2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DH low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
16 #include <openssl/core_numbers.h>
17 #include <openssl/core_names.h>
18 #include <openssl/bn.h>
19 #include <openssl/dh.h>
20 #include <openssl/params.h>
21 #include "prov/implementations.h"
22 #include "prov/providercommon.h"
23 #include "prov/provider_ctx.h"
24 #include "crypto/dh.h"
25 #include "internal/param_build.h"
27 static OSSL_OP_keymgmt_new_fn dh_newdata;
28 static OSSL_OP_keymgmt_free_fn dh_freedata;
29 static OSSL_OP_keymgmt_get_params_fn dh_get_params;
30 static OSSL_OP_keymgmt_gettable_params_fn dh_gettable_params;
31 static OSSL_OP_keymgmt_has_fn dh_has;
32 static OSSL_OP_keymgmt_match_fn dh_match;
33 static OSSL_OP_keymgmt_validate_fn dh_validate;
34 static OSSL_OP_keymgmt_import_fn dh_import;
35 static OSSL_OP_keymgmt_import_types_fn dh_import_types;
36 static OSSL_OP_keymgmt_export_fn dh_export;
37 static OSSL_OP_keymgmt_export_types_fn dh_export_types;
39 #define DH_POSSIBLE_SELECTIONS \
40 (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS)
42 static int params_to_domparams(DH *dh, const OSSL_PARAM params[])
44 const OSSL_PARAM *param_p, *param_g;
45 BIGNUM *p = NULL, *g = NULL;
50 param_p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_P);
51 param_g = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_G);
53 if ((param_p != NULL && !OSSL_PARAM_get_BN(param_p, &p))
54 || (param_g != NULL && !OSSL_PARAM_get_BN(param_g, &g)))
57 if (!DH_set0_pqg(dh, p, NULL, g))
68 static int domparams_to_params(DH *dh, OSSL_PARAM_BLD *tmpl)
70 const BIGNUM *dh_p = NULL, *dh_g = NULL;
75 DH_get0_pqg(dh, &dh_p, NULL, &dh_g);
77 && !ossl_param_bld_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, dh_p))
80 && !ossl_param_bld_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, dh_g))
86 static int params_to_key(DH *dh, const OSSL_PARAM params[])
88 const OSSL_PARAM *param_priv_key, *param_pub_key;
89 BIGNUM *priv_key = NULL, *pub_key = NULL;
94 if (!params_to_domparams(dh, params))
98 OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
100 OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
103 * DH documentation says that a public key must be present if a
104 * private key is present.
105 * We want to have at least a public key either way, so we end up
106 * requiring it unconditionally.
108 if (param_pub_key == NULL)
111 if ((param_priv_key != NULL
112 && !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
113 || !OSSL_PARAM_get_BN(param_pub_key, &pub_key))
116 if (!DH_set0_key(dh, pub_key, priv_key))
122 BN_clear_free(priv_key);
127 static int key_to_params(DH *dh, OSSL_PARAM_BLD *tmpl)
129 const BIGNUM *priv_key = NULL, *pub_key = NULL;
133 if (!domparams_to_params(dh, tmpl))
136 DH_get0_key(dh, &pub_key, &priv_key);
138 && !ossl_param_bld_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY, priv_key))
141 && !ossl_param_bld_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key))
147 static void *dh_newdata(void *provctx)
149 return dh_new_with_ctx(PROV_LIBRARY_CONTEXT_OF(provctx));
152 static void dh_freedata(void *keydata)
157 static int dh_has(void *keydata, int selection)
163 if ((selection & DH_POSSIBLE_SELECTIONS) != 0)
166 if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
167 ok = ok && (DH_get0_pub_key(dh) != NULL);
168 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
169 ok = ok && (DH_get0_priv_key(dh) != NULL);
170 if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
171 ok = ok && (DH_get0_p(dh) != NULL && DH_get0_g(dh) != NULL);
176 static int dh_match(const void *keydata1, const void *keydata2, int selection)
178 const DH *dh1 = keydata1;
179 const DH *dh2 = keydata2;
182 if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
183 ok = ok && BN_cmp(DH_get0_pub_key(dh1), DH_get0_pub_key(dh2)) == 0;
184 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
185 ok = ok && BN_cmp(DH_get0_priv_key(dh1), DH_get0_priv_key(dh2)) == 0;
186 if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
187 FFC_PARAMS *dhparams1 = dh_get0_params((DH *)dh1);
188 FFC_PARAMS *dhparams2 = dh_get0_params((DH *)dh2);
190 ok = ok && ffc_params_cmp(dhparams1, dhparams2, 1);
195 static int dh_import(void *keydata, int selection, const OSSL_PARAM params[])
203 if ((selection & DH_POSSIBLE_SELECTIONS) != 0)
206 if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
207 ok = ok && params_to_domparams(dh, params);
