Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Branch: master
Branches Tags
openssl
/
crypto
/
evp
/
ec_ctrl.c

ec_ctrl.c 8.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302 
  1. /*
    2. 

  2.  * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include "internal/deprecated.h"
    11. 

  11. 

  12. #include <openssl/core_names.h>
    13. 

  13. #include <openssl/err.h>
    14. 

  14. #include <openssl/ec.h>
    15. 

  15. #include "crypto/evp.h"
    16. 

  16. #include "crypto/ec.h"
    17. 

  17. 

  18. /*
    19. 

  19.  * This file is meant to contain functions to provide EVP_PKEY support for EC
    20. 

  20.  * keys.
    21. 

  21.  */
    22. 

  22. 

  23. static ossl_inline
    24. 

  24. int evp_pkey_ctx_getset_ecdh_param_checks(const EVP_PKEY_CTX *ctx)
    25. 

  25. {
    26. 

  26.     if (ctx == NULL || !EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
    27. 

  27.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    28. 

  28.         /* Uses the same return values as EVP_PKEY_CTX_ctrl */
    29. 

  29.         return -2;
    30. 

  30.     }
    31. 

  31. 

  32.     /* If key type not EC return error */
    33. 

  33.     if (evp_pkey_ctx_is_legacy(ctx)
    34. 

  34.         && ctx->pmeth != NULL && ctx->pmeth->pkey_id != EVP_PKEY_EC)
    35. 

  35.         return -1;
    36. 

  36. 

  37.     return 1;
    38. 

  38. }
    39. 

  39. 

  40. int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode)
    41. 

  41. {
    42. 

  42.     int ret;
    43. 

  43.     OSSL_PARAM params[2], *p = params;
    44. 

  44. 

  45.     ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
    46. 

  46.     if (ret != 1)
    47. 

  47.         return ret;
    48. 

  48. 

  49.     /*
    50. 

  50.      * Valid input values are:
    51. 

  51.      *  * 0 for disable
    52. 

  52.      *  * 1 for enable
    53. 

  53.      *  * -1 for reset to default for associated priv key
    54. 

  54.      */
    55. 

  55.     if (cofactor_mode < -1 || cofactor_mode > 1) {
    56. 

  56.         /* Uses the same return value of pkey_ec_ctrl() */
    57. 

  57.         return -2;
    58. 

  58.     }
    59. 

  59. 

  60.     *p++ = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE,
    61. 

  61.                                     &cofactor_mode);
    62. 

  62.     *p++ = OSSL_PARAM_construct_end();
    63. 

  63. 

  64.     ret = evp_pkey_ctx_set_params_strict(ctx, params);
    65. 

  65.     if (ret == -2)
    66. 

  66.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    67. 

  67.     return ret;
    68. 

  68. }
    69. 

  69. 

  70. int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx)
    71. 

  71. {
    72. 

  72.     int ret, mode;
    73. 

  73.     OSSL_PARAM params[2], *p = params;
    74. 

  74. 

  75.     ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
    76. 

  76.     if (ret != 1)
    77. 

  77.         return ret;
    78. 

  78. 

  79.     *p++ = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE,
    80. 

  80.                                     &mode);
    81. 

  81.     *p++ = OSSL_PARAM_construct_end();
    82. 

  82. 

  83.     ret = evp_pkey_ctx_get_params_strict(ctx, params);
    84. 

  84. 

  85.     switch (ret) {
    86. 

  86.     case -2:
    87. 

  87.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    88. 

  88.         break;
    89. 

  89.     case 1:
    90. 

  90.         ret = mode;
    91. 

  91.         if (mode < 0 || mode > 1) {
    92. 

  92.             /*
    93. 

  93.              * The provider should return either 0 or 1, any other value is a
    94. 

  94.              * provider error.
    95. 

  95.              */
    96. 

  96.             ret = -1;
    97. 

  97.         }
    98. 

  98.         break;
    99. 

