summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/Makefile.ssl171
-rw-r--r--src/lib/libcrypto/dsa/dsa.h250
-rw-r--r--src/lib/libcrypto/dsa/dsa_asn1.c140
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c108
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c296
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c105
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c308
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c348
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c92
-rw-r--r--src/lib/libcrypto/dsa/dsa_vrf.c94
10 files changed, 1912 insertions, 0 deletions
diff --git a/src/lib/libcrypto/dsa/Makefile.ssl b/src/lib/libcrypto/dsa/Makefile.ssl
new file mode 100644
index 0000000000..e5f8a8cf51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/Makefile.ssl
@@ -0,0 +1,171 @@
1#
2# SSLeay/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=dsatest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
27 dsa_err.c dsa_ossl.c
28LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
29 dsa_err.o dsa_ossl.o
30
31SRC= $(LIBSRC)
32
33EXHEADER= dsa.h
34HEADER= $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48files:
49 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
50
51links:
52 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
53 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
54 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
55 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
56
57install:
58 @for i in $(EXHEADER) ; \
59 do \
60 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
61 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
62 done;
63
64tags:
65 ctags $(SRC)
66
67tests:
68
69lint:
70 lint -DLINT $(INCLUDES) $(SRC)>fluff
71
72depend:
73 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
74
75dclean:
76 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
77 mv -f Makefile.new $(MAKEFILE)
78
79clean:
80 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
81
82# DO NOT DELETE THIS LINE -- make depend depends on it.
83
84dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
85dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
86dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
87dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
88dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
89dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
90dsa_asn1.o: ../../include/openssl/opensslconf.h
91dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
92dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
93dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
94dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
95dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
96dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
97dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
98dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
99dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
100dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
101dsa_err.o: dsa_err.c
102dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h
103dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
104dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
105dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
106dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
107dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
108dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
109dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
110dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
111dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
112dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
113dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
114dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
115dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
116dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
117dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
118dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
119dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
120dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
121dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c
122dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
123dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
124dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
125dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
126dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
127dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
128dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
129dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
130dsa_key.o: ../cryptlib.h dsa_key.c
131dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
132dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
133dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
134dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
135dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
136dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
137dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
138dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
139dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
140dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
141dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
142dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
143dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
144dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
145dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
146dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
147dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
148dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
149dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
150dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
151dsa_ossl.o: ../cryptlib.h dsa_ossl.c
152dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
153dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
154dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
155dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
156dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
157dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
158dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
159dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
160dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
161dsa_sign.o: ../cryptlib.h dsa_sign.c
162dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
163dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
164dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
165dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
166dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
167dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
168dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
169dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
170dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
171dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
new file mode 100644
index 0000000000..9b3baadf2c
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -0,0 +1,250 @@
1/* crypto/dsa/dsa.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/*
60 * The DSS routines are based on patches supplied by
61 * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
62 * work and I have just tweaked them a little to fit into my
63 * stylistic vision for SSLeay :-) */
64
65#ifndef HEADER_DSA_H
66#define HEADER_DSA_H
67
68#ifdef OPENSSL_NO_DSA
69#error DSA is disabled.
70#endif
71
72#ifndef OPENSSL_NO_BIO
73#include <openssl/bio.h>
74#endif
75#include <openssl/bn.h>
76#include <openssl/crypto.h>
77#include <openssl/ossl_typ.h>
78#ifndef OPENSSL_NO_DH
79# include <openssl/dh.h>
80#endif
81
82#define DSA_FLAG_CACHE_MONT_P 0x01
83
84#ifdef __cplusplus
85extern "C" {
86#endif
87
88typedef struct dsa_st DSA;
89
90typedef struct DSA_SIG_st
91 {
92 BIGNUM *r;
93 BIGNUM *s;
94 } DSA_SIG;
95
96typedef struct dsa_method {
97 const char *name;
98 DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
99 int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
100 BIGNUM **rp);
101 int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
102 DSA_SIG *sig, DSA *dsa);
103 int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
104 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
105 BN_MONT_CTX *in_mont);
106 int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
107 const BIGNUM *m, BN_CTX *ctx,
108 BN_MONT_CTX *m_ctx); /* Can be null */
109 int (*init)(DSA *dsa);
110 int (*finish)(DSA *dsa);
111 int flags;
112 char *app_data;
113} DSA_METHOD;
114
115struct dsa_st
116 {
117 /* This first variable is used to pick up errors where
118 * a DSA is passed instead of of a EVP_PKEY */
119 int pad;
120 long version;
121 int write_params;
122 BIGNUM *p;
123 BIGNUM *q; /* == 20 */
124 BIGNUM *g;
125
126 BIGNUM *pub_key; /* y public key */
127 BIGNUM *priv_key; /* x private key */
128
129 BIGNUM *kinv; /* Signing pre-calc */
130 BIGNUM *r; /* Signing pre-calc */
131
132 int flags;
133 /* Normally used to cache montgomery values */
134 char *method_mont_p;
135 int references;
136 CRYPTO_EX_DATA ex_data;
137 const DSA_METHOD *meth;
138 /* functional reference if 'meth' is ENGINE-provided */
139 ENGINE *engine;
140 };
141
142#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
143 (char *(*)())d2i_DSAparams,(char *)(x))
144#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
145 (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
146#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
147 (unsigned char *)(x))
148#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
149 (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
150#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
151 (unsigned char *)(x))
152
153
154DSA_SIG * DSA_SIG_new(void);
155void DSA_SIG_free(DSA_SIG *a);
156int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
157DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
158
159DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
160int DSA_do_verify(const unsigned char *dgst,int dgst_len,
161 DSA_SIG *sig,DSA *dsa);
162
163const DSA_METHOD *DSA_OpenSSL(void);
164
165void DSA_set_default_method(const DSA_METHOD *);
166const DSA_METHOD *DSA_get_default_method(void);
167int DSA_set_method(DSA *dsa, const DSA_METHOD *);
168
169DSA * DSA_new(void);
170DSA * DSA_new_method(ENGINE *engine);
171void DSA_free (DSA *r);
172/* "up" the DSA object's reference count */
173int DSA_up_ref(DSA *r);
174int DSA_size(const DSA *);
175 /* next 4 return -1 on error */
176int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
177int DSA_sign(int type,const unsigned char *dgst,int dlen,
178 unsigned char *sig, unsigned int *siglen, DSA *dsa);
179int DSA_verify(int type,const unsigned char *dgst,int dgst_len,
180 const unsigned char *sigbuf, int siglen, DSA *dsa);
181int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
182 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
183int DSA_set_ex_data(DSA *d, int idx, void *arg);
184void *DSA_get_ex_data(DSA *d, int idx);
185
186DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
187DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
188DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
189DSA * DSA_generate_parameters(int bits,
190 unsigned char *seed,int seed_len,
191 int *counter_ret, unsigned long *h_ret,void
192 (*callback)(int, int, void *),void *cb_arg);
193int DSA_generate_key(DSA *a);
194int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
195int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
196int i2d_DSAparams(const DSA *a,unsigned char **pp);
197
198#ifndef OPENSSL_NO_BIO
199int DSAparams_print(BIO *bp, const DSA *x);
200int DSA_print(BIO *bp, const DSA *x, int off);
201#endif
202#ifndef OPENSSL_NO_FP_API
203int DSAparams_print_fp(FILE *fp, const DSA *x);
204int DSA_print_fp(FILE *bp, const DSA *x, int off);
205#endif
206
207#define DSS_prime_checks 50
208/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
209 * 50 rounds of Rabin-Miller */
210#define DSA_is_prime(n, callback, cb_arg) \
211 BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
212
213#ifndef OPENSSL_NO_DH
214/* Convert DSA structure (key or just parameters) into DH structure
215 * (be careful to avoid small subgroup attacks when using this!) */
216DH *DSA_dup_DH(const DSA *r);
217#endif
218
219/* BEGIN ERROR CODES */
220/* The following lines are auto generated by the script mkerr.pl. Any changes
221 * made after this point may be overwritten when the script is next run.
