summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/dh.h223
-rw-r--r--src/lib/libcrypto/dh/dh_asn1.c87
-rw-r--r--src/lib/libcrypto/dh/dh_check.c146
-rw-r--r--src/lib/libcrypto/dh/dh_err.c106
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c175
-rw-r--r--src/lib/libcrypto/dh/dh_key.c266
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c247
7 files changed, 0 insertions, 1250 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
deleted file mode 100644
index 582b34329f..0000000000
--- a/src/lib/libcrypto/dh/dh.h
+++ /dev/null
@@ -1,223 +0,0 @@
1/* crypto/dh/dh.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DH_H
60#define HEADER_DH_H
61
62#ifdef OPENSSL_NO_DH
63#error DH is disabled.
64#endif
65
66#ifndef OPENSSL_NO_BIO
67#include <openssl/bio.h>
68#endif
69#include <openssl/bn.h>
70#include <openssl/crypto.h>
71#include <openssl/ossl_typ.h>
72
73#define OPENSSL_DH_MAX_MODULUS_BITS 10000
74
75#define DH_FLAG_CACHE_MONT_P 0x01
76#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
77 * implementation now uses constant time
78 * modular exponentiation for secret exponents
79 * by default. This flag causes the
80 * faster variable sliding window method to
81 * be used for all exponents.
82 */
83
84#ifdef __cplusplus
85extern "C" {
86#endif
87
88typedef struct dh_st DH;
89
90typedef struct dh_method {
91 const char *name;
92 /* Methods here */
93 int (*generate_key)(DH *dh);
94 int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
95 int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
96 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
97 BN_MONT_CTX *m_ctx); /* Can be null */
98
99 int (*init)(DH *dh);
100 int (*finish)(DH *dh);
101 int flags;
102 char *app_data;
103} DH_METHOD;
104
105struct dh_st
106 {
107 /* This first argument is used to pick up errors when
108 * a DH is passed instead of a EVP_PKEY */
109 int pad;
110 int version;
111 BIGNUM *p;
112 BIGNUM *g;
113 int length; /* optional */
114 BIGNUM *pub_key; /* g^x */
115 BIGNUM *priv_key; /* x */
116
117 int flags;
118 char *method_mont_p;
119 /* Place holders if we want to do X9.42 DH */
120 BIGNUM *q;
121 BIGNUM *j;
122 unsigned char *seed;
123 int seedlen;
124 BIGNUM *counter;
125
126 int references;
127 CRYPTO_EX_DATA ex_data;
128 const DH_METHOD *meth;
129 ENGINE *engine;
130 };
131
132#define DH_GENERATOR_2 2
133/* #define DH_GENERATOR_3 3 */
134#define DH_GENERATOR_5 5
135
136/* DH_check error codes */
137#define DH_CHECK_P_NOT_PRIME 0x01
138#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
139#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
140#define DH_NOT_SUITABLE_GENERATOR 0x08
141
142/* DH_check_pub_key error codes */
143#define DH_CHECK_PUBKEY_TOO_SMALL 0x01
144#define DH_CHECK_PUBKEY_TOO_LARGE 0x02
145
146/* primes p where (p-1)/2 is prime too are called "safe"; we define
147 this for backward compatibility: */
148#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
149
150#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
151 (char *(*)())d2i_DHparams,(char *)(x))
152#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
153 (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
154#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
155 (unsigned char *)(x))
156#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
157 (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
158#ifdef __cplusplus
159#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
160 (unsigned char *)(x))
161#else
162#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
163 (unsigned char *)(x))
164#endif
165
166const DH_METHOD *DH_OpenSSL(void);
167
168void DH_set_default_method(const DH_METHOD *meth);
169const DH_METHOD *DH_get_default_method(void);
170int DH_set_method(DH *dh, const DH_METHOD *meth);
171DH *DH_new_method(ENGINE *engine);
172
173DH * DH_new(void);
174void DH_free(DH *dh);
175int DH_up_ref(DH *dh);
176int DH_size(const DH *dh);
177int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
178 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
179int DH_set_ex_data(DH *d, int idx, void *arg);
180void *DH_get_ex_data(DH *d, int idx);
181DH * DH_generate_parameters(int prime_len,int generator,
182 void (*callback)(int,int,void *),void *cb_arg);
183int DH_check(const DH *dh,int *codes);
184int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
185int DH_generate_key(DH *dh);
186int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
187DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
188int i2d_DHparams(const DH *a,unsigned char **pp);
189#ifndef OPENSSL_NO_FP_API
190int DHparams_print_fp(FILE *fp, const DH *x);
191#endif
192#ifndef OPENSSL_NO_BIO
193int DHparams_print(BIO *bp, const DH *x);
194#else
195int DHparams_print(char *bp, const DH *x);
196#endif
197
198/* BEGIN ERROR CODES */
199/* The following lines are auto generated by the script mkerr.pl. Any changes
200 * made after this point may be overwritten when the script is next run.
