summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/Makefile208
-rw-r--r--src/lib/libcrypto/dsa/README4
-rw-r--r--src/lib/libcrypto/dsa/dsa.h20
-rw-r--r--src/lib/libcrypto/dsa/dsa_asn1.c40
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c7
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c35
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c16
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c22
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c16
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c50
-rw-r--r--src/lib/libcrypto/dsa/dsa_vrf.c29
-rw-r--r--src/lib/libcrypto/dsa/dsagen.c111
-rw-r--r--src/lib/libcrypto/dsa/dsatest.c259
-rw-r--r--src/lib/libcrypto/dsa/fips186a.txt122
14 files changed, 747 insertions, 192 deletions
diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile
new file mode 100644
index 0000000000..8073c4ecfe
--- /dev/null
+++ b/src/lib/libcrypto/dsa/Makefile
@@ -0,0 +1,208 @@
1#
2# OpenSSL/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=dsatest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
21 dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c
22LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
23 dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o
24
25SRC= $(LIBSRC)
26
27EXHEADER= dsa.h
28HEADER= dsa_locl.h $(EXHEADER)
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35all: lib
36
37lib: $(LIBOBJ)
38 $(AR) $(LIB) $(LIBOBJ)
39 $(RANLIB) $(LIB) || echo Never mind.
40 @touch lib
41
42files:
43 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
44
45links:
46 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
48 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
49
50install:
51 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
52 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done;
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
68 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
69
70dclean:
71 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
72 mv -f Makefile.new $(MAKEFILE)
73
74clean:
75 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
76
77# DO NOT DELETE THIS LINE -- make depend depends on it.
78
79dsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
80dsa_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
81dsa_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
82dsa_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
83dsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
84dsa_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
85dsa_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
86dsa_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
87dsa_ameth.o: ../../include/openssl/objects.h
88dsa_ameth.o: ../../include/openssl/opensslconf.h
89dsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
90dsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
91dsa_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
92dsa_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
93dsa_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
94dsa_ameth.o: dsa_ameth.c
95dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
96dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
97dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
98dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
99dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
100dsa_asn1.o: ../../include/openssl/opensslconf.h
101dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
102dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
103dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
104dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
105dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
106dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
108dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
109dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
110dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
111dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
112dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
113dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
114dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
115dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
116dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
117dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
118dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
119dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
120dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
121dsa_err.o: dsa_err.c
122dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
123dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
124dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
125dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
126dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
127dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
128dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
129dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
130dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
131dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
132dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h
133dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
134dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
135dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
136dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
137dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
138dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
139dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
140dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
141dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
142dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
143dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
144dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
145dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
146dsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
147dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
148dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
149dsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
150dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
151dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
152dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
153dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
154dsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
155dsa_lib.o: ../cryptlib.h dsa_lib.c
156dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
157dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
158dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
159dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
160dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
161dsa_ossl.o: ../../include/openssl/opensslconf.h
162dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
163dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
164dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
165dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_ossl.c
166dsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
167dsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
168dsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
169dsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
170dsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
171dsa_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
172dsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
173dsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
174dsa_pmeth.o: ../../include/openssl/objects.h
175dsa_pmeth.o: ../../include/openssl/opensslconf.h
176dsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
177dsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
178dsa_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
179dsa_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
180dsa_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
181dsa_pmeth.o: dsa_locl.h dsa_pmeth.c
182dsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
183dsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
184dsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
185dsa_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
186dsa_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
187dsa_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
188dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
189dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
190dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
191dsa_prn.o: ../cryptlib.h dsa_prn.c
192dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h
193dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
194dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
195dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
196dsa_sign.o: ../../include/openssl/opensslconf.h
197dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
198dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
199dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
200dsa_sign.o: ../cryptlib.h dsa_sign.c
201dsa_vrf.o: ../../e_os.h ../../include/openssl/bio.h
202dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
203dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
204dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
205dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
206dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
207dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
208dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libcrypto/dsa/README b/src/lib/libcrypto/dsa/README
new file mode 100644
index 0000000000..6a7e9c170a
--- /dev/null
+++ b/src/lib/libcrypto/dsa/README
@@ -0,0 +1,4 @@
1The stuff in here is based on patches supplied to me by
2Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
3I have since modified a them a little but a debt of gratitude
4is due for doing the initial work.
