summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/Makefile164
-rw-r--r--src/lib/libcrypto/dsa/Makefile.ssl171
-rw-r--r--src/lib/libcrypto/dsa/README4
-rw-r--r--src/lib/libcrypto/dsa/dsa.h59
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c9
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c111
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c15
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c5
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c108
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c14
-rw-r--r--src/lib/libcrypto/dsa/dsa_vrf.c9
-rw-r--r--src/lib/libcrypto/dsa/dsagen.c111
-rw-r--r--src/lib/libcrypto/dsa/dsatest.c251
-rw-r--r--src/lib/libcrypto/dsa/fips186a.txt122
14 files changed, 981 insertions, 172 deletions
diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile
new file mode 100644
index 0000000000..676baf7d49
--- /dev/null
+++ b/src/lib/libcrypto/dsa/Makefile
@@ -0,0 +1,164 @@
1#
2# OpenSSL/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=dsatest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
21 dsa_err.c dsa_ossl.c dsa_depr.c
22LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
23 dsa_err.o dsa_ossl.o dsa_depr.o
24
25SRC= $(LIBSRC)
26
27EXHEADER= dsa.h
28HEADER= $(EXHEADER)
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35all: lib
36
37lib: $(LIBOBJ)
38 $(AR) $(LIB) $(LIBOBJ)
39 $(RANLIB) $(LIB) || echo Never mind.
40 @touch lib
41
42files:
43 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
44
45links:
46 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
48 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
49
50install:
51 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
52 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done;
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
68 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
69
70dclean:
71 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
72 mv -f Makefile.new $(MAKEFILE)
73
74clean:
75 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
76
77# DO NOT DELETE THIS LINE -- make depend depends on it.
78
79dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
80dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
81dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
82dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
83dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
84dsa_asn1.o: ../../include/openssl/opensslconf.h
85dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
86dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
87dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
88dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
89dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
90dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
91dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
92dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
93dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
94dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
95dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
96dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
97dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
98dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
99dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
100dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
101dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
102dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
103dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
104dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
105dsa_err.o: dsa_err.c
106dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
107dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
108dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
109dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
110dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
111dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
112dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
113dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
114dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
115dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
116dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c
117dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
118dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
119dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
120dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
121dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
122dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
123dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
124dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
125dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
126dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
127dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
128dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
129dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
130dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
131dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
132dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
133dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
134dsa_lib.o: ../cryptlib.h dsa_lib.c
135dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
136dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
137dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
138dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
139dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
140dsa_ossl.o: ../../include/openssl/opensslconf.h
141dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
142dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
143dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
144dsa_ossl.o: ../cryptlib.h dsa_ossl.c
145dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
146dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
147dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
148dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
149dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
150dsa_sign.o: ../../include/openssl/opensslconf.h
151dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
152dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
153dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
154dsa_sign.o: ../cryptlib.h dsa_sign.c
155dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
156dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
157dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
158dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
159dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
160dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
161dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
162dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
163dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
164dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libcrypto/dsa/Makefile.ssl b/src/lib/libcrypto/dsa/Makefile.ssl
new file mode 100644
index 0000000000..e5f8a8cf51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/Makefile.ssl
@@ -0,0 +1,171 @@
1#
2# SSLeay/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=dsatest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
27 dsa_err.c dsa_ossl.c
28LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
29 dsa_err.o dsa_ossl.o
30
31SRC= $(LIBSRC)
32
33EXHEADER= dsa.h
34HEADER= $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48files:
49 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
50
51links:
52 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
53 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
54 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
55 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
56
57install:
58 @for i in $(EXHEADER) ; \
59 do \
60 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
61 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
62 done;
63
64tags:
65 ctags $(SRC)
66
67tests:
68
69lint:
70 lint -DLINT $(INCLUDES) $(SRC)>fluff
71
72depend:
73 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
74
75dclean:
76 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
77 mv -f Makefile.new $(MAKEFILE)
78
79clean:
80 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
81
82# DO NOT DELETE THIS LINE -- make depend depends on it.
83
84dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
85dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
86dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
87dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
88dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
89dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
90dsa_asn1.o: ../../include/openssl/opensslconf.h
91dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
92dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
93dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
94dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
95dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
96dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
97dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
98dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
99dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
100dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
101dsa_err.o: dsa_err.c
102dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h
103dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
104dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
105dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
106dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
107dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
108dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
109dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
110dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
111dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
112dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
113dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
114dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
115dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
116dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
117dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
118dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
119dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
120dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
121dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c
122dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
123dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
124dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
125dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
126dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
127dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
128dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
129dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
130dsa_key.o: ../cryptlib.h dsa_key.c
131dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
132dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
133dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
134dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
135dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
136dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
137dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
138dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
139dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
140dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
141dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
142dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
143dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
144dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
145dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
146dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
147dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
148dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
149dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
150dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
151dsa_ossl.o: ../cryptlib.h dsa_ossl.c
152dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
153dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
154dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
155dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
156dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
157dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
158dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
159dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
160dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
161dsa_sign.o: ../cryptlib.h dsa_sign.c
162dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
163dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
164dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
165dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
166dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
167dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
168dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
169dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
170dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
171dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libcrypto/dsa/README b/src/lib/libcrypto/dsa/README
new file mode 100644
index 0000000000..6a7e9c170a
--- /dev/null
+++ b/src/lib/libcrypto/dsa/README
@@ -0,0 +1,4 @@
1The stuff in here is based on patches supplied to me by
2Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
3I have since modified a them a little but a debt of gratitude
4is due for doing the initial work.
