From e9224c717711eefb30038c9b37c69795dda93c9a Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Sun, 8 Dec 2002 05:24:31 +0000 Subject: [PATCH] This is a first-cut at improving the callback mechanisms used in key-generation and prime-checking functions. Rather than explicitly passing callback functions and caller-defined context data for the callbacks, a new structure BN_GENCB is defined that encapsulates this; a pointer to the structure is passed to all such functions instead. This wrapper structure allows the encapsulation of "old" and "new" style callbacks - "new" callbacks return a boolean result on the understanding that returning FALSE should terminate keygen/primality processing. The BN_GENCB abstraction will allow future callback modifications without needing to break binary compatibility nor change the API function prototypes. The new API functions have been given names ending in "_ex" and the old functions are implemented as wrappers to the new ones. The OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined, declaration of the older functions will be skipped. NB: Some openssl-internal code will stick with the older callbacks for now, so appropriate "#undef" logic will be put in place - this is in case the user is *building* openssl (rather than *including* its headers) with this symbol defined. There is another change in the new _ex functions; the key-generation functions do not return key structures but operate on structures passed by the caller, the return value is a boolean. This will allow for a smoother transition to having key-generation as "virtual function" in the various ***_METHOD tables. --- CHANGES | 12 +++++ crypto/bn/Makefile.ssl | 6 ++- crypto/bn/bn.h | 28 ++++++++++ crypto/bn/bn_depr.c | 114 +++++++++++++++++++++++++++++++++++++++ crypto/bn/bn_prime.c | 80 ++++++++++++++++----------- crypto/bn/bntest.c | 6 +++ crypto/dh/Makefile.ssl | 4 +- crypto/dh/dh.h | 8 +++ crypto/dh/dh_check.c | 4 +- crypto/dh/dh_depr.c | 81 ++++++++++++++++++++++++++++ crypto/dh/dh_gen.c | 31 +++++------ crypto/dh/dhtest.c | 6 +++ crypto/dsa/Makefile.ssl | 4 +- crypto/dsa/dsa.h | 10 ++++ crypto/dsa/dsa_depr.c | 104 +++++++++++++++++++++++++++++++++++ crypto/dsa/dsa_gen.c | 42 +++++++-------- crypto/dsa/dsatest.c | 6 +++ crypto/ec/ectest.c | 10 ++-- crypto/ecdsa/ecdsatest.c | 8 ++- crypto/rsa/Makefile.ssl | 4 +- crypto/rsa/rsa.h | 8 +++ crypto/rsa/rsa_chk.c | 4 +- crypto/rsa/rsa_depr.c | 83 ++++++++++++++++++++++++++++ crypto/rsa/rsa_gen.c | 58 ++++++++++---------- ssl/ssltest.c | 14 ++++- 25 files changed, 619 insertions(+), 116 deletions(-) create mode 100644 crypto/bn/bn_depr.c create mode 100644 crypto/dh/dh_depr.c create mode 100644 crypto/dsa/dsa_depr.c create mode 100644 crypto/rsa/rsa_depr.c diff --git a/CHANGES b/CHANGES index 8d47c0e171..f0fd7ac861 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,18 @@ Changes between 0.9.7 and 0.9.8 [xx XXX 2002] + *) Change the "progress" mechanism used in key-generation and + primality testing to functions that take a new BN_GENCB pointer in + place of callback/argument pairs. The new API functions have "_ex" + postfixes and the older functions are reimplemented as wrappers for + the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide + declarations of the old functions to help (graceful) attempts to + migrate to the new functions. Also, the new key-generation API + functions operate on a caller-supplied key-structure and return + success/failure rather than returning a key or NULL - this is to + help make "keygen" another member function of RSA_METHOD etc. + [Geoff Thorpe] + *) Add the ASN.1 structures and functions for CertificatePair, which is defined as follows (according to X.509_4thEditionDraftV6.pdf): diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl index d0b64585ed..459a0693ed 100644 --- a/crypto/bn/Makefile.ssl +++ b/crypto/bn/Makefile.ssl @@ -39,12 +39,14 @@ LIB=$(TOP)/libcrypto.a LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ - bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c + bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ + bn_depr.