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
index a6f6d0b0b2..ac50a5c846 100644
--- a/src/lib/libcrypto/dsa/dsa.h
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -97,21 +97,6 @@
97 * be used for all exponents. 97 * be used for all exponents.
98 */ 98 */
99 99
100/* If this flag is set the DSA method is FIPS compliant and can be used
101 * in FIPS mode. This is set in the validated module method. If an
102 * application sets this flag in its own methods it is its reposibility
103 * to ensure the result is compliant.
104 */
105
106#define DSA_FLAG_FIPS_METHOD 0x0400
107
108/* If this flag is set the operations normally disabled in FIPS mode are
109 * permitted it is then the applications responsibility to ensure that the
110 * usage is compliant.
111 */
112
113#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
114
115#ifdef __cplusplus 100#ifdef __cplusplus
116extern "C" { 101extern "C" {
117#endif 102#endif
@@ -287,8 +272,6 @@ void ERR_load_DSA_strings(void);
287#define DSA_F_DSAPARAMS_PRINT_FP 101 272#define DSA_F_DSAPARAMS_PRINT_FP 101
288#define DSA_F_DSA_DO_SIGN 112 273#define DSA_F_DSA_DO_SIGN 112
289#define DSA_F_DSA_DO_VERIFY 113 274#define DSA_F_DSA_DO_VERIFY 113
290#define DSA_F_DSA_GENERATE_KEY 124
291#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
292#define DSA_F_DSA_NEW_METHOD 103 275#define DSA_F_DSA_NEW_METHOD 103
293#define DSA_F_DSA_PARAM_DECODE 119 276#define DSA_F_DSA_PARAM_DECODE 119
294#define DSA_F_DSA_PRINT_FP 105 277#define DSA_F_DSA_PRINT_FP 105
@@ -299,7 +282,6 @@ void ERR_load_DSA_strings(void);
299#define DSA_F_DSA_SIGN 106 282#define DSA_F_DSA_SIGN 106
300#define DSA_F_DSA_SIGN_SETUP 107 283#define DSA_F_DSA_SIGN_SETUP 107
301#define DSA_F_DSA_SIG_NEW 109 284#define DSA_F_DSA_SIG_NEW 109
302#define DSA_F_DSA_SIG_PRINT 125
303#define DSA_F_DSA_VERIFY 108 285#define DSA_F_DSA_VERIFY 108
304#define DSA_F_I2D_DSA_SIG 111 286#define DSA_F_I2D_DSA_SIG 111
305#define DSA_F_OLD_DSA_PRIV_DECODE 122 287#define DSA_F_OLD_DSA_PRIV_DECODE 122
@@ -316,8 +298,6 @@ void ERR_load_DSA_strings(void);
316#define DSA_R_INVALID_DIGEST_TYPE 106 298#define DSA_R_INVALID_DIGEST_TYPE 106
317#define DSA_R_MISSING_PARAMETERS 101 299#define DSA_R_MISSING_PARAMETERS 101
318#define DSA_R_MODULUS_TOO_LARGE 103 300#define DSA_R_MODULUS_TOO_LARGE 103
319#define DSA_R_NEED_NEW_SETUP_VALUES 110
320#define DSA_R_NON_FIPS_DSA_METHOD 111
321#define DSA_R_NO_PARAMETERS_SET 107 301#define DSA_R_NO_PARAMETERS_SET 107
322#define DSA_R_PARAMETER_ENCODING_ERROR 105 302#define DSA_R_PARAMETER_ENCODING_ERROR 105
323 303
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
index 6058534374..c37460b2d6 100644
--- a/src/lib/libcrypto/dsa/dsa_asn1.c
+++ b/src/lib/libcrypto/dsa/dsa_asn1.c
@@ -61,7 +61,6 @@
61#include <openssl/dsa.h> 61#include <openssl/dsa.h>
62#include <openssl/asn1.h> 62#include <openssl/asn1.h>
63#include <openssl/asn1t.h> 63#include <openssl/asn1t.h>
64#include <openssl/rand.h>
65 64
66/* Override the default new methods */ 65/* Override the default new methods */
67static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 66static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -88,7 +87,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
88 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) 87 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
89} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) 88} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
90 89
91IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG) 90IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
92 91
93/* Override the default free and new methods */ 92/* Override the default free and new methods */
94static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 93static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -149,40 +148,3 @@ DSA *DSAparams_dup(DSA *dsa)
149 { 148 {
150 return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa); 149 return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
151 } 150 }
152
153int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
154 unsigned int *siglen, DSA *dsa)
155 {
156 DSA_SIG *s;
157 RAND_seed(dgst, dlen);
158 s=DSA_do_sign(dgst,dlen,dsa);
159 if (s == NULL)
160 {
161 *siglen=0;
162 return(0);
163 }
164 *siglen=i2d_DSA_SIG(s,&sig);
165 DSA_SIG_free(s);
166 return(1);
167 }
168
169/* data has already been hashed (probably with SHA or SHA-1). */
170/* returns
171 * 1: correct signature
172 * 0: incorrect signature
173 * -1: error
174 */
175int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
176 const unsigned char *sigbuf, int siglen, DSA *dsa)
177 {
178 DSA_SIG *s;
