summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>1999-10-10 21:32:04 +0000
committercvs2svn <admin@example.com>1999-10-10 21:32:04 +0000
commit9b77a555b5e85a4473f23ac7342ddfb4d9ff309d (patch)
treedae5e50679bccd1ed8d7d4041fbb9f3d96bbc98c /src/lib/libcrypto/dsa
parent3ef9529fbf0c1f8f1c9da1172e92ad3370d5fcfe (diff)
downloadopenbsd-OPENBSD_2_6.tar.gz
openbsd-OPENBSD_2_6.tar.bz2
openbsd-OPENBSD_2_6.zip
This commit was manufactured by cvs2git to create branch 'OPENBSD_2_6'.OPENBSD_2_6
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/dsa.h204
-rw-r--r--src/lib/libcrypto/dsa/dsa_asn1.c96
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c106
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c333
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c112
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c184
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c211
-rw-r--r--src/lib/libcrypto/dsa/dsa_vrf.c160
8 files changed, 0 insertions, 1406 deletions
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
deleted file mode 100644
index 20b3f8d90a..0000000000
--- a/src/lib/libcrypto/dsa/dsa.h
+++ /dev/null
@@ -1,204 +0,0 @@
1/* crypto/dsa/dsa.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * The DSS routines are based on patches supplied by
61 * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
62 * work and I have just tweaked them a little to fit into my
63 * stylistic vision for SSLeay :-) */
64
65#ifndef HEADER_DSA_H
66#define HEADER_DSA_H
67
68#ifdef __cplusplus
69extern "C" {
70#endif
71
72#ifdef NO_DSA
73#error DSA is disabled.
74#endif
75
76#include <openssl/bn.h>
77#ifndef NO_DH
78# include <openssl/dh.h>
79#endif
80
81#define DSA_FLAG_CACHE_MONT_P 0x01
82
83typedef struct dsa_st
84 {
85 /* This first variable is used to pick up errors where
86 * a DSA is passed instead of of a EVP_PKEY */
87 int pad;
88 int version;
89 int write_params;
90 BIGNUM *p;
91 BIGNUM *q; /* == 20 */
92 BIGNUM *g;
93
94 BIGNUM *pub_key; /* y public key */
95 BIGNUM *priv_key; /* x private key */
96
97 BIGNUM *kinv; /* Signing pre-calc */
98 BIGNUM *r; /* Signing pre-calc */
99
100 int flags;
101 /* Normally used to cache montgomery values */
102 char *method_mont_p;
103
104 int references;
105 } DSA;
106
107typedef struct DSA_SIG_st
108 {
109 BIGNUM *r;
110 BIGNUM *s;
111 } DSA_SIG;
112
113#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
114 (char *(*)())d2i_DSAparams,(char *)(x))
115#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
116 (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
117#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
118 (unsigned char *)(x))
119#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
120 (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
121#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
122 (unsigned char *)(x))
123
124
125DSA_SIG * DSA_SIG_new(void);
126void DSA_SIG_free(DSA_SIG *a);
127int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
128DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
129
130DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
131int DSA_do_verify(const unsigned char *dgst,int dgst_len,
132 DSA_SIG *sig,DSA *dsa);
133
134DSA * DSA_new(void);
135int DSA_size(DSA *);
136 /* next 4 return -1 on error */
137int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
138int DSA_sign(int type,const unsigned char *dgst,int dlen,
139 unsigned char *sig, unsigned int *siglen, DSA *dsa);
140int DSA_verify(int type,const unsigned char *dgst,int dgst_len,
141 unsigned char *sigbuf, int siglen, DSA *dsa);
142void DSA_free (DSA *r);
143
144void ERR_load_DSA_strings(void );
145
146DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
147DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
148DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
149DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
150 int *counter_ret, unsigned long *h_ret,void
151 (*callback)(),char *cb_arg);
152int DSA_generate_key(DSA *a);
153int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
154int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
155int i2d_DSAparams(DSA *a,unsigned char **pp);
156
157#ifdef HEADER_BIO_H
158int DSAparams_print(BIO *bp, DSA *x);
159int DSA_print(BIO *bp, DSA *x, int off);
160#endif
161#ifndef NO_FP_API
162int DSAparams_print_fp(FILE *fp, DSA *x);
163int DSA_print_fp(FILE *bp, DSA *x, int off);
164#endif
165
166int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg);
167
168#ifndef NO_DH
169/* Convert DSA structure (key or just parameters) into DH structure
170 * (be careful to avoid small subgroup attacks when using this!) */
171DH *DSA_dup_DH(DSA *r);
172#endif
173
174/* BEGIN ERROR CODES */
175/* The following lines are auto generated by the script mkerr.pl. Any changes
176 * made after this point may be overwritten when the script is next run.
