[rpms/openssl] rebase_40beta: add API necessary for CAVS testing of the new DSA parameter generation

[Tomas Mraz <tmraz@fedoraproject.org>]

A new commit has been pushed.

Repo   : rpms/openssl
Branch : rebase_40beta
Commit : 19062db533d6a2faa990e24e1ed5b3749b2b6176
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date   : 2011-05-24T14:57:29+02:00
Stats  : +240/-3 in 2 file(s)
URL    : https://src.fedoraproject.org/rpms/openssl/c/19062db533d6a2faa990e24e1ed5b3749b2b6176?branch=rebase_40beta

Log:
add API necessary for CAVS testing of the new DSA parameter generation

---
diff --git a/openssl-1.0.0d-cavs.patch b/openssl-1.0.0d-cavs.patch
new file mode 100644
index 0000000..eed8559
--- /dev/null
+++ b/openssl-1.0.0d-cavs.patch
@@ -0,0 +1,232 @@
+diff -up openssl-1.0.0d/crypto/dsa/dsa_gen.c.cavs openssl-1.0.0d/crypto/dsa/dsa_gen.c
+--- openssl-1.0.0d/crypto/dsa/dsa_gen.c.cavs	2011-05-23 19:59:56.000000000 +0200
++++ openssl-1.0.0d/crypto/dsa/dsa_gen.c	2011-05-23 22:32:45.000000000 +0200
+@@ -85,6 +85,14 @@
+ #endif
+ #include "dsa_locl.h"
+ 
++#ifndef OPENSSL_FIPS
++static int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits,
++		const EVP_MD *evpmd, unsigned char *seed, int seed_len,
++		BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb);
++static int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q,
++		BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb);
++#endif
++
+ int DSA_generate_parameters_ex(DSA *ret, int bits,
+ 		const unsigned char *seed_in, int seed_len,
+ 		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
+@@ -113,22 +121,26 @@ int DSA_generate_parameters_ex(DSA *ret,
+ 		}
+ 	}
+ 
++#ifdef OPENSSL_FIPS
++int FIPS_dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
++	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
++	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
++	{
++	return dsa_builtin_paramgen(ret, bits, qbits,
++		evpmd, seed_in, seed_len,
++		counter_ret, h_ret, cb);
++	}
++#endif
++
+ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+ 	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+ 	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
+ 	{
+ 	int ok=0;
+ 	unsigned char seed[SHA256_DIGEST_LENGTH];
+-	unsigned char md[SHA256_DIGEST_LENGTH];
+-	unsigned char buf[SHA256_DIGEST_LENGTH];
+-	BIGNUM *r0,*W,*X,*c,*test;
+ 	BIGNUM *g=NULL,*q=NULL,*p=NULL;
+-	BN_MONT_CTX *mont=NULL;
+-	int i, k, b, n=0, m=0, qsize = qbits >> 3;
+-	int counter=0;
+-	int r=0;
++	size_t qsize = qbits >> 3;
+ 	BN_CTX *ctx=NULL;
+-	unsigned int h=2;
+ 
+ #ifdef OPENSSL_FIPS
+ 	if(FIPS_selftest_failed())
+@@ -148,6 +160,65 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 		goto err;
+ 		}
+ #endif
++	if (seed_len && (seed_len < (size_t)qsize))
++		seed_in = NULL;		/* seed buffer too small -- ignore */
++	if (seed_len > sizeof(seed)) 
++		seed_len = sizeof(seed);	/* App. 2.2 of FIPS PUB 186 allows larger SEED,
++						 * but our internal buffers are restricted to 256 bits*/
++	if (seed_in != NULL)
++		memcpy(seed, seed_in, seed_len);
++	else
++		seed_len = 0;
++
++	if ((ctx=BN_CTX_new()) == NULL)
++		goto err;
++
++	BN_CTX_start(ctx);
++
++	if (!FIPS_dsa_generate_pq(ctx, bits, qbits, evpmd,
++		seed, seed_len, &p, &q, counter_ret, cb))
++		goto err;
++
++	if (!FIPS_dsa_generate_g(ctx, p, q, &g, h_ret, cb))
++		goto err;
++
++	ok=1;
++err:
++	if (ok)
++		{
++		if(ret->p) BN_free(ret->p);
++		if(ret->q) BN_free(ret->q);
++		if(ret->g) BN_free(ret->g);
++		ret->p=BN_dup(p);
++		ret->q=BN_dup(q);
++		ret->g=BN_dup(g);
++		if (ret->p == NULL || ret->q == NULL || ret->g == NULL)
++			ok=0;
++		}
++	if(ctx)
++		{
++		BN_CTX_end(ctx);
++		BN_CTX_free(ctx);
++		}
++	return ok;
++	}
++
++#ifndef OPENSSL_FIPS
++static
++#endif
