diff options
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r-- | src/lib/libcrypto/dh/dh.h | 20 | ||||
-rw-r--r-- | src/lib/libcrypto/dh/dh_ameth.c | 1 | ||||
-rw-r--r-- | src/lib/libcrypto/dh/dh_err.c | 7 | ||||
-rw-r--r-- | src/lib/libcrypto/dh/dh_gen.c | 17 | ||||
-rw-r--r-- | src/lib/libcrypto/dh/dh_key.c | 33 | ||||
-rw-r--r-- | src/lib/libcrypto/dh/dh_lib.c | 15 |
6 files changed, 89 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h index 849309a489..ea59e610ef 100644 --- a/src/lib/libcrypto/dh/dh.h +++ b/src/lib/libcrypto/dh/dh.h | |||
@@ -86,6 +86,21 @@ | |||
86 | * be used for all exponents. | 86 | * be used for all exponents. |
87 | */ | 87 | */ |
88 | 88 | ||
89 | /* If this flag is set the DH method is FIPS compliant and can be used | ||
90 | * in FIPS mode. This is set in the validated module method. If an | ||
91 | * application sets this flag in its own methods it is its reposibility | ||
92 | * to ensure the result is compliant. | ||
93 | */ | ||
94 | |||
95 | #define DH_FLAG_FIPS_METHOD 0x0400 | ||
96 | |||
97 | /* If this flag is set the operations normally disabled in FIPS mode are | ||
98 | * permitted it is then the applications responsibility to ensure that the | ||
99 | * usage is compliant. | ||
100 | */ | ||
101 | |||
102 | #define DH_FLAG_NON_FIPS_ALLOW 0x0400 | ||
103 | |||
89 | #ifdef __cplusplus | 104 | #ifdef __cplusplus |
90 | extern "C" { | 105 | extern "C" { |
91 | #endif | 106 | #endif |
@@ -230,6 +245,9 @@ void ERR_load_DH_strings(void); | |||
230 | #define DH_F_COMPUTE_KEY 102 | 245 | #define DH_F_COMPUTE_KEY 102 |
231 | #define DH_F_DHPARAMS_PRINT_FP 101 | 246 | #define DH_F_DHPARAMS_PRINT_FP 101 |
232 | #define DH_F_DH_BUILTIN_GENPARAMS 106 | 247 | #define DH_F_DH_BUILTIN_GENPARAMS 106 |
248 | #define DH_F_DH_COMPUTE_KEY 114 | ||
249 | #define DH_F_DH_GENERATE_KEY 115 | ||
250 | #define DH_F_DH_GENERATE_PARAMETERS_EX 116 | ||
233 | #define DH_F_DH_NEW_METHOD 105 | 251 | #define DH_F_DH_NEW_METHOD 105 |
234 | #define DH_F_DH_PARAM_DECODE 107 | 252 | #define DH_F_DH_PARAM_DECODE 107 |
235 | #define DH_F_DH_PRIV_DECODE 110 | 253 | #define DH_F_DH_PRIV_DECODE 110 |
@@ -249,7 +267,9 @@ void ERR_load_DH_strings(void); | |||
249 | #define DH_R_DECODE_ERROR 104 | 267 | #define DH_R_DECODE_ERROR 104 |
250 | #define DH_R_INVALID_PUBKEY 102 | 268 | #define DH_R_INVALID_PUBKEY 102 |
251 | #define DH_R_KEYS_NOT_SET 108 | 269 | #define DH_R_KEYS_NOT_SET 108 |
270 | #define DH_R_KEY_SIZE_TOO_SMALL 110 | ||
252 | #define DH_R_MODULUS_TOO_LARGE 103 | 271 | #define DH_R_MODULUS_TOO_LARGE 103 |
272 | #define DH_R_NON_FIPS_METHOD 111 | ||
253 | #define DH_R_NO_PARAMETERS_SET 107 | 273 | #define DH_R_NO_PARAMETERS_SET 107 |
254 | #define DH_R_NO_PRIVATE_VALUE 100 | 274 | #define DH_R_NO_PRIVATE_VALUE 100 |
255 | #define DH_R_PARAMETER_ENCODING_ERROR 105 | 275 | #define DH_R_PARAMETER_ENCODING_ERROR 105 |
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c index 377caf96c9..02ec2d47b4 100644 --- a/src/lib/libcrypto/dh/dh_ameth.c +++ b/src/lib/libcrypto/dh/dh_ameth.c | |||
@@ -493,6 +493,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = | |||
493 | dh_copy_parameters, | 493 | dh_copy_parameters, |
494 | dh_cmp_parameters, | 494 | dh_cmp_parameters, |
495 | dh_param_print, | 495 | dh_param_print, |
496 | 0, | ||
496 | 497 | ||
497 | int_dh_free, | 498 | int_dh_free, |
498 | 0 | 499 | 0 |
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c index d5cf0c22a3..56d3df7356 100644 --- a/src/lib/libcrypto/dh/dh_err.c +++ b/src/lib/libcrypto/dh/dh_err.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* crypto/dh/dh_err.c */ | 1 | /* crypto/dh/dh_err.c */ |
2 | /* ==================================================================== | 2 | /* ==================================================================== |
