OpenSSL 0.9.4 merge

author: beck <beck@openbsd.org> 1999-09-29 04:35:07 +0000
committer: beck <beck@openbsd.org> 1999-09-29 04:35:07 +0000
commit: 913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0 (patch)
tree: 62c001f84cb6413a049c5c811a08bfbe7c747b77 /lib/libssl/src/crypto/dsa
parent: fix byte counters; imain@netidea.com (diff)
download: wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.tar.xz
wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.zip
12 files changed, 568 insertions, 368 deletions
diff --git a/lib/libssl/src/crypto/dsa/Makefile.ssl b/lib/libssl/src/crypto/dsa/Makefile.ssl
index 2cc4ddb39e9..6d80ce77be8 100644
--- a/lib/libssl/src/crypto/dsa/Makefile.ssl
+++ b/lib/libssl/src/crypto/dsa/Makefile.ssl
@@ -7,23 +7,23 @@ TOP=	../..
 CC=	cc
 INCLUDES= -I.. -I../../include
 CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
 INSTALLTOP=/usr/local/ssl
 MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	makedepend -f Makefile.ssl
+MAKEDEPEND=	$(TOP)/util/domd $(TOP)
 MAKEFILE=	Makefile.ssl
 AR=		ar r
 
 CFLAGS= $(INCLUDES) $(CFLAG)
 
-ERR=dsa
-ERRC=dsa_err
 GENERAL=Makefile
 TEST=dsatest.c
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c $(ERRC).c
-LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_vrf.o dsa_sign.o $(ERRC).o
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c dsa_err.c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o dsa_err.o
 
 SRC= $(LIBSRC)
 
@@ -39,24 +39,23 @@ all:	lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	sh $(TOP)/util/ranlib.sh $(LIB)
+	$(RANLIB) $(LIB)
 	@touch lib
 
 files:
-	perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
 
 links:
-	/bin/rm -f Makefile
-	$(TOP)/util/point.sh Makefile.ssl Makefile ;
-	$(TOP)/util/mklink.sh ../../include $(EXHEADER)
-	$(TOP)/util/mklink.sh ../../test $(TEST)
-	$(TOP)/util/mklink.sh ../../apps $(APPS)
+	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
 
 install:
 	@for i in $(EXHEADER) ; \
 	do  \
-	(cp $$i $(INSTALLTOP)/include/$$i; \
-	chmod 644 $(INSTALLTOP)/include/$$i ); \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
 	done;
 
 tags:
@@ -68,17 +67,67 @@ lint:
 	lint -DLINT $(INCLUDES) $(SRC)>fluff
 
 depend:
-	$(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
 
 dclean:
-	perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
 	mv -f Makefile.new $(MAKEFILE)
 
 clean:
-	/bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
-
-errors:
-	perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
-	perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+dsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+dsa_asn1.o: ../../include/openssl/stack.h ../cryptlib.h
+dsa_err.o: ../../include/openssl/bn.h ../../include/openssl/dh.h
+dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/err.h
+dsa_err.o: ../../include/openssl/opensslconf.h
+dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_gen.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_gen.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_gen.o: ../cryptlib.h
+dsa_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_key.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_key.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+dsa_key.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+dsa_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_key.o: ../cryptlib.h
+dsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dsa_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_lib.o: ../cryptlib.h
+dsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dsa_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_sign.o: ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_sign.o: ../cryptlib.h
+dsa_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+dsa_vrf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_vrf.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
+dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_vrf.o: ../cryptlib.h
diff --git a/lib/libssl/src/crypto/dsa/dsa.err b/lib/libssl/src/crypto/dsa/dsa.err
deleted file mode 100644
index 1131e9fa746..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa.err
+++ /dev/null
@@ -1,15 +0,0 @@
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-#define DSA_F_DSAPARAMS_PRINT				 100
-#define DSA_F_DSAPARAMS_PRINT_FP			 101
-#define DSA_F_DSA_IS_PRIME				 102
-#define DSA_F_DSA_NEW					 103
-#define DSA_F_DSA_PRINT					 104
-#define DSA_F_DSA_PRINT_FP				 105
-#define DSA_F_DSA_SIGN					 106
-#define DSA_F_DSA_SIGN_SETUP				 107
-#define DSA_F_DSA_VERIFY				 108
-
-/* Reason codes. */
-#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
diff --git a/lib/libssl/src/crypto/dsa/dsa.h b/lib/libssl/src/crypto/dsa/dsa.h
index 1ca87c1cbea..20b3f8d90a0 100644
--- a/lib/libssl/src/crypto/dsa/dsa.h
+++ b/lib/libssl/src/crypto/dsa/dsa.h
@@ -69,7 +69,16 @@
 extern "C" {
 #endif
 
-#include "bn.h"
+#ifdef NO_DSA
+#error DSA is disabled.
+#endif
+
+#include <openssl/bn.h>
+#ifndef NO_DH
+# include <openssl/dh.h>
+#endif
+
+#define DSA_FLAG_CACHE_MONT_P	0x01
 
 typedef struct dsa_st
 	{
@@ -88,9 +97,19 @@ typedef struct dsa_st
 	BIGNUM *kinv;	/* Signing pre-calc */
 	BIGNUM *r;	/* Signing pre-calc */
 
