diff options
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r-- | src/lib/libcrypto/dsa/Makefile | 187 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/Makefile.ssl | 171 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/README | 4 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa.h | 69 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_asn1.c | 96 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_err.c | 26 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_gen.c | 124 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_key.c | 4 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_lib.c | 49 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_ossl.c | 48 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_sign.c | 35 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_utl.c | 95 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsa_vrf.c | 37 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsagen.c | 111 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/dsatest.c | 260 | ||||
-rw-r--r-- | src/lib/libcrypto/dsa/fips186a.txt | 122 |
16 files changed, 1218 insertions, 220 deletions
diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile new file mode 100644 index 0000000000..2cc45cdc62 --- /dev/null +++ b/src/lib/libcrypto/dsa/Makefile | |||
@@ -0,0 +1,187 @@ | |||
1 | # | ||
2 | # OpenSSL/crypto/dsa/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= dsa | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= -I.. -I$(TOP) -I../../include | ||
9 | CFLAG=-g | ||
10 | MAKEFILE= Makefile | ||
11 | AR= ar r | ||
12 | |||
13 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
14 | |||
15 | GENERAL=Makefile | ||
16 | TEST=dsatest.c | ||
17 | APPS= | ||
18 | |||
19 | LIB=$(TOP)/libcrypto.a | ||
20 | LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ | ||
21 | dsa_err.c dsa_ossl.c dsa_depr.c dsa_utl.c | ||
22 | LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ | ||
23 | dsa_err.o dsa_ossl.o dsa_depr.o dsa_utl.o | ||
24 | |||
25 | SRC= $(LIBSRC) | ||
26 | |||
27 | EXHEADER= dsa.h | ||
28 | HEADER= $(EXHEADER) | ||
29 | |||
30 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
31 | |||
32 | top: | ||
33 | (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) | ||
34 | |||
35 | all: lib | ||
36 | |||
37 | lib: $(LIBOBJ) | ||
38 | $(ARX) $(LIB) $(LIBOBJ) | ||
39 | $(RANLIB) $(LIB) || echo Never mind. | ||
40 | @touch lib | ||
41 | |||
42 | files: | ||
43 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
44 | |||
45 | links: | ||
46 | @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) | ||
47 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) | ||
48 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) | ||
49 | |||
50 | install: | ||
51 | @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... | ||
52 | @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ | ||
53 | do \ | ||
54 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
55 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
56 | done; | ||
57 | |||
58 | tags: | ||
59 | ctags $(SRC) | ||
60 | |||
61 | tests: | ||
62 | |||
63 | lint: | ||
64 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
65 | |||
66 | depend: | ||
67 | @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile... | ||
68 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) | ||
69 | |||
70 | dclean: | ||
71 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
72 | mv -f Makefile.new $(MAKEFILE) | ||
73 | |||
74 | clean: | ||
75 | rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
76 | |||
77 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
78 | |||
79 | dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h | ||
80 | dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | ||
81 | dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
82 | dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | ||
83 | dsa_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
84 | dsa_asn1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
85 | dsa_asn1.o: ../../include/openssl/opensslconf.h | ||
86 | dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
87 | dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
88 | dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c | ||
89 | dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h | ||
90 | dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
91 | dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
92 | dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
93 | dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
94 | dsa_depr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
95 | dsa_depr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
96 | dsa_depr.o: ../../include/openssl/opensslconf.h | ||
97 | dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
98 | dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
99 | dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
100 | dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c | ||
101 | dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||
102 | dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
103 | dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
104 | dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
105 | dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | ||
106 | dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
107 | dsa_err.o: dsa_err.c | ||
108 | dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h | ||
109 | dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
110 | dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
111 | dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
112 | dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
113 | dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
114 | dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
115 | dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
116 | dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
117 | dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
118 | dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
119 | dsa_gen.o: ../cryptlib.h dsa_gen.c | ||
120 | dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
121 | dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
122 | dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
123 | dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
124 | dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
125 | dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
126 | dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
127 | dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c | ||
128 | dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h | ||
129 | dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
130 | dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
131 | dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
132 | dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
133 | dsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
134 | dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
135 | dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
136 | dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
137 | dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
138 | dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
139 | dsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | ||
140 | dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
141 | dsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
142 | dsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_lib.c | ||
143 | dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h | ||
144 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
145 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
146 | dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
147 | dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
148 | dsa_ossl.o: ../../include/openssl/opensslconf.h | ||
149 | dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
150 | dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
151 | dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
152 | dsa_ossl.o: ../cryptlib.h dsa_ossl.c | ||
153 | dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h | ||
154 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
155 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
156 | dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
157 | dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h | ||
158 | dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
159 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
160 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
161 | dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
162 | dsa_sign.o: ../cryptlib.h dsa_sign.c | ||
163 | dsa_utl.o: ../../e_os.h ../../include/openssl/asn1.h | ||
164 | dsa_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
165 | dsa_utl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
166 | dsa_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
167 | dsa_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
168 | dsa_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
169 | dsa_utl.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
170 | dsa_utl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
171 | dsa_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
172 | dsa_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
173 | dsa_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
174 | dsa_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | ||
175 | dsa_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
176 | dsa_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
177 | dsa_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_utl.c | ||
