summaryrefslogtreecommitdiff
path: root/Cryptlib/OpenSSL/crypto/dh
diff options
context:
space:
mode:
authorMathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>2017-09-13 12:09:40 -0700
committerMathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>2017-09-13 12:09:40 -0700
commitb6f94dbeacfc6f0a507413096189304c58dbe66c (patch)
treebce8c7db22209078618294c51d95a0c033aec7d9 /Cryptlib/OpenSSL/crypto/dh
parent25f7fd1fb389a5f6356f353d16c5ead80dac6bbc (diff)
downloadefi-boot-shim-upstream/13_git1505328970.9c1c35c5.tar.gz
efi-boot-shim-upstream/13_git1505328970.9c1c35c5.zip
New upstream version 13~git1505328970.9c1c35c5upstream/13_git1505328970.9c1c35c5
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/dh')
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_ameth.c277
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_asn1.c79
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_check.c136
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_depr.c86
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_err.c105
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_gen.c92
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_kdf.c150
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_key.c132
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_lib.c333
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_locl.h56
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_meth.c173
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_pmeth.c157
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_prn.c65
-rw-r--r--Cryptlib/OpenSSL/crypto/dh/dh_rfc5114.c294
14 files changed, 1233 insertions, 902 deletions
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_ameth.c b/Cryptlib/OpenSSL/crypto/dh/dh_ameth.c
index cd77867d..45582835 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_ameth.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_ameth.c
@@ -1,21 +1,73 @@
/*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/x509.h>
#include <openssl/asn1.h>
-#include "dh_locl.h"
+#include <openssl/dh.h>
#include <openssl/bn.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
-#include <openssl/cms.h>
+#include "asn1_locl.h"
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+
+extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
/*
* i2d/d2i like DH parameter functions which use the appropriate routine for
@@ -47,8 +99,8 @@ static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
const unsigned char *p, *pm;
int pklen, pmlen;
int ptype;
- const void *pval;
- const ASN1_STRING *pstr;
+ void *pval;
+ ASN1_STRING *pstr;
X509_ALGOR *palg;
ASN1_INTEGER *public_key = NULL;
@@ -67,18 +119,18 @@ static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
pm = pstr->data;
pmlen = pstr->length;
- if ((dh = d2i_dhp(pkey, &pm, pmlen)) == NULL) {
+ if (!(dh = d2i_dhp(pkey, &pm, pmlen))) {
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
goto err;
}
- if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
+ if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
goto err;
}
/* We have parameters now set public key */
- if ((dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
+ if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
goto err;
}
@@ -88,8 +140,10 @@ static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
return 1;
err:
- ASN1_INTEGER_free(public_key);
- DH_free(dh);
+ if (public_key)
+ ASN1_INTEGER_free(public_key);
+ if (dh)
+ DH_free(dh);
return 0;
}
@@ -106,7 +160,7 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
dh = pkey->pkey.dh;
str = ASN1_STRING_new();
- if (str == NULL) {
+ if (!str) {
DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -135,26 +189,28 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
return 1;
err:
- OPENSSL_free(penc);
- ASN1_STRING_free(str);
+ if (penc)
+ OPENSSL_free(penc);
+ if (str)
+ ASN1_STRING_free(str);
return 0;
}
/*
* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in that
- * the AlgorithmIdentifier contains the parameters, the private key is
- * explicitly included and the pubkey must be recalculated.
+ * the AlgorithmIdentifier contains the paramaters, the private key is
+ * explcitly included and the pubkey must be recalculated.
*/
-static int dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
+static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
{
const unsigned char *p, *pm;
int pklen, pmlen;
int ptype;
- const void *pval;
- const ASN1_STRING *pstr;
- const X509_ALGOR *palg;
+ void *pval;
+ ASN1_STRING *pstr;
+ X509_ALGOR *palg;
ASN1_INTEGER *privkey = NULL;
DH *dh = NULL;
@@ -166,18 +222,17 @@ static int dh_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
if (ptype != V_ASN1_SEQUENCE)
goto decerr;
- if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
+
+ if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
goto decerr;
pstr = pval;
pm = pstr->data;
pmlen = pstr->length;
- if ((dh = d2i_dhp(pkey, &pm, pmlen)) == NULL)
+ if (!(dh = d2i_dhp(pkey, &pm, pmlen)))
goto decerr;
-
/* We have parameters now set private key */
- if ((dh->priv_key = BN_secure_new()) == NULL
- || !ASN1_INTEGER_to_BN(privkey, dh->priv_key)) {
+ if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
goto dherr;
}
@@ -208,7 +263,7 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
params = ASN1_STRING_new();
- if (params == NULL) {
+ if (!params) {
DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -240,18 +295,29 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
return 1;
err:
- OPENSSL_free(dp);
- ASN1_STRING_free(params);
- ASN1_STRING_clear_free(prkey);
+ if (dp != NULL)
+ OPENSSL_free(dp);
+ if (params != NULL)
+ ASN1_STRING_free(params);
+ if (prkey != NULL)
+ ASN1_STRING_clear_free(prkey);
return 0;
}
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+ size_t i;
+ if (!b)
+ return;
+ if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+ *pbuflen = i;
+}
+
static int dh_param_decode(EVP_PKEY *pkey,
const unsigned char **pder, int derlen)
{
DH *dh;
-
- if ((dh = d2i_dhp(pkey, pder, derlen)) == NULL) {
+ if (!(dh = d2i_dhp(pkey, pder, derlen))) {
DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
return 0;
}
@@ -264,10 +330,15 @@ static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
return i2d_dhp(pkey, pkey->pkey.dh, pder);
}
-static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype)
+static int do_dh_print(BIO *bp, const DH *x, int indent,
+ ASN1_PCTX *ctx, int ptype)
{
- int reason = ERR_R_BUF_LIB;
+ unsigned char *m = NULL;
+ int reason = ERR_R_BUF_LIB, ret = 0;
+ size_t buf_len = 0;
+
const char *ktype = NULL;
+
BIGNUM *priv_key, *pub_key;
if (ptype == 2)
@@ -280,12 +351,20 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype)
else
pub_key = NULL;
- if (x->p == NULL || (ptype == 2 && priv_key == NULL)
- || (ptype > 0 && pub_key == NULL)) {
+ update_buflen(x->p, &buf_len);
+
+ if (buf_len == 0) {
reason = ERR_R_PASSED_NULL_PARAMETER;
goto err;
}
+ update_buflen(x->g, &buf_len);
+ update_buflen(x->q, &buf_len);
+ update_buflen(x->j, &buf_len);
+ update_buflen(x->counter, &buf_len);
+ update_buflen(pub_key, &buf_len);
+ update_buflen(priv_key, &buf_len);
+
if (ptype == 2)
ktype = "DH Private-Key";
else if (ptype == 1)
@@ -293,23 +372,29 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype)
else
ktype = "DH Parameters";
+ m = OPENSSL_malloc(buf_len + 10);
+ if (m == NULL) {
+ reason = ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
BIO_indent(bp, indent, 128);
if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
goto err;
indent += 4;
- if (!ASN1_bn_print(bp, "private-key:", priv_key, NULL, indent))
+ if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
goto err;
- if (!ASN1_bn_print(bp, "public-key:", pub_key, NULL, indent))
+ if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
goto err;
- if (!ASN1_bn_print(bp, "prime:", x->p, NULL, indent))
+ if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
goto err;
- if (!ASN1_bn_print(bp, "generator:", x->g, NULL, indent))
+ if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
