diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/dh')
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/build.info | 3 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_ameth.c | 57 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_asn1.c | 2 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_check.c | 64 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_err.c | 116 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_gen.c | 6 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_kdf.c | 2 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_key.c | 12 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_lib.c | 36 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_locl.h | 5 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_pmeth.c | 62 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_prn.c | 4 | ||||
| -rw-r--r-- | deps/openssl/openssl/crypto/dh/dh_rfc7919.c | 74 |
13 files changed, 353 insertions, 90 deletions
diff --git a/deps/openssl/openssl/crypto/dh/build.info b/deps/openssl/openssl/crypto/dh/build.info index dba93066ae..b19ff6dbac 100644 --- a/deps/openssl/openssl/crypto/dh/build.info +++ b/deps/openssl/openssl/crypto/dh/build.info @@ -1,4 +1,5 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \ - dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c dh_meth.c + dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c dh_meth.c \ + dh_rfc7919.c diff --git a/deps/openssl/openssl/crypto/dh/dh_ameth.c b/deps/openssl/openssl/crypto/dh/dh_ameth.c index cd77867dee..05a1d4227e 100644 --- a/deps/openssl/openssl/crypto/dh/dh_ameth.c +++ b/deps/openssl/openssl/crypto/dh/dh_ameth.c @@ -326,7 +326,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype) goto err; } if (BIO_write(bp, "\n", 1) <= 0) - return (0); + return 0; } if (x->counter && !ASN1_bn_print(bp, "counter:", x->counter, NULL, indent)) goto err; @@ -346,7 +346,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype) static int int_dh_size(const EVP_PKEY *pkey) { - return (DH_size(pkey->pkey.dh)); + return DH_size(pkey->pkey.dh); } static int dh_bits(const EVP_PKEY *pkey) @@ -374,13 +374,19 @@ static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src) { BIGNUM *a; - if (src) { - a = BN_dup(src); - if (!a) - return 0; - } else + + /* + * If source is read only just copy the pointer, so + * we don't have to reallocate it. + */ + if (src == NULL) a = NULL; - BN_free(*dst); + else if (BN_get_flags(src, BN_FLG_STATIC_DATA) + && !BN_get_flags(src, BN_FLG_MALLOCED)) + a = (BIGNUM *)src; + else if ((a = BN_dup(src)) == NULL) + return 0; + BN_clear_free(*dst); *dst = a; return 1; } @@ -503,6 +509,25 @@ static int dh_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) } +static int dh_pkey_public_check(const EVP_PKEY *pkey) +{ + DH *dh = pkey->pkey.dh; + + if (dh->pub_key == NULL) { + DHerr(DH_F_DH_PKEY_PUBLIC_CHECK, DH_R_MISSING_PUBKEY); + return 0; + } + + return DH_check_pub_key_ex(dh, dh->pub_key); +} + +static int dh_pkey_param_check(const EVP_PKEY *pkey) +{ + DH *dh = pkey->pkey.dh; + + return DH_check_ex(dh); +} + const EVP_PKEY_ASN1_METHOD dh_asn1_meth = { EVP_PKEY_DH, EVP_PKEY_DH, @@ -533,7 +558,13 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = { 0, int_dh_free, - 0 + 0, + + 0, 0, 0, 0, 0, + + 0, + dh_pkey_public_check, + dh_pkey_param_check }; const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = { @@ -566,7 +597,13 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = { 0, int_dh_free, - dh_pkey_ctrl + dh_pkey_ctrl, + + 0, 0, 0, 0, 0, + + 0, + dh_pkey_public_check, + dh_pkey_param_check }; #ifndef OPENSSL_NO_CMS diff --git a/deps/openssl/openssl/crypto/dh/dh_asn1.c