diff options
| author | David Benjamin <davidben@google.com> | 2017-09-18 11:58:24 -0400 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-09-27 17:28:24 +0200 |
| commit | effdcf6c2a10afea8041addb8ccce2367ecaac0d (patch) | |
| tree | 66245a14d86697ae72ce2a076a4d4d6555829852 /test | |
| parent | a8e047a819b8f8bf8699e0bbfc838e1f23e82051 (diff) | |
Allow DH_set0_key with only private key.
The pub_key field for DH isn't actually used in DH_compute_key at all.
(Note the peer public key is passed in as as BIGNUM.) It's mostly there
so the caller may extract it from DH_generate_key. It doesn't
particularly need to be present if filling in a DH from external
parameters.
The check in DH_set0_key conflicts with adding OpenSSL 1.1.0 to Node.
Their public API is a thin wrapper over the old OpenSSL one:
https://nodejs.org/api/crypto.html#crypto_class_diffiehellman
They have separate setPrivateKey and setPublicKey methods, so the public
key may be set last or not at all. In 1.0.2, either worked fine since
operations on DH objects generally didn't use the public key. (Like
with OpenSSL, Node's setPublicKey method is also largely a no-op, but so
it goes.) In 1.1.0, DH_set0_key prevents create a private-key-only DH
object.
(cherry picked from commit d58ad9a2a287d1c0bc99ba63c997eed88cc161b5)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4425)
Diffstat (limited to 'test')
| -rw-r--r-- | test/dhtest.c | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/test/dhtest.c b/test/dhtest.c index 2847c5c038..8181fac368 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -40,13 +40,15 @@ int main(int argc, char *argv[]) BN_GENCB *_cb = NULL; DH *a = NULL; DH *b = NULL; + DH *c = NULL; const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL, *priv_key = NULL; const BIGNUM *bpub_key = NULL; - BIGNUM *bp = NULL, *bg = NULL; + BIGNUM *bp = NULL, *bg = NULL, *cpriv_key = NULL; char buf[12] = {0}; unsigned char *abuf = NULL; unsigned char *bbuf = NULL; - int i, alen, blen, aout, bout; + unsigned char *cbuf = NULL; + int i, alen, blen, clen, aout, bout, cout; int ret = 1; BIO *out = NULL; @@ -114,6 +116,13 @@ int main(int argc, char *argv[]) BN_print(out, bpub_key); BIO_puts(out, "\n"); + /* Also test with a private-key-only copy of |b|. */ + if ((c = DHparams_dup(b)) == NULL + || (cpriv_key = BN_dup(priv_key)) == NULL + || !DH_set0_key(c, NULL, cpriv_key)) + goto err; + cpriv_key = NULL; + alen = DH_size(a); abuf = OPENSSL_malloc(alen); if (abuf == NULL) @@ -141,7 +150,23 @@ int main(int argc, char *argv[]) BIO_puts(out, buf); } BIO_puts(out, "\n"); - if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) { + + clen = DH_size(c); + cbuf = OPENSSL_malloc(clen); + if (cbuf == NULL) + goto err; + + cout = DH_compute_key(cbuf, apub_key, c); + + BIO_puts(out, "key3 ="); + for (i = 0; i < cout; i++) { + sprintf(buf, "%02X", cbuf[i]); + BIO_puts(out, buf); + } + BIO_puts(out, "\n"); + + if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0) + || (cout != aout) || (memcmp(abuf, cbuf, aout) != 0)) { fprintf(stderr, "Error in DH routines\n"); ret = 1; } else @@ -154,10 +179,13 @@ int main(int argc, char *argv[]) OPENSSL_free(abuf); OPENSSL_free(bbuf); + OPENSSL_free(cbuf); DH_free(b); DH_free(a); + DH_free(c); BN_free(bp); BN_free(bg); + BN_free(cpriv_key); BN_GENCB_free(_cb); BIO_free(out); |