goto err;
- if (x->q && !ASN1_bn_print(bp, "subgroup order:", x->q, NULL, indent))
+ if (x->q && !ASN1_bn_print(bp, "subgroup order:", x->q, m, indent))
goto err;
- if (x->j && !ASN1_bn_print(bp, "subgroup factor:", x->j, NULL, indent))
+ if (x->j && !ASN1_bn_print(bp, "subgroup factor:", x->j, m, indent))
goto err;
if (x->seed) {
int i;
@@ -328,7 +413,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype)
if (BIO_write(bp, "\n", 1) <= 0)
return (0);
}
- if (x->counter && !ASN1_bn_print(bp, "counter:", x->counter, NULL, indent))
+ if (x->counter && !ASN1_bn_print(bp, "counter:", x->counter, m, indent))
goto err;
if (x->length != 0) {
BIO_indent(bp, indent, 128);
@@ -337,11 +422,14 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype)
goto err;
}
- return 1;
-
+ ret = 1;
+ if (0) {
err:
- DHerr(DH_F_DO_DH_PRINT, reason);
- return 0;
+ DHerr(DH_F_DO_DH_PRINT, reason);
+ }
+ if (m != NULL)
+ OPENSSL_free(m);
+ return (ret);
}
static int int_dh_size(const EVP_PKEY *pkey)
@@ -354,11 +442,6 @@ static int dh_bits(const EVP_PKEY *pkey)
return BN_num_bits(pkey->pkey.dh->p);
}
-static int dh_security_bits(const EVP_PKEY *pkey)
-{
- return DH_security_bits(pkey->pkey.dh);
-}
-
static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) ||
@@ -380,7 +463,8 @@ static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src)
return 0;
} else
a = NULL;
- BN_free(*dst);
+ if (*dst)
+ BN_free(*dst);
*dst = a;
return 1;
}
@@ -398,11 +482,13 @@ static int int_dh_param_copy(DH *to, const DH *from, int is_x942)
return 0;
if (!int_dh_bn_cpy(&to->j, from->j))
return 0;
- OPENSSL_free(to->seed);
- to->seed = NULL;
- to->seedlen = 0;
+ if (to->seed) {
+ OPENSSL_free(to->seed);
+ to->seed = NULL;
+ to->seedlen = 0;
+ }
if (from->seed) {
- to->seed = OPENSSL_memdup(from->seed, from->seedlen);
+ to->seed = BUF_memdup(from->seed, from->seedlen);
if (!to->seed)
return 0;
to->seedlen = from->seedlen;
@@ -416,7 +502,7 @@ DH *DHparams_dup(DH *dh)
{
DH *ret;
ret = DH_new();
- if (ret == NULL)
+ if (!ret)
return NULL;
if (!int_dh_param_copy(ret, dh, -1)) {
DH_free(ret);
@@ -427,11 +513,6 @@ DH *DHparams_dup(DH *dh)
static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
{
- if (to->pkey.dh == NULL) {
- to->pkey.dh = DH_new();
- if (to->pkey.dh == NULL)
- return 0;
- }
return int_dh_param_copy(to->pkey.dh, from->pkey.dh,
from->ameth == &dhx_asn1_meth);
}
@@ -456,24 +537,24 @@ static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
- return do_dh_print(bp, pkey->pkey.dh, indent, 0);
+ return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
}
static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
- return do_dh_print(bp, pkey->pkey.dh, indent, 1);
+ return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
}
static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *ctx)
{
- return do_dh_print(bp, pkey->pkey.dh, indent, 2);
+ return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
}
int DHparams_print(BIO *bp, const DH *x)
{
- return do_dh_print(bp, x, 4, 0);
+ return do_dh_print(bp, x, 4, NULL, 0);
}
#ifndef OPENSSL_NO_CMS
@@ -522,7 +603,6 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
int_dh_size,
dh_bits,
- dh_security_bits,
dh_param_decode,
dh_param_encode,
@@ -555,7 +635,6 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = {
int_dh_size,
dh_bits,
- dh_security_bits,
dh_param_decode,
dh_param_encode,
@@ -574,9 +653,9 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = {
static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
{
- const ASN1_OBJECT *aoid;
+ ASN1_OBJECT *aoid;
int atype;
- const void *aval;
+ void *aval;
ASN1_INTEGER *public_key = NULL;
int rv = 0;
EVP_PKEY *pkpeer = NULL, *pk = NULL;
@@ -600,32 +679,35 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
dhpeer = DHparams_dup(pk->pkey.dh);
/* We have parameters now set public key */
plen = ASN1_STRING_length(pubkey);
- p = ASN1_STRING_get0_data(pubkey);
+ p = ASN1_STRING_data(pubkey);
if (!p || !plen)
goto err;
- if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL) {
+ if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, plen))) {
DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_DECODE_ERROR);
goto err;
}
/* We have parameters now set public key */
- if ((dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
+ if (!(dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_BN_DECODE_ERROR);
goto err;
}
pkpeer = EVP_PKEY_new();
- if (pkpeer == NULL)
+ if (!pkpeer)
goto err;
EVP_PKEY_assign(pkpeer, pk->ameth->pkey_id, dhpeer);
dhpeer = NULL;
if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
rv = 1;
err:
- ASN1_INTEGER_free(public_key);
- EVP_PKEY_free(pkpeer);
- DH_free(dhpeer);
+ if (public_key)
+ ASN1_INTEGER_free(public_key);
+ if (pkpeer)
+ EVP_PKEY_free(pkpeer);
+ if (dhpeer)
+ DH_free(dhpeer);
return rv;
}
@@ -690,7 +772,7 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
if (ukm) {
dukmlen = ASN1_STRING_length(ukm);
- dukm = OPENSSL_memdup(ASN1_STRING_get0_data(ukm), dukmlen);
+ dukm = BUF_memdup(ASN1_STRING_data(ukm), dukmlen);
if (!dukm)
goto err;
}
@@ -701,8 +783,10 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
rv = 1;
err:
- X509_ALGOR_free(kekalg);
- OPENSSL_free(dukm);
+ if (kekalg)
+ X509_ALGOR_free(kekalg);
+ if (dukm)
+ OPENSSL_free(dukm);
return rv;
}
@@ -741,7 +825,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
EVP_CIPHER_CTX *ctx;
int keylen;
X509_ALGOR *talg, *wrap_alg = NULL;
- const ASN1_OBJECT *aoid;
+ ASN1_OBJECT *aoid;
ASN1_BIT_STRING *pubkey;
ASN1_STRING *wrap_str;
ASN1_OCTET_STRING *ukm;
@@ -762,7 +846,8 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
X509_ALGOR_get0(&aoid, NULL, NULL, talg);
/* Is everything uninitialised? */
if (aoid == OBJ_nid2obj(NID_undef)) {
- ASN1_INTEGER *pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL);
+ ASN1_INTEGER *pubk;
+ pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL);
if (!pubk)
goto err;
/* Set the key */
@@ -780,7 +865,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
V_ASN1_UNDEF, NULL);
}
- /* See if custom parameters set */
+ /* See if custom paraneters set */
kdf_type = EVP_PKEY_CTX_get_dh_kdf_type(pctx);
if (kdf_type <= 0)
goto err;
@@ -816,11 +901,11 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
/* Package wrap algorithm in an AlgorithmIdentifier */
wrap_alg = X509_ALGOR_new();
- if (wrap_alg == NULL)
+ if (!wrap_alg)
goto err;
wrap_alg->algorithm = OBJ_nid2obj(wrap_nid);
wrap_alg->parameter = ASN1_TYPE_new();
- if (wrap_alg->parameter == NULL)
+ if (!wrap_alg->parameter)
goto err;
if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0)
goto err;
@@ -834,7 +919,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
if (ukm) {
dukmlen = ASN1_STRING_length(ukm);
- dukm = OPENSSL_memdup(ASN1_STRING_get0_data(ukm), dukmlen);
+ dukm = BUF_memdup(ASN1_STRING_data(ukm), dukmlen);
if (!dukm)
goto err;
}
@@ -852,7 +937,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
if (!penc || !penclen)
goto err;
wrap_str = ASN1_STRING_new();
- if (wrap_str == NULL)
+ if (!wrap_str)
goto err;
ASN1_STRING_set0(wrap_str, penc, penclen);
penc = NULL;
@@ -862,8 +947,10 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
rv = 1;
err:
- OPENSSL_free(penc);
- X509_ALGOR_free(wrap_alg);
+ if (penc)
+ OPENSSL_free(penc);
+ if (wrap_alg)
+ X509_ALGOR_free(wrap_alg);
return rv;
}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_asn1.c b/Cryptlib/OpenSSL/crypto/dh/dh_asn1.c
index 7c72fd64..f4702143 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_asn1.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_asn1.c
@@ -1,16 +1,66 @@
+/* dh_asn1.c */
/*
- * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
+#include <openssl/dh.h>
#include <openssl/objects.h>
#include <openssl/asn1t.h>
@@ -20,7 +70,7 @@ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
{
if (operation == ASN1_OP_NEW_PRE) {
*pval = (ASN1_VALUE *)DH_new();
- if (*pval != NULL)
+ if (*pval)
return 2;
return 0;
} else if (operation == ASN1_OP_FREE_PRE) {
@@ -60,7 +110,7 @@ typedef struct {
