Provide DH_check*_ex and many error codes

DH_check{,_pub_key}_ex() wrap their non-ex versions to translate the flags argument of the original functions into OpenSSL errors. For this almost a dozen new error codes need to be added. DH_params_check{,_ex}() is a new version of DH_check that only performs a cheap subset of the checks. They are needed to implement EVP_PKEY_{public,param}_check() (observe the consistent naming) although the actual implementation of EVP_PKEY_param_check() chose to use DH_check_ex(). As far as I can tell, the only raison d'être of the _ex functions and error codes is to spew them to stderr in a couple of openssl(1) commands. This couldn't have been solved differently... These functions will not be exposed publicly. ok inoguchi jsing
author: tb <> 2022-01-10 12:00:52 +0000
committer: tb <> 2022-01-10 12:00:52 +0000
commit: 66fc1114c3900ed41771dba70d33a853a0a925f4 (patch)
tree: a4d80645cff5817beab5299ea58a2124c2e04ea1 /src/lib
parent: a447c077ad67d6e81ed1a4fbe9003875add773c2 (diff)
download: openbsd-66fc1114c3900ed41771dba70d33a853a0a925f4.tar.gz
openbsd-66fc1114c3900ed41771dba70d33a853a0a925f4.tar.bz2
openbsd-66fc1114c3900ed41771dba70d33a853a0a925f4.zip
4 files changed, 102 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 3059b291cf..21e840efc4 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.h,v 1.29 2022/01/07 09:21:21 tb Exp $ */
+/* $OpenBSD: dh.h,v 1.30 2022/01/10 12:00:52 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -288,6 +288,17 @@ void ERR_load_DH_strings(void);
 #define DH_R_NO_PARAMETERS_SET                           107
 #define DH_R_NO_PRIVATE_VALUE                            100
 #define DH_R_PARAMETER_ENCODING_ERROR                    105
+#define DH_R_CHECK_INVALID_J_VALUE                       115
+#define DH_R_CHECK_INVALID_Q_VALUE                       116
+#define DH_R_CHECK_PUBKEY_INVALID                        122
+#define DH_R_CHECK_PUBKEY_TOO_LARGE                      123
+#define DH_R_CHECK_PUBKEY_TOO_SMALL                      124
+#define DH_R_CHECK_P_NOT_PRIME                           117
+#define DH_R_CHECK_P_NOT_SAFE_PRIME                      118
+#define DH_R_CHECK_Q_NOT_PRIME                           119
+#define DH_R_MISSING_PUBKEY                              125
+#define DH_R_NOT_SUITABLE_GENERATOR                      120
+#define DH_R_UNABLE_TO_CHECK_GENERATOR                   121
 #ifdef  __cplusplus
 }
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 7203936611..1d20952e26 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_check.c,v 1.23 2022/01/07 09:27:13 tb Exp $ */
+/* $OpenBSD: dh_check.c,v 1.24 2022/01/10 12:00:52 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -60,12 +60,34 @@
 #include <openssl/bn.h>
 #include <openssl/dh.h>
+#include <openssl/err.h>
 #include "bn_lcl.h"
 #include "dh_local.h"
 #define DH_NUMBER_ITERATIONS_FOR_PRIME 64
+/*
+ * Check that p is odd and 1 < g < p - 1. The _ex version removes the need of
+ * inspecting flags and pushes errors on the stack instead.
+ */
+int
+DH_check_params_ex(const DH *dh)
+{
+        int flags = 0;
+        if (!DH_check_params(dh, &flags))
+                return 0;
+        if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
+                DHerror(DH_R_CHECK_P_NOT_PRIME);
+        if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
+                DHerror(DH_R_NOT_SUITABLE_GENERATOR);
+        return flags == 0;
+}
 int
 DH_check_params(const DH *dh, int *flags)
 {
@@ -102,9 +124,36 @@ DH_check_params(const DH *dh, int *flags)
 /*
 * Check that p is a safe prime and that g is a suitable generator.
+ * The _ex version puts errors on the stack instead of returning flags.
