]>
Commit | Line | Data |
---|---|---|
57cb4c8d TB |
1 | /* |
2 | * Copyright (C) 2018 Tobias Brunner | |
19ef2aec TB |
3 | * |
4 | * Copyright (C) secunet Security Networks AG | |
57cb4c8d TB |
5 | * |
6 | * This program is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2 of the License, or (at your | |
9 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
13 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
14 | * for more details. | |
15 | */ | |
16 | ||
17 | #include <openssl/evp.h> | |
18 | ||
19 | /* basic support for X25519 was added with 1.1.0a, but we require features (e.g. | |
20 | * to load the keys) that were only added with 1.1.1 */ | |
21 | #if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(OPENSSL_NO_ECDH) | |
22 | ||
23 | #include "openssl_x_diffie_hellman.h" | |
5fdc9797 | 24 | #include "openssl_util.h" |
57cb4c8d TB |
25 | |
26 | #include <utils/debug.h> | |
27 | ||
28 | typedef struct private_diffie_hellman_t private_diffie_hellman_t; | |
29 | ||
30 | /** | |
31 | * Private data | |
32 | */ | |
33 | struct private_diffie_hellman_t { | |
34 | /** | |
35 | * Public interface. | |
36 | */ | |
37 | diffie_hellman_t public; | |
38 | ||
39 | /** | |
40 | * Diffie Hellman group number. | |
41 | */ | |
42 | diffie_hellman_group_t group; | |
43 | ||
44 | /** | |
45 | * Private (public) key | |
46 | */ | |
47 | EVP_PKEY *key; | |
48 | ||
49 | /** | |
1c1213f4 | 50 | * Public key provided by peer |
57cb4c8d | 51 | */ |
1c1213f4 | 52 | EVP_PKEY *pub; |
57cb4c8d TB |
53 | |
54 | /** | |
1c1213f4 | 55 | * Shared secret |
57cb4c8d | 56 | */ |
1c1213f4 | 57 | chunk_t shared_secret; |
57cb4c8d TB |
58 | }; |
59 | ||
60 | /** | |
61 | * Map a DH group to a key type | |
62 | */ | |
63 | static int map_key_type(diffie_hellman_group_t group) | |
64 | { | |
65 | switch (group) | |
66 | { | |
67 | case CURVE_25519: | |
68 | return EVP_PKEY_X25519; | |
69 | case CURVE_448: | |
70 | return EVP_PKEY_X448; | |
71 | default: | |
72 | return 0; | |
73 | } | |
74 | } | |
75 | ||
57cb4c8d TB |
76 | METHOD(diffie_hellman_t, set_other_public_value, bool, |
77 | private_diffie_hellman_t *this, chunk_t value) | |
78 | { | |
57cb4c8d TB |
79 | if (!diffie_hellman_verify_value(this->group, value)) |
80 | { | |
81 | return FALSE; | |
82 | } | |
83 | ||
1c1213f4 TB |
84 | EVP_PKEY_free(this->pub); |
85 | this->pub = EVP_PKEY_new_raw_public_key(map_key_type(this->group), NULL, | |
86 | value.ptr, value.len); | |
87 | if (!this->pub) | |
57cb4c8d TB |
88 | { |
89 | DBG1(DBG_LIB, "%N public value is malformed", | |
90 | diffie_hellman_group_names, this->group); | |
91 | return FALSE; | |
92 | } | |
57cb4c8d | 93 | chunk_clear(&this->shared_secret); |
57cb4c8d TB |
94 | return TRUE; |
95 | } | |
96 | ||
97 | METHOD(diffie_hellman_t, get_my_public_value, bool, | |
98 | private_diffie_hellman_t *this, chunk_t *value) | |
99 | { | |
100 | size_t len; | |
101 | ||
102 | if (!EVP_PKEY_get_raw_public_key(this->key, NULL, &len)) | |
103 | { | |
104 | return FALSE; | |
105 | } | |
106 | ||
107 | *value = chunk_alloc(len); | |
