import openssl-0.9.7-beta1

author: markus <> 2002-09-05 12:51:50 +0000
committer: markus <> 2002-09-05 12:51:50 +0000
commit: 15b5d84f9da2ce4bfae8580e56e34a859f74ad71 (patch)
tree: bf939e82d7fd73cc8a01cf6959002209972091bc /src/lib/libcrypto/dsa/dsa_sign.c
parent: 027351f729b9e837200dae6e1520cda6577ab930 (diff)
download: openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.gz
openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.bz2
openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.zip
1 files changed, 22 insertions, 144 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
index 6ca1c318f2..e9469ca62f 100644
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -56,160 +56,38 @@
 * [including the GNU Public Licence.]
 */
-/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
+#include <openssl/bn.h>
-#include "dsa.h"
+#include <openssl/dsa.h>
-#include "rand.h"
+#include <openssl/rand.h>
-#include "asn1.h"
+#include <openssl/asn1.h>
+#include <openssl/engine.h>
-/* data has already been hashed (probably with SHA or SHA-1). */
+DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-/*      DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
-int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
-int type;
-unsigned char *dgst;
-int dlen;
-unsigned char *sig;     /* out */
-unsigned int *siglen;   /* out */
-DSA *dsa;
        {
-        BIGNUM *kinv=NULL,*r=NULL;
+        return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
-        BIGNUM *m=NULL;
-        BIGNUM *xr=NULL,*s=NULL;
-        BN_CTX *ctx=NULL;
-        unsigned char *p;
-        int i,len=0,ret=0,reason=ERR_R_BN_LIB;
-        ASN1_INTEGER rbs,sbs;
-        MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
-        MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
-        i=BN_num_bytes(dsa->q); /* should be 20 */
-        if ((dlen > i) || (dlen > 50))
-                {
-                reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
-                goto err;
-                }
-        ctx=BN_CTX_new();
-        if (ctx == NULL) goto err;
-        if ((dsa->kinv == NULL) || (dsa->r == NULL))
-                {
-                if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
-                }
-        else
-                {
-                kinv=dsa->kinv;
-                dsa->kinv=NULL;
-                r=dsa->r;
-                dsa->r=NULL;
-                }
-        m=BN_new();
-        xr=BN_new();
-        s=BN_new();
-        if (m == NULL || xr == NULL || s == NULL) goto err;
-        if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
-        /* Compute  s = inv(k) (m + xr) mod q */
-        if (!BN_mul(xr, dsa->priv_key, r)) goto err;    /* s = xr */
-        if (!BN_add(s, xr, m)) goto err;                /* s = m + xr */
-        if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
-        /*
-         * Now create a ASN.1 sequence of the integers R and S.
-         */
-        rbs.data=rbuf;
-        sbs.data=sbuf;
-        rbs.type = V_ASN1_INTEGER;
-        sbs.type = V_ASN1_INTEGER;
-        rbs.length=BN_bn2bin(r,rbs.data);
-        sbs.length=BN_bn2bin(s,sbs.data);
-        len =i2d_ASN1_INTEGER(&rbs,NULL);
-        len+=i2d_ASN1_INTEGER(&sbs,NULL);
-        p=sig;
-        ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-        i2d_ASN1_INTEGER(&rbs,&p);
-        i2d_ASN1_INTEGER(&sbs,&p);
-        *siglen=(p-sig);
-        ret=1;
-err:
-        if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
-                
-#if 1 /* do the right thing :-) */
-        if (kinv != NULL) BN_clear_free(kinv);
-        if (r != NULL) BN_clear_free(r);
-#endif
-        if (ctx != NULL) BN_CTX_free(ctx);
-        if (m != NULL) BN_clear_free(m);
-        if (xr != NULL) BN_clear_free(xr);
-        if (s != NULL) BN_clear_free(s);
-        return(ret);
        }
-int DSA_sign_setup(dsa,ctx_in,kinvp,rp)
+int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
-DSA *dsa;
+             unsigned int *siglen, DSA *dsa)
-BN_CTX *ctx_in;
-BIGNUM **kinvp;
-BIGNUM **rp;
        {
-        BN_CTX *ctx;
+        DSA_SIG *s;
-        BIGNUM *k=NULL,*kinv=NULL,*r=NULL;
+        s=DSA_do_sign(dgst,dlen,dsa);
-        int ret=0;
+        if (s == NULL)
-        if (ctx_in == NULL)
-                {
-                if ((ctx=BN_CTX_new()) == NULL) goto err;
-                }
-        else
