OpenSSL 0.9.4 merge

author: beck <> 1999-09-29 04:37:45 +0000
committer: beck <> 1999-09-29 04:37:45 +0000
commit: de8f24ea083384bb66b32ec105dc4743c5663cdf (patch)
tree: 1412176ae62a3cab2cf2b0b92150fcbceaac6092 /src/lib/libcrypto/dsa/dsa_sign.c
parent: cb929d29896bcb87c2a97417fbd03e50078fc178 (diff)
download: openbsd-de8f24ea083384bb66b32ec105dc4743c5663cdf.tar.gz
openbsd-de8f24ea083384bb66b32ec105dc4743c5663cdf.tar.bz2
openbsd-de8f24ea083384bb66b32ec105dc4743c5663cdf.zip
1 files changed, 74 insertions, 78 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
index 6ca1c318f2..774c161964 100644
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -56,35 +56,28 @@
 * [including the GNU Public Licence.]
 */
-/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
+#include <openssl/bn.h>
-#include "dsa.h"
+#include <openssl/dsa.h>
-#include "rand.h"
+#include <openssl/rand.h>
-#include "asn1.h"
+#include <openssl/asn1.h>
-/* data has already been hashed (probably with SHA or SHA-1). */
+DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-/*      DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
-int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
-int type;
-unsigned char *dgst;
-int dlen;
-unsigned char *sig;     /* out */
-unsigned int *siglen;   /* out */
-DSA *dsa;
        {
-        BIGNUM *kinv=NULL,*r=NULL;
+        BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
-        BIGNUM *m=NULL;
+        BIGNUM m;
-        BIGNUM *xr=NULL,*s=NULL;
+        BIGNUM xr;
        BN_CTX *ctx=NULL;
-        unsigned char *p;
+        int i,reason=ERR_R_BN_LIB;
-        int i,len=0,ret=0,reason=ERR_R_BN_LIB;
+        DSA_SIG *ret=NULL;
-        ASN1_INTEGER rbs,sbs;
-        MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
+        BN_init(&m);
-        MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
+        BN_init(&xr);
+        s=BN_new();
+        if (s == NULL) goto err;
        i=BN_num_bytes(dsa->q); /* should be 20 */
        if ((dlen > i) || (dlen > 50))
@@ -108,59 +101,58 @@ DSA *dsa;
                dsa->r=NULL;
                }
-        m=BN_new();
+        if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
-        xr=BN_new();
-        s=BN_new();
-        if (m == NULL || xr == NULL || s == NULL) goto err;
-        if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
        /* Compute  s = inv(k) (m + xr) mod q */
-        if (!BN_mul(xr, dsa->priv_key, r)) goto err;    /* s = xr */
+        if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
-        if (!BN_add(s, xr, m)) goto err;                /* s = m + xr */
+        if (!BN_add(s, &xr, &m)) goto err;              /* s = m + xr */
+        if (BN_cmp(s,dsa->q) > 0)
+                BN_sub(s,s,dsa->q);
        if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
-        /*
+        ret=DSA_SIG_new();
-         * Now create a ASN.1 sequence of the integers R and S.
