summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/Makefile169
-rw-r--r--src/lib/libcrypto/dsa/Makefile.ssl171
-rw-r--r--src/lib/libcrypto/dsa/README4
-rw-r--r--src/lib/libcrypto/dsa/dsa.h39
-rw-r--r--src/lib/libcrypto/dsa/dsa_asn1.c82
-rw-r--r--src/lib/libcrypto/dsa/dsa_err.c10
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c3
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c4
-rw-r--r--src/lib/libcrypto/dsa/dsa_lib.c49
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c3
-rw-r--r--src/lib/libcrypto/dsa/dsa_sign.c31
-rw-r--r--src/lib/libcrypto/dsa/dsa_utl.c95
-rw-r--r--src/lib/libcrypto/dsa/dsa_vrf.c32
-rw-r--r--src/lib/libcrypto/dsa/dsagen.c111
-rw-r--r--src/lib/libcrypto/dsa/dsatest.c260
-rw-r--r--src/lib/libcrypto/dsa/fips186a.txt122
16 files changed, 992 insertions, 193 deletions
diff --git a/src/lib/libcrypto/dsa/Makefile b/src/lib/libcrypto/dsa/Makefile
new file mode 100644
index 0000000000..5493f19e85
--- /dev/null
+++ b/src/lib/libcrypto/dsa/Makefile
@@ -0,0 +1,169 @@
1#
2# OpenSSL/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST=dsatest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
21 dsa_err.c dsa_ossl.c dsa_depr.c
22LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
23 dsa_err.o dsa_ossl.o dsa_depr.o
24
25SRC= $(LIBSRC)
26
27EXHEADER= dsa.h
28HEADER= $(EXHEADER)
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35all: lib
36
37lib: $(LIBOBJ)
38 $(AR) $(LIB) $(LIBOBJ)
39 $(RANLIB) $(LIB) || echo Never mind.
40 @touch lib
41
42files:
43 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
44
45links:
46 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
48 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
49
50install:
51 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
52 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done;
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
68 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
69
70dclean:
71 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
72 mv -f Makefile.new $(MAKEFILE)
73
74clean:
75 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
76
77# DO NOT DELETE THIS LINE -- make depend depends on it.
78
79dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
80dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
81dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
82dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
83dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
84dsa_asn1.o: ../../include/openssl/opensslconf.h
85dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
86dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
87dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
88dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
89dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
90dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
91dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
92dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
93dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
94dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
95dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
96dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
97dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
98dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
99dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
100dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
101dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
102dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
103dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
104dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
105dsa_err.o: dsa_err.c
106dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
107dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
108dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
109dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
110dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
111dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
112dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
113dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
114dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
115dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
116dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c
117dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
118dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
119dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
120dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
121dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
122dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
123dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
124dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
125dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
126dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
127dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
128dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
129dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
130dsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
131dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
132dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
133dsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
134dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
135dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
136dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
137dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
138dsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
139dsa_lib.o: ../cryptlib.h dsa_lib.c
140dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
141dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
142dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
143dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
144dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
145dsa_ossl.o: ../../include/openssl/opensslconf.h
146dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
147dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
148dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
149dsa_ossl.o: ../cryptlib.h dsa_ossl.c
150dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
151dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
152dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
153dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
154dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
155dsa_sign.o: ../../include/openssl/opensslconf.h
156dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
157dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
158dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
159dsa_sign.o: ../cryptlib.h dsa_sign.c
160dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
161dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
162dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
163dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
164dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
165dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
166dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
167dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
168dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
169dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libcrypto/dsa/Makefile.ssl b/src/lib/libcrypto/dsa/Makefile.ssl
new file mode 100644
index 0000000000..e5f8a8cf51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/Makefile.ssl
@@ -0,0 +1,171 @@
1#
2# SSLeay/crypto/dsa/Makefile
3#
4
5DIR= dsa
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST=dsatest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
27 dsa_err.c dsa_ossl.c
28LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
29 dsa_err.o dsa_ossl.o
30
31SRC= $(LIBSRC)
32
33EXHEADER= dsa.h
34HEADER= $(EXHEADER)
35
36ALL= $(GENERAL) $(SRC) $(HEADER)
37
38top:
39 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
40
41all: lib
42
43lib: $(LIBOBJ)
44 $(AR) $(LIB) $(LIBOBJ)
45 $(RANLIB) $(LIB) || echo Never mind.
