crypto/dsa/dsa_check.c

   1 /*
   2  * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 /*
  11  * DSA low level APIs are deprecated for public use, but still ok for
  12  * internal use.
  13  */
  14 #include "internal/deprecated.h"
  15
  16 #include <stdio.h>
  17 #include "internal/cryptlib.h"
  18 #include <openssl/bn.h>
  19 #include "dsa_local.h"
  20 #include "crypto/dsa.h"
  21
  22 int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
  23 {
  24     if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
  25         return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params,
  26                                                FFC_PARAM_TYPE_DSA, ret);
  27     else
  28         /*
  29          * Do full FFC domain params validation according to FIPS-186-4
  30          *  - always in FIPS_MODULE
  31          *  - only if possible (i.e., seed is set) in default provider
  32          */
  33         return ossl_ffc_params_full_validate(dsa->libctx, &dsa->params,
  34                                              FFC_PARAM_TYPE_DSA, ret);
  35 }
  36
  37 /*
  38  * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
  39  */
  40 int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
  41 {
  42     return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret)
  43            && *ret == 0;
  44 }
  45
  46 /*
  47  * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation.
  48  * To only be used with ephemeral FFC public keys generated using the approved
  49  * safe-prime groups.
  50  */
  51 int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
  52 {
  53     return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret)
  54            && *ret == 0;
  55 }
  56
  57 int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
  58 {
  59     *ret = 0;
  60
  61     return (dsa->params.q != NULL
  62             && ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret));
  63 }
  64
  65 /*
  66  * FFC pairwise check from SP800-56A R3.
  67  *    Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
  68  */
  69 int ossl_dsa_check_pairwise(const DSA *dsa)
  70 {
  71     int ret = 0;
  72     BN_CTX *ctx = NULL;
  73     BIGNUM *pub_key = NULL;
  74
  75     if (dsa->params.p == NULL
  76         || dsa->params.g == NULL
  77         || dsa->priv_key == NULL
  78         || dsa->pub_key == NULL)
  79         return 0;
  80
  81     ctx = BN_CTX_new_ex(dsa->libctx);
  82     if (ctx == NULL)
  83         goto err;
  84     pub_key = BN_new();
  85     if (pub_key == NULL)
  86         goto err;
  87
  88     /* recalculate the public key = (g ^ priv) mod p */
  89     if (!ossl_dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
  90         goto err;
  91     /* check it matches the existing public_key */
  92     ret = BN_cmp(pub_key, dsa->pub_key) == 0;
  93 err:
  94     BN_free(pub_key);
  95     BN_CTX_free(ctx);
  96     return ret;
  97 }