+        if (ret == NULL) goto err;
-         */
+        ret->r = r;
-        rbs.data=rbuf;
+        ret->s = s;
-        sbs.data=sbuf;
+        
-        rbs.type = V_ASN1_INTEGER;
-        sbs.type = V_ASN1_INTEGER;
-        rbs.length=BN_bn2bin(r,rbs.data);
-        sbs.length=BN_bn2bin(s,sbs.data);
-        len =i2d_ASN1_INTEGER(&rbs,NULL);
-        len+=i2d_ASN1_INTEGER(&sbs,NULL);
-        p=sig;
-        ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-        i2d_ASN1_INTEGER(&rbs,&p);
-        i2d_ASN1_INTEGER(&sbs,&p);
-        *siglen=(p-sig);
-        ret=1;
 err:
-        if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
+        if (!ret)
-                
+                {
-#if 1 /* do the right thing :-) */
+                DSAerr(DSA_F_DSA_DO_SIGN,reason);
-        if (kinv != NULL) BN_clear_free(kinv);
+                BN_free(r);
-        if (r != NULL) BN_clear_free(r);
+                BN_free(s);
-#endif
+                }
        if (ctx != NULL) BN_CTX_free(ctx);
-        if (m != NULL) BN_clear_free(m);
+        BN_clear_free(&m);
-        if (xr != NULL) BN_clear_free(xr);
+        BN_clear_free(&xr);
-        if (s != NULL) BN_clear_free(s);
+        if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
+            BN_clear_free(kinv);
        return(ret);
        }
-int DSA_sign_setup(dsa,ctx_in,kinvp,rp)
+/* data has already been hashed (probably with SHA or SHA-1). */
-DSA *dsa;
-BN_CTX *ctx_in;
+/* unsigned char *sig:  out    */
-BIGNUM **kinvp;
+/* unsigned int *siglen:  out    */
-BIGNUM **rp;
+int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
+             unsigned int *siglen, DSA *dsa)
+        {
+        DSA_SIG *s;
+        s=DSA_do_sign(dgst,dlen,dsa);
+        if (s == NULL)
+                {
+                *siglen=0;
+                return(0);
+                }
+        *siglen=i2d_DSA_SIG(s,&sig);
+        DSA_SIG_free(s);
+        return(1);
+        }
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
        {
        BN_CTX *ctx;
-        BIGNUM *k=NULL,*kinv=NULL,*r=NULL;
+        BIGNUM k,*kinv=NULL,*r=NULL;
        int ret=0;
        if (ctx_in == NULL)
@@ -170,29 +162,33 @@ BIGNUM **rp;
        else
                ctx=ctx_in;
-        r=BN_new();
+        BN_init(&k);
-        k=BN_new();
+        if ((r=BN_new()) == NULL) goto err;
-        if ((r == NULL) || (k == NULL))
-                goto err;
        kinv=NULL;
-        if (r == NULL) goto err;
        /* Get random k */
        for (;;)
                {
-                if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;
+                if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err;
-                if (BN_cmp(k,dsa->q) >= 0)
+                if (BN_cmp(&k,dsa->q) >= 0)
-                        BN_sub(k,k,dsa->q);
+                        BN_sub(&k,&k,dsa->q);
-                if (!BN_is_zero(k)) break;
+                if (!BN_is_zero(&k)) break;
+                }
+        if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+                {
+                if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
+                                dsa->p,ctx)) goto err;
                }
        /* Compute r = (g^k mod p) mod q */
-        if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;
+        if (!BN_mod_exp_mont(r,dsa->g,&k,dsa->p,ctx,
+                (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
        if (!BN_mod(r,r,dsa->q,ctx)) goto err;
        /* Compute  part of 's = inv(k) (m + xr) mod q' */
-        if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
+        if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
        if (*kinvp != NULL) BN_clear_free(*kinvp);
        *kinvp=kinv;