b/deps/openssl/openssl/crypto/dh/dh_asn1.c index 7c72fd64e5..1a40633b48 100644 --- a/deps/openssl/openssl/crypto/dh/dh_asn1.c +++ b/deps/openssl/openssl/crypto/dh/dh_asn1.c @@ -34,7 +34,7 @@ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ASN1_SEQUENCE_cb(DHparams, dh_cb) = { ASN1_SIMPLE(DH, p, BIGNUM), ASN1_SIMPLE(DH, g, BIGNUM), - ASN1_OPT(DH, length, ZLONG), + ASN1_OPT_EMBED(DH, length, ZINT32), } ASN1_SEQUENCE_END_cb(DH, DHparams) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) diff --git a/deps/openssl/openssl/crypto/dh/dh_check.c b/deps/openssl/openssl/crypto/dh/dh_check.c index 3b0fa5903e..fc45577101 100644 --- a/deps/openssl/openssl/crypto/dh/dh_check.c +++ b/deps/openssl/openssl/crypto/dh/dh_check.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -18,6 +18,19 @@ * p is odd * 1 < g < p - 1 */ +int DH_check_params_ex(const DH *dh) +{ + int errflags = 0; + + (void)DH_check_params(dh, &errflags); + + if ((errflags & DH_CHECK_P_NOT_PRIME) != 0) + DHerr(DH_F_DH_CHECK_PARAMS_EX, DH_R_CHECK_P_NOT_PRIME); + if ((errflags & DH_NOT_SUITABLE_GENERATOR) != 0) + DHerr(DH_F_DH_CHECK_PARAMS_EX, DH_R_NOT_SUITABLE_GENERATOR); + + return errflags == 0; +} int DH_check_params(const DH *dh, int *ret) { @@ -49,7 +62,7 @@ int DH_check_params(const DH *dh, int *ret) BN_CTX_end(ctx); BN_CTX_free(ctx); } - return (ok); + return ok; } /*- @@ -61,6 +74,29 @@ int DH_check_params(const DH *dh, int *ret) * for 5, p mod 10 == 3 or 7 * should hold. */ +int DH_check_ex(const DH *dh) +{ + int errflags = 0; + + (void)DH_check(dh, &errflags); + + if ((errflags & DH_NOT_SUITABLE_GENERATOR) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_NOT_SUITABLE_GENERATOR); + if ((errflags & DH_CHECK_Q_NOT_PRIME) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_Q_NOT_PRIME); + if ((errflags & DH_CHECK_INVALID_Q_VALUE) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_INVALID_Q_VALUE); + if ((errflags & DH_CHECK_INVALID_J_VALUE) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_INVALID_J_VALUE); + if ((errflags & DH_UNABLE_TO_CHECK_GENERATOR) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_UNABLE_TO_CHECK_GENERATOR); + if ((errflags & DH_CHECK_P_NOT_PRIME) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_P_NOT_PRIME); + if ((errflags & DH_CHECK_P_NOT_SAFE_PRIME) != 0) + DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_P_NOT_SAFE_PRIME); + + return errflags == 0; +} int DH_check(const DH *dh, int *ret) { @@ -75,8 +111,6 @@ int DH_check(const DH *dh, int *ret) goto err; BN_CTX_start(ctx); t1 = BN_CTX_get(ctx); - if (t1 == NULL) - goto err; t2 = BN_CTX_get(ctx); if (t2 == NULL) goto err; @@ -132,7 +166,7 @@ int DH_check(const DH *dh, int *ret) r = BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL); if (r < 0) goto err; - if (!r) + if (!r) *ret |= DH_CHECK_P_NOT_SAFE_PRIME; } ok = 1; @@ -141,7 +175,23 @@ int DH_check(const DH *dh, int *ret) BN_CTX_end(ctx); BN_CTX_free(ctx); } - return (ok); + return ok; +} + +int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key) +{ + int errflags = 0; + + (void)DH_check(dh, &errflags); + + if ((errflags & DH_CHECK_PUBKEY_TOO_SMALL) != 0) + DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_SMALL); + if ((errflags & DH_CHECK_PUBKEY_TOO_LARGE) != 0) + DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_LARGE); + if ((errflags & DH_CHECK_PUBKEY_INVALID) != 0) + DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_INVALID); + + return errflags == 0; } int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) @@ -179,5 +229,5 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) BN_CTX_end(ctx); BN_CTX_free(ctx); } - return (ok); + return ok; } diff --git a/deps/openssl/openssl/crypto/dh/dh_err.c b/deps/openssl/openssl/crypto/dh/dh_err.c index 4e21f284bd..7285587b4a 100644 --- a/deps/openssl/openssl/crypto/dh/dh_err.c +++ b/deps/openssl/openssl/crypto/dh/dh_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,53 +8,82 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <openssl/err.h> -#include <openssl/dh.h> +#include <openssl/dherr.h> -/* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR -# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0) -# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason) - -static ERR_STRING_DATA DH_str_functs[] = { - {ERR_FUNC(DH_F_COMPUTE_KEY), "compute_key"}, - {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, - {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "dh_builtin_genparams"}, - {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "dh_cms_decrypt"}, - {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "dh_cms_set_peerkey"}, - {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "dh_cms_set_shared_info"}, - {ERR_FUNC(DH_F_DH_METH_DUP), "DH_meth_dup"}, - {ERR_FUNC(DH_F_DH_METH_NEW), "DH_meth_new"}, - {ERR_FUNC(DH_F_DH_METH_SET1_NAME), "DH_meth_set1_name"}, - {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, - {ERR_FUNC(DH_F_DH_PARAM_DECODE), "dh_param_decode"}, - {ERR_FUNC(DH_F_DH_PRIV_DECODE), "dh_priv_decode"}, - {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "dh_priv_encode"}, - {ERR_FUNC(DH_F_DH_PUB_DECODE), "dh_pub_decode"}, - {ERR_FUNC(DH_F_DH_PUB_ENCODE), "dh_pub_encode"}, - {ERR_FUNC(DH_F_DO_DH_PRINT), "do_dh_print"}, - {ERR_FUNC(DH_F_GENERATE_KEY), "generate_key"}, - {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "pkey_dh_derive"}, - {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "pkey_dh_keygen"}, +static const ERR_STRING_DATA DH_str_functs[] = { + {ERR_PACK(ERR_LIB_DH, DH_F_COMPUTE_KEY, 0), "compute_key"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DHPARAMS_PRINT_FP, 0), "DHparams_print_fp"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_BUILTIN_GENPARAMS, 0), + "dh_builtin_genparams"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_EX, 0), "DH_check_ex"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PARAMS_EX, 0), "DH_check_params_ex"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY_EX, 0), "DH_check_pub_key_ex"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_DECRYPT, 0), "dh_cms_decrypt"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0), + "dh_cms_set_shared_info"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_NEW_BY_NID, 0), "DH_new_by_nid"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_NEW_METHOD, 0), "DH_new_method"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_PARAM_DECODE, 0), "dh_param_decode"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_PKEY_PUBLIC_CHECK, 0), + "dh_pkey_public_check"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_PRIV_DECODE, 0), "dh_priv_decode"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_PRIV_ENCODE, 0), "dh_priv_encode"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_PUB_DECODE, 0), "dh_pub_decode"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DH_PUB_ENCODE, 0), "dh_pub_encode"}, + {ERR_PACK(ERR_LIB_DH, DH_F_DO_DH_PRINT, 0), "do_dh_print"}, + {ERR_PACK(ERR_LIB_DH, DH_F_GENERATE_KEY, 0), "generate_key"}, + {ERR_PACK(ERR_LIB_DH, DH_F_PKEY_DH_CTRL_STR, 0), "pkey_dh_ctrl_str"}, + {ERR_PACK(ERR_LIB_DH, DH_F_PKEY_DH_DERIVE, 0), "pkey_dh_derive"}, + {ERR_PACK(ERR_LIB_DH, DH_F_PKEY_DH_INIT, 0), "pkey_dh_init"}, + {ERR_PACK(ERR_LIB_DH, DH_F_PKEY_DH_KEYGEN, 0), "pkey_dh_keygen"}, {0, NULL} }; -static ERR_STRING_DATA