diff options
| author | djm <> | 2012-10-13 21:25:14 +0000 |
|---|---|---|
| committer | djm <> | 2012-10-13 21:25:14 +0000 |
| commit | 942650cdef05a877200cb7aff3a075935a5fd0cd (patch) | |
| tree | 281e0a29ae8f87a8c47fbd4deaa1f3d48b8cc5c1 /src/lib/libcrypto/dsa/dsa_gen.c | |
| parent | 37f091539f73e1650c83acd0c78677ef48c209a6 (diff) | |
| download | openbsd-942650cdef05a877200cb7aff3a075935a5fd0cd.tar.gz openbsd-942650cdef05a877200cb7aff3a075935a5fd0cd.tar.bz2 openbsd-942650cdef05a877200cb7aff3a075935a5fd0cd.zip | |
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/dsa/dsa_gen.c')
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_gen.c | 35 |
1 files changed, 31 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index cb0b4538a4..c398761d0d 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c | |||
| @@ -81,13 +81,33 @@ | |||
| 81 | #include <openssl/sha.h> | 81 | #include <openssl/sha.h> |
| 82 | #include "dsa_locl.h" | 82 | #include "dsa_locl.h" |
| 83 | 83 | ||
| 84 | #ifdef OPENSSL_FIPS | ||
| 85 | #include <openssl/fips.h> | ||
| 86 | #endif | ||
| 87 | |||
| 84 | int DSA_generate_parameters_ex(DSA *ret, int bits, | 88 | int DSA_generate_parameters_ex(DSA *ret, int bits, |
| 85 | const unsigned char *seed_in, int seed_len, | 89 | const unsigned char *seed_in, int seed_len, |
| 86 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) | 90 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) |
| 87 | { | 91 | { |
| 92 | #ifdef OPENSSL_FIPS | ||
| 93 | if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD) | ||
| 94 | && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
| 95 | { | ||
| 96 | DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD); | ||
| 97 | return 0; | ||
| 98 | } | ||
| 99 | #endif | ||
| 88 | if(ret->meth->dsa_paramgen) | 100 | if(ret->meth->dsa_paramgen) |
| 89 | return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, | 101 | return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, |
| 90 | counter_ret, h_ret, cb); | 102 | counter_ret, h_ret, cb); |
| 103 | #ifdef OPENSSL_FIPS | ||
| 104 | else if (FIPS_mode()) | ||
| 105 | { | ||
| 106 | return FIPS_dsa_generate_parameters_ex(ret, bits, | ||
| 107 | seed_in, seed_len, | ||
| 108 | counter_ret, h_ret, cb); | ||
| 109 | } | ||
| 110 | #endif | ||
| 91 | else | 111 | else |
| 92 | { | 112 | { |
| 93 | const EVP_MD *evpmd; | 113 | const EVP_MD *evpmd; |
| @@ -105,12 +125,13 @@ int DSA_generate_parameters_ex(DSA *ret, int bits, | |||
| 105 | } | 125 | } |
| 106 | 126 | ||
| 107 | return dsa_builtin_paramgen(ret, bits, qbits, evpmd, | 127 | return dsa_builtin_paramgen(ret, bits, qbits, evpmd, |
| 108 | seed_in, seed_len, counter_ret, h_ret, cb); | 128 | seed_in, seed_len, NULL, counter_ret, h_ret, cb); |
| 109 | } | 129 | } |
| 110 | } | 130 | } |
| 111 | 131 | ||
| 112 | int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | 132 | int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, |
| 113 | const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, | 133 | const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, |
| 134 | unsigned char *seed_out, | ||
| 114 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) | 135 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) |
| 115 | { | 136 | { |
| 116 | int ok=0; | 137 | int ok=0; |
| @@ -201,8 +222,10 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | |||
| 201 | } | 222 | } |
| 202 | 223 | ||
| 203 | /* step 2 */ | 224 | /* step 2 */ |
| 204 | EVP_Digest(seed, qsize, md, NULL, evpmd, NULL); | 225 | if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL)) |
| 205 | EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL); | 226 | goto err; |
| 227 | if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) | ||
| 228 | goto err; | ||
| 206 | for (i = 0; i < qsize; i++) | 229 | for (i = 0; i < qsize; i++) |
| 207 | md[i]^=buf2[i]; | 230 | md[i]^=buf2[i]; |
| 208 | 231 | ||
| @@ -251,7 +274,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | |||
| 251 | break; | 274 | break; |
| 252 | } | 275 | } |
| 253 | 276 | ||
| 254 | EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL); | 277 | if (!EVP_Digest(buf, qsize, md ,NULL, evpmd, |
| 278 | NULL)) | ||
| 279 | goto err; | ||
| 255 | 280 | ||
| 256 | /* step 8 */ | 281 | /* step 8 */ |
| 257 | if (!BN_bin2bn(md, qsize, r0)) | 282 | if (!BN_bin2bn(md, qsize, r0)) |
| @@ -332,6 +357,8 @@ err: | |||
| 332 | } | 357 | } |
| 333 | if (counter_ret != NULL) *counter_ret=counter; | 358 | if (counter_ret != NULL) *counter_ret=counter; |
| 334 | if (h_ret != NULL) *h_ret=h; | 359 | if (h_ret != NULL) *h_ret=h; |
| 360 | if (seed_out) | ||
| 361 | memcpy(seed_out, seed, qsize); | ||
| 335 | } | 362 | } |
| 336 | if(ctx) | 363 | if(ctx) |
| 337 | { | 364 | { |