From c8f2301629b06ef43767d7d2750afaadc3d55deb Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 14 Oct 2019 10:36:14 +0200 Subject: [PATCH] DH: Add export of keys and domain parameters from provider Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10169) --- providers/implementations/keymgmt/dh_kmgmt.c | 60 ++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index cb9502fc22..4120155619 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -15,7 +15,9 @@ #include "prov/implementations.h" static OSSL_OP_keymgmt_importdomparams_fn dh_importdomparams; +static OSSL_OP_keymgmt_exportdomparams_fn dh_exportdomparams; static OSSL_OP_keymgmt_importkey_fn dh_importkey; +static OSSL_OP_keymgmt_exportkey_fn dh_exportkey; static int params_to_domparams(DH *dh, const OSSL_PARAM params[]) { @@ -43,6 +45,25 @@ static int params_to_domparams(DH *dh, const OSSL_PARAM params[]) return 0; } +static int domparams_to_params(DH *dh, OSSL_PARAM params[]) +{ + OSSL_PARAM *p; + const BIGNUM *dh_p = NULL, *dh_g = NULL; + + if (dh == NULL) + return 0; + + DH_get0_pqg(dh, &dh_p, NULL, &dh_g); + if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_FFC_P)) != NULL + && !OSSL_PARAM_set_BN(p, dh_p)) + return 0; + if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_FFC_G)) != NULL + && !OSSL_PARAM_set_BN(p, dh_g)) + return 0; + + return 1; +} + static int params_to_key(DH *dh, const OSSL_PARAM params[]) { const OSSL_PARAM *param_priv_key, *param_pub_key; @@ -84,6 +105,29 @@ static int params_to_key(DH *dh, const OSSL_PARAM params[]) return 0; } +static int key_to_params(DH *dh, OSSL_PARAM params[]) +{ + OSSL_PARAM *p; + const BIGNUM *priv_key = NULL, *pub_key = NULL; + + if (dh == NULL) + return 0; + if (!domparams_to_params(dh, params)) + return 0; + + DH_get0_key(dh, &pub_key, &priv_key); + if ((p = OSSL_PARAM_locate(params, + OSSL_PKEY_PARAM_DH_PRIV_KEY)) != NULL + && !OSSL_PARAM_set_BN(p, priv_key)) + return 0; + if ((p = OSSL_PARAM_locate(params, + OSSL_PKEY_PARAM_DH_PUB_KEY)) != NULL + && !OSSL_PARAM_set_BN(p, pub_key)) + return 0; + + return 1; +} + static void *dh_importdomparams(void *provctx, const OSSL_PARAM params[]) { DH *dh; @@ -96,6 +140,13 @@ static void *dh_importdomparams(void *provctx, const OSSL_PARAM params[]) return dh; } +static int dh_exportdomparams(void *domparams, OSSL_PARAM params[]) +{ + DH *dh = domparams; + + return dh != NULL && !domparams_to_params(dh, params); +} + static void *dh_importkey(void *provctx, const OSSL_PARAM params[]) { DH *dh; @@ -108,14 +159,23 @@ static void *dh_importkey(void *provctx, const OSSL_PARAM params[]) return dh; } +static int dh_exportkey(void *key, OSSL_PARAM params[]) +{ + DH *dh = key; + + return dh != NULL && !key_to_params(dh, params); +} + const OSSL_DISPATCH dh_keymgmt_functions[] = { /* * TODO(3.0) When implementing OSSL_FUNC_KEYMGMT_GENKEY, remember to also * implement OSSL_FUNC_KEYMGMT_EXPORTKEY. */ { OSSL_FUNC_KEYMGMT_IMPORTDOMPARAMS, (void (*)(void))dh_importdomparams }, + { OSSL_FUNC_KEYMGMT_EXPORTDOMPARAMS, (void (*)(void))dh_exportdomparams }, { OSSL_FUNC_KEYMGMT_FREEDOMPARAMS, (void (*)(void))DH_free }, { OSSL_FUNC_KEYMGMT_IMPORTKEY, (void (*)(void))dh_importkey }, + { OSSL_FUNC_KEYMGMT_EXPORTKEY, (void (*)(void))dh_exportkey }, { OSSL_FUNC_KEYMGMT_FREEKEY, (void (*)(void))DH_free }, { 0, NULL } }; -- 2.25.1