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
index 3a8fe5b56b..aa0669eb7a 100644
--- a/src/lib/libcrypto/dsa/dsa.h
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -65,8 +65,6 @@
65#ifndef HEADER_DSA_H 65#ifndef HEADER_DSA_H
66#define HEADER_DSA_H 66#define HEADER_DSA_H
67 67
68#include <openssl/e_os2.h>
69
70#ifdef OPENSSL_NO_DSA 68#ifdef OPENSSL_NO_DSA
71#error DSA is disabled. 69#error DSA is disabled.
72#endif 70#endif
@@ -74,19 +72,14 @@
74#ifndef OPENSSL_NO_BIO 72#ifndef OPENSSL_NO_BIO
75#include <openssl/bio.h> 73#include <openssl/bio.h>
76#endif 74#endif
75#include <openssl/bn.h>
77#include <openssl/crypto.h> 76#include <openssl/crypto.h>
78#include <openssl/ossl_typ.h> 77#include <openssl/ossl_typ.h>
79
80#ifndef OPENSSL_NO_DEPRECATED
81#include <openssl/bn.h>
82#ifndef OPENSSL_NO_DH 78#ifndef OPENSSL_NO_DH
83# include <openssl/dh.h> 79# include <openssl/dh.h>
84#endif 80#endif
85#endif
86 81
87#ifndef OPENSSL_DSA_MAX_MODULUS_BITS 82#define OPENSSL_DSA_MAX_MODULUS_BITS 3072
88# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
89#endif
90 83
91#define DSA_FLAG_CACHE_MONT_P 0x01 84#define DSA_FLAG_CACHE_MONT_P 0x01
92#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA 85#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
@@ -97,13 +90,22 @@
97 * be used for all exponents. 90 * be used for all exponents.
98 */ 91 */
99 92
93/* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode
94 * it is then the applications responsibility to ensure the external method
95 * is compliant.
96 */
97
98#define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW 0x04
99
100#if defined(OPENSSL_FIPS)
101#define FIPS_DSA_SIZE_T int
102#endif
103
100#ifdef __cplusplus 104#ifdef __cplusplus
101extern "C" { 105extern "C" {
102#endif 106#endif
103 107
104/* Already defined in ossl_typ.h */ 108typedef struct dsa_st DSA;
105/* typedef struct dsa_st DSA; */
106/* typedef struct dsa_method DSA_METHOD; */
107 109
108typedef struct DSA_SIG_st 110typedef struct DSA_SIG_st
109 { 111 {
@@ -111,8 +113,7 @@ typedef struct DSA_SIG_st
111 BIGNUM *s; 113 BIGNUM *s;
112 } DSA_SIG; 114 } DSA_SIG;
113 115
114struct dsa_method 116typedef struct dsa_method {
115 {
116 const char *name; 117 const char *name;
117 DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); 118 DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
118 int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, 119 int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
@@ -129,14 +130,7 @@ struct dsa_method
129 int (*finish)(DSA *dsa); 130 int (*finish)(DSA *dsa);
130 int flags; 131 int flags;
131 char *app_data; 132 char *app_data;
132 /* If this is non-NULL, it is used to generate DSA parameters */ 133} DSA_METHOD;
133 int (*dsa_paramgen)(DSA *dsa, int bits,
134 unsigned char *seed, int seed_len,
135 int *counter_ret, unsigned long *h_ret,
136 BN_GENCB *cb);
137 /* If this is non-NULL, it is used to generate DSA keys */
138 int (*dsa_keygen)(DSA *dsa);
139 };
140 134
141struct dsa_st 135struct dsa_st
142 { 136 {
@@ -157,7 +151,7 @@ struct dsa_st
157 151
158 int flags; 152 int flags;
159 /* Normally used to cache montgomery values */ 153 /* Normally used to cache montgomery values */
160 BN_MONT_CTX *method_mont_p; 154 char *method_mont_p;
161 int references; 155 int references;
162 CRYPTO_EX_DATA ex_data; 156 CRYPTO_EX_DATA ex_data;
163 const DSA_METHOD *meth; 157 const DSA_METHOD *meth;
@@ -165,13 +159,16 @@ struct dsa_st
165 ENGINE *engine; 159 ENGINE *engine;
166 }; 160 };
167 161
168#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x) 162#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
163 (char *(*)())d2i_DSAparams,(char *)(x))
169#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ 164#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
170 (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) 165 (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
171#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ 166#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
172 (unsigned char *)(x)) 167 (unsigned char *)(x))
173#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x) 168#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
174#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) 169 (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
