diff options
| author | djm <> | 2012-10-13 21:25:14 +0000 |
|---|---|---|
| committer | djm <> | 2012-10-13 21:25:14 +0000 |
| commit | 942650cdef05a877200cb7aff3a075935a5fd0cd (patch) | |
| tree | 281e0a29ae8f87a8c47fbd4deaa1f3d48b8cc5c1 /src/lib/libcrypto/dh | |
| parent | 37f091539f73e1650c83acd0c78677ef48c209a6 (diff) | |
| download | openbsd-942650cdef05a877200cb7aff3a075935a5fd0cd.tar.gz openbsd-942650cdef05a877200cb7aff3a075935a5fd0cd.tar.bz2 openbsd-942650cdef05a877200cb7aff3a075935a5fd0cd.zip | |
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/dh')
| -rw-r--r-- | src/lib/libcrypto/dh/dh.h | 20 | ||||
| -rw-r--r-- | src/lib/libcrypto/dh/dh_err.c | 7 | ||||
| -rw-r--r-- | src/lib/libcrypto/dh/dh_gen.c | 17 | ||||
| -rw-r--r-- | src/lib/libcrypto/dh/dh_key.c | 33 | ||||
| -rw-r--r-- | src/lib/libcrypto/dh/dh_lib.c | 15 |
5 files changed, 88 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h index 849309a489..ea59e610ef 100644 --- a/src/lib/libcrypto/dh/dh.h +++ b/src/lib/libcrypto/dh/dh.h | |||
| @@ -86,6 +86,21 @@ | |||
| 86 | * be used for all exponents. | 86 | * be used for all exponents. |
| 87 | */ | 87 | */ |
| 88 | 88 | ||
| 89 | /* If this flag is set the DH method is FIPS compliant and can be used | ||
| 90 | * in FIPS mode. This is set in the validated module method. If an | ||
| 91 | * application sets this flag in its own methods it is its reposibility | ||
| 92 | * to ensure the result is compliant. | ||
| 93 | */ | ||
| 94 | |||
| 95 | #define DH_FLAG_FIPS_METHOD 0x0400 | ||
| 96 | |||
| 97 | /* If this flag is set the operations normally disabled in FIPS mode are | ||
| 98 | * permitted it is then the applications responsibility to ensure that the | ||
| 99 | * usage is compliant. | ||
| 100 | */ | ||
| 101 | |||
| 102 | #define DH_FLAG_NON_FIPS_ALLOW 0x0400 | ||
| 103 | |||
| 89 | #ifdef __cplusplus | 104 | #ifdef __cplusplus |
| 90 | extern "C" { | 105 | extern "C" { |
| 91 | #endif | 106 | #endif |
| @@ -230,6 +245,9 @@ void ERR_load_DH_strings(void); | |||
| 230 | #define DH_F_COMPUTE_KEY 102 | 245 | #define DH_F_COMPUTE_KEY 102 |
| 231 | #define DH_F_DHPARAMS_PRINT_FP 101 | 246 | #define DH_F_DHPARAMS_PRINT_FP 101 |
| 232 | #define DH_F_DH_BUILTIN_GENPARAMS 106 | 247 | #define DH_F_DH_BUILTIN_GENPARAMS 106 |
| 248 | #define DH_F_DH_COMPUTE_KEY 114 | ||
| 249 | #define DH_F_DH_GENERATE_KEY 115 | ||
| 250 | #define DH_F_DH_GENERATE_PARAMETERS_EX 116 | ||
| 233 | #define DH_F_DH_NEW_METHOD 105 | 251 | #define DH_F_DH_NEW_METHOD 105 |
| 234 | #define DH_F_DH_PARAM_DECODE 107 | 252 | #define DH_F_DH_PARAM_DECODE 107 |
| 235 | #define DH_F_DH_PRIV_DECODE 110 | 253 | #define DH_F_DH_PRIV_DECODE 110 |
| @@ -249,7 +267,9 @@ void ERR_load_DH_strings(void); | |||
| 249 | #define DH_R_DECODE_ERROR 104 | 267 | #define DH_R_DECODE_ERROR 104 |
| 250 | #define DH_R_INVALID_PUBKEY 102 | 268 | #define DH_R_INVALID_PUBKEY 102 |
| 251 | #define DH_R_KEYS_NOT_SET 108 | 269 | #define DH_R_KEYS_NOT_SET 108 |
| 270 | #define DH_R_KEY_SIZE_TOO_SMALL 110 | ||
| 252 | #define DH_R_MODULUS_TOO_LARGE 103 | 271 | #define DH_R_MODULUS_TOO_LARGE 103 |
| 272 | #define DH_R_NON_FIPS_METHOD 111 | ||
| 253 | #define DH_R_NO_PARAMETERS_SET 107 | 273 | #define DH_R_NO_PARAMETERS_SET 107 |
| 254 | #define DH_R_NO_PRIVATE_VALUE 100 | 274 | #define DH_R_NO_PRIVATE_VALUE 100 |
| 255 | #define DH_R_PARAMETER_ENCODING_ERROR 105 | 275 | #define DH_R_PARAMETER_ENCODING_ERROR 105 |
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c index d5cf0c22a3..56d3df7356 100644 --- a/src/lib/libcrypto/dh/dh_err.c +++ b/src/lib/libcrypto/dh/dh_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/dh/dh_err.c */ | 1 | /* crypto/dh/dh_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -73,6 +73,9 @@ static ERR_STRING_DATA DH_str_functs[]= | |||
