2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DSA low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
16 #include "e_os.h" /* strcasecmp */
17 #include <openssl/core_numbers.h>
18 #include <openssl/core_names.h>
19 #include <openssl/bn.h>
20 #include <openssl/err.h>
21 #include "prov/providercommon.h"
22 #include "prov/implementations.h"
23 #include "prov/provider_ctx.h"
24 #include "crypto/dsa.h"
25 #include "internal/sizes.h"
26 #include "internal/nelem.h"
27 #include "internal/param_build_set.h"
29 static OSSL_OP_keymgmt_new_fn dsa_newdata
;
30 static OSSL_OP_keymgmt_free_fn dsa_freedata
;
31 static OSSL_OP_keymgmt_gen_init_fn dsa_gen_init
;
32 static OSSL_OP_keymgmt_gen_set_template_fn dsa_gen_set_template
;
33 static OSSL_OP_keymgmt_gen_set_params_fn dsa_gen_set_params
;
34 static OSSL_OP_keymgmt_gen_settable_params_fn dsa_gen_settable_params
;
35 static OSSL_OP_keymgmt_gen_fn dsa_gen
;
36 static OSSL_OP_keymgmt_gen_cleanup_fn dsa_gen_cleanup
;
37 static OSSL_OP_keymgmt_get_params_fn dsa_get_params
;
38 static OSSL_OP_keymgmt_gettable_params_fn dsa_gettable_params
;
39 static OSSL_OP_keymgmt_has_fn dsa_has
;
40 static OSSL_OP_keymgmt_match_fn dsa_match
;
41 static OSSL_OP_keymgmt_validate_fn dsa_validate
;
42 static OSSL_OP_keymgmt_import_fn dsa_import
;
43 static OSSL_OP_keymgmt_import_types_fn dsa_import_types
;
44 static OSSL_OP_keymgmt_export_fn dsa_export
;
45 static OSSL_OP_keymgmt_export_types_fn dsa_export_types
;
47 #define DSA_DEFAULT_MD "SHA256"
48 #define DSA_POSSIBLE_SELECTIONS \
49 (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
54 FFC_PARAMS
*ffc_params
;
56 /* All these parameters are used for parameter generation only */
60 unsigned char *seed
; /* optional FIPS186-4 param for testing */
62 int gindex
; /* optional FIPS186-4 generator index (ignored if -1) */
63 int gen_type
; /* DSA_PARAMGEN_TYPE_FIPS_186_2 or DSA_PARAMGEN_TYPE_FIPS_186_4 */
69 typedef struct dh_name2id_st
{
72 } DSA_GENTYPE_NAME2ID
;
74 static const DSA_GENTYPE_NAME2ID dsatype2id
[]=
76 { "default", DSA_PARAMGEN_TYPE_FIPS_186_4
},
77 { "fips186_4", DSA_PARAMGEN_TYPE_FIPS_186_4
},
78 { "fips186_2", DSA_PARAMGEN_TYPE_FIPS_186_2
},
81 static int dsa_gen_type_name2id(const char *name
)
85 for (i
= 0; i
< OSSL_NELEM(dsatype2id
); ++i
) {
86 if (strcasecmp(dsatype2id
[i
].name
, name
) == 0)
87 return dsatype2id
[i
].id
;
92 static int dsa_key_todata(DSA
*dsa
, OSSL_PARAM_BLD
*bld
, OSSL_PARAM params
[])
94 const BIGNUM
*priv
= NULL
, *pub
= NULL
;
99 DSA_get0_key(dsa
, &pub
, &priv
);
101 && !ossl_param_build_set_bn(bld
, params
, OSSL_PKEY_PARAM_PRIV_KEY
, priv
))
104 && !ossl_param_build_set_bn(bld
, params
, OSSL_PKEY_PARAM_PUB_KEY
, pub
))
110 static void *dsa_newdata(void *provctx
)
112 return dsa_new_with_ctx(PROV_LIBRARY_CONTEXT_OF(provctx
));
115 static void dsa_freedata(void *keydata
)
120 static int dsa_has(void *keydata
, int selection
)
126 if ((selection
& DSA_POSSIBLE_SELECTIONS
) != 0)
129 if ((selection
& OSSL_KEYMGMT_SELECT_PUBLIC_KEY
) != 0)
130 ok
= ok
&& (DSA_get0_pub_key(dsa
) != NULL
);
131 if ((selection
& OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0)
132 ok
= ok
&& (DSA_get0_priv_key(dsa
) != NULL
);
133 if ((selection
& OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) != 0)
134 ok
= ok
&& (DSA_get0_p(dsa
) != NULL
&& DSA_get0_g(dsa
) != NULL
);
139 static int dsa_match(const void *keydata1
, const void *keydata2
, int selection
)
141 const DSA
*dsa1
= keydata1
;
142 const DSA
*dsa2
= keydata2
;
145 if ((selection
& OSSL_KEYMGMT_SELECT_PUBLIC_KEY
) != 0)
147 && BN_cmp(DSA_get0_pub_key(dsa1
), DSA_get0_pub_key(dsa2
)) == 0;
148 if ((selection
& OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0)
150 && BN_cmp(DSA_get0_priv_key(dsa1
), DSA_get0_priv_key(dsa2
)) == 0;
151 if ((selection
& OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) != 0) {
152 FFC_PARAMS
*dsaparams1
= dsa_get0_params((DSA
*)dsa1
);
153 FFC_PARAMS
*dsaparams2
= dsa_get0_params((DSA
*)dsa2
);
155 ok
= ok
&& ffc_params_cmp(dsaparams1
, dsaparams2
, 1);
160 static int dsa_import(void *keydata
, int selection
, const OSSL_PARAM params
[])
168 if ((selection
& DSA_POSSIBLE_SELECTIONS
) == 0)
171 if ((selection
& OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
) != 0)
172 ok
= ok
&& dsa_ffc_params_fromdata(dsa
, params
);
173 if ((selection
& OSSL_KEYMGMT_SELECT_KEYPAIR
) != 0)
174 ok
= ok
&& dsa_key_fromdata(dsa
, params
);
179 static int dsa_export(void *keydata
, int selection
, OSSL_CALLBACK
*param_cb
,
183 OSSL_PARAM_BLD
*tmpl
= OSSL_PARAM_BLD_new();
184 OSSL_PARAM
*params
= NULL
;
190 if ((selection
& OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
) != 0)
191 ok
= ok
&& ffc_params_todata(dsa_get0_params(dsa
), tmpl
, NULL
);
192 if ((selection
& OSSL_KEYMGMT_SELECT_KEYPAIR
) != 0)
193 ok
= ok
&& dsa_key_todata(dsa
, tmpl
, NULL
);
196 || (params
= OSSL_PARAM_BLD_to_param(tmpl
)) == NULL
)
199 ok
= param_cb(params
, cbarg
);
200 OSSL_PARAM_BLD_free_params(params
);
202 OSSL_PARAM_BLD_free(tmpl
);
206 /* IMEXPORT = IMPORT + EXPORT */
208 # define DSA_IMEXPORTABLE_PARAMETERS \
209 OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_P, NULL, 0), \
210 OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_Q, NULL, 0), \
211 OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_G, NULL, 0), \
212 OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_COFACTOR, NULL, 0), \
213 OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GINDEX, NULL), \
214 OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), \
215 OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), \
216 OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_GROUP, NULL, 0), \
217 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED, NULL, 0)
218 # define DSA_IMEXPORTABLE_PUBLIC_KEY \
219 OSSL_PARAM_BN(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0)
220 # define DSA_IMEXPORTABLE_PRIVATE_KEY \
221 OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0)
222 static const OSSL_PARAM dsa_all_types
[] = {
223 DSA_IMEXPORTABLE_PARAMETERS
,
224 DSA_IMEXPORTABLE_PUBLIC_KEY
,
225 DSA_IMEXPORTABLE_PRIVATE_KEY
,
228 static const OSSL_PARAM dsa_parameter_types
[] = {
229 DSA_IMEXPORTABLE_PARAMETERS
