X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fdh%2Fdh_asn1.c;h=5fa91a8ec7dcd048a6ffaf9a4c794a8e96766332;hp=71379d73bb2c8877ba171d189c825d4c302dcb90;hb=HEAD;hpb=8b84b075ff065554c0cdd1086950f1a8614d93a4

diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
index 71379d73bb..5fa91a8ec7 100644
--- a/crypto/dh/dh_asn1.c
+++ b/crypto/dh/dh_asn1.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,12 +7,19 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * DH low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/bn.h>
-#include "dh_locl.h"
+#include "dh_local.h"
 #include <openssl/objects.h>
 #include <openssl/asn1t.h>
+#include "crypto/dh.h"
 
 /* Override the default free and new methods */
 static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
@@ -28,14 +35,19 @@ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         *pval = NULL;
         return 2;
     } else if (operation == ASN1_OP_D2I_POST) {
-        ((DH *)*pval)->dirty_cnt++;
+        DH *dh = (DH *)*pval;
+
+        DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+        DH_set_flags(dh, DH_FLAG_TYPE_DH);
+        ossl_dh_cache_named_group(dh);
+        dh->dirty_cnt++;
     }
     return 1;
 }
 
 ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
-        ASN1_SIMPLE(DH, p, BIGNUM),
-        ASN1_SIMPLE(DH, g, BIGNUM),
+        ASN1_SIMPLE(DH, params.p, BIGNUM),
+        ASN1_SIMPLE(DH, params.g, BIGNUM),
         ASN1_OPT_EMBED(DH, length, ZINT32),
 } ASN1_SEQUENCE_END_cb(DH, DHparams)
 
@@ -78,12 +90,12 @@ int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
 
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx)
 
-/* Application public function: read in X9.42 DH parameters into DH structure */
-
 DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
 {
+    FFC_PARAMS *params;
     int_dhx942_dh *dhx = NULL;
     DH *dh = NULL;
+
     dh = DH_new();
     if (dh == NULL)
         return NULL;
@@ -93,48 +105,63 @@ DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
         return NULL;
     }
 
-    if (a) {
+    if (a != NULL) {
         DH_free(*a);
         *a = dh;
     }
 
-    dh->p = dhx->p;
-    dh->q = dhx->q;
-    dh->g = dhx->g;
-    dh->j = dhx->j;
+    params = &dh->params;
+    DH_set0_pqg(dh, dhx->p, dhx->q, dhx->g);
+    ossl_ffc_params_set0_j(params, dhx->j);
 
-    if (dhx->vparams) {
-        dh->seed = dhx->vparams->seed->data;
-        dh->seedlen = dhx->vparams->seed->length;
-        dh->counter = dhx->vparams->counter;
-        dhx->vparams->seed->data = NULL;
+    if (dhx->vparams != NULL) {
+        /* The counter has a maximum value of 4 * numbits(p) - 1 */
+        size_t counter = (size_t)BN_get_word(dhx->vparams->counter);
+        ossl_ffc_params_set_validate_params(params, dhx->vparams->seed->data,
+                                            dhx->vparams->seed->length,
+                                            counter);
         ASN1_BIT_STRING_free(dhx->vparams->seed);
+        BN_free(dhx->vparams->counter);
         OPENSSL_free(dhx->vparams);
         dhx->vparams = NULL;
     }
 
     OPENSSL_free(dhx);
+    DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
+    DH_set_flags(dh, DH_FLAG_TYPE_DHX);
     return dh;
 }
 
 int i2d_DHxparams(const DH *dh, unsigned char **pp)
 {
+    int ret = 0;
     int_dhx942_dh dhx;
-    int_dhvparams dhv;
-    ASN1_BIT_STRING bs;
-    dhx.p = dh->p;
-    dhx.g = dh->g;
-    dhx.q = dh->q;
-    dhx.j = dh->j;
-    if (dh->counter && dh->seed && dh->seedlen > 0) {
-        bs.flags = ASN1_STRING_FLAG_BITS_LEFT;
-        bs.data = dh->seed;
-        bs.length = dh->seedlen;
-        dhv.seed = &bs;
-        dhv.counter = dh->counter;
+    int_dhvparams dhv = { NULL, NULL };
+    ASN1_BIT_STRING seed;
+    size_t seedlen = 0;
+    const FFC_PARAMS *params = &dh->params;
+    int counter;
+
+    ossl_ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p,
+                             (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g);
+    dhx.j = params->j;
+    ossl_ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter);
+    seed.length = (int)seedlen;
+
+    if (counter != -1 && seed.data != NULL && seed.length > 0) {
+        seed.flags = ASN1_STRING_FLAG_BITS_LEFT;
+        dhv.seed = &seed;
+        dhv.counter = BN_new();
+        if (dhv.counter == NULL)
+            return 0;
+        if (!BN_set_word(dhv.counter, (BN_ULONG)counter))
+            goto err;
         dhx.vparams = &dhv;
-    } else
+    } else {
         dhx.vparams = NULL;
-
-    return i2d_int_dhx(&dhx, pp);
+    }
+    ret = i2d_int_dhx(&dhx, pp);
+err:
+    BN_free(dhv.counter);
+    return ret;
 }