[thirdparty/openssl.git] / crypto / dh / dh_ameth.c

/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
 * project 2006.
 */
/* ====================================================================
 * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <stdio.h>
#include "cryptlib.h"
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/dh.h>
#include "asn1_locl.h"

static void int_dh_free(EVP_PKEY *pkey)
	{
	DH_free(pkey->pkey.dh);
	}

static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
	{
	const unsigned char *p, *pm;
	int pklen, pmlen;
	int ptype;
	void *pval;
	ASN1_STRING *pstr;
	X509_ALGOR *palg;
	ASN1_INTEGER *public_key = NULL;

	DH *dh = NULL;

	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
		return 0;
	X509_ALGOR_get0(NULL, &ptype, &pval, palg);

	if (ptype != V_ASN1_SEQUENCE)
		{
		DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
		goto err;
		}

	pstr = pval;	
	pm = pstr->data;
	pmlen = pstr->length;

	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
		{
		DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
		goto err;
		}

	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
		{
		DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
		goto err;
		}

	/* We have parameters now set public key */
	if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
		{
		DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
		goto err;
		}

	ASN1_INTEGER_free(public_key);
	EVP_PKEY_assign_DH(pkey, dh);
	return 1;

	err:
	if (public_key)
		ASN1_INTEGER_free(public_key);
	if (dh)
		DH_free(dh);
	return 0;

	}

static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
	{
	DH *dh;
	void *pval = NULL;
	int ptype;
	unsigned char *penc = NULL;
	int penclen;
	ASN1_STRING *str;
	ASN1_INTEGER *pub_key = NULL;

	dh=pkey->pkey.dh;

	str = ASN1_STRING_new();
	str->length = i2d_DHparams(dh, &str->data);
	if (str->length <= 0)
		{
		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
		goto err;
		}
	pval = str;
	ptype = V_ASN1_SEQUENCE;

	pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
	if (!pub_key)
		goto err;

	penclen = i2d_ASN1_INTEGER(pub_key, &penc);

	ASN1_INTEGER_free(pub_key);

	if (penclen <= 0)
		{
		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
		goto err;
		}

	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
				ptype, pval, penc, penclen))
		return 1;

	err:
	if (penc)
		OPENSSL_free(penc);
	if (pval)
		ASN1_STRING_free(pval);

	return 0;
	}


/* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
 * that the AlgorithmIdentifier contains the paramaters, the private key
 * is explcitly included and the pubkey must be recalculated.
 */
	
static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
	{
	const unsigned char *p, *pm;
	int pklen, pmlen;
	int ptype;
	void *pval;
	ASN1_STRING *pstr;
	X509_ALGOR *palg;
	ASN1_INTEGER *privkey = NULL;

	DH *dh = NULL;

	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
		return 0;

	X509_ALGOR_get0(NULL, &ptype, &pval, palg);

	if (ptype != V_ASN1_SEQUENCE)
			goto decerr;

	if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
		goto decerr;


	pstr = pval;	
	pm = pstr->data;
	pmlen = pstr->length;
	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
		goto decerr;
	/* We have parameters now set private key */
	if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
		{
		DHerr(DH_F_DH_PRIV_DECODE,DH_R_BN_ERROR);
		goto dherr;
		}
	/* Calculate public key */
	if (!DH_generate_key(dh))
		goto dherr;

	EVP_PKEY_assign_DH(pkey, dh);

	ASN1_INTEGER_free(privkey);

	return 1;

	decerr:
	DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
	dherr:
	DH_free(dh);
	return 0;
	}

static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
{
	ASN1_STRING *params = NULL;
	ASN1_INTEGER *prkey = NULL;
	unsigned char *dp = NULL;
	int dplen;

	params = ASN1_STRING_new();

	if (!params)
		{
		DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
		goto err;
		}

	params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
	if (params->length <= 0)
		{
		DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
		goto err;
		}
	params->type = V_ASN1_SEQUENCE;

	/* Get private key into integer */
	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);

	if (!prkey)
		{
		DHerr(DH_F_DH_PRIV_ENCODE,DH_R_BN_ERROR);
		goto err;
		}

	dplen = i2d_ASN1_INTEGER(prkey, &dp);

