From c829c23b67308ad8e8ab677c78db1d5151106c3c Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 1 Dec 2020 19:11:59 +0100 Subject: EVP_PKEY & DH: Make DH EVP_PKEY_CTX parameter ctrls / setters more available EVP_PKEY_CTX_set_dh_ functions were only available when DH was enabled ('no-dsa' not configured). However, that makes it impossible to use these functions with an engine or a provider that happens to implement DH. This change solves that problem by shuffling these functions to more appropriate places. By consequence, there are a number of places where we can remove the check of OPENSSL_NO_DH. This requires some re-arrangements of internal tables to translate between numeric identities and names. Partially fixes #13550 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13589) --- crypto/evp/build.info | 4 +- crypto/evp/dh_ctrl.c | 583 ++++++++++++++++++++++++++++++++++++++++++++++++ crypto/evp/dh_support.c | 48 ++++ crypto/evp/p_lib.c | 8 +- crypto/evp/pmeth_lib.c | 33 +-- 5 files changed, 643 insertions(+), 33 deletions(-) create mode 100644 crypto/evp/dh_ctrl.c create mode 100644 crypto/evp/dh_support.c (limited to 'crypto/evp') diff --git a/crypto/evp/build.info b/crypto/evp/build.info index 652c3ee74a..8ee6e70c06 100644 --- a/crypto/evp/build.info +++ b/crypto/evp/build.info @@ -2,7 +2,7 @@ LIBS=../../libcrypto $COMMON=digest.c evp_enc.c evp_lib.c evp_fetch.c cmeth_lib.c evp_utils.c \ mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c kdf_lib.c kdf_meth.c \ m_sigver.c pmeth_lib.c signature.c p_lib.c pmeth_gn.c exchange.c \ - pmeth_check.c evp_rand.c asymcipher.c kem.c + pmeth_check.c evp_rand.c asymcipher.c kem.c dh_support.c SOURCE[../../libcrypto]=$COMMON\ encode.c evp_key.c evp_cnf.c \ @@ -19,7 +19,7 @@ SOURCE[../../libcrypto]=$COMMON\ # Diverse type specific ctrl functions. They are kinda sorta legacy, kinda # sorta not. -SOURCE[../../libcrypto]=dsa_ctrl.c +SOURCE[../../libcrypto]=dh_ctrl.c dsa_ctrl.c IF[{- !$disabled{'deprecated-3.0'} -}] SOURCE[../../libcrypto]=p_enc.c p_dec.c diff --git a/crypto/evp/dh_ctrl.c b/crypto/evp/dh_ctrl.c new file mode 100644 index 0000000000..64492389b7 --- /dev/null +++ b/crypto/evp/dh_ctrl.c @@ -0,0 +1,583 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include +#include "crypto/dh.h" +#include "crypto/evp.h" + +static int dh_paramgen_check(EVP_PKEY_CTX *ctx) +{ + if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + /* If key type not DH return error */ + if (ctx->pmeth != NULL + && ctx->pmeth->pkey_id != EVP_PKEY_DH + && ctx->pmeth->pkey_id != EVP_PKEY_DHX) + return -1; + return 1; +} + +static int dh_param_derive_check(EVP_PKEY_CTX *ctx) +{ + if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + /* If key type not DH return error */ + if (ctx->pmeth != NULL + && ctx->pmeth->pkey_id != EVP_PKEY_DH + && ctx->pmeth->pkey_id != EVP_PKEY_DHX) + return -1; + return 1; +} + +int EVP_PKEY_CTX_set_dh_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex) +{ + int ret; + OSSL_PARAM params[2], *p = params; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex); + *p = OSSL_PARAM_construct_end(); + + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_paramgen_seed(EVP_PKEY_CTX *ctx, + const unsigned char *seed, + size_t seedlen) +{ + int ret; + OSSL_PARAM params[2], *p = params; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED, + (void *)seed, seedlen); + *p = OSSL_PARAM_construct_end(); + + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int typ) +{ + int ret; + OSSL_PARAM params[2], *p = params; + const char *name; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.keymgmt.genctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL); + + name = dh_gen_type_id2name(typ); + if (name == NULL) + return 0; + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE, + (char *) name, 0); + *p = OSSL_PARAM_construct_end(); + + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int pbits) +{ + int ret; + OSSL_PARAM params[2], *p = params; + size_t bits = pbits; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.keymgmt.genctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, pbits, + NULL); + *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_PBITS, &bits); + *p = OSSL_PARAM_construct_end(); + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int qbits) +{ + int ret; + OSSL_PARAM params[2], *p = params; + size_t bits2 = qbits; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.keymgmt.genctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, qbits, + NULL); + *p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_QBITS, &bits2); + *p = OSSL_PARAM_construct_end(); + + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen) +{ + int ret; + OSSL_PARAM params[2], *p = params; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.keymgmt.genctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL); + *p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_DH_GENERATOR, &gen); + *p = OSSL_PARAM_construct_end(); + + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen) +{ + int ret; + OSSL_PARAM params[2], *p = params; + const char *name; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.keymgmt.genctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_RFC5114, gen, NULL); + name = ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(gen)); + if (name == NULL) + return 0; + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, + (void *)name, 0); + *p = OSSL_PARAM_construct_end(); + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int gen) +{ + return EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen); +} + +int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid) +{ + int ret; + OSSL_PARAM params[2], *p = params; + const char *name; + + if ((ret = dh_paramgen_check(ctx)) <= 0) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.keymgmt.genctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, + EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_DH_NID, nid, NULL); + name = ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(nid)); + if (name == NULL) + return 0; + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, + (void *)name, 0); + *p = OSSL_PARAM_construct_end(); + return EVP_PKEY_CTX_set_params(ctx, params); +} + +int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad) +{ + OSSL_PARAM dh_pad_params[2]; + unsigned int upad = pad; + + /* We use EVP_PKEY_CTX_ctrl return values */ + if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + return -2; + } + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_PAD, pad, NULL); + + dh_pad_params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &upad); + dh_pad_params[1] = OSSL_PARAM_construct_end(); + + return EVP_PKEY_CTX_set_params(ctx, dh_pad_params); +} + +int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf) +{ + int ret; + const char *kdf_type; + OSSL_PARAM params[2], *p = params; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL); + switch (kdf) { + case EVP_PKEY_DH_KDF_NONE: + kdf_type = ""; + break; + case EVP_PKEY_DH_KDF_X9_42: + kdf_type = OSSL_KDF_NAME_X942KDF_ASN1; + break; + default: + return -2; + } + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, + /* + * Cast away the const. This is read + * only so should be safe + */ + (char *)kdf_type, 0); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_set_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + + return ret; +} + +int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx) +{ + int ret; + char kdf_type[80]; /* 80 should be big enough */ + OSSL_PARAM params[2], *p = params; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, + kdf_type, sizeof(kdf_type)); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_get_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } else if (ret != 1) { + return -1; + } + + if (kdf_type[0] == '\0') + return EVP_PKEY_DH_KDF_NONE; + else if (strcmp(kdf_type, OSSL_KDF_NAME_X942KDF_ASN1) == 0) + return EVP_PKEY_DH_KDF_X9_42; + + return -1; +} + +int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid) +{ + int ret; + OSSL_PARAM params[2], *p = params; + const char *oid_name; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid)); + oid_name = OBJ_nid2sn(OBJ_obj2nid(oid)); + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, + (char *)oid_name, 0); + *p = OSSL_PARAM_construct_end(); + ret = evp_pkey_ctx_set_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + + return ret; +} + +int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid) +{ + int ret, nid; + OSSL_PARAM params[2], *p = params; + char oid_name[80]; /* 80 should be big enough */ + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(oid)); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, + oid_name, sizeof(oid_name)); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_get_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } else if (ret != 1) { + return -1; + } + nid = OBJ_sn2nid(oid_name); + if (nid == NID_undef) + nid = OBJ_ln2nid(oid_name); + *oid = (nid == NID_undef ? NULL : OBJ_nid2obj(nid)); + return *oid != NULL; +} + +int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) +{ + int ret; + OSSL_PARAM params[2], *p = params; + const char *md_name = NULL; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md)); + md_name = (md == NULL) ? "" : EVP_MD_name(md); + + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, + /* + * Cast away the const. This is read + * only so should be safe + */ + (char *)md_name, 0); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_set_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + return ret; +} + +int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd) +{ + int ret; + char name[80] = ""; /* 80 should be big enough */ + OSSL_PARAM params[2], *p = params; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd)); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, + name, sizeof(name)); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_get_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } else if (ret != 1) { + return -1; + } + + /* May be NULL meaning "unknown" */ + *pmd = EVP_get_digestbyname(name); + + return 1; +} + +int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int inlen) +{ + int ret; + size_t len = inlen; + OSSL_PARAM params[2], *p = params; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_KDF_OUTLEN, inlen, NULL); + if (inlen <= 0) { + /* + * This would ideally be -1 or 0, but we have to retain compatibility + * with legacy behaviour of EVP_PKEY_CTX_ctrl() which returned -2 if + * in <= 0 + */ + return -2; + } + + *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, + &len); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_set_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + return ret; +} + +int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen) +{ + int ret; + size_t len = UINT_MAX; + OSSL_PARAM params[2], *p = params; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, + (void *)(plen)); + *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, + &len); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_get_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } else if (ret != 1) { + return -1; + } + + if (len > INT_MAX) + return -1; + + *plen = (int)len; + + return 1; +} + +int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len) +{ + int ret; + OSSL_PARAM params[2], *p = params; + + if (len <= 0) + return -1; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_DH_KDF_UKM, len, (void *)(ukm)); + + *p++ = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM, + /* + * Cast away the const. This is read + * only so should be safe + */ + (void *)ukm, + (size_t)len); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_set_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } + if (ret == 1) + OPENSSL_free(ukm); + return ret; +} + +int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pukm) +{ + int ret; + size_t ukmlen; + OSSL_PARAM params[3], *p = params; + + ret = dh_param_derive_check(ctx); + if (ret != 1) + return ret; + + /* TODO(3.0): Remove this eventually when no more legacy */ + if (ctx->op.kex.exchprovctx == NULL) + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(pukm)); + + *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_EXCHANGE_PARAM_KDF_UKM, + (void **)pukm, 0); + *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_UKM_LEN, + &ukmlen); + *p = OSSL_PARAM_construct_end(); + + ret = evp_pkey_ctx_get_params_strict(ctx, params); + if (ret == -2) { + ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); + /* Uses