+	int flags;
+	/* Normally used to cache montgomery values */
+	char *method_mont_p;
+
 	int references;
 	} DSA;
 
+typedef struct DSA_SIG_st
+	{
+	BIGNUM *r;
+	BIGNUM *s;
+	} DSA_SIG;
+
 #define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
 		(char *(*)())d2i_DSAparams,(char *)(x))
 #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
@@ -102,15 +121,23 @@ typedef struct dsa_st
 #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
 		(unsigned char *)(x))
 
-#ifndef NOPROTO
+
+DSA_SIG * DSA_SIG_new(void);
+void	DSA_SIG_free(DSA_SIG *a);
+int	i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
+DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
+
+DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
+int	DSA_do_verify(const unsigned char *dgst,int dgst_len,
+		      DSA_SIG *sig,DSA *dsa);
 
 DSA *	DSA_new(void);
 int	DSA_size(DSA *);
 	/* next 4 return -1 on error */
 int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
-int	DSA_sign(int type,unsigned char *dgst,int dlen,
+int	DSA_sign(int type,const unsigned char *dgst,int dlen,
 		unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int	DSA_verify(int type,unsigned char *dgst,int dgst_len,
+int	DSA_verify(int type,const unsigned char *dgst,int dgst_len,
 		unsigned char *sigbuf, int siglen, DSA *dsa);
 void	DSA_free (DSA *r);
 
@@ -138,55 +165,38 @@ int	DSA_print_fp(FILE *bp, DSA *x, int off);
 
 int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg);
 
-#else
-
-DSA *	DSA_new();
-int	DSA_size();
-int	DSA_sign_setup();
-int	DSA_sign();
-int	DSA_verify();
-void	DSA_free ();
-
-void	ERR_load_DSA_strings();
-
-DSA *	d2i_DSAPublicKey();
-DSA *	d2i_DSAPrivateKey();
-DSA * 	d2i_DSAparams();
-DSA *	DSA_generate_parameters();
-int	DSA_generate_key();
-int	i2d_DSAPublicKey();
-int 	i2d_DSAPrivateKey();
-int	i2d_DSAparams();
-
-int	DSA_is_prime();
-
-int	DSAparams_print();
-int	DSA_print();
-
-#ifndef NO_FP_API
-int	DSAparams_print_fp();
-int	DSA_print_fp();
-#endif
-
+#ifndef NO_DH
+/* Convert DSA structure (key or just parameters) into DH structure
+ * (be careful to avoid small subgroup attacks when using this!) */
+DH *DSA_dup_DH(DSA *r);
 #endif
 
 /* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+
 /* Error codes for the DSA functions. */
 
 /* Function codes. */
+#define DSA_F_D2I_DSA_SIG				 110
 #define DSA_F_DSAPARAMS_PRINT				 100
 #define DSA_F_DSAPARAMS_PRINT_FP			 101
+#define DSA_F_DSA_DO_SIGN				 112
+#define DSA_F_DSA_DO_VERIFY				 113
 #define DSA_F_DSA_IS_PRIME				 102
 #define DSA_F_DSA_NEW					 103
 #define DSA_F_DSA_PRINT					 104
 #define DSA_F_DSA_PRINT_FP				 105
 #define DSA_F_DSA_SIGN					 106
 #define DSA_F_DSA_SIGN_SETUP				 107
+#define DSA_F_DSA_SIG_NEW				 109
 #define DSA_F_DSA_VERIFY				 108
+#define DSA_F_I2D_DSA_SIG				 111
 