46 @touch lib
47
48files:
49 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
50
51links:
52 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
53 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
54 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
55 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
56
57install:
58 @for i in $(EXHEADER) ; \
59 do \
60 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
61 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
62 done;
63
64tags:
65 ctags $(SRC)
66
67tests:
68
69lint:
70 lint -DLINT $(INCLUDES) $(SRC)>fluff
71
72depend:
73 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
74
75dclean:
76 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
77 mv -f Makefile.new $(MAKEFILE)
78
79clean:
80 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
81
82# DO NOT DELETE THIS LINE -- make depend depends on it.
83
84dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
85dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
86dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
87dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
88dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
89dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
90dsa_asn1.o: ../../include/openssl/opensslconf.h
91dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
92dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
93dsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_asn1.c
94dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
95dsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
96dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
97dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
98dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
99dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
100dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
101dsa_err.o: dsa_err.c
102dsa_gen.o: ../../e_os.h ../../include/openssl/aes.h
103dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
104dsa_gen.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
105dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
106dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
107dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
108dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
109dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
110dsa_gen.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
111dsa_gen.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
112dsa_gen.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
113dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
114dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
115dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
116dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
117dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
118dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
119dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
120dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
121dsa_gen.o: ../../include/openssl/ui_compat.h ../cryptlib.h dsa_gen.c
122dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
123dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
124dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
125dsa_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
126dsa_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
127dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
128dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
129dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
130dsa_key.o: ../cryptlib.h dsa_key.c
131dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
132dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
133dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
134dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
135dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
136dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
137dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
138dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
139dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
140dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
141dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
142dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
143dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
144dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
145dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
146dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
147dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
148dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
149dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
150dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
151dsa_ossl.o: ../cryptlib.h dsa_ossl.c
152dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
153dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
154dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
155dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
156dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
157dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
158dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
159dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
160dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
161dsa_sign.o: ../cryptlib.h dsa_sign.c
162dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
163dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
164dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
165dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
166dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
167dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
168dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
169dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
170dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
171dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c
diff --git a/src/lib/libcrypto/dsa/README b/src/lib/libcrypto/dsa/README
new file mode 100644
index 0000000000..6a7e9c170a
--- /dev/null
+++ b/src/lib/libcrypto/dsa/README
@@ -0,0 +1,4 @@
1The stuff in here is based on patches supplied to me by
2Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
3I have since modified a them a little but a debt of gratitude
4is due for doing the initial work.
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h
index 702c50d6dc..3a8fe5b56b 100644
--- a/src/lib/libcrypto/dsa/dsa.h
+++ b/src/lib/libcrypto/dsa/dsa.h
@@ -88,8 +88,6 @@
88# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 88# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
89#endif 89#endif
90 90
91#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
92
93#define DSA_FLAG_CACHE_MONT_P 0x01 91#define DSA_FLAG_CACHE_MONT_P 0x01
94#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA 92#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
95 * implementation now uses constant time 93 * implementation now uses constant time
@@ -99,25 +97,6 @@
99 * be used for all exponents. 97 * be used for all exponents.
100 */ 98 */
101 99
102/* If this flag is set the DSA method is FIPS compliant and can be used
103 * in FIPS mode. This is set in the validated module method. If an
104 * application sets this flag in its own methods it is its reposibility
105 * to ensure the result is compliant.
106 */
107
108#define DSA_FLAG_FIPS_METHOD 0x0400
109
110/* If this flag is set the operations normally disabled in FIPS mode are
111 * permitted it is then the applications responsibility to ensure that the
112 * usage is compliant.