| 73 | {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, | 73 | {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, |
| 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, | 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, |
| 75 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, | 75 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, |
| 76 | {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, | ||
| 77 | {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, | ||
| 78 | {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"}, | ||
| 76 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, | 79 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, |
| 77 | {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, | 80 | {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, |
| 78 | {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"}, | 81 | {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"}, |
| @@ -95,7 +98,9 @@ static ERR_STRING_DATA DH_str_reasons[]= | |||
| 95 | {ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, | 98 | {ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, |
| 96 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, | 99 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, |
| 97 | {ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, | 100 | {ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, |
| 101 | {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, | ||
| 98 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 102 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
| 103 | {ERR_REASON(DH_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
| 99 | {ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, | 104 | {ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, |
| 100 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, | 105 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, |
| 101 | {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, | 106 | {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, |
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c index cfd5b11868..7b1fe9c9cb 100644 --- a/src/lib/libcrypto/dh/dh_gen.c +++ b/src/lib/libcrypto/dh/dh_gen.c | |||
| @@ -66,12 +66,29 @@ | |||
| 66 | #include <openssl/bn.h> | 66 | #include <openssl/bn.h> |
| 67 | #include <openssl/dh.h> | 67 | #include <openssl/dh.h> |
| 68 | 68 | ||
| 69 | #ifdef OPENSSL_FIPS | ||
| 70 | #include <openssl/fips.h> | ||
| 71 | #endif | ||
| 72 | |||
| 69 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); | 73 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); |
| 70 | 74 | ||
| 71 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) | 75 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) |
| 72 | { | 76 | { |
| 77 | #ifdef OPENSSL_FIPS | ||
| 78 | if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) | ||
| 79 | && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) | ||
| 80 | { | ||
| 81 | DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); | ||
| 82 | return 0; | ||
| 83 | } | ||
| 84 | #endif | ||
| 73 | if(ret->meth->generate_params) | 85 | if(ret->meth->generate_params) |
| 74 | return ret->meth->generate_params(ret, prime_len, generator, cb); | 86 | return ret->meth->generate_params(ret, prime_len, generator, cb); |
| 87 | #ifdef OPENSSL_FIPS | ||
| 88 | if (FIPS_mode()) | ||
| 89 | return FIPS_dh_generate_parameters_ex(ret, prime_len, | ||
| 90 | generator, cb); | ||
| 91 | #endif | ||
| 75 | return dh_builtin_genparams(ret, prime_len, generator, cb); | 92 | return dh_builtin_genparams(ret, prime_len, generator, cb); |
| 76 | } | 93 | } |
| 77 | 94 | ||
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index e7db440342..89a74db4e6 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c | |||
| @@ -73,11 +73,27 @@ static int dh_finish(DH *dh); | |||
| 73 | 73 | ||