177 */
178
179/* Error codes for the DSA functions. */
180
181/* Function codes. */
182#define DSA_F_D2I_DSA_SIG 110
183#define DSA_F_DSAPARAMS_PRINT 100
184#define DSA_F_DSAPARAMS_PRINT_FP 101
185#define DSA_F_DSA_DO_SIGN 112
186#define DSA_F_DSA_DO_VERIFY 113
187#define DSA_F_DSA_IS_PRIME 102
188#define DSA_F_DSA_NEW 103
189#define DSA_F_DSA_PRINT 104
190#define DSA_F_DSA_PRINT_FP 105
191#define DSA_F_DSA_SIGN 106
192#define DSA_F_DSA_SIGN_SETUP 107
193#define DSA_F_DSA_SIG_NEW 109
194#define DSA_F_DSA_VERIFY 108
195#define DSA_F_I2D_DSA_SIG 111
196
197/* Reason codes. */
198#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
199
200#ifdef __cplusplus
201}
202#endif
203#endif
204
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
deleted file mode 100644
index 7523b21654..0000000000
--- a/src/lib/libcrypto/dsa/dsa_asn1.c
+++ /dev/null
@@ -1,96 +0,0 @@
1/* crypto/dsa/dsa_asn1.c */
2
3#include <stdio.h>
4#include "cryptlib.h"
5#include <openssl/dsa.h>
6#include <openssl/asn1.h>
7#include <openssl/asn1_mac.h>
8
9DSA_SIG *DSA_SIG_new(void)
10{
11 DSA_SIG *ret;
12
13 ret = Malloc(sizeof(DSA_SIG));
14 if (ret == NULL)
15 {
16 DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
17 return(NULL);
18 }
19 ret->r = NULL;
20 ret->s = NULL;
21 return(ret);
22}
23
24void DSA_SIG_free(DSA_SIG *r)
25{
26 if (r == NULL) return;
27 if (r->r) BN_clear_free(r->r);
28 if (r->s) BN_clear_free(r->s);
29 Free(r);
30}
31
32int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
33{
34 int t=0,len;
35 ASN1_INTEGER rbs,sbs;
36 unsigned char *p;
37
38 rbs.data=Malloc(BN_num_bits(v->r)/8+1);
39 if (rbs.data == NULL)
40 {
41 DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
42 return(0);
43 }
44 rbs.type=V_ASN1_INTEGER;
45 rbs.length=BN_bn2bin(v->r,rbs.data);
46 sbs.data=Malloc(BN_num_bits(v->s)/8+1);
47 if (sbs.data == NULL)
48 {
49 Free(rbs.data);
50 DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
51 return(0);
52 }
53 sbs.type=V_ASN1_INTEGER;
54 sbs.length=BN_bn2bin(v->s,sbs.data);
55
56 len=i2d_ASN1_INTEGER(&rbs,NULL);
57 len+=i2d_ASN1_INTEGER(&sbs,NULL);
58
59 if (pp)
60 {
61 p=*pp;
62 ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
63 i2d_ASN1_INTEGER(&rbs,&p);
64 i2d_ASN1_INTEGER(&sbs,&p);
65 }
66 t=ASN1_object_size(1,len,V_ASN1_SEQUENCE);
67 Free(rbs.data);
68 Free(sbs.data);
69 return(t);
70}
71
72DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length)
73{
74 int i=ERR_R_NESTED_ASN1_ERROR;
75 ASN1_INTEGER *bs=NULL;
76 M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new);
77
78 M_ASN1_D2I_Init();
79 M_ASN1_D2I_start_sequence();
80 M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
81 if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL)
82 goto err_bn;
83 M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
84 if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL)
85 goto err_bn;
86 ASN1_BIT_STRING_free(bs);
87 M_ASN1_D2I_Finish_2(a);
88
89err_bn:
90 i=ERR_R_BN_LIB;
91err:
92 DSAerr(DSA_F_D2I_DSA_SIG,i);
93 if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret);
94 if (bs != NULL) ASN1_BIT_STRING_free(bs);
95 return(NULL);
96}
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
deleted file mode 100644
index 33a8270afd..0000000000
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ /dev/null
@@ -1,106 +0,0 @@
1/* crypto/dsa/dsa_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file.