222 */
223void ERR_load_DSA_strings(void);
224
225/* Error codes for the DSA functions. */
226
227/* Function codes. */
228#define DSA_F_D2I_DSA_SIG 110
229#define DSA_F_DSAPARAMS_PRINT 100
230#define DSA_F_DSAPARAMS_PRINT_FP 101
231#define DSA_F_DSA_DO_SIGN 112
232#define DSA_F_DSA_DO_VERIFY 113
233#define DSA_F_DSA_NEW_METHOD 103
234#define DSA_F_DSA_PRINT 104
235#define DSA_F_DSA_PRINT_FP 105
236#define DSA_F_DSA_SIGN 106
237#define DSA_F_DSA_SIGN_SETUP 107
238#define DSA_F_DSA_SIG_NEW 109
239#define DSA_F_DSA_VERIFY 108
240#define DSA_F_I2D_DSA_SIG 111
241#define DSA_F_SIG_CB 114
242
243/* Reason codes. */
244#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
245#define DSA_R_MISSING_PARAMETERS 101
246
247#ifdef __cplusplus
248}
249#endif
250#endif
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
new file mode 100644
index 0000000000..23fce555aa
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_asn1.c
@@ -0,0 +1,140 @@
1/* dsa_asn1.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/dsa.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1t.h>
64
65/* Override the default new methods */
66static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
67{
68 if(operation == ASN1_OP_NEW_PRE) {
69 DSA_SIG *sig;
70 sig = OPENSSL_malloc(sizeof(DSA_SIG));
71 sig->r = NULL;
72 sig->s = NULL;
73 *pval = (ASN1_VALUE *)sig;
74 if(sig) return 2;
75 DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
76 return 0;
77 }
78 return 1;
79}
80
81ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
82 ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
83 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
84} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
85
86IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
87
88/* Override the default free and new methods */
89static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
90{
91 if(operation == ASN1_OP_NEW_PRE) {
92 *pval = (ASN1_VALUE *)DSA_new();
93 if(*pval) return 2;
94 return 0;
95 } else if(operation == ASN1_OP_FREE_PRE) {
96 DSA_free((DSA *)*pval);
97 *pval = NULL;
98 return 2;
99 }
100 return 1;
101}
102
103ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
104 ASN1_SIMPLE(DSA, version, LONG),
105 ASN1_SIMPLE(DSA, p, BIGNUM),
106 ASN1_SIMPLE(DSA, q, BIGNUM),
107 ASN1_SIMPLE(DSA, g, BIGNUM),
108 ASN1_SIMPLE(DSA, pub_key, BIGNUM),
109 ASN1_SIMPLE(DSA, priv_key, BIGNUM)
110} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
111
112IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey)
113
114ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
115 ASN1_SIMPLE(DSA, p, BIGNUM),
116 ASN1_SIMPLE(DSA, q, BIGNUM),
117 ASN1_SIMPLE(DSA, g, BIGNUM),
118} ASN1_SEQUENCE_END_cb(DSA, DSAparams)
119
120IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams)
121
122/* DSA public key is a bit trickier... its effectively a CHOICE type
123 * decided by a field called write_params which can either write out
124 * just the public key as an INTEGER or the parameters and public key
125 * in a SEQUENCE
126 */
127
128ASN1_SEQUENCE(dsa_pub_internal) = {
129 ASN1_SIMPLE(DSA, pub_key, BIGNUM),
130 ASN1_SIMPLE(DSA, p, BIGNUM),
131 ASN1_SIMPLE(DSA, q, BIGNUM),
132 ASN1_SIMPLE(DSA, g, BIGNUM)
133} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal)
134
135ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
136 ASN1_SIMPLE(DSA, pub_key, BIGNUM),
137 ASN1_EX_COMBINE(0, 0, dsa_pub_internal)
138} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params)
139
140IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
new file mode 100644
index 0000000000..79aa4ff526
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_err.c
@@ -0,0 +1,108 @@
1/* crypto/dsa/dsa_err.c */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dsa.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67static ERR_STRING_DATA DSA_str_functs[]=
68 {
69{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"},
70{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
71{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
72{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"},
73{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"},
74{ERR_PACK(0,DSA_F_DSA_NEW_METHOD,0), "DSA_new_method"},
75{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
76{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
77{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