208 if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
209 ok = ok && params_to_key(dh, params);
214 static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
219 OSSL_PARAM *params = NULL;
225 ossl_param_bld_init(&tmpl);
227 if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
228 ok = ok && domparams_to_params(dh, &tmpl);
229 if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
230 ok = ok && key_to_params(dh, &tmpl);
233 || (params = ossl_param_bld_to_param(&tmpl)) == NULL)
236 ok = param_cb(params, cbarg);
237 ossl_param_bld_free(params);
241 /* IMEXPORT = IMPORT + EXPORT */
243 # define DH_IMEXPORTABLE_PARAMETERS \
244 OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_P, NULL, 0), \
245 OSSL_PARAM_BN(OSSL_PKEY_PARAM_FFC_G, NULL, 0)
246 # define DH_IMEXPORTABLE_PUBLIC_KEY \
247 OSSL_PARAM_BN(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0)
248 # define DH_IMEXPORTABLE_PRIVATE_KEY \
249 OSSL_PARAM_BN(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0)
250 static const OSSL_PARAM dh_all_types[] = {
251 DH_IMEXPORTABLE_PARAMETERS,
252 DH_IMEXPORTABLE_PUBLIC_KEY,
253 DH_IMEXPORTABLE_PRIVATE_KEY,
256 static const OSSL_PARAM dh_parameter_types[] = {
257 DH_IMEXPORTABLE_PARAMETERS,
260 static const OSSL_PARAM dh_key_types[] = {
261 DH_IMEXPORTABLE_PUBLIC_KEY,
262 DH_IMEXPORTABLE_PRIVATE_KEY,
265 static const OSSL_PARAM *dh_types[] = {
266 NULL, /* Index 0 = none of them */
267 dh_parameter_types, /* Index 1 = parameter types */
268 dh_key_types, /* Index 2 = key types */
269 dh_all_types /* Index 3 = 1 + 2 */
272 static const OSSL_PARAM *dh_imexport_types(int selection)
276 if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
278 if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
280 return dh_types[type_select];
283 static const OSSL_PARAM *dh_import_types(int selection)
285 return dh_imexport_types(selection);
288 static const OSSL_PARAM *dh_export_types(int selection)
290 return dh_imexport_types(selection);
293 static ossl_inline int dh_get_params(void *key, OSSL_PARAM params[])
298 if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_BITS)) != NULL
299 && !OSSL_PARAM_set_int(p, DH_bits(dh)))
301 if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL
302 && !OSSL_PARAM_set_int(p, DH_security_bits(dh)))
304 if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
305 && !OSSL_PARAM_set_int(p, DH_size(dh)))
310 static const OSSL_PARAM dh_params[] = {
311 OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
312 OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
313 OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
317 static const OSSL_PARAM *dh_gettable_params(void)
322 static int dh_validate_public(DH *dh)
324 const BIGNUM *pub_key = NULL;
326 DH_get0_key(dh, &pub_key, NULL);
327 return DH_check_pub_key_ex(dh, pub_key);
330 static int dh_validate_private(DH *dh)
333 const BIGNUM *priv_key = NULL;
335 DH_get0_key(dh, NULL, &priv_key);
336 return dh_check_priv_key(dh, priv_key, &status);;
339 static int dh_validate(void *keydata, int selection)
344 if ((selection & DH_POSSIBLE_SELECTIONS) != 0)
347 if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0)
348 ok = ok && DH_check_params_ex(dh);
350 if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
351 ok = ok && dh_validate_public(dh);
353 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
354 ok = ok && dh_validate_private(dh);
356 if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR)
357 == OSSL_KEYMGMT_SELECT_KEYPAIR)
358 ok = ok && dh_check_pairwise(dh);
362 const OSSL_DISPATCH dh_keymgmt_functions[] = {
363 { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))dh_newdata },
364 { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))dh_freedata },
365 { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))dh_get_params },
366 { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))dh_gettable_params },
367 { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))dh_has },
368 { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))dh_match },
369 { OSSL_FUNC_KEYMGMT_VALIDATE, (void (*)(void))dh_validate },
370 { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))dh_import },
371 { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))dh_import_types },
372 { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))dh_export },
373 { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))dh_export_types },