-                ctx=ctx_in;
-        r=BN_new();
-        k=BN_new();
-        if ((r == NULL) || (k == NULL))
-                goto err;
-        kinv=NULL;
-        if (r == NULL) goto err;
-        /* Get random k */
-        for (;;)
                {
-                if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;
+                *siglen=0;
-                if (BN_cmp(k,dsa->q) >= 0)
+                return(0);
-                        BN_sub(k,k,dsa->q);
-                if (!BN_is_zero(k)) break;
                }
+        *siglen=i2d_DSA_SIG(s,&sig);
+        DSA_SIG_free(s);
+        return(1);
+        }
-        /* Compute r = (g^k mod p) mod q */
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-        if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;
+        {
-        if (!BN_mod(r,r,dsa->q,ctx)) goto err;
+        return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
-        /* Compute  part of 's = inv(k) (m + xr) mod q' */
-        if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
-        if (*kinvp != NULL) BN_clear_free(*kinvp);
-        *kinvp=kinv;
-        kinv=NULL;
-        if (*rp != NULL) BN_clear_free(*rp);
-        *rp=r;
-        ret=1;
-err:
-        if (!ret)
-                {
-                DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
-                if (kinv != NULL) BN_clear_free(kinv);
-                if (r != NULL) BN_clear_free(r);
-                }
-        if (ctx_in == NULL) BN_CTX_free(ctx);
-        if (k != NULL) BN_clear_free(k);
-        if (kinv != NULL) BN_clear_free(kinv);
-        return(ret);
        }
author	markus <>	2002-09-05 12:51:50 +0000
committer	markus <>	2002-09-05 12:51:50 +0000
commit	15b5d84f9da2ce4bfae8580e56e34a859f74ad71 (patch)
tree	bf939e82d7fd73cc8a01cf6959002209972091bc /src/lib/libcrypto/dsa/dsa_sign.c
parent	027351f729b9e837200dae6e1520cda6577ab930 (diff)
download	openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.gz openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.bz2 openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.zip

diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index 6ca1c318f2..e9469ca62f 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -56,160 +56,38 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
59	/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */	59	/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60		60
61	#include <stdio.h>	61	#include <stdio.h>
62	#include "cryptlib.h"	62	#include "cryptlib.h"
63	#include "bn.h"	63	#include <openssl/bn.h>
64	#include "dsa.h"	64	#include <openssl/dsa.h>
65	#include "rand.h"	65	#include <openssl/rand.h>
66	#include "asn1.h"	66	#include <openssl/asn1.h>
		67	#include <openssl/engine.h>
67		68
68	/* data has already been hashed (probably with SHA or SHA-1). */	69	DSA_SIG * DSA_do_sign(const unsigned char dgst, int dlen, DSA dsa)
69	/* DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
70
71	int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
72	int type;
73	unsigned char *dgst;
74	int dlen;
75	unsigned char sig; / out */
76	unsigned int siglen; / out */
77	DSA *dsa;
78	{	70	{
79	BIGNUM kinv=NULL,r=NULL;	71	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
80	BIGNUM *m=NULL;
81	BIGNUM xr=NULL,s=NULL;
82	BN_CTX *ctx=NULL;
83	unsigned char *p;
84	int i,len=0,ret=0,reason=ERR_R_BN_LIB;
85	ASN1_INTEGER rbs,sbs;
86	MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
87	MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
88
89	i=BN_num_bytes(dsa->q); /* should be 20 */
90	if ((dlen > i) \|\| (dlen > 50))
91	{
92	reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
93	goto err;
94	}
95
96	ctx=BN_CTX_new();
97	if (ctx == NULL) goto err;
98
99	if ((dsa->kinv == NULL) \|\| (dsa->r == NULL))
100	{
101	if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
102	}
103	else
104	{
105	kinv=dsa->kinv;
106	dsa->kinv=NULL;
107	r=dsa->r;
108	dsa->r=NULL;
109	}
110
111	m=BN_new();
112	xr=BN_new();
113	s=BN_new();
114	if (m == NULL \|\| xr == NULL \|\| s == NULL) goto err;
115
116	if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
117
118	/* Compute s = inv(k) (m + xr) mod q */
119	if (!BN_mul(xr, dsa->priv_key, r)) goto err; /* s = xr */
120	if (!BN_add(s, xr, m)) goto err; /* s = m + xr */
121	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
122
123	/*
124	* Now create a ASN.1 sequence of the integers R and S.
