dsa_lib.c 9.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329
  1. /* crypto/dsa/dsa_lib.c */
  2. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  3. * All rights reserved.
  4. *
  5. * This package is an SSL implementation written
  6. * by Eric Young (eay@cryptsoft.com).
  7. * The implementation was written so as to conform with Netscapes SSL.
  8. *
  9. * This library is free for commercial and non-commercial use as long as
  10. * the following conditions are aheared to. The following conditions
  11. * apply to all code found in this distribution, be it the RC4, RSA,
  12. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  13. * included with this distribution is covered by the same copyright terms
  14. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  15. *
  16. * Copyright remains Eric Young's, and as such any Copyright notices in
  17. * the code are not to be removed.
  18. * If this package is used in a product, Eric Young should be given attribution
  19. * as the author of the parts of the library used.
  20. * This can be in the form of a textual message at program startup or
  21. * in documentation (online or textual) provided with the package.
  22. *
  23. * Redistribution and use in source and binary forms, with or without
  24. * modification, are permitted provided that the following conditions
  25. * are met:
  26. * 1. Redistributions of source code must retain the copyright
  27. * notice, this list of conditions and the following disclaimer.
  28. * 2. Redistributions in binary form must reproduce the above copyright
  29. * notice, this list of conditions and the following disclaimer in the
  30. * documentation and/or other materials provided with the distribution.
  31. * 3. All advertising materials mentioning features or use of this software
  32. * must display the following acknowledgement:
  33. * "This product includes cryptographic software written by
  34. * Eric Young (eay@cryptsoft.com)"
  35. * The word 'cryptographic' can be left out if the rouines from the library
  36. * being used are not cryptographic related :-).
  37. * 4. If you include any Windows specific code (or a derivative thereof) from
  38. * the apps directory (application code) you must include an acknowledgement:
  39. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  40. *
  41. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  42. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  43. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  44. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  45. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  46. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  47. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  49. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  50. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  51. * SUCH DAMAGE.
  52. *
  53. * The licence and distribution terms for any publically available version or
  54. * derivative of this code cannot be changed. i.e. this code cannot simply be
  55. * copied and put under another distribution licence
  56. * [including the GNU Public Licence.]
  57. */
  58. /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
  59. #include <stdio.h>
  60. #include "cryptlib.h"
  61. #include <openssl/bn.h>
  62. #include <openssl/dsa.h>
  63. #include <openssl/asn1.h>
  64. #ifndef OPENSSL_NO_ENGINE
  65. # include <openssl/engine.h>
  66. #endif
  67. #ifndef OPENSSL_NO_DH
  68. # include <openssl/dh.h>
  69. #endif
  70. #ifdef OPENSSL_FIPS
  71. # include <openssl/fips.h>
  72. #endif
  73. const char DSA_version[] = "DSA" OPENSSL_VERSION_PTEXT;
  74. static const DSA_METHOD *default_DSA_method = NULL;
  75. void DSA_set_default_method(const DSA_METHOD *meth)
  76. {
  77. default_DSA_method = meth;
  78. }
  79. const DSA_METHOD *DSA_get_default_method(void)
  80. {
  81. if (!default_DSA_method) {
  82. #ifdef OPENSSL_FIPS
  83. if (FIPS_mode())
  84. return FIPS_dsa_openssl();
  85. else
  86. return DSA_OpenSSL();
  87. #else
  88. default_DSA_method = DSA_OpenSSL();
  89. #endif
  90. }
  91. return default_DSA_method;
  92. }
  93. DSA *DSA_new(void)
  94. {
  95. return DSA_new_method(NULL);
  96. }
  97. int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
  98. {
  99. /*
  100. * NB: The caller is specifically setting a method, so it's not up to us
  101. * to deal with which ENGINE it comes from.