201 */
202void ERR_load_DH_strings(void);
203
204/* Error codes for the DH functions. */
205
206/* Function codes. */
207#define DH_F_DHPARAMS_PRINT 100
208#define DH_F_DHPARAMS_PRINT_FP 101
209#define DH_F_DH_COMPUTE_KEY 102
210#define DH_F_DH_GENERATE_KEY 103
211#define DH_F_DH_GENERATE_PARAMETERS 104
212#define DH_F_DH_NEW_METHOD 105
213
214/* Reason codes. */
215#define DH_R_BAD_GENERATOR 101
216#define DH_R_NO_PRIVATE_VALUE 100
217#define DH_R_INVALID_PUBKEY 102
218#define DH_R_MODULUS_TOO_LARGE 103
219
220#ifdef __cplusplus
221}
222#endif
223#endif
diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c
deleted file mode 100644
index 769b5b68c5..0000000000
--- a/src/lib/libcrypto/dh/dh_asn1.c
+++ /dev/null
@@ -1,87 +0,0 @@
1/* dh_asn1.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#include <openssl/objects.h>
64#include <openssl/asn1t.h>
65
66/* Override the default free and new methods */
67static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
68{
69 if(operation == ASN1_OP_NEW_PRE) {
70 *pval = (ASN1_VALUE *)DH_new();
71 if(*pval) return 2;
72 return 0;
73 } else if(operation == ASN1_OP_FREE_PRE) {
74 DH_free((DH *)*pval);
75 *pval = NULL;
76 return 2;
77 }
78 return 1;
79}
80
81ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
82 ASN1_SIMPLE(DH, p, BIGNUM),
83 ASN1_SIMPLE(DH, g, BIGNUM),
84 ASN1_OPT(DH, length, ZLONG),
85} ASN1_SEQUENCE_END_cb(DH, DHparams)
86
87IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
deleted file mode 100644
index 17debff62d..0000000000
--- a/src/lib/libcrypto/dh/dh_check.c
+++ /dev/null
@@ -1,146 +0,0 @@
1/* crypto/dh/dh_check.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* Check that p is a safe prime and
65 * if g is 2, 3 or 5, check that is is a suitable generator
66 * where
67 * for 2, p mod 24 == 11
68 * for 3, p mod 12 == 5
69 * for 5, p mod 10 == 3 or 7
70 * should hold.