178 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h | ||
179 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | ||
180 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
181 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | ||
182 | dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
183 | dsa_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
184 | dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
185 | dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
186 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
187 | dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c | ||
diff --git a/src/lib/libcrypto/dsa/Makefile.ssl b/src/lib/libcrypto/dsa/Makefile.ssl new file mode 100644 index 0000000000..e5f8a8cf51 --- /dev/null +++ b/src/lib/libcrypto/dsa/Makefile.ssl | |||
@@ -0,0 +1,171 @@ | |||
1 | # | ||
2 | # SSLeay/crypto/dsa/Makefile | ||
3 | # | ||
4 | |||
5 | DIR= dsa | ||
6 | TOP= ../.. | ||
7 | CC= cc | ||
8 | INCLUDES= -I.. -I$(TOP) -I../../include | ||
9 | CFLAG=-g | ||
10 | INSTALL_PREFIX= | ||
11 | OPENSSLDIR= /usr/local/ssl | ||
12 | INSTALLTOP=/usr/local/ssl | ||
13 | MAKE= make -f Makefile.ssl | ||
14 | MAKEDEPPROG= makedepend | ||
15 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
16 | MAKEFILE= Makefile.ssl | ||
17 | AR= ar r | ||
18 | |||
19 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
20 | |||
21 | GENERAL=Makefile | ||
22 | TEST=dsatest.c | ||
23 | APPS= | ||
24 | |||
25 | LIB=$(TOP)/libcrypto.a | ||
26 | LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ | ||
27 | dsa_err.c dsa_ossl.c | ||
28 | LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ | ||
29 | dsa_err.o dsa_ossl.o | ||
30 | |||
31 | SRC= $(LIBSRC) | ||
32 | |||
33 | EXHEADER= dsa.h | ||
34 | HEADER= $(EXHEADER) | ||
35 | |||
36 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
37 | |||
38 | top: | ||
39 | (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) | ||
40 | |||
41 | all: lib | ||
42 | |||
43 | lib: $(LIBOBJ) | ||
44 | $(AR) $(LIB) $(LIBOBJ) | ||
45 | $(RANLIB) $(LIB) || echo Never mind. | ||
46 | @touch lib | ||
47 | |||
48 | files: | ||
49 | $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO | ||
50 | |||
51 | links: | ||
52 | @sh $(TOP)/util/point.sh Makefile.ssl Makefile | ||
53 | @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) | ||
54 | @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) | ||
55 | @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) | ||
56 | |||
57 | install: | ||
58 | @for i in $(EXHEADER) ; \ | ||
59 | do \ | ||
60 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
61 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
62 | done; | ||
63 | |||
64 | tags: | ||
65 | ctags $(SRC) | ||
66 | |||
67 | tests: | ||
68 | |||
69 | lint: | ||
70 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
71 | |||
72 | depend: | ||
73 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) | ||
74 | |||
75 | dclean: | ||
76 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
77 | mv -f Makefile.new $(MAKEFILE) | ||
78 | |||
79 | clean: | ||
80 | rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
81 | |||
82 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
83 | |||
84 | dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h | ||
85 | dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | ||
86 | dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
87 | dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
88 | dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
89 | dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
90 | dsa_asn1.o: ../../include/openssl/opensslconf.h | ||
91 | dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
92 | dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
93 | dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c | ||
94 | dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
95 | dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
96 | dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
97 | dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
98 | dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
99 | dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | ||
100 | dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
101 | dsa_err.o: dsa_err.c | ||
102 | dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h | ||
103 | dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
104 | dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | ||
105 | dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h | ||
106 | dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
107 | dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | ||
108 | dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
109 | dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
110 | dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | ||
111 | dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | ||
112 | dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | ||
113 | dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
114 | dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
115 | dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
116 | dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | ||
117 | dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | ||
118 | dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
119 | dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
120 | dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
121 | dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c | ||
122 | dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
123 | dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
124 | dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
125 | dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
126 | dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
127 | dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
128 | dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
129 | dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
130 | dsa_key.o: ../cryptlib.h dsa_key.c | ||
131 | dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h | ||
132 | dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
133 | dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
134 | dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
135 | dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | ||
136 | dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
137 | dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
138 | dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
139 | dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
140 | dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
141 | dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c | ||
142 | dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h | ||
143 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
144 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
145 | dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
146 | dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
147 | dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
148 | dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
149 | dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
150 | dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
151 | dsa_ossl.o: ../cryptlib.h dsa_ossl.c | ||
152 | dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h | ||
153 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
154 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
155 | dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
156 | dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
157 | dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
158 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
159 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
160 | dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
161 | dsa_sign.o: ../cryptlib.h dsa_sign.c | ||
162 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h | ||
163 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | ||
164 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
165 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
166 | dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
167 | dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | ||
168 | dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
169 | dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
170 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
171 | dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c | ||
diff --git a/src/lib/libcrypto/dsa/README b/src/lib/libcrypto/dsa/README new file mode 100644 index 0000000000..6a7e9c170a --- /dev/null +++ b/src/lib/libcrypto/dsa/README | |||
@@ -0,0 +1,4 @@ | |||
1 | The stuff in here is based on patches supplied to me by | ||
2 | Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS. | ||
3 | I have since modified a them a little but a debt of gratitude | ||
4 | is due for doing the initial work. | ||
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h index ac50a5c846..702c50d6dc 100644 --- a/src/lib/libcrypto/dsa/dsa.h +++ b/src/lib/libcrypto/dsa/dsa.h | |||
@@ -88,6 +88,8 @@ | |||
88 | # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 | 88 | # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 |
89 | #endif | 89 | #endif |
90 | 90 | ||
91 | #define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 | ||
92 | |||
91 | #define DSA_FLAG_CACHE_MONT_P 0x01 | 93 | #define DSA_FLAG_CACHE_MONT_P 0x01 |
92 | #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA | 94 | #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA |
93 | * implementation now uses constant time | 95 | * implementation now uses constant time |