	ASN1_INTEGER_free(prkey);

	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
				V_ASN1_SEQUENCE, params, dp, dplen))
		goto err;

	return 1;

err:
	if (dp != NULL)
		OPENSSL_free(dp);
	if (params != NULL)
		ASN1_STRING_free(params);
	if (prkey != NULL)
		ASN1_INTEGER_free(prkey);
	return 0;
}


static void update_buflen(const BIGNUM *b, size_t *pbuflen)
	{
	size_t i;
	if (!b)
		return;
	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
			*pbuflen = i;
	}

static int dh_param_decode(EVP_PKEY *pkey,
					const unsigned char **pder, int derlen)
	{
	DH *dh;
	if (!(dh = d2i_DHparams(NULL, pder, derlen)))
		{
		DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
		return 0;
		}
	EVP_PKEY_assign_DH(pkey, dh);
	return 1;
	}

static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
	{
	return i2d_DHparams(pkey->pkey.dh, pder);
	}

static int do_dh_print(BIO *bp, const DH *x, int indent,
						ASN1_PCTX *ctx, int ptype)
	{
	unsigned char *m=NULL;
	int reason=ERR_R_BUF_LIB,ret=0;
	size_t buf_len=0;

	const char *ktype = NULL;

	BIGNUM *priv_key, *pub_key;

	if (ptype == 2)
		priv_key = x->priv_key;
	else
		priv_key = NULL;

	if (ptype > 0)
		pub_key = x->pub_key;
	else
		pub_key = NULL;

	update_buflen(x->p, &buf_len);

	if (buf_len == 0)
		{
		reason = ERR_R_PASSED_NULL_PARAMETER;
		goto err;
		}

	update_buflen(x->g, &buf_len);
	update_buflen(pub_key, &buf_len);
	update_buflen(priv_key, &buf_len);

	if (ptype == 2)
		ktype = "PKCS#3 DH Private-Key";
	else if (ptype == 1)
		ktype = "PKCS#3 DH Public-Key";
	else
		ktype = "PKCS#3 DH Parameters";

	m= OPENSSL_malloc(buf_len+10);
	if (m == NULL)
		{
		reason=ERR_R_MALLOC_FAILURE;
		goto err;
		}

	BIO_indent(bp, indent, 128);
	if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
		goto err;
	indent += 4;

	if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
	if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;

	if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
	if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
	if (x->length != 0)
		{
		BIO_indent(bp, indent, 128);
		if (BIO_printf(bp,"recommended-private-length: %d bits\n",
			(int)x->length) <= 0) goto err;
		}


	ret=1;
	if (0)
		{
err:
		DHerr(DH_F_DO_DH_PRINT,reason);
		}
	if (m != NULL) OPENSSL_free(m);
	return(ret);
	}

static int int_dh_size(const EVP_PKEY *pkey)
	{
	return(DH_size(pkey->pkey.dh));
	}

static int dh_bits(const EVP_PKEY *pkey)
	{
	return BN_num_bits(pkey->pkey.dh->p);
	}

static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
	{
	if (	BN_cmp(a->pkey.dh->p,b->pkey.dh->p) ||
		BN_cmp(a->pkey.dh->g,b->pkey.dh->g))
		return 0;
	else
		return 1;
	}

static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
	{
	BIGNUM *a;

	if ((a=BN_dup(from->pkey.dh->p)) == NULL)
		return 0;
	if (to->pkey.dh->p != NULL)
		BN_free(to->pkey.dh->p);
	to->pkey.dh->p=a;

	if ((a=BN_dup(from->pkey.dh->g)) == NULL)
		return 0;
	if (to->pkey.dh->g != NULL)
		BN_free(to->pkey.dh->g);
	to->pkey.dh->g=a;

	return 1;
	}

static int dh_missing_parameters(const EVP_PKEY *a)
	{
	if (!a->pkey.dh->p || !a->pkey.dh->g)
		return 1;
	return 0;
	}

static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
	{
	if (dh_cmp_parameters(a, b) == 0)
		return 0;
	if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
		return 0;
	else
		return 1;
	}

