crypto/dsa/dsa_lib.c

   1 /*
   2  * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 /*
  11  * DSA low level APIs are deprecated for public use, but still ok for
  12  * internal use.
  13  */
  14 #include "internal/deprecated.h"
  15
  16 #include <openssl/bn.h>
  17 #include <openssl/engine.h>
  18 #include "internal/cryptlib.h"
  19 #include "internal/refcount.h"
  20 #include "crypto/dsa.h"
  21 #include "crypto/dh.h" /* required by DSA_dup_DH() */
  22 #include "dsa_local.h"
  23
  24 static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx);
  25
  26 #ifndef FIPS_MODULE
  27
  28 int DSA_set_ex_data(DSA *d, int idx, void *arg)
  29 {
  30     return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
  31 }
  32
  33 void *DSA_get_ex_data(const DSA *d, int idx)
  34 {
  35     return CRYPTO_get_ex_data(&d->ex_data, idx);
  36 }
  37
  38 # ifndef OPENSSL_NO_DH
  39 DH *DSA_dup_DH(const DSA *r)
  40 {
  41     /*
  42      * DSA has p, q, g, optional pub_key, optional priv_key.
  43      * DH has p, optional length, g, optional pub_key,
  44      * optional priv_key, optional q.
  45      */
  46     DH *ret = NULL;
  47     BIGNUM *pub_key = NULL, *priv_key = NULL;
  48
  49     if (r == NULL)
  50         goto err;
  51     ret = DH_new();
  52     if (ret == NULL)
  53         goto err;
  54
  55     if (!ossl_ffc_params_copy(ossl_dh_get0_params(ret), &r->params))
  56         goto err;
  57
  58     if (r->pub_key != NULL) {
  59         pub_key = BN_dup(r->pub_key);
  60         if (pub_key == NULL)
  61             goto err;
  62         if (r->priv_key != NULL) {
  63             priv_key = BN_dup(r->priv_key);
  64             if (priv_key == NULL)
  65                 goto err;
  66         }
  67         if (!DH_set0_key(ret, pub_key, priv_key))
  68             goto err;
  69     } else if (r->priv_key != NULL) {
  70         /* Shouldn't happen */
  71         goto err;
  72     }
  73
  74     return ret;
  75
  76  err:
  77     BN_free(pub_key);
  78     BN_free(priv_key);
  79     DH_free(ret);
  80     return NULL;
  81 }
  82 # endif /*  OPENSSL_NO_DH */
  83
  84 void DSA_clear_flags(DSA *d, int flags)
  85 {
  86     d->flags &= ~flags;
  87 }
  88
  89 int DSA_test_flags(const DSA *d, int flags)
  90 {
  91     return d->flags & flags;
  92 }
  93
  94 void DSA_set_flags(DSA *d, int flags)
  95 {
  96     d->flags |= flags;
  97 }
  98
  99 ENGINE *DSA_get0_engine(DSA *d)
 100 {
 101     return d->engine;
 102 }
 103
 104 int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
 105 {
 106     /*
 107      * NB: The caller is specifically setting a method, so it's not up to us
 108      * to deal with which ENGINE it comes from.
 109      */
 110     const DSA_METHOD *mtmp;
 111     mtmp = dsa->meth;
 112     if (mtmp->finish)
 113         mtmp->finish(dsa);
 114 #ifndef OPENSSL_NO_ENGINE
 115     ENGINE_finish(dsa->engine);
 116     dsa->engine = NULL;
 117 #endif
 118     dsa->meth = meth;
 119     if (meth->init)
 120         meth->init(dsa);
 121     return 1;
 122 }
 123 #endif /* FIPS_MODULE */
 124
 125
 126 const DSA_METHOD *DSA_get_method(DSA *d)
 127 {
 128     return d->meth;
 129 }
 130
 131 static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx)
 132 {
 133     DSA *ret = OPENSSL_zalloc(sizeof(*ret));
 134
 135     if (ret == NULL) {
 136         ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
 137         return NULL;
 138     }
 139
 140     ret->references = 1;
 141     ret->lock = CRYPTO_THREAD_lock_new();
 142     if (ret->lock == NULL) {
 143         ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
 144         OPENSSL_free(ret);
 145         return NULL;
 146     }
 147
 148     ret->libctx = libctx;
 149     ret->meth = DSA_get_default_method();
 150 #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE)
 151     ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; /* early default init */
 152     if (engine) {
 153         if (!ENGINE_init(engine)) {
 154             ERR_raise(ERR_LIB_DSA, ERR_R_ENGINE_LIB);
 155             goto err;
 156         }
 157         ret->engine = engine;
 158     } else
 159         ret->engine = ENGINE_get_default_DSA();
 160     if (ret->engine) {
 161         ret->meth = ENGINE_get_DSA(ret->engine);
 162         if (ret->meth == NULL) {
 163             ERR_raise(ERR_LIB_DSA, ERR_R_ENGINE_LIB);
 164             goto err;
 165         }
 166     }
 167 #endif
 168
 169     ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
 170
 171 #ifndef FIPS_MODULE
