• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <openssl/evp.h>
11 #include <openssl/core_names.h>
12 #include <openssl/param_build.h>
13 
14 #include "predefined_dhparams.h"
15 
16 #ifndef OPENSSL_NO_DH
17 
get_dh_from_pg_bn(OSSL_LIB_CTX * libctx,const char * type,BIGNUM * p,BIGNUM * g,BIGNUM * q)18 static EVP_PKEY *get_dh_from_pg_bn(OSSL_LIB_CTX *libctx, const char *type,
19                                    BIGNUM *p, BIGNUM *g, BIGNUM *q)
20 {
21     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_name(libctx, type, NULL);
22     OSSL_PARAM_BLD *tmpl = NULL;
23     OSSL_PARAM *params = NULL;
24     EVP_PKEY *dhpkey = NULL;
25 
26     if (pctx == NULL || EVP_PKEY_fromdata_init(pctx) <= 0)
27         goto err;
28 
29     if ((tmpl = OSSL_PARAM_BLD_new()) == NULL
30             || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
31             || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g)
32             || (q != NULL
33                 && !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q)))
34         goto err;
35 
36     params = OSSL_PARAM_BLD_to_param(tmpl);
37     if (params == NULL
38         || EVP_PKEY_fromdata(pctx, &dhpkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0)
39         goto err;
40 
41  err:
42     EVP_PKEY_CTX_free(pctx);
43     OSSL_PARAM_free(params);
44     OSSL_PARAM_BLD_free(tmpl);
45     return dhpkey;
46 }
47 
get_dh_from_pg(OSSL_LIB_CTX * libctx,const char * type,unsigned char * pdata,size_t plen,unsigned char * gdata,size_t glen,unsigned char * qdata,size_t qlen)48 static EVP_PKEY *get_dh_from_pg(OSSL_LIB_CTX *libctx, const char *type,
49                                 unsigned char *pdata, size_t plen,
50                                 unsigned char *gdata, size_t glen,
51                                 unsigned char *qdata, size_t qlen)
52 {
53     EVP_PKEY *dhpkey = NULL;
54     BIGNUM *p = NULL, *g = NULL, *q = NULL;
55 
56     p = BN_bin2bn(pdata, plen, NULL);
57     g = BN_bin2bn(gdata, glen, NULL);
58     if (p == NULL || g == NULL)
59         goto err;
60     if (qdata != NULL && (q = BN_bin2bn(qdata, qlen, NULL)) == NULL)
61         goto err;
62 
63     dhpkey = get_dh_from_pg_bn(libctx, type, p, g, q);
64 
65  err:
66     BN_free(p);
67     BN_free(g);
68     BN_free(q);
69     return dhpkey;
70 }
71 
get_dh512(OSSL_LIB_CTX * libctx)72 EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx)
73 {
74     static unsigned char dh512_p[] = {
75         0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, 0xC6,
76         0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04, 0xB0,
77         0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9, 0x5F,
78         0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33, 0xB8,
79         0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21, 0x33,
80         0x02, 0xC5, 0xAE, 0x23,
81     };
82     static unsigned char dh512_g[] = {
83         0x02,
84     };
85 
86     return get_dh_from_pg(libctx, "DH", dh512_p, sizeof(dh512_p),
87                           dh512_g, sizeof(dh512_g), NULL, 0);
88 }
89 
get_dhx512(OSSL_LIB_CTX * libctx)90 EVP_PKEY *get_dhx512(OSSL_LIB_CTX *libctx)
91 {
92     static unsigned char dhx512_p[] = {
93         0x00, 0xe8, 0x1a, 0xb7, 0x9a, 0x02, 0x65, 0x64, 0x94, 0x7b, 0xba, 0x09,
94         0x1c, 0x12, 0x27, 0x1e, 0xea, 0x89, 0x32, 0x64, 0x78, 0xf8, 0x1c, 0x78,
95         0x8e, 0x96, 0xc3, 0xc6, 0x9f, 0x41, 0x05, 0x41, 0x65, 0xae, 0xe3, 0x05,
96         0xea, 0x66, 0x21, 0xf7, 0x38, 0xb7, 0x2b, 0x32, 0x40, 0x5a, 0x14, 0x86,
97         0x51, 0x94, 0xb1, 0xcf, 0x01, 0xe3, 0x27, 0x28, 0xf6, 0x75, 0xa3, 0x15,
98         0xbb, 0x12, 0x4d, 0x99, 0xe7,
99     };
100     static unsigned char dhx512_g[] = {
101         0x00, 0x91, 0xc1, 0x43, 0x6d, 0x0d, 0xb0, 0xa4, 0xde, 0x41, 0xb7, 0x93,
