1 files changed, 128 insertions, 165 deletions
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eng.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 383a7045b2..e9b75902db 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_eng.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
-/* crypto/rsa/rsa_lib.c */
+/* crypto/dsa/dsa_lib.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -56,120 +56,90 @@
 * [including the GNU Public Licence.]
 */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 #include <stdio.h>
-#include <openssl/crypto.h>
 #include "cryptlib.h"
-#include <openssl/lhash.h>
 #include <openssl/bn.h>
-#include <openssl/rsa.h>
+#include <openssl/dsa.h>
-#include <openssl/rand.h>
+#include <openssl/asn1.h>
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
-const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;
+const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
-static const RSA_METHOD *default_RSA_meth=NULL;
-RSA *RSA_new(void)
-        {
-        RSA *r=RSA_new_method(NULL);
-        return r;
+static const DSA_METHOD *default_DSA_method = NULL;
-        }
-void RSA_set_default_method(const RSA_METHOD *meth)
+void DSA_set_default_method(const DSA_METHOD *meth)
        {
-#ifdef OPENSSL_FIPS
+        default_DSA_method = meth;
-        if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD))
-                {
-                RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_METHOD);
-                return;
-                }
-#endif
-        default_RSA_meth = meth;
        }
-const RSA_METHOD *RSA_get_default_method(void)
+const DSA_METHOD *DSA_get_default_method(void)
        {
-        if (default_RSA_meth == NULL)
+        if(!default_DSA_method)
-                {
+                default_DSA_method = DSA_OpenSSL();
-#ifdef RSA_NULL
+        return default_DSA_method;
-                default_RSA_meth=RSA_null_method();
-#else
-#if 0 /* was: #ifdef RSAref */
-                default_RSA_meth=RSA_PKCS1_RSAref();
-#else
-                default_RSA_meth=RSA_PKCS1_SSLeay();
-#endif
-#endif
-                }
-        return default_RSA_meth;
        }
-const RSA_METHOD *RSA_get_method(const RSA *rsa)
+DSA *DSA_new(void)
        {
-        return rsa->meth;
+        return DSA_new_method(NULL);
        }
-int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
+int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
        {
        /* NB: The caller is specifically setting a method, so it's not up to us
         * to deal with which ENGINE it comes from. */
-        const RSA_METHOD *mtmp;
+        const DSA_METHOD *mtmp;
-#ifdef OPENSSL_FIPS
+        mtmp = dsa->meth;
-        if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD))
+        if (mtmp->finish) mtmp->finish(dsa);
-                {
-                RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_METHOD);
-                return 0;
-                }
-#endif
-        mtmp = rsa->meth;
-        if (mtmp->finish) mtmp->finish(rsa);
 #ifndef OPENSSL_NO_ENGINE
-        if (rsa->engine)
+        if (dsa->engine)
                {
-                ENGINE_finish(rsa->engine);
+                ENGINE_finish(dsa->engine);
-                rsa->engine = NULL;
+                dsa->engine = NULL;
                }
 #endif
-        rsa->meth = meth;
+        dsa->meth = meth;
-        if (meth->init) meth->init(rsa);
+        if (meth->init) meth->init(dsa);
-        return 1;
+        return 1;
        }
-RSA *RSA_new_method(ENGINE *engine)
+DSA *DSA_new_method(ENGINE *engine)
        {
-        RSA *ret;
+        DSA *ret;
-        ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
+        ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
        if (ret == NULL)
                {
-                RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
+                DSAerr(DSA_F_DSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
-                return NULL;
+                return(NULL);
                }
+        ret->meth = DSA_get_default_method();
-        ret->meth = RSA_get_default_method();
 #ifndef OPENSSL_NO_ENGINE
        if (engine)
                {
                if (!ENGINE_init(engine))
                        {
-                        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+                        DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
                        OPENSSL_free(ret);
                        return NULL;
                        }
                ret->engine = engine;
                }
        else
-                ret->engine = ENGINE_get_default_RSA();
+                ret->engine = ENGINE_get_default_DSA();
