1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] */ 56 57 #include <openssl/dh.h> 58 59 #include <string.h> 60 61 #include <openssl/bn.h> 62 #include <openssl/buf.h> 63 #include <openssl/err.h> 64 #include <openssl/ex_data.h> 65 #include <openssl/mem.h> 66 #include <openssl/thread.h> 67 68 #include "internal.h" 69 #include "../internal.h" 70 71 72 extern const DH_METHOD DH_default_method; 73 74 static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT; 75 76 DH *DH_new(void) { return DH_new_method(NULL); } 77 78 DH *DH_new_method(const ENGINE *engine) { 79 DH *dh = (DH *)OPENSSL_malloc(sizeof(DH)); 80 if (dh == NULL) { 81 OPENSSL_PUT_ERROR(DH, DH_new_method, ERR_R_MALLOC_FAILURE); 82 return NULL; 83 } 84 85 memset(dh, 0, sizeof(DH)); 86 87 if (engine) { 88 dh->meth = ENGINE_get_DH_method(engine); 89 } 90 91 if (dh->meth == NULL) { 92 dh->meth = (DH_METHOD*) &DH_default_method; 93 } 94 METHOD_ref(dh->meth); 95 96 CRYPTO_MUTEX_init(&dh->method_mont_p_lock); 97 98 dh->references = 1; 99 if (!CRYPTO_new_ex_data(&g_ex_data_class, dh, &dh->ex_data)) { 100 OPENSSL_free(dh); 101 return NULL; 102 } 103 104 if (dh->meth->init && !dh->meth->init(dh)) { 105 CRYPTO_free_ex_data(&g_ex_data_class, dh, &dh->ex_data); 106 METHOD_unref(dh->meth); 107 OPENSSL_free(dh); 108 return NULL; 109 } 110 111 return dh; 112 } 113 114 void DH_free(DH *dh) { 115 if (dh == NULL) { 116 return; 117 } 118 119 if (!CRYPTO_refcount_dec_and_test_zero(&dh->references)) { 120 return; 121 } 122 123 if (dh->meth->finish) { 124 dh->meth->finish(dh); 125 } 126 METHOD_unref(dh->meth); 127 128 CRYPTO_free_ex_data(&g_ex_data_class, dh, &dh->ex_data); 129 130 if (dh->method_mont_p) BN_MONT_CTX_free(dh->method_mont_p); 131 if (dh->p != NULL) BN_clear_free(dh->p); 132 if (dh->g != NULL) BN_clear_free(dh->g); 133 if (dh->q != NULL) BN_clear_free(dh->q); 134 if (dh->j != NULL) BN_clear_free(dh->j); 135 if (dh->seed) OPENSSL_free(dh->seed); 136 if (dh->counter != NULL) BN_clear_free(dh->counter); 137 if (dh->pub_key != NULL) BN_clear_free(dh->pub_key); 138 if (dh->priv_key != NULL) BN_clear_free(dh->priv_key); 139 CRYPTO_MUTEX_cleanup(&dh->method_mont_p_lock); 140 141 OPENSSL_free(dh); 142 } 143 144 int DH_generate_parameters_ex(DH *dh, int prime_bits, int generator, BN_GENCB *cb) { 145 if (dh->meth->generate_parameters) { 146 return dh->meth->generate_parameters(dh, prime_bits, generator, cb); 147 } 148 return DH_default_method.generate_parameters(dh, prime_bits, generator, cb); 149 } 150 151 int DH_generate_key(DH *dh) { 152 if (dh->meth->generate_key) { 153 return dh->meth->generate_key(dh); 154 } 155 return DH_default_method.generate_key(dh); 156 } 157 158 int DH_compute_key(unsigned char *out, const BIGNUM *peers_key, DH *dh) { 159 if (dh->meth->compute_key) { 160 return dh->meth->compute_key(dh, out, peers_key); 161 } 162 return DH_default_method.compute_key(dh, out, peers_key); 163 } 164 165 int DH_size(const DH *dh) { return BN_num_bytes(dh->p); } 166 167 unsigned DH_num_bits(const DH *dh) { return BN_num_bits(dh->p); } 168 169 int DH_up_ref(DH *dh) { 170 CRYPTO_refcount_inc(&dh->references); 171 return 1; 172 } 173 174 static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src) { 175 BIGNUM *a = NULL; 176 177 if (src) { 178 a = BN_dup(src); 179 if (!a) { 180 return 0; 181 } 182 } 183 184 BN_free(*dst); 185 *dst = a; 186 return 1; 187 } 188 189 static int int_dh_param_copy(DH *to, const DH *from, int is_x942) { 190 if (is_x942 == -1) { 191 is_x942 = !!from->q; 192 } 193 if (!int_dh_bn_cpy(&to->p, from->p) || 194 !int_dh_bn_cpy(&to->g, from->g)) { 195 return 0; 196 } 197 198 if (!is_x942) { 199 return 1; 200 } 201 202 if (!int_dh_bn_cpy(&to->q, from->q) || 203 !int_dh_bn_cpy(&to->j, from->j)) { 204 return 0; 205 } 206 207 OPENSSL_free(to->seed); 208 to->seed = NULL; 209 to->seedlen = 0; 210 211 if (from->seed) { 212 to->seed = BUF_memdup(from->seed, from->seedlen); 213 if (!to->seed) { 214 return 0; 215 } 216 to->seedlen = from->seedlen; 217 } 218 219 return 1; 220 } 221 222 DH *DHparams_dup(const DH *dh) { 223 DH *ret = DH_new(); 224 if (!ret) { 225 return NULL; 226 } 227 228 if (!int_dh_param_copy(ret, dh, -1)) { 229 DH_free(ret); 230 return NULL; 231 } 232 233 return ret; 234 } 235 236 int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 237 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { 238 int index; 239 if (!CRYPTO_get_ex_new_index(&g_ex_data_class, &index, argl, argp, new_func, 240 dup_func, free_func)) { 241 return -1; 242 } 243 return index; 244 } 245 246 int DH_set_ex_data(DH *d, int idx, void *arg) { 247 return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); 248 } 249 250 void *DH_get_ex_data(DH *d, int idx) { 251 return (CRYPTO_get_ex_data(&d->ex_data, idx)); 252 } 253
