int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int,int,void *), BN_CTX *ctx_passed, void *cb_arg) { BN_GENCB cb; BN_GENCB_set_old(&cb, callback, cb_arg); return BN_is_prime_ex(a, checks, ctx_passed, &cb); }
NON_EMPTY_TRANSLATION_UNIT #else # include <stdio.h> # include <time.h> # include "internal/cryptlib.h" # include "bn_lcl.h" BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, const BIGNUM *add, const BIGNUM *rem, void (*callback) (int, int, void *), void *cb_arg) { BN_GENCB cb; BIGNUM *rnd = NULL; BN_GENCB_set_old(&cb, callback, cb_arg); if (ret == NULL) { if ((rnd = BN_new()) == NULL) goto err; } else rnd = ret; if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb)) goto err; /* we have a prime :-) */ return ret; err: BN_free(rnd); return NULL; }
static isc_result_t openssldsa_generate(dst_key_t *key, int unused, void (*callback)(int)) { DSA *dsa; unsigned char rand_array[ISC_SHA1_DIGESTLENGTH]; isc_result_t result; #if OPENSSL_VERSION_NUMBER > 0x00908000L BN_GENCB cb; union { void *dptr; void (*fptr)(int); } u; #else UNUSED(callback); #endif UNUSED(unused); result = dst__entropy_getdata(rand_array, sizeof(rand_array), ISC_FALSE); if (result != ISC_R_SUCCESS) return (result); #if OPENSSL_VERSION_NUMBER > 0x00908000L dsa = DSA_new(); if (dsa == NULL) return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); if (callback == NULL) { BN_GENCB_set_old(&cb, NULL, NULL); } else { u.fptr = callback; BN_GENCB_set(&cb, &progress_cb, u.dptr); } if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array, ISC_SHA1_DIGESTLENGTH, NULL, NULL, &cb)) { DSA_free(dsa); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } #else dsa = DSA_generate_parameters(key->key_size, rand_array, ISC_SHA1_DIGESTLENGTH, NULL, NULL, NULL, NULL); if (dsa == NULL) return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); #endif if (DSA_generate_key(dsa) == 0) { DSA_free(dsa); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } dsa->flags &= ~DSA_FLAG_CACHE_MONT_P; key->keydata.dsa = dsa; return (ISC_R_SUCCESS); }
RSA *RSA_generate_key(int bits, unsigned long e_value, void (*callback) (int, int, void *), void *cb_arg) { int i; BN_GENCB *cb = BN_GENCB_new(); RSA *rsa = RSA_new(); BIGNUM *e = BN_new(); if (cb == NULL || rsa == NULL || e == NULL) goto err; /* * The problem is when building with 8, 16, or 32 BN_ULONG, unsigned long * can be larger */ for (i = 0; i < (int)sizeof(unsigned long) * 8; i++) { if (e_value & (1UL << i)) if (BN_set_bit(e, i) == 0) goto err; } BN_GENCB_set_old(cb, callback, cb_arg); if (RSA_generate_key_ex(rsa, bits, e, cb)) { BN_free(e); BN_GENCB_free(cb); return rsa; } err: BN_free(e); RSA_free(rsa); BN_GENCB_free(cb); return 0; }
DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, void (*callback) (int, int, void *), void *cb_arg) { BN_GENCB *cb; DSA *ret; if ((ret = DSA_new()) == NULL) return NULL; cb = BN_GENCB_new(); if (cb == NULL) goto err; BN_GENCB_set_old(cb, callback, cb_arg); if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len, counter_ret, h_ret, cb)) { BN_GENCB_free(cb); return ret; } BN_GENCB_free(cb); err: DSA_free(ret); return NULL; }
BIGNUM * BN_generate_prime(BIGNUM *ret, int bits, int safe, const BIGNUM *add, const BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg) { BN_GENCB cb; BIGNUM *rnd = NULL; int found = 0; BN_GENCB_set_old(&cb, callback, cb_arg); if (ret == NULL) { if ((rnd = BN_new()) == NULL) goto err; } else rnd = ret; if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb)) goto err; /* we have a prime :-) */ found = 1; err: if (!found && (ret == NULL) && (rnd != NULL)) BN_free(rnd); return (found ? rnd : NULL); }
