diff options
Diffstat (limited to 'lib/libcrypto/dh')
-rw-r--r-- | lib/libcrypto/dh/Makefile.ssl | 66 | ||||
-rw-r--r-- | lib/libcrypto/dh/dh.h | 26 | ||||
-rw-r--r-- | lib/libcrypto/dh/dh_key.c | 34 | ||||
-rw-r--r-- | lib/libcrypto/dh/dh_lib.c | 76 | ||||
-rw-r--r-- | lib/libcrypto/dh/dhtest.c | 8 |
5 files changed, 154 insertions, 56 deletions
diff --git a/lib/libcrypto/dh/Makefile.ssl b/lib/libcrypto/dh/Makefile.ssl index 8df60872ef3..88d0d1748b2 100644 --- a/lib/libcrypto/dh/Makefile.ssl +++ b/lib/libcrypto/dh/Makefile.ssl @@ -82,31 +82,57 @@ dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_check.o: ../../include/openssl/opensslconf.h +dh_check.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -dh_check.o: ../../include/openssl/stack.h ../cryptlib.h -dh_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -dh_err.o: ../../include/openssl/dh.h ../../include/openssl/err.h +dh_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_check.o: ../cryptlib.h +dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h +dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dh_err.o: ../../include/openssl/symhacks.h dh_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h dh_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dh_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +dh_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +dh_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h dh_gen.o: ../cryptlib.h -dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h -dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dh_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h -dh_key.o: ../../include/openssl/stack.h ../cryptlib.h -dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h -dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -dh_lib.o: ../cryptlib.h +dh_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +dh_key.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +dh_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +dh_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h +dh_key.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +dh_key.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +dh_key.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +dh_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +dh_key.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +dh_key.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +dh_key.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dh_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h +dh_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +dh_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +dh_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h +dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +dh_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +dh_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h +dh_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +dh_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h +dh_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h diff --git a/lib/libcrypto/dh/dh.h b/lib/libcrypto/dh/dh.h index c15b2ad4836..7a8d9f88c2e 100644 --- a/lib/libcrypto/dh/dh.h +++ b/lib/libcrypto/dh/dh.h @@ -59,19 +59,22 @@ #ifndef HEADER_DH_H #define HEADER_DH_H -#ifdef __cplusplus -extern "C" { -#endif - #ifdef NO_DH #error DH is disabled. #endif +#ifndef NO_BIO +#include <openssl/bio.h> +#endif #include <openssl/bn.h> #include <openssl/crypto.h> #define DH_FLAG_CACHE_MONT_P 0x01 +#ifdef __cplusplus +extern "C" { +#endif + typedef struct dh_st DH; typedef struct dh_method { @@ -112,7 +115,11 @@ struct dh_st int references; CRYPTO_EX_DATA ex_data; +#if 0 DH_METHOD *meth; +#else + struct engine_st *engine; +#endif }; #define DH_GENERATOR_2 2 @@ -147,10 +154,15 @@ struct dh_st DH_METHOD *DH_OpenSSL(void); -void DH_set_default_method(DH_METHOD *meth); -DH_METHOD *DH_get_default_method(void); +void DH_set_default_openssl_method(DH_METHOD *meth); +DH_METHOD *DH_get_default_openssl_method(void); +#if 0 DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth); DH *DH_new_method(DH_METHOD *meth); +#else +int DH_set_method(DH *dh, struct engine_st *engine); +DH *DH_new_method(struct engine_st *engine); +#endif DH * DH_new(void); void DH_free(DH *dh); @@ -169,7 +181,7 @@ int i2d_DHparams(DH *a,unsigned char **pp); #ifndef NO_FP_API int DHparams_print_fp(FILE *fp, DH *x); #endif -#ifdef HEADER_BIO_H +#ifndef NO_BIO int DHparams_print(BIO *bp, DH *x); #else int DHparams_print(char *bp, DH *x); diff --git a/lib/libcrypto/dh/dh_key.c b/lib/libcrypto/dh/dh_key.c index 0c7eeaf260b..6915d79dcc2 100644 --- a/lib/libcrypto/dh/dh_key.c +++ b/lib/libcrypto/dh/dh_key.c @@ -61,6 +61,7 @@ #include <openssl/bn.h> #include <openssl/rand.h> #include <openssl/dh.h> +#include <openssl/engine.h> static int generate_key(DH *dh); static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); @@ -72,12 +73,12 @@ static int dh_finish(DH *dh); int DH_generate_key(DH *dh) { - return dh->meth->generate_key(dh); + return ENGINE_get_DH(dh->engine)->generate_key(dh); } int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) { - return dh->meth->compute_key(key, pub_key, dh); + return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); } static DH_METHOD dh_ossl = { @@ -137,8 +138,9 @@ static int generate_key(DH *dh) } mont=(BN_MONT_CTX *)dh->method_mont_p; - if (!dh->meth->bn_mod_exp(dh, pub_key,dh->g,priv_key,dh->p,&ctx,mont)) - goto err; + if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, + priv_key,dh->p,&ctx,mont)) + goto