/src/openssl30/crypto/dsa/dsa_lib.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * DSA low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <openssl/bn.h> |
17 | | #ifndef FIPS_MODULE |
18 | | # include <openssl/engine.h> |
19 | | #endif |
20 | | #include "internal/cryptlib.h" |
21 | | #include "internal/refcount.h" |
22 | | #include "crypto/dsa.h" |
23 | | #include "crypto/dh.h" /* required by DSA_dup_DH() */ |
24 | | #include "dsa_local.h" |
25 | | |
26 | | static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx); |
27 | | |
28 | | #ifndef FIPS_MODULE |
29 | | |
30 | | int DSA_set_ex_data(DSA *d, int idx, void *arg) |
31 | 0 | { |
32 | 0 | return CRYPTO_set_ex_data(&d->ex_data, idx, arg); |
33 | 0 | } |
34 | | |
35 | | void *DSA_get_ex_data(const DSA *d, int idx) |
36 | 0 | { |
37 | 0 | return CRYPTO_get_ex_data(&d->ex_data, idx); |
38 | 0 | } |
39 | | |
40 | | # ifndef OPENSSL_NO_DH |
41 | | DH *DSA_dup_DH(const DSA *r) |
42 | 0 | { |
43 | | /* |
44 | | * DSA has p, q, g, optional pub_key, optional priv_key. |
45 | | * DH has p, optional length, g, optional pub_key, |
46 | | * optional priv_key, optional q. |
47 | | */ |
48 | 0 | DH *ret = NULL; |
49 | 0 | BIGNUM *pub_key = NULL, *priv_key = NULL; |
50 | |
|
51 | 0 | if (r == NULL) |
52 | 0 | goto err; |
53 | 0 | ret = DH_new(); |
54 | 0 | if (ret == NULL) |
55 | 0 | goto err; |
56 | | |
57 | 0 | if (!ossl_ffc_params_copy(ossl_dh_get0_params(ret), &r->params)) |
58 | 0 | goto err; |
59 | | |
60 | 0 | if (r->pub_key != NULL) { |
61 | 0 | pub_key = BN_dup(r->pub_key); |
62 | 0 | if (pub_key == NULL) |
63 | 0 | goto err; |
64 | 0 | if (r->priv_key != NULL) { |
65 | 0 | priv_key = BN_dup(r->priv_key); |
66 | 0 | if (priv_key == NULL) |
67 | 0 | goto err; |
68 | 0 | } |
69 | 0 | if (!DH_set0_key(ret, pub_key, priv_key)) |
70 | 0 | goto err; |
71 | 0 | } else if (r->priv_key != NULL) { |
72 | | /* Shouldn't happen */ |
73 | 0 | goto err; |
74 | 0 | } |
75 | | |
76 | 0 | return ret; |
77 | | |
78 | 0 | err: |
79 | 0 | BN_free(pub_key); |
80 | 0 | BN_free(priv_key); |
81 | 0 | DH_free(ret); |
82 | 0 | return NULL; |
83 | 0 | } |
84 | | # endif /* OPENSSL_NO_DH */ |
85 | | |
86 | | void DSA_clear_flags(DSA *d, int flags) |
87 | 0 | { |
88 | 0 | d->flags &= ~flags; |
89 | 0 | } |
90 | | |
91 | | int DSA_test_flags(const DSA *d, int flags) |
92 | 0 | { |
93 | 0 | return d->flags & flags; |
94 | 0 | } |
95 | | |
96 | | void DSA_set_flags(DSA *d, int flags) |
97 | 0 | { |
98 | 0 | d->flags |= flags; |
99 | 0 | } |
100 | | |
101 | | ENGINE *DSA_get0_engine(DSA *d) |
102 | 0 | { |
103 | 0 | return d->engine; |
104 | 0 | } |
105 | | |
106 | | int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) |
107 | 0 | { |
108 | | /* |
109 | | * NB: The caller is specifically setting a method, so it's not up to us |
110 | | * to deal with which ENGINE it comes from. |
111 | | */ |
112 | 0 | const DSA_METHOD *mtmp; |
113 | 0 | mtmp = dsa->meth; |
114 | 0 | if (mtmp->finish) |
115 | 0 | mtmp->finish(dsa); |
116 | 0 | #ifndef OPENSSL_NO_ENGINE |
117 | 0 | ENGINE_finish(dsa->engine); |
118 | 0 | dsa->engine = NULL; |
119 | 0 | #endif |
120 | 0 | dsa->meth = meth; |
121 | 0 | if (meth->init) |
122 | 0 | meth->init(dsa); |
123 | 0 | return 1; |
124 | 0 | } |
125 | | #endif /* FIPS_MODULE */ |
126 | | |
127 | | |
128 | | const DSA_METHOD *DSA_get_method(DSA *d) |
129 | 488 | { |
130 | 488 | return d->meth; |
131 | 488 | } |
132 | | |
133 | | static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) |
