233 lines
6.4 KiB
Diff
233 lines
6.4 KiB
Diff
diff -up openssl-1.0.0d/crypto/dsa/dsa_gen.c.cavs openssl-1.0.0d/crypto/dsa/dsa_gen.c
|
|
--- openssl-1.0.0d/crypto/dsa/dsa_gen.c.cavs 2011-05-23 19:59:56.000000000 +0200
|
|
+++ openssl-1.0.0d/crypto/dsa/dsa_gen.c 2011-05-23 22:32:45.000000000 +0200
|
|
@@ -85,6 +85,14 @@
|
|
#endif
|
|
#include "dsa_locl.h"
|
|
|
|
+#ifndef OPENSSL_FIPS
|
|
+static int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits,
|
|
+ const EVP_MD *evpmd, unsigned char *seed, int seed_len,
|
|
+ BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb);
|
|
+static int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q,
|
|
+ BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb);
|
|
+#endif
|
|
+
|
|
int DSA_generate_parameters_ex(DSA *ret, int bits,
|
|
const unsigned char *seed_in, int seed_len,
|
|
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
|
|
@@ -113,22 +121,26 @@ int DSA_generate_parameters_ex(DSA *ret,
|
|
}
|
|
}
|
|
|
|
+#ifdef OPENSSL_FIPS
|
|
+int FIPS_dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
|
|
+ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
|
|
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
|
|
+ {
|
|
+ return dsa_builtin_paramgen(ret, bits, qbits,
|
|
+ evpmd, seed_in, seed_len,
|
|
+ counter_ret, h_ret, cb);
|
|
+ }
|
|
+#endif
|
|
+
|
|
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
|
|
const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
|
|
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
|
|
{
|
|
int ok=0;
|
|
unsigned char seed[SHA256_DIGEST_LENGTH];
|
|
- unsigned char md[SHA256_DIGEST_LENGTH];
|
|
- unsigned char buf[SHA256_DIGEST_LENGTH];
|
|
- BIGNUM *r0,*W,*X,*c,*test;
|
|
BIGNUM *g=NULL,*q=NULL,*p=NULL;
|
|
- BN_MONT_CTX *mont=NULL;
|
|
- int i, k, b, n=0, m=0, qsize = qbits >> 3;
|
|
- int counter=0;
|
|
- int r=0;
|
|
+ size_t qsize = qbits >> 3;
|
|
BN_CTX *ctx=NULL;
|
|
- unsigned int h=2;
|
|
|
|
#ifdef OPENSSL_FIPS
|
|
if(FIPS_selftest_failed())
|
|
@@ -148,6 +160,65 @@ int dsa_builtin_paramgen(DSA *ret, size_
|
|
goto err;
|
|
}
|
|
#endif
|
|
+ if (seed_len && (seed_len < (size_t)qsize))
|
|
+ seed_in = NULL; /* seed buffer too small -- ignore */
|
|
+ if (seed_len > sizeof(seed))
|
|
+ seed_len = sizeof(seed); /* App. 2.2 of FIPS PUB 186 allows larger SEED,
|
|
+ * but our internal buffers are restricted to 256 bits*/
|
|
+ if (seed_in != NULL)
|
|
+ memcpy(seed, seed_in, seed_len);
|
|
+ else
|
|
+ seed_len = 0;
|
|
+
|
|
+ if ((ctx=BN_CTX_new()) == NULL)
|
|
+ goto err;
|
|
+
|
|
+ BN_CTX_start(ctx);
|
|
+
|
|
+ if (!FIPS_dsa_generate_pq(ctx, bits, qbits, evpmd,
|
|
+ seed, seed_len, &p, &q, counter_ret, cb))
|
|
+ goto err;
|
|
+
|
|
+ if (!FIPS_dsa_generate_g(ctx, p, q, &g, h_ret, cb))
|
|
+ goto err;
|
|
+
|
|
+ ok=1;
|
|
+err:
|
|
+ if (ok)
|
|
+ {
|
|
+ if(ret->p) BN_free(ret->p);
|
|
+ if(ret->q) BN_free(ret->q);
|
|
+ if(ret->g) BN_free(ret->g);
|
|
+ ret->p=BN_dup(p);
|
|
+ ret->q=BN_dup(q);
|
|
+ ret->g=BN_dup(g);
|
|
+ if (ret->p == NULL || ret->q == NULL || ret->g == NULL)
|
|
+ ok=0;
|
|
+ }
|
|
+ if(ctx)
|
|
+ {
|
|
+ BN_CTX_end(ctx);
|
|
+ BN_CTX_free(ctx);
|
|
+ }
|
|
+ return ok;
|
|
+ }
|
|
+
|
|
+#ifndef OPENSSL_FIPS
|
|
+static
|
|
+#endif
|
|
+int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits,
|
|
+ const EVP_MD *evpmd, unsigned char *seed, int seed_len,
|
|
+ BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb)
|
|
+ {
|
|
+ int ok=0;
|
|
+ unsigned char md[SHA256_DIGEST_LENGTH];
|
|
+ unsigned char buf[SHA256_DIGEST_LENGTH];
|
|
+ BIGNUM *r0,*W,*X,*c,*test;
|
|
+ BIGNUM *g=NULL,*q=NULL,*p=NULL;
|
|