108 | ||
109 | if (!EVP_PKEY_get_raw_public_key(this->key, value->ptr, &value->len)) | |
110 | { | |
111 | chunk_free(value); | |
112 | return FALSE; | |
113 | } | |
114 | return TRUE; | |
115 | } | |
116 | ||
117 | METHOD(diffie_hellman_t, set_private_value, bool, | |
118 | private_diffie_hellman_t *this, chunk_t value) | |
119 | { | |
120 | EVP_PKEY_free(this->key); | |
121 | this->key = EVP_PKEY_new_raw_private_key(map_key_type(this->group), NULL, | |
122 | value.ptr, value.len); | |
123 | if (!this->key) | |
124 | { | |
125 | return FALSE; | |
126 | } | |
127 | return TRUE; | |
128 | } | |
129 | ||
130 | METHOD(diffie_hellman_t, get_shared_secret, bool, | |
131 | private_diffie_hellman_t *this, chunk_t *secret) | |
132 | { | |
1c1213f4 TB |
133 | if (!this->shared_secret.len && |
134 | !openssl_compute_shared_key(this->key, this->pub, &this->shared_secret)) | |
57cb4c8d | 135 | { |
1c1213f4 TB |
136 | DBG1(DBG_LIB, "%N shared secret computation failed", |
137 | diffie_hellman_group_names, this->group); | |
57cb4c8d TB |
138 | return FALSE; |
139 | } | |
140 | *secret = chunk_clone(this->shared_secret); | |
141 | return TRUE; | |
142 | } | |
143 | ||
144 | METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t, | |
145 | private_diffie_hellman_t *this) | |
146 | { | |
147 | return this->group; | |
148 | } | |
149 | ||
150 | METHOD(diffie_hellman_t, destroy, void, | |
151 | private_diffie_hellman_t *this) | |
152 | { | |
153 | EVP_PKEY_free(this->key); | |
1c1213f4 | 154 | EVP_PKEY_free(this->pub); |
57cb4c8d TB |
155 | chunk_clear(&this->shared_secret); |
156 | free(this); | |
157 | } | |
158 | ||
159 | /* | |
160 | * Described in header | |
161 | */ | |
162 | diffie_hellman_t *openssl_x_diffie_hellman_create(diffie_hellman_group_t group) | |
163 | { | |
164 | private_diffie_hellman_t *this; | |
165 | EVP_PKEY_CTX *ctx = NULL; | |
166 | EVP_PKEY *key = NULL; | |
167 | ||
168 | switch (group) | |
169 | { | |
170 | case CURVE_25519: | |
171 | ctx = EVP_PKEY_CTX_new_id(NID_X25519, NULL); | |
172 | break; | |
173 | case CURVE_448: | |
174 | ctx = EVP_PKEY_CTX_new_id(NID_X448, NULL); | |
175 | break; | |
176 | default: | |
177 | break; | |
178 | } | |
179 | ||
180 | if (!ctx || | |
181 | EVP_PKEY_keygen_init(ctx) <= 0 || | |
182 | EVP_PKEY_keygen(ctx, &key) <= 0) | |
183 | { | |
184 | DBG1(DBG_LIB, "generating key for %N failed", | |
185 | diffie_hellman_group_names, group); | |
186 | EVP_PKEY_CTX_free(ctx); | |
187 | return NULL; | |
188 | } | |
189 | EVP_PKEY_CTX_free(ctx); | |
190 | ||
191 | INIT(this, | |
192 | .public = { | |
193 | .get_shared_secret = _get_shared_secret, | |
194 | .set_other_public_value = _set_other_public_value, | |
195 | .get_my_public_value = _get_my_public_value, | |
196 | .set_private_value = _set_private_value, | |
197 | .get_dh_group = _get_dh_group, | |
198 | .destroy = _destroy, | |
199 | }, | |
200 | .group = group, | |
201 | .key = key, | |
202 | ); | |
203 | return &this->public; | |
204 | } | |
205 | ||
206 | #endif /* OPENSSL_NO_ECDH */ |