This commits changes to various parts of libcrypto required by the recent
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE pointers to manage their hooking with ENGINE. Previously their use of "method" pointers was replaced by use of ENGINE references. See crypto/engine/README for details. Also, remove the ENGINE iterations from evp_test - even when the cipher/digest code is committed in, this functionality would require a different set of API calls.
This commit is contained in:
Geoff Thorpe
parent
9c9aa4f145
commit
cb78486d97
@ -68,6 +68,7 @@
|
||||
#endif
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/types.h>
|
||||
|
||||
#define DH_FLAG_CACHE_MONT_P 0x01
|
||||
|
||||
@ -115,11 +116,8 @@ struct dh_st
|
||||
|
||||
int references;
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
#if 0
|
||||
DH_METHOD *meth;
|
||||
#else
|
||||
struct engine_st *engine;
|
||||
#endif
|
||||
const DH_METHOD *meth;
|
||||
ENGINE *engine;
|
||||
};
|
||||
|
||||
#define DH_GENERATOR_2 2
|
||||
@ -154,15 +152,10 @@ struct dh_st
|
||||
|
||||
const DH_METHOD *DH_OpenSSL(void);
|
||||
|
||||
void DH_set_default_openssl_method(const DH_METHOD *meth);
|
||||
const DH_METHOD *DH_get_default_openssl_method(void);
|
||||
#if 0
|
||||
const DH_METHOD *DH_set_method(DH *dh, const DH_METHOD *meth);
|
||||
DH *DH_new_method(const DH_METHOD *meth);
|
||||
#else
|
||||
int DH_set_method(DH *dh, struct engine_st *engine);
|
||||
DH *DH_new_method(struct engine_st *engine);
|
||||
#endif
|
||||
void DH_set_default_method(const DH_METHOD *meth);
|
||||
const DH_METHOD *DH_get_default_method(void);
|
||||
int DH_set_method(DH *dh, const DH_METHOD *meth);
|
||||
DH *DH_new_method(ENGINE *engine);
|
||||
|
||||
DH * DH_new(void);
|
||||
void DH_free(DH *dh);
|
||||
|
||||
@ -74,12 +74,12 @@ static int dh_finish(DH *dh);
|
||||
|
||||
int DH_generate_key(DH *dh)
|
||||
{
|
||||
return ENGINE_get_DH(dh->engine)->generate_key(dh);
|
||||
return dh->meth->generate_key(dh);
|
||||
}
|
||||
|
||||
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
{
|
||||
return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh);
|
||||
return dh->meth->compute_key(key, pub_key, dh);
|
||||
}
|
||||
|
||||
static DH_METHOD dh_ossl = {
|
||||
@ -140,8 +140,8 @@ static int generate_key(DH *dh)
|
||||
l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
|
||||
if (!BN_rand(priv_key, l, 0, 0)) goto err;
|
||||
}
|
||||
if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g,
|
||||
priv_key,dh->p,ctx,mont)) goto err;
|
||||
if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
|
||||
goto err;
|
||||
|
||||
dh->pub_key=pub_key;
|
||||
dh->priv_key=priv_key;
|
||||
@ -181,8 +181,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
}
|
||||
|
||||
mont=(BN_MONT_CTX *)dh->method_mont_p;
|
||||
if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key,
|
||||
dh->priv_key,dh->p,ctx,mont))
|
||||
if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
|
||||
{
|
||||
DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
|
||||
goto err;
|
||||
|
||||
@ -66,97 +66,67 @@ const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static const DH_METHOD *default_DH_method = NULL;
|
||||
|
||||
void DH_set_default_openssl_method(const DH_METHOD *meth)
|
||||
{
|
||||
ENGINE *e;
|
||||
/* We'll need to notify the "openssl" ENGINE of this
|
||||
* change too. We won't bother locking things down at
|
||||
* our end as there was never any locking in these
|
||||
* functions! */
|
||||
if(default_DH_method != meth)
|
||||
{
|
||||
default_DH_method = meth;
|
||||
e = ENGINE_by_id("openssl");
|
||||
if(e)
|
||||
{
|
||||
ENGINE_set_DH(e, meth);
|
||||
ENGINE_free(e);
|
||||
}
|
||||
}
|
||||
}
|
||||
void DH_set_default_method(const DH_METHOD *meth)
|
||||
{
|
||||
default_DH_method = meth;
|
||||
}
|
||||
|
||||
const DH_METHOD *DH_get_default_openssl_method(void)
|
||||
{
|
||||
if(!default_DH_method) default_DH_method = DH_OpenSSL();
|
||||
const DH_METHOD *DH_get_default_method(void)
|
||||
{
|
||||
if(!default_DH_method)
|
||||
default_DH_method = DH_OpenSSL();
|
||||
return default_DH_method;
|
||||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
|
||||
{
|
||||
DH_METHOD *mtmp;
|
||||
int DH_set_method(DH *dh, const DH_METHOD *meth)
|
||||
{
|
||||
/* NB: The caller is specifically setting a method, so it's not up to us