 /* Reason codes. */
 #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
- 
+
 #ifdef  __cplusplus
 }
 #endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_asn1.c b/lib/libssl/src/crypto/dsa/dsa_asn1.c
new file mode 100644
index 00000000000..7523b21654d
--- /dev/null
+++ b/lib/libssl/src/crypto/dsa/dsa_asn1.c
@@ -0,0 +1,96 @@
+/* crypto/dsa/dsa_asn1.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dsa.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+
+DSA_SIG *DSA_SIG_new(void)
+{
+	DSA_SIG *ret;
+
+	ret = Malloc(sizeof(DSA_SIG));
+	if (ret == NULL)
+		{
+		DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+		}
+	ret->r = NULL;
+	ret->s = NULL;
+	return(ret);
+}
+
+void DSA_SIG_free(DSA_SIG *r)
+{
+	if (r == NULL) return;
+	if (r->r) BN_clear_free(r->r);
+	if (r->s) BN_clear_free(r->s);
+	Free(r);
+}
+
+int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
+{
+	int t=0,len;
+	ASN1_INTEGER rbs,sbs;
+	unsigned char *p;
+
+	rbs.data=Malloc(BN_num_bits(v->r)/8+1);
+	if (rbs.data == NULL)
+		{
+		DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	rbs.type=V_ASN1_INTEGER;
+	rbs.length=BN_bn2bin(v->r,rbs.data);
+	sbs.data=Malloc(BN_num_bits(v->s)/8+1);
+	if (sbs.data == NULL)
+		{
+		Free(rbs.data);
+		DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	sbs.type=V_ASN1_INTEGER;
+	sbs.length=BN_bn2bin(v->s,sbs.data);
+
+	len=i2d_ASN1_INTEGER(&rbs,NULL);
+	len+=i2d_ASN1_INTEGER(&sbs,NULL);
+
+	if (pp)
+		{
+		p=*pp;
+		ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+		i2d_ASN1_INTEGER(&rbs,&p);
+		i2d_ASN1_INTEGER(&sbs,&p);
+		}
+	t=ASN1_object_size(1,len,V_ASN1_SEQUENCE);
+	Free(rbs.data);
+	Free(sbs.data);
+	return(t);
+}
+
+DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length)
+{
+	int i=ERR_R_NESTED_ASN1_ERROR;
+	ASN1_INTEGER *bs=NULL;
+	M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new);
+
+	M_ASN1_D2I_Init();
+	M_ASN1_D2I_start_sequence();
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL)
+		goto err_bn;
+	M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+	if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL)
+		goto err_bn;
+	ASN1_BIT_STRING_free(bs);
+	M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+	i=ERR_R_BN_LIB;
+err:
+	DSAerr(DSA_F_D2I_DSA_SIG,i);
+	if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret);
+	if (bs != NULL) ASN1_BIT_STRING_free(bs);
+	return(NULL);
+}
diff --git a/lib/libssl/src/crypto/dsa/dsa_err.c b/lib/libssl/src/crypto/dsa/dsa_err.c
index 318e9f31aad..33a8270afde 100644
--- a/lib/libssl/src/crypto/dsa/dsa_err.c
+++ b/lib/libssl/src/crypto/dsa/dsa_err.c
@@ -1,94 +1,101 @@
-/* lib/dsa/dsa_err.c */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* crypto/dsa/dsa_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
  *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
  * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
  */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file.
+ */
+
 #include <stdio.h>
-#include "err.h"
-#include "dsa.h"
+#include <openssl/err.h>
+#include <openssl/dsa.h>
 
 /* BEGIN ERROR CODES */
 #ifndef NO_ERR
 static ERR_STRING_DATA DSA_str_functs[]=
 	{
+{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0),	"d2i_DSA_SIG"},
 {ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0),	"DSAparams_print"},
 {ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0),	"DSAparams_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0),	"DSA_do_sign"},
+{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0),	"DSA_do_verify"},
 {ERR_PACK(0,DSA_F_DSA_IS_PRIME,0),	"DSA_is_prime"},
 {ERR_PACK(0,DSA_F_DSA_NEW,0),	"DSA_new"},
 {ERR_PACK(0,DSA_F_DSA_PRINT,0),	"DSA_print"},
 {ERR_PACK(0,DSA_F_DSA_PRINT_FP,0),	"DSA_print_fp"},
 {ERR_PACK(0,DSA_F_DSA_SIGN,0),	"DSA_sign"},
 {ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0),	"DSA_sign_setup"},
+{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0),	"DSA_SIG_new"},
 {ERR_PACK(0,DSA_F_DSA_VERIFY,0),	"DSA_verify"},
-{0,NULL},
+{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0),	"i2d_DSA_SIG"},
+{0,NULL}
 	};
 
 static ERR_STRING_DATA DSA_str_reasons[]=
 	{
 {DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
-{0,NULL},
+{0,NULL}
 	};
 
 #endif
 
-void ERR_load_DSA_strings()
+void ERR_load_DSA_strings(void)
 	{
 	static int init=1;
 
-	if (init);
-		{;
+	if (init)
+		{
 		init=0;
 #ifndef NO_ERR
 		ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
diff --git a/lib/libssl/src/crypto/dsa/dsa_gen.c b/lib/libssl/src/crypto/dsa/dsa_gen.c
index d7d30bf90a0..b5e5ec06e5e 100644
--- a/lib/libssl/src/crypto/dsa/dsa_gen.c
+++ b/lib/libssl/src/crypto/dsa/dsa_gen.c
@@ -64,23 +64,18 @@
 #define HASH    SHA1
 #endif 
 
+#ifndef NO_SHA
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
-#include "sha.h"
-#include "bn.h"
-#include "dsa.h"
-#include "rand.h"
-
-DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback,
-	cb_arg)
-int bits;
-unsigned char *seed_in;
-int seed_len;
-int *counter_ret;
-unsigned long *h_ret;
-void (*callback)();
-char *cb_arg;
+#include <openssl/sha.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+
+DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
+	     int *counter_ret, unsigned long *h_ret, void (*callback)(),
+	     char *cb_arg)
 	{
 	int ok=0;
 	unsigned char seed[SHA_DIGEST_LENGTH];
@@ -88,6 +83,7 @@ char *cb_arg;
 	unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
 	BIGNUM *r0,*W,*X,*c,*test;
 	BIGNUM *g=NULL,*q=NULL,*p=NULL;
+	BN_MONT_CTX *mont=NULL;
 	int k,n=0,i,b,m=0;
 	int counter=0;
 	BN_CTX *ctx=NULL,*ctx2=NULL;
@@ -100,20 +96,20 @@ char *cb_arg;
 	if ((seed_in != NULL) && (seed_len == 20))
 		memcpy(seed,seed_in,seed_len);
 