ASN1_SEQUENCE(DHvparams) = {
ASN1_SIMPLE(int_dhvparams, seed, ASN1_BIT_STRING),
ASN1_SIMPLE(int_dhvparams, counter, BIGNUM)
-} static_ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
+} ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
ASN1_SEQUENCE(DHxparams) = {
ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM),
@@ -68,7 +118,7 @@ ASN1_SEQUENCE(DHxparams) = {
ASN1_SIMPLE(int_dhx942_dh, q, BIGNUM),
ASN1_OPT(int_dhx942_dh, j, BIGNUM),
ASN1_OPT(int_dhx942_dh, vparams, DHvparams),
-} static_ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
+} ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
int_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a,
const unsigned char **pp, long length);
@@ -76,23 +126,24 @@ int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(int_dhx942_dh, DHxparams, int_dhx)
-/* Application public function: read in X9.42 DH parameters into DH structure */
+/* Application leve function: read in X9.42 DH parameters into DH structure */
DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
{
int_dhx942_dh *dhx = NULL;
DH *dh = NULL;
dh = DH_new();
- if (dh == NULL)
+ if (!dh)
return NULL;
dhx = d2i_int_dhx(NULL, pp, length);
- if (dhx == NULL) {
+ if (!dhx) {
DH_free(dh);
return NULL;
}
if (a) {
- DH_free(*a);
+ if (*a)
+ DH_free(*a);
*a = dh;
}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_check.c b/Cryptlib/OpenSSL/crypto/dh/dh_check.c
index 3b0fa590..02770411 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_check.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_check.c
@@ -1,56 +1,65 @@
-/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/dh/dh_check.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
-
-/*-
- * Check that p and g are suitable enough
- *
- * p is odd
- * 1 < g < p - 1
- */
-
-int DH_check_params(const DH *dh, int *ret)
-{
- int ok = 0;
- BIGNUM *tmp = NULL;
- BN_CTX *ctx = NULL;
-
- *ret = 0;
- ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
- BN_CTX_start(ctx);
- tmp = BN_CTX_get(ctx);
- if (tmp == NULL)
- goto err;
-
- if (!BN_is_odd(dh->p))
- *ret |= DH_CHECK_P_NOT_PRIME;
- if (BN_is_negative(dh->g) || BN_is_zero(dh->g) || BN_is_one(dh->g))
- *ret |= DH_NOT_SUITABLE_GENERATOR;
- if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
- goto err;
- if (BN_cmp(dh->g, tmp) >= 0)
- *ret |= DH_NOT_SUITABLE_GENERATOR;
-
- ok = 1;
- err:
- if (ctx != NULL) {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return (ok);
-}
+#include <openssl/dh.h>
/*-
* Check that p is a safe prime and
@@ -64,7 +73,7 @@ int DH_check_params(const DH *dh, int *ret)
int DH_check(const DH *dh, int *ret)
{
- int ok = 0, r;
+ int ok = 0;
BN_CTX *ctx = NULL;
BN_ULONG l;
BIGNUM *t1 = NULL, *t2 = NULL;
@@ -93,10 +102,7 @@ int DH_check(const DH *dh, int *ret)
if (!BN_is_one(t1))
*ret |= DH_NOT_SUITABLE_GENERATOR;
}
- r = BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL);
- if (r < 0)
- goto err;
- if (!r)
+ if (!BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL))
*ret |= DH_CHECK_Q_NOT_PRIME;
/* Check p == 1 mod q i.e. q divides p - 1 */
if (!BN_div(t1, t2, dh->p, dh->q, ctx))
@@ -108,31 +114,29 @@ int DH_check(const DH *dh, int *ret)
} else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
l = BN_mod_word(dh->p, 24);
- if (l == (BN_ULONG)-1)
- goto err;
if (l != 11)
*ret |= DH_NOT_SUITABLE_GENERATOR;
- } else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
+ }
+#if 0
+ else if (BN_is_word(dh->g, DH_GENERATOR_3)) {
+ l = BN_mod_word(dh->p, 12);
+ if (l != 5)
+ *ret |= DH_NOT_SUITABLE_GENERATOR;
+ }
+#endif
+ else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
l = BN_mod_word(dh->p, 10);
- if (l == (BN_ULONG)-1)
- goto err;
if ((l != 3) && (l != 7))
*ret |= DH_NOT_SUITABLE_GENERATOR;
} else
*ret |= DH_UNABLE_TO_CHECK_GENERATOR;
- r = BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL);
- if (r < 0)
- goto err;
- if (!r)
+ if (!BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL))
*ret |= DH_CHECK_P_NOT_PRIME;
else if (!dh->q) {
if (!BN_rshift1(t1, dh->p))
goto err;
- r = BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL);
- if (r < 0)
- goto err;
- if (!r)
+ if (!BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL))
*ret |= DH_CHECK_P_NOT_SAFE_PRIME;
}
ok = 1;
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_depr.c b/Cryptlib/OpenSSL/crypto/dh/dh_depr.c
index f8ed1b74..b6221199 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_depr.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_depr.c
@@ -1,45 +1,81 @@
-/*
- * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/dh/dh_depr.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
*/
/* This file contains deprecated functions as wrappers to the new ones */
-#include <openssl/opensslconf.h>
-#if OPENSSL_API_COMPAT >= 0x00908000L
-NON_EMPTY_TRANSLATION_UNIT
-#else
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
-# include <stdio.h>
-# include "internal/cryptlib.h"
-# include <openssl/bn.h>
-# include <openssl/dh.h>
+static void *dummy = &dummy;
+#ifndef OPENSSL_NO_DEPRECATED
DH *DH_generate_parameters(int prime_len, int generator,
void (*callback) (int, int, void *), void *cb_arg)
{
- BN_GENCB *cb;
+ BN_GENCB cb;
DH *ret = NULL;
if ((ret = DH_new()) == NULL)
return NULL;
- cb = BN_GENCB_new();
- if (cb == NULL) {
- DH_free(ret);
- return NULL;
- }
- BN_GENCB_set_old(cb, callback, cb_arg);
+ BN_GENCB_set_old(&cb, callback, cb_arg);
- if (DH_generate_parameters_ex(ret, prime_len, generator, cb)) {
- BN_GENCB_free(cb);
+ if (DH_generate_parameters_ex(ret, prime_len, generator, &cb))
return ret;
- }
- BN_GENCB_free(cb);
DH_free(ret);
return NULL;
}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_err.c b/Cryptlib/OpenSSL/crypto/dh/dh_err.c
index 4e21f284..b890cca8 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_err.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_err.c
@@ -1,11 +1,62 @@
-/*
- * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/dh/dh_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2013 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
*/
#include <stdio.h>
@@ -19,25 +70,26 @@
# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
static ERR_STRING_DATA DH_str_functs[] = {
- {ERR_FUNC(DH_F_COMPUTE_KEY), "compute_key"},
+ {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
- {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "dh_builtin_genparams"},
- {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "dh_cms_decrypt"},
- {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "dh_cms_set_peerkey"},
- {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "dh_cms_set_shared_info"},
- {ERR_FUNC(DH_F_DH_METH_DUP), "DH_meth_dup"},
- {ERR_FUNC(DH_F_DH_METH_NEW), "DH_meth_new"},
- {ERR_FUNC(DH_F_DH_METH_SET1_NAME), "DH_meth_set1_name"},
+ {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+ {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "DH_CMS_DECRYPT"},
+ {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "DH_CMS_SET_PEERKEY"},
+ {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "DH_CMS_SET_SHARED_INFO"},
+ {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
+ {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
+ {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"},
{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
- {ERR_FUNC(DH_F_DH_PARAM_DECODE), "dh_param_decode"},
- {ERR_FUNC(DH_F_DH_PRIV_DECODE), "dh_priv_decode"},
- {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "dh_priv_encode"},
- {ERR_FUNC(DH_F_DH_PUB_DECODE), "dh_pub_decode"},
- {ERR_FUNC(DH_F_DH_PUB_ENCODE), "dh_pub_encode"},
- {ERR_FUNC(DH_F_DO_DH_PRINT), "do_dh_print"},
- {ERR_FUNC(DH_F_GENERATE_KEY), "generate_key"},
- {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "pkey_dh_derive"},
- {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "pkey_dh_keygen"},
+ {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
+ {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
+ {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "DH_PRIV_ENCODE"},
