diff options
author | kris <kris@FreeBSD.org> | 2000-01-10 06:22:05 +0000 |
---|---|---|
committer | kris <kris@FreeBSD.org> | 2000-01-10 06:22:05 +0000 |
commit | 2e467dc342d6641955ef59a1a671ff929444d45b (patch) | |
tree | b5683ff3d44c93978826763313683673904c6bd9 /crypto/openssl/crypto/dsa | |
parent | e829abb179a8846d90fb31e1bcab4ea0aec4590f (diff) | |
download | FreeBSD-src-2e467dc342d6641955ef59a1a671ff929444d45b.zip FreeBSD-src-2e467dc342d6641955ef59a1a671ff929444d45b.tar.gz |
Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent
infringement reasons.
Diffstat (limited to 'crypto/openssl/crypto/dsa')
-rw-r--r-- | crypto/openssl/crypto/dsa/Makefile.ssl | 133 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/README | 4 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa.h | 204 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_asn1.c | 96 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_err.c | 106 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_gen.c | 333 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_key.c | 112 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_lib.c | 184 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_sign.c | 211 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_vrf.c | 160 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsagen.c | 111 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/dsatest.c | 220 | ||||
-rw-r--r-- | crypto/openssl/crypto/dsa/fips186a.txt | 122 |
13 files changed, 1996 insertions, 0 deletions
diff --git a/crypto/openssl/crypto/dsa/Makefile.ssl b/crypto/openssl/crypto/dsa/Makefile.ssl new file mode 100644 index 0000000..6d80ce7 --- /dev/null +++ b/crypto/openssl/crypto/dsa/Makefile.ssl @@ -0,0 +1,133 @@ +# +# SSLeay/crypto/dsa/Makefile +# + +DIR= dsa +TOP= ../.. +CC= cc +INCLUDES= -I.. -I../../include +CFLAG=-g +INSTALL_PREFIX= +OPENSSLDIR= /usr/local/ssl +INSTALLTOP=/usr/local/ssl +MAKE= make -f Makefile.ssl +MAKEDEPEND= $(TOP)/util/domd $(TOP) +MAKEFILE= Makefile.ssl +AR= ar r + +CFLAGS= $(INCLUDES) $(CFLAG) + +GENERAL=Makefile +TEST=dsatest.c +APPS= + +LIB=$(TOP)/libcrypto.a +LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c dsa_err.c +LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o dsa_err.o + +SRC= $(LIBSRC) + +EXHEADER= dsa.h +HEADER= $(EXHEADER) + +ALL= $(GENERAL) $(SRC) $(HEADER) + +top: + (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) + +all: lib + +lib: $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) + $(RANLIB) $(LIB) + @touch lib + +files: + $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO + +links: + @$(TOP)/util/point.sh Makefile.ssl Makefile + @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) + @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) + @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) + +install: + @for i in $(EXHEADER) ; \ + do \ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; + +tags: + ctags $(SRC) + +tests: + +lint: + lint -DLINT $(INCLUDES) $(SRC)>fluff + +depend: + $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC) + +dclean: + $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new + mv -f Makefile.new $(MAKEFILE) + +clean: + rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + +# DO NOT DELETE THIS LINE -- make depend depends on it. + +dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +dsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +dsa_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +dsa_asn1.o: ../../include/openssl/stack.h ../cryptlib.h +dsa_err.o: ../../include/openssl/bn.h ../../include/openssl/dh.h +dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/err.h +dsa_err.o: ../../include/openssl/opensslconf.h +dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_gen.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +dsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_gen.o: ../cryptlib.h +dsa_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +dsa_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +dsa_key.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +dsa_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dsa_key.o: ../cryptlib.h +dsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +dsa_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dsa_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h +dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dsa_lib.o: ../cryptlib.h +dsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +dsa_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +dsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h +dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +dsa_sign.o: ../../include/openssl/opensslconf.h +dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dsa_sign.o: ../cryptlib.h +dsa_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +dsa_vrf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dsa_vrf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +dsa_vrf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h +dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dsa_vrf.o: ../cryptlib.h diff --git a/crypto/openssl/crypto/dsa/README b/crypto/openssl/crypto/dsa/README new file mode 100644 index 0000000..6a7e9c1 --- /dev/null +++ b/crypto/openssl/crypto/dsa/README @@ -0,0 +1,4 @@ +The stuff in here is based on patches supplied to me by +Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS. +I have since modified a them a little but a debt of gratitude +is due for doing the initial work. diff --git a/crypto/openssl/crypto/dsa/dsa.h b/crypto/openssl/crypto/dsa/dsa.h new file mode 100644 index 0000000..20b3f8d --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa.h @@ -0,0 +1,204 @@ +/* crypto/dsa/dsa.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * The DSS routines are based on patches supplied by + * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the + * work and I have just tweaked them a little to fit into my + * stylistic vision for SSLeay :-) */ + +#ifndef HEADER_DSA_H +#define HEADER_DSA_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef NO_DSA +#error DSA is disabled. +#endif + +#include <openssl/bn.h> +#ifndef NO_DH +# include <openssl/dh.h> +#endif + +#define DSA_FLAG_CACHE_MONT_P 0x01 + +typedef struct dsa_st + { + /* This first variable is used to pick up errors where + * a DSA is passed instead of of a EVP_PKEY */ + int pad; + int version; + int write_params; + BIGNUM *p; + BIGNUM *q; /* == 20 */ + BIGNUM *g; + + BIGNUM *pub_key; /* y public key */ + BIGNUM *priv_key; /* x private key */ + + BIGNUM *kinv; /* Signing pre-calc */ + BIGNUM *r; /* Signing pre-calc */ + + int flags; + /* Normally used to cache montgomery values */ + char *method_mont_p; + + int references; + } DSA; + +typedef struct DSA_SIG_st + { + BIGNUM *r; + BIGNUM *s; + } DSA_SIG; + +#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \ + (char *(*)())d2i_DSAparams,(char *)(x)) +#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ + (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) +#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ + (unsigned char *)(x)) +#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \ + (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x)) +#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \ + (unsigned char *)(x)) + + +DSA_SIG * DSA_SIG_new(void); +void DSA_SIG_free(DSA_SIG *a); +int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp); +DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length); + +DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); +int DSA_do_verify(const unsigned char *dgst,int dgst_len, + DSA_SIG *sig,DSA *dsa); + +DSA * DSA_new(void); +int DSA_size(DSA *); + /* next 4 return -1 on error */ +int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); +int DSA_sign(int type,const unsigned char *dgst,int dlen, + unsigned char *sig, unsigned int *siglen, DSA *dsa); +int DSA_verify(int type,const unsigned char *dgst,int dgst_len, + unsigned char *sigbuf, int siglen, DSA *dsa); +void DSA_free (DSA *r); + +void ERR_load_DSA_strings(void ); + +DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length); +DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length); +DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length); +DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, + int *counter_ret, unsigned long *h_ret,void + (*callback)(),char *cb_arg); +int DSA_generate_key(DSA *a); +int i2d_DSAPublicKey(DSA *a, unsigned char **pp); +int i2d_DSAPrivateKey(DSA *a, unsigned char **pp); +int i2d_DSAparams(DSA *a,unsigned char **pp); + +#ifdef HEADER_BIO_H +int DSAparams_print(BIO *bp, DSA *x); +int DSA_print(BIO *bp, DSA *x, int off); +#endif +#ifndef NO_FP_API +int DSAparams_print_fp(FILE *fp, DSA *x); +int DSA_print_fp(FILE *bp, DSA *x, int off); +#endif + +int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg); + +#ifndef NO_DH +/* Convert DSA structure (key or just parameters) into DH structure + * (be careful to avoid small subgroup attacks when using this!) */ +DH *DSA_dup_DH(DSA *r); +#endif + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ + +/* Error codes for the DSA functions. */ + +/* Function codes. */ +#define DSA_F_D2I_DSA_SIG 110 +#define DSA_F_DSAPARAMS_PRINT 100 +#define DSA_F_DSAPARAMS_PRINT_FP 101 +#define DSA_F_DSA_DO_SIGN 112 +#define DSA_F_DSA_DO_VERIFY 113 +#define DSA_F_DSA_IS_PRIME 102 +#define DSA_F_DSA_NEW 103 +#define DSA_F_DSA_PRINT 104 +#define DSA_F_DSA_PRINT_FP 105 +#define DSA_F_DSA_SIGN 106 +#define DSA_F_DSA_SIGN_SETUP 107 +#define DSA_F_DSA_SIG_NEW 109 +#define