From b1ddde874c215cc8891531ed92876f091b7eb83e Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Mon, 14 Apr 2025 17:32:06 +0000 Subject: This commit was manufactured by cvs2git to create tag 'tb_20250414'. --- src/lib/libcrypto/dsa/dsa.h | 263 -------------- src/lib/libcrypto/dsa/dsa_ameth.c | 736 -------------------------------------- src/lib/libcrypto/dsa/dsa_asn1.c | 479 ------------------------- src/lib/libcrypto/dsa/dsa_err.c | 104 ------ src/lib/libcrypto/dsa/dsa_gen.c | 360 ------------------- src/lib/libcrypto/dsa/dsa_key.c | 111 ------ src/lib/libcrypto/dsa/dsa_lib.c | 483 ------------------------- src/lib/libcrypto/dsa/dsa_local.h | 104 ------ src/lib/libcrypto/dsa/dsa_meth.c | 110 ------ src/lib/libcrypto/dsa/dsa_ossl.c | 456 ----------------------- src/lib/libcrypto/dsa/dsa_pmeth.c | 351 ------------------ src/lib/libcrypto/dsa/dsa_prn.c | 135 ------- 12 files changed, 3692 deletions(-) delete mode 100644 src/lib/libcrypto/dsa/dsa.h delete mode 100644 src/lib/libcrypto/dsa/dsa_ameth.c delete mode 100644 src/lib/libcrypto/dsa/dsa_asn1.c delete mode 100644 src/lib/libcrypto/dsa/dsa_err.c delete mode 100644 src/lib/libcrypto/dsa/dsa_gen.c delete mode 100644 src/lib/libcrypto/dsa/dsa_key.c delete mode 100644 src/lib/libcrypto/dsa/dsa_lib.c delete mode 100644 src/lib/libcrypto/dsa/dsa_local.h delete mode 100644 src/lib/libcrypto/dsa/dsa_meth.c delete mode 100644 src/lib/libcrypto/dsa/dsa_ossl.c delete mode 100644 src/lib/libcrypto/dsa/dsa_pmeth.c delete mode 100644 src/lib/libcrypto/dsa/dsa_prn.c (limited to 'src/lib/libcrypto/dsa') diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h deleted file mode 100644 index 7a8e7fcba4..0000000000 --- a/src/lib/libcrypto/dsa/dsa.h +++ /dev/null @@ -1,263 +0,0 @@ -/* $OpenBSD: dsa.h,v 1.48 2025/03/01 11:33:07 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * The DSS routines are based on patches supplied by - * Steven Schoch . He basically did the - * work and I have just tweaked them a little to fit into my - * stylistic vision for SSLeay :-) */ - -#ifndef HEADER_DSA_H -#define HEADER_DSA_H - -#include - -#ifndef OPENSSL_NO_BIO -#include -#endif -#include -#include -#ifndef OPENSSL_NO_DH -# include -#endif - -#include - -#ifndef OPENSSL_DSA_MAX_MODULUS_BITS -# define OPENSSL_DSA_MAX_MODULUS_BITS 10000 -#endif - -#define DSA_FLAG_CACHE_MONT_P 0x01 - -/* If this flag is set the DSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its reposibility - * to ensure the result is compliant. - */ - -#define DSA_FLAG_FIPS_METHOD 0x0400 - -/* If this flag is set the operations normally disabled in FIPS mode are - * permitted it is then the applications responsibility to ensure that the - * usage is compliant. - */ - -#define DSA_FLAG_NON_FIPS_ALLOW 0x0400 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct DSA_SIG_st DSA_SIG; - -DSA *d2i_DSAparams_bio(BIO *bp, DSA **a); -int i2d_DSAparams_bio(BIO *bp, DSA *a); -DSA *d2i_DSAparams_fp(FILE *fp, DSA **a); -int i2d_DSAparams_fp(FILE *fp, DSA *a); - -DSA *DSAparams_dup(DSA *x); -DSA_SIG * DSA_SIG_new(void); -void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp); -DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length); -void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); -int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s); - -DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); -int DSA_do_verify(const unsigned char *dgst,int dgst_len, - DSA_SIG *sig,DSA *dsa); - -const DSA_METHOD *DSA_OpenSSL(void); - -void DSA_set_default_method(const DSA_METHOD *); -const DSA_METHOD *DSA_get_default_method(void); -int DSA_set_method(DSA *dsa, const DSA_METHOD *); - -DSA * DSA_new(void); -DSA * DSA_new_method(ENGINE *engine); -void DSA_free(DSA *r); -/* "up" the DSA object's reference count */ -int DSA_up_ref(DSA *r); -int DSA_size(const DSA *); -int DSA_bits(const DSA *d); - /* next 4 return -1 on error */ -int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); -int DSA_sign(int type,const unsigned char *dgst,int dlen, - unsigned char *sig, unsigned int *siglen, DSA *dsa); -int DSA_verify(int type,const unsigned char *dgst,int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa); -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DSA_set_ex_data(DSA *d, int idx, void *arg); -void *DSA_get_ex_data(DSA *d, int idx); -int DSA_security_bits(const DSA *d); - -DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); -int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); -extern const ASN1_ITEM DSAPublicKey_it; - -DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); -int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); -extern const ASN1_ITEM DSAPrivateKey_it; - -DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length); -int i2d_DSAparams(const DSA *a,unsigned char **pp); -extern const ASN1_ITEM DSAparams_it; - -/* New version */ -int DSA_generate_parameters_ex(DSA *dsa, int bits, - const unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); - -int DSA_generate_key(DSA *a); - -#ifndef OPENSSL_NO_BIO -int DSAparams_print(BIO *bp, const DSA *x); -int DSA_print(BIO *bp, const DSA *x, int off); -#endif -int DSAparams_print_fp(FILE *fp, const DSA *x); -int DSA_print_fp(FILE *bp, const DSA *x, int off); - -#ifndef OPENSSL_NO_DH -/* Convert DSA structure (key or just parameters) into DH structure - * (be careful to avoid small subgroup attacks when using this!) */ -DH *DSA_dup_DH(const DSA *r); -#endif - -void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, - const BIGNUM **g); -int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key); -int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); -const BIGNUM *DSA_get0_p(const DSA *d); -const BIGNUM *DSA_get0_q(const DSA *d); -const BIGNUM *DSA_get0_g(const DSA *d); -const BIGNUM *DSA_get0_pub_key(const DSA *d); -const BIGNUM *DSA_get0_priv_key(const DSA *d); -void DSA_clear_flags(DSA *d, int flags); -int DSA_test_flags(const DSA *d, int flags); -void DSA_set_flags(DSA *d, int flags); -ENGINE *DSA_get0_engine(DSA *d); - -DSA_METHOD *DSA_meth_new(const char *name, int flags); -void DSA_meth_free(DSA_METHOD *meth); -DSA_METHOD *DSA_meth_dup(const DSA_METHOD *meth); -const char *DSA_meth_get0_name(const DSA_METHOD *meth); -int DSA_meth_set1_name(DSA_METHOD *meth, const char *name); -int DSA_meth_set_sign(DSA_METHOD *meth, - DSA_SIG *(*sign)(const unsigned char *, int, DSA *)); -int DSA_meth_set_finish(DSA_METHOD *meth, int (*finish)(DSA *)); - -#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \ - EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \ - EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL) - -#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1) -#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2) -#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3) - -void ERR_load_DSA_strings(void); - -/* Error codes for the DSA functions. */ - -/* Function codes. */ -#define DSA_F_D2I_DSA_SIG 110 -#define DSA_F_DO_DSA_PRINT 104 -#define DSA_F_DSAPARAMS_PRINT 100 -#define DSA_F_DSAPARAMS_PRINT_FP 101 -#define DSA_F_DSA_DO_SIGN 112 -#define DSA_F_DSA_DO_VERIFY 113 -#define DSA_F_DSA_GENERATE_KEY 124 -#define DSA_F_DSA_GENERATE_PARAMETERS_EX 123 -#define DSA_F_DSA_NEW_METHOD 103 -#define DSA_F_DSA_PARAM_DECODE 119 -#define DSA_F_DSA_PRINT_FP 105 -#define DSA_F_DSA_PRIV_DECODE 115 -#define DSA_F_DSA_PRIV_ENCODE 116 -#define DSA_F_DSA_PUB_DECODE 117 -#define DSA_F_DSA_PUB_ENCODE 118 -#define DSA_F_DSA_SIGN 106 -#define DSA_F_DSA_SIGN_SETUP 107 -#define DSA_F_DSA_SIG_NEW 109 -#define DSA_F_DSA_SIG_PRINT 125 -#define DSA_F_DSA_VERIFY 108 -#define DSA_F_I2D_DSA_SIG 111 -#define DSA_F_OLD_DSA_PRIV_DECODE 122 -#define DSA_F_PKEY_DSA_CTRL 120 -#define DSA_F_PKEY_DSA_KEYGEN 121 -#define DSA_F_SIG_CB 114 - -/* Reason codes. */ -#define DSA_R_BAD_Q_VALUE 102 -#define DSA_R_BN_DECODE_ERROR 108 -#define DSA_R_BN_ERROR 109 -#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 -#define DSA_R_DECODE_ERROR 104 -#define DSA_R_INVALID_DIGEST_TYPE 106 -#define DSA_R_INVALID_PARAMETERS 112 -#define DSA_R_MISSING_PARAMETERS 101 -#define