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-	ctx2=BN_CTX_new();
-	if (ctx2 == NULL) goto err;
-	ret=DSA_new();
-	if (ret == NULL) goto err;
-	r0=ctx2->bn[0];
-	g=ctx2->bn[1];
-	W=ctx2->bn[2];
-	q=ctx2->bn[3];
-	X=ctx2->bn[4];
-	c=ctx2->bn[5];
-	p=ctx2->bn[6];
-	test=ctx2->bn[7];
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	if ((ctx2=BN_CTX_new()) == NULL) goto err;
+	if ((ret=DSA_new()) == NULL) goto err;
+
+	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+
+	r0= &(ctx2->bn[0]);
+	g= &(ctx2->bn[1]);
+	W= &(ctx2->bn[2]);
+	q= &(ctx2->bn[3]);
+	X= &(ctx2->bn[4]);
+	c= &(ctx2->bn[5]);
+	p= &(ctx2->bn[6]);
+	test= &(ctx2->bn[7]);
 
 	BN_lshift(test,BN_value_one(),bits-1);
 
@@ -216,14 +212,16 @@ end:
 
 	/* We now need to gernerate g */
 	/* Set r0=(p-1)/q */
-        BN_sub(test,p,BN_value_one());
-        BN_div(r0,NULL,test,q,ctx);
+	BN_sub(test,p,BN_value_one());
+	BN_div(r0,NULL,test,q,ctx);
 
 	BN_set_word(test,h);
+	BN_MONT_CTX_set(mont,p,ctx);
+
 	for (;;)
 		{
 		/* g=test^r0%p */
-		BN_mod_exp(g,test,r0,p,ctx);
+		BN_mod_exp_mont(g,test,r0,p,ctx,mont);
 		if (!BN_is_one(g)) break;
 		BN_add(test,test,BN_value_one());
 		h++;
@@ -246,32 +244,32 @@ err:
 		if (counter_ret != NULL) *counter_ret=counter;
 		if (h_ret != NULL) *h_ret=h;
 		}
-	BN_CTX_free(ctx);
-	BN_CTX_free(ctx2);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (ctx != NULL) BN_CTX_free(ctx2);
+	if (mont != NULL) BN_MONT_CTX_free(mont);
 	return(ok?ret:NULL);
 	}
 
-int DSA_is_prime(w, callback,cb_arg)
-BIGNUM *w;
-void (*callback)();
-char *cb_arg;
+int DSA_is_prime(BIGNUM *w, void (*callback)(), char *cb_arg)
 	{
 	int ok= -1,j,i,n;
 	BN_CTX *ctx=NULL,*ctx2=NULL;
-	BIGNUM *w_1,*b,*m,*z;
+	BIGNUM *w_1,*b,*m,*z,*tmp,*mont_1;
 	int a;
+	BN_MONT_CTX *mont=NULL;
 
 	if (!BN_is_bit_set(w,0)) return(0);
 
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-	ctx2=BN_CTX_new();
-	if (ctx2 == NULL) goto err;
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	if ((ctx2=BN_CTX_new()) == NULL) goto err;
+	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
 
-	m=  ctx2->bn[2];
-	b=  ctx2->bn[3];
-	z=  ctx2->bn[4];
-	w_1=ctx2->bn[5];
+	m=   &(ctx2->bn[2]);
+	b=   &(ctx2->bn[3]);
+	z=   &(ctx2->bn[4]);
+	w_1= &(ctx2->bn[5]);
+	tmp= &(ctx2->bn[6]);
+	mont_1= &(ctx2->bn[7]);
 
 	/* step 1 */
 	n=50;
@@ -282,24 +280,30 @@ char *cb_arg;
 		;
 	if (!BN_rshift(m,w_1,a)) goto err;
 
+	BN_MONT_CTX_set(mont,w,ctx);
+	BN_to_montgomery(mont_1,BN_value_one(),mont,ctx);
+	BN_to_montgomery(w_1,w_1,mont,ctx);
 	for (i=1; i < n; i++)
 		{
 		/* step 3 */
 		BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0);
-		BN_set_word(b,0x10001L);
+		/* BN_set_word(b,0x10001L); */
 
 		/* step 4 */
 		j=0;
-		if (!BN_mod_exp(z,b,m,w,ctx)) goto err;
+		if (!BN_mod_exp_mont(z,b,m,w,ctx,mont)) goto err;
+
+		if (!BN_to_montgomery(z,z,mont,ctx)) goto err;
 
 		/* step 5 */
 		for (;;)
 			{
-			if (((j == 0) && BN_is_one(z)) || (BN_cmp(z,w_1) == 0))
+			if (((j == 0) && (BN_cmp(z,mont_1) == 0)) ||
+				(BN_cmp(z,w_1) == 0))
 				break;
 
 			/* step 6 */
-			if ((j > 0) && BN_is_one(z))
+			if ((j > 0) && (BN_cmp(z,mont_1) == 0))
 				{
 				ok=0;
 				goto err;
@@ -312,7 +316,7 @@ char *cb_arg;
 				goto err;
 				}
 