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ - bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o + bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ + bn_depr.o SRC= $(LIBSRC) diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index 403add94b0..c1b5b41935 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -287,6 +287,23 @@ typedef struct bn_recp_ctx_st int flags; } BN_RECP_CTX; +/* Used for slow "generation" functions. */ +typedef struct bn_gencb_st BN_GENCB; +struct bn_gencb_st + { + unsigned int ver; /* To handle binary (in)compatibility */ + void *arg; /* callback-specific data */ + union + { + /* if(ver==1) - handles old style callbacks */ + void (*cb_1)(int, int, void *); + /* if(ver==2) - new callback style */ + int (*cb_2)(int, int, BN_GENCB *); + }; + }; +/* Wrapper function to make using BN_GENCB easier, */ +int BN_GENCB_call(BN_GENCB *cb, int a, int b); + #define BN_prime_checks 0 /* default: select number of iterations based on the size of the number */ @@ -431,6 +448,9 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); BIGNUM *BN_mod_sqrt(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); + +/* Deprecated versions */ +#ifndef OPENSSL_NO_DEPRECATED BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe, const BIGNUM *add, const BIGNUM *rem, void (*callback)(int,int,void *),void *cb_arg); @@ -440,6 +460,14 @@ int BN_is_prime(const BIGNUM *p,int nchecks, int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, int do_trial_division); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* Newer versions */ +int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add, + const BIGNUM *rem, BN_GENCB *cb); +int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); +int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, + int do_trial_division, BN_GENCB *cb); BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); diff --git a/crypto/bn/bn_depr.c b/crypto/bn/bn_depr.c new file mode 100644 index 0000000000..76c349833c --- /dev/null +++ b/crypto/bn/bn_depr.c @@ -0,0 +1,114 @@ +/* crypto/bn/bn_depr.c */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* Support for deprecated functions goes here - static linkage will only slurp + * this code if applications are using them directly. */ + +#include +#include +#include "cryptlib.h" +#include "bn_lcl.h" +#include + +BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, + const BIGNUM *add, const BIGNUM *rem, + void (*callback)(int,int,void *), void *cb_arg) + { + BN_GENCB cb; + BIGNUM *rnd=NULL; + int found = 0; + + cb.ver = 1; + cb.arg = cb_arg; + cb.cb_1 = callback; + + if (ret == NULL) + { + if ((rnd=BN_new()) == NULL) goto err; + } + else + rnd=ret; + if(!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb)) + goto err; + + /* we have a prime :-) */ + found = 1; +err: + if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd); + return(found ? rnd : NULL); + } + +int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *), + BN_CTX *ctx_passed, void *cb_arg) + { + BN_GENCB cb; + cb.ver = 1; + cb.arg = cb_arg; + cb.cb_1 = callback; + return BN_is_prime_ex(a, checks, ctx_passed, &cb); + } + +int BN_is_prime_fasttest(const BIGNUM *a, int checks, + void (*callback)(int,int,void *), + BN_CTX *ctx_passed, void *cb_arg, + int do_trial_division) + { + BN_GENCB cb; + cb.ver = 1; + cb.arg = cb_arg; + cb.cb_1 = callback; + return BN_is_prime_fasttest_ex(a, checks, ctx_passed, + do_trial_division, &cb); + } diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 918b9237c6..a9ec01d916 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -115,6 +115,11 @@ #include "bn_lcl.h" #include +/* NB: these functions have been "upgraded", the deprecated versions (which are + * compatibility wrappers using these