1 files changed, 0 insertions, 493 deletions
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
deleted file mode 100644
index 24c8bb25ec..0000000000
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ /dev/null
@@ -1,493 +0,0 @@
-/* $OpenBSD: dh_ameth.c,v 1.13 2015/01/08 01:44:29 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include "asn1_locl.h"
-static void
-int_dh_free(EVP_PKEY *pkey)
-{
-        DH_free(pkey->pkey.dh);
-}
-static int
-dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-        const unsigned char *p, *pm;
-        int pklen, pmlen;
-        int ptype;
-        void *pval;
-        ASN1_STRING *pstr;
-        X509_ALGOR *palg;
-        ASN1_INTEGER *public_key = NULL;
-        DH *dh = NULL;
-        if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-                return 0;
-        X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-        if (ptype != V_ASN1_SEQUENCE) {
-                DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
-                goto err;
-        }
-        pstr = pval;    
-        pm = pstr->data;
-        pmlen = pstr->length;
-        if (!(dh = d2i_DHparams(NULL, &pm, pmlen))) {
-                DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
-                goto err;
-        }
-        if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) {
-                DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
-                goto err;
-        }
-        /* We have parameters now set public key */
-        if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
-                DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
-                goto err;
-        }
-        ASN1_INTEGER_free(public_key);
-        EVP_PKEY_assign_DH(pkey, dh);
-        return 1;
-err:
-        if (public_key)
-                ASN1_INTEGER_free(public_key);
-        DH_free(dh);
-        return 0;
-}
-static int
-dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-        DH *dh;
-        int ptype;
-        unsigned char *penc = NULL;
-        int penclen;
-        ASN1_STRING *str;
-        ASN1_INTEGER *pub_key = NULL;
-        dh=pkey->pkey.dh;
-        str = ASN1_STRING_new();
-        if (str == NULL) {
-                DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        str->length = i2d_DHparams(dh, &str->data);
-        if (str->length <= 0) {
-                DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        ptype = V_ASN1_SEQUENCE;
-        pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
-        if (!pub_key)
-                goto err;
-        penclen = i2d_ASN1_INTEGER(pub_key, &penc);
-        ASN1_INTEGER_free(pub_key);
-        if (penclen <= 0) {
-                DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-                goto err;
-                }
-        if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH), ptype,
-            (void *)str, penc, penclen))
-                return 1;
-err:
-        free(penc);
-        ASN1_STRING_free(str);
-        return 0;
-}
-/*
- * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
- * that the AlgorithmIdentifier contains the paramaters, the private key
- * is explcitly included and the pubkey must be recalculated.
- */
-        
-static int
-dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-        const unsigned char *p, *pm;
-        int pklen, pmlen;
-        int ptype;
-        void *pval;
-        ASN1_STRING *pstr;
-        X509_ALGOR *palg;
-        ASN1_INTEGER *privkey = NULL;
-        DH *dh = NULL;
-        if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-                return 0;
-        X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-        if (ptype != V_ASN1_SEQUENCE)
-                goto decerr;
-        if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
-                goto decerr;
-        pstr = pval;    
-        pm = pstr->data;
-        pmlen = pstr->length;
-        if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
-                goto decerr;
-        /* We have parameters now set private key */
-        if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-                DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
-                goto dherr;
-        }
-        /* Calculate public key */
-        if (!DH_generate_key(dh))
-                goto dherr;
-        EVP_PKEY_assign_DH(pkey, dh);
-        ASN1_INTEGER_free(privkey);
-        return 1;
-decerr:
-        DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
-dherr:
-        DH_free(dh);
-        return 0;
-}
-static int
-dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-        ASN1_STRING *params = NULL;
-        ASN1_INTEGER *prkey = NULL;
-        unsigned char *dp = NULL;
-        int dplen;
-        params = ASN1_STRING_new();
-        if (!params) {
-                DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
-        if (params->length <= 0) {
-                DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        params->type = V_ASN1_SEQUENCE;
-        /* Get private key into integer */
-        prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
-        if (!prkey) {
-                DHerr(DH_F_DH_PRIV_ENCODE, DH_R_BN_ERROR);
-                goto err;
-        }
-        dplen = i2d_ASN1_INTEGER(prkey, &dp);
-        ASN1_INTEGER_free(prkey);
-        prkey = NULL;
-        if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
-            V_ASN1_SEQUENCE, params, dp, dplen))
-                goto err;
-        return 1;
-err:
-        free(dp);
-        ASN1_STRING_free(params);
