DSA *DSA_new_method(ENGINE *engine) { DSA *ret; ret = (DSA *)OPENSSL_malloc(sizeof(DSA)); if (ret == NULL) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE); return (NULL); } ret->meth = DSA_get_default_method(); #ifndef OPENSSL_NO_ENGINE if (engine) { if (!ENGINE_init(engine)) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); OPENSSL_free(ret); return NULL; } ret->engine = engine; } else ret->engine = ENGINE_get_default_DSA(); if (ret->engine) { ret->meth = ENGINE_get_DSA(ret->engine); if (!ret->meth) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); OPENSSL_free(ret); return NULL; } } #endif ret->pad = 0; ret->version = 0; ret->write_params = 1; ret->p = NULL; ret->q = NULL; ret->g = NULL; ret->pub_key = NULL; ret->priv_key = NULL; ret->kinv = NULL; ret->r = NULL; ret->method_mont_p = NULL; ret->references = 1; ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { #ifndef OPENSSL_NO_ENGINE if (ret->engine) ENGINE_finish(ret->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); OPENSSL_free(ret); ret = NULL; } return (ret); }
DSA * DSA_new(void) { DSA *dsa = calloc(1, sizeof(*dsa)); dsa->meth = rk_UNCONST(DSA_get_default_method()); dsa->references = 1; return dsa; }
// Key factory bool OSSLDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(DSAParameters::type)) { ERROR_MSG("Invalid parameters supplied for DSA key generation"); return false; } DSAParameters* params = (DSAParameters*) parameters; // Generate the key-pair DSA* dsa = DSA_new(); if (dsa == NULL) { ERROR_MSG("Failed to instantiate OpenSSL DSA object"); return false; } // Use the OpenSSL implementation and not any engine DSA_set_method(dsa, DSA_get_default_method()); dsa->p = OSSL::byteString2bn(params->getP()); dsa->q = OSSL::byteString2bn(params->getQ()); dsa->g = OSSL::byteString2bn(params->getG()); if (DSA_generate_key(dsa) != 1) { ERROR_MSG("DSA key generation failed (0x%08X)", ERR_get_error()); DSA_free(dsa); return false; } // Create an asymmetric key-pair object to return OSSLDSAKeyPair* kp = new OSSLDSAKeyPair(); ((OSSLDSAPublicKey*) kp->getPublicKey())->setFromOSSL(dsa); ((OSSLDSAPrivateKey*) kp->getPrivateKey())->setFromOSSL(dsa); *ppKeyPair = kp; // Release the key DSA_free(dsa); return true; }
DSA *DSA_new_method(ENGINE *engine) { DSA *ret; ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE); return NULL; } ret->meth = DSA_get_default_method(); #ifndef OPENSSL_NO_ENGINE if (engine) { if (!ENGINE_init(engine)) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); OPENSSL_free(ret); return NULL; } ret->engine = engine; } else ret->engine = ENGINE_get_default_DSA(); if (ret->engine) { ret->meth = ENGINE_get_DSA(ret->engine); if (ret->meth == NULL) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); OPENSSL_free(ret); return NULL; } } #endif ret->references = 1; ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { #ifndef OPENSSL_NO_ENGINE ENGINE_finish(ret->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); OPENSSL_free(ret); return NULL; } if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { DSA_free(ret); ret = NULL; } return ret; }