static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
							ASN1_PCTX *ctx)
	{
	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
	}

static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
							ASN1_PCTX *ctx)
	{
	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
	}

static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
							ASN1_PCTX *ctx)
	{
	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
	}

int DHparams_print(BIO *bp, const DH *x)
	{
	return do_dh_print(bp, x, 4, NULL, 0);
	}

const EVP_PKEY_ASN1_METHOD dh_asn1_meth = 
	{
	EVP_PKEY_DH,
	EVP_PKEY_DH,
	0,

	"DH",
	"OpenSSL PKCS#3 DH method",

	dh_pub_decode,
	dh_pub_encode,
	dh_pub_cmp,
	dh_public_print,

	dh_priv_decode,
	dh_priv_encode,
	dh_private_print,

	int_dh_size,
	dh_bits,

	dh_param_decode,
	dh_param_encode,
	dh_missing_parameters,
	dh_copy_parameters,
	dh_cmp_parameters,
	dh_param_print,

	int_dh_free,
	0
	};
Commit	Line	Data
adbc603d DSH	1	/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
	2	* project 2006.
	3	*/
	4	/* ====================================================================
	5	* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	*
	11	* 1. Redistributions of source code must retain the above copyright
	12	* notice, this list of conditions and the following disclaimer.
	13	*
	14	* 2. Redistributions in binary form must reproduce the above copyright
	15	* notice, this list of conditions and the following disclaimer in
	16	* the documentation and/or other materials provided with the
	17	* distribution.
	18	*
	19	* 3. All advertising materials mentioning features or use of this
	20	* software must display the following acknowledgment:
	21	* "This product includes software developed by the OpenSSL Project
	22	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	23	*
	24	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	25	* endorse or promote products derived from this software without
	26	* prior written permission. For written permission, please contact
	27	* licensing@OpenSSL.org.
	28	*
	29	* 5. Products derived from this software may not be called "OpenSSL"
	30	* nor may "OpenSSL" appear in their names without prior written
	31	* permission of the OpenSSL Project.
	32	*
	33	* 6. Redistributions of any form whatsoever must retain the following
	34	* acknowledgment:
	35	* "This product includes software developed by the OpenSSL Project
	36	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	37	*
	38	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	39	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	40	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	41	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	42	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	43	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	44	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	45	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	46	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	47	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	48	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	49	* OF THE POSSIBILITY OF SUCH DAMAGE.
	50	* ====================================================================
	51	*
	52	* This product includes cryptographic software written by Eric Young
	53	* (eay@cryptsoft.com). This product includes software written by Tim
	54	* Hudson (tjh@cryptsoft.com).
	55	*
	56	*/
	57
	58	#include <stdio.h>
	59	#include "cryptlib.h"
	60	#include <openssl/x509.h>
	61	#include <openssl/asn1.h>
	62	#include <openssl/dh.h>
18e377b4	63	#include "asn1_locl.h"