RSA *RSA_generate_key(int bits, unsigned long e_value, void (*callback)(int,int,void *), void *cb_arg) { BN_GENCB cb; int i; RSA *rsa = RSA_new(); BIGNUM *e = BN_new(); if(!rsa || !e) goto err; /* The problem is when building with 8, 16, or 32 BN_ULONG, * unsigned long can be larger */ for (i=0; i<(int)sizeof(unsigned long)*8; i++) { if (e_value & (1UL<<i)) BN_set_bit(e,i); } BN_GENCB_set_old(&cb, callback, cb_arg); if(RSA_generate_key_ex(rsa, bits, e, &cb)) { BN_free(e); return rsa; } err: if(e) BN_free(e); if(rsa) RSA_free(rsa); return 0; }
int BN_is_prime_fasttest(const BIGNUM *a, int checks, void (*callback) (int, int, void *), BN_CTX *ctx_passed, void *cb_arg, int do_trial_division) { BN_GENCB cb; BN_GENCB_set_old(&cb, callback, cb_arg); return BN_is_prime_fasttest_ex(a, checks, ctx_passed, do_trial_division, &cb); }
int RSA_X931_derive(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, void (*callback)(int, int, void *), void *cb_arg, const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, const BIGNUM *e) { BN_GENCB cb; BN_GENCB_set_old(&cb, callback, cb_arg); return RSA_X931_derive_ex(rsa, p1, p2, q1, q2, Xp1, Xp2, Xp, Xq1, Xq2, Xq, e, &cb); }
static isc_result_t openssldsa_generate(dst_key_t *key, int unused) { #if OPENSSL_VERSION_NUMBER > 0x00908000L BN_GENCB cb; #endif DSA *dsa; unsigned char rand_array[ISC_SHA1_DIGESTLENGTH]; isc_result_t result; UNUSED(unused); result = dst__entropy_getdata(rand_array, sizeof(rand_array), ISC_FALSE); if (result != ISC_R_SUCCESS) return (result); #if OPENSSL_VERSION_NUMBER > 0x00908000L dsa = DSA_new(); if (dsa == NULL) return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); BN_GENCB_set_old(&cb, NULL, NULL); if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array, ISC_SHA1_DIGESTLENGTH, NULL, NULL, &cb)) { DSA_free(dsa); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } #else dsa = DSA_generate_parameters(key->key_size, rand_array, ISC_SHA1_DIGESTLENGTH, NULL, NULL, NULL, NULL); if (dsa == NULL) return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); #endif if (DSA_generate_key(dsa) == 0) { DSA_free(dsa); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } dsa->flags &= ~DSA_FLAG_CACHE_MONT_P; key->opaque = dsa; return (ISC_R_SUCCESS); }
RSA *RSA_X931_generate_key(int bits, const BIGNUM *e, void (*callback)(int,int,void *), void *cb_arg) { BN_GENCB cb; int ret; RSA *rsa = RSA_new(); if (!rsa) return NULL; BN_GENCB_set_old(&cb, callback, cb_arg); ret = RSA_X931_generate_key_ex(rsa, bits, e, &cb); if (ret) return rsa; RSA_free(rsa); return NULL; }
DH *DH_generate_parameters(int prime_len, int generator, void (*callback)(int,int,void *), void *cb_arg) { BN_GENCB cb; DH *ret=NULL; if((ret=DH_new()) == NULL) return NULL; BN_GENCB_set_old(&cb, callback, cb_arg); if(DH_generate_parameters_ex(ret, prime_len, generator, &cb)) return ret; DH_free(ret); return NULL; }
NON_EMPTY_TRANSLATION_UNIT #else # include <stdio.h> # include <time.h> # include "internal/cryptlib.h" # include <openssl/bn.h> # include <openssl/rsa.h> RSA *RSA_generate_key(int bits, unsigned long e_value, void (*callback) (int, int, void *), void *cb_arg) { int i; BN_GENCB *cb = BN_GENCB_new(); RSA *rsa = RSA_new(); BIGNUM *e = BN_new(); if (cb == NULL || rsa == NULL || e == NULL) goto err; /* * The problem is when building with 8, 16, or 32 BN_ULONG, unsigned long * can be larger */ for (i = 0; i < (int)sizeof(unsigned long) * 8; i++) { if (e_value & (1UL << i)) if (BN_set_bit(e, i) == 0) goto err; } BN_GENCB_set_old(cb, callback, cb_arg); if (RSA_generate_key_ex(rsa, bits, e, cb)) { BN_free(e); BN_GENCB_free(cb); return rsa; } err: BN_free(e); RSA_free(rsa); BN_GENCB_free(cb); return 0; }