113 */
114
115#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
116
117#ifdef OPENSSL_FIPS
118#define FIPS_DSA_SIZE_T int
119#endif
120
121#ifdef __cplusplus 100#ifdef __cplusplus
122extern "C" { 101extern "C" {
123#endif 102#endif
@@ -210,11 +189,6 @@ void DSA_set_default_method(const DSA_METHOD *);
210const DSA_METHOD *DSA_get_default_method(void); 189const DSA_METHOD *DSA_get_default_method(void);
211int DSA_set_method(DSA *dsa, const DSA_METHOD *); 190int DSA_set_method(DSA *dsa, const DSA_METHOD *);
212 191
213#ifdef OPENSSL_FIPS
214DSA * FIPS_dsa_new(void);
215void FIPS_dsa_free (DSA *r);
216#endif
217
218DSA * DSA_new(void); 192DSA * DSA_new(void);
219DSA * DSA_new_method(ENGINE *engine); 193DSA * DSA_new_method(ENGINE *engine);
220void DSA_free (DSA *r); 194void DSA_free (DSA *r);
@@ -275,11 +249,6 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off);
275DH *DSA_dup_DH(const DSA *r); 249DH *DSA_dup_DH(const DSA *r);
276#endif 250#endif
277 251
278#ifdef OPENSSL_FIPS
279int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig);
280int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen);
281#endif
282
283/* BEGIN ERROR CODES */ 252/* BEGIN ERROR CODES */
284/* The following lines are auto generated by the script mkerr.pl. Any changes 253/* The following lines are auto generated by the script mkerr.pl. Any changes
285 * made after this point may be overwritten when the script is next run. 254 * made after this point may be overwritten when the script is next run.
@@ -292,16 +261,11 @@ void ERR_load_DSA_strings(void);
292#define DSA_F_D2I_DSA_SIG 110 261#define DSA_F_D2I_DSA_SIG 110
293#define DSA_F_DSAPARAMS_PRINT 100 262#define DSA_F_DSAPARAMS_PRINT 100
294#define DSA_F_DSAPARAMS_PRINT_FP 101 263#define DSA_F_DSAPARAMS_PRINT_FP 101
295#define DSA_F_DSA_BUILTIN_KEYGEN 119
296#define DSA_F_DSA_BUILTIN_PARAMGEN 118
297#define DSA_F_DSA_DO_SIGN 112 264#define DSA_F_DSA_DO_SIGN 112
298#define DSA_F_DSA_DO_VERIFY 113 265#define DSA_F_DSA_DO_VERIFY 113
299#define DSA_F_DSA_GENERATE_PARAMETERS 117
300#define DSA_F_DSA_NEW_METHOD 103 266#define DSA_F_DSA_NEW_METHOD 103
301#define DSA_F_DSA_PRINT 104 267#define DSA_F_DSA_PRINT 104
302#define DSA_F_DSA_PRINT_FP 105 268#define DSA_F_DSA_PRINT_FP 105
303#define DSA_F_DSA_SET_DEFAULT_METHOD 115
304#define DSA_F_DSA_SET_METHOD 116
305#define DSA_F_DSA_SIGN 106 269#define DSA_F_DSA_SIGN 106
306#define DSA_F_DSA_SIGN_SETUP 107 270#define DSA_F_DSA_SIGN_SETUP 107
307#define DSA_F_DSA_SIG_NEW 109 271#define DSA_F_DSA_SIG_NEW 109
@@ -312,11 +276,8 @@ void ERR_load_DSA_strings(void);
312/* Reason codes. */ 276/* Reason codes. */
313#define DSA_R_BAD_Q_VALUE 102 277#define DSA_R_BAD_Q_VALUE 102
314#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 278#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
315#define DSA_R_KEY_SIZE_TOO_SMALL 106
316#define DSA_R_MISSING_PARAMETERS 101 279#define DSA_R_MISSING_PARAMETERS 101
317#define DSA_R_MODULUS_TOO_LARGE 103 280#define DSA_R_MODULUS_TOO_LARGE 103
318#define DSA_R_NON_FIPS_METHOD 104
319#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105
320 281
321#ifdef __cplusplus 282#ifdef __cplusplus
322} 283}
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
index 0645facb4b..23fce555aa 100644
--- a/src/lib/libcrypto/dsa/dsa_asn1.c
+++ b/src/lib/libcrypto/dsa/dsa_asn1.c
@@ -1,5 +1,5 @@
1/* dsa_asn1.c */ 1/* dsa_asn1.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
@@ -61,11 +61,6 @@
61#include <openssl/dsa.h> 61#include <openssl/dsa.h>
62#include <openssl/asn1.h> 62#include <openssl/asn1.h>
63#include <openssl/asn1t.h> 63#include <openssl/asn1t.h>
64#include <openssl/bn.h>
65#ifdef OPENSSL_FIPS
66#include <openssl/fips.h>
67#endif
68
69 64
70/* Override the default new methods */ 65/* Override the default new methods */
71static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 66static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
@@ -88,7 +83,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
88 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) 83 ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
89} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) 84} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
90 85
91IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) 86IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
92 87
93/* Override the default free and new methods */ 88/* Override the default free and new methods */
94static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 89static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
@@ -143,76 +138,3 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
143} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) 138} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params)
144 139
145IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) 140IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
146
147int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
148 unsigned int *siglen, DSA *dsa)
149 {
150 DSA_SIG *s;
151#ifdef OPENSSL_FIPS
152 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
153 {
154 DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
155 return 0;
156 }
157#endif
158 s=DSA_do_sign(dgst,dlen,dsa);
159 if (s == NULL)
160 {
161 *siglen=0;
162 return(0);
163 }
164 *siglen=i2d_DSA_SIG(s,&sig);
165 DSA_SIG_free(s);
166 return(1);
167 }
168
169int DSA_size(const DSA *r)
170 {
171 int ret,i;
172 ASN1_INTEGER bs;
173 unsigned char buf[4]; /* 4 bytes looks really small.
