/src/openssl34/crypto/dsa/dsa_check.c

Source (jump to first uncovered line)
/*
 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/*
 * DSA low level APIs are deprecated for public use, but still ok for
 * internal use.
 */
#include "internal/deprecated.h"

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
#include "dsa_local.h"
#include "crypto/dsa.h"

static int dsa_precheck_params(const DSA *dsa, int *ret)
{
    if (dsa->params.p == NULL || dsa->params.q == NULL) {
        ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS);
        *ret = FFC_CHECK_INVALID_PQ;
        return 0;
    }

    if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
        ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE);
        *ret = FFC_CHECK_INVALID_PQ;
        return 0;
    }

    if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) {
        ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE);
        *ret = FFC_CHECK_INVALID_PQ;
        return 0;
    }

    return 1;
}

int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
{
    if (!dsa_precheck_params(dsa, ret))
        return 0;

    if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
        return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params,
                                               FFC_PARAM_TYPE_DSA, ret);
    else
        /*
         * Do full FFC domain params validation according to FIPS-186-4
         *  - always in FIPS_MODULE
         *  - only if possible (i.e., seed is set) in default provider
         */
        return ossl_ffc_params_full_validate(dsa->libctx, &dsa->params,
                                             FFC_PARAM_TYPE_DSA, ret);
}

/*
 * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
 */
int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
{
    if (!dsa_precheck_params(dsa, ret))
        return 0;

    return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret)
           && *ret == 0;
}

/*
 * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation.
 * To only be used with ephemeral FFC public keys generated using the approved
 * safe-prime groups.
 */
int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
{
    if (!dsa_precheck_params(dsa, ret))
        return 0;

    return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret)
           && *ret == 0;
}

int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
{
    *ret = 0;

    if (!dsa_precheck_params(dsa, ret))
        return 0;

    return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret);
}

/*
 * FFC pairwise check from SP800-56A R3.
 *    Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
 */
int ossl_dsa_check_pairwise(const DSA *dsa)
{
    int ret = 0;
    BN_CTX *ctx = NULL;
    BIGNUM *pub_key = NULL;

    if (!dsa_precheck_params(dsa, &ret))
        return 0;

    if (dsa->params.g == NULL
        || dsa->priv_key == NULL
        || dsa->pub_key == NULL)
        return 0;

    ctx = BN_CTX_new_ex(dsa->libctx);
    if (ctx == NULL)
        goto err;
    pub_key = BN_new();
    if (pub_key == NULL)
        goto err;

    /* recalculate the public key = (g ^ priv) mod p */
    if (!ossl_dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
        goto err;
    /* check it matches the existing public_key */
    ret = BN_cmp(pub_key, dsa->pub_key) == 0;
err:
    BN_free(pub_key);
    BN_CTX_free(ctx);
    return ret;
}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		/*
11		* DSA low level APIs are deprecated for public use, but still ok for
12		* internal use.
13		*/
14		#include "internal/deprecated.h"
15
16		#include <stdio.h>
17		#include "internal/cryptlib.h"
18		#include <openssl/bn.h>
19		#include "dsa_local.h"
20		#include "crypto/dsa.h"
21
22		static int dsa_precheck_params(const DSA dsa, int ret)
23	8.03k	{
24	8.03k	if (dsa->params.p == NULL \|\| dsa->params.q == NULL) {
25	0	ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS);
26	0	*ret = FFC_CHECK_INVALID_PQ;
27	0	return 0;
28	0	}
29
30	8.03k	if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
31	812	ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE);
32	812	*ret = FFC_CHECK_INVALID_PQ;
33	812	return 0;
34	812	}
35
36	7.22k	if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) {
37	1.11k	ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE);
38	1.11k	*ret = FFC_CHECK_INVALID_PQ;
39	1.11k	return 0;
40	1.11k	}
41
42	6.10k	return 1;
43	7.22k	}
44
45		int ossl_dsa_check_params(const DSA dsa, int checktype, int ret)
46	2.40k	{
47	2.40k	if (!dsa_precheck_params(dsa, ret))
48	690	return 0;
49
50	1.71k	if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
51	0	return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params,
52	0	FFC_PARAM_TYPE_DSA, ret);
53	1.71k	else
54		/*
55		* Do full FFC domain params validation according to FIPS-186-4
56		* - always in FIPS_MODULE
57		* - only if possible (i.e., seed is set) in default provider
58		*/
59	1.71k	return ossl_ffc_params_full_validate(dsa->libctx, &dsa->params,
60	1.71k	FFC_PARAM_TYPE_DSA, ret);
61	1.71k	}
62
63		/*
64		* See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
65		*/
66		int ossl_dsa_check_pub_key(const DSA dsa, const BIGNUM pub_key, int *ret)
67	4.00k	{
68	4.00k	if (!dsa_precheck_params(dsa, ret))
69	969	return 0;
70
71	3.04k	return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret)
72	3.04k	&& *ret == 0;
73	4.00k	}
74
75		/*
76		* See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation.
77		* To only be used with ephemeral FFC public keys generated using the approved
78		* safe-prime groups.
79		*/
80		int ossl_dsa_check_pub_key_partial(const DSA dsa, const BIGNUM pub_key, int *ret)
81	0	{
82	0	if (!dsa_precheck_params(dsa, ret))
83	0	return 0;
84
85	0	return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret)
86	0	&& *ret == 0;
87	0	}
88
89		int ossl_dsa_check_priv_key(const DSA dsa, const BIGNUM priv_key, int *ret)
90	1.58k	{
91	1.58k	*ret = 0;
92
93	1.58k	if (!dsa_precheck_params(dsa, ret))
94	268	return 0;
95
96	1.31k	return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret);
97	1.58k	}
98
99		/*
100		* FFC pairwise check from SP800-56A R3.
101		* Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
102		*/
103		int ossl_dsa_check_pairwise(const DSA *dsa)
104	38	{
105	38	int ret = 0;
106	38	BN_CTX *ctx = NULL;
107	38	BIGNUM *pub_key = NULL;
108
109	38	if (!dsa_precheck_params(dsa, &ret))
110	0	return 0;
111
112	38	if (dsa->params.g == NULL
113	38	\|\| dsa->priv_key == NULL
114	38	\|\| dsa->pub_key == NULL)
115	0	return 0;
116
117	38	ctx = BN_CTX_new_ex(dsa->libctx);
118	38	if (ctx == NULL)
119	0	goto err;
120	38	pub_key = BN_new();
121	38	if (pub_key == NULL)
122	0	goto err;
123
124		/* recalculate the public key = (g ^ priv) mod p */
125	38	if (!ossl_dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
126	5	goto err;
127		/* check it matches the existing public_key */
128	33	ret = BN_cmp(pub_key, dsa->pub_key) == 0;
129	38	err:
130	38	BN_free(pub_key);
131	38	BN_CTX_free(ctx);
132	38	return ret;
133	33	}

Coverage Report

Created: 2025-08-28 07:07