summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/dh.h20
-rw-r--r--src/lib/libcrypto/dh/dh_ameth.c1
-rw-r--r--src/lib/libcrypto/dh/dh_err.c7
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c17
-rw-r--r--src/lib/libcrypto/dh/dh_key.c33
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c15
6 files changed, 89 insertions, 4 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 849309a489..ea59e610ef 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -86,6 +86,21 @@
86 * be used for all exponents. 86 * be used for all exponents.
87 */ 87 */
88 88
89/* If this flag is set the DH method is FIPS compliant and can be used
90 * in FIPS mode. This is set in the validated module method. If an
91 * application sets this flag in its own methods it is its reposibility
92 * to ensure the result is compliant.
93 */
94
95#define DH_FLAG_FIPS_METHOD 0x0400
96
97/* If this flag is set the operations normally disabled in FIPS mode are
98 * permitted it is then the applications responsibility to ensure that the
99 * usage is compliant.
100 */
101
102#define DH_FLAG_NON_FIPS_ALLOW 0x0400
103
89#ifdef __cplusplus 104#ifdef __cplusplus
90extern "C" { 105extern "C" {
91#endif 106#endif
@@ -230,6 +245,9 @@ void ERR_load_DH_strings(void);
230#define DH_F_COMPUTE_KEY 102 245#define DH_F_COMPUTE_KEY 102
231#define DH_F_DHPARAMS_PRINT_FP 101 246#define DH_F_DHPARAMS_PRINT_FP 101
232#define DH_F_DH_BUILTIN_GENPARAMS 106 247#define DH_F_DH_BUILTIN_GENPARAMS 106
248#define DH_F_DH_COMPUTE_KEY 114
249#define DH_F_DH_GENERATE_KEY 115
250#define DH_F_DH_GENERATE_PARAMETERS_EX 116
233#define DH_F_DH_NEW_METHOD 105 251#define DH_F_DH_NEW_METHOD 105
234#define DH_F_DH_PARAM_DECODE 107 252#define DH_F_DH_PARAM_DECODE 107
235#define DH_F_DH_PRIV_DECODE 110 253#define DH_F_DH_PRIV_DECODE 110
@@ -249,7 +267,9 @@ void ERR_load_DH_strings(void);
249#define DH_R_DECODE_ERROR 104 267#define DH_R_DECODE_ERROR 104
250#define DH_R_INVALID_PUBKEY 102 268#define DH_R_INVALID_PUBKEY 102
251#define DH_R_KEYS_NOT_SET 108 269#define DH_R_KEYS_NOT_SET 108
270#define DH_R_KEY_SIZE_TOO_SMALL 110
252#define DH_R_MODULUS_TOO_LARGE 103 271#define DH_R_MODULUS_TOO_LARGE 103
272#define DH_R_NON_FIPS_METHOD 111
253#define DH_R_NO_PARAMETERS_SET 107 273#define DH_R_NO_PARAMETERS_SET 107
254#define DH_R_NO_PRIVATE_VALUE 100 274#define DH_R_NO_PRIVATE_VALUE 100
255#define DH_R_PARAMETER_ENCODING_ERROR 105 275#define DH_R_PARAMETER_ENCODING_ERROR 105
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
index 377caf96c9..02ec2d47b4 100644
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ b/src/lib/libcrypto/dh/dh_ameth.c
@@ -493,6 +493,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
493 dh_copy_parameters, 493 dh_copy_parameters,
494 dh_cmp_parameters, 494 dh_cmp_parameters,
495 dh_param_print, 495 dh_param_print,
496 0,
496 497
497 int_dh_free, 498 int_dh_free,
498 0 499 0
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
index d5cf0c22a3..56d3df7356 100644
--- a/src/lib/libcrypto/dh/dh_err.c
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,6 +1,6 @@
1/* crypto/dh/dh_err.c */ 1/* crypto/dh/dh_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -73,6 +73,9 @@ static ERR_STRING_DATA DH_str_functs[]=
73{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, 73{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, 74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
75{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, 75{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
76{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
77{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
78{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"},
76{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, 79{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
77{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, 80{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
78{ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"}, 81{ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
@@ -95,7 +98,9 @@ static ERR_STRING_DATA DH_str_reasons[]=
95{ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"}, 98{ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"},
96{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, 99{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
97{ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"}, 100{ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"},
101{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
98{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, 102{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
103{ERR_REASON(DH_R_NON_FIPS_METHOD) ,"non fips method"},
99{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"}, 104{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"},