174 However, i2d_ASN1_INTEGER() will not look
175 beyond the first byte, as long as the second
176 parameter is NULL. */
177
178 i=BN_num_bits(r->q);
179 bs.length=(i+7)/8;
180 bs.data=buf;
181 bs.type=V_ASN1_INTEGER;
182 /* If the top bit is set the asn1 encoding is 1 larger. */
183 buf[0]=0xff;
184
185 i=i2d_ASN1_INTEGER(&bs,NULL);
186 i+=i; /* r and s */
187 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
188 return(ret);
189 }
190
191/* data has already been hashed (probably with SHA or SHA-1). */
192/* returns
193 * 1: correct signature
194 * 0: incorrect signature
195 * -1: error
196 */
197int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
198 const unsigned char *sigbuf, int siglen, DSA *dsa)
199 {
200 DSA_SIG *s;
201 int ret=-1;
202#ifdef OPENSSL_FIPS
203 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
204 {
205 DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
206 return 0;
207 }
208#endif
209
210 s = DSA_SIG_new();
211 if (s == NULL) return(ret);
212 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
213 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
214err:
215 DSA_SIG_free(s);
216 return(ret);
217 }
218
diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c
index 872839af94..768711994b 100644
--- a/src/lib/libcrypto/dsa/dsa_err.c
+++ b/src/lib/libcrypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
1/* crypto/dsa/dsa_err.c */ 1/* crypto/dsa/dsa_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -73,16 +73,11 @@ static ERR_STRING_DATA DSA_str_functs[]=
73{ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, 73{ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
74{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, 74{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
75{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, 75{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
76{ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"},
77{ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
78{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, 76{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
79{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, 77{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
80{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"},
81{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, 78{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
82{ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, 79{ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"},
83{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, 80{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
84{ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD), "DSA_set_default_method"},
85{ERR_FUNC(DSA_F_DSA_SET_METHOD), "DSA_set_method"},
86{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, 81{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
87{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, 82{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
88{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, 83{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
@@ -96,11 +91,8 @@ static ERR_STRING_DATA DSA_str_reasons[]=
96 { 91 {
97{ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, 92{ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"},
98{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, 93{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
99{ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
100{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, 94{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
101{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, 95{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
102{ERR_REASON(DSA_R_NON_FIPS_METHOD) ,"non fips method"},
103{ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"},
104{0,NULL} 96{0,NULL}
105 }; 97 };
106 98
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index 6f1728e3cf..ca0b86a6cf 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -82,8 +82,6 @@
82#include <openssl/rand.h> 82#include <openssl/rand.h>
83#include <openssl/sha.h> 83#include <openssl/sha.h>
84 84
85#ifndef OPENSSL_FIPS
86
87static int dsa_builtin_paramgen(DSA *ret, int bits, 85static int dsa_builtin_paramgen(DSA *ret, int bits,
88 unsigned char *seed_in, int seed_len, 86 unsigned char *seed_in, int seed_len,
89 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); 87 int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