170#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
171 (unsigned char *)(x))
175 172
176 173
177DSA_SIG * DSA_SIG_new(void); 174DSA_SIG * DSA_SIG_new(void);
@@ -209,20 +206,10 @@ void *DSA_get_ex_data(DSA *d, int idx);
209DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); 206DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
210DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); 207DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
211DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); 208DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
212
213/* Deprecated version */
214#ifndef OPENSSL_NO_DEPRECATED
215DSA * DSA_generate_parameters(int bits, 209DSA * DSA_generate_parameters(int bits,
216 unsigned char *seed,int seed_len, 210 unsigned char *seed,int seed_len,
217 int *counter_ret, unsigned long *h_ret,void 211 int *counter_ret, unsigned long *h_ret,void
218 (*callback)(int, int, void *),void *cb_arg); 212 (*callback)(int, int, void *),void *cb_arg);
219#endif /* !defined(OPENSSL_NO_DEPRECATED) */
220
221/* New version */
222int DSA_generate_parameters_ex(DSA *dsa, int bits,
223 unsigned char *seed,int seed_len,
224 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
225
226int DSA_generate_key(DSA *a); 213int DSA_generate_key(DSA *a);
227int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); 214int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
228int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); 215int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
index 768711994b..d7fac69154 100644
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ b/src/lib/libcrypto/dsa/dsa_err.c
@@ -100,12 +100,15 @@ static ERR_STRING_DATA DSA_str_reasons[]=
100 100
101void ERR_load_DSA_strings(void) 101void ERR_load_DSA_strings(void)
102 { 102 {
103#ifndef OPENSSL_NO_ERR 103 static int init=1;
104 104
105 if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) 105 if (init)
106 { 106 {
107 init=0;
108#ifndef OPENSSL_NO_ERR
107 ERR_load_strings(0,DSA_str_functs); 109 ERR_load_strings(0,DSA_str_functs);
108 ERR_load_strings(0,DSA_str_reasons); 110 ERR_load_strings(0,DSA_str_reasons);
109 }
110#endif 111#endif
112
113 }
111 } 114 }
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index ca0b86a6cf..e40afeea51 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -69,8 +69,6 @@
69#define HASH EVP_sha1() 69#define HASH EVP_sha1()
70#endif 70#endif
71 71
72#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
73
74#ifndef OPENSSL_NO_SHA 72#ifndef OPENSSL_NO_SHA
75 73
76#include <stdio.h> 74#include <stdio.h>
@@ -82,24 +80,12 @@
82#include <openssl/rand.h> 80#include <openssl/rand.h>
83#include <openssl/sha.h> 81#include <openssl/sha.h>
84 82
85static int dsa_builtin_paramgen(DSA *ret, int bits, 83#ifndef OPENSSL_FIPS
86 unsigned char *seed_in, int seed_len, 84DSA *DSA_generate_parameters(int bits,
87 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
88
89int DSA_generate_parameters_ex(DSA *ret, int bits,
90 unsigned char *seed_in, int seed_len,
91 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
92 {
93 if(ret->meth->dsa_paramgen)
94 return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
95 counter_ret, h_ret, cb);
96 return dsa_builtin_paramgen(ret, bits, seed_in, seed_len,
97 counter_ret, h_ret, cb);
98 }
99
100static int dsa_builtin_paramgen(DSA *ret, int bits,
101 unsigned char *seed_in, int seed_len, 85 unsigned char *seed_in, int seed_len,
102 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) 86 int *counter_ret, unsigned long *h_ret,
87 void (*callback)(int, int, void *),
88 void *cb_arg)
103 { 89 {
104 int ok=0; 90 int ok=0;
105 unsigned char seed[SHA_DIGEST_LENGTH]; 91 unsigned char seed[SHA_DIGEST_LENGTH];
@@ -111,43 +97,40 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
111 int k,n=0,i,b,m=0; 97 int k,n=0,i,b,m=0;
112 int counter=0; 98 int counter=0;
113 int r=0; 99 int r=0;
114 BN_CTX *ctx=NULL; 100 BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
115 unsigned int h=2; 101 unsigned int h=2;
102 DSA *ret=NULL;
116 103
117 if (bits < 512) bits=512; 104 if (bits < 512) bits=512;
118 bits=(bits+63)/64*64; 105 bits=(bits+63)/64*64;
119 106
120 /* NB: seed_len == 0 is special case: copy generated seed to 107 if (seed_len < 20)
121 * seed_in if it is not NULL.