-        ASN1_INTEGER_free(prkey);
-        return 0;
-}
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-        size_t i;
-        if (!b)
-                return;
-        if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-                *pbuflen = i;
-}
-static int
-dh_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-        DH *dh;
-        if (!(dh = d2i_DHparams(NULL, pder, derlen))) {
-                DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
-                return 0;
-        }
-        EVP_PKEY_assign_DH(pkey, dh);
-        return 1;
-}
-static int
-dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-        return i2d_DHparams(pkey->pkey.dh, pder);
-}
-static int
-do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
-{
-        unsigned char *m = NULL;
-        int reason = ERR_R_BUF_LIB, ret = 0;
-        size_t buf_len = 0;
-        const char *ktype = NULL;
-        BIGNUM *priv_key, *pub_key;
-        if (ptype == 2)
-                priv_key = x->priv_key;
-        else
-                priv_key = NULL;
-        if (ptype > 0)
-                pub_key = x->pub_key;
-        else
-                pub_key = NULL;
-        update_buflen(x->p, &buf_len);
-        if (buf_len == 0) {
-                reason = ERR_R_PASSED_NULL_PARAMETER;
-                goto err;
-        }
-        update_buflen(x->g, &buf_len);
-        update_buflen(pub_key, &buf_len);
-        update_buflen(priv_key, &buf_len);
-        if (ptype == 2)
-                ktype = "PKCS#3 DH Private-Key";
-        else if (ptype == 1)
-                ktype = "PKCS#3 DH Public-Key";
-        else
-                ktype = "PKCS#3 DH Parameters";
-        m= malloc(buf_len + 10);
-        if (m == NULL) {
-                reason = ERR_R_MALLOC_FAILURE;
-                goto err;
-        }
-        BIO_indent(bp, indent, 128);
-        if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
-                goto err;
-        indent += 4;
-        if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
-                goto err;
-        if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
-                goto err;
-        if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
-                goto err;
-        if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
-                goto err;
-        if (x->length != 0) {
-                BIO_indent(bp, indent, 128);
-                if (BIO_printf(bp, "recommended-private-length: %d bits\n",
-                    (int)x->length) <= 0)
-                        goto err;
-        }
-        ret = 1;
-        if (0) {
-err:
-                DHerr(DH_F_DO_DH_PRINT,reason);
-        }
-        free(m);
-        return(ret);
-}
-static int
-int_dh_size(const EVP_PKEY *pkey)
-{
-        return DH_size(pkey->pkey.dh);
-}
-static int
-dh_bits(const EVP_PKEY *pkey)
-{
-        return BN_num_bits(pkey->pkey.dh->p);
-}
-static int
-dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-        if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) ||
-            BN_cmp(a->pkey.dh->g, b->pkey.dh->g))
-                return 0;
-        else
-                return 1;
-}
-static int
-dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-        BIGNUM *a;
-        if ((a = BN_dup(from->pkey.dh->p)) == NULL)
-                return 0;
-        BN_free(to->pkey.dh->p);
-        to->pkey.dh->p = a;
-        if ((a = BN_dup(from->pkey.dh->g)) == NULL)
-                return 0;
-        BN_free(to->pkey.dh->g);
-        to->pkey.dh->g = a;
-        return 1;
-}
-static int
-dh_missing_parameters(const EVP_PKEY *a)
-{
-        if (!a->pkey.dh->p || !a->pkey.dh->g)
-                return 1;
-        return 0;
-}
-static int
-dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-        if (dh_cmp_parameters(a, b) == 0)
-                return 0;
-        if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0)
-                return 0;
-        else
-                return 1;
-}
-static int
-dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-        return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
-}
-static int
-dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-        return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
-}
-static int
-dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-        return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
-}
-int
-DHparams_print(BIO *bp, const DH *x)
-{
-        return do_dh_print(bp, x, 4, NULL, 0);
-}
-const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
-        .pkey_id = EVP_PKEY_DH,
-        .pkey_base_id = EVP_PKEY_DH,
-        .pem_str = "DH",
-        .info = "OpenSSL PKCS#3 DH method",
-        .pub_decode = dh_pub_decode,
-        .pub_encode = dh_pub_encode,
-        .pub_cmp = dh_pub_cmp,
-        .pub_print = dh_public_print,
-        .priv_decode = dh_priv_decode,
-        .priv_encode = dh_priv_encode,
-        .priv_print = dh_private_print,
-        .pkey_size = int_dh_size,
-        .pkey_bits = dh_bits,
-        .param_decode = dh_param_decode,
-        .param_encode = dh_param_encode,
-        .param_missing = dh_missing_parameters,
-        .param_copy = dh_copy_parameters,
-        .param_cmp = dh_cmp_parameters,
-        .param_print = dh_param_print,
-        .pkey_free = int_dh_free,
-};

diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c deleted file mode 100644 index 24c8bb25ec..0000000000 --- a/src/lib/libcrypto/dh/dh_ameth.c +++ /dev/null
@@ -1,493 +0,0 @@
1	/* $OpenBSD: dh_ameth.c,v 1.13 2015/01/08 01:44:29 doug Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.
