1 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2  * project 2000.
3  */
4 /* ====================================================================
5  * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in
16  *    the documentation and/or other materials provided with the
17  *    distribution.
18  *
19  * 3. All advertising materials mentioning features or use of this
20  *    software must display the following acknowledgment:
21  *    "This product includes software developed by the OpenSSL Project
22  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23  *
24  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25  *    endorse or promote products derived from this software without
26  *    prior written permission. For written permission, please contact
27  *    licensing@OpenSSL.org.
28  *
29  * 5. Products derived from this software may not be called "OpenSSL"
30  *    nor may "OpenSSL" appear in their names without prior written
31  *    permission of the OpenSSL Project.
32  *
33  * 6. Redistributions of any form whatsoever must retain the following
34  *    acknowledgment:
35  *    "This product includes software developed by the OpenSSL Project
36  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37  *
38  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49  * OF THE POSSIBILITY OF SUCH DAMAGE.
50  * ====================================================================
51  *
52  * This product includes cryptographic software written by Eric Young
53  * (eay@cryptsoft.com).  This product includes software written by Tim
54  * Hudson (tjh@cryptsoft.com). */
55 
56 #include <openssl/dh.h>
57 
58 #include <assert.h>
59 #include <limits.h>
60 
61 #include <openssl/bn.h>
62 #include <openssl/bytestring.h>
63 #include <openssl/err.h>
64 
65 #include "../bytestring/internal.h"
66 
67 
parse_integer(CBS * cbs,BIGNUM ** out)68 static int parse_integer(CBS *cbs, BIGNUM **out) {
69   assert(*out == NULL);
70   *out = BN_new();
71   if (*out == NULL) {
72     return 0;
73   }
74   return BN_parse_asn1_unsigned(cbs, *out);
75 }
76 
marshal_integer(CBB * cbb,BIGNUM * bn)77 static int marshal_integer(CBB *cbb, BIGNUM *bn) {
78   if (bn == NULL) {
79     // A DH object may be missing some components.
80     OPENSSL_PUT_ERROR(DH, ERR_R_PASSED_NULL_PARAMETER);
81     return 0;
82   }
83   return BN_marshal_asn1(cbb, bn);
84 }
85 
DH_parse_parameters(CBS * cbs)86 DH *DH_parse_parameters(CBS *cbs) {
87   DH *ret = DH_new();
88   if (ret == NULL) {
89     return NULL;
90   }
91 
92   CBS child;
93   if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) ||
94       !parse_integer(&child, &ret->p) ||
95       !parse_integer(&child, &ret->g)) {
96     goto err;
97   }
98 
99   uint64_t priv_length;
100   if (CBS_len(&child) != 0) {
101     if (!CBS_get_asn1_uint64(&child, &priv_length) ||
102         priv_length > UINT_MAX) {
103       goto err;
104     }
105     ret->priv_length = (unsigned)priv_length;
106   }
107 
108   if (CBS_len(&child) != 0) {
109     goto err;
110   }
111 
112   return ret;
113 
114 err:
115   OPENSSL_PUT_ERROR(DH, DH_R_DECODE_ERROR);
116   DH_free(ret);
117   return NULL;
118 }
119 
DH_marshal_parameters(CBB * cbb,const DH * dh)120 int DH_marshal_parameters(CBB *cbb, const DH *dh) {
121   CBB child;
122   if (!CBB_add_asn1(cbb, &child, CBS_ASN1_SEQUENCE) ||
123       !marshal_integer(&child, dh->p) ||
124       !marshal_integer(&child, dh->g) ||
125       (dh->priv_length != 0 &&
126        !CBB_add_asn1_uint64(&child, dh->priv_length)) ||
127       !CBB_flush(cbb)) {
128     OPENSSL_PUT_ERROR(DH, DH_R_ENCODE_ERROR);
129     return 0;
130   }
131   return 1;
132 }
133 
d2i_DHparams(DH ** out,const uint8_t ** inp,long len)134 DH *d2i_DHparams(DH **out, const uint8_t **inp, long len) {
135   if (len < 0) {
136     return NULL;
137   }
138   CBS cbs;
139   CBS_init(&cbs, *inp, (size_t)len);
140   DH *ret = DH_parse_parameters(&cbs);
141   if (ret == NULL) {
142     return NULL;
143   }
144   if (out != NULL) {
145     DH_free(*out);
146     *out = ret;
147   }
148   *inp = CBS_data(&cbs);
149   return ret;
150 }
151 
i2d_DHparams(const DH * in,uint8_t ** outp)152 int i2d_DHparams(const DH *in, uint8_t **outp) {
153   CBB cbb;
154   if (!CBB_init(&cbb, 0) ||
155       !DH_marshal_parameters(&cbb, in)) {
156     CBB_cleanup(&cbb);
157     return -1;
158   }
159   return CBB_finish_i2d(&cbb, outp);
160 }
161