/src/openssl/crypto/dsa/dsa_lib.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | /* |
11 | | * DSA low level APIs are deprecated for public use, but still ok for |
12 | | * internal use. |
13 | | */ |
14 | | #include "internal/deprecated.h" |
15 | | |
16 | | #include <openssl/bn.h> |
17 | | #include "internal/cryptlib.h" |
18 | | #include "internal/refcount.h" |
19 | | #include "internal/common.h" |
20 | | #include "crypto/dsa.h" |
21 | | #include "crypto/dh.h" /* required by DSA_dup_DH() */ |
22 | | #include "dsa_local.h" |
23 | | |
24 | | static DSA *dsa_new_intern(OSSL_LIB_CTX *libctx); |
25 | | |
26 | | #ifndef FIPS_MODULE |
27 | | |
28 | | int DSA_set_ex_data(DSA *d, int idx, void *arg) |
29 | 0 | { |
30 | 0 | return CRYPTO_set_ex_data(&d->ex_data, idx, arg); |
31 | 0 | } |
32 | | |
33 | | void *DSA_get_ex_data(const DSA *d, int idx) |
34 | 0 | { |
35 | 0 | return CRYPTO_get_ex_data(&d->ex_data, idx); |
36 | 0 | } |
37 | | |
38 | | # ifndef OPENSSL_NO_DH |
39 | | DH *DSA_dup_DH(const DSA *r) |
40 | 0 | { |
41 | | /* |
42 | | * DSA has p, q, g, optional pub_key, optional priv_key. |
43 | | * DH has p, optional length, g, optional pub_key, |
44 | | * optional priv_key, optional q. |
45 | | */ |
46 | 0 | DH *ret = NULL; |
47 | 0 | BIGNUM *pub_key = NULL, *priv_key = NULL; |
48 | |
|
49 | 0 | if (r == NULL) |
50 | 0 | goto err; |
51 | 0 | ret = DH_new(); |
52 | 0 | if (ret == NULL) |
53 | 0 | goto err; |
54 | | |
55 | 0 | if (!ossl_ffc_params_copy(ossl_dh_get0_params(ret), &r->params)) |
56 | 0 | goto err; |
57 | | |
58 | 0 | if (r->pub_key != NULL) { |
59 | 0 | pub_key = BN_dup(r->pub_key); |
60 | 0 | if (pub_key == NULL) |
61 | 0 | goto err; |
62 | 0 | if (r->priv_key != NULL) { |
63 | 0 | priv_key = BN_dup(r->priv_key); |
64 | 0 | if (priv_key == NULL) |
65 | 0 | goto err; |
66 | 0 | } |
67 | 0 | if (!DH_set0_key(ret, pub_key, priv_key)) |
68 | 0 | goto err; |
69 | 0 | } else if (r->priv_key != NULL) { |
70 | | /* Shouldn't happen */ |
71 | 0 | goto err; |
72 | 0 | } |
73 | | |
74 | 0 | return ret; |
75 | | |
76 | 0 | err: |
77 | 0 | BN_free(pub_key); |
78 | 0 | BN_free(priv_key); |
79 | 0 | DH_free(ret); |
80 | 0 | return NULL; |
81 | 0 | } |
82 | | # endif /* OPENSSL_NO_DH */ |
83 | | |
84 | | void DSA_clear_flags(DSA *d, int flags) |
85 | 0 | { |
86 | 0 | d->flags &= ~flags; |
87 | 0 | } |
88 | | |
89 | | int DSA_test_flags(const DSA *d, int flags) |
90 | 0 | { |
91 | 0 | return d->flags & flags; |
92 | 0 | } |
93 | | |
94 | | void DSA_set_flags(DSA *d, int flags) |
95 | 0 | { |
96 | 0 | d->flags |= flags; |
97 | 0 | } |
98 | | |
99 | | int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) |
100 | 0 | { |
101 | | /* |
102 | | * NB: The caller is specifically setting a method, so it's not up to us |
103 | | * to deal with which ENGINE it comes from. |
104 | | */ |
105 | 0 | const DSA_METHOD *mtmp; |
106 | 0 | mtmp = dsa->meth; |
107 | 0 | if (mtmp->finish) |
108 | 0 | mtmp->finish(dsa); |
109 | 0 | dsa->meth = meth; |
110 | 0 | if (meth->init) |
111 | 0 | meth->init(dsa); |
112 | 0 | return 1; |
113 | 0 | } |
