OpenCoverage

dh_check.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssl/src/crypto/dh/dh_check.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/*-
2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.-
3 *-
4 * Licensed under the OpenSSL license (the "License"). You may not use-
5 * this file except in compliance with the License. You can obtain a copy-
6 * in the file LICENSE in the source distribution or at-
7 * https://www.openssl.org/source/license.html-
8 */-
9-
10#include <stdio.h>-
11#include "internal/cryptlib.h"-
12#include <openssl/bn.h>-
13#include "dh_locl.h"-
14-
15/*--
16 * Check that p and g are suitable enough-
17 *-
18 * p is odd-
19 * 1 < g < p - 1-
20 */-
21int DH_check_params_ex(const DH *dh)-
22{-
23 int errflags = 0;-
24-
25 (void)DH_check_params(dh, &errflags);-
26-
27 if ((errflags & DH_CHECK_P_NOT_PRIME) != 0)
(errflags & 0x01) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
28 DHerr(DH_F_DH_CHECK_PARAMS_EX, DH_R_CHECK_P_NOT_PRIME);
never executed: ERR_put_error(5,(122),(117),__FILE__,28);
0
29 if ((errflags & DH_NOT_SUITABLE_GENERATOR) != 0)
(errflags & 0x08) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
30 DHerr(DH_F_DH_CHECK_PARAMS_EX, DH_R_NOT_SUITABLE_GENERATOR);
never executed: ERR_put_error(5,(122),(120),__FILE__,30);
0
31-
32 return errflags == 0;
never executed: return errflags == 0;
0
33}-
34-
35int DH_check_params(const DH *dh, int *ret)-
36{-
37 int ok = 0;-
38 BIGNUM *tmp = NULL;-
39 BN_CTX *ctx = NULL;-
40-
41 *ret = 0;-
42 ctx = BN_CTX_new();-
43 if (ctx == NULL)
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 385 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-385
44 goto err;
never executed: goto err;
0
45 BN_CTX_start(ctx);-
46 tmp = BN_CTX_get(ctx);-
47 if (tmp == NULL)
tmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 385 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-385
48 goto err;
never executed: goto err;
0
49-
50 if (!BN_is_odd(dh->p))
!BN_is_odd(dh->p)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 377 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
8-377
51 *ret |= DH_CHECK_P_NOT_PRIME;
executed 8 times by 1 test: *ret |= 0x01;
Executed by:
  • libcrypto.so.1.1
8
52 if (BN_is_negative(dh->g) || BN_is_zero(dh->g) || BN_is_one(dh->g))
BN_is_negative(dh->g)Description
TRUEnever evaluated
FALSEevaluated 385 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
BN_is_zero(dh->g)Description
TRUEevaluated 7 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 378 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
BN_is_one(dh->g)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 377 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-385
53 *ret |= DH_NOT_SUITABLE_GENERATOR;
executed 8 times by 1 test: *ret |= 0x08;
Executed by:
  • libcrypto.so.1.1
8
54 if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
BN_copy(tmp, d...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 385 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
!BN_sub_word(tmp, 1)Description
TRUEnever evaluated
FALSEevaluated 385 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-385
55 goto err;
never executed: goto err;
0
56 if (BN_cmp(dh->g, tmp) >= 0)
BN_cmp(dh->g, tmp) >= 0Description
TRUEevaluated 3 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 382 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
3-382
57 *ret |= DH_NOT_SUITABLE_GENERATOR;
executed 3 times by 1 test: *ret |= 0x08;
Executed by:
  • libcrypto.so.1.1
3
58-
59 ok = 1;-
60 err:
code before this statement executed 385 times by 1 test: err:
Executed by:
  • libcrypto.so.1.1
385
61 if (ctx != NULL) {
ctx != ((void *)0)Description
TRUEevaluated 385 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-385
62 BN_CTX_end(ctx);-
63 BN_CTX_free(ctx);-
64 }
