]>
Commit | Line | Data |
---|---|---|
ca2bf555 | 1 | /* |
fecb3aae | 2 | * Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved. |
ca2bf555 SL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* DH parameters from RFC7919 and RFC3526 */ | |
11 | ||
ada66e78 P |
12 | /* |
13 | * DH low level APIs are deprecated for public use, but still ok for | |
14 | * internal use. | |
15 | */ | |
16 | #include "internal/deprecated.h" | |
17 | ||
ca2bf555 SL |
18 | #include <stdio.h> |
19 | #include "internal/cryptlib.h" | |
7165593c | 20 | #include "internal/ffc.h" |
ca2bf555 SL |
21 | #include "dh_local.h" |
22 | #include <openssl/bn.h> | |
23 | #include <openssl/objects.h> | |
c829c23b | 24 | #include "internal/nelem.h" |
8083fd3a | 25 | #include "crypto/dh.h" |
55f02cb6 | 26 | |
c829c23b | 27 | static DH *dh_param_init(OSSL_LIB_CTX *libctx, const DH_NAMED_GROUP *group) |
ca2bf555 | 28 | { |
19dbb742 | 29 | DH *dh = ossl_dh_new_ex(libctx); |
ca2bf555 SL |
30 | |
31 | if (dh == NULL) | |
32 | return NULL; | |
33 | ||
ddb13b28 | 34 | ossl_ffc_named_group_set(&dh->params, group); |
c829c23b | 35 | dh->params.nid = ossl_ffc_named_group_get_uid(group); |
ca2bf555 SL |
36 | dh->dirty_cnt++; |
37 | return dh; | |
38 | } | |
39 | ||
19dbb742 | 40 | DH *ossl_dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid) |
ca2bf555 | 41 | { |
c829c23b | 42 | const DH_NAMED_GROUP *group; |
55f02cb6 | 43 | |
c829c23b RL |
44 | if ((group = ossl_ffc_uid_to_dh_named_group(nid)) != NULL) |
45 | return dh_param_init(libctx, group); | |
7165593c | 46 | |
9311d0c4 | 47 | ERR_raise(ERR_LIB_DH, DH_R_INVALID_PARAMETER_NID); |
55f02cb6 | 48 | return NULL; |
ca2bf555 SL |
49 | } |
50 | ||
8083fd3a SL |
51 | DH *DH_new_by_nid(int nid) |
52 | { | |
19dbb742 | 53 | return ossl_dh_new_by_nid_ex(NULL, nid); |
7165593c SL |
54 | } |
55 | ||
19dbb742 | 56 | void ossl_dh_cache_named_group(DH *dh) |
ca2bf555 | 57 | { |
c829c23b | 58 | const DH_NAMED_GROUP *group; |
55f02cb6 SL |
59 | |
60 | if (dh == NULL) | |
738ee181 SL |
61 | return; |
62 | ||
63 | dh->params.nid = NID_undef; /* flush cached value */ | |
ca2bf555 | 64 | |
738ee181 SL |
65 | /* Exit if p or g is not set */ |
66 | if (dh->params.p == NULL | |
67 | || dh->params.g == NULL) | |
68 | return; | |
ca2bf555 | 69 | |
c829c23b RL |
70 | if ((group = ossl_ffc_numbers_to_dh_named_group(dh->params.p, |
71 | dh->params.q, | |
72 | dh->params.g)) != NULL) { | |
73 | if (dh->params.q == NULL) | |
74 | dh->params.q = (BIGNUM *)ossl_ffc_named_group_get_q(group); | |
ddb13b28 | 75 | /* cache the nid and default key length */ |
c829c23b | 76 | dh->params.nid = ossl_ffc_named_group_get_uid(group); |
ddb13b28 | 77 | dh->params.keylength = ossl_ffc_named_group_get_keylength(group); |
c829c23b | 78 | dh->dirty_cnt++; |
ca2bf555 | 79 | } |
738ee181 SL |
80 | } |
81 | ||
4718326a SL |
82 | int ossl_dh_is_named_safe_prime_group(const DH *dh) |
83 | { | |
84 | int id = DH_get_nid(dh); | |
85 | ||
86 | /* | |
87 | * Exclude RFC5114 groups (id = 1..3) since they do not have | |
88 | * q = (p - 1) / 2 | |
89 | */ | |
90 | return (id > 3); | |
91 | } | |
92 | ||
738ee181 SL |
93 | int DH_get_nid(const DH *dh) |
94 | { | |
95 | if (dh == NULL) | |
96 | return NID_undef; | |
97 | ||
98 | return dh->params.nid; | |
ca2bf555 | 99 | } |