From 1ab83f99db06ec1f4022d93c9123921c13f67e20 Mon Sep 17 00:00:00 2001 From: Juergen Christ Date: Thu, 29 Jul 2021 17:38:59 +0200 Subject: [PATCH] Fix DSA and DH registration. DSA does not provide backups by default. Also fix typo in DH initialization. Signed-off-by: Juergen Christ --- src/ibmca_dh.c | 2 +- src/ibmca_dsa.c | 26 ++++---------------------- 2 files changed, 5 insertions(+), 23 deletions(-) diff --git a/src/ibmca_dh.c b/src/ibmca_dh.c index 2459cf1..b2b75a9 100644 --- a/src/ibmca_dh.c +++ b/src/ibmca_dh.c @@ -72,7 +72,7 @@ DH_METHOD *ibmca_dh(void) if ((method = DH_meth_new("Ibmca DH method", 0)) == NULL || (meth1 = DH_OpenSSL()) == NULL - || (ibmca_mod_exp_dh_backup = DH_meth_get_bn_mod_exp(method)) == NULL + || (ibmca_mod_exp_dh_backup = DH_meth_get_bn_mod_exp(meth1)) == NULL || !DH_meth_set_generate_key(method, DH_meth_get_generate_key(meth1)) || !DH_meth_set_compute_key(method, DH_meth_get_compute_key(meth1)) || !DH_meth_set_bn_mod_exp(method, ibmca_mod_exp_dh) diff --git a/src/ibmca_dsa.c b/src/ibmca_dsa.c index f5bf4e4..3b5ac87 100644 --- a/src/ibmca_dsa.c +++ b/src/ibmca_dsa.c @@ -28,18 +28,10 @@ * RSA. Just check out the "signs" statistics from the RSA and DSA parts * of "openssl speed -engine ibmca dsa1024 rsa1024". */ #ifdef OLDER_OPENSSL -static int (*ibmca_dsa_mod_exp_backup)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, - BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) #else -static int (*ibmca_dsa_mod_exp_backup)(DSA *dsa, BIGNUM *rr, const BIGNUM *a1, - const BIGNUM *p1, const BIGNUM *a2, - const BIGNUM *p2, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, @@ -65,31 +57,25 @@ static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, const BIGNUM *a1, end: BN_free(t); - if (!to_return && ibmca_dsa_mod_exp_backup) - return ibmca_dsa_mod_exp_backup(dsa, rr, a1, p1, a2, p2, m, ctx, in_mont); + if (!to_return) + return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont); return to_return; } #ifdef OLDER_OPENSSL -static int (*ibmca_mod_exp_dsa_backup)(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int ibmca_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) #else -static int (*ibmca_mod_exp_dsa_backup)(DSA *dsa, BIGNUM *r, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); static int ibmca_mod_exp_dsa(DSA *dsa, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) #endif { - if (!ibmca_mod_exp(r, a, p, m, ctx) && ibmca_mod_exp_dsa_backup) - return ibmca_mod_exp_dsa_backup(dsa, r, a, p, m, ctx, m_ctx); + if (!ibmca_mod_exp(r, a, p, m, ctx)) + return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); return 1; } @@ -112,8 +98,6 @@ DSA_METHOD *ibmca_dsa(void) { const DSA_METHOD *meth1 = DSA_OpenSSL(); - ibmca_dsa_mod_exp_backup = dsa->dsa_mod_exp; - ibmca_mod_exp_dsa_backup = dsa->bn_mod_exp; dsa_m.dsa_do_sign = meth1->dsa_do_sign; dsa_m.dsa_sign_setup = meth1->dsa_sign_setup; dsa_m.dsa_do_verify = meth1->dsa_do_verify; @@ -133,8 +117,6 @@ DSA_METHOD *ibmca_dsa(void) if ((method = DSA_meth_new("Ibmca DSA method", 0)) == NULL || (meth1 = DSA_OpenSSL()) == NULL - || (ibmca_dsa_mod_exp_backup = DSA_meth_get_mod_exp(meth1)) == NULL - || (ibmca_mod_exp_dsa_backup = DSA_meth_get_bn_mod_exp(meth1)) == NULL || !DSA_meth_set_sign(method, DSA_meth_get_sign(meth1)) || !DSA_meth_set_sign_setup(method, DSA_meth_get_sign_setup(meth1)) || !DSA_meth_set_verify(method, DSA_meth_get_verify(meth1))