122 */
123 if (seed_len && (seed_len < 20))
124 seed_in = NULL; /* seed buffer too small -- ignore */ 108 seed_in = NULL; /* seed buffer too small -- ignore */
125 if (seed_len > 20) 109 if (seed_len > 20)
126 seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, 110 seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
127 * but our internal buffers are restricted to 160 bits*/ 111 * but our internal buffers are restricted to 160 bits*/
128 if ((seed_in != NULL) && (seed_len == 20)) 112 if ((seed_in != NULL) && (seed_len == 20))
129 {
130 memcpy(seed,seed_in,seed_len); 113 memcpy(seed,seed_in,seed_len);
131 /* set seed_in to NULL to avoid it being copied back */
132 seed_in = NULL;
133 }
134 114
135 if ((ctx=BN_CTX_new()) == NULL) goto err; 115 if ((ctx=BN_CTX_new()) == NULL) goto err;
116 if ((ctx2=BN_CTX_new()) == NULL) goto err;
117 if ((ctx3=BN_CTX_new()) == NULL) goto err;
118 if ((ret=DSA_new()) == NULL) goto err;
136 119
137 if ((mont=BN_MONT_CTX_new()) == NULL) goto err; 120 if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
138 121
139 BN_CTX_start(ctx); 122 BN_CTX_start(ctx2);
140 r0 = BN_CTX_get(ctx); 123 r0 = BN_CTX_get(ctx2);
141 g = BN_CTX_get(ctx); 124 g = BN_CTX_get(ctx2);
142 W = BN_CTX_get(ctx); 125 W = BN_CTX_get(ctx2);
143 q = BN_CTX_get(ctx); 126 q = BN_CTX_get(ctx2);
144 X = BN_CTX_get(ctx); 127 X = BN_CTX_get(ctx2);
145 c = BN_CTX_get(ctx); 128 c = BN_CTX_get(ctx2);
146 p = BN_CTX_get(ctx); 129 p = BN_CTX_get(ctx2);
147 test = BN_CTX_get(ctx); 130 test = BN_CTX_get(ctx2);
131 if (test == NULL) goto err;
148 132
149 if (!BN_lshift(test,BN_value_one(),bits-1)) 133 if (!BN_lshift(test,BN_value_one(),bits-1)) goto err;
150 goto err;
151 134
152 for (;;) 135 for (;;)
153 { 136 {
@@ -156,8 +139,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
156 int seed_is_random; 139 int seed_is_random;
157 140
158 /* step 1 */ 141 /* step 1 */
159 if(!BN_GENCB_call(cb, 0, m++)) 142 if (callback != NULL) callback(0,m++,cb_arg);
160 goto err;
161 143
162 if (!seed_len) 144 if (!seed_len)
163 { 145 {
@@ -190,8 +172,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
190 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; 172 if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
191 173
192 /* step 4 */ 174 /* step 4 */
193 r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, 175 r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
194 seed_is_random, cb);
195 if (r > 0) 176 if (r > 0)
196 break; 177 break;
197 if (r != 0) 178 if (r != 0)
@@ -201,8 +182,8 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
201 /* step 5 */ 182 /* step 5 */
202 } 183 }
203 184
204 if(!BN_GENCB_call(cb, 2, 0)) goto err; 185 if (callback != NULL) callback(2,0,cb_arg);
205 if(!BN_GENCB_call(cb, 3, 0)) goto err; 186 if (callback != NULL) callback(3,0,cb_arg);
206 187
207 /* step 6 */ 188 /* step 6 */
208 counter=0; 189 counter=0;
@@ -213,11 +194,11 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
213 194
214 for (;;) 195 for (;;)
215 { 196 {
216 if ((counter != 0) && !BN_GENCB_call(cb, 0, counter)) 197 if (callback != NULL && counter != 0)
217 goto err; 198 callback(0,counter,cb_arg);
218 199
219 /* step 7 */ 200 /* step 7 */
220 BN_zero(W); 201 if (!BN_zero(W)) goto err;
221 /* now 'buf' contains "SEED + offset - 1" */ 202 /* now 'buf' contains "SEED + offset - 1" */
222 for (k=0; k<=n; k++) 203 for (k=0; k<=n; k++)
223 { 204 {
@@ -252,8 +233,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
252 if (BN_cmp(p,test) >= 0) 233 if (BN_cmp(p,test) >= 0)
253 { 234 {
254 /* step 11 */ 235 /* step 11 */
255 r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, 236 r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
256 ctx, 1, cb);
257 if (r > 0) 237 if (r > 0)
258 goto end; /* found it */ 238 goto end; /* found it */
259 if (r != 0) 239 if (r != 0)
@@ -269,8 +249,7 @@ static int dsa_builtin_paramgen(DSA *ret, int bits,
269 } 249 }
270 } 250 }
271end: 251end:
272 if(!BN_GENCB_call(cb, 2, 1)) 252 if (callback != NULL) callback(2,1,cb_arg);
273 goto err;
274 253
275 /* We now need to generate g */ 254 /* We now need to generate g */
276 /* Set r0=(p-1)/q */ 255 /* Set r0=(p-1)/q */
@@ -289,16 +268,16 @@ end:
289 h++; 268 h++;
290 } 269 }
291 270
292 if(!BN_GENCB_call(cb, 3, 1)) 271 if (callback != NULL) callback(3,1,cb_arg);
293 goto err;
294 272
295 ok=1; 273 ok=1;
296err: 274err:
297 if (ok) 275 if (!ok)
276 {
277 if (ret != NULL) DSA_free(ret);
278 }
279 else
298 { 280 {
299 if(ret->p) BN_free(ret->p);
300 if(ret->q) BN_free(ret->q);
301 if(ret->g) BN_free(ret->g);
302 ret->p=BN_dup(p); 281 ret->p=BN_dup(p);
303 ret->q=BN_dup(q); 282 ret->q=BN_dup(q);
304 ret->g=BN_dup(g); 283 ret->g=BN_dup(g);
@@ -307,16 +286,20 @@ err:
307 ok=0; 286 ok=0;
308 goto err; 287 goto err;
309 } 288 }
310 if (seed_in != NULL) memcpy(seed_in,seed,20); 289 if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
311 if (counter_ret != NULL) *counter_ret=counter; 290 if (counter_ret != NULL) *counter_ret=counter;
312 if (h_ret != NULL) *h_ret=h; 291 if (h_ret != NULL) *h_ret=h;
313 } 292 }
314 if(ctx) 293 if (ctx != NULL) BN_CTX_free(ctx);
294 if (ctx2 != NULL)
315 { 295 {
316 BN_CTX_end(ctx); 296 BN_CTX_end(ctx2);
317 BN_CTX_free(ctx); 297 BN_CTX_free(ctx2);
318 } 298 }
299 if (ctx3 != NULL) BN_CTX_free(ctx3);
