OpenCoverage

dh_key.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/dh/dh_key.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* $OpenBSD: dh_key.c,v 1.29 2018/06/12 15:33:18 sthen Exp $ */ -

4 * -

5 * This package is an SSL implementation written -

6 * by Eric Young (eay@cryptsoft.com). -

7 * The implementation was written so as to conform with Netscapes SSL. -

8 * -

9 * This library is free for commercial and non-commercial use as long as -

10 * the following conditions are aheared to. The following conditions -

11 * apply to all code found in this distribution, be it the RC4, RSA, -

12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation -

13 * included with this distribution is covered by the same copyright terms -

14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). -

15 * -

16 * Copyright remains Eric Young's, and as such any Copyright notices in -

17 * the code are not to be removed. -

18 * If this package is used in a product, Eric Young should be given attribution -

19 * as the author of the parts of the library used. -

20 * This can be in the form of a textual message at program startup or -

21 * in documentation (online or textual) provided with the package. -

22 * -

23 * Redistribution and use in source and binary forms, with or without -

24 * modification, are permitted provided that the following conditions -

25 * are met: -

26 * 1. Redistributions of source code must retain the copyright -

27 * notice, this list of conditions and the following disclaimer. -

28 * 2. Redistributions in binary form must reproduce the above copyright -

29 * notice, this list of conditions and the following disclaimer in the -

30 * documentation and/or other materials provided with the distribution. -

31 * 3. All advertising materials mentioning features or use of this software -

32 * must display the following acknowledgement: -

33 * "This product includes cryptographic software written by -

34 * Eric Young (eay@cryptsoft.com)" -

35 * The word 'cryptographic' can be left out if the rouines from the library -

36 * being used are not cryptographic related :-). -

37 * 4. If you include any Windows specific code (or a derivative thereof) from -

38 * the apps directory (application code) you must include an acknowledgement: -

39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" -

40 * -

41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -

42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -

43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -

44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -

45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -

46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -

47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -

48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -

49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -

50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -

51 * SUCH DAMAGE. -

52 * -

53 * The licence and distribution terms for any publically available version or -

54 * derivative of this code cannot be changed. i.e. this code cannot simply be -

55 * copied and put under another distribution licence -

56 * [including the GNU Public Licence.] -

57 */ -

58 -

59 #include <stdio.h> -

60 -

61 #include <openssl/bn.h> -

62 #include <openssl/dh.h> -

63 #include <openssl/err.h> -

64 -

65 #include "bn_lcl.h" -

66 -

67 static int generate_key(DH *dh); -

68 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); -

69 static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, -

70 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -

71 static int dh_init(DH *dh); -

72 static int dh_finish(DH *dh); -

73 -

74 int -

75 DH_generate_key(DH *dh) -

76 { -

return dh->meth->generate_key(dh);

executed 62 times by 4 tests: return dh->meth->generate_key(dh);

Executed by:

dhtest
mont
servertest
ssltest

78 } -

79 -

80 int -

81 DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) -

82 { -

return dh->meth->compute_key(key, pub_key, dh);

executed 60 times by 3 tests: return dh->meth->compute_key(key, pub_key, dh);

Executed by:

dhtest
mont
ssltest

84 } -

85 -

86 static DH_METHOD dh_ossl = { -

87 .name = "OpenSSL DH Method", -

88 .generate_key = generate_key, -

89 .compute_key = compute_key, -

90 .bn_mod_exp = dh_bn_mod_exp, -

91 .init = dh_init, -

92 .finish = dh_finish, -

93 }; -

94 -

95 const DH_METHOD * -

96 DH_OpenSSL(void) -

97 { -

return &dh_ossl;

executed 52 times by 4 tests: return &dh_ossl;

Executed by:

dhtest
mont
servertest
ssltest

99 } -

100 -

101 static int -

102 generate_key(DH *dh) -

103 { -

104 int ok = 0; -

105 int generate_new_key = 0; -

106 unsigned l; -

107 BN_CTX *ctx; -

108 BN_MONT_CTX *mont = NULL; -

109 BIGNUM *pub_key = NULL, *priv_key = NULL; -

110 -

111

if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {

BN_num_bits(dh->p) > 10000	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

112 DHerror(DH_R_MODULUS_TOO_LARGE); -

113

return 0;

never executed: return 0;

114 } -

115 -

116 ctx = BN_CTX_new(); -

117

if (ctx == NULL)

ctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

118

goto err;

never executed: goto err;