EXPORT_C DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *), void *cb_arg) { BN_GENCB cb; DSA *ret; if ((ret=DSA_new()) == NULL) return NULL; BN_GENCB_set_old(&cb, callback, cb_arg); if(DSA_generate_parameters_ex(ret, bits, seed_in, seed_len, counter_ret, h_ret, &cb)) return ret; DSA_free(ret); return NULL; }
NON_EMPTY_TRANSLATION_UNIT #else # include <stdio.h> # include <time.h> # include "internal/cryptlib.h" # include <openssl/evp.h> # include <openssl/bn.h> # include <openssl/dsa.h> # include <openssl/sha.h> DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, void (*callback) (int, int, void *), void *cb_arg) { BN_GENCB *cb; DSA *ret; if ((ret = DSA_new()) == NULL) return NULL; cb = BN_GENCB_new(); if (cb == NULL) goto err; BN_GENCB_set_old(cb, callback, cb_arg); if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len, counter_ret, h_ret, cb)) { BN_GENCB_free(cb); return ret; } BN_GENCB_free(cb); err: DSA_free(ret); return NULL; }
static isc_result_t openssldh_generate(dst_key_t *key, int generator, void (*callback)(int)) { DH *dh = NULL; #if OPENSSL_VERSION_NUMBER > 0x00908000L BN_GENCB *cb; #if OPENSSL_VERSION_NUMBER < 0x10100000L BN_GENCB _cb; #endif union { void *dptr; void (*fptr)(int); } u; #else UNUSED(callback); #endif if (generator == 0) { if (key->key_size == 768 || key->key_size == 1024 || key->key_size == 1536) { dh = DH_new(); if (dh == NULL) return (dst__openssl_toresult(ISC_R_NOMEMORY)); if (key->key_size == 768) dh->p = bn768; else if (key->key_size == 1024) dh->p = bn1024; else dh->p = bn1536; dh->g = bn2; } else generator = 2; } if (generator != 0) { #if OPENSSL_VERSION_NUMBER > 0x00908000L dh = DH_new(); if (dh == NULL) return (dst__openssl_toresult(ISC_R_NOMEMORY)); cb = BN_GENCB_new(); #if OPENSSL_VERSION_NUMBER >= 0x10100000L if (cb == NULL) { DH_free(dh); return (dst__openssl_toresult(ISC_R_NOMEMORY)); } #endif if (callback == NULL) { BN_GENCB_set_old(cb, NULL, NULL); } else { u.fptr = callback; BN_GENCB_set(cb, &progress_cb, u.dptr); } if (!DH_generate_parameters_ex(dh, key->key_size, generator, cb)) { DH_free(dh); BN_GENCB_free(cb); return (dst__openssl_toresult2( "DH_generate_parameters_ex", DST_R_OPENSSLFAILURE)); } BN_GENCB_free(cb); #else dh = DH_generate_parameters(key->key_size, generator, NULL, NULL); if (dh == NULL) return (dst__openssl_toresult2( "DH_generate_parameters", DST_R_OPENSSLFAILURE)); #endif } if (DH_generate_key(dh) == 0) { DH_free(dh); return (dst__openssl_toresult2("DH_generate_key", DST_R_OPENSSLFAILURE)); } dh->flags &= ~DH_FLAG_CACHE_MONT_P; key->keydata.dh = dh; return (ISC_R_SUCCESS); }
static isc_result_t opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) { #if OPENSSL_VERSION_NUMBER > 0x00908000L isc_result_t ret = DST_R_OPENSSLFAILURE; BN_GENCB cb; union { void *dptr; void (*fptr)(int); } u; RSA *rsa = RSA_new(); BIGNUM *e = BN_new(); #if USE_EVP EVP_PKEY *pkey = EVP_PKEY_new(); #endif if (rsa == NULL || e == NULL) goto err; #if USE_EVP if (pkey == NULL) goto err; if (!EVP_PKEY_set1_RSA(pkey, rsa)) goto err; #endif if (exp == 0) { /* RSA_F4 0x10001 */ BN_set_bit(e, 0); BN_set_bit(e, 16); } else { /* F5 0x100000001 */ BN_set_bit(e, 0); BN_set_bit(e, 32); } if (callback == NULL) { BN_GENCB_set_old(&cb, NULL, NULL); } else { u.fptr = callback; BN_GENCB_set(&cb, &progress_cb, u.dptr); } if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) { BN_free(e); SET_FLAGS(rsa); #if