dsa_lib.c revision 109998 
155714Skris/* crypto/dsa/dsa_lib.c */
255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
355714Skris * All rights reserved.
455714Skris *
555714Skris * This package is an SSL implementation written
655714Skris * by Eric Young (eay@cryptsoft.com).
755714Skris * The implementation was written so as to conform with Netscapes SSL.
855714Skris *
955714Skris * This library is free for commercial and non-commercial use as long as
1055714Skris * the following conditions are aheared to.  The following conditions
1155714Skris * apply to all code found in this distribution, be it the RC4, RSA,
1255714Skris * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
1355714Skris * included with this distribution is covered by the same copyright terms
1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1555714Skris *
1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in
1755714Skris * the code are not to be removed.
1855714Skris * If this package is used in a product, Eric Young should be given attribution
1955714Skris * as the author of the parts of the library used.
2055714Skris * This can be in the form of a textual message at program startup or
2155714Skris * in documentation (online or textual) provided with the package.
2255714Skris *
2355714Skris * Redistribution and use in source and binary forms, with or without
2455714Skris * modification, are permitted provided that the following conditions
2555714Skris * are met:
2655714Skris * 1. Redistributions of source code must retain the copyright
2755714Skris *    notice, this list of conditions and the following disclaimer.
2855714Skris * 2. Redistributions in binary form must reproduce the above copyright
2955714Skris *    notice, this list of conditions and the following disclaimer in the
3055714Skris *    documentation and/or other materials provided with the distribution.
3155714Skris * 3. All advertising materials mentioning features or use of this software
3255714Skris *    must display the following acknowledgement:
3355714Skris *    "This product includes cryptographic software written by
3455714Skris *     Eric Young (eay@cryptsoft.com)"
3555714Skris *    The word 'cryptographic' can be left out if the rouines from the library
3655714Skris *    being used are not cryptographic related :-).
3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from
3855714Skris *    the apps directory (application code) you must include an acknowledgement:
3955714Skris *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
4055714Skris *
4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
4455714Skris * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
5155714Skris * SUCH DAMAGE.
5255714Skris *
5355714Skris * The licence and distribution terms for any publically available version or
5455714Skris * derivative of this code cannot be changed.  i.e. this code cannot simply be
5555714Skris * copied and put under another distribution licence
5655714Skris * [including the GNU Public Licence.]
5755714Skris */
5855714Skris
5955714Skris/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
6055714Skris
6155714Skris#include <stdio.h>
6255714Skris#include "cryptlib.h"
6355714Skris#include <openssl/bn.h>
6455714Skris#include <openssl/dsa.h>
6555714Skris#include <openssl/asn1.h>
66109998Smarkm#include <openssl/engine.h>
6755714Skris
6855714Skrisconst char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
6955714Skris
70109998Smarkmstatic const DSA_METHOD *default_DSA_method = NULL;
7159191Skris
72109998Smarkmvoid DSA_set_default_method(const DSA_METHOD *meth)
73109998Smarkm	{
7459191Skris	default_DSA_method = meth;
75109998Smarkm	}
7659191Skris
77109998Smarkmconst DSA_METHOD *DSA_get_default_method(void)
78109998Smarkm	{
79109998Smarkm	if(!default_DSA_method)
80109998Smarkm		default_DSA_method = DSA_OpenSSL();
8159191Skris	return default_DSA_method;
82109998Smarkm	}
8359191Skris
8455714SkrisDSA *DSA_new(void)
85109998Smarkm	{
8659191Skris	return DSA_new_method(NULL);
87109998Smarkm	}
8859191Skris
89109998Smarkmint DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
90109998Smarkm	{
91109998Smarkm	/* NB: The caller is specifically setting a method, so it's not up to us
92109998Smarkm	 * to deal with which ENGINE it comes from. */
93109998Smarkm        const DSA_METHOD *mtmp;
9459191Skris        mtmp = dsa->meth;
9559191Skris        if (mtmp->finish) mtmp->finish(dsa);
