Update to newer openssl bignum API

diff --git a/configure.ac b/configure.ac
index 89072f0508e7bf18a9aac96f51f11292fd66b6f7..01e45ca13fa65ecdbd7029fc1e1a19fda045d5ea 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -12,6 +12,7 @@ AC_ARG_WITH(tfm, AS_HELP_STRING([--with-tfm], [Use tfm (TomsFastMath) instead of
 AM_CONDITIONAL(WITH_OPENSSL, [test x"$with_openssl" != xno])
 AM_CONDITIONAL(WITH_TOMMATH, [test x"$with_tommath" != xno])
 AM_CONDITIONAL(WITH_TOMSFASTMATH, [test x"$with_tfm" != xno])
+AC_CHECK_FUNCS(explicit_bzero memset_s)
 
 AS_IF([test x"$with_tommath" != xno],
        [AC_SEARCH_LIBS(mp_init, tommath, ,
@@ -20,7 +21,7 @@ AS_IF([test x"$with_tommath" != xno],
                [AC_SEARCH_LIBS(fp_ident, tfm, ,
                        [AC_MSG_ERROR([libtfm not found, see http://www.libtom.org/, or try --without-tfm])])],
                [AS_IF([test x"$with_openssl" != xno],
-                       [AC_SEARCH_LIBS(BN_init, crypto, ,
+                       [AC_SEARCH_LIBS(BN_new, crypto, ,
                                [AC_MSG_ERROR([OpenSSL not found, see http://www.openssl.org/, or try --without-openssl])])],
                        [AC_SEARCH_LIBS(__gmpz_init, gmp, ,
                                [AC_MSG_ERROR([GNU MP not found, see http://gmplib.org/, or try --with-openssl])])])])])

diff --git a/d0_bignum-openssl.c b/d0_bignum-openssl.c
index 8b52eb28ae3db54492ae5df2001658696b30c5b2..1a3276e5e1846de253829f15633c8ecc0d02b917 100644 (file)
--- a/d0_bignum-openssl.c
+++ b/d0_bignum-openssl.c
@@ -45,17 +45,12 @@
 #include <assert.h>
 #include <string.h>
 #include <openssl/bn.h>
-#include <openssl/crypto.h>
+#include <openssl/rand.h>
 
-// for stupid OpenSSL versions in Mac OS X
-#ifndef BN_is_negative
-#define BN_is_negative(a) ((a)->neg != 0)
-#define BN_set_negative(a,n) ((a)->neg = ((n) && !BN_is_zero(a)))
-#endif
 
 struct d0_bignum_s
 {
-       BIGNUM z;
+       BIGNUM *z;
 };
 
 static d0_bignum_t temp;
@@ -206,16 +201,16 @@ D0_BOOL d0_iobuf_write_bignum(d0_iobuf_t *buf, const d0_bignum_t *bignum)
        size_t count = 0;
 
        d0_lockmutex(tempmutex);
-       numbuf[0] = BN_is_zero(&bignum->z) ? 0 : BN_is_negative(&bignum->z) ? 3 : 1;
+       numbuf[0] = BN_is_zero(bignum->z) ? 0 : BN_is_negative(bignum->z) ? 3 : 1;
        if((numbuf[0] & 3) != 0) // nonzero
        {
-               count = BN_num_bytes(&bignum->z);
+               count = BN_num_bytes(bignum->z);
                if(count > sizeof(numbuf) - 1)
                {
                        d0_unlockmutex(tempmutex);
                        return 0;
                }
-               BN_bn2bin(&bignum->z, numbuf+1);
+               BN_bn2bin(bignum->z, numbuf+1);
        }
        ret = d0_iobuf_write_packet(buf, numbuf, count + 1);
        d0_unlockmutex(tempmutex);
@@ -246,13 +241,13 @@ d0_bignum_t *d0_iobuf_read_bignum(d0_iobuf_t *buf, d0_bignum_t *bignum)
        }
        if(numbuf[0] & 3) // nonzero
        {
-               BN_bin2bn(numbuf+1, count-1, &bignum->z);
+               BN_bin2bn(numbuf+1, count-1, bignum->z);
                if(numbuf[0] & 2) // negative
-                       BN_set_negative(&bignum->z, 1);
+                       BN_set_negative(bignum->z, 1);
        }
        else // zero
        {
-               BN_zero(&bignum->z);
+               BN_zero(bignum->z);
        }
        d0_unlockmutex(tempmutex);
        return bignum;
@@ -261,7 +256,7 @@ d0_bignum_t *d0_iobuf_read_bignum(d0_iobuf_t *buf, d0_bignum_t *bignum)
 ssize_t d0_bignum_export_unsigned(const d0_bignum_t *bignum, void *buf, size_t bufsize)
 {
        size_t count;
-       count = BN_num_bytes(&bignum->z);
+       count = BN_num_bytes(bignum->z);
        if(count > bufsize)
                return -1;
        if(bufsize > count)
@@ -270,7 +265,7 @@ ssize_t d0_bignum_export_unsigned(const d0_bignum_t *bignum, void *buf, size_t b
                memset(buf, 0, bufsize - count);
                buf += bufsize - count;
        }
-       BN_bn2bin(&bignum->z, buf);
+       BN_bn2bin(bignum->z, buf);
        return bufsize;
 }
 