  102. */
  103. const DSA_METHOD *mtmp;
  104. mtmp = dsa->meth;
  105. if (mtmp->finish)
  106. mtmp->finish(dsa);
  107. #ifndef OPENSSL_NO_ENGINE
  108. if (dsa->engine) {
  109. ENGINE_finish(dsa->engine);
  110. dsa->engine = NULL;
  111. }
  112. #endif
  113. dsa->meth = meth;
  114. if (meth->init)
  115. meth->init(dsa);
  116. return 1;
  117. }
  118. DSA *DSA_new_method(ENGINE *engine)
  119. {
  120. DSA *ret;
  121. ret = (DSA *)OPENSSL_malloc(sizeof(DSA));
  122. if (ret == NULL) {
  123. DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
  124. return (NULL);
  125. }
  126. ret->meth = DSA_get_default_method();
  127. #ifndef OPENSSL_NO_ENGINE
  128. if (engine) {
  129. if (!ENGINE_init(engine)) {
  130. DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
  131. OPENSSL_free(ret);
  132. return NULL;
  133. }
  134. ret->engine = engine;
  135. } else
  136. ret->engine = ENGINE_get_default_DSA();
  137. if (ret->engine) {
  138. ret->meth = ENGINE_get_DSA(ret->engine);
  139. if (!ret->meth) {
  140. DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
  141. ENGINE_finish(ret->engine);
  142. OPENSSL_free(ret);
  143. return NULL;
  144. }
  145. }
  146. #endif
  147. ret->pad = 0;
  148. ret->version = 0;
  149. ret->write_params = 1;
  150. ret->p = NULL;
  151. ret->q = NULL;
  152. ret->g = NULL;
  153. ret->pub_key = NULL;
  154. ret->priv_key = NULL;
  155. ret->kinv = NULL;
  156. ret->r = NULL;
  157. ret->method_mont_p = NULL;
  158. ret->references = 1;
  159. ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
  160. CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
  161. if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
  162. #ifndef OPENSSL_NO_ENGINE
  163. if (ret->engine)
  164. ENGINE_finish(ret->engine);
  165. #endif
  166. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
  167. OPENSSL_free(ret);
  168. ret = NULL;
  169. }
  170. return (ret);
  171. }
  172. void DSA_free(DSA *r)
  173. {
  174. int i;
  175. if (r == NULL)
  176. return;
  177. i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DSA);
  178. #ifdef REF_PRINT
  179. REF_PRINT("DSA", r);
  180. #endif
  181. if (i > 0)
  182. return;
  183. #ifdef REF_CHECK
  184. if (i < 0) {
  185. fprintf(stderr, "DSA_free, bad reference count\n");
  186. abort();
  187. }
  188. #endif
  189. if (r->meth->finish)
  190. r->meth->finish(r);
  191. #ifndef OPENSSL_NO_ENGINE
  192. if (r->engine)
  193. ENGINE_finish(r->engine);
  194. #endif
  195. CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
  196. if (r->p != NULL)
  197. BN_clear_free(r->p);
  198. if (r->q != NULL)
  199. BN_clear_free(r->q);
  200. if (r->g != NULL)
  201. BN_clear_free(r->g);
  202. if (r->pub_key != NULL)
  203. BN_clear_free(r->pub_key);
  204. if (r->priv_key != NULL)
  205. BN_clear_free(r->priv_key);
  206. if (r->kinv != NULL)
  207. BN_clear_free(r->kinv);
  208. if (r->r != NULL)
  209. BN_clear_free(r->r);
  210. OPENSSL_free(r);
  211. }
  212. int DSA_up_ref(DSA *r)
  213. {
  214. int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
  215. #ifdef REF_PRINT
  216. REF_PRINT("DSA", r);
  217. #endif
  218. #ifdef REF_CHECK
  219. if (i < 2) {
  220. fprintf(stderr, "DSA_up_ref, bad reference count\n");
  221. abort();
  222. }
  223. #endif
  224. return ((i > 1) ? 1 : 0);
  225. }
  226. int DSA_size(const DSA *r)
  227. {
  228. int ret, i;
  229. ASN1_INTEGER bs;
  230. unsigned char buf[4]; /* 4 bytes looks really small. However,
  231. * i2d_ASN1_INTEGER() will not look beyond
  232. * the first byte, as long as the second
  233. * parameter is NULL. */
  234. i = BN_num_bits(r->q);
  235. bs.length = (i + 7) / 8;
  236. bs.data = buf;
  237. bs.type = V_ASN1_INTEGER;
  238. /* If the top bit is set the asn1 encoding is 1 larger. */
  239. buf[0] = 0xff;
  240. i = i2d_ASN1_INTEGER(&bs, NULL);
  241. i += i; /* r and s */
  242. ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
  243. return (ret);
  244. }
  245. int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
  246. CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
  247. {
  248. return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
  249. new_func, dup_func, free_func);
  250. }
  251. int DSA_set_ex_data(DSA *d, int idx, void *arg)
  252. {
  253. return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
  254. }
  255. void *DSA_get_ex_data(DSA *d, int idx)
  256. {
  257. return (CRYPTO_get_ex_data(&d->ex_data, idx));
  258. }
  259. #ifndef OPENSSL_NO_DH
  260. DH *DSA_dup_DH(const DSA *r)
  261. {
  262. /*
  263. * DSA has p, q, g, optional pub_key, optional priv_key. DH has p,
  264. * optional length, g, optional pub_key, optional priv_key, optional q.
  265. */
  266. DH *ret = NULL;
  267. if (r == NULL)
  268. goto err;
  269. ret = DH_new();
  270. if (ret == NULL)
  271. goto err;
  272. if (r->p != NULL)
  273. if ((ret->p = BN_dup(r->p)) == NULL)
  274. goto err;
  275. if (r->q != NULL) {
  276. ret->length = BN_num_bits(r->q);
  277. if ((ret->q = BN_dup(r->q)) == NULL)
  278. goto err;
  279. }
  280. if (r->g != NULL)
  281. if ((ret->g = BN_dup(r->g)) == NULL)
  282. goto err;
  283. if (r->pub_key != NULL)
  284. if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
  285. goto err;
  286. if (r->priv_key != NULL)
  287. if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
  288. goto err;
  289. return ret;
  290. err:
  291. if (ret != NULL)
  292. DH_free(ret);
  293. return NULL;
  294. }
  295. #endif