adbc603d DSH	64
	65	static void int_dh_free(EVP_PKEY *pkey)
	66	{
	67	DH_free(pkey->pkey.dh);
	68	}
	69
ceb46789 DSH	70	static int dh_pub_decode(EVP_PKEY pkey, X509_PUBKEY pubkey)
	71	{
	72	const unsigned char p, pm;
	73	int pklen, pmlen;
	74	int ptype;
	75	void *pval;
	76	ASN1_STRING *pstr;
	77	X509_ALGOR *palg;
	78	ASN1_INTEGER *public_key = NULL;
	79
	80	DH *dh = NULL;
	81
	82	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
	83	return 0;
	84	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
	85
	86	if (ptype != V_ASN1_SEQUENCE)
	87	{
	88	DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
	89	goto err;
	90	}
	91
	92	pstr = pval;
	93	pm = pstr->data;
	94	pmlen = pstr->length;
	95
	96	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
	97	{
	98	DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
	99	goto err;
	100	}
	101
	102	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
	103	{
	104	DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
	105	goto err;
	106	}
	107
	108	/* We have parameters now set public key */
	109	if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
	110	{
	111	DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
	112	goto err;
	113	}
	114
	115	ASN1_INTEGER_free(public_key);
	116	EVP_PKEY_assign_DH(pkey, dh);
	117	return 1;
	118
	119	err:
442cbb06	120	if (public_key)
ceb46789 DSH	121	ASN1_INTEGER_free(public_key);
	122	if (dh)
	123	DH_free(dh);
	124	return 0;
	125
	126	}
	127
	128	static int dh_pub_encode(X509_PUBKEY pk, const EVP_PKEY pkey)
	129	{
	130	DH *dh;
	131	void *pval = NULL;
	132	int ptype;
	133	unsigned char *penc = NULL;
	134	int penclen;
	135	ASN1_STRING *str;
	136	ASN1_INTEGER *pub_key = NULL;
	137
	138	dh=pkey->pkey.dh;
	139
	140	str = ASN1_STRING_new();
	141	str->length = i2d_DHparams(dh, &str->data);
	142	if (str->length <= 0)
	143	{
	144	DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
	145	goto err;
	146	}
	147	pval = str;
	148	ptype = V_ASN1_SEQUENCE;
	149
	150	pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
	151	if (!pub_key)
	152	goto err;
	153
	154	penclen = i2d_ASN1_INTEGER(pub_key, &penc);
	155
	156	ASN1_INTEGER_free(pub_key);
	157
	158	if (penclen <= 0)
	159	{
	160	DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
	161	goto err;
	162	}
	163
	164	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
	165	ptype, pval, penc, penclen))
	166	return 1;
	167
	168	err:
	169	if (penc)
	170	OPENSSL_free(penc);
	171	if (pval)
	172	ASN1_STRING_free(pval);
	173
	174	return 0;
	175	}
	176
4c97a04e DSH	177
	178	/* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
	179	* that the AlgorithmIdentifier contains the paramaters, the private key
	180	* is explcitly included and the pubkey must be recalculated.
	181	*/
	182
	183	static int dh_priv_decode(EVP_PKEY pkey, PKCS8_PRIV_KEY_INFO p8)
	184	{
	185	const unsigned char p, pm;
	186	int pklen, pmlen;
	187	int ptype;
	188	void *pval;
	189	ASN1_STRING *pstr;
	190	X509_ALGOR *palg;
	191	ASN1_INTEGER *privkey = NULL;
	192
	193	DH *dh = NULL;
	194
	195	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
	196	return 0;
	197
	198	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
	199
	200	if (ptype != V_ASN1_SEQUENCE)
	201	goto decerr;
	202
	203	if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
	204	goto decerr;
	205
	206
	207	pstr = pval;
	208	pm = pstr->data;
	209	pmlen = pstr->length;
	210	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
	211	goto decerr;
	212	/* We have parameters now set private key */
	213	if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
