1 files changed, 26 insertions, 39 deletions
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index d20fa91d5e..e7db440342 100644
--- a/src/lib/libssl/src/fips/dh/fips_dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -57,16 +57,10 @@
 */
 #include <stdio.h>
-#include <openssl/err.h>
+#include "cryptlib.h"
 #include <openssl/bn.h>
-#ifndef OPENSSL_NO_RAND
 #include <openssl/rand.h>
-#endif
-#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
-#include <openssl/fips.h>
-#ifdef OPENSSL_FIPS
 static int generate_key(DH *dh);
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
@@ -87,7 +81,7 @@ int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        return dh->meth->compute_key(key, pub_key, dh);
        }
-static const DH_METHOD dh_ossl = {
+static DH_METHOD dh_ossl = {
 "OpenSSL DH Method",
 generate_key,
 compute_key,
@@ -95,6 +89,7 @@ dh_bn_mod_exp,
 dh_init,
 dh_finish,
 0,
+NULL,
 NULL
 };
@@ -112,12 +107,6 @@ static int generate_key(DH *dh)
        BN_MONT_CTX *mont=NULL;
        BIGNUM *pub_key=NULL,*priv_key=NULL;
-        if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
-                {
-                DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
-                return 0;
-                }
        ctx = BN_CTX_new();
        if (ctx == NULL) goto err;
@@ -138,10 +127,10 @@ static int generate_key(DH *dh)
        else
                pub_key=dh->pub_key;
        if (dh->flags & DH_FLAG_CACHE_MONT_P)
                {
-                mont = BN_MONT_CTX_set_locked(
+                mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-                                (BN_MONT_CTX **)&dh->method_mont_p,
                                CRYPTO_LOCK_DH, dh->p, ctx);
                if (!mont)
                        goto err;
@@ -166,8 +155,7 @@ static int generate_key(DH *dh)
                else
                        prk = priv_key;
-                if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))
+                if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
-                        goto err;
        }
                
        dh->pub_key=pub_key;
@@ -185,15 +173,11 @@ err:
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        {
-        BN_CTX *ctx;
+        BN_CTX *ctx=NULL;
        BN_MONT_CTX *mont=NULL;
        BIGNUM *tmp;
        int ret= -1;
+        int check_result;
-        ctx = BN_CTX_new();
-        if (ctx == NULL) goto err;
-        BN_CTX_start(ctx);
-        tmp = BN_CTX_get(ctx);
        if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
                {
@@ -201,12 +185,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
                goto err;
                }
-        if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
+        ctx = BN_CTX_new();
-                {
+        if (ctx == NULL) goto err;
-                DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
+        BN_CTX_start(ctx);
-                goto err;
+        tmp = BN_CTX_get(ctx);
-                }
+        
        if (dh->priv_key == NULL)
                {
                DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
@@ -215,8 +198,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        if (dh->flags & DH_FLAG_CACHE_MONT_P)
                {
-                mont = BN_MONT_CTX_set_locked(
+                mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-                                (BN_MONT_CTX **)&dh->method_mont_p,
                                CRYPTO_LOCK_DH, dh->p, ctx);
                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
                        {
@@ -227,6 +209,12 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
                        goto err;
                }
+        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
+                {
+                DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
+                goto err;
+                }
        if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
                {
                DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
@@ -235,8 +223,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        ret=BN_bn2bin(tmp,key);
 err:
-        BN_CTX_end(ctx);
+        if (ctx != NULL)
-        BN_CTX_free(ctx);
+                {
+                BN_CTX_end(ctx);
+                BN_CTX_free(ctx);
+                }
        return(ret);
        }
@@ -260,7 +251,6 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
 static int dh_init(DH *dh)
        {
-        FIPS_selftest_check();
        dh->flags |= DH_FLAG_CACHE_MONT_P;
        return(1);
        }
@@ -268,9 +258,6 @@ static int dh_init(DH *dh)
 static int dh_finish(DH *dh)
        {
        if(dh->method_mont_p)
-                BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
+                BN_MONT_CTX_free(dh->method_mont_p);
        return(1);
        }
-#endif
-#endif

diff --git a/src/lib/libssl/src/fips/dh/fips_dh_key.c b/src/lib/libcrypto/dh/dh_key.c index d20fa91d5e..e7db440342 100644 --- a/src/lib/libssl/src/fips/dh/fips_dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c
@@ -57,16 +57,10 @@
57	*/	57	*/
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include <openssl/err.h>	60	#include "cryptlib.h"
61	#include <openssl/bn.h>	61	#include <openssl/bn.h>
62	#ifndef OPENSSL_NO_RAND
63	#include <openssl/rand.h>	62	#include <openssl/rand.h>