@@ -97,6 +99,25 @@ | |||
97 | * be used for all exponents. | 99 | * be used for all exponents. |
98 | */ | 100 | */ |
99 | 101 | ||
102 | /* If this flag is set the DSA method is FIPS compliant and can be used | ||
103 | * in FIPS mode. This is set in the validated module method. If an | ||
104 | * application sets this flag in its own methods it is its reposibility | ||
105 | * to ensure the result is compliant. | ||
106 | */ | ||
107 | |||
108 | #define DSA_FLAG_FIPS_METHOD 0x0400 | ||
109 | |||
110 | /* If this flag is set the operations normally disabled in FIPS mode are | ||
111 | * permitted it is then the applications responsibility to ensure that the | ||
112 | * usage is compliant. | ||
113 | */ | ||
114 | |||
115 | #define DSA_FLAG_NON_FIPS_ALLOW 0x0400 | ||
116 | |||
117 | #ifdef OPENSSL_FIPS | ||
118 | #define FIPS_DSA_SIZE_T int | ||
119 | #endif | ||
120 | |||
100 | #ifdef __cplusplus | 121 | #ifdef __cplusplus |
101 | extern "C" { | 122 | extern "C" { |
102 | #endif | 123 | #endif |
@@ -118,7 +139,7 @@ struct dsa_method | |||
118 | int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, | 139 | int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, |
119 | BIGNUM **rp); | 140 | BIGNUM **rp); |
120 | int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, | 141 | int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, |
121 | DSA_SIG *sig, DSA *dsa); | 142 | DSA_SIG *sig, DSA *dsa); |
122 | int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, | 143 | int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, |
123 | BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, | 144 | BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, |
124 | BN_MONT_CTX *in_mont); | 145 | BN_MONT_CTX *in_mont); |
@@ -131,7 +152,7 @@ struct dsa_method | |||
131 | char *app_data; | 152 | char *app_data; |
132 | /* If this is non-NULL, it is used to generate DSA parameters */ | 153 | /* If this is non-NULL, it is used to generate DSA parameters */ |
133 | int (*dsa_paramgen)(DSA *dsa, int bits, | 154 | int (*dsa_paramgen)(DSA *dsa, int bits, |
134 | const unsigned char *seed, int seed_len, | 155 | unsigned char *seed, int seed_len, |
135 | int *counter_ret, unsigned long *h_ret, | 156 | int *counter_ret, unsigned long *h_ret, |
136 | BN_GENCB *cb); | 157 | BN_GENCB *cb); |
137 | /* If this is non-NULL, it is used to generate DSA keys */ | 158 | /* If this is non-NULL, it is used to generate DSA keys */ |
@@ -165,6 +186,7 @@ struct dsa_st | |||
165 | ENGINE *engine; | 186 | ENGINE *engine; |
166 | }; | 187 | }; |
167 | 188 | ||
189 | #define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x) | ||
168 | #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ | 190 | #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ |
169 | (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) | 191 | (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) |
170 | #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ | 192 | #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ |
@@ -173,7 +195,6 @@ struct dsa_st | |||
173 | #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) | 195 | #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x) |
174 | 196 | ||
175 | 197 | ||
176 | DSA *DSAparams_dup(DSA *x); | ||
177 | DSA_SIG * DSA_SIG_new(void); | 198 | DSA_SIG * DSA_SIG_new(void); |
178 | void DSA_SIG_free(DSA_SIG *a); | 199 | void DSA_SIG_free(DSA_SIG *a); |
179 | int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); | 200 | int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); |
@@ -189,6 +210,11 @@ void DSA_set_default_method(const DSA_METHOD *); | |||
189 | const DSA_METHOD *DSA_get_default_method(void); | 210 | const DSA_METHOD *DSA_get_default_method(void); |
190 | int DSA_set_method(DSA *dsa, const DSA_METHOD *); | 211 | int DSA_set_method(DSA *dsa, const DSA_METHOD *); |
191 | 212 | ||
213 | #ifdef OPENSSL_FIPS | ||
214 | DSA * FIPS_dsa_new(void); | ||
215 | void FIPS_dsa_free (DSA *r); | ||
216 | #endif | ||
217 | |||
192 | DSA * DSA_new(void); | 218 | DSA * DSA_new(void); |
193 | DSA * DSA_new_method(ENGINE *engine); | 219 | DSA * DSA_new_method(ENGINE *engine); |
194 | void DSA_free (DSA *r); | 220 | void DSA_free (DSA *r); |
@@ -220,7 +246,7 @@ DSA * DSA_generate_parameters(int bits, | |||
220 | 246 | ||
221 | /* New version */ | 247 | /* New version */ |
222 | int DSA_generate_parameters_ex(DSA *dsa, int bits, | 248 | int DSA_generate_parameters_ex(DSA *dsa, int bits, |
223 | const unsigned char *seed,int seed_len, | 249 | unsigned char *seed,int seed_len, |
224 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); | 250 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); |
225 | 251 | ||
226 | int DSA_generate_key(DSA *a); | 252 | int DSA_generate_key(DSA *a); |
@@ -249,13 +275,10 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off); | |||
249 | DH *DSA_dup_DH(const DSA *r); | 275 | DH *DSA_dup_DH(const DSA *r); |
250 | #endif | 276 | #endif |
251 | 277 | ||
252 | #define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ | 278 | #ifdef OPENSSL_FIPS |
253 | EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ | 279 | int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig); |
254 | EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) | 280 | int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen); |
255 | 281 | #endif | |
256 | #define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1) | ||
257 | #define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2) | ||
258 | #define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3) | ||
259 | 282 | ||
260 | /* BEGIN ERROR CODES */ | 283 | /* BEGIN ERROR CODES */ |
261 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 284 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
@@ -267,39 +290,33 @@ void ERR_load_DSA_strings(void); | |||
267 | 290 | ||
268 | /* Function codes. */ | 291 | /* Function codes. */ |
269 | #define DSA_F_D2I_DSA_SIG 110 | 292 | #define DSA_F_D2I_DSA_SIG 110 |
270 | #define DSA_F_DO_DSA_PRINT 104 | ||
271 | #define DSA_F_DSAPARAMS_PRINT 100 | 293 | #define DSA_F_DSAPARAMS_PRINT 100 |
272 | #define DSA_F_DSAPARAMS_PRINT_FP 101 | 294 | #define DSA_F_DSAPARAMS_PRINT_FP 101 |
295 | #define DSA_F_DSA_BUILTIN_KEYGEN 119 | ||
296 | #define DSA_F_DSA_BUILTIN_PARAMGEN 118 | ||
273 | #define DSA_F_DSA_DO_SIGN 112 | 297 | #define DSA_F_DSA_DO_SIGN 112 |
274 | #define DSA_F_DSA_DO_VERIFY 113 | 298 | #define DSA_F_DSA_DO_VERIFY 113 |
299 | #define DSA_F_DSA_GENERATE_PARAMETERS 117 | ||
275 | #define DSA_F_DSA_NEW_METHOD 103 | 300 | #define DSA_F_DSA_NEW_METHOD 103 |
276 | #define DSA_F_DSA_PARAM_DECODE 119 | 301 | #define DSA_F_DSA_PRINT 104 |
277 | #define DSA_F_DSA_PRINT_FP 105 | 302 | #define DSA_F_DSA_PRINT_FP 105 |
278 | #define DSA_F_DSA_PRIV_DECODE 115 | 303 | #define DSA_F_DSA_SET_DEFAULT_METHOD 115 |
279 | #define DSA_F_DSA_PRIV_ENCODE 116 | 304 | #define DSA_F_DSA_SET_METHOD 116 |
280 | #define DSA_F_DSA_PUB_DECODE 117 | ||
281 | #define DSA_F_DSA_PUB_ENCODE 118 | ||
282 | #define DSA_F_DSA_SIGN 106 | 305 | #define DSA_F_DSA_SIGN 106 |
283 | #define DSA_F_DSA_SIGN_SETUP 107 | 306 | #define DSA_F_DSA_SIGN_SETUP 107 |
284 | #define DSA_F_DSA_SIG_NEW 109 | 307 | #define DSA_F_DSA_SIG_NEW 109 |
285 | #define DSA_F_DSA_VERIFY 108 | 308 | #define DSA_F_DSA_VERIFY 108 |
286 | #define DSA_F_I2D_DSA_SIG 111 | 309 | #define DSA_F_I2D_DSA_SIG 111 |
287 | #define DSA_F_OLD_DSA_PRIV_DECODE 122 | ||
288 | #define DSA_F_PKEY_DSA_CTRL 120 | ||
289 | #define DSA_F_PKEY_DSA_KEYGEN 121 | ||
290 | #define DSA_F_SIG_CB 114 | 310 | #define DSA_F_SIG_CB 114 |
291 | 311 | ||
292 | /* Reason codes. */ | 312 | /* Reason codes. */ |
293 | #define DSA_R_BAD_Q_VALUE 102 | 313 | #define DSA_R_BAD_Q_VALUE 102 |
294 | #define DSA_R_BN_DECODE_ERROR 108 | ||
295 | #define DSA_R_BN_ERROR 109 | ||
296 | #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 | 314 | #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 |
297 | #define DSA_R_DECODE_ERROR 104 | 315 | #define DSA_R_KEY_SIZE_TOO_SMALL 106 |
298 | #define DSA_R_INVALID_DIGEST_TYPE 106 | ||
299 | #define DSA_R_MISSING_PARAMETERS 101 | 316 | #define DSA_R_MISSING_PARAMETERS 101 |
300 | #define DSA_R_MODULUS_TOO_LARGE 103 | 317 | #define DSA_R_MODULUS_TOO_LARGE 103 |
301 | #define DSA_R_NO_PARAMETERS_SET 107 | 318 | #define DSA_R_NON_FIPS_METHOD 104 |
302 | #define DSA_R_PARAMETER_ENCODING_ERROR 105 | 319 | #define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105 |
303 | 320 | ||
304 | #ifdef __cplusplus | 321 | #ifdef __cplusplus |
305 | } | 322 | } |
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c index c37460b2d6..0645facb4b 100644 --- a/src/lib/libcrypto/dsa/dsa_asn1.c +++ b/src/lib/libcrypto/dsa/dsa_asn1.c | |||
@@ -3,7 +3,7 @@ | |||
3 | * project 2000. | 3 | * project 2000. |
4 | */ | 4 | */ |
5 | /* ==================================================================== | 5 | /* ==================================================================== |
6 | * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 2000 The OpenSSL Project. All rights reserved. |
7 | * | 7 | * |
8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
@@ -61,23 +61,24 @@ | |||
61 | #include <openssl/dsa.h> | 61 | #include <openssl/dsa.h> |
62 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
63 | #include <openssl/asn1t.h> | 63 | #include <openssl/asn1t.h> |
64 | #include <openssl/bn.h> | ||
65 | #ifdef OPENSSL_FIPS | ||
66 | #include <openssl/fips.h> | ||
67 | #endif | ||
68 | |||
64 | 69 | ||
65 | /* Override the default new methods */ | 70 | /* Override the default new methods */ |
66 | static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, | 71 | static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) |