@@ -278,86 +273,86 @@ d0_bignum_t *d0_bignum_import_unsigned(d0_bignum_t *bignum, const void *buf, siz
 {
        size_t count;
        if(!bignum) bignum = d0_bignum_new(); if(!bignum) return NULL;
-       BN_bin2bn(buf, bufsize, &bignum->z);
+       BN_bin2bn(buf, bufsize, bignum->z);
        return bignum;
 }
 
 d0_bignum_t *d0_bignum_new(void)
 {
        d0_bignum_t *b = d0_malloc(sizeof(d0_bignum_t));
-       BN_init(&b->z);
+       b->z = BN_new();
        return b;
 }
 
 void d0_bignum_free(d0_bignum_t *a)
 {
-       BN_free(&a->z);
+       BN_free(a->z);
        d0_free(a);
 }
 
 void d0_bignum_init(d0_bignum_t *b)
 {
-       BN_init(&b->z);
+       b->z = BN_new();
 }
 
 void d0_bignum_clear(d0_bignum_t *a)
 {
-       BN_free(&a->z);
+       BN_free(a->z);
 }
 
 size_t d0_bignum_size(const d0_bignum_t *r)
 {
-       return BN_num_bits(&r->z);
+       return BN_num_bits(r->z);
 }
 
 int d0_bignum_cmp(const d0_bignum_t *a, const d0_bignum_t *b)
 {
-       return BN_cmp(&a->z, &b->z);
+       return BN_cmp(a->z, b->z);
 }
 
 d0_bignum_t *d0_bignum_rand_range(d0_bignum_t *r, const d0_bignum_t *min, const d0_bignum_t *max)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        d0_lockmutex(tempmutex);
-       BN_sub(&temp.z, &max->z, &min->z);
-       BN_rand_range(&r->z, &temp.z);
+       BN_sub(temp.z, max->z, min->z);
+       BN_rand_range(r->z, temp.z);
        d0_unlockmutex(tempmutex);
-       BN_add(&r->z, &r->z, &min->z);
+       BN_add(r->z, r->z, min->z);
        return r;
 }
 
 d0_bignum_t *d0_bignum_rand_bit_atmost(d0_bignum_t *r, size_t n)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_rand(&r->z, n, -1, 0);
+       BN_rand(r->z, n, -1, 0);
        return r;
 }
 
 d0_bignum_t *d0_bignum_rand_bit_exact(d0_bignum_t *r, size_t n)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_rand(&r->z, n, 0, 0);
+       BN_rand(r->z, n, 0, 0);
        return r;
 }
 
 d0_bignum_t *d0_bignum_zero(d0_bignum_t *r)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_zero(&r->z);
+       BN_zero(r->z);
        return r;
 }
 
 d0_bignum_t *d0_bignum_one(d0_bignum_t *r)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_one(&r->z);
+       BN_one(r->z);
        return r;
 }
 
 d0_bignum_t *d0_bignum_int(d0_bignum_t *r, int n)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_set_word(&r->z, n);
+       BN_set_word(r->z, n);
        return r;
 }
 
@@ -366,7 +361,7 @@ d0_bignum_t *d0_bignum_mov(d0_bignum_t *r, const d0_bignum_t *a)
        if(r == a)
                return r; // trivial
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_copy(&r->z, &a->z);
+       BN_copy(r->z, a->z);
        return r;
 }
 
@@ -374,8 +369,8 @@ d0_bignum_t *d0_bignum_neg(d0_bignum_t *r, const d0_bignum_t *a)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        if(r != a)
-               BN_copy(&r->z, &a->z);
-       BN_set_negative(&r->z, !BN_is_negative(&r->z));
+               BN_copy(r->z, a->z);
+       BN_set_negative(r->z, !BN_is_negative(r->z));
        return r;
 }
 
@@ -383,25 +378,25 @@ d0_bignum_t *d0_bignum_shl(d0_bignum_t *r, const d0_bignum_t *a, ssize_t n)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        if(n > 0)
-               BN_lshift(&r->z, &a->z, n);
+               BN_lshift(r->z, a->z, n);
        else if(n < 0)
-               BN_rshift(&r->z, &a->z, -n);
+               BN_rshift(r->z, a->z, -n);
        else if(r != a)
-               BN_copy(&r->z, &a->z);
+               BN_copy(r->z, a->z);
        return r;
 }
 
 d0_bignum_t *d0_bignum_add(d0_bignum_t *r, const d0_bignum_t *a, const d0_bignum_t *b)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_add(&r->z, &a->z, &b->z);
+       BN_add(r->z, a->z, b->z);
        return r;
 }
 
 d0_bignum_t *d0_bignum_sub(d0_bignum_t *r, const d0_bignum_t *a, const d0_bignum_t *b)
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
-       BN_sub(&r->z, &a->z, &b->z);
+       BN_sub(r->z, a->z, b->z);
        return r;
 }
 
