diff options
Diffstat (limited to 'src/lib/libcrypto/dsa/dsa_gen.c')
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_gen.c | 45 |
1 files changed, 27 insertions, 18 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index dc9c249310..e40afeea51 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c | |||
| @@ -80,6 +80,7 @@ | |||
| 80 | #include <openssl/rand.h> | 80 | #include <openssl/rand.h> |
| 81 | #include <openssl/sha.h> | 81 | #include <openssl/sha.h> |
| 82 | 82 | ||
| 83 | #ifndef OPENSSL_FIPS | ||
| 83 | DSA *DSA_generate_parameters(int bits, | 84 | DSA *DSA_generate_parameters(int bits, |
| 84 | unsigned char *seed_in, int seed_len, | 85 | unsigned char *seed_in, int seed_len, |
| 85 | int *counter_ret, unsigned long *h_ret, | 86 | int *counter_ret, unsigned long *h_ret, |
| @@ -127,8 +128,9 @@ DSA *DSA_generate_parameters(int bits, | |||
| 127 | c = BN_CTX_get(ctx2); | 128 | c = BN_CTX_get(ctx2); |
| 128 | p = BN_CTX_get(ctx2); | 129 | p = BN_CTX_get(ctx2); |
| 129 | test = BN_CTX_get(ctx2); | 130 | test = BN_CTX_get(ctx2); |
| 131 | if (test == NULL) goto err; | ||
| 130 | 132 | ||
| 131 | BN_lshift(test,BN_value_one(),bits-1); | 133 | if (!BN_lshift(test,BN_value_one(),bits-1)) goto err; |
| 132 | 134 | ||
| 133 | for (;;) | 135 | for (;;) |
| 134 | { | 136 | { |
| @@ -196,7 +198,7 @@ DSA *DSA_generate_parameters(int bits, | |||
| 196 | callback(0,counter,cb_arg); | 198 | callback(0,counter,cb_arg); |
| 197 | 199 | ||
| 198 | /* step 7 */ | 200 | /* step 7 */ |
| 199 | BN_zero(W); | 201 | if (!BN_zero(W)) goto err; |
| 200 | /* now 'buf' contains "SEED + offset - 1" */ | 202 | /* now 'buf' contains "SEED + offset - 1" */ |
| 201 | for (k=0; k<=n; k++) | 203 | for (k=0; k<=n; k++) |
| 202 | { | 204 | { |
| @@ -212,20 +214,20 @@ DSA *DSA_generate_parameters(int bits, | |||
| 212 | /* step 8 */ | 214 | /* step 8 */ |
| 213 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) | 215 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) |
| 214 | goto err; | 216 | goto err; |
| 215 | BN_lshift(r0,r0,160*k); | 217 | if (!BN_lshift(r0,r0,160*k)) goto err; |
| 216 | BN_add(W,W,r0); | 218 | if (!BN_add(W,W,r0)) goto err; |
| 217 | } | 219 | } |
| 218 | 220 | ||
| 219 | /* more of step 8 */ | 221 | /* more of step 8 */ |
| 220 | BN_mask_bits(W,bits-1); | 222 | if (!BN_mask_bits(W,bits-1)) goto err; |
| 221 | BN_copy(X,W); /* this should be ok */ | 223 | if (!BN_copy(X,W)) goto err; |
| 222 | BN_add(X,X,test); /* this should be ok */ | 224 | if (!BN_add(X,X,test)) goto err; |
| 223 | 225 | ||
| 224 | /* step 9 */ | 226 | /* step 9 */ |
| 225 | BN_lshift1(r0,q); | 227 | if (!BN_lshift1(r0,q)) goto err; |
| 226 | BN_mod(c,X,r0,ctx); | 228 | if (!BN_mod(c,X,r0,ctx)) goto err; |
| 227 | BN_sub(r0,c,BN_value_one()); | 229 | if (!BN_sub(r0,c,BN_value_one())) goto err; |
| 228 | BN_sub(p,X,r0); | 230 | if (!BN_sub(p,X,r0)) goto err; |
| 229 | 231 | ||
| 230 | /* step 10 */ | 232 | /* step 10 */ |
| 231 | if (BN_cmp(p,test) >= 0) | 233 | if (BN_cmp(p,test) >= 0) |
| @@ -251,18 +253,18 @@ end: | |||
| 251 | 253 | ||
| 252 | /* We now need to generate g */ | 254 | /* We now need to generate g */ |
| 253 | /* Set r0=(p-1)/q */ | 255 | /* Set r0=(p-1)/q */ |
| 254 | BN_sub(test,p,BN_value_one()); | 256 | if (!BN_sub(test,p,BN_value_one())) goto err; |
| 255 | BN_div(r0,NULL,test,q,ctx); | 257 | if (!BN_div(r0,NULL,test,q,ctx)) goto err; |
| 256 | 258 | ||
| 257 | BN_set_word(test,h); | 259 | if (!BN_set_word(test,h)) goto err; |
| 258 | BN_MONT_CTX_set(mont,p,ctx); | 260 | if (!BN_MONT_CTX_set(mont,p,ctx)) goto err; |
| 259 | 261 | ||
| 260 | for (;;) | 262 | for (;;) |
| 261 | { | 263 | { |
| 262 | /* g=test^r0%p */ | 264 | /* g=test^r0%p */ |
| 263 | BN_mod_exp_mont(g,test,r0,p,ctx,mont); | 265 | if (!BN_mod_exp_mont(g,test,r0,p,ctx,mont)) goto err; |
| 264 | if (!BN_is_one(g)) break; | 266 | if (!BN_is_one(g)) break; |
| 265 | BN_add(test,test,BN_value_one()); | 267 | if (!BN_add(test,test,BN_value_one())) goto err; |
| 266 | h++; | 268 | h++; |
| 267 | } | 269 | } |
| 268 | 270 | ||
| @@ -279,6 +281,11 @@ err: | |||
| 279 | ret->p=BN_dup(p); | 281 | ret->p=BN_dup(p); |
| 280 | ret->q=BN_dup(q); | 282 | ret->q=BN_dup(q); |
| 281 | ret->g=BN_dup(g); | 283 | ret->g=BN_dup(g); |
| 284 | if (ret->p == NULL || ret->q == NULL || ret->g == NULL) | ||
| 285 | { | ||
| 286 | ok=0; | ||
| 287 | goto err; | ||
| 288 | } | ||
| 282 | if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); | 289 | if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); |
| 283 | if (counter_ret != NULL) *counter_ret=counter; | 290 | if (counter_ret != NULL) *counter_ret=counter; |
| 284 | if (h_ret != NULL) *h_ret=h; | 291 | if (h_ret != NULL) *h_ret=h; |
| @@ -293,4 +300,6 @@ err: | |||
| 293 | if (mont != NULL) BN_MONT_CTX_free(mont); | 300 | if (mont != NULL) BN_MONT_CTX_free(mont); |
| 294 | return(ok?ret:NULL); | 301 | return(ok?ret:NULL); |
| 295 | } | 302 | } |
| 296 | #endif | 303 | #endif /* ndef OPENSSL_FIPS */ |
| 304 | #endif /* ndef OPENSSL_NO_SHA */ | ||
| 305 | |||