]>
Commit | Line | Data |
---|---|---|
58964a49 | 1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
2 | * All rights reserved. |
3 | * | |
4 | * This package is an SSL implementation written | |
5 | * by Eric Young (eay@cryptsoft.com). | |
6 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 7 | * |
d02b48c6 RE |
8 | * This library is free for commercial and non-commercial use as long as |
9 | * the following conditions are aheared to. The following conditions | |
10 | * apply to all code found in this distribution, be it the RC4, RSA, | |
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
12 | * included with this distribution is covered by the same copyright terms | |
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 14 | * |
d02b48c6 RE |
15 | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | * the code are not to be removed. | |
17 | * If this package is used in a product, Eric Young should be given attribution | |
18 | * as the author of the parts of the library used. | |
19 | * This can be in the form of a textual message at program startup or | |
20 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 21 | * |
d02b48c6 RE |
22 | * Redistribution and use in source and binary forms, with or without |
23 | * modification, are permitted provided that the following conditions | |
24 | * are met: | |
25 | * 1. Redistributions of source code must retain the copyright | |
26 | * notice, this list of conditions and the following disclaimer. | |
27 | * 2. Redistributions in binary form must reproduce the above copyright | |
28 | * notice, this list of conditions and the following disclaimer in the | |
29 | * documentation and/or other materials provided with the distribution. | |
30 | * 3. All advertising materials mentioning features or use of this software | |
31 | * must display the following acknowledgement: | |
32 | * "This product includes cryptographic software written by | |
33 | * Eric Young (eay@cryptsoft.com)" | |
34 | * The word 'cryptographic' can be left out if the rouines from the library | |
35 | * being used are not cryptographic related :-). | |
0f113f3e | 36 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
37 | * the apps directory (application code) you must include an acknowledgement: |
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 39 | * |
d02b48c6 RE |
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
50 | * SUCH DAMAGE. | |
0f113f3e | 51 | * |
d02b48c6 RE |
52 | * The licence and distribution terms for any publically available version or |
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
54 | * copied and put under another distribution licence | |
55 | * [including the GNU Public Licence.] | |
56 | */ | |
57 | ||
651d0aff | 58 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ |
d02b48c6 RE |
59 | |
60 | #include <stdio.h> | |
b39fc560 | 61 | #include "internal/cryptlib.h" |
ec577822 | 62 | #include <openssl/bn.h> |
1258396d | 63 | #include "dsa_locl.h" |
ec577822 | 64 | #include <openssl/asn1.h> |
3c27208f RS |
65 | #include <openssl/engine.h> |
66 | #include <openssl/dh.h> | |
d02b48c6 | 67 | |
a75b1915 | 68 | static const DSA_METHOD *default_DSA_method = NULL; |
c0711f7f | 69 | |
cb78486d | 70 | void DSA_set_default_method(const DSA_METHOD *meth) |
0f113f3e MC |
71 | { |
72 | default_DSA_method = meth; | |
73 | } | |
c0711f7f | 74 | |