@@ -208,8 +204,8 @@ err:
                if (r != NULL) BN_clear_free(r);
                }
        if (ctx_in == NULL) BN_CTX_free(ctx);
-        if (k != NULL) BN_clear_free(k);
        if (kinv != NULL) BN_clear_free(kinv);
+        BN_clear_free(&k);
        return(ret);
        }
author	beck <>	1999-09-29 04:37:45 +0000
committer	beck <>	1999-09-29 04:37:45 +0000
commit	de8f24ea083384bb66b32ec105dc4743c5663cdf (patch)
tree	1412176ae62a3cab2cf2b0b92150fcbceaac6092 /src/lib/libcrypto/dsa/dsa_sign.c
parent	cb929d29896bcb87c2a97417fbd03e50078fc178 (diff)
download	openbsd-de8f24ea083384bb66b32ec105dc4743c5663cdf.tar.gz openbsd-de8f24ea083384bb66b32ec105dc4743c5663cdf.tar.bz2 openbsd-de8f24ea083384bb66b32ec105dc4743c5663cdf.zip

diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index 6ca1c318f2..774c161964 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -56,35 +56,28 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
59	/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */	59	/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60		60
61	#include <stdio.h>	61	#include <stdio.h>
62	#include "cryptlib.h"	62	#include "cryptlib.h"
63	#include "bn.h"	63	#include <openssl/bn.h>
64	#include "dsa.h"	64	#include <openssl/dsa.h>
65	#include "rand.h"	65	#include <openssl/rand.h>
66	#include "asn1.h"	66	#include <openssl/asn1.h>
67		67
68	/* data has already been hashed (probably with SHA or SHA-1). */	68	DSA_SIG * DSA_do_sign(const unsigned char dgst, int dlen, DSA dsa)
69	/* DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
70
71	int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
72	int type;
73	unsigned char *dgst;
74	int dlen;
75	unsigned char sig; / out */
76	unsigned int siglen; / out */
77	DSA *dsa;
78	{	69	{
79	BIGNUM kinv=NULL,r=NULL;	70	BIGNUM kinv=NULL,r=NULL,*s=NULL;
80	BIGNUM *m=NULL;	71	BIGNUM m;
81	BIGNUM xr=NULL,s=NULL;	72	BIGNUM xr;
82	BN_CTX *ctx=NULL;	73	BN_CTX *ctx=NULL;
83	unsigned char *p;	74	int i,reason=ERR_R_BN_LIB;
84	int i,len=0,ret=0,reason=ERR_R_BN_LIB;	75	DSA_SIG *ret=NULL;
85	ASN1_INTEGER rbs,sbs;	76
86	MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */	77	BN_init(&m);
87	MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */	78	BN_init(&xr);
		79	s=BN_new();
		80	if (s == NULL) goto err;
88		81
89	i=BN_num_bytes(dsa->q); /* should be 20 */	82	i=BN_num_bytes(dsa->q); /* should be 20 */
90	if ((dlen > i) \|\| (dlen > 50))	83	if ((dlen > i) \|\| (dlen > 50))
@@ -108,59 +101,58 @@ DSA *dsa;
108	dsa->r=NULL;	101	dsa->r=NULL;
109	}	102	}
110		103
111	m=BN_new();	104	if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
112	xr=BN_new();
113	s=BN_new();
114	if (m == NULL \|\| xr == NULL \|\| s == NULL) goto err;
115
116	if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
117		105
118	/* Compute s = inv(k) (m + xr) mod q */	106	/* Compute s = inv(k) (m + xr) mod q */
119	if (!BN_mul(xr, dsa->priv_key, r)) goto err; /* s = xr */	107	if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
120	if (!BN_add(s, xr, m)) goto err; /* s = m + xr */	108	if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
		109	if (BN_cmp(s,dsa->q) > 0)
		110	BN_sub(s,s,dsa->q);
121	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;	111	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
122		112
123	/*	113	ret=DSA_SIG_new();
124	* Now create a ASN.1 sequence of the integers R and S.	114	if (ret == NULL) goto err;
125	*/	115	ret->r = r;
126	rbs.data=rbuf;	116	ret->s = s;
127	sbs.data=sbuf;	117
128	rbs.type = V_ASN1_INTEGER;
129	sbs.type = V_ASN1_INTEGER;
130	rbs.length=BN_bn2bin(r,rbs.data);
131	sbs.length=BN_bn2bin(s,sbs.data);
132
133	len =i2d_ASN1_INTEGER(&rbs,NULL);
134	len+=i2d_ASN1_INTEGER(&sbs,NULL);
135
136	p=sig;
