1 /*
2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <openssl/core_names.h>
17 #include <openssl/err.h>
18 #ifndef FIPS_MODULE
19 # include <openssl/x509.h>
20 #endif
21 #include "crypto/dsa.h"
22 #include "dsa_local.h"
23
24 /*
25 * The intention with the "backend" source file is to offer backend support
26 * for legacy backends (EVP_PKEY_ASN1_METHOD and EVP_PKEY_METHOD) and provider
27 * implementations alike.
28 */
29
ossl_dsa_key_fromdata(DSA * dsa,const OSSL_PARAM params[])30 int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[])
31 {
32 const OSSL_PARAM *param_priv_key, *param_pub_key;
33 BIGNUM *priv_key = NULL, *pub_key = NULL;
34
35 if (dsa == NULL)
36 return 0;
37
38 param_priv_key =
39 OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY);
40 param_pub_key =
41 OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY);
42
43 /* It's ok if neither half is present */
44 if (param_priv_key == NULL && param_pub_key == NULL)
45 return 1;
46
47 if (param_pub_key != NULL && !OSSL_PARAM_get_BN(param_pub_key, &pub_key))
48 goto err;
49 if (param_priv_key != NULL && !OSSL_PARAM_get_BN(param_priv_key, &priv_key))
50 goto err;
51
52 if (!DSA_set0_key(dsa, pub_key, priv_key))
53 goto err;
54
55 return 1;
56
57 err:
58 BN_clear_free(priv_key);
59 BN_free(pub_key);
60 return 0;
61 }
62
ossl_dsa_is_foreign(const DSA * dsa)63 int ossl_dsa_is_foreign(const DSA *dsa)
64 {
65 #ifndef FIPS_MODULE
66 if (dsa->engine != NULL || DSA_get_method((DSA *)dsa) != DSA_OpenSSL())
67 return 1;
68 #endif
69 return 0;
70 }
71
dsa_bn_dup_check(BIGNUM ** out,const BIGNUM * f)72 static ossl_inline int dsa_bn_dup_check(BIGNUM **out, const BIGNUM *f)
73 {
74 if (f != NULL && (*out = BN_dup(f)) == NULL)
75 return 0;
76 return 1;
77 }
78
ossl_dsa_dup(const DSA * dsa,int selection)79 DSA *ossl_dsa_dup(const DSA *dsa, int selection)
80 {
81 DSA *dupkey = NULL;
82
83 /* Do not try to duplicate foreign DSA keys */
84 if (ossl_dsa_is_foreign(dsa))
85 return NULL;
86
87 if ((dupkey = ossl_dsa_new(dsa->libctx)) == NULL)
88 return NULL;
89
90 if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0
91 && !ossl_ffc_params_copy(&dupkey->params, &dsa->params))
92 goto err;
93
94 dupkey->flags = dsa->flags;
95
96 if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0
97 && ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0
98 || !dsa_bn_dup_check(&dupkey->pub_key, dsa->pub_key)))
99 goto err;
100
101 if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0
102 && ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) == 0
103 || !dsa_bn_dup_check(&dupkey->priv_key, dsa->priv_key)))
104 goto err;
105
106 #ifndef FIPS_MODULE
107 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_DSA,
108 &dupkey->ex_data, &dsa->ex_data))
109 goto err;
110 #endif
111
112 return dupkey;
113
114 err:
115 DSA_free(dupkey);
116 return NULL;
117 }
118
119 #ifndef FIPS_MODULE
ossl_dsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO * p8inf,OSSL_LIB_CTX * libctx,const char * propq)120 DSA *ossl_dsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
121 OSSL_LIB_CTX *libctx, const char *propq)
122 {
123 const unsigned char *p, *pm;
124 int pklen, pmlen;
125 int ptype;
126 const void *pval;
127 const ASN1_STRING *pstr;
128 const X509_ALGOR *palg;
129 ASN1_INTEGER *privkey = NULL;
130 const BIGNUM *dsa_p, *dsa_g;
131 BIGNUM *dsa_pubkey = NULL, *dsa_privkey = NULL;
132 BN_CTX *ctx = NULL;
133
134 DSA *dsa = NULL;
135
136 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8inf))
137 return 0;
138 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
139
140 if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
141 goto decerr;
142 if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
143 goto decerr;
144
145 pstr = pval;
146 pm = pstr->data;
147 pmlen = pstr->length;
148 if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
149 goto decerr;
150 /* We have parameters now set private key */
151 if ((dsa_privkey = BN_secure_new()) == NULL
152 || !ASN1_INTEGER_to_BN(privkey, dsa_privkey)) {
153 ERR_raise(ERR_LIB_DSA, DSA_R_BN_ERROR);
154 goto dsaerr;
155 }
156 /* Calculate public key */
157 if ((dsa_pubkey = BN_new()) == NULL) {
158 ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
159 goto dsaerr;
160 }
161 if ((ctx = BN_CTX_new()) == NULL) {
162 ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
163 goto dsaerr;
164 }
165
166 dsa_p = DSA_get0_p(dsa);
167 dsa_g = DSA_get0_g(dsa);
168 BN_set_flags(dsa_privkey, BN_FLG_CONSTTIME);
169 if (!BN_mod_exp(dsa_pubkey, dsa_g, dsa_privkey, dsa_p, ctx)) {
170 ERR_raise(ERR_LIB_DSA, DSA_R_BN_ERROR);
171 goto dsaerr;
172 }
173 DSA_set0_key(dsa, dsa_pubkey, dsa_privkey);
174
175 goto done;
176
177 decerr:
178 ERR_raise(ERR_LIB_DSA, DSA_R_DECODE_ERROR);
179 dsaerr:
180 BN_free(dsa_privkey);
181 BN_free(dsa_pubkey);
182 DSA_free(dsa);
183 dsa = NULL;
184 done:
185 BN_CTX_free(ctx);
186 ASN1_STRING_clear_free(privkey);
187 return dsa;
188 }
189 #endif
190