cb78486d | 75 | const DSA_METHOD *DSA_get_default_method(void) |
0f113f3e MC |
76 | { |
77 | if (!default_DSA_method) | |
78 | default_DSA_method = DSA_OpenSSL(); | |
79 | return default_DSA_method; | |
80 | } | |
c0711f7f | 81 | |
6b691a5c | 82 | DSA *DSA_new(void) |
0f113f3e MC |
83 | { |
84 | return DSA_new_method(NULL); | |
85 | } | |
c0711f7f | 86 | |
cb78486d | 87 | int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) |
0f113f3e MC |
88 | { |
89 | /* | |
90 | * NB: The caller is specifically setting a method, so it's not up to us | |
91 | * to deal with which ENGINE it comes from. | |
92 | */ | |
93 | const DSA_METHOD *mtmp; | |
94 | mtmp = dsa->meth; | |
95 | if (mtmp->finish) | |
96 | mtmp->finish(dsa); | |
0b13e9f0 | 97 | #ifndef OPENSSL_NO_ENGINE |
7c96dbcd RS |
98 | ENGINE_finish(dsa->engine); |
99 | dsa->engine = NULL; | |
0b13e9f0 | 100 | #endif |
0f113f3e MC |
101 | dsa->meth = meth; |
102 | if (meth->init) | |
103 | meth->init(dsa); | |
104 | return 1; | |
105 | } | |
c0711f7f | 106 | |
6e9fa57c MC |
107 | const DSA_METHOD *DSA_get_method(DSA *d) |
108 | { | |
109 | return d->meth; | |
110 | } | |
111 | ||
5270e702 | 112 | DSA *DSA_new_method(ENGINE *engine) |
0f113f3e MC |
113 | { |
114 | DSA *ret; | |
115 | ||
64b25758 | 116 | ret = OPENSSL_zalloc(sizeof(*ret)); |
0f113f3e MC |
117 | if (ret == NULL) { |
118 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE); | |
d188a536 | 119 | return NULL; |
0f113f3e MC |
120 | } |
121 | ret->meth = DSA_get_default_method(); | |
0b13e9f0 | 122 | #ifndef OPENSSL_NO_ENGINE |
0f113f3e MC |
123 | if (engine) { |
124 | if (!ENGINE_init(engine)) { | |
125 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); | |
126 | OPENSSL_free(ret); | |
127 | return NULL; | |
128 | } | |
129 | ret->engine = engine; | |
130 | } else | |
131 | ret->engine = ENGINE_get_default_DSA(); | |
132 | if (ret->engine) { | |
133 | ret->meth = ENGINE_get_DSA(ret->engine); | |
7c96dbcd | 134 | if (ret->meth == NULL) { |
0f113f3e MC |
135 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); |
136 | ENGINE_finish(ret->engine); | |
137 | OPENSSL_free(ret); | |
138 | return NULL; | |
139 | } | |
140 | } | |
0b13e9f0 | 141 | #endif |
0c9de428 | 142 | |
0f113f3e MC |
143 | ret->references = 1; |
144 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; | |
d188a536 | 145 | |
0f113f3e | 146 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
d188a536 AG |
147 | |
148 | ret->lock = CRYPTO_THREAD_lock_new(); | |
149 | if (ret->lock == NULL) { | |
0b13e9f0 | 150 | #ifndef OPENSSL_NO_ENGINE |
17fa4e8e | 151 | ENGINE_finish(ret->engine); |
0b13e9f0 | 152 | #endif |
0f113f3e MC |
153 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
154 | OPENSSL_free(ret); | |
d188a536 AG |
155 | return NULL; |
156 | } | |
157 | ||
158 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { | |
159 | DSA_free(ret); | |
0f113f3e MC |
160 | ret = NULL; |
161 | } | |
162 | ||
d188a536 | 163 | return ret; |
0f113f3e | 164 | } |
d02b48c6 | 165 | |
6b691a5c | 166 | void DSA_free(DSA *r) |
0f113f3e MC |
167 | { |
168 | int i; | |
d02b48c6 | 169 | |
0f113f3e MC |
170 | if (r == NULL) |
171 | return; | |
d02b48c6 | 172 | |
d188a536 | 173 | CRYPTO_atomic_add(&r->references, -1, &i, r->lock); |
f3f1cf84 | 174 | REF_PRINT_COUNT("DSA", r); |
0f113f3e MC |
175 | if (i > 0) |
176 | return; | |
f3f1cf84 | 177 | REF_ASSERT_ISNT(i < 0); |
d02b48c6 | 178 | |
0f113f3e MC |