119 -

120

if (dh->priv_key == NULL) {

dh->priv_key == ((void *)0)	Description
TRUE	evaluated 45 times by 3 tests Evaluated by: dhtest servertest ssltest
FALSE	evaluated 17 times by 1 test Evaluated by: mont

17-45

121 priv_key = BN_new(); -

122

if (priv_key == NULL)

priv_key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 45 times by 3 tests Evaluated by: dhtest servertest ssltest

0-45

123

goto err;

never executed: goto err;

124 generate_new_key = 1; -

125

} else

executed 45 times by 3 tests: end of block

Executed by:

dhtest
servertest
ssltest

126

priv_key = dh->priv_key;

executed 17 times by 1 test: priv_key = dh->priv_key;

Executed by:

mont

127 -

128

if (dh->pub_key == NULL) {

dh->pub_key == ((void *)0)	Description
TRUE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest
FALSE	never evaluated

0-62

129 pub_key = BN_new(); -

130

if (pub_key == NULL)

pub_key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

131

goto err;

never executed: goto err;

132

} else

executed 62 times by 4 tests: end of block

Executed by:

dhtest
mont
servertest
ssltest

133

pub_key = dh->pub_key;

never executed: pub_key = dh->pub_key;

134 -

135

if (dh->flags & DH_FLAG_CACHE_MONT_P) {

dh->flags & 0x01	Description
TRUE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest
FALSE	never evaluated

0-62

136 mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, -

137 CRYPTO_LOCK_DH, dh->p, ctx); -

138

if (!mont)

!mont	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

139

goto err;

never executed: goto err;

140

}

executed 62 times by 4 tests: end of block

Executed by:

dhtest
mont
servertest
ssltest

141 -

142

if (generate_new_key) {

generate_new_key	Description
TRUE	evaluated 45 times by 3 tests Evaluated by: dhtest servertest ssltest
FALSE	evaluated 17 times by 1 test Evaluated by: mont

17-45

143

if (dh->q) {

dh->q	Description
TRUE	never evaluated
FALSE	evaluated 45 times by 3 tests Evaluated by: dhtest servertest ssltest

0-45

144 do { -

145

if (!BN_rand_range(priv_key, dh->q))

!BN_rand_range...iv_key, dh->q)	Description
TRUE	never evaluated
FALSE	never evaluated

146

goto err;

never executed: goto err;

147

} while (BN_is_zero(priv_key) || BN_is_one(priv_key));

never executed: end of block

((priv_key)->top == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

(((priv_key))->top == 1)	Description
TRUE	never evaluated
FALSE	never evaluated

(((priv_key))-...gned long)(1))	Description
TRUE	never evaluated
FALSE	never evaluated

((1) == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

(((priv_key))->top == 0)	Description
TRUE	never evaluated
FALSE	never evaluated

!(priv_key)->neg	Description
TRUE	never evaluated
FALSE	never evaluated

148

} else {

never executed: end of block

149 /* secret exponent length */ -

150

l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;

dh->length	Description
TRUE	evaluated 10 times by 1 test Evaluated by: ssltest
FALSE	evaluated 35 times by 3 tests Evaluated by: dhtest servertest ssltest

10-35

151

if (!BN_rand(priv_key, l, 0, 0))

!BN_rand(priv_key, l, 0, 0)	Description
TRUE	never evaluated
FALSE	evaluated 45 times by 3 tests Evaluated by: dhtest servertest ssltest

0-45

152

goto err;

never executed: goto err;

153

}

executed 45 times by 3 tests: end of block

Executed by:

dhtest
servertest
ssltest

154 } -

155 -

156 { -

157 BIGNUM prk; -

158 -

159 BN_init(&prk); -

160 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME); -

161 -

162

if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx,

!dh->meth->bn_...>p, ctx, mont)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

163

mont)) {

!dh->meth->bn_...>p, ctx, mont)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

164

goto err;

never executed: goto err;

165 } -

166 } -

167 -

168 dh->pub_key = pub_key; -

169 dh->priv_key = priv_key; -

170 ok = 1; -

171

err:

code before this statement executed 62 times by 4 tests: err:

Executed by:

dhtest
mont
servertest
ssltest

172

if (ok != 1)

ok != 1	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

173

DHerror(ERR_R_BN_LIB);

never executed: ERR_put_error(5,(0xfff),(3),__FILE__,173);

