summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/Makefile.ssl20
-rw-r--r--src/lib/libcrypto/dh/dh.h51
-rw-r--r--src/lib/libcrypto/dh/dh_check.c10
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c19
-rw-r--r--src/lib/libcrypto/dh/dh_key.c65
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c92
-rw-r--r--src/lib/libcrypto/dh/dhtest.c12
7 files changed, 236 insertions, 33 deletions
diff --git a/src/lib/libcrypto/dh/Makefile.ssl b/src/lib/libcrypto/dh/Makefile.ssl
index 3b5ec0e115..8df60872ef 100644
--- a/src/lib/libcrypto/dh/Makefile.ssl
+++ b/src/lib/libcrypto/dh/Makefile.ssl
@@ -83,26 +83,30 @@ dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
83dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 83dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
84dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 84dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85dh_check.o: ../../include/openssl/opensslconf.h 85dh_check.o: ../../include/openssl/opensslconf.h
86dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/stack.h 86dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
87dh_check.o: ../cryptlib.h 87dh_check.o: ../../include/openssl/stack.h ../cryptlib.h
88dh_err.o: ../../include/openssl/bn.h ../../include/openssl/dh.h 88dh_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
89dh_err.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h 89dh_err.o: ../../include/openssl/dh.h ../../include/openssl/err.h
90dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
91dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
90dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 92dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
91dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 93dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
92dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 94dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
93dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 95dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
94dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 96dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
95dh_gen.o: ../../include/openssl/stack.h ../cryptlib.h 97dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
98dh_gen.o: ../cryptlib.h
96dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 99dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
97dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 100dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
98dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 101dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
99dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 102dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
100dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 103dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
101dh_key.o: ../../include/openssl/rand.h ../../include/openssl/stack.h 104dh_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
102dh_key.o: ../cryptlib.h 105dh_key.o: ../../include/openssl/stack.h ../cryptlib.h
103dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 106dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
104dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 107dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
105dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 108dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
106dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 109dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
107dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 110dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
108dh_lib.o: ../../include/openssl/stack.h ../cryptlib.h 111dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
112dh_lib.o: ../cryptlib.h
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 2cc3797a94..c15b2ad483 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -68,10 +68,28 @@ extern "C" {
68#endif 68#endif
69 69
70#include <openssl/bn.h> 70#include <openssl/bn.h>
71#include <openssl/crypto.h>
71 72
72#define DH_FLAG_CACHE_MONT_P 0x01 73#define DH_FLAG_CACHE_MONT_P 0x01
73 74
74typedef struct dh_st 75typedef struct dh_st DH;
76
77typedef struct dh_method {
78 const char *name;
79 /* Methods here */
80 int (*generate_key)(DH *dh);
81 int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh);
82 int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
83 const BIGNUM *m, BN_CTX *ctx,
84 BN_MONT_CTX *m_ctx); /* Can be null */
85
86 int (*init)(DH *dh);
87 int (*finish)(DH *dh);
88 int flags;
89 char *app_data;
90} DH_METHOD;
91
92struct dh_st
75 { 93 {
76 /* This first argument is used to pick up errors when 94 /* This first argument is used to pick up errors when
77 * a DH is passed instead of a EVP_PKEY */ 95 * a DH is passed instead of a EVP_PKEY */
@@ -80,12 +98,22 @@ typedef struct dh_st
80 BIGNUM *p; 98 BIGNUM *p;
81 BIGNUM *g; 99 BIGNUM *g;
82 int length; /* optional */ 100 int length; /* optional */