-			if (!BN_mod_mul(z,z,z,w,ctx)) goto err;
+			if (!BN_mod_mul_montgomery(z,z,z,mont,ctx)) goto err;
 			if (callback != NULL) callback(1,j,cb_arg);
 			}
 		}
@@ -322,7 +326,8 @@ err:
 	if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB);
 	BN_CTX_free(ctx);
 	BN_CTX_free(ctx2);
+	BN_MONT_CTX_free(mont);
 	
 	return(ok);
 	}
-
+#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_key.c b/lib/libssl/src/crypto/dsa/dsa_key.c
index d51ed9395f1..ab7f38fc7c6 100644
--- a/lib/libssl/src/crypto/dsa/dsa_key.c
+++ b/lib/libssl/src/crypto/dsa/dsa_key.c
@@ -56,16 +56,16 @@
  * [including the GNU Public Licence.]
  */
 
+#ifndef NO_SHA
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
-#include "sha.h"
-#include "bn.h"
-#include "dsa.h"
-#include "rand.h"
+#include <openssl/sha.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
 
-int DSA_generate_key(dsa)
-DSA *dsa;
+int DSA_generate_key(DSA *dsa)
 	{
 	int ok=0;
 	unsigned int i;
@@ -109,4 +109,4 @@ err:
 	if (ctx != NULL) BN_CTX_free(ctx);
 	return(ok);
 	}
-
+#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_lib.c b/lib/libssl/src/crypto/dsa/dsa_lib.c
index b647257f9fb..ce8e204f7e6 100644
--- a/lib/libssl/src/crypto/dsa/dsa_lib.c
+++ b/lib/libssl/src/crypto/dsa/dsa_lib.c
@@ -56,17 +56,17 @@
  * [including the GNU Public Licence.]
  */
 
-/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
-#include "dsa.h"
-#include "asn1.h"
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/asn1.h>
 
-char *DSA_version="\0DSA part of SSLeay 0.9.0b 29-Jun-1998";
+const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
 
-DSA *DSA_new()
+DSA *DSA_new(void)
 	{
 	DSA *ret;
 
@@ -82,19 +82,20 @@ DSA *DSA_new()
 	ret->p=NULL;
 	ret->q=NULL;
 	ret->g=NULL;
+	ret->flags=DSA_FLAG_CACHE_MONT_P;
 
 	ret->pub_key=NULL;
 	ret->priv_key=NULL;
 
 	ret->kinv=NULL;
 	ret->r=NULL;
+	ret->method_mont_p=NULL;
 
 	ret->references=1;
 	return(ret);
 	}
 
-void DSA_free(r)
-DSA *r;
+void DSA_free(DSA *r)
 	{
 	int i;
 
@@ -120,11 +121,12 @@ DSA *r;
 	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
 	if (r->kinv != NULL) BN_clear_free(r->kinv);
 	if (r->r != NULL) BN_clear_free(r->r);
+	if (r->method_mont_p != NULL)
+		BN_MONT_CTX_free((BN_MONT_CTX *)r->method_mont_p);
 	Free(r);
 	}
 
-int DSA_size(r)
-DSA *r;
+int DSA_size(DSA *r)
 	{
 	int ret,i;
 	ASN1_INTEGER bs;
@@ -143,3 +145,40 @@ DSA *r;
 	return(ret);
 	}
 
+#ifndef NO_DH
+DH *DSA_dup_DH(DSA *r)
+	{
+	/* DSA has p, q, g, optional pub_key, optional priv_key.
+	 * DH has p, optional length, g, optional pub_key, optional priv_key.
+	 */ 
+
+	DH *ret = NULL;
+
+	if (r == NULL)
+		goto err;
+	ret = DH_new();
+	if (ret == NULL)
+		goto err;
+	if (r->p != NULL) 
+		if ((ret->p = BN_dup(r->p)) == NULL)
+			goto err;
+	if (r->q != NULL)
+		ret->length = BN_num_bits(r->q);
+	if (r->g != NULL)
+		if ((ret->g = BN_dup(r->g)) == NULL)
+			goto err;
+	if (r->pub_key != NULL)
+		if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
+			goto err;
+	if (r->priv_key != NULL)
+		if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
+			goto err;
+
+	return ret;
+
+ err:
+	if (ret != NULL)
+		DH_free(ret);
+	return NULL;
+	}
+#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_sign.c b/lib/libssl/src/crypto/dsa/dsa_sign.c
index 6ca1c318f24..774c1619643 100644
--- a/lib/libssl/src/crypto/dsa/dsa_sign.c
+++ b/lib/libssl/src/crypto/dsa/dsa_sign.c
@@ -56,35 +56,28 @@
  * [including the GNU Public Licence.]
  */
 
-/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
-#include "dsa.h"
-#include "rand.h"
-#include "asn1.h"
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+#include <openssl/asn1.h>
 
-/* data has already been hashed (probably with SHA or SHA-1). */
-/*	DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
-
-int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
-int type;
-unsigned char *dgst;
-int dlen;
-unsigned char *sig;	/* out */
-unsigned int *siglen;	/* out */
-DSA *dsa;
+DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
-	BIGNUM *kinv=NULL,*r=NULL;
-	BIGNUM *m=NULL;
-	BIGNUM *xr=NULL,*s=NULL;
+	BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
+	BIGNUM m;
+	BIGNUM xr;
 	BN_CTX *ctx=NULL;
-	unsigned char *p;
-	int i,len=0,ret=0,reason=ERR_R_BN_LIB;
-        ASN1_INTEGER rbs,sbs;
-	MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
-	MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
+	int i,reason=ERR_R_BN_LIB;
+	DSA_SIG *ret=NULL;
+
+	BN_init(&m);
+	BN_init(&xr);
+	s=BN_new();
+	if (s == NULL) goto err;
 
 	i=BN_num_bytes(dsa->q); /* should be 20 */
 	if ((dlen > i) || (dlen > 50))
@@ -108,59 +101,58 @@ DSA *dsa;
 		dsa->r=NULL;
 		}
 
