summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh/dh_key.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh/dh_key.c')
-rw-r--r--src/lib/libcrypto/dh/dh_key.c59
1 files changed, 33 insertions, 26 deletions
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index 22b087b778..1a0efca2c4 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -64,8 +64,9 @@
64#include <openssl/engine.h> 64#include <openssl/engine.h>
65 65
66static int generate_key(DH *dh); 66static int generate_key(DH *dh);
67static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); 67static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
68static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 68static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
69 const BIGNUM *a, const BIGNUM *p,
69 const BIGNUM *m, BN_CTX *ctx, 70 const BIGNUM *m, BN_CTX *ctx,
70 BN_MONT_CTX *m_ctx); 71 BN_MONT_CTX *m_ctx);
71static int dh_init(DH *dh); 72static int dh_init(DH *dh);
@@ -73,12 +74,12 @@ static int dh_finish(DH *dh);
73 74
74int DH_generate_key(DH *dh) 75int DH_generate_key(DH *dh)
75 { 76 {
76 return ENGINE_get_DH(dh->engine)->generate_key(dh); 77 return dh->meth->generate_key(dh);
77 } 78 }
78 79
79int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) 80int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
80 { 81 {
81 return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); 82 return dh->meth->compute_key(key, pub_key, dh);
82 } 83 }
83 84
84static DH_METHOD dh_ossl = { 85static DH_METHOD dh_ossl = {
@@ -92,7 +93,7 @@ dh_finish,
92NULL 93NULL
93}; 94};
94 95
95DH_METHOD *DH_OpenSSL(void) 96const DH_METHOD *DH_OpenSSL(void)
96{ 97{
97 return &dh_ossl; 98 return &dh_ossl;
98} 99}
@@ -100,19 +101,20 @@ DH_METHOD *DH_OpenSSL(void)
100static int generate_key(DH *dh) 101static int generate_key(DH *dh)
101 { 102 {
102 int ok=0; 103 int ok=0;
103 BN_CTX ctx; 104 int generate_new_key=0;
105 unsigned l;
106 BN_CTX *ctx;
104 BN_MONT_CTX *mont; 107 BN_MONT_CTX *mont;
105 BIGNUM *pub_key=NULL,*priv_key=NULL; 108 BIGNUM *pub_key=NULL,*priv_key=NULL;
106 109
107 BN_CTX_init(&ctx); 110 ctx = BN_CTX_new();
111 if (ctx == NULL) goto err;
108 112
109 if (dh->priv_key == NULL) 113 if (dh->priv_key == NULL)
110 { 114 {
111 priv_key=BN_new(); 115 priv_key=BN_new();
112 if (priv_key == NULL) goto err; 116 if (priv_key == NULL) goto err;
113 do 117 generate_new_key=1;
114 if (!BN_rand_range(priv_key, dh->p)) goto err;
115 while (BN_is_zero(priv_key));
116 } 118 }
117 else 119 else
118 priv_key=dh->priv_key; 120 priv_key=dh->priv_key;
@@ -129,12 +131,16 @@ static int generate_key(DH *dh)
129 { 131 {
130 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 132 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
131 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, 133 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
132 dh->p,&ctx)) goto err; 134 dh->p,ctx)) goto err;
133 } 135 }
134 mont=(BN_MONT_CTX *)dh->method_mont_p; 136 mont=(BN_MONT_CTX *)dh->method_mont_p;
135 137
136 if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, 138 if (generate_new_key)
137 priv_key,dh->p,&ctx,mont)) 139 {
140 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
141 if (!BN_rand(priv_key, l, 0, 0)) goto err;
142 }
143 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
138 goto err; 144 goto err;
139 145
140 dh->pub_key=pub_key; 146 dh->pub_key=pub_key;
@@ -146,20 +152,21 @@ err:
146 152
147 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); 153 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
148 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); 154 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
149 BN_CTX_free(&ctx); 155 BN_CTX_free(ctx);
150 return(ok); 156 return(ok);
151 } 157 }
152 158
153static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) 159static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
154 { 160 {
155 BN_CTX ctx; 161 BN_CTX *ctx;
156 BN_MONT_CTX *mont; 162 BN_MONT_CTX *mont;
157 BIGNUM *tmp; 163 BIGNUM *tmp;
158 int ret= -1; 164 int ret= -1;
159 165
160 BN_CTX_init(&ctx); 166 ctx = BN_CTX_new();
161 BN_CTX_start(&ctx); 167 if (ctx == NULL) goto err;
162 tmp = BN_CTX_get(&ctx); 168 BN_CTX_start(ctx);
169 tmp = BN_CTX_get(ctx);
163 170
164 if (dh->priv_key == NULL) 171 if (dh->priv_key == NULL)
165 { 172 {
@@ -170,12 +177,11 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
170 { 177 {
171 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) 178 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
172 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, 179 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
173 dh->p,&ctx)) goto err; 180 dh->p,ctx)) goto err;
174 } 181 }
175 182
176 mont=(BN_MONT_CTX *)dh->method_mont_p; 183 mont=(BN_MONT_CTX *)dh->method_mont_p;
177 if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key, 184 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
178 dh->priv_key,dh->p,&ctx,mont))
179 { 185 {
180 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); 186 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
181 goto err; 187 goto err;
@@ -183,12 +189,13 @@ static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
183 189
184 ret=BN_bn2bin(tmp,key); 190 ret=BN_bn2bin(tmp,key);
185err: 191err:
186 BN_CTX_end(&ctx); 192 BN_CTX_end(ctx);
187 BN_CTX_free(&ctx); 193 BN_CTX_free(ctx);
188 return(ret); 194 return(ret);
189 } 195 }
190 196
191static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, 197static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
198 const BIGNUM *a, const BIGNUM *p,
192 const BIGNUM *m, BN_CTX *ctx, 199 const BIGNUM *m, BN_CTX *ctx,
193 BN_MONT_CTX *m_ctx) 200 BN_MONT_CTX *m_ctx)
194 { 201 {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 13:27:29 +0000