1 files changed, 60 insertions, 76 deletions

diff --git a/providers/implementations/exchange/ecx_exch.c b/providers/implementations/exchange/ecx_exch.c
index 2ba9090c8b5a..28e2ff61c7cc 100644
--- a/providers/implementations/exchange/ecx_exch.c
+++ b/providers/implementations/exchange/ecx_exch.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -17,17 +17,18 @@
 #include "crypto/ecx.h"
 #include "prov/implementations.h"
 #include "prov/providercommon.h"
-#ifdef S390X_EC_ASM
-# include "s390x_arch.h"
-#endif
+#include "prov/securitycheck.h"
 
 static OSSL_FUNC_keyexch_newctx_fn x25519_newctx;
 static OSSL_FUNC_keyexch_newctx_fn x448_newctx;
-static OSSL_FUNC_keyexch_init_fn ecx_init;
+static OSSL_FUNC_keyexch_init_fn x25519_init;
+static OSSL_FUNC_keyexch_init_fn x448_init;
 static OSSL_FUNC_keyexch_set_peer_fn ecx_set_peer;
 static OSSL_FUNC_keyexch_derive_fn ecx_derive;
 static OSSL_FUNC_keyexch_freectx_fn ecx_freectx;
 static OSSL_FUNC_keyexch_dupctx_fn ecx_dupctx;
+static OSSL_FUNC_keyexch_gettable_ctx_params_fn ecx_gettable_ctx_params;
+static OSSL_FUNC_keyexch_get_ctx_params_fn ecx_get_ctx_params;
 
 /*
  * What's passed as an actual key is defined by the KEYMGMT interface.
@@ -49,10 +50,8 @@ static void *ecx_newctx(void *provctx, size_t keylen)
         return NULL;
 
     ctx = OPENSSL_zalloc(sizeof(PROV_ECX_CTX));
-    if (ctx == NULL) {
-        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+    if (ctx == NULL)
         return NULL;
-    }
 
     ctx->keylen = keylen;
 
@@ -69,8 +68,7 @@ static void *x448_newctx(void *provctx)
     return ecx_newctx(provctx, X448_KEYLEN);
 }
 
-static int ecx_init(void *vecxctx, void *vkey,
-                    ossl_unused const OSSL_PARAM params[])
+static int ecx_init(void *vecxctx, void *vkey, const char *algname)
 {
     PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx;
     ECX_KEY *key = vkey;
@@ -89,9 +87,25 @@ static int ecx_init(void *vecxctx, void *vkey,
     ossl_ecx_key_free(ecxctx->key);
     ecxctx->key = key;
 
+#ifdef FIPS_MODULE
+    if (!ossl_FIPS_IND_callback(key->libctx, algname, "Init"))
+        return 0;
+#endif
     return 1;
 }
 
+static int x25519_init(void *vecxctx, void *vkey,
+                       ossl_unused const OSSL_PARAM params[])
+{
+    return ecx_init(vecxctx, vkey, "X25519");
+}
+
+static int x448_init(void *vecxctx, void *vkey,
+                     ossl_unused const OSSL_PARAM params[])
+{
+    return ecx_init(vecxctx, vkey, "X448");
+}
+
 static int ecx_set_peer(void *vecxctx, void *vkey)
 {
     PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx;
@@ -120,65 +134,8 @@ static int ecx_derive(void *vecxctx, unsigned char *secret, size_t *secretlen,
 