functions) are in bn_depr.c. + * - Geoff + */ + /* The quick sieve algorithm approach to weeding out primes is * Philip Zimmermann's, as implemented in PGP. I have had a read of * his comments and implemented my own version. @@ -129,11 +134,29 @@ static int probable_prime_dh(BIGNUM *rnd, int bits, static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, - const BIGNUM *add, const BIGNUM *rem, - void (*callback)(int,int,void *), void *cb_arg) +int BN_GENCB_call(BN_GENCB *cb, int a, int b) + { + /* No callback means continue */ + if(!cb) return 1; + switch(cb->ver) + { + case 1: + /* Deprecated-style callbacks */ + cb->cb_1(a, b, cb->arg); + return 1; + case 2: + /* New-style callbacks */ + return cb->cb_2(a, b, cb); + default: + break; + } + /* Unrecognised callback type */ + return 0; + } + +int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, + const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb) { - BIGNUM *rnd=NULL; BIGNUM t; int found=0; int i,j,c1=0; @@ -142,38 +165,34 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, ctx=BN_CTX_new(); if (ctx == NULL) goto err; - if (ret == NULL) - { - if ((rnd=BN_new()) == NULL) goto err; - } - else - rnd=ret; BN_init(&t); loop: /* make a random number and set the top and bottom bits */ if (add == NULL) { - if (!probable_prime(rnd,bits)) goto err; + if (!probable_prime(ret,bits)) goto err; } else { if (safe) { - if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx)) + if (!probable_prime_dh_safe(ret,bits,add,rem,ctx)) goto err; } else { - if (!probable_prime_dh(rnd,bits,add,rem,ctx)) + if (!probable_prime_dh(ret,bits,add,rem,ctx)) goto err; } } - /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */ - if (callback != NULL) callback(0,c1++,cb_arg); + /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */ + if(!BN_GENCB_call(cb, 0, c1++)) + /* aborted */ + goto err; if (!safe) { - i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0); + i=BN_is_prime_fasttest_ex(ret,checks,ctx,0,cb); if (i == -1) goto err; if (i == 0) goto loop; } @@ -183,41 +202,38 @@ loop: * check that (p-1)/2 is prime. * Since a prime is odd, We just * need to divide by 2 */ - if (!BN_rshift1(&t,rnd)) goto err; + if (!BN_rshift1(&t,ret)) goto err; for (i=0; i #include #include diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl index e1cb248db5..c1ed5ad920 100644 --- a/crypto/dh/Makefile.ssl +++ b/crypto/dh/Makefile.ssl @@ -23,8 +23,8 @@ TEST= dhtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c -LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o +LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c +LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o SRC= $(LIBSRC) diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 05851f8429..cab9b1493d 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -165,8 +165,16 @@ int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int DH_set_ex_data(DH *d, int idx, void *arg); void *DH_get_ex_data(DH *d, int idx); + +/* Deprecated version */ +#ifndef OPENSSL_NO_DEPRECATED DH * DH_generate_parameters(int prime_len,int generator, void (*callback)(int,int,void *),void *cb_arg); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb); + int DH_check(const DH *dh,int *codes); int DH_generate_key(DH *dh); int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index f0373f7d68..bfc9c3ad76 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -104,12 +104,12 @@ int DH_check(const DH *dh, int *ret) else *ret|=DH_UNABLE_TO_CHECK_GENERATOR; - if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) + if (!BN_is_prime_ex(dh->p,BN_prime_checks,ctx,NULL)) *ret|=DH_CHECK_P_NOT_PRIME; else { if (!BN_rshift1(q,dh->p)) goto err; - if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) + if (!BN_is_prime_ex(q,BN_prime_checks,ctx,NULL)) *ret|=DH_CHECK_P_NOT_SAFE_PRIME; } ok=1; diff --git a/crypto/dh/dh_depr.c b/crypto/dh/dh_depr.c new file mode 100644 index 0000000000..8a909b1959 --- /dev/null +++ b/crypto/dh/dh_depr.c @@ -0,0 +1,81 @@ +/* crypto/dh/dh_depr.c */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +/* This file contains deprecated functions as wrappers to the new ones */ + +#include +#include "cryptlib.h" +#include +#include + +DH *DH_generate_parameters(int prime_len, int generator, + void (*callback)(int,int,void *), void *cb_arg) + { + BN_GENCB cb; + DH *ret=NULL; + + if((ret=DH_new()) == NULL) + return NULL; + + cb.ver = 1; + cb.arg = cb_arg; + cb.cb_1 = callback; + + if(DH_generate_parameters_ex(ret, prime_len, generator, &cb)) + return ret; + DH_free(ret); + return NULL; + } diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 06f78b35ab..a929a0f064 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -56,6 +56,11 @@ * [including the GNU Public Licence.] */ +/* NB: These functions have been upgraded - the previous prototypes are in + * dh_depr.c as wrappers to these ones. + * - Geoff + */ + #include #include "cryptlib.h" #include @@ -86,22 +91,22 @@ * It's just as OK (and in some sense better) to use a generator of the * order-q subgroup. */ -DH *DH_generate_parameters(int prime_len, int generator, - void (*callback)(int,int,void *), void *cb_arg) +int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) { - BIGNUM *p=NULL,*t1,*t2; - DH *ret=NULL; + BIGNUM *t1,*t2; int g,ok= -1; BN_CTX *ctx=NULL; - ret=DH_new(); - if (ret == NULL) goto err; ctx=BN_CTX_new(); if (ctx == NULL) goto err; BN_CTX_start(ctx); t1 = BN_CTX_get(ctx); t2 = BN_CTX_get(ctx); if (t1 == NULL || t2 == NULL) goto err; + + /* Make sure 'ret' has the necessary elements */ + if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err; + if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err; if (generator <= 1) { @@ -141,11 +146,8 @@ DH *DH_generate_parameters(int prime_len, int generator, g=generator; } - p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); - if (p == NULL) goto err; - if (callback != NULL) callback(3,0,cb_arg); - ret->p=p; - ret->g=BN_new(); + if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err; + if(!BN_GENCB_call(cb, 3, 0)) goto err; if (!BN_set_word(ret->g,g)) goto err; ok=1; err: @@ -160,10 +162,5 @@ err: BN_CTX_end(ctx); BN_CTX_free(ctx); } - if (!ok && (ret != NULL)) - { - DH_free(ret); - ret=NULL; - } - return(ret); + return ok; } diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c index 27237741da..33a49f2d7d 100644 --- a/crypto/dh/dhtest.c +++ b/crypto/dh/dhtest.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl index 306a3f2001..93808285f7 100644 --- a/crypto/dsa/Makefile.ssl +++ b/crypto/dsa/Makefile.ssl @@ -24,9 +24,9 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ - dsa_err.c dsa_ossl.c + dsa_err.c dsa_ossl.c dsa_depr.c LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ - dsa_err.o dsa_ossl.o + dsa_err.o dsa_ossl.o dsa_depr.o SRC= $(LIBSRC) diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 9b3baadf2c..7a126e486b 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -186,10 +186,20 @@ void *DSA_get_ex_data(DSA *d, int idx); DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length); DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length); DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length); + +/* Deprecated version */ +#ifndef OPENSSL_NO_DEPRECATED DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, int *counter_ret, unsigned long *h_ret,void (*callback)(int, int, void *),void *cb_arg); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int DSA_generate_parameters_ex(DSA *dsa, int bits, + unsigned char *seed,int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); + int DSA_generate_key(DSA *a); int i2d_DSAPublicKey(const DSA *a, unsigned char **pp); int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp); diff --git a/crypto/dsa/dsa_depr.c b/crypto/dsa/dsa_depr.c new file mode 100644 index 0000000000..c16315389b --- /dev/null +++ b/crypto/dsa/dsa_depr.c @@ -0,0 +1,104 @@ +/* crypto/dsa/dsa_depr.c */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* This file contains deprecated function(s) that are now wrappers to the new + * version(s). */ + +#undef GENUINE_DSA + +#ifdef GENUINE_DSA +/* Parameter generation follows the original release of FIPS PUB 186, + * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */ +#define HASH EVP_sha() +#else +/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, + * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in + * FIPS PUB 180-1) */ +#define HASH EVP_sha1() +#endif + +#ifndef OPENSSL_NO_SHA + +#include +#include +#include "cryptlib.h" +#include +#include +#include +#include +#include + +DSA *DSA_generate_parameters(int bits, + unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, + void (*callback)(int, int, void *), + void *cb_arg) + { + BN_GENCB cb; + DSA *ret; + + if ((ret=DSA_new()) == NULL) return NULL; + + cb.ver = 1; + cb.arg = cb_arg; + cb.cb_1 = callback; + + if(DSA_generate_parameters_ex(ret, bits, seed_in, seed_len, + counter_ret, h_ret, &cb)) + return ret; + DSA_free(ret); + return NULL; + } +#endif diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index dc9c249310..ca2c867089 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -80,11 +80,9 @@ #include #include -DSA *DSA_generate_parameters(int bits, +int DSA_generate_parameters_ex(DSA *ret, int bits, unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), - void *cb_arg) + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { int ok=0; unsigned char seed[SHA_DIGEST_LENGTH]; @@ -98,7 +96,6 @@ DSA *DSA_generate_parameters(int bits, int r=0; BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; unsigned int h=2; - DSA *ret=NULL; if (bits < 512) bits=512; bits=(bits+63)/64*64; @@ -114,7 +111,6 @@ DSA *DSA_generate_parameters(int bits, if ((ctx=BN_CTX_new()) == NULL) goto err; if ((ctx2=BN_CTX_new()) == NULL) goto err; if ((ctx3=BN_CTX_new()) == NULL) goto err; - if ((ret=DSA_new()) == NULL) goto err; if ((mont=BN_MONT_CTX_new()) == NULL) goto err; @@ -137,7 +133,8 @@ DSA *DSA_generate_parameters(int bits, int seed_is_random; /* step 1 */ - if (callback != NULL) callback(0,m++,cb_arg); + if(!BN_GENCB_call(cb, 0, m++)) + goto err; if (!seed_len) { @@ -170,7 +167,8 @@ DSA *DSA_generate_parameters(int bits, if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; /* step 4 */ - r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random); + r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx3, + seed_is_random, cb); if (r > 0) break; if (r != 0) @@ -180,8 +178,8 @@ DSA *DSA_generate_parameters(int bits, /* step 5 */ } - if (callback != NULL) callback(2,0,cb_arg); - if (callback != NULL) callback(3,0,cb_arg); + if(!BN_GENCB_call(cb, 2, 0)) goto err; + if(!BN_GENCB_call(cb, 3, 0)) goto err; /* step 6 */ counter=0; @@ -192,8 +190,8 @@ DSA *DSA_generate_parameters(int bits, for (;;) { - if (callback != NULL && counter != 0) - callback(0,counter,cb_arg); + if ((counter != 0) && !BN_GENCB_call(cb, 0, counter)) + goto err; /* step 7 */ BN_zero(W); @@ -231,7 +229,8 @@ DSA *DSA_generate_parameters(int bits, if (BN_cmp(p,test) >= 0) { /* step 11 */ - r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); + r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, + ctx3, 1, cb); if (r > 0) goto end; /* found it */ if (r != 0) @@ -247,7 +246,8 @@ DSA *DSA_generate_parameters(int bits, } } end: - if (callback != NULL) callback(2,1,cb_arg); + if(!BN_GENCB_call(cb, 2, 1)) + goto err; /* We now need to generate g */ /* Set r0=(p-1)/q */ @@ -266,16 +266,16 @@ end: h++; } - if (callback != NULL) callback(3,1,cb_arg); + if(!BN_GENCB_call(cb, 3, 1)) + goto err; ok=1; err: - if (!ok) - { - if (ret != NULL) DSA_free(ret); - } - else + if (ok) { + if(ret->p) BN_free(ret->p); + if(ret->q) BN_free(ret->q); + if(ret->g) BN_free(ret->g); ret->p=BN_dup(p); ret->q=BN_dup(q); ret->g=BN_dup(g); @@ -291,6 +291,6 @@ err: } if (ctx3 != NULL) BN_CTX_free(ctx3); if (mont != NULL) BN_MONT_CTX_free(mont); - return(ok?ret:NULL); + return ok; } #endif diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c index 1ab90cfd7e..c341c1b49c 100644 --- a/crypto/dsa/dsatest.c +++ b/crypto/dsa/dsatest.