DH_str_reasons[] = { - {ERR_REASON(DH_R_BAD_GENERATOR), "bad generator"}, - {ERR_REASON(DH_R_BN_DECODE_ERROR), "bn decode error"}, - {ERR_REASON(DH_R_BN_ERROR), "bn error"}, - {ERR_REASON(DH_R_DECODE_ERROR), "decode error"}, - {ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"}, - {ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, - {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"}, - {ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"}, - {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"}, - {ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"}, - {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"}, - {ERR_REASON(DH_R_PEER_KEY_ERROR), "peer key error"}, - {ERR_REASON(DH_R_SHARED_INFO_ERROR), "shared info error"}, +static const ERR_STRING_DATA DH_str_reasons[] = { + {ERR_PACK(ERR_LIB_DH, 0, DH_R_BAD_GENERATOR), "bad generator"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_BN_DECODE_ERROR), "bn decode error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_BN_ERROR), "bn error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_INVALID_J_VALUE), + "check invalid j value"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_INVALID_Q_VALUE), + "check invalid q value"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_PUBKEY_INVALID), + "check pubkey invalid"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_PUBKEY_TOO_LARGE), + "check pubkey too large"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_PUBKEY_TOO_SMALL), + "check pubkey too small"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_P_NOT_PRIME), "check p not prime"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_P_NOT_SAFE_PRIME), + "check p not safe prime"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_CHECK_Q_NOT_PRIME), "check q not prime"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_DECODE_ERROR), "decode error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PARAMETER_NAME), + "invalid parameter name"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PARAMETER_NID), + "invalid parameter nid"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PUBKEY), "invalid public key"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEYS_NOT_SET), "keys not set"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_MISSING_PUBKEY), "missing pubkey"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NOT_SUITABLE_GENERATOR), + "not suitable generator"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR), + "parameter encoding error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"}, + {ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR), + "unable to check generator"}, {0, NULL} }; @@ -63,10 +92,9 @@ static ERR_STRING_DATA DH_str_reasons[] = { int ERR_load_DH_strings(void) { #ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(DH_str_functs[0].error) == NULL) { - ERR_load_strings(0, DH_str_functs); - ERR_load_strings(0, DH_str_reasons); + ERR_load_strings_const(DH_str_functs); + ERR_load_strings_const(DH_str_reasons); } #endif return 1; diff --git a/deps/openssl/openssl/crypto/dh/dh_gen.c b/deps/openssl/openssl/crypto/dh/dh_gen.c index 27ecb983d1..59137e0f05 100644 --- a/deps/openssl/openssl/crypto/dh/dh_gen.c +++ b/deps/openssl/openssl/crypto/dh/dh_gen.