summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/Makefile.ssl109
-rw-r--r--src/lib/libcrypto/dh/dh.h60
-rw-r--r--src/lib/libcrypto/dh/dh_asn1.c87
-rw-r--r--src/lib/libcrypto/dh/dh_check.c2
-rw-r--r--src/lib/libcrypto/dh/dh_err.c9
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c32
-rw-r--r--src/lib/libcrypto/dh/dh_key.c59
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c150
-rw-r--r--src/lib/libcrypto/dh/dhtest.c30
9 files changed, 330 insertions, 208 deletions
diff --git a/src/lib/libcrypto/dh/Makefile.ssl b/src/lib/libcrypto/dh/Makefile.ssl
index bf4b47ca9a..209e2bf39c 100644
--- a/src/lib/libcrypto/dh/Makefile.ssl
+++ b/src/lib/libcrypto/dh/Makefile.ssl
@@ -5,13 +5,14 @@
5DIR= dh 5DIR= dh
6TOP= ../.. 6TOP= ../..
7CC= cc 7CC= cc
8INCLUDES= -I.. -I../../include 8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g 9CFLAG=-g
10INSTALL_PREFIX= 10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl 11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl 12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl 13MAKE= make -f Makefile.ssl
14MAKEDEPEND= $(TOP)/util/domd $(TOP) 14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile.ssl 16MAKEFILE= Makefile.ssl
16AR= ar r 17AR= ar r
17 18
@@ -22,8 +23,8 @@ TEST= dhtest.c
22APPS= 23APPS=
23 24
24LIB=$(TOP)/libcrypto.a 25LIB=$(TOP)/libcrypto.a
25LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c 26LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
26LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o 27LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
27 28
28SRC= $(LIBSRC) 29SRC= $(LIBSRC)
29 30
@@ -39,8 +40,7 @@ all: lib
39 40
40lib: $(LIBOBJ) 41lib: $(LIBOBJ)
41 $(AR) $(LIB) $(LIBOBJ) 42 $(AR) $(LIB) $(LIBOBJ)
42 @echo You may get an error following this line. Please ignore. 43 $(RANLIB) $(LIB) || echo Never mind.
43 - $(RANLIB) $(LIB)
44 @touch lib 44 @touch lib
45 45
46files: 46files:
@@ -79,61 +79,58 @@ clean:
79 79
80# DO NOT DELETE THIS LINE -- make depend depends on it. 80# DO NOT DELETE THIS LINE -- make depend depends on it.
81 81
82dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 82dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
83dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
84dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
85dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
86dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
87dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
88dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
89dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
90dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
91dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
92dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
83dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 93dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
84dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 94dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
85dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 95dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
86dh_check.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 96dh_check.o: ../../include/openssl/opensslconf.h
87dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 97dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
88dh_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 98dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
89dh_check.o: ../cryptlib.h 99dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
90dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 100dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
91dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h 101dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
92dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h 102dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
93dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 103dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
104dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
94dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 105dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
95dh_err.o: ../../include/openssl/symhacks.h 106dh_err.o: ../../include/openssl/symhacks.h dh_err.c
96dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h 107dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
97dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h 108dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
98dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h 109dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
99dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 110dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
100dh_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h 111dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
101dh_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h 112dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
102dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h 113dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
103dh_gen.o: ../cryptlib.h 114dh_gen.o: ../cryptlib.h dh_gen.c
104dh_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h 115dh_key.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
105dh_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h 116dh_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
106dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h 117dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
107dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h 118dh_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
108dh_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
109dh_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
110dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h 119dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
111dh_key.o: ../../include/openssl/evp.h ../../include/openssl/idea.h 120dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
112dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h 121dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
113dh_key.o: ../../include/openssl/md4.h ../../include/openssl/md5.h 122dh_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
114dh_key.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h 123dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
115dh_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h 124dh_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
116dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 125dh_key.o: ../cryptlib.h dh_key.c
117dh_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h 126dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
118dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h 127dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
119dh_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h 128dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
120dh_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 129dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
121dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h
122dh_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
123dh_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
124dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
125dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
126dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
127dh_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
128dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h 130dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
129dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h 131dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
130dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h 132dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
131dh_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h 133dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
132dh_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h 134dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
133dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h 135dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
134dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 136dh_lib.o: ../cryptlib.h dh_lib.c
135dh_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
136dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
137dh_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
138dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
139dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 7a8d9f88c2..d51dc130f4 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -59,15 +59,16 @@
59#ifndef HEADER_DH_H 59#ifndef HEADER_DH_H
60#define HEADER_DH_H 60#define HEADER_DH_H
61 61
62#ifdef NO_DH 62#ifdef OPENSSL_NO_DH
63#error DH is disabled. 63#error DH is disabled.