71 */
72
73#ifndef OPENSSL_FIPS
74
75int DH_check(const DH *dh, int *ret)
76 {
77 int ok=0;
78 BN_CTX *ctx=NULL;
79 BN_ULONG l;
80 BIGNUM *q=NULL;
81
82 *ret=0;
83 ctx=BN_CTX_new();
84 if (ctx == NULL) goto err;
85 q=BN_new();
86 if (q == NULL) goto err;
87
88 if (BN_is_word(dh->g,DH_GENERATOR_2))
89 {
90 l=BN_mod_word(dh->p,24);
91 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
92 }
93#if 0
94 else if (BN_is_word(dh->g,DH_GENERATOR_3))
95 {
96 l=BN_mod_word(dh->p,12);
97 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
98 }
99#endif
100 else if (BN_is_word(dh->g,DH_GENERATOR_5))
101 {
102 l=BN_mod_word(dh->p,10);
103 if ((l != 3) && (l != 7))
104 *ret|=DH_NOT_SUITABLE_GENERATOR;
105 }
106 else
107 *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
108
109 if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
110 *ret|=DH_CHECK_P_NOT_PRIME;
111 else
112 {
113 if (!BN_rshift1(q,dh->p)) goto err;
114 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
115 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
116 }
117 ok=1;
118err:
119 if (ctx != NULL) BN_CTX_free(ctx);
120 if (q != NULL) BN_free(q);
121 return(ok);
122 }
123
124int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
125 {
126 int ok=0;
127 BIGNUM *q=NULL;
128
129 *ret=0;
130 q=BN_new();
131 if (q == NULL) goto err;
132 BN_set_word(q,1);
133 if (BN_cmp(pub_key,q) <= 0)
134 *ret|=DH_CHECK_PUBKEY_TOO_SMALL;
135 BN_copy(q,dh->p);
136 BN_sub_word(q,1);
137 if (BN_cmp(pub_key,q) >= 0)
138 *ret|=DH_CHECK_PUBKEY_TOO_LARGE;
139
140 ok = 1;
141err:
142 if (q != NULL) BN_free(q);
143 return(ok);
144 }
145
146#endif
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
deleted file mode 100644
index 611067ef4a..0000000000
--- a/src/lib/libcrypto/dh/dh_err.c
+++ /dev/null
@@ -1,106 +0,0 @@
1/* crypto/dh/dh_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dh.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
70
71static ERR_STRING_DATA DH_str_functs[]=
72 {
73{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
75{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
76{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
77{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
78{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
79{0,NULL}
80 };
81
82static ERR_STRING_DATA DH_str_reasons[]=
83 {
84{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
85{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
86{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
87{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
88{0,NULL}
89 };
90
91#endif
92
93void ERR_load_DH_strings(void)
94 {
95 static int init=1;
96
97 if (init)
98 {
99 init=0;
100#ifndef OPENSSL_NO_ERR
101 ERR_load_strings(0,DH_str_functs);
102 ERR_load_strings(0,DH_str_reasons);
103#endif
104
105 }
106 }
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
deleted file mode 100644
index 23777f5a16..0000000000
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ /dev/null
@@ -1,175 +0,0 @@
1/* crypto/dh/dh_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* We generate DH parameters as follows
65 * find a prime q which is prime_len/2 bits long.
66 * p=(2*q)+1 or (p-1)/2 = q
67 * For this case, g is a generator if
68 * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
69 * Since the factors of p-1 are q and 2, we just need to check
70 * g^2 mod p != 1 and g^q mod p != 1.
71 *
72 * Having said all that,
73 * there is another special case method for the generators 2, 3 and 5.
74 * for 2, p mod 24 == 11
75 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
76 * for 5, p mod 10 == 3 or 7
77 *
78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
79 * special generators and for answering some of my questions.
80 *
81 * I've implemented the second simple method :-).
82 * Since DH should be using a safe prime (both p and q are prime),
83 * this generator function can take a very very long time to run.
84 */
85/* Actually there is no reason to insist that 'generator' be a generator.
86 * It's just as OK (and in some sense better) to use a generator of the
87 * order-q subgroup.
