OLD | NEW |
1 /* crypto/dsa/dsa_lib.c */ | 1 /* crypto/dsa/dsa_lib.c */ |
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 * All rights reserved. | 3 * All rights reserved. |
4 * | 4 * |
5 * This package is an SSL implementation written | 5 * This package is an SSL implementation written |
6 * by Eric Young (eay@cryptsoft.com). | 6 * by Eric Young (eay@cryptsoft.com). |
7 * The implementation was written so as to conform with Netscapes SSL. | 7 * The implementation was written so as to conform with Netscapes SSL. |
8 * | 8 * |
9 * This library is free for commercial and non-commercial use as long as | 9 * This library is free for commercial and non-commercial use as long as |
10 * the following conditions are aheared to. The following conditions | 10 * the following conditions are aheared to. The following conditions |
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
69 #ifndef OPENSSL_NO_DH | 69 #ifndef OPENSSL_NO_DH |
70 #include <openssl/dh.h> | 70 #include <openssl/dh.h> |
71 #endif | 71 #endif |
72 | 72 |
73 const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT; | 73 const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT; |
74 | 74 |
75 static const DSA_METHOD *default_DSA_method = NULL; | 75 static const DSA_METHOD *default_DSA_method = NULL; |
76 | 76 |
77 void DSA_set_default_method(const DSA_METHOD *meth) | 77 void DSA_set_default_method(const DSA_METHOD *meth) |
78 { | 78 { |
79 #ifdef OPENSSL_FIPS | |
80 if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) | |
81 { | |
82 DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD); | |
83 return; | |
84 } | |
85 #endif | |
86 | |
87 default_DSA_method = meth; | 79 default_DSA_method = meth; |
88 } | 80 } |
89 | 81 |
90 const DSA_METHOD *DSA_get_default_method(void) | 82 const DSA_METHOD *DSA_get_default_method(void) |
91 { | 83 { |
92 if(!default_DSA_method) | 84 if(!default_DSA_method) |
93 default_DSA_method = DSA_OpenSSL(); | 85 default_DSA_method = DSA_OpenSSL(); |
94 return default_DSA_method; | 86 return default_DSA_method; |
95 } | 87 } |
96 | 88 |
97 DSA *DSA_new(void) | 89 DSA *DSA_new(void) |
98 { | 90 { |
99 return DSA_new_method(NULL); | 91 return DSA_new_method(NULL); |
100 } | 92 } |
101 | 93 |
102 int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) | 94 int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) |
103 { | 95 { |
104 /* NB: The caller is specifically setting a method, so it's not up to us | 96 /* NB: The caller is specifically setting a method, so it's not up to us |
105 * to deal with which ENGINE it comes from. */ | 97 * to deal with which ENGINE it comes from. */ |
106 const DSA_METHOD *mtmp; | 98 const DSA_METHOD *mtmp; |
107 #ifdef OPENSSL_FIPS | |
108 if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) | |
109 { | |
110 DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD); | |
111 return 0; | |
112 } | |
113 #endif | |
114 mtmp = dsa->meth; | 99 mtmp = dsa->meth; |
115 if (mtmp->finish) mtmp->finish(dsa); | 100 if (mtmp->finish) mtmp->finish(dsa); |
116 #ifndef OPENSSL_NO_ENGINE | 101 #ifndef OPENSSL_NO_ENGINE |
117 if (dsa->engine) | 102 if (dsa->engine) |
118 { | 103 { |
119 ENGINE_finish(dsa->engine); | 104 ENGINE_finish(dsa->engine); |
120 dsa->engine = NULL; | 105 dsa->engine = NULL; |
121 } | 106 } |
122 #endif | 107 #endif |
123 dsa->meth = meth; | 108 dsa->meth = meth; |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
155 if(!ret->meth) | 140 if(!ret->meth) |
156 { | 141 { |
157 DSAerr(DSA_F_DSA_NEW_METHOD, | 142 DSAerr(DSA_F_DSA_NEW_METHOD, |
158 ERR_R_ENGINE_LIB); | 143 ERR_R_ENGINE_LIB); |
159 ENGINE_finish(ret->engine); | 144 ENGINE_finish(ret->engine); |
160 OPENSSL_free(ret); | 145 OPENSSL_free(ret); |
161 return NULL; | 146 return NULL; |
162 } | 147 } |
163 } | 148 } |
164 #endif | 149 #endif |
165 #ifdef OPENSSL_FIPS | |