64#endif 64#endif
65 65
66#ifndef NO_BIO 66#ifndef OPENSSL_NO_BIO
67#include <openssl/bio.h> 67#include <openssl/bio.h>
68#endif 68#endif
69#include <openssl/bn.h> 69#include <openssl/bn.h>
70#include <openssl/crypto.h> 70#include <openssl/crypto.h>
71#include <openssl/ossl_typ.h>
71 72
72#define DH_FLAG_CACHE_MONT_P 0x01 73#define DH_FLAG_CACHE_MONT_P 0x01
73 74
@@ -81,9 +82,9 @@ typedef struct dh_method {
81 const char *name; 82 const char *name;
82 /* Methods here */ 83 /* Methods here */
83 int (*generate_key)(DH *dh); 84 int (*generate_key)(DH *dh);
84 int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh); 85 int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
85 int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 86 int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
86 const BIGNUM *m, BN_CTX *ctx, 87 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
87 BN_MONT_CTX *m_ctx); /* Can be null */ 88 BN_MONT_CTX *m_ctx); /* Can be null */
88 89
89 int (*init)(DH *dh); 90 int (*init)(DH *dh);
@@ -115,11 +116,8 @@ struct dh_st
115 116
116 int references; 117 int references;
117 CRYPTO_EX_DATA ex_data; 118 CRYPTO_EX_DATA ex_data;
118#if 0 119 const DH_METHOD *meth;
119 DH_METHOD *meth; 120 ENGINE *engine;
120#else
121 struct engine_st *engine;
122#endif
123 }; 121 };
124 122
125#define DH_GENERATOR_2 2 123#define DH_GENERATOR_2 2
@@ -152,46 +150,42 @@ struct dh_st
152 (unsigned char *)(x)) 150 (unsigned char *)(x))
153#endif 151#endif
154 152
155DH_METHOD *DH_OpenSSL(void); 153const DH_METHOD *DH_OpenSSL(void);
156 154
157void DH_set_default_openssl_method(DH_METHOD *meth); 155void DH_set_default_method(const DH_METHOD *meth);
158DH_METHOD *DH_get_default_openssl_method(void); 156const DH_METHOD *DH_get_default_method(void);
159#if 0 157int DH_set_method(DH *dh, const DH_METHOD *meth);
160DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth); 158DH *DH_new_method(ENGINE *engine);
161DH *DH_new_method(DH_METHOD *meth);
162#else
163int DH_set_method(DH *dh, struct engine_st *engine);
164DH *DH_new_method(struct engine_st *engine);
165#endif
166 159
167DH * DH_new(void); 160DH * DH_new(void);
168void DH_free(DH *dh); 161void DH_free(DH *dh);
169int DH_size(DH *dh); 162int DH_up_ref(DH *dh);
163int DH_size(const DH *dh);
170int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 164int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
171 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 165 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
172int DH_set_ex_data(DH *d, int idx, void *arg); 166int DH_set_ex_data(DH *d, int idx, void *arg);
173void *DH_get_ex_data(DH *d, int idx); 167void *DH_get_ex_data(DH *d, int idx);
174DH * DH_generate_parameters(int prime_len,int generator, 168DH * DH_generate_parameters(int prime_len,int generator,
175 void (*callback)(int,int,void *),void *cb_arg); 169 void (*callback)(int,int,void *),void *cb_arg);
176int DH_check(DH *dh,int *codes); 170int DH_check(const DH *dh,int *codes);
177int DH_generate_key(DH *dh); 171int DH_generate_key(DH *dh);
178int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); 172int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
179DH * d2i_DHparams(DH **a,unsigned char **pp, long length); 173DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
180int i2d_DHparams(DH *a,unsigned char **pp); 174int i2d_DHparams(const DH *a,unsigned char **pp);
181#ifndef NO_FP_API 175#ifndef OPENSSL_NO_FP_API
182int DHparams_print_fp(FILE *fp, DH *x); 176int DHparams_print_fp(FILE *fp, const DH *x);
183#endif 177#endif
184#ifndef NO_BIO 178#ifndef OPENSSL_NO_BIO
185int DHparams_print(BIO *bp, DH *x); 179int DHparams_print(BIO *bp, const DH *x);
186#else 180#else
187int DHparams_print(char *bp, DH *x); 181int DHparams_print(char *bp, const DH *x);
188#endif 182#endif
189void ERR_load_DH_strings(void );
190 183
191/* BEGIN ERROR CODES */ 184/* BEGIN ERROR CODES */
192/* The following lines are auto generated by the script mkerr.pl. Any changes 185/* The following lines are auto generated by the script mkerr.pl. Any changes
193 * made after this point may be overwritten when the script is next run. 186 * made after this point may be overwritten when the script is next run.
