Extend DH ASN1 method to support public key encode/decode and parameter
[openssl.git] / crypto / dh / dh_ameth.c
1 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
2  * project 2006.
3  */
4 /* ====================================================================
5  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer. 
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in
16  *    the documentation and/or other materials provided with the
17  *    distribution.
18  *
19  * 3. All advertising materials mentioning features or use of this
20  *    software must display the following acknowledgment:
21  *    "This product includes software developed by the OpenSSL Project
22  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23  *
24  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25  *    endorse or promote products derived from this software without
26  *    prior written permission. For written permission, please contact
27  *    licensing@OpenSSL.org.
28  *
29  * 5. Products derived from this software may not be called "OpenSSL"
30  *    nor may "OpenSSL" appear in their names without prior written
31  *    permission of the OpenSSL Project.
32  *
33  * 6. Redistributions of any form whatsoever must retain the following
34  *    acknowledgment:
35  *    "This product includes software developed by the OpenSSL Project
36  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37  *
38  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49  * OF THE POSSIBILITY OF SUCH DAMAGE.
50  * ====================================================================
51  *
52  * This product includes cryptographic software written by Eric Young
53  * (eay@cryptsoft.com).  This product includes software written by Tim
54  * Hudson (tjh@cryptsoft.com).
55  *
56  */
57
58 #include <stdio.h>
59 #include "cryptlib.h"
60 #include <openssl/x509.h>
61 #include <openssl/asn1.h>
62 #include <openssl/dh.h>
63 #include "asn1_locl.h"
64
65 static void int_dh_free(EVP_PKEY *pkey)
66         {
67         DH_free(pkey->pkey.dh);
68         }
69
70 static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
71         {
72         const unsigned char *p, *pm;
73         int pklen, pmlen;
74         int ptype;
75         void *pval;
76         ASN1_STRING *pstr;
77         X509_ALGOR *palg;
78         ASN1_INTEGER *public_key = NULL;
79
80         DH *dh = NULL;
81
82         if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
83                 return 0;
84         X509_ALGOR_get0(NULL, &ptype, &pval, palg);
85
86         if (ptype != V_ASN1_SEQUENCE)
87                 {
88                 DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
89                 goto err;
90                 }
91
92         pstr = pval;    
93         pm = pstr->data;
94         pmlen = pstr->length;
95
96         if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
97                 {
98                 DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
99                 goto err;
100                 }
101
102         if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
103                 {
104                 DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
105                 goto err;
106                 }
107
108         /* We have parameters now set public key */
109         if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
110                 {
111                 DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
112                 goto err;
113                 }
114
115         ASN1_INTEGER_free(public_key);
116         EVP_PKEY_assign_DH(pkey, dh);
117         return 1;
118
119         err:
120         if (pubkey)
121                 ASN1_INTEGER_free(public_key);
122         if (dh)
123                 DH_free(dh);
124         return 0;
125
126         }
127
128 static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
129         {
130         DH *dh;
131         void *pval = NULL;
132         int ptype;
133         unsigned char *penc = NULL;
134         int penclen;
135         ASN1_STRING *str;
136         ASN1_INTEGER *pub_key = NULL;
137
138         dh=pkey->pkey.dh;
139
140         str = ASN1_STRING_new();
141         str->length = i2d_DHparams(dh, &str->data);
142         if (str->length <= 0)
143                 {
144                 DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
145                 goto err;
146                 }
147         pval = str;
148         ptype = V_ASN1_SEQUENCE;
149
150         pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
151         if (!pub_key)
152                 goto err;
153
154         penclen = i2d_ASN1_INTEGER(pub_key, &penc);
155
156         ASN1_INTEGER_free(pub_key);
157
158         if (penclen <= 0)
159                 {
160                 DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
161                 goto err;
162                 }
163
164         if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
165                                 ptype, pval, penc, penclen))
166                 return 1;
167
168         err:
169         if (penc)
170                 OPENSSL_free(penc);
171         if (pval)
172                 ASN1_STRING_free(pval);
173
174         return 0;
175         }
176
177 static void update_buflen(const BIGNUM *b, size_t *pbuflen)
178         {
179         int i;
180         if (!b)
181                 return;
182         if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
183                         *pbuflen = i;
184         }
185
186 static int dh_param_decode(EVP_PKEY *pkey,
187                                         const unsigned char **pder, int derlen)
188         {
189         DH *dh;