83 BIGNUM *pub_key; /* y */ 101 BIGNUM *pub_key; /* g^x */
84 BIGNUM *priv_key; /* x */ 102 BIGNUM *priv_key; /* x */
85 103
86 int flags; 104 int flags;
87 char *method_mont_p; 105 char *method_mont_p;
88 } DH; 106 /* Place holders if we want to do X9.42 DH */
107 BIGNUM *q;
108 BIGNUM *j;
109 unsigned char *seed;
110 int seedlen;
111 BIGNUM *counter;
112
113 int references;
114 CRYPTO_EX_DATA ex_data;
115 DH_METHOD *meth;
116 };
89 117
90#define DH_GENERATOR_2 2 118#define DH_GENERATOR_2 2
91/* #define DH_GENERATOR_3 3 */ 119/* #define DH_GENERATOR_3 3 */
@@ -93,10 +121,14 @@ typedef struct dh_st
93 121
94/* DH_check error codes */ 122/* DH_check error codes */
95#define DH_CHECK_P_NOT_PRIME 0x01 123#define DH_CHECK_P_NOT_PRIME 0x01
96#define DH_CHECK_P_NOT_STRONG_PRIME 0x02 124#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
97#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 125#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
98#define DH_NOT_SUITABLE_GENERATOR 0x08 126#define DH_NOT_SUITABLE_GENERATOR 0x08
99 127
128/* primes p where (p-1)/2 is prime too are called "safe"; we define
129 this for backward compatibility: */
130#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
131
100#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ 132#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
101 (char *(*)())d2i_DHparams,(char *)(x)) 133 (char *(*)())d2i_DHparams,(char *)(x))
102#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ 134#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
@@ -113,9 +145,20 @@ typedef struct dh_st
113 (unsigned char *)(x)) 145 (unsigned char *)(x))
114#endif 146#endif
115 147
148DH_METHOD *DH_OpenSSL(void);
149
150void DH_set_default_method(DH_METHOD *meth);
151DH_METHOD *DH_get_default_method(void);
152DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth);
153DH *DH_new_method(DH_METHOD *meth);
154
116DH * DH_new(void); 155DH * DH_new(void);
117void DH_free(DH *dh); 156void DH_free(DH *dh);
118int DH_size(DH *dh); 157int DH_size(DH *dh);
158int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
159 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
160int DH_set_ex_data(DH *d, int idx, void *arg);
161void *DH_get_ex_data(DH *d, int idx);
119DH * DH_generate_parameters(int prime_len,int generator, 162DH * DH_generate_parameters(int prime_len,int generator,
120 void (*callback)(int,int,void *),void *cb_arg); 163 void (*callback)(int,int,void *),void *cb_arg);
121int DH_check(DH *dh,int *codes); 164int DH_check(DH *dh,int *codes);
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 95ce9cfad0..7e5cfd8bfc 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -61,7 +61,7 @@
61#include <openssl/bn.h> 61#include <openssl/bn.h>
62#include <openssl/dh.h> 62#include <openssl/dh.h>
63 63
64/* Check that p is a strong prime and 64/* Check that p is a safe prime and
65 * if g is 2, 3 or 5, check that is is a suitable generator 65 * if g is 2, 3 or 5, check that is is a suitable generator
66 * where 66 * where
67 * for 2, p mod 24 == 11 67 * for 2, p mod 24 == 11
@@ -88,11 +88,13 @@ int DH_check(DH *dh, int *ret)
88 l=BN_mod_word(dh->p,24); 88 l=BN_mod_word(dh->p,24);
89 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; 89 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
90 } 90 }
91/* else if (BN_is_word(dh->g,DH_GENERATOR_3)) 91#if 0
92 else if (BN_is_word(dh->g,DH_GENERATOR_3))
92 { 93 {
93 l=BN_mod_word(dh->p,12); 94 l=BN_mod_word(dh->p,12);
94 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; 95 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
95 }*/ 96 }
97#endif
96 else if (BN_is_word(dh->g,DH_GENERATOR_5)) 98 else if (BN_is_word(dh->g,DH_GENERATOR_5))
97 { 99 {
98 l=BN_mod_word(dh->p,10); 100 l=BN_mod_word(dh->p,10);
@@ -108,7 +110,7 @@ int DH_check(DH *dh, int *ret)
108 { 110 {
109 if (!BN_rshift1(q,dh->p)) goto err; 111 if (!BN_rshift1(q,dh->p)) goto err;
110 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) 112 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
111 *ret|=DH_CHECK_P_NOT_STRONG_PRIME; 113 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
112 } 114 }
113 ok=1; 115 ok=1;
114err: 116err:
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index b7bcd2c7a4..7a6a38fbb4 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -72,14 +72,14 @@
72 * Having said all that, 72 * Having said all that,
73 * there is another special case method for the generators 2, 3 and 5. 73 * there is another special case method for the generators 2, 3 and 5.
74 * for 2, p mod 24 == 11 74 * for 2, p mod 24 == 11
75 * for 3, p mod 12 == 5 <<<<< does not work for strong primes. 75 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
76 * for 5, p mod 10 == 3 or 7 76 * for 5, p mod 10 == 3 or 7
77 * 77 *
78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the 78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
79 * special generators and for answering some of my questions. 79 * special generators and for answering some of my questions.