DSA_R_MODULUS_TOO_LARGE 103 -#define DSA_R_NEED_NEW_SETUP_VALUES 110 -#define DSA_R_NON_FIPS_DSA_METHOD 111 -#define DSA_R_NO_PARAMETERS_SET 107 -#define DSA_R_PARAMETER_ENCODING_ERROR 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c deleted file mode 100644 index 866e5ec476..0000000000 --- a/src/lib/libcrypto/dsa/dsa_ameth.c +++ /dev/null @@ -1,736 +0,0 @@ -/* $OpenBSD: dsa_ameth.c,v 1.59 2024/04/13 14:02:51 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include "asn1_local.h" -#include "bn_local.h" -#include "dsa_local.h" -#include "evp_local.h" -#include "x509_local.h" - -static int -dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) -{ - X509_ALGOR *algor; - int ptype; - const void *pval; - const ASN1_STRING *astr; - const unsigned char *key, *params, *p; - int key_len, params_len; - ASN1_INTEGER *aint = NULL; - DSA *dsa = NULL; - int ret = 0; - - if (!X509_PUBKEY_get0_param(NULL, &key, &key_len, &algor, pubkey)) - goto err; - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype == V_ASN1_SEQUENCE) { - astr = pval; - params = astr->data; - params_len = astr->length; - - p = params; - if ((dsa = d2i_DSAparams(NULL, &p, params_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { - if ((dsa = DSA_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - } else { - DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); - goto err; - } - - p = key; - if ((aint = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - BN_free(dsa->pub_key); - if ((dsa->pub_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { - DSAerror(DSA_R_BN_DECODE_ERROR); - goto err; - } - - /* We can only check for key consistency if we have parameters. */ - if (ptype == V_ASN1_SEQUENCE) { - if (!dsa_check_key(dsa)) - goto err; - } - - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - ASN1_INTEGER_free(aint); - DSA_free(dsa); - - return ret; -} - -static int -dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) -{ - const DSA *dsa = pkey->pkey.dsa; - ASN1_STRING *astr = NULL; - int ptype = V_ASN1_UNDEF; - ASN1_INTEGER *aint = NULL; - ASN1_OBJECT *aobj; - unsigned char *params = NULL, *key = NULL; - int params_len = 0, key_len = 0; - int ret = 0; - - if (pkey->save_parameters > 0 && !EVP_PKEY_missing_parameters(pkey)) { - if ((params_len = i2d_DSAparams(dsa, ¶ms)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - params_len = 0; - goto err; - } - if ((astr = ASN1_STRING_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - ptype = V_ASN1_SEQUENCE; - } - - if ((aint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((key_len = i2d_ASN1_INTEGER(aint, &key)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - key_len = 0; - goto err; - } - - if ((aobj = OBJ_nid2obj(EVP_PKEY_DSA)) == NULL) - goto err; - if (!X509_PUBKEY_set0_param(pk, aobj, ptype, astr, key, key_len)) - goto err; - astr = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - ASN1_STRING_free(astr); - ASN1_INTEGER_free(aint); - freezero(params, params_len); - freezero(key, key_len); - - return ret; -} - -/* - * In PKCS#8 DSA: you just get a private key integer and parameters in the - * AlgorithmIdentifier the pubkey must be recalculated. - */ -static int -dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) -{ - const X509_ALGOR *algor; - int ptype; - const void *pval; - const ASN1_STRING *astr; - const unsigned char *key, *params, *p; - int key_len, params_len; - ASN1_INTEGER *aint = NULL; - BN_CTX *ctx = NULL; - DSA *dsa = NULL; - int ret = 0; - - if (!PKCS8_pkey_get0(NULL, &key, &key_len, &algor, p8)) - goto err; - X509_ALGOR_get0(NULL, &ptype, &pval, algor); - - if (ptype != V_ASN1_SEQUENCE) { - DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); - goto err; - } - - astr = pval; - params = astr->data; - params_len = astr->length; - - p = params; - if ((dsa = d2i_DSAparams(NULL, &p, params_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - p = key; - if ((aint = d2i_ASN1_INTEGER(NULL, &p, key_len)) == NULL) { - DSAerror(DSA_R_DECODE_ERROR); - goto err; - } - BN_free(dsa->priv_key); - if ((dsa->priv_key = ASN1_INTEGER_to_BN(aint, NULL)) == NULL) { - DSAerror(DSA_R_BN_DECODE_ERROR); - goto err; - } - - /* Check the key for basic consistency before doing expensive things. */ - if (!dsa_check_key(dsa)) - goto err; - - /* Calculate public key */ - BN_free(dsa->pub_key); - if ((dsa->pub_key = BN_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - if ((ctx = BN_CTX_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - BN_CTX_start(ctx); - - if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { - DSAerror(DSA_R_BN_ERROR); - goto err; - } - - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - DSA_free(dsa); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - ASN1_INTEGER_free(aint); - - return ret; -} - -static int -dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) -{ - const DSA *dsa = pkey->pkey.dsa; - ASN1_STRING *astr = NULL; - int ptype = V_ASN1_SEQUENCE; - ASN1_INTEGER *aint = NULL; - ASN1_OBJECT *aobj; - unsigned char *params = NULL, *key = NULL; - int params_len = 0, key_len = 0; - int ret = 0; - - if ((params_len = i2d_DSAparams(dsa, ¶ms)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - params_len = 0; - goto err; - } - if ((astr = ASN1_STRING_type_new(V_ASN1_SEQUENCE)) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - ASN1_STRING_set0(astr, params, params_len); - params = NULL; - params_len = 0; - - if ((aint = BN_to_ASN1_INTEGER(dsa->priv_key, NULL)) == NULL) { - DSAerror(DSA_R_BN_ERROR); - goto err; - } - if ((key_len = i2d_ASN1_INTEGER(aint, &key)) <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - key_len = 0; - goto err; - } - - if ((aobj = OBJ_nid2obj(NID_dsa)) == NULL) - goto err; - if (!PKCS8_pkey_set0(p8, aobj, 0, ptype, astr, key, key_len)) - goto err; - astr = NULL; - key = NULL; - key_len = 0; - - ret = 1; - - err: - ASN1_STRING_free(astr); - ASN1_INTEGER_free(aint); - freezero(params, params_len); - freezero(key, key_len); - - return ret; -} - -static int -dsa_size(const EVP_PKEY *pkey) -{ - return DSA_size(pkey->pkey.dsa); -} - -static int -dsa_bits(const EVP_PKEY *pkey) -{ - return BN_num_bits(pkey->pkey.dsa->p); -} - -static int -dsa_security_bits(const EVP_PKEY *pkey) -{ - return DSA_security_bits(pkey->pkey.dsa); -} - -static int -dsa_missing_parameters(const EVP_PKEY *pkey) -{ - const DSA *dsa = pkey->pkey.dsa; - - return dsa->p == NULL || dsa->q == NULL || dsa->g == NULL; -} - -static int -dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) -{ - BIGNUM *a; - - if ((a = BN_dup(from->pkey.dsa->p)) == NULL) - return 0; - BN_free(to->pkey.dsa->p); - to->pkey.dsa->p = a; - - if ((a = BN_dup(from->pkey.dsa->q)) == NULL) - return 0; - BN_free(to->pkey.dsa->q); - to->pkey.dsa->q = a; - - if ((a = BN_dup(from->pkey.dsa->g)) == NULL) - return 0; - BN_free(to->pkey.dsa->g); - to->pkey.dsa->g = a; - return 1; -} - -static int -dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) || - BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) || - BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g)) - return 0; - else - return 1; -} - -static int -dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) -{ - if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0) - return 0; - else - return 1; -} - -static void -dsa_free(EVP_PKEY *pkey) -{ - DSA_free(pkey->pkey.dsa); -} - -static int -do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) -{ - const char *ktype = NULL; - const BIGNUM *priv_key, *pub_key; - int ret = 0; - - if (ptype == 2) - priv_key = x->priv_key; - else - priv_key = NULL; - - if (ptype > 0) - pub_key = x->pub_key; - else - pub_key = NULL; - - if (ptype == 2) - ktype = "Private-Key"; - else if (ptype == 1) - ktype = "Public-Key"; - else - ktype = "DSA-Parameters"; - - if (priv_key) { - if (!BIO_indent(bp, off, 128)) - goto err; - if (BIO_printf(bp, "%s: (%d bit)\n", ktype, - BN_num_bits(x->p)) <= 0) - goto err; - } - - if (!bn_printf(bp, priv_key, off, "priv:")) - goto err; - if (!bn_printf(bp, pub_key, off, "pub: ")) - goto err; - if (!bn_printf(bp, x->p, off, "P: ")) - goto err; - if (!bn_printf(bp, x->q, off, "Q: ")) - goto err; - if (!bn_printf(bp, x->g, off, "G: ")) - goto err; - - ret = 1; - - err: - return ret; -} - -static int -dsa_param_decode(EVP_PKEY *pkey, const unsigned char **params, int params_len) -{ - DSA *dsa = NULL; - int ret = 0; - - if ((dsa = d2i_DSAparams(NULL, params, params_len)) == NULL) { - DSAerror(ERR_R_DSA_LIB); - goto err; - } - if (!dsa_check_key(dsa)) - goto err; - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - DSA_free(dsa); - - return ret; -} - -static int -dsa_param_encode(const EVP_PKEY *pkey, unsigned char **params) -{ - return i2d_DSAparams(pkey->pkey.dsa, params); -} - -static int -dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); -} - -static int -dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dsa_print(bp, pkey->pkey.dsa, indent, 1); -} - -static int -dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) -{ - return do_dsa_print(bp, pkey->pkey.dsa, indent, 2); -} - -static int -old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **key, int key_len) -{ - DSA *dsa = NULL; - BN_CTX *ctx = NULL; - BIGNUM *result; - int ret = 0; - - if ((dsa = d2i_DSAPrivateKey(NULL, key, key_len)) == NULL) { - DSAerror(ERR_R_DSA_LIB); - goto err; - } - - if (!dsa_check_key(dsa)) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((result = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * Check that p and q are consistent with each other. dsa_check_key() - * ensures that 1 < q < p. Now check that q divides p - 1. - */ - - if (!BN_sub(result, dsa->p, BN_value_one())) - goto err; - if (!BN_mod_ct(result, result, dsa->q, ctx)) - goto err; - if (!BN_is_zero(result)) { - DSAerror(DSA_R_BAD_Q_VALUE); - goto err; - } - - /* - * Check that g generates a multiplicative subgroup of order q. - * We only check that g^q == 1, so the order is a divisor of q. - * Once we know that q is prime, this is enough. - */ - - if (!BN_mod_exp_ct(result, dsa->g, dsa->q, dsa->p, ctx)) - goto err; - if (BN_cmp(result, BN_value_one()) != 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - goto err; - } - - /* - * Check that q is not a composite number. - */ - - if (BN_is_prime_ex(dsa->q, BN_prime_checks, ctx, NULL) <= 0) { - DSAerror(DSA_R_BAD_Q_VALUE); - goto err; - } - - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - DSA_free(dsa); - - return ret; -} - -static int -old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **key) -{ - return i2d_DSAPrivateKey(pkey->pkey.dsa, key); -} - -static int -dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, - int indent, ASN1_PCTX *pctx) -{ - DSA_SIG *dsa_sig; - const unsigned char *p; - - if (!sig) { - if (BIO_puts(bp, "\n") <= 0) - return 0; - else - return 1; - } - p = sig->data; - dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); - if (dsa_sig) { - int rv = 0; - - if (BIO_write(bp, "\n", 1) != 1) - goto err; - - if (!bn_printf(bp, dsa_sig->r, indent, "r: ")) - goto err; - if (!bn_printf(bp, dsa_sig->s, indent, "s: ")) - goto err; - rv = 1; - err: - DSA_SIG_free(dsa_sig); - return rv; - } - return X509_signature_dump(bp, sig, indent); -} - -static int -dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) -{ - switch (op) { - case ASN1_PKEY_CTRL_PKCS7_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - - PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF, - NULL)) - return -1; - } - return 1; - -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - - CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - if (!X509_ALGOR_set0_by_nid(alg2, snid, V_ASN1_UNDEF, - NULL)) - return -1; - } - return 1; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_NONE; - return 1; -#endif - - case ASN1_PKEY_CTRL_DEFAULT_MD_NID: - *(int *)arg2 = NID_sha1; - return 2; - - default: - return -2; - } -} - -const EVP_PKEY_ASN1_METHOD dsa_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA, - - .pem_str = "DSA", - .info = "OpenSSL DSA method", - - .pub_decode = dsa_pub_decode, - .pub_encode = dsa_pub_encode, - .pub_cmp = dsa_pub_cmp, - .pub_print = dsa_pub_print, - - .priv_decode = dsa_priv_decode, - .priv_encode = dsa_priv_encode, - .priv_print = dsa_priv_print, - - .pkey_size = dsa_size, - .pkey_bits = dsa_bits, - .pkey_security_bits = dsa_security_bits, - - .param_decode = dsa_param_decode, - .param_encode = dsa_param_encode, - .param_missing = dsa_missing_parameters, - .param_copy = dsa_copy_parameters, - .param_cmp = dsa_cmp_parameters, - .param_print = dsa_param_print, - .sig_print = dsa_sig_print, - - .pkey_free = dsa_free, - .pkey_ctrl = dsa_pkey_ctrl, - .old_priv_decode = old_dsa_priv_decode, - .old_priv_encode = old_dsa_priv_encode -}; - -const EVP_PKEY_ASN1_METHOD dsa1_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA1, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD dsa2_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA2, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD dsa3_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA3, - .pkey_flags = ASN1_PKEY_ALIAS, -}; - -const EVP_PKEY_ASN1_METHOD dsa4_asn1_meth = { - .base_method = &dsa_asn1_meth, - .pkey_id = EVP_PKEY_DSA4, - .pkey_flags = ASN1_PKEY_ALIAS, -}; diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c deleted file mode 100644 index de6ec46195..0000000000 --- a/src/lib/libcrypto/dsa/dsa_asn1.c +++ /dev/null @@ -1,479 +0,0 @@ -/* $OpenBSD: dsa_asn1.c,v 1.33 2024/07/08 17:11:05 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include -#include -#include - -#include "dsa_local.h" - -/* Override the default new methods */ -static int -sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - DSA_SIG *sig; - - if ((sig = DSA_SIG_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - return 0; - } - *pval = (ASN1_VALUE *)sig; - return 2; - } - return 1; -} - -static const ASN1_AUX DSA_SIG_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = sig_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSA_SIG_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA_SIG, r), - .field_name = "r", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA_SIG, s), - .field_name = "s", - .item = &BIGNUM_it, - }, -}; - -static const ASN1_ITEM DSA_SIG_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSA_SIG_seq_tt, - .tcount = sizeof(DSA_SIG_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSA_SIG_aux, - .size = sizeof(DSA_SIG), - .sname = "DSA_SIG", -}; - - -DSA_SIG * -d2i_DSA_SIG(DSA_SIG **a, const unsigned char **in, long len) -{ - return (DSA_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSA_SIG_it); -} -LCRYPTO_ALIAS(d2i_DSA_SIG); - -int -i2d_DSA_SIG(const DSA_SIG *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSA_SIG_it); -} -LCRYPTO_ALIAS(i2d_DSA_SIG); - -void -DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) -{ - if (pr != NULL) - *pr = sig->r; - if (ps != NULL) - *ps = sig->s; -} -LCRYPTO_ALIAS(DSA_SIG_get0); - -int -DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) -{ - if (r == NULL || s == NULL) - return 0; - - BN_free(sig->r); - sig->r = r; - BN_free(sig->s); - sig->s = s; - - return 1; -} -LCRYPTO_ALIAS(DSA_SIG_set0); - -/* Override the default free and new methods */ -static int -dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) -{ - if (operation == ASN1_OP_NEW_PRE) { - *pval = (ASN1_VALUE *)DSA_new(); - if (*pval) - return 2; - return 0; - } else if (operation == ASN1_OP_FREE_PRE) { - DSA_free((DSA *)*pval); - *pval = NULL; - return 2; - } - return 1; -} - -static const ASN1_AUX DSAPrivateKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAPrivateKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, version), - .field_name = "version", - .item = &LONG_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, g), - .field_name = "g", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, pub_key), - .field_name = "pub_key", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, priv_key), - .field_name = "priv_key", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM DSAPrivateKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSAPrivateKey_seq_tt, - .tcount = sizeof(DSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSAPrivateKey_aux, - .size = sizeof(DSA), - .sname = "DSA", -}; -LCRYPTO_ALIAS(DSAPrivateKey_it); - - -DSA * -d2i_DSAPrivateKey(DSA **a, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSAPrivateKey_it); -} -LCRYPTO_ALIAS(d2i_DSAPrivateKey); - -int -i2d_DSAPrivateKey(const DSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAPrivateKey_it); -} -LCRYPTO_ALIAS(i2d_DSAPrivateKey); - -static const ASN1_AUX DSAparams_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAparams_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, g), - .field_name = "g", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM DSAparams_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSAparams_seq_tt, - .tcount = sizeof(DSAparams_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSAparams_aux, - .size = sizeof(DSA), - .sname = "DSA", -}; -LCRYPTO_ALIAS(DSAparams_it); - - -DSA * -d2i_DSAparams(DSA **a, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSAparams_it); -} -LCRYPTO_ALIAS(d2i_DSAparams); - -int -i2d_DSAparams(const DSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAparams_it); -} -LCRYPTO_ALIAS(i2d_DSAparams); - -DSA * -d2i_DSAparams_bio(BIO *bp, DSA **a) -{ - return ASN1_item_d2i_bio(&DSAparams_it, bp, a); -} -LCRYPTO_ALIAS(d2i_DSAparams_bio); - -int -i2d_DSAparams_bio(BIO *bp, DSA *a) -{ - return ASN1_item_i2d_bio(&DSAparams_it, bp, a); -} -LCRYPTO_ALIAS(i2d_DSAparams_bio); - -DSA * -d2i_DSAparams_fp(FILE *fp, DSA **a) -{ - return ASN1_item_d2i_fp(&DSAparams_it, fp, a); -} -LCRYPTO_ALIAS(d2i_DSAparams_fp); - -int -i2d_DSAparams_fp(FILE *fp, DSA *a) -{ - return ASN1_item_i2d_fp(&DSAparams_it, fp, a); -} -LCRYPTO_ALIAS(i2d_DSAparams_fp); - -static const ASN1_AUX DSAPublicKey_aux = { - .app_data = NULL, - .flags = 0, - .ref_offset = 0, - .ref_lock = 0, - .asn1_cb = dsa_cb, - .enc_offset = 0, -}; -static const ASN1_TEMPLATE DSAPublicKey_seq_tt[] = { - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, pub_key), - .field_name = "pub_key", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, p), - .field_name = "p", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, q), - .field_name = "q", - .item = &BIGNUM_it, - }, - { - .flags = 0, - .tag = 0, - .offset = offsetof(DSA, g), - .field_name = "g", - .item = &BIGNUM_it, - }, -}; - -const ASN1_ITEM DSAPublicKey_it = { - .itype = ASN1_ITYPE_SEQUENCE, - .utype = V_ASN1_SEQUENCE, - .templates = DSAPublicKey_seq_tt, - .tcount = sizeof(DSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE), - .funcs = &DSAPublicKey_aux, - .size = sizeof(DSA), - .sname = "DSA", -}; -LCRYPTO_ALIAS(DSAPublicKey_it); - -DSA * -d2i_DSAPublicKey(DSA **a, const unsigned char **in, long len) -{ - return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, - &DSAPublicKey_it); -} -LCRYPTO_ALIAS(d2i_DSAPublicKey); - -int -i2d_DSAPublicKey(const DSA *a, unsigned char **out) -{ - return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAPublicKey_it); -} -LCRYPTO_ALIAS(i2d_DSAPublicKey); - -DSA * -DSAparams_dup(DSA *dsa) -{ - return ASN1_item_dup(&DSAparams_it, dsa); -} -LCRYPTO_ALIAS(DSAparams_dup); - -int -DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *out_siglen, DSA *dsa) -{ - DSA_SIG *s; - int siglen; - int ret = 0; - - *out_siglen = 0; - - if ((s = DSA_do_sign(dgst, dlen, dsa)) == NULL) - goto err; - - if ((siglen = i2d_DSA_SIG(s, &sig)) < 0) - goto err; - - *out_siglen = siglen; - - ret = 1; - err: - DSA_SIG_free(s); - - return ret; -} -LCRYPTO_ALIAS(DSA_sign); - -/* - * data has already been hashed (probably with SHA or SHA-1). - * returns - * 1: correct signature - * 0: incorrect signature - * -1: error - */ -int -DSA_verify(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int siglen, DSA *dsa) -{ - DSA_SIG *s = NULL; - unsigned char *der = NULL; - const unsigned char *p; - int ret = -1; - - p = sigbuf; - if ((s = d2i_DSA_SIG(NULL, &p, siglen)) == NULL) - goto err; - - /* Ensure signature uses DER and doesn't have trailing garbage */ - if (i2d_DSA_SIG(s, &der) != siglen) - goto err; - - if (memcmp(der, sigbuf, siglen) != 0) - goto err; - - ret = DSA_do_verify(dgst, dgst_len, s, dsa); - err: - free(der); - DSA_SIG_free(s); - - return ret; -} -LCRYPTO_ALIAS(DSA_verify); diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c deleted file mode 100644 index b7670f895b..0000000000 --- a/src/lib/libcrypto/dsa/dsa_err.c +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: dsa_err.c,v 1.22 2024/06/24 06:43:22 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "err_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason) - -static const ERR_STRING_DATA DSA_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static const ERR_STRING_DATA DSA_str_reasons[] = { - {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, - {ERR_REASON(DSA_R_BN_DECODE_ERROR) ,"bn decode error"}, - {ERR_REASON(DSA_R_BN_ERROR) ,"bn error"}, - {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, - {ERR_REASON(DSA_R_DECODE_ERROR) ,"decode error"}, - {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE) ,"invalid digest type"}, - {ERR_REASON(DSA_R_INVALID_PARAMETERS) ,"invalid parameters"}, - {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, - {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, - {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"}, - {ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD) ,"non fips dsa method"}, - {ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"}, - {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, - {0,NULL} -}; - -#endif - -void -ERR_load_DSA_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) { - ERR_load_const_strings(DSA_str_functs); - ERR_load_const_strings(DSA_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_DSA_strings); diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c deleted file mode 100644 index c8f626cd97..0000000000 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ /dev/null @@ -1,360 +0,0 @@ -/* $OpenBSD: dsa_gen.c,v 1.34 2025/02/13 11:18:00 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include /* To see if OPENSSL_NO_SHA is defined */ - -#ifndef OPENSSL_NO_SHA - -#include -#include -#include - -#include -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" - -/* - * Primality test according to FIPS PUB 186-4, Appendix C.3. Set the number - * to 64 rounds of Miller-Rabin, which corresponds to 128 bits of security. - * This is necessary for keys of size >= 3072. - * XXX - now that we do BPSW the recommendation is to do 2 for p and 27 for q. - */ -#define DSA_prime_checks 64 - -int -DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in, - int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) -{ - const EVP_MD *evpmd; - size_t qbits; - - if (bits >= 2048) { - qbits = 256; - evpmd = EVP_sha256(); - } else { - qbits = 160; - evpmd = EVP_sha1(); - } - - return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in, seed_len, - NULL, counter_ret, h_ret, cb); -} -LCRYPTO_ALIAS(DSA_generate_parameters_ex); - -int -dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd, - const unsigned char *seed_in, size_t seed_len, unsigned char *seed_out, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) -{ - int ok = 0; - unsigned char seed[SHA256_DIGEST_LENGTH]; - unsigned char md[SHA256_DIGEST_LENGTH]; - unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH]; - BIGNUM *r0, *W, *X, *c, *test; - BIGNUM *g = NULL, *q = NULL, *p = NULL; - BN_MONT_CTX *mont = NULL; - int i, k, n = 0, m = 0, qsize = qbits >> 3; - int counter = 0; - int r = 0; - BN_CTX *ctx = NULL; - unsigned int h = 2; - - if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH && - qsize != SHA256_DIGEST_LENGTH) - /* invalid q size */ - return 0; - - if (evpmd == NULL) - /* use SHA1 as default */ - evpmd = EVP_sha1(); - - if (bits < 512) - bits = 512; - - bits = (bits + 63) / 64 * 64; - - if (seed_len < (size_t)qsize) { - seed_in = NULL; /* seed buffer too small -- ignore */ - seed_len = 0; - } - /* - * App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits - */ - if (seed_len > (size_t)qsize) - seed_len = qsize; - if (seed_in != NULL) - memcpy(seed, seed_in, seed_len); - else if (seed_len != 0) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((r0 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((g = BN_CTX_get(ctx)) == NULL) - goto err; - if ((W = BN_CTX_get(ctx)) == NULL) - goto err; - if ((q = BN_CTX_get(ctx)) == NULL) - goto err; - if ((X = BN_CTX_get(ctx)) == NULL) - goto err; - if ((c = BN_CTX_get(ctx)) == NULL) - goto err; - if ((p = BN_CTX_get(ctx)) == NULL) - goto err; - if ((test = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_lshift(test, BN_value_one(), bits - 1)) - goto err; - - for (;;) { - for (;;) { /* find q */ - int seed_is_random; - - /* step 1 */ - if (!BN_GENCB_call(cb, 0, m++)) - goto err; - - if (seed_len == 0) { - arc4random_buf(seed, qsize); - seed_is_random = 1; - } else { - seed_is_random = 0; - /* use random seed if 'seed_in' turns out - to be bad */ - seed_len = 0; - } - memcpy(buf, seed, qsize); - memcpy(buf2, seed, qsize); - /* precompute "SEED + 1" for step 7: */ - for (i = qsize - 1; i >= 0; i--) { - buf[i]++; - if (buf[i] != 0) - break; - } - - /* step 2 */ - if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL)) - goto err; - if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) - goto err; - for (i = 0; i < qsize; i++) - md[i] ^= buf2[i]; - - /* step 3 */ - md[0] |= 0x80; - md[qsize - 1] |= 0x01; - if (!BN_bin2bn(md, qsize, q)) - goto err; - - /* step 4 */ - r = BN_is_prime_fasttest_ex(q, DSA_prime_checks, ctx, - seed_is_random, cb); - if (r > 0) - break; - if (r != 0) - goto err; - - /* do a callback call */ - /* step 5 */ - } - - if (!BN_GENCB_call(cb, 2, 0)) - goto err; - if (!BN_GENCB_call(cb, 3, 0)) - goto err; - - /* step 6 */ - counter = 0; - /* "offset = 2" */ - - n = (bits - 1) / 160; - - for (;;) { - if (counter != 0 && !BN_GENCB_call(cb, 0, counter)) - goto err; - - /* step 7 */ - BN_zero(W); - /* now 'buf' contains "SEED + offset - 1" */ - for (k = 0; k <= n; k++) { - /* obtain "SEED + offset + k" by incrementing: */ - for (i = qsize - 1; i >= 0; i--) { - buf[i]++; - if (buf[i] != 0) - break; - } - - if (!EVP_Digest(buf, qsize, md ,NULL, evpmd, - NULL)) - goto err; - - /* step 8 */ - if (!BN_bin2bn(md, qsize, r0)) - goto err; - if (!BN_lshift(r0, r0, (qsize << 3) * k)) - goto err; - if (!BN_add(W, W, r0)) - goto err; - } - - /* more of step 8 */ - if (!BN_mask_bits(W, bits - 1)) - goto err; - if (!bn_copy(X, W)) - goto err; - if (!BN_add(X, X, test)) - goto err; - - /* step 9 */ - if (!BN_lshift1(r0, q)) - goto err; - if (!BN_mod_ct(c, X, r0, ctx)) - goto err; - if (!BN_sub(r0, c, BN_value_one())) - goto err; - if (!BN_sub(p, X, r0)) - goto err; - - /* step 10 */ - if (BN_cmp(p, test) >= 0) { - /* step 11 */ - r = BN_is_prime_fasttest_ex(p, DSA_prime_checks, - ctx, 1, cb); - if (r > 0) - goto end; /* found it */ - if (r != 0) - goto err; - } - - /* step 13 */ - counter++; - /* "offset = offset + n + 1" */ - - /* step 14 */ - if (counter >= 4096) - break; - } - } -end: - if (!BN_GENCB_call(cb, 2, 1)) - goto err; - - /* We now need to generate g */ - /* Set r0=(p-1)/q */ - if (!BN_sub(test, p, BN_value_one())) - goto err; - if (!BN_div_ct(r0, NULL, test, q, ctx)) - goto err; - - if (!BN_set_word(test, h)) - goto err; - if ((mont = BN_MONT_CTX_create(p, ctx)) == NULL) - goto err; - - for (;;) { - /* g=test^r0%p */ - if (!BN_mod_exp_mont_ct(g, test, r0, p, ctx, mont)) - goto err; - if (!BN_is_one(g)) - break; - if (!BN_add(test, test, BN_value_one())) - goto err; - h++; - } - - if (!BN_GENCB_call(cb, 3, 1)) - goto err; - - ok = 1; -err: - if (ok) { - BN_free(ret->p); - BN_free(ret->q); - BN_free(ret->g); - ret->p = BN_dup(p); - ret->q = BN_dup(q); - ret->g = BN_dup(g); - if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { - ok = 0; - goto err; - } - if (counter_ret != NULL) - *counter_ret = counter; - if (h_ret != NULL) - *h_ret = h; - if (seed_out != NULL) - memcpy(seed_out, seed, qsize); - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_MONT_CTX_free(mont); - - return ok; -} - -#endif diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c deleted file mode 100644 index 5fbedcf705..0000000000 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ /dev/null @@ -1,111 +0,0 @@ -/* $OpenBSD: dsa_key.c,v 1.37 2024/05/11 06:43:50 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include - -#ifndef OPENSSL_NO_SHA - -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" - -int -DSA_generate_key(DSA *dsa) -{ - BIGNUM *pub_key = NULL, *priv_key = NULL; - BN_CTX *ctx = NULL; - int ok = 0; - - if ((priv_key = BN_new()) == NULL) - goto err; - if ((pub_key = BN_new()) == NULL) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - if (!bn_rand_interval(priv_key, 1, dsa->q)) - goto err; - if (!BN_mod_exp_ct(pub_key, dsa->g, priv_key, dsa->p, ctx)) - goto err; - - BN_free(dsa->priv_key); - dsa->priv_key = priv_key; - priv_key = NULL; - - BN_free(dsa->pub_key); - dsa->pub_key = pub_key; - pub_key = NULL; - - ok = 1; - - err: - BN_free(pub_key); - BN_free(priv_key); - BN_CTX_free(ctx); - - return ok; -} -LCRYPTO_ALIAS(DSA_generate_key); - -#endif diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c deleted file mode 100644 index daf2fa135b..0000000000 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ /dev/null @@ -1,483 +0,0 @@ -/* $OpenBSD: dsa_lib.c,v 1.48 2024/03/27 01:49:31 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include - -#include - -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DH -#include -#endif - -#include "dh_local.h" -#include "dsa_local.h" - -static const DSA_METHOD *default_DSA_method = NULL; - -void -DSA_set_default_method(const DSA_METHOD *meth) -{ - default_DSA_method = meth; -} -LCRYPTO_ALIAS(DSA_set_default_method); - -const DSA_METHOD * -DSA_get_default_method(void) -{ - if (!default_DSA_method) - default_DSA_method = DSA_OpenSSL(); - return default_DSA_method; -} -LCRYPTO_ALIAS(DSA_get_default_method); - -DSA * -DSA_new(void) -{ - return DSA_new_method(NULL); -} -LCRYPTO_ALIAS(DSA_new); - -int -DSA_set_method(DSA *dsa, const DSA_METHOD *meth) -{ - /* - * NB: The caller is specifically setting a method, so it's not up to us - * to deal with which ENGINE it comes from. - */ - const DSA_METHOD *mtmp; - mtmp = dsa->meth; - if (mtmp->finish) - mtmp->finish(dsa); - dsa->meth = meth; - if (meth->init) - meth->init(dsa); - return 1; -} -LCRYPTO_ALIAS(DSA_set_method); - -DSA * -DSA_new_method(ENGINE *engine) -{ - DSA *dsa; - - if ((dsa = calloc(1, sizeof(DSA))) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - - dsa->meth = DSA_get_default_method(); - dsa->flags = dsa->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; - dsa->references = 1; - - if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data)) - goto err; - if (dsa->meth->init != NULL && !dsa->meth->init(dsa)) - goto err; - - return dsa; - - err: - DSA_free(dsa); - - return NULL; -} -LCRYPTO_ALIAS(DSA_new_method); - -void -DSA_free(DSA *dsa) -{ - if (dsa == NULL) - return; - - if (CRYPTO_add(&dsa->references, -1, CRYPTO_LOCK_DSA) > 0) - return; - - if (dsa->meth != NULL && dsa->meth->finish != NULL) - dsa->meth->finish(dsa); - - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data); - - BN_free(dsa->p); - BN_free(dsa->q); - BN_free(dsa->g); - BN_free(dsa->pub_key); - BN_free(dsa->priv_key); - BN_free(dsa->kinv); - BN_free(dsa->r); - free(dsa); -} -LCRYPTO_ALIAS(DSA_free); - -int -DSA_up_ref(DSA *dsa) -{ - return CRYPTO_add(&dsa->references, 1, CRYPTO_LOCK_DSA) > 1; -} -LCRYPTO_ALIAS(DSA_up_ref); - -int -DSA_size(const DSA *dsa) -{ - DSA_SIG signature; - int ret = 0; - - signature.r = dsa->q; - signature.s = dsa->q; - - if ((ret = i2d_DSA_SIG(&signature, NULL)) < 0) - ret = 0; - - return ret; -} -LCRYPTO_ALIAS(DSA_size); - -int -DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp, - new_func, dup_func, free_func); -} -LCRYPTO_ALIAS(DSA_get_ex_new_index); - -int -DSA_set_ex_data(DSA *dsa, int idx, void *arg) -{ - return CRYPTO_set_ex_data(&dsa->ex_data, idx, arg); -} -LCRYPTO_ALIAS(DSA_set_ex_data); - -void * -DSA_get_ex_data(DSA *dsa, int idx) -{ - return