|
||||
* to deal with which ENGINE it comes from. */
|
||||
const DH_METHOD *mtmp;
|
||||
mtmp = dh->meth;
|
||||
if (mtmp->finish) mtmp->finish(dh);
|
||||
if (dh->engine)
|
||||
{
|
||||
ENGINE_finish(dh->engine);
|
||||
dh->engine = NULL;
|
||||
}
|
||||
dh->meth = meth;
|
||||
if (meth->init) meth->init(dh);
|
||||
return mtmp;
|
||||
return 1;
|
||||
}
|
||||
#else
|
||||
int DH_set_method(DH *dh, ENGINE *engine)
|
||||
{
|
||||
ENGINE *mtmp;
|
||||
const DH_METHOD *meth;
|
||||
mtmp = dh->engine;
|
||||
meth = ENGINE_get_DH(mtmp);
|
||||
if (!ENGINE_init(engine))
|
||||
return 0;
|
||||
if (meth->finish) meth->finish(dh);
|
||||
dh->engine= engine;
|
||||
meth = ENGINE_get_DH(engine);
|
||||
if (meth->init) meth->init(dh);
|
||||
/* SHOULD ERROR CHECK THIS!!! */
|
||||
ENGINE_finish(mtmp);
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
DH *DH_new(void)
|
||||
{
|
||||
return DH_new_method(NULL);
|
||||
}
|
||||
|
||||
#if 0
|
||||
DH *DH_new_method(DH_METHOD *meth)
|
||||
#else
|
||||
DH *DH_new_method(ENGINE *engine)
|
||||
#endif
|
||||
{
|
||||
const DH_METHOD *meth;
|
||||
DH *ret;
|
||||
ret=(DH *)OPENSSL_malloc(sizeof(DH));
|
||||
return DH_new_method(NULL);
|
||||
}
|
||||
|
||||
DH *DH_new_method(ENGINE *engine)
|
||||
{
|
||||
DH *ret;
|
||||
|
||||
ret=(DH *)OPENSSL_malloc(sizeof(DH));
|
||||
if (ret == NULL)
|
||||
{
|
||||
DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
if (engine)
|
||||
ret->meth = DH_get_default_method();
|
||||
ret->engine = engine;
|
||||
if(!ret->engine)
|
||||
ret->engine = ENGINE_get_default_DH();
|
||||
if(ret->engine)
|
||||
{
|
||||
if(ENGINE_init(engine))
|
||||
ret->engine = engine;
|
||||
else
|
||||
ret->engine = NULL;
|
||||
ret->meth = ENGINE_get_DH(ret->engine);
|
||||
if(!ret->meth)
|
||||
{
|
||||
DHerr(DH_F_DH_NEW,ERR_R_ENGINE_LIB);
|
||||
ENGINE_finish(ret->engine);
|
||||
OPENSSL_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
else
|
||||
ret->engine=ENGINE_get_default_DH();
|
||||
if(ret->engine == NULL)
|
||||
{
|
||||
DHerr(DH_F_DH_NEW,ERR_LIB_ENGINE);
|
||||
OPENSSL_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
meth = ENGINE_get_DH(ret->engine);
|
||||
|
||||
ret->pad=0;
|
||||
ret->version=0;
|
||||
ret->p=NULL;
|
||||
@ -171,9 +141,9 @@ DH *DH_new_method(ENGINE *engine)
|
||||
ret->counter = NULL;
|
||||
ret->method_mont_p=NULL;
|
||||
ret->references = 1;
|
||||
ret->flags=meth->flags;
|
||||
ret->flags=ret->meth->flags;
|
||||
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
|
||||
if ((meth->init != NULL) && !meth->init(ret))
|
||||
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
|
||||
{
|
||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
|
||||
OPENSSL_free(ret);
|
||||
@ -184,7 +154,6 @@ DH *DH_new_method(ENGINE *engine)
|
||||
|
||||
void DH_free(DH *r)
|
||||
{
|
||||
const DH_METHOD *meth;
|
||||
int i;
|
||||
if(r == NULL) return;
|
||||
i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
|
||||
@ -200,9 +169,10 @@ void DH_free(DH *r)
|
||||
}
|
||||
#endif
|
||||
|
||||
meth = ENGINE_get_DH(r->engine);
|
||||
if(meth->finish) meth->finish(r);
|
||||
ENGINE_finish(r->engine);
|
||||
if (r->meth->finish)
|
||||
r->meth->finish(r);
|
||||
if (r->engine)
|
||||
ENGINE_finish(r->engine);
|
||||
|
||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
|
||||
|
||||
|
||||
@ -66,6 +66,7 @@
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
#ifdef OPENSSL_NO_DH
|
||||
int main(int argc, char *argv[])
|
||||
@ -99,6 +100,10 @@ int main(int argc, char *argv[])
|
||||
int i,alen,blen,aout,bout,ret=1;
|
||||
BIO *out;
|
||||
|
||||
CRYPTO_malloc_debug_init();
|
||||
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
|
||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||
|
||||
#ifdef OPENSSL_SYS_WIN32
|
||||
CRYPTO_malloc_init();
|
||||
#endif
|
||||
@ -175,6 +180,9 @@ err:
|
||||
if(b != NULL) DH_free(b);
|
||||
if(a != NULL) DH_free(a);
|
||||
BIO_free(out);
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
CRYPTO_mem_leaks_fp(stderr);
|
||||
exit(ret);
|
||||
return(ret);
|
||||
}
|
||||
|
||||
@ -74,6 +74,7 @@
|
||||
#endif
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/types.h>
|
||||
#ifndef OPENSSL_NO_DH
|
||||
# include <openssl/dh.h>
|
||||
#endif
|
||||
@ -133,11 +134,9 @@ struct dsa_st
|
||||
char *method_mont_p;
