X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fdh%2Fdh_lib.c;h=9167d69ea8d6214dbeca72b743dd13872ddea764;hp=6c21463028a7f1d9301e02022858c0da1c2f092b;hb=f3f1cf8444f439c0be9de04bf3821a20d00fd956;hpb=90644dd74d5c5262831bb0be73e1226778099924

diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index 6c21463028..9167d69ea8 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -1,25 +1,24 @@
-/* crypto/dh/dh_lib.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
- * 
+ *
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
  * apply to all code found in this distribution, be it the RC4, RSA,
  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
  * included with this distribution is covered by the same copyright terms
  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
+ *
  * Copyright remains Eric Young's, and as such any Copyright notices in
  * the code are not to be removed.
  * If this package is used in a product, Eric Young should be given attribution
  * as the author of the parts of the library used.
  * This can be in the form of a textual message at program startup or
  * in documentation (online or textual) provided with the package.
- * 
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,10 +33,10 @@
  *     Eric Young (eay@cryptsoft.com)"
  *    The word 'cryptographic' can be left out if the rouines from the library
  *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
+ * 4. If you include any Windows specific code (or a derivative thereof) from
  *    the apps directory (application code) you must include an acknowledgement:
  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
+ *
  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +48,7 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- * 
+ *
  * The licence and distribution terms for any publically available version or
  * derivative of this code cannot be changed.  i.e. this code cannot simply be
  * copied and put under another distribution licence
@@ -57,131 +56,169 @@
  */
 
 #include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
 #include <openssl/bn.h>
 #include <openssl/dh.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
 
-const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
-
-static DH_METHOD *default_DH_method;
-static int dh_meth_num = 0;
-static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;
+static const DH_METHOD *default_DH_method = NULL;
 
-void DH_set_default_method(DH_METHOD *meth)
+void DH_set_default_method(const DH_METHOD *meth)
 {
-	default_DH_method = meth;
+    default_DH_method = meth;
 }
 
-DH_METHOD *DH_get_default_method(void)
+const DH_METHOD *DH_get_default_method(void)
 {
-	if(!default_DH_method) default_DH_method = DH_OpenSSL();
-	return default_DH_method;
+    if (!default_DH_method)
+        default_DH_method = DH_OpenSSL();
+    return default_DH_method;
 }
 
-DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth)
+int DH_set_method(DH *dh, const DH_METHOD *meth)
 {
-        DH_METHOD *mtmp;
-        mtmp = dh->meth;
-        if (mtmp->finish) mtmp->finish(dh);
-        dh->meth = meth;
-        if (meth->init) meth->init(dh);
-        return mtmp;
+    /*
+     * NB: The caller is specifically setting a method, so it's not up to us
+     * to deal with which ENGINE it comes from.
+     */
+    const DH_METHOD *mtmp;
+    mtmp = dh->meth;
+    if (mtmp->finish)
+        mtmp->finish(dh);
+#ifndef OPENSSL_NO_ENGINE
+    if (dh->engine) {
+        ENGINE_finish(dh->engine);
+        dh->engine = NULL;
+    }
+#endif
+    dh->meth = meth;
+    if (meth->init)
+        meth->init(dh);
+    return 1;
 }
 
 DH *DH_new(void)
 {
-	return DH_new_method(NULL);
+    return DH_new_method(NULL);
 }
 
