]>
Commit | Line | Data |
---|---|---|
58964a49 | 1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
2 | * All rights reserved. |
3 | * | |
4 | * This package is an SSL implementation written | |
5 | * by Eric Young (eay@cryptsoft.com). | |
6 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 7 | * |
d02b48c6 RE |
8 | * This library is free for commercial and non-commercial use as long as |
9 | * the following conditions are aheared to. The following conditions | |
10 | * apply to all code found in this distribution, be it the RC4, RSA, | |
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
12 | * included with this distribution is covered by the same copyright terms | |
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 14 | * |
d02b48c6 RE |
15 | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | * the code are not to be removed. | |
17 | * If this package is used in a product, Eric Young should be given attribution | |
18 | * as the author of the parts of the library used. | |
19 | * This can be in the form of a textual message at program startup or | |
20 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 21 | * |
d02b48c6 RE |
22 | * Redistribution and use in source and binary forms, with or without |
23 | * modification, are permitted provided that the following conditions | |
24 | * are met: | |
25 | * 1. Redistributions of source code must retain the copyright | |
26 | * notice, this list of conditions and the following disclaimer. | |
27 | * 2. Redistributions in binary form must reproduce the above copyright | |
28 | * notice, this list of conditions and the following disclaimer in the | |
29 | * documentation and/or other materials provided with the distribution. | |
30 | * 3. All advertising materials mentioning features or use of this software | |
31 | * must display the following acknowledgement: | |
32 | * "This product includes cryptographic software written by | |
33 | * Eric Young (eay@cryptsoft.com)" | |
34 | * The word 'cryptographic' can be left out if the rouines from the library | |
35 | * being used are not cryptographic related :-). | |
0f113f3e | 36 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
37 | * the apps directory (application code) you must include an acknowledgement: |
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 39 | * |
d02b48c6 RE |
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
50 | * SUCH DAMAGE. | |
0f113f3e | 51 | * |
d02b48c6 RE |
52 | * The licence and distribution terms for any publically available version or |
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
54 | * copied and put under another distribution licence | |
55 | * [including the GNU Public Licence.] | |
56 | */ | |
57 | ||
651d0aff | 58 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ |
d02b48c6 RE |
59 | |
60 | #include <stdio.h> | |
b39fc560 | 61 | #include "internal/cryptlib.h" |
ec577822 | 62 | #include <openssl/bn.h> |
1258396d | 63 | #include "dsa_locl.h" |
ec577822 | 64 | #include <openssl/asn1.h> |
3c27208f RS |
65 | #include <openssl/engine.h> |
66 | #include <openssl/dh.h> | |
d02b48c6 | 67 | |
a75b1915 | 68 | static const DSA_METHOD *default_DSA_method = NULL; |
c0711f7f | 69 | |
cb78486d | 70 | void DSA_set_default_method(const DSA_METHOD *meth) |
0f113f3e MC |
71 | { |
72 | default_DSA_method = meth; | |
73 | } | |
c0711f7f | 74 | |