+ {ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"},
+ {ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"},
+ {ERR_FUNC(DH_F_DO_DH_PRINT), "DO_DH_PRINT"},
+ {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
+ {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
+ {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "PKEY_DH_DERIVE"},
+ {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "PKEY_DH_KEYGEN"},
{0, NULL}
};
@@ -49,7 +101,9 @@ static ERR_STRING_DATA DH_str_reasons[] = {
{ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
{ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
{ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
+ {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
{ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
+ {ERR_REASON(DH_R_NON_FIPS_METHOD), "non fips method"},
{ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
{ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
@@ -60,7 +114,7 @@ static ERR_STRING_DATA DH_str_reasons[] = {
#endif
-int ERR_load_DH_strings(void)
+void ERR_load_DH_strings(void)
{
#ifndef OPENSSL_NO_ERR
@@ -69,5 +123,4 @@ int ERR_load_DH_strings(void)
ERR_load_strings(0, DH_str_reasons);
}
#endif
- return 1;
}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_gen.c b/Cryptlib/OpenSSL/crypto/dh/dh_gen.c
index 27ecb983..5bedb665 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_gen.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_gen.c
@@ -1,10 +1,59 @@
-/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/dh/dh_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
*/
/*
@@ -13,9 +62,13 @@
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
+#include <openssl/dh.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
BN_GENCB *cb);
@@ -23,8 +76,19 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
int DH_generate_parameters_ex(DH *ret, int prime_len, int generator,
BN_GENCB *cb)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+ DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
if (ret->meth->generate_params)
return ret->meth->generate_params(ret, prime_len, generator, cb);
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dh_generate_parameters_ex(ret, prime_len, generator, cb);
+#endif
return dh_builtin_genparams(ret, prime_len, generator, cb);
}
@@ -87,7 +151,17 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
if (!BN_set_word(t2, 11))
goto err;
g = 2;
- } else if (generator == DH_GENERATOR_5) {
+ }
+#if 0 /* does not work for safe primes */
+ else if (generator == DH_GENERATOR_3) {
+ if (!BN_set_word(t1, 12))
+ goto err;
+ if (!BN_set_word(t2, 5))
+ goto err;
+ g = 3;
+ }
+#endif
+ else if (generator == DH_GENERATOR_5) {
if (!BN_set_word(t1, 10))
goto err;
if (!BN_set_word(t2, 3))
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_kdf.c b/Cryptlib/OpenSSL/crypto/dh/dh_kdf.c
deleted file mode 100644
index 2782eeee..00000000
--- a/Cryptlib/OpenSSL/crypto/dh/dh_kdf.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <e_os.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <string.h>
-#include <openssl/dh.h>
-#include <openssl/evp.h>
-#include <openssl/asn1.h>
-#include <openssl/cms.h>
-
-
-/* Key derivation from X9.42/RFC2631 */
-/* Uses CMS functions, hence the #ifdef wrapper. */
-
-#define DH_KDF_MAX (1L << 30)
-
-/* Skip past an ASN1 structure: for OBJECT skip content octets too */
-
-static int skip_asn1(unsigned char **pp, long *plen, int exptag)
-{
- const unsigned char *q = *pp;
- int i, tag, xclass;
- long tmplen;
- i = ASN1_get_object(&q, &tmplen, &tag, &xclass, *plen);
- if (i & 0x80)
- return 0;
- if (tag != exptag || xclass != V_ASN1_UNIVERSAL)
- return 0;
- if (tag == V_ASN1_OBJECT)
- q += tmplen;
- *plen -= q - *pp;
- *pp = (unsigned char *)q;
- return 1;
-}
-
-/*
- * Encode the DH shared info structure, return an offset to the counter value
- * so we can update the structure without reencoding it.
- */
-
-static int dh_sharedinfo_encode(unsigned char **pder, unsigned char **pctr,
- ASN1_OBJECT *key_oid, size_t outlen,
- const unsigned char *ukm, size_t ukmlen)
-{
- unsigned char *p;
- int derlen;
- long tlen;
- /* "magic" value to check offset is sane */
- static unsigned char ctr[4] = { 0xF3, 0x17, 0x22, 0x53 };
- X509_ALGOR atmp;
- ASN1_OCTET_STRING ctr_oct, ukm_oct, *pukm_oct;
- ASN1_TYPE ctr_atype;
- if (ukmlen > DH_KDF_MAX || outlen > DH_KDF_MAX)
- return 0;
- ctr_oct.data = ctr;
- ctr_oct.length = 4;
- ctr_oct.flags = 0;
- ctr_oct.type = V_ASN1_OCTET_STRING;
- ctr_atype.type = V_ASN1_OCTET_STRING;
- ctr_atype.value.octet_string = &ctr_oct;
- atmp.algorithm = key_oid;
- atmp.parameter = &ctr_atype;
- if (ukm) {
- ukm_oct.type = V_ASN1_OCTET_STRING;
- ukm_oct.flags = 0;
- ukm_oct.data = (unsigned char *)ukm;
- ukm_oct.length = ukmlen;
- pukm_oct = &ukm_oct;
- } else
- pukm_oct = NULL;
- derlen = CMS_SharedInfo_encode(pder, &atmp, pukm_oct, outlen);
- if (derlen <= 0)
- return 0;
- p = *pder;
- tlen = derlen;
- if (!skip_asn1(&p, &tlen, V_ASN1_SEQUENCE))
- return 0;
- if (!skip_asn1(&p, &tlen, V_ASN1_SEQUENCE))
- return 0;
- if (!skip_asn1(&p, &tlen, V_ASN1_OBJECT))
- return 0;
- if (!skip_asn1(&p, &tlen, V_ASN1_OCTET_STRING))
- return 0;
- if (CRYPTO_memcmp(p, ctr, 4))
- return 0;
- *pctr = p;
- return derlen;
-}
-
-int DH_KDF_X9_42(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- ASN1_OBJECT *key_oid,
- const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
-{
- EVP_MD_CTX *mctx = NULL;
- int rv = 0;
- unsigned int i;
- size_t mdlen;
- unsigned char *der = NULL, *ctr;
- int derlen;
- if (Zlen > DH_KDF_MAX)
- return 0;
- mctx = EVP_MD_CTX_new();
- if (mctx == NULL)
- return 0;
- mdlen = EVP_MD_size(md);
- derlen = dh_sharedinfo_encode(&der, &ctr, key_oid, outlen, ukm, ukmlen);
- if (derlen == 0)
- goto err;
- for (i = 1;; i++) {
- unsigned char mtmp[EVP_MAX_MD_SIZE];
- if (!EVP_DigestInit_ex(mctx, md, NULL)
- || !EVP_DigestUpdate(mctx, Z, Zlen))
- goto err;
- ctr[3] = i & 0xFF;
- ctr[2] = (i >> 8) & 0xFF;
- ctr[1] = (i >> 16) & 0xFF;
- ctr[0] = (i >> 24) & 0xFF;
- if (!EVP_DigestUpdate(mctx, der, derlen))
- goto err;
- if (outlen >= mdlen) {
- if (!EVP_DigestFinal(mctx, out, NULL))
- goto err;
- outlen -= mdlen;
- if (outlen == 0)
- break;
- out += mdlen;
- } else {
- if (!EVP_DigestFinal(mctx, mtmp, NULL))
- goto err;
- memcpy(out, mtmp, outlen);
- OPENSSL_cleanse(mtmp, mdlen);
- break;
- }
- }
- rv = 1;
- err:
- OPENSSL_free(der);
- EVP_MD_CTX_free(mctx);
- return rv;
-}
-#endif
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_key.c b/Cryptlib/OpenSSL/crypto/dh/dh_key.c
index 204e5a7a..387558f1 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_key.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_key.c
@@ -1,16 +1,66 @@
-/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/dh/dh_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
-#include "dh_locl.h"
-#include "internal/bn_int.h"
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/dh.h>
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
@@ -22,11 +72,25 @@ static int dh_finish(DH *dh);
int DH_generate_key(DH *dh)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+ DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
return dh->meth->generate_key(dh);
}
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+ && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+ DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
+ return 0;
+ }
+#endif
return dh->meth->compute_key(key, pub_key, dh);
}
@@ -51,7 +115,7 @@ static DH_METHOD dh_ossl = {
dh_bn_mod_exp,
dh_init,
dh_finish,
- DH_FLAG_FIPS_METHOD,
+ 0,
NULL,
NULL
};
@@ -75,7 +139,7 @@ static int generate_key(DH *dh)
goto err;
if (dh->priv_key == NULL) {
- priv_key = BN_secure_new();
+ priv_key = BN_new();
if (priv_key == NULL)
goto err;
generate_new_key = 1;
@@ -91,7 +155,7 @@ static int generate_key(DH *dh)
if (dh->flags & DH_FLAG_CACHE_MONT_P) {
mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
- dh->lock, dh->p, ctx);
+ CRYPTO_LOCK_DH, dh->p, ctx);
if (!mont)
goto err;
}
