xref: /third_party/openssl/crypto/dh/dh_asn1.c (revision e1051a39) 
1e1051a39Sopenharmony_ci/*
2e1051a39Sopenharmony_ci * Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
3e1051a39Sopenharmony_ci *
4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License").  You may not use
5e1051a39Sopenharmony_ci * this file except in compliance with the License.  You can obtain a copy
6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at
7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html
8e1051a39Sopenharmony_ci */
9e1051a39Sopenharmony_ci
10e1051a39Sopenharmony_ci/*
11e1051a39Sopenharmony_ci * DH low level APIs are deprecated for public use, but still ok for
12e1051a39Sopenharmony_ci * internal use.
13e1051a39Sopenharmony_ci */
14e1051a39Sopenharmony_ci#include "internal/deprecated.h"
15e1051a39Sopenharmony_ci
16e1051a39Sopenharmony_ci#include <stdio.h>
17e1051a39Sopenharmony_ci#include "internal/cryptlib.h"
18e1051a39Sopenharmony_ci#include <openssl/bn.h>
19e1051a39Sopenharmony_ci#include "dh_local.h"
20e1051a39Sopenharmony_ci#include <openssl/objects.h>
21e1051a39Sopenharmony_ci#include <openssl/asn1t.h>
22e1051a39Sopenharmony_ci#include "crypto/dh.h"
23e1051a39Sopenharmony_ci
24e1051a39Sopenharmony_ci/* Override the default free and new methods */
25e1051a39Sopenharmony_cistatic int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
26e1051a39Sopenharmony_ci                 void *exarg)
27e1051a39Sopenharmony_ci{
28e1051a39Sopenharmony_ci    if (operation == ASN1_OP_NEW_PRE) {
29e1051a39Sopenharmony_ci        *pval = (ASN1_VALUE *)DH_new();
30e1051a39Sopenharmony_ci        if (*pval != NULL)
31e1051a39Sopenharmony_ci            return 2;
32e1051a39Sopenharmony_ci        return 0;
33e1051a39Sopenharmony_ci    } else if (operation == ASN1_OP_FREE_PRE) {
34e1051a39Sopenharmony_ci        DH_free((DH *)*pval);
35e1051a39Sopenharmony_ci        *pval = NULL;
36e1051a39Sopenharmony_ci        return 2;
37e1051a39Sopenharmony_ci    } else if (operation == ASN1_OP_D2I_POST) {
38e1051a39Sopenharmony_ci        DH *dh = (DH *)*pval;
39e1051a39Sopenharmony_ci
40e1051a39Sopenharmony_ci        DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
41e1051a39Sopenharmony_ci        DH_set_flags(dh, DH_FLAG_TYPE_DH);
42e1051a39Sopenharmony_ci        ossl_dh_cache_named_group(dh);
43e1051a39Sopenharmony_ci        dh->dirty_cnt++;
44e1051a39Sopenharmony_ci    }
45e1051a39Sopenharmony_ci    return 1;
46e1051a39Sopenharmony_ci}
47e1051a39Sopenharmony_ci
48e1051a39Sopenharmony_ciASN1_SEQUENCE_cb(DHparams, dh_cb) = {
49e1051a39Sopenharmony_ci        ASN1_SIMPLE(DH, params.p, BIGNUM),
50e1051a39Sopenharmony_ci        ASN1_SIMPLE(DH, params.g, BIGNUM),
51e1051a39Sopenharmony_ci        ASN1_OPT_EMBED(DH, length, ZINT32),
52e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END_cb(DH, DHparams)
53e1051a39Sopenharmony_ci
54e1051a39Sopenharmony_ciIMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(DH, DHparams, DHparams)
55e1051a39Sopenharmony_ci
56e1051a39Sopenharmony_ci/*
57e1051a39Sopenharmony_ci * Internal only structures for handling X9.42 DH: this gets translated to or
58e1051a39Sopenharmony_ci * from a DH structure straight away.