-	m=BN_new();
-	xr=BN_new();
-	s=BN_new();
-	if (m == NULL || xr == NULL || s == NULL) goto err;
-
-	if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
+	if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err;
 
 	/* Compute  s = inv(k) (m + xr) mod q */
-	if (!BN_mul(xr, dsa->priv_key, r)) goto err;	/* s = xr */
-	if (!BN_add(s, xr, m)) goto err;		/* s = m + xr */
+	if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
+	if (!BN_add(s, &xr, &m)) goto err;		/* s = m + xr */
+	if (BN_cmp(s,dsa->q) > 0)
+		BN_sub(s,s,dsa->q);
 	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
 
-	/*
-	 * Now create a ASN.1 sequence of the integers R and S.
-	 */
-	rbs.data=rbuf;
-	sbs.data=sbuf;
-	rbs.type = V_ASN1_INTEGER;
-	sbs.type = V_ASN1_INTEGER;
-	rbs.length=BN_bn2bin(r,rbs.data);
-	sbs.length=BN_bn2bin(s,sbs.data);
-
-	len =i2d_ASN1_INTEGER(&rbs,NULL);
-	len+=i2d_ASN1_INTEGER(&sbs,NULL);
-
-	p=sig;
-	ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-	i2d_ASN1_INTEGER(&rbs,&p);
-	i2d_ASN1_INTEGER(&sbs,&p);
-	*siglen=(p-sig);
-	ret=1;
+	ret=DSA_SIG_new();
+	if (ret == NULL) goto err;
+	ret->r = r;
+	ret->s = s;
+	
 err:
-	if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
-		
-#if 1 /* do the right thing :-) */
-	if (kinv != NULL) BN_clear_free(kinv);
-	if (r != NULL) BN_clear_free(r);
-#endif
+	if (!ret)
+		{
+		DSAerr(DSA_F_DSA_DO_SIGN,reason);
+		BN_free(r);
+		BN_free(s);
+		}
 	if (ctx != NULL) BN_CTX_free(ctx);
-	if (m != NULL) BN_clear_free(m);
-	if (xr != NULL) BN_clear_free(xr);
-	if (s != NULL) BN_clear_free(s);
+	BN_clear_free(&m);
+	BN_clear_free(&xr);
+	if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
+	    BN_clear_free(kinv);
 	return(ret);
 	}
 
-int DSA_sign_setup(dsa,ctx_in,kinvp,rp)
-DSA *dsa;
-BN_CTX *ctx_in;
-BIGNUM **kinvp;
-BIGNUM **rp;
+/* data has already been hashed (probably with SHA or SHA-1). */
+
+/* unsigned char *sig:  out    */
+/* unsigned int *siglen:  out    */
+int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
+	     unsigned int *siglen, DSA *dsa)
+	{
+	DSA_SIG *s;
+	s=DSA_do_sign(dgst,dlen,dsa);
+	if (s == NULL)
+		{
+		*siglen=0;
+		return(0);
+		}
+	*siglen=i2d_DSA_SIG(s,&sig);
+	DSA_SIG_free(s);
+	return(1);
+	}
+
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	{
 	BN_CTX *ctx;
-	BIGNUM *k=NULL,*kinv=NULL,*r=NULL;
+	BIGNUM k,*kinv=NULL,*r=NULL;
 	int ret=0;
 
 	if (ctx_in == NULL)
@@ -170,29 +162,33 @@ BIGNUM **rp;
 	else
 		ctx=ctx_in;
 
-	r=BN_new();
-	k=BN_new();
-	if ((r == NULL) || (k == NULL))
-		goto err;
+	BN_init(&k);
+	if ((r=BN_new()) == NULL) goto err;
 	kinv=NULL;
 
-	if (r == NULL) goto err;
-
 	/* Get random k */
 	for (;;)
 		{
-		if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;
-		if (BN_cmp(k,dsa->q) >= 0)
-			BN_sub(k,k,dsa->q);
-		if (!BN_is_zero(k)) break;
+		if (!BN_rand(&k, BN_num_bits(dsa->q), 1, 0)) goto err;
+		if (BN_cmp(&k,dsa->q) >= 0)
+			BN_sub(&k,&k,dsa->q);
+		if (!BN_is_zero(&k)) break;
+		}
+
+	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+		{
+		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
+				dsa->p,ctx)) goto err;
 		}
 
 	/* Compute r = (g^k mod p) mod q */
-	if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;
+	if (!BN_mod_exp_mont(r,dsa->g,&k,dsa->p,ctx,
+		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
 	if (!BN_mod(r,r,dsa->q,ctx)) goto err;
 
