openssldh_link.c revision 289ae548d52bc8f982d9823af64cafda7bd92232
/*
* Portions Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
* Portions Copyright (C) 1995-2000 by Network Associates, Inc.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
* ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Principal Author: Brian Wellington
* $Id: openssldh_link.c,v 1.7 2006/12/04 01:52:46 marka Exp $
*/
#ifdef OPENSSL
#include <config.h>
#include <ctype.h>
#include "dst_internal.h"
#include "dst_openssl.h"
#include "dst_parse.h"
#define PRIME768 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088" \
"A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25" \
"F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF"
#define PRIME1024 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" \
"8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF2" \
"5F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406" \
"B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF"
#define PRIME1536 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
"670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF"
static isc_result_t
{
int ret;
isc_region_t r;
unsigned int len;
return (ISC_R_NOSPACE);
if (ret == 0)
return (dst__openssl_toresult(DST_R_COMPUTESECRETFAILURE));
return (ISC_R_SUCCESS);
}
static isc_boolean_t
int status;
return (ISC_TRUE);
return (ISC_FALSE);
if (status != 0)
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_FALSE);
}
return (ISC_TRUE);
}
static isc_boolean_t
int status;
return (ISC_TRUE);
return (ISC_FALSE);
if (status != 0)
return (ISC_FALSE);
return (ISC_TRUE);
}
#ifndef HAVE_DH_GENERATE_PARAMETERS
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
static DH *
{
return (dh);
}
return (NULL);
}
#endif
static isc_result_t
if (generator == 0) {
{
return (dst__openssl_toresult(ISC_R_NOMEMORY));
else
}
else
generator = 2;
}
if (generator != 0)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
if (DH_generate_key(dh) == 0) {
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
}
return (ISC_R_SUCCESS);
}
static isc_boolean_t
}
static void
return;
}
static void
}
static isc_uint16_t
return (val);
}
static isc_result_t
isc_region_t r;
plen = 1;
glen = 0;
}
else {
}
return (ISC_R_NOSPACE);
uint16_toregion(plen, &r);
if (plen == 1) {
*r.base = 1;
*r.base = 2;
else
*r.base = 3;
}
else
uint16_toregion(glen, &r);
if (glen > 0)
uint16_toregion(publen, &r);
return (ISC_R_SUCCESS);
}
static isc_result_t
isc_region_t r;
int special = 0;
if (r.length == 0)
return (ISC_R_SUCCESS);
return (dst__openssl_toresult(ISC_R_NOMEMORY));
/*
* Read the prime length. 1 & 2 are table entries, > 16 means a
* prime follows, otherwise an error.
*/
if (r.length < 2) {
return (DST_R_INVALIDPUBLICKEY);
}
plen = uint16_fromregion(&r);
return (DST_R_INVALIDPUBLICKEY);
}
return (DST_R_INVALIDPUBLICKEY);
}
if (plen == 1)
else
special = uint16_fromregion(&r);
switch (special) {
case 1:
break;
case 2:
break;
case 3:
break;
default:
return (DST_R_INVALIDPUBLICKEY);
}
}
else {
}
/*
* Read the generator length. This should be 0 if the prime was
* special, but it might not be. If it's 0 and the prime is not
* special, we have a problem.
*/
if (r.length < 2) {
return (DST_R_INVALIDPUBLICKEY);
}
glen = uint16_fromregion(&r);
return (DST_R_INVALIDPUBLICKEY);
}
if (special != 0) {
if (glen == 0)
else {
}
else {
return (DST_R_INVALIDPUBLICKEY);
}
}
}
else {
if (glen == 0) {
return (DST_R_INVALIDPUBLICKEY);
}
}
if (r.length < 2) {
return (DST_R_INVALIDPUBLICKEY);
}
publen = uint16_fromregion(&r);
return (DST_R_INVALIDPUBLICKEY);
}
return (ISC_R_SUCCESS);
}
static isc_result_t
int i;
unsigned char *bufs[4];
return (DST_R_NULLKEY);
for (i = 0; i < 4; i++) {
goto fail;
}
}
i = 0;
i++;
i++;
i++;
i++;
fail:
for (i = 0; i < 4; i++) {
break;
}
return (result);
}
static isc_result_t
int i;
/* read private key file */
if (ret != ISC_R_SUCCESS)
return (ret);
case TAG_DH_PRIME:
break;
case TAG_DH_GENERATOR:
break;
case TAG_DH_PRIVATE:
break;
case TAG_DH_PUBLIC:
break;
}
}
{
}
}
return (ISC_R_SUCCESS);
err:
return (ret);
}
static void
static const char hexdigits[] = "0123456789abcdef";
unsigned char data[512];
unsigned int i;
char *s;
RUNTIME_CHECK(s != NULL);
RUNTIME_CHECK(s != NULL);
}
}
static void
openssldh_cleanup(void) {
}
static dst_func_t openssldh_functions = {
NULL, /*%< createctx */
NULL, /*%< destroyctx */
NULL, /*%< adddata */
NULL, /*%< openssldh_sign */
NULL, /*%< openssldh_verify */
};
*funcp = &openssldh_functions;
}
return (ISC_R_SUCCESS);
}
#else /* OPENSSL */
#endif /* OPENSSL */
/*! \file */