From 9200bb13d15da4b2a23e6bc92c20e95b74aa2113 Mon Sep 17 00:00:00 2001 From: beck <> Date: Fri, 15 Dec 2000 02:58:47 +0000 Subject: openssl-engine-0.9.6 merge --- src/lib/libcrypto/rsa/Makefile.ssl | 121 +++++++++++++++++++++++------------- src/lib/libcrypto/rsa/rsa.h | 31 ++++++++-- src/lib/libcrypto/rsa/rsa_eay.c | 43 ++++++++----- src/lib/libcrypto/rsa/rsa_gen.c | 2 +- src/lib/libcrypto/rsa/rsa_lib.c | 123 +++++++++++++++++++++++++++---------- src/lib/libcrypto/rsa/rsa_oaep.c | 8 +-- src/lib/libcrypto/rsa/rsa_saos.c | 8 +-- src/lib/libcrypto/rsa/rsa_sign.c | 15 +++-- src/lib/libcrypto/rsa/rsa_ssl.c | 2 +- 9 files changed, 240 insertions(+), 113 deletions(-) (limited to 'src/lib/libcrypto/rsa') diff --git a/src/lib/libcrypto/rsa/Makefile.ssl b/src/lib/libcrypto/rsa/Makefile.ssl index 7b3960e70d..c159eedafe 100644 --- a/src/lib/libcrypto/rsa/Makefile.ssl +++ b/src/lib/libcrypto/rsa/Makefile.ssl @@ -80,64 +80,97 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_chk.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +rsa_chk.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_chk.o: ../../include/openssl/crypto.h ../../include/openssl/err.h +rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h rsa_chk.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_chk.o: ../../include/openssl/symhacks.h +rsa_eay.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +rsa_eay.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +rsa_eay.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +rsa_eay.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_eay.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +rsa_eay.o: ../../include/openssl/engine.h ../../include/openssl/err.h +rsa_eay.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +rsa_eay.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +rsa_eay.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +rsa_eay.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +rsa_eay.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +rsa_eay.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h rsa_eay.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_eay.o: ../../include/openssl/stack.h ../cryptlib.h -rsa_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -rsa_err.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +rsa_eay.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h +rsa_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/err.h +rsa_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h rsa_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_err.o: ../../include/openssl/symhacks.h rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_gen.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h -rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h -rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rsa_gen.o: ../cryptlib.h -rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +rsa_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +rsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +rsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rsa_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h +rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +rsa_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +rsa_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +rsa_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +rsa_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_lib.o: ../../include/openssl/stack.h ../cryptlib.h +rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_none.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_none.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +rsa_none.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_none.o: ../../include/openssl/opensslconf.h rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_none.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_none.o: ../../include/openssl/stack.h ../cryptlib.h +rsa_none.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_none.o: ../cryptlib.h rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_null.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_null.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +rsa_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_null.o: ../../include/openssl/opensslconf.h rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_null.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_null.o: ../../include/openssl/stack.h ../cryptlib.h +rsa_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +rsa_null.o: ../cryptlib.h rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_oaep.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +rsa_oaep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_oaep.o: ../../include/openssl/opensslconf.h rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h rsa_oaep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_oaep.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_oaep.o: ../cryptlib.h +rsa_oaep.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_pk1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_pk1.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h -rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h -rsa_pk1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_pk1.o: ../../include/openssl/stack.h ../cryptlib.h +rsa_pk1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_pk1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_pk1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_saos.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h rsa_saos.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -145,37 +178,43 @@ rsa_saos.o: ../../include/openssl/crypto.h ../../include/openssl/des.h rsa_saos.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rsa_saos.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/md2.h +rsa_saos.