194 */ 187 */
188void ERR_load_DH_strings(void);
195 189
196/* Error codes for the DH functions. */ 190/* Error codes for the DH functions. */
197 191
@@ -201,13 +195,13 @@ void ERR_load_DH_strings(void );
201#define DH_F_DH_COMPUTE_KEY 102 195#define DH_F_DH_COMPUTE_KEY 102
202#define DH_F_DH_GENERATE_KEY 103 196#define DH_F_DH_GENERATE_KEY 103
203#define DH_F_DH_GENERATE_PARAMETERS 104 197#define DH_F_DH_GENERATE_PARAMETERS 104
204#define DH_F_DH_NEW 105 198#define DH_F_DH_NEW_METHOD 105
205 199
206/* Reason codes. */ 200/* Reason codes. */
201#define DH_R_BAD_GENERATOR 101
207#define DH_R_NO_PRIVATE_VALUE 100 202#define DH_R_NO_PRIVATE_VALUE 100
208 203
209#ifdef __cplusplus 204#ifdef __cplusplus
210} 205}
211#endif 206#endif
212#endif 207#endif
213
diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c
new file mode 100644
index 0000000000..769b5b68c5
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_asn1.c
@@ -0,0 +1,87 @@
1/* dh_asn1.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#include <openssl/objects.h>
64#include <openssl/asn1t.h>
65
66/* Override the default free and new methods */
67static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
68{
69 if(operation == ASN1_OP_NEW_PRE) {
70 *pval = (ASN1_VALUE *)DH_new();
71 if(*pval) return 2;
72 return 0;
73 } else if(operation == ASN1_OP_FREE_PRE) {
74 DH_free((DH *)*pval);
75 *pval = NULL;
76 return 2;
77 }
78 return 1;
79}
80
81ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
82 ASN1_SIMPLE(DH, p, BIGNUM),
83 ASN1_SIMPLE(DH, g, BIGNUM),
84 ASN1_OPT(DH, length, ZLONG),
85} ASN1_SEQUENCE_END_cb(DH, DHparams)
86
87IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 7e5cfd8bfc..f0373f7d68 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -70,7 +70,7 @@
70 * should hold. 70 * should hold.
71 */ 71 */
72 72
73int DH_check(DH *dh, int *ret) 73int DH_check(const DH *dh, int *ret)
74 { 74 {
75 int ok=0; 75 int ok=0;
76 BN_CTX *ctx=NULL; 76 BN_CTX *ctx=NULL;
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
index ff2d1684c2..d837950aec 100644
--- a/src/lib/libcrypto/dh/dh_err.c
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,6 +1,6 @@
1/* crypto/dh/dh_err.c */ 1/* crypto/dh/dh_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -63,7 +63,7 @@
63#include <openssl/dh.h> 63#include <openssl/dh.h>
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef NO_ERR 66#ifndef OPENSSL_NO_ERR
67static ERR_STRING_DATA DH_str_functs[]= 67static ERR_STRING_DATA DH_str_functs[]=
68 { 68 {
69{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"}, 69{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
@@ -71,12 +71,13 @@ static ERR_STRING_DATA DH_str_functs[]=
71{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"}, 71{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
72{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"}, 72{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
73{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"}, 73{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
74{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"}, 74{ERR_PACK(0,DH_F_DH_NEW_METHOD,0), "DH_new_method"},
75{0,NULL} 75{0,NULL}
76 }; 76 };
77 77
78static ERR_STRING_DATA DH_str_reasons[]= 78static ERR_STRING_DATA DH_str_reasons[]=
79 { 79 {
80{DH_R_BAD_GENERATOR ,"bad generator"},
80{DH_R_NO_PRIVATE_VALUE ,"no private value"}, 81{DH_R_NO_PRIVATE_VALUE ,"no private value"},
81{0,NULL} 82{0,NULL}
82 }; 83 };
@@ -90,7 +91,7 @@ void ERR_load_DH_strings(void)
90 if (init) 91 if (init)
91 { 92 {
92 init=0; 93 init=0;
93#ifndef NO_ERR 94#ifndef OPENSSL_NO_ERR
94 ERR_load_strings(ERR_LIB_DH,DH_str_functs); 95 ERR_load_strings(ERR_LIB_DH,DH_str_functs);
95 ERR_load_strings(ERR_LIB_DH,DH_str_reasons); 96 ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
96#endif 97#endif
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index 7a6a38fbb4..06f78b35ab 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -82,7 +82,10 @@
82 * Since DH should be using a safe prime (both p and q are prime), 82 * Since DH should be using a safe prime (both p and q are prime),
83 * this generator function can take a very very long time to run. 83 * this generator function can take a very very long time to run.