3 | * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. |
4 | * | 4 | * |
5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
@@ -73,6 +73,9 @@ static ERR_STRING_DATA DH_str_functs[]= | |||
73 | {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, | 73 | {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, |
74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, | 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, |
75 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, | 75 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, |
76 | {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, | ||
77 | {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, | ||
78 | {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"}, | ||
76 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, | 79 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, |
77 | {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, | 80 | {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, |
78 | {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"}, | 81 | {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"}, |
@@ -95,7 +98,9 @@ static ERR_STRING_DATA DH_str_reasons[]= | |||
95 | {ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, | 98 | {ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, |
96 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, | 99 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, |
97 | {ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, | 100 | {ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, |
101 | {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, | ||
98 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 102 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
103 | {ERR_REASON(DH_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
99 | {ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, | 104 | {ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, |
100 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, | 105 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, |
101 | {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, | 106 | {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, |
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c index cfd5b11868..7b1fe9c9cb 100644 --- a/src/lib/libcrypto/dh/dh_gen.c +++ b/src/lib/libcrypto/dh/dh_gen.c | |||
@@ -66,12 +66,29 @@ | |||
66 | #include <openssl/bn.h> | 66 | #include <openssl/bn.h> |
67 | #include <openssl/dh.h> | 67 | #include <openssl/dh.h> |
68 | 68 | ||
69 | #ifdef OPENSSL_FIPS | ||
70 | #include <openssl/fips.h> | ||
71 | #endif | ||
72 | |||
69 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); | 73 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); |
70 | 74 | ||
71 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) | 75 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) |
72 | { | 76 | { |
77 | #ifdef OPENSSL_FIPS | ||
78 | if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD) | ||
79 | && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) | ||
80 | { | ||
81 | DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD); | ||
82 | return 0; | ||
83 | } | ||
84 | #endif | ||
73 | if(ret->meth->generate_params) | 85 | if(ret->meth->generate_params) |
74 | return ret->meth->generate_params(ret, prime_len, generator, cb); | 86 | return ret->meth->generate_params(ret, prime_len, generator, cb); |
87 | #ifdef OPENSSL_FIPS | ||
88 | if (FIPS_mode()) | ||
89 | return FIPS_dh_generate_parameters_ex(ret, prime_len, | ||
90 | generator, cb); | ||
91 | #endif | ||
75 | return dh_builtin_genparams(ret, prime_len, generator, cb); | 92 | return dh_builtin_genparams(ret, prime_len, generator, cb); |
76 | } | 93 | } |
77 | 94 | ||
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index e7db440342..89a74db4e6 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c | |||