114 | | #endif /* FIPS_MODULE */ |
115 | | |
116 | | |
117 | | const DSA_METHOD *DSA_get_method(DSA *d) |
118 | 0 | { |
119 | 0 | return d->meth; |
120 | 0 | } |
121 | | |
122 | | static DSA *dsa_new_intern(OSSL_LIB_CTX *libctx) |
123 | 0 | { |
124 | 0 | DSA *ret = OPENSSL_zalloc(sizeof(*ret)); |
125 | |
|
126 | 0 | if (ret == NULL) |
127 | 0 | return NULL; |
128 | | |
129 | 0 | ret->lock = CRYPTO_THREAD_lock_new(); |
130 | 0 | if (ret->lock == NULL) { |
131 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_CRYPTO_LIB); |
132 | 0 | OPENSSL_free(ret); |
133 | 0 | return NULL; |
134 | 0 | } |
135 | | |
136 | 0 | if (!CRYPTO_NEW_REF(&ret->references, 1)) { |
137 | 0 | CRYPTO_THREAD_lock_free(ret->lock); |
138 | 0 | OPENSSL_free(ret); |
139 | 0 | return NULL; |
140 | 0 | } |
141 | | |
142 | 0 | ret->libctx = libctx; |
143 | 0 | ret->meth = DSA_get_default_method(); |
144 | |
|
145 | 0 | ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW; |
146 | |
|
147 | 0 | #ifndef FIPS_MODULE |
148 | 0 | if (!ossl_crypto_new_ex_data_ex(libctx, CRYPTO_EX_INDEX_DSA, ret, |
149 | 0 | &ret->ex_data)) |
150 | 0 | goto err; |
151 | 0 | #endif |
152 | | |
153 | 0 | ossl_ffc_params_init(&ret->params); |
154 | |
|
155 | 0 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { |
156 | 0 | ERR_raise(ERR_LIB_DSA, ERR_R_INIT_FAIL); |
157 | 0 | goto err; |
158 | 0 | } |
159 | | |
160 | 0 | return ret; |
161 | | |
162 | 0 | err: |
163 | 0 | DSA_free(ret); |
164 | 0 | return NULL; |
165 | 0 | } |
166 | | |
167 | | DSA *DSA_new_method(ENGINE *engine) |
168 | 0 | { |
169 | 0 | if (!ossl_assert(engine == NULL)) |
170 | 0 | return NULL; |
171 | 0 | return dsa_new_intern(NULL); |
172 | 0 | } |
173 | | |
174 | | DSA *ossl_dsa_new(OSSL_LIB_CTX *libctx) |
175 | 0 | { |
176 | 0 | return dsa_new_intern(libctx); |
177 | 0 | } |
178 | | |
179 | | #ifndef FIPS_MODULE |
180 | | DSA *DSA_new(void) |
181 | 0 | { |
182 | 0 | return dsa_new_intern(NULL); |
183 | 0 | } |
184 | | #endif |
185 | | |
186 | | void DSA_free(DSA *r) |
187 | 0 | { |
188 | 0 | int i; |
189 | |
|
190 | 0 | if (r == NULL) |
191 | 0 | return; |
192 | | |
193 | 0 | CRYPTO_DOWN_REF(&r->references, &i); |
194 | 0 | REF_PRINT_COUNT("DSA", i, r); |
195 | 0 | if (i > 0) |
196 | 0 | return; |
197 | 0 | REF_ASSERT_ISNT(i < 0); |
198 | |
|
199 | 0 | if (r->meth != NULL && r->meth->finish != NULL) |
200 | 0 | r->meth->finish(r); |
201 | |
|
202 | 0 | #ifndef FIPS_MODULE |
203 | 0 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); |
204 | 0 | #endif |
205 | |
|
206 | 0 | CRYPTO_THREAD_lock_free(r->lock); |
207 | 0 | CRYPTO_FREE_REF(&r->references); |
208 | |
|
209 | 0 | ossl_ffc_params_cleanup(&r->params); |
210 | 0 | BN_clear_free(r->pub_key); |
211 | 0 | BN_clear_free(r->priv_key); |
212 | 0 | OPENSSL_free(r); |
213 | 0 | } |
214 | | |
215 | | int DSA_up_ref(DSA *r) |
216 | 0 | { |
217 | 0 | int i; |
218 | |
|
219 | 0 | if (CRYPTO_UP_REF(&r->references, &i) <= 0) |
220 | 0 | return 0; |
221 | | |
222 | 0 | REF_PRINT_COUNT("DSA", i, r); |
223 | 0 | REF_ASSERT_ISNT(i < 2); |
224 | 0 | return ((i > 1) ? 1 : 0); |
