summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
authorbeck <>2000-03-19 11:13:58 +0000
committerbeck <>2000-03-19 11:13:58 +0000
commit796d609550df3a33fc11468741c5d2f6d3df4c11 (patch)
tree6c6d539061caa20372dad0ac4ddb1dfae2fbe7fe /src/lib/libcrypto/dh
parent5be3114c1fd7e0dfea1e38d3abb4cbba75244419 (diff)
downloadopenbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.gz
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.tar.bz2
openbsd-796d609550df3a33fc11468741c5d2f6d3df4c11.zip
OpenSSL 0.9.5 merge
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/Makefile.ssl20
-rw-r--r--src/lib/libcrypto/dh/dh.h51
-rw-r--r--src/lib/libcrypto/dh/dh_check.c10
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c19
-rw-r--r--src/lib/libcrypto/dh/dh_key.c65
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c92
-rw-r--r--src/lib/libcrypto/dh/dhtest.c12
7 files changed, 236 insertions, 33 deletions
diff --git a/src/lib/libcrypto/dh/Makefile.ssl b/src/lib/libcrypto/dh/Makefile.ssl
index 3b5ec0e115..8df60872ef 100644
--- a/src/lib/libcrypto/dh/Makefile.ssl
+++ b/src/lib/libcrypto/dh/Makefile.ssl
@@ -83,26 +83,30 @@ dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
83dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 83dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
84dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 84dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85dh_check.o: ../../include/openssl/opensslconf.h 85dh_check.o: ../../include/openssl/opensslconf.h
86dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/stack.h 86dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
87dh_check.o: ../cryptlib.h 87dh_check.o: ../../include/openssl/stack.h ../cryptlib.h
88dh_err.o: ../../include/openssl/bn.h ../../include/openssl/dh.h 88dh_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
89dh_err.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 89dh_err.o: ../../include/openssl/dh.h ../../include/openssl/err.h
90dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
91dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
90dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 92dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
91dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 93dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
92dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 94dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
93dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 95dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
94dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 96dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
95dh_gen.o: ../../include/openssl/stack.h ../cryptlib.h 97dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
98dh_gen.o: ../cryptlib.h
96dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 99dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
97dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 100dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
98dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 101dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
99dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 102dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
100dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 103dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
101dh_key.o: ../../include/openssl/rand.h ../../include/openssl/stack.h 104dh_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
102dh_key.o: ../cryptlib.h 105dh_key.o: ../../include/openssl/stack.h ../cryptlib.h
103dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 106dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
104dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 107dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
105dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 108dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
106dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 109dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
107dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 110dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
108dh_lib.o: ../../include/openssl/stack.h ../cryptlib.h 111dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
112dh_lib.o: ../cryptlib.h
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 2cc3797a94..c15b2ad483 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -68,10 +68,28 @@ extern "C" {
68#endif 68#endif
69 69
70#include <openssl/bn.h> 70#include <openssl/bn.h>
71#include <openssl/crypto.h>
71 72
72#define DH_FLAG_CACHE_MONT_P 0x01 73#define DH_FLAG_CACHE_MONT_P 0x01
73 74
74typedef struct dh_st 75typedef struct dh_st DH;
76
77typedef struct dh_method {
78 const char *name;
79 /* Methods here */
80 int (*generate_key)(DH *dh);
81 int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh);
82 int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
83 const BIGNUM *m, BN_CTX *ctx,
84 BN_MONT_CTX *m_ctx); /* Can be null */