,
232 static const OSSL_PARAM dsa_key_types
[] = {
233 DSA_IMEXPORTABLE_PUBLIC_KEY
,
234 DSA_IMEXPORTABLE_PRIVATE_KEY
,
237 static const OSSL_PARAM
*dsa_types
[] = {
238 NULL
, /* Index 0 = none of them */
239 dsa_parameter_types
, /* Index 1 = parameter types */
240 dsa_key_types
, /* Index 2 = key types */
241 dsa_all_types
/* Index 3 = 1 + 2 */
244 static const OSSL_PARAM
*dsa_imexport_types(int selection
)
248 if ((selection
& OSSL_KEYMGMT_SELECT_ALL_PARAMETERS
) != 0)
250 if ((selection
& OSSL_KEYMGMT_SELECT_KEYPAIR
) != 0)
252 return dsa_types
[type_select
];
255 static const OSSL_PARAM
*dsa_import_types(int selection
)
257 return dsa_imexport_types(selection
);
260 static const OSSL_PARAM
*dsa_export_types(int selection
)
262 return dsa_imexport_types(selection
);
265 static ossl_inline
int dsa_get_params(void *key
, OSSL_PARAM params
[])
270 if ((p
= OSSL_PARAM_locate(params
, OSSL_PKEY_PARAM_BITS
)) != NULL
271 && !OSSL_PARAM_set_int(p
, DSA_bits(dsa
)))
273 if ((p
= OSSL_PARAM_locate(params
, OSSL_PKEY_PARAM_SECURITY_BITS
)) != NULL
274 && !OSSL_PARAM_set_int(p
, DSA_security_bits(dsa
)))
276 if ((p
= OSSL_PARAM_locate(params
, OSSL_PKEY_PARAM_MAX_SIZE
)) != NULL
277 && !OSSL_PARAM_set_int(p
, DSA_size(dsa
)))
279 if ((p
= OSSL_PARAM_locate(params
, OSSL_PKEY_PARAM_DEFAULT_DIGEST
)) != NULL
280 && !OSSL_PARAM_set_utf8_string(p
, DSA_DEFAULT_MD
))
282 return ffc_params_todata(dsa_get0_params(dsa
), NULL
, params
)
283 && dsa_key_todata(dsa
, NULL
, params
);
286 static const OSSL_PARAM dsa_params
[] = {
287 OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS
, NULL
),
288 OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS
, NULL
),
289 OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE
, NULL
),
290 OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST
, NULL
, 0),
291 DSA_IMEXPORTABLE_PARAMETERS
,
292 DSA_IMEXPORTABLE_PUBLIC_KEY
,
293 DSA_IMEXPORTABLE_PRIVATE_KEY
,
297 static const OSSL_PARAM
*dsa_gettable_params(void)
302 static int dsa_validate_domparams(DSA
*dsa
)
306 return dsa_check_params(dsa
, &status
);
309 static int dsa_validate_public(DSA
*dsa
)
312 const BIGNUM
*pub_key
= NULL
;
314 DSA_get0_key(dsa
, &pub_key
, NULL
);
315 return dsa_check_pub_key(dsa
, pub_key
, &status
);
318 static int dsa_validate_private(DSA
*dsa
)
321 const BIGNUM
*priv_key
= NULL
;
323 DSA_get0_key(dsa
, NULL
, &priv_key
);
324 return dsa_check_priv_key(dsa
, priv_key
, &status
);
327 static int dsa_validate(void *keydata
, int selection
)
332 if ((selection
& DSA_POSSIBLE_SELECTIONS
) != 0)
335 if ((selection
& OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) != 0)
336 ok
= ok
&& dsa_validate_domparams(dsa
);
338 if ((selection
& OSSL_KEYMGMT_SELECT_PUBLIC_KEY
) != 0)
339 ok
= ok
&& dsa_validate_public(dsa
);
341 if ((selection
& OSSL_KEYMGMT_SELECT_PRIVATE_KEY
) != 0)
342 ok
= ok
&& dsa_validate_private(dsa
);
344 /* If the whole key is selected, we do a pairwise validation */
345 if ((selection
& OSSL_KEYMGMT_SELECT_KEYPAIR
)
346 == OSSL_KEYMGMT_SELECT_KEYPAIR
)
347 ok
= ok
&& dsa_check_pairwise(dsa
);