67 | void *exarg) | ||
68 | { | 72 | { |
69 | if(operation == ASN1_OP_NEW_PRE) { | 73 | if(operation == ASN1_OP_NEW_PRE) { |
70 | DSA_SIG *sig; | 74 | DSA_SIG *sig; |
71 | sig = OPENSSL_malloc(sizeof(DSA_SIG)); | 75 | sig = OPENSSL_malloc(sizeof(DSA_SIG)); |
72 | if (!sig) | ||
73 | { | ||
74 | DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); | ||
75 | return 0; | ||
76 | } | ||
77 | sig->r = NULL; | 76 | sig->r = NULL; |
78 | sig->s = NULL; | 77 | sig->s = NULL; |
79 | *pval = (ASN1_VALUE *)sig; | 78 | *pval = (ASN1_VALUE *)sig; |
80 | return 2; | 79 | if(sig) return 2; |
80 | DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); | ||
81 | return 0; | ||
81 | } | 82 | } |
82 | return 1; | 83 | return 1; |
83 | } | 84 | } |
@@ -87,11 +88,10 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { | |||
87 | ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) | 88 | ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) |
88 | } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) | 89 | } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) |
89 | 90 | ||
90 | IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) | 91 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) |
91 | 92 | ||
92 | /* Override the default free and new methods */ | 93 | /* Override the default free and new methods */ |
93 | static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, | 94 | static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) |
94 | void *exarg) | ||
95 | { | 95 | { |
96 | if(operation == ASN1_OP_NEW_PRE) { | 96 | if(operation == ASN1_OP_NEW_PRE) { |
97 | *pval = (ASN1_VALUE *)DSA_new(); | 97 | *pval = (ASN1_VALUE *)DSA_new(); |
@@ -144,7 +144,75 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { | |||
144 | 144 | ||
145 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) | 145 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) |
146 | 146 | ||
147 | DSA *DSAparams_dup(DSA *dsa) | 147 | int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, |
148 | unsigned int *siglen, DSA *dsa) | ||
149 | { | ||
150 | DSA_SIG *s; | ||
151 | #ifdef OPENSSL_FIPS | ||
152 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
153 | { | ||
154 | DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
155 | return 0; | ||
156 | } | ||
157 | #endif | ||
158 | s=DSA_do_sign(dgst,dlen,dsa); | ||
159 | if (s == NULL) | ||
160 | { | ||
161 | *siglen=0; | ||
162 | return(0); | ||
163 | } | ||
164 | *siglen=i2d_DSA_SIG(s,&sig); | ||
165 | DSA_SIG_free(s); | ||
166 | return(1); | ||
167 | } | ||
168 | |||
169 | int DSA_size(const DSA *r) | ||
170 | { | ||
171 | int ret,i; | ||
172 | ASN1_INTEGER bs; | ||
173 | unsigned char buf[4]; /* 4 bytes looks really small. | ||
174 | However, i2d_ASN1_INTEGER() will not look | ||
175 | beyond the first byte, as long as the second | ||
176 | parameter is NULL. */ | ||
177 | |||
178 | i=BN_num_bits(r->q); | ||
179 | bs.length=(i+7)/8; | ||
180 | bs.data=buf; | ||
181 | bs.type=V_ASN1_INTEGER; | ||
182 | /* If the top bit is set the asn1 encoding is 1 larger. */ | ||
183 | buf[0]=0xff; | ||
184 | |||
185 | i=i2d_ASN1_INTEGER(&bs,NULL); | ||
186 | i+=i; /* r and s */ | ||
187 | ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | ||
188 | return(ret); | ||
189 | } | ||
190 | |||
191 | /* data has already been hashed (probably with SHA or SHA-1). */ | ||
192 | /* returns | ||
193 | * 1: correct signature | ||
194 | * 0: incorrect signature | ||
195 | * -1: error | ||
196 | */ | ||
197 | int DSA_verify(int type, const unsigned char *dgst, int dgst_len, | ||
198 | const unsigned char *sigbuf, int siglen, DSA *dsa) | ||
148 | { | 199 | { |
149 | return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa); | 200 | DSA_SIG *s; |
201 | int ret=-1; | ||
202 | #ifdef OPENSSL_FIPS | ||
203 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
204 | { | ||
205 | DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
206 | return 0; | ||
207 | } | ||
208 | #endif | ||
209 | |||
210 | s = DSA_SIG_new(); | ||
211 | if (s == NULL) return(ret); | ||
212 | if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; | ||
213 | ret=DSA_do_verify(dgst,dgst_len,s,dsa); | ||
214 | err: | ||
215 | DSA_SIG_free(s); | ||
216 | return(ret); | ||
150 | } | 217 | } |
218 | |||
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c index bba984e92e..872839af94 100644 --- a/src/lib/libcrypto/dsa/dsa_err.c +++ b/src/lib/libcrypto/dsa/dsa_err.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* crypto/dsa/dsa_err.c */ | 1 | /* crypto/dsa/dsa_err.c */ |
2 | /* ==================================================================== | 2 | /* ==================================================================== |
3 | * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
4 | * | 4 | * |
5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
@@ -71,26 +71,23 @@ | |||
71 | static ERR_STRING_DATA DSA_str_functs[]= | 71 | static ERR_STRING_DATA DSA_str_functs[]= |
72 | { | 72 | { |
73 | {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, | 73 | {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, |
74 | {ERR_FUNC(DSA_F_DO_DSA_PRINT), "DO_DSA_PRINT"}, | ||
75 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, | 74 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, |
76 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, | 75 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, |
76 | {ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"}, | ||
77 | {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, | ||
77 | {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, | 78 | {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, |
78 | {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, | 79 | {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, |
80 | {ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"}, | ||
79 | {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, | 81 | {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, |
80 | {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"}, | 82 | {ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, |
81 | {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, | 83 | {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, |
82 | {ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "DSA_PRIV_DECODE"}, | 84 | {ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD), "DSA_set_default_method"}, |
83 | {ERR_FUNC(DSA_F_DSA_PRIV_ENCODE), "DSA_PRIV_ENCODE"}, | 85 | {ERR_FUNC(DSA_F_DSA_SET_METHOD), "DSA_set_method"}, |
84 | {ERR_FUNC(DSA_F_DSA_PUB_DECODE), "DSA_PUB_DECODE"}, | ||
85 | {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "DSA_PUB_ENCODE"}, | ||
86 | {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, | 86 | {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, |
87 | {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, | 87 | {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, |
88 | {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, | 88 | {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, |
89 | {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"}, | 89 | {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"}, |
90 | {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"}, | 90 | {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"}, |
91 | {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"}, | ||
92 | {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "PKEY_DSA_CTRL"}, | ||
93 | {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "PKEY_DSA_KEYGEN"}, | ||
94 | {ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"}, | 91 | {ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"}, |
95 | {0,NULL} | 92 | {0,NULL} |
96 | }; | 93 | }; |
@@ -98,15 +95,12 @@ static ERR_STRING_DATA DSA_str_functs[]= | |||
98 | static ERR_STRING_DATA DSA_str_reasons[]= | 95 | static ERR_STRING_DATA DSA_str_reasons[]= |
99 | { | 96 | { |
100 | {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, | 97 | {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, |
101 | {ERR_REASON(DSA_R_BN_DECODE_ERROR) ,"bn decode error"}, | ||
102 | {ERR_REASON(DSA_R_BN_ERROR) ,"bn error"}, | ||
103 | {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, | 98 | {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, |
104 | {ERR_REASON(DSA_R_DECODE_ERROR) ,"decode error"}, | 99 | {ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, |
105 | {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, | ||
106 | {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, | 100 | {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, |
107 | {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 101 | {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
108 | {ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"}, | 102 | {ERR_REASON(DSA_R_NON_FIPS_METHOD) ,"non fips method"}, |
109 | {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, | 103 | {ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, |
110 | {0,NULL} | 104 | {0,NULL} |
111 | }; | 105 | }; |
112 | 106 | ||
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index 0fcd25f8b0..6f1728e3cf 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c | |||
@@ -74,88 +74,69 @@ | |||
74 | #ifndef OPENSSL_NO_SHA | 74 | #ifndef OPENSSL_NO_SHA |
75 | 75 | ||
76 | #include <stdio.h> | 76 | #include <stdio.h> |
77 | #include <time.h> | ||
77 | #include "cryptlib.h" | 78 | #include "cryptlib.h" |
78 | #include <openssl/evp.h> | 79 | #include <openssl/evp.h> |
79 | #include <openssl/bn.h> | 80 | #include <openssl/bn.h> |
81 | #include <openssl/dsa.h> | ||
80 | #include <openssl/rand.h> | 82 | #include <openssl/rand.h> |
81 | #include <openssl/sha.h> | 83 | #include <openssl/sha.h> |