DSA_F_DSA_VERIFY 108 +#define DSA_F_I2D_DSA_SIG 111 + +/* Reason codes. */ +#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/crypto/openssl/crypto/dsa/dsa_asn1.c b/crypto/openssl/crypto/dsa/dsa_asn1.c new file mode 100644 index 0000000..7523b21 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_asn1.c @@ -0,0 +1,96 @@ +/* crypto/dsa/dsa_asn1.c */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/dsa.h> +#include <openssl/asn1.h> +#include <openssl/asn1_mac.h> + +DSA_SIG *DSA_SIG_new(void) +{ + DSA_SIG *ret; + + ret = Malloc(sizeof(DSA_SIG)); + if (ret == NULL) + { + DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->r = NULL; + ret->s = NULL; + return(ret); +} + +void DSA_SIG_free(DSA_SIG *r) +{ + if (r == NULL) return; + if (r->r) BN_clear_free(r->r); + if (r->s) BN_clear_free(r->s); + Free(r); +} + +int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) +{ + int t=0,len; + ASN1_INTEGER rbs,sbs; + unsigned char *p; + + rbs.data=Malloc(BN_num_bits(v->r)/8+1); + if (rbs.data == NULL) + { + DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); + return(0); + } + rbs.type=V_ASN1_INTEGER; + rbs.length=BN_bn2bin(v->r,rbs.data); + sbs.data=Malloc(BN_num_bits(v->s)/8+1); + if (sbs.data == NULL) + { + Free(rbs.data); + DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); + return(0); + } + sbs.type=V_ASN1_INTEGER; + sbs.length=BN_bn2bin(v->s,sbs.data); + + len=i2d_ASN1_INTEGER(&rbs,NULL); + len+=i2d_ASN1_INTEGER(&sbs,NULL); + + if (pp) + { + p=*pp; + ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + i2d_ASN1_INTEGER(&rbs,&p); + i2d_ASN1_INTEGER(&sbs,&p); + } + t=ASN1_object_size(1,len,V_ASN1_SEQUENCE); + Free(rbs.data); + Free(sbs.data); + return(t); +} + +DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length) +{ + int i=ERR_R_NESTED_ASN1_ERROR; + ASN1_INTEGER *bs=NULL; + M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new); + + M_ASN1_D2I_Init(); + M_ASN1_D2I_start_sequence(); + M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); + if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL) + goto err_bn; + M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); + if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL) + goto err_bn; + ASN1_BIT_STRING_free(bs); + M_ASN1_D2I_Finish_2(a); + +err_bn: + i=ERR_R_BN_LIB; +err: + DSAerr(DSA_F_D2I_DSA_SIG,i); + if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret); + if (bs != NULL) ASN1_BIT_STRING_free(bs); + return(NULL); +} diff --git a/crypto/openssl/crypto/dsa/dsa_err.c b/crypto/openssl/crypto/dsa/dsa_err.c new file mode 100644 index 0000000..33a8270 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_err.c @@ -0,0 +1,106 @@ +/* crypto/dsa/dsa_err.c */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* NOTE: this file was auto generated by the mkerr.pl script: any changes + * made to it will be overwritten when the script next updates this file. + */ + +#include <stdio.h> +#include <openssl/err.h> +#include <openssl/dsa.h> + +/* BEGIN ERROR CODES */ +#ifndef NO_ERR +static ERR_STRING_DATA DSA_str_functs[]= + { +{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"}, +{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"}, +{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"}, +{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"}, +{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"}, +{ERR_PACK(0,DSA_F_DSA_IS_PRIME,0), "DSA_is_prime"}, +{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"}, +{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"}, +{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"}, +{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"}, +{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"}, +{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"}, +{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"}, +{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"}, +{0,NULL} + }; + +static ERR_STRING_DATA DSA_str_reasons[]= + { +{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, +{0,NULL} + }; + +#endif + +void ERR_load_DSA_strings(void) + { + static int init=1; + + if (init) + { + init=0; +#ifndef NO_ERR + ERR_load_strings(ERR_LIB_DSA,DSA_str_functs); + ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons); +#endif + + } + } diff --git a/crypto/openssl/crypto/dsa/dsa_gen.c b/crypto/openssl/crypto/dsa/dsa_gen.c new file mode 100644 index 0000000..b5e5ec0 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_gen.c @@ -0,0 +1,333 @@ +/* crypto/dsa/dsa_gen.