        if(ret->engine)
                {
-                ret->meth = ENGINE_get_RSA(ret->engine);
+                ret->meth = ENGINE_get_DSA(ret->engine);
                if(!ret->meth)
                        {
-                        RSAerr(RSA_F_RSA_NEW_METHOD,
+                        DSAerr(DSA_F_DSA_NEW_METHOD,
                                ERR_R_ENGINE_LIB);
                        ENGINE_finish(ret->engine);
                        OPENSSL_free(ret);
@@ -177,172 +147,165 @@ RSA *RSA_new_method(ENGINE *engine)
                        }
                }
 #endif
-#ifdef OPENSSL_FIPS
-        if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD))
-                {
-                RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_METHOD);
-#ifndef OPENSSL_NO_ENGINE
-                if (ret->engine)
-                        ENGINE_finish(ret->engine);
-#endif
-                OPENSSL_free(ret);
-                return NULL;
-                }
-#endif
        ret->pad=0;
        ret->version=0;
-        ret->n=NULL;
+        ret->write_params=1;
-        ret->e=NULL;
-        ret->d=NULL;
        ret->p=NULL;
        ret->q=NULL;
-        ret->dmp1=NULL;
+        ret->g=NULL;
-        ret->dmq1=NULL;
-        ret->iqmp=NULL;
+        ret->pub_key=NULL;
+        ret->priv_key=NULL;
+        ret->kinv=NULL;
+        ret->r=NULL;
+        ret->method_mont_p=NULL;
        ret->references=1;
-        ret->_method_mod_n=NULL;
-        ret->_method_mod_p=NULL;
-        ret->_method_mod_q=NULL;
-        ret->blinding=NULL;
-        ret->mt_blinding=NULL;
-        ret->bignum_data=NULL;
        ret->flags=ret->meth->flags;
-        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
                {
 #ifndef OPENSSL_NO_ENGINE
                if (ret->engine)
                        ENGINE_finish(ret->engine);
 #endif
-                CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+                CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
                OPENSSL_free(ret);
                ret=NULL;
                }
+        
        return(ret);
        }
-void RSA_free(RSA *r)
+void DSA_free(DSA *r)
        {
        int i;
        if (r == NULL) return;
-        i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
+        i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
 #ifdef REF_PRINT
-        REF_PRINT("RSA",r);
+        REF_PRINT("DSA",r);
 #endif
        if (i > 0) return;
 #ifdef REF_CHECK
        if (i < 0)
                {
-                fprintf(stderr,"RSA_free, bad reference count\n");
+                fprintf(stderr,"DSA_free, bad reference count\n");
                abort();
                }
 #endif
-        if (r->meth->finish)
+        if(r->meth->finish)
                r->meth->finish(r);
 #ifndef OPENSSL_NO_ENGINE
-        if (r->engine)
+        if(r->engine)
                ENGINE_finish(r->engine);
 #endif
-        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
-        if (r->n != NULL) BN_clear_free(r->n);
-        if (r->e != NULL) BN_clear_free(r->e);
-        if (r->d != NULL) BN_clear_free(r->d);
        if (r->p != NULL) BN_clear_free(r->p);
        if (r->q != NULL) BN_clear_free(r->q);
-        if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
+        if (r->g != NULL) BN_clear_free(r->g);
-        if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
+        if (r->pub_key != NULL) BN_clear_free(r->pub_key);
-        if (r->iqmp != NULL) BN_clear_free(r->iqmp);
+        if (r->priv_key != NULL) BN_clear_free(r->priv_key);
-        if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
+        if (r->kinv != NULL) BN_clear_free(r->kinv);
-        if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding);
+        if (r->r != NULL) BN_clear_free(r->r);
-        if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
        OPENSSL_free(r);
        }
-int RSA_up_ref(RSA *r)
+int DSA_up_ref(DSA *r)
        {
-        int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
+        int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
 #ifdef REF_PRINT
-        REF_PRINT("RSA",r);
+        REF_PRINT("DSA",r);
 #endif
 #ifdef REF_CHECK
        if (i < 2)
                {
-                fprintf(stderr, "RSA_up_ref, bad reference count\n");
+                fprintf(stderr, "DSA_up_ref, bad reference count\n");
                abort();
                }
 #endif
        return ((i > 1) ? 1 : 0);
        }
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+int DSA_size(const DSA *r)
+        {
+        int ret,i;
+        ASN1_INTEGER bs;
+        unsigned char buf[4];   /* 4 bytes looks really small.