@@ -106,24 +170,24 @@ static int generate_key(DH *dh)
} else {
/* secret exponent length */
l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
- if (!BN_rand(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
+ if (!BN_rand(priv_key, l, 0, 0))
goto err;
}
}
{
- BIGNUM *prk = BN_new();
+ BIGNUM local_prk;
+ BIGNUM *prk;
- if (prk == NULL)
- goto err;
- BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+ if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
+ BN_init(&local_prk);
+ prk = &local_prk;
+ BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+ } else
+ prk = priv_key;
- if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) {
- BN_free(prk);
+ if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))
goto err;
- }
- /* We MUST free prk before any further use of priv_key */
- BN_free(prk);
}
dh->pub_key = pub_key;
@@ -133,9 +197,9 @@ static int generate_key(DH *dh)
if (ok != 1)
DHerr(DH_F_GENERATE_KEY, ERR_R_BN_LIB);
- if (pub_key != dh->pub_key)
+ if ((pub_key != NULL) && (dh->pub_key == NULL))
BN_free(pub_key);
- if (priv_key != dh->priv_key)
+ if ((priv_key != NULL) && (dh->priv_key == NULL))
BN_free(priv_key);
BN_CTX_free(ctx);
return (ok);
@@ -169,8 +233,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
if (dh->flags & DH_FLAG_CACHE_MONT_P) {
mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
- dh->lock, dh->p, ctx);
- BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
+ CRYPTO_LOCK_DH, dh->p, ctx);
+ if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
+ /* XXX */
+ BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
+ }
if (!mont)
goto err;
}
@@ -199,7 +266,15 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
{
- return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
+ /*
+ * If a is only one word long and constant time is false, use the faster
+ * exponenentiation function.
+ */
+ if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0)) {
+ BN_ULONG A = a->d[0];
+ return BN_mod_exp_mont_word(r, A, p, m, ctx, m_ctx);
+ } else
+ return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
}
static int dh_init(DH *dh)
@@ -210,6 +285,7 @@ static int dh_init(DH *dh)
static int dh_finish(DH *dh)
{
- BN_MONT_CTX_free(dh->method_mont_p);
+ if (dh->method_mont_p)
+ BN_MONT_CTX_free(dh->method_mont_p);
return (1);
}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_lib.c b/Cryptlib/OpenSSL/crypto/dh/dh_lib.c
index adf17715..bebc160e 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_lib.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_lib.c
@@ -1,17 +1,74 @@
-/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/dh/dh_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
-#include <openssl/engine.h>
+#include <openssl/dh.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char DH_version[] = "Diffie-Hellman" OPENSSL_VERSION_PTEXT;
static const DH_METHOD *default_DH_method = NULL;
@@ -22,8 +79,16 @@ void DH_set_default_method(const DH_METHOD *meth)
const DH_METHOD *DH_get_default_method(void)
{
- if (!default_DH_method)
+ if (!default_DH_method) {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ return FIPS_dh_openssl();
+ else
+ return DH_OpenSSL();
+#else
default_DH_method = DH_OpenSSL();
+#endif
+ }
return default_DH_method;
}
@@ -38,8 +103,10 @@ int DH_set_method(DH *dh, const DH_METHOD *meth)
if (mtmp->finish)
mtmp->finish(dh);
#ifndef OPENSSL_NO_ENGINE
- ENGINE_finish(dh->engine);
- dh->engine = NULL;
+ if (dh->engine) {
+ ENGINE_finish(dh->engine);
+ dh->engine = NULL;
+ }
#endif
dh->meth = meth;
if (meth->init)
@@ -54,102 +121,132 @@ DH *DH_new(void)
DH *DH_new_method(ENGINE *engine)
{
- DH *ret = OPENSSL_zalloc(sizeof(*ret));
+ DH *ret;
+ ret = (DH *)OPENSSL_malloc(sizeof(DH));
if (ret == NULL) {
DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- ret->references = 1;
- ret->lock = CRYPTO_THREAD_lock_new();
- if (ret->lock == NULL) {
- DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(ret);
- return NULL;
+ return (NULL);
}
ret->meth = DH_get_default_method();
#ifndef OPENSSL_NO_ENGINE
- ret->flags = ret->meth->flags; /* early default init */
if (engine) {
if (!ENGINE_init(engine)) {
DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
- goto err;
+ OPENSSL_free(ret);
+ return NULL;
}
ret->engine = engine;
} else
ret->engine = ENGINE_get_default_DH();
if (ret->engine) {
ret->meth = ENGINE_get_DH(ret->engine);
- if (ret->meth == NULL) {
+ if (!ret->meth) {
DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
- goto err;
+ ENGINE_finish(ret->engine);
+ OPENSSL_free(ret);
+ return NULL;
}
}
#endif
- ret->flags = ret->meth->flags;
-
- if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data))
- goto err;
-
+ ret->pad = 0;
+ ret->version = 0;
+ ret->p = NULL;
+ ret->g = NULL;
+ ret->length = 0;
+ ret->pub_key = NULL;
+ ret->priv_key = NULL;
+ ret->q = NULL;
+ ret->j = NULL;
+ ret->seed = NULL;
+ ret->seedlen = 0;
+ ret->counter = NULL;
+ ret->method_mont_p = NULL;
+ ret->references = 1;
+ ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
+ CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
- DHerr(DH_F_DH_NEW_METHOD, ERR_R_INIT_FAIL);
-err:
- DH_free(ret);
+#ifndef OPENSSL_NO_ENGINE
+ if (ret->engine)
+ ENGINE_finish(ret->engine);
+#endif
+ CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+ OPENSSL_free(ret);
ret = NULL;
}
-
- return ret;
+ return (ret);
}
void DH_free(DH *r)
{
int i;
-
if (r == NULL)
return;
-
- CRYPTO_atomic_add(&r->references, -1, &i, r->lock);
- REF_PRINT_COUNT("DH", r);
+ i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
+#ifdef REF_PRINT
+ REF_PRINT("DH", r);
+#endif
if (i > 0)
return;
- REF_ASSERT_ISNT(i < 0);
+#ifdef REF_CHECK
+ if (i < 0) {
+ fprintf(stderr, "DH_free, bad reference count\n");
+ abort();
+ }
+#endif
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
- ENGINE_finish(r->engine);
+ if (r->engine)
+ ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
- CRYPTO_THREAD_lock_free(r->lock);
-
- BN_clear_free(r->p);
- BN_clear_free(r->g);
- BN_clear_free(r->q);
- BN_clear_free(r->j);
- OPENSSL_free(r->seed);
- BN_clear_free(r->counter);
- BN_clear_free(r->pub_key);
- BN_clear_free(r->priv_key);
+ if (r->p != NULL)
+ BN_clear_free(r->p);
+ if (r->g != NULL)
+ BN_clear_free(r->g);
+ if (r->q != NULL)
+ BN_clear_free(r->q);
+ if (r->j != NULL)
+ BN_clear_free(r->j);
+ if (r->seed)
+ OPENSSL_free(r->seed);
+ if (r->counter != NULL)
+ BN_clear_free(r->counter);
+ if (r->pub_key != NULL)
+ BN_clear_free(r->pub_key);
+ if (r->priv_key != NULL)
+ BN_clear_free(r->priv_key);
OPENSSL_free(r);
}
int DH_up_ref(DH *r)
{
- int i;
-
- if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0)
- return 0;
-
- REF_PRINT_COUNT("DH", r);
- REF_ASSERT_ISNT(i < 2);
+ int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
+#ifdef REF_PRINT
+ REF_PRINT("DH", r);
+#endif
+#ifdef REF_CHECK
+ if (i < 2) {
+ fprintf(stderr, "DH_up, bad reference count\n");
+ abort();
+ }
+#endif
return ((i > 1) ? 1 : 0);
}
+int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+ return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
+ new_func, dup_func, free_func);
+}
+
int DH_set_ex_data(DH *d, int idx, void *arg)
{
return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
@@ -160,125 +257,7 @@ void *DH_get_ex_data(DH *d, int idx)
return (CRYPTO_get_ex_data(&d->ex_data, idx));
}
-int DH_bits(const DH *dh)
-{
- return BN_num_bits(dh->p);
-}
-
int DH_size(const DH *dh)
{
return (BN_num_bytes(dh->p));
}
-
-int DH_security_bits(const DH *dh)
-{
- int N;
- if (dh->q)
- N = BN_num_bits(dh->q);
- else if (dh->length)
- N = dh->length;
- else
- N = -1;
- return BN_security_bits(BN_num_bits(dh->p), N);
-}
-
-
-void DH_get0_pqg(const DH *dh,
- const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
-{
- if (p != NULL)
- *p = dh->p;
- if (q != NULL)
- *q = dh->q;
- if (g != NULL)
- *g = dh->g;
-}
-
-int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-{
- /* If the fields p and g in d are NULL, the corresponding input
- * parameters MUST be non-NULL. q may remain NULL.
