]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/dh/dh_ameth.c
projects / thirdparty / openssl.git / blob
? search:


ba22f34d403552ff7db16e059cef631221d6512d
[thirdparty/openssl.git] / crypto / dh / dh_ameth.c
1 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
2 * project 2006.
3 */
4 /* ====================================================================
5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. All advertising materials mentioning features or use of this
20 * software must display the following acknowledgment:
21 * "This product includes software developed by the OpenSSL Project
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23 *
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25 * endorse or promote products derived from this software without
26 * prior written permission. For written permission, please contact
27 * licensing@OpenSSL.org.
28 *
29 * 5. Products derived from this software may not be called "OpenSSL"
30 * nor may "OpenSSL" appear in their names without prior written
31 * permission of the OpenSSL Project.
32 *
33 * 6. Redistributions of any form whatsoever must retain the following
34 * acknowledgment:
35 * "This product includes software developed by the OpenSSL Project
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37 *
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 * ====================================================================
51 *
52 * This product includes cryptographic software written by Eric Young
53 * (eay@cryptsoft.com). This product includes software written by Tim
54 * Hudson (tjh@cryptsoft.com).
55 *
56 */
57
58 #include <stdio.h>
59 #include "cryptlib.h"
60 #include <openssl/x509.h>
61 #include <openssl/asn1.h>
62 #include <openssl/dh.h>
63 #include "asn1_locl.h"
64
65 static void int_dh_free(EVP_PKEY *pkey)
66 {
67 DH_free(pkey->pkey.dh);
68 }
69
70 static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
71 {
72 const unsigned char *p, *pm;
73 int pklen, pmlen;
74 int ptype;
75 void *pval;
76 ASN1_STRING *pstr;
77 X509_ALGOR *palg;
78 ASN1_INTEGER *public_key = NULL;
79
80 DH *dh = NULL;
81
82 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
83 return 0;
84 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
85
86 if (ptype != V_ASN1_SEQUENCE)
87 {
88 DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
89 goto err;
90 }
91
92 pstr = pval;
93 pm = pstr->data;
94 pmlen = pstr->length;
95
96 if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
97 {
98 DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
99 goto err;
100 }
101
102 if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
103 {
104 DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
105 goto err;
106 }
107
108 /* We have parameters now set public key */
109 if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
110 {
111 DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
112 goto err;
113 }
114
115 ASN1_INTEGER_free(public_key);
116 EVP_PKEY_assign_DH(pkey, dh);
117 return 1;
118
119 err:
120 if (pubkey)
121 ASN1_INTEGER_free(public_key);
122 if (dh)
123 DH_free(dh);
124 return 0;
125
126 }
127
128 static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
129 {
130 DH *dh;
131 void *pval = NULL;
132 int ptype;
133 unsigned char *penc = NULL;
134 int penclen;
135 ASN1_STRING *str;
136 ASN1_INTEGER *pub_key = NULL;
137
138 dh=pkey->pkey.dh;
139
140 str = ASN1_STRING_new();
141 str->length = i2d_DHparams(dh, &str->data);
142 if (str->length <= 0)
143 {
144 DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
145 goto err;
146 }
147 pval = str;
148 ptype = V_ASN1_SEQUENCE;
149
150 pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
151 if (!pub_key)
152 goto err;
153
154 penclen = i2d_ASN1_INTEGER(pub_key, &penc);
155
156 ASN1_INTEGER_free(pub_key);
157
158 if (penclen <= 0)
159 {
160 DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
161 goto err;
162 }
163
164 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
165 ptype, pval, penc, penclen))
166 return 1;
167
168 err:
169 if (penc)
170 OPENSSL_free(penc);
171 if (pval)
172 ASN1_STRING_free(pval);
173
174 return 0;
175 }
176
177 static void update_buflen(const BIGNUM *b, size_t *pbuflen)
178 {
179 int i;
180 if (!b)
181 return;
182 if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