cb78486d | 75 | const DSA_METHOD *DSA_get_default_method(void) |
0f113f3e MC |
76 | { |
77 | if (!default_DSA_method) | |
78 | default_DSA_method = DSA_OpenSSL(); | |
79 | return default_DSA_method; | |
80 | } | |
c0711f7f | 81 | |
6b691a5c | 82 | DSA *DSA_new(void) |
0f113f3e MC |
83 | { |
84 | return DSA_new_method(NULL); | |
85 | } | |
c0711f7f | 86 | |
cb78486d | 87 | int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) |
0f113f3e MC |
88 | { |
89 | /* | |
90 | * NB: The caller is specifically setting a method, so it's not up to us | |
91 | * to deal with which ENGINE it comes from. | |
92 | */ | |
93 | const DSA_METHOD *mtmp; | |
94 | mtmp = dsa->meth; | |
95 | if (mtmp->finish) | |
96 | mtmp->finish(dsa); | |
0b13e9f0 | 97 | #ifndef OPENSSL_NO_ENGINE |
7c96dbcd RS |
98 | ENGINE_finish(dsa->engine); |
99 | dsa->engine = NULL; | |
0b13e9f0 | 100 | #endif |
0f113f3e MC |
101 | dsa->meth = meth; |
102 | if (meth->init) | |
103 | meth->init(dsa); | |
104 | return 1; | |
105 | } | |
c0711f7f | 106 | |
6e9fa57c MC |
107 | const DSA_METHOD *DSA_get_method(DSA *d) |
108 | { | |
109 | return d->meth; | |
110 | } | |
111 | ||
5270e702 | 112 | DSA *DSA_new_method(ENGINE *engine) |
0f113f3e | 113 | { |
2bbf0baa | 114 | DSA *ret = OPENSSL_zalloc(sizeof(*ret)); |
0f113f3e | 115 | |
0f113f3e MC |
116 | if (ret == NULL) { |
117 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE); | |
d188a536 | 118 | return NULL; |
0f113f3e | 119 | } |
2bbf0baa F |
120 | |
121 | ret->references = 1; | |
122 | ret->lock = CRYPTO_THREAD_lock_new(); | |
123 | if (ret->lock == NULL) { | |
124 | OPENSSL_free(ret); | |
125 | return NULL; | |
126 | } | |
127 | ||
0f113f3e | 128 | ret->meth = DSA_get_default_method(); |
0b13e9f0 | 129 | #ifndef OPENSSL_NO_ENGINE |
2bbf0baa | 130 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; /* early default init */ |
0f113f3e MC |
131 | if (engine) { |
132 | if (!ENGINE_init(engine)) { | |
133 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); | |
2bbf0baa | 134 | goto err; |
0f113f3e MC |
135 | } |
136 | ret->engine = engine; | |
137 | } else | |
138 | ret->engine = ENGINE_get_default_DSA(); | |
139 | if (ret->engine) { | |
140 | ret->meth = ENGINE_get_DSA(ret->engine); | |
7c96dbcd | 141 | if (ret->meth == NULL) { |
0f113f3e | 142 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); |
2bbf0baa | 143 | goto err; |
0f113f3e MC |
144 | } |
145 | } | |
0b13e9f0 | 146 | #endif |
0c9de428 | 147 | |
0f113f3e | 148 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; |
d188a536 | 149 | |
2bbf0baa F |
150 | if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data)) |
151 | goto err; | |
d188a536 AG |
152 | |
153 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { | |
2bbf0baa F |
154 | DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_INIT_FAIL); |
155 | err: | |
d188a536 | 156 | DSA_free(ret); |
0f113f3e MC |
157 | ret = NULL; |
158 | } | |
159 | ||
d188a536 | 160 | return ret; |
0f113f3e | 161 | } |
d02b48c6 | 162 | |
6b691a5c | 163 | void DSA_free(DSA *r) |
0f113f3e MC |
164 | { |
165 | int i; | |
d02b48c6 | 166 | |
0f113f3e MC |
167 | if (r == NULL) |
168 | return; | |
d02b48c6 | 169 | |
d188a536 | 170 | CRYPTO_atomic_add(&r->references, -1, &i, r->lock); |
f3f1cf84 | 171 | REF_PRINT_COUNT("DSA", r); |
0f113f3e MC |
172 | if (i > 0) |
173 | return; | |
f3f1cf84 | 174 | REF_ASSERT_ISNT(i < 0); |
d02b48c6 | 175 | |
0f113f3e MC |