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c index d7e606db71..e292da3384 100644 --- a/crypto/ec/ectest.c +++ b/crypto/ec/ectest.c @@ -333,7 +333,7 @@ void prime_field_tests() /* Curve P-192 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -377,7 +377,7 @@ void prime_field_tests() /* Curve P-224 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) ABORT; if (!BN_hex2bn(&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -421,7 +421,7 @@ void prime_field_tests() /* Curve P-256 (FIPS PUB 186-2, App. 6) */ if (!BN_hex2bn(&p, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) ABORT; if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT; @@ -467,7 +467,7 @@ void prime_field_tests() if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) ABORT; if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" @@ -518,7 +518,7 @@ void prime_field_tests() if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) ABORT; - if (1 != BN_is_prime(p, BN_prime_checks, 0, ctx, NULL)) ABORT; + if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) ABORT; if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) ABORT; diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index 3f284125a2..402e988f46 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -69,6 +69,12 @@ * */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include @@ -283,7 +289,7 @@ int test_builtin(BIO *out) size_t crv_len = 0, n = 0; EC_KEY *eckey = NULL, *wrong_eckey = NULL; unsigned char digest[20], wrong_digest[20]; - unsigned char *signature; + unsigned char *signature = NULL; unsigned int sig_len; int nid, ret = 0; diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl index 7e4c6db986..eeb0c9115c 100644 --- a/crypto/rsa/Makefile.ssl +++ b/crypto/rsa/Makefile.ssl @@ -25,10 +25,10 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ - rsa_asn1.c + rsa_asn1.c rsa_depr.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ - rsa_asn1.o + rsa_asn1.o rsa_depr.o SRC= $(LIBSRC) diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index b2e25e4e7c..cdf514c009 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -183,8 +183,16 @@ struct rsa_st RSA * RSA_new(void); RSA * RSA_new_method(ENGINE *engine); int RSA_size(const RSA *); + +/* Deprecated version */ +#ifndef OPENSSL_NO_DEPRECATED RSA * RSA_generate_key(int bits, unsigned long e,void (*callback)(int,int,void *),void *cb_arg); +#endif /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int RSA_generate_key_ex(RSA *rsa, int bits, unsigned long e, BN_GENCB *cb); + int RSA_check_key(const RSA *); /* next 4 return -1 on error */ int RSA_public_encrypt(int flen, const unsigned char *from, diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 002f2cb487..9d848db8c6 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -75,7 +75,7 @@ int RSA_check_key(const RSA *key) } /* p prime? */ - r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL); + r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL); if (r != 1) { ret = r; @@ -85,7 +85,7 @@ int RSA_check_key(const RSA *key) } /* q prime? */ - r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL); + r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL); if (r != 1) { ret = r; diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c new file mode 100644 index 0000000000..25fa954393 --- /dev/null +++ b/crypto/rsa/rsa_depr.c @@ -0,0 +1,83 @@ +/* crypto/rsa/rsa_depr.c */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* NB: This file contains deprecated functions (compatibility wrappers to the + * "new" versions). */ + +#include +#include +#include "cryptlib.h" +#include +#include + +RSA *RSA_generate_key(int