  99.     default:
    100. 

  100.         ret = -1;
    101. 

  101.         break;
    102. 

  102.     }
    103. 

  103. 

  104.     return ret;
    105. 

  105. }
    106. 

  106. 

  107. /*
    108. 

  108.  * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
    109. 

  109.  * simply because that's easier.
    110. 

  110.  */
    111. 

  111. int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf)
    112. 

  112. {
    113. 

  113.     return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
    114. 

  114.                              EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL);
    115. 

  115. }
    116. 

  116. 

  117. /*
    118. 

  118.  * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
    119. 

  119.  * simply because that's easier.
    120. 

  120.  */
    121. 

  121. int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx)
    122. 

  122. {
    123. 

  123.     return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
    124. 

  124.                              EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL);
    125. 

  125. }
    126. 

  126. 

  127. /*
    128. 

  128.  * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
    129. 

  129.  * simply because that's easier.
    130. 

  130.  */
    131. 

  131. int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
    132. 

  132. {
    133. 

  133.     return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
    134. 

  134.                              EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)(md));
    135. 

  135. }
    136. 

  136. 

  137. /*
    138. 

  138.  * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
    139. 

  139.  * simply because that's easier.
    140. 

  140.  */
    141. 

  141. int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd)
    142. 

  142. {
    143. 

  143.     return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_DERIVE,
    144. 

  144.                              EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)(pmd));
    145. 

  145. }
    146. 

  146. 

  147. int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int outlen)
    148. 

  148. {
    149. 

  149.     int ret;
    150. 

  150.     size_t len = outlen;
    151. 

  151.     OSSL_PARAM params[2], *p = params;
    152. 

  152. 

  153.     ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
    154. 

  154.     if (ret != 1)
    155. 

  155.         return ret;
    156. 

  156. 

  157.     if (outlen <= 0) {
    158. 

  158.         /*
    159. 

  159.          * This would ideally be -1 or 0, but we have to retain compatibility
    160. 

  160.          * with legacy behaviour of EVP_PKEY_CTX_ctrl() which returned -2 if
    161. 

  161.          * in <= 0
    162. 

  162.          */
    163. 

  163.         return -2;
    164. 

  164.     }
    165. 

  165. 

  166.     *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
    167. 

  167.                                        &len);
    168. 

  168.     *p++ = OSSL_PARAM_construct_end();
    169. 

  169. 

  170.     ret = evp_pkey_ctx_set_params_strict(ctx, params);
    171. 

  171.     if (ret == -2)
    172. 

  172.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    173. 

  173.     return ret;
    174. 

  174. }
    175. 

  175. 

  176. int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *plen)
    177. 

  177. {
    178. 

  178.     size_t len = UINT_MAX;
    179. 

  179.     int ret;
    180. 

  180.     OSSL_PARAM params[2], *p = params;
    181. 

  181. 

  182.     ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
    183. 

  183.     if (ret != 1)
    184. 

  184.         return ret;
    185. 

  185. 

  186.     *p++ = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
    187. 

  187.                                        &len);
    188. 

  188.     *p++ = OSSL_PARAM_construct_end();
    189. 

  189. 

  190.     ret = evp_pkey_ctx_get_params_strict(ctx, params);
    191. 

  191. 

  192.     switch (ret) {
    193. 

  193.     case -2:
    194. 

  194.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    195. 

  195.         break;
    196. 

  196.     case 1:
    197. 

  197.         if (len <= INT_MAX)
    198. 

  198.             *plen = (int)len;
    199. 

  199.         else
    200. 

  200.             ret = -1;
    201. 

  201.         break;
    202. 

  202.     default:
    203. 

  203.         ret = -1;
    204. 

  204.         break;
    205. 

  205.     }
    206. 

  206. 

  207.     return ret;
    208. 

  208. }
    209. 

  209. 

  210. int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len)
    211. 

  211. {
    212. 

  212.     int ret;
    213. 