80 * 80 *
81 * I've implemented the second simple method :-). 81 * I've implemented the second simple method :-).
82 * Since DH should be using a strong prime (both p and q are prime), 82 * Since DH should be using a safe prime (both p and q are prime),
83 * this generator function can take a very very long time to run. 83 * this generator function can take a very very long time to run.
84 */ 84 */
85 85
@@ -95,9 +95,10 @@ DH *DH_generate_parameters(int prime_len, int generator,
95 if (ret == NULL) goto err; 95 if (ret == NULL) goto err;
96 ctx=BN_CTX_new(); 96 ctx=BN_CTX_new();
97 if (ctx == NULL) goto err; 97 if (ctx == NULL) goto err;
98 t1= &(ctx->bn[0]); 98 BN_CTX_start(ctx);
99 t2= &(ctx->bn[1]); 99 t1 = BN_CTX_get(ctx);
100 ctx->tos=2; 100 t2 = BN_CTX_get(ctx);
101 if (t1 == NULL || t2 == NULL) goto err;
101 102
102 if (generator == DH_GENERATOR_2) 103 if (generator == DH_GENERATOR_2)
103 { 104 {
@@ -105,7 +106,7 @@ DH *DH_generate_parameters(int prime_len, int generator,
105 BN_set_word(t2,11); 106 BN_set_word(t2,11);
106 g=2; 107 g=2;
107 } 108 }
108#ifdef undef /* does not work for strong primes */ 109#ifdef undef /* does not work for safe primes */
109 else if (generator == DH_GENERATOR_3) 110 else if (generator == DH_GENERATOR_3)
110 { 111 {
111 BN_set_word(t1,12); 112 BN_set_word(t1,12);
@@ -138,7 +139,11 @@ err:
138 ok=0; 139 ok=0;
139 } 140 }
140 141
141 if (ctx != NULL) BN_CTX_free(ctx); 142 if (ctx != NULL)
143 {
144 BN_CTX_end(ctx);
145 BN_CTX_free(ctx);
146 }
142 if (!ok && (ret != NULL)) 147 if (!ok && (ret != NULL))
143 { 148 {
144 DH_free(ret); 149 DH_free(ret);
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index cede53bfc1..0c7eeaf260 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -62,8 +62,42 @@
62#include <openssl/rand.h> 62#include <openssl/rand.h>
63#include <openssl/dh.h> 63#include <openssl/dh.h>
64 64
65static int generate_key(DH *dh);
66static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
67static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
68 const BIGNUM *m, BN_CTX *ctx,
69 BN_MONT_CTX *m_ctx);
70static int dh_init(DH *dh);
71static int dh_finish(DH *dh);
72
65int DH_generate_key(DH *dh) 73int DH_generate_key(DH *dh)
66 { 74 {
75 return dh->meth->generate_key(dh);
76 }
77
78int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
79 {
80 return dh->meth->compute_key(key, pub_key, dh);
81 }
82
83static DH_METHOD dh_ossl = {
84"OpenSSL DH Method",
85generate_key,
86compute_key,
87dh_bn_mod_exp,
88dh_init,
89dh_finish,
900,
91NULL
92};
93
94DH_METHOD *DH_OpenSSL(void)
95{
96 return &dh_ossl;
97}
98
99static int generate_key(DH *dh)
100 {
67 int ok=0; 101 int ok=0;
68 unsigned int i; 102 unsigned int i;
69 BN_CTX ctx; 103 BN_CTX ctx;
@@ -103,7 +137,8 @@ int DH_generate_key(DH *dh)
103 } 137 }
104 mont=(BN_MONT_CTX *)dh->method_mont_p; 138 mont=(BN_MONT_CTX *)dh->method_mont_p;
105 139
106 if (!BN_mod_exp_mont(pub_key,dh->g,priv_key,dh->p,&ctx,mont)) goto err; 140 if (!dh->meth->bn_mod_exp(dh, pub_key,dh->g,priv_key,dh->p,&ctx,mont))
141 goto err;
107 142
108 dh->pub_key=pub_key; 143 dh->pub_key=pub_key;
109 dh->priv_key=priv_key; 144 dh->priv_key=priv_key;
@@ -118,7 +153,7 @@ err:
118 return(ok); 153 return(ok);
119 } 154 }
120 155
121int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) 156static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
122 { 157 {
123 BN_CTX ctx; 158 BN_CTX ctx;
124 BN_MONT_CTX *mont; 159 BN_MONT_CTX *mont;
@@ -126,7 +161,8 @@ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
126 int ret= -1; 161 int ret= -1;
127 162
128 BN_CTX_init(&ctx); 163 BN_CTX_init(&ctx);