executed 385 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
385
65 return ok;
executed 385 times by 1 test: return ok;
Executed by:
  • libcrypto.so.1.1
385
66}-
67-
68/*--
69 * Check that p is a safe prime and-
70 * if g is 2, 3 or 5, check that it is a suitable generator-
71 * where-
72 * for 2, p mod 24 == 11-
73 * for 3, p mod 12 == 5-
74 * for 5, p mod 10 == 3 or 7-
75 * should hold.-
76 */-
77int DH_check_ex(const DH *dh)-
78{-
79 int errflags = 0;-
80-
81 (void)DH_check(dh, &errflags);-
82-
83 if ((errflags & DH_NOT_SUITABLE_GENERATOR) != 0)
(errflags & 0x08) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
84 DHerr(DH_F_DH_CHECK_EX, DH_R_NOT_SUITABLE_GENERATOR);
never executed: ERR_put_error(5,(121),(120),__FILE__,84);
0
85 if ((errflags & DH_CHECK_Q_NOT_PRIME) != 0)
(errflags & 0x10) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
86 DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_Q_NOT_PRIME);
never executed: ERR_put_error(5,(121),(119),__FILE__,86);
0
87 if ((errflags & DH_CHECK_INVALID_Q_VALUE) != 0)
(errflags & 0x20) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
88 DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_INVALID_Q_VALUE);
never executed: ERR_put_error(5,(121),(116),__FILE__,88);
0
89 if ((errflags & DH_CHECK_INVALID_J_VALUE) != 0)
(errflags & 0x40) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
90 DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_INVALID_J_VALUE);
never executed: ERR_put_error(5,(121),(115),__FILE__,90);
0
91 if ((errflags & DH_UNABLE_TO_CHECK_GENERATOR) != 0)
(errflags & 0x04) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
92 DHerr(DH_F_DH_CHECK_EX, DH_R_UNABLE_TO_CHECK_GENERATOR);
never executed: ERR_put_error(5,(121),(121),__FILE__,92);
0
93 if ((errflags & DH_CHECK_P_NOT_PRIME) != 0)
(errflags & 0x01) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
94 DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_P_NOT_PRIME);
never executed: ERR_put_error(5,(121),(117),__FILE__,94);
0
95 if ((errflags & DH_CHECK_P_NOT_SAFE_PRIME) != 0)
(errflags & 0x02) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
96 DHerr(DH_F_DH_CHECK_EX, DH_R_CHECK_P_NOT_SAFE_PRIME);
never executed: ERR_put_error(5,(121),(118),__FILE__,96);
0
97-
98 return errflags == 0;
never executed: return errflags == 0;
0
99}-
100-
101int DH_check(const DH *dh, int *ret)-
102{-
103 int ok = 0, r;-
104 BN_CTX *ctx = NULL;-
105 BN_ULONG l;-
106 BIGNUM *t1 = NULL, *t2 = NULL;-
107-
108 *ret = 0;-
109 ctx = BN_CTX_new();-
110 if (ctx == NULL)
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
111 goto err;
never executed: goto err;
0
112 BN_CTX_start(ctx);-
113 t1 = BN_CTX_get(ctx);-
114 t2 = BN_CTX_get(ctx);-
115 if (t2 == NULL)
t2 == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
116 goto err;
never executed: goto err;
0
117-
118 if (dh->q) {
dh->qDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
119 if (BN_cmp(dh->g, BN_value_one()) <= 0)
BN_cmp(dh->g, ...ue_one()) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
120 *ret |= DH_NOT_SUITABLE_GENERATOR;
never executed: *ret |= 0x08;
0
121 else if (BN_cmp(dh->g, dh->p) >= 0)
BN_cmp(dh->g, dh->p) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
122 *ret |= DH_NOT_SUITABLE_GENERATOR;
never executed: *ret |= 0x08;
0
123 else {-
124 /* Check g^q == 1 mod p */-
125 if (!BN_mod_exp(t1, dh->g, dh->q, dh->p, ctx))
!BN_mod_exp(t1...q, dh->p, ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
126 goto err;
never executed: goto err;
0
127 if (!BN_is_one(t1))
!BN_is_one(t1)Description
TRUEnever evaluated
FALSEnever evaluated
0
128 *ret |= DH_NOT_SUITABLE_GENERATOR;
never executed: *ret |= 0x08;
0
129 }
never executed: end of block
0
130 r = BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL);-
131 if (r < 0)
r < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