134 | 529 | { |
135 | 529 | DSA *ret = OPENSSL_zalloc(sizeof(*ret)); |
136 | | |
137 | 529 | if (ret == NULL) { |
138 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); |
139 | 0 | return NULL; |
140 | 0 | } |
141 | | |
142 | 529 | ret->references = 1; |
143 | 529 | ret->lock = CRYPTO_THREAD_lock_new(); |
144 | 529 | if (ret->lock == NULL) { |
145 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE); |
146 | 0 | OPENSSL_free(ret); |
147 | 0 | return NULL; |
148 | 0 | } |
149 | | |
150 | 529 | ret->libctx = libctx; |
151 | 529 | ret->meth = DSA_get_default_method(); |
152 | 529 | #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) |
153 | 529 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; /* early default init */ |
154 | 529 | if (engine) { |
155 | 0 | if (!ENGINE_init(engine)) { |
156 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_ENGINE_LIB); |
157 | 0 | goto err; |
158 | 0 | } |
159 | 0 | ret->engine = engine; |
160 | 0 | } else |
161 | 529 | ret->engine = ENGINE_get_default_DSA(); |
162 | 529 | if (ret->engine) { |
163 | 0 | ret->meth = ENGINE_get_DSA(ret->engine); |
164 | 0 | if (ret->meth == NULL) { |
165 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_ENGINE_LIB); |
166 | 0 | goto err; |
167 | 0 | } |
168 | 0 | } |
169 | 529 | #endif |
170 | | |
171 | 529 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; |
172 | | |
173 | 529 | #ifndef FIPS_MODULE |
174 | 529 | if (!ossl_crypto_new_ex_data_ex(libctx, CRYPTO_EX_INDEX_DSA, ret, |
175 | 529 | &ret->ex_data)) |
176 | 0 | goto err; |
177 | 529 | #endif |
178 | | |
179 | 529 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { |
180 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_INIT_FAIL); |
181 | 0 | goto err; |
182 | 0 | } |
183 | | |
184 | 529 | return ret; |
185 | | |
186 | 0 | err: |
187 | 0 | DSA_free(ret); |
188 | 0 | return NULL; |
189 | 529 | } |
190 | | |
191 | | DSA *DSA_new_method(ENGINE *engine) |
192 | 0 | { |
193 | 0 | return dsa_new_intern(engine, NULL); |
194 | 0 | } |
195 | | |
196 | | DSA *ossl_dsa_new(OSSL_LIB_CTX *libctx) |
197 | 0 | { |
198 | 0 | return dsa_new_intern(NULL, libctx); |
199 | 0 | } |
200 | | |
201 | | #ifndef FIPS_MODULE |
202 | | DSA *DSA_new(void) |
203 | 529 | { |
204 | 529 | return dsa_new_intern(NULL, NULL); |
205 | 529 | } |
206 | | #endif |
207 | | |
208 | | void DSA_free(DSA *r) |
209 | 10.2k | { |
210 | 10.2k | int i; |
211 | | |
212 | 10.2k | if (r == NULL) |
213 | 8.35k | return; |
214 | | |
215 | 1.92k | CRYPTO_DOWN_REF(&r->references, &i, r->lock); |
216 | 1.92k | REF_PRINT_COUNT("DSA", r); |
217 | 1.92k | if (i > 0) |
218 | 1.39k | return; |
219 | 529 | REF_ASSERT_ISNT(i < 0); |
220 | | |
221 | 529 | if (r->meth != NULL && r->meth->finish != NULL) |
222 | 529 | r->meth->finish(r); |
223 | 529 | #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE) |
224 | 529 | ENGINE_finish(r->engine); |
225 | 529 | #endif |
226 | | |
227 | 529 | #ifndef FIPS_MODULE |
228 | 529 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
229 | 529 | #endif |
230 | | |
231 | 529 | CRYPTO_THREAD_lock_free(r->lock); |
232 | | |
233 | 529 | ossl_ffc_params_cleanup(&r->params); |
234 | 529 | BN_clear_free(r->pub_key); |
235 | 529 | BN_clear_free(r->priv_key); |
236 | 529 | OPENSSL_free(r); |
237 | 529 | } |
238 | | |
239 | | int DSA_up_ref(DSA *r) |
240 | 1.39k | { |
241 | 1.39k | int i; |
242 | | |
243 | 1.39k | if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0) |
