From d59d853a6f907c3449c9ad36d5814fb287e6ff05 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 30 May 2017 01:19:50 +0100 Subject: [PATCH] Add RFC7919 support to EVP Reviewed-by: Andy Polyakov (Merged from https://github.com/openssl/openssl/pull/4485) --- crypto/dh/dh_pmeth.c | 39 +++++++++++++++++++++++++++++++++++---- include/openssl/dh.h | 6 ++++++ 2 files changed, 41 insertions(+), 4 deletions(-) diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index c3e03c7a42..9b492169a0 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -29,6 +29,7 @@ typedef struct { /* message digest used for parameter generation */ const EVP_MD *md; int rfc5114_param; + int param_nid; /* Keygen callback info */ int gentmp[2]; /* KDF (if any) to use for DH */ @@ -87,6 +88,7 @@ static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) dctx->use_dsa = sctx->use_dsa; dctx->md = sctx->md; dctx->rfc5114_param = sctx->rfc5114_param; + dctx->param_nid = sctx->param_nid; dctx->kdf_type = sctx->kdf_type; dctx->kdf_oid = OBJ_dup(sctx->kdf_oid); @@ -137,11 +139,17 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_DH_RFC5114: - if (p1 < 1 || p1 > 3) + if (p1 < 1 || p1 > 3 || dctx->param_nid != NID_undef) return -2; dctx->rfc5114_param = p1; return 1; + case EVP_PKEY_CTRL_DH_NID: + if (p1 <= 0 || dctx->rfc5114_param != 0) + return -2; + dctx->param_nid = p1; + return 1; + case EVP_PKEY_CTRL_PEER_KEY: /* Default behaviour is OK */ return 1; @@ -221,6 +229,17 @@ static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, dctx->rfc5114_param = len; return 1; } + if (strcmp(type, "dh_param") == 0) { + DH_PKEY_CTX *dctx = ctx->data; + int nid = OBJ_sn2nid(value); + + if (nid == NID_undef) { + DHerr(DH_F_PKEY_DH_CTRL_STR, DH_R_INVALID_PARAMETER_NAME); + return -2; + } + dctx->param_nid = nid; + return 1; + } if (strcmp(type, "dh_paramgen_generator") == 0) { int len; len = atoi(value); @@ -320,6 +339,13 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) return 1; } + if (dctx->param_nid != 0) { + if ((dh = DH_new_by_nid(dctx->param_nid)) == NULL) + return 0; + EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh); + return 1; + } + if (ctx->pkey_gencb) { pcb = BN_GENCB_new(); if (pcb == NULL) @@ -359,17 +385,22 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { + DH_PKEY_CTX *dctx = ctx->data; DH *dh = NULL; - if (ctx->pkey == NULL) { + + if (ctx->pkey == NULL && dctx->param_nid == 0) { DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET); return 0; } - dh = DH_new(); + if (dctx->param_nid != 0) + dh = DH_new_by_nid(dctx->param_nid); + else + dh = DH_new(); if (dh == NULL) return 0; EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, dh); /* Note: if error return, pkey is freed by parent routine */ - if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) + if (ctx->pkey != NULL && !EVP_PKEY_copy_parameters(pkey, ctx->pkey)) return 0; return DH_generate_key(pkey->pkey.dh); } diff --git a/include/openssl/dh.h b/include/openssl/dh.h index 95c708188d..d5f0ee7eb1 100644 --- a/include/openssl/dh.h +++ b/include/openssl/dh.h @@ -242,6 +242,11 @@ int DH_meth_set_generate_params(DH_METHOD *dhm, EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \ EVP_PKEY_CTRL_DH_RFC5114, gen, NULL) +# define EVP_PKEY_CTX_set_dh_nid(ctx, nid) \ + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, \ + EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, \ + EVP_PKEY_CTRL_DH_NID, nid, NULL) + # define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \ EVP_PKEY_OP_DERIVE, \ @@ -306,6 +311,7 @@ int DH_meth_set_generate_params(DH_METHOD *dhm, # define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12) # define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13) # define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14) +# define EVP_PKEY_CTRL_DH_NID (EVP_PKEY_ALG_CTRL + 15) /* KDF types */ # define EVP_PKEY_DH_KDF_NONE 1 -- 2.25.1