+                                   However, i2d_ASN1_INTEGER() will not look
+                                   beyond the first byte, as long as the second
+                                   parameter is NULL. */
+        i=BN_num_bits(r->q);
+        bs.length=(i+7)/8;
+        bs.data=buf;
+        bs.type=V_ASN1_INTEGER;
+        /* If the top bit is set the asn1 encoding is 1 larger. */
+        buf[0]=0xff;    
+        i=i2d_ASN1_INTEGER(&bs,NULL);
+        i+=i; /* r and s */
+        ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+        return(ret);
+        }
+int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
             CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
        {
-        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
+        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
                                new_func, dup_func, free_func);
        }
-int RSA_set_ex_data(RSA *r, int idx, void *arg)
+int DSA_set_ex_data(DSA *d, int idx, void *arg)
        {
-        return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
+        return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
        }
-void *RSA_get_ex_data(const RSA *r, int idx)
+void *DSA_get_ex_data(DSA *d, int idx)
        {
-        return(CRYPTO_get_ex_data(&r->ex_data,idx));
+        return(CRYPTO_get_ex_data(&d->ex_data,idx));
        }
-int RSA_flags(const RSA *r)
+#ifndef OPENSSL_NO_DH
+DH *DSA_dup_DH(const DSA *r)
        {
-        return((r == NULL)?0:r->meth->flags);
+        /* DSA has p, q, g, optional pub_key, optional priv_key.
-        }
+         * DH has p, optional length, g, optional pub_key, optional priv_key.
+         */ 
-int RSA_memory_lock(RSA *r)
+        DH *ret = NULL;
-        {
-        int i,j,k,off;
+        if (r == NULL)
-        char *p;
+                goto err;
-        BIGNUM *bn,**t[6],*b;
+        ret = DH_new();
-        BN_ULONG *ul;
+        if (ret == NULL)
+                goto err;
-        if (r->d == NULL) return(1);
+        if (r->p != NULL) 
-        t[0]= &r->d;
+                if ((ret->p = BN_dup(r->p)) == NULL)
-        t[1]= &r->p;
+                        goto err;
-        t[2]= &r->q;
+        if (r->q != NULL)
-        t[3]= &r->dmp1;
+                ret->length = BN_num_bits(r->q);
-        t[4]= &r->dmq1;
+        if (r->g != NULL)
-        t[5]= &r->iqmp;
+                if ((ret->g = BN_dup(r->g)) == NULL)
-        k=sizeof(BIGNUM)*6;
+                        goto err;
-        off=k/sizeof(BN_ULONG)+1;
+        if (r->pub_key != NULL)
-        j=1;
+                if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
-        for (i=0; i<6; i++)
+                        goto err;
-                j+= (*t[i])->top;
+        if (r->priv_key != NULL)
-        if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
+                if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
-                {
+                        goto err;
-                RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
-                return(0);
-                }
-        bn=(BIGNUM *)p;
-        ul=(BN_ULONG *)&(p[off]);
-        for (i=0; i<6; i++)
-                {
-                b= *(t[i]);
-                *(t[i])= &(bn[i]);
-                memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
-                bn[i].flags=BN_FLG_STATIC_DATA;
-                bn[i].d=ul;