132 goto err;
never executed: goto err;
0
133 if (!r)
!rDescription
TRUEnever evaluated
FALSEnever evaluated
0
134 *ret |= DH_CHECK_Q_NOT_PRIME;
never executed: *ret |= 0x10;
0
135 /* Check p == 1 mod q i.e. q divides p - 1 */-
136 if (!BN_div(t1, t2, dh->p, dh->q, ctx))
!BN_div(t1, t2...p, dh->q, ctx)Description
TRUEnever evaluated
FALSEnever evaluated
0
137 goto err;
never executed: goto err;
0
138 if (!BN_is_one(t2))
!BN_is_one(t2)Description
TRUEnever evaluated
FALSEnever evaluated
0
139 *ret |= DH_CHECK_INVALID_Q_VALUE;
never executed: *ret |= 0x20;
0
140 if (dh->j && BN_cmp(dh->j, t1))
dh->jDescription
TRUEnever evaluated
FALSEnever evaluated
BN_cmp(dh->j, t1)Description
TRUEnever evaluated
FALSEnever evaluated
0
141 *ret |= DH_CHECK_INVALID_J_VALUE;
never executed: *ret |= 0x40;
0
142-
143 } else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
never executed: end of block
BN_is_word(dh->g, 2)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
144 l = BN_mod_word(dh->p, 24);-
145 if (l == (BN_ULONG)-1)
l == (unsigned long)-1Description
TRUEnever evaluated
FALSEnever evaluated
0
146 goto err;
never executed: goto err;
0
147 if (l != 11)
l != 11Description
TRUEnever evaluated
FALSEnever evaluated
0
148 *ret |= DH_NOT_SUITABLE_GENERATOR;
never executed: *ret |= 0x08;
0
149 } else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
never executed: end of block
BN_is_word(dh->g, 5)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-1
150 l = BN_mod_word(dh->p, 10);-
151 if (l == (BN_ULONG)-1)
l == (unsigned long)-1Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
152 goto err;
never executed: goto err;
0
153 if ((l != 3) && (l != 7))
(l != 3)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
(l != 7)Description
TRUEnever evaluated
FALSEnever evaluated
0-1
154 *ret |= DH_NOT_SUITABLE_GENERATOR;
never executed: *ret |= 0x08;
0
155 } else
executed 1 time by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
1
156 *ret |= DH_UNABLE_TO_CHECK_GENERATOR;
never executed: *ret |= 0x04;
0
157-
158 r = BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL);-
159 if (r < 0)
r < 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
160 goto err;
never executed: goto err;
0
161 if (!r)
!rDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
162 *ret |= DH_CHECK_P_NOT_PRIME;
never executed: *ret |= 0x01;
0
163 else if (!dh->q) {
!dh->qDescription
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-1
164 if (!BN_rshift1(t1, dh->p))
!BN_rshift1(t1, dh->p)Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
165 goto err;
never executed: goto err;
0
166 r = BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL);-
167 if (r < 0)
r < 0Description
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
168 goto err;
never executed: goto err;
0
169 if (!r)
!rDescription
TRUEnever evaluated
FALSEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-1
170 *ret |= DH_CHECK_P_NOT_SAFE_PRIME;
never executed: *ret |= 0x02;
0
171 }
executed 1 time by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
1
172 ok = 1;-
173 err:
code before this statement executed 1 time by 1 test: err:
Executed by:
  • libcrypto.so.1.1
1
174 if (ctx != NULL) {
ctx != ((void *)0)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-1
175 BN_CTX_end(ctx);-
176 BN_CTX_free(ctx);-
177 }
executed 1 time by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
1
178 return ok;
executed 1 time by 1 test: return ok;
Executed by:
  • libcrypto.so.1.1
1
179}-
180-
181int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)-
182{-
183 int errflags = 0;-
184-
185 (void)DH_check(dh, &errflags);-
186-
187 if ((errflags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
(errflags & 0x01) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
188 DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_SMALL);