4	*/
5	/* ====================================================================
6	* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58
59	#include <stdio.h>
60
61	#include <openssl/asn1.h>
62	#include <openssl/bn.h>
63	#include <openssl/dh.h>
64	#include <openssl/err.h>
65	#include <openssl/x509.h>
66
67	#include "asn1_locl.h"
68
69	static void
70	int_dh_free(EVP_PKEY *pkey)
71	{
72	DH_free(pkey->pkey.dh);
73	}
74
75	static int
76	dh_pub_decode(EVP_PKEY pkey, X509_PUBKEY pubkey)
77	{
78	const unsigned char p, pm;
79	int pklen, pmlen;
80	int ptype;
81	void *pval;
82	ASN1_STRING *pstr;
83	X509_ALGOR *palg;
84	ASN1_INTEGER *public_key = NULL;
85	DH *dh = NULL;
86
87	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
88	return 0;
89	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
90
91	if (ptype != V_ASN1_SEQUENCE) {
92	DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
93	goto err;
94	}
95
96	pstr = pval;
97	pm = pstr->data;
98	pmlen = pstr->length;
99
100	if (!(dh = d2i_DHparams(NULL, &pm, pmlen))) {
101	DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
102	goto err;
103	}
104
105	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) {
106	DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
107	goto err;
108	}
109
110	/* We have parameters now set public key */
111	if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
112	DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
113	goto err;
114	}
115
116	ASN1_INTEGER_free(public_key);
117	EVP_PKEY_assign_DH(pkey, dh);
118	return 1;
119
120	err:
121	if (public_key)
122	ASN1_INTEGER_free(public_key);
123	DH_free(dh);
124	return 0;
125	}
126
127	static int
128	dh_pub_encode(X509_PUBKEY pk, const EVP_PKEY pkey)
129	{
130	DH *dh;
131	int ptype;
132	unsigned char *penc = NULL;
133	int penclen;
134	ASN1_STRING *str;
135	ASN1_INTEGER *pub_key = NULL;
136
137	dh=pkey->pkey.dh;
138
139	str = ASN1_STRING_new();
140	if (str == NULL) {
141	DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
142	goto err;
143	}
144
145	str->length = i2d_DHparams(dh, &str->data);
146	if (str->length <= 0) {
147	DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
148	goto err;
149	}
150	ptype = V_ASN1_SEQUENCE;
151
152	pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
153	if (!pub_key)
154	goto err;
155
156	penclen = i2d_ASN1_INTEGER(pub_key, &penc);
157
158	ASN1_INTEGER_free(pub_key);
159
160	if (penclen <= 0) {
161	DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
162	goto err;
163	}
164
165	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH), ptype,
166	(void *)str, penc, penclen))
167	return 1;
168
169	err:
170	free(penc);
171	ASN1_STRING_free(str);
172
173	return 0;
174	}
175
176	/*
177	* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
178	* that the AlgorithmIdentifier contains the paramaters, the private key
179	* is explcitly included and the pubkey must be recalculated.
