From d73ed541db07ca273335341ba3cc8aad86f91d15 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 5 Oct 2007 13:14:55 +0000 Subject: [PATCH] Fix bug in DSA parameter generation code which stopped it copying a generated random seed to the supplied seed parameter. --- crypto/dsa/dsa_gen.c | 11 ++++-- fips/dsa/fips_dsa_gen.c | 11 ++++-- fips/dsa/fips_dssvs.c | 79 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 97 insertions(+), 4 deletions(-) diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 9ad985b9db..6f1728e3cf 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -119,13 +119,20 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, if (bits < 512) bits=512; bits=(bits+63)/64*64; - if (seed_len < 20) + /* NB: seed_len == 0 is special case: copy generated seed to + * seed_in if it is not NULL. + */ + if (seed_len && (seed_len < 20)) seed_in = NULL; /* seed buffer too small -- ignore */ if (seed_len > 20) seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, * but our internal buffers are restricted to 160 bits*/ if ((seed_in != NULL) && (seed_len == 20)) + { memcpy(seed,seed_in,seed_len); + /* set seed_in to NULL to avoid it being copied back */ + seed_in = NULL; + } if ((ctx=BN_CTX_new()) == NULL) goto err; @@ -302,7 +309,7 @@ err: ok=0; goto err; } - if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); + if (seed_in != NULL) memcpy(seed_in,seed,20); if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } diff --git a/fips/dsa/fips_dsa_gen.c b/fips/dsa/fips_dsa_gen.c index c666e5b752..0cecf34ab2 100644 --- a/fips/dsa/fips_dsa_gen.c +++ b/fips/dsa/fips_dsa_gen.c @@ -133,13 +133,20 @@ static int dsa_builtin_paramgen(DSA *ret, int bits, if (bits < 512) bits=512; bits=(bits+63)/64*64; - if (seed_len < 20) + /* NB: seed_len == 0 is special case: copy generated seed to + * seed_in if it is not NULL. + */ + if (seed_len && (seed_len < 20)) seed_in = NULL; /* seed buffer too small -- ignore */ if (seed_len > 20) seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, * but our internal buffers are restricted to 160 bits*/ if ((seed_in != NULL) && (seed_len == 20)) + { memcpy(seed,seed_in,seed_len); + /* set seed_in to NULL to avoid it being copied back */ + seed_in = NULL; + } if ((ctx=BN_CTX_new()) == NULL) goto err; @@ -316,7 +323,7 @@ err: ok=0; goto err; } - if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); + if (seed_in != NULL) memcpy(seed_in,seed,20); if (counter_ret != NULL) *counter_ret=counter; if (h_ret != NULL) *h_ret=h; } diff --git a/fips/dsa/fips_dssvs.c b/fips/dsa/fips_dssvs.c index c896351981..45f97cd362 100644 --- a/fips/dsa/fips_dssvs.c +++ b/fips/dsa/fips_dssvs.c @@ -112,6 +112,83 @@ void pqg() } } + +void pqgver() + { + char buf[1024]; + char lbuf[1024]; + char *keyword, *value; + BIGNUM *p = NULL, *q = NULL, *g = NULL; + int counter, counter2; + unsigned long h, h2; + DSA *dsa=NULL; + int nmod=0; + unsigned char seed[1024]; + + while(fgets(buf,sizeof buf,stdin) != NULL) + { + if (!parse_line(&keyword, &value, lbuf, buf)) + { + fputs(buf,stdout); + continue; + } + if(!strcmp(keyword,"[mod")) + nmod=atoi(value); + else if(!strcmp(keyword,"P")) + p=hex2bn(value); + else if(!strcmp(keyword,"Q")) + q=hex2bn(value); + else if(!strcmp(keyword,"G")) + g=hex2bn(value); + else if(!strcmp(keyword,"Seed")) + { + int slen = hex2bin(value, seed); + if (slen != 20) + { + fprintf(stderr, "Seed parse length error\n"); + exit (1); + } + } + else if(!strcmp(keyword,"c")) + counter =atoi(buf+4); + else if(!strcmp(keyword,"H")) + { + h = atoi(value); + if (!p || !q || !g) + { + fprintf(stderr, "Parse Error\n"); + exit (1); + } + pbn("P",p); + pbn("Q",q); + pbn("G",g); + pv("Seed",seed,20); + printf("c = %d\n",counter); + printf("H = %lx\n",h); + dsa = FIPS_dsa_new(); + if (!DSA_generate_parameters_ex(dsa, nmod,seed,20 ,&counter2,&h2,NULL)) + { + do_print_errors(); + exit(1); + } + if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || BN_cmp(dsa->g, g) + || (counter != counter2) || (h != h2)) + printf("Result = F\n"); + else + printf("Result = T\n"); + BN_free(p); + BN_free(q); + BN_free(g); + p = NULL; + q = NULL; + g = NULL; + FIPS_dsa_free(dsa); + dsa = NULL; + } + } + } + + void keypair() { char buf[1024]; @@ -329,6 +406,8 @@ int main(int argc,char **argv) primes(); else if(!strcmp(argv[1],"pqg")) pqg(); + else if(!strcmp(argv[1],"pqgver")) + pqgver(); else if(!strcmp(argv[1],"keypair")) keypair(); else if(!strcmp(argv[1],"siggen")) -- 2.25.1