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +rsa_saos.o: ../../include/openssl/md2.h ../../include/openssl/md4.h rsa_saos.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +rsa_saos.o: ../../include/openssl/opensslconf.h rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h rsa_saos.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h rsa_saos.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h rsa_saos.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h rsa_saos.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -rsa_saos.o: ../cryptlib.h +rsa_saos.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +rsa_saos.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h rsa_sign.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/des.h rsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h rsa_sign.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h -rsa_sign.o: ../../include/openssl/idea.h ../../include/openssl/md2.h -rsa_sign.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +rsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h +rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +rsa_sign.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +rsa_sign.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -rsa_sign.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -rsa_sign.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -rsa_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +rsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h +rsa_sign.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +rsa_sign.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h rsa_sign.o: ../cryptlib.h rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h rsa_ssl.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -rsa_ssl.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h -rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h -rsa_ssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -rsa_ssl.o: ../../include/openssl/stack.h ../cryptlib.h +rsa_ssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_ssl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h +rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index f9f9b5cfe9..bda636a365 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h @@ -59,10 +59,9 @@ #ifndef HEADER_RSA_H #define HEADER_RSA_H -#ifdef __cplusplus -extern "C" { +#ifndef NO_BIO +#include #endif - #include #include @@ -70,6 +69,10 @@ extern "C" { #error RSA is disabled. #endif +#ifdef __cplusplus +extern "C" { +#endif + typedef struct rsa_st RSA; typedef struct rsa_meth_st @@ -111,7 +114,11 @@ struct rsa_st * this is passed instead of aEVP_PKEY, it is set to 0 */ int pad; int version; +#if 0 RSA_METHOD *meth; +#else + struct engine_st *engine; +#endif BIGNUM *n; BIGNUM *e; BIGNUM *d; @@ -165,7 +172,11 @@ struct rsa_st #define RSA_get_app_data(s) RSA_get_ex_data(s,0) RSA * RSA_new(void); +#if 0 RSA * RSA_new_method(RSA_METHOD *method); +#else +RSA * RSA_new_method(struct engine_st *engine); +#endif int RSA_size(RSA *); RSA * RSA_generate_key(int bits, unsigned long e,void (*callback)(int,int,void *),void *cb_arg); @@ -183,10 +194,14 @@ void RSA_free (RSA *r); int RSA_flags(RSA *r); -void RSA_set_default_method(RSA_METHOD *meth); -RSA_METHOD *RSA_get_default_method(void); +void RSA_set_default_openssl_method(RSA_METHOD *meth); +RSA_METHOD *RSA_get_default_openssl_method(void); RSA_METHOD *RSA_get_method(RSA *rsa); +#if 0 RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth); +#else +int RSA_set_method(RSA *rsa, struct engine_st *engine); +#endif /* This function needs the memory locking malloc callbacks to be installed */ int RSA_memory_lock(RSA *r); @@ -209,10 +224,14 @@ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); int RSA_print_fp(FILE *fp, RSA *r,int offset); #endif -#ifdef HEADER_BIO_H +#ifndef NO_BIO int RSA_print(BIO *bp, RSA *r,int offset); #endif +int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey); +RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); +RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); + int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); /* Naughty internal function required elsewhere, to handle a MS structure diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index b7d2460754..8b8a1e279a 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -61,6 +61,7 @@ #include #include #include +#include #ifndef RSA_NULL @@ -97,16 +98,18 @@ RSA_METHOD *RSA_PKCS1_SSLeay(void) static int RSA_eay_public_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { + const RSA_METHOD *meth; BIGNUM f,ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + meth = ENGINE_get_RSA(rsa->engine); BN_init(&f); BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -143,7 +146,7 @@ static int RSA_eay_public_encrypt(int flen, unsigned char *from, goto err; } - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, + if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; /* put in leading 0 bytes if the number is less than the @@ -161,7 +164,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -169,17 +172,19 @@ err: static int RSA_eay_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { + const RSA_METHOD *meth; BIGNUM f,ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + meth = ENGINE_get_RSA(rsa->engine); BN_init(&f); BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -213,10 +218,10 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from, (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } + { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } else { - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; + if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; } if (rsa->flags & RSA_FLAG_BLINDING) @@ -237,7 +242,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -245,12 +250,14 @@ err: static int RSA_eay_private_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { + const RSA_METHOD *meth; BIGNUM f,ret; int