Главная Обзор Помощь
Вход
OWEALs
/
openssl
зеркало из git://git.openssl.org/openssl.git
2
0
Ответвить 0
Файлы Задачи 1 Вики
Дерево: 36ba419286
Ветки Метки
openssl
/
crypto
/
ffc
/
ffc_key_validate.c

ffc_key_validate.c 3.3 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124 
  1. /*
    2. 

  2.  * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include "internal/ffc.h"
    11. 

  11. 

  12. /*
    13. 

  13.  * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation.
    14. 

  14.  * To only be used with ephemeral FFC public keys generated using the approved
    15. 

  15.  * safe-prime groups. (Checks that the public key is in the range [2, p - 1]
    16. 

  16.  *
    17. 

  17.  * ret contains 0 on success, or error flags (see FFC_ERROR_PUBKEY_TOO_SMALL)
    18. 

  18.  */
    19. 

  19. int ossl_ffc_validate_public_key_partial(const FFC_PARAMS *params,
    20. 

  20.                                          const BIGNUM *pub_key, int *ret)
    21. 

  21. {
    22. 

  22.     int ok = 0;
    23. 

  23.     BIGNUM *tmp = NULL;
    24. 

  24.     BN_CTX *ctx = NULL;
    25. 

  25. 

  26.     *ret = 0;
    27. 

  27.     if (params == NULL || pub_key == NULL || params->p == NULL) {
    28. 

  28.         *ret = FFC_ERROR_PASSED_NULL_PARAM;
    29. 

  29.         return 1;
    30. 

  30.     }
    31. 

  31. 

  32.     ctx = BN_CTX_new_ex(NULL);
    33. 

  33.     if (ctx == NULL)
    34. 

  34.         goto err;
    35. 

  35. 

  36.     BN_CTX_start(ctx);
    37. 

  37.     tmp = BN_CTX_get(ctx);
    38. 

  38.     /* Step(1): Verify pub_key >= 2 */
    39. 

  39.     if (tmp == NULL
    40. 

  40.         || !BN_set_word(tmp, 1))
    41. 

  41.         goto err;
    42. 

  42.     if (BN_cmp(pub_key, tmp) <= 0)
    43. 

  43.         *ret |= FFC_ERROR_PUBKEY_TOO_SMALL;
    44. 

  44.     /* Step(1): Verify pub_key <=  p-2 */
    45. 

  45.     if (BN_copy(tmp, params->p) == NULL
    46. 

  46.         || !BN_sub_word(tmp, 1))
    47. 

  47.         goto err;
    48. 

  48.     if (BN_cmp(pub_key, tmp) >= 0)
    49. 

  49.         *ret |= FFC_ERROR_PUBKEY_TOO_LARGE;
    50. 

  50.     ok = 1;
    51. 

  51.  err:
    52. 

  52.     if (ctx != NULL) {
    53. 

  53.         BN_CTX_end(ctx);
    54. 

  54.         BN_CTX_free(ctx);
    55. 

  55.     }
    56. 

  56.     return ok;
    57. 

  57. }
    58. 

  58. 

  59. /*
    60. 

  60.  * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
    61. 

  61.  */
    62. 

  62. int ossl_ffc_validate_public_key(const FFC_PARAMS *params,
    63. 

  63.                                  const BIGNUM *pub_key, int *ret)
    64. 

  64. {
    65. 

  65.     int ok = 0;
    66. 

  66.     BIGNUM *tmp = NULL;
    67. 

  67.     BN_CTX *ctx = NULL;
    68. 

  68. 

  69.     if (!ossl_ffc_validate_public_key_partial(params, pub_key, ret))
    70. 

  70.         return 0;
    71. 

  71. 

  72.     if (*ret == 0 && params->q != NULL) {
    73. 

  73.         ctx = BN_CTX_new_ex(NULL);
    74. 

  74.         if (ctx == NULL)
    75. 

  75.             goto err;
    76. 

  76.         BN_CTX_start(ctx);
    77. 

  77.         tmp = BN_CTX_get(ctx);
    78. 

  78. 

  79.         /* Check pub_key^q == 1 mod p */
    80. 

  80.         if (tmp == NULL
    81. 

  81.             || !BN_mod_exp(tmp, pub_key, params->q, params->p, ctx))
    82. 

  82.             goto err;
    83. 

  83.         if (!BN_is_one(tmp))
    84. 

  84.             *ret |= FFC_ERROR_PUBKEY_INVALID;
    85. 

  85.     }
    86. 

  86. 

  87.     ok = 1;
    88. 

  88.  err:
    89. 

  89.     if (ctx != NULL) {
    90. 

  90.         BN_CTX_end(ctx);
    91. 

  91.         BN_CTX_free(ctx);
    92. 

  92.     }
    93. 

  93.     return ok;
    94. 

  94. }
    95. 

  95. 

  96. /*
    97. 

  97.  * See SP800-56Ar3 Section 5.6.2.1.2: Owner assurance of Private key validity.
    98. 

  98.  * Verifies priv_key is in the range [1..upper-1]. The passed in value of upper
    99. 

  99.  * is normally params->q but can be 2^N for approved safe prime groups.
    100. 

  100.  * Note: This assumes that the domain parameters are valid.
    101. 

  101.  */
    102. 

  102. int ossl_ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv,
    103. 

  103.                                   int *ret)
    104. 

  104. {
    105. 

  105.     int ok = 0;
    106. 

  106. 

  107.     *ret = 0;
    108. 

  108. 

  109.     if (priv == NULL || upper == NULL) {
    110. 

  110.         *ret = FFC_ERROR_PASSED_NULL_PARAM;
    111. 

  111.         goto err;
    112. 

  112.     }
    113. 

  113.     if (BN_cmp(priv, BN_value_one()) < 0) {
    114. 

  114.         *ret |= FFC_ERROR_PRIVKEY_TOO_SMALL;
    115. 

  115.         goto err;
    116. 

  116.     }
    117. 

  117.     if (BN_cmp(priv, upper) >= 0) {
    118. 

  118.         *ret |= FFC_ERROR_PRIVKEY_TOO_LARGE;
    119. 

  119.         goto err;
    120. 

  120.     }
    121. 

  121.     ok = 1;
    122. 

  122. err:
    123. 

  123.     return ok;
    124. 

  124. }
    125.