/src/openssl/crypto/dsa/dsa_lib.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * DSA low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <openssl/bn.h> |
17 | | #include "internal/cryptlib.h" |
18 | | #include "internal/refcount.h" |
19 | | #include "internal/common.h" |
20 | | #include "crypto/dsa.h" |
21 | | #include "crypto/dh.h" /* required by DSA_dup_DH() */ |
22 | | #include "dsa_local.h" |
23 | | |
24 | | static DSA *dsa_new_intern(OSSL_LIB_CTX *libctx); |
25 | | |
26 | | #ifndef FIPS_MODULE |
27 | | |
28 | | int DSA_set_ex_data(DSA *d, int idx, void *arg) |
29 | 0 | { |
30 | 0 | return CRYPTO_set_ex_data(&d->ex_data, idx, arg); |
31 | 0 | } |
32 | | |
33 | | void *DSA_get_ex_data(const DSA *d, int idx) |
34 | 0 | { |
35 | 0 | return CRYPTO_get_ex_data(&d->ex_data, idx); |
36 | 0 | } |
37 | | |
38 | | #ifndef OPENSSL_NO_DH |
39 | | DH *DSA_dup_DH(const DSA *r) |
40 | 0 | { |
41 | | /* |
42 | | * DSA has p, q, g, optional pub_key, optional priv_key. |
43 | | * DH has p, optional length, g, optional pub_key, |
44 | | * optional priv_key, optional q. |
45 | | */ |
46 | 0 | DH *ret = NULL; |
47 | 0 | BIGNUM *pub_key = NULL, *priv_key = NULL; |
48 | |
|
49 | 0 | if (r == NULL) |
50 | 0 | goto err; |
51 | 0 | ret = DH_new(); |
52 | 0 | if (ret == NULL) |
53 | 0 | goto err; |
54 | | |
55 | 0 | if (!ossl_ffc_params_copy(ossl_dh_get0_params(ret), &r->params)) |
56 | 0 | goto err; |
57 | | |
58 | 0 | if (r->pub_key != NULL) { |
59 | 0 | pub_key = BN_dup(r->pub_key); |
60 | 0 | if (pub_key == NULL) |
61 | 0 | goto err; |
62 | 0 | if (r->priv_key != NULL) { |
63 | 0 | priv_key = BN_dup(r->priv_key); |
64 | 0 | if (priv_key == NULL) |
65 | 0 | goto err; |
66 | 0 | } |
67 | 0 | if (!DH_set0_key(ret, pub_key, priv_key)) |
68 | 0 | goto err; |
69 | 0 | } else if (r->priv_key != NULL) { |
70 | | /* Shouldn't happen */ |
71 | 0 | goto err; |
72 | 0 | } |
73 | | |
74 | 0 | return ret; |
75 | | |
76 | 0 | err: |
77 | 0 | BN_free(pub_key); |
78 | 0 | BN_free(priv_key); |
79 | 0 | DH_free(ret); |
80 | 0 | return NULL; |
81 | 0 | } |
82 | | #endif /* OPENSSL_NO_DH */ |
83 | | |
84 | | void DSA_clear_flags(DSA *d, int flags) |
85 | 0 | { |
86 | 0 | d->flags &= ~flags; |
87 | 0 | } |
88 | | |
89 | | int DSA_test_flags(const DSA *d, int flags) |
90 | 0 | { |
91 | 0 | return d->flags & flags; |
92 | 0 | } |
93 | | |
94 | | void DSA_set_flags(DSA *d, int flags) |
95 | 0 | { |
96 | 0 | d->flags |= flags; |
97 | 0 | } |
98 | | |
99 | | int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) |
100 | 0 | { |
101 | | /* |
102 | | * NB: The caller is specifically setting a method, so it's not up to us |
103 | | * to deal with which ENGINE it comes from. |
104 | | */ |
105 | 0 | const DSA_METHOD *mtmp; |
106 | 0 | mtmp = dsa->meth; |
107 | 0 | if (mtmp->finish) |
108 | 0 | mtmp->finish(dsa); |
109 | 0 | dsa->meth = meth; |
110 | 0 | if (meth->init) |
111 | 0 | meth->init(dsa); |
112 | 0 | return 1; |
113 | 0 | } |
114 | | #endif /* FIPS_MODULE */ |
115 | | |
116 | | const DSA_METHOD *DSA_get_method(DSA *d) |
