]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/dh/dh_backend.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
DH: stop setting the private key length arbitrarily
[thirdparty/openssl.git] / crypto / dh / dh_backend.c
CommitLineData
0abae163
RL		 1/*
2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <openssl/core_names.h>
0ba71d6a 11#include "internal/param_build_set.h"
0abae163
RL		 12#include "crypto/dh.h"
13
14/*
15 * The intention with the "backend" source file is to offer backend functions
16 * for legacy backends (EVP_PKEY_ASN1_METHOD and EVP_PKEY_METHOD) and provider
17 * implementations alike.
18 */
19
0ba71d6a
RL		 20static int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[])
21{
22 int ret;
23 FFC_PARAMS *ffc;
24
25 if (dh == NULL)
26 return 0;
27 ffc = dh_get0_params(dh);
28 if (ffc == NULL)
29 return 0;
30
31 ret = ossl_ffc_params_fromdata(ffc, params);
32 if (ret)
28e1d588 33 dh_cache_named_group(dh); /* This increments dh->dirty_cnt */
0ba71d6a
RL		 34 return ret;
35}
36
37int dh_params_fromdata(DH *dh, const OSSL_PARAM params[])
38{
39 const OSSL_PARAM *param_priv_len;
40 long priv_len;
41
42 if (!dh_ffc_params_fromdata(dh, params))
43 return 0;
44
45 param_priv_len =
46 OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN);
47 if (param_priv_len != NULL
48 && (!OSSL_PARAM_get_long(param_priv_len, &priv_len)
49 || !DH_set_length(dh, priv_len)))
50 return 0;
51
52 return 1;
53}
54
0abae163
RL		 55int dh_key_fromdata(DH *dh, const OSSL_PARAM params[])
56{
57 const OSSL_PARAM *param_priv_key, *param_pub_key;
58 BIGNUM *priv_key = NULL, *pub_key = NULL;
59
60 if (dh == NULL)
61 return 0;
62
7165593c
SL		 63 param_priv_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
64 param_pub_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
0abae163
RL		 65
66 /*
67 * DH documentation says that a public key must be present if a
68 * private key is present.
69 * We want to have at least a public key either way, so we end up
70 * requiring it unconditionally.
71 */
72 if (param_priv_key != NULL && param_pub_key == NULL)
73 return 0;
74
75 if ((param_priv_key != NULL
76 && !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
77 || (param_pub_key != NULL
78 && !OSSL_PARAM_get_BN(param_pub_key, &pub_key)))
79 goto err;
80
81 if (!DH_set0_key(dh, pub_key, priv_key))
82 goto err;
83
84 return 1;
85
86 err:
87 BN_clear_free(priv_key);
88 BN_free(pub_key);
89 return 0;
90}
0ba71d6a
RL		 91
92int dh_params_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
93{
94 long l = DH_get_length(dh);
95
96 if (!ossl_ffc_params_todata(dh_get0_params(dh), bld, params))
97 return 0;
98 if (l > 0
99 && !ossl_param_build_set_long(bld, params, OSSL_PKEY_PARAM_DH_PRIV_LEN, l))
100 return 0;
101 return 1;
102}
103
104int dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
105{
106 const BIGNUM *priv = NULL, *pub = NULL;
107
108 if (dh == NULL)
109 return 0;
110
111 DH_get0_key(dh, &pub, &priv);
112 if (priv != NULL
113 && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PRIV_KEY, priv))
114 return 0;
115 if (pub != NULL
116 && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PUB_KEY, pub))
117 return 0;
118
119 return 1;
120}
A mirror of the official openssl repository