summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2011-02-13 19:45:41 +0100
committerDr. Stephen Henson <steve@openssl.org>2011-02-13 19:45:41 +0100
commite990b4f838eaa649a1849d25db5be2236632fe34 (patch)
treeb099e52a8c5e3d6057a0ee8090bf81dc9660a016
parentChange FIPS source and utilities to use the "FIPS_" names directly (diff)
downloadopenssl-e990b4f838eaa649a1849d25db5be2236632fe34.tar.xz
openssl-e990b4f838eaa649a1849d25db5be2236632fe34.zip
Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.
-rw-r--r--Makefile.fips2
-rw-r--r--Makefile.org2
-rw-r--r--crypto/dsa/dsa_asn1.c2
-rw-r--r--crypto/dsa/dsa_ossl.c3
-rw-r--r--crypto/dsa/dsa_sign.c24
-rw-r--r--fips/dsa/fips_dsa_lib.c23
-rw-r--r--fips/dsa/fips_dsa_selftest.c2
-rw-r--r--fips/dsa/fips_dsatest.c2
-rw-r--r--fips/dsa/fips_dssvs.c2
-rw-r--r--fips/fips.c2
-rw-r--r--fips/fips.h3
-rw-r--r--fips/fips_test_suite.c2
12 files changed, 33 insertions, 36 deletions
diff --git a/Makefile.fips b/Makefile.fips
index d6d373fed7..f9cc5afab6 100644
--- a/Makefile.fips
+++ b/Makefile.fips
@@ -308,8 +308,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
../crypto/dsa/dsa_gen.o \
../crypto/dsa/dsa_key.o \
../crypto/dsa/dsa_ossl.o \
- ../crypto/dsa/dsa_sign.o \
- ../crypto/dsa/dsa_vrf.o \
../crypto/evp/e_aes.o \
../crypto/evp/e_des3.o \
../crypto/evp/m_sha1.o \
diff --git a/Makefile.org b/Makefile.org
index 89fa394546..4cdd60bc04 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -307,8 +307,6 @@ FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \
../crypto/dsa/dsa_gen.o \
../crypto/dsa/dsa_key.o \
../crypto/dsa/dsa_ossl.o \
- ../crypto/dsa/dsa_sign.o \
- ../crypto/dsa/dsa_vrf.o \
../crypto/evp/e_aes.o \
../crypto/evp/e_des3.o \
../crypto/evp/m_sha1.o \
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 6058534374..9e441fa0db 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -88,7 +88,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG)
+IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
/* Override the default free and new methods */
static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 8fa39e9281..f1512a40dd 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -173,7 +173,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
redo:
if ((dsa->kinv == NULL) || (dsa->r == NULL))
{
- if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
+ if (!dsa->meth->dsa_sign_setup(dsa,ctx,&kinv,&r)) goto err;
}
else
{
@@ -199,7 +199,6 @@ redo:
if (BN_cmp(s,dsa->q) > 0)
if (!BN_sub(s,s,dsa->q)) goto err;
if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
-
ret=DSA_SIG_new();
if (ret == NULL) goto err;
/* Redo if r or s is zero as required by FIPS 186-3: this is
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index d983471e3b..599093a4a8 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -74,27 +74,3 @@ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
}
-
-DSA_SIG *DSA_SIG_new(void)
- {
- DSA_SIG *sig;
- sig = OPENSSL_malloc(sizeof(DSA_SIG));