117 | 0 | { |
118 | 0 | return d->meth; |
119 | 0 | } |
120 | | |
121 | | static DSA *dsa_new_intern(OSSL_LIB_CTX *libctx) |
122 | 0 | { |
123 | 0 | DSA *ret = OPENSSL_zalloc(sizeof(*ret)); |
124 | |
|
125 | 0 | if (ret == NULL) |
126 | 0 | return NULL; |
127 | | |
128 | 0 | ret->lock = CRYPTO_THREAD_lock_new(); |
129 | 0 | if (ret->lock == NULL) { |
130 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_CRYPTO_LIB); |
131 | 0 | OPENSSL_free(ret); |
132 | 0 | return NULL; |
133 | 0 | } |
134 | | |
135 | 0 | if (!CRYPTO_NEW_REF(&ret->references, 1)) { |
136 | 0 | CRYPTO_THREAD_lock_free(ret->lock); |
137 | 0 | OPENSSL_free(ret); |
138 | 0 | return NULL; |
139 | 0 | } |
140 | | |
141 | 0 | ret->libctx = libctx; |
142 | 0 | ret->meth = DSA_get_default_method(); |
143 | |
|
144 | 0 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; |
145 | |
|
146 | 0 | #ifndef FIPS_MODULE |
147 | 0 | if (!ossl_crypto_new_ex_data_ex(libctx, CRYPTO_EX_INDEX_DSA, ret, |
148 | 0 | &ret->ex_data)) |
149 | 0 | goto err; |
150 | 0 | #endif |
151 | | |
152 | 0 | ossl_ffc_params_init(&ret->params); |
153 | |
|
154 | 0 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { |
155 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_INIT_FAIL); |
156 | 0 | goto err; |
157 | 0 | } |
158 | | |
159 | 0 | return ret; |
160 | | |
161 | 0 | err: |
162 | 0 | DSA_free(ret); |
163 | 0 | return NULL; |
164 | 0 | } |
165 | | |
166 | | DSA *DSA_new_method(ENGINE *engine) |
167 | 0 | { |
168 | 0 | if (!ossl_assert(engine == NULL)) |
169 | 0 | return NULL; |
170 | 0 | return dsa_new_intern(NULL); |
171 | 0 | } |
172 | | |
173 | | DSA *ossl_dsa_new(OSSL_LIB_CTX *libctx) |
174 | 0 | { |
175 | 0 | return dsa_new_intern(libctx); |
176 | 0 | } |
177 | | |
178 | | #ifndef FIPS_MODULE |
179 | | DSA *DSA_new(void) |
180 | 0 | { |
181 | 0 | return dsa_new_intern(NULL); |
182 | 0 | } |
183 | | #endif |
184 | | |
185 | | void DSA_free(DSA *r) |
186 | 0 | { |
187 | 0 | int i; |
188 | |
|
189 | 0 | if (r == NULL) |
190 | 0 | return; |
191 | | |
192 | 0 | CRYPTO_DOWN_REF(&r->references, &i); |
193 | 0 | REF_PRINT_COUNT("DSA", i, r); |
194 | 0 | if (i > 0) |
195 | 0 | return; |
196 | 0 | REF_ASSERT_ISNT(i < 0); |
197 | |
|
198 | 0 | if (r->meth != NULL && r->meth->finish != NULL) |
199 | 0 | r->meth->finish(r); |
200 | |
|
201 | 0 | #ifndef FIPS_MODULE |
202 | 0 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
203 | 0 | #endif |
204 | |
|
205 | 0 | CRYPTO_THREAD_lock_free(r->lock); |
206 | 0 | CRYPTO_FREE_REF(&r->references); |
207 | |
|
208 | 0 | ossl_ffc_params_cleanup(&r->params); |
209 | 0 | BN_clear_free(r->pub_key); |
210 | 0 | BN_clear_free(r->priv_key); |
211 | 0 | OPENSSL_free(r); |
212 | 0 | } |
213 | | |
214 | | int DSA_up_ref(DSA *r) |
215 | 0 | { |
216 | 0 | int i; |
217 | |
|
218 | 0 | if (CRYPTO_UP_REF(&r->references, &i) <= 0) |
219 | 0 | return 0; |
220 | | |
221 | 0 | REF_PRINT_COUNT("DSA", i, r); |
222 | 0 | REF_ASSERT_ISNT(i < 2); |
223 | 0 | return ((i > 1) ? 1 : 0); |
224 | 0 | } |
225 | | |