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#undef GENUINE_DSA + +#ifdef GENUINE_DSA +#define HASH SHA +#else +#define HASH SHA1 +#endif + +#ifndef NO_SHA +#include <stdio.h> +#include <time.h> +#include "cryptlib.h" +#include <openssl/sha.h> +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/rand.h> + +DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, void (*callback)(), + char *cb_arg) + { + int ok=0; + unsigned char seed[SHA_DIGEST_LENGTH]; + unsigned char md[SHA_DIGEST_LENGTH]; + unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; + BIGNUM *r0,*W,*X,*c,*test; + BIGNUM *g=NULL,*q=NULL,*p=NULL; + BN_MONT_CTX *mont=NULL; + int k,n=0,i,b,m=0; + int counter=0; + BN_CTX *ctx=NULL,*ctx2=NULL; + unsigned int h=2; + DSA *ret=NULL; + + if (bits < 512) bits=512; + bits=(bits+63)/64*64; + + if ((seed_in != NULL) && (seed_len == 20)) + memcpy(seed,seed_in,seed_len); + + if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((ctx2=BN_CTX_new()) == NULL) goto err; + if ((ret=DSA_new()) == NULL) goto err; + + if ((mont=BN_MONT_CTX_new()) == NULL) goto err; + + r0= &(ctx2->bn[0]); + g= &(ctx2->bn[1]); + W= &(ctx2->bn[2]); + q= &(ctx2->bn[3]); + X= &(ctx2->bn[4]); + c= &(ctx2->bn[5]); + p= &(ctx2->bn[6]); + test= &(ctx2->bn[7]); + + BN_lshift(test,BN_value_one(),bits-1); + + for (;;) + { + for (;;) + { + /* step 1 */ + if (callback != NULL) callback(0,m++,cb_arg); + + if (!seed_len) + RAND_bytes(seed,SHA_DIGEST_LENGTH); + else + seed_len=0; + + memcpy(buf,seed,SHA_DIGEST_LENGTH); + memcpy(buf2,seed,SHA_DIGEST_LENGTH); + for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) + { + buf[i]++; + if (buf[i] != 0) break; + } + + /* step 2 */ + HASH(seed,SHA_DIGEST_LENGTH,md); + HASH(buf,SHA_DIGEST_LENGTH,buf2); + for (i=0; i<SHA_DIGEST_LENGTH; i++) + md[i]^=buf2[i]; + + /* step 3 */ + md[0]|=0x80; + md[SHA_DIGEST_LENGTH-1]|=0x01; + if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) abort(); + + /* step 4 */ + if (DSA_is_prime(q,callback,cb_arg) > 0) break; + /* do a callback call */ + /* step 5 */ + } + + if (callback != NULL) callback(2,0,cb_arg); + if (callback != NULL) callback(3,0,cb_arg); + + /* step 6 */ + counter=0; + + n=(bits-1)/160; + b=(bits-1)-n*160; + + for (;;) + { + /* step 7 */ + BN_zero(W); + for (k=0; k<=n; k++) + { + for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) + { + buf[i]++; + if (buf[i] != 0) break; + } + + HASH(buf,SHA_DIGEST_LENGTH,md); + + /* step 8 */ + if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) abort(); + BN_lshift(r0,r0,160*k); + BN_add(W,W,r0); + } + + /* more of step 8 */ + BN_mask_bits(W,bits-1); + BN_copy(X,W); /* this should be ok */ + BN_add(X,X,test); /* this should be ok */ + + /* step 9 */ + BN_lshift1(r0,q); + BN_mod(c,X,r0,ctx); + BN_sub(r0,c,BN_value_one()); + BN_sub(p,X,r0); + + /* step 10 */ + if (BN_cmp(p,test) >= 0) + { + /* step 11 */ + if (DSA_is_prime(p,callback,cb_arg) > 0) + goto end; + } + + /* step 13 */ + counter++; + + /* step 14 */ + if (counter >= 4096) break; + + if (callback != NULL) callback(0,counter,cb_arg); + } + } +end: + if (callback != NULL) callback(2,1,cb_arg); + + /* We now need to gernerate g */ + /* Set r0=(p-1)/q */ + BN_sub(test,p,BN_value_one()); + BN_div(r0,NULL,test,q,ctx); + + BN_set_word(test,h); + BN_MONT_CTX_set(mont,p,ctx); + + for (;;) + { + /* g=test^r0%p */ + BN_mod_exp_mont(g,test,r0,p,ctx,mont); + if (!BN_is_one(g)) break; + BN_add(test,test,BN_value_one()); + h++; + } + + if (callback != NULL) callback(3,1,cb_arg); + + ok=1; +err: + if (!ok) + { + if (ret != NULL) DSA_free(ret); + } + else + { + ret->p=BN_dup(p); + ret->q=BN_dup(q); + ret->g=BN_dup(g); + if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); + if (counter_ret != NULL) *counter_ret=counter; + if (h_ret != NULL) *h_ret=h; + } + if (ctx != NULL) BN_CTX_free(ctx); + if (ctx != NULL) BN_CTX_free(ctx2); + if (mont != NULL) BN_MONT_CTX_free(mont); + return(ok?ret:NULL); + } + +int DSA_is_prime(BIGNUM *w, void (*callback)(), char *cb_arg) + { + int ok= -1,j,i,n; + BN_CTX *ctx=NULL,*ctx2=NULL; + BIGNUM *w_1,*b,*m,*z,*tmp,*mont_1; + int a; + BN_MONT_CTX *mont=NULL; + + if (!BN_is_bit_set(w,0)) return(0); + + if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((ctx2=BN_CTX_new()) == NULL) goto err; + if ((mont=BN_MONT_CTX_new()) == NULL) goto err; + + m= &(ctx2->bn[2]); + b= &(ctx2->bn[3]); + z= &(ctx2->bn[4]); + w_1= &(ctx2->bn[5]); + tmp= &(ctx2->bn[6]); + mont_1= &(ctx2->bn[7]); + + /* step 1 */ + n=50; + + /* step 2 */ + if (!BN_sub(w_1,w,BN_value_one())) goto err; + for (a=1; !BN_is_bit_set(w_1,a); a++) + ; + if (!BN_rshift(m,w_1,a)) goto err; + + BN_MONT_CTX_set(mont,w,ctx); + BN_to_montgomery(mont_1,BN_value_one(),mont,ctx); + BN_to_montgomery(w_1,w_1,mont,ctx); + for (i=1; i < n; i++) + { + /* step 3 */ + BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0); + /* BN_set_word(b,0x10001L); */ + + /* step 4 */ + j=0; + if (!BN_mod_exp_mont(z,b,m,w,ctx,mont)) goto err; + + if (!BN_to_montgomery(z,z,mont,ctx)) goto err; + + /* step 5 */ + for (;;) + { + if (((j == 0) && (BN_cmp(z,mont_1) == 0)) || + (BN_cmp(z,w_1) == 0)) + break; + + /* step 6 */ + if ((j > 0) && (BN_cmp(z,mont_1) == 0)) + { + ok=0; + goto err; + } + + j++; + if (j >= a) + { + ok=0; + goto err; + } + + if (!BN_mod_mul_montgomery(z,z,z,mont,ctx)) goto err; + if (callback != NULL) callback(1,j,cb_arg); + } + } + + ok=1; +err: + if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB); + BN_CTX_free(ctx); + BN_CTX_free(ctx2); + BN_MONT_CTX_free(mont); + + return(ok); + } +#endif diff --git a/crypto/openssl/crypto/dsa/dsa_key.c b/crypto/openssl/crypto/dsa/dsa_key.c new file mode 100644 index 0000000..ab7f38f --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_key.c @@ -0,0 +1,112 @@ +/* crypto/dsa/dsa_key.