Implement internally opaque bn access from srp

Reviewed-by: Tim Hudson <tjh@openssl.org>

5 files changed, 73 insertions, 43 deletions

diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
index 2f4a81e80c..f0548ed787 100644
--- a/crypto/bn/Makefile
+++ b/crypto/bn/Makefile
@@ -26,13 +26,13 @@ LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
 	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
 	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
 	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
-	bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c
+	bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c
 
 LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
 	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
 	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
 	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
-	bn_depr.o bn_const.o bn_x931p.o bn_intern.o bn_dh.o
+	bn_depr.o bn_const.o bn_x931p.o bn_intern.o bn_dh.o bn_srp.o
 
 SRC= $(LIBSRC)
 
@@ -409,6 +409,12 @@ bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h
 bn_sqrt.o: ../include/internal/bn_int.h bn_lcl.h bn_sqrt.c
+bn_srp.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_srp.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_srp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_srp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_srp.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+bn_srp.o: bn_lcl.h bn_srp.c
 bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
 bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
diff --git a/crypto/srp/srp_grps.h b/crypto/bn/bn_srp.c
index 5babc40ae2..0a9c2fd78b 100644
--- a/crypto/srp/srp_grps.h
+++ b/crypto/bn/bn_srp.c
@@ -1,4 +1,20 @@
-/* start of generated data */
+#include "bn_lcl.h"
+
+#ifndef OPENSSL_NO_SRP
+
+#if (BN_BYTES == 8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+#  define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
+# elif defined(__arch64__)
+#  define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
+# else
+#  define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
+# endif
+#elif (BN_BYTES == 4)
+# define bn_pack4(a1,a2,a3,a4)  ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+#else
+# error "unsupported BN_BYTES"
+#endif
 
 static const BN_ULONG bn_group_1024_value[] = {
 	bn_pack4(0x9FC6,0x1D2F,0xC0EB,0x06E3),
@@ -18,7 +34,7 @@ static const BN_ULONG bn_group_1024_value[] = {
 	bn_pack4(0x9C33,0xF80A,0xFA8F,0xC5E8),
 	bn_pack4(0xEEAF,0x0AB9,0xADB3,0x8DD6)
 };
-static const BIGNUM bn_group_1024 = {
+const BIGNUM bn_group_1024 = {
 	(BN_ULONG*)bn_group_1024_value,
 	(sizeof bn_group_1024_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_1024_value)/sizeof(BN_ULONG),
@@ -52,7 +68,7 @@ static const BN_ULONG bn_group_1536_value[] = {
 	bn_pack4(0xB1F1,0x2A86,0x17A4,0x7BBB),
 	bn_pack4(0x9DEF,0x3CAF,0xB939,0x277A)
 };
-static const BIGNUM bn_group_1536 = {
+const BIGNUM bn_group_1536 = {
 	(BN_ULONG*)bn_group_1536_value,
 	(sizeof bn_group_1536_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_1536_value)/sizeof(BN_ULONG),
@@ -94,7 +110,7 @@ static const BN_ULONG bn_group_2048_value[] = {
 	bn_pack4(0xF166,0xDE5E,0x1389,0x582F),
 	bn_pack4(0xAC6B,0xDB41,0x324A,0x9A9B)
 };
-static const BIGNUM bn_group_2048 = {
+const BIGNUM bn_group_2048 = {
 	(BN_ULONG*)bn_group_2048_value,
 	(sizeof bn_group_2048_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_2048_value)/sizeof(BN_ULONG),
@@ -152,7 +168,7 @@ static const BN_ULONG bn_group_3072_value[] = {
 	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
 	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
-static const BIGNUM bn_group_3072 = {
+const BIGNUM bn_group_3072 = {
 	(BN_ULONG*)bn_group_3072_value,
 	(sizeof bn_group_3072_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_3072_value)/sizeof(BN_ULONG),
@@ -226,7 +242,7 @@ static const BN_ULONG bn_group_4096_value[] = {
 	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
 	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
-static const BIGNUM bn_group_4096 = {
+const BIGNUM bn_group_4096 = {
 	(BN_ULONG*)bn_group_4096_value,
 	(sizeof bn_group_4096_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_4096_value)/sizeof(BN_ULONG),
@@ -332,7 +348,7 @@ static const BN_ULONG bn_group_6144_value[] = {
 	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
 	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
-static const BIGNUM bn_group_6144 = {
+const BIGNUM bn_group_6144 = {
 	(BN_ULONG*)bn_group_6144_value,
 	(sizeof bn_group_6144_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_6144_value)/sizeof(BN_ULONG),
@@ -470,7 +486,7 @@ static const BN_ULONG bn_group_8192_value[] = {
 	bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
 	bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
 };
-static const BIGNUM bn_group_8192 = {
+const BIGNUM bn_group_8192 = {
 	(BN_ULONG*)bn_group_8192_value,
 	(sizeof bn_group_8192_value)/sizeof(BN_ULONG),
 	(sizeof bn_group_8192_value)/sizeof(BN_ULONG),
@@ -479,7 +495,7 @@ static const BIGNUM bn_group_8192 = {
 };
 
