Coverage Report

Created: 2024-01-20 12:37

/src/openssl/include/internal/ffc.h
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
3
 *
4
 * Licensed under the Apache License 2.0 (the "License").  You may not use
5
 * this file except in compliance with the License.  You can obtain a copy
6
 * in the file LICENSE in the source distribution or at
7
 * https://www.openssl.org/source/license.html
8
 */
9
10
#ifndef OSSL_INTERNAL_FFC_H
11
# define OSSL_INTERNAL_FFC_H
12
13
# include <openssl/bn.h>
14
# include <openssl/evp.h>
15
# include <openssl/dh.h> /* Uses Error codes from DH */
16
17
/* Default value for gindex when canonical generation of g is not used */
18
4.17k
# define FFC_UNVERIFIABLE_GINDEX -1
19
20
/* The different types of FFC keys */
21
0
# define FFC_PARAM_TYPE_DSA  0
22
0
# define FFC_PARAM_TYPE_DH   1
23
24
/* Return codes for generation and validation of FFC parameters */
25
0
#define FFC_PARAMS_RET_STATUS_FAILED         0
26
0
#define FFC_PARAMS_RET_STATUS_SUCCESS        1
27
/* Returned if validating and g is only partially verifiable */
28
0
#define FFC_PARAMS_RET_STATUS_UNVERIFIABLE_G 2
29
30
/* Validation flags */
31
# define FFC_PARAMS_GENERATE     0x00
32
0
# define FFC_PARAMS_VALIDATE_PQ  0x01
33
0
# define FFC_PARAMS_VALIDATE_G   0x02
34
0
# define FFC_PARAMS_VALIDATE_ALL (FFC_PARAMS_VALIDATE_PQ | FFC_PARAMS_VALIDATE_G)
35
36
/*
37
 * NB: These values must align with the equivalently named macros in
38
 * openssl/dh.h. We cannot use those macros here in case DH has been disabled.
39
 */
40
0
# define FFC_CHECK_P_NOT_PRIME                0x00001
41
# define FFC_CHECK_P_NOT_SAFE_PRIME           0x00002
42
# define FFC_CHECK_UNKNOWN_GENERATOR          0x00004
43
# define FFC_CHECK_NOT_SUITABLE_GENERATOR     0x00008
44
0
# define FFC_CHECK_Q_NOT_PRIME                0x00010
45
0
# define FFC_CHECK_INVALID_Q_VALUE            0x00020
46
# define FFC_CHECK_INVALID_J_VALUE            0x00040
47
48
0
# define FFC_CHECK_BAD_LN_PAIR                0x00080
49
0
# define FFC_CHECK_INVALID_SEED_SIZE          0x00100
50
0
# define FFC_CHECK_MISSING_SEED_OR_COUNTER    0x00200
51
0
# define FFC_CHECK_INVALID_G                  0x00400
52
0
# define FFC_CHECK_INVALID_PQ                 0x00800
53
0
# define FFC_CHECK_INVALID_COUNTER            0x01000
54
0
# define FFC_CHECK_P_MISMATCH                 0x02000
55
0
# define FFC_CHECK_Q_MISMATCH                 0x04000
56
0
# define FFC_CHECK_G_MISMATCH                 0x08000
57
0
# define FFC_CHECK_COUNTER_MISMATCH           0x10000
58
59
/*
60
 * Finite field cryptography (FFC) domain parameters are used by DH and DSA.
61
 * Refer to FIPS186_4 Appendix A & B.
62
 */
63
typedef struct ffc_params_st {
64
    /* Primes */
65
    BIGNUM *p;
66
    BIGNUM *q;
67
    /* Generator */
68
    BIGNUM *g;
69
    /* DH X9.42 Optional Subgroup factor j >= 2 where p = j * q + 1 */
70
    BIGNUM *j;
71
72
    /* Required for FIPS186_4 validation of p, q and optionally canonical g */
73
    unsigned char *seed;
74
    /* If this value is zero the hash size is used as the seed length */
75
    size_t seedlen;
76
    /* Required for FIPS186_4 validation of p and q */
77
    int pcounter;
78
    int nid; /* The identity of a named group */
79
80
    /*
81
     * Required for FIPS186_4 generation & validation of canonical g.
82
     * It uses unverifiable g if this value is -1.
83
     */
84
    int gindex;
85
    int h; /* loop counter for unverifiable g */
86
} FFC_PARAMS;
87
88
void ffc_params_init(FFC_PARAMS *params);
89
void ffc_params_cleanup(FFC_PARAMS *params);
90
void ffc_params_set0_pqg(FFC_PARAMS *params, BIGNUM *p, BIGNUM *q, BIGNUM *g);
91
void ffc_params_get0_pqg(const FFC_PARAMS *params, const BIGNUM **p,
92
                         const BIGNUM **q, const BIGNUM **g);
93
void ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j);
94
int ffc_params_set_validate_params(FFC_PARAMS *params,
95
                                   const unsigned char *seed, size_t seedlen,
96
                                   int counter);
97
void ffc_params_get_validate_params(const FFC_PARAMS *params,
98
                                    unsigned char **seed, size_t *seedlen,
99
                                    int *pcounter);
100
101
int ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src);
102
int ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q);
103
104
#ifndef FIPS_MODE
105
int ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent);
106
#endif /* FIPS_MODE */
107
108
109
int ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params,
110
                                  int type, size_t L, size_t N,
111
                                  const EVP_MD *evpmd, int *res, BN_GENCB *cb);
112
int ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params,
113
                                  int type, size_t L, size_t N,
114
                                  const EVP_MD *evpmd, int *res, BN_GENCB *cb);
115
116
int ffc_param_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params,
117
                                   int type, size_t L, size_t N,
118
                                   const EVP_MD *evpmd, int validate_flags,
119
                                   int *res, BN_GENCB *cb);
120
int ffc_param_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params,
121
                                   int type, size_t L, size_t N,
122
                                   const EVP_MD *evpmd, int validate_flags,
123
                                   int *res, BN_GENCB *cb);
124
125
int ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params,
126
                             int N, int s, BIGNUM *priv);
127
128
int ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont,
129
                                       const BIGNUM *p, const BIGNUM *q,
130
                                       const BIGNUM *g, BIGNUM *tmp, int *ret);
131
132
#endif /* OSSL_INTERNAL_FFC_H */