59e1051a39Sopenharmony_ci */
60e1051a39Sopenharmony_ci
61e1051a39Sopenharmony_citypedef struct {
62e1051a39Sopenharmony_ci    ASN1_BIT_STRING *seed;
63e1051a39Sopenharmony_ci    BIGNUM *counter;
64e1051a39Sopenharmony_ci} int_dhvparams;
65e1051a39Sopenharmony_ci
66e1051a39Sopenharmony_citypedef struct {
67e1051a39Sopenharmony_ci    BIGNUM *p;
68e1051a39Sopenharmony_ci    BIGNUM *q;
69e1051a39Sopenharmony_ci    BIGNUM *g;
70e1051a39Sopenharmony_ci    BIGNUM *j;
71e1051a39Sopenharmony_ci    int_dhvparams *vparams;
72e1051a39Sopenharmony_ci} int_dhx942_dh;
73e1051a39Sopenharmony_ci
74e1051a39Sopenharmony_ciASN1_SEQUENCE(DHvparams) = {
75e1051a39Sopenharmony_ci        ASN1_SIMPLE(int_dhvparams, seed, ASN1_BIT_STRING),
76e1051a39Sopenharmony_ci        ASN1_SIMPLE(int_dhvparams, counter, BIGNUM)
77e1051a39Sopenharmony_ci} static_ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
78e1051a39Sopenharmony_ci
79e1051a39Sopenharmony_ciASN1_SEQUENCE(DHxparams) = {
80e1051a39Sopenharmony_ci        ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM),
81e1051a39Sopenharmony_ci        ASN1_SIMPLE(int_dhx942_dh, g, BIGNUM),
82e1051a39Sopenharmony_ci        ASN1_SIMPLE(int_dhx942_dh, q, BIGNUM),
83e1051a39Sopenharmony_ci        ASN1_OPT(int_dhx942_dh, j, BIGNUM),
84e1051a39Sopenharmony_ci        ASN1_OPT(int_dhx942_dh, vparams, DHvparams),
85e1051a39Sopenharmony_ci} static_ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
86e1051a39Sopenharmony_ci
87e1051a39Sopenharmony_ciint_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a,
88e1051a39Sopenharmony_ci                           const unsigned char **pp, long length);
89e1051a39Sopenharmony_ciint i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
90e1051a39Sopenharmony_ci
91e1051a39Sopenharmony_ciIMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx)
92e1051a39Sopenharmony_ci
93e1051a39Sopenharmony_ciDH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
94e1051a39Sopenharmony_ci{
95e1051a39Sopenharmony_ci    FFC_PARAMS *params;
96e1051a39Sopenharmony_ci    int_dhx942_dh *dhx = NULL;
97e1051a39Sopenharmony_ci    DH *dh = NULL;
98e1051a39Sopenharmony_ci
99e1051a39Sopenharmony_ci    dh = DH_new();
100e1051a39Sopenharmony_ci    if (dh == NULL)
101e1051a39Sopenharmony_ci        return NULL;
102e1051a39Sopenharmony_ci    dhx = d2i_int_dhx(NULL, pp, length);
103e1051a39Sopenharmony_ci    if (dhx == NULL) {
104e1051a39Sopenharmony_ci        DH_free(dh);
105e1051a39Sopenharmony_ci        return NULL;
106e1051a39Sopenharmony_ci    }
107e1051a39Sopenharmony_ci
108e1051a39Sopenharmony_ci    if (a != NULL) {
109e1051a39Sopenharmony_ci        DH_free(*a);
110e1051a39Sopenharmony_ci        *a = dh;
111e1051a39Sopenharmony_ci    }
112e1051a39Sopenharmony_ci
113e1051a39Sopenharmony_ci    params = &dh->params;
114e1051a39Sopenharmony_ci    DH_set0_pqg(dh, dhx->p, dhx->q, dhx->g);
115e1051a39Sopenharmony_ci    ossl_ffc_params_set0_j(params, dhx->j);
116e1051a39Sopenharmony_ci
