/src/boringssl/crypto/evp/p_x25519.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* Copyright (c) 2019, Google Inc. |
2 | | * |
3 | | * Permission to use, copy, modify, and/or distribute this software for any |
4 | | * purpose with or without fee is hereby granted, provided that the above |
5 | | * copyright notice and this permission notice appear in all copies. |
6 | | * |
7 | | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
8 | | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
9 | | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
10 | | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
11 | | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
12 | | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
13 | | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ |
14 | | |
15 | | #include <openssl/evp.h> |
16 | | |
17 | | #include <openssl/curve25519.h> |
18 | | #include <openssl/err.h> |
19 | | #include <openssl/mem.h> |
20 | | |
21 | | #include "internal.h" |
22 | | |
23 | | |
24 | | // X25519 has no parameters to copy. |
25 | 0 | static int pkey_x25519_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { return 1; } |
26 | | |
27 | 0 | static int pkey_x25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { |
28 | 0 | X25519_KEY *key = OPENSSL_malloc(sizeof(X25519_KEY)); |
29 | 0 | if (key == NULL) { |
30 | 0 | return 0; |
31 | 0 | } |
32 | | |
33 | 0 | evp_pkey_set_method(pkey, &x25519_asn1_meth); |
34 | |
|
35 | 0 | X25519_keypair(key->pub, key->priv); |
36 | 0 | key->has_private = 1; |
37 | |
|
38 | 0 | OPENSSL_free(pkey->pkey); |
39 | 0 | pkey->pkey = key; |
40 | 0 | return 1; |
41 | 0 | } |
42 | | |
43 | | static int pkey_x25519_derive(EVP_PKEY_CTX *ctx, uint8_t *out, |
44 | 0 | size_t *out_len) { |
45 | 0 | if (ctx->pkey == NULL || ctx->peerkey == NULL) { |
46 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); |
47 | 0 | return 0; |
48 | 0 | } |
49 | | |
50 | 0 | const X25519_KEY *our_key = ctx->pkey->pkey; |
51 | 0 | const X25519_KEY *peer_key = ctx->peerkey->pkey; |
52 | 0 | if (our_key == NULL || peer_key == NULL) { |
53 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); |
54 | 0 | return 0; |
55 | 0 | } |
56 | | |
57 | 0 | if (!our_key->has_private) { |
58 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_NOT_A_PRIVATE_KEY); |
59 | 0 | return 0; |
60 | 0 | } |
61 | | |
62 | 0 | if (out != NULL) { |
63 | 0 | if (*out_len < 32) { |
64 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); |
65 | 0 | return 0; |
66 | 0 | } |
67 | 0 | if (!X25519(out, our_key->priv, peer_key->pub)) { |
68 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_INVALID_PEER_KEY); |
69 | 0 | return 0; |
70 | 0 | } |
71 | 0 | } |
72 | | |
73 | 0 | *out_len = 32; |
74 | 0 | return 1; |
75 | 0 | } |
76 | | |
77 | 0 | static int pkey_x25519_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { |
78 | 0 | switch (type) { |
79 | 0 | case EVP_PKEY_CTRL_PEER_KEY: |
80 | | // |EVP_PKEY_derive_set_peer| requires the key implement this command, |
81 | | // even if it is a no-op. |
82 | 0 | return 1; |
83 | | |
84 | 0 | default: |
85 | 0 | OPENSSL_PUT_ERROR(EVP, EVP_R_COMMAND_NOT_SUPPORTED); |
86 | 0 | return 0; |
87 | 0 | } |
88 | 0 | } |
89 | | |
90 | | const EVP_PKEY_METHOD x25519_pkey_meth = { |
91 | | EVP_PKEY_X25519, |
92 | | NULL /* init */, |
93 | | pkey_x25519_copy, |
94 | | NULL /* cleanup */, |
95 | | pkey_x25519_keygen, |
96 | | NULL /* sign */, |
97 | | NULL /* sign_message */, |
98 | | NULL /* verify */, |
99 | | NULL /* verify_message */, |
100 | | NULL /* verify_recover */, |
101 | | NULL /* encrypt */, |
102 | | NULL /* decrypt */, |
103 | | pkey_x25519_derive, |
104 | | NULL /* paramgen */, |
105 | | pkey_x25519_ctrl, |
106 | | }; |