1/*
2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/*
11 * DSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14#include "internal/deprecated.h"
15
16#include <stdio.h>
17#include "internal/cryptlib.h"
18#include <openssl/bn.h>
19#include "dsa_local.h"
20#include "crypto/dsa.h"
21
22int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
23{
24    if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
25        return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params,
26                                               FFC_PARAM_TYPE_DSA, ret);
27    else
28        /*
29         * Do full FFC domain params validation according to FIPS-186-4
30         *  - always in FIPS_MODULE
31         *  - only if possible (i.e., seed is set) in default provider
32         */
33        return ossl_ffc_params_full_validate(dsa->libctx, &dsa->params,
34                                             FFC_PARAM_TYPE_DSA, ret);
35}
36
37/*
38 * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
39 */
40int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
41{
42    return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret)
43           && *ret == 0;
44}
45
46/*
47 * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Partial public key validation.
48 * To only be used with ephemeral FFC public keys generated using the approved
49 * safe-prime groups.
50 */
51int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
52{
53    return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret)
54           && *ret == 0;
55}
56
57int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
58{
59    *ret = 0;
60
61    return (dsa->params.q != NULL
62            && ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret));
63}
64
65/*
66 * FFC pairwise check from SP800-56A R3.
67 *    Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
68 */
69int ossl_dsa_check_pairwise(const DSA *dsa)
70{
71    int ret = 0;
72    BN_CTX *ctx = NULL;
73    BIGNUM *pub_key = NULL;
74
75    if (dsa->params.p == NULL
76        || dsa->params.g == NULL
77        || dsa->priv_key == NULL
78        || dsa->pub_key == NULL)
79        return 0;
80
81    ctx = BN_CTX_new_ex(dsa->libctx);
82    if (ctx == NULL)
83        goto err;
84    pub_key = BN_new();
85    if (pub_key == NULL)
86        goto err;
87
88    /* recalculate the public key = (g ^ priv) mod p */
89    if (!ossl_dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
90        goto err;
91    /* check it matches the existing pubic_key */
92    ret = BN_cmp(pub_key, dsa->pub_key) == 0;
93err:
94    BN_free(pub_key);
95    BN_CTX_free(ctx);
96    return ret;
97}
98