78{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
79{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"},
80{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
81{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"},
82{ERR_PACK(0,DSA_F_SIG_CB,0), "SIG_CB"},
83{0,NULL}
84 };
85
86static ERR_STRING_DATA DSA_str_reasons[]=
87 {
88{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
89{DSA_R_MISSING_PARAMETERS ,"missing parameters"},
90{0,NULL}
91 };
92
93#endif
94
95void ERR_load_DSA_strings(void)
96 {
97 static int init=1;
98
99 if (init)
100 {
101 init=0;
102#ifndef OPENSSL_NO_ERR
103 ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
104 ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
105#endif
106
107 }
108 }
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
new file mode 100644
index 0000000000..dc9c249310
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -0,0 +1,296 @@
1/* crypto/dsa/dsa_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#undef GENUINE_DSA
60
61#ifdef GENUINE_DSA
62/* Parameter generation follows the original release of FIPS PUB 186,
63 * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */
64#define HASH EVP_sha()
65#else
66/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
67 * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in
68 * FIPS PUB 180-1) */
69#define HASH EVP_sha1()
70#endif
71
72#ifndef OPENSSL_NO_SHA
73
74#include <stdio.h>
75#include <time.h>
76#include "cryptlib.h"
77#include <openssl/evp.h>
78#include <openssl/bn.h>
79#include <openssl/dsa.h>
80#include <openssl/rand.h>
81#include <openssl/sha.h>
82
83DSA *DSA_generate_parameters(int bits,
84 unsigned char *seed_in, int seed_len,
85 int *counter_ret, unsigned long *h_ret,
86 void (*callback)(int, int, void *),
87 void *cb_arg)
88 {
89 int ok=0;
90 unsigned char seed[SHA_DIGEST_LENGTH];
91 unsigned char md[SHA_DIGEST_LENGTH];
92 unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
93 BIGNUM *r0,*W,*X,*c,*test;
94 BIGNUM *g=NULL,*q=NULL,*p=NULL;
95 BN_MONT_CTX *mont=NULL;
96 int k,n=0,i,b,m=0;
97 int counter=0;
98 int r=0;
99 BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
100 unsigned int h=2;
101 DSA *ret=NULL;
102
103 if (bits < 512) bits=512;
104 bits=(bits+63)/64*64;
105
106 if (seed_len < 20)
107 seed_in = NULL; /* seed buffer too small -- ignore */
108 if (seed_len > 20)
109 seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
110 * but our internal buffers are restricted to 160 bits*/
111 if ((seed_in != NULL) && (seed_len == 20))
112 memcpy(seed,seed_in,seed_len);
113
114 if ((ctx=BN_CTX_new()) == NULL) goto err;
115 if ((ctx2=BN_CTX_new()) == NULL) goto err;
116 if ((ctx3=BN_CTX_new()) == NULL) goto err;
117 if ((ret=DSA_new()) == NULL) goto err;
118
119 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
120
121 BN_CTX_start(ctx2);
122 r0 = BN_CTX_get(ctx2);
123 g = BN_CTX_get(ctx2);
124 W = BN_CTX_get(ctx2);
125 q = BN_CTX_get(ctx2);
126 X = BN_CTX_get(ctx2);
127 c = BN_CTX_get(ctx2);
128 p = BN_CTX_get(ctx2);
129 test = BN_CTX_get(ctx2);
130
131 BN_lshift(test,BN_value_one(),bits-1);
132
133 for (;;)
134 {
135 for (;;) /* find q */
136 {
137 int seed_is_random;
138
139 /* step 1 */
140 if (callback != NULL) callback(0,m++,cb_arg);
141
142 if (!seed_len)
143 {
144 RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH);
145 seed_is_random = 1;
146 }
147 else
148 {
149 seed_is_random = 0;
150 seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/
151 }
152 memcpy(buf,seed,SHA_DIGEST_LENGTH);
153 memcpy(buf2,seed,SHA_DIGEST_LENGTH);
154 /* precompute "SEED + 1" for step 7: */
155 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
156 {
157 buf[i]++;
158 if (buf[i] != 0) break;
159 }
160
161 /* step 2 */
162 EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
163 EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL);
164 for (i=0; i<SHA_DIGEST_LENGTH; i++)
165 md[i]^=buf2[i];
166
167 /* step 3 */
168 md[0]|=0x80;
169 md[SHA_DIGEST_LENGTH-1]|=0x01;
170 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
171
172 /* step 4 */
173 r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
174 if (r > 0)
175 break;
176 if (r != 0)
177 goto err;
178
179 /* do a callback call */
180 /* step 5 */
181 }
182
183 if (callback != NULL) callback(2,0,cb_arg);
184 if (callback != NULL) callback(3,0,cb_arg);