64	#endif
65	#ifndef OPENSSL_NO_DH
66	#include <openssl/dh.h>	63	#include <openssl/dh.h>
67	#include <openssl/fips.h>
68
69	#ifdef OPENSSL_FIPS
70		64
71	static int generate_key(DH *dh);	65	static int generate_key(DH *dh);
72	static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh);	66	static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh);
@@ -87,7 +81,7 @@ int DH_compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
87	return dh->meth->compute_key(key, pub_key, dh);	81	return dh->meth->compute_key(key, pub_key, dh);
88	}	82	}
89		83
90	static const DH_METHOD dh_ossl = {	84	static DH_METHOD dh_ossl = {
91	"OpenSSL DH Method",	85	"OpenSSL DH Method",
92	generate_key,	86	generate_key,
93	compute_key,	87	compute_key,
@@ -95,6 +89,7 @@ dh_bn_mod_exp,
95	dh_init,	89	dh_init,
96	dh_finish,	90	dh_finish,
97	0,	91	0,
		92	NULL,
98	NULL	93	NULL
99	};	94	};
100		95
@@ -112,12 +107,6 @@ static int generate_key(DH *dh)
112	BN_MONT_CTX *mont=NULL;	107	BN_MONT_CTX *mont=NULL;
113	BIGNUM pub_key=NULL,priv_key=NULL;	108	BIGNUM pub_key=NULL,priv_key=NULL;
114		109
115	if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))
116	{
117	DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL);
118	return 0;
119	}
120
121	ctx = BN_CTX_new();	110	ctx = BN_CTX_new();
122	if (ctx == NULL) goto err;	111	if (ctx == NULL) goto err;
123		112
@@ -138,10 +127,10 @@ static int generate_key(DH *dh)
138	else	127	else
139	pub_key=dh->pub_key;	128	pub_key=dh->pub_key;
140		129
		130
141	if (dh->flags & DH_FLAG_CACHE_MONT_P)	131	if (dh->flags & DH_FLAG_CACHE_MONT_P)
142	{	132	{
143	mont = BN_MONT_CTX_set_locked(	133	mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
144	(BN_MONT_CTX **)&dh->method_mont_p,
145	CRYPTO_LOCK_DH, dh->p, ctx);	134	CRYPTO_LOCK_DH, dh->p, ctx);
146	if (!mont)	135	if (!mont)
147	goto err;	136	goto err;
@@ -166,8 +155,7 @@ static int generate_key(DH *dh)
166	else	155	else
167	prk = priv_key;	156	prk = priv_key;
168		157
169	if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))	158	if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
170	goto err;
171	}	159	}
172		160
173	dh->pub_key=pub_key;	161	dh->pub_key=pub_key;
@@ -185,15 +173,11 @@ err:
185		173
186	static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)	174	static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
187	{	175	{
188	BN_CTX *ctx;	176	BN_CTX *ctx=NULL;
189	BN_MONT_CTX *mont=NULL;	177	BN_MONT_CTX *mont=NULL;
190	BIGNUM *tmp;	178	BIGNUM *tmp;
191	int ret= -1;	179	int ret= -1;
192		180	int check_result;
193	ctx = BN_CTX_new();
194	if (ctx == NULL) goto err;
195	BN_CTX_start(ctx);
196	tmp = BN_CTX_get(ctx);
197		181
198	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)	182	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
199	{	183	{
@@ -201,12 +185,11 @@ static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
201	goto err;	185	goto err;
202	}	186	}
203		187
204	if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS))	188	ctx = BN_CTX_new();
205	{	189	if (ctx == NULL) goto err;
206	DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL);	190	BN_CTX_start(ctx);
207	goto err;	191	tmp = BN_CTX_get(ctx);
208	}	192
209
210	if (dh->priv_key == NULL)	193	if (dh->priv_key == NULL)
211	{	194	{
212	DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);	195	DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
@@ -215,8 +198,7 @@ static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
215		198
216	if (dh->flags & DH_FLAG_CACHE_MONT_P)	199	if (dh->flags & DH_FLAG_CACHE_MONT_P)
217	{	200	{
218	mont = BN_MONT_CTX_set_locked(	201	mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
219	(BN_MONT_CTX **)&dh->method_mont_p,
220	CRYPTO_LOCK_DH, dh->p, ctx);	202	CRYPTO_LOCK_DH, dh->p, ctx);
221	if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)	203	if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
222	{	204	{
@@ -227,6 +209,12 @@ static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
227	goto err;	209	goto err;
228	}	210	}
229		211
		212	if (!DH_check_pub_key(dh, pub_key, &check_result) \|\| check_result)
		213	{
		214	DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
		215	goto err;
		216	}
		217
230	if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))	218	if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
231	{	219	{
232	DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);	220	DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
@@ -235,8 +223,11 @@ static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
235		223
236	ret=BN_bn2bin(tmp,key);	224	ret=BN_bn2bin(tmp,key);
237	err:	225	err:
238	BN_CTX_end(ctx);	226	if (ctx != NULL)
239	BN_CTX_free(ctx);	227	{
		228	BN_CTX_end(ctx);
		229	BN_CTX_free(ctx);
		230	}
240	return(ret);	231	return(ret);
241	}	232	}
242		233
@@ -260,7 +251,6 @@ static int dh_bn_mod_exp(const DH dh, BIGNUM r,
260		251
261	static int dh_init(DH *dh)	252	static int dh_init(DH *dh)
262	{	253	{
263	FIPS_selftest_check();
264	dh->flags \|= DH_FLAG_CACHE_MONT_P;	254	dh->flags \|= DH_FLAG_CACHE_MONT_P;
265	return(1);	255	return(1);
266	}	256	}
@@ -268,9 +258,6 @@ static int dh_init(DH *dh)
268	static int dh_finish(DH *dh)	258	static int dh_finish(DH *dh)
269	{	259	{
270	if(dh->method_mont_p)	260	if(dh->method_mont_p)
271	BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);	261	BN_MONT_CTX_free(dh->method_mont_p);
272	return(1);	262	return(1);
273	}	263	}
274
275	#endif
276	#endif