|
||||
int references;
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
#if 0
|
||||
DSA_METHOD *meth;
|
||||
#else
|
||||
struct engine_st *engine;
|
||||
#endif
|
||||
const DSA_METHOD *meth;
|
||||
/* functional reference if 'meth' is ENGINE-provided */
|
||||
ENGINE *engine;
|
||||
};
|
||||
|
||||
#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
|
||||
@ -163,20 +162,12 @@ int DSA_do_verify(const unsigned char *dgst,int dgst_len,
|
||||
|
||||
const DSA_METHOD *DSA_OpenSSL(void);
|
||||
|
||||
void DSA_set_default_openssl_method(const DSA_METHOD *);
|
||||
const DSA_METHOD *DSA_get_default_openssl_method(void);
|
||||
#if 0
|
||||
const DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
|
||||
#else
|
||||
int DSA_set_method(DSA *dsa, struct engine_st *engine);
|
||||
#endif
|
||||
void DSA_set_default_method(const DSA_METHOD *);
|
||||
const DSA_METHOD *DSA_get_default_method(void);
|
||||
int DSA_set_method(DSA *dsa, const DSA_METHOD *);
|
||||
|
||||
DSA * DSA_new(void);
|
||||
#if 0
|
||||
DSA * DSA_new_method(DSA_METHOD *meth);
|
||||
#else
|
||||
DSA * DSA_new_method(struct engine_st *engine);
|
||||
#endif
|
||||
DSA * DSA_new_method(ENGINE *engine);
|
||||
void DSA_free (DSA *r);
|
||||
/* "up" the DSA object's reference count */
|
||||
int DSA_up_ref(DSA *r);
|
||||
|
||||
@ -69,73 +69,42 @@ const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
|
||||
|
||||
static const DSA_METHOD *default_DSA_method = NULL;
|
||||
|
||||
void DSA_set_default_openssl_method(const DSA_METHOD *meth)
|
||||
{
|
||||
ENGINE *e;
|
||||
/* We'll need to notify the "openssl" ENGINE of this
|
||||
* change too. We won't bother locking things down at
|
||||
* our end as there was never any locking in these
|
||||
* functions! */
|
||||
if(default_DSA_method != meth)
|
||||
{
|
||||
default_DSA_method = meth;
|
||||
e = ENGINE_by_id("openssl");
|
||||
if(e)
|
||||
{
|
||||
ENGINE_set_DSA(e, meth);
|
||||
ENGINE_free(e);
|
||||
}
|
||||
}
|
||||
}
|
||||
void DSA_set_default_method(const DSA_METHOD *meth)
|
||||
{
|
||||
default_DSA_method = meth;
|
||||
}
|
||||
|
||||
const DSA_METHOD *DSA_get_default_openssl_method(void)
|
||||
{
|
||||
if(!default_DSA_method) default_DSA_method = DSA_OpenSSL();
|
||||
const DSA_METHOD *DSA_get_default_method(void)
|
||||
{
|
||||
if(!default_DSA_method)
|
||||
default_DSA_method = DSA_OpenSSL();
|
||||
return default_DSA_method;
|
||||
}
|
||||
}
|
||||
|
||||
DSA *DSA_new(void)
|
||||
{
|
||||
{
|
||||
return DSA_new_method(NULL);
|
||||
}
|
||||
}
|
||||
|
||||
#if 0
|
||||
DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)
|
||||
{
|
||||
DSA_METHOD *mtmp;
|
||||
int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
|
||||
{
|
||||
/* NB: The caller is specifically setting a method, so it's not up to us
|
||||
* to deal with which ENGINE it comes from. */
|
||||
const DSA_METHOD *mtmp;
|
||||
mtmp = dsa->meth;
|
||||
if (mtmp->finish) mtmp->finish(dsa);
|
||||
if (dsa->engine)
|
||||
{
|
||||
ENGINE_finish(dsa->engine);
|
||||
dsa->engine = NULL;
|
||||
}
|
||||
dsa->meth = meth;
|
||||
if (meth->init) meth->init(dsa);
|
||||
return mtmp;
|
||||
}
|
||||
#else
|
||||
int DSA_set_method(DSA *dsa, ENGINE *engine)
|
||||
{
|
||||
ENGINE *mtmp;
|
||||
const DSA_METHOD *meth;
|
||||
mtmp = dsa->engine;
|
||||
meth = ENGINE_get_DSA(mtmp);
|
||||
if (!ENGINE_init(engine))
|
||||
return 0;
|
||||
if (meth->finish) meth->finish(dsa);
|
||||
dsa->engine = engine;
|
||||
meth = ENGINE_get_DSA(engine);
|
||||
if (meth->init) meth->init(dsa);
|
||||
/* SHOULD ERROR CHECK THIS!!! */
|
||||
ENGINE_finish(mtmp);
|
||||
return 1;
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#if 0
|
||||
DSA *DSA_new_method(DSA_METHOD *meth)
|
||||
#else
|
||||
DSA *DSA_new_method(ENGINE *engine)
|
||||
#endif
|
||||
{
|
||||
const DSA_METHOD *meth;
|
||||
DSA *ret;
|
||||
|
||||
ret=(DSA *)OPENSSL_malloc(sizeof(DSA));
|
||||
@ -144,25 +113,23 @@ DSA *DSA_new_method(ENGINE *engine)
|
||||
DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
if (engine)
|
||||
ret->meth = DSA_get_default_method();
|
||||
ret->engine = engine;
|
||||
if(!ret->engine)
|
||||
ret->engine = ENGINE_get_default_DSA();
|
||||
if(ret->engine)
|
||||
{
|
||||
if(ENGINE_init(engine))
|
||||
ret->engine = engine;
|
||||
else
|
||||
ret->engine = NULL;
|
||||
