generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add additional parameter to dsa_builtin_paramgen to output the generated

Browse Source 
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.

The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
This commit is contained in:
Dr. Stephen Henson 2011-01-19 14:35:53 +00:00
parent 78c4572296
commit 198ce9a611
7 changed files with 41 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/dsa/dsa_gen.c
View File

@ -105,12 +105,13 @@ int DSA_generate_parameters_ex(DSA *ret, int bits,
} }
return dsa_builtin_paramgen(ret, bits, qbits, evpmd, return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
seed_in, seed_len, counter_ret, h_ret, cb); seed_in, seed_len, NULL, counter_ret, h_ret, cb);
} }
} }
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
unsigned char *seed_out,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
{ {
int ok=0; int ok=0;
@ -336,6 +337,8 @@ err:
} }
if (counter_ret != NULL) *counter_ret=counter; if (counter_ret != NULL) *counter_ret=counter;
if (h_ret != NULL) *h_ret=h; if (h_ret != NULL) *h_ret=h;
if (seed_out)
memcpy(seed_out, seed, qsize);
} }
if(ctx) if(ctx)
{ {

1
crypto/dsa/dsa_locl.h
View File

@ -56,4 +56,5 @@
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len, const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
unsigned char *seed_out,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);

2
crypto/dsa/dsa_pmeth.c
View File

@ -252,7 +252,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
if (!dsa) if (!dsa)
return 0; return 0;
ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
NULL, 0, NULL, NULL, pcb); NULL, 0, NULL, NULL, NULL, pcb);
if (ret) if (ret)
EVP_PKEY_assign_DSA(pkey, dsa); EVP_PKEY_assign_DSA(pkey, dsa);
else else

19
crypto/ec/ec2_smpl.c
View File

@ -363,7 +363,12 @@ int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT
if (!BN_copy(&point->Z, BN_value_one())) goto err; if (!BN_copy(&point->Z, BN_value_one())) goto err;
BN_set_negative(&point->Z, 0); BN_set_negative(&point->Z, 0);
point->Z_is_one = 1; point->Z_is_one = 1;
ret = 1; if (BN_num_bits(x) > BN_num_bits(&group->field))
ret = 2;
else if (BN_num_bits(y) > BN_num_bits(&group->field))
ret = 2;
else
ret = 1;
err: err:
return ret; return ret;
@ -937,6 +942,9 @@ int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT
{ {
return EC_POINT_is_at_infinity(group, b) ? 0 : 1; return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
} }
if (EC_POINT_is_at_infinity(group, b))
return 1;
if (a->Z_is_one && b->Z_is_one) if (a->Z_is_one && b->Z_is_one)
{ {
@ -967,6 +975,15 @@ int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT
return ret; return ret;
} }
int ec_GF2m_simple_range(const EC_GROUP *group, const EC_POINT *a)
{
if (BN_num_bits(&a->X) > BN_num_bits(&group->field))
return 0;
if (BN_num_bits(&a->Y) > BN_num_bits(&group->field))
return 0;
return 1;
}
/* Forces the given EC_POINT to internally use affine coordinates. */ /* Forces the given EC_POINT to internally use affine coordinates. */
int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)

8
crypto/ec/ec_key.c
View File

@ -304,7 +304,13 @@ int EC_KEY_check_key(const EC_KEY *eckey)
ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER); ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
return 0; return 0;
} }
if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key))
{
ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
goto err;
}
if ((ctx = BN_CTX_new()) == NULL) if ((ctx = BN_CTX_new()) == NULL)
goto err; goto err;
if ((point = EC_POINT_new(eckey->group)) == NULL) if ((point = EC_POINT_new(eckey->group)) == NULL)

2
crypto/ec/ec_lcl.h
View File

@ -323,6 +323,7 @@ int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *); int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *); int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *); int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
int ec_GFp_simple_range(const EC_GROUP *group, const EC_POINT *a);
int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *); int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
@ -379,6 +380,7 @@ int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *); int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *); int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *); int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
int ec_GF2m_simple_range(const EC_GROUP *group, const EC_POINT *a);
int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *); int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *); int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);

11
crypto/ec/ecp_smpl.c
View File

@ -441,8 +441,11 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POIN
} }
point->Z_is_one = Z_is_one; point->Z_is_one = Z_is_one;
} }
ret = 1; if (BN_cmp(&point->X, x) || BN_cmp(&point->Y, y))
ret = 2;
else
ret = 1;
err: err:
if (new_ctx != NULL) if (new_ctx != NULL)
@ -1406,6 +1409,9 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
{ {
return EC_POINT_is_at_infinity(group, b) ? 0 : 1; return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
} }
if (EC_POINT_is_at_infinity(group, b))
return 1;
if (a->Z_is_one && b->Z_is_one) if (a->Z_is_one && b->Z_is_one)
{ {
@ -1494,7 +1500,6 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
return ret; return ret;
} }
int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
{ {
BN_CTX *new_ctx = NULL; BN_CTX *new_ctx = NULL;