- */
- if ((dh->p == NULL && p == NULL)
- || (dh->g == NULL && g == NULL))
- return 0;
-
- if (p != NULL) {
- BN_free(dh->p);
- dh->p = p;
- }
- if (q != NULL) {
- BN_free(dh->q);
- dh->q = q;
- }
- if (g != NULL) {
- BN_free(dh->g);
- dh->g = g;
- }
-
- if (q != NULL) {
- dh->length = BN_num_bits(q);
- }
-
- return 1;
-}
-
-long DH_get_length(const DH *dh)
-{
- return dh->length;
-}
-
-int DH_set_length(DH *dh, long length)
-{
- dh->length = length;
- return 1;
-}
-
-void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
-{
- if (pub_key != NULL)
- *pub_key = dh->pub_key;
- if (priv_key != NULL)
- *priv_key = dh->priv_key;
-}
-
-int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
-{
- /* If the field pub_key in dh is NULL, the corresponding input
- * parameters MUST be non-NULL. The priv_key field may
- * be left NULL.
- */
- if (dh->pub_key == NULL && pub_key == NULL)
- return 0;
-
- if (pub_key != NULL) {
- BN_free(dh->pub_key);
- dh->pub_key = pub_key;
- }
- if (priv_key != NULL) {
- BN_free(dh->priv_key);
- dh->priv_key = priv_key;
- }
-
- return 1;
-}
-
-void DH_clear_flags(DH *dh, int flags)
-{
- dh->flags &= ~flags;
-}
-
-int DH_test_flags(const DH *dh, int flags)
-{
- return dh->flags & flags;
-}
-
-void DH_set_flags(DH *dh, int flags)
-{
- dh->flags |= flags;
-}
-
-ENGINE *DH_get0_engine(DH *dh)
-{
- return dh->engine;
-}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_locl.h b/Cryptlib/OpenSSL/crypto/dh/dh_locl.h
deleted file mode 100644
index 19301c31..00000000
--- a/Cryptlib/OpenSSL/crypto/dh/dh_locl.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/dh.h>
-
-struct dh_st {
- /*
- * This first argument is used to pick up errors when a DH is passed
- * instead of a EVP_PKEY
- */
- int pad;
- int version;
- BIGNUM *p;
- BIGNUM *g;
- long length; /* optional */
- BIGNUM *pub_key; /* g^x % p */
- BIGNUM *priv_key; /* x */
- int flags;
- BN_MONT_CTX *method_mont_p;
- /* Place holders if we want to do X9.42 DH */
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
- int references;
- CRYPTO_EX_DATA ex_data;
- const DH_METHOD *meth;
- ENGINE *engine;
- CRYPTO_RWLOCK *lock;
-};
-
-struct dh_method {
- char *name;
- /* Methods here */
- int (*generate_key) (DH *dh);
- int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
-
- /* Can be null */
- int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
- int (*init) (DH *dh);
- int (*finish) (DH *dh);
- int flags;
- char *app_data;
- /* If this is non-NULL, it will be used to generate parameters */
- int (*generate_params) (DH *dh, int prime_len, int generator,
- BN_GENCB *cb);
-};
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_meth.c b/Cryptlib/OpenSSL/crypto/dh/dh_meth.c
deleted file mode 100644
index ce6114c1..00000000
--- a/Cryptlib/OpenSSL/crypto/dh/dh_meth.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include "dh_locl.h"
-#include <string.h>
-#include <openssl/err.h>
-
-DH_METHOD *DH_meth_new(const char *name, int flags)
-{
- DH_METHOD *dhm = OPENSSL_zalloc(sizeof(*dhm));
-
- if (dhm != NULL) {
- dhm->flags = flags;
-
- dhm->name = OPENSSL_strdup(name);
- if (dhm->name != NULL)
- return dhm;
-
- OPENSSL_free(dhm);
- }
-
- DHerr(DH_F_DH_METH_NEW, ERR_R_MALLOC_FAILURE);
- return NULL;
-}
-
-void DH_meth_free(DH_METHOD *dhm)
-{
- if (dhm != NULL) {
- OPENSSL_free(dhm->name);
- OPENSSL_free(dhm);
- }
-}
-
-DH_METHOD *DH_meth_dup(const DH_METHOD *dhm)
-{
- DH_METHOD *ret = OPENSSL_malloc(sizeof(*ret));
-
- if (ret != NULL) {
- memcpy(ret, dhm, sizeof(*dhm));
-
- ret->name = OPENSSL_strdup(dhm->name);
- if (ret->name != NULL)
- return ret;
-
- OPENSSL_free(ret);
- }
-
- DHerr(DH_F_DH_METH_DUP, ERR_R_MALLOC_FAILURE);
- return NULL;
-}
-
-const char *DH_meth_get0_name(const DH_METHOD *dhm)
-{
- return dhm->name;
-}
-
-int DH_meth_set1_name(DH_METHOD *dhm, const char *name)
-{
- char *tmpname = OPENSSL_strdup(name);
-
- if (tmpname == NULL) {
- DHerr(DH_F_DH_METH_SET1_NAME, ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- OPENSSL_free(dhm->name);
- dhm->name = tmpname;
-
- return 1;
-}
-
-int DH_meth_get_flags(DH_METHOD *dhm)
-{
- return dhm->flags;
-}
-
-int DH_meth_set_flags(DH_METHOD *dhm, int flags)
-{
- dhm->flags = flags;
- return 1;
-}
-
-void *DH_meth_get0_app_data(const DH_METHOD *dhm)
-{
- return dhm->app_data;
-}
-
-int DH_meth_set0_app_data(DH_METHOD *dhm, void *app_data)
-{
- dhm->app_data = app_data;
- return 1;
-}
-
-int (*DH_meth_get_generate_key(const DH_METHOD *dhm)) (DH *)
-{
- return dhm->generate_key;
-}
-
-int DH_meth_set_generate_key(DH_METHOD *dhm, int (*generate_key) (DH *))
-{
- dhm->generate_key = generate_key;
- return 1;
-}
-
-int (*DH_meth_get_compute_key(const DH_METHOD *dhm))
- (unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
- return dhm->compute_key;
-}
-
-int DH_meth_set_compute_key(DH_METHOD *dhm,
- int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh))
-{
- dhm->compute_key = compute_key;
- return 1;
-}
-
-
-int (*DH_meth_get_bn_mod_exp(const DH_METHOD *dhm))
- (const DH *, BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *,
- BN_CTX *, BN_MONT_CTX *)
-{
- return dhm->bn_mod_exp;
-}
-
-int DH_meth_set_bn_mod_exp(DH_METHOD *dhm,
- int (*bn_mod_exp) (const DH *, BIGNUM *, const BIGNUM *, const BIGNUM *,
- const BIGNUM *, BN_CTX *, BN_MONT_CTX *))
-{
- dhm->bn_mod_exp = bn_mod_exp;
- return 1;
-}
-
-int (*DH_meth_get_init(const DH_METHOD *dhm))(DH *)
-{
- return dhm->init;
-}
-
-int DH_meth_set_init(DH_METHOD *dhm, int (*init)(DH *))
-{
- dhm->init = init;
- return 1;
-}
-
-int (*DH_meth_get_finish(const DH_METHOD *dhm)) (DH *)
-{
- return dhm->finish;
-}
-
-int DH_meth_set_finish(DH_METHOD *dhm, int (*finish) (DH *))
-{
- dhm->finish = finish;
- return 1;
-}
-
-int (*DH_meth_get_generate_params(const DH_METHOD *dhm))
- (DH *, int, int, BN_GENCB *)
-{
- return dhm->generate_params;
-}
-
-int DH_meth_set_generate_params(DH_METHOD *dhm,
- int (*generate_params) (DH *, int, int, BN_GENCB *))
-{
- dhm->generate_params = generate_params;
- return 1;
-}
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_pmeth.c b/Cryptlib/OpenSSL/crypto/dh/dh_pmeth.c
index c3e03c7a..926be98e 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_pmeth.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_pmeth.c
@@ -1,22 +1,73 @@
/*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
-#include "dh_locl.h"
+#include <openssl/dh.h>
#include <openssl/bn.h>
-#include <openssl/dsa.h>
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
#include <openssl/objects.h>
-#include "internal/evp_int.h"
+#include "evp_locl.h"
/* DH pkey context structure */
@@ -47,14 +98,22 @@ typedef struct {
static int pkey_dh_init(EVP_PKEY_CTX *ctx)
{
DH_PKEY_CTX *dctx;
-
- dctx = OPENSSL_zalloc(sizeof(*dctx));
- if (dctx == NULL)
+ dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
+ if (!dctx)
return 0;
dctx->prime_len = 1024;
dctx->subprime_len = -1;
dctx->generator = 2;
+ dctx->use_dsa = 0;
+ dctx->md = NULL;
+ dctx->rfc5114_param = 0;
+
dctx->kdf_type = EVP_PKEY_DH_KDF_NONE;
+ dctx->kdf_oid = NULL;
+ dctx->kdf_md = NULL;
+ dctx->kdf_ukm = NULL;
+ dctx->kdf_ukmlen = 0;
+ dctx->kdf_outlen = 0;
ctx->data = dctx;
ctx->keygen_info = dctx->gentmp;
@@ -63,17 +122,6 @@ static int pkey_dh_init(EVP_PKEY_CTX *ctx)
return 1;
}
-static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
-{
- DH_PKEY_CTX *dctx = ctx->data;
- if (dctx != NULL) {
- OPENSSL_free(dctx->kdf_ukm);
- ASN1_OBJECT_free(dctx->kdf_oid);
- OPENSSL_free(dctx);
- }
-}
-
-
static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
{
DH_PKEY_CTX *dctx, *sctx;