- if (!sig)
- return NULL;
- sig->r = NULL;
- sig->s = NULL;
- return sig;
- }
-
-void DSA_SIG_free(DSA_SIG *sig)
- {
- if (sig)
- {
- if (sig->r)
- BN_free(sig->r);
- if (sig->s)
- BN_free(sig->s);
- OPENSSL_free(sig);
- }
- }
-
diff --git a/fips/dsa/fips_dsa_lib.c b/fips/dsa/fips_dsa_lib.c
index 06f8cabfee..2e2f192aff 100644
--- a/fips/dsa/fips_dsa_lib.c
+++ b/fips/dsa/fips_dsa_lib.c
@@ -96,3 +96,26 @@ void FIPS_dsa_free(DSA *r)
OPENSSL_free(r);
}
+DSA_SIG *FIPS_dsa_sig_new(void)
+ {
+ DSA_SIG *sig;
+ sig = OPENSSL_malloc(sizeof(DSA_SIG));
+ if (!sig)
+ return NULL;
+ sig->r = NULL;
+ sig->s = NULL;
+ return sig;
+ }
+
+void FIPS_dsa_sig_free(DSA_SIG *sig)
+ {
+ if (sig)
+ {
+ if (sig->r)
+ BN_free(sig->r);
+ if (sig->s)
+ BN_free(sig->s);
+ OPENSSL_free(sig);
+ }
+ }
+
diff --git a/fips/dsa/fips_dsa_selftest.c b/fips/dsa/fips_dsa_selftest.c
index 2fbdad5d47..ee225906bd 100644
--- a/fips/dsa/fips_dsa_selftest.c
+++ b/fips/dsa/fips_dsa_selftest.c
@@ -156,7 +156,7 @@ int FIPS_selftest_dsa()
if (dsa)
FIPS_dsa_free(dsa);
if (dsig)
- DSA_SIG_free(dsig);
+ FIPS_dsa_sig_free(dsig);
if (ret == 0)
FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED);
return ret;
diff --git a/fips/dsa/fips_dsatest.c b/fips/dsa/fips_dsatest.c
index 9294286c75..3e773687a1 100644
--- a/fips/dsa/fips_dsatest.c
+++ b/fips/dsa/fips_dsatest.c
@@ -231,7 +231,7 @@ int main(int argc, char **argv)
end:
if (sig)
- DSA_SIG_free(sig);
+ FIPS_dsa_sig_free(sig);
if (dsa != NULL) FIPS_dsa_free(dsa);
FIPS_md_ctx_cleanup(&mctx);
#if 0
diff --git a/fips/dsa/fips_dssvs.c b/fips/dsa/fips_dssvs.c
index 9ee0ccc95f..ff7f8139b3 100644
--- a/fips/dsa/fips_dssvs.c
+++ b/fips/dsa/fips_dssvs.c
@@ -548,7 +548,7 @@ static void siggen()
pbn("R",sig->r);
pbn("S",sig->s);
putc('\n',stdout);
- DSA_SIG_free(sig);
+ FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
}
}
diff --git a/fips/fips.c b/fips/fips.c
index 3d745557fc..51696b5e7c 100644
--- a/fips/fips.c
+++ b/fips/fips.c
@@ -498,7 +498,7 @@ int fips_pkey_signature_test(EVP_PKEY *pkey,
error:
if (dsig != NULL)
- DSA_SIG_free(dsig);
+ FIPS_dsa_sig_free(dsig);
if (sig != sigtmp)
OPENSSL_free(sig);
FIPS_md_ctx_cleanup(&mctx);
diff --git a/fips/fips.h b/fips/fips.h
index 9d7c37096d..facdbc725c 100644
--- a/fips/fips.h
+++ b/fips/fips.h
@@ -147,6 +147,9 @@ void FIPS_set_locking_callback(void (*func)(int mode, int type,
#define EVP_CIPHER_CTX_new FIPS_cipher_ctx_new
#define EVP_CIPHER_CTX_free FIPS_cipher_ctx_free
+#define DSA_SIG_new FIPS_dsa_sig_new
+#define DSA_SIG_free FIPS_dsa_sig_free
+
#endif
/* BEGIN ERROR CODES */
diff --git a/fips/fips_test_suite.c b/fips/fips_test_suite.c
index a06c86260f..392a889ca0 100644
--- a/fips/fips_test_suite.c
+++ b/fips/fips_test_suite.c
@@ -131,7 +131,7 @@ static int FIPS_dsa_test(int bad)
r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
end:
if (sig)
- DSA_SIG_free(sig);
+ FIPS_dsa_sig_free(sig);
FIPS_md_ctx_cleanup(&mctx);
if (dsa)
FIPS_dsa_free(dsa);