-                memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
-                ul+=b->top;
-                BN_clear_free(b);
-                }
-        
-        /* I should fix this so it can still be done */
-        r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
-        r->bignum_data=p;
+        return ret;
-        return(1);
+ err:
+        if (ret != NULL)
+                DH_free(ret);
+        return NULL;
        }
+#endif

diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eng.c b/src/lib/libcrypto/dsa/dsa_lib.c index 383a7045b2..e9b75902db 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_eng.c +++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
1	/* crypto/rsa/rsa_lib.c */	1	/* crypto/dsa/dsa_lib.c */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -56,120 +56,90 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
		59	/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
		60
59	#include <stdio.h>	61	#include <stdio.h>
60	#include <openssl/crypto.h>
61	#include "cryptlib.h"	62	#include "cryptlib.h"
62	#include <openssl/lhash.h>
63	#include <openssl/bn.h>	63	#include <openssl/bn.h>
64	#include <openssl/rsa.h>	64	#include <openssl/dsa.h>
65	#include <openssl/rand.h>	65	#include <openssl/asn1.h>
66	#ifndef OPENSSL_NO_ENGINE	66	#ifndef OPENSSL_NO_ENGINE
67	#include <openssl/engine.h>	67	#include <openssl/engine.h>
68	#endif	68	#endif
		69	#ifndef OPENSSL_NO_DH
		70	#include <openssl/dh.h>
		71	#endif
69		72
70	const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;	73	const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
71
72	static const RSA_METHOD *default_RSA_meth=NULL;
73
74	RSA *RSA_new(void)
75	{
76	RSA *r=RSA_new_method(NULL);
77		74
78	return r;	75	static const DSA_METHOD *default_DSA_method = NULL;
79	}
80		76
81	void RSA_set_default_method(const RSA_METHOD *meth)	77	void DSA_set_default_method(const DSA_METHOD *meth)
82	{	78	{
83	#ifdef OPENSSL_FIPS	79	default_DSA_method = meth;
84	if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD))
85	{
86	RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_METHOD);
87	return;
88	}
89	#endif
90	default_RSA_meth = meth;
91	}	80	}
92		81
93	const RSA_METHOD *RSA_get_default_method(void)	82	const DSA_METHOD *DSA_get_default_method(void)
94	{	83	{
95	if (default_RSA_meth == NULL)	84	if(!default_DSA_method)
96	{	85	default_DSA_method = DSA_OpenSSL();
97	#ifdef RSA_NULL	86	return default_DSA_method;
98	default_RSA_meth=RSA_null_method();
99	#else
100	#if 0 /* was: #ifdef RSAref */
101	default_RSA_meth=RSA_PKCS1_RSAref();
102	#else
103	default_RSA_meth=RSA_PKCS1_SSLeay();
104	#endif
105	#endif
106	}
107
108	return default_RSA_meth;
109	}	87	}
110		88
111	const RSA_METHOD RSA_get_method(const RSA rsa)	89	DSA *DSA_new(void)
112	{	90	{
113	return rsa->meth;	91	return DSA_new_method(NULL);
114	}	92	}
115		93
116	int RSA_set_method(RSA rsa, const RSA_METHOD meth)	94	int DSA_set_method(DSA dsa, const DSA_METHOD meth)
117	{	95	{
118	/* NB: The caller is specifically setting a method, so it's not up to us	96	/* NB: The caller is specifically setting a method, so it's not up to us
119	* to deal with which ENGINE it comes from. */	97	* to deal with which ENGINE it comes from. */
120	const RSA_METHOD *mtmp;	98	const DSA_METHOD *mtmp;
121	#ifdef OPENSSL_FIPS	99	mtmp = dsa->meth;
122	if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD))	100	if (mtmp->finish) mtmp->finish(dsa);