179 int ret=-1;
180
181 s = DSA_SIG_new();
182 if (s == NULL) return(ret);
183 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
184 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
185err:
186 DSA_SIG_free(s);
187 return(ret);
188 }
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
index 00545b7b9f..bba984e92e 100644
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ b/src/lib/libcrypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
1/* crypto/dsa/dsa_err.c */ 1/* crypto/dsa/dsa_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -76,8 +76,6 @@ static ERR_STRING_DATA DSA_str_functs[]=
76{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, 76{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
77{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, 77{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
78{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, 78{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
79{ERR_FUNC(DSA_F_DSA_GENERATE_KEY), "DSA_generate_key"},
80{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS_EX), "DSA_generate_parameters_ex"},
81{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, 79{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
82{ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"}, 80{ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"},
83{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, 81{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
@@ -88,7 +86,6 @@ static ERR_STRING_DATA DSA_str_functs[]=
88{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, 86{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
89{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, 87{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
90{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, 88{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
91{ERR_FUNC(DSA_F_DSA_SIG_PRINT), "DSA_SIG_PRINT"},
92{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"}, 89{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
93{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"}, 90{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
94{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"}, 91{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"},
@@ -108,8 +105,6 @@ static ERR_STRING_DATA DSA_str_reasons[]=
108{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, 105{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"},
109{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, 106{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
110{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, 107{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
111{ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"},
112{ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD) ,"non fips dsa method"},
113{ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"}, 108{ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"},
114{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, 109{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
115{0,NULL} 110{0,NULL}
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index c398761d0d..cb0b4538a4 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -81,33 +81,13 @@
81#include <openssl/sha.h> 81#include <openssl/sha.h>
82#include "dsa_locl.h" 82#include "dsa_locl.h"
83 83
84#ifdef OPENSSL_FIPS
85#include <openssl/fips.h>
86#endif
87
88int DSA_generate_parameters_ex(DSA *ret, int bits, 84int DSA_generate_parameters_ex(DSA *ret, int bits,
89 const unsigned char *seed_in, int seed_len, 85 const unsigned char *seed_in, int seed_len,
90 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) 86 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
91 { 87 {
92#ifdef OPENSSL_FIPS
93 if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
94 && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW))
95 {
96 DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
97 return 0;
98 }
99#endif
100 if(ret->meth->dsa_paramgen) 88 if(ret->meth->dsa_paramgen)
101 return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, 89 return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
102 counter_ret, h_ret, cb); 90 counter_ret, h_ret, cb);
103#ifdef OPENSSL_FIPS
104 else if (FIPS_mode())
105 {
106 return FIPS_dsa_generate_parameters_ex(ret, bits,
107 seed_in, seed_len,
108 counter_ret, h_ret, cb);
109 }
110#endif
111 else 91 else
112 { 92 {
113 const EVP_MD *evpmd; 93 const EVP_MD *evpmd;
@@ -125,13 +105,12 @@ int DSA_generate_parameters_ex(DSA *ret, int bits,
125 } 105 }
126 106