185
186 /* step 6 */
187 counter=0;
188 /* "offset = 2" */
189
190 n=(bits-1)/160;
191 b=(bits-1)-n*160;
192
193 for (;;)
194 {
195 if (callback != NULL && counter != 0)
196 callback(0,counter,cb_arg);
197
198 /* step 7 */
199 BN_zero(W);
200 /* now 'buf' contains "SEED + offset - 1" */
201 for (k=0; k<=n; k++)
202 {
203 /* obtain "SEED + offset + k" by incrementing: */
204 for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
205 {
206 buf[i]++;
207 if (buf[i] != 0) break;
208 }
209
210 EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL);
211
212 /* step 8 */
213 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0))
214 goto err;
215 BN_lshift(r0,r0,160*k);
216 BN_add(W,W,r0);
217 }
218
219 /* more of step 8 */
220 BN_mask_bits(W,bits-1);
221 BN_copy(X,W); /* this should be ok */
222 BN_add(X,X,test); /* this should be ok */
223
224 /* step 9 */
225 BN_lshift1(r0,q);
226 BN_mod(c,X,r0,ctx);
227 BN_sub(r0,c,BN_value_one());
228 BN_sub(p,X,r0);
229
230 /* step 10 */
231 if (BN_cmp(p,test) >= 0)
232 {
233 /* step 11 */
234 r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
235 if (r > 0)
236 goto end; /* found it */
237 if (r != 0)
238 goto err;
239 }
240
241 /* step 13 */
242 counter++;
243 /* "offset = offset + n + 1" */
244
245 /* step 14 */
246 if (counter >= 4096) break;
247 }
248 }
249end:
250 if (callback != NULL) callback(2,1,cb_arg);
251
252 /* We now need to generate g */
253 /* Set r0=(p-1)/q */
254 BN_sub(test,p,BN_value_one());
255 BN_div(r0,NULL,test,q,ctx);
256
257 BN_set_word(test,h);
258 BN_MONT_CTX_set(mont,p,ctx);
259
260 for (;;)
261 {
262 /* g=test^r0%p */
263 BN_mod_exp_mont(g,test,r0,p,ctx,mont);
264 if (!BN_is_one(g)) break;
265 BN_add(test,test,BN_value_one());
266 h++;
267 }
268
269 if (callback != NULL) callback(3,1,cb_arg);
270
271 ok=1;
272err:
273 if (!ok)
274 {
275 if (ret != NULL) DSA_free(ret);
276 }
277 else
278 {
279 ret->p=BN_dup(p);
280 ret->q=BN_dup(q);
281 ret->g=BN_dup(g);
282 if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
283 if (counter_ret != NULL) *counter_ret=counter;
284 if (h_ret != NULL) *h_ret=h;
285 }
286 if (ctx != NULL) BN_CTX_free(ctx);
287 if (ctx2 != NULL)
288 {
289 BN_CTX_end(ctx2);
290 BN_CTX_free(ctx2);
291 }
292 if (ctx3 != NULL) BN_CTX_free(ctx3);
293 if (mont != NULL) BN_MONT_CTX_free(mont);
294 return(ok?ret:NULL);
295 }
296#endif
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
new file mode 100644
index 0000000000..ef87c3e637
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_key.c
@@ -0,0 +1,105 @@
1/* crypto/dsa/dsa_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef OPENSSL_NO_SHA
60#include <stdio.h>
61#include <time.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66
67int DSA_generate_key(DSA *dsa)
68 {
69 int ok=0;
70 BN_CTX *ctx=NULL;
71 BIGNUM *pub_key=NULL,*priv_key=NULL;
72
73 if ((ctx=BN_CTX_new()) == NULL) goto err;
74
75 if (dsa->priv_key == NULL)
76 {
77 if ((priv_key=BN_new()) == NULL) goto err;
78 }
79 else
80 priv_key=dsa->priv_key;
81
82 do
83 if (!BN_rand_range(priv_key,dsa->q)) goto err;
84 while (BN_is_zero(priv_key));
85
86 if (dsa->pub_key == NULL)
87 {
88 if ((pub_key=BN_new()) == NULL) goto err;
89 }
90 else
91 pub_key=dsa->pub_key;
92
93 if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
94
95 dsa->priv_key=priv_key;
96 dsa->pub_key=pub_key;
97 ok=1;
98
99err:
100 if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
101 if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
102 if (ctx != NULL) BN_CTX_free(ctx);
103 return(ok);
104 }
105#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
new file mode 100644
index 0000000000..4171af24c6
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -0,0 +1,308 @@
1/* crypto/dsa/dsa_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/asn1.h>
66#ifndef OPENSSL_NO_ENGINE
67#include <openssl/engine.h>
68#endif
69
70const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
71
72static const DSA_METHOD *default_DSA_method = NULL;
73
74void DSA_set_default_method(const DSA_METHOD *meth)
75 {
76 default_DSA_method = meth;
77 }
78
79const DSA_METHOD *DSA_get_default_method(void)
80 {
81 if(!default_DSA_method)
82 default_DSA_method = DSA_OpenSSL();
83 return default_DSA_method;
84 }
85
86DSA *DSA_new(void)
87 {
88 return DSA_new_method(NULL);
89 }
90
91int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