129 tmp= &(ctx.bn[ctx.tos++]); 164 BN_CTX_start(&ctx);
165 tmp = BN_CTX_get(&ctx);
130 166
131 if (dh->priv_key == NULL) 167 if (dh->priv_key == NULL)
132 { 168 {
@@ -141,7 +177,7 @@ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
141 } 177 }
142 178
143 mont=(BN_MONT_CTX *)dh->method_mont_p; 179 mont=(BN_MONT_CTX *)dh->method_mont_p;
144 if (!BN_mod_exp_mont(tmp,pub_key,dh->priv_key,dh->p,&ctx,mont)) 180 if (!dh->meth->bn_mod_exp(dh, tmp,pub_key,dh->priv_key,dh->p,&ctx,mont))
145 { 181 {
146 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); 182 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
147 goto err; 183 goto err;
@@ -149,6 +185,27 @@ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
149 185
150 ret=BN_bn2bin(tmp,key); 186 ret=BN_bn2bin(tmp,key);
151err: 187err:
188 BN_CTX_end(&ctx);
152 BN_CTX_free(&ctx); 189 BN_CTX_free(&ctx);
153 return(ret); 190 return(ret);
154 } 191 }
192
193static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
194 const BIGNUM *m, BN_CTX *ctx,
195 BN_MONT_CTX *m_ctx)
196{
197 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
198}
199
200static int dh_init(DH *dh)
201{
202 dh->flags |= DH_FLAG_CACHE_MONT_P;
203 return(1);
204}
205
206static int dh_finish(DH *dh)
207{
208 if(dh->method_mont_p)
209 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
210 return(1);
211}
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 61e0720e8a..6c21463028 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -63,16 +63,49 @@
63 63
64const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; 64const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
65 65
66static DH_METHOD *default_DH_method;
67static int dh_meth_num = 0;
68static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;
69
70void DH_set_default_method(DH_METHOD *meth)
71{
72 default_DH_method = meth;
73}
74
75DH_METHOD *DH_get_default_method(void)
76{
77 if(!default_DH_method) default_DH_method = DH_OpenSSL();
78 return default_DH_method;
79}
80
81DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
82{
83 DH_METHOD *mtmp;
84 mtmp = dh->meth;
85 if (mtmp->finish) mtmp->finish(dh);
86 dh->meth = meth;
87 if (meth->init) meth->init(dh);
88 return mtmp;
89}
90
66DH *DH_new(void) 91DH *DH_new(void)
92{
93 return DH_new_method(NULL);
94}
95
96DH *DH_new_method(DH_METHOD *meth)
67 { 97 {
68 DH *ret; 98 DH *ret;
69
70 ret=(DH *)Malloc(sizeof(DH)); 99 ret=(DH *)Malloc(sizeof(DH));
100
71 if (ret == NULL) 101 if (ret == NULL)
72 { 102 {
73 DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); 103 DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
74 return(NULL); 104 return(NULL);
75 } 105 }
106 if(!default_DH_method) default_DH_method = DH_OpenSSL();
107 if(meth) ret->meth = meth;
108 else ret->meth = default_DH_method;
76 ret->pad=0; 109 ret->pad=0;
77 ret->version=0; 110 ret->version=0;
78 ret->p=NULL; 111 ret->p=NULL;
@@ -80,23 +113,74 @@ DH *DH_new(void)
80 ret->length=0; 113 ret->length=0;
81 ret->pub_key=NULL; 114 ret->pub_key=NULL;
82 ret->priv_key=NULL; 115 ret->priv_key=NULL;
83 ret->flags=DH_FLAG_CACHE_MONT_P; 116 ret->q=NULL;
117 ret->j=NULL;
118 ret->seed = NULL;
119 ret->seedlen = 0;
120 ret->counter = NULL;
84 ret->method_mont_p=NULL; 121 ret->method_mont_p=NULL;
122 ret->references = 1;
123 ret->flags=ret->meth->flags;
124 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
125 {
126 Free(ret);
127 ret=NULL;
128 }
129 else
130 CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
85 return(ret); 131 return(ret);
86 } 132 }
87 133
88void DH_free(DH *r) 134void DH_free(DH *r)
89 { 135 {
136 int i;