 static const BN_ULONG bn_generator_19_value[] = {19} ;
-static const BIGNUM bn_generator_19 = {
+const BIGNUM bn_generator_19 = {
 	(BN_ULONG*)bn_generator_19_value,
 	1,
 	1,
@@ -487,7 +503,7 @@ static const BIGNUM bn_generator_19 = {
 	BN_FLG_STATIC_DATA
 };
 static const BN_ULONG bn_generator_5_value[] = {5} ;
-static const BIGNUM bn_generator_5 = {
+const BIGNUM bn_generator_5 = {
 	(BN_ULONG*)bn_generator_5_value,
 	1,
 	1,
@@ -495,7 +511,7 @@ static const BIGNUM bn_generator_5 = {
 	BN_FLG_STATIC_DATA
 };
 static const BN_ULONG bn_generator_2_value[] = {2} ;
-static const BIGNUM bn_generator_2 = {
+const BIGNUM bn_generator_2 = {
 	(BN_ULONG*)bn_generator_2_value,
 	1,
 	1,
@@ -503,15 +519,4 @@ static const BIGNUM bn_generator_2 = {
 	BN_FLG_STATIC_DATA
 };
 
-static SRP_gN knowngN[] = {
-	{"8192",(BIGNUM*)&bn_generator_19 , (BIGNUM*)&bn_group_8192},
-	{"6144",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_6144},
-	{"4096",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_4096},
-	{"3072",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_3072},
-	{"2048",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_2048},
-	{"1536",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1536},
-	{"1024",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1024},
-};
-#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
-
-/* end of generated data */
+#endif
diff --git a/crypto/include/internal/bn_srp.h b/crypto/include/internal/bn_srp.h
new file mode 100644
index 0000000000..e15038a94e
--- /dev/null
+++ b/crypto/include/internal/bn_srp.h
@@ -0,0 +1,35 @@
+
+#ifndef OPENSSL_NO_SRP
+
+extern const BIGNUM bn_group_1024;
+
+extern const BIGNUM bn_group_1536;
+
+extern const BIGNUM bn_group_2048;
+
+extern const BIGNUM bn_group_3072;
+
+extern const BIGNUM bn_group_4096;
+
+extern const BIGNUM bn_group_6144;
+
+extern const BIGNUM bn_group_8192;
+
+extern const BIGNUM bn_generator_19;
+
+extern const BIGNUM bn_generator_5;
+
+extern const BIGNUM bn_generator_2;
+
+static SRP_gN knowngN[] = {
+	{"8192",(BIGNUM*)&bn_generator_19 , (BIGNUM*)&bn_group_8192},
+	{"6144",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_6144},
+	{"4096",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_4096},
+	{"3072",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_3072},
+	{"2048",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_2048},
+	{"1536",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1536},
+	{"1024",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1024},
+};
+#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
+
+#endif
diff --git a/crypto/srp/Makefile b/crypto/srp/Makefile
index 9e1d8fe5cb..0c37ec7da7 100644
--- a/crypto/srp/Makefile
+++ b/crypto/srp/Makefile
@@ -82,7 +82,7 @@ srp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 srp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
 srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c
+srp_lib.o: ../cryptlib.h ../include/internal/bn_srp.h srp_lcl.h srp_lib.c
 srp_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
 srp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index d2c237e960..71492f3cef 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -61,23 +61,7 @@
 #include "srp_lcl.h"
 #include <openssl/srp.h>
 #include <openssl/evp.h>
-
-#if (BN_BYTES == 8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-#  define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
-# elif defined(__arch64__)
-#  define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
-# else
-#  define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
-# endif
-#elif (BN_BYTES == 4)
-# define bn_pack4(a1,a2,a3,a4)  ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
-#else
-# error "unsupported BN_BYTES"
-#endif
-
-
-#include "srp_grps.h"
+#include "internal/bn_srp.h"
 
 static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
 	{