summaryrefslogtreecommitdiffstats
path: root/test/dhtest.c
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2016-04-06 18:49:48 +0200
committerMatt Caswell <matt@openssl.org>2016-04-09 11:10:55 +0200
commit0aeddcfa61250a6c474c4f8b3533772a63192f1b (patch)
treed8ac8b14fc1bd8a365d522a0ecf0fc9999c01575 /test/dhtest.c
parentAdd SSL_DANE typedef for consistency. (diff)
downloadopenssl-0aeddcfa61250a6c474c4f8b3533772a63192f1b.tar.xz
openssl-0aeddcfa61250a6c474c4f8b3533772a63192f1b.zip
Make DH opaque
Move the dh_st structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'test/dhtest.c')
-rw-r--r--test/dhtest.c65
1 files changed, 43 insertions, 22 deletions
diff --git a/test/dhtest.c b/test/dhtest.c
index 8fad6da4fd..fb1c2df23b 100644
--- a/test/dhtest.c
+++ b/test/dhtest.c
@@ -88,6 +88,8 @@ int main(int argc, char *argv[])
BN_GENCB *_cb = NULL;
DH *a = NULL;
DH *b = NULL;
+ BIGNUM *ap = NULL, *ag = NULL, *bp = NULL, *bg = NULL, *apub_key = NULL;
+ BIGNUM *bpub_key = NULL, *priv_key = NULL;
char buf[12] = {0};
unsigned char *abuf = NULL;
unsigned char *bbuf = NULL;
@@ -124,39 +126,43 @@ int main(int argc, char *argv[])
if (i & DH_NOT_SUITABLE_GENERATOR)
BIO_puts(out, "the g value is not a generator\n");
+ DH_get0_pqg(a, &ap, NULL, &ag);
BIO_puts(out, "\np =");
- BN_print(out, a->p);
+ BN_print(out, ap);
BIO_puts(out, "\ng =");
- BN_print(out, a->g);
+ BN_print(out, ag);
BIO_puts(out, "\n");
b = DH_new();
if (b == NULL)
goto err;
- b->p = BN_dup(a->p);
- b->g = BN_dup(a->g);
- if ((b->p == NULL) || (b->g == NULL))
+ bp = BN_dup(ap);
+ bg = BN_dup(ag);
+ if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))
goto err;
+ bp = bg = NULL;
/* Set a to run with normal modexp and b to use constant time */
- a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
- b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
+ DH_clear_flags(a, DH_FLAG_NO_EXP_CONSTTIME);
+ DH_set_flags(b, DH_FLAG_NO_EXP_CONSTTIME);
if (!DH_generate_key(a))
goto err;
+ DH_get0_key(a, &apub_key, &priv_key);
BIO_puts(out, "pri 1=");
- BN_print(out, a->priv_key);
+ BN_print(out, priv_key);
BIO_puts(out, "\npub 1=");
- BN_print(out, a->pub_key);
+ BN_print(out, apub_key);
BIO_puts(out, "\n");
if (!DH_generate_key(b))
goto err;
+ DH_get0_key(b, &bpub_key, &priv_key);
BIO_puts(out, "pri 2=");
- BN_print(out, b->priv_key);
+ BN_print(out, priv_key);
BIO_puts(out, "\npub 2=");
- BN_print(out, b->pub_key);
+ BN_print(out, bpub_key);
BIO_puts(out, "\n");
alen = DH_size(a);
@@ -164,7 +170,7 @@ int main(int argc, char *argv[])
if (abuf == NULL)
goto err;
- aout = DH_compute_key(abuf, b->pub_key, a);
+ aout = DH_compute_key(abuf, bpub_key, a);
BIO_puts(out, "key1 =");
for (i = 0; i < aout; i++) {
@@ -178,7 +184,7 @@ int main(int argc, char *argv[])
if (bbuf == NULL)
goto err;
- bout = DH_compute_key(bbuf, a->pub_key, b);
+ bout = DH_compute_key(bbuf, apub_key, b);
BIO_puts(out, "key2 =");
for (i = 0; i < bout; i++) {
@@ -201,6 +207,8 @@ int main(int argc, char *argv[])
OPENSSL_free(bbuf);
DH_free(b);
DH_free(a);
+ BN_free(bp);
+ BN_free(bg);
BN_GENCB_free(_cb);
BIO_free(out);
@@ -519,7 +527,7 @@ static int run_rfc5114_tests(void)
unsigned char *Z1 = NULL;
unsigned char *Z2 = NULL;
const rfc5114_td *td = NULL;
- BIGNUM *bady = NULL;
+ BIGNUM *bady = NULL, *priv_key = NULL, *pub_key = NULL;
for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
td = rfctd + i;
@@ -529,15 +537,19 @@ static int run_rfc5114_tests(void)
if ((dhA == NULL) || (dhB == NULL))
goto bad_err;
- dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
- dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
+ priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
+ pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
+ if (priv_key == NULL || pub_key == NULL
+ || !DH_set0_key(dhA, pub_key, priv_key))
+ goto bad_err;
- dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
- dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
+ priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
+ pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
- if ((dhA->priv_key == NULL) || (dhA->pub_key == NULL)
- || (dhB->priv_key == NULL) || (dhB->pub_key == NULL))
+ if (priv_key == NULL || pub_key == NULL
+ || !DH_set0_key(dhB, pub_key, priv_key))
goto bad_err;
+ priv_key = pub_key = NULL;
if ((td->Z_len != (size_t)DH_size(dhA))
|| (td->Z_len != (size_t)DH_size(dhB)))
@@ -551,10 +563,17 @@ static int run_rfc5114_tests(void)
* Work out shared secrets using both sides and compare with expected
* values.
*/
- if (DH_compute_key(Z1, dhB->pub_key, dhA) == -1)
+ DH_get0_key(dhB, &pub_key, NULL);
+ if (DH_compute_key(Z1, pub_key, dhA) == -1) {
+ pub_key = NULL;
goto bad_err;
- if (DH_compute_key(Z2, dhA->pub_key, dhB) == -1)
+ }
+ DH_get0_key(dhA, &pub_key, NULL);
+ if (DH_compute_key(Z2, pub_key, dhB) == -1) {
+ pub_key = NULL;
goto bad_err;
+ }
+ pub_key = NULL;
if (memcmp(Z1, td->Z, td->Z_len))
goto err;
@@ -611,6 +630,8 @@ static int run_rfc5114_tests(void)
BN_free(bady);
DH_free(dhA);
DH_free(dhB);
+ BN_free(pub_key);
+ BN_free(priv_key);
OPENSSL_free(Z1);
OPENSSL_free(Z2);