fix provider exchange operations

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from #12745)

providers/implementations/exchange/build.info

@@ -1,12 +1,14 @@
 # We make separate GOAL variables for each algorithm, to make it easy to
 # switch each to the Legacy provider when needed.
 
+$DH_GOAL=../../libimplementations.a
+$ECDH_GOAL=../../libimplementations.a
 $ECX_GOAL=../../libimplementations.a
+$ECDH_GOAL=../../libimplementations.a
 $KDF_GOAL=../../libimplementations.a
 
 IF[{- !$disabled{dh} -}]
-  SOURCE[../../libfips.a]=dh_exch.c
-  SOURCE[../../libnonfips.a]=dh_exch.c
+  SOURCE[$DH_GOAL]=dh_exch.c
 ENDIF
 
 IF[{- !$disabled{asm} -}]
@@ -22,8 +24,7 @@ ENDIF
 IF[{- !$disabled{ec} -}]
   SOURCE[$ECX_GOAL]=ecx_exch.c
   DEFINE[$ECX_GOAL]=$ECDEF
-  SOURCE[../../libfips.a]=ecdh_exch.c
-  SOURCE[../../libnonfips.a]=ecdh_exch.c
+  SOURCE[$ECDH_GOAL]=ecdh_exch.c
 ENDIF
 
 SOURCE[$KDF_GOAL]=kdf_exch.c

providers/implementations/exchange/dh_exch.c

@@ -23,7 +23,7 @@
 #include "prov/providercommon.h"
 #include "prov/implementations.h"
 #include "prov/provider_ctx.h"
-#include "prov/provider_util.h"
+#include "prov/check.h"
 #include "crypto/dh.h"
 
 static OSSL_FUNC_keyexch_newctx_fn dh_newctx;
@@ -92,43 +92,6 @@ static void *dh_newctx(void *provctx)
     return pdhctx;
 }
 
-/*
- * For DH key agreement refer to SP800-56A
- * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar3.pdf
- * "Section 5.5.1.1FFC Domain Parameter Selection/Generation" and
- * "Appendix D" FFC Safe-prime Groups
- */
-static int dh_check_key(const DH *dh)
-{
-#ifdef FIPS_MODULE
-    size_t L, N;
-    const BIGNUM *p, *q;
-
-    if (dh == NULL)
-        return 0;
-
-    p = DH_get0_p(dh);
-    q = DH_get0_q(dh);
-    if (p == NULL || q == NULL)
-        return 0;
-
-    L = BN_num_bits(p);
-    if (L < 2048)
-        return 0;
-
-    /* If it is a safe prime group then it is ok */
-    if (DH_get_nid(dh))
-        return 1;
-
-    /* If not then it must be FFC, which only allows certain sizes. */
-    N = BN_num_bits(q);
-
-    return (L == 2048 && (N == 224 || N == 256));
-#else
-    return 1;
-#endif
-}
-
 static int dh_init(void *vpdhctx, void *vdh)
 {
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
@@ -358,12 +321,10 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
 
         EVP_MD_free(pdhctx->kdf_md);
         pdhctx->kdf_md = EVP_MD_fetch(pdhctx->libctx, name, mdprops);
-#ifdef FIPS_MODULE
-        if (!ossl_prov_digest_get_approved_nid(pdhctx->kdf_md, 1)) {
+        if (!digest_is_allowed(pdhctx->kdf_md)) {
             EVP_MD_free(pdhctx->kdf_md);
             pdhctx->kdf_md = NULL;
         }
-#endif
         if (pdhctx->kdf_md == NULL)
             return 0;
     }

providers/implementations/exchange/ecdh_exch.c

@@ -24,7 +24,7 @@
 #include "prov/provider_ctx.h"
 #include "prov/providercommon.h"
 #include "prov/implementations.h"
-#include "prov/provider_util.h"
+#include "prov/check.h"
 #include "crypto/ec.h" /* ecdh_KDF_X9_63() */
 
 static OSSL_FUNC_keyexch_newctx_fn ecdh_newctx;
@@ -111,7 +111,7 @@ int ecdh_init(void *vpecdhctx, void *vecdh)
     pecdhctx->k = vecdh;
     pecdhctx->cofactor_mode = -1;
     pecdhctx->kdf_type = PROV_ECDH_KDF_NONE;
-    return ossl_prov_ec_check(vecdh, 1);
+    return ec_check_key(vecdh, 1);
 }
 
 static
@@ -126,7 +126,7 @@ int ecdh_set_peer(void *vpecdhctx, void *vecdh)
         return 0;
     EC_KEY_free(pecdhctx->peerk);
     pecdhctx->peerk = vecdh;
-    return ossl_prov_ec_check(vecdh, 1);
+    return ec_check_key(vecdh, 1);
 }
 
 static
@@ -254,12 +254,10 @@ int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[])
 
         EVP_MD_free(pectx->kdf_md);
         pectx->kdf_md = EVP_MD_fetch(pectx->libctx, name, mdprops);
-#ifdef FIPS_MODULE
-        if (!ossl_prov_digest_get_approved_nid(pectx->kdf_md, 1)) {
+        if (!digest_is_allowed(pectx->kdf_md)) {
             EVP_MD_free(pectx->kdf_md);
             pectx->kdf_md = NULL;
         }
-#endif
         if (pectx->kdf_md == NULL)
             return 0;
     }