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef NO_SHA +#include <stdio.h> +#include <time.h> +#include "cryptlib.h" +#include <openssl/sha.h> +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/rand.h> + +int DSA_generate_key(DSA *dsa) + { + int ok=0; + unsigned int i; + BN_CTX *ctx=NULL; + BIGNUM *pub_key=NULL,*priv_key=NULL; + + if ((ctx=BN_CTX_new()) == NULL) goto err; + + if (dsa->priv_key == NULL) + { + if ((priv_key=BN_new()) == NULL) goto err; + } + else + priv_key=dsa->priv_key; + + i=BN_num_bits(dsa->q); + for (;;) + { + BN_rand(priv_key,i,1,0); + if (BN_cmp(priv_key,dsa->q) >= 0) + BN_sub(priv_key,priv_key,dsa->q); + if (!BN_is_zero(priv_key)) break; + } + + if (dsa->pub_key == NULL) + { + if ((pub_key=BN_new()) == NULL) goto err; + } + else + pub_key=dsa->pub_key; + + if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; + + dsa->priv_key=priv_key; + dsa->pub_key=pub_key; + ok=1; + +err: + if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); + if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); + if (ctx != NULL) BN_CTX_free(ctx); + return(ok); + } +#endif diff --git a/crypto/openssl/crypto/dsa/dsa_lib.c b/crypto/openssl/crypto/dsa/dsa_lib.c new file mode 100644 index 0000000..ce8e204 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_lib.c @@ -0,0 +1,184 @@ +/* crypto/dsa/dsa_lib.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/asn1.h> + +const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; + +DSA *DSA_new(void) + { + DSA *ret; + + ret=(DSA *)Malloc(sizeof(DSA)); + if (ret == NULL) + { + DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE); + return(NULL); + } + ret->pad=0; + ret->version=0; + ret->write_params=1; + ret->p=NULL; + ret->q=NULL; + ret->g=NULL; + ret->flags=DSA_FLAG_CACHE_MONT_P; + + ret->pub_key=NULL; + ret->priv_key=NULL; + + ret->kinv=NULL; + ret->r=NULL; + ret->method_mont_p=NULL; + + ret->references=1; + return(ret); + } + +void DSA_free(DSA *r) + { + int i; + + if (r == NULL) return; + + i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA); +#ifdef REF_PRINT + REF_PRINT("DSA",r); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"DSA_free, bad reference count\n"); + abort(); + } +#endif + + if (r->p != NULL) BN_clear_free(r->p); + if (r->q != NULL) BN_clear_free(r->q); + if (r->g != NULL) BN_clear_free(r->g); + if (r->pub_key != NULL) BN_clear_free(r->pub_key); + if (r->priv_key != NULL) BN_clear_free(r->priv_key); + if (r->kinv != NULL) BN_clear_free(r->kinv); + if (r->r != NULL) BN_clear_free(r->r); + if (r->method_mont_p != NULL) + BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p); + Free(r); + } + +int DSA_size(DSA *r) + { + int ret,i; + ASN1_INTEGER bs; + unsigned char buf[4]; + + i=BN_num_bits(r->q); + bs.length=(i+7)/8; + bs.data=buf; + bs.type=V_ASN1_INTEGER; + /* If the top bit is set the asn1 encoding is 1 larger. */ + buf[0]=0xff; + + i=i2d_ASN1_INTEGER(&bs,NULL); + i+=i; /* r and s */ + ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); + return(ret); + } + +#ifndef NO_DH +DH *DSA_dup_DH(DSA *r) + { + /* DSA has p, q, g, optional pub_key, optional priv_key. + * DH has p, optional length, g, optional pub_key, optional priv_key. + */ + + DH *ret = NULL; + + if (r == NULL) + goto err; + ret = DH_new(); + if (ret == NULL) + goto err; + if (r->p != NULL) + if ((ret->p = BN_dup(r->p)) == NULL) + goto err; + if (r->q != NULL) + ret->length = BN_num_bits(r->q); + if (r->g != NULL) + if ((ret->g = BN_dup(r->g)) == NULL) + goto err; + if (r->pub_key != NULL) + if ((ret->pub_key = BN_dup(r->pub_key)) == NULL) + goto err; + if (r->priv_key != NULL) + if ((ret->priv_key = BN_dup(r->priv_key)) == NULL) + goto err; + + return ret; + + err: + if (ret != NULL) + DH_free(ret); + return NULL; + } +#endif diff --git a/crypto/openssl/crypto/dsa/dsa_sign.c b/crypto/openssl/crypto/dsa/dsa_sign.c new file mode 100644 index 0000000..774c161 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_sign.c @@ -0,0 +1,211 @@ +/* crypto/dsa/dsa_sign.