@@ -322,4 +320,3 @@ err:
322 return ok; 320 return ok;
323 } 321 }
324#endif 322#endif
325#endif
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
index 5e39124230..c4aa86bc6d 100644
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ b/src/lib/libcrypto/dsa/dsa_key.c
@@ -64,8 +64,6 @@
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66 66
67#ifndef OPENSSL_FIPS
68
69static int dsa_builtin_keygen(DSA *dsa); 67static int dsa_builtin_keygen(DSA *dsa);
70 68
71int DSA_generate_key(DSA *dsa) 69int DSA_generate_key(DSA *dsa)
@@ -128,5 +126,3 @@ err:
128 return(ok); 126 return(ok);
129 } 127 }
130#endif 128#endif
131
132#endif
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 7ac9dc8c89..e9b75902db 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -76,14 +76,6 @@ static const DSA_METHOD *default_DSA_method = NULL;
76 76
77void DSA_set_default_method(const DSA_METHOD *meth) 77void DSA_set_default_method(const DSA_METHOD *meth)
78 { 78 {
79#ifdef OPENSSL_FIPS
80 if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD))
81 {
82 DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD);
83 return;
84 }
85#endif
86
87 default_DSA_method = meth; 79 default_DSA_method = meth;
88 } 80 }
89 81
@@ -104,13 +96,6 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
104 /* NB: The caller is specifically setting a method, so it's not up to us 96 /* NB: The caller is specifically setting a method, so it's not up to us
105 * to deal with which ENGINE it comes from. */ 97 * to deal with which ENGINE it comes from. */
106 const DSA_METHOD *mtmp; 98 const DSA_METHOD *mtmp;
107#ifdef OPENSSL_FIPS
108 if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD))
109 {
110 DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD);
111 return 0;
112 }
113#endif
114 mtmp = dsa->meth; 99 mtmp = dsa->meth;
115 if (mtmp->finish) mtmp->finish(dsa); 100 if (mtmp->finish) mtmp->finish(dsa);
116#ifndef OPENSSL_NO_ENGINE 101#ifndef OPENSSL_NO_ENGINE
@@ -162,18 +147,6 @@ DSA *DSA_new_method(ENGINE *engine)
162 } 147 }
163 } 148 }
164#endif 149#endif
165#ifdef OPENSSL_FIPS
166 if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD))
167 {
168 DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD);
169#ifndef OPENSSL_NO_ENGINE
170 if (ret->engine)
171 ENGINE_finish(ret->engine);
172#endif
173 OPENSSL_free(ret);
174 return NULL;
175 }
176#endif
177 150
178 ret->pad=0; 151 ret->pad=0;
179 ret->version=0; 152 ret->version=0;
@@ -260,6 +233,28 @@ int DSA_up_ref(DSA *r)
260 return ((i > 1) ? 1 : 0); 233 return ((i > 1) ? 1 : 0);
261 } 234 }
262 235
236int DSA_size(const DSA *r)
237 {
238 int ret,i;
239 ASN1_INTEGER bs;
240 unsigned char buf[4]; /* 4 bytes looks really small.
241 However, i2d_ASN1_INTEGER() will not look
242 beyond the first byte, as long as the second
243 parameter is NULL. */
244
245 i=BN_num_bits(r->q);
246 bs.length=(i+7)/8;
247 bs.data=buf;
248 bs.type=V_ASN1_INTEGER;
249 /* If the top bit is set the asn1 encoding is 1 larger. */
250 buf[0]=0xff;
251
252 i=i2d_ASN1_INTEGER(&bs,NULL);
253 i+=i; /* r and s */
254 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
255 return(ret);
256 }
257
263int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 258int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
264 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 259 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
265 { 260 {
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 412cf1d88b..75ff7cc4af 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -65,8 +65,6 @@
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67 67
68#ifndef OPENSSL_FIPS
69
70static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); 68static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
71static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); 69static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
72static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, 70static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
@@ -393,4 +391,3 @@ static int dsa_finish(DSA *dsa)
393 return(1); 391 return(1);
394} 392}
395 393
396#endif
diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c
index 4cfbbe57a8..89205026f0 100644
--- a/src/lib/libcrypto/dsa/dsa_sign.c
+++ b/src/lib/libcrypto/dsa/dsa_sign.c
@@ -64,32 +64,29 @@
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70
71 67
72DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) 68DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