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -43,7 +43,7 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, * for 3, p mod 12 == 5 <<<<< does not work for safe primes. * for 5, p mod 10 == 3 or 7 * - * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the + * Thanks to Phil Karn for the pointers about the * special generators and for answering some of my questions. * * I've implemented the second simple method :-). @@ -68,7 +68,7 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_CTX_start(ctx); t1 = BN_CTX_get(ctx); t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) + if (t2 == NULL) goto err; /* Make sure 'ret' has the necessary elements */ diff --git a/deps/openssl/openssl/crypto/dh/dh_kdf.c b/deps/openssl/openssl/crypto/dh/dh_kdf.c index 2782eeee6e..e17122bc82 100644 --- a/deps/openssl/openssl/crypto/dh/dh_kdf.c +++ b/deps/openssl/openssl/crypto/dh/dh_kdf.c @@ -7,7 +7,7 @@ * https://www.openssl.org/source/license.html */ -#include <e_os.h> +#include "e_os.h" #ifndef OPENSSL_NO_CMS #include <string.h> diff --git a/deps/openssl/openssl/crypto/dh/dh_key.c b/deps/openssl/openssl/crypto/dh/dh_key.c index b53a063244..4f85be7e49 100644 --- a/deps/openssl/openssl/crypto/dh/dh_key.c +++ b/deps/openssl/openssl/crypto/dh/dh_key.c @@ -116,14 +116,14 @@ static int generate_key(DH *dh) if (generate_new_key) { if (dh->q) { do { - if (!BN_rand_range(priv_key, dh->q)) + if (!BN_priv_rand_range(priv_key, dh->q)) goto err; } while (BN_is_zero(priv_key) || BN_is_one(priv_key)); } else { /* secret exponent length */ l = dh->length ? dh->length : BN_num_bits(dh->p) - 1; - if (!BN_rand(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) + if (!BN_priv_rand(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) goto err; } } @@ -155,7 +155,7 @@ static int generate_key(DH *dh) if (priv_key != dh->priv_key) BN_free(priv_key); BN_CTX_free(ctx); - return (ok); + return ok; } static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) @@ -209,7 +209,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) BN_CTX_end(ctx); BN_CTX_free(ctx); } - return (ret); + return ret; } static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, @@ -222,11 +222,11 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, static int dh_init(DH *dh) { dh->flags |= DH_FLAG_CACHE_MONT_P; - return (1); + return 1; } static int dh_finish(DH *dh) { BN_MONT_CTX_free(dh->method_mont_p); - return (1); + return 1; } diff --git a/deps/openssl/openssl/crypto/dh/dh_lib.c b/deps/openssl/openssl/crypto/dh/dh_lib.c index 2e727df897..962f864dee 100644 --- a/deps/openssl/openssl/crypto/dh/dh_lib.c +++ b/deps/openssl/openssl/crypto/dh/dh_lib.c @@ -9,6 +9,7 @@ #include <stdio.h> #include "internal/cryptlib.h" +#include "internal/refcount.h" #include <openssl/bn.h> #include "dh_locl.h" #include <openssl/engine.h> @@ -99,7 +100,7 @@ void DH_free(DH *r) if (r == NULL) return; - CRYPTO_atomic_add(&r->references, -1, &i, r->lock); + CRYPTO_DOWN_REF(&r->references, &i, r->lock); REF_PRINT_COUNT("DH", r); if (i > 0) return; @@ -130,7 +131,7 @@ int DH_up_ref(DH *r) { int i; - if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) + if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0) return 0; REF_PRINT_COUNT("DH", r); @@ -140,12 +141,12 @@ int DH_up_ref(DH *r) int DH_set_ex_data(DH *d, int idx, void *arg) { - return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); + return CRYPTO_set_ex_data(&d->ex_data, idx, arg); } void *DH_get_ex_data(DH *d, int idx) { - return (CRYPTO_get_ex_data(&d->ex_data, idx)); + return CRYPTO_get_ex_data(&d->ex_data, idx); } int DH_bits(const DH *dh) @@ -155,7 +156,7 @@ int DH_bits(const DH *dh) int DH_size(const DH *dh) { - return (BN_num_bytes(dh->p)); + return BN_num_bytes(dh->p); } int DH_security_bits(const DH *dh) @@ -244,6 +245,31 @@ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) return 1; } +const BIGNUM *DH_get0_p(const DH *dh) +{ + return dh->p; +} + +const BIGNUM *DH_get0_q(const DH *dh) +{ + return dh->q; +} + +const BIGNUM *DH_get0_g(const DH *dh) +{ + return dh->g; +} + +const BIGNUM *DH_get0_priv_key(const DH *dh) +{ + return dh->priv_key; +} + +const BIGNUM *DH_get0_pub_key(const DH *dh) +{ + return dh->pub_key; +} + void DH_clear_flags(DH *dh, int flags) { dh->flags &= ~flags; diff --git a/deps/openssl/openssl/crypto/dh/dh_locl.h b/deps/openssl/openssl/crypto/dh/dh_locl.h index 19301c3185..0a8391a6c0 100644 --- a/deps/openssl/openssl/crypto/dh/dh_locl.h +++ b/deps/openssl/openssl/crypto/dh/dh_locl.h @@ -8,6 +8,7 @@ */ #include <openssl/dh.h> +#include "internal/refcount.h" struct dh_st { /* @@ -18,7 +19,7 @@ struct dh_st { int version; BIGNUM *p; BIGNUM *g; - long length; /* optional */ + int32_t length; /* optional */ BIGNUM *pub_key; /* g^x % p */ BIGNUM *priv_key; /* x */ int flags; @@ -29,7 +30,7 @@ struct dh_st { unsigned char *seed; int seedlen; BIGNUM *counter; - int references; + CRYPTO_REF_COUNT references; CRYPTO_EX_DATA ex_data; const DH_METHOD *meth; ENGINE *engine; diff --git a/deps/openssl/openssl/crypto/dh/dh_pmeth.c b/deps/openssl/openssl/crypto/dh/dh_pmeth.c index c3e03c7a42..cce2d9e26e 100644 --- a/deps/openssl/openssl/crypto/dh/dh_pmeth.c +++ b/deps/openssl/openssl/crypto/dh/dh_pmeth.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,9 +26,11 @@ typedef struct { int generator; int use_dsa; int subprime_len; + int pad; /* message digest used for parameter generation */ const EVP_MD *md; int rfc5114_param; + int param_nid; /* Keygen callback info */ int gentmp[2]; /* KDF (if any) to use for DH */ @@ -48,9 +50,10 @@ static int pkey_dh_init(EVP_PKEY_CTX *ctx) { DH_PKEY_CTX *dctx; - dctx = OPENSSL_zalloc(sizeof(*dctx)); - if (dctx == NULL) + if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) { + DHerr(DH_F_PKEY_DH_INIT, ERR_R_MALLOC_FAILURE); return 0; + } dctx->prime_len = 1024; dctx->subprime_len = -1; dctx->generator = 2; @@ -85,8 +88,10 @@ static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) dctx->subprime_len = sctx->subprime_len; dctx->generator = sctx->generator; dctx->use_dsa = sctx->use_dsa; + dctx->pad = sctx->pad; dctx->md = sctx->md; dctx->rfc5114_param = sctx->rfc5114_param; + dctx->param_nid = sctx->param_nid; dctx->kdf_type = sctx->kdf_type; dctx->kdf_oid = OBJ_dup(sctx->kdf_oid); @@ -119,6 +124,10 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) dctx->subprime_len = p1; return 1; + case EVP_PKEY_CTRL_DH_PAD: + dctx->pad = p1; + return 1; + case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR: if (dctx->use_dsa) return -2; @@ -137,11 +146,17 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_DH_RFC5114: - if (p1 < 1 || p1 > 3) + if (p1 < 1 || p1 > 3 || dctx->param_nid != NID_undef) return -2; dctx->rfc5114_param = p1; return 1; + case EVP_PKEY_CTRL_DH_NID: + if (p1 <= 0 || dctx->rfc5114_param != 0) + return -2; + dctx->param_nid = p1; + return 1; + case EVP_PKEY_CTRL_PEER_KEY: /* Default behaviour is OK */ return 1; @@ -221,6 +236,17 @@ static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, dctx->rfc5114_param = len; return 1; } + if (strcmp(type, "dh_param") == 0) { + DH_PKEY_CTX *dctx = ctx->data; + int nid = OBJ_sn2nid(value); + + if (nid == NID_undef) { + DHerr(DH_F_PKEY_DH_CTRL_STR, DH_R_INVALID_PARAMETER_NAME); + return -2; + } + dctx->param_nid = nid; + return 1; + } if (strcmp(type, "dh_paramgen_generator") == 0) { int len; len = atoi(value); @@ -236,6 +262,11 @@ static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, typ = atoi(value); return EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ); } + if (strcmp(type, "dh_pad") == 0) { + int pad; + pad = atoi(value); + return EVP_PKEY_CTX_set_dh_pad(ctx, pad); + } return -2; } @@ -320,6 +351,13 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) return 