127 return dsa_builtin_paramgen(ret, bits, qbits, evpmd, 107 return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
128 seed_in, seed_len, NULL, counter_ret, h_ret, cb); 108 seed_in, seed_len, counter_ret, h_ret, cb);
129 } 109 }
130 } 110 }
131 111
132int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, 112int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
133 const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, 113 const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
134 unsigned char *seed_out,
135 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) 114 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
136 { 115 {
137 int ok=0; 116 int ok=0;
@@ -222,10 +201,8 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
222 } 201 }
223 202
224 /* step 2 */ 203 /* step 2 */
225 if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL)) 204 EVP_Digest(seed, qsize, md, NULL, evpmd, NULL);
226 goto err; 205 EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL);
227 if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
228 goto err;
229 for (i = 0; i < qsize; i++) 206 for (i = 0; i < qsize; i++)
230 md[i]^=buf2[i]; 207 md[i]^=buf2[i];
231 208
@@ -274,9 +251,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
274 break; 251 break;
275 } 252 }
276 253
277 if (!EVP_Digest(buf, qsize, md ,NULL, evpmd, 254 EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL);
278 NULL))
279 goto err;
280 255
281 /* step 8 */ 256 /* step 8 */
282 if (!BN_bin2bn(md, qsize, r0)) 257 if (!BN_bin2bn(md, qsize, r0))
@@ -357,8 +332,6 @@ err:
357 } 332 }
358 if (counter_ret != NULL) *counter_ret=counter; 333 if (counter_ret != NULL) *counter_ret=counter;
359 if (h_ret != NULL) *h_ret=h; 334 if (h_ret != NULL) *h_ret=h;
360 if (seed_out)
361 memcpy(seed_out, seed, qsize);
362 } 335 }
363 if(ctx) 336 if(ctx)
364 { 337 {
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
index 9cf669b921..c4aa86bc6d 100644
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ b/src/lib/libcrypto/dsa/dsa_key.c
@@ -64,28 +64,12 @@
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66 66
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70
71static int dsa_builtin_keygen(DSA *dsa); 67static int dsa_builtin_keygen(DSA *dsa);
72 68
73int DSA_generate_key(DSA *dsa) 69int DSA_generate_key(DSA *dsa)
74 { 70 {
75#ifdef OPENSSL_FIPS
76 if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
77 && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
78 {
79 DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD);
80 return 0;
81 }
82#endif
83 if(dsa->meth->dsa_keygen) 71 if(dsa->meth->dsa_keygen)
84 return dsa->meth->dsa_keygen(dsa); 72 return dsa->meth->dsa_keygen(dsa);
85#ifdef OPENSSL_FIPS
86 if (FIPS_mode())
87 return FIPS_dsa_generate_key(dsa);
88#endif
89 return dsa_builtin_keygen(dsa); 73 return dsa_builtin_keygen(dsa);
90 } 74 }
91 75
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 96d8d0c4b4..e9b75902db 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -70,10 +70,6 @@
70#include <openssl/dh.h> 70#include <openssl/dh.h>
71#endif 71#endif
72 72
73#ifdef OPENSSL_FIPS
74#include <openssl/fips.h>
75#endif
76
77const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT; 73const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
78 74
79static const DSA_METHOD *default_DSA_method = NULL; 75static const DSA_METHOD *default_DSA_method = NULL;
@@ -86,16 +82,7 @@ void DSA_set_default_method(const DSA_METHOD *meth)
86const DSA_METHOD *DSA_get_default_method(void) 82const DSA_METHOD *DSA_get_default_method(void)
87 { 83 {
88 if(!default_DSA_method) 84 if(!default_DSA_method)
89 {
90#ifdef OPENSSL_FIPS
91 if (FIPS_mode())
92 return FIPS_dsa_openssl();
93 else
94 return DSA_OpenSSL();
95#else
96 default_DSA_method = DSA_OpenSSL(); 85 default_DSA_method = DSA_OpenSSL();
97#endif
98 }
99 return default_DSA_method; 86 return default_DSA_method;
100 } 87 }
101 88
@@ -176,7 +163,7 @@ DSA *DSA_new_method(ENGINE *engine)
176 ret->method_mont_p=NULL; 163 ret->method_mont_p=NULL;
177 164
178 ret->references=1; 165 ret->references=1;
179 ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; 166 ret->flags=ret->meth->flags;
180 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); 167 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
181 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) 168 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
182 { 169 {
@@ -289,8 +276,7 @@ void *DSA_get_ex_data(DSA *d, int idx)
289DH *DSA_dup_DH(const DSA *r) 276DH *DSA_dup_DH(const DSA *r)
290 { 277 {
291 /* DSA has p, q, g, optional pub_key, optional priv_key. 278 /* DSA has p, q, g, optional pub_key, optional priv_key.