@@ -409,7 +404,7 @@ d0_bignum_t *d0_bignum_mul(d0_bignum_t *r, const d0_bignum_t *a, const d0_bignum
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        d0_lockmutex(tempmutex);
-       BN_mul(&r->z, &a->z, &b->z, ctx);
+       BN_mul(r->z, a->z, b->z, ctx);
        d0_unlockmutex(tempmutex);
        return r;
 }
@@ -422,13 +417,13 @@ d0_bignum_t *d0_bignum_divmod(d0_bignum_t *q, d0_bignum_t *m, const d0_bignum_t
        if(q)
        {
                if(m)
-                       BN_div(&q->z, &m->z, &a->z, &b->z, ctx);
+                       BN_div(q->z, m->z, a->z, b->z, ctx);
                else
-                       BN_div(&q->z, NULL, &a->z, &b->z, ctx);
+                       BN_div(q->z, NULL, a->z, b->z, ctx);
                assert(!"I know this code is broken (rounds towards zero), need handle negative correctly");
        }
        else
-               BN_nnmod(&m->z, &a->z, &b->z, ctx);
+               BN_nnmod(m->z, a->z, b->z, ctx);
        d0_unlockmutex(tempmutex);
        if(m)
                return m;
@@ -440,7 +435,7 @@ d0_bignum_t *d0_bignum_mod_add(d0_bignum_t *r, const d0_bignum_t *a, const d0_bi
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        d0_lockmutex(tempmutex);
-       BN_mod_add(&r->z, &a->z, &b->z, &m->z, ctx);
+       BN_mod_add(r->z, a->z, b->z, m->z, ctx);
        d0_unlockmutex(tempmutex);
        return r;
 }
@@ -449,7 +444,7 @@ d0_bignum_t *d0_bignum_mod_sub(d0_bignum_t *r, const d0_bignum_t *a, const d0_bi
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        d0_lockmutex(tempmutex);
-       BN_mod_sub(&r->z, &a->z, &b->z, &m->z, ctx);
+       BN_mod_sub(r->z, a->z, b->z, m->z, ctx);
        d0_unlockmutex(tempmutex);
        return r;
 }
@@ -458,7 +453,7 @@ d0_bignum_t *d0_bignum_mod_mul(d0_bignum_t *r, const d0_bignum_t *a, const d0_bi
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        d0_lockmutex(tempmutex);
-       BN_mod_mul(&r->z, &a->z, &b->z, &m->z, ctx);
+       BN_mod_mul(r->z, a->z, b->z, m->z, ctx);
        d0_unlockmutex(tempmutex);
        return r;
 }
@@ -467,7 +462,7 @@ d0_bignum_t *d0_bignum_mod_pow(d0_bignum_t *r, const d0_bignum_t *a, const d0_bi
 {
        if(!r) r = d0_bignum_new(); if(!r) return NULL;
        d0_lockmutex(tempmutex);
-       BN_mod_exp(&r->z, &a->z, &b->z, &m->z, ctx);
+       BN_mod_exp(r->z, a->z, b->z, m->z, ctx);
        d0_unlockmutex(tempmutex);
        return r;
 }
@@ -477,7 +472,7 @@ D0_BOOL d0_bignum_mod_inv(d0_bignum_t *r, const d0_bignum_t *a, const d0_bignum_
        // here, r MUST be set, as otherwise we cannot return error state!
        int ret;
        d0_lockmutex(tempmutex);
-       ret = !!BN_mod_inverse(&r->z, &a->z, &m->z, ctx);
+       ret = !!BN_mod_inverse(r->z, a->z, m->z, ctx);
        d0_unlockmutex(tempmutex);
        return ret;
 }
@@ -487,9 +482,9 @@ int d0_bignum_isprime(const d0_bignum_t *r, int param)
        int ret;
        d0_lockmutex(tempmutex);
        if(param <= 0)
-               ret = BN_is_prime_fasttest(&r->z, 1, NULL, ctx, NULL, 1);
+               ret = BN_is_prime_fasttest(r->z, 1, NULL, ctx, NULL, 1);
        else
-               ret = BN_is_prime(&r->z, param, NULL, ctx, NULL);
+               ret = BN_is_prime(r->z, param, NULL, ctx, NULL);
        d0_unlockmutex(tempmutex);
        return ret;
 }
@@ -504,7 +499,7 @@ d0_bignum_t *d0_bignum_gcd(d0_bignum_t *r, d0_bignum_t *s, d0_bignum_t *t, const
        else
        {
                d0_lockmutex(tempmutex);
-               BN_gcd(&r->z, &a->z, &b->z, ctx);
+               BN_gcd(r->z, a->z, b->z, ctx);
                d0_unlockmutex(tempmutex);
        }
        return r;
@@ -516,9 +511,9 @@ char *d0_bignum_tostring(const d0_bignum_t *x, unsigned int base)
        char *s2;
        size_t n;
        if(base == 10)
-               s = BN_bn2dec(&x->z);
+               s = BN_bn2dec(x->z);
        else if(base == 16)
-               s = BN_bn2hex(&x->z);
+               s = BN_bn2hex(x->z);
        else
                assert(!"Other bases not implemented");
        n = strlen(s) + 1;