85
86 int (*init)(DH *dh);
87 int (*finish)(DH *dh);
88 int flags;
89 char *app_data;
90} DH_METHOD;
91
92struct dh_st
75 { 93 {
76 /* This first argument is used to pick up errors when 94 /* This first argument is used to pick up errors when
77 * a DH is passed instead of a EVP_PKEY */ 95 * a DH is passed instead of a EVP_PKEY */
@@ -80,12 +98,22 @@ typedef struct dh_st
80 BIGNUM *p; 98 BIGNUM *p;
81 BIGNUM *g; 99 BIGNUM *g;
82 int length; /* optional */ 100 int length; /* optional */
83 BIGNUM *pub_key; /* y */ 101 BIGNUM *pub_key; /* g^x */
84 BIGNUM *priv_key; /* x */ 102 BIGNUM *priv_key; /* x */
85 103
86 int flags; 104 int flags;
87 char *method_mont_p; 105 char *method_mont_p;
88 } DH; 106 /* Place holders if we want to do X9.42 DH */
107 BIGNUM *q;
108 BIGNUM *j;
109 unsigned char *seed;
110 int seedlen;
111 BIGNUM *counter;
112
113 int references;
114 CRYPTO_EX_DATA ex_data;
115 DH_METHOD *meth;
116 };
89 117
90#define DH_GENERATOR_2 2 118#define DH_GENERATOR_2 2
91/* #define DH_GENERATOR_3 3 */ 119/* #define DH_GENERATOR_3 3 */
@@ -93,10 +121,14 @@ typedef struct dh_st
93 121
94/* DH_check error codes */ 122/* DH_check error codes */
95#define DH_CHECK_P_NOT_PRIME 0x01 123#define DH_CHECK_P_NOT_PRIME 0x01
96#define DH_CHECK_P_NOT_STRONG_PRIME 0x02 124#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
97#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 125#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
98#define DH_NOT_SUITABLE_GENERATOR 0x08 126#define DH_NOT_SUITABLE_GENERATOR 0x08
99 127
128/* primes p where (p-1)/2 is prime too are called "safe"; we define
129 this for backward compatibility: */
130#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
131
100#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ 132#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
101 (char *(*)())d2i_DHparams,(char *)(x)) 133 (char *(*)())d2i_DHparams,(char *)(x))
102#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ 134#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
@@ -113,9 +145,20 @@ typedef struct dh_st
113 (unsigned char *)(x)) 145 (unsigned char *)(x))
114#endif 146#endif
115 147
148DH_METHOD *DH_OpenSSL(void);
149
150void DH_set_default_method(DH_METHOD *meth);
151DH_METHOD *DH_get_default_method(void);
152DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth);
153DH *DH_new_method(DH_METHOD *meth);
154
116DH * DH_new(void); 155DH * DH_new(void);
117void DH_free(DH *dh); 156void DH_free(DH *dh);
118int DH_size(DH *dh); 157int DH_size(DH *dh);
158int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
159 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
160int DH_set_ex_data(DH *d, int idx, void *arg);
161void *DH_get_ex_data(DH *d, int idx);
119DH * DH_generate_parameters(int prime_len,int generator, 162DH * DH_generate_parameters(int prime_len,int generator,
120 void (*callback)(int,int,void *),void *cb_arg); 163 void (*callback)(int,int,void *),void *cb_arg);
121int DH_check(DH *dh,int *codes); 164int DH_check(DH *dh,int *codes);
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 95ce9cfad0..7e5cfd8bfc 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -61,7 +61,7 @@
61#include <openssl/bn.h> 61#include <openssl/bn.h>
62#include <openssl/dh.h> 62#include <openssl/dh.h>
63 63
64/* Check that p is a strong prime and 64/* Check that p is a safe prime and
65 * if g is 2, 3 or 5, check that is is a suitable generator 65 * if g is 2, 3 or 5, check that is is a suitable generator
66 * where 66 * where
67 * for 2, p mod 24 == 11 67 * for 2, p mod 24 == 11
@@ -88,11 +88,13 @@ int DH_check(DH *dh, int *ret)
88 l=BN_mod_word(dh->p,24); 88 l=BN_mod_word(dh->p,24);
89 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; 89 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
90 } 90 }
91/* else if (BN_is_word(dh->g,DH_GENERATOR_3)) 91#if 0
92 else if (BN_is_word(dh->g,DH_GENERATOR_3))
92 { 93 {
93 l=BN_mod_word(dh->p,12); 94 l=BN_mod_word(dh->p,12);
94 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; 95 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
95 }*/ 96 }
97#endif
96 else if (BN_is_word(dh->g,DH_GENERATOR_5)) 98 else if (BN_is_word(dh->g,DH_GENERATOR_5))
97 { 99 {
98 l=BN_mod_word(dh->p,10); 100 l=BN_mod_word(dh->p,10);
@@ -108,7 +110,7 @@ int DH_check(DH *dh, int *ret)
108 { 110 {
109 if (!BN_rshift1(q,dh->p)) goto err; 111 if (!BN_rshift1(q,dh->p)) goto err;
110 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) 112 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
111 *ret|=DH_CHECK_P_NOT_STRONG_PRIME; 113 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
112 } 114 }
113 ok=1; 115 ok=1;
114err: 116err:
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index b7bcd2c7a4..7a6a38fbb4 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -72,14 +72,14 @@
72 * Having said all that, 72 * Having said all that,
73 * there is another special case method for the generators 2, 3 and 5. 73 * there is another special case method for the generators 2, 3 and 5.