225 | 0 | } |
226 | | |
227 | | void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx) |
228 | 0 | { |
229 | 0 | d->libctx = libctx; |
230 | 0 | } |
231 | | |
232 | | void DSA_get0_pqg(const DSA *d, |
233 | | const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) |
234 | 0 | { |
235 | 0 | ossl_ffc_params_get0_pqg(&d->params, p, q, g); |
236 | 0 | } |
237 | | |
238 | | int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) |
239 | 0 | { |
240 | | /* If the fields p, q and g in d are NULL, the corresponding input |
241 | | * parameters MUST be non-NULL. |
242 | | */ |
243 | 0 | if ((d->params.p == NULL && p == NULL) |
244 | 0 | || (d->params.q == NULL && q == NULL) |
245 | 0 | || (d->params.g == NULL && g == NULL)) |
246 | 0 | return 0; |
247 | | |
248 | 0 | ossl_ffc_params_set0_pqg(&d->params, p, q, g); |
249 | 0 | d->dirty_cnt++; |
250 | |
|
251 | 0 | return 1; |
252 | 0 | } |
253 | | |
254 | | const BIGNUM *DSA_get0_p(const DSA *d) |
255 | 0 | { |
256 | 0 | return d->params.p; |
257 | 0 | } |
258 | | |
259 | | const BIGNUM *DSA_get0_q(const DSA *d) |
260 | 0 | { |
261 | 0 | return d->params.q; |
262 | 0 | } |
263 | | |
264 | | const BIGNUM *DSA_get0_g(const DSA *d) |
265 | 0 | { |
266 | 0 | return d->params.g; |
267 | 0 | } |
268 | | |
269 | | const BIGNUM *DSA_get0_pub_key(const DSA *d) |
270 | 0 | { |
271 | 0 | return d->pub_key; |
272 | 0 | } |
273 | | |
274 | | const BIGNUM *DSA_get0_priv_key(const DSA *d) |
275 | 0 | { |
276 | 0 | return d->priv_key; |
277 | 0 | } |
278 | | |
279 | | void DSA_get0_key(const DSA *d, |
280 | | const BIGNUM **pub_key, const BIGNUM **priv_key) |
281 | 0 | { |
282 | 0 | if (pub_key != NULL) |
283 | 0 | *pub_key = d->pub_key; |
284 | 0 | if (priv_key != NULL) |
285 | 0 | *priv_key = d->priv_key; |
286 | 0 | } |
287 | | |
288 | | int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) |
289 | 0 | { |
290 | 0 | if (pub_key != NULL) { |
291 | 0 | BN_free(d->pub_key); |
292 | 0 | d->pub_key = pub_key; |
293 | 0 | } |
294 | 0 | if (priv_key != NULL) { |
295 | 0 | BN_free(d->priv_key); |
296 | 0 | d->priv_key = priv_key; |
297 | 0 | } |
298 | 0 | d->dirty_cnt++; |
299 | |
|
300 | 0 | return 1; |
301 | 0 | } |
302 | | |
303 | | int DSA_security_bits(const DSA *d) |
304 | 0 | { |
305 | 0 | if (d->params.p != NULL && d->params.q != NULL) |
306 | 0 | return BN_security_bits(BN_num_bits(d->params.p), |
307 | 0 | BN_num_bits(d->params.q)); |
308 | 0 | return -1; |
309 | 0 | } |
310 | | |
311 | | int DSA_bits(const DSA *dsa) |
312 | 0 | { |
313 | 0 | if (dsa->params.p != NULL) |
314 | 0 | return BN_num_bits(dsa->params.p); |
315 | 0 | return -1; |
316 | 0 | } |
317 | | |
318 | | FFC_PARAMS *ossl_dsa_get0_params(DSA *dsa) |
319 | 0 | { |
320 | 0 | return &dsa->params; |
321 | 0 | } |
322 | | |
323 | | int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]) |
324 | 0 | { |
325 | 0 | int ret; |
326 | 0 | FFC_PARAMS *ffc = ossl_dsa_get0_params(dsa); |
327 | |
|
328 | 0 | ret = ossl_ffc_params_fromdata(ffc, params); |
329 | 0 | if (ret) |
330 | 0 | dsa->dirty_cnt++; |
331 | 0 | return ret; |
332 | 0 | } |