@@ -90,19 +138,29 @@ static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
dctx->kdf_type = sctx->kdf_type;
dctx->kdf_oid = OBJ_dup(sctx->kdf_oid);
- if (dctx->kdf_oid == NULL)
+ if (!dctx->kdf_oid)
return 0;
dctx->kdf_md = sctx->kdf_md;
- if (sctx->kdf_ukm != NULL) {
- dctx->kdf_ukm = OPENSSL_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
- if (dctx->kdf_ukm == NULL)
- return 0;
+ if (dctx->kdf_ukm) {
+ dctx->kdf_ukm = BUF_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
dctx->kdf_ukmlen = sctx->kdf_ukmlen;
}
dctx->kdf_outlen = sctx->kdf_outlen;
return 1;
}
+static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
+{
+ DH_PKEY_CTX *dctx = ctx->data;
+ if (dctx) {
+ if (dctx->kdf_ukm)
+ OPENSSL_free(dctx->kdf_ukm);
+ if (dctx->kdf_oid)
+ ASN1_OBJECT_free(dctx->kdf_oid);
+ OPENSSL_free(dctx);
+ }
+}
+
static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
{
DH_PKEY_CTX *dctx = ctx->data;
@@ -177,7 +235,8 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
return 1;
case EVP_PKEY_CTRL_DH_KDF_UKM:
- OPENSSL_free(dctx->kdf_ukm);
+ if (dctx->kdf_ukm)
+ OPENSSL_free(dctx->kdf_ukm);
dctx->kdf_ukm = p2;
if (p2)
dctx->kdf_ukmlen = p1;
@@ -190,7 +249,8 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
return dctx->kdf_ukmlen;
case EVP_PKEY_CTRL_DH_KDF_OID:
- ASN1_OBJECT_free(dctx->kdf_oid);
+ if (dctx->kdf_oid)
+ ASN1_OBJECT_free(dctx->kdf_oid);
dctx->kdf_oid = p2;
return 1;
@@ -207,12 +267,12 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
const char *type, const char *value)
{
- if (strcmp(type, "dh_paramgen_prime_len") == 0) {
+ if (!strcmp(type, "dh_paramgen_prime_len")) {
int len;
len = atoi(value);
return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
}
- if (strcmp(type, "dh_rfc5114") == 0) {
+ if (!strcmp(type, "dh_rfc5114")) {
DH_PKEY_CTX *dctx = ctx->data;
int len;
len = atoi(value);
@@ -221,17 +281,17 @@ static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
dctx->rfc5114_param = len;
return 1;
}
- if (strcmp(type, "dh_paramgen_generator") == 0) {
+ if (!strcmp(type, "dh_paramgen_generator")) {
int len;
len = atoi(value);
return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
}
- if (strcmp(type, "dh_paramgen_subprime_len") == 0) {
+ if (!strcmp(type, "dh_paramgen_subprime_len")) {
int len;
len = atoi(value);
return EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len);
}
- if (strcmp(type, "dh_paramgen_type") == 0) {
+ if (!strcmp(type, "dh_paramgen_type")) {
int typ;
typ = atoi(value);
return EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ);
@@ -264,7 +324,7 @@ static DSA *dsa_dh_generate(DH_PKEY_CTX *dctx, BN_GENCB *pcb)
if (dctx->use_dsa > 2)
return NULL;
ret = DSA_new();
- if (ret == NULL)
+ if (!ret)
return NULL;
if (subprime_len == -1) {
if (prime_len >= 2048)
@@ -297,7 +357,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
DH *dh = NULL;
DH_PKEY_CTX *dctx = ctx->data;
- BN_GENCB *pcb;
+ BN_GENCB *pcb, cb;
int ret;
if (dctx->rfc5114_param) {
switch (dctx->rfc5114_param) {
@@ -321,9 +381,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
}
if (ctx->pkey_gencb) {
- pcb = BN_GENCB_new();
- if (pcb == NULL)
- return 0;
+ pcb = &cb;
evp_pkey_set_cb_translate(pcb, ctx);
} else
pcb = NULL;
@@ -331,8 +389,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
if (dctx->use_dsa) {
DSA *dsa_dh;
dsa_dh = dsa_dh_generate(dctx, pcb);
- BN_GENCB_free(pcb);
- if (dsa_dh == NULL)
+ if (!dsa_dh)
return 0;
dh = DSA_dup_DH(dsa_dh);
DSA_free(dsa_dh);
@@ -343,13 +400,11 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
}
#endif
dh = DH_new();
- if (dh == NULL) {
- BN_GENCB_free(pcb);
+ if (!dh)
return 0;
- }
ret = DH_generate_parameters_ex(dh,
dctx->prime_len, dctx->generator, pcb);
- BN_GENCB_free(pcb);
+
if (ret)
EVP_PKEY_assign_DH(pkey, dh);
else
@@ -365,7 +420,7 @@ static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
return 0;
}
dh = DH_new();
- if (dh == NULL)
+ if (!dh)
return 0;
EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, dh);
/* Note: if error return, pkey is freed by parent routine */
@@ -400,7 +455,6 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
}
#ifndef OPENSSL_NO_CMS
else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
-
unsigned char *Z = NULL;
size_t Zlen = 0;
if (!dctx->kdf_outlen || !dctx->kdf_oid)
@@ -414,7 +468,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
ret = 0;
Zlen = DH_size(dh);
Z = OPENSSL_malloc(Zlen);
- if (Z == NULL) {
+ if (!Z) {
goto err;
}
if (DH_compute_key_padded(Z, dhpub, dh) <= 0)
@@ -425,7 +479,10 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
*keylen = dctx->kdf_outlen;
ret = 1;
err:
- OPENSSL_clear_free(Z, Zlen);
+ if (Z) {
+ OPENSSL_cleanse(Z, Zlen);
+ OPENSSL_free(Z);
+ }
return ret;
}
#endif
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_prn.c b/Cryptlib/OpenSSL/crypto/dh/dh_prn.c
index 283fb0f4..5d6c3a37 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_prn.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_prn.c
@@ -1,18 +1,67 @@
-/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
+#include "cryptlib.h"
#include <openssl/evp.h>
#include <openssl/dh.h>
-#ifndef OPENSSL_NO_STDIO
+#ifndef OPENSSL_NO_FP_API
int DHparams_print_fp(FILE *fp, const DH *x)
{
BIO *b;
diff --git a/Cryptlib/OpenSSL/crypto/dh/dh_rfc5114.c b/Cryptlib/OpenSSL/crypto/dh/dh_rfc5114.c
index c4a21959..e96e2aa3 100644
--- a/Cryptlib/OpenSSL/crypto/dh/dh_rfc5114.c
+++ b/Cryptlib/OpenSSL/crypto/dh/dh_rfc5114.c
@@ -1,40 +1,284 @@
/*
- * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2011.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
*
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
-#include "dh_locl.h"
+#include "cryptlib.h"
+#include <openssl/dh.h>
#include <openssl/bn.h>
-#include "internal/bn_dh.h"
+
+/* DH parameters from RFC5114 */
+
+#if BN_BITS2 == 64
+static const BN_ULONG dh1024_160_p[] = {
+ 0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL,
+ 0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL,
+ 0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL,
+ 0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL,
+ 0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL,
+ 0xB10B8F96A080E01DULL
+};
+
+static const BN_ULONG dh1024_160_g[] = {
+ 0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL,
+ 0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL,
+ 0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL,
+ 0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL,
+ 0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL,
+ 0xA4D1CBD5C3FD3412ULL
+};
+
+static const BN_ULONG dh1024_160_q[] = {
+ 0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL
+};
+
+static const BN_ULONG dh2048_224_p[] = {
+ 0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL,
+ 0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL,
+ 0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL,
+ 0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL,
+ 0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL,
+ 0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL,
+ 0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL,
+ 0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL,
+ 0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL,
+ 0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL,
+ 0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL
+};
+
+static const BN_ULONG dh2048_224_g[] = {
+ 0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL,
+ 0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL,
+ 0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL,