}
|
||||
else
|
||||
ret->engine=ENGINE_get_default_DSA();
|
||||
|
||||
if(ret->engine == NULL)
|
||||
{
|
||||
DSAerr(DSA_F_DSA_NEW,ERR_LIB_ENGINE);
|
||||
OPENSSL_free(ret);
|
||||
return NULL;
|
||||
ret->meth = ENGINE_get_DSA(ret->engine);
|
||||
if(!ret->meth)
|
||||
{
|
||||
DSAerr(DSA_F_DSA_NEW,
|
||||
ERR_R_ENGINE_LIB);
|
||||
ENGINE_finish(ret->engine);
|
||||
OPENSSL_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
meth = ENGINE_get_DSA(ret->engine);
|
||||
ret->pad=0;
|
||||
ret->version=0;
|
||||
ret->write_params=1;
|
||||
@ -178,9 +145,9 @@ DSA *DSA_new_method(ENGINE *engine)
|
||||
ret->method_mont_p=NULL;
|
||||
|
||||
ret->references=1;
|
||||
ret->flags=meth->flags;
|
||||
ret->flags=ret->meth->flags;
|
||||
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
|
||||
if ((meth->init != NULL) && !meth->init(ret))
|
||||
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
|
||||
{
|
||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
|
||||
OPENSSL_free(ret);
|
||||
@ -192,7 +159,6 @@ DSA *DSA_new_method(ENGINE *engine)
|
||||
|
||||
void DSA_free(DSA *r)
|
||||
{
|
||||
const DSA_METHOD *meth;
|
||||
int i;
|
||||
|
||||
if (r == NULL) return;
|
||||
@ -210,9 +176,10 @@ void DSA_free(DSA *r)
|
||||
}
|
||||
#endif
|
||||
|
||||
meth = ENGINE_get_DSA(r->engine);
|
||||
if(meth->finish) meth->finish(r);
|
||||
ENGINE_finish(r->engine);
|
||||
if(r->meth->finish)
|
||||
r->meth->finish(r);
|
||||
if(r->engine)
|
||||
ENGINE_finish(r->engine);
|
||||
|
||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
|
||||
|
||||
|
||||
@ -202,7 +202,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
|
||||
}
|
||||
|
||||
/* Compute r = (g^k mod p) mod q */
|
||||
if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
|
||||
if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
|
||||
(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
|
||||
if (!BN_mod(r,r,dsa->q,ctx)) goto err;
|
||||
|
||||
@ -296,7 +296,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
|
||||
if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
|
||||
#else
|
||||
{
|
||||
if (!ENGINE_get_DSA(dsa->engine)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
|
||||
if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
|
||||
dsa->p,ctx,mont)) goto err;
|
||||
/* BN_copy(&u1,&t1); */
|
||||
/* let u1 = u1 mod q */
|
||||
|
||||
@ -68,7 +68,7 @@
|
||||
|
||||
DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
|
||||
{
|
||||
return ENGINE_get_DSA(dsa->engine)->dsa_do_sign(dgst, dlen, dsa);
|
||||
return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
|
||||
}
|
||||
|
||||
int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
|
||||
@ -88,6 +88,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
|
||||
|
||||
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
|
||||
{
|
||||
return ENGINE_get_DSA(dsa->engine)->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
|
||||
return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
|
||||
}
|
||||
|
||||
|
||||
@ -70,7 +70,7 @@
|
||||
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
|
||||
DSA *dsa)
|
||||
{
|
||||
return ENGINE_get_DSA(dsa->engine)->dsa_do_verify(dgst, dgst_len, sig, dsa);
|
||||
return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
|
||||
}
|
||||
|
||||
/* data has already been hashed (probably with SHA or SHA-1). */
|
||||
|
||||
@ -65,6 +65,7 @@
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/engine.h>
|
||||
#ifdef OPENSSL_SYS_WINDOWS
|
||||
#include "../bio/bss_file.c"
|
||||
#endif
|
||||
@ -136,9 +137,6 @@ int main(int argc, char **argv)
|
||||
unsigned char sig[256];
|
||||
unsigned int siglen;
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
|
||||
if (bio_err == NULL)
|
||||
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
|
||||
|
||||
@ -146,6 +144,9 @@ int main(int argc, char **argv)
|
||||
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
|
||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
|
||||
BIO_printf(bio_err,"test generation of DSA parameters\n");
|
||||
|
||||
dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
|
||||
@ -204,6 +205,7 @@ end:
|
||||
if (dsa != NULL) DSA_free(dsa);
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
ERR_free_strings();
|
||||
CRYPTO_mem_leaks(bio_err);
|
||||
if (bio_err != NULL)
|
||||
{