82 | #include "dsa_locl.h" | 84 | |
85 | #ifndef OPENSSL_FIPS | ||
86 | |||
87 | static int dsa_builtin_paramgen(DSA *ret, int bits, | ||
88 | unsigned char *seed_in, int seed_len, | ||
89 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); | ||
83 | 90 | ||
84 | int DSA_generate_parameters_ex(DSA *ret, int bits, | 91 | int DSA_generate_parameters_ex(DSA *ret, int bits, |
85 | const unsigned char *seed_in, int seed_len, | 92 | unsigned char *seed_in, int seed_len, |
86 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) | 93 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) |
87 | { | 94 | { |
88 | if(ret->meth->dsa_paramgen) | 95 | if(ret->meth->dsa_paramgen) |
89 | return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, | 96 | return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, |
90 | counter_ret, h_ret, cb); | 97 | counter_ret, h_ret, cb); |
91 | else | 98 | return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, |
92 | { | 99 | counter_ret, h_ret, cb); |
93 | const EVP_MD *evpmd; | ||
94 | size_t qbits = bits >= 2048 ? 256 : 160; | ||
95 | |||
96 | if (bits >= 2048) | ||
97 | { | ||
98 | qbits = 256; | ||
99 | evpmd = EVP_sha256(); | ||
100 | } | ||
101 | else | ||
102 | { | ||
103 | qbits = 160; | ||
104 | evpmd = EVP_sha1(); | ||
105 | } | ||
106 | |||
107 | return dsa_builtin_paramgen(ret, bits, qbits, evpmd, | ||
108 | seed_in, seed_len, counter_ret, h_ret, cb); | ||
109 | } | ||
110 | } | 100 | } |
111 | 101 | ||
112 | int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | 102 | static int dsa_builtin_paramgen(DSA *ret, int bits, |
113 | const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, | 103 | unsigned char *seed_in, int seed_len, |
114 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) | 104 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) |
115 | { | 105 | { |
116 | int ok=0; | 106 | int ok=0; |
117 | unsigned char seed[SHA256_DIGEST_LENGTH]; | 107 | unsigned char seed[SHA_DIGEST_LENGTH]; |
118 | unsigned char md[SHA256_DIGEST_LENGTH]; | 108 | unsigned char md[SHA_DIGEST_LENGTH]; |
119 | unsigned char buf[SHA256_DIGEST_LENGTH],buf2[SHA256_DIGEST_LENGTH]; | 109 | unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; |
120 | BIGNUM *r0,*W,*X,*c,*test; | 110 | BIGNUM *r0,*W,*X,*c,*test; |
121 | BIGNUM *g=NULL,*q=NULL,*p=NULL; | 111 | BIGNUM *g=NULL,*q=NULL,*p=NULL; |
122 | BN_MONT_CTX *mont=NULL; | 112 | BN_MONT_CTX *mont=NULL; |
123 | int i, k,n=0,b,m=0, qsize = qbits >> 3; | 113 | int k,n=0,i,b,m=0; |
124 | int counter=0; | 114 | int counter=0; |
125 | int r=0; | 115 | int r=0; |
126 | BN_CTX *ctx=NULL; | 116 | BN_CTX *ctx=NULL; |
127 | unsigned int h=2; | 117 | unsigned int h=2; |
128 | 118 | ||
129 | if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH && | 119 | if (bits < 512) bits=512; |
130 | qsize != SHA256_DIGEST_LENGTH) | 120 | bits=(bits+63)/64*64; |
131 | /* invalid q size */ | ||
132 | return 0; | ||
133 | |||
134 | if (evpmd == NULL) | ||
135 | /* use SHA1 as default */ | ||
136 | evpmd = EVP_sha1(); | ||
137 | |||
138 | if (bits < 512) | ||
139 | bits = 512; | ||
140 | |||
141 | bits = (bits+63)/64*64; | ||
142 | 121 | ||
143 | /* NB: seed_len == 0 is special case: copy generated seed to | 122 | /* NB: seed_len == 0 is special case: copy generated seed to |
144 | * seed_in if it is not NULL. | 123 | * seed_in if it is not NULL. |
145 | */ | 124 | */ |
146 | if (seed_len && (seed_len < (size_t)qsize)) | 125 | if (seed_len && (seed_len < 20)) |
147 | seed_in = NULL; /* seed buffer too small -- ignore */ | 126 | seed_in = NULL; /* seed buffer too small -- ignore */ |
148 | if (seed_len > (size_t)qsize) | 127 | if (seed_len > 20) |
149 | seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED, | 128 | seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, |
150 | * but our internal buffers are restricted to 160 bits*/ | 129 | * but our internal buffers are restricted to 160 bits*/ |
151 | if (seed_in != NULL) | 130 | if ((seed_in != NULL) && (seed_len == 20)) |
152 | memcpy(seed, seed_in, seed_len); | 131 | { |
153 | 132 | memcpy(seed,seed_in,seed_len); | |
154 | if ((ctx=BN_CTX_new()) == NULL) | 133 | /* set seed_in to NULL to avoid it being copied back */ |
155 | goto err; | 134 | seed_in = NULL; |
135 | } | ||
156 | 136 | ||
157 | if ((mont=BN_MONT_CTX_new()) == NULL) | 137 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
158 | goto err; | 138 | |
139 | if ((mont=BN_MONT_CTX_new()) == NULL) goto err; | ||
159 | 140 | ||
160 | BN_CTX_start(ctx); | 141 | BN_CTX_start(ctx); |
161 | r0 = BN_CTX_get(ctx); | 142 | r0 = BN_CTX_get(ctx); |
@@ -182,7 +163,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | |||
182 | 163 | ||
183 | if (!seed_len) | 164 | if (!seed_len) |
184 | { | 165 | { |
185 | RAND_pseudo_bytes(seed, qsize); | 166 | RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH); |
186 | seed_is_random = 1; | 167 | seed_is_random = 1; |
187 | } | 168 | } |
188 | else | 169 | else |
@@ -190,27 +171,25 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | |||
190 | seed_is_random = 0; | 171 | seed_is_random = 0; |
191 | seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ | 172 | seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ |
192 | } | 173 | } |
193 | memcpy(buf , seed, qsize); | 174 | memcpy(buf,seed,SHA_DIGEST_LENGTH); |
194 | memcpy(buf2, seed, qsize); | 175 | memcpy(buf2,seed,SHA_DIGEST_LENGTH); |
195 | /* precompute "SEED + 1" for step 7: */ | 176 | /* precompute "SEED + 1" for step 7: */ |
196 | for (i = qsize-1; i >= 0; i--) | 177 | for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) |
197 | { | 178 | { |
198 | buf[i]++; | 179 | buf[i]++; |
199 | if (buf[i] != 0) | 180 | if (buf[i] != 0) break; |
200 | break; | ||
201 | } | 181 | } |
202 | 182 | ||
203 | /* step 2 */ | 183 | /* step 2 */ |
204 | EVP_Digest(seed, qsize, md, NULL, evpmd, NULL); | 184 | EVP_Digest(seed,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); |
205 | EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL); | 185 | EVP_Digest(buf,SHA_DIGEST_LENGTH,buf2,NULL,HASH, NULL); |
206 | for (i = 0; i < qsize; i++) | 186 | for (i=0; i<SHA_DIGEST_LENGTH; i++) |
207 | md[i]^=buf2[i]; | 187 | md[i]^=buf2[i]; |
208 | 188 | ||
209 | /* step 3 */ | 189 | /* step 3 */ |
210 | md[0] |= 0x80; | 190 | md[0]|=0x80; |
211 | md[qsize-1] |= 0x01; | 191 | md[SHA_DIGEST_LENGTH-1]|=0x01; |
212 | if (!BN_bin2bn(md, qsize, q)) | 192 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; |
213 | goto err; | ||
214 | 193 | ||
215 | /* step 4 */ | 194 | /* step 4 */ |
216 | r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, | 195 | r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, |
@@ -245,19 +224,18 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, | |||
245 | for (k=0; k<=n; k++) | 224 | for (k=0; k<=n; k++) |
246 | { | 225 | { |
247 | /* obtain "SEED + offset + k" by incrementing: */ | 226 | /* obtain "SEED + offset + k" by incrementing: */ |
248 | for (i = qsize-1; i >= 0; i--) | 227 | for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) |
249 | { | 228 | { |
250 | buf[i]++; | 229 | buf[i]++; |
251 | if (buf[i] != 0) | 230 | if (buf[i] != 0) break; |
252 | break; | ||
253 | } | 231 | } |
254 | 232 | ||
255 | EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL); | 233 | EVP_Digest(buf,SHA_DIGEST_LENGTH,md,NULL,HASH, NULL); |
256 | 234 | ||
257 | /* step 8 */ | 235 | /* step 8 */ |
258 | if (!BN_bin2bn(md, qsize, r0)) | 236 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) |
259 | goto err; | 237 | goto err; |
260 | if (!BN_lshift(r0,r0,(qsize << 3)*k)) goto err; | 238 | if (!BN_lshift(r0,r0,160*k)) goto err; |
261 | if (!BN_add(W,W,r0)) goto err; | 239 | if (!BN_add(W,W,r0)) goto err; |
262 | } | 240 | } |
263 | 241 | ||
@@ -331,6 +309,7 @@ err: | |||
331 | ok=0; | 309 | ok=0; |
332 | goto err; | 310 | goto err; |
333 | } | 311 | } |
312 | if (seed_in != NULL) memcpy(seed_in,seed,20); | ||
334 | if (counter_ret != NULL) *counter_ret=counter; | 313 | if (counter_ret != NULL) *counter_ret=counter; |
335 | if (h_ret != NULL) *h_ret=h; | 314 | if (h_ret != NULL) *h_ret=h; |
336 | } | 315 | } |
@@ -343,3 +322,4 @@ err: | |||
343 | return ok; | 322 | return ok; |
344 | } | 323 | } |
345 | #endif | 324 | #endif |
325 | #endif | ||
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c index c4aa86bc6d..5e39124230 100644 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ b/src/lib/libcrypto/dsa/dsa_key.c | |||
@@ -64,6 +64,8 @@ | |||
64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
66 | 66 | ||
67 | #ifndef OPENSSL_FIPS | ||
68 | |||
67 | static int dsa_builtin_keygen(DSA *dsa); | 69 | static int dsa_builtin_keygen(DSA *dsa); |
68 | 70 | ||
69 | int DSA_generate_key(DSA *dsa) | 71 | int DSA_generate_key(DSA *dsa) |
@@ -126,3 +128,5 @@ err: | |||
126 | return(ok); | 128 | return(ok); |
127 | } | 129 | } |
128 | #endif | 130 | #endif |
131 | |||
132 | #endif | ||
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c index e9b75902db..7ac9dc8c89 100644 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ b/src/lib/libcrypto/dsa/dsa_lib.c | |||
@@ -76,6 +76,14 @@ static const DSA_METHOD *default_DSA_method = NULL; | |||
76 | 76 | ||
77 | void DSA_set_default_method(const DSA_METHOD *meth) | 77 | void DSA_set_default_method(const DSA_METHOD *meth) |
78 | { | 78 | { |
79 | #ifdef OPENSSL_FIPS | ||
80 | if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) | ||
81 | { | ||
82 | DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD); | ||
83 | return; | ||
84 | } | ||
85 | #endif | ||
86 | |||
79 | default_DSA_method = meth; | 87 | default_DSA_method = meth; |
80 | } | 88 | } |
81 | 89 | ||
@@ -96,6 +104,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) | |||
