From 726fad2a65f16c200a03969c29cb5c86c2d427db Mon Sep 17 00:00:00 2001
From: Dina K Nimeh <Dina.Nimeh@Sun.COM>
Date: Mon, 7 Jun 2010 08:54:25 -0700
Subject: 6875651 move asymmetric crypto to libsoftcrypto 6816864 collect
 together padding methods used by PKCS#11 6917508 bignum library needs big
 random number function 6249983 softtoken based RSA/DSA slow on Niagara
 6917506 arcfour lint check missing from usr/src/uts/sun4v/Makefile 6917513
 move softFipsDSAUtil.c to common/crypto/fips/fips_dsa_util.c 6834849
 dsa_sign() produces invalid signature when pkcs11 engine is used via
 openssl(1) for certain keys

---
 usr/src/common/bignum/bignumimpl.c | 49 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 47 insertions(+), 2 deletions(-)

(limited to 'usr/src/common/bignum/bignumimpl.c')

diff --git a/usr/src/common/bignum/bignumimpl.c b/usr/src/common/bignum/bignumimpl.c
index 079dad8dd0..fbd1511fd8 100644
--- a/usr/src/common/bignum/bignumimpl.c
+++ b/usr/src/common/bignum/bignumimpl.c
@@ -18,9 +18,9 @@
  *
  * CDDL HEADER END
  */
+
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 /*
@@ -3147,3 +3147,48 @@ ret1:
 
 	return (err);
 }
+
+/*
+ * Get a rlen-bit random number in BIGNUM format.  Caller-supplied
+ * (*rfunc)(void *dbuf, size_t dlen) must return 0 for success and
+ * -1 for failure.  Note:  (*rfunc)() takes length in bytes, not bits.
+ */
+BIG_ERR_CODE
+big_random(BIGNUM *r, size_t rlen, int (*rfunc)(void *, size_t))
+{
+	size_t	rwords, rbytes;
+	int	shift;
+
+	if (r == NULL || rlen == 0 || rfunc == NULL)
+		return (BIG_INVALID_ARGS);
+
+	/*
+	 * Convert rlen bits to r->len words (32- or 64-bit), rbytes bytes
+	 * and extend r if it's not big enough to hold the random number.
+	 */
+	rwords = BITLEN2BIGNUMLEN(rlen);
+	rbytes = rwords * sizeof (BIG_CHUNK_TYPE);
+	if (big_extend(r, rwords) != BIG_OK)
+		return (BIG_NO_MEM);
+#ifdef BIGNUM_CHUNK_32
+	r->len = rwords;
+#else
+	r->len = (uint32_t)rwords;
+#endif
+
+	if ((*rfunc)(r->value, rbytes) < 0)
+		return (BIG_NO_RANDOM);
+
+	r->value[rwords - 1] |= BIG_CHUNK_HIGHBIT;
+
+	/*
+	 * If the bit length is not a word boundary, shift the most
+	 * significant word so that we have an exactly rlen-long number.
+	 */
+	if ((shift = rlen % BIG_CHUNK_SIZE) != 0)
+		r->value[rwords - 1] >>= (BIG_CHUNK_SIZE - shift);
+
+	r->sign = 1;	/* non-negative */
+
+	return (BIG_OK);
+}
-- 
cgit v1.2.3