 	/* Compute  part of 's = inv(k) (m + xr) mod q' */
-	if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
+	if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
 
 	if (*kinvp != NULL) BN_clear_free(*kinvp);
 	*kinvp=kinv;
@@ -208,8 +204,8 @@ err:
 		if (r != NULL) BN_clear_free(r);
 		}
 	if (ctx_in == NULL) BN_CTX_free(ctx);
-	if (k != NULL) BN_clear_free(k);
 	if (kinv != NULL) BN_clear_free(kinv);
+	BN_clear_free(&k);
 	return(ret);
 	}
 
diff --git a/lib/libssl/src/crypto/dsa/dsa_vrf.c b/lib/libssl/src/crypto/dsa/dsa_vrf.c
index 0f860984edc..ff552208aa2 100644
--- a/lib/libssl/src/crypto/dsa/dsa_vrf.c
+++ b/lib/libssl/src/crypto/dsa/dsa_vrf.c
@@ -56,97 +56,105 @@
  * [including the GNU Public Licence.]
  */
 
-/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
-#include "dsa.h"
-#include "rand.h"
-#include "asn1.h"
-#include "asn1_mac.h"
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
 
-/* data has already been hashed (probably with SHA or SHA-1). */
-/* returns
- *	 1: correct signature
- *	 0: incorrect signature
- *	-1: error
- */
-int DSA_verify(type,dgst,dgst_len,sigbuf,siglen, dsa)
-int type;
-unsigned char *dgst;
-int dgst_len;
-unsigned char *sigbuf;
-int siglen;
-DSA *dsa;
+int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
+		  DSA *dsa)
 	{
-	/* The next 3 are used by the M_ASN1 macros */
-	long length=siglen;
-	ASN1_CTX c;
-	unsigned char **pp= &sigbuf;
 	BN_CTX *ctx;
-	BIGNUM *r=NULL;
-	BIGNUM *t1=NULL,*t2=NULL;
-	BIGNUM *u1=NULL,*u2=NULL;
-	ASN1_INTEGER *bs=NULL;
+	BIGNUM u1,u2,t1;
+	BN_MONT_CTX *mont=NULL;
 	int ret = -1;
 
-	ctx=BN_CTX_new();
-	if (ctx == NULL) goto err;
-
-	t1=BN_new();
-	t2=BN_new();
-	if (t1 == NULL || t2 == NULL) goto err;
-
-	M_ASN1_D2I_Init();
-	M_ASN1_D2I_start_sequence();
-        M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-        if ((r=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
-        M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
-        if ((u1=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
-	if (!asn1_Finish(&c)) goto err;
+	if ((ctx=BN_CTX_new()) == NULL) goto err;
+	BN_init(&u1);
+	BN_init(&u2);
+	BN_init(&t1);
 
 	/* Calculate W = inv(S) mod Q
 	 * save W in u2 */
-	if ((u2=BN_mod_inverse(u1,dsa->q,ctx)) == NULL) goto err_bn;
+	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
 
 	/* save M in u1 */
-	if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err_bn;
+	if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
 
 	/* u1 = M * w mod q */
-	if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err_bn;
+	if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
 
 	/* u2 = r * w mod q */
-	if (!BN_mod_mul(u2,r,u2,dsa->q,ctx)) goto err_bn;
+	if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
+
+	if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+		{
+		if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+			if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
+				dsa->p,ctx)) goto err;
+		}
+	mont=(BN_MONT_CTX *)dsa->method_mont_p;
+
+#if 0
+	{
+	BIGNUM t2;
 
+	BN_init(&t2);
 	/* v = ( g^u1 * y^u2 mod p ) mod q */
 	/* let t1 = g ^ u1 mod p */
-	if (!BN_mod_exp(t1,dsa->g,u1,dsa->p,ctx)) goto err_bn;
+	if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
 	/* let t2 = y ^ u2 mod p */
-	if (!BN_mod_exp(t2,dsa->pub_key,u2,dsa->p,ctx)) goto err_bn;
+	if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
 	/* let u1 = t1 * t2 mod p */
-	if (!BN_mod_mul(u1,t1,t2,dsa->p,ctx)) goto err_bn;
+	if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
+	BN_free(&t2);
+	}
 	/* let u1 = u1 mod q */
-	if (!BN_mod(u1,u1,dsa->q,ctx)) goto err_bn;
+	if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
+#else
+	{
+	if (!BN_mod_exp2_mont(&t1,dsa->g,&u1,dsa->pub_key,&u2,dsa->p,ctx,mont))
+		goto err;
+	/* BN_copy(&u1,&t1); */
+	/* let u1 = u1 mod q */
+	if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
+	}
+#endif
 	/* V is now in u1.  If the signature is correct, it will be
 	 * equal to R. */
-	ret=(BN_ucmp(u1, r) == 0);
-	if (0)
-		{
-err: /* ASN1 error */
-		DSAerr(DSA_F_DSA_VERIFY,c.error);
-		}
-	if (0)
-		{
-err_bn: /* BN error */
-		DSAerr(DSA_F_DSA_VERIFY,ERR_R_BN_LIB);
-		}
+	ret=(BN_ucmp(&u1, sig->r) == 0);
+
+	err:
+	if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
 	if (ctx != NULL) BN_CTX_free(ctx);
-	if (r != NULL) BN_free(r);
-	if (t1 != NULL) BN_free(t1);
-	if (t2 != NULL) BN_free(t2);
-	if (u1 != NULL) BN_free(u1);
-	if (u2 != NULL) BN_free(u2);
-	if (bs != NULL) ASN1_BIT_STRING_free(bs);
+	BN_free(&u1);
+	BN_free(&u2);
+	BN_free(&t1);
+	return(ret);
+	}
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* returns
+ *      1: correct signature
+ *      0: incorrect signature
+ *     -1: error
+ */
+int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
+	     unsigned char *sigbuf, int siglen, DSA *dsa)
+	{
+	DSA_SIG *s;
+	int ret=-1;
+
+	s = DSA_SIG_new();
+	if (s == NULL) return(ret);
+	if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
+	ret=DSA_do_verify(dgst,dgst_len,s,dsa);
+err:
+	DSA_SIG_free(s);
 	return(ret);
 	}
diff --git a/lib/libssl/src/crypto/dsa/dsagen.c b/lib/libssl/src/crypto/dsa/dsagen.c
index 20335de2506..a0b09766408 100644
--- a/lib/libssl/src/crypto/dsa/dsagen.c
+++ b/lib/libssl/src/crypto/dsa/dsagen.c
@@ -57,7 +57,7 @@
  */
 