+ 0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL,
+ 0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL,
+ 0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL,
+ 0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL,
+ 0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL,
+ 0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL,
+ 0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL,
+ 0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL
+};
+
+static const BN_ULONG dh2048_224_q[] = {
+ 0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL,
+ 0x00000000801C0D34ULL
+};
+
+static const BN_ULONG dh2048_256_p[] = {
+ 0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL,
+ 0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL,
+ 0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL,
+ 0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL,
+ 0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL,
+ 0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL,
+ 0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL,
+ 0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL,
+ 0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL,
+ 0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL,
+ 0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL
+};
+
+static const BN_ULONG dh2048_256_g[] = {
+ 0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL,
+ 0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL,
+ 0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL,
+ 0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL,
+ 0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL,
+ 0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL,
+ 0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL,
+ 0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL,
+ 0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL,
+ 0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL,
+ 0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL
+};
+
+static const BN_ULONG dh2048_256_q[] = {
+ 0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL,
+ 0x8CF83642A709A097ULL
+};
+
+#elif BN_BITS2 == 32
+
+static const BN_ULONG dh1024_160_p[] = {
+ 0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF,
+ 0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA,
+ 0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C,
+ 0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286,
+ 0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E,
+ 0xA080E01D, 0xB10B8F96
+};
+
+static const BN_ULONG dh1024_160_g[] = {
+ 0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59,
+ 0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08,
+ 0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F,
+ 0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E,
+ 0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442,
+ 0xC3FD3412, 0xA4D1CBD5
+};
+
+static const BN_ULONG dh1024_160_q[] = {
+ 0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87
+};
+
+static const BN_ULONG dh2048_224_p[] = {
+ 0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2,
+ 0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E,
+ 0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1,
+ 0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A,
+ 0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714,
+ 0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0,
+ 0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0,
+ 0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152,
+ 0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40,
+ 0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5,
+ 0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E
+};
+
+static const BN_ULONG dh2048_224_g[] = {
+ 0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1,
+ 0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE,
+ 0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F,
+ 0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137,
+ 0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3,
+ 0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2,
+ 0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0,
+ 0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001,
+ 0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01,
+ 0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B,
+ 0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF
+};
+
+static const BN_ULONG dh2048_224_q[] = {
+ 0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE,
+ 0x801C0D34
+};
+
+static const BN_ULONG dh2048_256_p[] = {
+ 0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227,
+ 0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A,
+ 0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79,
+ 0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5,
+ 0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267,
+ 0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF,
+ 0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF,
+ 0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64,
+ 0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45,
+ 0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608,
+ 0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D
+};
+
+static const BN_ULONG dh2048_256_g[] = {
+ 0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148,
+ 0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428,
+ 0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15,
+ 0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73,
+ 0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1,
+ 0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982,
+ 0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5,
+ 0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8,
+ 0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A,
+ 0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F,
+ 0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B
+};
+
+static const BN_ULONG dh2048_256_q[] = {
+ 0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976,
+ 0xA709A097, 0x8CF83642
+};
+
+#else
+# error "unsupported BN_BITS2"
+#endif
+
+/* Macro to make a BIGNUM from static data */
+
+#define make_dh_bn(x) static const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
+ sizeof(x)/sizeof(BN_ULONG),\
+ sizeof(x)/sizeof(BN_ULONG),\
+ 0, BN_FLG_STATIC_DATA }
/*
* Macro to make a DH structure from BIGNUM data. NB: although just copying
- * the BIGNUM static pointers would be more efficient, we can't do that
- * because they get wiped using BN_clear_free() when DH_free() is called.
+ * the BIGNUM static pointers would be more efficient we can't as they get
+ * wiped using BN_clear_free() when DH_free() is called.
*/
#define make_dh(x) \
-DH *DH_get_##x(void) \
-{ \
- DH *dh = DH_new(); \
-\
- if (dh == NULL) \
- return NULL; \
- dh->p = BN_dup(&_bignum_dh##x##_p); \
- dh->g = BN_dup(&_bignum_dh##x##_g); \
- dh->q = BN_dup(&_bignum_dh##x##_q); \
- if (dh->p == NULL || dh->q == NULL || dh->g == NULL) {\
- DH_free(dh); \
- return NULL; \
- } \
- return dh; \
-}
+DH * DH_get_##x(void) \
+ { \
+ DH *dh; \
+ make_dh_bn(dh##x##_p); \
+ make_dh_bn(dh##x##_q); \
+ make_dh_bn(dh##x##_g); \
+ dh = DH_new(); \
+ if (!dh) \
+ return NULL; \
+ dh->p = BN_dup(&_bignum_dh##x##_p); \
+ dh->g = BN_dup(&_bignum_dh##x##_g); \
+ dh->q = BN_dup(&_bignum_dh##x##_q); \
+ if (!dh->p || !dh->q || !dh->g) \
+ { \
+ DH_free(dh); \
+ return NULL; \
+ } \
+ return dh; \
+ }
make_dh(1024_160)
make_dh(2048_224)
generated by cgit v1.2.3 (git 2.39.1) at 2025-09-01 20:09:27 +0000