96109998Smarkm	if (dsa->engine)
97109998Smarkm		{
98109998Smarkm		ENGINE_finish(dsa->engine);
99109998Smarkm		dsa->engine = NULL;
100109998Smarkm		}
10159191Skris        dsa->meth = meth;
10259191Skris        if (meth->init) meth->init(dsa);
103109998Smarkm        return 1;
104109998Smarkm	}
10559191Skris
106109998SmarkmDSA *DSA_new_method(ENGINE *engine)
10755714Skris	{
10855714Skris	DSA *ret;
10955714Skris
11068651Skris	ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
11155714Skris	if (ret == NULL)
11255714Skris		{
113109998Smarkm		DSAerr(DSA_F_DSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
11455714Skris		return(NULL);
11555714Skris		}
116109998Smarkm	ret->meth = DSA_get_default_method();
117109998Smarkm	if (engine)
118109998Smarkm		{
119109998Smarkm		if (!ENGINE_init(engine))
120109998Smarkm			{
121109998Smarkm			DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
122109998Smarkm			OPENSSL_free(ret);
123109998Smarkm			return NULL;
124109998Smarkm			}
125109998Smarkm		ret->engine = engine;
126109998Smarkm		}
127109998Smarkm	else
128109998Smarkm		ret->engine = ENGINE_get_default_DSA();
129109998Smarkm	if(ret->engine)
130109998Smarkm		{
131109998Smarkm		ret->meth = ENGINE_get_DSA(ret->engine);
132109998Smarkm		if(!ret->meth)
133109998Smarkm			{
134109998Smarkm			DSAerr(DSA_F_DSA_NEW_METHOD,
135109998Smarkm				ERR_R_ENGINE_LIB);
136109998Smarkm			ENGINE_finish(ret->engine);
137109998Smarkm			OPENSSL_free(ret);
138109998Smarkm			return NULL;
139109998Smarkm			}
140109998Smarkm		}
141109998Smarkm
14255714Skris	ret->pad=0;
14355714Skris	ret->version=0;
14455714Skris	ret->write_params=1;
14555714Skris	ret->p=NULL;
14655714Skris	ret->q=NULL;
14755714Skris	ret->g=NULL;
14855714Skris
14955714Skris	ret->pub_key=NULL;
15055714Skris	ret->priv_key=NULL;
15155714Skris
15255714Skris	ret->kinv=NULL;
15355714Skris	ret->r=NULL;
15455714Skris	ret->method_mont_p=NULL;
15555714Skris
15655714Skris	ret->references=1;
15759191Skris	ret->flags=ret->meth->flags;
158109998Smarkm	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
15959191Skris	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
16059191Skris		{
161109998Smarkm		if (ret->engine)
162109998Smarkm			ENGINE_finish(ret->engine);
163109998Smarkm		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
16468651Skris		OPENSSL_free(ret);
16559191Skris		ret=NULL;
16659191Skris		}
16759191Skris
16855714Skris	return(ret);
16955714Skris	}
17055714Skris
17155714Skrisvoid DSA_free(DSA *r)
17255714Skris	{
17355714Skris	int i;
17455714Skris
17555714Skris	if (r == NULL) return;
17655714Skris
17755714Skris	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
17855714Skris#ifdef REF_PRINT
17955714Skris	REF_PRINT("DSA",r);
18055714Skris#endif
18155714Skris	if (i > 0) return;
18255714Skris#ifdef REF_CHECK
18355714Skris	if (i < 0)
18455714Skris		{
18555714Skris		fprintf(stderr,"DSA_free, bad reference count\n");
18655714Skris		abort();
18755714Skris		}
18855714Skris#endif
18955714Skris
190109998Smarkm	if(r->meth->finish)
191109998Smarkm		r->meth->finish(r);
192109998Smarkm	if(r->engine)
193109998Smarkm		ENGINE_finish(r->engine);
19476866Skris
195109998Smarkm	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
19659191Skris
19755714Skris	if (r->p != NULL) BN_clear_free(r->p);
19855714Skris	if (r->q != NULL) BN_clear_free(r->q);
19955714Skris	if (r->g != NULL) BN_clear_free(r->g);
20055714Skris	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
20155714Skris	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
20255714Skris	if (r->kinv != NULL) BN_clear_free(r->kinv);
20355714Skris	if (r->r != NULL) BN_clear_free(r->r);
20468651Skris	OPENSSL_free(r);
20555714Skris	}
20655714Skris
207109998Smarkmint DSA_up_ref(DSA *r)
20855714Skris	{
209109998Smarkm	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
210109998Smarkm#ifdef REF_PRINT
211109998Smarkm	REF_PRINT("DSA",r);
212109998Smarkm#endif
213109998Smarkm#ifdef REF_CHECK
214109998Smarkm	if (i < 2)
215109998Smarkm		{
216109998Smarkm		fprintf(stderr, "DSA_up_ref, bad reference count\n");
217109998Smarkm		abort();
218109998Smarkm		}
219109998Smarkm#endif
220109998Smarkm	return ((i > 1) ? 1 : 0);
221109998Smarkm	}
222109998Smarkm
223109998Smarkmint DSA_size(const DSA *r)
224109998Smarkm	{
22555714Skris	int ret,i;
22655714Skris	ASN1_INTEGER bs;
227109998Smarkm	unsigned char buf[4];	/* 4 bytes looks really small.