92 {
93 /* NB: The caller is specifically setting a method, so it's not up to us
94 * to deal with which ENGINE it comes from. */
95 const DSA_METHOD *mtmp;
96 mtmp = dsa->meth;
97 if (mtmp->finish) mtmp->finish(dsa);
98#ifndef OPENSSL_NO_ENGINE
99 if (dsa->engine)
100 {
101 ENGINE_finish(dsa->engine);
102 dsa->engine = NULL;
103 }
104#endif
105 dsa->meth = meth;
106 if (meth->init) meth->init(dsa);
107 return 1;
108 }
109
110DSA *DSA_new_method(ENGINE *engine)
111 {
112 DSA *ret;
113
114 ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
115 if (ret == NULL)
116 {
117 DSAerr(DSA_F_DSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
118 return(NULL);
119 }
120 ret->meth = DSA_get_default_method();
121#ifndef OPENSSL_NO_ENGINE
122 if (engine)
123 {
124 if (!ENGINE_init(engine))
125 {
126 DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
127 OPENSSL_free(ret);
128 return NULL;
129 }
130 ret->engine = engine;
131 }
132 else
133 ret->engine = ENGINE_get_default_DSA();
134 if(ret->engine)
135 {
136 ret->meth = ENGINE_get_DSA(ret->engine);
137 if(!ret->meth)
138 {
139 DSAerr(DSA_F_DSA_NEW_METHOD,
140 ERR_R_ENGINE_LIB);
141 ENGINE_finish(ret->engine);
142 OPENSSL_free(ret);
143 return NULL;
144 }
145 }
146#endif
147
148 ret->pad=0;
149 ret->version=0;
150 ret->write_params=1;
151 ret->p=NULL;
152 ret->q=NULL;
153 ret->g=NULL;
154
155 ret->pub_key=NULL;
156 ret->priv_key=NULL;
157
158 ret->kinv=NULL;
159 ret->r=NULL;
160 ret->method_mont_p=NULL;
161
162 ret->references=1;
163 ret->flags=ret->meth->flags;
164 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
165 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
166 {
167#ifndef OPENSSL_NO_ENGINE
168 if (ret->engine)
169 ENGINE_finish(ret->engine);
170#endif
171 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
172 OPENSSL_free(ret);
173 ret=NULL;
174 }
175
176 return(ret);
177 }
178
179void DSA_free(DSA *r)
180 {
181 int i;
182
183 if (r == NULL) return;
184
185 i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
186#ifdef REF_PRINT
187 REF_PRINT("DSA",r);
188#endif
189 if (i > 0) return;
190#ifdef REF_CHECK
191 if (i < 0)
192 {
193 fprintf(stderr,"DSA_free, bad reference count\n");
194 abort();
195 }
196#endif
197
198 if(r->meth->finish)
199 r->meth->finish(r);
200#ifndef OPENSSL_NO_ENGINE
201 if(r->engine)
202 ENGINE_finish(r->engine);
203#endif
204
205 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
206
207 if (r->p != NULL) BN_clear_free(r->p);
208 if (r->q != NULL) BN_clear_free(r->q);
209 if (r->g != NULL) BN_clear_free(r->g);
210 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
211 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
212 if (r->kinv != NULL) BN_clear_free(r->kinv);
213 if (r->r != NULL) BN_clear_free(r->r);
214 OPENSSL_free(r);
215 }
216
217int DSA_up_ref(DSA *r)
218 {
219 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
220#ifdef REF_PRINT
221 REF_PRINT("DSA",r);
222#endif
223#ifdef REF_CHECK
224 if (i < 2)
225 {
226 fprintf(stderr, "DSA_up_ref, bad reference count\n");
227 abort();
228 }
229#endif
230 return ((i > 1) ? 1 : 0);
231 }
232
233int DSA_size(const DSA *r)
234 {
235 int ret,i;
236 ASN1_INTEGER bs;
237 unsigned char buf[4]; /* 4 bytes looks really small.
238 However, i2d_ASN1_INTEGER() will not look
239 beyond the first byte, as long as the second
240 parameter is NULL. */
241
242 i=BN_num_bits(r->q);
243 bs.length=(i+7)/8;
244 bs.data=buf;
245 bs.type=V_ASN1_INTEGER;
246 /* If the top bit is set the asn1 encoding is 1 larger. */
247 buf[0]=0xff;
248
249 i=i2d_ASN1_INTEGER(&bs,NULL);
250 i+=i; /* r and s */
251 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
252 return(ret);
253 }
254
255int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
256 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
257 {
258 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
259 new_func, dup_func, free_func);
260 }
261
262int DSA_set_ex_data(DSA *d, int idx, void *arg)
263 {
264 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
265 }
266
267void *DSA_get_ex_data(DSA *d, int idx)
268 {
269 return(CRYPTO_get_ex_data(&d->ex_data,idx));
270 }
271
272#ifndef OPENSSL_NO_DH
273DH *DSA_dup_DH(const DSA *r)
274 {
275 /* DSA has p, q, g, optional pub_key, optional priv_key.
276 * DH has p, optional length, g, optional pub_key, optional priv_key.