190         if (!(dh = d2i_DHparams(NULL, pder, derlen)))
191                 {
192                 DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
193                 return 0;
194                 }
195         EVP_PKEY_assign_DH(pkey, dh);
196         return 1;
197         }
198
199 static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
200         {
201         return i2d_DHparams(pkey->pkey.dh, pder);
202         }
203
204 static int do_dh_print(BIO *bp, const DH *x, int indent,
205                                                 ASN1_PCTX *ctx, int ptype)
206         {
207         unsigned char *m=NULL;
208         int reason=ERR_R_BUF_LIB,ret=0;
209         size_t buf_len=0;
210
211         const char *ktype = NULL;
212
213         BIGNUM *priv_key, *pub_key;
214
215         if (ptype == 2)
216                 priv_key = x->priv_key;
217         else
218                 priv_key = NULL;
219
220         if (ptype > 0)
221                 pub_key = x->pub_key;
222         else
223                 pub_key = NULL;
224
225         update_buflen(x->p, &buf_len);
226
227         if (buf_len == 0)
228                 {
229                 reason = ERR_R_PASSED_NULL_PARAMETER;
230                 goto err;
231                 }
232
233         update_buflen(x->g, &buf_len);
234         update_buflen(pub_key, &buf_len);
235         update_buflen(priv_key, &buf_len);
236
237         if (ptype == 2)
238                 ktype = "PKCS#3 DH Private-Key";
239         else if (ptype == 1)
240                 ktype = "PKCS#3 DH Public-Key";
241         else
242                 ktype = "PKCS#3 DH Parameters";
243
244         m= OPENSSL_malloc(buf_len+10);
245         if (m == NULL)
246                 {
247                 reason=ERR_R_MALLOC_FAILURE;
248                 goto err;
249                 }
250
251         BIO_indent(bp, indent, 128);
252         if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
253                 goto err;
254         indent += 4;
255
256         if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
257         if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;
258
259         if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
260         if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
261         if (x->length != 0)
262                 {
263                 BIO_indent(bp, indent, 128);
264                 if (BIO_printf(bp,"recommended-private-length: %d bits\n",
265                         (int)x->length) <= 0) goto err;
266                 }
267
268
269         ret=1;
270         if (0)
271                 {
272 err:
273                 DHerr(DH_F_DHPARAMS_PRINT,reason);
274                 }
275         if (m != NULL) OPENSSL_free(m);
276         return(ret);
277         }
278
279 static int int_dh_size(const EVP_PKEY *pkey)
280         {
281         return(DH_size(pkey->pkey.dh));
282         }
283
284 static int dh_bits(const EVP_PKEY *pkey)
285         {
286         return BN_num_bits(pkey->pkey.dh->p);
287         }
288
289 static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
290         {
291         BIGNUM *a;
292
293         if ((a=BN_dup(from->pkey.dh->p)) == NULL)
294                 return 0;
295         if (to->pkey.dsa->p != NULL)
296                 BN_free(to->pkey.dh->p);
297         to->pkey.dsa->p=a;
298
299         if ((a=BN_dup(from->pkey.dh->g)) == NULL)
300                 return 0;
301         if (to->pkey.dsa->g != NULL)
302                 BN_free(to->pkey.dh->g);
303         to->pkey.dh->g=a;
304
305         return 1;
306         }
307
308 static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
309         {
310         if (    BN_cmp(a->pkey.dh->p,b->pkey.dsa->p) ||
311                 BN_cmp(a->pkey.dh->g,b->pkey.dsa->g))
312                 return 0;
313         else
314                 return 1;
315         }
316
317 static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
318         {
319         if (dh_cmp_parameters(a, b) == 0)
320                 return 0;
321         if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
322                 return 0;
323         else
324                 return 1;
325         }
326
327 static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
328                                                         ASN1_PCTX *ctx)
329         {
330         return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
331         }
332
333 static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
334                                                         ASN1_PCTX *ctx)
335         {
336         return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
337         }
338
339 static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
340                                                         ASN1_PCTX *ctx)
341         {
342         return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
343         }
344
345 int DHparams_print(BIO *bp, const DH *x)
346         {
347         return do_dh_print(bp, x, 4, NULL, 0);
348         }
349
350 const EVP_PKEY_ASN1_METHOD dh_asn1_meth = 
351         {
352         EVP_PKEY_DH,
353         EVP_PKEY_DH,
354         0,
355
356         "DH",
357         "OpenSSL PKCS#3 DH method",
358
359         dh_pub_decode,
360         dh_pub_encode,
361         dh_pub_cmp,
362         dh_public_print,
363
364         0,
365         0,
366         dh_private_print,
367
368         int_dh_size,
369         dh_bits,
370
371         dh_param_decode,
372         dh_param_encode,
373         0,
374         dh_copy_parameters,
375         dh_cmp_parameters,
376         dh_param_print,
377
378         int_dh_free,
379         0
380         };
381