180	*/
181
182	static int
183	dh_priv_decode(EVP_PKEY pkey, PKCS8_PRIV_KEY_INFO p8)
184	{
185	const unsigned char p, pm;
186	int pklen, pmlen;
187	int ptype;
188	void *pval;
189	ASN1_STRING *pstr;
190	X509_ALGOR *palg;
191	ASN1_INTEGER *privkey = NULL;
192	DH *dh = NULL;
193
194	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
195	return 0;
196
197	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
198
199	if (ptype != V_ASN1_SEQUENCE)
200	goto decerr;
201
202	if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
203	goto decerr;
204
205	pstr = pval;
206	pm = pstr->data;
207	pmlen = pstr->length;
208	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
209	goto decerr;
210	/* We have parameters now set private key */
211	if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
212	DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
213	goto dherr;
214	}
215	/* Calculate public key */
216	if (!DH_generate_key(dh))
217	goto dherr;
218
219	EVP_PKEY_assign_DH(pkey, dh);
220
221	ASN1_INTEGER_free(privkey);
222
223	return 1;
224
225	decerr:
226	DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
227	dherr:
228	DH_free(dh);
229	return 0;
230	}
231
232	static int
233	dh_priv_encode(PKCS8_PRIV_KEY_INFO p8, const EVP_PKEY pkey)
234	{
235	ASN1_STRING *params = NULL;
236	ASN1_INTEGER *prkey = NULL;
237	unsigned char *dp = NULL;
238	int dplen;
239
240	params = ASN1_STRING_new();
241
242	if (!params) {
243	DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
244	goto err;
245	}
246
247	params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
248	if (params->length <= 0) {
249	DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
250	goto err;
251	}
252	params->type = V_ASN1_SEQUENCE;
253
254	/* Get private key into integer */
255	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
256
257	if (!prkey) {
258	DHerr(DH_F_DH_PRIV_ENCODE, DH_R_BN_ERROR);
259	goto err;
260	}
261
262	dplen = i2d_ASN1_INTEGER(prkey, &dp);
263
264	ASN1_INTEGER_free(prkey);
265	prkey = NULL;
266
267	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
268	V_ASN1_SEQUENCE, params, dp, dplen))
269	goto err;
270
271	return 1;
272
273	err:
274	free(dp);
275	ASN1_STRING_free(params);
276	ASN1_INTEGER_free(prkey);
277	return 0;
278	}
279
280	static void
281	update_buflen(const BIGNUM b, size_t pbuflen)
282	{
283	size_t i;
284
285	if (!b)
286	return;
287	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
288	*pbuflen = i;
289	}
290
291	static int
292	dh_param_decode(EVP_PKEY pkey, const unsigned char *pder, int derlen)
293	{
294	DH *dh;
295
296	if (!(dh = d2i_DHparams(NULL, pder, derlen))) {
297	DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
298	return 0;
299	}
300	EVP_PKEY_assign_DH(pkey, dh);
301	return 1;
302	}
303
304	static int
305	dh_param_encode(const EVP_PKEY pkey, unsigned char *pder)
306	{
307	return i2d_DHparams(pkey->pkey.dh, pder);
308	}
309
310	static int
311	do_dh_print(BIO bp, const DH x, int indent, ASN1_PCTX *ctx, int ptype)
312	{
313	unsigned char *m = NULL;
314	int reason = ERR_R_BUF_LIB, ret = 0;
315	size_t buf_len = 0;
316	const char *ktype = NULL;
317	BIGNUM priv_key, pub_key;
318
319	if (ptype == 2)
320	priv_key = x->priv_key;
321	else
322	priv_key = NULL;
323
324	if (ptype > 0)
325	pub_key = x->pub_key;
326	else
327	pub_key = NULL;
328
329	update_buflen(x->p, &buf_len);
330
331	if (buf_len == 0) {
332	reason = ERR_R_PASSED_NULL_PARAMETER;
333	goto err;
334	}
335
336	update_buflen(x->g, &buf_len);
337	update_buflen(pub_key, &buf_len);
338	update_buflen(priv_key, &buf_len);