84 */ 84 */
85 85/* Actually there is no reason to insist that 'generator' be a generator.
86 * It's just as OK (and in some sense better) to use a generator of the
87 * order-q subgroup.
88 */
86DH *DH_generate_parameters(int prime_len, int generator, 89DH *DH_generate_parameters(int prime_len, int generator,
87 void (*callback)(int,int,void *), void *cb_arg) 90 void (*callback)(int,int,void *), void *cb_arg)
88 { 91 {
@@ -100,30 +103,43 @@ DH *DH_generate_parameters(int prime_len, int generator,
100 t2 = BN_CTX_get(ctx); 103 t2 = BN_CTX_get(ctx);
101 if (t1 == NULL || t2 == NULL) goto err; 104 if (t1 == NULL || t2 == NULL) goto err;
102 105
106 if (generator <= 1)
107 {
108 DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR);
109 goto err;
110 }
103 if (generator == DH_GENERATOR_2) 111 if (generator == DH_GENERATOR_2)
104 { 112 {
105 BN_set_word(t1,24); 113 if (!BN_set_word(t1,24)) goto err;
106 BN_set_word(t2,11); 114 if (!BN_set_word(t2,11)) goto err;
107 g=2; 115 g=2;
108 } 116 }
109#ifdef undef /* does not work for safe primes */ 117#if 0 /* does not work for safe primes */
110 else if (generator == DH_GENERATOR_3) 118 else if (generator == DH_GENERATOR_3)
111 { 119 {
112 BN_set_word(t1,12); 120 if (!BN_set_word(t1,12)) goto err;
113 BN_set_word(t2,5); 121 if (!BN_set_word(t2,5)) goto err;
114 g=3; 122 g=3;
115 } 123 }
116#endif 124#endif
117 else if (generator == DH_GENERATOR_5) 125 else if (generator == DH_GENERATOR_5)
118 { 126 {
119 BN_set_word(t1,10); 127 if (!BN_set_word(t1,10)) goto err;
120 BN_set_word(t2,3); 128 if (!BN_set_word(t2,3)) goto err;
121 /* BN_set_word(t3,7); just have to miss 129 /* BN_set_word(t3,7); just have to miss
122 * out on these ones :-( */ 130 * out on these ones :-( */
123 g=5; 131 g=5;
124 } 132 }
125 else 133 else
134 {
135 /* in the general case, don't worry if 'generator' is a
136 * generator or not: since we are using safe primes,
137 * it will generate either an order-q or an order-2q group,
138 * which both is OK */
139 if (!BN_set_word(t1,2)) goto err;
140 if (!BN_set_word(t2,1)) goto err;
126 g=generator; 141 g=generator;
142 }
127 143
128 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); 144 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
129 if (p == NULL) goto err; 145 if (p == NULL) goto err;
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index 22b087b778..1a0efca2c4 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -64,8 +64,9 @@
64#include <openssl/engine.h> 64#include <openssl/engine.h>
65 65
66static int generate_key(DH *dh); 66static int generate_key(DH *dh);
67static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); 67static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
68static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 68static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
69 const BIGNUM *a, const BIGNUM *p,
69 const BIGNUM *m, BN_CTX *ctx, 70 const BIGNUM *m, BN_CTX *ctx,
70 BN_MONT_CTX *m_ctx); 71 BN_MONT_CTX *m_ctx);
71static int dh_init(DH *dh); 72static int dh_init(DH *dh);
@@ -73,12 +74,12 @@ static int dh_finish(DH *dh);
73 74
74int DH_generate_key(DH *dh) 75int DH_generate_key(DH *dh)
75 { 76 {
76 return ENGINE_get_DH(dh->engine)->generate_key(dh); 77 return dh->meth->generate_key(dh);
77 } 78 }
78 79
79int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) 80int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
80 { 81 {
81 return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); 82 return dh->meth->compute_key(key, pub_key, dh);
82 } 83 }
83 84
84static DH_METHOD dh_ossl = { 85static DH_METHOD dh_ossl = {