 */
 int
+DH_check_ex(const DH *dh)
+{
+        int flags = 0;
+        if (!DH_check(dh, &flags))
+                return 0;
+        if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
+                DHerror(DH_R_NOT_SUITABLE_GENERATOR);
+        if ((flags & DH_CHECK_Q_NOT_PRIME) != 0)
+                DHerror(DH_R_CHECK_Q_NOT_PRIME);
+        if ((flags & DH_CHECK_INVALID_Q_VALUE) != 0)
+                DHerror(DH_R_CHECK_INVALID_Q_VALUE);
+        if ((flags & DH_CHECK_INVALID_J_VALUE) != 0)
+                DHerror(DH_R_CHECK_INVALID_J_VALUE);
+        if ((flags & DH_UNABLE_TO_CHECK_GENERATOR) != 0)
+                DHerror(DH_R_UNABLE_TO_CHECK_GENERATOR);
+        if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
+                DHerror(DH_R_CHECK_P_NOT_PRIME);
+        if ((flags & DH_CHECK_P_NOT_SAFE_PRIME) != 0)
+                DHerror(DH_R_CHECK_P_NOT_SAFE_PRIME);
+        return flags == 0;
+}
+int
 DH_check(const DH *dh, int *flags)
 {
        BN_CTX *ctx = NULL;
@@ -180,6 +229,24 @@ DH_check(const DH *dh, int *flags)
 }
 int
+DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
+{
+        int flags = 0;
+        if (!DH_check_pub_key(dh, pub_key, &flags))
+                return 0;
+        if ((flags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
+                DHerror(DH_R_CHECK_PUBKEY_TOO_SMALL);
+        if ((flags & DH_CHECK_PUBKEY_TOO_LARGE) != 0)
+                DHerror(DH_R_CHECK_PUBKEY_TOO_LARGE);
+        if ((flags & DH_CHECK_PUBKEY_INVALID) != 0)
+                DHerror(DH_R_CHECK_PUBKEY_INVALID);
+        return flags == 0;
+}
+int
 DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *flags)
 {
        BN_CTX *ctx = NULL;
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
index 497f88436e..a387c37cca 100644
--- a/src/lib/libcrypto/dh/dh_err.c
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_err.c,v 1.16 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: dh_err.c,v 1.17 2022/01/10 12:00:52 tb Exp $ */
 /* ====================================================================
 * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -90,6 +90,17 @@ static ERR_STRING_DATA DH_str_reasons[]=
 {ERR_REASON(DH_R_NO_PARAMETERS_SET)      ,"no parameters set"},
 {ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
 {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
+{ERR_REASON(DH_R_CHECK_INVALID_J_VALUE)   ,"check invalid j value"},
+{ERR_REASON(DH_R_CHECK_INVALID_Q_VALUE)   ,"check invalid q value"},
+{ERR_REASON(DH_R_CHECK_PUBKEY_INVALID)    ,"check pubkey invalid"},
+{ERR_REASON(DH_R_CHECK_PUBKEY_TOO_LARGE)  ,"check pubkey too large"},
+{ERR_REASON(DH_R_CHECK_PUBKEY_TOO_SMALL)  ,"check pubkey too small"},
+{ERR_REASON(DH_R_CHECK_P_NOT_PRIME)       ,"check p not prime"},
+{ERR_REASON(DH_R_CHECK_P_NOT_SAFE_PRIME)  ,"check p not safe prime"},
+{ERR_REASON(DH_R_CHECK_Q_NOT_PRIME)       ,"check q not prime"},
+{ERR_REASON(DH_R_MISSING_PUBKEY)          ,"missing pubkey"},
+{ERR_REASON(DH_R_NOT_SUITABLE_GENERATOR)  ,"not suitable generator"},
+{ERR_REASON(DH_R_UNABLE_TO_CHECK_GENERATOR),"unable to check generator"},
 {0,NULL}
        };
diff --git a/src/lib/libcrypto/dh/dh_local.h b/src/lib/libcrypto/dh/dh_local.h
index 82054af757..21bc266a9c 100644
--- a/src/lib/libcrypto/dh/dh_local.h
+++ b/src/lib/libcrypto/dh/dh_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_local.h,v 1.1 2022/01/07 09:27:13 tb Exp $ */
+/* $OpenBSD: dh_local.h,v 1.2 2022/01/10 12:00:52 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -61,6 +61,15 @@
 __BEGIN_HIDDEN_DECLS
+/*
+ * Public API in OpenSSL that we only want to use internally.