183 *pbuflen = i;
184 }
185
186 static int dh_param_decode(EVP_PKEY *pkey,
187 const unsigned char **pder, int derlen)
188 {
189 DH *dh;
190 if (!(dh = d2i_DHparams(NULL, pder, derlen)))
191 {
192 DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
193 return 0;
194 }
195 EVP_PKEY_assign_DH(pkey, dh);
196 return 1;
197 }
198
199 static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
200 {
201 return i2d_DHparams(pkey->pkey.dh, pder);
202 }
203
204 static int do_dh_print(BIO *bp, const DH *x, int indent,
205 ASN1_PCTX *ctx, int ptype)
206 {
207 unsigned char *m=NULL;
208 int reason=ERR_R_BUF_LIB,ret=0;
209 size_t buf_len=0;
210
211 const char *ktype = NULL;
212
213 BIGNUM *priv_key, *pub_key;
214
215 if (ptype == 2)
216 priv_key = x->priv_key;
217 else
218 priv_key = NULL;
219
220 if (ptype > 0)
221 pub_key = x->pub_key;
222 else
223 pub_key = NULL;
224
225 update_buflen(x->p, &buf_len);
226
227 if (buf_len == 0)
228 {
229 reason = ERR_R_PASSED_NULL_PARAMETER;
230 goto err;
231 }
232
233 update_buflen(x->g, &buf_len);
234 update_buflen(pub_key, &buf_len);
235 update_buflen(priv_key, &buf_len);
236
237 if (ptype == 2)
238 ktype = "PKCS#3 DH Private-Key";
239 else if (ptype == 1)
240 ktype = "PKCS#3 DH Public-Key";
241 else
242 ktype = "PKCS#3 DH Parameters";
243
244 m= OPENSSL_malloc(buf_len+10);
245 if (m == NULL)
246 {
247 reason=ERR_R_MALLOC_FAILURE;
248 goto err;
249 }
250
251 BIO_indent(bp, indent, 128);
252 if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
253 goto err;
254 indent += 4;
255
256 if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
257 if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;
258
259 if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
260 if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
261 if (x->length != 0)
262 {
263 BIO_indent(bp, indent, 128);
264 if (BIO_printf(bp,"recommended-private-length: %d bits\n",
265 (int)x->length) <= 0) goto err;
266 }
267
268
269 ret=1;
270 if (0)
271 {
272 err:
273 DHerr(DH_F_DHPARAMS_PRINT,reason);
274 }
275 if (m != NULL) OPENSSL_free(m);
276 return(ret);
277 }
278
279 static int int_dh_size(const EVP_PKEY *pkey)
280 {
281 return(DH_size(pkey->pkey.dh));
282 }
283
284 static int dh_bits(const EVP_PKEY *pkey)
285 {
286 return BN_num_bits(pkey->pkey.dh->p);
287 }
288
289 static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
290 {
291 BIGNUM *a;
292
293 if ((a=BN_dup(from->pkey.dh->p)) == NULL)
294 return 0;
295 if (to->pkey.dsa->p != NULL)
296 BN_free(to->pkey.dh->p);
297 to->pkey.dsa->p=a;
298
299 if ((a=BN_dup(from->pkey.dh->g)) == NULL)
300 return 0;
301 if (to->pkey.dsa->g != NULL)
302 BN_free(to->pkey.dh->g);
303 to->pkey.dh->g=a;
304
305 return 1;
306 }
307
308 static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
309 {
310 if ( BN_cmp(a->pkey.dh->p,b->pkey.dsa->p) ||
311 BN_cmp(a->pkey.dh->g,b->pkey.dsa->g))
312 return 0;
313 else
314 return 1;
315 }
316
317 static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
318 {
319 if (dh_cmp_parameters(a, b) == 0)
320 return 0;
321 if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
322 return 0;
323 else
324 return 1;
325 }
326
327 static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
328 ASN1_PCTX *ctx)
329 {
330 return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
331 }
332
333 static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
334 ASN1_PCTX *ctx)
335 {
336 return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
337 }
338
339 static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
340 ASN1_PCTX *ctx)
341 {
342 return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
343 }
344
345 int DHparams_print(BIO *bp, const DH *x)
346 {
347 return do_dh_print(bp, x, 4, NULL, 0);
348 }
349
350 const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
351 {
352 EVP_PKEY_DH,
353 EVP_PKEY_DH,
354 0,
355
356 "DH",
357 "OpenSSL PKCS#3 DH method",
358
359 dh_pub_decode,
360 dh_pub_encode,
361 dh_pub_cmp,
362 dh_public_print,
363
364 0,
365 0,
366 dh_private_print,
367
368 int_dh_size,
369 dh_bits,
370
371 dh_param_decode,
372 dh_param_encode,
373 0,
374 dh_copy_parameters,
375 dh_cmp_parameters,
376 dh_param_print,
377
378 int_dh_free,
379 0
380 };
381
A mirror of the official openssl repository