]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/dh/dh_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add DH keygen to providers
[thirdparty/openssl.git] / crypto / dh / dh_lib.c
1 /*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DH low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include <openssl/bn.h>
18 #include <openssl/engine.h>
19 #include <openssl/obj_mac.h>
20 #include <openssl/core_names.h>
21 #include "internal/cryptlib.h"
22 #include "internal/refcount.h"
23 #include "crypto/evp.h"
24 #include "crypto/dh.h"
25 #include "dh_local.h"
26
27 static DH *dh_new_intern(ENGINE *engine, OPENSSL_CTX *libctx);
28
29 #ifndef FIPS_MODE
30 int DH_set_method(DH *dh, const DH_METHOD *meth)
31 {
32 /*
33 * NB: The caller is specifically setting a method, so it's not up to us
34 * to deal with which ENGINE it comes from.
35 */
36 const DH_METHOD *mtmp;
37 mtmp = dh->meth;
38 if (mtmp->finish)
39 mtmp->finish(dh);
40 #ifndef OPENSSL_NO_ENGINE
41 ENGINE_finish(dh->engine);
42 dh->engine = NULL;
43 #endif
44 dh->meth = meth;
45 if (meth->init)
46 meth->init(dh);
47 return 1;
48 }
49
50 const DH_METHOD *dh_get_method(const DH *dh)
51 {
52 return dh->meth;
53 }
54
55 DH *DH_new(void)
56 {
57 return dh_new_intern(NULL, NULL);
58 }
59
60 DH *DH_new_method(ENGINE *engine)
61 {
62 return dh_new_intern(engine, NULL);
63 }
64 #endif /* !FIPS_MODE */
65
66 DH *dh_new_with_libctx(OPENSSL_CTX *libctx)
67 {
68 return dh_new_intern(NULL, libctx);
69 }
70
71 static DH *dh_new_intern(ENGINE *engine, OPENSSL_CTX *libctx)
72 {
73 DH *ret = OPENSSL_zalloc(sizeof(*ret));
74
75 if (ret == NULL) {
76 DHerr(0, ERR_R_MALLOC_FAILURE);
77 return NULL;
78 }
79
80 ret->references = 1;
81 ret->lock = CRYPTO_THREAD_lock_new();
82 if (ret->lock == NULL) {
83 DHerr(0, ERR_R_MALLOC_FAILURE);
84 OPENSSL_free(ret);
85 return NULL;
86 }
87
88 ret->libctx = libctx;
89 ret->meth = DH_get_default_method();
90 #if !defined(FIPS_MODE) && !defined(OPENSSL_NO_ENGINE)
91 ret->flags = ret->meth->flags; /* early default init */
92 if (engine) {
93 if (!ENGINE_init(engine)) {
94 DHerr(0, ERR_R_ENGINE_LIB);
95 goto err;
96 }
97 ret->engine = engine;
98 } else
99 ret->engine = ENGINE_get_default_DH();
100 if (ret->engine) {
101 ret->meth = ENGINE_get_DH(ret->engine);
102 if (ret->meth == NULL) {
103 DHerr(0, ERR_R_ENGINE_LIB);
104 goto err;
105 }
106 }
107 #endif
108
109 ret->flags = ret->meth->flags;
110
111 #ifndef FIPS_MODE
112 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data))
113 goto err;
114 #endif /* FIPS_MODE */
115
116 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
117 DHerr(0, ERR_R_INIT_FAIL);
118 goto err;
119 }
120
121 return ret;
122
123 err:
124 DH_free(ret);
125 return NULL;
126 }
127
128 void DH_free(DH *r)
129 {
130 int i;
131
132 if (r == NULL)
133 return;
134
135 CRYPTO_DOWN_REF(&r->references, &i, r->lock);
136 REF_PRINT_COUNT("DH", r);
137 if (i > 0)
138 return;
139 REF_ASSERT_ISNT(i < 0);
140
141 if (r->meth != NULL && r->meth->finish != NULL)
142 r->meth->finish(r);
143 #if !defined(FIPS_MODE)
144 # if !defined(OPENSSL_NO_ENGINE)
145 ENGINE_finish(r->engine);
146 # endif
147 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
148 #endif
149
150 CRYPTO_THREAD_lock_free(r->lock);
151
152 ffc_params_cleanup(&r->params);
153 BN_clear_free(r->pub_key);
154 BN_clear_free(r->priv_key);
155 OPENSSL_free(r);
156 }
157
158 int DH_up_ref(DH *r)
159 {
160 int i;
161
162 if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
163 return 0;
164
165 REF_PRINT_COUNT("DH", r);
166 REF_ASSERT_ISNT(i < 2);
167 return ((i > 1) ? 1 : 0);
168 }
169
170 #ifndef FIPS_MODE
171 int DH_set_ex_data(DH *d, int idx, void *arg)
172 {
173 return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
174 }
175
176 void *DH_get_ex_data(const DH *d, int idx)
177 {
178 return CRYPTO_get_ex_data(&d->ex_data, idx);
179 }
180 #endif
181
182 int DH_bits(const DH *dh)
183 {
184 return BN_num_bits(dh->params.p);
185 }
186
187 int DH_size(const DH *dh)
188 {
189 return BN_num_bytes(dh->params.p);
190 }
191
192 int DH_security_bits(const DH *dh)
193 {
194 int N;
195 if (dh->params.q != NULL)
196 N = BN_num_bits(dh->params.q);
197 else if (dh->length)
198 N = dh->length;
199 else
200 N = -1;
201 return BN_security_bits(BN_num_bits(dh->params.p), N);
202 }
203
204 void DH_get0_pqg(const DH *dh,
205 const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
206 {
207 ffc_params_get0_pqg(&dh->params, p, q, g);
208 }
209
210 int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
211 {
212 /* If the fields p and g in d are NULL, the corresponding input
213 * parameters MUST be non-NULL. q may remain NULL.
