From 073f59c407b06c1b64d84808f1bee9f9457222f9 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Mon, 14 Oct 2019 10:11:40 +0200
Subject: DSA: Add export of domain parameters to provider

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10169)
---
 providers/implementations/keymgmt/dsa_kmgmt.c | 66 ++++++++++++++++++++-------
 1 file changed, 49 insertions(+), 17 deletions(-)

(limited to 'providers')

diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index 818a451bb9..aae9ddac65 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -14,13 +14,13 @@
 #include <openssl/params.h>
 #include "prov/implementations.h"
 
+static OSSL_OP_keymgmt_importdomparams_fn dsa_importdomparams;
 static OSSL_OP_keymgmt_importkey_fn dsa_importkey;
 
-static int params_to_key(DSA *dsa, const OSSL_PARAM params[])
+static int params_to_domparams(DSA *dsa, const OSSL_PARAM params[])
 {
-    const OSSL_PARAM *param_p, *param_q, *param_g, *param_priv_key;
-    const OSSL_PARAM *param_pub_key;
-    BIGNUM *p = NULL, *q = NULL, *g = NULL, *priv_key = NULL, *pub_key = NULL;
+    const OSSL_PARAM *param_p, *param_q, *param_g;
+    BIGNUM *p = NULL, *q = NULL, *g = NULL;
 
     if (dsa == NULL)
         return 0;
@@ -28,6 +28,35 @@ static int params_to_key(DSA *dsa, const OSSL_PARAM params[])
     param_p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_P);
     param_q = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_Q);
     param_g = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_G);
+
+    if ((param_p != NULL && !OSSL_PARAM_get_BN(param_p, &p))
+        || (param_q != NULL && !OSSL_PARAM_get_BN(param_q, &q))
+        || (param_g != NULL && !OSSL_PARAM_get_BN(param_g, &g)))
+        goto err;
+
+    if (!DSA_set0_pqg(dsa, p, q, g))
+        goto err;
+
+    return 1;
+
+ err:
+    BN_free(p);
+    BN_free(q);
+    BN_free(g);
+    return 0;
+}
+
+static int params_to_key(DSA *dsa, const OSSL_PARAM params[])
+{
+    const OSSL_PARAM *param_priv_key, *param_pub_key;
+    BIGNUM *priv_key = NULL, *pub_key = NULL;
+
+    if (dsa == NULL)
+        return 0;
+
+    if (!params_to_domparams(dsa, params))
+        return 0;
+
     param_priv_key =
         OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DSA_PRIV_KEY);
     param_pub_key =
@@ -40,34 +69,35 @@ static int params_to_key(DSA *dsa, const OSSL_PARAM params[])
     if (param_priv_key != NULL && param_pub_key == NULL)
         return 0;
 
-    if ((param_p != NULL && !OSSL_PARAM_get_BN(param_p, &p))
-        || (param_q != NULL && !OSSL_PARAM_get_BN(param_q, &q))
-        || (param_g != NULL && !OSSL_PARAM_get_BN(param_g, &g))
-        || (param_priv_key != NULL
-            && !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
+    if ((param_priv_key != NULL
+         && !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
         || (param_pub_key != NULL
             && !OSSL_PARAM_get_BN(param_pub_key, &pub_key)))
         goto err;
 
-    if (!DSA_set0_pqg(dsa, p, q, g))
-        goto err;
-    p = q = g = NULL;
-
     if (pub_key != NULL && !DSA_set0_key(dsa, pub_key, priv_key))
         goto err;
-    priv_key = pub_key = NULL;
 
     return 1;
 
  err:
-    BN_free(p);
-    BN_free(q);
-    BN_free(g);
     BN_free(priv_key);
     BN_free(pub_key);
     return 0;
 }
 
+static void *dsa_importdomparams(void *provctx, const OSSL_PARAM params[])
+{
+    DSA *dsa;
+
+    if ((dsa = DSA_new()) == NULL
+        || !params_to_domparams(dsa, params)) {
+        DSA_free(dsa);
+        dsa = NULL;
+    }
+    return dsa;
+}
+
 static void *dsa_importkey(void *provctx, const OSSL_PARAM params[])
 {
     DSA *dsa;
@@ -85,6 +115,8 @@ const OSSL_DISPATCH dsa_keymgmt_functions[] = {
      * TODO(3.0) When implementing OSSL_FUNC_KEYMGMT_GENKEY, remember to also
      * implement OSSL_FUNC_KEYMGMT_EXPORTKEY.
      */
+    { OSSL_FUNC_KEYMGMT_IMPORTDOMPARAMS, (void (*)(void))dsa_importdomparams },
+    { OSSL_FUNC_KEYMGMT_FREEDOMPARAMS, (void (*)(void))DSA_free },
     { OSSL_FUNC_KEYMGMT_IMPORTKEY, (void (*)(void))dsa_importkey },
     { OSSL_FUNC_KEYMGMT_FREEKEY, (void (*)(void))DSA_free },
     { 0, NULL }
-- 
cgit v1.2.3