88 */
89
90#ifndef OPENSSL_FIPS
91
92DH *DH_generate_parameters(int prime_len, int generator,
93 void (*callback)(int,int,void *), void *cb_arg)
94 {
95 BIGNUM *p=NULL,*t1,*t2;
96 DH *ret=NULL;
97 int g,ok= -1;
98 BN_CTX *ctx=NULL;
99
100 ret=DH_new();
101 if (ret == NULL) goto err;
102 ctx=BN_CTX_new();
103 if (ctx == NULL) goto err;
104 BN_CTX_start(ctx);
105 t1 = BN_CTX_get(ctx);
106 t2 = BN_CTX_get(ctx);
107 if (t1 == NULL || t2 == NULL) goto err;
108
109 if (generator <= 1)
110 {
111 DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR);
112 goto err;
113 }
114 if (generator == DH_GENERATOR_2)
115 {
116 if (!BN_set_word(t1,24)) goto err;
117 if (!BN_set_word(t2,11)) goto err;
118 g=2;
119 }
120#if 0 /* does not work for safe primes */
121 else if (generator == DH_GENERATOR_3)
122 {
123 if (!BN_set_word(t1,12)) goto err;
124 if (!BN_set_word(t2,5)) goto err;
125 g=3;
126 }
127#endif
128 else if (generator == DH_GENERATOR_5)
129 {
130 if (!BN_set_word(t1,10)) goto err;
131 if (!BN_set_word(t2,3)) goto err;
132 /* BN_set_word(t3,7); just have to miss
133 * out on these ones :-( */
134 g=5;
135 }
136 else
137 {
138 /* in the general case, don't worry if 'generator' is a
139 * generator or not: since we are using safe primes,
140 * it will generate either an order-q or an order-2q group,
141 * which both is OK */
142 if (!BN_set_word(t1,2)) goto err;
143 if (!BN_set_word(t2,1)) goto err;
144 g=generator;
145 }
146
147 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
148 if (p == NULL) goto err;
149 if (callback != NULL) callback(3,0,cb_arg);
150 ret->p=p;
151 ret->g=BN_new();
152 if (ret->g == NULL) goto err;
153 if (!BN_set_word(ret->g,g)) goto err;
154 ok=1;
155err:
156 if (ok == -1)
157 {
158 DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
159 ok=0;
160 }
161
162 if (ctx != NULL)
163 {
164 BN_CTX_end(ctx);
165 BN_CTX_free(ctx);
166 }
167 if (!ok && (ret != NULL))
168 {
169 DH_free(ret);
170 ret=NULL;
171 }
172 return(ret);
173 }
174
175#endif
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
deleted file mode 100644
index 74de589204..0000000000
--- a/src/lib/libcrypto/dh/dh_key.c
+++ /dev/null
@@ -1,266 +0,0 @@
1/* crypto/dh/dh_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rand.h>
63#include <openssl/dh.h>
64
65#ifndef OPENSSL_FIPS
66
67static int generate_key(DH *dh);
68static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
69static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
70 const BIGNUM *a, const BIGNUM *p,
71 const BIGNUM *m, BN_CTX *ctx,
72 BN_MONT_CTX *m_ctx);
73static int dh_init(DH *dh);
74static int dh_finish(DH *dh);
75
76int DH_generate_key(DH *dh)
77 {
78 return dh->meth->generate_key(dh);
79 }
80
81int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
82 {
83 return dh->meth->compute_key(key, pub_key, dh);
84 }
85
86static DH_METHOD dh_ossl = {
87"OpenSSL DH Method",
88generate_key,
89compute_key,
90dh_bn_mod_exp,
91dh_init,
92dh_finish,
930,
94NULL
95};
96
97const DH_METHOD *DH_OpenSSL(void)
98{
99 return &dh_ossl;
100}
101
102static int generate_key(DH *dh)
103 {
104 int ok=0;
105 int generate_new_key=0;
106 unsigned l;
107 BN_CTX *ctx;
108 BN_MONT_CTX *mont=NULL;
109 BIGNUM *pub_key=NULL,*priv_key=NULL;
110
111 ctx = BN_CTX_new();
112 if (ctx == NULL) goto err;
113
114 if (dh->priv_key == NULL)
115 {
116 priv_key=BN_new();
117 if (priv_key == NULL) goto err;
118 generate_new_key=1;
119 }
120 else
121 priv_key=dh->priv_key;
122
123 if (dh->pub_key == NULL)
124 {
125 pub_key=BN_new();
126 if (pub_key == NULL) goto err;
127 }
128 else
129 pub_key=dh->pub_key;
130
131
132 if (dh->flags & DH_FLAG_CACHE_MONT_P)
133 {
134 mont = BN_MONT_CTX_set_locked(
135 (BN_MONT_CTX **)&dh->method_mont_p,
