]>
Commit | Line | Data |
---|---|---|
8083fd3a | 1 | /* |
33388b44 | 2 | * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. |
8083fd3a SL |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <stdio.h> | |
11 | #include "internal/cryptlib.h" | |
12 | #include <openssl/bn.h> | |
13 | #include "dsa_local.h" | |
14 | #include "crypto/dsa.h" | |
15 | ||
16 | int dsa_check_params(const DSA *dsa, int *ret) | |
17 | { | |
8083fd3a SL |
18 | /* |
19 | * (2b) FFC domain params conform to FIPS-186-4 explicit domain param | |
20 | * validity tests. | |
21 | */ | |
4f2271d5 SL |
22 | return ffc_params_FIPS186_4_validate(dsa->libctx, &dsa->params, |
23 | FFC_PARAM_TYPE_DSA, ret, NULL); | |
8083fd3a SL |
24 | } |
25 | ||
26 | /* | |
27 | * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation. | |
28 | */ | |
29 | int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) | |
30 | { | |
31 | return ffc_validate_public_key(&dsa->params, pub_key, ret); | |
32 | } | |
33 | ||
34 | /* | |
35 | * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation. | |
36 | * To only be used with ephemeral FFC public keys generated using the approved | |
37 | * safe-prime groups. | |
38 | */ | |
39 | int dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret) | |
40 | { | |
41 | return ffc_validate_public_key_partial(&dsa->params, pub_key, ret); | |
42 | } | |
43 | ||
44 | int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret) | |
45 | { | |
46 | *ret = 0; | |
47 | ||
48 | return (dsa->params.q != NULL | |
49 | && ffc_validate_private_key(dsa->params.q, priv_key, ret)); | |
50 | } | |
51 | ||
52 | /* | |
53 | * FFC pairwise check from SP800-56A R3. | |
54 | * Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency | |
55 | */ | |
56 | int dsa_check_pairwise(const DSA *dsa) | |
57 | { | |
58 | int ret = 0; | |
59 | BN_CTX *ctx = NULL; | |
60 | BIGNUM *pub_key = NULL; | |
61 | ||
62 | if (dsa->params.p == NULL | |
63 | || dsa->params.g == NULL | |
64 | || dsa->priv_key == NULL | |
65 | || dsa->pub_key == NULL) | |
66 | return 0; | |
67 | ||
68 | ctx = BN_CTX_new_ex(dsa->libctx); | |
69 | if (ctx == NULL) | |
70 | goto err; | |
71 | pub_key = BN_new(); | |
72 | if (pub_key == NULL) | |
73 | goto err; | |
74 | ||
75 | /* recalculate the public key = (g ^ priv) mod p */ | |
76 | if (!dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key)) | |
77 | goto err; | |
78 | /* check it matches the existing pubic_key */ | |
79 | ret = BN_cmp(pub_key, dsa->pub_key) == 0; | |
80 | err: | |
81 | BN_free(pub_key); | |
82 | BN_CTX_free(ctx); | |
83 | return ret; | |
84 | } |