292 * DH has p, optional length, g, optional pub_key, optional priv_key, 279 * DH has p, optional length, g, optional pub_key, optional priv_key.
293 * optional q.
294 */ 280 */
295 281
296 DH *ret = NULL; 282 DH *ret = NULL;
@@ -304,11 +290,7 @@ DH *DSA_dup_DH(const DSA *r)
304 if ((ret->p = BN_dup(r->p)) == NULL) 290 if ((ret->p = BN_dup(r->p)) == NULL)
305 goto err; 291 goto err;
306 if (r->q != NULL) 292 if (r->q != NULL)
307 {
308 ret->length = BN_num_bits(r->q); 293 ret->length = BN_num_bits(r->q);
309 if ((ret->q = BN_dup(r->q)) == NULL)
310 goto err;
311 }
312 if (r->g != NULL) 294 if (r->g != NULL)
313 if ((ret->g = BN_dup(r->g)) == NULL) 295 if ((ret->g = BN_dup(r->g)) == NULL)
314 goto err; 296 goto err;
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index b3d78e524c..a3ddd7d281 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -136,7 +136,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
136 BN_CTX *ctx=NULL; 136 BN_CTX *ctx=NULL;
137 int reason=ERR_R_BN_LIB; 137 int reason=ERR_R_BN_LIB;
138 DSA_SIG *ret=NULL; 138 DSA_SIG *ret=NULL;
139 int noredo = 0;
140 139
141 BN_init(&m); 140 BN_init(&m);
142 BN_init(&xr); 141 BN_init(&xr);
@@ -151,7 +150,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
151 if (s == NULL) goto err; 150 if (s == NULL) goto err;
152 ctx=BN_CTX_new(); 151 ctx=BN_CTX_new();
153 if (ctx == NULL) goto err; 152 if (ctx == NULL) goto err;
154redo: 153
155 if ((dsa->kinv == NULL) || (dsa->r == NULL)) 154 if ((dsa->kinv == NULL) || (dsa->r == NULL))
156 { 155 {
157 if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; 156 if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
@@ -162,7 +161,6 @@ redo:
162 dsa->kinv=NULL; 161 dsa->kinv=NULL;
163 r=dsa->r; 162 r=dsa->r;
164 dsa->r=NULL; 163 dsa->r=NULL;
165 noredo = 1;
166 } 164 }
167 165
168 166
@@ -183,18 +181,6 @@ redo:
183 181
184 ret=DSA_SIG_new(); 182 ret=DSA_SIG_new();
185 if (ret == NULL) goto err; 183 if (ret == NULL) goto err;
186 /* Redo if r or s is zero as required by FIPS 186-3: this is
187 * very unlikely.