319 if (mont != NULL) BN_MONT_CTX_free(mont); 300 if (mont != NULL) BN_MONT_CTX_free(mont);
320 return ok; 301 return(ok?ret:NULL);
321 } 302 }
322#endif 303#endif /* ndef OPENSSL_FIPS */
304#endif /* ndef OPENSSL_NO_SHA */
305
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
index c4aa86bc6d..980b6dc2d3 100644
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ b/src/lib/libcrypto/dsa/dsa_key.c
@@ -56,25 +56,17 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_SHA
59#include <stdio.h> 60#include <stdio.h>
60#include <time.h> 61#include <time.h>
61#include "cryptlib.h" 62#include "cryptlib.h"
62#ifndef OPENSSL_NO_SHA
63#include <openssl/bn.h> 63#include <openssl/bn.h>
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66 66
67static int dsa_builtin_keygen(DSA *dsa); 67#ifndef OPENSSL_FIPS
68
69int DSA_generate_key(DSA *dsa) 68int DSA_generate_key(DSA *dsa)
70 { 69 {
71 if(dsa->meth->dsa_keygen)
72 return dsa->meth->dsa_keygen(dsa);
73 return dsa_builtin_keygen(dsa);
74 }
75
76static int dsa_builtin_keygen(DSA *dsa)
77 {
78 int ok=0; 70 int ok=0;
79 BN_CTX *ctx=NULL; 71 BN_CTX *ctx=NULL;
80 BIGNUM *pub_key=NULL,*priv_key=NULL; 72 BIGNUM *pub_key=NULL,*priv_key=NULL;
@@ -107,7 +99,7 @@ static int dsa_builtin_keygen(DSA *dsa)
107 { 99 {
108 BN_init(&local_prk); 100 BN_init(&local_prk);
109 prk = &local_prk; 101 prk = &local_prk;
110 BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); 102 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
111 } 103 }
112 else 104 else
113 prk = priv_key; 105 prk = priv_key;
@@ -126,3 +118,4 @@ err:
126 return(ok); 118 return(ok);
127 } 119 }
128#endif 120#endif
121#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index e9b75902db..4171af24c6 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -66,11 +66,8 @@
66#ifndef OPENSSL_NO_ENGINE 66#ifndef OPENSSL_NO_ENGINE
67#include <openssl/engine.h> 67#include <openssl/engine.h>
68#endif 68#endif
69#ifndef OPENSSL_NO_DH
70#include <openssl/dh.h>
71#endif
72 69
73const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT; 70const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
74 71
75static const DSA_METHOD *default_DSA_method = NULL; 72static const DSA_METHOD *default_DSA_method = NULL;
76 73
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 75ff7cc4af..5de5fc7e91 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -65,63 +65,33 @@
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67 67
68#ifndef OPENSSL_FIPS
68static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); 69static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
69static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); 70static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
70static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, 71static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
71 DSA *dsa); 72 DSA *dsa);
72static int dsa_init(DSA *dsa); 73static int dsa_init(DSA *dsa);
73static int dsa_finish(DSA *dsa); 74static int dsa_finish(DSA *dsa);
75static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
76 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
77 BN_MONT_CTX *in_mont);
78static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
79 const BIGNUM *m, BN_CTX *ctx,
80 BN_MONT_CTX *m_ctx);
74 81
75static DSA_METHOD openssl_dsa_meth = { 82static DSA_METHOD openssl_dsa_meth = {
76"OpenSSL DSA method", 83"OpenSSL DSA method",
77dsa_do_sign, 84dsa_do_sign,
78dsa_sign_setup, 85dsa_sign_setup,
79dsa_do_verify, 86dsa_do_verify,
80NULL, /* dsa_mod_exp, */ 87dsa_mod_exp,
81NULL, /* dsa_bn_mod_exp, */ 88dsa_bn_mod_exp,
82dsa_init, 89dsa_init,
83dsa_finish, 90dsa_finish,
840, 910,
85NULL,
86NULL,
87NULL 92NULL
88}; 93};
89 94
90/* These macro wrappers replace attempts to use the dsa_mod_exp() and
91 * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
92 * having a the macro work as an expression by bundling an "err_instr". So;
93 *
94 * if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
95 * dsa->method_mont_p)) goto err;
96 *
97 * can be replaced by;
98 *
99 * DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
100 * dsa->method_mont_p);
101 */
102
103#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
104 do { \
105 int _tmp_res53; \
106 if((dsa)->meth->dsa_mod_exp) \
107 _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
108 (a2), (p2), (m), (ctx), (in_mont)); \
109 else \
110 _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
111 (m), (ctx), (in_mont)); \
112 if(!_tmp_res53) err_instr; \
113 } while(0)
114#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
115 do { \
116 int _tmp_res53; \
117 if((dsa)->meth->bn_mod_exp) \
118 _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
119 (m), (ctx), (m_ctx)); \
120 else \
121 _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
122 if(!_tmp_res53) err_instr; \
123 } while(0)
124
125const DSA_METHOD *DSA_OpenSSL(void) 95const DSA_METHOD *DSA_OpenSSL(void)
126{ 96{
127 return &openssl_dsa_meth; 97 return &openssl_dsa_meth;
@@ -229,12 +199,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
229 while (BN_is_zero(&k)); 199 while (BN_is_zero(&k));
230 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) 200 if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
231 { 201 {
232 BN_set_flags(&k, BN_FLG_CONSTTIME); 202 BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