bits, unsigned long e_value, + void (*callback)(int,int,void *), void *cb_arg) + { + BN_GENCB cb; + RSA *rsa; + + if((rsa=RSA_new()) == NULL) + return 0; + + cb.ver = 1; + cb.arg = cb_arg; + cb.cb_1 = callback; + + if(RSA_generate_key_ex(rsa, bits, e_value, &cb)) + return rsa; + RSA_free(rsa); + return 0; + } + diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 00c25adbc5..a45b9aab5c 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -56,16 +56,20 @@ * [including the GNU Public Licence.] */ + +/* NB: these functions have been "upgraded", the deprecated versions (which are + * compatibility wrappers using these functions) are in rsa_depr.c. + * - Geoff + */ + #include #include #include "cryptlib.h" #include #include -RSA *RSA_generate_key(int bits, unsigned long e_value, - void (*callback)(int,int,void *), void *cb_arg) +int RSA_generate_key_ex(RSA *rsa, int bits, unsigned long e_value, BN_GENCB *cb) { - RSA *rsa=NULL; BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; int bitsp,bitsq,ok= -1,n=0,i; BN_CTX *ctx=NULL,*ctx2=NULL; @@ -83,12 +87,16 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, bitsp=(bits+1)/2; bitsq=bits-bitsp; - rsa=RSA_new(); - if (rsa == NULL) goto err; - /* set e */ - rsa->e=BN_new(); - if (rsa->e == NULL) goto err; + /* We need the RSA components non-NULL */ + if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; + if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; + if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; + if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; + if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; + if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; + if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; + if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; #if 1 /* The problem is when building with 8, 16, or 32 BN_ULONG, @@ -105,27 +113,29 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, /* generate p and q */ for (;;) { - rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); - if (rsa->p == NULL) goto err; + if(!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) + goto err; if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; if (BN_is_one(r1)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->p); + if(!BN_GENCB_call(cb, 2, n++)) + goto err; } - if (callback != NULL) callback(3,0,cb_arg); + if(!BN_GENCB_call(cb, 3, 0)) + goto err; for (;;) { - rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); - if (rsa->q == NULL) goto err; + if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) + goto err; if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->q); + if(!BN_GENCB_call(cb, 2, n++)) + goto err; } - if (callback != NULL) callback(3,1,cb_arg); + if(!BN_GENCB_call(cb, 3, 1)) + goto err; if (BN_cmp(rsa->p,rsa->q) < 0) { tmp=rsa->p; @@ -134,8 +144,6 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, } /* calculate n */ - rsa->n=BN_new(); - if (rsa->n == NULL) goto err; if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; /* calculate d */ @@ -185,13 +193,7 @@ err: BN_CTX_end(ctx); BN_CTX_free(ctx); BN_CTX_free(ctx2); - - if (!ok) - { - if (rsa != NULL) RSA_free(rsa); - return(NULL); - } - else - return(rsa); + + return ok; } diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 8ff076250f..e384599fb1 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -1580,9 +1580,21 @@ static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength) { if (rsa_tmp == NULL) { + rsa_tmp = RSA_new(); + if(!rsa_tmp) + { + BIO_printf(bio_err, "Memory error..."); + goto end; + } BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength); (void)BIO_flush(bio_err); - rsa_tmp=RSA_generate_key(keylength,RSA_F4,NULL,NULL); + if(!RSA_generate_key_ex(rsa_tmp,keylength,RSA_F4,NULL)) + { + BIO_printf(bio_err, "Error generating key.", keylength); + RSA_free(rsa_tmp); + rsa_tmp = NULL; + } +end: BIO_printf(bio_err,"\n"); (void)BIO_flush(bio_err); } -- GitLab