74 * for 2, p mod 24 == 11 74 * for 2, p mod 24 == 11
75 * for 3, p mod 12 == 5 <<<<< does not work for strong primes. 75 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
76 * for 5, p mod 10 == 3 or 7 76 * for 5, p mod 10 == 3 or 7
77 * 77 *
78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the 78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
79 * special generators and for answering some of my questions. 79 * special generators and for answering some of my questions.
80 * 80 *
81 * I've implemented the second simple method :-). 81 * I've implemented the second simple method :-).
82 * Since DH should be using a strong prime (both p and q are prime), 82 * Since DH should be using a safe prime (both p and q are prime),
83 * this generator function can take a very very long time to run. 83 * this generator function can take a very very long time to run.
84 */ 84 */
85 85
@@ -95,9 +95,10 @@ DH *DH_generate_parameters(int prime_len, int generator,
95 if (ret == NULL) goto err; 95 if (ret == NULL) goto err;
96 ctx=BN_CTX_new(); 96 ctx=BN_CTX_new();
97 if (ctx == NULL) goto err; 97 if (ctx == NULL) goto err;
98 t1= &(ctx->bn[0]); 98 BN_CTX_start(ctx);
99 t2= &(ctx->bn[1]); 99 t1 = BN_CTX_get(ctx);
100 ctx->tos=2; 100 t2 = BN_CTX_get(ctx);
101 if (t1 == NULL || t2 == NULL) goto err;
101 102
102 if (generator == DH_GENERATOR_2) 103 if (generator == DH_GENERATOR_2)
103 { 104 {
@@ -105,7 +106,7 @@ DH *DH_generate_parameters(int prime_len, int generator,
105 BN_set_word(t2,11); 106 BN_set_word(t2,11);
106 g=2; 107 g=2;
107 } 108 }
108#ifdef undef /* does not work for strong primes */ 109#ifdef undef /* does not work for safe primes */
109 else if (generator == DH_GENERATOR_3) 110 else if (generator == DH_GENERATOR_3)
110 { 111 {
111 BN_set_word(t1,12); 112 BN_set_word(t1,12);
@@ -138,7 +139,11 @@ err:
138 ok=0; 139 ok=0;
139 } 140 }
140 141
141 if (ctx != NULL) BN_CTX_free(ctx); 142 if (ctx != NULL)
143 {
144 BN_CTX_end(ctx);
145 BN_CTX_free(ctx);
146 }
142 if (!ok && (ret != NULL)) 147 if (!ok && (ret != NULL))
143 { 148 {
144 DH_free(ret); 149 DH_free(ret);
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index cede53bfc1..0c7eeaf260 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -62,8 +62,42 @@
62#include <openssl/rand.h> 62#include <openssl/rand.h>
63#include <openssl/dh.h> 63#include <openssl/dh.h>
64 64
65static int generate_key(DH *dh);
66static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
67static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
68 const BIGNUM *m, BN_CTX *ctx,
69 BN_MONT_CTX *m_ctx);
70static int dh_init(DH *dh);
71static int dh_finish(DH *dh);
72
65int DH_generate_key(DH *dh) 73int DH_generate_key(DH *dh)
66 { 74 {
75 return dh->meth->generate_key(dh);
76 }
77
78int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
79 {
80 return dh->meth->compute_key(key, pub_key, dh);
81 }
82
83static DH_METHOD dh_ossl = {
84"OpenSSL DH Method",
85generate_key,
86compute_key,
87dh_bn_mod_exp,
88dh_init,
89dh_finish,
900,
91NULL
92};
93
94DH_METHOD *DH_OpenSSL(void)
95{
96 return &dh_ossl;
97}
98
99static int generate_key(DH *dh)
100 {
67 int ok=0; 101 int ok=0;
68 unsigned int i; 102 unsigned int i;
69 BN_CTX ctx; 103 BN_CTX ctx;
@@ -103,7 +137,8 @@ int DH_generate_key(DH *dh)
103 } 137 }
104 mont=(BN_MONT_CTX *)dh->method_mont_p; 138 mont=(BN_MONT_CTX *)dh->method_mont_p;
105 139
106 if (!BN_mod_exp_mont(pub_key,dh->g,priv_key,dh->p,&ctx,mont)) goto err; 140 if (!dh->meth->bn_mod_exp(dh, pub_key,dh->g,priv_key,dh->p,&ctx,mont))
141 goto err;
107 142
108 dh->pub_key=pub_key; 143 dh->pub_key=pub_key;
109 dh->priv_key=priv_key; 144 dh->priv_key=priv_key;
@@ -118,7 +153,7 @@ err:
118 return(ok); 153 return(ok);
119 } 154 }
120 155
