPARAMS                        106
+#define DH_F_DH_COMPUTE_KEY                              107
+#define DH_F_DH_GENERATE_KEY                             108
+#define DH_F_DH_GENERATE_PARAMETERS                      109
 #define DH_F_DH_NEW_METHOD                               105
 #define DH_F_GENERATE_KEY                                103
 #define DH_F_GENERATE_PARAMETERS                         104
@@ -225,6 +235,7 @@ void ERR_load_DH_strings(void);
 /* Reason codes. */
 #define DH_R_BAD_GENERATOR                               101
 #define DH_R_INVALID_PUBKEY                              102
+#define DH_R_KEY_SIZE_TOO_SMALL                          104
 #define DH_R_MODULUS_TOO_LARGE                           103
 #define DH_R_NO_PRIVATE_VALUE                            100
 #define DH_R_INVALID_PUBKEY                              102
diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c
index 769b5b68c5..76740af2bd 100644
--- a/src/lib/libcrypto/dh/dh_asn1.c
+++ b/src/lib/libcrypto/dh/dh_asn1.c
@@ -1,5 +1,5 @@
 /* dh_asn1.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
 /* ====================================================================
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index b846913004..316cb9221d 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -70,6 +70,8 @@
 * should hold.
 */
+#ifndef OPENSSL_FIPS
 int DH_check(const DH *dh, int *ret)
        {
        int ok=0;
@@ -140,3 +142,5 @@ err:
        if (q != NULL) BN_free(q);
        return(ok);
        }
+#endif
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
index b2361c7389..b364362fca 100644
--- a/src/lib/libcrypto/dh/dh_err.c
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /* crypto/dh/dh_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -74,6 +74,9 @@ static ERR_STRING_DATA DH_str_functs[]=
 {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
 {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),      "DHparams_print_fp"},
 {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS),   "DH_BUILTIN_GENPARAMS"},
+{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
+{ERR_FUNC(DH_F_DH_GENERATE_KEY),        "DH_generate_key"},
+{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
 {ERR_FUNC(DH_F_DH_NEW_METHOD),  "DH_new_method"},
 {ERR_FUNC(DH_F_GENERATE_KEY),   "GENERATE_KEY"},
 {ERR_FUNC(DH_F_GENERATE_PARAMETERS),    "GENERATE_PARAMETERS"},
@@ -84,6 +87,7 @@ static ERR_STRING_DATA DH_str_reasons[]=
        {
 {ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
 {ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
+{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL)     ,"key size too small"},
 {ERR_REASON(DH_R_MODULUS_TOO_LARGE)      ,"modulus too large"},
 {ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
 {ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index cfd5b11868..999e1deb40 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -66,6 +66,8 @@
 #include <openssl/bn.h>
 #include <openssl/dh.h>
+#ifndef OPENSSL_FIPS
 static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
 int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
@@ -173,3 +175,5 @@ err:
                }
        return ok;
        }
+#endif
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index e7db440342..79dd331863 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -62,6 +62,8 @@
 #include <openssl/rand.h>
 #include <openssl/dh.h>
+#ifndef OPENSSL_FIPS
 static int generate_key(DH *dh);
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
 static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
@@ -261,3 +263,5 @@ static int dh_finish(DH *dh)
                BN_MONT_CTX_free(dh->method_mont_p);
        return(1);
        }
+#endif
author	djm <>	2009-01-09 12:15:52 +0000
committer	djm <>	2009-01-09 12:15:52 +0000
commit	23f8d96f0f508b8bef2602049feee9c44228d34c (patch)
tree	a2a7787bc00e8f6a29153b8c6d9eb5e8f73d6269 /src/lib/libcrypto/dh
parent	30562050421d947c3eb3c10edde6e87730b17471 (diff)
download	openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.tar.gz openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.tar.bz2 openbsd-23f8d96f0f508b8bef2602049feee9c44228d34c.zip