/* * This internal function is used by ENGINE_openssl() and possibly by the * "dynamic" ENGINE support too */ static int bind_helper(ENGINE *e) { if (!ENGINE_set_id(e, engine_openssl_id) || !ENGINE_set_name(e, engine_openssl_name) || !ENGINE_set_destroy_function(e, openssl_destroy) #ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS # ifndef OPENSSL_NO_RSA || !ENGINE_set_RSA(e, RSA_get_default_method()) # endif # ifndef OPENSSL_NO_DSA || !ENGINE_set_DSA(e, DSA_get_default_method()) # endif # ifndef OPENSSL_NO_EC || !ENGINE_set_EC(e, EC_KEY_OpenSSL()) # endif # ifndef OPENSSL_NO_DH || !ENGINE_set_DH(e, DH_get_default_method()) # endif || !ENGINE_set_RAND(e, RAND_OpenSSL()) # ifdef TEST_ENG_OPENSSL_RC4 || !ENGINE_set_ciphers(e, openssl_ciphers) # endif # ifdef TEST_ENG_OPENSSL_SHA || !ENGINE_set_digests(e, openssl_digests) # endif #endif #ifdef TEST_ENG_OPENSSL_PKEY || !ENGINE_set_load_privkey_function(e, openssl_load_privkey) #endif #ifdef TEST_ENG_OPENSSL_HMAC || !ossl_register_hmac_meth() || !ENGINE_set_pkey_meths(e, ossl_pkey_meths) #endif ) return 0; /* * If we add errors to this ENGINE, ensure the error handling is setup * here */ /* openssl_load_error_strings(); */ return 1; }
/* This internal function is used by ENGINE_openssl() and possibly by the * "dynamic" ENGINE support too */ static int bind_helper(ENGINE *e) { if(!ENGINE_set_id(e, engine_openssl_id) || !ENGINE_set_name(e, engine_openssl_name) #ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS #ifndef OPENSSL_NO_RSA || !ENGINE_set_RSA(e, RSA_get_default_method()) #endif #ifndef OPENSSL_NO_DSA || !ENGINE_set_DSA(e, DSA_get_default_method()) #endif #ifndef OPENSSL_NO_ECDH || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) #endif #ifndef OPENSSL_NO_ECDSA || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) #endif #ifndef OPENSSL_NO_DH || !ENGINE_set_DH(e, DH_get_default_method()) #endif || !ENGINE_set_RAND(e, RAND_SSLeay()) #ifdef TEST_ENG_OPENSSL_RC4 || !ENGINE_set_ciphers(e, openssl_ciphers) #endif #ifdef TEST_ENG_OPENSSL_SHA || !ENGINE_set_digests(e, openssl_digests) #endif #endif //MS: #ifndef OPENSSL_NO_STDIO #ifdef TEST_ENG_OPENSSL_PKEY || !ENGINE_set_load_privkey_function(e, openssl_load_privkey) #endif #endif ) return 0; /* If we add errors to this ENGINE, ensure the error handling is setup here */ /* openssl_load_error_strings(); */ return 1; }
DSA *DSA_new_method(DSA_METHOD *meth) { DSA *ret; ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); if (ret == NULL) { DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE); return(NULL); } if(meth) ret->meth = meth; else ret->meth = DSA_get_default_method(); ret->pad=0; ret->version=0; ret->write_params=1; ret->p=NULL; ret->q=NULL; ret->g=NULL; ret->pub_key=NULL; ret->priv_key=NULL; ret->kinv=NULL; ret->r=NULL; ret->method_mont_p=NULL; ret->references=1; ret->flags=ret->meth->flags; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { OPENSSL_free(ret); ret=NULL; } else CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); return(ret); }
PKCS11H_BOOL _pkcs11h_openssl_initialize (void) { PKCS11H_BOOL ret = FALSE; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: _pkcs11h_openssl_initialize - entered" ); #ifndef OPENSSL_NO_RSA if (__openssl_methods.rsa != NULL) { RSA_meth_free (__openssl_methods.rsa); } if ((__openssl_methods.rsa = RSA_meth_dup (RSA_get_default_method ())) == NULL) { goto cleanup; } RSA_meth_set1_name (__openssl_methods.rsa, "pkcs11h"); RSA_meth_set_priv_dec (__openssl_methods.rsa, __pkcs11h_openssl_rsa_dec); RSA_meth_set_priv_enc (__openssl_methods.rsa, __pkcs11h_openssl_rsa_enc); RSA_meth_set_flags (__openssl_methods.rsa, RSA_METHOD_FLAG_NO_CHECK | RSA_FLAG_EXT_PKEY); __openssl_methods.rsa_index = RSA_get_ex_new_index ( 0, "pkcs11h", NULL, __pkcs11h_openssl_ex_data_dup, __pkcs11h_openssl_ex_data_free ); #endif #ifndef OPENSSL_NO_DSA if (__openssl_methods.dsa != NULL) { DSA_meth_free (__openssl_methods.dsa); } __openssl_methods.dsa = DSA_meth_dup (DSA_get_default_method ()); DSA_meth_set1_name (__openssl_methods.dsa, "pkcs11h"); DSA_meth_set_sign (__openssl_methods.dsa, __pkcs11h_openssl_dsa_do_sign); __openssl_methods.dsa_index = DSA_get_ex_new_index ( 0, "pkcs11h", NULL, __pkcs11h_openssl_ex_data_dup, __pkcs11h_openssl_ex_data_free ); #endif #ifdef __ENABLE_EC if (__openssl_methods.ecdsa != NULL) { ECDSA_METHOD_free(__openssl_methods.ecdsa); } __openssl_methods.ecdsa = ECDSA_METHOD_new ((ECDSA_METHOD *)ECDSA_get_default_method ()); ECDSA_METHOD_set_name(__openssl_methods.ecdsa, "pkcs11h"); ECDSA_METHOD_set_sign(__openssl_methods.ecdsa, __pkcs11h_openssl_ecdsa_do_sign); __openssl_methods.ecdsa_index = ECDSA_get_ex_new_index ( 0, "pkcs11h", NULL, __pkcs11h_openssl_ex_data_dup, __pkcs11h_openssl_ex_data_free ); #endif ret = TRUE; cleanup: _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: _pkcs11h_openssl_initialize - return %d", ret ); return ret; }
/* This internal function is used by ENGINE_aep() and possibly by the * "dynamic" ENGINE support too */ static int bind_aep(ENGINE *e) { #ifndef OPENSSL_NO_RSA const RSA_METHOD *meth1; #endif #ifndef OPENSSL_NO_DSA const DSA_METHOD *meth2; #endif #ifndef OPENSSL_NO_DH const DH_METHOD *meth3; #endif if(!ENGINE_set_id(e, engine_aep_id) || !ENGINE_set_name(e, engine_aep_name) || #ifndef OPENSSL_NO_RSA !ENGINE_set_RSA(e, &aep_rsa) || #endif #ifndef OPENSSL_NO_DSA !ENGINE_set_DSA(e, &aep_dsa) || #endif #ifndef OPENSSL_NO_DH !ENGINE_set_DH(e, &aep_dh) || #endif #ifdef AEPRAND !ENGINE_set_RAND(e, &aep_random) || #endif !ENGINE_set_init_function(e, aep_init) || !ENGINE_set_destroy_function(e, aep_destroy) || !ENGINE_set_finish_function(e, aep_finish) || !ENGINE_set_ctrl_function(e, aep_ctrl) || !ENGINE_set_cmd_defns(e, aep_cmd_defns)) return 0; #ifndef OPENSSL_NO_RSA /* We know that the "PKCS1_SSLeay()" functions hook properly * to the aep-specific mod_exp and mod_exp_crt so we use * those functions. NB: We don't use ENGINE_openssl() or * anything "more generic" because something like the RSAref * code may not hook properly, and if you own one of these * cards then you have the right to do RSA operations on it * anyway! */ meth1 = RSA_PKCS1_SSLeay(); aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc; aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec; aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc; aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec; #endif #ifndef OPENSSL_NO_DSA /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish * bits. */ meth2 = DSA_OpenSSL(); aep_dsa.dsa_do_sign = meth2->dsa_do_sign; aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup; aep_dsa.dsa_do_verify = meth2->dsa_do_verify; aep_dsa = *DSA_get_default_method(); aep_dsa.dsa_mod_exp = aep_dsa_mod_exp; aep_dsa.bn_mod_exp = aep_mod_exp_dsa; #endif #ifndef OPENSSL_NO_DH /* Much the same for Diffie-Hellman */ meth3 = DH_OpenSSL(); aep_dh.generate_key = meth3->generate_key; aep_dh.compute_key = meth3->compute_key; aep_dh.bn_mod_exp = meth3->bn_mod_exp; #endif /* Ensure the aep error handling is set up */ ERR_load_AEPHK_strings(); return 1; }