 172     if (!crypto_new_ex_data_ex(libctx, CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data))
 173         goto err;
 174 #endif
 175
 176     if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
 177         ERR_raise(ERR_LIB_DSA, ERR_R_INIT_FAIL);
 178         goto err;
 179     }
 180
 181     return ret;
 182
 183  err:
 184     DSA_free(ret);
 185     return NULL;
 186 }
 187
 188 DSA *DSA_new_method(ENGINE *engine)
 189 {
 190     return dsa_new_intern(engine, NULL);
 191 }
 192
 193 DSA *dsa_new_with_ctx(OSSL_LIB_CTX *libctx)
 194 {
 195     return dsa_new_intern(NULL, libctx);
 196 }
 197
 198 #ifndef FIPS_MODULE
 199 DSA *DSA_new(void)
 200 {
 201     return dsa_new_intern(NULL, NULL);
 202 }
 203 #endif
 204
 205 void DSA_free(DSA *r)
 206 {
 207     int i;
 208
 209     if (r == NULL)
 210         return;
 211
 212     CRYPTO_DOWN_REF(&r->references, &i, r->lock);
 213     REF_PRINT_COUNT("DSA", r);
 214     if (i > 0)
 215         return;
 216     REF_ASSERT_ISNT(i < 0);
 217
 218     if (r->meth != NULL && r->meth->finish != NULL)
 219         r->meth->finish(r);
 220 #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE)
 221     ENGINE_finish(r->engine);
 222 #endif
 223
 224 #ifndef FIPS_MODULE
 225     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
 226 #endif
 227
 228     CRYPTO_THREAD_lock_free(r->lock);
 229
 230     ossl_ffc_params_cleanup(&r->params);
 231     BN_clear_free(r->pub_key);
 232     BN_clear_free(r->priv_key);
 233     OPENSSL_free(r);
 234 }
 235
 236 int DSA_up_ref(DSA *r)
 237 {
 238     int i;
 239
 240     if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
 241         return 0;
 242
 243     REF_PRINT_COUNT("DSA", r);
 244     REF_ASSERT_ISNT(i < 2);
 245     return ((i > 1) ? 1 : 0);
 246 }
 247
 248 void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx)
 249 {
 250     d->libctx = libctx;
 251 }
 252
 253 void DSA_get0_pqg(const DSA *d,
 254                   const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
 255 {
 256     ossl_ffc_params_get0_pqg(&d->params, p, q, g);
 257 }
 258
 259 int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
 260 {
 261     /* If the fields p, q and g in d are NULL, the corresponding input
 262      * parameters MUST be non-NULL.
 263      */
 264     if ((d->params.p == NULL && p == NULL)
 265         || (d->params.q == NULL && q == NULL)
 266         || (d->params.g == NULL && g == NULL))
 267         return 0;
 268
 269     ossl_ffc_params_set0_pqg(&d->params, p, q, g);
 270     d->dirty_cnt++;
 271
 272     return 1;
 273 }
 274
 275 const BIGNUM *DSA_get0_p(const DSA *d)
 276 {
 277     return d->params.p;
 278 }
 279
 280 const BIGNUM *DSA_get0_q(const DSA *d)
 281 {
 282     return d->params.q;
 283 }
 284
 285 const BIGNUM *DSA_get0_g(const DSA *d)
 286 {
 287     return d->params.g;
 288 }
 289
 290 const BIGNUM *DSA_get0_pub_key(const DSA *d)
 291 {
 292     return d->pub_key;
 293 }
 294
 295 const BIGNUM *DSA_get0_priv_key(const DSA *d)
 296 {
 297     return d->priv_key;
 298 }
 299
 300 void DSA_get0_key(const DSA *d,
 301                   const BIGNUM **pub_key, const BIGNUM **priv_key)
 302 {
 303     if (pub_key != NULL)
 304         *pub_key = d->pub_key;
 305     if (priv_key != NULL)
 306         *priv_key = d->priv_key;
 307 }
 308
 309 int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
 310 {
 311     if (pub_key != NULL) {
 312         BN_free(d->pub_key);
 313         d->pub_key = pub_key;
 314     }
 315     if (priv_key != NULL) {
 316         BN_free(d->priv_key);
 317         d->priv_key = priv_key;
 318     }
 319     d->dirty_cnt++;
 320
 321     return 1;
 322 }
 323
 324 int DSA_security_bits(const DSA *d)
 325 {
 326     if (d->params.p != NULL && d->params.q != NULL)
 327         return BN_security_bits(BN_num_bits(d->params.p),
 328                                 BN_num_bits(d->params.q));
 329     return -1;
 330 }
 331
 332 int DSA_bits(const DSA *dsa)
 333 {
 334     if (dsa->params.p != NULL)
 335         return BN_num_bits(dsa->params.p);
 336     return -1;
 337 }
 338
 339 FFC_PARAMS *dsa_get0_params(DSA *dsa)
 340 {
 341     return &dsa->params;
 342 }
 343
 344 int dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[])
 345 {
 346     int ret;
 347     FFC_PARAMS *ffc;
 348
 349     if (dsa == NULL)
 350         return 0;
 351     ffc = dsa_get0_params(dsa);
 352     if (ffc == NULL)
 353         return 0;
 354
 355     ret = ossl_ffc_params_fromdata(ffc, params);
 356     if (ret)
 357         dsa->dirty_cnt++;
 358     return ret;
 359 }