214 */
215 if ((dh->params.p == NULL && p == NULL)
216 || (dh->params.g == NULL && g == NULL))
217 return 0;
218
219 ffc_params_set0_pqg(&dh->params, p, q, g);
220 dh->params.nid = NID_undef;
221 /*
222 * Check if this is a named group. If it finds a named group then the
223 * 'q' and 'length' value are either already set or are set by the
224 * call.
225 */
226 if (DH_get_nid(dh) == NID_undef) {
227 /* If its not a named group then set the 'length' if q is not NULL */
228 if (q != NULL)
229 dh->length = BN_num_bits(q);
230 }
231 dh->dirty_cnt++;
232 return 1;
233 }
234
235 long DH_get_length(const DH *dh)
236 {
237 return dh->length;
238 }
239
240 int DH_set_length(DH *dh, long length)
241 {
242 dh->length = length;
243 return 1;
244 }
245
246 void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
247 {
248 if (pub_key != NULL)
249 *pub_key = dh->pub_key;
250 if (priv_key != NULL)
251 *priv_key = dh->priv_key;
252 }
253
254 int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
255 {
256 if (pub_key != NULL) {
257 BN_clear_free(dh->pub_key);
258 dh->pub_key = pub_key;
259 }
260 if (priv_key != NULL) {
261 BN_clear_free(dh->priv_key);
262 dh->priv_key = priv_key;
263 }
264
265 dh->dirty_cnt++;
266 return 1;
267 }
268
269 const BIGNUM *DH_get0_p(const DH *dh)
270 {
271 return dh->params.p;
272 }
273
274 const BIGNUM *DH_get0_q(const DH *dh)
275 {
276 return dh->params.q;
277 }
278
279 const BIGNUM *DH_get0_g(const DH *dh)
280 {
281 return dh->params.g;
282 }
283
284 const BIGNUM *DH_get0_priv_key(const DH *dh)
285 {
286 return dh->priv_key;
287 }
288
289 const BIGNUM *DH_get0_pub_key(const DH *dh)
290 {
291 return dh->pub_key;
292 }
293
294 void DH_clear_flags(DH *dh, int flags)
295 {
296 dh->flags &= ~flags;
297 }
298
299 int DH_test_flags(const DH *dh, int flags)
300 {
301 return dh->flags & flags;
302 }
303
304 void DH_set_flags(DH *dh, int flags)
305 {
306 dh->flags |= flags;
307 }
308
309 #ifndef FIPS_MODE
310 ENGINE *DH_get0_engine(DH *dh)
311 {
312 return dh->engine;
313 }
314 #endif /*FIPS_MODE */
315
316 FFC_PARAMS *dh_get0_params(DH *dh)
317 {
318 return &dh->params;
319 }
320 int dh_get0_nid(const DH *dh)
321 {
322 return dh->params.nid;
323 }
324
325 int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[])
326 {
327 int ret;
328 FFC_PARAMS *ffc;
329
330 if (dh == NULL)
331 return 0;
332 ffc = dh_get0_params(dh);
333 if (ffc == NULL)
334 return 0;
335
336 ret = ffc_params_fromdata(ffc, params);
337 if (ret) {
338 DH_get_nid(dh);
339 dh->dirty_cnt++;
340 }
341 return ret;
342 }
343
344 static int dh_paramgen_check(EVP_PKEY_CTX *ctx)
345 {
346 if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
347 ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
348 /* Uses the same return values as EVP_PKEY_CTX_ctrl */
349 return -2;
350 }
351 /* If key type not DH return error */
352 if (ctx->pmeth != NULL
353 && ctx->pmeth->pkey_id != EVP_PKEY_DH
354 && ctx->pmeth->pkey_id != EVP_PKEY_DHX)
355 return -1;
356 return 1;
357 }
358
359 int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex)
360 {
361 int ret;
362 OSSL_PARAM params[2], *p = params;
363
364 if ((ret = dh_paramgen_check(ctx)) <= 0)
365 return ret;
366
367 *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex);
368 *p++ = OSSL_PARAM_construct_end();
369
370 return EVP_PKEY_CTX_set_params(ctx, params);
371 }
372
373 int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx,
374 const unsigned char *seed,
375 size_t seedlen)
376 {
377 int ret;
378 OSSL_PARAM params[2], *p = params;
379
380 if ((ret = dh_paramgen_check(ctx)) <= 0)
381 return ret;
382
383 *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED,
384 (void *)seed, seedlen);
385 *p++ = OSSL_PARAM_construct_end();
386
387 return EVP_PKEY_CTX_set_params(ctx, params);
388 }
389
390 int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ)
391 {
392 int ret;
393 OSSL_PARAM params[2], *p = params;
394 const char *name;
395
396 if ((ret = dh_paramgen_check(ctx)) <= 0)
397 return ret;
398
399 #if !defined(FIPS_MODE)
400 /* TODO(3.0): Remove this eventually when no more legacy */
401 if (ctx->op.keymgmt.genctx == NULL)