121int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) 156static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
122 { 157 {
123 BN_CTX ctx; 158 BN_CTX ctx;
124 BN_MONT_CTX *mont; 159 BN_MONT_CTX *mont;
@@ -126,7 +161,8 @@ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
126 int ret= -1; 161 int ret= -1;
127 162
128 BN_CTX_init(&ctx); 163 BN_CTX_init(&ctx);
129 tmp= &(ctx.bn[ctx.tos++]); 164 BN_CTX_start(&ctx);
165 tmp = BN_CTX_get(&ctx);
130 166
131 if (dh->priv_key == NULL) 167 if (dh->priv_key == NULL)
132 { 168 {
@@ -141,7 +177,7 @@ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
141 } 177 }
142 178
143 mont=(BN_MONT_CTX *)dh->method_mont_p; 179 mont=(BN_MONT_CTX *)dh->method_mont_p;
144 if (!BN_mod_exp_mont(tmp,pub_key,dh->priv_key,dh->p,&ctx,mont)) 180 if (!dh->meth->bn_mod_exp(dh, tmp,pub_key,dh->priv_key,dh->p,&ctx,mont))
145 { 181 {
146 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); 182 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
147 goto err; 183 goto err;
@@ -149,6 +185,27 @@ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
149 185
150 ret=BN_bn2bin(tmp,key); 186 ret=BN_bn2bin(tmp,key);
151err: 187err:
188 BN_CTX_end(&ctx);
152 BN_CTX_free(&ctx); 189 BN_CTX_free(&ctx);
153 return(ret); 190 return(ret);
154 } 191 }
192
193static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
194 const BIGNUM *m, BN_CTX *ctx,
195 BN_MONT_CTX *m_ctx)
196{
197 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
198}
199
200static int dh_init(DH *dh)
201{
202 dh->flags |= DH_FLAG_CACHE_MONT_P;
203 return(1);
204}
205
206static int dh_finish(DH *dh)
207{
208 if(dh->method_mont_p)
209 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
210 return(1);
211}
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 61e0720e8a..6c21463028 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -63,16 +63,49 @@
63 63
64const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; 64const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
65 65
66static DH_METHOD *default_DH_method;
67static int dh_meth_num = 0;
68static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;
69
70void DH_set_default_method(DH_METHOD *meth)
71{
72 default_DH_method = meth;
73}
74
75DH_METHOD *DH_get_default_method(void)
76{
77 if(!default_DH_method) default_DH_method = DH_OpenSSL();
78 return default_DH_method;
79}
80
81DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
82{
83 DH_METHOD *mtmp;
84 mtmp = dh->meth;
85 if (mtmp->finish) mtmp->finish(dh);
86 dh->meth = meth;
87 if (meth->init) meth->init(dh);
88 return mtmp;
89}
90
66DH *DH_new(void) 91DH *DH_new(void)
92{
93 return DH_new_method(NULL);
94}
95
96DH *DH_new_method(DH_METHOD *meth)
67 { 97 {
68 DH *ret; 98 DH *ret;
69
70 ret=(DH *)Malloc(sizeof(DH)); 99 ret=(DH *)Malloc(sizeof(DH));
100
71 if (ret == NULL) 101 if (ret == NULL)
72 { 102 {
73 DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); 103 DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
74 return(NULL); 104 return(NULL);
75 } 105 }
106 if(!default_DH_method) default_DH_method = DH_OpenSSL();
107 if(meth) ret->meth = meth;
108 else ret->meth = default_DH_method;
76 ret->pad=0; 109 ret->pad=0;
77 ret->version=0; 110 ret->version=0;
78 ret->p=NULL; 111 ret->p=NULL;
@@ -80,23 +113,74 @@ DH *DH_new(void)
80 ret->length=0; 113 ret->length=0;
81 ret->pub_key=NULL; 114 ret->pub_key=NULL;
82 ret->priv_key=NULL; 115 ret->priv_key=NULL;
83 ret->flags=DH_FLAG_CACHE_MONT_P; 116 ret->q=NULL;
117 ret->j=NULL;
118 ret->seed = NULL;
119 ret->seedlen = 0;
120 ret->counter = NULL;
84 ret->method_mont_p=NULL; 121 ret->method_mont_p=NULL;
122 ret->references = 1;
123 ret->flags=ret->meth->flags;
124 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
125 {
126 Free(ret);
127 ret=NULL;
128 }
129 else
