/src/openssl/crypto/dh/dh_backend.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * DH low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <openssl/err.h> |
17 | | #include <openssl/core_names.h> |
18 | | #ifndef FIPS_MODULE |
19 | | # include <openssl/x509.h> |
20 | | #endif |
21 | | #include "internal/param_build_set.h" |
22 | | #include "crypto/dh.h" |
23 | | #include "dh_local.h" |
24 | | |
25 | | /* |
26 | | * The intention with the "backend" source file is to offer backend functions |
27 | | * for legacy backends (EVP_PKEY_ASN1_METHOD and EVP_PKEY_METHOD) and provider |
28 | | * implementations alike. |
29 | | */ |
30 | | |
31 | | static int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) |
32 | 0 | { |
33 | 0 | int ret; |
34 | 0 | FFC_PARAMS *ffc = ossl_dh_get0_params(dh); |
35 | |
|
36 | 0 | ret = ossl_ffc_params_fromdata(ffc, params); |
37 | 0 | if (ret) |
38 | 0 | ossl_dh_cache_named_group(dh); /* This increments dh->dirty_cnt */ |
39 | 0 | return ret; |
40 | 0 | } |
41 | | |
42 | | int ossl_dh_params_fromdata(DH *dh, const OSSL_PARAM params[]) |
43 | 0 | { |
44 | 0 | const OSSL_PARAM *param_priv_len; |
45 | 0 | long priv_len; |
46 | |
|
47 | 0 | if (!dh_ffc_params_fromdata(dh, params)) |
48 | 0 | return 0; |
49 | | |
50 | 0 | param_priv_len = |
51 | 0 | OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN); |
52 | 0 | if (param_priv_len != NULL |
53 | 0 | && (!OSSL_PARAM_get_long(param_priv_len, &priv_len) |
54 | 0 | || !DH_set_length(dh, priv_len))) |
55 | 0 | return 0; |
56 | | |
57 | 0 | return 1; |
58 | 0 | } |
59 | | |
60 | | int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private) |
61 | 0 | { |
62 | 0 | const OSSL_PARAM *param_priv_key, *param_pub_key; |
63 | 0 | BIGNUM *priv_key = NULL, *pub_key = NULL; |
64 | |
|
65 | 0 | if (dh == NULL) |
66 | 0 | return 0; |
67 | | |
68 | 0 | param_priv_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY); |
69 | 0 | param_pub_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); |
70 | |
|
71 | 0 | if (include_private |
72 | 0 | && param_priv_key != NULL |
73 | 0 | && !OSSL_PARAM_get_BN(param_priv_key, &priv_key)) |
74 | 0 | goto err; |
75 | | |
76 | 0 | if (param_pub_key != NULL |
77 | 0 | && !OSSL_PARAM_get_BN(param_pub_key, &pub_key)) |
78 | 0 | goto err; |
79 | | |
80 | 0 | if (!DH_set0_key(dh, pub_key, priv_key)) |
81 | 0 | goto err; |
82 | | |
83 | 0 | return 1; |
84 | | |
85 | 0 | err: |
86 | 0 | BN_clear_free(priv_key); |
87 | 0 | BN_free(pub_key); |
88 | 0 | return 0; |
89 | 0 | } |
90 | | |
91 | | int ossl_dh_params_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) |
92 | 0 | { |
93 | 0 | long l = DH_get_length(dh); |
94 | |
|
95 | 0 | if (!ossl_ffc_params_todata(ossl_dh_get0_params(dh), bld, params)) |
96 | 0 | return 0; |
97 | 0 | if (l > 0 |
98 | 0 | && !ossl_param_build_set_long(bld, params, OSSL_PKEY_PARAM_DH_PRIV_LEN, l)) |
99 | 0 | return 0; |
100 | 0 | return 1; |
101 | 0 | } |
102 | | |
103 | | int ossl_dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[], |
104 | | int include_private) |
105 | 0 | { |
106 | 0 | const BIGNUM *priv = NULL, *pub = NULL; |
107 | |
|
108 | 0 | if (dh == NULL) |
109 | 0 | return 0; |
110 | | |
111 | 0 | DH_get0_key(dh, &pub, &priv); |
112 | 0 | if (priv != NULL |
113 | 0 | && include_private |
114 | 0 | && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PRIV_KEY, priv)) |
115 | 0 | return 0; |
116 | 0 | if (pub != NULL |
117 | 0 | && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PUB_KEY, pub)) |
118 | 0 | return 0; |
119 | | |
120 | 0 | return 1; |
121 | 0 | } |
122 | | |
123 | | int ossl_dh_is_foreign(const DH *dh) |
124 | 0 | { |
125 | 0 | #ifndef FIPS_MODULE |
126 | 0 | if (dh->engine != NULL || ossl_dh_get_method(dh) != DH_OpenSSL()) |
127 | 0 | return 1; |