	214	{
	215	DHerr(DH_F_DH_PRIV_DECODE,DH_R_BN_ERROR);
	216	goto dherr;
	217	}
	218	/* Calculate public key */
	219	if (!DH_generate_key(dh))
	220	goto dherr;
	221
	222	EVP_PKEY_assign_DH(pkey, dh);
	223
	224	ASN1_INTEGER_free(privkey);
	225
	226	return 1;
	227
	228	decerr:
	229	DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
	230	dherr:
	231	DH_free(dh);
	232	return 0;
	233	}
	234
	235	static int dh_priv_encode(PKCS8_PRIV_KEY_INFO p8, const EVP_PKEY pkey)
	236	{
	237	ASN1_STRING *params = NULL;
	238	ASN1_INTEGER *prkey = NULL;
	239	unsigned char *dp = NULL;
	240	int dplen;
241
242	params = ASN1_STRING_new();
243
244	if (!params)
245	{
246	DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
247	goto err;
248	}
249
250	params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
251	if (params->length <= 0)
252	{
253	DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
254	goto err;
255	}
256	params->type = V_ASN1_SEQUENCE;
257
258	/* Get private key into integer */
259	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
260
261	if (!prkey)
262	{
3ba0885a	263	DHerr(DH_F_DH_PRIV_ENCODE,DH_R_BN_ERROR);
4c97a04e DSH	264	goto err;
	265	}
	266
	267	dplen = i2d_ASN1_INTEGER(prkey, &dp);
	268
	269	ASN1_INTEGER_free(prkey);
	270
3ba0885a	271	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
4c97a04e DSH	272	V_ASN1_SEQUENCE, params, dp, dplen))
	273	goto err;
	274
	275	return 1;
	276
	277	err:
	278	if (dp != NULL)
	279	OPENSSL_free(dp);
	280	if (params != NULL)
	281	ASN1_STRING_free(params);
	282	if (prkey != NULL)
	283	ASN1_INTEGER_free(prkey);
	284	return 0;
	285	}
	286
	287
ceb46789 DSH	288	static void update_buflen(const BIGNUM b, size_t pbuflen)
ceb46789 DSH	289	{
c20276e4	290	size_t i;
ceb46789 DSH	291	if (!b)
	292	return;
	293	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
	294	*pbuflen = i;
	295	}
	296
3e4585c8 DSH	297	static int dh_param_decode(EVP_PKEY *pkey,
	298	const unsigned char **pder, int derlen)
	299	{
	300	DH *dh;
	301	if (!(dh = d2i_DHparams(NULL, pder, derlen)))
	302	{
	303	DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
	304	return 0;
	305	}
	306	EVP_PKEY_assign_DH(pkey, dh);
	307	return 1;
	308	}
	309
	310	static int dh_param_encode(const EVP_PKEY pkey, unsigned char *pder)
	311	{
	312	return i2d_DHparams(pkey->pkey.dh, pder);
	313	}
	314
ceb46789 DSH	315	static int do_dh_print(BIO bp, const DH x, int indent,
ceb46789 DSH	316	ASN1_PCTX *ctx, int ptype)
3e4585c8 DSH	317	{
	318	unsigned char *m=NULL;
	319	int reason=ERR_R_BUF_LIB,ret=0;
ceb46789 DSH	320	size_t buf_len=0;
	321
	322	const char *ktype = NULL;
	323
	324	BIGNUM priv_key, pub_key;
3e4585c8	325
ceb46789 DSH	326	if (ptype == 2)
ceb46789 DSH	327	priv_key = x->priv_key;
3e4585c8	328	else
ceb46789 DSH	329	priv_key = NULL;
	330
	331	if (ptype > 0)
	332	pub_key = x->pub_key;
	333	else
	334	pub_key = NULL;
	335
	336	update_buflen(x->p, &buf_len);
	337
	338	if (buf_len == 0)
3e4585c8 DSH	339	{
	340	reason = ERR_R_PASSED_NULL_PARAMETER;
	341	goto err;
	342	}
ceb46789 DSH	343
	344	update_buflen(x->g, &buf_len);
	345	update_buflen(pub_key, &buf_len);
	346	update_buflen(priv_key, &buf_len);
	347
	348	if (ptype == 2)
	349	ktype = "PKCS#3 DH Private-Key";
	350	else if (ptype == 1)
	351	ktype = "PKCS#3 DH Public-Key";
	352	else
	353	ktype = "PKCS#3 DH Parameters";
	354
	355	m= OPENSSL_malloc(buf_len+10);
3e4585c8 DSH	356	if (m == NULL)
	357	{
	358	reason=ERR_R_MALLOC_FAILURE;
	359	goto err;
	360	}
	361
	362	BIO_indent(bp, indent, 128);
ceb46789	363	if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
