1 files changed, 68 insertions, 1 deletions
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index 7203936611..1d20952e26 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_check.c,v 1.23 2022/01/07 09:27:13 tb Exp $ */
+/* $OpenBSD: dh_check.c,v 1.24 2022/01/10 12:00:52 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -60,12 +60,34 @@
 #include <openssl/bn.h>
 #include <openssl/dh.h>
+#include <openssl/err.h>
 #include "bn_lcl.h"
 #include "dh_local.h"
 #define DH_NUMBER_ITERATIONS_FOR_PRIME 64
+/*
+ * Check that p is odd and 1 < g < p - 1. The _ex version removes the need of
+ * inspecting flags and pushes errors on the stack instead.
+ */
+int
+DH_check_params_ex(const DH *dh)
+{
+        int flags = 0;
+        if (!DH_check_params(dh, &flags))
+                return 0;
+        if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
+                DHerror(DH_R_CHECK_P_NOT_PRIME);
+        if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
+                DHerror(DH_R_NOT_SUITABLE_GENERATOR);
+        return flags == 0;
+}
 int
 DH_check_params(const DH *dh, int *flags)
 {
@@ -102,9 +124,36 @@ DH_check_params(const DH *dh, int *flags)
 /*
 * Check that p is a safe prime and that g is a suitable generator.
+ * The _ex version puts errors on the stack instead of returning flags.
 */
 int
+DH_check_ex(const DH *dh)
+{
+        int flags = 0;
+        if (!DH_check(dh, &flags))
+                return 0;
+        if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
+                DHerror(DH_R_NOT_SUITABLE_GENERATOR);
+        if ((flags & DH_CHECK_Q_NOT_PRIME) != 0)
+                DHerror(DH_R_CHECK_Q_NOT_PRIME);
+        if ((flags & DH_CHECK_INVALID_Q_VALUE) != 0)
+                DHerror(DH_R_CHECK_INVALID_Q_VALUE);
+        if ((flags & DH_CHECK_INVALID_J_VALUE) != 0)
+                DHerror(DH_R_CHECK_INVALID_J_VALUE);
+        if ((flags & DH_UNABLE_TO_CHECK_GENERATOR) != 0)
+                DHerror(DH_R_UNABLE_TO_CHECK_GENERATOR);
+        if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
+                DHerror(DH_R_CHECK_P_NOT_PRIME);
+        if ((flags & DH_CHECK_P_NOT_SAFE_PRIME) != 0)
+                DHerror(DH_R_CHECK_P_NOT_SAFE_PRIME);
+        return flags == 0;
+}
+int
 DH_check(const DH *dh, int *flags)
 {
        BN_CTX *ctx = NULL;
@@ -180,6 +229,24 @@ DH_check(const DH *dh, int *flags)
 }
 int
+DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
+{
+        int flags = 0;
+        if (!DH_check_pub_key(dh, pub_key, &flags))
+                return 0;
+        if ((flags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
+                DHerror(DH_R_CHECK_PUBKEY_TOO_SMALL);
+        if ((flags & DH_CHECK_PUBKEY_TOO_LARGE) != 0)
+                DHerror(DH_R_CHECK_PUBKEY_TOO_LARGE);
+        if ((flags & DH_CHECK_PUBKEY_INVALID) != 0)
+                DHerror(DH_R_CHECK_PUBKEY_INVALID);
+        return flags == 0;
+}
+int
 DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *flags)
 {
        BN_CTX *ctx = NULL;

diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c index 7203936611..1d20952e26 100644 --- a/src/lib/libcrypto/dh/dh_check.c +++ b/src/lib/libcrypto/dh/dh_check.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dh_check.c,v 1.23 2022/01/07 09:27:13 tb Exp $ */	1	/* $OpenBSD: dh_check.c,v 1.24 2022/01/10 12:00:52 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -60,12 +60,34 @@
60		60
61	#include <openssl/bn.h>	61	#include <openssl/bn.h>
62	#include <openssl/dh.h>	62	#include <openssl/dh.h>
		63	#include <openssl/err.h>
63		64
64	#include "bn_lcl.h"	65	#include "bn_lcl.h"
65	#include "dh_local.h"	66	#include "dh_local.h"
66		67
67	#define DH_NUMBER_ITERATIONS_FOR_PRIME 64	68	#define DH_NUMBER_ITERATIONS_FOR_PRIME 64
68		69
		70	/*
		71	* Check that p is odd and 1 < g < p - 1. The _ex version removes the need of
		72	* inspecting flags and pushes errors on the stack instead.