++int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits,
++		const EVP_MD *evpmd, unsigned char *seed, int seed_len,
++		BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb)
++	{
++	int ok=0;
++	unsigned char md[SHA256_DIGEST_LENGTH];
++	unsigned char buf[SHA256_DIGEST_LENGTH];
++	BIGNUM *r0,*W,*X,*c,*test;
++	BIGNUM *g=NULL,*q=NULL,*p=NULL;
++	BN_MONT_CTX *mont=NULL;
++	int i, k, b, n=0, m=0, qsize = qbits >> 3;
++	int counter=0;
++	int r=0;
+ 
+ 	if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
+ 	    qsize != SHA256_DIGEST_LENGTH)
+@@ -169,28 +240,12 @@ int dsa_builtin_paramgen(DSA *ret, size_
+ 
+ 	bits = (bits+63)/64*64;
+ 
+-	if (seed_len && (seed_len < (size_t)qsize))
+-		seed_in = NULL;		/* seed buffer too small -- ignore */
+-	if (seed_len > (size_t)qsize) 
+-		seed_len = qsize;	/* App. 2.2 of FIPS PUB 186 allows larger SEED,
+-					 * but our internal buffers are restricted to 256 bits*/
+-	if (seed_in != NULL)
+-		memcpy(seed, seed_in, seed_len);
+-
+-	if ((ctx=BN_CTX_new()) == NULL)
+-		goto err;
+-
+-	if ((mont=BN_MONT_CTX_new()) == NULL)
+-		goto err;
+-
+-	BN_CTX_start(ctx);
+ 	r0 = BN_CTX_get(ctx);
+-	g = BN_CTX_get(ctx);
+ 	W = BN_CTX_get(ctx);
+-	q = BN_CTX_get(ctx);
++	*q_ret = q = BN_CTX_get(ctx);
+ 	X = BN_CTX_get(ctx);
+ 	c = BN_CTX_get(ctx);
+-	p = BN_CTX_get(ctx);
++	*p_ret = p = BN_CTX_get(ctx);
+ 	test = BN_CTX_get(ctx);
+ 
+ 	if (!BN_lshift(test,BN_value_one(),bits-1))
+@@ -312,7 +367,33 @@ end:
+ 	if(!BN_GENCB_call(cb, 2, 1))
+ 		goto err;
+ 
+-	/* We now need to generate g */
++	ok=1;
++err:
++	if (ok)
++		{
++		if (counter_ret != NULL) *counter_ret=counter;
++		}
++	return ok;
++	}
++
++#ifndef OPENSSL_FIPS
++static
++#endif
++int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q,
++		BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb)
++	{
++	int ok=0;
++	BIGNUM *r0, *test, *g = NULL;
++	BN_MONT_CTX *mont;
++	unsigned int h=2;
++
++	if ((mont=BN_MONT_CTX_new()) == NULL)
++		goto err;
++
++	r0 = BN_CTX_get(ctx);
++	*g_ret = g = BN_CTX_get(ctx);
++	test = BN_CTX_get(ctx);
++
+ 	/* Set r0=(p-1)/q */
+ 	if (!BN_sub(test,p,BN_value_one())) goto err;
+ 	if (!BN_div(r0,NULL,test,q,ctx)) goto err;
+@@ -336,25 +417,8 @@ end:
+ err:
+ 	if (ok)
+ 		{
+-		if(ret->p) BN_free(ret->p);
+-		if(ret->q) BN_free(ret->q);
+-		if(ret->g) BN_free(ret->g);
+-		ret->p=BN_dup(p);
+-		ret->q=BN_dup(q);
+-		ret->g=BN_dup(g);
+-		if (ret->p == NULL || ret->q == NULL || ret->g == NULL)
+-			{
+-			ok=0;
+-			goto err;
+-			}
+-		if (counter_ret != NULL) *counter_ret=counter;
+ 		if (h_ret != NULL) *h_ret=h;
+ 		}
+-	if(ctx)
+-		{
+-		BN_CTX_end(ctx);
+-		BN_CTX_free(ctx);
+-		}
+ 	if (mont != NULL) BN_MONT_CTX_free(mont);
+ 	return ok;
+ 	}
+diff -up openssl-1.0.0d/crypto/dsa/dsa.h.cavs openssl-1.0.0d/crypto/dsa/dsa.h
+--- openssl-1.0.0d/crypto/dsa/dsa.h.cavs	2011-05-23 19:59:56.000000000 +0200
++++ openssl-1.0.0d/crypto/dsa/dsa.h	2011-05-23 22:33:33.000000000 +0200
+@@ -266,6 +266,17 @@ int	DSA_print_fp(FILE *bp, const DSA *x,
+ DH *DSA_dup_DH(const DSA *r);
+ #endif
+ 
++#ifdef OPENSSL_FIPS
++int FIPS_dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
++	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
++	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
++int FIPS_dsa_generate_pq(BN_CTX *ctx, size_t bits, size_t qbits,
++		const EVP_MD *evpmd, unsigned char *seed, int seed_len,
++		BIGNUM **p_ret, BIGNUM **q_ret, int *counter_ret, BN_GENCB *cb);
++int FIPS_dsa_generate_g(BN_CTX *ctx, BIGNUM *p, BIGNUM *q,
++		BIGNUM **g_ret, unsigned long *h_ret, BN_GENCB *cb);
++#endif
++
+ #define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+ 	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+ 				EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)