     if (!ossl_prov_is_running())
         return 0;
-
-    if (ecxctx->key == NULL
-            || ecxctx->key->privkey == NULL
-            || ecxctx->peerkey == NULL) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
-        return 0;
-    }
-
-    if (!ossl_assert(ecxctx->keylen == X25519_KEYLEN
-            || ecxctx->keylen == X448_KEYLEN)) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
-        return 0;
-    }
-
-    if (secret == NULL) {
-        *secretlen = ecxctx->keylen;
-        return 1;
-    }
-    if (outlen < ecxctx->keylen) {
-        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
-        return 0;
-    }
-
-    if (ecxctx->keylen == X25519_KEYLEN) {
-#ifdef S390X_EC_ASM
-        if (OPENSSL_s390xcap_P.pcc[1]
-                & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X25519)) {
-            if (s390x_x25519_mul(secret, ecxctx->peerkey->pubkey,
-                                 ecxctx->key->privkey) == 0) {
-                ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
-                return 0;
-            }
-        } else
-#endif
-        if (ossl_x25519(secret, ecxctx->key->privkey,
-                        ecxctx->peerkey->pubkey) == 0) {
-            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
-            return 0;
-        }
-    } else {
-#ifdef S390X_EC_ASM
-        if (OPENSSL_s390xcap_P.pcc[1]
-                & S390X_CAPBIT(S390X_SCALAR_MULTIPLY_X448)) {
-            if (s390x_x448_mul(secret, ecxctx->peerkey->pubkey,
-                               ecxctx->key->privkey) == 0) {
-                ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
-                return 0;
-            }
-        } else
-#endif
-        if (ossl_x448(secret, ecxctx->key->privkey,
-                      ecxctx->peerkey->pubkey) == 0) {
-            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_DURING_DERIVATION);
-            return 0;
-        }
-    }
-
-    *secretlen = ecxctx->keylen;
-    return 1;
+    return ossl_ecx_compute_key(ecxctx->peerkey, ecxctx->key, ecxctx->keylen,
+                                secret, secretlen, outlen);
 }
 
 static void ecx_freectx(void *vecxctx)
@@ -200,10 +157,8 @@ static void *ecx_dupctx(void *vecxctx)
         return NULL;
 
     dstctx = OPENSSL_zalloc(sizeof(*srcctx));
-    if (dstctx == NULL) {
-        ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+    if (dstctx == NULL)
         return NULL;
-    }
 
     *dstctx = *srcctx;
     if (dstctx->key != NULL && !ossl_ecx_key_up_ref(dstctx->key)) {
@@ -222,22 +177,51 @@ static void *ecx_dupctx(void *vecxctx)
     return dstctx;
 }
 
+static const OSSL_PARAM *ecx_gettable_ctx_params(ossl_unused void *vctx,
+                                                 ossl_unused void *provctx)
+{
+    static const OSSL_PARAM known_gettable_ctx_params[] = {
+        OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
+        OSSL_PARAM_END
+    };
+    return known_gettable_ctx_params;
+}
+
+static int ecx_get_ctx_params(ossl_unused void *vctx, OSSL_PARAM params[])
+{
+#ifdef FIPS_MODULE
+    int approved = 0;
+    OSSL_PARAM *p = OSSL_PARAM_locate(params,
+                                      OSSL_ALG_PARAM_FIPS_APPROVED_INDICATOR);
+
+    if (p != NULL && !OSSL_PARAM_set_int(p, approved))
+        return 0;
+#endif
+    return 1;
+}
+
 const OSSL_DISPATCH ossl_x25519_keyexch_functions[] = {
     { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))x25519_newctx },
-    { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))ecx_init },
+    { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))x25519_init },
     { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))ecx_derive },
     { OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))ecx_set_peer },
     { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))ecx_freectx },
     { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))ecx_dupctx },
-    { 0, NULL }
+    { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))ecx_get_ctx_params },
+    { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS,
+      (void (*)(void))ecx_gettable_ctx_params },
+    OSSL_DISPATCH_END
 };
 
 const OSSL_DISPATCH ossl_x448_keyexch_functions[] = {
     { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))x448_newctx },
-    { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))ecx_init },
+    { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))x448_init },
     { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))ecx_derive },
     { OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))ecx_set_peer },
     { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))ecx_freectx },
     { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))ecx_dupctx },
-    { 0, NULL }
+    { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))ecx_get_ctx_params },
+    { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS,
+      (void (*)(void))ecx_gettable_ctx_params },
+    OSSL_DISPATCH_END
 };