		73	*/
		74
		75	int
		76	DH_check_params_ex(const DH *dh)
		77	{
		78	int flags = 0;
		79
		80	if (!DH_check_params(dh, &flags))
		81	return 0;
		82
		83	if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
		84	DHerror(DH_R_CHECK_P_NOT_PRIME);
		85	if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
		86	DHerror(DH_R_NOT_SUITABLE_GENERATOR);
		87
		88	return flags == 0;
		89	}
		90
69	int	91	int
70	DH_check_params(const DH dh, int flags)	92	DH_check_params(const DH dh, int flags)
71	{	93	{
@@ -102,9 +124,36 @@ DH_check_params(const DH dh, int flags)
102		124
103	/*	125	/*
104	* Check that p is a safe prime and that g is a suitable generator.	126	* Check that p is a safe prime and that g is a suitable generator.
		127	* The _ex version puts errors on the stack instead of returning flags.
105	*/	128	*/
106		129
107	int	130	int
		131	DH_check_ex(const DH *dh)
		132	{
		133	int flags = 0;
		134
		135	if (!DH_check(dh, &flags))
		136	return 0;
		137
		138	if ((flags & DH_NOT_SUITABLE_GENERATOR) != 0)
		139	DHerror(DH_R_NOT_SUITABLE_GENERATOR);
		140	if ((flags & DH_CHECK_Q_NOT_PRIME) != 0)
		141	DHerror(DH_R_CHECK_Q_NOT_PRIME);
		142	if ((flags & DH_CHECK_INVALID_Q_VALUE) != 0)
		143	DHerror(DH_R_CHECK_INVALID_Q_VALUE);
		144	if ((flags & DH_CHECK_INVALID_J_VALUE) != 0)
		145	DHerror(DH_R_CHECK_INVALID_J_VALUE);
		146	if ((flags & DH_UNABLE_TO_CHECK_GENERATOR) != 0)
		147	DHerror(DH_R_UNABLE_TO_CHECK_GENERATOR);
		148	if ((flags & DH_CHECK_P_NOT_PRIME) != 0)
		149	DHerror(DH_R_CHECK_P_NOT_PRIME);
		150	if ((flags & DH_CHECK_P_NOT_SAFE_PRIME) != 0)
		151	DHerror(DH_R_CHECK_P_NOT_SAFE_PRIME);
		152
		153	return flags == 0;
		154	}
		155
		156	int
108	DH_check(const DH dh, int flags)	157	DH_check(const DH dh, int flags)
109	{	158	{
110	BN_CTX *ctx = NULL;	159	BN_CTX *ctx = NULL;
@@ -180,6 +229,24 @@ DH_check(const DH dh, int flags)
180	}	229	}
181		230
182	int	231	int
		232	DH_check_pub_key_ex(const DH dh, const BIGNUM pub_key)
		233	{
		234	int flags = 0;
		235
		236	if (!DH_check_pub_key(dh, pub_key, &flags))
		237	return 0;
		238
		239	if ((flags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
		240	DHerror(DH_R_CHECK_PUBKEY_TOO_SMALL);
		241	if ((flags & DH_CHECK_PUBKEY_TOO_LARGE) != 0)
		242	DHerror(DH_R_CHECK_PUBKEY_TOO_LARGE);
		243	if ((flags & DH_CHECK_PUBKEY_INVALID) != 0)
		244	DHerror(DH_R_CHECK_PUBKEY_INVALID);
		245
		246	return flags == 0;
		247	}
		248
		249	int
183	DH_check_pub_key(const DH dh, const BIGNUM pub_key, int *flags)	250	DH_check_pub_key(const DH dh, const BIGNUM pub_key, int *flags)
184	{	251	{
185	BN_CTX *ctx = NULL;	252	BN_CTX *ctx = NULL;