@@ -92,7 +93,7 @@ dh_finish,
92NULL 93NULL
93}; 94};
94 95
95DH_METHOD *DH_OpenSSL(void) 96const DH_METHOD *DH_OpenSSL(void)
96{ 97{
97 return &dh_ossl; 98 return &dh_ossl;
98} 99}
@@ -100,19 +101,20 @@ DH_METHOD *DH_OpenSSL(void)
100static int generate_key(DH *dh) 101static int generate_key(DH *dh)
101 { 102 {
102 int ok=0; 103 int ok=0;
103 BN_CTX ctx; 104 int generate_new_key=0;
105 unsigned l;
106 BN_CTX *ctx;
104 BN_MONT_CTX *mont; 107 BN_MONT_CTX *mont;
105 BIGNUM *pub_key=NULL,*priv_key=NULL; 108 BIGNUM *pub_key=NULL,*priv_key=NULL;
106 109
107 BN_CTX_init(&ctx); 110 ctx = BN_CTX_new();
111 if (ctx == NULL) goto err;
108 112
109 if (dh->priv_key == NULL) 113 if (dh->priv_key == NULL)
110 { 114 {
111 priv_key=BN_new(); 115 priv_key=BN_new();
112 if (priv_key == NULL) goto err; 116 if (priv_key == NULL) goto err;
113 do 117 generate_new_key=1;
114 if (!BN_rand_range(priv_key, dh->p)) goto err;
115 while (BN_is_zero(priv_key));
116 } 118 }
117 else 119 else
118 priv_key=dh->priv_key; 120 priv_key=dh->priv_key;
@@ -129,12 +131,16 @@ static int generate_key(DH *dh)
129 { 131 {
130 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 132 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
131 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, 133 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
132 dh->p,&ctx)) goto err; 134 dh->p,ctx)) goto err;
133 } 135 }
134 mont=(BN_MONT_CTX *)dh->method_mont_p; 136 mont=(BN_MONT_CTX *)dh->method_mont_p;
135 137
136 if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, 138 if (generate_new_key)
137 priv_key,dh->p,&ctx,mont)) 139 {
140 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
141 if (!BN_rand(priv_key, l, 0, 0)) goto err;
142 }
143 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
138 goto err; 144 goto err;
139 145
140 dh->pub_key=pub_key; 146 dh->pub_key=pub_key;
@@ -146,20 +152,21 @@ err:
146 152
147 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); 153 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
148 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); 154 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
149 BN_CTX_free(&ctx); 155 BN_CTX_free(ctx);
150 return(ok); 156 return(ok);
151 } 157 }
152 158
153static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) 159static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
154 { 160 {
155 BN_CTX ctx; 161 BN_CTX *ctx;
156 BN_MONT_CTX *mont; 162 BN_MONT_CTX *mont;
157 BIGNUM *tmp; 163 BIGNUM *tmp;
158 int ret= -1; 164 int ret= -1;
159 165
160 BN_CTX_init(&ctx); 166 ctx = BN_CTX_new();
161 BN_CTX_start(&ctx); 167 if (ctx == NULL) goto err;
162 tmp = BN_CTX_get(&ctx); 168 BN_CTX_start(ctx);
169 tmp = BN_CTX_get(ctx);
163 170
164 if (dh->priv_key == NULL) 171 if (dh->priv_key == NULL)
165 { 172 {
@@ -170,12 +177,11 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
170 { 177 {
171 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 178 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
172 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, 179 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
173 dh->p,&ctx)) goto err; 180 dh->p,ctx)) goto err;
174 } 181 }
175 182
176 mont=(BN_MONT_CTX *)dh->method_mont_p; 183 mont=(BN_MONT_CTX *)dh->method_mont_p;
177 if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key, 184 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
178 dh->priv_key,dh->p,&ctx,mont))
179 { 185 {
180 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); 186 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
181 goto err; 187 goto err;
@@ -183,12 +189,13 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