100{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, 105{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
101{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"}, 106{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
index cfd5b11868..7b1fe9c9cb 100644
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -66,12 +66,29 @@
66#include <openssl/bn.h> 66#include <openssl/bn.h>
67#include <openssl/dh.h> 67#include <openssl/dh.h>
68 68
69#ifdef OPENSSL_FIPS
70#include <openssl/fips.h>
71#endif
72
69static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); 73static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
70 74
71int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) 75int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
72 { 76 {
77#ifdef OPENSSL_FIPS
78 if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD)
79 && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW))
80 {
81 DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD);
82 return 0;
83 }
84#endif
73 if(ret->meth->generate_params) 85 if(ret->meth->generate_params)
74 return ret->meth->generate_params(ret, prime_len, generator, cb); 86 return ret->meth->generate_params(ret, prime_len, generator, cb);
87#ifdef OPENSSL_FIPS
88 if (FIPS_mode())
89 return FIPS_dh_generate_parameters_ex(ret, prime_len,
90 generator, cb);
91#endif
75 return dh_builtin_genparams(ret, prime_len, generator, cb); 92 return dh_builtin_genparams(ret, prime_len, generator, cb);
76 } 93 }
77 94
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index e7db440342..89a74db4e6 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -73,11 +73,27 @@ static int dh_finish(DH *dh);
73 73
74int DH_generate_key(DH *dh) 74int DH_generate_key(DH *dh)
75 { 75 {
76#ifdef OPENSSL_FIPS
77 if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
78 && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW))
79 {
80 DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
81 return 0;
82 }
83#endif
76 return dh->meth->generate_key(dh); 84 return dh->meth->generate_key(dh);
77 } 85 }
78 86
79int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) 87int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
80 { 88 {
89#ifdef OPENSSL_FIPS
90 if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
91 && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW))
92 {
93 DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
94 return 0;
95 }
96#endif
81 return dh->meth->compute_key(key, pub_key, dh); 97 return dh->meth->compute_key(key, pub_key, dh);
82 } 98 }
83 99
@@ -138,8 +154,21 @@ static int generate_key(DH *dh)
138 154
139 if (generate_new_key) 155 if (generate_new_key)
140 { 156 {
141 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ 157 if (dh->q)
142 if (!BN_rand(priv_key, l, 0, 0)) goto err; 158 {
159 do
160 {
161 if (!BN_rand_range(priv_key, dh->q))
162 goto err;
163 }
164 while (BN_is_zero(priv_key) || BN_is_one(priv_key));
165 }
166 else
167 {
168 /* secret exponent length */
169 l = dh->length ? dh->length : BN_num_bits(dh->p)-1;
170 if (!BN_rand(priv_key, l, 0, 0)) goto err;
171 }
143 } 172 }
144 173
145 { 174 {
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
index 7aef080e7a..00218f2b92 100644
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -64,6 +64,10 @@
64#include <openssl/engine.h> 64#include <openssl/engine.h>
65#endif 65#endif
66 66
67#ifdef OPENSSL_FIPS
68#include <openssl/fips.h>
69#endif
70
67const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT; 71const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
68 72
69static const DH_METHOD *default_DH_method = NULL; 73static const DH_METHOD *default_DH_method = NULL;
@@ -76,7 +80,16 @@ void DH_set_default_method(const DH_METHOD *meth)
76const DH_METHOD *DH_get_default_method(void) 80const DH_METHOD *DH_get_default_method(void)
77 { 81 {
78 if(!default_DH_method) 82 if(!default_DH_method)
83 {
84#ifdef OPENSSL_FIPS
85 if (FIPS_mode())
86 return FIPS_dh_openssl();
87 else
88 return DH_OpenSSL();
89#else
79 default_DH_method = DH_OpenSSL(); 90 default_DH_method = DH_OpenSSL();
91#endif
92 }
80 return default_DH_method; 93 return default_DH_method;
81 } 94 }
82 95
@@ -156,7 +169,7 @@ DH *DH_new_method(ENGINE *engine)
156 ret->counter = NULL; 169 ret->counter = NULL;
157 ret->method_mont_p=NULL; 170 ret->method_mont_p=NULL;
158 ret->references = 1; 171 ret->references = 1;
159 ret->flags=ret->meth->flags; 172 ret->flags=ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
160 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); 173 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
161 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) 174 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
162 { 175 {