73 { 69 {
74#ifdef OPENSSL_FIPS
75 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
76 {
77 DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
78 return NULL;
79 }
80#endif
81 return dsa->meth->dsa_do_sign(dgst, dlen, dsa); 70 return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
82 } 71 }
83 72
84int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) 73int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
74 unsigned int *siglen, DSA *dsa)
85 { 75 {
86#ifdef OPENSSL_FIPS 76 DSA_SIG *s;
87 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) 77 s=DSA_do_sign(dgst,dlen,dsa);
78 if (s == NULL)
88 { 79 {
89 DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); 80 *siglen=0;
90 return 0; 81 return(0);
91 } 82 }
92#endif 83 *siglen=i2d_DSA_SIG(s,&sig);
84 DSA_SIG_free(s);
85 return(1);
86 }
87
88int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
89 {
93 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); 90 return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
94 } 91 }
95 92
diff --git a/src/lib/libcrypto/dsa/dsa_utl.c b/src/lib/libcrypto/dsa/dsa_utl.c
new file mode 100644
index 0000000000..24c021d120
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsa_utl.c
@@ -0,0 +1,95 @@
1/* crypto/dsa/dsa_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
60
61#include <stdio.h>
62#include "cryptlib.h"
63#include <openssl/bn.h>
64#include <openssl/dsa.h>
65#include <openssl/asn1.h>
66#ifndef OPENSSL_NO_ENGINE
67#include <openssl/engine.h>
68#endif
69#ifndef OPENSSL_NO_DH
70#include <openssl/dh.h>
71#endif
72
73DSA_SIG *DSA_SIG_new(void)
74 {
75 DSA_SIG *sig;
76 sig = OPENSSL_malloc(sizeof(DSA_SIG));
77 if (!sig)
78 return NULL;
79 sig->r = NULL;
80 sig->s = NULL;
81 return sig;
82 }
83
84void DSA_SIG_free(DSA_SIG *sig)
85 {
86 if (sig)
87 {
88 if (sig->r)
89 BN_free(sig->r);
90 if (sig->s)
91 BN_free(sig->s);
92 OPENSSL_free(sig);
93 }
94 }
95
diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c
index c75e423048..c4aeddd056 100644
--- a/src/lib/libcrypto/dsa/dsa_vrf.c
+++ b/src/lib/libcrypto/dsa/dsa_vrf.c
@@ -64,21 +64,31 @@
64#include <openssl/dsa.h> 64#include <openssl/dsa.h>
65#include <openssl/rand.h> 65#include <openssl/rand.h>
66#include <openssl/asn1.h> 66#include <openssl/asn1.h>
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70
71#include <openssl/asn1_mac.h> 67#include <openssl/asn1_mac.h>
72 68
73int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, 69int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
74 DSA *dsa) 70 DSA *dsa)
75 { 71 {
76#ifdef OPENSSL_FIPS
77 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
78 {
79 DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
80 return 0;
81 }
82#endif
83 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); 72 return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
84 } 73 }
74
75/* data has already been hashed (probably with SHA or SHA-1). */
76/* returns
77 * 1: correct signature
78 * 0: incorrect signature
79 * -1: error
80 */
81int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
82 const unsigned char *sigbuf, int siglen, DSA *dsa)
83 {
84 DSA_SIG *s;
85 int ret=-1;
86
87 s = DSA_SIG_new();
88 if (s == NULL) return(ret);
89 if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
90 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
91err:
92 DSA_SIG_free(s);
93 return(ret);
94 }
diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c
new file mode 100644
index 0000000000..1b6a1cca0f
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsagen.c
@@ -0,0 +1,111 @@
1/* crypto/dsa/dsagen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/dsa.h>
61
62#define TEST
63#define GENUINE_DSA
64
65#ifdef GENUINE_DSA
66#define LAST_VALUE 0xbd
67#else
68#define LAST_VALUE 0xd3
69#endif
70
71#ifdef TEST
72unsigned char seed[20]={
73 0xd5,0x01,0x4e,0x4b,
74 0x60,0xef,0x2b,0xa8,
75 0xb6,0x21,0x1b,0x40,
76 0x62,0xba,0x32,0x24,
77 0xe0,0x42,0x7d,LAST_VALUE};
78#endif
79
80int cb(int p, int n)
81 {
82 char c='*';
83
84 if (p == 0) c='.';
85 if (p == 1) c='+';
86 if (p == 2) c='*';
87 if (p == 3) c='\n';
88 printf("%c",c);
89 fflush(stdout);
90 }
91
92main()
93 {
94 int i;
95 BIGNUM *n;
96 BN_CTX *ctx;
97 unsigned char seed_buf[20];
98 DSA *dsa;
99 int counter,h;
100 BIO *bio_err=NULL;
101
102 if (bio_err == NULL)
103 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
104
105 memcpy(seed_buf,seed,20);
106 dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
107
108 if (dsa == NULL)