226 | | void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx) |
227 | 0 | { |
228 | 0 | d->libctx = libctx; |
229 | 0 | } |
230 | | |
231 | | void DSA_get0_pqg(const DSA *d, |
232 | | const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) |
233 | 0 | { |
234 | 0 | ossl_ffc_params_get0_pqg(&d->params, p, q, g); |
235 | 0 | } |
236 | | |
237 | | int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) |
238 | 0 | { |
239 | | /* If the fields p, q and g in d are NULL, the corresponding input |
240 | | * parameters MUST be non-NULL. |
241 | | */ |
242 | 0 | if ((d->params.p == NULL && p == NULL) |
243 | 0 | || (d->params.q == NULL && q == NULL) |
244 | 0 | || (d->params.g == NULL && g == NULL)) |
245 | 0 | return 0; |
246 | | |
247 | 0 | ossl_ffc_params_set0_pqg(&d->params, p, q, g); |
248 | 0 | d->dirty_cnt++; |
249 | |
|
250 | 0 | return 1; |
251 | 0 | } |
252 | | |
253 | | const BIGNUM *DSA_get0_p(const DSA *d) |
254 | 0 | { |
255 | 0 | return d->params.p; |
256 | 0 | } |
257 | | |
258 | | const BIGNUM *DSA_get0_q(const DSA *d) |
259 | 0 | { |
260 | 0 | return d->params.q; |
261 | 0 | } |
262 | | |
263 | | const BIGNUM *DSA_get0_g(const DSA *d) |
264 | 0 | { |
265 | 0 | return d->params.g; |
266 | 0 | } |
267 | | |
268 | | const BIGNUM *DSA_get0_pub_key(const DSA *d) |
269 | 0 | { |
270 | 0 | return d->pub_key; |
271 | 0 | } |
272 | | |
273 | | const BIGNUM *DSA_get0_priv_key(const DSA *d) |
274 | 0 | { |
275 | 0 | return d->priv_key; |
276 | 0 | } |
277 | | |
278 | | void DSA_get0_key(const DSA *d, |
279 | | const BIGNUM **pub_key, const BIGNUM **priv_key) |
280 | 0 | { |
281 | 0 | if (pub_key != NULL) |
282 | 0 | *pub_key = d->pub_key; |
283 | 0 | if (priv_key != NULL) |
284 | 0 | *priv_key = d->priv_key; |
285 | 0 | } |
286 | | |
287 | | int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) |
288 | 0 | { |
289 | 0 | if (pub_key != NULL) { |
290 | 0 | BN_free(d->pub_key); |
291 | 0 | d->pub_key = pub_key; |
292 | 0 | } |
293 | 0 | if (priv_key != NULL) { |
294 | 0 | BN_free(d->priv_key); |
295 | 0 | d->priv_key = priv_key; |
296 | 0 | } |
297 | 0 | d->dirty_cnt++; |
298 | |
|
299 | 0 | return 1; |
300 | 0 | } |
301 | | |
302 | | int DSA_security_bits(const DSA *d) |
303 | 0 | { |
304 | 0 | if (d->params.p != NULL && d->params.q != NULL) |
305 | 0 | return BN_security_bits(BN_num_bits(d->params.p), |
306 | 0 | BN_num_bits(d->params.q)); |
307 | 0 | return -1; |
308 | 0 | } |
309 | | |
310 | | int DSA_bits(const DSA *dsa) |
311 | 0 | { |
312 | 0 | if (dsa->params.p != NULL) |
313 | 0 | return BN_num_bits(dsa->params.p); |
314 | 0 | return -1; |
315 | 0 | } |
316 | | |
317 | | FFC_PARAMS *ossl_dsa_get0_params(DSA *dsa) |
318 | 0 | { |
319 | 0 | return &dsa->params; |
320 | 0 | } |
321 | | |
322 | | int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]) |
323 | 0 | { |
324 | 0 | int ret; |
325 | 0 | FFC_PARAMS *ffc = ossl_dsa_get0_params(dsa); |
326 | |
|
327 | 0 | ret = ossl_ffc_params_fromdata(ffc, params); |
328 | 0 | if (ret) |
329 | 0 | dsa->dirty_cnt++; |
330 | 0 | return ret; |
331 | 0 | } |