137	ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
138	i2d_ASN1_INTEGER(&rbs,&p);
139	i2d_ASN1_INTEGER(&sbs,&p);
140	*siglen=(p-sig);
141	ret=1;
142	err:	118	err:
143	if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);	119	if (!ret)
144		120	{
145	#if 1 /* do the right thing :-) */	121	DSAerr(DSA_F_DSA_DO_SIGN,reason);
146	if (kinv != NULL) BN_clear_free(kinv);	122	BN_free(r);
147	if (r != NULL) BN_clear_free(r);	123	BN_free(s);
148	#endif	124	}
149	if (ctx != NULL) BN_CTX_free(ctx);	125	if (ctx != NULL) BN_CTX_free(ctx);
150	if (m != NULL) BN_clear_free(m);	126	BN_clear_free(&m);
151	if (xr != NULL) BN_clear_free(xr);	127	BN_clear_free(&xr);
152	if (s != NULL) BN_clear_free(s);	128	if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
		129	BN_clear_free(kinv);
153	return(ret);	130	return(ret);
154	}	131	}
155		132
156	int DSA_sign_setup(dsa,ctx_in,kinvp,rp)	133	/* data has already been hashed (probably with SHA or SHA-1). */
157	DSA *dsa;	134
158	BN_CTX *ctx_in;	135	/* unsigned char sig: out /
159	BIGNUM **kinvp;	136	/* unsigned int siglen: out /
160	BIGNUM **rp;	137	int DSA_sign(int type, const unsigned char dgst, int dlen, unsigned char sig,
		138	unsigned int siglen, DSA dsa)
		139	{
		140	DSA_SIG *s;
		141	s=DSA_do_sign(dgst,dlen,dsa);
		142	if (s == NULL)
		143	{
		144	*siglen=0;
		145	return(0);
		146	}
		147	*siglen=i2d_DSA_SIG(s,&sig);
		148	DSA_SIG_free(s);
		149	return(1);
		150	}
		151
		152	int DSA_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM kinvp, BIGNUM rp)
161	{	153	{
162	BN_CTX *ctx;	154	BN_CTX *ctx;
163	BIGNUM k=NULL,kinv=NULL,*r=NULL;	155	BIGNUM k,kinv=NULL,r=NULL;
164	int ret=0;	156	int ret=0;
165		157
166	if (ctx_in == NULL)	158	if (ctx_in == NULL)
@@ -170,29 +162,33 @@ BIGNUM **rp;
170	else	162	else
171	ctx=ctx_in;	163	ctx=ctx_in;
172		164
173	r=BN_new();	165	BN_init(&k);
174	k=BN_new();	166	if ((r=BN_new()) == NULL) goto err;
175	if ((r == NULL) \|\| (k == NULL))
176	goto err;
177	kinv=NULL;	167	kinv=NULL;
178		168
179	if (r == NULL) goto err;
180
181	/* Get random k */	169	/* Get random k */
182	for (;;)	170	for (;;)
183	{	171	{
184	if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;	172	if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err;
185	if (BN_cmp(k,dsa->q) >= 0)	173	if (BN_cmp(&k,dsa->q) >= 0)
186	BN_sub(k,k,dsa->q);	174	BN_sub(&k,&k,dsa->q);
187	if (!BN_is_zero(k)) break;	175	if (!BN_is_zero(&k)) break;
		176	}
		177
		178	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
		179	{
		180	if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
		181	if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
		182	dsa->p,ctx)) goto err;
188	}	183	}
189		184
190	/* Compute r = (g^k mod p) mod q */	185	/* Compute r = (g^k mod p) mod q */
191	if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;	186	if (!BN_mod_exp_mont(r,dsa->g,&k,dsa->p,ctx,
		187	(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
192	if (!BN_mod(r,r,dsa->q,ctx)) goto err;	188	if (!BN_mod(r,r,dsa->q,ctx)) goto err;
193		189
194	/* Compute part of 's = inv(k) (m + xr) mod q' */	190	/* Compute part of 's = inv(k) (m + xr) mod q' */
195	if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;	191	if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
196		192
197	if (kinvp != NULL) BN_clear_free(kinvp);	193	if (kinvp != NULL) BN_clear_free(kinvp);
198	*kinvp=kinv;	194	*kinvp=kinv;
@@ -208,8 +204,8 @@ err:
208	if (r != NULL) BN_clear_free(r);	204	if (r != NULL) BN_clear_free(r);
209	}	205	}
210	if (ctx_in == NULL) BN_CTX_free(ctx);	206	if (ctx_in == NULL) BN_CTX_free(ctx);
211	if (k != NULL) BN_clear_free(k);
212	if (kinv != NULL) BN_clear_free(kinv);	207	if (kinv != NULL) BN_clear_free(kinv);
		208	BN_clear_free(&k);
213	return(ret);	209	return(ret);
214	}	210	}
215		211