USE_EVP key->keydata.pkey = pkey; RSA_free(rsa); #else key->keydata.rsa = rsa; #endif return (ISC_R_SUCCESS); } ret = dst__openssl_toresult2("RSA_generate_key_ex", DST_R_OPENSSLFAILURE); err: #if USE_EVP if (pkey != NULL) EVP_PKEY_free(pkey); #endif if (e != NULL) BN_free(e); if (rsa != NULL) RSA_free(rsa); return (dst__openssl_toresult(ret)); #else RSA *rsa; unsigned long e; #if USE_EVP EVP_PKEY *pkey = EVP_PKEY_new(); UNUSED(callback); if (pkey == NULL) return (ISC_R_NOMEMORY); #else UNUSED(callback); #endif if (exp == 0) e = RSA_F4; else e = 0x40000003; rsa = RSA_generate_key(key->key_size, e, NULL, NULL); if (rsa == NULL) { #if USE_EVP EVP_PKEY_free(pkey); #endif return (dst__openssl_toresult2("RSA_generate_key", DST_R_OPENSSLFAILURE)); } SET_FLAGS(rsa); #if USE_EVP if (!EVP_PKEY_set1_RSA(pkey, rsa)) { EVP_PKEY_free(pkey); RSA_free(rsa); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } key->keydata.pkey = pkey; RSA_free(rsa); #else key->keydata.rsa = rsa; #endif return (ISC_R_SUCCESS); #endif }
static isc_result_t opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) { #if OPENSSL_VERSION_NUMBER > 0x00908000L isc_result_t ret = DST_R_OPENSSLFAILURE; union { void *dptr; void (*fptr)(int); } u; RSA *rsa = RSA_new(); BIGNUM *e = BN_new(); #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) BN_GENCB _cb; #endif BN_GENCB *cb = BN_GENCB_new(); #if USE_EVP EVP_PKEY *pkey = EVP_PKEY_new(); #endif /* * Reject incorrect RSA key lengths. */ switch (key->key_alg) { case DST_ALG_RSAMD5: case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: /* From RFC 3110 */ if (key->key_size > 4096) goto err; break; case DST_ALG_RSASHA256: /* From RFC 5702 */ if ((key->key_size < 512) || (key->key_size > 4096)) goto err; break; case DST_ALG_RSASHA512: /* From RFC 5702 */ if ((key->key_size < 1024) || (key->key_size > 4096)) goto err; break; default: INSIST(0); } if (rsa == NULL || e == NULL || cb == NULL) goto err; #if USE_EVP if (pkey == NULL) goto err; if (!EVP_PKEY_set1_RSA(pkey, rsa)) goto err; #endif if (exp == 0) { /* RSA_F4 0x10001 */ BN_set_bit(e, 0); BN_set_bit(e, 16); } else { /* (phased-out) F5 0x100000001 */ BN_set_bit(e, 0); BN_set_bit(e, 32); } if (callback == NULL) { BN_GENCB_set_old(cb, NULL, NULL); } else { u.fptr = callback; BN_GENCB_set(cb, &progress_cb, u.dptr); } if (RSA_generate_key_ex(rsa, key->key_size, e, cb)) { BN_free(e); BN_GENCB_free(cb); SET_FLAGS(rsa); #if USE_EVP key->keydata.pkey = pkey; RSA_free(rsa); #else key->keydata.rsa = rsa; #endif return (ISC_R_SUCCESS); } BN_GENCB_free(cb); ret = dst__openssl_toresult2("RSA_generate_key_ex", DST_R_OPENSSLFAILURE); err: #if USE_EVP if (pkey != NULL) EVP_PKEY_free(pkey); #endif if (e != NULL) BN_free(e); if (rsa != NULL) RSA_free(rsa); if (cb != NULL) BN_GENCB_free(cb); return (dst__openssl_toresult(ret)); #else RSA *rsa; unsigned long e; #if USE_EVP EVP_PKEY *pkey = EVP_PKEY_new(); UNUSED(callback); if (pkey == NULL) return (ISC_R_NOMEMORY); #else UNUSED(callback); #endif if (exp == 0) e = RSA_F4; else e = 0x40000003; rsa = RSA_generate_key(key->key_size, e, NULL, NULL); if (rsa == NULL) { #if USE_EVP EVP_PKEY_free(pkey); #endif return (dst__openssl_toresult2("RSA_generate_key", DST_R_OPENSSLFAILURE)); } SET_FLAGS(rsa); #if USE_EVP if (!EVP_PKEY_set1_RSA(pkey, rsa)) { EVP_PKEY_free(pkey); RSA_free(rsa); return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); } key->keydata.pkey = pkey; RSA_free(rsa); #else key->keydata.rsa = rsa; #endif return (ISC_R_SUCCESS); #endif }