|
||||
|
||||
@ -217,7 +217,6 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn,
|
||||
const unsigned char *ciphertext,int cn)
|
||||
{
|
||||
const EVP_CIPHER *c;
|
||||
ENGINE *e;
|
||||
|
||||
c=EVP_get_cipherbyname(cipher);
|
||||
if(!c)
|
||||
@ -225,16 +224,6 @@ static int test_cipher(const char *cipher,const unsigned char *key,int kn,
|
||||
|
||||
test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn);
|
||||
|
||||
for(e=ENGINE_get_first() ; e ; e=ENGINE_get_next(e))
|
||||
{
|
||||
c=ENGINE_get_cipher_by_name(e,cipher);
|
||||
if(!c)
|
||||
continue;
|
||||
printf("Testing engine %s\n",ENGINE_get_name(e));
|
||||
|
||||
test1(c,key,kn,iv,in,plaintext,pn,ciphertext,cn);
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -315,8 +304,10 @@ int main(int argc,char **argv)
|
||||
exit(2);
|
||||
}
|
||||
|
||||
/* Load up the software EVP_CIPHER and EVP_MD definitions */
|
||||
OpenSSL_add_all_ciphers();
|
||||
OpenSSL_add_all_digests();
|
||||
/* Load all compiled-in ENGINEs */
|
||||
ENGINE_load_builtin_engines();
|
||||
|
||||
for( ; ; )
|
||||
|
||||
@ -60,6 +60,7 @@
|
||||
#define HEADER_RAND_H
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <openssl/types.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
@ -79,10 +80,9 @@ typedef struct rand_meth_st
|
||||
extern int rand_predictable;
|
||||
#endif
|
||||
|
||||
struct engine_st;
|
||||
|
||||
int RAND_set_rand_method(struct engine_st *meth);
|
||||
const RAND_METHOD *RAND_get_rand_method(void );
|
||||
int RAND_set_rand_method(const RAND_METHOD *meth);
|
||||
const RAND_METHOD *RAND_get_rand_method(void);
|
||||
int RAND_set_rand_engine(ENGINE *engine);
|
||||
RAND_METHOD *RAND_SSLeay(void);
|
||||
void RAND_cleanup(void );
|
||||
int RAND_bytes(unsigned char *buf,int num);
|
||||
|
||||
@ -62,37 +62,61 @@
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
static ENGINE *rand_engine=NULL;
|
||||
/* non-NULL if default_RAND_meth is ENGINE-provided */
|
||||
static ENGINE *funct_ref =NULL;
|
||||
static const RAND_METHOD *default_RAND_meth = NULL;
|
||||
|
||||
#if 0
|
||||
void RAND_set_rand_method(RAND_METHOD *meth)
|
||||
int RAND_set_rand_method(const RAND_METHOD *meth)
|
||||
{
|
||||
rand_meth=meth;
|
||||
}
|
||||
#else
|
||||
int RAND_set_rand_method(ENGINE *engine)
|
||||
{
|
||||
ENGINE *mtmp;
|
||||
mtmp = rand_engine;
|
||||
if (engine && !ENGINE_init(engine))
|
||||
return 0;
|
||||
rand_engine = engine;
|
||||
/* SHOULD ERROR CHECK THIS!!! */
|
||||
if(mtmp)
|
||||
ENGINE_finish(mtmp);
|
||||
if(funct_ref)
|
||||
{
|
||||
ENGINE_finish(funct_ref);
|
||||
funct_ref = NULL;
|
||||
}
|
||||
default_RAND_meth = meth;
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
const RAND_METHOD *RAND_get_rand_method(void)
|
||||
{
|
||||
if (rand_engine == NULL
|
||||
&& (rand_engine = ENGINE_get_default_RAND()) == NULL)
|
||||
if (!default_RAND_meth)
|
||||
{
|
||||
RANDerr(RAND_F_RAND_GET_RAND_METHOD,ERR_LIB_ENGINE);
|
||||
return NULL;
|
||||
ENGINE *e = ENGINE_get_default_RAND();
|
||||
if(e)
|
||||
{
|
||||
default_RAND_meth = ENGINE_get_RAND(e);
|
||||
if(!default_RAND_meth)
|
||||
{
|
||||
ENGINE_finish(e);
|
||||
e = NULL;
|
||||
}
|
||||
}
|
||||
if(e)
|
||||
funct_ref = e;
|
||||
else
|
||||
default_RAND_meth = RAND_SSLeay();
|
||||
}
|
||||
return ENGINE_get_RAND(rand_engine);
|
||||
return default_RAND_meth;
|
||||
}
|
||||
|
||||
int RAND_set_rand_engine(ENGINE *engine)
|
||||
{
|
||||
const RAND_METHOD *tmp_meth = NULL;
|
||||
if(engine)
|
||||
{
|
||||
if(!ENGINE_init(engine))
|
||||
return 0;
|
||||
tmp_meth = ENGINE_get_RAND(engine);
|
||||
if(!tmp_meth)
|
||||
{
|
||||
ENGINE_finish(engine);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
/* This function releases any prior ENGINE so call it first */
|
||||
RAND_set_rand_method(tmp_meth);
|
||||
funct_ref = engine;
|
||||
return 1;
|
||||
}
|
||||
|
||||
void RAND_cleanup(void)
|
||||
@ -100,6 +124,7 @@ void RAND_cleanup(void)
|
||||
const RAND_METHOD *meth = RAND_get_rand_method();
|
||||
if (meth && meth->cleanup)
|
||||
meth->cleanup();
|
||||
RAND_set_rand_method(NULL);
|
||||
}
|
||||
|
||||
void RAND_seed(const void *buf, int num)
|
||||
|
||||
@ -66,6 +66,7 @@
|
||||
#endif
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/types.h>
|
||||
|
||||
#ifdef OPENSSL_NO_RSA
|
||||
#error RSA is disabled.