351 static void *dsa_gen_init(void *provctx
, int selection
)
353 OPENSSL_CTX
*libctx
= PROV_LIBRARY_CONTEXT_OF(provctx
);
354 struct dsa_gen_ctx
*gctx
= NULL
;
356 if ((selection
& DSA_POSSIBLE_SELECTIONS
) == 0)
359 if ((gctx
= OPENSSL_zalloc(sizeof(*gctx
))) != NULL
) {
360 gctx
->selection
= selection
;
361 gctx
->libctx
= libctx
;
365 gctx
->gen_type
= DSA_PARAMGEN_TYPE_FIPS_186_4
;
373 static int dsa_gen_set_template(void *genctx
, void *templ
)
375 struct dsa_gen_ctx
*gctx
= genctx
;
378 if (gctx
== NULL
|| dsa
== NULL
)
380 gctx
->ffc_params
= dsa_get0_params(dsa
);
384 static int dsa_set_gen_seed(struct dsa_gen_ctx
*gctx
, unsigned char *seed
,
387 OPENSSL_clear_free(gctx
->seed
, gctx
->seedlen
);
390 if (seed
!= NULL
&& seedlen
> 0) {
391 gctx
->seed
= OPENSSL_memdup(seed
, seedlen
);
392 if (gctx
->seed
== NULL
)
394 gctx
->seedlen
= seedlen
;
399 static int dsa_gen_set_params(void *genctx
, const OSSL_PARAM params
[])
401 struct dsa_gen_ctx
*gctx
= genctx
;
407 p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_TYPE
);
409 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
410 || ((gctx
->gen_type
= dsa_gen_type_name2id(p
->data
)) == -1)) {
411 ERR_raise(ERR_LIB_PROV
, ERR_R_PASSED_INVALID_ARGUMENT
);
415 p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_GINDEX
);
417 && !OSSL_PARAM_get_int(p
, &gctx
->gindex
))
419 p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_PCOUNTER
);
421 && !OSSL_PARAM_get_int(p
, &gctx
->pcounter
))
423 p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_H
);
425 && !OSSL_PARAM_get_int(p
, &gctx
->hindex
))
427 p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_SEED
);
429 && (p
->data_type
!= OSSL_PARAM_OCTET_STRING
430 || !dsa_set_gen_seed(gctx
, p
->data
, p
->data_size
)))
432 if ((p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_PBITS
)) != NULL
433 && !OSSL_PARAM_get_size_t(p
, &gctx
->pbits
))
435 if ((p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_QBITS
)) != NULL
436 && !OSSL_PARAM_get_size_t(p
, &gctx
->qbits
))
438 p
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_DIGEST
);
440 const OSSL_PARAM
*p1
;
441 char mdprops
[OSSL_MAX_PROPQUERY_SIZE
] = { '\0' };
444 if (p
->data_type
!= OSSL_PARAM_UTF8_STRING
)
446 p1
= OSSL_PARAM_locate_const(params
, OSSL_PKEY_PARAM_FFC_DIGEST_PROPS
);
448 if (!OSSL_PARAM_get_utf8_string(p1
, &str
, sizeof(mdprops
)))
451 EVP_MD_free(gctx
->md
);
452 gctx
->md
= EVP_MD_fetch(gctx
->libctx
, p
->data
, mdprops
);
453 if (gctx
->md
== NULL
)
459 static const OSSL_PARAM
*dsa_gen_settable_params(void *provctx
)
461 static OSSL_PARAM settable
[] = {
462 OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE
, NULL
, 0),
463 OSSL_PARAM_size_t(OSSL_PKEY_PARAM_FFC_PBITS
, NULL
),
464 OSSL_PARAM_size_t(OSSL_PKEY_PARAM_FFC_QBITS
, NULL
),
465 OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST
, NULL
, 0),
466 OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST_PROPS
, NULL
, 0),
467 OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GINDEX
, NULL
),
468 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED
, NULL
, 0),