277 */
278
279 DH *ret = NULL;
280
281 if (r == NULL)
282 goto err;
283 ret = DH_new();
284 if (ret == NULL)
285 goto err;
286 if (r->p != NULL)
287 if ((ret->p = BN_dup(r->p)) == NULL)
288 goto err;
289 if (r->q != NULL)
290 ret->length = BN_num_bits(r->q);
291 if (r->g != NULL)
292 if ((ret->g = BN_dup(r->g)) == NULL)
293 goto err;
294 if (r->pub_key != NULL)
295 if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
296 goto err;
297 if (r->priv_key != NULL)
298 if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
299 goto err;
300
301 return ret;
302
303 err:
304 if (ret != NULL)
305 DH_free(ret);
306 return NULL;
307 }
308#endif
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
new file mode 100644
index 0000000000..b9e7f3ea5c
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -0,0 +1,348 @@
1/* crypto/dsa/dsa_ossl.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67
68static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
69static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
70static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
71 DSA *dsa);
72static int dsa_init(DSA *dsa);
73static int dsa_finish(DSA *dsa);
74static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
75 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
76 BN_MONT_CTX *in_mont);
77static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
78 const BIGNUM *m, BN_CTX *ctx,
79 BN_MONT_CTX *m_ctx);
80
81static DSA_METHOD openssl_dsa_meth = {
82"OpenSSL DSA method",
83dsa_do_sign,
84dsa_sign_setup,
85dsa_do_verify,
86dsa_mod_exp,
87dsa_bn_mod_exp,
88dsa_init,
89dsa_finish,
900,
91NULL
92};
93
94const DSA_METHOD *DSA_OpenSSL(void)
95{
96 return &openssl_dsa_meth;
97}
98
99static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
100 {
101 BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
102 BIGNUM m;
103 BIGNUM xr;
104 BN_CTX *ctx=NULL;
105 int i,reason=ERR_R_BN_LIB;
106 DSA_SIG *ret=NULL;
107
108 BN_init(&m);
109 BN_init(&xr);
110
111 if (!dsa->p || !dsa->q || !dsa->g)
112 {
113 reason=DSA_R_MISSING_PARAMETERS;
114 goto err;
115 }
116
117 s=BN_new();
118 if (s == NULL) goto err;
119
120 i=BN_num_bytes(dsa->q); /* should be 20 */
121 if ((dlen > i) || (dlen > 50))
122 {
123 reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
124 goto err;
125 }
126
127 ctx=BN_CTX_new();
128 if (ctx == NULL) goto err;
129
130 if ((dsa->kinv == NULL) || (dsa->r == NULL))
131 {
132 if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
133 }
134 else
135 {
136 kinv=dsa->kinv;
137 dsa->kinv=NULL;
138 r=dsa->r;
139 dsa->r=NULL;
140 }
141
142 if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
143
144 /* Compute s = inv(k) (m + xr) mod q */
145 if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
146 if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
147 if (BN_cmp(s,dsa->q) > 0)
148 BN_sub(s,s,dsa->q);
149 if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
150
151 ret=DSA_SIG_new();
152 if (ret == NULL) goto err;
153 ret->r = r;
154 ret->s = s;
155
156err:
157 if (!ret)
158 {
159 DSAerr(DSA_F_DSA_DO_SIGN,reason);
160 BN_free(r);
161 BN_free(s);
162 }
163 if (ctx != NULL) BN_CTX_free(ctx);
164 BN_clear_free(&m);
165 BN_clear_free(&xr);
166 if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
167 BN_clear_free(kinv);
168 return(ret);
169 }
170
171static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
172 {
173 BN_CTX *ctx;
174 BIGNUM k,*kinv=NULL,*r=NULL;
175 int ret=0;
176
177 if (!dsa->p || !dsa->q || !dsa->g)
178 {
179 DSAerr(DSA_F_DSA_SIGN_SETUP,DSA_R_MISSING_PARAMETERS);
180 return 0;
181 }
182
183 BN_init(&k);
184
185 if (ctx_in == NULL)
186 {
187 if ((ctx=BN_CTX_new()) == NULL) goto err;
188 }
189 else
190 ctx=ctx_in;
191
192 if ((r=BN_new()) == NULL) goto err;
193 kinv=NULL;
194
195 /* Get random k */
196 do
197 if (!BN_rand_range(&k, dsa->q)) goto err;
198 while (BN_is_zero(&k));
199
200 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
201 {
202 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
203 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
204 dsa->p,ctx)) goto err;
205 }
206
207 /* Compute r = (g^k mod p) mod q */
208 if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
209 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
210 if (!BN_mod(r,r,dsa->q,ctx)) goto err;
211
212 /* Compute part of 's = inv(k) (m + xr) mod q' */
213 if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
214
215 if (*kinvp != NULL) BN_clear_free(*kinvp);
216 *kinvp=kinv;
217 kinv=NULL;
218 if (*rp != NULL) BN_clear_free(*rp);
219 *rp=r;
220 ret=1;
221err:
222 if (!ret)
223 {
224 DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
225 if (kinv != NULL) BN_clear_free(kinv);
226 if (r != NULL) BN_clear_free(r);
227 }
228 if (ctx_in == NULL) BN_CTX_free(ctx);
229 if (kinv != NULL) BN_clear_free(kinv);
230 BN_clear_free(&k);