188 */
189 if (BN_is_zero(r) || BN_is_zero(s))
190 {
191 if (noredo)
192 {
193 reason = DSA_R_NEED_NEW_SETUP_VALUES;
194 goto err;
195 }
196 goto redo;
197 }
198 ret->r = r; 184 ret->r = r;
199 ret->s = s; 185 ret->s = s;
200 186
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
index c3cc3642ce..17555e5892 100644
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -61,54 +61,30 @@
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include <openssl/dsa.h> 62#include <openssl/dsa.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64#include <openssl/bn.h>
65 64
66DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) 65DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
67 { 66 {
68#ifdef OPENSSL_FIPS
69 if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
70 && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
71 {
72 DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_NON_FIPS_DSA_METHOD);
73 return NULL;
74 }
75#endif
76 return dsa->meth->dsa_do_sign(dgst, dlen, dsa); 67 return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
77 } 68 }
78 69
79int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) 70int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
71 unsigned int *siglen, DSA *dsa)
80 { 72 {
81#ifdef OPENSSL_FIPS 73 DSA_SIG *s;
82 if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD) 74 RAND_seed(dgst, dlen);
83 && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) 75 s=DSA_do_sign(dgst,dlen,dsa);
76 if (s == NULL)
84 { 77 {
85 DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NON_FIPS_DSA_METHOD); 78 *siglen=0;
86 return 0; 79 return(0);
87 } 80 }
88#endif 81 *siglen=i2d_DSA_SIG(s,&sig);
89 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); 82 DSA_SIG_free(s);
83 return(1);
90 } 84 }
91 85
92DSA_SIG *DSA_SIG_new(void) 86int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
93 {
94 DSA_SIG *sig;
95 sig = OPENSSL_malloc(sizeof(DSA_SIG));
96 if (!sig)
97 return NULL;
98 sig->r = NULL;
99 sig->s = NULL;
100 return sig;
101 }
102
103void DSA_SIG_free(DSA_SIG *sig)
104 { 87 {
105 if (sig) 88 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
106 {
107 if (sig->r)
108 BN_free(sig->r);
109 if (sig->s)
110 BN_free(sig->s);
111 OPENSSL_free(sig);
112 }
113 } 89 }
114 90
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
index 674cb5fa5f..226a75ff3f 100644
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -64,13 +64,26 @@
64int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, 64int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
65 DSA *dsa) 65 DSA *dsa)
66 { 66 {
67#ifdef OPENSSL_FIPS
68 if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
69 && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
70 {
71 DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
72 return -1;
73 }
74#endif
75 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); 67 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
76 } 68 }
69
70/* data has already been hashed (probably with SHA or SHA-1). */
71/* returns
72 * 1: correct signature
73 * 0: incorrect signature
74 * -1: error
75 */
76int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
77 const unsigned char *sigbuf, int siglen, DSA *dsa)
78 {
79 DSA_SIG *s;
80 int ret=-1;
81
82 s = DSA_SIG_new();
83 if (s == NULL) return(ret);
84 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
85 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
86err:
87 DSA_SIG_free(s);
88 return(ret);
89 }
diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c
new file mode 100644
index 0000000000..1b6a1cca0f
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsagen.c
@@ -0,0 +1,111 @@
1/* crypto/dsa/dsagen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/dsa.h>
61
62#define TEST
63#define GENUINE_DSA
64
65#ifdef GENUINE_DSA
66#define LAST_VALUE 0xbd
67#else
68#define LAST_VALUE 0xd3
69#endif
70
71#ifdef TEST
72unsigned char seed[20]={
73 0xd5,0x01,0x4e,0x4b,
74 0x60,0xef,0x2b,0xa8,
75 0xb6,0x21,0x1b,0x40,
76 0x62,0xba,0x32,0x24,
77 0xe0,0x42,0x7d,LAST_VALUE};
78#endif
79
80int cb(int p, int n)
81 {
82 char c='*';
83
84 if (p == 0) c='.';
85 if (p == 1) c='+';
86 if (p == 2) c='*';
87 if (p == 3) c='\n';
88 printf("%c",c);
89 fflush(stdout);
90 }
91
92main()
93 {
94 int i;
95 BIGNUM *n;
96 BN_CTX *ctx;
97 unsigned char seed_buf[20];
98 DSA *dsa;
99 int counter,h;
100 BIO *bio_err=NULL;
101
102 if (bio_err == NULL)
103 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
104
105 memcpy(seed_buf,seed,20);
