/src/openssl/crypto/ec/ecx_key.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <string.h> |
11 | | #include <openssl/err.h> |
12 | | #include <openssl/proverr.h> |
13 | | #include "crypto/ecx.h" |
14 | | #include "internal/common.h" /* for ossl_assert() */ |
15 | | |
16 | | #ifdef S390X_EC_ASM |
17 | | # include "s390x_arch.h" |
18 | | #endif |
19 | | |
20 | | ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey, |
21 | | const char *propq) |
22 | 0 | { |
23 | 0 | ECX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); |
24 | |
|
25 | 0 | if (ret == NULL) |
26 | 0 | return NULL; |
27 | | |
28 | 0 | ret->libctx = libctx; |
29 | 0 | ret->haspubkey = haspubkey; |
30 | 0 | switch (type) { |
31 | 0 | case ECX_KEY_TYPE_X25519: |
32 | 0 | ret->keylen = X25519_KEYLEN; |
33 | 0 | break; |
34 | 0 | case ECX_KEY_TYPE_X448: |
35 | 0 | ret->keylen = X448_KEYLEN; |
36 | 0 | break; |
37 | 0 | case ECX_KEY_TYPE_ED25519: |
38 | 0 | ret->keylen = ED25519_KEYLEN; |
39 | 0 | break; |
40 | 0 | case ECX_KEY_TYPE_ED448: |
41 | 0 | ret->keylen = ED448_KEYLEN; |
42 | 0 | break; |
43 | 0 | } |
44 | 0 | ret->type = type; |
45 | |
|
46 | 0 | if (!CRYPTO_NEW_REF(&ret->references, 1)) |
47 | 0 | goto err; |
48 | | |
49 | 0 | if (propq != NULL) { |
50 | 0 | ret->propq = OPENSSL_strdup(propq); |
51 | 0 | if (ret->propq == NULL) |
52 | 0 | goto err; |
53 | 0 | } |
54 | 0 | return ret; |
55 | 0 | err: |
56 | 0 | if (ret != NULL) { |
57 | 0 | OPENSSL_free(ret->propq); |
58 | 0 | CRYPTO_FREE_REF(&ret->references); |
59 | 0 | } |
60 | 0 | OPENSSL_free(ret); |
61 | 0 | return NULL; |
62 | 0 | } |
63 | | |
64 | | void ossl_ecx_key_free(ECX_KEY *key) |
65 | 0 | { |
66 | 0 | int i; |
67 | |
|
68 | 0 | if (key == NULL) |
69 | 0 | return; |
70 | | |
71 | 0 | CRYPTO_DOWN_REF(&key->references, &i); |
72 | 0 | REF_PRINT_COUNT("ECX_KEY", i, key); |
73 | 0 | if (i > 0) |
74 | 0 | return; |
75 | 0 | REF_ASSERT_ISNT(i < 0); |
76 | |
|
77 | 0 | OPENSSL_free(key->propq); |
78 | | #ifdef OPENSSL_PEDANTIC_ZEROIZATION |
79 | | OPENSSL_cleanse(&key->pubkey, sizeof(key->pubkey)); |
80 | | #endif |
81 | 0 | OPENSSL_secure_clear_free(key->privkey, key->keylen); |
82 | 0 | CRYPTO_FREE_REF(&key->references); |
83 | 0 | OPENSSL_free(key); |
84 | 0 | } |
85 | | |
86 | | void ossl_ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx) |
87 | 0 | { |
88 | 0 | key->libctx = libctx; |
89 | 0 | } |
90 | | |
91 | | int ossl_ecx_key_up_ref(ECX_KEY *key) |
92 | 0 | { |
93 | 0 | int i; |
94 | |
|
95 | 0 | if (CRYPTO_UP_REF(&key->references, &i) <= 0) |
96 | 0 | return 0; |
97 | | |
98 | 0 | REF_PRINT_COUNT("ECX_KEY", i, key); |
99 | 0 | REF_ASSERT_ISNT(i < 2); |
100 | 0 | return ((i > 1) ? 1 : 0); |
101 | 0 | } |
102 | | |
103 | | unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key) |
104 | 0 | { |
105 | 0 | key->privkey = OPENSSL_secure_zalloc(key->keylen); |
106 | |
|
107 | 0 | return key->privkey; |
108 | 0 | } |
109 | | |
110 | | int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen, |
111 | | unsigned char *secret, size_t *secretlen, size_t outlen) |
112 | 0 | { |
113 | 0 | if (priv == NULL |
114 | 0 | || priv->privkey == NULL |
115 | 0 | || peer == NULL) { |
116 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY); |
117 | 0 | return 0; |
118 | 0 | } |
119 | | |
120 | 0 | if (!ossl_assert(keylen == X25519_KEYLEN |
121 | 0 | || keylen == X448_KEYLEN)) { |
122 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); |
123 | 0 | return 0; |
124 | 0 | } |
125 | | |
126 | 0 | if (secret == NULL) { |
127 | 0 | *secretlen = keylen; |
128 | 0 | return 1; |
129 | 0 | } |
130 | 0 | if (outlen < keylen) { |
131 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); |
132 | 0 | return 0; |
133 | 0 | } |
134 | | |
135 | 0 | if (keylen == X25519_KEYLEN) { |
136 | | #ifdef S390X_EC_ASM |
137 | | if (OPENSSL_s390xcap_P.pcc[1] |
138 | | & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) { |
139 | | if (s390x_x25519_mul(secret, peer->pubkey, priv->privkey) == 0) { |
140 | | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); |
141 | | return 0; |
142 | | } |
143 | | } else |
144 | | #endif |
145 | 0 | if (ossl_x25519(secret, priv->privkey, peer->pubkey) == 0) { |
146 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); |
147 | 0 | return 0; |
148 | 0 | } |
149 | 0 | } else { |
150 | | #ifdef S390X_EC_ASM |
151 | | if (OPENSSL_s390xcap_P.pcc[1] |
152 | | & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) { |
153 | | if (s390x_x448_mul(secret, peer->pubkey, priv->privkey) == 0) { |
154 | | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); |
155 | | return 0; |
156 | | } |
157 | | } else |
158 | | #endif |
159 | 0 | if (ossl_x448(secret, priv->privkey, peer->pubkey) == 0) { |
160 | 0 | ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION); |
161 | 0 | return 0; |
162 | 0 | } |
163 | 0 | } |
164 | 0 | *secretlen = keylen; |
165 | 0 | return 1; |
166 | 0 | } |