crypto/ffc/ffc_dh.c

   1 /*
   2  * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include "internal/ffc.h"
  11 #include "internal/nelem.h"
  12 #include "crypto/bn_dh.h"
  13 #include "e_os.h" /* strcasecmp */
  14
  15 #ifndef OPENSSL_NO_DH
  16
  17 # define FFDHE(sz) {                                                        \
  18         SN_ffdhe##sz, NID_ffdhe##sz,                                        \
  19         sz,                                                                 \
  20         &_bignum_ffdhe##sz##_p, &_bignum_ffdhe##sz##_q, &_bignum_const_2,   \
  21     }
  22
  23 # define MODP(sz)  {                                                        \
  24         SN_modp_##sz, NID_modp_##sz,                                        \
  25         sz,                                                                 \
  26         &_bignum_modp_##sz##_p, &_bignum_modp_##sz##_q,  &_bignum_const_2   \
  27     }
  28
  29 # define RFC5114(name, uid, sz, tag) {                                      \
  30         name, uid,                                                          \
  31         sz,                                                                 \
  32         &_bignum_dh##tag##_p, &_bignum_dh##tag##_q, &_bignum_dh##tag##_g    \
  33     }
  34
  35 #else
  36
  37 # define FFDHE(sz)                      { SN_ffdhe##sz, NID_ffdhe##sz }
  38 # define MODP(sz)                       { SN_modp_##sz, NID_modp_##sz }
  39 # define RFC5114(name, uid, sz, tag)    { name, uid }
  40
  41 #endif
  42
  43 struct dh_named_group_st {
  44     const char *name;
  45     int uid;
  46 #ifndef OPENSSL_NO_DH
  47     int32_t nbits;
  48     const BIGNUM *p;
  49     const BIGNUM *q;
  50     const BIGNUM *g;
  51 #endif
  52 };
  53
  54 static const DH_NAMED_GROUP dh_named_groups[] = {
  55     FFDHE(2048),
  56     FFDHE(3072),
  57     FFDHE(4096),
  58     FFDHE(6144),
  59     FFDHE(8192),
  60 #ifndef FIPS_MODULE
  61     MODP(1536),
  62 #endif
  63     MODP(2048),
  64     MODP(3072),
  65     MODP(4096),
  66     MODP(6144),
  67     MODP(8192),
  68     /*
  69      * Additional dh named groups from RFC 5114 that have a different g.
  70      * The uid can be any unique identifier.
  71      */
  72 #ifndef FIPS_MODULE
  73     RFC5114("dh_1024_160", 1, 1024, 1024_160),
  74     RFC5114("dh_2048_224", 2, 2048, 2048_224),
  75     RFC5114("dh_2048_256", 3, 2048, 2048_256),
  76 #endif
  77 };
  78
  79 const DH_NAMED_GROUP *ossl_ffc_name_to_dh_named_group(const char *name)
  80 {
  81     size_t i;
  82
  83     for (i = 0; i < OSSL_NELEM(dh_named_groups); ++i) {
  84         if (strcasecmp(dh_named_groups[i].name, name) == 0)
  85             return &dh_named_groups[i];
  86     }
  87     return NULL;
  88 }
  89
  90 const DH_NAMED_GROUP *ossl_ffc_uid_to_dh_named_group(int uid)
  91 {
  92     size_t i;
  93
  94     for (i = 0; i < OSSL_NELEM(dh_named_groups); ++i) {
  95         if (dh_named_groups[i].uid == uid)
  96             return &dh_named_groups[i];
  97     }
  98     return NULL;
  99 }
 100
 101 #ifndef OPENSSL_NO_DH
 102 const DH_NAMED_GROUP *ossl_ffc_numbers_to_dh_named_group(const BIGNUM *p,
 103                                                          const BIGNUM *q,
 104                                                          const BIGNUM *g)
 105 {
 106     size_t i;
 107
 108     for (i = 0; i < OSSL_NELEM(dh_named_groups); ++i) {
 109         /* Keep searching until a matching p and g is found */
 110         if (BN_cmp(p, dh_named_groups[i].p) == 0
 111             && BN_cmp(g, dh_named_groups[i].g) == 0
 112             /* Verify q is correct if it exists */
 113             && ((q != NULL && BN_cmp(q, dh_named_groups[i].q) == 0)
 114                 /* Do not match RFC 5114 groups without q */
 115                 || (q == NULL && dh_named_groups[i].uid > 3)))
 116             return &dh_named_groups[i];
 117     }
 118     return NULL;
 119 }
 120 #endif
 121
 122 int ossl_ffc_named_group_get_uid(const DH_NAMED_GROUP *group)
 123 {
 124     if (group == NULL)
 125         return NID_undef;
 126     return group->uid;
 127 }
 128
 129 const char *ossl_ffc_named_group_get_name(const DH_NAMED_GROUP *group)
 130 {
 131     if (group == NULL)
 132         return NULL;
 133     return group->name;
 134 }
 135
 136 #ifndef OPENSSL_NO_DH
 137 const BIGNUM *ossl_ffc_named_group_get_q(const DH_NAMED_GROUP *group)
 138 {
 139     if (group == NULL)
 140         return NULL;
 141     return group->q;
 142 }
 143
 144 int ossl_ffc_named_group_set_pqg(FFC_PARAMS *ffc, const DH_NAMED_GROUP *group)
 145 {
 146     if (ffc == NULL || group == NULL)
 147         return 0;
 148
 149     ossl_ffc_params_set0_pqg(ffc, (BIGNUM *)group->p, (BIGNUM *)group->q,
 150                              (BIGNUM *)group->g);
 151
 152     /* flush the cached nid, The DH layer is responsible for caching */
 153     ffc->nid = NID_undef;
 154     return 1;
 155 }
 156 #endif