/src/openssl/crypto/dh/dh_group_params.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* DH parameters from RFC7919 and RFC3526 */ |
11 | | |
12 | | /* |
13 | | * DH low level APIs are deprecated for public use, but still ok for |
14 | | * internal use. |
15 | | */ |
16 | | #include "internal/deprecated.h" |
17 | | |
18 | | #include <stdio.h> |
19 | | #include "internal/cryptlib.h" |
20 | | #include "internal/ffc.h" |
21 | | #include "dh_local.h" |
22 | | #include <openssl/bn.h> |
23 | | #include <openssl/objects.h> |
24 | | #include "internal/nelem.h" |
25 | | #include "crypto/dh.h" |
26 | | |
27 | | static DH *dh_param_init(OSSL_LIB_CTX *libctx, const DH_NAMED_GROUP *group) |
28 | 0 | { |
29 | 0 | DH *dh = ossl_dh_new_ex(libctx); |
30 | |
|
31 | 0 | if (dh == NULL) |
32 | 0 | return NULL; |
33 | | |
34 | 0 | ossl_ffc_named_group_set(&dh->params, group); |
35 | 0 | dh->params.nid = ossl_ffc_named_group_get_uid(group); |
36 | 0 | dh->dirty_cnt++; |
37 | 0 | return dh; |
38 | 0 | } |
39 | | |
40 | | DH *ossl_dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid) |
41 | 0 | { |
42 | 0 | const DH_NAMED_GROUP *group; |
43 | |
|
44 | 0 | if ((group = ossl_ffc_uid_to_dh_named_group(nid)) != NULL) |
45 | 0 | return dh_param_init(libctx, group); |
46 | | |
47 | 0 | ERR_raise(ERR_LIB_DH, DH_R_INVALID_PARAMETER_NID); |
48 | 0 | return NULL; |
49 | 0 | } |
50 | | |
51 | | DH *DH_new_by_nid(int nid) |
52 | 0 | { |
53 | 0 | return ossl_dh_new_by_nid_ex(NULL, nid); |
54 | 0 | } |
55 | | |
56 | | void ossl_dh_cache_named_group(DH *dh) |
57 | 292 | { |
58 | 292 | const DH_NAMED_GROUP *group; |
59 | | |
60 | 292 | if (dh == NULL) |
61 | 0 | return; |
62 | | |
63 | 292 | dh->params.nid = NID_undef; /* flush cached value */ |
64 | | |
65 | | /* Exit if p or g is not set */ |
66 | 292 | if (dh->params.p == NULL |
67 | 292 | || dh->params.g == NULL) |
68 | 0 | return; |
69 | | |
70 | 292 | if ((group = ossl_ffc_numbers_to_dh_named_group(dh->params.p, |
71 | 292 | dh->params.q, |
72 | 292 | dh->params.g)) != NULL) { |
73 | 0 | if (dh->params.q == NULL) |
74 | 0 | dh->params.q = (BIGNUM *)ossl_ffc_named_group_get_q(group); |
75 | | /* cache the nid and default key length */ |
76 | 0 | dh->params.nid = ossl_ffc_named_group_get_uid(group); |
77 | 0 | dh->params.keylength = ossl_ffc_named_group_get_keylength(group); |
78 | 0 | dh->dirty_cnt++; |
79 | 0 | } |
80 | 292 | } |
81 | | |
82 | | int ossl_dh_is_named_safe_prime_group(const DH *dh) |
83 | 0 | { |
84 | 0 | int id = DH_get_nid(dh); |
85 | | |
86 | | /* |
87 | | * Exclude RFC5114 groups (id = 1..3) since they do not have |
88 | | * q = (p - 1) / 2 |
89 | | */ |
90 | 0 | return (id > 3); |
91 | 0 | } |
92 | | |
93 | | int DH_get_nid(const DH *dh) |
94 | 143 | { |
95 | 143 | if (dh == NULL) |
96 | 0 | return NID_undef; |
97 | | |
98 | 143 | return dh->params.nid; |
99 | 143 | } |