123	{
124	RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_METHOD);
125	return 0;
126	}
127	#endif
128	mtmp = rsa->meth;
129	if (mtmp->finish) mtmp->finish(rsa);
130	#ifndef OPENSSL_NO_ENGINE	101	#ifndef OPENSSL_NO_ENGINE
131	if (rsa->engine)	102	if (dsa->engine)
132	{	103	{
133	ENGINE_finish(rsa->engine);	104	ENGINE_finish(dsa->engine);
134	rsa->engine = NULL;	105	dsa->engine = NULL;
135	}	106	}
136	#endif	107	#endif
137	rsa->meth = meth;	108	dsa->meth = meth;
138	if (meth->init) meth->init(rsa);	109	if (meth->init) meth->init(dsa);
139	return 1;	110	return 1;
140	}	111	}
141		112
142	RSA RSA_new_method(ENGINE engine)	113	DSA DSA_new_method(ENGINE engine)
143	{	114	{
144	RSA *ret;	115	DSA *ret;
145		116
146	ret=(RSA *)OPENSSL_malloc(sizeof(RSA));	117	ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
147	if (ret == NULL)	118	if (ret == NULL)
148	{	119	{
149	RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);	120	DSAerr(DSA_F_DSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
150	return NULL;	121	return(NULL);
151	}	122	}
152		123	ret->meth = DSA_get_default_method();
153	ret->meth = RSA_get_default_method();
154	#ifndef OPENSSL_NO_ENGINE	124	#ifndef OPENSSL_NO_ENGINE
155	if (engine)	125	if (engine)
156	{	126	{
157	if (!ENGINE_init(engine))	127	if (!ENGINE_init(engine))
158	{	128	{
159	RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);	129	DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
160	OPENSSL_free(ret);	130	OPENSSL_free(ret);
161	return NULL;	131	return NULL;
162	}	132	}
163	ret->engine = engine;	133	ret->engine = engine;
164	}	134	}
165	else	135	else
166	ret->engine = ENGINE_get_default_RSA();	136	ret->engine = ENGINE_get_default_DSA();
167	if(ret->engine)	137	if(ret->engine)
168	{	138	{
169	ret->meth = ENGINE_get_RSA(ret->engine);	139	ret->meth = ENGINE_get_DSA(ret->engine);
170	if(!ret->meth)	140	if(!ret->meth)
171	{	141	{
172	RSAerr(RSA_F_RSA_NEW_METHOD,	142	DSAerr(DSA_F_DSA_NEW_METHOD,
173	ERR_R_ENGINE_LIB);	143	ERR_R_ENGINE_LIB);
174	ENGINE_finish(ret->engine);	144	ENGINE_finish(ret->engine);
175	OPENSSL_free(ret);	145	OPENSSL_free(ret);
@@ -177,172 +147,165 @@ RSA RSA_new_method(ENGINE engine)
177	}	147	}
178	}	148	}
179	#endif	149	#endif
180	#ifdef OPENSSL_FIPS
181	if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD))
182	{
183	RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_METHOD);
184	#ifndef OPENSSL_NO_ENGINE
185	if (ret->engine)
186	ENGINE_finish(ret->engine);
187	#endif
188	OPENSSL_free(ret);
189	return NULL;
190	}
191	#endif
192		150
193	ret->pad=0;	151	ret->pad=0;
194	ret->version=0;	152	ret->version=0;
195	ret->n=NULL;	153	ret->write_params=1;
196	ret->e=NULL;
197	ret->d=NULL;
198	ret->p=NULL;	154	ret->p=NULL;
199	ret->q=NULL;	155	ret->q=NULL;
200	ret->dmp1=NULL;	156	ret->g=NULL;
201	ret->dmq1=NULL;	157
202	ret->iqmp=NULL;	158	ret->pub_key=NULL;
		159	ret->priv_key=NULL;
		160
		161	ret->kinv=NULL;
		162	ret->r=NULL;
		163	ret->method_mont_p=NULL;
		164
203	ret->references=1;	165	ret->references=1;
204	ret->_method_mod_n=NULL;
205	ret->_method_mod_p=NULL;
206	ret->_method_mod_q=NULL;
207	ret->blinding=NULL;
208	ret->mt_blinding=NULL;
209	ret->bignum_data=NULL;
210	ret->flags=ret->meth->flags;	166	ret->flags=ret->meth->flags;
211	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);	167	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