CRYPTO_get_ex_data(&dsa->ex_data, idx); -} -LCRYPTO_ALIAS(DSA_get_ex_data); - -int -DSA_security_bits(const DSA *dsa) -{ - if (dsa->p == NULL || dsa->q == NULL) - return -1; - - return BN_security_bits(BN_num_bits(dsa->p), BN_num_bits(dsa->q)); -} -LCRYPTO_ALIAS(DSA_security_bits); - -#ifndef OPENSSL_NO_DH -DH * -DSA_dup_DH(const DSA *dsa) -{ - /* - * DSA has p, q, g, optional pub_key, optional priv_key. - * DH has p, optional length, g, optional pub_key, optional priv_key, - * optional q. - */ - DH *dh = NULL; - - if (dsa == NULL) - goto err; - - if ((dh = DH_new()) == NULL) - goto err; - - if (dsa->p != NULL) { - if ((dh->p = BN_dup(dsa->p)) == NULL) - goto err; - } - if (dsa->q != NULL) { - dh->length = BN_num_bits(dsa->q); - if ((dh->q = BN_dup(dsa->q)) == NULL) - goto err; - } - if (dsa->g != NULL) { - if ((dh->g = BN_dup(dsa->g)) == NULL) - goto err; - } - if (dsa->pub_key != NULL) { - if ((dh->pub_key = BN_dup(dsa->pub_key)) == NULL) - goto err; - } - if (dsa->priv_key != NULL) { - if ((dh->priv_key = BN_dup(dsa->priv_key)) == NULL) - goto err; - } - - return dh; - - err: - DH_free(dh); - return NULL; -} -LCRYPTO_ALIAS(DSA_dup_DH); -#endif - -void -DSA_get0_pqg(const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -{ - if (p != NULL) - *p = dsa->p; - if (q != NULL) - *q = dsa->q; - if (g != NULL) - *g = dsa->g; -} -LCRYPTO_ALIAS(DSA_get0_pqg); - -int -DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g) -{ - if ((dsa->p == NULL && p == NULL) || (dsa->q == NULL && q == NULL) || - (dsa->g == NULL && g == NULL)) - return 0; - - if (p != NULL) { - BN_free(dsa->p); - dsa->p = p; - } - if (q != NULL) { - BN_free(dsa->q); - dsa->q = q; - } - if (g != NULL) { - BN_free(dsa->g); - dsa->g = g; - } - - return 1; -} -LCRYPTO_ALIAS(DSA_set0_pqg); - -void -DSA_get0_key(const DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) -{ - if (pub_key != NULL) - *pub_key = dsa->pub_key; - if (priv_key != NULL) - *priv_key = dsa->priv_key; -} -LCRYPTO_ALIAS(DSA_get0_key); - -int -DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *priv_key) -{ - if (dsa->pub_key == NULL && pub_key == NULL) - return 0; - - if (pub_key != NULL) { - BN_free(dsa->pub_key); - dsa->pub_key = pub_key; - } - if (priv_key != NULL) { - BN_free(dsa->priv_key); - dsa->priv_key = priv_key; - } - - return 1; -} -LCRYPTO_ALIAS(DSA_set0_key); - -const BIGNUM * -DSA_get0_p(const DSA *dsa) -{ - return dsa->p; -} -LCRYPTO_ALIAS(DSA_get0_p); - -const BIGNUM * -DSA_get0_q(const DSA *dsa) -{ - return dsa->q; -} -LCRYPTO_ALIAS(DSA_get0_q); - -const BIGNUM * -DSA_get0_g(const DSA *dsa) -{ - return dsa->g; -} -LCRYPTO_ALIAS(DSA_get0_g); - -const BIGNUM * -DSA_get0_pub_key(const DSA *dsa) -{ - return dsa->pub_key; -} -LCRYPTO_ALIAS(DSA_get0_pub_key); - -const BIGNUM * -DSA_get0_priv_key(const DSA *dsa) -{ - return dsa->priv_key; -} -LCRYPTO_ALIAS(DSA_get0_priv_key); - -void -DSA_clear_flags(DSA *dsa, int flags) -{ - dsa->flags &= ~flags; -} -LCRYPTO_ALIAS(DSA_clear_flags); - -int -DSA_test_flags(const DSA *dsa, int flags) -{ - return dsa->flags & flags; -} -LCRYPTO_ALIAS(DSA_test_flags); - -void -DSA_set_flags(DSA *dsa, int flags) -{ - dsa->flags |= flags; -} -LCRYPTO_ALIAS(DSA_set_flags); - -ENGINE * -DSA_get0_engine(DSA *dsa) -{ - return NULL; -} -LCRYPTO_ALIAS(DSA_get0_engine); - -int -DSA_bits(const DSA *dsa) -{ - return BN_num_bits(dsa->p); -} -LCRYPTO_ALIAS(DSA_bits); - -int -dsa_check_key(const DSA *dsa) -{ - int p_bits, q_bits; - - if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) { - DSAerror(DSA_R_MISSING_PARAMETERS); - return 0; - } - - /* Checking that p and q are primes is expensive. Check they are odd. */ - if (!BN_is_odd(dsa->p) || !BN_is_odd(dsa->q)) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - - /* FIPS 186-4: 1 < g < p. */ - if (BN_cmp(dsa->g, BN_value_one()) <= 0 || - BN_cmp(dsa->g, dsa->p) >= 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - - /* We know p and g are positive. The next two checks imply q > 0. */ - if (BN_is_negative(dsa->q)) { - DSAerror(DSA_R_BAD_Q_VALUE); - return 0; - } - - /* FIPS 186-4 only allows three sizes for q. */ - q_bits = BN_num_bits(dsa->q); - if (q_bits != 160 && q_bits != 224 && q_bits != 256) { - DSAerror(DSA_R_BAD_Q_VALUE); - return 0; - } - - /* - * XXX - FIPS 186-4 only allows 1024, 2048, and 3072 bits for p. - * Cap the size to reduce DoS risks. Poor defaults make keys with - * incorrect p sizes >= 512 bits common, so only enforce a weak - * lower bound. - */ - p_bits = BN_num_bits(dsa->p); - if (p_bits > OPENSSL_DSA_MAX_MODULUS_BITS) { - DSAerror(DSA_R_MODULUS_TOO_LARGE); - return 0; - } - if (p_bits < 512) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - - /* The public key must be in the multiplicative group (mod p). */ - if (dsa->pub_key != NULL) { - if (BN_cmp(dsa->pub_key, BN_value_one()) <= 0 || - BN_cmp(dsa->pub_key, dsa->p) >= 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - } - - /* The private key must be nonzero and in GF(q). */ - if (dsa->priv_key != NULL) { - if (BN_cmp(dsa->priv_key, BN_value_one()) < 0 || - BN_cmp(dsa->priv_key, dsa->q) >= 0) { - DSAerror(DSA_R_INVALID_PARAMETERS); - return 0; - } - } - - return 1; -} diff --git a/src/lib/libcrypto/dsa/dsa_local.h b/src/lib/libcrypto/dsa/dsa_local.h deleted file mode 100644 index fc77c09fcb..0000000000 --- a/src/lib/libcrypto/dsa/dsa_local.h +++ /dev/null @@ -1,104 +0,0 @@ -/* $OpenBSD: dsa_local.h,v 1.5 2024/11/29 07:42:35 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -__BEGIN_HIDDEN_DECLS - -struct DSA_SIG_st { - BIGNUM *r; - BIGNUM *s; -} /* DSA_SIG */; - -struct dsa_method { - char *name; - DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - int (*init)(DSA *dsa); - int (*finish)(DSA *dsa); - int flags; -} /* DSA_METHOD */; - -struct dsa_st { - long version; - BIGNUM *p; - BIGNUM *q; /* == 20 */ - BIGNUM *g; - - BIGNUM *pub_key; /* y public key */ - BIGNUM *priv_key; /* x private key */ - - BIGNUM *kinv; /* Signing pre-calc */ - BIGNUM *r; /* Signing pre-calc */ - - int flags; - /* Normally used to cache montgomery values */ - BN_MONT_CTX *method_mont_p; - int references; - CRYPTO_EX_DATA ex_data; - const DSA_METHOD *meth; -} /* DSA */; - -int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, - const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, - unsigned char *seed_out, - int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); - -int dsa_check_key(const DSA *dsa); - -__END_HIDDEN_DECLS diff --git a/src/lib/libcrypto/dsa/dsa_meth.c b/src/lib/libcrypto/dsa/dsa_meth.c deleted file mode 100644 index c84b5287e1..0000000000 --- a/src/lib/libcrypto/dsa/dsa_meth.c +++ /dev/null @@ -1,110 +0,0 @@ -/* $OpenBSD: dsa_meth.c,v 1.7 2023/07/08 14:28:15 beck Exp $ */ -/* - * Copyright (c) 2018 Theo Buehler - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include - -#include -#include - -#include "dsa_local.h" - -DSA_METHOD * -DSA_meth_new(const char *name, int flags) -{ - DSA_METHOD *meth; - - if ((meth = calloc(1, sizeof(*meth))) == NULL) - return NULL; - if ((meth->name = strdup(name)) == NULL) { - free(meth); - return NULL; - } - meth->flags = flags; - - return meth; -} -LCRYPTO_ALIAS(DSA_meth_new); - -void -DSA_meth_free(DSA_METHOD *meth) -{ - if (meth == NULL) - return; - - free(meth->name); - free(meth); -} -LCRYPTO_ALIAS(DSA_meth_free); - -DSA_METHOD * -DSA_meth_dup(const DSA_METHOD *meth) -{ - DSA_METHOD *copy; - - if ((copy = calloc(1, sizeof(*copy))) == NULL) - return NULL; - memcpy(copy, meth, sizeof(*copy)); - if ((copy->name = strdup(meth->name)) == NULL) { - free(copy); - return NULL; - } - - return copy; -} -LCRYPTO_ALIAS(DSA_meth_dup); - -const char * -DSA_meth_get0_name(const DSA_METHOD *meth) -{ - return meth->name; -} -LCRYPTO_ALIAS(DSA_meth_get0_name); - -int -DSA_meth_set1_name(DSA_METHOD *meth, const char *name) -{ - char *new_name; - - if ((new_name = strdup(name)) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - return 0; - } - - free(meth->name); - meth->name = new_name; - - return 1; -} -LCRYPTO_ALIAS(DSA_meth_set1_name); - -int -DSA_meth_set_sign(DSA_METHOD *meth, - DSA_SIG *(*sign)(const unsigned char *, int, DSA *)) -{ - meth->dsa_do_sign = sign; - return 1; -} -LCRYPTO_ALIAS(DSA_meth_set_sign); - -int -DSA_meth_set_finish(DSA_METHOD *meth, int (*finish)(DSA *)) -{ - meth->finish = finish; - return 1; -} -LCRYPTO_ALIAS(DSA_meth_set_finish); diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c deleted file mode 100644 index c53c8b9001..0000000000 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ /dev/null @@ -1,456 +0,0 @@ -/* $OpenBSD: dsa_ossl.c,v 1.56 2024/05/11 06:43:50 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" - -/* - * Since DSA parameters are entirely arbitrary and checking them to be - * consistent is very expensive, we cannot do so on every sign operation. - * Instead, cap the number of retries so we do not loop indefinitely if - * the generator of the multiplicative group happens to be nilpotent. - * The probability of needing a retry with valid parameters is negligible, - * so trying 32 times is amply enough. - */ -#define DSA_MAX_SIGN_ITERATIONS 32 - -static DSA_SIG * -dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) -{ - BIGNUM *b = NULL, *bm = NULL, *bxr = NULL, *binv = NULL, *m = NULL; - BIGNUM *kinv = NULL, *r = NULL, *s = NULL; - BN_CTX *ctx = NULL; - int reason = ERR_R_BN_LIB; - DSA_SIG *ret = NULL; - int attempts = 0; - int noredo = 0; - - if (!dsa_check_key(dsa)) { - reason = DSA_R_INVALID_PARAMETERS; - goto err; - } - - if ((s = BN_new()) == NULL) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((b = BN_CTX_get(ctx)) == NULL) - goto err; - if ((binv = BN_CTX_get(ctx)) == NULL) - goto err; - if ((bm = BN_CTX_get(ctx)) == NULL) - goto err; - if ((bxr = BN_CTX_get(ctx)) == NULL) - goto err; - if ((m = BN_CTX_get(ctx)) == NULL) - goto err; - - /* - * If the digest length is greater than N (the bit length of q), the - * leftmost N bits of the digest shall be used, see FIPS 186-3, 4.2. - * In this case the digest length is given in bytes. - */ - if (dlen > BN_num_bytes(dsa->q)) - dlen = BN_num_bytes(dsa->q); - if (BN_bin2bn(dgst, dlen, m) == NULL) - goto err; - - redo: - if (dsa->kinv == NULL || dsa->r == NULL) { - if (!DSA_sign_setup(dsa, ctx, &kinv, &r)) - goto err; - } else { - kinv = dsa->kinv; - dsa->kinv = NULL; - r = dsa->r; - dsa->r = NULL; - noredo = 1; - } - - /* - * Compute: - * - * s = inv(k)(m + xr) mod q - * - * In order to reduce the possibility of a side-channel attack, the - * following is calculated using a blinding value: - * - * s = inv(b)(bm + bxr)inv(k) mod q - * - * Where b is a random value in the range [1, q). - */ - if (!bn_rand_interval(b, 1, dsa->q)) - goto err; - if (BN_mod_inverse_ct(binv, b, dsa->q, ctx) == NULL) - goto err; - - if (!BN_mod_mul(bxr, b, dsa->priv_key, dsa->q, ctx)) /* bx */ - goto err; - if (!BN_mod_mul(bxr, bxr, r, dsa->q, ctx)) /* bxr */ - goto err; - if (!BN_mod_mul(bm, b, m, dsa->q, ctx)) /* bm */ - goto err; - if (!BN_mod_add(s, bxr, bm, dsa->q, ctx)) /* s = bm + bxr */ - goto err; - if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) /* s = b(m + xr)k^-1 */ - goto err; - if (!BN_mod_mul(s, s, binv, dsa->q, ctx)) /* s = (m + xr)k^-1 */ - goto err; - - /* - * Redo if r or s is zero as required by FIPS 186-3: this is very - * unlikely. - */ - if (BN_is_zero(r) || BN_is_zero(s)) { - if (noredo) { - reason = DSA_R_NEED_NEW_SETUP_VALUES; - goto err; - } - if (++attempts > DSA_MAX_SIGN_ITERATIONS) { - reason = DSA_R_INVALID_PARAMETERS; - goto err; - } - goto redo; - } - - if ((ret = DSA_SIG_new()) == NULL) { - reason = ERR_R_MALLOC_FAILURE; - goto err; - } - ret->r = r; - ret->s = s; - - err: - if (!ret) { - DSAerror(reason); - BN_free(r); - BN_free(s); - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_free(kinv); - - return ret; -} - -static int -dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) -{ - BIGNUM *k = NULL, *l = NULL, *m = NULL, *kinv = NULL, *r = NULL; - BN_CTX *ctx = NULL; - int q_bits; - int ret = 0; - - if (!dsa_check_key(dsa)) - goto err; - - if ((r = BN_new()) == NULL) - goto err; - - if ((ctx = ctx_in) == NULL) - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((k = BN_CTX_get(ctx)) == NULL) - goto err; - if ((l = BN_CTX_get(ctx)) == NULL) - goto err; - if ((m = BN_CTX_get(ctx)) == NULL) - goto err; - - /* Preallocate space */ - q_bits = BN_num_bits(dsa->q); - if (!BN_set_bit(k, q_bits) || - !BN_set_bit(l, q_bits) || - !BN_set_bit(m, q_bits)) - goto err; - - if (!bn_rand_interval(k, 1, dsa->q)) - goto err; - - BN_set_flags(k, BN_FLG_CONSTTIME); - - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, - CRYPTO_LOCK_DSA, dsa->p, ctx)) - goto err; - } - - /* Compute r = (g^k mod p) mod q */ - - /* - * We do not want timing information to leak the length of k, - * so we compute G^k using an equivalent exponent of fixed - * bit-length. - * - * We unconditionally perform both of these additions to prevent a - * small timing information leakage. We then choose the sum that is - * one bit longer than the modulus. - * - * TODO: revisit the bn_copy aiming for a memory access agnostic - * conditional copy. - */ - - if (!BN_add(l, k, dsa->q) || - !BN_add(m, l, dsa->q) || - !bn_copy(k, BN_num_bits(l) > q_bits ? l : m)) - goto err; - - if (!BN_mod_exp_mont_ct(r, dsa->g, k, dsa->p, ctx, dsa->method_mont_p)) - goto err; - - if (!BN_mod_ct(r, r, dsa->q, ctx)) - goto err; - - /* Compute part of 's = inv(k) (m + xr) mod q' */ - if ((kinv = BN_mod_inverse_ct(NULL, k, dsa->q, ctx)) == NULL) - goto err; - - BN_free(*kinvp); - *kinvp = kinv; - kinv = NULL; - - BN_free(*rp); - *rp = r; - - ret = 1; - - err: - if (!ret) { - DSAerror(ERR_R_BN_LIB); - BN_free(r); - } - BN_CTX_end(ctx); - if (ctx != ctx_in) - BN_CTX_free(ctx); - - return ret; -} - -static int -dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) -{ - BIGNUM *u1 = NULL, *u2 = NULL, *t1 = NULL; - BN_CTX *ctx = NULL; - BN_MONT_CTX *mont = NULL; - int qbits; - int ret = -1; - - if (!dsa_check_key(dsa)) - goto err; - - if ((ctx = BN_CTX_new()) == NULL) - goto err; - - BN_CTX_start(ctx); - - if ((u1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((u2 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((t1 = BN_CTX_get(ctx)) == NULL) - goto err; - - if (BN_is_zero(sig->r) || BN_is_negative(sig->r) || - BN_ucmp(sig->r, dsa->q) >= 0) { - ret = 0; - goto err; - } - if (BN_is_zero(sig->s) || BN_is_negative(sig->s) || - BN_ucmp(sig->s, dsa->q) >= 0) { - ret = 0; - goto err; - } - - /* Calculate w = inv(s) mod q, saving w in u2. */ - if ((BN_mod_inverse_ct(u2, sig->s, dsa->q, ctx)) == NULL) - goto err; - - /* - * If the digest length is greater than the size of q use the - * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-4, 4.2. - */ - qbits = BN_num_bits(dsa->q); - if (dgst_len > (qbits >> 3)) - dgst_len = (qbits >> 3); - - /* Save m in u1. */ - if (BN_bin2bn(dgst, dgst_len, u1) == NULL) - goto err; - - /* u1 = m * w mod q */ - if (!BN_mod_mul(u1, u1, u2, dsa->q, ctx)) - goto err; - - /* u2 = r * w mod q */ - if (!BN_mod_mul(u2, sig->r, u2, dsa->q, ctx)) - goto err; - - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p, - CRYPTO_LOCK_DSA, dsa->p, ctx); - if (!mont) - goto err; - } - - if (!BN_mod_exp2_mont(t1, dsa->g, u1, dsa->pub_key, u2, dsa->p, - ctx, mont)) - goto err; - - /* let u1 = u1 mod q */ - if (!BN_mod_ct(u1, t1, dsa->q, ctx)) - goto err; - - /* v is in u1 - if the signature is correct, it will be equal to r. */ - ret = BN_ucmp(u1, sig->r) == 0; - - err: - if (ret < 0) - DSAerror(ERR_R_BN_LIB); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - - return ret; -} - -static int -dsa_init(DSA *dsa) -{ - dsa->flags |= DSA_FLAG_CACHE_MONT_P; - return 1; -} - -static int -dsa_finish(DSA *dsa) -{ - BN_MONT_CTX_free(dsa->method_mont_p); - return 1; -} - -static const DSA_METHOD openssl_dsa_meth = { - .name = "OpenSSL DSA method", - .dsa_do_sign = dsa_do_sign, - .dsa_sign_setup = dsa_sign_setup, - .dsa_do_verify = dsa_do_verify, - .init = dsa_init, - .finish = dsa_finish, -}; - -const DSA_METHOD * -DSA_OpenSSL(void) -{ - return &openssl_dsa_meth; -} -LCRYPTO_ALIAS(DSA_OpenSSL); - -DSA_SIG * -DSA_SIG_new(void) -{ - return