469 OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER
, NULL
),
470 OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H
, NULL
),
476 static int dsa_gencb(int p
, int n
, BN_GENCB
*cb
)
478 struct dsa_gen_ctx
*gctx
= BN_GENCB_get_arg(cb
);
479 OSSL_PARAM params
[] = { OSSL_PARAM_END
, OSSL_PARAM_END
, OSSL_PARAM_END
};
481 params
[0] = OSSL_PARAM_construct_int(OSSL_GEN_PARAM_POTENTIAL
, &p
);
482 params
[1] = OSSL_PARAM_construct_int(OSSL_GEN_PARAM_ITERATION
, &n
);
484 return gctx
->cb(params
, gctx
->cbarg
);
487 static void *dsa_gen(void *genctx
, OSSL_CALLBACK
*osslcb
, void *cbarg
)
489 struct dsa_gen_ctx
*gctx
= genctx
;
491 BN_GENCB
*gencb
= NULL
;
497 dsa
= dsa_new_with_ctx(gctx
->libctx
);
503 gencb
= BN_GENCB_new();
505 BN_GENCB_set(gencb
, dsa_gencb
, genctx
);
507 ffc
= dsa_get0_params(dsa
);
508 /* Copy the template value if one was passed */
509 if (gctx
->ffc_params
!= NULL
510 && !ffc_params_copy(ffc
, gctx
->ffc_params
))
513 if (gctx
->seed
!= NULL
514 && !ffc_params_set_seed(ffc
, gctx
->seed
, gctx
->seedlen
))
516 if (gctx
->gindex
!= -1) {
517 ffc_params_set_gindex(ffc
, gctx
->gindex
);
518 if (gctx
->pcounter
!= -1)
519 ffc_params_set_pcounter(ffc
, gctx
->pcounter
);
520 } else if (gctx
->hindex
!= 0) {
521 ffc_params_set_h(ffc
, gctx
->hindex
);
523 if ((gctx
->selection
& OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS
) != 0) {
525 if (dsa_generate_ffc_parameters(dsa
, gctx
->gen_type
,
526 gctx
->pbits
, gctx
->qbits
, gctx
->md
,
530 if ((gctx
->selection
& OSSL_KEYMGMT_SELECT_KEYPAIR
) != 0) {
535 if (DSA_generate_key(dsa
) <= 0)
544 BN_GENCB_free(gencb
);
548 static void dsa_gen_cleanup(void *genctx
)
550 struct dsa_gen_ctx
*gctx
= genctx
;
555 OPENSSL_clear_free(gctx
->seed
, gctx
->seedlen
);
556 EVP_MD_free(gctx
->md
);
560 const OSSL_DISPATCH dsa_keymgmt_functions
[] = {
561 { OSSL_FUNC_KEYMGMT_NEW
, (void (*)(void))dsa_newdata
},
562 { OSSL_FUNC_KEYMGMT_GEN_INIT
, (void (*)(void))dsa_gen_init
},
563 { OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE
, (void (*)(void))dsa_gen_set_template
},
564 { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS
, (void (*)(void))dsa_gen_set_params
},
565 { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS
,
566 (void (*)(void))dsa_gen_settable_params
},
567 { OSSL_FUNC_KEYMGMT_GEN
, (void (*)(void))dsa_gen
},
568 { OSSL_FUNC_KEYMGMT_GEN_CLEANUP
, (void (*)(void))dsa_gen_cleanup
},
569 { OSSL_FUNC_KEYMGMT_FREE
, (void (*)(void))dsa_freedata
},
570 { OSSL_FUNC_KEYMGMT_GET_PARAMS
, (void (*) (void))dsa_get_params
},
571 { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS
, (void (*) (void))dsa_gettable_params
},
572 { OSSL_FUNC_KEYMGMT_HAS
, (void (*)(void))dsa_has
},
573 { OSSL_FUNC_KEYMGMT_MATCH
, (void (*)(void))dsa_match
},
574 { OSSL_FUNC_KEYMGMT_VALIDATE
, (void (*)(void))dsa_validate
},
575 { OSSL_FUNC_KEYMGMT_IMPORT
, (void (*)(void))dsa_import
},
576 { OSSL_FUNC_KEYMGMT_IMPORT_TYPES
, (void (*)(void))dsa_import_types
},
577 { OSSL_FUNC_KEYMGMT_EXPORT
, (void (*)(void))dsa_export
},
578 { OSSL_FUNC_KEYMGMT_EXPORT_TYPES
, (void (*)(void))dsa_export_types
},