96 | /* NB: The caller is specifically setting a method, so it's not up to us | 104 | /* NB: The caller is specifically setting a method, so it's not up to us |
97 | * to deal with which ENGINE it comes from. */ | 105 | * to deal with which ENGINE it comes from. */ |
98 | const DSA_METHOD *mtmp; | 106 | const DSA_METHOD *mtmp; |
107 | #ifdef OPENSSL_FIPS | ||
108 | if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) | ||
109 | { | ||
110 | DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD); | ||
111 | return 0; | ||
112 | } | ||
113 | #endif | ||
99 | mtmp = dsa->meth; | 114 | mtmp = dsa->meth; |
100 | if (mtmp->finish) mtmp->finish(dsa); | 115 | if (mtmp->finish) mtmp->finish(dsa); |
101 | #ifndef OPENSSL_NO_ENGINE | 116 | #ifndef OPENSSL_NO_ENGINE |
@@ -147,6 +162,18 @@ DSA *DSA_new_method(ENGINE *engine) | |||
147 | } | 162 | } |
148 | } | 163 | } |
149 | #endif | 164 | #endif |
165 | #ifdef OPENSSL_FIPS | ||
166 | if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)) | ||
167 | { | ||
168 | DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD); | ||
169 | #ifndef OPENSSL_NO_ENGINE | ||
170 | if (ret->engine) | ||
171 | ENGINE_finish(ret->engine); | ||
172 | #endif | ||
173 | OPENSSL_free(ret); | ||
174 | return NULL; | ||
175 | } | ||
176 | #endif | ||
150 | 177 | ||
151 | ret->pad=0; | 178 | ret->pad=0; |
152 | ret->version=0; | 179 | ret->version=0; |
@@ -233,28 +260,6 @@ int DSA_up_ref(DSA *r) | |||
233 | return ((i > 1) ? 1 : 0); | 260 | return ((i > 1) ? 1 : 0); |
234 | } | 261 | } |
235 | 262 | ||
236 | int DSA_size(const DSA *r) | ||
237 | { | ||
238 | int ret,i; | ||
239 | ASN1_INTEGER bs; | ||
240 | unsigned char buf[4]; /* 4 bytes looks really small. | ||
241 | However, i2d_ASN1_INTEGER() will not look | ||
242 | beyond the first byte, as long as the second | ||
243 | parameter is NULL. */ | ||
244 | |||
245 | i=BN_num_bits(r->q); | ||
246 | bs.length=(i+7)/8; | ||
247 | bs.data=buf; | ||
248 | bs.type=V_ASN1_INTEGER; | ||
249 | /* If the top bit is set the asn1 encoding is 1 larger. */ | ||
250 | buf[0]=0xff; | ||
251 | |||
252 | i=i2d_ASN1_INTEGER(&bs,NULL); | ||
253 | i+=i; /* r and s */ | ||
254 | ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | ||
255 | return(ret); | ||
256 | } | ||
257 | |||
258 | int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | 263 | int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
259 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | 264 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
260 | { | 265 | { |
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c index 4fead07e80..412cf1d88b 100644 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ b/src/lib/libcrypto/dsa/dsa_ossl.c | |||
@@ -61,15 +61,16 @@ | |||
61 | #include <stdio.h> | 61 | #include <stdio.h> |
62 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
63 | #include <openssl/bn.h> | 63 | #include <openssl/bn.h> |
64 | #include <openssl/sha.h> | ||
65 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
66 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
67 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
68 | 67 | ||
68 | #ifndef OPENSSL_FIPS | ||
69 | |||
69 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | 70 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); |
70 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); | 71 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); |
71 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 72 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
72 | DSA *dsa); | 73 | DSA *dsa); |
73 | static int dsa_init(DSA *dsa); | 74 | static int dsa_init(DSA *dsa); |
74 | static int dsa_finish(DSA *dsa); | 75 | static int dsa_finish(DSA *dsa); |
75 | 76 | ||
@@ -134,7 +135,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
134 | BIGNUM m; | 135 | BIGNUM m; |
135 | BIGNUM xr; | 136 | BIGNUM xr; |
136 | BN_CTX *ctx=NULL; | 137 | BN_CTX *ctx=NULL; |
137 | int reason=ERR_R_BN_LIB; | 138 | int i,reason=ERR_R_BN_LIB; |
138 | DSA_SIG *ret=NULL; | 139 | DSA_SIG *ret=NULL; |
139 | 140 | ||
140 | BN_init(&m); | 141 | BN_init(&m); |
@@ -149,9 +150,8 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
149 | s=BN_new(); | 150 | s=BN_new(); |
150 | if (s == NULL) goto err; | 151 | if (s == NULL) goto err; |
151 | 152 | ||
152 | /* reject a excessive digest length (currently at most | 153 | i=BN_num_bytes(dsa->q); /* should be 20 */ |
153 | * dsa-with-SHA256 is supported) */ | 154 | if ((dlen > i) || (dlen > 50)) |
154 | if (dlen > SHA256_DIGEST_LENGTH) | ||
155 | { | 155 | { |
156 | reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; | 156 | reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; |
157 | goto err; | 157 | goto err; |
@@ -172,14 +172,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | |||
172 | dsa->r=NULL; | 172 | dsa->r=NULL; |
173 | } | 173 | } |
174 | 174 | ||
175 | 175 | if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; | |
176 | if (dlen > BN_num_bytes(dsa->q)) | ||
177 | /* if the digest length is greater than the size of q use the | ||
178 | * BN_num_bits(dsa->q) leftmost bits of the digest, see | ||
179 | * fips 186-3, 4.2 */ | ||
180 | dlen = BN_num_bytes(dsa->q); | ||
181 | if (BN_bin2bn(dgst,dlen,&m) == NULL) | ||
182 | goto err; | ||
183 | 176 | ||
184 | /* Compute s = inv(k) (m + xr) mod q */ | 177 | /* Compute s = inv(k) (m + xr) mod q */ |
185 | if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ | 178 | if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ |
@@ -290,31 +283,30 @@ err: | |||
290 | if (!ret) | 283 | if (!ret) |
291 | { | 284 | { |
292 | DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); | 285 | DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); |
293 | if (r != NULL) | 286 | if (kinv != NULL) BN_clear_free(kinv); |
294 | BN_clear_free(r); | 287 | if (r != NULL) BN_clear_free(r); |
295 | } | 288 | } |
296 | if (ctx_in == NULL) BN_CTX_free(ctx); | 289 | if (ctx_in == NULL) BN_CTX_free(ctx); |
290 | if (kinv != NULL) BN_clear_free(kinv); | ||
297 | BN_clear_free(&k); | 291 | BN_clear_free(&k); |
298 | BN_clear_free(&kq); | 292 | BN_clear_free(&kq); |
299 | return(ret); | 293 | return(ret); |
300 | } | 294 | } |
301 | 295 | ||
302 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 296 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
303 | DSA *dsa) | 297 | DSA *dsa) |
304 | { | 298 | { |
305 | BN_CTX *ctx; | 299 | BN_CTX *ctx; |
306 | BIGNUM u1,u2,t1; | 300 | BIGNUM u1,u2,t1; |
307 | BN_MONT_CTX *mont=NULL; | 301 | BN_MONT_CTX *mont=NULL; |
308 | int ret = -1, i; | 302 | int ret = -1; |
309 | if (!dsa->p || !dsa->q || !dsa->g) | 303 | if (!dsa->p || !dsa->q || !dsa->g) |
310 | { | 304 | { |
311 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS); | 305 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MISSING_PARAMETERS); |
312 | return -1; | 306 | return -1; |
313 | } | 307 | } |
314 | 308 | ||
315 | i = BN_num_bits(dsa->q); | 309 | if (BN_num_bits(dsa->q) != 160) |
316 | /* fips 186-3 allows only different sizes for q */ | ||
317 | if (i != 160 && i != 224 && i != 256) | ||
318 | { | 310 | { |
319 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); | 311 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); |
320 | return -1; | 312 | return -1; |
@@ -326,14 +318,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | |||
326 | return -1; | 318 | return -1; |
327 | } | 319 | } |
328 | 320 | ||
329 | /* reject a excessive digest length (currently at most | ||
330 | * dsa-with-SHA256 is supported) */ | ||
331 | if (dgst_len > SHA256_DIGEST_LENGTH) | ||
332 | { | ||
333 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); | ||
334 | return -1; | ||
335 | } | ||
336 | |||
337 | BN_init(&u1); | 321 | BN_init(&u1); |
338 | BN_init(&u2); | 322 | BN_init(&u2); |
339 | BN_init(&t1); | 323 | BN_init(&t1); |
@@ -358,11 +342,6 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | |||
358 | if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; | 342 | if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; |
359 | 343 | ||
360 | /* save M in u1 */ | 344 | /* save M in u1 */ |
361 | if (dgst_len > (i >> 3)) | ||
362 | /* if the digest length is greater than the size of q use the | ||
363 | * BN_num_bits(dsa->q) leftmost bits of the digest, see | ||
364 | * fips 186-3, 4.2 */ | ||
365 | dgst_len = (i >> 3); | ||
366 | if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; | 345 | if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; |
367 | 346 | ||
368 | /* u1 = M * w mod q */ | 347 | /* u1 = M * w mod q */ |
@@ -414,3 +393,4 @@ static int dsa_finish(DSA *dsa) | |||
414 | return(1); | 393 | return(1); |
415 | } | 394 | } |
416 | 395 | ||
396 | #endif | ||
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c index 17555e5892..4cfbbe57a8 100644 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ b/src/lib/libcrypto/dsa/dsa_sign.c | |||
@@ -58,33 +58,38 @@ | |||
58 | 58 | ||
59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ | 59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ |
60 | 60 | ||
61 | #include <stdio.h> | ||
61 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
63 | #include <openssl/bn.h> | ||
62 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
63 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
66 | #include <openssl/asn1.h> | ||
67 | #ifdef OPENSSL_FIPS | ||
68 | #include <openssl/fips.h> | ||
69 | #endif | ||
64 | 70 | ||
65 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||
66 | { | ||
67 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); | ||
68 | } | ||
69 | 71 | ||
70 | int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 72 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
71 | unsigned int *siglen, DSA *dsa) | ||