the same return values as EVP_PKEY_CTX_ctrl */ + return -2; + } else if (ret != 1) { + return -1; + } + + if (ukmlen > INT_MAX) + return -1; + + return (int)ukmlen; +} diff --git a/crypto/evp/dh_support.c b/crypto/evp/dh_support.c new file mode 100644 index 0000000000..212cf908eb --- /dev/null +++ b/crypto/evp/dh_support.c @@ -0,0 +1,48 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include /* strcmp */ +#include +#include "internal/nelem.h" +#include "crypto/dh.h" + +typedef struct dh_name2id_st{ + const char *name; + int id; +} DH_GENTYPE_NAME2ID; + +static const DH_GENTYPE_NAME2ID dhtype2id[]= +{ + { "fips186_4", DH_PARAMGEN_TYPE_FIPS_186_4 }, + { "fips186_2", DH_PARAMGEN_TYPE_FIPS_186_2 }, + { "group", DH_PARAMGEN_TYPE_GROUP }, + { "generator", DH_PARAMGEN_TYPE_GENERATOR } +}; + +const char *dh_gen_type_id2name(int id) +{ + size_t i; + + for (i = 0; i < OSSL_NELEM(dhtype2id); ++i) { + if (dhtype2id[i].id == id) + return dhtype2id[i].name; + } + return NULL; +} + +int dh_gen_type_name2id(const char *name) +{ + size_t i; + + for (i = 0; i < OSSL_NELEM(dhtype2id); ++i) { + if (strcmp(dhtype2id[i].name, name) == 0) + return dhtype2id[i].id; + } + return -1; +} diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 6211019b62..434bd0b61b 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1241,8 +1241,12 @@ int EVP_PKEY_get_group_name(const EVP_PKEY *pkey, char *gname, size_t gname_sz, DH *dh = EVP_PKEY_get0_DH(pkey); int uid = DH_get_nid(dh); - if (uid != NID_undef) - name = ossl_ffc_named_group_from_uid(uid); + if (uid != NID_undef) { + const DH_NAMED_GROUP *dh_group = + ossl_ffc_uid_to_dh_named_group(uid); + + name = ossl_ffc_named_group_get_name(dh_group); + } } break; #endif diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 7364a148a6..58ca1d1d93 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -834,30 +834,6 @@ int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params) return EVP_PKEY_CTX_get_params(ctx, params); } -# ifndef OPENSSL_NO_DH -int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad) -{ - OSSL_PARAM dh_pad_params[2]; - unsigned int upad = pad; - - /* We use EVP_PKEY_CTX_ctrl return values */ - if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) { - ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED); - return -2; - } - - /* TODO(3.0): Remove this eventually when no more legacy */ - if (ctx->op.kex.exchprovctx == NULL) - return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_DH_PAD, pad, NULL); - - dh_pad_params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &upad); - dh_pad_params[1] = OSSL_PARAM_construct_end(); - - return EVP_PKEY_CTX_set_params(ctx, dh_pad_params); -} -# endif - int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md) { OSSL_PARAM sig_md_params[2], *p = sig_md_params; @@ -1252,7 +1228,6 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype, return evp_pkey_ctx_get1_id_len_prov(ctx, p2); } -# ifndef OPENSSL_NO_DH if (keytype == EVP_PKEY_DHX) { switch (cmd) { case EVP_PKEY_CTRL_DH_KDF_TYPE: @@ -1291,7 +1266,6 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype, return EVP_PKEY_CTX_set_dh_rfc5114(ctx, p1); } } -# endif # ifndef OPENSSL_NO_DSA if (keytype == EVP_PKEY_DSA) { switch (cmd) { @@ -1579,7 +1553,6 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name, else if (strcmp(name, "dsa_paramgen_md") == 0) name = OSSL_PKEY_PARAM_FFC_DIGEST; # endif -# ifndef OPENSSL_NO_DH else if (strcmp(name, "dh_paramgen_generator") == 0) name = OSSL_PKEY_PARAM_DH_GENERATOR; else if (strcmp(name, "dh_paramgen_prime_len") == 0) @@ -1592,11 +1565,13 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name, } else if (strcmp(name, "dh_param") == 0) name = OSSL_PKEY_PARAM_GROUP_NAME; else if (strcmp(name, "dh_rfc5114") == 0) { + int num = atoi(value); + name = OSSL_PKEY_PARAM_GROUP_NAME; - value = ossl_ffc_named_group_from_uid(atoi(value)); + value = + ossl_ffc_named_group_get_name(ossl_ffc_uid_to_dh_named_group(num)); } else if (strcmp(name, "dh_pad") == 0) name = OSSL_EXCHANGE_PARAM_PAD; -# endif # ifndef OPENSSL_NO_EC else if (strcmp(name, "ec_paramgen_curve") == 0) name = OSSL_PKEY_PARAM_GROUP_NAME; -- cgit v1.2.3