+ */
+int DH_check_params_ex(const DH *dh);
+int DH_check_params(const DH *dh, int *flags);
+int DH_check_ex(const DH *dh);
+int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key);
 __END_HIDDEN_DECLS
 #endif /* !HEADER_DH_LOCAL_H */
author	tb <>	2022-01-10 12:00:52 +0000
committer	tb <>	2022-01-10 12:00:52 +0000
commit	66fc1114c3900ed41771dba70d33a853a0a925f4 (patch)
tree	a4d80645cff5817beab5299ea58a2124c2e04ea1 /src/lib
parent	a447c077ad67d6e81ed1a4fbe9003875add773c2 (diff)
download	openbsd-66fc1114c3900ed41771dba70d33a853a0a925f4.tar.gz openbsd-66fc1114c3900ed41771dba70d33a853a0a925f4.tar.bz2 openbsd-66fc1114c3900ed41771dba70d33a853a0a925f4.zip

diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h index 3059b291cf..21e840efc4 100644 --- a/src/lib/libcrypto/dh/dh.h +++ b/src/lib/libcrypto/dh/dh.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh.h,v 1.29 2022/01/07 09:21:21 tb Exp $ */	1	/* $OpenBSD: dh.h,v 1.30 2022/01/10 12:00:52 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -288,6 +288,17 @@ void ERR_load_DH_strings(void);
288	#define DH_R_NO_PARAMETERS_SET 107	288	#define DH_R_NO_PARAMETERS_SET 107
289	#define DH_R_NO_PRIVATE_VALUE 100	289	#define DH_R_NO_PRIVATE_VALUE 100
290	#define DH_R_PARAMETER_ENCODING_ERROR 105	290	#define DH_R_PARAMETER_ENCODING_ERROR 105
		291	#define DH_R_CHECK_INVALID_J_VALUE 115
		292	#define DH_R_CHECK_INVALID_Q_VALUE 116
		293	#define DH_R_CHECK_PUBKEY_INVALID 122
		294	#define DH_R_CHECK_PUBKEY_TOO_LARGE 123
		295	#define DH_R_CHECK_PUBKEY_TOO_SMALL 124
		296	#define DH_R_CHECK_P_NOT_PRIME 117
		297	#define DH_R_CHECK_P_NOT_SAFE_PRIME 118
		298	#define DH_R_CHECK_Q_NOT_PRIME 119
		299	#define DH_R_MISSING_PUBKEY 125
		300	#define DH_R_NOT_SUITABLE_GENERATOR 120
		301	#define DH_R_UNABLE_TO_CHECK_GENERATOR 121
291		302
292	#ifdef __cplusplus	303	#ifdef __cplusplus
293	}	304	}


diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c index 7203936611..1d20952e26 100644 --- a/src/lib/libcrypto/dh/dh_check.c +++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh_check.c,v 1.23 2022/01/07 09:27:13 tb Exp $ */	1	/* $OpenBSD: dh_check.c,v 1.24 2022/01/10 12:00:52 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -60,12 +60,34 @@
60		60
61	#include <openssl/bn.h>	61	#include <openssl/bn.h>
62	#include <openssl/dh.h>	62	#include <openssl/dh.h>
		63	#include <openssl/err.h>
63		64
64	#include "bn_lcl.h"	65	#include "bn_lcl.h"
65	#include "dh_local.h"	66	#include "dh_local.h"
66		67
67	#define DH_NUMBER_ITERATIONS_FOR_PRIME 64	68	#define DH_NUMBER_ITERATIONS_FOR_PRIME 64
68		69
		70	/*
		71	* Check that p is odd and 1 < g < p - 1. The _ex version removes the need of
		72	* inspecting flags and pushes errors on the stack instead.
		73	*/
		74
		75	int
		76	DH_check_params_ex(const DH *dh)
		77	{
		78	int flags = 0;
		79
		80	if (!DH_check_params(dh, &flags))
		81	return 0;
		82
		83	if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
		84	DHerror(DH_R_CHECK_P_NOT_PRIME);
		85	if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
		86	DHerror(DH_R_NOT_SUITABLE_GENERATOR);
		87
		88	return flags == 0;
		89	}
		90
69	int	91	int
70	DH_check_params(const DH dh, int flags)	92	DH_check_params(const DH dh, int flags)
71	{	93	{
@@ -102,9 +124,36 @@ DH_check_params(const DH dh, int flags)
102		124
103	/*	125	/*
104	* Check that p is a safe prime and that g is a suitable generator.	126	* Check that p is a safe prime and that g is a suitable generator.
		127	* The _ex version puts errors on the stack instead of returning flags.