  213.     OSSL_PARAM params[2], *p = params;
    214. 

  214. 

  215.     ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
    216. 

  216.     if (ret != 1)
    217. 

  217.         return ret;
    218. 

  218. 

  219.     *p++ = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM,
    220. 

  220.                                             /*
    221. 

  221.                                              * Cast away the const. This is read
    222. 

  222.                                              * only so should be safe
    223. 

  223.                                              */
    224. 

  224.                                             (void *)ukm,
    225. 

  225.                                             (size_t)len);
    226. 

  226.     *p++ = OSSL_PARAM_construct_end();
    227. 

  227. 

  228.     ret = evp_pkey_ctx_set_params_strict(ctx, params);
    229. 

  229. 

  230.     switch (ret) {
    231. 

  231.     case -2:
    232. 

  232.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    233. 

  233.         break;
    234. 

  234.     case 1:
    235. 

  235.         OPENSSL_free(ukm);
    236. 

  236.         break;
    237. 

  237.     }
    238. 

  238. 

  239.     return ret;
    240. 

  240. }
    241. 

  241. 

  242. #ifndef OPENSSL_NO_DEPRECATED_3_0
    243. 

  243. int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **pukm)
    244. 

  244. {
    245. 

  245.     size_t ukmlen;
    246. 

  246.     int ret;
    247. 

  247.     OSSL_PARAM params[2], *p = params;
    248. 

  248. 

  249.     ret = evp_pkey_ctx_getset_ecdh_param_checks(ctx);
    250. 

  250.     if (ret != 1)
    251. 

  251.         return ret;
    252. 

  252. 

  253.     *p++ = OSSL_PARAM_construct_octet_ptr(OSSL_EXCHANGE_PARAM_KDF_UKM,
    254. 

  254.                                           (void **)pukm, 0);
    255. 

  255.     *p++ = OSSL_PARAM_construct_end();
    256. 

  256. 

  257.     ret = evp_pkey_ctx_get_params_strict(ctx, params);
    258. 

  258. 

  259.     switch (ret) {
    260. 

  260.     case -2:
    261. 

  261.         ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
    262. 

  262.         break;
    263. 

  263.     case 1:
    264. 

  264.         ret = -1;
    265. 

  265.         ukmlen = params[0].return_size;
    266. 

  266.         if (ukmlen <= INT_MAX)
    267. 

  267.             ret = (int)ukmlen;
    268. 

  268.         break;
    269. 

  269.     default:
    270. 

  270.         ret = -1;
    271. 

  271.         break;
    272. 

  272.     }
    273. 

  273. 

  274.     return ret;
    275. 

  275. }
    276. 

  276. #endif
    277. 

  277. 

  278. #ifndef FIPS_MODULE
    279. 

  279. /*
    280. 

  280.  * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
    281. 

  281.  * simply because that's easier.
    282. 

  282.  * ASN1_OBJECT (which would be converted to text internally)?
    283. 

  283.  */
    284. 

  284. int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid)
    285. 

  285. {
    286. 

  286.     int keytype = nid == EVP_PKEY_SM2 ? EVP_PKEY_SM2 : EVP_PKEY_EC;
    287. 

  287. 

  288.     return EVP_PKEY_CTX_ctrl(ctx, keytype, EVP_PKEY_OP_TYPE_GEN,
    289. 

  289.                              EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
    290. 

  290.                              nid, NULL);
    291. 

  291. }
    292. 

  292. 

  293. /*
    294. 

  294.  * This one is currently implemented as an EVP_PKEY_CTX_ctrl() wrapper,
    295. 

  295.  * simply because that's easier.
    296. 

  296.  */
    297. 

  297. int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc)
    298. 

  298. {
    299. 

  299.     return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_TYPE_GEN,
    300. 

  300.                              EVP_PKEY_CTRL_EC_PARAM_ENC, param_enc, NULL);
    301. 

  301. }
    302. 

  302. #endif
    303.