58 */
59
60#include <stdio.h>
61#include <openssl/err.h>
62#include <openssl/dsa.h>
63
64/* BEGIN ERROR CODES */
65#ifndef NO_ERR
66static ERR_STRING_DATA DSA_str_functs[]=
67 {
68{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"},
69{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
70{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
71{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"},
72{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"},
73{ERR_PACK(0,DSA_F_DSA_IS_PRIME,0), "DSA_is_prime"},
74{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"},
75{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
76{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
77{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
78{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
79{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"},
80{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
81{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"},
82{0,NULL}
83 };
84
85static ERR_STRING_DATA DSA_str_reasons[]=
86 {
87{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
88{0,NULL}
89 };
90
91#endif
92
93void ERR_load_DSA_strings(void)
94 {
95 static int init=1;
96
97 if (init)
98 {
99 init=0;
100#ifndef NO_ERR
101 ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
102 ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
103#endif
104
105 }
106 }
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
deleted file mode 100644
index b5e5ec06e5..0000000000
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ /dev/null
@@ -1,333 +0,0 @@
1/* crypto/dsa/dsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#undef GENUINE_DSA
60
61#ifdef GENUINE_DSA
62#define HASH SHA
63#else
64#define HASH SHA1
65#endif
66
67#ifndef NO_SHA
68#include <stdio.h>
69#include <time.h>
70#include "cryptlib.h"
71#include <openssl/sha.h>
72#include <openssl/bn.h>
73#include <openssl/dsa.h>
74#include <openssl/rand.h>
75
76DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
77 int *counter_ret, unsigned long *h_ret, void (*callback)(),
78 char *cb_arg)
79 {
80 int ok=0;
81 unsigned char seed[SHA_DIGEST_LENGTH];
82 unsigned char md[SHA_DIGEST_LENGTH];
83 unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
84 BIGNUM *r0,*W,*X,*c,*test;
85 BIGNUM *g=NULL,*q=NULL,*p=NULL;
86 BN_MONT_CTX *mont=NULL;
87 int k,n=0,i,b,m=0;
88 int counter=0;
89 BN_CTX *ctx=NULL,*ctx2=NULL;
90 unsigned int h=2;
91 DSA *ret=NULL;
92
93 if (bits < 512) bits=512;
94 bits=(bits+63)/64*64;
95
96 if ((seed_in != NULL) && (seed_len == 20))
97 memcpy(seed,seed_in,seed_len);
98
99 if ((ctx=BN_CTX_new()) == NULL) goto err;
100 if ((ctx2=BN_CTX_new()) == NULL) goto err;
101 if ((ret=DSA_new()) == NULL) goto err;
102
103 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
104
105 r0= &(ctx2->bn[0]);
106 g= &(ctx2->bn[1]);
107 W= &(ctx2->bn[2]);
108 q= &(ctx2->bn[3]);
109 X= &(ctx2->bn[4]);
110 c= &(ctx2->bn[5]);
111 p= &(ctx2->bn[6]);
112 test= &(ctx2->bn[7]);
113
114 BN_lshift(test,BN_value_one(),bits-1);
115
116 for (;;)
117 {
118 for (;;)
119 {
120 /* step 1 */
121 if (callback != NULL) callback(0,m++,cb_arg);
122
123 if (!seed_len)
124 RAND_bytes(seed,SHA_DIGEST_LENGTH);
125 else
126 seed_len=0;
127
128 memcpy(buf,seed,SHA_DIGEST_LENGTH);
129 memcpy(buf2,seed,SHA_DIGEST_LENGTH);
130 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
131 {
132 buf[i]++;
133 if (buf[i] != 0) break;
134 }
135
136 /* step 2 */
137 HASH(seed,SHA_DIGEST_LENGTH,md);
138 HASH(buf,SHA_DIGEST_LENGTH,buf2);
139 for (i=0; i<SHA_DIGEST_LENGTH; i++)
140 md[i]^=buf2[i];
141
142 /* step 3 */
143 md[0]|=0x80;
144 md[SHA_DIGEST_LENGTH-1]|=0x01;
145 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) abort();
146