176 | if (r->meth->finish) |
177 | r->meth->finish(r); | |
0b13e9f0 | 178 | #ifndef OPENSSL_NO_ENGINE |
17fa4e8e | 179 | ENGINE_finish(r->engine); |
0b13e9f0 | 180 | #endif |
c0711f7f | 181 | |
0f113f3e MC |
182 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
183 | ||
d188a536 AG |
184 | CRYPTO_THREAD_lock_free(r->lock); |
185 | ||
23a1d5e9 RS |
186 | BN_clear_free(r->p); |
187 | BN_clear_free(r->q); | |
188 | BN_clear_free(r->g); | |
189 | BN_clear_free(r->pub_key); | |
190 | BN_clear_free(r->priv_key); | |
0f113f3e MC |
191 | OPENSSL_free(r); |
192 | } | |
d02b48c6 | 193 | |
6ac4e8bd | 194 | int DSA_up_ref(DSA *r) |
0f113f3e | 195 | { |
d188a536 AG |
196 | int i; |
197 | ||
198 | if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) | |
199 | return 0; | |
f3f1cf84 RS |
200 | |
201 | REF_PRINT_COUNT("DSA", r); | |
202 | REF_ASSERT_ISNT(i < 2); | |
0f113f3e MC |
203 | return ((i > 1) ? 1 : 0); |
204 | } | |
5cbc2e8b | 205 | |
a4aba800 | 206 | int DSA_size(const DSA *r) |
0f113f3e MC |
207 | { |
208 | int ret, i; | |
209 | ASN1_INTEGER bs; | |
210 | unsigned char buf[4]; /* 4 bytes looks really small. However, | |
211 | * i2d_ASN1_INTEGER() will not look beyond | |
212 | * the first byte, as long as the second | |
213 | * parameter is NULL. */ | |
214 | ||
215 | i = BN_num_bits(r->q); | |
216 | bs.length = (i + 7) / 8; | |
217 | bs.data = buf; | |
218 | bs.type = V_ASN1_INTEGER; | |
219 | /* If the top bit is set the asn1 encoding is 1 larger. */ | |
220 | buf[0] = 0xff; | |
221 | ||
222 | i = i2d_ASN1_INTEGER(&bs, NULL); | |
223 | i += i; /* r and s */ | |
224 | ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE); | |
225 | return (ret); | |
226 | } | |
d02b48c6 | 227 | |
dd9d233e | 228 | int DSA_set_ex_data(DSA *d, int idx, void *arg) |
0f113f3e MC |
229 | { |
230 | return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); | |
231 | } | |
c0711f7f | 232 | |
dd9d233e | 233 | void *DSA_get_ex_data(DSA *d, int idx) |
0f113f3e MC |
234 | { |
235 | return (CRYPTO_get_ex_data(&d->ex_data, idx)); | |
236 | } | |
c0711f7f | 237 | |
2514fa79 | 238 | int DSA_security_bits(const DSA *d) |
0f113f3e | 239 | { |
72245f34 DSH |
240 | if (d->p && d->q) |
241 | return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q)); | |
242 | return -1; | |
0f113f3e | 243 | } |
2514fa79 | 244 | |
cf1b7d96 | 245 | #ifndef OPENSSL_NO_DH |
a4aba800 | 246 | DH *DSA_dup_DH(const DSA *r) |
0f113f3e MC |
247 | { |
248 | /* | |
249 | * DSA has p, q, g, optional pub_key, optional priv_key. DH has p, | |
250 | * optional length, g, optional pub_key, optional priv_key, optional q. | |
251 | */ | |
252 | ||
253 | DH *ret = NULL; | |
0aeddcfa | 254 | BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL; |
0f113f3e MC |
255 | |
256 | if (r == NULL) | |
257 | goto err; | |
258 | ret = DH_new(); | |
259 | if (ret == NULL) | |
260 | goto err; | |
0aeddcfa MC |
261 | if (r->p != NULL || r->g != NULL || r->q != NULL) { |
262 | if (r->p == NULL || r->g == NULL || r->q == NULL) { | |
263 | /* Shouldn't happen */ | |
0f113f3e | 264 | goto err; |
0aeddcfa MC |
265 | } |
266 | p = BN_dup(r->p); | |
267 | g = BN_dup(r->g); | |
268 | q = BN_dup(r->q); | |
269 | if (p == NULL || g == NULL || q == NULL || !DH_set0_pqg(ret, p, q, g)) | |
0f113f3e | 270 | goto err; |
998f2cb8 | 271 | p = g = q = NULL; |
0f113f3e | 272 | } |
0aeddcfa MC |
273 | |