105	*/	128	*/
106		129
107	int	130	int
		131	DH_check_ex(const DH *dh)
		132	{
		133	int flags = 0;
		134
		135	if (!DH_check(dh, &flags))
		136	return 0;
		137
		138	if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
		139	DHerror(DH_R_NOT_SUITABLE_GENERATOR);
		140	if ((flags & DH_CHECK_Q_NOT_PRIME) != 0)
		141	DHerror(DH_R_CHECK_Q_NOT_PRIME);
		142	if ((flags & DH_CHECK_INVALID_Q_VALUE) != 0)
		143	DHerror(DH_R_CHECK_INVALID_Q_VALUE);
		144	if ((flags & DH_CHECK_INVALID_J_VALUE) != 0)
		145	DHerror(DH_R_CHECK_INVALID_J_VALUE);
		146	if ((flags & DH_UNABLE_TO_CHECK_GENERATOR) != 0)
		147	DHerror(DH_R_UNABLE_TO_CHECK_GENERATOR);
		148	if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
		149	DHerror(DH_R_CHECK_P_NOT_PRIME);
		150	if ((flags & DH_CHECK_P_NOT_SAFE_PRIME) != 0)
		151	DHerror(DH_R_CHECK_P_NOT_SAFE_PRIME);
		152
		153	return flags == 0;
		154	}
		155
		156	int
108	DH_check(const DH dh, int flags)	157	DH_check(const DH dh, int flags)
109	{	158	{
110	BN_CTX *ctx = NULL;	159	BN_CTX *ctx = NULL;
@@ -180,6 +229,24 @@ DH_check(const DH dh, int flags)
180	}	229	}
181		230
182	int	231	int
		232	DH_check_pub_key_ex(const DH dh, const BIGNUM pub_key)
		233	{
		234	int flags = 0;
		235
		236	if (!DH_check_pub_key(dh, pub_key, &flags))
		237	return 0;
		238
		239	if ((flags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
		240	DHerror(DH_R_CHECK_PUBKEY_TOO_SMALL);
		241	if ((flags & DH_CHECK_PUBKEY_TOO_LARGE) != 0)
		242	DHerror(DH_R_CHECK_PUBKEY_TOO_LARGE);
		243	if ((flags & DH_CHECK_PUBKEY_INVALID) != 0)
		244	DHerror(DH_R_CHECK_PUBKEY_INVALID);
		245
		246	return flags == 0;
		247	}
		248
		249	int
183	DH_check_pub_key(const DH dh, const BIGNUM pub_key, int *flags)	250	DH_check_pub_key(const DH dh, const BIGNUM pub_key, int *flags)
184	{	251	{
185	BN_CTX *ctx = NULL;	252	BN_CTX *ctx = NULL;


diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c index 497f88436e..a387c37cca 100644 --- a/src/lib/libcrypto/dh/dh_err.c +++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh_err.c,v 1.16 2017/01/29 17:49:22 beck Exp $ */	1	/* $OpenBSD: dh_err.c,v 1.17 2022/01/10 12:00:52 tb Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -90,6 +90,17 @@ static ERR_STRING_DATA DH_str_reasons[]=
90	{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"},	90	{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"},
91	{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},	91	{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
92	{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},	92	{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
		93	{ERR_REASON(DH_R_CHECK_INVALID_J_VALUE) ,"check invalid j value"},
		94	{ERR_REASON(DH_R_CHECK_INVALID_Q_VALUE) ,"check invalid q value"},
		95	{ERR_REASON(DH_R_CHECK_PUBKEY_INVALID) ,"check pubkey invalid"},
		96	{ERR_REASON(DH_R_CHECK_PUBKEY_TOO_LARGE) ,"check pubkey too large"},
		97	{ERR_REASON(DH_R_CHECK_PUBKEY_TOO_SMALL) ,"check pubkey too small"},
		98	{ERR_REASON(DH_R_CHECK_P_NOT_PRIME) ,"check p not prime"},
		99	{ERR_REASON(DH_R_CHECK_P_NOT_SAFE_PRIME) ,"check p not safe prime"},
		100	{ERR_REASON(DH_R_CHECK_Q_NOT_PRIME) ,"check q not prime"},
		101	{ERR_REASON(DH_R_MISSING_PUBKEY) ,"missing pubkey"},
		102	{ERR_REASON(DH_R_NOT_SUITABLE_GENERATOR) ,"not suitable generator"},
		103	{ERR_REASON(DH_R_UNABLE_TO_CHECK_GENERATOR),"unable to check generator"},
93	{0,NULL}	104	{0,NULL}
94	};	105	};
95		106


diff --git a/src/lib/libcrypto/dh/dh_local.h b/src/lib/libcrypto/dh/dh_local.h index 82054af757..21bc266a9c 100644 --- a/src/lib/libcrypto/dh/dh_local.h +++ b/src/lib/libcrypto/dh/dh_local.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh_local.h,v 1.1 2022/01/07 09:27:13 tb Exp $ */	1	/* $OpenBSD: dh_local.h,v 1.2 2022/01/10 12:00:52 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -61,6 +61,15 @@
61		61
62	__BEGIN_HIDDEN_DECLS	62	__BEGIN_HIDDEN_DECLS
63		63
		64	/*
		65	* Public API in OpenSSL that we only want to use internally.
		66	*/
		67
		68	int DH_check_params_ex(const DH *dh);
		69	int DH_check_params(const DH dh, int flags);
		70	int DH_check_ex(const DH *dh);
		71	int DH_check_pub_key_ex(const DH dh, const BIGNUM pub_key);
		72
64	__END_HIDDEN_DECLS	73	__END_HIDDEN_DECLS
65		74
66	#endif /* !HEADER_DH_LOCAL_H */	75	#endif /* !HEADER_DH_LOCAL_H */