147 /* step 4 */
148 if (DSA_is_prime(q,callback,cb_arg) > 0) break;
149 /* do a callback call */
150 /* step 5 */
151 }
152
153 if (callback != NULL) callback(2,0,cb_arg);
154 if (callback != NULL) callback(3,0,cb_arg);
155
156 /* step 6 */
157 counter=0;
158
159 n=(bits-1)/160;
160 b=(bits-1)-n*160;
161
162 for (;;)
163 {
164 /* step 7 */
165 BN_zero(W);
166 for (k=0; k<=n; k++)
167 {
168 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
169 {
170 buf[i]++;
171 if (buf[i] != 0) break;
172 }
173
174 HASH(buf,SHA_DIGEST_LENGTH,md);
175
176 /* step 8 */
177 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) abort();
178 BN_lshift(r0,r0,160*k);
179 BN_add(W,W,r0);
180 }
181
182 /* more of step 8 */
183 BN_mask_bits(W,bits-1);
184 BN_copy(X,W); /* this should be ok */
185 BN_add(X,X,test); /* this should be ok */
186
187 /* step 9 */
188 BN_lshift1(r0,q);
189 BN_mod(c,X,r0,ctx);
190 BN_sub(r0,c,BN_value_one());
191 BN_sub(p,X,r0);
192
193 /* step 10 */
194 if (BN_cmp(p,test) >= 0)
195 {
196 /* step 11 */
197 if (DSA_is_prime(p,callback,cb_arg) > 0)
198 goto end;
199 }
200
201 /* step 13 */
202 counter++;
203
204 /* step 14 */
205 if (counter >= 4096) break;
206
207 if (callback != NULL) callback(0,counter,cb_arg);
208 }
209 }
210end:
211 if (callback != NULL) callback(2,1,cb_arg);
212
213 /* We now need to gernerate g */
214 /* Set r0=(p-1)/q */
215 BN_sub(test,p,BN_value_one());
216 BN_div(r0,NULL,test,q,ctx);
217
218 BN_set_word(test,h);
219 BN_MONT_CTX_set(mont,p,ctx);
220
221 for (;;)
222 {
223 /* g=test^r0%p */
224 BN_mod_exp_mont(g,test,r0,p,ctx,mont);
225 if (!BN_is_one(g)) break;
226 BN_add(test,test,BN_value_one());
227 h++;
228 }
229
230 if (callback != NULL) callback(3,1,cb_arg);
231
232 ok=1;
233err:
234 if (!ok)
235 {
236 if (ret != NULL) DSA_free(ret);
237 }
238 else
239 {
240 ret->p=BN_dup(p);
241 ret->q=BN_dup(q);
242 ret->g=BN_dup(g);
243 if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
244 if (counter_ret != NULL) *counter_ret=counter;
245 if (h_ret != NULL) *h_ret=h;
246 }
247 if (ctx != NULL) BN_CTX_free(ctx);
248 if (ctx != NULL) BN_CTX_free(ctx2);
249 if (mont != NULL) BN_MONT_CTX_free(mont);
250 return(ok?ret:NULL);
251 }
252
253int DSA_is_prime(BIGNUM *w, void (*callback)(), char *cb_arg)
254 {
255 int ok= -1,j,i,n;
256 BN_CTX *ctx=NULL,*ctx2=NULL;
257 BIGNUM *w_1,*b,*m,*z,*tmp,*mont_1;
258 int a;
259 BN_MONT_CTX *mont=NULL;
260
261 if (!BN_is_bit_set(w,0)) return(0);
262
263 if ((ctx=BN_CTX_new()) == NULL) goto err;
264 if ((ctx2=BN_CTX_new()) == NULL) goto err;
265 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
266
267 m= &(ctx2->bn[2]);
268 b= &(ctx2->bn[3]);
269 z= &(ctx2->bn[4]);
270 w_1= &(ctx2->bn[5]);
271 tmp= &(ctx2->bn[6]);
272 mont_1= &(ctx2->bn[7]);
273
274 /* step 1 */
275 n=50;
276
277 /* step 2 */
278 if (!BN_sub(w_1,w,BN_value_one())) goto err;
279 for (a=1; !BN_is_bit_set(w_1,a); a++)
280 ;
281 if (!BN_rshift(m,w_1,a)) goto err;
282
283 BN_MONT_CTX_set(mont,w,ctx);
284 BN_to_montgomery(mont_1,BN_value_one(),mont,ctx);
285 BN_to_montgomery(w_1,w_1,mont,ctx);
286 for (i=1; i < n; i++)
287 {
288 /* step 3 */
289 BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0);
290 /* BN_set_word(b,0x10001L); */
291
292 /* step 4 */
293 j=0;
294 if (!BN_mod_exp_mont(z,b,m,w,ctx,mont)) goto err;
295
296 if (!BN_to_montgomery(z,z,mont,ctx)) goto err;
297
298 /* step 5 */
299 for (;;)
300 {
301 if (((j == 0) && (BN_cmp(z,mont_1) == 0)) ||
302 (BN_cmp(z,w_1) == 0))
303 break;
304
305 /* step 6 */
306 if ((j > 0) && (BN_cmp(z,mont_1) == 0))
307 {
308 ok=0;
309 goto err;
310 }
311
312 j++;
313 if (j >= a)
314 {
315 ok=0;
316 goto err;
317 }
318
319 if (!BN_mod_mul_montgomery(z,z,z,mont,ctx)) goto err;
320 if (callback != NULL) callback(1,j,cb_arg);
