69 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
70 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
72 			 DSA *dsa);
73 static int dsa_init(DSA *dsa);
74 static int dsa_finish(DSA *dsa);
104 #define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \  argument
107 	if((dsa)->meth->dsa_mod_exp) \
108 		_tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
115 #define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \  argument
118 	if((dsa)->meth->bn_mod_exp) \
119 		_tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
131 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)  in dsa_do_sign()  argument
144 	if (!dsa->p || !dsa->q || !dsa->g)  in dsa_do_sign()
155 	if ((dsa->kinv == NULL) || (dsa->r == NULL))  in dsa_do_sign()
157 		if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;  in dsa_do_sign()
161 		kinv=dsa->kinv;  in dsa_do_sign()
162 		dsa->kinv=NULL;  in dsa_do_sign()
163 		r=dsa->r;  in dsa_do_sign()
164 		dsa->r=NULL;  in dsa_do_sign()
169 	if (dlen > BN_num_bytes(dsa->q))  in dsa_do_sign()
173 		dlen = BN_num_bytes(dsa->q);  in dsa_do_sign()
178 	if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */  in dsa_do_sign()
180 	if (BN_cmp(s,dsa->q) > 0)  in dsa_do_sign()
181 		if (!BN_sub(s,s,dsa->q)) goto err;  in dsa_do_sign()
182 	if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;  in dsa_do_sign()
216 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)  in dsa_sign_setup()  argument
222 	if (!dsa->p || !dsa->q || !dsa->g)  in dsa_sign_setup()
242 		if (!BN_rand_range(&k, dsa->q)) goto err;  in dsa_sign_setup()
244 	if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)  in dsa_sign_setup()
249 	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)  in dsa_sign_setup()
251 		if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,  in dsa_sign_setup()
253 						dsa->p, ctx))  in dsa_sign_setup()
259 	if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)  in dsa_sign_setup()
269 		if (!BN_add(&kq, &kq, dsa->q)) goto err;  in dsa_sign_setup()
270 		if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))  in dsa_sign_setup()
272 			if (!BN_add(&kq, &kq, dsa->q)) goto err;  in dsa_sign_setup()
281 	DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,  in dsa_sign_setup()
282 			dsa->method_mont_p);  in dsa_sign_setup()
283 	if (!BN_mod(r,r,dsa->q,ctx)) goto err;  in dsa_sign_setup()
286 	if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;  in dsa_sign_setup()
308 			 DSA *dsa)  in dsa_do_verify()  argument
314 	if (!dsa->p || !dsa->q || !dsa->g)  in dsa_do_verify()
320 	i = BN_num_bits(dsa->q);  in dsa_do_verify()
328 	if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS)  in dsa_do_verify()
340 	    BN_ucmp(sig->r, dsa->q) >= 0)  in dsa_do_verify()
346 	    BN_ucmp(sig->s, dsa->q) >= 0)  in dsa_do_verify()
354 	if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;  in dsa_do_verify()
365 	if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;  in dsa_do_verify()
368 	if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;  in dsa_do_verify()
371 	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)  in dsa_do_verify()
373 		mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,  in dsa_do_verify()
374 					CRYPTO_LOCK_DSA, dsa->p, ctx);  in dsa_do_verify()
380 	DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont);  in dsa_do_verify()
383 	if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;  in dsa_do_verify()
400 static int dsa_init(DSA *dsa)  in dsa_init()  argument
402 	dsa->flags|=DSA_FLAG_CACHE_MONT_P;  in dsa_init()
406 static int dsa_finish(DSA *dsa)  in dsa_finish()  argument
408 	if(dsa->method_mont_p)  in dsa_finish()
409 		BN_MONT_CTX_free(dsa->method_mont_p);  in dsa_finish()