|
||||
@ -122,11 +123,9 @@ struct rsa_st
|
||||
* this is passed instead of aEVP_PKEY, it is set to 0 */
|
||||
int pad;
|
||||
long version;
|
||||
#if 0
|
||||
RSA_METHOD *meth;
|
||||
#else
|
||||
struct engine_st *engine;
|
||||
#endif
|
||||
const RSA_METHOD *meth;
|
||||
/* functional reference if 'meth' is ENGINE-provided */
|
||||
ENGINE *engine;
|
||||
BIGNUM *n;
|
||||
BIGNUM *e;
|
||||
BIGNUM *d;
|
||||
@ -180,11 +179,7 @@ struct rsa_st
|
||||
#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
|
||||
|
||||
RSA * RSA_new(void);
|
||||
#if 0
|
||||
RSA * RSA_new_method(RSA_METHOD *method);
|
||||
#else
|
||||
RSA * RSA_new_method(struct engine_st *engine);
|
||||
#endif
|
||||
RSA * RSA_new_method(ENGINE *engine);
|
||||
int RSA_size(const RSA *);
|
||||
RSA * RSA_generate_key(int bits, unsigned long e,void
|
||||
(*callback)(int,int,void *),void *cb_arg);
|
||||
@ -204,14 +199,10 @@ int RSA_up_ref(RSA *r);
|
||||
|
||||
int RSA_flags(const RSA *r);
|
||||
|
||||
void RSA_set_default_openssl_method(const RSA_METHOD *meth);
|
||||
const RSA_METHOD *RSA_get_default_openssl_method(void);
|
||||
void RSA_set_default_method(const RSA_METHOD *meth);
|
||||
const RSA_METHOD *RSA_get_default_method(void);
|
||||
const RSA_METHOD *RSA_get_method(const RSA *rsa);
|
||||
#if 0
|
||||
RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
|
||||
#else
|
||||
int RSA_set_method(RSA *rsa, struct engine_st *engine);
|
||||
#endif
|
||||
int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
|
||||
|
||||
/* This function needs the memory locking malloc callbacks to be installed */
|
||||
int RSA_memory_lock(RSA *r);
|
||||
|
||||
@ -100,13 +100,11 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void)
|
||||
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding)
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
BIGNUM f,ret;
|
||||
int i,j,k,num=0,r= -1;
|
||||
unsigned char *buf=NULL;
|
||||
BN_CTX *ctx=NULL;
|
||||
|
||||
meth = ENGINE_get_RSA(rsa->engine);
|
||||
BN_init(&f);
|
||||
BN_init(&ret);
|
||||
if ((ctx=BN_CTX_new()) == NULL) goto err;
|
||||
@ -172,7 +170,7 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
|
||||
BN_MONT_CTX_free(bn_mont_ctx);
|
||||
}
|
||||
|
||||
if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
|
||||
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
|
||||
rsa->_method_mod_n)) goto err;
|
||||
|
||||
/* put in leading 0 bytes if the number is less than the
|
||||
@ -199,13 +197,11 @@ err:
|
||||
static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding)
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
BIGNUM f,ret;
|
||||
int i,j,k,num=0,r= -1;
|
||||
unsigned char *buf=NULL;
|
||||
BN_CTX *ctx=NULL;
|
||||
|
||||
meth = ENGINE_get_RSA(rsa->engine);
|
||||
BN_init(&f);
|
||||
BN_init(&ret);
|
||||
|
||||
@ -252,10 +248,10 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
|
||||
(rsa->dmp1 != NULL) &&
|
||||
(rsa->dmq1 != NULL) &&
|
||||
(rsa->iqmp != NULL)) )
|
||||
{ if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
|
||||
{ if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
|
||||
else
|
||||
{
|
||||
if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
|
||||
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
|
||||
}
|
||||
|
||||
if (rsa->flags & RSA_FLAG_BLINDING)
|
||||
@ -284,14 +280,12 @@ err:
|
||||
static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding)
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
BIGNUM f,ret;
|
||||
int j,num=0,r= -1;
|
||||
unsigned char *p;
|
||||
unsigned char *buf=NULL;
|
||||
BN_CTX *ctx=NULL;
|
||||
|
||||
meth = ENGINE_get_RSA(rsa->engine);
|
||||
BN_init(&f);
|
||||
BN_init(&ret);
|
||||
ctx=BN_CTX_new();
|
||||
@ -334,10 +328,10 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
|
||||
(rsa->dmp1 != NULL) &&
|
||||
(rsa->dmq1 != NULL) &&
|
||||
(rsa->iqmp != NULL)) )
|
||||
{ if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
|
||||
{ if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
|
||||
else
|
||||
{
|
||||
if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
|
||||
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -386,14 +380,12 @@ err:
|
||||
static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding)
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
BIGNUM f,ret;
|
||||
int i,num=0,r= -1;
|
||||
unsigned char *p;
|
||||
unsigned char *buf=NULL;
|
||||
BN_CTX *ctx=NULL;
|
||||
|
||||
meth = ENGINE_get_RSA(rsa->engine);
|
||||
BN_init(&f);
|
||||
BN_init(&ret);
|
||||
ctx=BN_CTX_new();
|
||||
@ -448,7 +440,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
|
||||
BN_MONT_CTX_free(bn_mont_ctx);
|
||||
}
|
||||
|
||||
if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