106 dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
107
108 if (dsa == NULL)
109 DSA_print(bio_err,dsa,0);
110 }
111
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c
new file mode 100644
index 0000000000..edffd24e6b
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsatest.c
@@ -0,0 +1,259 @@
1/* crypto/dsa/dsatest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Until the key-gen callbacks are modified to use newer prototypes, we allow
60 * deprecated functions for openssl-internal code */
61#ifdef OPENSSL_NO_DEPRECATED
62#undef OPENSSL_NO_DEPRECATED
63#endif
64
65#include <stdio.h>
66#include <stdlib.h>
67#include <string.h>
68#include <sys/types.h>
69#include <sys/stat.h>
70
71#include "../e_os.h"
72
73#include <openssl/crypto.h>
74#include <openssl/rand.h>
75#include <openssl/bio.h>
76#include <openssl/err.h>
77#include <openssl/bn.h>
78
79#ifdef OPENSSL_NO_DSA
80int main(int argc, char *argv[])
81{
82 printf("No DSA support\n");
83 return(0);
84}
85#else
86#include <openssl/dsa.h>
87
88#ifdef OPENSSL_SYS_WIN16
89#define MS_CALLBACK _far _loadds
90#else
91#define MS_CALLBACK
92#endif
93
94static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg);
95
96/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
97 * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
98static unsigned char seed[20]={
99 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
100 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
101 };
102
103static unsigned char out_p[]={
104 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
105 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
106 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
107 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
108 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
109 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
110 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
111 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
112 };
113
114static unsigned char out_q[]={
115 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
116 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
117 0xda,0xce,0x91,0x5f,
118 };
119
120static unsigned char out_g[]={
121 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
122 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
123 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
124 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
125 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
126 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
127 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
128 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
129 };
130
131static const unsigned char str1[]="12345678901234567890";
132
133static const char rnd_seed[] = "string to make the random number generator think it has entropy";
134
135static BIO *bio_err=NULL;
136
137int main(int argc, char **argv)
138 {
139 BN_GENCB cb;
140 DSA *dsa=NULL;
141 int counter,ret=0,i,j;
142 unsigned char buf[256];
143 unsigned long h;
144 unsigned char sig[256];
145 unsigned int siglen;
146
147 if (bio_err == NULL)
148 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
149
150 CRYPTO_malloc_debug_init();
151 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
152 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
153
154 ERR_load_crypto_strings();
155 RAND_seed(rnd_seed, sizeof rnd_seed);
156
157 BIO_printf(bio_err,"test generation of DSA parameters\n");
158
159 BN_GENCB_set(&cb, dsa_cb, bio_err);
160 if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
161 seed, 20, &counter, &h, &cb))
162 goto end;
163
164 BIO_printf(bio_err,"seed\n");
165 for (i=0; i<20; i+=4)
166 {
167 BIO_printf(bio_err,"%02X%02X%02X%02X ",
168 seed[i],seed[i+1],seed[i+2],seed[i+3]);
169 }
170 BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h);
171
172 DSA_print(bio_err,dsa,0);
173 if (counter != 105)
174 {
175 BIO_printf(bio_err,"counter should be 105\n");
176 goto end;
177 }
178 if (h != 2)
179 {
180 BIO_printf(bio_err,"h should be 2\n");
181 goto end;
182 }
183
184 i=BN_bn2bin(dsa->q,buf);
185 j=sizeof(out_q);
186 if ((i != j) || (memcmp(buf,out_q,i) != 0))
187 {
188 BIO_printf(bio_err,"q value is wrong\n");
189 goto end;
190 }
191
192 i=BN_bn2bin(dsa->p,buf);
193 j=sizeof(out_p);
194 if ((i != j) || (memcmp(buf,out_p,i) != 0))
195 {
196 BIO_printf(bio_err,"p value is wrong\n");
197 goto end;
198 }
199
200 i=BN_bn2bin(dsa->g,buf);
201 j=sizeof(out_g);
202 if ((i != j) || (memcmp(buf,out_g,i) != 0))