130 CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
85 return(ret); 131 return(ret);
86 } 132 }
87 133
88void DH_free(DH *r) 134void DH_free(DH *r)
89 { 135 {
136 int i;
90 if(r == NULL) return; 137 if(r == NULL) return;
138 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
139#ifdef REF_PRINT
140 REF_PRINT("DH",r);
141#endif
142 if (i > 0) return;
143#ifdef REF_CHECK
144 if (i < 0)
145 {
146 fprintf(stderr,"DH_free, bad reference count\n");
147 abort();
148 }
149#endif
150
151 CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
152
153 if(r->meth->finish) r->meth->finish(r);
154
91 if (r->p != NULL) BN_clear_free(r->p); 155 if (r->p != NULL) BN_clear_free(r->p);
92 if (r->g != NULL) BN_clear_free(r->g); 156 if (r->g != NULL) BN_clear_free(r->g);
157 if (r->q != NULL) BN_clear_free(r->q);
158 if (r->j != NULL) BN_clear_free(r->j);
159 if (r->seed) Free(r->seed);
160 if (r->counter != NULL) BN_clear_free(r->counter);
93 if (r->pub_key != NULL) BN_clear_free(r->pub_key); 161 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
94 if (r->priv_key != NULL) BN_clear_free(r->priv_key); 162 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
95 if (r->method_mont_p != NULL)
96 BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p);
97 Free(r); 163 Free(r);
98 } 164 }
99 165
166int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
167 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
168 {
169 dh_meth_num++;
170 return(CRYPTO_get_ex_new_index(dh_meth_num-1,
171 &dh_meth,argl,argp,new_func,dup_func,free_func));
172 }
173
174int DH_set_ex_data(DH *d, int idx, void *arg)
175 {
176 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
177 }
178
179void *DH_get_ex_data(DH *d, int idx)
180 {
181 return(CRYPTO_get_ex_data(&d->ex_data,idx));
182 }
183
100int DH_size(DH *dh) 184int DH_size(DH *dh)
101 { 185 {
102 return(BN_num_bytes(dh->p)); 186 return(BN_num_bytes(dh->p));
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
index 770331971f..d66c28455e 100644
--- a/src/lib/libcrypto/dh/dhtest.c
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -65,6 +65,7 @@
65#include <openssl/crypto.h> 65#include <openssl/crypto.h>
66#include <openssl/bio.h> 66#include <openssl/bio.h>
67#include <openssl/bn.h> 67#include <openssl/bn.h>
68#include <openssl/rand.h>
68 69
69#ifdef NO_DH 70#ifdef NO_DH
70int main(int argc, char *argv[]) 71int main(int argc, char *argv[])
@@ -87,19 +88,23 @@ static void MS_CALLBACK cb(int p, int n, void *arg);
87#include "bss_file.c" 88#include "bss_file.c"
88#endif 89#endif
89 90
90BIO *out=NULL; 91static const char rnd_seed[] = "string to make the random number generator think it has entropy";
91 92
92int main(int argc, char *argv[]) 93int main(int argc, char *argv[])
93 { 94 {
94 DH *a,*b; 95 DH *a;
96 DH *b=NULL;
95 char buf[12]; 97 char buf[12];
96 unsigned char *abuf=NULL,*bbuf=NULL; 98 unsigned char *abuf=NULL,*bbuf=NULL;
97 int i,alen,blen,aout,bout,ret=1; 99 int i,alen,blen,aout,bout,ret=1;
100 BIO *out;
98 101
99#ifdef WIN32 102#ifdef WIN32
100 CRYPTO_malloc_init(); 103 CRYPTO_malloc_init();
101#endif 104#endif
102 105
106 RAND_seed(rnd_seed, sizeof rnd_seed);
107
103 out=BIO_new(BIO_s_file()); 108 out=BIO_new(BIO_s_file());
104 if (out == NULL) exit(1); 109 if (out == NULL) exit(1);
105 BIO_set_fp(out,stdout,BIO_NOCLOSE); 110 BIO_set_fp(out,stdout,BIO_NOCLOSE);
@@ -167,6 +172,9 @@ int main(int argc, char *argv[])
167err: 172err:
168 if (abuf != NULL) Free(abuf); 173 if (abuf != NULL) Free(abuf);
169 if (bbuf != NULL) Free(bbuf); 174 if (bbuf != NULL) Free(bbuf);
175 if(b != NULL) DH_free(b);
176 if(a != NULL) DH_free(a);
177 BIO_free(out);
170 exit(ret); 178 exit(ret);
171 return(ret); 179 return(ret);
172 } 180 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 14:40:16 +0000