233 } 203 }
234 204
235 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) 205 if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
236 { 206 {
237 if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, 207 if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
238 CRYPTO_LOCK_DSA, 208 CRYPTO_LOCK_DSA,
239 dsa->p, ctx)) 209 dsa->p, ctx))
240 goto err; 210 goto err;
@@ -264,8 +234,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
264 { 234 {
265 K = &k; 235 K = &k;
266 } 236 }
267 DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, 237 if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx,
268 dsa->method_mont_p); 238 (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
269 if (!BN_mod(r,r,dsa->q,ctx)) goto err; 239 if (!BN_mod(r,r,dsa->q,ctx)) goto err;
270 240
271 /* Compute part of 's = inv(k) (m + xr) mod q' */ 241 /* Compute part of 's = inv(k) (m + xr) mod q' */
@@ -322,14 +292,12 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
322 292
323 if ((ctx=BN_CTX_new()) == NULL) goto err; 293 if ((ctx=BN_CTX_new()) == NULL) goto err;
324 294
325 if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || 295 if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
326 BN_ucmp(sig->r, dsa->q) >= 0)
327 { 296 {
328 ret = 0; 297 ret = 0;
329 goto err; 298 goto err;
330 } 299 }
331 if (BN_is_zero(sig->s) || BN_is_negative(sig->s) || 300 if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
332 BN_ucmp(sig->s, dsa->q) >= 0)
333 { 301 {
334 ret = 0; 302 ret = 0;
335 goto err; 303 goto err;
@@ -351,25 +319,43 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
351 319
352 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) 320 if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
353 { 321 {
354 mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p, 322 mont = BN_MONT_CTX_set_locked(
323 (BN_MONT_CTX **)&dsa->method_mont_p,
355 CRYPTO_LOCK_DSA, dsa->p, ctx); 324 CRYPTO_LOCK_DSA, dsa->p, ctx);
356 if (!mont) 325 if (!mont)
357 goto err; 326 goto err;
358 } 327 }
359 328
360 329#if 0
361 DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont); 330 {
331 BIGNUM t2;
332
333 BN_init(&t2);
334 /* v = ( g^u1 * y^u2 mod p ) mod q */
335 /* let t1 = g ^ u1 mod p */
336 if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
337 /* let t2 = y ^ u2 mod p */
338 if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
339 /* let u1 = t1 * t2 mod p */
340 if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
341 BN_free(&t2);
342 }
343 /* let u1 = u1 mod q */
344 if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
345#else
346 {
347 if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
348 dsa->p,ctx,mont)) goto err;
362 /* BN_copy(&u1,&t1); */ 349 /* BN_copy(&u1,&t1); */
363 /* let u1 = u1 mod q */ 350 /* let u1 = u1 mod q */
364 if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; 351 if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
365 352 }
353#endif
366 /* V is now in u1. If the signature is correct, it will be 354 /* V is now in u1. If the signature is correct, it will be
367 * equal to R. */ 355 * equal to R. */
368 ret=(BN_ucmp(&u1, sig->r) == 0); 356 ret=(BN_ucmp(&u1, sig->r) == 0);
369 357
370 err: 358 err:
371 /* XXX: surely this is wrong - if ret is 0, it just didn't verify;
372 there is no error in BN. Test should be ret == -1 (Ben) */
373 if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); 359 if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
374 if (ctx != NULL) BN_CTX_free(ctx); 360 if (ctx != NULL) BN_CTX_free(ctx);
375 BN_free(&u1); 361 BN_free(&u1);
@@ -387,7 +373,21 @@ static int dsa_init(DSA *dsa)
387static int dsa_finish(DSA *dsa) 373static int dsa_finish(DSA *dsa)
388{ 374{
389 if(dsa->method_mont_p) 375 if(dsa->method_mont_p)
390 BN_MONT_CTX_free(dsa->method_mont_p); 376 BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
391 return(1); 377 return(1);
392} 378}
393 379
380static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
381 BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
382 BN_MONT_CTX *in_mont)
383{
384 return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
385}
386
387static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
388 const BIGNUM *m, BN_CTX *ctx,
389 BN_MONT_CTX *m_ctx)
390{
391 return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
392}
393#endif
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
index 89205026f0..37c65efb20 100644
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -64,9 +64,18 @@
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67#ifndef OPENSSL_NO_ENGINE
68#include <openssl/engine.h>
69#endif
70#include <openssl/fips.h>
67 71
68DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) 72DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
69 { 73 {
74#ifdef OPENSSL_FIPS
75 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
76 && !FIPS_dsa_check(dsa))
77 return NULL;
78#endif
70 return dsa->meth->dsa_do_sign(dgst, dlen, dsa); 79 return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
71 } 80 }
72 81
@@ -87,6 +96,11 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
87 96
88int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) 97int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
89 { 98 {
99#ifdef OPENSSL_FIPS
100 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