+ BN_MONT_CTX *mont=NULL;
|
|
+ int i, k, b, n=0, m=0, qsize = qbits >> 3;
|
|
+ int counter=0;
|
|
+ int r=0;
|
|
|
|
if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
|
|
qsize != SHA256_DIGEST_LENGTH)
|
|
@@ -169,28 +240,12 @@ int dsa_builtin_paramgen(DSA *ret, size_
|
|
|
|
bits = (bits+63)/64*64;
|
|
|
|
- if (seed_len && (seed_len < (size_t)qsize))
|
|
- seed_in = NULL; /* seed buffer too small -- ignore */
|
|
- if (seed_len > (size_t)qsize)
|
|
- seed_len = qsize; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
|
|
- * but our internal buffers are restricted to 256 bits*/
|
|
- if (seed_in != NULL)
|
|
- memcpy(seed, seed_in, seed_len);
|
|
-
|
|
- if ((ctx=BN_CTX_new()) == NULL)
|
|
- goto err;
|
|
-
|
|
- if ((mont=BN_MONT_CTX_new()) == NULL)
|
|
- goto err;
|
|
-
|
|
- BN_CTX_start(ctx);
|
|
r0 = BN_CTX_get(ctx);
|
|
- g = BN_CTX_get(ctx);
|
|
W = BN_CTX_get(ctx);
|
|
- q = BN_CTX_get(ctx);
|
|
+ *q_ret = q = BN_CTX_get(ctx);
|
|
X = BN_CTX_get(ctx);
|
|
c = BN_CTX_get(ctx);
|
|
- p = BN_CTX_get(ctx);
|
|
+ *p_ret = p = BN_CTX_get(ctx);
|
|
test = BN_CTX_get(ctx);
|
|
|
|
if (!BN_lshift(test,BN_value_one(),bits-1))
|
|
@@ -312,7 +367,33 @@ end:
|
|
if(!BN_GENCB_call(cb, 2, 1))
|
|
goto err;
|
|
|
|
- /* We now need to generate g */
|
|
+ ok=1;
|
|
+err:
|
|
+ if (ok)
|
|
+ {
|
|
+ if (counter_ret != NULL) *counter_ret=counter;
|
|
+ }
|
|
+ return ok;
|
|
+ }
|
|
+
|
|
+#ifndef OPENSSL_FIPS
|
|
+static
|
|
+#endif
|
|
+int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q,
|
|
+ BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb)
|
|
+ {
|
|
+ int ok=0;
|
|
+ BIGNUM *r0, *test, *g = NULL;
|
|
+ BN_MONT_CTX *mont;
|
|
+ unsigned int h=2;
|
|
+
|
|
+ if ((mont=BN_MONT_CTX_new()) == NULL)
|
|
+ goto err;
|
|
+
|
|
+ r0 = BN_CTX_get(ctx);
|
|
+ *g_ret = g = BN_CTX_get(ctx);
|
|
+ test = BN_CTX_get(ctx);
|
|
+
|
|
/* Set r0=(p-1)/q */
|
|
if (!BN_sub(test,p,BN_value_one())) goto err;
|
|
if (!BN_div(r0,NULL,test,q,ctx)) goto err;
|
|
@@ -336,25 +417,8 @@ end:
|
|
err:
|
|
if (ok)
|
|
{
|
|
- if(ret->p) BN_free(ret->p);
|
|
- if(ret->q) BN_free(ret->q);
|
|
- if(ret->g) BN_free(ret->g);
|
|
- ret->p=BN_dup(p);
|
|
- ret->q=BN_dup(q);
|
|
- ret->g=BN_dup(g);
|
|
- if (ret->p == NULL || ret->q == NULL || ret->g == NULL)
|
|
- {
|
|
- ok=0;
|
|
- goto err;
|
|
- }
|
|
- if (counter_ret != NULL) *counter_ret=counter;
|
|
if (h_ret != NULL) *h_ret=h;
|
|
}
|
|
- if(ctx)
|
|
- {
|
|
- BN_CTX_end(ctx);
|
|
- BN_CTX_free(ctx);
|
|
- }
|
|
if (mont != NULL) BN_MONT_CTX_free(mont);
|
|
return ok;
|
|
}
|
|
diff -up openssl-1.0.0d/crypto/dsa/dsa.h.cavs openssl-1.0.0d/crypto/dsa/dsa.h
|
|
--- openssl-1.0.0d/crypto/dsa/dsa.h.cavs 2011-05-23 19:59:56.000000000 +0200
|
|
+++ openssl-1.0.0d/crypto/dsa/dsa.h 2011-05-23 22:33:33.000000000 +0200
|
|
@@ -266,6 +266,17 @@ int DSA_print_fp(FILE *bp, const DSA *x,
|
|
DH *DSA_dup_DH(const DSA *r);
|
|
#endif
|
|
|
|
+#ifdef OPENSSL_FIPS
|
|
+int FIPS_dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
|
|
+ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
|
|
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
|
|
+int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits,
|
|
+ const EVP_MD *evpmd, unsigned char *seed, int seed_len,
|
|
+ BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb);
|
|
+int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q,
|
|
+ BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb);
|
|
+#endif
|
|
+
|
|
#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
|
|
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
|
|
EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
|