212	if ((ret->meth->init != NULL) && !ret->meth->init(ret))	168	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
213	{	169	{
214	#ifndef OPENSSL_NO_ENGINE	170	#ifndef OPENSSL_NO_ENGINE
215	if (ret->engine)	171	if (ret->engine)
216	ENGINE_finish(ret->engine);	172	ENGINE_finish(ret->engine);
217	#endif	173	#endif
218	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);	174	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
219	OPENSSL_free(ret);	175	OPENSSL_free(ret);
220	ret=NULL;	176	ret=NULL;
221	}	177	}
		178
222	return(ret);	179	return(ret);
223	}	180	}
224		181
225	void RSA_free(RSA *r)	182	void DSA_free(DSA *r)
226	{	183	{
227	int i;	184	int i;
228		185
229	if (r == NULL) return;	186	if (r == NULL) return;
230		187
231	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);	188	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
232	#ifdef REF_PRINT	189	#ifdef REF_PRINT
233	REF_PRINT("RSA",r);	190	REF_PRINT("DSA",r);
234	#endif	191	#endif
235	if (i > 0) return;	192	if (i > 0) return;
236	#ifdef REF_CHECK	193	#ifdef REF_CHECK
237	if (i < 0)	194	if (i < 0)
238	{	195	{
239	fprintf(stderr,"RSA_free, bad reference count\n");	196	fprintf(stderr,"DSA_free, bad reference count\n");
240	abort();	197	abort();
241	}	198	}
242	#endif	199	#endif
243		200
244	if (r->meth->finish)	201	if(r->meth->finish)
245	r->meth->finish(r);	202	r->meth->finish(r);
246	#ifndef OPENSSL_NO_ENGINE	203	#ifndef OPENSSL_NO_ENGINE
247	if (r->engine)	204	if(r->engine)
248	ENGINE_finish(r->engine);	205	ENGINE_finish(r->engine);
249	#endif	206	#endif
250		207
251	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);	208	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
252		209
253	if (r->n != NULL) BN_clear_free(r->n);
254	if (r->e != NULL) BN_clear_free(r->e);
255	if (r->d != NULL) BN_clear_free(r->d);
256	if (r->p != NULL) BN_clear_free(r->p);	210	if (r->p != NULL) BN_clear_free(r->p);
257	if (r->q != NULL) BN_clear_free(r->q);	211	if (r->q != NULL) BN_clear_free(r->q);
258	if (r->dmp1 != NULL) BN_clear_free(r->dmp1);	212	if (r->g != NULL) BN_clear_free(r->g);
259	if (r->dmq1 != NULL) BN_clear_free(r->dmq1);	213	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
260	if (r->iqmp != NULL) BN_clear_free(r->iqmp);	214	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
261	if (r->blinding != NULL) BN_BLINDING_free(r->blinding);	215	if (r->kinv != NULL) BN_clear_free(r->kinv);
262	if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding);	216	if (r->r != NULL) BN_clear_free(r->r);
263	if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
264	OPENSSL_free(r);	217	OPENSSL_free(r);
265	}	218	}
266		219
267	int RSA_up_ref(RSA *r)	220	int DSA_up_ref(DSA *r)
268	{	221	{
269	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);	222	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
270	#ifdef REF_PRINT	223	#ifdef REF_PRINT
271	REF_PRINT("RSA",r);	224	REF_PRINT("DSA",r);
272	#endif	225	#endif
273	#ifdef REF_CHECK	226	#ifdef REF_CHECK
274	if (i < 2)	227	if (i < 2)
275	{	228	{
276	fprintf(stderr, "RSA_up_ref, bad reference count\n");	229	fprintf(stderr, "DSA_up_ref, bad reference count\n");
277	abort();	230	abort();
278	}	231	}
279	#endif	232	#endif
280	return ((i > 1) ? 1 : 0);	233	return ((i > 1) ? 1 : 0);
281	}	234	}
282		235
283	int RSA_get_ex_new_index(long argl, void argp, CRYPTO_EX_new new_func,	236	int DSA_size(const DSA *r)
		237	{
		238	int ret,i;
		239	ASN1_INTEGER bs;
		240	unsigned char buf[4]; /* 4 bytes looks really small.