321 }
322 }
323
324 ok=1;
325err:
326 if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB);
327 BN_CTX_free(ctx);
328 BN_CTX_free(ctx2);
329 BN_MONT_CTX_free(mont);
330
331 return(ok);
332 }
333#endif
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
deleted file mode 100644
index ab7f38fc7c..0000000000
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* crypto/dsa/dsa_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef NO_SHA
60#include <stdio.h>
61#include <time.h>
62#include "cryptlib.h"
63#include <openssl/sha.h>
64#include <openssl/bn.h>
65#include <openssl/dsa.h>
66#include <openssl/rand.h>
67
68int DSA_generate_key(DSA *dsa)
69 {
70 int ok=0;
71 unsigned int i;
72 BN_CTX *ctx=NULL;
73 BIGNUM *pub_key=NULL,*priv_key=NULL;
74
75 if ((ctx=BN_CTX_new()) == NULL) goto err;
76
77 if (dsa->priv_key == NULL)
78 {
79 if ((priv_key=BN_new()) == NULL) goto err;
80 }
81 else
82 priv_key=dsa->priv_key;
83
84 i=BN_num_bits(dsa->q);
85 for (;;)
86 {
87 BN_rand(priv_key,i,1,0);
88 if (BN_cmp(priv_key,dsa->q) >= 0)
89 BN_sub(priv_key,priv_key,dsa->q);
90 if (!BN_is_zero(priv_key)) break;
91 }
92
93 if (dsa->pub_key == NULL)
94 {
95 if ((pub_key=BN_new()) == NULL) goto err;
96 }
97 else
98 pub_key=dsa->pub_key;
99
100 if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
101
102 dsa->priv_key=priv_key;
103 dsa->pub_key=pub_key;
104 ok=1;
105
106err:
107 if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
108 if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
109 if (ctx != NULL) BN_CTX_free(ctx);
110 return(ok);
111 }
112#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
deleted file mode 100644
index ce8e204f7e..0000000000
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ /dev/null
@@ -1,184 +0,0 @@
1/* crypto/dsa/dsa_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/asn1.h>
66
67const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
68
69DSA *DSA_new(void)
70 {
71 DSA *ret;
72
73 ret=(DSA *)Malloc(sizeof(DSA));
74 if (ret == NULL)
75 {
76 DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
77 return(NULL);
78 }
79 ret->pad=0;
80 ret->version=0;
81 ret->write_params=1;
82 ret->p=NULL;
83 ret->q=NULL;
84 ret->g=NULL;
85 ret->flags=DSA_FLAG_CACHE_MONT_P;
86
87 ret->pub_key=NULL;
88 ret->priv_key=NULL;
89
90 ret->kinv=NULL;
91 ret->r=NULL;
92 ret->method_mont_p=NULL;
93
94 ret->references=1;
95 return(ret);
96 }
97
98void DSA_free(DSA *r)
99 {
100 int i;
101
102 if (r == NULL) return;
103
104 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
105#ifdef REF_PRINT
106 REF_PRINT("DSA",r);
107#endif
108 if (i > 0) return;
109#ifdef REF_CHECK
110 if (i < 0)
111 {
112 fprintf(stderr,"DSA_free, bad reference count\n");
113 abort();
114 }
115#endif
116
117 if (r->p != NULL) BN_clear_free(r->p);
118 if (r->q != NULL) BN_clear_free(r->q);
119 if (r->g != NULL) BN_clear_free(r->g);
120 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
121 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
122 if (r->kinv != NULL) BN_clear_free(r->kinv);
123 if (r->r != NULL) BN_clear_free(r->r);
124 if (r->method_mont_p != NULL)
125 BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p);
126 Free(r);
127 }
128
129int DSA_size(DSA *r)
130 {
131 int ret,i;
132 ASN1_INTEGER bs;
133 unsigned char buf[4];
134
135 i=BN_num_bits(r->q);
136 bs.length=(i+7)/8;
137 bs.data=buf;
138 bs.type=V_ASN1_INTEGER;
139 /* If the top bit is set the asn1 encoding is 1 larger. */
140 buf[0]=0xff;
141
142 i=i2d_ASN1_INTEGER(&bs,NULL);
143 i+=i; /* r and s */
144 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
145 return(ret);
146 }
147
148#ifndef NO_DH
149DH *DSA_dup_DH(DSA *r)
150 {
151 /* DSA has p, q, g, optional pub_key, optional priv_key.