244 | 0 | return 0; |
245 | | |
246 | 1.39k | REF_PRINT_COUNT("DSA", r); |
247 | 1.39k | REF_ASSERT_ISNT(i < 2); |
248 | 1.39k | return ((i > 1) ? 1 : 0); |
249 | 1.39k | } |
250 | | |
251 | | void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx) |
252 | 488 | { |
253 | 488 | d->libctx = libctx; |
254 | 488 | } |
255 | | |
256 | | void DSA_get0_pqg(const DSA *d, |
257 | | const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) |
258 | 488 | { |
259 | 488 | ossl_ffc_params_get0_pqg(&d->params, p, q, g); |
260 | 488 | } |
261 | | |
262 | | int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) |
263 | 0 | { |
264 | | /* If the fields p, q and g in d are NULL, the corresponding input |
265 | | * parameters MUST be non-NULL. |
266 | | */ |
267 | 0 | if ((d->params.p == NULL && p == NULL) |
268 | 0 | || (d->params.q == NULL && q == NULL) |
269 | 0 | || (d->params.g == NULL && g == NULL)) |
270 | 0 | return 0; |
271 | | |
272 | 0 | ossl_ffc_params_set0_pqg(&d->params, p, q, g); |
273 | 0 | d->dirty_cnt++; |
274 | |
|
275 | 0 | return 1; |
276 | 0 | } |
277 | | |
278 | | const BIGNUM *DSA_get0_p(const DSA *d) |
279 | 473 | { |
280 | 473 | return d->params.p; |
281 | 473 | } |
282 | | |
283 | | const BIGNUM *DSA_get0_q(const DSA *d) |
284 | 0 | { |
285 | 0 | return d->params.q; |
286 | 0 | } |
287 | | |
288 | | const BIGNUM *DSA_get0_g(const DSA *d) |
289 | 473 | { |
290 | 473 | return d->params.g; |
291 | 473 | } |
292 | | |
293 | | const BIGNUM *DSA_get0_pub_key(const DSA *d) |
294 | 0 | { |
295 | 0 | return d->pub_key; |
296 | 0 | } |
297 | | |
298 | | const BIGNUM *DSA_get0_priv_key(const DSA *d) |
299 | 0 | { |
300 | 0 | return d->priv_key; |
301 | 0 | } |
302 | | |
303 | | void DSA_get0_key(const DSA *d, |
304 | | const BIGNUM **pub_key, const BIGNUM **priv_key) |
305 | 488 | { |
306 | 488 | if (pub_key != NULL) |
307 | 488 | *pub_key = d->pub_key; |
308 | 488 | if (priv_key != NULL) |
309 | 488 | *priv_key = d->priv_key; |
310 | 488 | } |
311 | | |
312 | | int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) |
313 | 0 | { |
314 | 0 | if (pub_key != NULL) { |
315 | 0 | BN_free(d->pub_key); |
316 | 0 | d->pub_key = pub_key; |
317 | 0 | } |
318 | 0 | if (priv_key != NULL) { |
319 | 0 | BN_free(d->priv_key); |
320 | 0 | d->priv_key = priv_key; |
321 | 0 | } |
322 | 0 | d->dirty_cnt++; |
323 | |
|
324 | 0 | return 1; |
325 | 0 | } |
326 | | |
327 | | int DSA_security_bits(const DSA *d) |
328 | 488 | { |
329 | 488 | if (d->params.p != NULL && d->params.q != NULL) |
330 | 488 | return BN_security_bits(BN_num_bits(d->params.p), |
331 | 488 | BN_num_bits(d->params.q)); |
332 | 0 | return -1; |
333 | 488 | } |
334 | | |
335 | | int DSA_bits(const DSA *dsa) |
336 | 488 | { |
337 | 488 | if (dsa->params.p != NULL) |
338 | 488 | return BN_num_bits(dsa->params.p); |
339 | 0 | return -1; |
340 | 488 | } |
341 | | |
342 | | FFC_PARAMS *ossl_dsa_get0_params(DSA *dsa) |
343 | 488 | { |
344 | 488 | return &dsa->params; |
345 | 488 | } |
346 | | |
347 | | int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]) |
348 | 0 | { |
349 | 0 | int ret; |
350 | 0 | FFC_PARAMS *ffc; |
351 | |
|
352 | 0 | if (dsa == NULL) |
353 | 0 | return 0; |
354 | 0 | ffc = ossl_dsa_get0_params(dsa); |
355 | 0 | if (ffc == NULL) |
356 | 0 | return 0; |
357 | | |
358 | 0 | ret = ossl_ffc_params_fromdata(ffc, params); |
359 | 0 | if (ret) |
360 | 0 | dsa->dirty_cnt++; |
361 | 0 | return ret; |
362 | 0 | } |