183 189
184 ret=BN_bn2bin(tmp,key); 190 ret=BN_bn2bin(tmp,key);
185err: 191err:
186 BN_CTX_end(&ctx); 192 BN_CTX_end(ctx);
187 BN_CTX_free(&ctx); 193 BN_CTX_free(ctx);
188 return(ret); 194 return(ret);
189 } 195 }
190 196
191static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 197static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
198 const BIGNUM *a, const BIGNUM *p,
192 const BIGNUM *m, BN_CTX *ctx, 199 const BIGNUM *m, BN_CTX *ctx,
193 BN_MONT_CTX *m_ctx) 200 BN_MONT_CTX *m_ctx)
194 { 201 {
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 96f118c153..ba5fd41057 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -64,95 +64,78 @@
64 64
65const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; 65const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
66 66
67static DH_METHOD *default_DH_method; 67static const DH_METHOD *default_DH_method = NULL;
68static int dh_meth_num = 0; 68
69static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL; 69void DH_set_default_method(const DH_METHOD *meth)
70 70 {
71void DH_set_default_openssl_method(DH_METHOD *meth) 71 default_DH_method = meth;
72{ 72 }
73 ENGINE *e;
74 /* We'll need to notify the "openssl" ENGINE of this
75 * change too. We won't bother locking things down at
76 * our end as there was never any locking in these
77 * functions! */
78 if(default_DH_method != meth)
79 {
80 default_DH_method = meth;
81 e = ENGINE_by_id("openssl");
82 if(e)
83 {
84 ENGINE_set_DH(e, meth);
85 ENGINE_free(e);
86 }
87 }
88}
89 73
90DH_METHOD *DH_get_default_openssl_method(void) 74const DH_METHOD *DH_get_default_method(void)
91{ 75 {
92 if(!default_DH_method) default_DH_method = DH_OpenSSL(); 76 if(!default_DH_method)
77 default_DH_method = DH_OpenSSL();
93 return default_DH_method; 78 return default_DH_method;
94} 79 }
95 80
96#if 0 81int DH_set_method(DH *dh, const DH_METHOD *meth)
97DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) 82 {
98{ 83 /* NB: The caller is specifically setting a method, so it's not up to us
99 DH_METHOD *mtmp; 84 * to deal with which ENGINE it comes from. */
85 const DH_METHOD *mtmp;
100 mtmp = dh->meth; 86 mtmp = dh->meth;
101 if (mtmp->finish) mtmp->finish(dh); 87 if (mtmp->finish) mtmp->finish(dh);
88 if (dh->engine)
89 {
90 ENGINE_finish(dh->engine);
91 dh->engine = NULL;
92 }
102 dh->meth = meth; 93 dh->meth = meth;
103 if (meth->init) meth->init(dh); 94 if (meth->init) meth->init(dh);
104 return mtmp; 95 return 1;
105} 96 }
106#else
107int DH_set_method(DH *dh, ENGINE *engine)
108{
109 ENGINE *mtmp;
110 DH_METHOD *meth;
111 mtmp = dh->engine;
112 meth = ENGINE_get_DH(mtmp);
113 if (!ENGINE_init(engine))
114 return 0;
115 if (meth->finish) meth->finish(dh);
116 dh->engine= engine;
117 meth = ENGINE_get_DH(engine);
118 if (meth->init) meth->init(dh);
119 /* SHOULD ERROR CHECK THIS!!! */
120 ENGINE_finish(mtmp);
121 return 1;
122}
123#endif
124 97
125DH *DH_new(void) 98DH *DH_new(void)
126{ 99 {
127 return DH_new_method(NULL); 100 return DH_new_method(NULL);
128} 101 }
129 102
130#if 0
131DH *DH_new_method(DH_METHOD *meth)
132#else
133DH *DH_new_method(ENGINE *engine) 103DH *DH_new_method(ENGINE *engine)
134#endif
135 { 104 {
136 DH_METHOD *meth;
137 DH *ret; 105 DH *ret;
138 ret=(DH *)OPENSSL_malloc(sizeof(DH));
139 106
107 ret=(DH *)OPENSSL_malloc(sizeof(DH));
140 if (ret == NULL) 108 if (ret == NULL)
141 { 109 {
142 DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); 110 DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE);
143 return(NULL); 111 return(NULL);
144 } 112 }
145 if(engine) 113
114 ret->meth = DH_get_default_method();