136 CRYPTO_LOCK_DH, dh->p, ctx);
137 if (!mont)
138 goto err;
139 }
140
141 if (generate_new_key)
142 {
143 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
144 if (!BN_rand(priv_key, l, 0, 0)) goto err;
145 }
146
147 {
148 BIGNUM local_prk;
149 BIGNUM *prk;
150
151 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
152 {
153 BN_init(&local_prk);
154 prk = &local_prk;
155 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
156 }
157 else
158 prk = priv_key;
159
160 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
161 }
162
163 dh->pub_key=pub_key;
164 dh->priv_key=priv_key;
165 ok=1;
166err:
167 if (ok != 1)
168 DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
169
170 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
171 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
172 BN_CTX_free(ctx);
173 return(ok);
174 }
175
176static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
177 {
178 BN_CTX *ctx;
179 BN_MONT_CTX *mont=NULL;
180 BIGNUM *tmp;
181 int ret= -1;
182 int check_result;
183
184 if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
185 {
186 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
187 return -1;
188 }
189
190 ctx = BN_CTX_new();
191 if (ctx == NULL) goto err;
192 BN_CTX_start(ctx);
193 tmp = BN_CTX_get(ctx);
194
195 if (dh->priv_key == NULL)
196 {
197 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
198 goto err;
199 }
200
201 if (dh->flags & DH_FLAG_CACHE_MONT_P)
202 {
203 mont = BN_MONT_CTX_set_locked(
204 (BN_MONT_CTX **)&dh->method_mont_p,
205 CRYPTO_LOCK_DH, dh->p, ctx);
206 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
207 {
208 /* XXX */
209 BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
210 }
211 if (!mont)
212 goto err;
213 }
214 if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
215 {
216 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
217 goto err;
218 }
219 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
220 {
221 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
222 goto err;
223 }
224
225 ret=BN_bn2bin(tmp,key);
226err:
227 if (ctx != NULL)
228 {
229 BN_CTX_end(ctx);
230 BN_CTX_free(ctx);
231 }
232 return(ret);
233 }
234
235static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
236 const BIGNUM *a, const BIGNUM *p,
237 const BIGNUM *m, BN_CTX *ctx,
238 BN_MONT_CTX *m_ctx)
239 {
240 /* If a is only one word long and constant time is false, use the faster
241 * exponenentiation function.
242 */
243 if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
244 {
245 BN_ULONG A = a->d[0];
246 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
247 }
248 else
249 return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
250 }
251
252
253static int dh_init(DH *dh)
254 {
255 dh->flags |= DH_FLAG_CACHE_MONT_P;
256 return(1);
257 }
258
259static int dh_finish(DH *dh)
260 {
261 if(dh->method_mont_p)
262 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
263 return(1);
264 }
265
266#endif
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
deleted file mode 100644
index 09965ee2ea..0000000000
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ /dev/null
@@ -1,247 +0,0 @@
1/* crypto/dh/dh_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#ifndef OPENSSL_NO_ENGINE
64#include <openssl/engine.h>
65#endif
66
67const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
68
69static const DH_METHOD *default_DH_method = NULL;
70
71void DH_set_default_method(const DH_METHOD *meth)
72 {
73 default_DH_method = meth;
74 }
75
76const DH_METHOD *DH_get_default_method(void)
77 {
78 if(!default_DH_method)
79 default_DH_method = DH_OpenSSL();
80 return default_DH_method;
81 }
82
83int DH_set_method(DH *dh, const DH_METHOD *meth)
84 {
85 /* NB: The caller is specifically setting a method, so it's not up to us
