2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/crypto.h>
11 #include <openssl/core_numbers.h>
12 #include <openssl/core_names.h>
13 #include <openssl/dh.h>
14 #include <openssl/params.h>
15 #include "internal/provider_algs.h"
17 static OSSL_OP_keyexch_newctx_fn dh_newctx;
18 static OSSL_OP_keyexch_init_fn dh_init;
19 static OSSL_OP_keyexch_set_peer_fn dh_set_peer;
20 static OSSL_OP_keyexch_derive_fn dh_derive;
21 static OSSL_OP_keyexch_freectx_fn dh_freectx;
22 static OSSL_OP_keyexch_dupctx_fn dh_dupctx;
30 static void *dh_newctx(void *provctx)
32 return OPENSSL_zalloc(sizeof(PROV_DH_CTX));
35 static DH *param_to_dh(OSSL_PARAM params[], int priv)
39 BIGNUM *p = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL;
44 paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_P);
46 || !OSSL_PARAM_get_BN(paramptr, &p))
49 paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_G);
50 if (paramptr == NULL || !OSSL_PARAM_get_BN(paramptr, &g))
53 if (!DH_set0_pqg(dh, p, NULL, g))
57 paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_PUB_KEY);
58 if (paramptr == NULL || !OSSL_PARAM_get_BN(paramptr, &pub_key))
61 /* Private key is optional */
63 paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_PRIV_KEY);
65 || (priv_key = BN_secure_new()) == NULL
66 || !OSSL_PARAM_get_BN(paramptr, &priv_key))
70 if (!DH_set0_key(dh, pub_key, priv_key))
84 static int dh_init(void *vpdhctx, OSSL_PARAM params[])
86 PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
89 pdhctx->dh = param_to_dh(params, 1);
91 return pdhctx->dh != NULL;
94 static int dh_set_peer(void *vpdhctx, OSSL_PARAM params[])
96 PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
98 DH_free(pdhctx->dhpeer);
99 pdhctx->dhpeer = param_to_dh(params, 0);
101 return pdhctx->dhpeer != NULL;
104 static int dh_derive(void *vpdhctx, unsigned char *key, size_t *keylen,
107 PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
110 const BIGNUM *pub_key = NULL;
112 /* TODO(3.0): Add errors to stack */
113 if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL)
116 dhsize = (size_t)DH_size(pdhctx->dh);
124 DH_get0_key(pdhctx->dhpeer, &pub_key, NULL);
125 ret = DH_compute_key(key, pub_key, pdhctx->dh);
133 static void dh_freectx(void *vpdhctx)
135 PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
138 DH_free(pdhctx->dhpeer);
140 OPENSSL_free(pdhctx);
143 static void *dh_dupctx(void *vpdhctx)
145 PROV_DH_CTX *srcctx = (PROV_DH_CTX *)vpdhctx;
148 dstctx = OPENSSL_zalloc(sizeof(*srcctx));
151 if (dstctx->dh != NULL && !DH_up_ref(dstctx->dh)) {
152 OPENSSL_free(dstctx);
156 if (dstctx->dhpeer != NULL && !DH_up_ref(dstctx->dhpeer)) {
158 OPENSSL_free(dstctx);
165 const OSSL_DISPATCH dh_functions[] = {
166 { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))dh_newctx },
167 { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))dh_init },
168 { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))dh_derive },
169 { OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))dh_set_peer },
170 { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))dh_freectx },
171 { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))dh_dupctx },