174 -

175

if (pub_key != NULL && dh->pub_key == NULL)

pub_key != ((void *)0)	Description
TRUE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest
FALSE	never evaluated

dh->pub_key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

176

BN_free(pub_key);

never executed: BN_free(pub_key);

177

if (priv_key != NULL && dh->priv_key == NULL)

priv_key != ((void *)0)	Description
TRUE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest
FALSE	never evaluated

dh->priv_key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 4 tests Evaluated by: dhtest mont servertest ssltest

0-62

178

BN_free(priv_key);

never executed: BN_free(priv_key);

179 BN_CTX_free(ctx); -

180

return ok;

executed 62 times by 4 tests: return ok;

Executed by:

dhtest
mont
servertest
ssltest

181 } -

182 -

183 static int -

184 compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) -

185 { -

186 BN_CTX *ctx = NULL; -

187 BN_MONT_CTX *mont = NULL; -

188 BIGNUM *tmp; -

189 int ret = -1; -

190 int check_result; -

191 -

192

if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {

BN_num_bits(dh->p) > 10000	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

193 DHerror(DH_R_MODULUS_TOO_LARGE); -

194

goto err;

never executed: goto err;

195 } -

196 -

197 ctx = BN_CTX_new(); -

198

if (ctx == NULL)

ctx == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

199

goto err;

never executed: goto err;

200 BN_CTX_start(ctx); -

201

if ((tmp = BN_CTX_get(ctx)) == NULL)

(tmp = BN_CTX_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

202

goto err;

never executed: goto err;

203 -

204

if (dh->priv_key == NULL) {

dh->priv_key == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

205 DHerror(DH_R_NO_PRIVATE_VALUE); -

206

goto err;

never executed: goto err;

207 } -

208 -

209

if (dh->flags & DH_FLAG_CACHE_MONT_P) {

dh->flags & 0x01	Description
TRUE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest
FALSE	never evaluated

0-60

210 mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, -

211 CRYPTO_LOCK_DH, dh->p, ctx); -

212 -

213 BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); -

214 -

215

if (!mont)

!mont	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

216

goto err;

never executed: goto err;

217

}

executed 60 times by 3 tests: end of block

Executed by:

dhtest
mont
ssltest

218 -

219

if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) {

!DH_check_pub_...&check_result)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

check_result	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

220 DHerror(DH_R_INVALID_PUBKEY); -

221

goto err;

never executed: goto err;

222 } -

223 -

224

if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key, dh->p, ctx,

!dh->meth->bn_...>p, ctx, mont)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

225

mont)) {

!dh->meth->bn_...>p, ctx, mont)	Description
TRUE	never evaluated
FALSE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest

0-60

226 DHerror(ERR_R_BN_LIB); -

227

goto err;

never executed: goto err;

228 } -

229 -

230 ret = BN_bn2bin(tmp, key); -

231

err:

code before this statement executed 60 times by 3 tests: err:

Executed by:

dhtest
mont
ssltest

232

if (ctx != NULL) {

ctx != ((void *)0)	Description
TRUE	evaluated 60 times by 3 tests Evaluated by: dhtest mont ssltest
FALSE	never evaluated

0-60

233 BN_CTX_end(ctx); -

234 BN_CTX_free(ctx); -

235

}

executed 60 times by 3 tests: end of block

Executed by:

dhtest
mont
ssltest

236

return ret;

executed 60 times by 3 tests: return ret;

Executed by:

dhtest
mont
ssltest

237 } -

238 -

239 static int -

240 dh_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, -

241 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) -

242 { -

243

return BN_mod_exp_mont_ct(r, a, p, m, ctx, m_ctx);

executed 122 times by 4 tests: return BN_mod_exp_mont_ct(r, a, p, m, ctx, m_ctx);

Executed by:

dhtest
mont
servertest
ssltest

122

244 } -

245 -

246 static int -

247 dh_init(DH *dh) -

248 { -

249 dh->flags |= DH_FLAG_CACHE_MONT_P; -

250

return 1;

executed 230 times by 4 tests: return 1;

Executed by:

dhtest
mont
servertest
ssltest

230

251 } -

252 -

253 static int -

254 dh_finish(DH *dh) -

255 { -

256 BN_MONT_CTX_free(dh->method_mont_p); -

257

return 1;

executed 230 times by 4 tests: return 1;

Executed by:

dhtest
mont
servertest
ssltest

230

258 } -

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2