calloc(1, sizeof(DSA_SIG)); -} -LCRYPTO_ALIAS(DSA_SIG_new); - -void -DSA_SIG_free(DSA_SIG *sig) -{ - if (sig == NULL) - return; - - BN_free(sig->r); - BN_free(sig->s); - free(sig); -} -LCRYPTO_ALIAS(DSA_SIG_free); - -int -DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) -{ - return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); -} -LCRYPTO_ALIAS(DSA_sign_setup); - -DSA_SIG * -DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) -{ - return dsa->meth->dsa_do_sign(dgst, dlen, dsa); -} -LCRYPTO_ALIAS(DSA_do_sign); - -int -DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) -{ - return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); -} -LCRYPTO_ALIAS(DSA_do_verify); diff --git a/src/lib/libcrypto/dsa/dsa_pmeth.c b/src/lib/libcrypto/dsa/dsa_pmeth.c deleted file mode 100644 index adc7319731..0000000000 --- a/src/lib/libcrypto/dsa/dsa_pmeth.c +++ /dev/null @@ -1,351 +0,0 @@ -/* $OpenBSD: dsa_pmeth.c,v 1.21 2024/10/19 14:39:44 tb Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "dsa_local.h" -#include "evp_local.h" - -/* DSA pkey context structure */ - -typedef struct { - /* Parameter gen parameters */ - int nbits; /* size of p in bits (default: 1024) */ - int qbits; /* size of q in bits (default: 160) */ - const EVP_MD *pmd; /* MD for parameter generation */ - /* Keygen callback info */ - int gentmp[2]; - /* message digest */ - const EVP_MD *md; /* MD for the signature */ -} DSA_PKEY_CTX; - -static int -pkey_dsa_init(EVP_PKEY_CTX *ctx) -{ - DSA_PKEY_CTX *dctx; - - dctx = malloc(sizeof(DSA_PKEY_CTX)); - if (!dctx) - return 0; - dctx->nbits = 1024; - dctx->qbits = 160; - dctx->pmd = NULL; - dctx->md = NULL; - - ctx->data = dctx; - ctx->keygen_info = dctx->gentmp; - ctx->keygen_info_count = 2; - - return 1; -} - -static int -pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) -{ - DSA_PKEY_CTX *dctx, *sctx; - - if (!pkey_dsa_init(dst)) - return 0; - sctx = src->data; - dctx = dst->data; - dctx->nbits = sctx->nbits; - dctx->qbits = sctx->qbits; - dctx->pmd = sctx->pmd; - dctx->md = sctx->md; - return 1; -} - -static void -pkey_dsa_cleanup(EVP_PKEY_CTX *ctx) -{ - DSA_PKEY_CTX *dctx = ctx->data; - - free(dctx); -} - -static int -pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *out_siglen, - const unsigned char *tbs, size_t tbslen) -{ - DSA *dsa = ctx->pkey->pkey.dsa; - DSA_PKEY_CTX *dctx = ctx->data; - unsigned int siglen; - - *out_siglen = 0; - - if (tbslen > INT_MAX) - return 0; - - if (dctx->md != NULL) { - if (tbslen != EVP_MD_size(dctx->md)) - return 0; - } - - if (!DSA_sign(0, tbs, tbslen, sig, &siglen, dsa)) - return 0; - - *out_siglen = siglen; - - return 1; -} - -static int -pkey_dsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen) -{ - DSA *dsa = ctx->pkey->pkey.dsa; - DSA_PKEY_CTX *dctx = ctx->data; - - if (tbslen > INT_MAX || siglen > INT_MAX) - return 0; - - if (dctx->md != NULL) { - if (tbslen != EVP_MD_size(dctx->md)) - return 0; - } - - return DSA_verify(0, tbs, tbslen, sig, siglen, dsa); -} - -static int -pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) -{ - DSA_PKEY_CTX *dctx = ctx->data; - - switch (type) { - case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS: - if (p1 < 256) - return -2; - dctx->nbits = p1; - return 1; - - case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS: - if (p1 != 160 && p1 != 224 && p1 && p1 != 256) - return -2; - dctx->qbits = p1; - return 1; - - case EVP_PKEY_CTRL_DSA_PARAMGEN_MD: - switch (EVP_MD_type((const EVP_MD *)p2)) { - case NID_sha1: - case NID_sha224: - case NID_sha256: - break; - default: - DSAerror(DSA_R_INVALID_DIGEST_TYPE); - return 0; - } - dctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_MD: - /* ANSI X9.57 and NIST CSOR. */ - switch (EVP_MD_type(p2)) { - case NID_sha1: - case NID_dsa: - case NID_dsaWithSHA: - case NID_sha224: - case NID_sha256: - case NID_sha384: - case NID_sha512: - case NID_sha3_224: - case NID_sha3_256: - case NID_sha3_384: - case NID_sha3_512: - break; - default: - DSAerror(DSA_R_INVALID_DIGEST_TYPE); - return 0; - } - dctx->md = p2; - return 1; - - case EVP_PKEY_CTRL_GET_MD: - *(const EVP_MD **)p2 = dctx->md; - return 1; - - case EVP_PKEY_CTRL_DIGESTINIT: - case EVP_PKEY_CTRL_PKCS7_SIGN: - case EVP_PKEY_CTRL_CMS_SIGN: - return 1; - - case EVP_PKEY_CTRL_PEER_KEY: - DSAerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); - return -2; - default: - return -2; - } -} - -static int -pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) -{ - const char *errstr; - - if (!strcmp(type, "dsa_paramgen_bits")) { - int nbits; - - nbits = strtonum(value, INT_MIN, INT_MAX, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits); - } else if (!strcmp(type, "dsa_paramgen_q_bits")) { - int qbits; - - qbits = strtonum(value, INT_MIN, INT_MAX, &errstr); - if (errstr != NULL) - return -2; - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, - EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, - qbits, NULL); - } else if (!strcmp(type, "dsa_paramgen_md")) { - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, - EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, - (void *)EVP_get_digestbyname(value)); - } - - return -2; -} - -static int -pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DSA *dsa; - DSA_PKEY_CTX *dctx = ctx->data; - BN_GENCB *pcb = NULL; - BN_GENCB cb = {0}; - int ret = 0; - - if ((dsa = DSA_new()) == NULL) - goto err; - if (ctx->pkey_gencb != NULL) { - pcb = &cb; - evp_pkey_set_cb_translate(pcb, ctx); - } - if (!dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, - NULL, 0, NULL, NULL, NULL, pcb)) - goto err; - if (!EVP_PKEY_assign_DSA(pkey, dsa)) - goto err; - dsa = NULL; - - ret = 1; - - err: - DSA_free(dsa); - - return ret; -} - -static int -pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) -{ - DSA *dsa = NULL; - int ret = 0; - - if (ctx->pkey == NULL) { - DSAerror(DSA_R_NO_PARAMETERS_SET); - goto err; - } - if ((dsa = DSA_new()) == NULL) - goto err; - if (!EVP_PKEY_set1_DSA(pkey, dsa)) - goto err; - - if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) - goto err; - if (!DSA_generate_key(dsa)) - goto err; - - ret = 1; - - err: - DSA_free(dsa); - - return ret; -} - -const EVP_PKEY_METHOD dsa_pkey_meth = { - .pkey_id = EVP_PKEY_DSA, - .flags = EVP_PKEY_FLAG_AUTOARGLEN, - - .init = pkey_dsa_init, - .copy = pkey_dsa_copy, - .cleanup = pkey_dsa_cleanup, - - .paramgen = pkey_dsa_paramgen, - - .keygen = pkey_dsa_keygen, - - .sign = pkey_dsa_sign, - - .verify = pkey_dsa_verify, - - .ctrl = pkey_dsa_ctrl, - .ctrl_str = pkey_dsa_ctrl_str -}; diff --git a/src/lib/libcrypto/dsa/dsa_prn.c b/src/lib/libcrypto/dsa/dsa_prn.c deleted file mode 100644 index f276d82482..0000000000 --- a/src/lib/libcrypto/dsa/dsa_prn.c +++ /dev/null @@ -1,135 +0,0 @@ -/* $OpenBSD: dsa_prn.c,v 1.10 2023/07/08 14:28:15 beck Exp $ */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include -#include - -int -DSA_print_fp(FILE *fp, const DSA *x, int off) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - DSAerror(ERR_R_BUF_LIB); - return 0; - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = DSA_print(b, x, off); - BIO_free(b); - return ret; -} -LCRYPTO_ALIAS(DSA_print_fp); - -int -DSAparams_print_fp(FILE *fp, const DSA *x) -{ - BIO *b; - int ret; - - if ((b = BIO_new(BIO_s_file())) == NULL) { - DSAerror(ERR_R_BUF_LIB); - return 0; - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = DSAparams_print(b, x); - BIO_free(b); - return ret; -} -LCRYPTO_ALIAS(DSAparams_print_fp); - -int -DSA_print(BIO *bp, const DSA *x, int off) -{ - EVP_PKEY *pk; - int ret = 0; - - if ((pk = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_DSA(pk, (DSA *)x)) - goto err; - - ret = EVP_PKEY_print_private(bp, pk, off, NULL); - err: - EVP_PKEY_free(pk); - return ret; -} -LCRYPTO_ALIAS(DSA_print); - -int -DSAparams_print(BIO *bp, const DSA *x) -{ - EVP_PKEY *pk; - int ret = 0; - - if ((pk = EVP_PKEY_new()) == NULL) - goto err; - - if (!EVP_PKEY_set1_DSA(pk, (DSA *)x)) - goto err; - - ret = EVP_PKEY_print_params(bp, pk, 4, NULL); - err: - EVP_PKEY_free(pk); - return ret; -} -LCRYPTO_ALIAS(DSAparams_print); -- cgit v1.2.3-55-g6feb