402 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
403 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL);
404 #endif
405
406 name = dh_gen_type_id2name(typ);
407 if (name == NULL)
408 return 0;
409 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE,
410 (char *) name, 0);
411 *p++ = OSSL_PARAM_construct_end();
412
413 return EVP_PKEY_CTX_set_params(ctx, params);
414 }
415
416 int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits)
417 {
418 int ret;
419 OSSL_PARAM params[2], *p = params;
420 size_t bits = pbits;
421
422 if ((ret = dh_paramgen_check(ctx)) <= 0)
423 return ret;
424
425 #if !defined(FIPS_MODE)
426 /* TODO(3.0): Remove this eventually when no more legacy */
427 if (ctx->op.keymgmt.genctx == NULL)
428 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
429 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, pbits,
430 NULL);
431 #endif
432 *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_PBITS, &bits);
433 *p++ = OSSL_PARAM_construct_end();
434 return EVP_PKEY_CTX_set_params(ctx, params);
435 }
436
437 int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qbits)
438 {
439 int ret;
440 OSSL_PARAM params[2], *p = params;
441 size_t bits2 = qbits;
442
443 if ((ret = dh_paramgen_check(ctx)) <= 0)
444 return ret;
445
446 #if !defined(FIPS_MODE)
447 /* TODO(3.0): Remove this eventually when no more legacy */
448 if (ctx->op.keymgmt.genctx == NULL)
449 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
450 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, qbits,
451 NULL);
452 #endif
453 *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_QBITS, &bits2);
454 *p++ = OSSL_PARAM_construct_end();
455
456 return EVP_PKEY_CTX_set_params(ctx, params);
457 }
458
459 int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen)
460 {
461 int ret;
462 OSSL_PARAM params[2], *p = params;
463
464 if ((ret = dh_paramgen_check(ctx)) <= 0)
465 return ret;
466
467 #if !defined(FIPS_MODE)
468 /* TODO(3.0): Remove this eventually when no more legacy */
469 if (ctx->op.keymgmt.genctx == NULL)
470 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN,
471 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL);
472 #endif
473
474 *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GENERATOR, &gen);
475 *p++ = OSSL_PARAM_construct_end();
476
477 return EVP_PKEY_CTX_set_params(ctx, params);
478 }
479
480 int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen)
481 {
482 int ret;
483 OSSL_PARAM params[2], *p = params;
484 const char *name;
485
486 if ((ret = dh_paramgen_check(ctx)) <= 0)
487 return ret;
488
489 #if !defined(FIPS_MODE)
490 /* TODO(3.0): Remove this eventually when no more legacy */
491 if (ctx->op.keymgmt.genctx == NULL)
492 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN,
493 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL);
494 #endif
495 name = ffc_named_group_from_uid(gen);
496 if (name == NULL)
497 return 0;
498
499 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_GROUP,
500 (void *)name, 0);
501 *p++ = OSSL_PARAM_construct_end();
502 return EVP_PKEY_CTX_set_params(ctx, params);
503 }
504
505 int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen)
506 {
507 return EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen);
508 }
509
510 int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid)
511 {
512 int ret;
513 OSSL_PARAM params[2], *p = params;
514 const char *name;
515
516 if ((ret = dh_paramgen_check(ctx)) <= 0)
517 return ret;
518
519 #if !defined(FIPS_MODE)
520 /* TODO(3.0): Remove this eventually when no more legacy */
521 if (ctx->op.keymgmt.genctx == NULL)
522 return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
523 EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN,
524 EVP_PKEY_CTRL_DH_NID, nid, NULL);
525 #endif
526 name = ffc_named_group_from_uid(nid);
527 if (name == NULL)
528 return 0;
529
530 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_GROUP,
531 (void *)name, 0);
532 *p++ = OSSL_PARAM_construct_end();
533 return EVP_PKEY_CTX_set_params(ctx, params);
534 }
A mirror of the official openssl repository