115 if (engine)
116 {
117 if (!ENGINE_init(engine))
118 {
119 DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
120 OPENSSL_free(ret);
121 return NULL;
122 }
146 ret->engine = engine; 123 ret->engine = engine;
124 }
147 else 125 else
126 ret->engine = ENGINE_get_default_DH();
127 if(ret->engine)
148 { 128 {
149 if((ret->engine=ENGINE_get_default_DH()) == NULL) 129 ret->meth = ENGINE_get_DH(ret->engine);
130 if(!ret->meth)
150 { 131 {
132 DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB);
133 ENGINE_finish(ret->engine);
151 OPENSSL_free(ret); 134 OPENSSL_free(ret);
152 return NULL; 135 return NULL;
153 } 136 }
154 } 137 }
155 meth = ENGINE_get_DH(ret->engine); 138
156 ret->pad=0; 139 ret->pad=0;
157 ret->version=0; 140 ret->version=0;
158 ret->p=NULL; 141 ret->p=NULL;
@@ -167,11 +150,13 @@ DH *DH_new_method(ENGINE *engine)
167 ret->counter = NULL; 150 ret->counter = NULL;
168 ret->method_mont_p=NULL; 151 ret->method_mont_p=NULL;
169 ret->references = 1; 152 ret->references = 1;
170 ret->flags=meth->flags; 153 ret->flags=ret->meth->flags;
171 CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); 154 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
172 if ((meth->init != NULL) && !meth->init(ret)) 155 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
173 { 156 {
174 CRYPTO_free_ex_data(dh_meth,ret,&ret->ex_data); 157 if (ret->engine)
158 ENGINE_finish(ret->engine);
159 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
175 OPENSSL_free(ret); 160 OPENSSL_free(ret);
176 ret=NULL; 161 ret=NULL;
177 } 162 }
@@ -180,7 +165,6 @@ DH *DH_new_method(ENGINE *engine)
180 165
181void DH_free(DH *r) 166void DH_free(DH *r)
182 { 167 {
183 DH_METHOD *meth;
184 int i; 168 int i;
185 if(r == NULL) return; 169 if(r == NULL) return;
186 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); 170 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
@@ -196,11 +180,12 @@ void DH_free(DH *r)
196 } 180 }
197#endif 181#endif
198 182
199 meth = ENGINE_get_DH(r->engine); 183 if (r->meth->finish)
200 if(meth->finish) meth->finish(r); 184 r->meth->finish(r);
201 ENGINE_finish(r->engine); 185 if (r->engine)
186 ENGINE_finish(r->engine);
202 187
203 CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); 188 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
204 189
205 if (r->p != NULL) BN_clear_free(r->p); 190 if (r->p != NULL) BN_clear_free(r->p);
206 if (r->g != NULL) BN_clear_free(r->g); 191 if (r->g != NULL) BN_clear_free(r->g);
@@ -213,12 +198,27 @@ void DH_free(DH *r)
213 OPENSSL_free(r); 198 OPENSSL_free(r);
214 } 199 }
215 200
201int DH_up_ref(DH *r)
202 {
203 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
204#ifdef REF_PRINT
205 REF_PRINT("DH",r);
206#endif
207#ifdef REF_CHECK
208 if (i < 2)
209 {
210 fprintf(stderr, "DH_up, bad reference count\n");
211 abort();
212 }
213#endif
214 return ((i > 1) ? 1 : 0);
215 }
216
216int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 217int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
217 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 218 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
218 { 219 {
219 dh_meth_num++; 220 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
220 return(CRYPTO_get_ex_new_index(dh_meth_num-1, 221 new_func, dup_func, free_func);
221 &dh_meth,argl,argp,new_func,dup_func,free_func));
222 } 222 }
223 223
224int DH_set_ex_data(DH *d, int idx, void *arg) 224int DH_set_ex_data(DH *d, int idx, void *arg)
@@ -231,7 +231,7 @@ void *DH_get_ex_data(DH *d, int idx)
231 return(CRYPTO_get_ex_data(&d->ex_data,idx)); 231 return(CRYPTO_get_ex_data(&d->ex_data,idx));