86 * to deal with which ENGINE it comes from. */
87 const DH_METHOD *mtmp;
88 mtmp = dh->meth;
89 if (mtmp->finish) mtmp->finish(dh);
90#ifndef OPENSSL_NO_ENGINE
91 if (dh->engine)
92 {
93 ENGINE_finish(dh->engine);
94 dh->engine = NULL;
95 }
96#endif
97 dh->meth = meth;
98 if (meth->init) meth->init(dh);
99 return 1;
100 }
101
102DH *DH_new(void)
103 {
104 return DH_new_method(NULL);
105 }
106
107DH *DH_new_method(ENGINE *engine)
108 {
109 DH *ret;
110
111 ret=(DH *)OPENSSL_malloc(sizeof(DH));
112 if (ret == NULL)
113 {
114 DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE);
115 return(NULL);
116 }
117
118 ret->meth = DH_get_default_method();
119#ifndef OPENSSL_NO_ENGINE
120 if (engine)
121 {
122 if (!ENGINE_init(engine))
123 {
124 DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
125 OPENSSL_free(ret);
126 return NULL;
127 }
128 ret->engine = engine;
129 }
130 else
131 ret->engine = ENGINE_get_default_DH();
132 if(ret->engine)
133 {
134 ret->meth = ENGINE_get_DH(ret->engine);
135 if(!ret->meth)
136 {
137 DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB);
138 ENGINE_finish(ret->engine);
139 OPENSSL_free(ret);
140 return NULL;
141 }
142 }
143#endif
144
145 ret->pad=0;
146 ret->version=0;
147 ret->p=NULL;
148 ret->g=NULL;
149 ret->length=0;
150 ret->pub_key=NULL;
151 ret->priv_key=NULL;
152 ret->q=NULL;
153 ret->j=NULL;
154 ret->seed = NULL;
155 ret->seedlen = 0;
156 ret->counter = NULL;
157 ret->method_mont_p=NULL;
158 ret->references = 1;
159 ret->flags=ret->meth->flags;
160 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
161 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
162 {
163#ifndef OPENSSL_NO_ENGINE
164 if (ret->engine)
165 ENGINE_finish(ret->engine);
166#endif
167 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
168 OPENSSL_free(ret);
169 ret=NULL;
170 }
171 return(ret);
172 }
173
174void DH_free(DH *r)
175 {
176 int i;
177 if(r == NULL) return;
178 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
179#ifdef REF_PRINT
180 REF_PRINT("DH",r);
181#endif
182 if (i > 0) return;
183#ifdef REF_CHECK
184 if (i < 0)
185 {
186 fprintf(stderr,"DH_free, bad reference count\n");
187 abort();
188 }
189#endif
190
191 if (r->meth->finish)
192 r->meth->finish(r);
193#ifndef OPENSSL_NO_ENGINE
194 if (r->engine)
195 ENGINE_finish(r->engine);
196#endif
197
198 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
199
200 if (r->p != NULL) BN_clear_free(r->p);
201 if (r->g != NULL) BN_clear_free(r->g);
202 if (r->q != NULL) BN_clear_free(r->q);
203 if (r->j != NULL) BN_clear_free(r->j);
204 if (r->seed) OPENSSL_free(r->seed);
205 if (r->counter != NULL) BN_clear_free(r->counter);
206 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
207 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
208 OPENSSL_free(r);
209 }
210
211int DH_up_ref(DH *r)
212 {
213 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
214#ifdef REF_PRINT
215 REF_PRINT("DH",r);
216#endif
217#ifdef REF_CHECK
218 if (i < 2)
219 {
220 fprintf(stderr, "DH_up, bad reference count\n");
221 abort();
222 }
223#endif
224 return ((i > 1) ? 1 : 0);
225 }
226
227int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
228 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
229 {
230 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
231 new_func, dup_func, free_func);
232 }
233
234int DH_set_ex_data(DH *d, int idx, void *arg)
235 {
236 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
237 }
238
239void *DH_get_ex_data(DH *d, int idx)
240 {
241 return(CRYPTO_get_ex_data(&d->ex_data,idx));
242 }
243
244int DH_size(const DH *dh)
245 {
246 return(BN_num_bytes(dh->p));
247 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 14:44:55 +0000