 #include <stdio.h>
-#include "dsa.h"
+#include <openssl/dsa.h>
 
 #define TEST
 #define GENUINE_DSA
@@ -77,8 +77,7 @@ unsigned char seed[20]={
 	0xe0,0x42,0x7d,LAST_VALUE};
 #endif
 
-int cb(p,n)
-int p,n;
+int cb(int p, int n)
 	{
 	char c='*';
 
diff --git a/lib/libssl/src/crypto/dsa/dsatest.c b/lib/libssl/src/crypto/dsa/dsatest.c
index 39bb712c4a4..fc25c9a1b79 100644
--- a/lib/libssl/src/crypto/dsa/dsatest.c
+++ b/lib/libssl/src/crypto/dsa/dsatest.c
@@ -61,27 +61,30 @@
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-#include "crypto.h"
-#include "rand.h"
-#include "bio.h"
-#include "err.h"
-#include "dsa.h"
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
 #ifdef WINDOWS
 #include "../bio/bss_file.c"
 #endif
 
+#ifdef NO_DSA
+int main(int argc, char *argv[])
+{
+    printf("No DSA support\n");
+    return(0);
+}
+#else
+#include <openssl/dsa.h>
+
 #ifdef WIN16
 #define MS_CALLBACK     _far _loadds
 #else
 #define MS_CALLBACK
 #endif
 
-#ifndef NOPROTO
 static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
-#else
-static void MS_CALLBACK dsa_cb();
-#endif
-
 static unsigned char seed[20]={
 	0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
 	0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
@@ -115,20 +118,24 @@ static unsigned char out_g[]={
 	0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
 	};
 
+static const unsigned char str1[]="12345678901234567890";
+
 static BIO *bio_err=NULL;
 
-int main(argc, argv)
-int argc;
-char **argv;
+int main(int argc, char **argv)
 	{
 	DSA *dsa=NULL;
 	int counter,ret=0,i,j;
 	unsigned char buf[256];
 	unsigned long h;
+	unsigned char sig[256];
+	unsigned int siglen;
 
 	if (bio_err == NULL)
 		bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 
+	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
 	BIO_printf(bio_err,"test generation of DSA parameters\n");
 	BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n");
 	dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,
@@ -178,21 +185,21 @@ char **argv;
 		BIO_printf(bio_err,"g value is wrong\n");
 		goto end;
 		}
-
-	ret=1;
+	DSA_generate_key(dsa);
+	DSA_sign(0, str1, 20, sig, &siglen, dsa);
+	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
+		ret=1;
 end:
 	if (!ret)
 		ERR_print_errors(bio_err);
-	if (bio_err != NULL) BIO_free(bio_err);
 	if (dsa != NULL) DSA_free(dsa);
+	CRYPTO_mem_leaks(bio_err);
+	if (bio_err != NULL) BIO_free(bio_err);
 	exit(!ret);
 	return(0);
 	}
 
-static void MS_CALLBACK dsa_cb(p, n, arg)
-int p;
-int n;
-char *arg;
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg)
 	{
 	char c='*';
 	static int ok=0,num=0;
@@ -202,7 +209,7 @@ char *arg;
 	if (p == 2) { c='*'; ok++; }
 	if (p == 3) c='\n';
 	BIO_write((BIO *)arg,&c,1);
-	BIO_flush((BIO *)arg);
+	(void)BIO_flush((BIO *)arg);
 
 	if (!ok && (p == 0) && (num > 1))
 		{
@@ -210,5 +217,4 @@ char *arg;
 		exit(1);
 		}
 	}
-
-
+#endif
author	beck <beck@openbsd.org>	1999-09-29 04:35:07 +0000
committer	beck <beck@openbsd.org>	1999-09-29 04:35:07 +0000
commit	913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0 (patch)
tree	62c001f84cb6413a049c5c811a08bfbe7c747b77 /lib/libssl/src/crypto/dsa
parent	fix byte counters; imain@netidea.com (diff)
download	wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.tar.xz wireguard-openbsd-913ec974266f8a62ab2e5ca34a31d6e6f75b3cf0.zip