j,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + meth = ENGINE_get_RSA(rsa->engine); BN_init(&f); BN_init(&ret); ctx=BN_CTX_new(); @@ -258,7 +265,7 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from, num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)Malloc(num)) == NULL) + if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -287,10 +294,10 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from, (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } + { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } else { - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) + if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; } @@ -330,7 +337,7 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } @@ -338,19 +345,21 @@ err: static int RSA_eay_public_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { + const RSA_METHOD *meth; BIGNUM f,ret; int i,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; BN_CTX *ctx=NULL; + meth = ENGINE_get_RSA(rsa->engine); BN_init(&f); BN_init(&ret); ctx=BN_CTX_new(); if (ctx == NULL) goto err; num=BN_num_bytes(rsa->n); - buf=(unsigned char *)Malloc(num); + buf=(unsigned char *)OPENSSL_malloc(num); if (buf == NULL) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); @@ -374,7 +383,7 @@ static int RSA_eay_public_decrypt(int flen, unsigned char *from, goto err; } - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, + if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; p=buf; @@ -402,17 +411,19 @@ err: if (buf != NULL) { memset(buf,0,num); - Free(buf); + OPENSSL_free(buf); } return(r); } static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) { + const RSA_METHOD *meth; BIGNUM r1,m1; int ret=0; BN_CTX *ctx; + meth = ENGINE_get_RSA(rsa->engine); if ((ctx=BN_CTX_new()) == NULL) goto err; BN_init(&m1); BN_init(&r1); @@ -436,11 +447,11 @@ static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) } if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, + if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, rsa->_method_mod_q)) goto err; if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, + if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, rsa->_method_mod_p)) goto err; if (!BN_sub(r0,r0,&m1)) goto err; diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c index 95e636d3f0..00c25adbc5 100644 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ b/src/lib/libcrypto/rsa/rsa_gen.c @@ -95,7 +95,7 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, * unsigned long can be larger */ for (i=0; ie,i); } #else diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c index 074a4f5074..5e1e8fcdf3 100644 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ b/src/lib/libcrypto/rsa/rsa_lib.c @@ -62,6 +62,7 @@ #include #include #include +#include const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; @@ -74,21 +75,49 @@ RSA *RSA_new(void) return(RSA_new_method(NULL)); } -void RSA_set_default_method(RSA_METHOD *meth) +void RSA_set_default_openssl_method(RSA_METHOD *meth) { - default_RSA_meth=meth; + ENGINE *e; + /* We'll need to notify the "openssl" ENGINE of this + * change too. We won't bother locking things down at + * our end as there was never any locking in these + * functions! */ + if(default_RSA_meth != meth) + { + default_RSA_meth = meth; + e = ENGINE_by_id("openssl"); + if(e) + { + ENGINE_set_RSA(e, meth); + ENGINE_free(e); + } + } } -RSA_METHOD *RSA_get_default_method(void) +RSA_METHOD *RSA_get_default_openssl_method(void) { + if (default_RSA_meth == NULL) + { +#ifdef RSA_NULL + default_RSA_meth=RSA_null_method(); +#else +#ifdef RSAref + default_RSA_meth=RSA_PKCS1_RSAref(); +#else + default_RSA_meth=RSA_PKCS1_SSLeay(); +#endif +#endif + } + return default_RSA_meth; } RSA_METHOD *RSA_get_method(RSA *rsa) { - return rsa->meth; + return ENGINE_get_RSA(rsa->engine); } +#if 0 RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) { RSA_METHOD *mtmp; @@ -98,34 +127,52 @@ RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) if (meth->init) meth->init(rsa); return mtmp; } +#else +int RSA_set_method(RSA *rsa, ENGINE *engine) +{ + ENGINE *mtmp; + RSA_METHOD *meth; + mtmp = rsa->engine; + meth = ENGINE_get_RSA(mtmp); + if (!ENGINE_init(engine)) + return 0; + if (meth->finish) meth->finish(rsa); + rsa->engine = engine; + meth = ENGINE_get_RSA(engine); + if (meth->init) meth->init(rsa); + /* SHOULD ERROR CHECK THIS!!! */ + ENGINE_finish(mtmp); + return 1; +} +#endif +#if 0 RSA *RSA_new_method(RSA_METHOD *meth) +#else +RSA *RSA_new_method(ENGINE *engine) +#endif { + RSA_METHOD *meth; RSA *ret; - if (default_RSA_meth == NULL) - { -#ifdef RSA_NULL - default_RSA_meth=RSA_null_method(); -#else -#ifdef RSAref - default_RSA_meth=RSA_PKCS1_RSAref(); -#else - default_RSA_meth=RSA_PKCS1_SSLeay(); -#endif -#endif - } - ret=(RSA *)Malloc(sizeof(RSA)); + ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); if (ret == NULL) { RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); return(NULL); } - if (meth == NULL) - ret->meth=default_RSA_meth; + if (engine == NULL) + { + if((ret->engine=ENGINE_get_default_RSA()) == NULL) + { + OPENSSL_free(ret); + return NULL; + } + } else - ret->meth=meth; + ret->engine=engine; + meth = ENGINE_get_RSA(ret->engine); ret->pad=0; ret->version=0; @@ -143,10 +190,10 @@ RSA *RSA_new_method(RSA_METHOD *meth) ret->_method_mod_q=NULL; ret->blinding=NULL; ret->bignum_data=NULL; - ret->flags=ret->meth->flags; - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) + ret->flags=meth->flags; + if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -156,6 +203,7 @@ RSA *RSA_new_method(RSA_METHOD *meth) void RSA_free(RSA *r) { + RSA_METHOD *meth; int i; if (r == NULL) return; @@ -175,8 +223,10 @@ void RSA_free(RSA *r) CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); - if (r->meth->finish != NULL) - r->meth->finish(r); + meth = ENGINE_get_RSA(r->engine); + if (meth->finish != NULL) + meth->finish(r); + ENGINE_finish(r->engine); if (r->n != NULL) BN_clear_free(r->n); if (r->e != NULL) BN_clear_free(r->e); @@ -187,8 +237,8 @@ void RSA_free(RSA *r) if (r->dmq1 != NULL) BN_clear_free(r->dmq1); if (r->iqmp != NULL) BN_clear_free(r->iqmp); if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->bignum_data != NULL) Free_locked(r->bignum_data); - Free(r); + if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); + OPENSSL_free(r); } int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, @@ -217,30 +267,34 @@ int RSA_size(RSA *r) int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding)); + return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen, + from, to, rsa, padding)); } int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); + return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen, + from, to, rsa, padding)); } int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding)); + return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen, + from, to, rsa, padding)); } int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); + return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen, + from, to, rsa, padding)); } int RSA_flags(RSA *r) { - return((r == NULL)?0:r->meth->flags); + return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags); } void RSA_blinding_off(RSA *rsa) @@ -274,7 +328,8 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; - if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) + if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A, + rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err; rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); rsa->flags|=RSA_FLAG_BLINDING; @@ -305,7 +360,7 @@ int RSA_memory_lock(RSA *r) j=1; for (i=0; i<6; i++) j+= (*t[i])->top; - if ((p=Malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) + if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) { RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); return(0); diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c index 1465c01f4f..fd0b7f361f 100644 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ b/src/lib/libcrypto/rsa/rsa_oaep.c @@ -34,7 +34,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, return (0); } - dbmask = Malloc(emlen - SHA_DIGEST_LENGTH); + dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); if (dbmask == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -66,7 +66,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; - Free(dbmask); + OPENSSL_free(dbmask); return (1); } @@ -86,7 +86,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, } dblen = num - SHA_DIGEST_LENGTH; - db = Malloc(dblen); + db = OPENSSL_malloc(dblen); if (db == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -128,7 +128,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, memcpy(to, db + i, mlen); } } - Free(db); + OPENSSL_free(db); return (mlen); } diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c index 61efb0b00f..c77f4381ff 100644 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ b/src/lib/libcrypto/rsa/rsa_saos.c @@ -81,7 +81,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); return(0); } - s=(unsigned char *)Malloc((unsigned int)j+1); + s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -96,7 +96,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, *siglen=i; memset(s,0,(unsigned int)j+1); - Free(s); + OPENSSL_free(s); return(ret); } @@ -114,7 +114,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, return(0); } - s=(unsigned char *)Malloc((unsigned int)siglen); + s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -138,7 +138,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, err: if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); memset(s,0,(unsigned int)siglen); - Free(s); + OPENSSL_free(s); return(ret); } diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index 05bb7fb74a..cf00876292 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c @@ -62,6 +62,7 @@ #include #include #include +#include /* Size of an SSL signature: MD5+SHA1 */ #define SSL_SIG_LENGTH 36 @@ -76,7 +77,8 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, X509_ALGOR algor; ASN1_OCTET_STRING digest; if(rsa->flags & RSA_FLAG_SIGN_VER) - return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa); + return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, + m, m_len, sigret, siglen, rsa); /* Special case: SSL signature, just check the length */ if(type == NID_md5_sha1) { if(m_len != SSL_SIG_LENGTH) { @@ -115,7 +117,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, return(0); } if(type != NID_md5_sha1) { - s=(unsigned char *)Malloc((unsigned int)j+1); + s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); @@ -132,7 +134,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, if(type != NID_md5_sha1) { memset(s,0,(unsigned int)j+1); - Free(s); + OPENSSL_free(s); } return(ret); } @@ -151,9 +153,10 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, } if(rsa->flags & RSA_FLAG_SIGN_VER) - return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa); + return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, + m, m_len, sigbuf, siglen, rsa); - s=(unsigned char *)Malloc((unsigned int)siglen); + s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); @@ -215,7 +218,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, err: if (sig != NULL) X509_SIG_free(sig); memset(s,0,(unsigned int)siglen); - Free(s); + OPENSSL_free(s); return(ret); } diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c index 81a857c813..482f4a8273 100644 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ b/src/lib/libcrypto/rsa/rsa_ssl.c @@ -134,7 +134,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from, { if (p[k] != 0x03) break; } - if (k == 0) + if (k == -1) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK); return(-1); -- cgit v1.2.3-55-g6feb