125	*/
126	rbs.data=rbuf;
127	sbs.data=sbuf;
128	rbs.type = V_ASN1_INTEGER;
129	sbs.type = V_ASN1_INTEGER;
130	rbs.length=BN_bn2bin(r,rbs.data);
131	sbs.length=BN_bn2bin(s,sbs.data);
132
133	len =i2d_ASN1_INTEGER(&rbs,NULL);
134	len+=i2d_ASN1_INTEGER(&sbs,NULL);
135
136	p=sig;
137	ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
138	i2d_ASN1_INTEGER(&rbs,&p);
139	i2d_ASN1_INTEGER(&sbs,&p);
140	*siglen=(p-sig);
141	ret=1;
142	err:
143	if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
144
145	#if 1 /* do the right thing :-) */
146	if (kinv != NULL) BN_clear_free(kinv);
147	if (r != NULL) BN_clear_free(r);
148	#endif
149	if (ctx != NULL) BN_CTX_free(ctx);
150	if (m != NULL) BN_clear_free(m);
151	if (xr != NULL) BN_clear_free(xr);
152	if (s != NULL) BN_clear_free(s);
153	return(ret);
154	}	72	}
155		73
156	int DSA_sign_setup(dsa,ctx_in,kinvp,rp)	74	int DSA_sign(int type, const unsigned char dgst, int dlen, unsigned char sig,
157	DSA *dsa;	75	unsigned int siglen, DSA dsa)
158	BN_CTX *ctx_in;
159	BIGNUM **kinvp;
160	BIGNUM **rp;
161	{	76	{
162	BN_CTX *ctx;	77	DSA_SIG *s;
163	BIGNUM k=NULL,kinv=NULL,*r=NULL;	78	s=DSA_do_sign(dgst,dlen,dsa);
164	int ret=0;	79	if (s == NULL)
165
166	if (ctx_in == NULL)
167	{
168	if ((ctx=BN_CTX_new()) == NULL) goto err;
169	}
170	else
171	ctx=ctx_in;
172
173	r=BN_new();
174	k=BN_new();
175	if ((r == NULL) \|\| (k == NULL))
176	goto err;
177	kinv=NULL;
178
179	if (r == NULL) goto err;
180
181	/* Get random k */
182	for (;;)
183	{	80	{
184	if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;	81	*siglen=0;
185	if (BN_cmp(k,dsa->q) >= 0)	82	return(0);
186	BN_sub(k,k,dsa->q);
187	if (!BN_is_zero(k)) break;
188	}	83	}
		84	*siglen=i2d_DSA_SIG(s,&sig);
		85	DSA_SIG_free(s);
		86	return(1);
		87	}
189		88
190	/* Compute r = (g^k mod p) mod q */	89	int DSA_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp)
191	if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;	90	{
192	if (!BN_mod(r,r,dsa->q,ctx)) goto err;	91	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
193
194	/* Compute part of 's = inv(k) (m + xr) mod q' */
195	if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
196
197	if (kinvp != NULL) BN_clear_free(kinvp);
198	*kinvp=kinv;
199	kinv=NULL;
200	if (rp != NULL) BN_clear_free(rp);
201	*rp=r;
202	ret=1;
203	err:
204	if (!ret)
205	{
206	DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
207	if (kinv != NULL) BN_clear_free(kinv);
208	if (r != NULL) BN_clear_free(r);
209	}
210	if (ctx_in == NULL) BN_CTX_free(ctx);
211	if (k != NULL) BN_clear_free(k);
212	if (kinv != NULL) BN_clear_free(kinv);
213	return(ret);
214	}	92	}
215		93