diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-04-20 11:07:38 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-04-20 11:07:38 +1000 |
| commit | 738ee1819e3bb94723701fb505ce2971afe47a9b (patch) | |
| tree | 2fd8588534087594f2371060c20bc6890d39a33a /providers | |
| parent | 9e537cd2ad01b172f2700a670e9269075078a426 (diff) | |
| download | openssl-738ee1819e3bb94723701fb505ce2971afe47a9b.zip openssl-738ee1819e3bb94723701fb505ce2971afe47a9b.tar.gz openssl-738ee1819e3bb94723701fb505ce2971afe47a9b.tar.bz2 | |
Fix DH_get_nid() so that it does not cache values.
DH_set0_pqg() is now responsible for caching the nid, q and length.
DH with or without named safe prime groups now default to using the maximum private key length (BN_num_bits(q) - 1)
when generating a DH private key. The code is now shared between fips and non fips mode for DH key generation.
The OSSL_PKEY_PARAM_DH_PRIV_LEN parameter can be used during keygen to override the maximum private key length to be
in the range (2 * strength ... bits(q) - 1). Where the strength depends on the length of p.
Added q = (p - 1) / 2 safe prime BIGNUMS so that the code is data driven (To simplify adding new names).
The BIGNUMS were code generated.
Fix error in documented return value for DH_get_nid
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11562)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/implementations/keymgmt/dh_kmgmt.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 31a7c0b..f09654c 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -65,6 +65,7 @@ struct dh_gen_ctx { int generator; /* Used by DH_PARAMGEN_TYPE_GENERATOR in non fips mode only */ int pcounter; int hindex; + int priv_len; OSSL_CALLBACK *cb; void *cbarg; @@ -432,20 +433,16 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[]) gctx->gen_type = DH_PARAMGEN_TYPE_GROUP; } p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_GENERATOR); - if (p != NULL - && !OSSL_PARAM_get_int(p, &gctx->generator)) + if (p != NULL && !OSSL_PARAM_get_int(p, &gctx->generator)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_GINDEX); - if (p != NULL - && !OSSL_PARAM_get_int(p, &gctx->gindex)) + if (p != NULL && !OSSL_PARAM_get_int(p, &gctx->gindex)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_PCOUNTER); - if (p != NULL - && !OSSL_PARAM_get_int(p, &gctx->pcounter)) + if (p != NULL && !OSSL_PARAM_get_int(p, &gctx->pcounter)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_H); - if (p != NULL - && !OSSL_PARAM_get_int(p, &gctx->hindex)) + if (p != NULL && !OSSL_PARAM_get_int(p, &gctx->hindex)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_SEED); if (p != NULL @@ -476,6 +473,9 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (gctx->md == NULL) return 0; } + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN); + if (p != NULL && !OSSL_PARAM_get_int(p, &gctx->priv_len)) + return 0; return 1; } @@ -493,6 +493,7 @@ static const OSSL_PARAM *dh_gen_settable_params(void *provctx) OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_GENERATOR, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), + OSSL_PARAM_int(OSSL_PKEY_PARAM_DH_PRIV_LEN, NULL), OSSL_PARAM_END }; return settable; @@ -577,6 +578,8 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { if (ffc->p == NULL || ffc->g == NULL) goto end; + if (gctx->priv_len > 0) + DH_set_length(dh, (long)gctx->priv_len); if (DH_generate_key(dh) <= 0) goto end; } |