203 {
204 BIO_printf(bio_err,"g value is wrong\n");
205 goto end;
206 }
207
208 dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
209 DSA_generate_key(dsa);
210 DSA_sign(0, str1, 20, sig, &siglen, dsa);
211 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
212 ret=1;
213
214 dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
215 DSA_generate_key(dsa);
216 DSA_sign(0, str1, 20, sig, &siglen, dsa);
217 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
218 ret=1;
219
220end:
221 if (!ret)
222 ERR_print_errors(bio_err);
223 if (dsa != NULL) DSA_free(dsa);
224 CRYPTO_cleanup_all_ex_data();
225 ERR_remove_thread_state(NULL);
226 ERR_free_strings();
227 CRYPTO_mem_leaks(bio_err);
228 if (bio_err != NULL)
229 {
230 BIO_free(bio_err);
231 bio_err = NULL;
232 }
233#ifdef OPENSSL_SYS_NETWARE
234 if (!ret) printf("ERROR\n");
235#endif
236 EXIT(!ret);
237 return(0);
238 }
239
240static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg)
241 {
242 char c='*';
243 static int ok=0,num=0;
244
245 if (p == 0) { c='.'; num++; };
246 if (p == 1) c='+';
247 if (p == 2) { c='*'; ok++; }
248 if (p == 3) c='\n';
249 BIO_write(arg->arg,&c,1);
250 (void)BIO_flush(arg->arg);
251
252 if (!ok && (p == 0) && (num > 1))
253 {
254 BIO_printf((BIO *)arg,"error in dsatest\n");
255 return 0;
256 }
257 return 1;
258 }
259#endif
diff --git a/src/lib/libcrypto/dsa/fips186a.txt b/src/lib/libcrypto/dsa/fips186a.txt
new file mode 100644
index 0000000000..3a2e0a0d51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
1The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
2examples. This is an updated version that uses SHA-1 (FIPS 180-1)
3supplied to me by Wei Dai
4--
5 APPENDIX 5. EXAMPLE OF THE DSA
6
7
8This appendix is for informational purposes only and is not required to meet
9the standard.
10
11Let L = 512 (size of p). The values in this example are expressed in
12hexadecimal notation. The p and q given here were generated by the prime
13generation standard described in appendix 2 using the 160-bit SEED:
14
15 d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
16
17With this SEED, the algorithm found p and q when the counter was at 105.
18
19x was generated by the algorithm described in appendix 3, section 3.1, using
20the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
21
22XSEED =
23
24 bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
25
26t =
27 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
28
29x = G(t,XSEED) mod q
30
31k was generated by the algorithm described in appendix 3, section 3.2, using
32the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
33
34KSEED =
35
36 687a66d9 0648f993 867e121f 4ddf9ddb 01205584
37
38t =
39 EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
40
41k = G(t,KSEED) mod q
42
43Finally:
44
45h = 2
46
47p =
48 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
49 cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
50 49693dfb f83724c2 ec0736ee 31c80291
51
52
53q =
54 c773218c 737ec8ee 993b4f2d ed30f48e dace915f
55
56
57g =
58 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
59 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
60 c42e9f6f 464b088c c572af53 e6d78802
61
62
63x =
64 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
65
66
67k =
68 358dad57 1462710f 50e254cf 1a376b2b deaadfbf
69
70
71kinv =
72
73 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
74
75M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
76
77SHA(M) =
78
79 a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
80
81
82y =
83
84 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85
85 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
86 858fba33 f44c0669 9630a76b 030ee333
87
88
89r =
90 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
91
92s =
93 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
94
95
96w =
97 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
98
99
100u1 =
101 bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
102
103
104u2 =
105 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
106
107
108gu1 mod p =
109
110 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
111 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
112 6f96662a 1987a21b e4ec1071 010b6069
113
114
115yu2 mod p =
116
117 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
118 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67
119 c19441f4 22bf3c34 08aeba1f 0a4dbec7
120
121v =
122 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-30 01:38:15 +0000