|
||||
if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
|
||||
rsa->_method_mod_n)) goto err;
|
||||
|
||||
p=buf;
|
||||
@ -483,12 +475,10 @@ err:
|
||||
|
||||
static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
BIGNUM r1,m1,vrfy;
|
||||
int ret=0;
|
||||
BN_CTX *ctx;
|
||||
|
||||
meth = ENGINE_get_RSA(rsa->engine);
|
||||
if ((ctx=BN_CTX_new()) == NULL) goto err;
|
||||
BN_init(&m1);
|
||||
BN_init(&r1);
|
||||
@ -546,11 +536,11 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
|
||||
}
|
||||
|
||||
if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
|
||||
if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
|
||||
if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
|
||||
rsa->_method_mod_q)) goto err;
|
||||
|
||||
if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
|
||||
if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
|
||||
if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
|
||||
rsa->_method_mod_p)) goto err;
|
||||
|
||||
if (!BN_sub(r0,r0,&m1)) goto err;
|
||||
@ -575,7 +565,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
|
||||
|
||||
if (rsa->e && rsa->n)
|
||||
{
|
||||
if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
|
||||
if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
|
||||
/* If 'I' was greater than (or equal to) rsa->n, the operation
|
||||
* will be equivalent to using 'I mod n'. However, the result of
|
||||
* the verify will *always* be less than 'n' so we don't check
|
||||
@ -588,7 +578,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
|
||||
/* 'I' and 'vrfy' aren't congruent mod n. Don't leak
|
||||
* miscalculated CRT output, just do a raw (slower)
|
||||
* mod_exp and return that instead. */
|
||||
if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
|
||||
if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
|
||||
}
|
||||
ret=1;
|
||||
err:
|
||||
|
||||
@ -73,27 +73,13 @@ RSA *RSA_new(void)
|
||||
return(RSA_new_method(NULL));
|
||||
}
|
||||
|
||||
void RSA_set_default_openssl_method(const RSA_METHOD *meth)
|
||||
void RSA_set_default_method(const RSA_METHOD *meth)
|
||||
{
|
||||
ENGINE *e;
|
||||
/* We'll need to notify the "openssl" ENGINE of this
|
||||
* change too. We won't bother locking things down at
|
||||
* our end as there was never any locking in these
|
||||
* functions! */
|
||||
if(default_RSA_meth != meth)
|
||||
{
|
||||
default_RSA_meth = meth;
|
||||
e = ENGINE_by_id("openssl");
|
||||
if(e)
|
||||
{
|
||||
ENGINE_set_RSA(e, meth);
|
||||
ENGINE_free(e);
|
||||
}
|
||||
}
|
||||
default_RSA_meth = meth;
|
||||
}
|
||||
|
||||
const RSA_METHOD *RSA_get_default_openssl_method(void)
|
||||
{
|
||||
const RSA_METHOD *RSA_get_default_method(void)
|
||||
{
|
||||
if (default_RSA_meth == NULL)
|
||||
{
|
||||
#ifdef RSA_NULL
|
||||
@ -108,49 +94,32 @@ const RSA_METHOD *RSA_get_default_openssl_method(void)
|
||||
}
|
||||
|
||||
return default_RSA_meth;
|
||||
}
|
||||
}
|
||||
|
||||
const RSA_METHOD *RSA_get_method(const RSA *rsa)
|
||||
{
|
||||
return ENGINE_get_RSA(rsa->engine);
|
||||
}
|
||||
{
|
||||
return rsa->meth;
|
||||
}
|
||||
|
||||
#if 0
|
||||
RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth)
|
||||
{
|
||||
RSA_METHOD *mtmp;
|
||||
int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
|
||||
{
|
||||
/* NB: The caller is specifically setting a method, so it's not up to us
|
||||
* to deal with which ENGINE it comes from. */
|
||||
const RSA_METHOD *mtmp;
|
||||
mtmp = rsa->meth;
|
||||
if (mtmp->finish) mtmp->finish(rsa);
|
||||
if (rsa->engine)
|
||||
{
|
||||
ENGINE_finish(rsa->engine);
|
||||
rsa->engine = NULL;
|
||||
}
|
||||
rsa->meth = meth;
|
||||
if (meth->init) meth->init(rsa);
|
||||
return mtmp;
|
||||
}
|
||||
#else
|
||||
int RSA_set_method(RSA *rsa, ENGINE *engine)
|
||||
{
|
||||
ENGINE *mtmp;
|
||||
const RSA_METHOD *meth;
|
||||
mtmp = rsa->engine;
|
||||
meth = ENGINE_get_RSA(mtmp);
|
||||
if (!ENGINE_init(engine))
|
||||
return 0;
|
||||
if (meth->finish) meth->finish(rsa);
|
||||
rsa->engine = engine;
|
||||
meth = ENGINE_get_RSA(engine);
|
||||
if (meth->init) meth->init(rsa);
|
||||
/* SHOULD ERROR CHECK THIS!!! */
|
||||
ENGINE_finish(mtmp);
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
#if 0
|
||||
RSA *RSA_new_method(RSA_METHOD *meth)
|
||||
#else
|
||||
RSA *RSA_new_method(ENGINE *engine)
|
||||
#endif
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
RSA *ret;
|
||||
|
||||
ret=(RSA *)OPENSSL_malloc(sizeof(RSA));
|
||||
@ -160,24 +129,22 @@ RSA *RSA_new_method(ENGINE *engine)
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
if (engine)
|
||||
ret->meth = RSA_get_default_method();
|
||||
ret->engine = engine;
|
||||
if(!ret->engine)
|
||||