72 | { | 73 | { |
73 | DSA_SIG *s; | 74 | #ifdef OPENSSL_FIPS |
74 | RAND_seed(dgst, dlen); | 75 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) |
75 | s=DSA_do_sign(dgst,dlen,dsa); | ||
76 | if (s == NULL) | ||
77 | { | 76 | { |
78 | *siglen=0; | 77 | DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); |
79 | return(0); | 78 | return NULL; |
80 | } | 79 | } |
81 | *siglen=i2d_DSA_SIG(s,&sig); | 80 | #endif |
82 | DSA_SIG_free(s); | 81 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); |
83 | return(1); | ||
84 | } | 82 | } |
85 | 83 | ||
86 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | 84 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) |
87 | { | 85 | { |
86 | #ifdef OPENSSL_FIPS | ||
87 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
88 | { | ||
89 | DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
90 | return 0; | ||
91 | } | ||
92 | #endif | ||
88 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); | 93 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); |
89 | } | 94 | } |
90 | 95 | ||
diff --git a/src/lib/libcrypto/dsa/dsa_utl.c b/src/lib/libcrypto/dsa/dsa_utl.c new file mode 100644 index 0000000000..24c021d120 --- /dev/null +++ b/src/lib/libcrypto/dsa/dsa_utl.c | |||
@@ -0,0 +1,95 @@ | |||
1 | /* crypto/dsa/dsa_lib.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ | ||
60 | |||
61 | #include <stdio.h> | ||
62 | #include "cryptlib.h" | ||
63 | #include <openssl/bn.h> | ||
64 | #include <openssl/dsa.h> | ||
65 | #include <openssl/asn1.h> | ||
66 | #ifndef OPENSSL_NO_ENGINE | ||
67 | #include <openssl/engine.h> | ||
68 | #endif | ||
69 | #ifndef OPENSSL_NO_DH | ||
70 | #include <openssl/dh.h> | ||
71 | #endif | ||
72 | |||
73 | DSA_SIG *DSA_SIG_new(void) | ||
74 | { | ||
75 | DSA_SIG *sig; | ||
76 | sig = OPENSSL_malloc(sizeof(DSA_SIG)); | ||
77 | if (!sig) | ||
78 | return NULL; | ||
79 | sig->r = NULL; | ||
80 | sig->s = NULL; | ||
81 | return sig; | ||
82 | } | ||
83 | |||
84 | void DSA_SIG_free(DSA_SIG *sig) | ||
85 | { | ||
86 | if (sig) | ||
87 | { | ||
88 | if (sig->r) | ||
89 | BN_free(sig->r); | ||
90 | if (sig->s) | ||
91 | BN_free(sig->s); | ||
92 | OPENSSL_free(sig); | ||
93 | } | ||
94 | } | ||
95 | |||
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c index 226a75ff3f..c75e423048 100644 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ b/src/lib/libcrypto/dsa/dsa_vrf.c | |||
@@ -58,32 +58,27 @@ | |||
58 | 58 | ||
59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ | 59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ |
60 | 60 | ||
61 | #include <stdio.h> | ||
61 | #include "cryptlib.h" | 62 | #include "cryptlib.h" |
63 | #include <openssl/bn.h> | ||
62 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
65 | #include <openssl/rand.h> | ||
66 | #include <openssl/asn1.h> | ||
67 | #ifdef OPENSSL_FIPS | ||
68 | #include <openssl/fips.h> | ||
69 | #endif | ||
70 | |||
71 | #include <openssl/asn1_mac.h> | ||
63 | 72 | ||
64 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 73 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
65 | DSA *dsa) | 74 | DSA *dsa) |
66 | { | 75 | { |
76 | #ifdef OPENSSL_FIPS | ||
77 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
78 | { | ||
79 | DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
80 | return 0; | ||
81 | } | ||
82 | #endif | ||
67 | return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); | 83 | return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); |
68 | } | 84 | } |
69 | |||
70 | /* data has already been hashed (probably with SHA or SHA-1). */ | ||
71 | /* returns | ||
72 | * 1: correct signature | ||
73 | * 0: incorrect signature | ||
74 | * -1: error | ||
75 | */ | ||
76 | int DSA_verify(int type, const unsigned char *dgst, int dgst_len, | ||
77 | const unsigned char *sigbuf, int siglen, DSA *dsa) | ||
78 | { | ||
79 | DSA_SIG *s; | ||
80 | int ret=-1; | ||
81 | |||
82 | s = DSA_SIG_new(); | ||
83 | if (s == NULL) return(ret); | ||
84 | if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; | ||
85 | ret=DSA_do_verify(dgst,dgst_len,s,dsa); | ||
86 | err: | ||
87 | DSA_SIG_free(s); | ||
88 | return(ret); | ||
89 | } | ||
diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c new file mode 100644 index 0000000000..1b6a1cca0f --- /dev/null +++ b/src/lib/libcrypto/dsa/dsagen.c | |||
@@ -0,0 +1,111 @@ | |||
1 | /* crypto/dsa/dsagen.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | #include <stdio.h> | ||
60 | #include <openssl/dsa.h> | ||
61 | |||
62 | #define TEST | ||
63 | #define GENUINE_DSA | ||
64 | |||
65 | #ifdef GENUINE_DSA | ||
66 | #define LAST_VALUE 0xbd | ||
67 | #else | ||
68 | #define LAST_VALUE 0xd3 | ||
69 | #endif | ||
70 | |||
71 | #ifdef TEST | ||
72 | unsigned char seed[20]={ | ||
73 | 0xd5,0x01,0x4e,0x4b, | ||
74 | 0x60,0xef,0x2b,0xa8, | ||
75 | 0xb6,0x21,0x1b,0x40, | ||
76 | 0x62,0xba,0x32,0x24, | ||
77 | 0xe0,0x42,0x7d,LAST_VALUE}; | ||
78 | #endif | ||
79 | |||
80 | int cb(int p, int n) | ||
81 | { | ||
82 | char c='*'; | ||
83 | |||
84 | if (p == 0) c='.'; | ||
85 | if (p == 1) c='+'; | ||
86 | if (p == 2) c='*'; | ||
87 | if (p == 3) c='\n'; | ||
88 | printf("%c",c); | ||
89 | fflush(stdout); | ||
90 | } | ||
91 | |||
92 | main() | ||
93 | { | ||
94 | int i; | ||
95 | BIGNUM *n; | ||
96 | BN_CTX *ctx; | ||
97 | unsigned char seed_buf[20]; | ||
98 | DSA *dsa; | ||
99 | int counter,h; | ||
100 | BIO *bio_err=NULL; | ||
101 | |||
102 | if (bio_err == NULL) | ||
103 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | ||
104 | |||
105 | memcpy(seed_buf,seed,20); | ||
106 | dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err); | ||
107 | |||
108 | if (dsa == NULL) | ||
109 | DSA_print(bio_err,dsa,0); | ||
110 | } | ||
111 | |||
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c new file mode 100644 index 0000000000..912317bb44 --- /dev/null +++ b/src/lib/libcrypto/dsa/dsatest.c | |||
@@ -0,0 +1,260 @@ | |||
1 | /* crypto/dsa/dsatest.c */ | ||
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
3 | * All rights reserved. | ||
4 | * | ||
5 | * This package is an SSL implementation written | ||
6 | * by Eric Young (eay@cryptsoft.com). | ||
7 | * The implementation was written so as to conform with Netscapes SSL. | ||
8 | * | ||
9 | * This library is free for commercial and non-commercial use as long as | ||
10 | * the following conditions are aheared to. The following conditions | ||
11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
13 | * included with this distribution is covered by the same copyright terms | ||
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
15 | * | ||
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
17 | * the code are not to be removed. | ||
18 | * If this package is used in a product, Eric Young should be given attribution | ||
19 | * as the author of the parts of the library used. | ||
20 | * This can be in the form of a textual message at program startup or | ||
21 | * in documentation (online or textual) provided with the package. | ||
22 | * | ||
23 | * Redistribution and use in source and binary forms, with or without | ||
24 | * modification, are permitted provided that the following conditions | ||
25 | * are met: | ||
26 | * 1. Redistributions of source code must retain the copyright | ||
27 | * notice, this list of conditions and the following disclaimer. | ||
28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
29 | * notice, this list of conditions and the following disclaimer in the | ||
30 | * documentation and/or other materials provided with the distribution. | ||
31 | * 3. All advertising materials mentioning features or use of this software | ||
32 | * must display the following acknowledgement: | ||
33 | * "This product includes cryptographic software written by | ||
34 | * Eric Young (eay@cryptsoft.com)" | ||
35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
36 | * being used are not cryptographic related :-). | ||
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
38 | * the apps directory (application code) you must include an acknowledgement: | ||
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
40 | * | ||
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
51 | * SUCH DAMAGE. | ||
52 | * | ||
53 | * The licence and distribution terms for any publically available version or | ||
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
55 | * copied and put under another distribution licence | ||
56 | * [including the GNU Public Licence.] | ||
57 | */ | ||
58 | |||
59 | /* Until the key-gen callbacks are modified to use newer prototypes, we allow | ||
60 | * deprecated functions for openssl-internal code */ | ||
61 | #ifdef OPENSSL_NO_DEPRECATED | ||
62 | #undef OPENSSL_NO_DEPRECATED | ||
63 | #endif | ||
64 | |||
65 | #include <stdio.h> | ||
66 | #include <stdlib.h> | ||
67 | #include <string.h> | ||
68 | #include <sys/types.h> | ||
69 | #include <sys/stat.h> | ||
70 | |||
71 | #include "../e_os.h" | ||
72 | |||
73 | #include <openssl/crypto.h> | ||
74 | #include <openssl/rand.h> | ||
75 | #include <openssl/bio.h> | ||
76 | #include <openssl/err.h> | ||
77 | #include <openssl/bn.h> | ||
78 | |||
79 | #ifdef OPENSSL_NO_DSA | ||
80 | int main(int argc, char *argv[]) | ||
81 | { | ||
82 | printf("No DSA support\n"); | ||
83 | return(0); | ||
84 | } | ||
85 | #else | ||
86 | #include <openssl/dsa.h> | ||
87 | |||
88 | #ifdef OPENSSL_SYS_WIN16 | ||
89 | #define MS_CALLBACK _far _loadds | ||
90 | #else | ||
91 | #define MS_CALLBACK | ||
92 | #endif | ||
93 | |||
94 | static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg); | ||
95 | |||
96 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to | ||
97 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ | ||
