summaryrefslogtreecommitdiffstats
path: root/providers/implementations/exchange
diff options
context:
space:
mode:
authorShane Lontis <shane.lontis@oracle.com>2020-01-23 20:33:28 +1000
committerShane Lontis <shane.lontis@oracle.com>2020-01-23 20:33:28 +1000
commit62f49b90d7e88d3c36fc1f5e4d677997aeb97b0a (patch)
treefbe5f7df9b658d87f2975923703942033ff020d2 /providers/implementations/exchange
parentf10048301390283523d3d1623880be7518cf46ac (diff)
Add DH key exchange to fips provider
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10826)
Diffstat (limited to 'providers/implementations/exchange')
-rw-r--r--providers/implementations/exchange/dh_exch.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
index 1b16a83245..94c232965f 100644
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -13,6 +13,8 @@
#include <openssl/dh.h>
#include <openssl/params.h>
#include "prov/implementations.h"
+#include "prov/provider_ctx.h"
+#include "crypto/dh.h"
static OSSL_OP_keyexch_newctx_fn dh_newctx;
static OSSL_OP_keyexch_init_fn dh_init;
@@ -30,6 +32,7 @@ static OSSL_OP_keyexch_settable_ctx_params_fn dh_settable_ctx_params;
*/
typedef struct {
+ OPENSSL_CTX *libctx;
DH *dh;
DH *dhpeer;
unsigned int pad : 1;
@@ -37,7 +40,12 @@ typedef struct {
static void *dh_newctx(void *provctx)
{
- return OPENSSL_zalloc(sizeof(PROV_DH_CTX));
+ PROV_DH_CTX *pdhctx = OPENSSL_zalloc(sizeof(PROV_DH_CTX));
+
+ if (pdhctx == NULL)
+ return NULL;
+ pdhctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
+ return pdhctx;
}
static int dh_init(void *vpdhctx, void *vdh)
@@ -83,8 +91,10 @@ static int dh_derive(void *vpdhctx, unsigned char *secret, size_t *secretlen,
return 0;
DH_get0_key(pdhctx->dhpeer, &pub_key, NULL);
- ret = (pdhctx->pad) ? DH_compute_key_padded(secret, pub_key, pdhctx->dh)
- : DH_compute_key(secret, pub_key, pdhctx->dh);
+ if (pdhctx->pad)
+ ret = dh_compute_key_padded(pdhctx->libctx, secret, pub_key, pdhctx->dh);
+ else
+ ret = dh_compute_key(pdhctx->libctx, secret, pub_key, pdhctx->dh);
if (ret <= 0)
return 0;