231 return(ret);
232 }
233
234static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
235 DSA *dsa)
236 {
237 BN_CTX *ctx;
238 BIGNUM u1,u2,t1;
239 BN_MONT_CTX *mont=NULL;
240 int ret = -1;
241 if (!dsa->p || !dsa->q || !dsa->g)
242 {
243 DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS);
244 return -1;
245 }
246
247 BN_init(&u1);
248 BN_init(&u2);
249 BN_init(&t1);
250
251 if ((ctx=BN_CTX_new()) == NULL) goto err;
252
253 if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
254 {
255 ret = 0;
256 goto err;
257 }
258 if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
259 {
260 ret = 0;
261 goto err;
262 }
263
264 /* Calculate W = inv(S) mod Q
265 * save W in u2 */
266 if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
267
268 /* save M in u1 */
269 if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
270
271 /* u1 = M * w mod q */
272 if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
273
274 /* u2 = r * w mod q */
275 if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
276
277 if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
278 {
279 if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
280 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
281 dsa->p,ctx)) goto err;
282 }
283 mont=(BN_MONT_CTX *)dsa->method_mont_p;
284
285#if 0
286 {
287 BIGNUM t2;
288
289 BN_init(&t2);
290 /* v = ( g^u1 * y^u2 mod p ) mod q */
291 /* let t1 = g ^ u1 mod p */
292 if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
293 /* let t2 = y ^ u2 mod p */
294 if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
295 /* let u1 = t1 * t2 mod p */
296 if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
297 BN_free(&t2);
298 }
299 /* let u1 = u1 mod q */
300 if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
301#else
302 {
303 if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
304 dsa->p,ctx,mont)) goto err;
305 /* BN_copy(&u1,&t1); */
306 /* let u1 = u1 mod q */
307 if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
308 }
309#endif
310 /* V is now in u1. If the signature is correct, it will be
311 * equal to R. */
312 ret=(BN_ucmp(&u1, sig->r) == 0);
313
314 err:
315 if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
316 if (ctx != NULL) BN_CTX_free(ctx);
317 BN_free(&u1);
318 BN_free(&u2);
319 BN_free(&t1);
320 return(ret);
321 }
322
323static int dsa_init(DSA *dsa)
324{
325 dsa->flags|=DSA_FLAG_CACHE_MONT_P;
326 return(1);
327}
328
329static int dsa_finish(DSA *dsa)
330{
331 if(dsa->method_mont_p)
332 BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
333 return(1);
334}
335
336static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
337 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
338 BN_MONT_CTX *in_mont)
339{
340 return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
341}
342
343static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
344 const BIGNUM *m, BN_CTX *ctx,
345 BN_MONT_CTX *m_ctx)
346{
347 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
348}
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
new file mode 100644
index 0000000000..89205026f0
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -0,0 +1,92 @@
1/* crypto/dsa/dsa_sign.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67
68DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
69 {
70 return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
71 }
72
73int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
74 unsigned int *siglen, DSA *dsa)
75 {
76 DSA_SIG *s;
77 s=DSA_do_sign(dgst,dlen,dsa);
78 if (s == NULL)
79 {
80 *siglen=0;
81 return(0);
82 }
83 *siglen=i2d_DSA_SIG(s,&sig);
84 DSA_SIG_free(s);
85 return(1);
86 }
87
88int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
89 {
90 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
91 }
92
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
new file mode 100644
index 0000000000..c4aeddd056
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -0,0 +1,94 @@
1/* crypto/dsa/dsa_vrf.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/rand.h>
66#include <openssl/asn1.h>
67#include <openssl/asn1_mac.h>
68
69int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
70 DSA *dsa)
71 {
72 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
73 }
74
75/* data has already been hashed (probably with SHA or SHA-1). */
76/* returns
77 * 1: correct signature
78 * 0: incorrect signature
79 * -1: error
80 */
81int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
82 const unsigned char *sigbuf, int siglen, DSA *dsa)
83 {
84 DSA_SIG *s;
85 int ret=-1;
86
87 s = DSA_SIG_new();
88 if (s == NULL) return(ret);
89 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
90 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
91err:
92 DSA_SIG_free(s);
93 return(ret);
94 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-29 03:34:51 +0000