166 if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)) | |
167 { | |
168 DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD); | |
169 #ifndef OPENSSL_NO_ENGINE | |
170 if (ret->engine) | |
171 ENGINE_finish(ret->engine); | |
172 #endif | |
173 OPENSSL_free(ret); | |
174 return NULL; | |
175 } | |
176 #endif | |
177 | 150 |
178 ret->pad=0; | 151 ret->pad=0; |
179 ret->version=0; | 152 ret->version=0; |
180 ret->write_params=1; | 153 ret->write_params=1; |
181 ret->p=NULL; | 154 ret->p=NULL; |
182 ret->q=NULL; | 155 ret->q=NULL; |
183 ret->g=NULL; | 156 ret->g=NULL; |
184 | 157 |
185 ret->pub_key=NULL; | 158 ret->pub_key=NULL; |
186 ret->priv_key=NULL; | 159 ret->priv_key=NULL; |
187 | 160 |
188 ret->kinv=NULL; | 161 ret->kinv=NULL; |
189 ret->r=NULL; | 162 ret->r=NULL; |
190 ret->method_mont_p=NULL; | 163 ret->method_mont_p=NULL; |
191 | 164 |
192 ret->references=1; | 165 ret->references=1; |
193 » ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; | 166 » ret->flags=ret->meth->flags; |
194 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); | 167 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
195 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 168 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
196 { | 169 { |
197 #ifndef OPENSSL_NO_ENGINE | 170 #ifndef OPENSSL_NO_ENGINE |
198 if (ret->engine) | 171 if (ret->engine) |
199 ENGINE_finish(ret->engine); | 172 ENGINE_finish(ret->engine); |
200 #endif | 173 #endif |
201 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); | 174 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); |
202 OPENSSL_free(ret); | 175 OPENSSL_free(ret); |
203 ret=NULL; | 176 ret=NULL; |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
253 #ifdef REF_CHECK | 226 #ifdef REF_CHECK |
254 if (i < 2) | 227 if (i < 2) |
255 { | 228 { |
256 fprintf(stderr, "DSA_up_ref, bad reference count\n"); | 229 fprintf(stderr, "DSA_up_ref, bad reference count\n"); |
257 abort(); | 230 abort(); |
258 } | 231 } |
259 #endif | 232 #endif |
260 return ((i > 1) ? 1 : 0); | 233 return ((i > 1) ? 1 : 0); |
261 } | 234 } |
262 | 235 |
| 236 int DSA_size(const DSA *r) |
| 237 { |
| 238 int ret,i; |
| 239 ASN1_INTEGER bs; |
| 240 unsigned char buf[4]; /* 4 bytes looks really small. |
| 241 However, i2d_ASN1_INTEGER() will not look |
| 242 beyond the first byte, as long as the second |
| 243 parameter is NULL. */ |
| 244 |
| 245 i=BN_num_bits(r->q); |
| 246 bs.length=(i+7)/8; |
| 247 bs.data=buf; |
| 248 bs.type=V_ASN1_INTEGER; |
| 249 /* If the top bit is set the asn1 encoding is 1 larger. */ |
| 250 buf[0]=0xff; |
| 251 |
| 252 i=i2d_ASN1_INTEGER(&bs,NULL); |
| 253 i+=i; /* r and s */ |
| 254 ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); |
| 255 return(ret); |
| 256 } |
| 257 |
263 int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | 258 int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
264 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | 259 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
265 { | 260 { |
266 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp, | 261 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp, |
267 new_func, dup_func, free_func); | 262 new_func, dup_func, free_func); |
268 } | 263 } |
269 | 264 |
270 int DSA_set_ex_data(DSA *d, int idx, void *arg) | 265 int DSA_set_ex_data(DSA *d, int idx, void *arg) |
271 { | 266 { |
272 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg)); | 267 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg)); |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
307 goto err; | 302 goto err; |
308 | 303 |
309 return ret; | 304 return ret; |
310 | 305 |
311 err: | 306 err: |
312 if (ret != NULL) | 307 if (ret != NULL) |
313 DH_free(ret); | 308 DH_free(ret); |
314 return NULL; | 309 return NULL; |
315 } | 310 } |
316 #endif | 311 #endif |
OLD | NEW |