339
340	if (ptype == 2)
341	ktype = "PKCS#3 DH Private-Key";
342	else if (ptype == 1)
343	ktype = "PKCS#3 DH Public-Key";
344	else
345	ktype = "PKCS#3 DH Parameters";
346
347	m= malloc(buf_len + 10);
348	if (m == NULL) {
349	reason = ERR_R_MALLOC_FAILURE;
350	goto err;
351	}
352
353	BIO_indent(bp, indent, 128);
354	if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
355	goto err;
356	indent += 4;
357
358	if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
359	goto err;
360	if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
361	goto err;
362
363	if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
364	goto err;
365	if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
366	goto err;
367	if (x->length != 0) {
368	BIO_indent(bp, indent, 128);
369	if (BIO_printf(bp, "recommended-private-length: %d bits\n",
370	(int)x->length) <= 0)
371	goto err;
372	}
373
374	ret = 1;
375	if (0) {
376	err:
377	DHerr(DH_F_DO_DH_PRINT,reason);
378	}
379	free(m);
380	return(ret);
381	}
382
383	static int
384	int_dh_size(const EVP_PKEY *pkey)
385	{
386	return DH_size(pkey->pkey.dh);
387	}
388
389	static int
390	dh_bits(const EVP_PKEY *pkey)
391	{
392	return BN_num_bits(pkey->pkey.dh->p);
393	}
394
395	static int
396	dh_cmp_parameters(const EVP_PKEY a, const EVP_PKEY b)
397	{
398	if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) \|\|
399	BN_cmp(a->pkey.dh->g, b->pkey.dh->g))
400	return 0;
401	else
402	return 1;
403	}
404
405	static int
406	dh_copy_parameters(EVP_PKEY to, const EVP_PKEY from)
407	{
408	BIGNUM *a;
409
410	if ((a = BN_dup(from->pkey.dh->p)) == NULL)
411	return 0;
412	BN_free(to->pkey.dh->p);
413	to->pkey.dh->p = a;
414
415	if ((a = BN_dup(from->pkey.dh->g)) == NULL)
416	return 0;
417	BN_free(to->pkey.dh->g);
418	to->pkey.dh->g = a;
419
420	return 1;
421	}
422
423	static int
424	dh_missing_parameters(const EVP_PKEY *a)
425	{
426	if (!a->pkey.dh->p \|\| !a->pkey.dh->g)
427	return 1;
428	return 0;
429	}
430
431	static int
432	dh_pub_cmp(const EVP_PKEY a, const EVP_PKEY b)
433	{
434	if (dh_cmp_parameters(a, b) == 0)
435	return 0;
436	if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0)
437	return 0;
438	else
439	return 1;
440	}
441
442	static int
443	dh_param_print(BIO bp, const EVP_PKEY pkey, int indent, ASN1_PCTX *ctx)
444	{
445	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
446	}
447
448	static int
449	dh_public_print(BIO bp, const EVP_PKEY pkey, int indent, ASN1_PCTX *ctx)
450	{
451	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
452	}
453
454	static int
455	dh_private_print(BIO bp, const EVP_PKEY pkey, int indent, ASN1_PCTX *ctx)
456	{
457	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
458	}
459
460	int
461	DHparams_print(BIO bp, const DH x)
462	{
463	return do_dh_print(bp, x, 4, NULL, 0);
464	}
465
466	const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
467	.pkey_id = EVP_PKEY_DH,
468	.pkey_base_id = EVP_PKEY_DH,
469
470	.pem_str = "DH",
471	.info = "OpenSSL PKCS#3 DH method",
472
473	.pub_decode = dh_pub_decode,
474	.pub_encode = dh_pub_encode,
475	.pub_cmp = dh_pub_cmp,
476	.pub_print = dh_public_print,
477
478	.priv_decode = dh_priv_decode,
479	.priv_encode = dh_priv_encode,
480	.priv_print = dh_private_print,
481
482	.pkey_size = int_dh_size,
483	.pkey_bits = dh_bits,
484
485	.param_decode = dh_param_decode,
486	.param_encode = dh_param_encode,
487	.param_missing = dh_missing_parameters,
488	.param_copy = dh_copy_parameters,
489	.param_cmp = dh_cmp_parameters,
490	.param_print = dh_param_print,
491
492	.pkey_free = int_dh_free,
493	};