diff --git a/openssl.spec b/openssl.spec
index 2f66dbe..15605df 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
 Summary: A general purpose cryptography library with TLS implementation
 Name: openssl
 Version: 1.0.0d
-Release: 3%{?dist}
+Release: 4%{?dist}
 # We remove certain patented algorithms from the openssl source tarball
 # with the hobble-openssl script which is included below.
 Source: openssl-%{version}-usa.tar.bz2
@@ -70,8 +70,9 @@ Patch57: openssl-1.0.0c-fips186-3.patch
 Patch58: openssl-1.0.0c-fips-md5-allow.patch
 Patch59: openssl-1.0.0c-pkcs12-fips-default.patch
 Patch60: openssl-1.0.0d-apps-dgst.patch
+Patch61: openssl-1.0.0d-cavs.patch
 # Backported fixes including security fixes
-Patch61: openssl-1.0.0d-padlock64.patch
+Patch81: openssl-1.0.0d-padlock64.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -161,7 +162,8 @@ from other formats to the formats used by the OpenSSL toolkit.
 %patch58 -p1 -b .md5-allow
 %patch59 -p1 -b .fips-default
 %patch60 -p1 -b .dgst
-%patch61 -p1 -b .padlock64
+%patch61 -p1 -b .cavs
+%patch81 -p1 -b .padlock64
 
 # Modify the various perl scripts to reference perl in the right location.
 perl util/perlpath.pl `dirname %{__perl}`
@@ -411,6 +413,9 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
 %postun -p /sbin/ldconfig
 
 %changelog
+* Tue May 24 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-4
+- add API necessary for CAVS testing of the new DSA parameter generation
+
 * Thu Apr 28 2011 Tomas Mraz <tmraz@redhat.com> 1.0.0d-3
 - add support for VIA Padlock on 64bit arch from upstream (#617539)
 - do not return bogus values from load_certs (#652286)