152 * DH has p, optional length, g, optional pub_key, optional priv_key.
153 */
154
155 DH *ret = NULL;
156
157 if (r == NULL)
158 goto err;
159 ret = DH_new();
160 if (ret == NULL)
161 goto err;
162 if (r->p != NULL)
163 if ((ret->p = BN_dup(r->p)) == NULL)
164 goto err;
165 if (r->q != NULL)
166 ret->length = BN_num_bits(r->q);
167 if (r->g != NULL)
168 if ((ret->g = BN_dup(r->g)) == NULL)
169 goto err;
170 if (r->pub_key != NULL)
171 if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
172 goto err;
173 if (r->priv_key != NULL)
174 if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
175 goto err;
176
177 return ret;
178
179 err:
180 if (ret != NULL)
181 DH_free(ret);
182 return NULL;
183 }
184#endif
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
deleted file mode 100644
index 774c161964..0000000000
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ /dev/null
@@ -1,211 +0,0 @@
1/* crypto/dsa/dsa_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67
68DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
69 {
70 BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
71 BIGNUM m;
72 BIGNUM xr;
73 BN_CTX *ctx=NULL;
74 int i,reason=ERR_R_BN_LIB;
75 DSA_SIG *ret=NULL;
76
77 BN_init(&m);
78 BN_init(&xr);
79 s=BN_new();
80 if (s == NULL) goto err;
81
82 i=BN_num_bytes(dsa->q); /* should be 20 */
83 if ((dlen > i) || (dlen > 50))
84 {
85 reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
86 goto err;
87 }
88
89 ctx=BN_CTX_new();
90 if (ctx == NULL) goto err;
91
92 if ((dsa->kinv == NULL) || (dsa->r == NULL))
93 {
94 if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
95 }
96 else
97 {
98 kinv=dsa->kinv;
99 dsa->kinv=NULL;
100 r=dsa->r;
101 dsa->r=NULL;
102 }
103
104 if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
105
106 /* Compute s = inv(k) (m + xr) mod q */
107 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
108 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
109 if (BN_cmp(s,dsa->q) > 0)
110 BN_sub(s,s,dsa->q);
111 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
112
113 ret=DSA_SIG_new();
114 if (ret == NULL) goto err;
115 ret->r = r;
116 ret->s = s;
117
118err:
119 if (!ret)
120 {
121 DSAerr(DSA_F_DSA_DO_SIGN,reason);
122 BN_free(r);
123 BN_free(s);
124 }
125 if (ctx != NULL) BN_CTX_free(ctx);
126 BN_clear_free(&m);
127 BN_clear_free(&xr);
128 if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
129 BN_clear_free(kinv);
130 return(ret);
131 }
132
133/* data has already been hashed (probably with SHA or SHA-1). */
134
135/* unsigned char *sig: out */
136/* unsigned int *siglen: out */
137int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
138 unsigned int *siglen, DSA *dsa)
139 {
140 DSA_SIG *s;
141 s=DSA_do_sign(dgst,dlen,dsa);
142 if (s == NULL)
143 {
144 *siglen=0;
145 return(0);
146 }
147 *siglen=i2d_DSA_SIG(s,&sig);
148 DSA_SIG_free(s);
149 return(1);
150 }
151
152int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
153 {
154 BN_CTX *ctx;
155 BIGNUM k,*kinv=NULL,*r=NULL;
156 int ret=0;
157
158 if (ctx_in == NULL)
159 {
160 if ((ctx=BN_CTX_new()) == NULL) goto err;
161 }
162 else
163 ctx=ctx_in;
164
165 BN_init(&k);
166 if ((r=BN_new()) == NULL) goto err;
167 kinv=NULL;
168
169 /* Get random k */
170 for (;;)
171 {
172 if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err;
173 if (BN_cmp(&k,dsa->q) >= 0)
174 BN_sub(&k,&k,dsa->q);
175 if (!BN_is_zero(&k)) break;
176 }
177
178 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
179 {
180 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
181 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
182 dsa->p,ctx)) goto err;