err; dh->pub_key=pub_key; dh->priv_key=priv_key; @@ -177,7 +179,8 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) } mont=(BN_MONT_CTX *)dh->method_mont_p; - if (!dh->meth->bn_mod_exp(dh, tmp,pub_key,dh->priv_key,dh->p,&ctx,mont)) + if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key, + dh->priv_key,dh->p,&ctx,mont)) { DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); goto err; @@ -193,19 +196,26 @@ err: static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); -} + { + if (a->top == 1) + { + BN_ULONG A = a->d[0]; + return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); + } + else + return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx); + } + static int dh_init(DH *dh) -{ + { dh->flags |= DH_FLAG_CACHE_MONT_P; return(1); -} + } static int dh_finish(DH *dh) -{ + { if(dh->method_mont_p) BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); return(1); -} + } diff --git a/lib/libcrypto/dh/dh_lib.c b/lib/libcrypto/dh/dh_lib.c index 6c21463028a..66803b55656 100644 --- a/lib/libcrypto/dh/dh_lib.c +++ b/lib/libcrypto/dh/dh_lib.c @@ -60,6 +60,7 @@ #include "cryptlib.h" #include <openssl/bn.h> #include <openssl/dh.h> +#include <openssl/engine.h> const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; @@ -67,17 +68,32 @@ static DH_METHOD *default_DH_method; static int dh_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL; -void DH_set_default_method(DH_METHOD *meth) +void DH_set_default_openssl_method(DH_METHOD *meth) { - default_DH_method = meth; + ENGINE *e; + /* We'll need to notify the "openssl" ENGINE of this + * change too. We won't bother locking things down at + * our end as there was never any locking in these + * functions! */ + if(default_DH_method != meth) + { + default_DH_method = meth; + e = ENGINE_by_id("openssl"); + if(e) + { + ENGINE_set_DH(e, meth); + ENGINE_free(e); + } + } } -DH_METHOD *DH_get_default_method(void) +DH_METHOD *DH_get_default_openssl_method(void) { if(!default_DH_method) default_DH_method = DH_OpenSSL(); return default_DH_method; } +#if 0 DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) { DH_METHOD *mtmp; @@ -87,25 +103,56 @@ DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) if (meth->init) meth->init(dh); return mtmp; } +#else +int DH_set_method(DH *dh, ENGINE *engine) +{ + ENGINE *mtmp; + DH_METHOD *meth; + mtmp = dh->engine; + meth = ENGINE_get_DH(mtmp); + if (!ENGINE_init(engine)) + return 0; + if (meth->finish) meth->finish(dh); + dh->engine= engine; + meth = ENGINE_get_DH(engine); + if (meth->init) meth->init(dh); + /* SHOULD ERROR CHECK THIS!!! */ + ENGINE_finish(mtmp); + return 1; +} +#endif DH *DH_new(void) { return DH_new_method(NULL); } +#if 0 DH *DH_new_method(DH_METHOD *meth) +#else +DH *DH_new_method(ENGINE *engine) +#endif { + DH_METHOD *meth; DH *ret; - ret=(DH *)Malloc(sizeof(DH)); + ret=(DH *)OPENSSL_malloc(sizeof(DH)); if (ret == NULL) { DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); return(NULL); } - if(!default_DH_method) default_DH_method = DH_OpenSSL(); - if(meth) ret->meth = meth; - else ret->meth = default_DH_method; + if(engine) + ret->engine = engine; + else + { + if((ret->engine=ENGINE_get_default_DH()) == NULL) + { + OPENSSL_free(ret); + return NULL; + } + } + meth = ENGINE_get_DH(ret->engine); ret->pad=0; ret->version=0; ret->p=NULL; @@ -120,10 +167,10 @@ DH *DH_new_method(DH_METHOD *meth) ret->counter = NULL; ret->method_mont_p=NULL; ret->references = 1; - ret->flags=ret->meth->flags; - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) + ret->flags=meth->flags; + if ((meth->init != NULL) && !meth->init(ret)) { - Free(ret); + OPENSSL_free(ret); ret=NULL; } else @@ -133,6 +180,7 @@ DH *DH_new_method(DH_METHOD *meth) void DH_free(DH *r) { + DH_METHOD *meth; int i; if(r == NULL) return; i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); @@ -150,17 +198,19 @@ void DH_free(DH *r) CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); - if(r->meth->finish) r->meth->finish(r); + meth = ENGINE_get_DH(r->engine); + if(meth->finish) meth->finish(r); + ENGINE_finish(r->engine); if (r->p != NULL) BN_clear_free(r->p); if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); if (r->j != NULL) BN_clear_free(r->j); - if (r->seed) Free(r->seed); + if (r->seed) OPENSSL_free(r->seed); if (r->counter != NULL) BN_clear_free(r->counter); if (r->pub_key != NULL) BN_clear_free(r->pub_key); if (r->priv_key != NULL) BN_clear_free(r->priv_key); - Free(r); + OPENSSL_free(r); } int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/lib/libcrypto/dh/dhtest.c b/lib/libcrypto/dh/dhtest.c index d66c28455ec..f0151253d78 100644 --- a/lib/libcrypto/dh/dhtest.c +++ b/lib/libcrypto/dh/dhtest.c @@ -140,7 +140,7 @@ int main(int argc, char *argv[]) BIO_puts(out,"\n"); alen=DH_size(a); - abuf=(unsigned char *)Malloc(alen); + abuf=(unsigned char *)OPENSSL_malloc(alen); aout=DH_compute_key(abuf,b->pub_key,a); BIO_puts(out,"key1 ="); @@ -152,7 +152,7 @@ int main(int argc, char *argv[]) BIO_puts(out,"\n"); blen=DH_size(b); - bbuf=(unsigned char *)Malloc(blen); + bbuf=(unsigned char *)OPENSSL_malloc(blen); bout=DH_compute_key(bbuf,a->pub_key,b); BIO_puts(out,"key2 ="); @@ -170,8 +170,8 @@ int main(int argc, char *argv[]) else ret=0; err: - if (abuf != NULL) Free(abuf); - if (bbuf != NULL) Free(bbuf); + if (abuf != NULL) OPENSSL_free(abuf); + if (bbuf != NULL) OPENSSL_free(bbuf); if(b != NULL) DH_free(b); if(a != NULL) DH_free(a); BIO_free(out); |