117e1051a39Sopenharmony_ci    if (dhx->vparams != NULL) {
118e1051a39Sopenharmony_ci        /* The counter has a maximum value of 4 * numbits(p) - 1 */
119e1051a39Sopenharmony_ci        size_t counter = (size_t)BN_get_word(dhx->vparams->counter);
120e1051a39Sopenharmony_ci        ossl_ffc_params_set_validate_params(params, dhx->vparams->seed->data,
121e1051a39Sopenharmony_ci                                            dhx->vparams->seed->length,
122e1051a39Sopenharmony_ci                                            counter);
123e1051a39Sopenharmony_ci        ASN1_BIT_STRING_free(dhx->vparams->seed);
124e1051a39Sopenharmony_ci        BN_free(dhx->vparams->counter);
125e1051a39Sopenharmony_ci        OPENSSL_free(dhx->vparams);
126e1051a39Sopenharmony_ci        dhx->vparams = NULL;
127e1051a39Sopenharmony_ci    }
128e1051a39Sopenharmony_ci
129e1051a39Sopenharmony_ci    OPENSSL_free(dhx);
130e1051a39Sopenharmony_ci    DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
131e1051a39Sopenharmony_ci    DH_set_flags(dh, DH_FLAG_TYPE_DHX);
132e1051a39Sopenharmony_ci    return dh;
133e1051a39Sopenharmony_ci}
134e1051a39Sopenharmony_ci
135e1051a39Sopenharmony_ciint i2d_DHxparams(const DH *dh, unsigned char **pp)
136e1051a39Sopenharmony_ci{
137e1051a39Sopenharmony_ci    int ret = 0;
138e1051a39Sopenharmony_ci    int_dhx942_dh dhx;
139e1051a39Sopenharmony_ci    int_dhvparams dhv = { NULL, NULL };
140e1051a39Sopenharmony_ci    ASN1_BIT_STRING seed;
141e1051a39Sopenharmony_ci    size_t seedlen = 0;
142e1051a39Sopenharmony_ci    const FFC_PARAMS *params = &dh->params;
143e1051a39Sopenharmony_ci    int counter;
144e1051a39Sopenharmony_ci
145e1051a39Sopenharmony_ci    ossl_ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p,
146e1051a39Sopenharmony_ci                             (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g);
147e1051a39Sopenharmony_ci    dhx.j = params->j;
148e1051a39Sopenharmony_ci    ossl_ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter);
149e1051a39Sopenharmony_ci    seed.length = (int)seedlen;
150e1051a39Sopenharmony_ci
151e1051a39Sopenharmony_ci    if (counter != -1 && seed.data != NULL && seed.length > 0) {
152e1051a39Sopenharmony_ci        seed.flags = ASN1_STRING_FLAG_BITS_LEFT;
153e1051a39Sopenharmony_ci        dhv.seed = &seed;
154e1051a39Sopenharmony_ci        dhv.counter = BN_new();
155e1051a39Sopenharmony_ci        if (dhv.counter == NULL)
156e1051a39Sopenharmony_ci            return 0;
157e1051a39Sopenharmony_ci        if (!BN_set_word(dhv.counter, (BN_ULONG)counter))
158e1051a39Sopenharmony_ci            goto err;
159e1051a39Sopenharmony_ci        dhx.vparams = &dhv;
160e1051a39Sopenharmony_ci    } else {
161e1051a39Sopenharmony_ci        dhx.vparams = NULL;
162e1051a39Sopenharmony_ci    }
163e1051a39Sopenharmony_ci    ret = i2d_int_dhx(&dhx, pp);
164e1051a39Sopenharmony_cierr:
165e1051a39Sopenharmony_ci    BN_free(dhv.counter);
166e1051a39Sopenharmony_ci    return ret;
167e1051a39Sopenharmony_ci}
168