-DH *DH_new_method(DH_METHOD *meth)
-	{
-	DH *ret;
-	ret=(DH *)Malloc(sizeof(DH));
-
-	if (ret == NULL)
-		{
-		DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
-		return(NULL);
-		}
-	if(!default_DH_method) default_DH_method = DH_OpenSSL();
-	if(meth) ret->meth = meth;
-	else ret->meth = default_DH_method;
-	ret->pad=0;
-	ret->version=0;
-	ret->p=NULL;
-	ret->g=NULL;
-	ret->length=0;
-	ret->pub_key=NULL;
-	ret->priv_key=NULL;
-	ret->q=NULL;
-	ret->j=NULL;
-	ret->seed = NULL;
-	ret->seedlen = 0;
-	ret->counter = NULL;
-	ret->method_mont_p=NULL;
-	ret->references = 1;
-	ret->flags=ret->meth->flags;
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
-		{
-		Free(ret);
-		ret=NULL;
-		}
-	else
-		CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data);
-	return(ret);
-	}
+DH *DH_new_method(ENGINE *engine)
+{
+    DH *ret = OPENSSL_zalloc(sizeof(*ret));
+
+    if (ret == NULL) {
+        DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    ret->meth = DH_get_default_method();
+#ifndef OPENSSL_NO_ENGINE
+    if (engine) {
+        if (!ENGINE_init(engine)) {
+            DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+        ret->engine = engine;
+    } else
+        ret->engine = ENGINE_get_default_DH();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_DH(ret->engine);
+        if (!ret->meth) {
+            DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
+#endif
+
+    ret->references = 1;
+    ret->flags = ret->meth->flags;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+#ifndef OPENSSL_NO_ENGINE
+        if (ret->engine)
+            ENGINE_finish(ret->engine);
+#endif
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
 
 void DH_free(DH *r)
-	{
-	int i;
-	if(r == NULL) return;
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
-#ifdef REF_PRINT
-	REF_PRINT("DH",r);
-#endif
-	if (i > 0) return;
-#ifdef REF_CHECK
-	if (i < 0)
-		{
-		fprintf(stderr,"DH_free, bad reference count\n");
-		abort();
-	}
+{
+    int i;
+
+    if (r == NULL)
+        return;
+    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
+    REF_PRINT_COUNT("DH", r);
+    if (i > 0)
+        return;
+    REF_ASSERT_ISNT(i < 0);
+
+    if (r->meth->finish)
+        r->meth->finish(r);
+#ifndef OPENSSL_NO_ENGINE
+    if (r->engine)
+        ENGINE_finish(r->engine);
 #endif
 
-	CRYPTO_free_ex_data(dh_meth, r, &r->ex_data);
-
-	if(r->meth->finish) r->meth->finish(r);
-
-	if (r->p != NULL) BN_clear_free(r->p);
-	if (r->g != NULL) BN_clear_free(r->g);
-	if (r->q != NULL) BN_clear_free(r->q);
-	if (r->j != NULL) BN_clear_free(r->j);
-	if (r->seed) Free(r->seed);
-	if (r->counter != NULL) BN_clear_free(r->counter);
-	if (r->pub_key != NULL) BN_clear_free(r->pub_key);
-	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
-	Free(r);
-	}
-
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-        {
-	dh_meth_num++;
-	return(CRYPTO_get_ex_new_index(dh_meth_num-1,
-		&dh_meth,argl,argp,new_func,dup_func,free_func));
-        }
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
+
+    BN_clear_free(r->p);
+    BN_clear_free(r->g);
+    BN_clear_free(r->q);
+    BN_clear_free(r->j);
+    OPENSSL_free(r->seed);
+    BN_clear_free(r->counter);
+    BN_clear_free(r->pub_key);
+    BN_clear_free(r->priv_key);
+    OPENSSL_free(r);
+}
+
+int DH_up_ref(DH *r)
+{
+    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
+
+    REF_PRINT_COUNT("DH", r);
+    REF_ASSERT_ISNT(i < 2);
+    return ((i > 1) ? 1 : 0);
+}
 
 int DH_set_ex_data(DH *d, int idx, void *arg)
-	{
-	return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
-	}
+{
+    return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
+}
 
 void *DH_get_ex_data(DH *d, int idx)
-	{
-	return(CRYPTO_get_ex_data(&d->ex_data,idx));
-	}
-
-int DH_size(DH *dh)
-	{
-	return(BN_num_bytes(dh->p));
-	}
+{
+    return (CRYPTO_get_ex_data(&d->ex_data, idx));
+}
+
+int DH_bits(const DH *dh)
+{
+    return BN_num_bits(dh->p);
+}
+
+int DH_size(const DH *dh)
+{
+    return (BN_num_bytes(dh->p));
+}
+
+int DH_security_bits(const DH *dh)
+{
+    int N;
+    if (dh->q)
+        N = BN_num_bits(dh->q);
+    else if (dh->length)
+        N = dh->length;
+    else
+        N = -1;
+    return BN_security_bits(BN_num_bits(dh->p), N);
+}