Modify DSA and DH keys to use a shared FFC_PARAMS struct

This is required in order to share code for FIPS related parameter generation and validation routinues.
Note the 'counter' field is now stored as a integer (as that is the form required for generation/validation functions).

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10860)

1 files changed, 40 insertions, 27 deletions

diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
index 2708a81cd0..75f2dd5bde 100644
--- a/crypto/dh/dh_asn1.c
+++ b/crypto/dh/dh_asn1.c
@@ -34,8 +34,8 @@ static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
 }
 
 ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
-        ASN1_SIMPLE(DH, p, BIGNUM),
-        ASN1_SIMPLE(DH, g, BIGNUM),
+        ASN1_SIMPLE(DH, params.p, BIGNUM),
+        ASN1_SIMPLE(DH, params.g, BIGNUM),
         ASN1_OPT_EMBED(DH, length, ZINT32),
 } ASN1_SEQUENCE_END_cb(DH, DHparams)
 
@@ -82,6 +82,7 @@ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(int_dhx942_dh, DHxparams, int_dhx)
 
 DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
 {
+    FFC_PARAMS *params;
     int_dhx942_dh *dhx = NULL;
     DH *dh = NULL;
     dh = DH_new();
@@ -93,22 +94,22 @@ DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
         return NULL;
     }
 
-    if (a) {
+    if (a != NULL) {
         DH_free(*a);
         *a = dh;
     }
 
-    dh->p = dhx->p;
-    dh->q = dhx->q;
-    dh->g = dhx->g;
-    dh->j = dhx->j;
+    params = &dh->params;
+    ffc_params_set0_pqg(params, dhx->p, dhx->q, dhx->g);
+    ffc_params_set0_j(params, dhx->j);
 
-    if (dhx->vparams) {
-        dh->seed = dhx->vparams->seed->data;
-        dh->seedlen = dhx->vparams->seed->length;
-        dh->counter = dhx->vparams->counter;
-        dhx->vparams->seed->data = NULL;
+    if (dhx->vparams != NULL) {
+        /* The counter has a maximum value of 4 * numbits(p) - 1 */
+        size_t counter = (size_t)BN_get_word(dhx->vparams->counter);
+        ffc_params_set_validate_params(params, dhx->vparams->seed->data,
+                                       dhx->vparams->seed->length, counter);
         ASN1_BIT_STRING_free(dhx->vparams->seed);
+        BN_free(dhx->vparams->counter);
         OPENSSL_free(dhx->vparams);
         dhx->vparams = NULL;
     }
@@ -119,22 +120,34 @@ DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
 
 int i2d_DHxparams(const DH *dh, unsigned char **pp)
 {
+    int ret = 0;
     int_dhx942_dh dhx;
-    int_dhvparams dhv;
-    ASN1_BIT_STRING bs;
-    dhx.p = dh->p;
-    dhx.g = dh->g;
-    dhx.q = dh->q;
-    dhx.j = dh->j;
-    if (dh->counter && dh->seed && dh->seedlen > 0) {
-        bs.flags = ASN1_STRING_FLAG_BITS_LEFT;
-        bs.data = dh->seed;
-        bs.length = dh->seedlen;
-        dhv.seed = &bs;
-        dhv.counter = dh->counter;
+    int_dhvparams dhv = { NULL, NULL };
+    ASN1_BIT_STRING seed;
+    size_t seedlen = 0;
+    const FFC_PARAMS *params = &dh->params;
+    int counter;
+
+    ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p,
+                        (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g);
+    dhx.j = params->j;
+    ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter);
+    seed.length = (int)seedlen;
+
+    if (counter != -1 && seed.data != NULL && seed.length > 0) {
+        seed.flags = ASN1_STRING_FLAG_BITS_LEFT;
+        dhv.seed = &seed;
+        dhv.counter = BN_new();
+        if (dhv.counter == NULL)
+            return 0;
+        if (!BN_set_word(dhv.counter, (BN_ULONG)counter))
+            goto err;
         dhx.vparams = &dhv;
-    } else
+    } else {
         dhx.vparams = NULL;
-
-    return i2d_int_dhx(&dhx, pp);
+    }
+    ret = i2d_int_dhx(&dhx, pp);
+err:
+    BN_free(dhv.counter);
+    return ret;
 }