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/rand.h> +#include <openssl/asn1.h> + +DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) + { + BIGNUM *kinv=NULL,*r=NULL,*s=NULL; + BIGNUM m; + BIGNUM xr; + BN_CTX *ctx=NULL; + int i,reason=ERR_R_BN_LIB; + DSA_SIG *ret=NULL; + + BN_init(&m); + BN_init(&xr); + s=BN_new(); + if (s == NULL) goto err; + + i=BN_num_bytes(dsa->q); /* should be 20 */ + if ((dlen > i) || (dlen > 50)) + { + reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; + goto err; + } + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + + if ((dsa->kinv == NULL) || (dsa->r == NULL)) + { + if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; + } + else + { + kinv=dsa->kinv; + dsa->kinv=NULL; + r=dsa->r; + dsa->r=NULL; + } + + if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; + + /* Compute s = inv(k) (m + xr) mod q */ + if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ + if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ + if (BN_cmp(s,dsa->q) > 0) + BN_sub(s,s,dsa->q); + if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; + + ret=DSA_SIG_new(); + if (ret == NULL) goto err; + ret->r = r; + ret->s = s; + +err: + if (!ret) + { + DSAerr(DSA_F_DSA_DO_SIGN,reason); + BN_free(r); + BN_free(s); + } + if (ctx != NULL) BN_CTX_free(ctx); + BN_clear_free(&m); + BN_clear_free(&xr); + if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ + BN_clear_free(kinv); + return(ret); + } + +/* data has already been hashed (probably with SHA or SHA-1). */ + +/* unsigned char *sig: out */ +/* unsigned int *siglen: out */ +int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, + unsigned int *siglen, DSA *dsa) + { + DSA_SIG *s; + s=DSA_do_sign(dgst,dlen,dsa); + if (s == NULL) + { + *siglen=0; + return(0); + } + *siglen=i2d_DSA_SIG(s,&sig); + DSA_SIG_free(s); + return(1); + } + +int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) + { + BN_CTX *ctx; + BIGNUM k,*kinv=NULL,*r=NULL; + int ret=0; + + if (ctx_in == NULL) + { + if ((ctx=BN_CTX_new()) == NULL) goto err; + } + else + ctx=ctx_in; + + BN_init(&k); + if ((r=BN_new()) == NULL) goto err; + kinv=NULL; + + /* Get random k */ + for (;;) + { + if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err; + if (BN_cmp(&k,dsa->q) >= 0) + BN_sub(&k,&k,dsa->q); + if (!BN_is_zero(&k)) break; + } + + if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) + { + if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) + if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, + dsa->p,ctx)) goto err; + } + + /* Compute r = (g^k mod p) mod q */ + if (!BN_mod_exp_mont(r,dsa->g,&k,dsa->p,ctx, + (BN_MONT_CTX *)dsa->method_mont_p)) goto err; + if (!BN_mod(r,r,dsa->q,ctx)) goto err; + + /* Compute part of 's = inv(k) (m + xr) mod q' */ + if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err; + + if (*kinvp != NULL) BN_clear_free(*kinvp); + *kinvp=kinv; + kinv=NULL; + if (*rp != NULL) BN_clear_free(*rp); + *rp=r; + ret=1; +err: + if (!ret) + { + DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); + if (kinv != NULL) BN_clear_free(kinv); + if (r != NULL) BN_clear_free(r); + } + if (ctx_in == NULL) BN_CTX_free(ctx); + if (kinv != NULL) BN_clear_free(kinv); + BN_clear_free(&k); + return(ret); + } + diff --git a/crypto/openssl/crypto/dsa/dsa_vrf.c b/crypto/openssl/crypto/dsa/dsa_vrf.c new file mode 100644 index 0000000..ff55220 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsa_vrf.c @@ -0,0 +1,160 @@ +/* crypto/dsa/dsa_vrf.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/bn.h> +#include <openssl/dsa.h> +#include <openssl/rand.h> +#include <openssl/asn1.h> +#include <openssl/asn1_mac.h> + +int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, + DSA *dsa) + { + BN_CTX *ctx; + BIGNUM u1,u2,t1; + BN_MONT_CTX *mont=NULL; + int ret = -1; + + if ((ctx=BN_CTX_new()) == NULL) goto err; + BN_init(&u1); + BN_init(&u2); + BN_init(&t1); + + /* Calculate W = inv(S) mod Q + * save W in u2 */ + if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; + + /* save M in u1 */ + if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; + + /* u1 = M * w mod q */ + if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err; + + /* u2 = r * w mod q */ + if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; + + if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) + { + if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) + if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, + dsa->p,ctx)) goto err; + } + mont=(BN_MONT_CTX *)dsa->method_mont_p; + +#if 0 + { + BIGNUM t2; + + BN_init(&t2); + /* v = ( g^u1 * y^u2 mod p ) mod q */ + /* let t1 = g ^ u1 mod p */ + if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err; + /* let t2 = y ^ u2 mod p */ + if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err; + /* let u1 = t1 * t2 mod p */ + if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; + BN_free(&t2); + } + /* let