274 | if (r->pub_key != NULL) { | |
275 | pub_key = BN_dup(r->pub_key); | |
276 | if (pub_key == NULL) | |
0f113f3e | 277 | goto err; |
0aeddcfa MC |
278 | if (r->priv_key != NULL) { |
279 | priv_key = BN_dup(r->priv_key); | |
280 | if (priv_key == NULL) | |
281 | goto err; | |
282 | } | |
283 | if (!DH_set0_key(ret, pub_key, priv_key)) | |
0f113f3e | 284 | goto err; |
0aeddcfa MC |
285 | } else if (r->priv_key != NULL) { |
286 | /* Shouldn't happen */ | |
287 | goto err; | |
288 | } | |
0f113f3e MC |
289 | |
290 | return ret; | |
48c843c3 BM |
291 | |
292 | err: | |
0aeddcfa MC |
293 | BN_free(p); |
294 | BN_free(g); | |
295 | BN_free(q); | |
296 | BN_free(pub_key); | |
297 | BN_free(priv_key); | |
d6407083 | 298 | DH_free(ret); |
0f113f3e MC |
299 | return NULL; |
300 | } | |
48c843c3 | 301 | #endif |
1258396d | 302 | |
6e9fa57c | 303 | void DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g) |
1258396d | 304 | { |
6e9fa57c MC |
305 | if (p != NULL) |
306 | *p = d->p; | |
307 | if (q != NULL) | |
308 | *q = d->q; | |
309 | if (g != NULL) | |
310 | *g = d->g; | |
1258396d MC |
311 | } |
312 | ||
313 | int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) | |
314 | { | |
1da12e34 RL |
315 | /* If the fields in d are NULL, the corresponding input |
316 | * parameters MUST be non-NULL. | |
317 | * | |
318 | * It is an error to give the results from get0 on d | |
319 | * as input parameters. | |
320 | */ | |
321 | if (p == d->p || q == d->q || g == d->g) | |
1258396d | 322 | return 0; |
1da12e34 RL |
323 | |
324 | if (p != NULL) { | |
325 | BN_free(d->p); | |
326 | d->p = p; | |
327 | } | |
328 | if (q != NULL) { | |
329 | BN_free(d->q); | |
330 | d->q = q; | |
331 | } | |
332 | if (g != NULL) { | |
333 | BN_free(d->g); | |
334 | d->g = g; | |
335 | } | |
1258396d MC |
336 | |
337 | return 1; | |
338 | } | |
339 | ||
6e9fa57c | 340 | void DSA_get0_key(const DSA *d, BIGNUM **pub_key, BIGNUM **priv_key) |
1258396d | 341 | { |
6e9fa57c MC |
342 | if (pub_key != NULL) |
343 | *pub_key = d->pub_key; | |
344 | if (priv_key != NULL) | |
345 | *priv_key = d->priv_key; | |
1258396d MC |
346 | } |
347 | ||
6e9fa57c | 348 | int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) |
1258396d | 349 | { |
1da12e34 RL |
350 | /* If the pub_key in d is NULL, the corresponding input |
351 | * parameters MUST be non-NULL. The priv_key field may | |
352 | * be left NULL. | |
353 | * | |
354 | * It is an error to give the results from get0 on d | |
355 | * as input parameters. | |
356 | */ | |
357 | if (d->pub_key == pub_key | |
4a397f51 | 358 | || (d->priv_key != NULL && priv_key == d->priv_key)) |
1258396d MC |
359 | return 0; |
360 | ||
1da12e34 RL |
361 | if (pub_key != NULL) { |
362 | BN_free(d->pub_key); | |
363 | d->pub_key = pub_key; | |
364 | } | |
365 | if (priv_key != NULL) { | |
366 | BN_free(d->priv_key); | |
367 | d->priv_key = priv_key; | |
368 | } | |
1258396d MC |
369 | |
370 | return 1; | |
371 | } | |
372 | ||
373 | void DSA_clear_flags(DSA *d, int flags) | |
374 | { | |
375 | d->flags &= ~flags; | |
376 | } | |
377 | ||
378 | int DSA_test_flags(const DSA *d, int flags) | |
379 | { | |
380 | return d->flags & flags; | |
381 | } | |
382 | ||
383 | void DSA_set_flags(DSA *d, int flags) | |
384 | { | |
385 | d->flags |= flags; | |
386 | } | |
387 | ||
388 | ENGINE *DSA_get0_engine(DSA *d) | |
389 | { | |
390 | return d->engine; | |
391 | } |