2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DSA low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
17 #include "internal/cryptlib.h"
18 #include <openssl/bn.h>
19 #include "dsa_local.h"
20 #include "crypto/dsa.h"
22 static int dsa_precheck_params(const DSA *dsa, int *ret)
24 if (dsa->params.p == NULL || dsa->params.q == NULL) {
25 ERR_raise(ERR_LIB_DSA, DSA_R_BAD_FFC_PARAMETERS);
26 *ret = FFC_CHECK_INVALID_PQ;
30 if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
31 ERR_raise(ERR_LIB_DSA, DSA_R_MODULUS_TOO_LARGE);
32 *ret = FFC_CHECK_INVALID_PQ;
36 if (BN_num_bits(dsa->params.q) >= BN_num_bits(dsa->params.p)) {
37 ERR_raise(ERR_LIB_DSA, DSA_R_BAD_Q_VALUE);
38 *ret = FFC_CHECK_INVALID_PQ;
45 int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
47 if (!dsa_precheck_params(dsa, ret))
50 if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
51 return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params,
52 FFC_PARAM_TYPE_DSA, ret);
55 * Do full FFC domain params validation according to FIPS-186-4
56 * - always in FIPS_MODULE
57 * - only if possible (i.e., seed is set) in default provider
59 return ossl_ffc_params_full_validate(dsa->libctx, &dsa->params,
60 FFC_PARAM_TYPE_DSA, ret);
64 * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
66 int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
68 if (!dsa_precheck_params(dsa, ret))
71 return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret)
76 * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation.
77 * To only be used with ephemeral FFC public keys generated using the approved
80 int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
82 if (!dsa_precheck_params(dsa, ret))
85 return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret)
89 int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
93 if (!dsa_precheck_params(dsa, ret))
96 return ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret);
100 * FFC pairwise check from SP800-56A R3.
101 * Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
103 int ossl_dsa_check_pairwise(const DSA *dsa)
107 BIGNUM *pub_key = NULL;
109 if (!dsa_precheck_params(dsa, &ret))
112 if (dsa->params.g == NULL
113 || dsa->priv_key == NULL
114 || dsa->pub_key == NULL)
117 ctx = BN_CTX_new_ex(dsa->libctx);
124 /* recalculate the public key = (g ^ priv) mod p */
125 if (!ossl_dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
127 /* check it matches the existing public_key */
128 ret = BN_cmp(pub_key, dsa->pub_key) == 0;