u1 = u1 mod q */ + if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err; +#else + { + if (!BN_mod_exp2_mont(&t1,dsa->g,&u1,dsa->pub_key,&u2,dsa->p,ctx,mont)) + goto err; + /* BN_copy(&u1,&t1); */ + /* let u1 = u1 mod q */ + if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; + } +#endif + /* V is now in u1. If the signature is correct, it will be + * equal to R. */ + ret=(BN_ucmp(&u1, sig->r) == 0); + + err: + if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); + if (ctx != NULL) BN_CTX_free(ctx); + BN_free(&u1); + BN_free(&u2); + BN_free(&t1); + return(ret); + } + +/* data has already been hashed (probably with SHA or SHA-1). */ +/* returns + * 1: correct signature + * 0: incorrect signature + * -1: error + */ +int DSA_verify(int type, const unsigned char *dgst, int dgst_len, + unsigned char *sigbuf, int siglen, DSA *dsa) + { + DSA_SIG *s; + int ret=-1; + + s = DSA_SIG_new(); + if (s == NULL) return(ret); + if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; + ret=DSA_do_verify(dgst,dgst_len,s,dsa); +err: + DSA_SIG_free(s); + return(ret); + } diff --git a/crypto/openssl/crypto/dsa/dsagen.c b/crypto/openssl/crypto/dsa/dsagen.c new file mode 100644 index 0000000..a0b0976 --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsagen.c @@ -0,0 +1,111 @@ +/* crypto/dsa/dsagen.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <openssl/dsa.h> + +#define TEST +#define GENUINE_DSA + +#ifdef GENUINE_DSA +#define LAST_VALUE 0xbd +#else +#define LAST_VALUE 0xd3 +#endif + +#ifdef TEST +unsigned char seed[20]={ + 0xd5,0x01,0x4e,0x4b, + 0x60,0xef,0x2b,0xa8, + 0xb6,0x21,0x1b,0x40, + 0x62,0xba,0x32,0x24, + 0xe0,0x42,0x7d,LAST_VALUE}; +#endif + +int cb(int p, int n) + { + char c='*'; + + if (p == 0) c='.'; + if (p == 1) c='+'; + if (p == 2) c='*'; + if (p == 3) c='\n'; + printf("%c",c); + fflush(stdout); + } + +main() + { + int i; + BIGNUM *n; + BN_CTX *ctx; + unsigned char seed_buf[20]; + DSA *dsa; + int counter,h; + BIO *bio_err=NULL; + + if (bio_err == NULL) + bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + + memcpy(seed_buf,seed,20); + dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb); + + if (dsa == NULL) + DSA_print(bio_err,dsa,0); + } + diff --git a/crypto/openssl/crypto/dsa/dsatest.c b/crypto/openssl/crypto/dsa/dsatest.c new file mode 100644 index 0000000..fc25c9a --- /dev/null +++ b/crypto/openssl/crypto/dsa/dsatest.c @@ -0,0 +1,220 @@ +/* crypto/dsa/dsatest.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <openssl/crypto.h> +#include <openssl/rand.h> +#include <openssl/bio.h> +#include <openssl/err.h> +#ifdef WINDOWS +#include "../bio/bss_file.c" +#endif + +#ifdef NO_DSA +int main(int argc, char *argv[]) +{ + printf("No DSA support\n"); + return(0); +} +#else +#include <openssl/dsa.h> + +#ifdef WIN16 +#define MS_CALLBACK _far _loadds +#else +#define MS_CALLBACK +#endif + +static void MS_CALLBACK dsa_cb(int p, int n, char *arg); +static unsigned char seed[20]={ + 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, + 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, + }; + +static unsigned char out_p[]={ + 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, + 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, + 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, + 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, + 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, + 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, + 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, + 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, + }; + +static unsigned char out_q[]={ + 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, + 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, + 0xda,0xce,0x91,0x5f, + }; + +static unsigned char out_g[]={ + 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, + 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, + 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, + 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, + 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, + 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, + 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, + 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, + }; + +static const unsigned char str1[]="12345678901234567890"; + +static BIO *bio_err=NULL; + +int main(int argc, char **argv) + { + DSA *dsa=NULL; + int counter,ret=0,i,j; + unsigned char buf[256]; + unsigned long h; + unsigned char sig[256]; + unsigned int siglen; + + if (bio_err == NULL) + bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); + + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + + BIO_printf(bio_err,"test generation of DSA