228109998Smarkm				   However, i2d_ASN1_INTEGER() will not look
229109998Smarkm				   beyond the first byte, as long as the second
230109998Smarkm				   parameter is NULL. */
23155714Skris
23255714Skris	i=BN_num_bits(r->q);
23355714Skris	bs.length=(i+7)/8;
23455714Skris	bs.data=buf;
23555714Skris	bs.type=V_ASN1_INTEGER;
23655714Skris	/* If the top bit is set the asn1 encoding is 1 larger. */
23755714Skris	buf[0]=0xff;
23855714Skris
23955714Skris	i=i2d_ASN1_INTEGER(&bs,NULL);
24055714Skris	i+=i; /* r and s */
24155714Skris	ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
24255714Skris	return(ret);
24355714Skris	}
24455714Skris
24559191Skrisint DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
24659191Skris	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
24759191Skris        {
248109998Smarkm	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
249109998Smarkm				new_func, dup_func, free_func);
25059191Skris        }
25159191Skris
25259191Skrisint DSA_set_ex_data(DSA *d, int idx, void *arg)
25359191Skris	{
25459191Skris	return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
25559191Skris	}
25659191Skris
25759191Skrisvoid *DSA_get_ex_data(DSA *d, int idx)
25859191Skris	{
25959191Skris	return(CRYPTO_get_ex_data(&d->ex_data,idx));
26059191Skris	}
26159191Skris
262109998Smarkm#ifndef OPENSSL_NO_DH
263109998SmarkmDH *DSA_dup_DH(const DSA *r)
26455714Skris	{
26555714Skris	/* DSA has p, q, g, optional pub_key, optional priv_key.
26655714Skris	 * DH has p, optional length, g, optional pub_key, optional priv_key.
26755714Skris	 */
26855714Skris
26955714Skris	DH *ret = NULL;
27055714Skris
27155714Skris	if (r == NULL)
27255714Skris		goto err;
27355714Skris	ret = DH_new();
27455714Skris	if (ret == NULL)
27555714Skris		goto err;
27655714Skris	if (r->p != NULL)
27755714Skris		if ((ret->p = BN_dup(r->p)) == NULL)
27855714Skris			goto err;
27955714Skris	if (r->q != NULL)
28055714Skris		ret->length = BN_num_bits(r->q);
28155714Skris	if (r->g != NULL)
28255714Skris		if ((ret->g = BN_dup(r->g)) == NULL)
28355714Skris			goto err;
28455714Skris	if (r->pub_key != NULL)
28555714Skris		if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
28655714Skris			goto err;
28755714Skris	if (r->priv_key != NULL)
28855714Skris		if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
28955714Skris			goto err;
29055714Skris
29155714Skris	return ret;
29255714Skris
29355714Skris err:
29455714Skris	if (ret != NULL)
29555714Skris		DH_free(ret);
29655714Skris	return NULL;
29755714Skris	}
29855714Skris#endif
299