90 if(r == NULL) return; 137 if(r == NULL) return;
138 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
139#ifdef REF_PRINT
140 REF_PRINT("DH",r);
141#endif
142 if (i > 0) return;
143#ifdef REF_CHECK
144 if (i < 0)
145 {
146 fprintf(stderr,"DH_free, bad reference count\n");
147 abort();
148 }
149#endif
150
151 CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
152
153 if(r->meth->finish) r->meth->finish(r);
154
91 if (r->p != NULL) BN_clear_free(r->p); 155 if (r->p != NULL) BN_clear_free(r->p);
92 if (r->g != NULL) BN_clear_free(r->g); 156 if (r->g != NULL) BN_clear_free(r->g);
157 if (r->q != NULL) BN_clear_free(r->q);
158 if (r->j != NULL) BN_clear_free(r->j);
159 if (r->seed) Free(r->seed);
160 if (r->counter != NULL) BN_clear_free(r->counter);
93 if (r->pub_key != NULL) BN_clear_free(r->pub_key); 161 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
94 if (r->priv_key != NULL) BN_clear_free(r->priv_key); 162 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
95 if (r->method_mont_p != NULL)
96 BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p);
97 Free(r); 163 Free(r);
98 } 164 }
99 165
166int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
167 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
168 {
169 dh_meth_num++;
170 return(CRYPTO_get_ex_new_index(dh_meth_num-1,
171 &dh_meth,argl,argp,new_func,dup_func,free_func));
172 }
173
174int DH_set_ex_data(DH *d, int idx, void *arg)
175 {
176 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
177 }
178
179void *DH_get_ex_data(DH *d, int idx)
180 {
181 return(CRYPTO_get_ex_data(&d->ex_data,idx));
182 }
183
100int DH_size(DH *dh) 184int DH_size(DH *dh)
101 { 185 {
102 return(BN_num_bytes(dh->p)); 186 return(BN_num_bytes(dh->p));
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
index 770331971f..d66c28455e 100644
--- a/src/lib/libcrypto/dh/dhtest.c
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -65,6 +65,7 @@
65#include <openssl/crypto.h> 65#include <openssl/crypto.h>
66#include <openssl/bio.h> 66#include <openssl/bio.h>
67#include <openssl/bn.h> 67#include <openssl/bn.h>
68#include <openssl/rand.h>
68 69
69#ifdef NO_DH 70#ifdef NO_DH
70int main(int argc, char *argv[]) 71int main(int argc, char *argv[])
@@ -87,19 +88,23 @@ static void MS_CALLBACK cb(int p, int n, void *arg);
87#include "bss_file.c" 88#include "bss_file.c"
88#endif 89#endif
89 90
90BIO *out=NULL; 91static const char rnd_seed[] = "string to make the random number generator think it has entropy";
91 92
92int main(int argc, char *argv[]) 93int main(int argc, char *argv[])
93 { 94 {
94 DH *a,*b; 95 DH *a;
96 DH *b=NULL;
95 char buf[12]; 97 char buf[12];
96 unsigned char *abuf=NULL,*bbuf=NULL; 98 unsigned char *abuf=NULL,*bbuf=NULL;
97 int i,alen,blen,aout,bout,ret=1; 99 int i,alen,blen,aout,bout,ret=1;
100 BIO *out;
98 101
99#ifdef WIN32 102#ifdef WIN32
100 CRYPTO_malloc_init(); 103 CRYPTO_malloc_init();
101#endif 104#endif
102 105
106 RAND_seed(rnd_seed, sizeof rnd_seed);
107
103 out=BIO_new(BIO_s_file()); 108 out=BIO_new(BIO_s_file());
104 if (out == NULL) exit(1); 109 if (out == NULL) exit(1);
105 BIO_set_fp(out,stdout,BIO_NOCLOSE); 110 BIO_set_fp(out,stdout,BIO_NOCLOSE);
@@ -167,6 +172,9 @@ int main(int argc, char *argv[])
167err: 172err:
168 if (abuf != NULL) Free(abuf); 173 if (abuf != NULL) Free(abuf);
169 if (bbuf != NULL) Free(bbuf); 174 if (bbuf != NULL) Free(bbuf);
175 if(b != NULL) DH_free(b);
176 if(a != NULL) DH_free(a);
177 BIO_free(out);
170 exit(ret); 178 exit(ret);
171 return(ret); 179 return(ret);
172 } 180 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 22:20:59 +0000