never executed: ERR_put_error(5,(123),(124),__FILE__,188);
0
189 if ((errflags & DH_CHECK_PUBKEY_TOO_LARGE) != 0)
(errflags & 0x02) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
190 DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_LARGE);
never executed: ERR_put_error(5,(123),(123),__FILE__,190);
0
191 if ((errflags & DH_CHECK_PUBKEY_INVALID) != 0)
(errflags & 0x04) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
192 DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_INVALID);
never executed: ERR_put_error(5,(123),(122),__FILE__,192);
0
193-
194 return errflags == 0;
never executed: return errflags == 0;
0
195}-
196-
197int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)-
198{-
199 int ok = 0;-
200 BIGNUM *tmp = NULL;-
201 BN_CTX *ctx = NULL;-
202-
203 *ret = 0;-
204 ctx = BN_CTX_new();-
205 if (ctx == NULL)
ctx == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 236 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-236
206 goto err;
never executed: goto err;
0
207 BN_CTX_start(ctx);-
208 tmp = BN_CTX_get(ctx);-
209 if (tmp == NULL || !BN_set_word(tmp, 1))
tmp == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 236 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
!BN_set_word(tmp, 1)Description
TRUEnever evaluated
FALSEevaluated 236 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-236
210 goto err;
never executed: goto err;
0
211 if (BN_cmp(pub_key, tmp) <= 0)
BN_cmp(pub_key, tmp) <= 0Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 235 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
1-235
212 *ret |= DH_CHECK_PUBKEY_TOO_SMALL;
executed 1 time by 1 test: *ret |= 0x01;
Executed by:
  • libcrypto.so.1.1
1
213 if (BN_copy(tmp, dh->p) == NULL || !BN_sub_word(tmp, 1))
BN_copy(tmp, d...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 236 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
!BN_sub_word(tmp, 1)Description
TRUEnever evaluated
FALSEevaluated 236 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-236
214 goto err;
never executed: goto err;
0
215 if (BN_cmp(pub_key, tmp) >= 0)
BN_cmp(pub_key, tmp) >= 0Description
TRUEevaluated 14 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 222 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
14-222
216 *ret |= DH_CHECK_PUBKEY_TOO_LARGE;
executed 14 times by 1 test: *ret |= 0x02;
Executed by:
  • libcrypto.so.1.1
14
217-
218 if (dh->q != NULL) {
dh->q != ((void *)0)Description
TRUEevaluated 9 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 227 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
9-227
219 /* Check pub_key^q == 1 mod p */-
220 if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx))
!BN_mod_exp(tm...q, dh->p, ctx)Description
TRUEnever evaluated
FALSEevaluated 9 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
0-9
221 goto err;
never executed: goto err;
0
222 if (!BN_is_one(tmp))
!BN_is_one(tmp)Description
TRUEevaluated 1 time by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEevaluated 8 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
1-8
223 *ret |= DH_CHECK_PUBKEY_INVALID;
executed 1 time by 1 test: *ret |= 0x04;
Executed by:
  • libcrypto.so.1.1
1
224 }
executed 9 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
9
225-
226 ok = 1;-
227 err:
code before this statement executed 236 times by 1 test: err:
Executed by:
  • libcrypto.so.1.1
236
228 if (ctx != NULL) {
ctx != ((void *)0)Description
TRUEevaluated 236 times by 1 test
Evaluated by:
  • libcrypto.so.1.1
FALSEnever evaluated
0-236
229 BN_CTX_end(ctx);-
230 BN_CTX_free(ctx);-
231 }
executed 236 times by 1 test: end of block
Executed by:
  • libcrypto.so.1.1
236
232 return ok;
executed 236 times by 1 test: return ok;
Executed by:
  • libcrypto.so.1.1
236
233}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2