98 | static unsigned char seed[20]={ | ||
99 | 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, | ||
100 | 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, | ||
101 | }; | ||
102 | |||
103 | static unsigned char out_p[]={ | ||
104 | 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, | ||
105 | 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, | ||
106 | 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, | ||
107 | 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, | ||
108 | 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, | ||
109 | 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, | ||
110 | 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, | ||
111 | 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, | ||
112 | }; | ||
113 | |||
114 | static unsigned char out_q[]={ | ||
115 | 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, | ||
116 | 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, | ||
117 | 0xda,0xce,0x91,0x5f, | ||
118 | }; | ||
119 | |||
120 | static unsigned char out_g[]={ | ||
121 | 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, | ||
122 | 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, | ||
123 | 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, | ||
124 | 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, | ||
125 | 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, | ||
126 | 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, | ||
127 | 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, | ||
128 | 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, | ||
129 | }; | ||
130 | |||
131 | static const unsigned char str1[]="12345678901234567890"; | ||
132 | |||
133 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | ||
134 | |||
135 | static BIO *bio_err=NULL; | ||
136 | |||
137 | int main(int argc, char **argv) | ||
138 | { | ||
139 | BN_GENCB cb; | ||
140 | DSA *dsa=NULL; | ||
141 | int counter,ret=0,i,j; | ||
142 | unsigned char buf[256]; | ||
143 | unsigned long h; | ||
144 | unsigned char sig[256]; | ||
145 | unsigned int siglen; | ||
146 | |||
147 | if (bio_err == NULL) | ||
148 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | ||
149 | |||
150 | CRYPTO_malloc_debug_init(); | ||
151 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | ||
152 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
153 | |||
154 | ERR_load_crypto_strings(); | ||
155 | RAND_seed(rnd_seed, sizeof rnd_seed); | ||
156 | |||
157 | BIO_printf(bio_err,"test generation of DSA parameters\n"); | ||
158 | |||
159 | BN_GENCB_set(&cb, dsa_cb, bio_err); | ||
160 | if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512, | ||
161 | seed, 20, &counter, &h, &cb)) | ||
162 | goto end; | ||
163 | |||
164 | BIO_printf(bio_err,"seed\n"); | ||
165 | for (i=0; i<20; i+=4) | ||
166 | { | ||
167 | BIO_printf(bio_err,"%02X%02X%02X%02X ", | ||
168 | seed[i],seed[i+1],seed[i+2],seed[i+3]); | ||
169 | } | ||
170 | BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h); | ||
171 | |||
172 | if (dsa == NULL) goto end; | ||
173 | DSA_print(bio_err,dsa,0); | ||
174 | if (counter != 105) | ||
175 | { | ||
176 | BIO_printf(bio_err,"counter should be 105\n"); | ||
177 | goto end; | ||
178 | } | ||
179 | if (h != 2) | ||
180 | { | ||
181 | BIO_printf(bio_err,"h should be 2\n"); | ||
182 | goto end; | ||
183 | } | ||
184 | |||
185 | i=BN_bn2bin(dsa->q,buf); | ||
186 | j=sizeof(out_q); | ||
187 | if ((i != j) || (memcmp(buf,out_q,i) != 0)) | ||
188 | { | ||
189 | BIO_printf(bio_err,"q value is wrong\n"); | ||
190 | goto end; | ||
191 | } | ||
192 | |||
193 | i=BN_bn2bin(dsa->p,buf); | ||
194 | j=sizeof(out_p); | ||
195 | if ((i != j) || (memcmp(buf,out_p,i) != 0)) | ||
196 | { | ||
197 | BIO_printf(bio_err,"p value is wrong\n"); | ||
198 | goto end; | ||
199 | } | ||
200 | |||
201 | i=BN_bn2bin(dsa->g,buf); | ||
202 | j=sizeof(out_g); | ||
203 | if ((i != j) || (memcmp(buf,out_g,i) != 0)) | ||
204 | { | ||
205 | BIO_printf(bio_err,"g value is wrong\n"); | ||
206 | goto end; | ||
207 | } | ||
208 | |||
209 | dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME; | ||
210 | DSA_generate_key(dsa); | ||
211 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | ||
212 | if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) | ||
213 | ret=1; | ||
214 | |||
215 | dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME; | ||
216 | DSA_generate_key(dsa); | ||
217 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | ||
218 | if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) | ||
219 | ret=1; | ||
220 | |||
221 | end: | ||
222 | if (!ret) | ||
223 | ERR_print_errors(bio_err); | ||
224 | if (dsa != NULL) DSA_free(dsa); | ||
225 | CRYPTO_cleanup_all_ex_data(); | ||
226 | ERR_remove_state(0); | ||
227 | ERR_free_strings(); | ||
228 | CRYPTO_mem_leaks(bio_err); | ||
229 | if (bio_err != NULL) | ||
230 | { | ||
231 | BIO_free(bio_err); | ||
232 | bio_err = NULL; | ||
233 | } | ||
234 | #ifdef OPENSSL_SYS_NETWARE | ||
235 | if (!ret) printf("ERROR\n"); | ||
236 | #endif | ||
237 | EXIT(!ret); | ||
238 | return(0); | ||
239 | } | ||
240 | |||
241 | static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg) | ||
242 | { | ||
243 | char c='*'; | ||
244 | static int ok=0,num=0; | ||
245 | |||
246 | if (p == 0) { c='.'; num++; }; | ||
247 | if (p == 1) c='+'; | ||
248 | if (p == 2) { c='*'; ok++; } | ||
249 | if (p == 3) c='\n'; | ||
250 | BIO_write(arg->arg,&c,1); | ||
251 | (void)BIO_flush(arg->arg); | ||
252 | |||
253 | if (!ok && (p == 0) && (num > 1)) | ||
254 | { | ||
255 | BIO_printf((BIO *)arg,"error in dsatest\n"); | ||
256 | return 0; | ||
257 | } | ||
258 | return 1; | ||
259 | } | ||
260 | #endif | ||
diff --git a/src/lib/libcrypto/dsa/fips186a.txt b/src/lib/libcrypto/dsa/fips186a.txt new file mode 100644 index 0000000000..3a2e0a0d51 --- /dev/null +++ b/src/lib/libcrypto/dsa/fips186a.txt | |||
@@ -0,0 +1,122 @@ | |||
1 | The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5 | ||
2 | examples. This is an updated version that uses SHA-1 (FIPS 180-1) | ||
3 | supplied to me by Wei Dai | ||
4 | -- | ||
5 | APPENDIX 5. EXAMPLE OF THE DSA | ||
6 | |||
7 | |||
8 | This appendix is for informational purposes only and is not required to meet | ||
9 | the standard. | ||
10 | |||
11 | Let L = 512 (size of p). The values in this example are expressed in | ||
12 | hexadecimal notation. The p and q given here were generated by the prime | ||
13 | generation standard described in appendix 2 using the 160-bit SEED: | ||
14 | |||
15 | d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3 | ||
16 | |||
17 | With this SEED, the algorithm found p and q when the counter was at 105. | ||
18 | |||
19 | x was generated by the algorithm described in appendix 3, section 3.1, using | ||
20 | the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED: | ||
21 | |||
22 | XSEED = | ||
23 | |||
24 | bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6 | ||
25 | |||
26 | t = | ||
27 | 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0 | ||
28 | |||
29 | x = G(t,XSEED) mod q | ||
30 | |||
31 | k was generated by the algorithm described in appendix 3, section 3.2, using | ||
32 | the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED: | ||
33 | |||
34 | KSEED = | ||
35 | |||
36 | 687a66d9 0648f993 867e121f 4ddf9ddb 01205584 | ||
37 | |||
38 | t = | ||
39 | EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301 | ||
40 | |||
41 | k = G(t,KSEED) mod q | ||
42 | |||
43 | Finally: | ||
44 | |||
45 | h = 2 | ||
46 | |||
47 | p = | ||
48 | 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7 | ||
49 | cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac | ||
50 | 49693dfb f83724c2 ec0736ee 31c80291 | ||
51 | |||
52 | |||
53 | q = | ||
54 | c773218c 737ec8ee 993b4f2d ed30f48e dace915f | ||
55 | |||
56 | |||
57 | g = | ||
58 | 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb | ||
59 | 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c | ||
60 | c42e9f6f 464b088c c572af53 e6d78802 | ||
61 | |||
62 | |||
63 | x = | ||
64 | 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614 | ||
65 | |||
66 | |||
67 | k = | ||
68 | 358dad57 1462710f 50e254cf 1a376b2b deaadfbf | ||
69 | |||
70 | |||
71 | kinv = | ||
72 | |||
73 | 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917 | ||
74 | |||
75 | M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A) | ||
76 | |||
77 | SHA(M) = | ||
78 | |||
79 | a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d | ||
80 | |||
81 | |||
82 | y = | ||
83 | |||
84 | 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85 | ||
85 | 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74 | ||
86 | 858fba33 f44c0669 9630a76b 030ee333 | ||
87 | |||
88 | |||
89 | r = | ||
90 | 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0 | ||
91 | |||
92 | s = | ||
93 | 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8 | ||
94 | |||
95 | |||
96 | w = | ||
97 | 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b | ||
98 | |||
99 | |||
100 | u1 = | ||
101 | bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d | ||
102 | |||
103 | |||
104 | u2 = | ||
105 | 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0 | ||
106 | |||
107 | |||
108 | gu1 mod p = | ||
109 | |||
110 | 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753 | ||
111 | 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf | ||
112 | 6f96662a 1987a21b e4ec1071 010b6069 | ||
113 | |||
114 | |||
115 | yu2 mod p = | ||
116 | |||
117 | 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665 | ||
118 | 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67 | ||
119 | c19441f4 22bf3c34 08aeba1f 0a4dbec7 | ||
120 | |||
121 | v = | ||
122 | 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0 | ||