179 | if (r->meth->finish) |
180 | r->meth->finish(r); | |
0b13e9f0 | 181 | #ifndef OPENSSL_NO_ENGINE |
17fa4e8e | 182 | ENGINE_finish(r->engine); |
0b13e9f0 | 183 | #endif |
c0711f7f | 184 | |
0f113f3e MC |
185 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
186 | ||
d188a536 AG |
187 | CRYPTO_THREAD_lock_free(r->lock); |
188 | ||
23a1d5e9 RS |
189 | BN_clear_free(r->p); |
190 | BN_clear_free(r->q); | |
191 | BN_clear_free(r->g); | |
192 | BN_clear_free(r->pub_key); | |
193 | BN_clear_free(r->priv_key); | |
0f113f3e MC |
194 | OPENSSL_free(r); |
195 | } | |
d02b48c6 | 196 | |
6ac4e8bd | 197 | int DSA_up_ref(DSA *r) |
0f113f3e | 198 | { |
d188a536 AG |
199 | int i; |
200 | ||
201 | if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) | |
202 | return 0; | |
f3f1cf84 RS |
203 | |
204 | REF_PRINT_COUNT("DSA", r); | |
205 | REF_ASSERT_ISNT(i < 2); | |
0f113f3e MC |
206 | return ((i > 1) ? 1 : 0); |
207 | } | |
5cbc2e8b | 208 | |
a4aba800 | 209 | int DSA_size(const DSA *r) |
0f113f3e MC |
210 | { |
211 | int ret, i; | |
212 | ASN1_INTEGER bs; | |
213 | unsigned char buf[4]; /* 4 bytes looks really small. However, | |
214 | * i2d_ASN1_INTEGER() will not look beyond | |
215 | * the first byte, as long as the second | |
216 | * parameter is NULL. */ | |
217 | ||
218 | i = BN_num_bits(r->q); | |
219 | bs.length = (i + 7) / 8; | |
220 | bs.data = buf; | |
221 | bs.type = V_ASN1_INTEGER; | |
222 | /* If the top bit is set the asn1 encoding is 1 larger. */ | |
223 | buf[0] = 0xff; | |
224 | ||
225 | i = i2d_ASN1_INTEGER(&bs, NULL); | |
226 | i += i; /* r and s */ | |
227 | ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE); | |
228 | return (ret); | |
229 | } | |
d02b48c6 | 230 | |
dd9d233e | 231 | int DSA_set_ex_data(DSA *d, int idx, void *arg) |
0f113f3e MC |
232 | { |
233 | return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); | |
234 | } | |
c0711f7f | 235 | |
dd9d233e | 236 | void *DSA_get_ex_data(DSA *d, int idx) |
0f113f3e MC |
237 | { |
238 | return (CRYPTO_get_ex_data(&d->ex_data, idx)); | |
239 | } | |
c0711f7f | 240 | |
2514fa79 | 241 | int DSA_security_bits(const DSA *d) |
0f113f3e | 242 | { |
72245f34 DSH |
243 | if (d->p && d->q) |
244 | return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q)); | |
245 | return -1; | |
0f113f3e | 246 | } |
2514fa79 | 247 | |
cf1b7d96 | 248 | #ifndef OPENSSL_NO_DH |
a4aba800 | 249 | DH *DSA_dup_DH(const DSA *r) |
0f113f3e MC |
250 | { |
251 | /* | |
252 | * DSA has p, q, g, optional pub_key, optional priv_key. DH has p, | |
253 | * optional length, g, optional pub_key, optional priv_key, optional q. | |
254 | */ | |
255 | ||
256 | DH *ret = NULL; | |
0aeddcfa | 257 | BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL; |
0f113f3e MC |
258 | |
259 | if (r == NULL) | |
260 | goto err; | |
261 | ret = DH_new(); | |
262 | if (ret == NULL) | |
263 | goto err; | |
0aeddcfa MC |
264 | if (r->p != NULL || r->g != NULL || r->q != NULL) { |
265 | if (r->p == NULL || r->g == NULL || r->q == NULL) { | |
266 | /* Shouldn't happen */ | |
0f113f3e | 267 | goto err; |
0aeddcfa MC |
268 | } |
269 | p = BN_dup(r->p); | |
270 | g = BN_dup(r->g); | |
271 | q = BN_dup(r->q); | |
272 | if (p == NULL || g == NULL || q == NULL || !DH_set0_pqg(ret, p, q, g)) | |
0f113f3e | 273 | goto err; |
998f2cb8 | 274 | p = g = q = NULL; |
0f113f3e | 275 | } |
0aeddcfa MC |
276 | |