232 } 232 }
233 233
234int DH_size(DH *dh) 234int DH_size(const DH *dh)
235 { 235 {
236 return(BN_num_bytes(dh->p)); 236 return(BN_num_bytes(dh->p));
237 } 237 }
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
index f0151253d7..34894ced73 100644
--- a/src/lib/libcrypto/dh/dhtest.c
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -59,15 +59,16 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <stdlib.h> 60#include <stdlib.h>
61#include <string.h> 61#include <string.h>
62#ifdef WINDOWS 62#ifdef OPENSSL_SYS_WINDOWS
63#include "../bio/bss_file.c" 63#include "../bio/bss_file.c"
64#endif 64#endif
65#include <openssl/crypto.h> 65#include <openssl/crypto.h>
66#include <openssl/bio.h> 66#include <openssl/bio.h>
67#include <openssl/bn.h> 67#include <openssl/bn.h>
68#include <openssl/rand.h> 68#include <openssl/rand.h>
69#include <openssl/err.h>
69 70
70#ifdef NO_DH 71#ifdef OPENSSL_NO_DH
71int main(int argc, char *argv[]) 72int main(int argc, char *argv[])
72{ 73{
73 printf("No DH support\n"); 74 printf("No DH support\n");
@@ -76,14 +77,14 @@ int main(int argc, char *argv[])
76#else 77#else
77#include <openssl/dh.h> 78#include <openssl/dh.h>
78 79
79#ifdef WIN16 80#ifdef OPENSSL_SYS_WIN16
80#define MS_CALLBACK _far _loadds 81#define MS_CALLBACK _far _loadds
81#else 82#else
82#define MS_CALLBACK 83#define MS_CALLBACK
83#endif 84#endif
84 85
85static void MS_CALLBACK cb(int p, int n, void *arg); 86static void MS_CALLBACK cb(int p, int n, void *arg);
86#ifdef NO_STDIO 87#ifdef OPENSSL_NO_STDIO
87#define APPS_WIN16 88#define APPS_WIN16
88#include "bss_file.c" 89#include "bss_file.c"
89#endif 90#endif
@@ -99,7 +100,11 @@ int main(int argc, char *argv[])
99 int i,alen,blen,aout,bout,ret=1; 100 int i,alen,blen,aout,bout,ret=1;
100 BIO *out; 101 BIO *out;
101 102
102#ifdef WIN32 103 CRYPTO_malloc_debug_init();
104 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
105 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
106
107#ifdef OPENSSL_SYS_WIN32
103 CRYPTO_malloc_init(); 108 CRYPTO_malloc_init();
104#endif 109#endif
105 110
@@ -112,6 +117,16 @@ int main(int argc, char *argv[])
112 a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out); 117 a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out);
113 if (a == NULL) goto err; 118 if (a == NULL) goto err;
114 119
120 if (!DH_check(a, &i)) goto err;
121 if (i & DH_CHECK_P_NOT_PRIME)
122 BIO_puts(out, "p value is not prime\n");
123 if (i & DH_CHECK_P_NOT_SAFE_PRIME)
124 BIO_puts(out, "p value is not a safe prime\n");
125 if (i & DH_UNABLE_TO_CHECK_GENERATOR)
126 BIO_puts(out, "unable to check the generator value\n");
127 if (i & DH_NOT_SUITABLE_GENERATOR)
128 BIO_puts(out, "the g value is not a generator\n");
129
115 BIO_puts(out,"\np ="); 130 BIO_puts(out,"\np =");
116 BN_print(out,a->p); 131 BN_print(out,a->p);
117 BIO_puts(out,"\ng ="); 132 BIO_puts(out,"\ng =");
@@ -170,11 +185,16 @@ int main(int argc, char *argv[])
170 else 185 else
171 ret=0; 186 ret=0;
172err: 187err:
188 ERR_print_errors_fp(stderr);
189
173 if (abuf != NULL) OPENSSL_free(abuf); 190 if (abuf != NULL) OPENSSL_free(abuf);
174 if (bbuf != NULL) OPENSSL_free(bbuf); 191 if (bbuf != NULL) OPENSSL_free(bbuf);
175 if(b != NULL) DH_free(b); 192 if(b != NULL) DH_free(b);
176 if(a != NULL) DH_free(a); 193 if(a != NULL) DH_free(a);
177 BIO_free(out); 194 BIO_free(out);
195 CRYPTO_cleanup_all_ex_data();
196 ERR_remove_state(0);
197 CRYPTO_mem_leaks_fp(stderr);
178 exit(ret); 198 exit(ret);
179 return(ret); 199 return(ret);
180 } 200 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 07:33:35 +0000