ret->engine = ENGINE_get_default_RSA();
|
||||
if(ret->engine)
|
||||
{
|
||||
if(ENGINE_init(engine))
|
||||
ret->engine = engine;
|
||||
else
|
||||
ret->engine = NULL;
|
||||
ret->meth = ENGINE_get_RSA(ret->engine);
|
||||
if(!ret->meth)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_NEW_METHOD,
|
||||
ERR_R_ENGINE_LIB);
|
||||
ENGINE_finish(ret->engine);
|
||||
OPENSSL_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
else
|
||||
ret->engine=ENGINE_get_default_RSA();
|
||||
|
||||
if(ret->engine == NULL)
|
||||
{
|
||||
RSAerr(RSA_F_RSA_NEW_METHOD,ERR_LIB_ENGINE);
|
||||
OPENSSL_free(ret);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
meth = ENGINE_get_RSA(ret->engine);
|
||||
|
||||
ret->pad=0;
|
||||
ret->version=0;
|
||||
@ -195,9 +162,9 @@ RSA *RSA_new_method(ENGINE *engine)
|
||||
ret->_method_mod_q=NULL;
|
||||
ret->blinding=NULL;
|
||||
ret->bignum_data=NULL;
|
||||
ret->flags=meth->flags;
|
||||
ret->flags=ret->meth->flags;
|
||||
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
|
||||
if ((meth->init != NULL) && !meth->init(ret))
|
||||
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
|
||||
{
|
||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
|
||||
OPENSSL_free(ret);
|
||||
@ -208,7 +175,6 @@ RSA *RSA_new_method(ENGINE *engine)
|
||||
|
||||
void RSA_free(RSA *r)
|
||||
{
|
||||
const RSA_METHOD *meth;
|
||||
int i;
|
||||
|
||||
if (r == NULL) return;
|
||||
@ -226,10 +192,10 @@ void RSA_free(RSA *r)
|
||||
}
|
||||
#endif
|
||||
|
||||
meth = ENGINE_get_RSA(r->engine);
|
||||
if (meth->finish != NULL)
|
||||
meth->finish(r);
|
||||
ENGINE_finish(r->engine);
|
||||
if (r->meth->finish)
|
||||
r->meth->finish(r);
|
||||
if (r->engine)
|
||||
ENGINE_finish(r->engine);
|
||||
|
||||
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
|
||||
|
||||
@ -287,34 +253,30 @@ int RSA_size(const RSA *r)
|
||||
int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
|
||||
RSA *rsa, int padding)
|
||||
{
|
||||
return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen,
|
||||
from, to, rsa, padding));
|
||||
return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
|
||||
}
|
||||
|
||||
int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
|
||||
RSA *rsa, int padding)
|
||||
{
|
||||
return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen,
|
||||
from, to, rsa, padding));
|
||||
return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
|
||||
}
|
||||
|
||||
int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
|
||||
RSA *rsa, int padding)
|
||||
{
|
||||
return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen,
|
||||
from, to, rsa, padding));
|
||||
return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
|
||||
}
|
||||
|
||||
int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
|
||||
RSA *rsa, int padding)
|
||||
{
|
||||
return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen,
|
||||
from, to, rsa, padding));
|
||||
return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
|
||||
}
|
||||
|
||||
int RSA_flags(const RSA *r)
|
||||
{
|
||||
return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags);
|
||||
return((r == NULL)?0:r->meth->flags);
|
||||
}
|
||||
|
||||
void RSA_blinding_off(RSA *rsa)
|
||||
@ -348,8 +310,7 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
|
||||
if (!BN_rand_range(A,rsa->n)) goto err;
|
||||
if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
|
||||
|
||||
if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A,
|
||||
rsa->e,rsa->n,ctx,rsa->_method_mod_n))
|
||||
if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
|
||||
goto err;
|
||||
rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
|
||||
rsa->flags|=RSA_FLAG_BLINDING;
|
||||
@ -405,4 +366,3 @@ int RSA_memory_lock(RSA *r)
|
||||
r->bignum_data=p;
|
||||
return(1);
|
||||
}
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@ int main(int argc, char *argv[])
|
||||
}
|
||||
#else
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#define SetKey \
|
||||
key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
|
||||
@ -219,12 +220,12 @@ int main(int argc, char *argv[])
|
||||
int clen = 0;
|
||||
int num;
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
|
||||
|
||||
CRYPTO_malloc_debug_init();
|
||||
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
|
||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
|
||||
|
||||
plen = sizeof(ptext_ex) - 1;
|
||||
|
||||
for (v = 0; v < 3; v++)
|
||||
@ -310,7 +311,7 @@ int main(int argc, char *argv[])
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
ERR_remove_state(0);
|
||||
|
||||
CRYPTO_mem_leaks_fp(stdout);
|
||||
CRYPTO_mem_leaks_fp(stderr);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user