101 && !FIPS_dsa_check(dsa))
102 return 0;
103#endif
90 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); 104 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
91 } 105 }
92 106
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
index c4aeddd056..c9784bed48 100644
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -65,10 +65,19 @@
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67#include <openssl/asn1_mac.h> 67#include <openssl/asn1_mac.h>
68#ifndef OPENSSL_NO_ENGINE
69#include <openssl/engine.h>
70#endif
71#include <openssl/fips.h>
68 72
69int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, 73int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
70 DSA *dsa) 74 DSA *dsa)
71 { 75 {
76#ifdef OPENSSL_FIPS
77 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
78 && !FIPS_dsa_check(dsa))
79 return -1;
80#endif
72 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); 81 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
73 } 82 }
74 83
diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c
new file mode 100644
index 0000000000..1b6a1cca0f
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsagen.c
@@ -0,0 +1,111 @@
1/* crypto/dsa/dsagen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/dsa.h>
61
62#define TEST
63#define GENUINE_DSA
64
65#ifdef GENUINE_DSA
66#define LAST_VALUE 0xbd
67#else
68#define LAST_VALUE 0xd3
69#endif
70
71#ifdef TEST
72unsigned char seed[20]={
73 0xd5,0x01,0x4e,0x4b,
74 0x60,0xef,0x2b,0xa8,
75 0xb6,0x21,0x1b,0x40,
76 0x62,0xba,0x32,0x24,
77 0xe0,0x42,0x7d,LAST_VALUE};
78#endif
79
80int cb(int p, int n)
81 {
82 char c='*';
83
84 if (p == 0) c='.';
85 if (p == 1) c='+';
86 if (p == 2) c='*';
87 if (p == 3) c='\n';
88 printf("%c",c);
89 fflush(stdout);
90 }
91
92main()
93 {
94 int i;
95 BIGNUM *n;
96 BN_CTX *ctx;
97 unsigned char seed_buf[20];
98 DSA *dsa;
99 int counter,h;
100 BIO *bio_err=NULL;
101
102 if (bio_err == NULL)
103 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
104
105 memcpy(seed_buf,seed,20);
106 dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
107
108 if (dsa == NULL)
109 DSA_print(bio_err,dsa,0);
110 }
111
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c
new file mode 100644
index 0000000000..55a3756aff
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsatest.c
@@ -0,0 +1,251 @@
1/* crypto/dsa/dsatest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <sys/types.h>
63#include <sys/stat.h>
64
65#include "../e_os.h"
66
67#include <openssl/crypto.h>
68#include <openssl/rand.h>
69#include <openssl/bio.h>
70#include <openssl/err.h>
71
72#ifdef OPENSSL_NO_DSA
73int main(int argc, char *argv[])
74{
75 printf("No DSA support\n");
76 return(0);
77}
78#else
79#include <openssl/dsa.h>
80
81#ifdef OPENSSL_SYS_WIN16
82#define MS_CALLBACK _far _loadds
83#else
84#define MS_CALLBACK
85#endif
86
87static void MS_CALLBACK dsa_cb(int p, int n, void *arg);
88
89/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
90 * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
91static unsigned char seed[20]={
92 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
93 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
94 };
95
96static unsigned char out_p[]={
97 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
98 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
99 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
100 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
101 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
102 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
103 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
104 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
105 };
106
107static unsigned char out_q[]={
108 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
109 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
110 0xda,0xce,0x91,0x5f,
111 };
112
113static unsigned char out_g[]={
114 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
115 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
116 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
117 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
118 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
119 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
120 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
121 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
122 };
123
124static const unsigned char str1[]="12345678901234567890";
125
126static const char rnd_seed[] = "string to make the random number generator think it has entropy";
127
128static BIO *bio_err=NULL;
129
130int main(int argc, char **argv)
131 {
132 DSA *dsa=NULL;
133 int counter,ret=0,i,j;
134 unsigned char buf[256];
135 unsigned long h;
136 unsigned char sig[256];
137 unsigned int siglen;
138
139 if (bio_err == NULL)
140 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
141
142 CRYPTO_malloc_debug_init();
143 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
144 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
145
146 ERR_load_crypto_strings();
147 RAND_seed(rnd_seed, sizeof rnd_seed);
148
149 BIO_printf(bio_err,"test generation of DSA parameters\n");
150
151 dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
152
153 BIO_printf(bio_err,"seed\n");
154 for (i=0; i<20; i+=4)
155 {
156 BIO_printf(bio_err,"%02X%02X%02X%02X ",