109 DSA_print(bio_err,dsa,0);
110 }
111
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c
new file mode 100644
index 0000000000..912317bb44
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsatest.c
@@ -0,0 +1,260 @@
1/* crypto/dsa/dsatest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Until the key-gen callbacks are modified to use newer prototypes, we allow
60 * deprecated functions for openssl-internal code */
61#ifdef OPENSSL_NO_DEPRECATED
62#undef OPENSSL_NO_DEPRECATED
63#endif
64
65#include <stdio.h>
66#include <stdlib.h>
67#include <string.h>
68#include <sys/types.h>
69#include <sys/stat.h>
70
71#include "../e_os.h"
72
73#include <openssl/crypto.h>
74#include <openssl/rand.h>
75#include <openssl/bio.h>
76#include <openssl/err.h>
77#include <openssl/bn.h>
78
79#ifdef OPENSSL_NO_DSA
80int main(int argc, char *argv[])
81{
82 printf("No DSA support\n");
83 return(0);
84}
85#else
86#include <openssl/dsa.h>
87
88#ifdef OPENSSL_SYS_WIN16
89#define MS_CALLBACK _far _loadds
90#else
91#define MS_CALLBACK
92#endif
93
94static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg);
95
96/* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
97 * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
98static unsigned char seed[20]={
99 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
100 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
101 };
102
103static unsigned char out_p[]={
104 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
105 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
106 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
107 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
108 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
109 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
110 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
111 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
112 };
113
114static unsigned char out_q[]={
115 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
116 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
117 0xda,0xce,0x91,0x5f,
118 };
119
120static unsigned char out_g[]={
121 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
122 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
123 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
124 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
125 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
126 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
127 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
128 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
129 };
130
131static const unsigned char str1[]="12345678901234567890";
132
133static const char rnd_seed[] = "string to make the random number generator think it has entropy";
134
135static BIO *bio_err=NULL;
136
137int main(int argc, char **argv)
138 {
139 BN_GENCB cb;
140 DSA *dsa=NULL;
141 int counter,ret=0,i,j;
142 unsigned char buf[256];
143 unsigned long h;
144 unsigned char sig[256];
145 unsigned int siglen;
146
147 if (bio_err == NULL)
148 bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
149
150 CRYPTO_malloc_debug_init();
151 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
152 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
153
154 ERR_load_crypto_strings();
155 RAND_seed(rnd_seed, sizeof rnd_seed);
156
157 BIO_printf(bio_err,"test generation of DSA parameters\n");
158
159 BN_GENCB_set(&cb, dsa_cb, bio_err);
160 if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
161 seed, 20, &counter, &h, &cb))
162 goto end;
163
164 BIO_printf(bio_err,"seed\n");
165 for (i=0; i<20; i+=4)
166 {
167 BIO_printf(bio_err,"%02X%02X%02X%02X ",
168 seed[i],seed[i+1],seed[i+2],seed[i+3]);
169 }
170 BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h);
171
172 if (dsa == NULL) goto end;
173 DSA_print(bio_err,dsa,0);
174 if (counter != 105)
175 {
176 BIO_printf(bio_err,"counter should be 105\n");
177 goto end;
178 }
179 if (h != 2)
180 {
181 BIO_printf(bio_err,"h should be 2\n");
182 goto end;
183 }
184
185 i=BN_bn2bin(dsa->q,buf);
186 j=sizeof(out_q);
187 if ((i != j) || (memcmp(buf,out_q,i) != 0))
188 {
189 BIO_printf(bio_err,"q value is wrong\n");
190 goto end;
191 }
192
193 i=BN_bn2bin(dsa->p,buf);
194 j=sizeof(out_p);
195 if ((i != j) || (memcmp(buf,out_p,i) != 0))
196 {
197 BIO_printf(bio_err,"p value is wrong\n");
198 goto end;
199 }
200
201 i=BN_bn2bin(dsa->g,buf);
202 j=sizeof(out_g);
203 if ((i != j) || (memcmp(buf,out_g,i) != 0))
204 {
