generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge public key FIPS code, RSA, DSA, DH.

Browse Source
This commit is contained in:
Dr. Stephen Henson
2008-09-16 14:55:26 +00:00
parent 92eb44d238
commit e3f2860e73
25 changed files with 728 additions and 326 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
crypto/dsa/dsa_lib.c
View File

@@ -76,6 +76,14 @@ static const DSA_METHOD *default_DSA_method = NULL;
void DSA_set_default_method(const DSA_METHOD *meth)
{
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD))
{
DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD);
return;
}
#endif
default_DSA_method = meth;
}
@@ -96,6 +104,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
/* NB: The caller is specifically setting a method, so it's not up to us
* to deal with which ENGINE it comes from. */
const DSA_METHOD *mtmp;
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD))
{
DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD);
return 0;
}
#endif
mtmp = dsa->meth;
if (mtmp->finish) mtmp->finish(dsa);
#ifndef OPENSSL_NO_ENGINE
@@ -147,6 +162,18 @@ DSA *DSA_new_method(ENGINE *engine)
}
}
#endif
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD))
{
DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD);
#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
#endif
OPENSSL_free(ret);
return NULL;
}
#endif
ret->pad=0;
ret->version=0;
@@ -233,28 +260,6 @@ int DSA_up_ref(DSA *r)
return ((i > 1) ? 1 : 0);
}
int DSA_size(const DSA *r)
{
int ret,i;
ASN1_INTEGER bs;
unsigned char buf[4]; /* 4 bytes looks really small.
However, i2d_ASN1_INTEGER() will not look
beyond the first byte, as long as the second
parameter is NULL. */
i=BN_num_bits(r->q);
bs.length=(i+7)/8;
bs.data=buf;
bs.type=V_ASN1_INTEGER;
/* If the top bit is set the asn1 encoding is 1 larger. */
buf[0]=0xff;
i=i2d_ASN1_INTEGER(&bs,NULL);
i+=i; /* r and s */
ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
return(ret);
}
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{