183 }
184
185 /* Compute r = (g^k mod p) mod q */
186 if (!BN_mod_exp_mont(r,dsa->g,&k,dsa->p,ctx,
187 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
188 if (!BN_mod(r,r,dsa->q,ctx)) goto err;
189
190 /* Compute part of 's = inv(k) (m + xr) mod q' */
191 if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
192
193 if (*kinvp != NULL) BN_clear_free(*kinvp);
194 *kinvp=kinv;
195 kinv=NULL;
196 if (*rp != NULL) BN_clear_free(*rp);
197 *rp=r;
198 ret=1;
199err:
200 if (!ret)
201 {
202 DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
203 if (kinv != NULL) BN_clear_free(kinv);
204 if (r != NULL) BN_clear_free(r);
205 }
206 if (ctx_in == NULL) BN_CTX_free(ctx);
207 if (kinv != NULL) BN_clear_free(kinv);
208 BN_clear_free(&k);
209 return(ret);
210 }
211
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
deleted file mode 100644
index ff552208aa..0000000000
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ /dev/null
@@ -1,160 +0,0 @@
1/* crypto/dsa/dsa_vrf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67#include <openssl/asn1_mac.h>
68
69int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
70 DSA *dsa)
71 {
72 BN_CTX *ctx;
73 BIGNUM u1,u2,t1;
74 BN_MONT_CTX *mont=NULL;
75 int ret = -1;
76
77 if ((ctx=BN_CTX_new()) == NULL) goto err;
78 BN_init(&u1);
79 BN_init(&u2);
80 BN_init(&t1);
81
82 /* Calculate W = inv(S) mod Q
83 * save W in u2 */
84 if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
85
86 /* save M in u1 */
87 if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
88
89 /* u1 = M * w mod q */
90 if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
91
92 /* u2 = r * w mod q */
93 if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
94
95 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
96 {
97 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
98 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
99 dsa->p,ctx)) goto err;
100 }
101 mont=(BN_MONT_CTX *)dsa->method_mont_p;
102
103#if 0
104 {
105 BIGNUM t2;
106
107 BN_init(&t2);
108 /* v = ( g^u1 * y^u2 mod p ) mod q */
109 /* let t1 = g ^ u1 mod p */
110 if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
111 /* let t2 = y ^ u2 mod p */
112 if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
113 /* let u1 = t1 * t2 mod p */
114 if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
115 BN_free(&t2);
116 }
117 /* let u1 = u1 mod q */
118 if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
119#else
120 {
121 if (!BN_mod_exp2_mont(&t1,dsa->g,&u1,dsa->pub_key,&u2,dsa->p,ctx,mont))
122 goto err;
123 /* BN_copy(&u1,&t1); */
124 /* let u1 = u1 mod q */
125 if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
126 }
127#endif
128 /* V is now in u1. If the signature is correct, it will be
129 * equal to R. */
130 ret=(BN_ucmp(&u1, sig->r) == 0);
131
132 err:
133 if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
134 if (ctx != NULL) BN_CTX_free(ctx);
135 BN_free(&u1);
136 BN_free(&u2);
137 BN_free(&t1);
138 return(ret);
139 }
140
141/* data has already been hashed (probably with SHA or SHA-1). */
142/* returns
143 * 1: correct signature
144 * 0: incorrect signature
145 * -1: error
146 */
147int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
148 unsigned char *sigbuf, int siglen, DSA *dsa)
149 {
150 DSA_SIG *s;
151 int ret=-1;
152
153 s = DSA_SIG_new();
154 if (s == NULL) return(ret);
155 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
156 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
157err:
158 DSA_SIG_free(s);
159 return(ret);
160 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-12 04:56:37 +0000