@@ -73,11 +73,27 @@ static int dh_finish(DH *dh); | |||
73 | 73 | ||
74 | int DH_generate_key(DH *dh) | 74 | int DH_generate_key(DH *dh) |
75 | { | 75 | { |
76 | #ifdef OPENSSL_FIPS | ||
77 | if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) | ||
78 | && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) | ||
79 | { | ||
80 | DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD); | ||
81 | return 0; | ||
82 | } | ||
83 | #endif | ||
76 | return dh->meth->generate_key(dh); | 84 | return dh->meth->generate_key(dh); |
77 | } | 85 | } |
78 | 86 | ||
79 | int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | 87 | int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) |
80 | { | 88 | { |
89 | #ifdef OPENSSL_FIPS | ||
90 | if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD) | ||
91 | && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) | ||
92 | { | ||
93 | DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD); | ||
94 | return 0; | ||
95 | } | ||
96 | #endif | ||
81 | return dh->meth->compute_key(key, pub_key, dh); | 97 | return dh->meth->compute_key(key, pub_key, dh); |
82 | } | 98 | } |
83 | 99 | ||
@@ -138,8 +154,21 @@ static int generate_key(DH *dh) | |||
138 | 154 | ||
139 | if (generate_new_key) | 155 | if (generate_new_key) |
140 | { | 156 | { |
141 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ | 157 | if (dh->q) |
142 | if (!BN_rand(priv_key, l, 0, 0)) goto err; | 158 | { |
159 | do | ||
160 | { | ||
161 | if (!BN_rand_range(priv_key, dh->q)) | ||
162 | goto err; | ||
163 | } | ||
164 | while (BN_is_zero(priv_key) || BN_is_one(priv_key)); | ||
165 | } | ||
166 | else | ||
167 | { | ||
168 | /* secret exponent length */ | ||
169 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; | ||
170 | if (!BN_rand(priv_key, l, 0, 0)) goto err; | ||
171 | } | ||
143 | } | 172 | } |
144 | 173 | ||
145 | { | 174 | { |
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c index 7aef080e7a..00218f2b92 100644 --- a/src/lib/libcrypto/dh/dh_lib.c +++ b/src/lib/libcrypto/dh/dh_lib.c | |||
@@ -64,6 +64,10 @@ | |||
64 | #include <openssl/engine.h> | 64 | #include <openssl/engine.h> |
65 | #endif | 65 | #endif |
66 | 66 | ||
67 | #ifdef OPENSSL_FIPS | ||
68 | #include <openssl/fips.h> | ||
69 | #endif | ||
70 | |||
67 | const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; | 71 | const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; |
68 | 72 | ||
69 | static const DH_METHOD *default_DH_method = NULL; | 73 | static const DH_METHOD *default_DH_method = NULL; |
@@ -76,7 +80,16 @@ void DH_set_default_method(const DH_METHOD *meth) | |||
76 | const DH_METHOD *DH_get_default_method(void) | 80 | const DH_METHOD *DH_get_default_method(void) |
77 | { | 81 | { |
78 | if(!default_DH_method) | 82 | if(!default_DH_method) |
83 | { | ||
84 | #ifdef OPENSSL_FIPS | ||
85 | if (FIPS_mode()) | ||
86 | return FIPS_dh_openssl(); | ||
87 | else | ||
88 | return DH_OpenSSL(); | ||
89 | #else | ||
79 | default_DH_method = DH_OpenSSL(); | 90 | default_DH_method = DH_OpenSSL(); |
91 | #endif | ||
92 | } | ||
80 | return default_DH_method; | 93 | return default_DH_method; |
81 | } | 94 | } |
82 | 95 | ||
@@ -156,7 +169,7 @@ DH *DH_new_method(ENGINE *engine) | |||
156 | ret->counter = NULL; | 169 | ret->counter = NULL; |
157 | ret->method_mont_p=NULL; | 170 | ret->method_mont_p=NULL; |
158 | ret->references = 1; | 171 | ret->references = 1; |
159 | ret->flags=ret->meth->flags; | 172 | ret->flags=ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW; |
160 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | 173 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
161 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | 174 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) |
162 | { | 175 | { |