1; } + if (dctx->param_nid != 0) { + if ((dh = DH_new_by_nid(dctx->param_nid)) == NULL) + return 0; + EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh); + return 1; + } + if (ctx->pkey_gencb) { pcb = BN_GENCB_new(); if (pcb == NULL) @@ -359,17 +397,22 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { + DH_PKEY_CTX *dctx = ctx->data; DH *dh = NULL; - if (ctx->pkey == NULL) { + + if (ctx->pkey == NULL && dctx->param_nid == 0) { DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET); return 0; } - dh = DH_new(); + if (dctx->param_nid != 0) + dh = DH_new_by_nid(dctx->param_nid); + else + dh = DH_new(); if (dh == NULL) return 0; EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, dh); /* Note: if error return, pkey is freed by parent routine */ - if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey)) + if (ctx->pkey != NULL && !EVP_PKEY_copy_parameters(pkey, ctx->pkey)) return 0; return DH_generate_key(pkey->pkey.dh); } @@ -392,7 +435,10 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, *keylen = DH_size(dh); return 1; } - ret = DH_compute_key(key, dhpub, dh); + if (dctx->pad) + ret = DH_compute_key_padded(key, dhpub, dh); + else + ret = DH_compute_key(key, dhpub, dh); if (ret < 0) return ret; *keylen = ret; diff --git a/deps/openssl/openssl/crypto/dh/dh_prn.c b/deps/openssl/openssl/crypto/dh/dh_prn.c index 283fb0f4a3..aab1733db3 100644 --- a/deps/openssl/openssl/crypto/dh/dh_prn.c +++ b/deps/openssl/openssl/crypto/dh/dh_prn.c @@ -20,11 +20,11 @@ int DHparams_print_fp(FILE *fp, const DH *x) if ((b = BIO_new(BIO_s_file())) == NULL) { DHerr(DH_F_DHPARAMS_PRINT_FP, ERR_R_BUF_LIB); - return (0); + return 0; } BIO_set_fp(b, fp, BIO_NOCLOSE); ret = DHparams_print(b, x); BIO_free(b); - return (ret); + return ret; } #endif diff --git a/deps/openssl/openssl/crypto/dh/dh_rfc7919.c b/deps/openssl/openssl/crypto/dh/dh_rfc7919.c new file mode 100644 index 0000000000..a54b468e55 --- /dev/null +++ b/deps/openssl/openssl/crypto/dh/dh_rfc7919.c @@ -0,0 +1,74 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stdio.h> +#include "internal/cryptlib.h" +#include "dh_locl.h" +#include <openssl/bn.h> +#include <openssl/objects.h> +#include "internal/bn_dh.h" + +static DH *dh_param_init(const BIGNUM *p, int32_t nbits) +{ + DH *dh = DH_new(); + if (dh == NULL) + return NULL; + dh->p = (BIGNUM *)p; + dh->g = (BIGNUM *)&_bignum_const_2; + dh->length = nbits; + return dh; +} + +DH *DH_new_by_nid(int nid) +{ + switch (nid) { + case NID_ffdhe2048: + return dh_param_init(&_bignum_ffdhe2048_p, 225); + case NID_ffdhe3072: + return dh_param_init(&_bignum_ffdhe3072_p, 275); + case NID_ffdhe4096: + return dh_param_init(&_bignum_ffdhe4096_p, 325); + case NID_ffdhe6144: + return dh_param_init(&_bignum_ffdhe6144_p, 375); + case NID_ffdhe8192: + return dh_param_init(&_bignum_ffdhe8192_p, 400); + default: + DHerr(DH_F_DH_NEW_BY_NID, DH_R_INVALID_PARAMETER_NID); + return NULL; + } +} + +int DH_get_nid(const DH *dh) +{ + int nid; + + if (BN_get_word(dh->g) != 2) + return NID_undef; + if (!BN_cmp(dh->p, &_bignum_ffdhe2048_p)) + nid = NID_ffdhe2048; + else if (!BN_cmp(dh->p, &_bignum_ffdhe3072_p)) + nid = NID_ffdhe3072; + else if (!BN_cmp(dh->p, &_bignum_ffdhe4096_p)) + nid = NID_ffdhe4096; + else if (!BN_cmp(dh->p, &_bignum_ffdhe6144_p)) + nid = NID_ffdhe6144; + else if (!BN_cmp(dh->p, &_bignum_ffdhe8192_p)) + nid = NID_ffdhe8192; + else + return NID_undef; + if (dh->q != NULL) { + BIGNUM *q = BN_dup(dh->p); + + /* Check q = p * 2 + 1 we already know q is odd, so just shift right */ + if (q == NULL || !BN_rshift1(q, q) || !BN_cmp(dh->q, q)) + nid = NID_undef; + BN_free(q); + } + return nid; +} |