		241	However, i2d_ASN1_INTEGER() will not look
		242	beyond the first byte, as long as the second
		243	parameter is NULL. */
		244
		245	i=BN_num_bits(r->q);
		246	bs.length=(i+7)/8;
		247	bs.data=buf;
		248	bs.type=V_ASN1_INTEGER;
		249	/* If the top bit is set the asn1 encoding is 1 larger. */
		250	buf[0]=0xff;
		251
		252	i=i2d_ASN1_INTEGER(&bs,NULL);
		253	i+=i; /* r and s */
		254	ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
		255	return(ret);
		256	}
		257
		258	int DSA_get_ex_new_index(long argl, void argp, CRYPTO_EX_new new_func,
284	CRYPTO_EX_dup dup_func, CRYPTO_EX_free free_func)	259	CRYPTO_EX_dup dup_func, CRYPTO_EX_free free_func)
285	{	260	{
286	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,	261	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
287	new_func, dup_func, free_func);	262	new_func, dup_func, free_func);
288	}	263	}
289		264
290	int RSA_set_ex_data(RSA r, int idx, void arg)	265	int DSA_set_ex_data(DSA d, int idx, void arg)
291	{	266	{
292	return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));	267	return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
293	}	268	}
294		269
295	void RSA_get_ex_data(const RSA r, int idx)	270	void DSA_get_ex_data(DSA d, int idx)
296	{	271	{
297	return(CRYPTO_get_ex_data(&r->ex_data,idx));	272	return(CRYPTO_get_ex_data(&d->ex_data,idx));
298	}	273	}
299		274
300	int RSA_flags(const RSA *r)	275	#ifndef OPENSSL_NO_DH
		276	DH DSA_dup_DH(const DSA r)
301	{	277	{
302	return((r == NULL)?0:r->meth->flags);	278	/* DSA has p, q, g, optional pub_key, optional priv_key.
303	}	279	* DH has p, optional length, g, optional pub_key, optional priv_key.
		280	*/
304		281
305	int RSA_memory_lock(RSA *r)	282	DH *ret = NULL;
306	{	283
307	int i,j,k,off;	284	if (r == NULL)
308	char *p;	285	goto err;
309	BIGNUM bn,t[6],b;	286	ret = DH_new();
310	BN_ULONG *ul;	287	if (ret == NULL)
311		288	goto err;
312	if (r->d == NULL) return(1);	289	if (r->p != NULL)
313	t[0]= &r->d;	290	if ((ret->p = BN_dup(r->p)) == NULL)
314	t[1]= &r->p;	291	goto err;
315	t[2]= &r->q;	292	if (r->q != NULL)
316	t[3]= &r->dmp1;	293	ret->length = BN_num_bits(r->q);
317	t[4]= &r->dmq1;	294	if (r->g != NULL)
318	t[5]= &r->iqmp;	295	if ((ret->g = BN_dup(r->g)) == NULL)
319	k=sizeof(BIGNUM)*6;	296	goto err;
320	off=k/sizeof(BN_ULONG)+1;	297	if (r->pub_key != NULL)
321	j=1;	298	if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
322	for (i=0; i<6; i++)	299	goto err;
323	j+= (*t[i])->top;	300	if (r->priv_key != NULL)
324	if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)	301	if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
325	{	302	goto err;
326	RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
327	return(0);
328	}
329	bn=(BIGNUM *)p;
330	ul=(BN_ULONG *)&(p[off]);
331	for (i=0; i<6; i++)
332	{
333	b= *(t[i]);
334	*(t[i])= &(bn[i]);
335	memcpy((char )&(bn[i]),(char )b,sizeof(BIGNUM));
336	bn[i].flags=BN_FLG_STATIC_DATA;
337	bn[i].d=ul;
338	memcpy((char )ul,b->d,sizeof(BN_ULONG)b->top);
339	ul+=b->top;
340	BN_clear_free(b);
341	}
342
343	/* I should fix this so it can still be done */
344	r->flags&= ~(RSA_FLAG_CACHE_PRIVATE\|RSA_FLAG_CACHE_PUBLIC);
345		303
346	r->bignum_data=p;	304	return ret;
347	return(1);	305
		306	err:
		307	if (ret != NULL)
		308	DH_free(ret);
		309	return NULL;
348	}	310	}
		311	#endif