parameters\n"); + BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n"); + dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb, + (char *)bio_err); + + BIO_printf(bio_err,"seed\n"); + for (i=0; i<20; i+=4) + { + BIO_printf(bio_err,"%02X%02X%02X%02X ", + seed[i],seed[i+1],seed[i+2],seed[i+3]); + } + BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); + + if (dsa == NULL) goto end; + DSA_print(bio_err,dsa,0); + if (counter != 105) + { + BIO_printf(bio_err,"counter should be 105\n"); + goto end; + } + if (h != 2) + { + BIO_printf(bio_err,"h should be 2\n"); + goto end; + } + + i=BN_bn2bin(dsa->q,buf); + j=sizeof(out_q); + if ((i != j) || (memcmp(buf,out_q,i) != 0)) + { + BIO_printf(bio_err,"q value is wrong\n"); + goto end; + } + + i=BN_bn2bin(dsa->p,buf); + j=sizeof(out_p); + if ((i != j) || (memcmp(buf,out_p,i) != 0)) + { + BIO_printf(bio_err,"p value is wrong\n"); + goto end; + } + + i=BN_bn2bin(dsa->g,buf); + j=sizeof(out_g); + if ((i != j) || (memcmp(buf,out_g,i) != 0)) + { + BIO_printf(bio_err,"g value is wrong\n"); + goto end; + } + DSA_generate_key(dsa); + DSA_sign(0, str1, 20, sig, &siglen, dsa); + if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) + ret=1; +end: + if (!ret) + ERR_print_errors(bio_err); + if (dsa != NULL) DSA_free(dsa); + CRYPTO_mem_leaks(bio_err); + if (bio_err != NULL) BIO_free(bio_err); + exit(!ret); + return(0); + } + +static void MS_CALLBACK dsa_cb(int p, int n, char *arg) + { + char c='*'; + static int ok=0,num=0; + + if (p == 0) { c='.'; num++; }; + if (p == 1) c='+'; + if (p == 2) { c='*'; ok++; } + if (p == 3) c='\n'; + BIO_write((BIO *)arg,&c,1); + (void)BIO_flush((BIO *)arg); + + if (!ok && (p == 0) && (num > 1)) + { + BIO_printf((BIO *)arg,"error in dsatest\n"); + exit(1); + } + } +#endif diff --git a/crypto/openssl/crypto/dsa/fips186a.txt b/crypto/openssl/crypto/dsa/fips186a.txt new file mode 100644 index 0000000..3a2e0a0 --- /dev/null +++ b/crypto/openssl/crypto/dsa/fips186a.txt @@ -0,0 +1,122 @@ +The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5 +examples. This is an updated version that uses SHA-1 (FIPS 180-1) +supplied to me by Wei Dai +-- + APPENDIX 5. EXAMPLE OF THE DSA + + +This appendix is for informational purposes only and is not required to meet +the standard. + +Let L = 512 (size of p). The values in this example are expressed in +hexadecimal notation. The p and q given here were generated by the prime +generation standard described in appendix 2 using the 160-bit SEED: + + d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3 + +With this SEED, the algorithm found p and q when the counter was at 105. + +x was generated by the algorithm described in appendix 3, section 3.1, using +the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED: + +XSEED = + + bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6 + +t = + 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0 + +x = G(t,XSEED) mod q + +k was generated by the algorithm described in appendix 3, section 3.2, using +the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED: + +KSEED = + + 687a66d9 0648f993 867e121f 4ddf9ddb 01205584 + +t = + EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301 + +k = G(t,KSEED) mod q + +Finally: + +h = 2 + +p = + 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7 + cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac + 49693dfb f83724c2 ec0736ee 31c80291 + + +q = + c773218c 737ec8ee 993b4f2d ed30f48e dace915f + + +g = + 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb + 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c + c42e9f6f 464b088c c572af53 e6d78802 + + +x = + 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614 + + +k = + 358dad57 1462710f 50e254cf 1a376b2b deaadfbf + + +kinv = + + 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917 + +M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A) + +SHA(M) = + + a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d + + +y = + + 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85 + 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74 + 858fba33 f44c0669 9630a76b 030ee333 + + +r = + 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0 + +s = + 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8 + + +w = + 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b + + +u1 = + bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d + + +u2 = + 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0 + + +gu1 mod p = + + 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753 + 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf + 6f96662a 1987a21b e4ec1071 010b6069 + + +yu2 mod p = + + 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665 + 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67 + c19441f4 22bf3c34 08aeba1f 0a4dbec7 + +v = + 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0 |