102         0xad, 0x51, 0x94, 0x1b, 0x43, 0xd8, 0x42, 0xf1, 0x5e, 0x46, 0x83, 0x5d,
103         0xf1, 0xd1, 0xf0, 0x41, 0x10, 0xd1, 0x1c, 0x5e, 0xad, 0x9b, 0x68, 0xb1,
104         0x6f, 0xf5, 0x8e, 0xaa, 0x6d, 0x71, 0x88, 0x37, 0xdf, 0x05, 0xf7, 0x6e,
105         0x7a, 0xb4, 0x25, 0x10, 0x6c, 0x7f, 0x38, 0xb4, 0xc8, 0xfc, 0xcc, 0x0c,
106         0x6a, 0x02, 0x08, 0x61, 0xf6,
107     };
108     static unsigned char dhx512_q[] = {
109         0x00, 0xdd, 0xf6, 0x35, 0xad, 0xfa, 0x70, 0xc7, 0xe7, 0xa8, 0xf0, 0xe3,
110         0xda, 0x79, 0x34, 0x3f, 0x5b, 0xcf, 0x73, 0x82, 0x91,
111     };
112 
113     return get_dh_from_pg(libctx, "X9.42 DH",
114                           dhx512_p, sizeof(dhx512_p),
115                           dhx512_g, sizeof(dhx512_g),
116                           dhx512_q, sizeof(dhx512_q));
117 }
118 
get_dh1024dsa(OSSL_LIB_CTX * libctx)119 EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libctx)
120 {
121     static unsigned char dh1024_p[] = {
122         0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, 0x00,
123         0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87, 0x19,
124         0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65, 0xD2,
125         0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6, 0x55,
126         0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF, 0xFC,
127         0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52, 0x97,
128         0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28, 0x8D,
129         0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD, 0xBB,
130         0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C, 0xF6,
131         0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26, 0x9E,
132         0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
133     };
134     static unsigned char dh1024_g[] = {
135         0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80, 0x05,
136         0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03, 0xF3,
137         0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A, 0xE9,
138         0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85, 0x3C,
139         0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B, 0x65,
140         0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF, 0x60,
141         0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E, 0xF6,
142         0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB, 0xA7,
143         0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72, 0xA1,
144         0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E, 0x60,
145         0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
146     };
147 
148     return get_dh_from_pg(libctx, "DH", dh1024_p, sizeof(dh1024_p),
149                           dh1024_g, sizeof(dh1024_g), NULL, 0);
150 }
151 
get_dh2048(OSSL_LIB_CTX * libctx)152 EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx)
153 {
154     BIGNUM *p = NULL, *g = NULL;
155     EVP_PKEY *dhpkey = NULL;
156 
157     g = BN_new();
158     if (g == NULL || !BN_set_word(g, 2))
159         goto err;
160 
161     p = BN_get_rfc3526_prime_2048(NULL);
162     if (p == NULL)
163         goto err;
164 
165     dhpkey = get_dh_from_pg_bn(libctx, "DH", p, g, NULL);
166 
167  err:
168     BN_free(p);
169     BN_free(g);
170     return dhpkey;
171 }
172 
get_dh4096(OSSL_LIB_CTX * libctx)173 EVP_PKEY *get_dh4096(OSSL_LIB_CTX *libctx)
174 {
175     BIGNUM *p = NULL, *g = NULL;
176     EVP_PKEY *dhpkey = NULL;
177 
178     g = BN_new();
179     if (g == NULL || !BN_set_word(g, 2))
180         goto err;
181 
182     p = BN_get_rfc3526_prime_4096(NULL);
183     if (p == NULL)
184         goto err;
185 
186     dhpkey = get_dh_from_pg_bn(libctx, "DH", p, g, NULL);
187 
188  err:
189     BN_free(p);
190     BN_free(g);
191     return dhpkey;
192 }
193 
194 #endif
195