277 | if (r->pub_key != NULL) { | |
278 | pub_key = BN_dup(r->pub_key); | |
279 | if (pub_key == NULL) | |
0f113f3e | 280 | goto err; |
0aeddcfa MC |
281 | if (r->priv_key != NULL) { |
282 | priv_key = BN_dup(r->priv_key); | |
283 | if (priv_key == NULL) | |
284 | goto err; | |
285 | } | |
286 | if (!DH_set0_key(ret, pub_key, priv_key)) | |
0f113f3e | 287 | goto err; |
0aeddcfa MC |
288 | } else if (r->priv_key != NULL) { |
289 | /* Shouldn't happen */ | |
290 | goto err; | |
291 | } | |
0f113f3e MC |
292 | |
293 | return ret; | |
48c843c3 BM |
294 | |
295 | err: | |
0aeddcfa MC |
296 | BN_free(p); |
297 | BN_free(g); | |
298 | BN_free(q); | |
299 | BN_free(pub_key); | |
300 | BN_free(priv_key); | |
d6407083 | 301 | DH_free(ret); |
0f113f3e MC |
302 | return NULL; |
303 | } | |
48c843c3 | 304 | #endif |
1258396d | 305 | |
6e9fa57c | 306 | void DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g) |
1258396d | 307 | { |
6e9fa57c MC |
308 | if (p != NULL) |
309 | *p = d->p; | |
310 | if (q != NULL) | |
311 | *q = d->q; | |
312 | if (g != NULL) | |
313 | *g = d->g; | |
1258396d MC |
314 | } |
315 | ||
316 | int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) | |
317 | { | |
1da12e34 RL |
318 | /* If the fields in d are NULL, the corresponding input |
319 | * parameters MUST be non-NULL. | |
320 | * | |
321 | * It is an error to give the results from get0 on d | |
322 | * as input parameters. | |
323 | */ | |
324 | if (p == d->p || q == d->q || g == d->g) | |
1258396d | 325 | return 0; |
1da12e34 RL |
326 | |
327 | if (p != NULL) { | |
328 | BN_free(d->p); | |
329 | d->p = p; | |
330 | } | |
331 | if (q != NULL) { | |
332 | BN_free(d->q); | |
333 | d->q = q; | |
334 | } | |
335 | if (g != NULL) { | |
336 | BN_free(d->g); | |
337 | d->g = g; | |
338 | } | |
1258396d MC |
339 | |
340 | return 1; | |
341 | } | |
342 | ||
6e9fa57c | 343 | void DSA_get0_key(const DSA *d, BIGNUM **pub_key, BIGNUM **priv_key) |
1258396d | 344 | { |
6e9fa57c MC |
345 | if (pub_key != NULL) |
346 | *pub_key = d->pub_key; | |
347 | if (priv_key != NULL) | |
348 | *priv_key = d->priv_key; | |
1258396d MC |
349 | } |
350 | ||
6e9fa57c | 351 | int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) |
1258396d | 352 | { |
1da12e34 RL |
353 | /* If the pub_key in d is NULL, the corresponding input |
354 | * parameters MUST be non-NULL. The priv_key field may | |
355 | * be left NULL. | |
356 | * | |
357 | * It is an error to give the results from get0 on d | |
358 | * as input parameters. | |
359 | */ | |
360 | if (d->pub_key == pub_key | |
4a397f51 | 361 | || (d->priv_key != NULL && priv_key == d->priv_key)) |
1258396d MC |
362 | return 0; |
363 | ||
1da12e34 RL |
364 | if (pub_key != NULL) { |
365 | BN_free(d->pub_key); | |
366 | d->pub_key = pub_key; | |
367 | } | |
368 | if (priv_key != NULL) { | |
369 | BN_free(d->priv_key); | |
370 | d->priv_key = priv_key; | |
371 | } | |
1258396d MC |
372 | |
373 | return 1; | |
374 | } | |
375 | ||
376 | void DSA_clear_flags(DSA *d, int flags) | |
377 | { | |
378 | d->flags &= ~flags; | |
379 | } | |
380 | ||
381 | int DSA_test_flags(const DSA *d, int flags) | |
382 | { | |
383 | return d->flags & flags; | |
384 | } | |
385 | ||
386 | void DSA_set_flags(DSA *d, int flags) | |
387 | { | |
388 | d->flags |= flags; | |
389 | } | |
390 | ||
391 | ENGINE *DSA_get0_engine(DSA *d) | |
392 | { | |
393 | return d->engine; | |
394 | } |