128 | 0 | #endif |
129 | 0 | return 0; |
130 | 0 | } |
131 | | |
132 | | static ossl_inline int dh_bn_dup_check(BIGNUM **out, const BIGNUM *f) |
133 | 0 | { |
134 | 0 | if (f != NULL && (*out = BN_dup(f)) == NULL) |
135 | 0 | return 0; |
136 | 0 | return 1; |
137 | 0 | } |
138 | | |
139 | | DH *ossl_dh_dup(const DH *dh, int selection) |
140 | 0 | { |
141 | 0 | DH *dupkey = NULL; |
142 | | |
143 | | /* Do not try to duplicate foreign DH keys */ |
144 | 0 | if (ossl_dh_is_foreign(dh)) |
145 | 0 | return NULL; |
146 | | |
147 | 0 | if ((dupkey = ossl_dh_new_ex(dh->libctx)) == NULL) |
148 | 0 | return NULL; |
149 | | |
150 | 0 | dupkey->length = DH_get_length(dh); |
151 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0 |
152 | 0 | && !ossl_ffc_params_copy(&dupkey->params, &dh->params)) |
153 | 0 | goto err; |
154 | | |
155 | 0 | dupkey->flags = dh->flags; |
156 | |
|
157 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0 |
158 | 0 | && ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0 |
159 | 0 | || !dh_bn_dup_check(&dupkey->pub_key, dh->pub_key))) |
160 | 0 | goto err; |
161 | | |
162 | 0 | if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 |
163 | 0 | && ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0 |
164 | 0 | || !dh_bn_dup_check(&dupkey->priv_key, dh->priv_key))) |
165 | 0 | goto err; |
166 | | |
167 | 0 | #ifndef FIPS_MODULE |
168 | 0 | if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_DH, |
169 | 0 | &dupkey->ex_data, &dh->ex_data)) |
170 | 0 | goto err; |
171 | 0 | #endif |
172 | | |
173 | 0 | return dupkey; |
174 | | |
175 | 0 | err: |
176 | 0 | DH_free(dupkey); |
177 | 0 | return NULL; |
178 | 0 | } |
179 | | |
180 | | #ifndef FIPS_MODULE |
181 | | DH *ossl_dh_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, |
182 | | OSSL_LIB_CTX *libctx, const char *propq) |
183 | 0 | { |
184 | 0 | const unsigned char *p, *pm; |
185 | 0 | int pklen, pmlen; |
186 | 0 | int ptype; |
187 | 0 | const void *pval; |
188 | 0 | const ASN1_STRING *pstr; |
189 | 0 | const X509_ALGOR *palg; |
190 | 0 | BIGNUM *privkey_bn = NULL; |
191 | 0 | ASN1_INTEGER *privkey = NULL; |
192 | 0 | DH *dh = NULL; |
193 | |
|
194 | 0 | if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8inf)) |
195 | 0 | return 0; |
196 | | |
197 | 0 | X509_ALGOR_get0(NULL, &ptype, &pval, palg); |
198 | |
|
199 | 0 | if (ptype != V_ASN1_SEQUENCE) |
200 | 0 | goto decerr; |
201 | 0 | if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) |
202 | 0 | goto decerr; |
203 | | |
204 | 0 | pstr = pval; |
205 | 0 | pm = pstr->data; |
206 | 0 | pmlen = pstr->length; |
207 | 0 | switch (OBJ_obj2nid(palg->algorithm)) { |
208 | 0 | case NID_dhKeyAgreement: |
209 | 0 | dh = d2i_DHparams(NULL, &pm, pmlen); |
210 | 0 | break; |
211 | 0 | case NID_dhpublicnumber: |
212 | 0 | dh = d2i_DHxparams(NULL, &pm, pmlen); |
213 | 0 | break; |
214 | 0 | default: |
215 | 0 | goto decerr; |
216 | 0 | } |
217 | 0 | if (dh == NULL) |
218 | 0 | goto decerr; |
219 | | |
220 | | /* We have parameters now set private key */ |
221 | 0 | if ((privkey_bn = BN_secure_new()) == NULL |
222 | 0 | || !ASN1_INTEGER_to_BN(privkey, privkey_bn)) { |
223 | 0 | ERR_raise(ERR_LIB_DH, DH_R_BN_ERROR); |
224 | 0 | BN_clear_free(privkey_bn); |
225 | 0 | goto dherr; |
226 | 0 | } |
227 | 0 | if (!DH_set0_key(dh, NULL, privkey_bn)) |
228 | 0 | goto dherr; |
229 | | /* Calculate public key, increments dirty_cnt */ |
230 | 0 | if (!DH_generate_key(dh)) |
231 | 0 | goto dherr; |
232 | | |
233 | 0 | goto done; |
234 | | |
235 | 0 | decerr: |
236 | 0 | ERR_raise(ERR_LIB_DH, EVP_R_DECODE_ERROR); |
237 | 0 | dherr: |
238 | 0 | DH_free(dh); |
239 | 0 | dh = NULL; |
240 | 0 | done: |
241 | 0 | ASN1_STRING_clear_free(privkey); |
242 | 0 | return dh; |
243 | 0 | } |
244 | | #endif |