205 BIO_printf(bio_err,"g value is wrong\n");
206 goto end;
207 }
208
209 dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
210 DSA_generate_key(dsa);
211 DSA_sign(0, str1, 20, sig, &siglen, dsa);
212 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
213 ret=1;
214
215 dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
216 DSA_generate_key(dsa);
217 DSA_sign(0, str1, 20, sig, &siglen, dsa);
218 if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
219 ret=1;
220
221end:
222 if (!ret)
223 ERR_print_errors(bio_err);
224 if (dsa != NULL) DSA_free(dsa);
225 CRYPTO_cleanup_all_ex_data();
226 ERR_remove_state(0);
227 ERR_free_strings();
228 CRYPTO_mem_leaks(bio_err);
229 if (bio_err != NULL)
230 {
231 BIO_free(bio_err);
232 bio_err = NULL;
233 }
234#ifdef OPENSSL_SYS_NETWARE
235 if (!ret) printf("ERROR\n");
236#endif
237 EXIT(!ret);
238 return(0);
239 }
240
241static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg)
242 {
243 char c='*';
244 static int ok=0,num=0;
245
246 if (p == 0) { c='.'; num++; };
247 if (p == 1) c='+';
248 if (p == 2) { c='*'; ok++; }
249 if (p == 3) c='\n';
250 BIO_write(arg->arg,&c,1);
251 (void)BIO_flush(arg->arg);
252
253 if (!ok && (p == 0) && (num > 1))
254 {
255 BIO_printf((BIO *)arg,"error in dsatest\n");
256 return 0;
257 }
258 return 1;
259 }
260#endif
diff --git a/src/lib/libcrypto/dsa/fips186a.txt b/src/lib/libcrypto/dsa/fips186a.txt
new file mode 100644
index 0000000000..3a2e0a0d51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
1The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
2examples. This is an updated version that uses SHA-1 (FIPS 180-1)
3supplied to me by Wei Dai
4--
5 APPENDIX 5. EXAMPLE OF THE DSA
6
7
8This appendix is for informational purposes only and is not required to meet
9the standard.
10
11Let L = 512 (size of p). The values in this example are expressed in
12hexadecimal notation. The p and q given here were generated by the prime
13generation standard described in appendix 2 using the 160-bit SEED:
14
15 d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
16
17With this SEED, the algorithm found p and q when the counter was at 105.
18
19x was generated by the algorithm described in appendix 3, section 3.1, using
20the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
21
22XSEED =
23
24 bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
25
26t =
27 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
28
29x = G(t,XSEED) mod q
30
31k was generated by the algorithm described in appendix 3, section 3.2, using
32the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
33
34KSEED =
35
36 687a66d9 0648f993 867e121f 4ddf9ddb 01205584
37
38t =
39 EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
40
41k = G(t,KSEED) mod q
42
43Finally:
44
45h = 2
46
47p =
48 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
49 cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
50 49693dfb f83724c2 ec0736ee 31c80291
51
52
53q =
54 c773218c 737ec8ee 993b4f2d ed30f48e dace915f
55
56
57g =
58 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
59 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
60 c42e9f6f 464b088c c572af53 e6d78802
61
62
63x =
64 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
65
66
67k =
68 358dad57 1462710f 50e254cf 1a376b2b deaadfbf
69
70
71kinv =
72
73 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
74
75M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
76
77SHA(M) =
78
79 a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
80
81
82y =
83
84 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85
85 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
86 858fba33 f44c0669 9630a76b 030ee333
87
88
89r =
90 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
91
92s =
93 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
94
95
96w =
97 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
98
99
100u1 =
101 bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
102
103
104u2 =
105 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
106
107
108gu1 mod p =
109
110 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
111 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
112 6f96662a 1987a21b e4ec1071 010b6069
113
114
115yu2 mod p =
116
117 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
118 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67
119 c19441f4 22bf3c34 08aeba1f 0a4dbec7
120
121v =
122 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 11:18:01 +0000