157 seed[i],seed[i+1],seed[i+2],seed[i+3]);
158 }
159 BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
160
161 if (dsa == NULL) goto end;
162 DSA_print(bio_err,dsa,0);
163 if (counter != 105)
164 {
165 BIO_printf(bio_err,"counter should be 105\n");
166 goto end;
167 }
168 if (h != 2)
169 {
170 BIO_printf(bio_err,"h should be 2\n");
171 goto end;
172 }
173
174 i=BN_bn2bin(dsa->q,buf);
175 j=sizeof(out_q);
176 if ((i != j) || (memcmp(buf,out_q,i) != 0))
177 {
178 BIO_printf(bio_err,"q value is wrong\n");
179 goto end;
180 }
181
182 i=BN_bn2bin(dsa->p,buf);
183 j=sizeof(out_p);
184 if ((i != j) || (memcmp(buf,out_p,i) != 0))
185 {
186 BIO_printf(bio_err,"p value is wrong\n");
187 goto end;
188 }
189
190 i=BN_bn2bin(dsa->g,buf);
191 j=sizeof(out_g);
192 if ((i != j) || (memcmp(buf,out_g,i) != 0))
193 {
194 BIO_printf(bio_err,"g value is wrong\n");
195 goto end;
196 }
197
198 dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
199 DSA_generate_key(dsa);
200 DSA_sign(0, str1, 20, sig, &siglen, dsa);
201 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
202 ret=1;
203
204 dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
205 DSA_generate_key(dsa);
206 DSA_sign(0, str1, 20, sig, &siglen, dsa);
207 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
208 ret=1;
209
210end:
211 if (!ret)
212 ERR_print_errors(bio_err);
213 if (dsa != NULL) DSA_free(dsa);
214 CRYPTO_cleanup_all_ex_data();
215 ERR_remove_state(0);
216 ERR_free_strings();
217 CRYPTO_mem_leaks(bio_err);
218 if (bio_err != NULL)
219 {
220 BIO_free(bio_err);
221 bio_err = NULL;
222 }
223 EXIT(!ret);
224 return(0);
225 }
226
227static int cb_exit(int ec)
228 {
229 EXIT(ec);
230 return(0); /* To keep some compilers quiet */
231 }
232
233static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
234 {
235 char c='*';
236 static int ok=0,num=0;
237
238 if (p == 0) { c='.'; num++; };
239 if (p == 1) c='+';
240 if (p == 2) { c='*'; ok++; }
241 if (p == 3) c='\n';
242 BIO_write(arg,&c,1);
243 (void)BIO_flush(arg);
244
245 if (!ok && (p == 0) && (num > 1))
246 {
247 BIO_printf((BIO *)arg,"error in dsatest\n");
248 cb_exit(1);
249 }
250 }
251#endif
diff --git a/src/lib/libcrypto/dsa/fips186a.txt b/src/lib/libcrypto/dsa/fips186a.txt
new file mode 100644
index 0000000000..3a2e0a0d51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
1The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
2examples. This is an updated version that uses SHA-1 (FIPS 180-1)
3supplied to me by Wei Dai
4--
5 APPENDIX 5. EXAMPLE OF THE DSA
6
7
8This appendix is for informational purposes only and is not required to meet
9the standard.
10
11Let L = 512 (size of p). The values in this example are expressed in
12hexadecimal notation. The p and q given here were generated by the prime
13generation standard described in appendix 2 using the 160-bit SEED:
14
15 d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
16
17With this SEED, the algorithm found p and q when the counter was at 105.
18
19x was generated by the algorithm described in appendix 3, section 3.1, using
20the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
21
22XSEED =
23
24 bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
25
26t =
27 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
28
29x = G(t,XSEED) mod q
30
31k was generated by the algorithm described in appendix 3, section 3.2, using
32the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
33
34KSEED =
35
36 687a66d9 0648f993 867e121f 4ddf9ddb 01205584
37
38t =
39 EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
40
41k = G(t,KSEED) mod q
42
43Finally:
44
45h = 2
46
47p =
48 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
49 cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
50 49693dfb f83724c2 ec0736ee 31c80291
51
52
53q =
54 c773218c 737ec8ee 993b4f2d ed30f48e dace915f
55
56
57g =
58 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
59 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
60 c42e9f6f 464b088c c572af53 e6d78802
61
62
63x =
64 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
65
66
67k =
68 358dad57 1462710f 50e254cf 1a376b2b deaadfbf
69
70
71kinv =
72
73 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
74
75M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
76
77SHA(M) =
78
79 a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
80
81
82y =
83
84 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85
85 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
86 858fba33 f44c0669 9630a76b 030ee333
87
88
89r =
90 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
91
92s =
93 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
94
95
96w =
97 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
98
99
100u1 =
101 bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
102
103
104u2 =
105 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
106
107
108gu1 mod p =
109
110 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
111 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
112 6f96662a 1987a21b e4ec1071 010b6069
113
114
115yu2 mod p =
116
117 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
118 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67
119 c19441f4 22bf3c34 08aeba1f 0a4dbec7
120
121v =
122 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 23:13:41 +0000