3e4585c8 DSH	364	goto err;
3e4585c8 DSH	365	indent += 4;
ceb46789 DSH	366
	367	if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
	368	if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;
	369
3e4585c8 DSH	370	if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
	371	if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
	372	if (x->length != 0)
	373	{
	374	BIO_indent(bp, indent, 128);
	375	if (BIO_printf(bp,"recommended-private-length: %d bits\n",
	376	(int)x->length) <= 0) goto err;
	377	}
ceb46789 DSH	378
ceb46789 DSH	379
3e4585c8 DSH	380	ret=1;
	381	if (0)
	382	{
	383	err:
5c95c2ac	384	DHerr(DH_F_DO_DH_PRINT,reason);
3e4585c8 DSH	385	}
	386	if (m != NULL) OPENSSL_free(m);
	387	return(ret);
	388	}
	389
ceb46789 DSH	390	static int int_dh_size(const EVP_PKEY *pkey)
	391	{
	392	return(DH_size(pkey->pkey.dh));
	393	}
	394
	395	static int dh_bits(const EVP_PKEY *pkey)
	396	{
	397	return BN_num_bits(pkey->pkey.dh->p);
	398	}
	399
ffb1ac67 DSH	400	static int dh_cmp_parameters(const EVP_PKEY a, const EVP_PKEY b)
	401	{
	402	if ( BN_cmp(a->pkey.dh->p,b->pkey.dh->p) \|\|
	403	BN_cmp(a->pkey.dh->g,b->pkey.dh->g))
	404	return 0;
	405	else
	406	return 1;
	407	}
	408
ceb46789 DSH	409	static int dh_copy_parameters(EVP_PKEY to, const EVP_PKEY from)
	410	{
	411	BIGNUM *a;
	412
	413	if ((a=BN_dup(from->pkey.dh->p)) == NULL)
	414	return 0;
3ba0885a	415	if (to->pkey.dh->p != NULL)
ceb46789	416	BN_free(to->pkey.dh->p);
3ba0885a	417	to->pkey.dh->p=a;
ceb46789 DSH	418
	419	if ((a=BN_dup(from->pkey.dh->g)) == NULL)
	420	return 0;
ffb1ac67	421	if (to->pkey.dh->g != NULL)
ceb46789 DSH	422	BN_free(to->pkey.dh->g);
	423	to->pkey.dh->g=a;
	424
	425	return 1;
	426	}
	427
ffb1ac67	428	static int dh_missing_parameters(const EVP_PKEY *a)
ceb46789	429	{
ffb1ac67	430	if (!a->pkey.dh->p \|\| !a->pkey.dh->g)
ceb46789	431	return 1;
ffb1ac67	432	return 0;
ceb46789 DSH	433	}
	434
	435	static int dh_pub_cmp(const EVP_PKEY a, const EVP_PKEY b)
	436	{
	437	if (dh_cmp_parameters(a, b) == 0)
	438	return 0;
	439	if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
	440	return 0;
	441	else
	442	return 1;
	443	}
	444
3e4585c8 DSH	445	static int dh_param_print(BIO bp, const EVP_PKEY pkey, int indent,
	446	ASN1_PCTX *ctx)
	447	{
ceb46789 DSH	448	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
	449	}
	450
	451	static int dh_public_print(BIO bp, const EVP_PKEY pkey, int indent,
	452	ASN1_PCTX *ctx)
	453	{
	454	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
	455	}
	456
	457	static int dh_private_print(BIO bp, const EVP_PKEY pkey, int indent,
	458	ASN1_PCTX *ctx)
	459	{
	460	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
3e4585c8 DSH	461	}
	462
	463	int DHparams_print(BIO bp, const DH x)
	464	{
ceb46789	465	return do_dh_print(bp, x, 4, NULL, 0);
3e4585c8 DSH	466	}
3e4585c8 DSH	467
adbc603d DSH	468	const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
	469	{
	470	EVP_PKEY_DH,
	471	EVP_PKEY_DH,
	472	0,
	473
0b33dac3	474	"DH",
d82e2718 DSH	475	"OpenSSL PKCS#3 DH method",
d82e2718 DSH	476
ceb46789 DSH	477	dh_pub_decode,
	478	dh_pub_encode,
	479	dh_pub_cmp,
	480	dh_public_print,
adbc603d	481
4c97a04e DSH	482	dh_priv_decode,
4c97a04e DSH	483	dh_priv_encode,
ceb46789	484	dh_private_print,
adbc603d	485
ceb46789 DSH	486	int_dh_size,
ceb46789 DSH	487	dh_bits,
adbc603d	488
3e4585c8 DSH	489	dh_param_decode,
3e4585c8 DSH	490	dh_param_encode,
ffb1ac67	491	dh_missing_parameters,
ceb46789 DSH	492	dh_copy_parameters,
ceb46789 DSH	493	dh_cmp_parameters,
3e4585c8	494	dh_param_print,
adbc603d DSH	495
	496	int_dh_free,
	497	0
	498	};
	499