| 74 | int DH_generate_key(DH *dh) | 74 | int DH_generate_key(DH *dh) |
| 75 | { | 75 | { |
| 76 | #ifdef OPENSSL_FIPS | ||
| 77 | if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) | ||
| 78 | && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) | ||
| 79 | { | ||
| 80 | DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD); | ||
| 81 | return 0; | ||
| 82 | } | ||
| 83 | #endif | ||
| 76 | return dh->meth->generate_key(dh); | 84 | return dh->meth->generate_key(dh); |
| 77 | } | 85 | } |
| 78 | 86 | ||
| 79 | int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | 87 | int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) |
| 80 | { | 88 | { |
| 89 | #ifdef OPENSSL_FIPS | ||
| 90 | if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) | ||
| 91 | && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) | ||
| 92 | { | ||
| 93 | DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD); | ||
| 94 | return 0; | ||
| 95 | } | ||
| 96 | #endif | ||
| 81 | return dh->meth->compute_key(key, pub_key, dh); | 97 | return dh->meth->compute_key(key, pub_key, dh); |
| 82 | } | 98 | } |
| 83 | 99 | ||
| @@ -138,8 +154,21 @@ static int generate_key(DH *dh) | |||
| 138 | 154 | ||
| 139 | if (generate_new_key) | 155 | if (generate_new_key) |
| 140 | { | 156 | { |
| 141 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ | 157 | if (dh->q) |
| 142 | if (!BN_rand(priv_key, l, 0, 0)) goto err; | 158 | { |
| 159 | do | ||
| 160 | { | ||
| 161 | if (!BN_rand_range(priv_key, dh->q)) | ||
| 162 | goto err; | ||
| 163 | } | ||
| 164 | while (BN_is_zero(priv_key) || BN_is_one(priv_key)); | ||
| 165 | } | ||
| 166 | else | ||
| 167 | { | ||
| 168 | /* secret exponent length */ | ||
| 169 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; | ||
| 170 | if (!BN_rand(priv_key, l, 0, 0)) goto err; | ||
| 171 | } | ||
| 143 | } | 172 | } |
| 144 | 173 | ||
| 145 | { | 174 | { |
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c index 7aef080e7a..00218f2b92 100644 --- a/src/lib/libcrypto/dh/dh_lib.c +++ b/src/lib/libcrypto/dh/dh_lib.c | |||
| @@ -64,6 +64,10 @@ | |||
| 64 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
| 65 | #endif | 65 | #endif |
| 66 | 66 | ||
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | #include <openssl/fips.h> | ||
| 69 | #endif | ||
| 70 | |||
| 67 | const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; | 71 | const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; |
| 68 | 72 | ||
| 69 | static const DH_METHOD *default_DH_method = NULL; | 73 | static const DH_METHOD *default_DH_method = NULL; |
| @@ -76,7 +80,16 @@ void DH_set_default_method(const DH_METHOD *meth) | |||
| 76 | const DH_METHOD *DH_get_default_method(void) | 80 | const DH_METHOD *DH_get_default_method(void) |
| 77 | { | 81 | { |
| 78 | if(!default_DH_method) | 82 | if(!default_DH_method) |
| 83 | { | ||
| 84 | #ifdef OPENSSL_FIPS | ||
| 85 | if (FIPS_mode()) | ||
| 86 | return FIPS_dh_openssl(); | ||
| 87 | else | ||
| 88 | return DH_OpenSSL(); | ||
| 89 | #else | ||
| 79 | default_DH_method = DH_OpenSSL(); | 90 | default_DH_method = DH_OpenSSL(); |
| 91 | #endif | ||
| 92 | } | ||
| 80 | return default_DH_method; | 93 | return default_DH_method; |
| 81 | } | 94 | } |
| 82 | 95 | ||
| @@ -156,7 +169,7 @@ DH *DH_new_method(ENGINE *engine) | |||
| 156 | ret->counter = NULL; | 169 | ret->counter = NULL; |
| 157 | ret->method_mont_p=NULL; | 170 | ret->method_mont_p=NULL; |
| 158 | ret->references = 1; | 171 | ret->references = 1; |
| 159 | ret->flags=ret->meth->flags; | 172 | ret->flags=ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW; |
| 160 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | 173 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
| 161 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 174 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
| 162 | { | 175 | { |