summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/Makefile180
-rw-r--r--src/lib/libcrypto/dh/dh.h260
-rw-r--r--src/lib/libcrypto/dh/dh1024.pem5
-rw-r--r--src/lib/libcrypto/dh/dh192.pem3
-rw-r--r--src/lib/libcrypto/dh/dh2048.pem16
-rw-r--r--src/lib/libcrypto/dh/dh4096.pem14
-rw-r--r--src/lib/libcrypto/dh/dh512.pem4
-rw-r--r--src/lib/libcrypto/dh/dh_ameth.c500
-rw-r--r--src/lib/libcrypto/dh/dh_asn1.c93
-rw-r--r--src/lib/libcrypto/dh/dh_check.c142
-rw-r--r--src/lib/libcrypto/dh/dh_depr.c83
-rw-r--r--src/lib/libcrypto/dh/dh_err.c117
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c175
-rw-r--r--src/lib/libcrypto/dh/dh_key.c263
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c247
-rw-r--r--src/lib/libcrypto/dh/dh_pmeth.c254
-rw-r--r--src/lib/libcrypto/dh/dh_prn.c80
-rw-r--r--src/lib/libcrypto/dh/dhtest.c226
-rw-r--r--src/lib/libcrypto/dh/example50
-rw-r--r--src/lib/libcrypto/dh/generate65
-rw-r--r--src/lib/libcrypto/dh/p1024.c92
-rw-r--r--src/lib/libcrypto/dh/p192.c80
-rw-r--r--src/lib/libcrypto/dh/p512.c85
23 files changed, 0 insertions, 3034 deletions
diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile
deleted file mode 100644
index f23b4f7fde..0000000000
--- a/src/lib/libcrypto/dh/Makefile
+++ /dev/null
@@ -1,180 +0,0 @@
1#
2# OpenSSL/crypto/dh/Makefile
3#
4
5DIR= dh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile
16TEST= dhtest.c
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
21 dh_ameth.c dh_pmeth.c dh_prn.c
22LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
23 dh_ameth.o dh_pmeth.o dh_prn.o
24
25SRC= $(LIBSRC)
26
27EXHEADER= dh.h
28HEADER= $(EXHEADER)
29
30ALL= $(GENERAL) $(SRC) $(HEADER)
31
32top:
33 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
34
35all: lib
36
37lib: $(LIBOBJ)
38 $(AR) $(LIB) $(LIBOBJ)
39 $(RANLIB) $(LIB) || echo Never mind.
40 @touch lib
41
42files:
43 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
44
45links:
46 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
47 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
48 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
49
50install:
51 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
52 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
53 do \
54 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
55 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
56 done;
57
58tags:
59 ctags $(SRC)
60
61tests:
62
63lint:
64 lint -DLINT $(INCLUDES) $(SRC)>fluff
65
66depend:
67 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
68 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
69
70dclean:
71 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
72 mv -f Makefile.new $(MAKEFILE)
73
74clean:
75 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
76
77# DO NOT DELETE THIS LINE -- make depend depends on it.
78
79dh_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
80dh_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
81dh_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
82dh_ameth.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
83dh_ameth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
84dh_ameth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
85dh_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
86dh_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
87dh_ameth.o: ../../include/openssl/opensslconf.h
88dh_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
89dh_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
90dh_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
91dh_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
92dh_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
93dh_ameth.o: dh_ameth.c
94dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
95dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
96dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
97dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
98dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
99dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
100dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
101dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
102dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
103dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
104dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
105dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
106dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
107dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
108dh_check.o: ../../include/openssl/opensslconf.h
109dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
110dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
111dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
112dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
113dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
114dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
115dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
116dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
117dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
118dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
119dh_depr.o: ../cryptlib.h dh_depr.c
120dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
121dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
122dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
123dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
124dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
125dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
126dh_err.o: dh_err.c
127dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
128dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
129dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
130dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
131dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
132dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
133dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
134dh_gen.o: ../cryptlib.h dh_gen.c
135dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
136dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
137dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
138dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
139dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
140dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
141dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
142dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
143dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
144dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
145dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
146dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
147dh_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
148dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
149dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
150dh_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
151dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
152dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
153dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
154dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
155dh_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
156dh_lib.o: ../cryptlib.h dh_lib.c
157dh_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
158dh_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
159dh_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
160dh_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
161dh_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
162dh_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
163dh_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
164dh_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
165dh_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
166dh_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
167dh_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
168dh_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
169dh_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
170dh_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
171dh_pmeth.o: dh_pmeth.c
172dh_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
173dh_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
174dh_prn.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
175dh_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
176dh_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
177dh_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
178dh_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
179dh_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
180dh_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_prn.c
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
deleted file mode 100644
index 849309a489..0000000000
--- a/src/lib/libcrypto/dh/dh.h
+++ /dev/null
@@ -1,260 +0,0 @@
1/* crypto/dh/dh.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DH_H
60#define HEADER_DH_H
61
62#include <openssl/e_os2.h>
63
64#ifdef OPENSSL_NO_DH
65#error DH is disabled.
66#endif
67
68#ifndef OPENSSL_NO_BIO
69#include <openssl/bio.h>
70#endif
71#include <openssl/ossl_typ.h>
72#ifndef OPENSSL_NO_DEPRECATED
73#include <openssl/bn.h>
74#endif
75
76#ifndef OPENSSL_DH_MAX_MODULUS_BITS
77# define OPENSSL_DH_MAX_MODULUS_BITS 10000
78#endif
79
80#define DH_FLAG_CACHE_MONT_P 0x01
81#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
82 * implementation now uses constant time
83 * modular exponentiation for secret exponents
84 * by default. This flag causes the
85 * faster variable sliding window method to
86 * be used for all exponents.
87 */
88
89#ifdef __cplusplus
90extern "C" {
91#endif
92
93/* Already defined in ossl_typ.h */
94/* typedef struct dh_st DH; */
95/* typedef struct dh_method DH_METHOD; */
96
97struct dh_method
98 {
99 const char *name;
100 /* Methods here */
101 int (*generate_key)(DH *dh);
102 int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
103 int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
104 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
105 BN_MONT_CTX *m_ctx); /* Can be null */
106
107 int (*init)(DH *dh);
108 int (*finish)(DH *dh);
109 int flags;
110 char *app_data;
111 /* If this is non-NULL, it will be used to generate parameters */
112 int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
113 };
114
115struct dh_st
116 {
117 /* This first argument is used to pick up errors when
118 * a DH is passed instead of a EVP_PKEY */
119 int pad;
120 int version;
121 BIGNUM *p;
122 BIGNUM *g;
123 long length; /* optional */
124 BIGNUM *pub_key; /* g^x */
125 BIGNUM *priv_key; /* x */
126
127 int flags;
128 BN_MONT_CTX *method_mont_p;
129 /* Place holders if we want to do X9.42 DH */
130 BIGNUM *q;
131 BIGNUM *j;
132 unsigned char *seed;
133 int seedlen;
134 BIGNUM *counter;
135
136 int references;
137 CRYPTO_EX_DATA ex_data;
138 const DH_METHOD *meth;
139 ENGINE *engine;
140 };
141
142#define DH_GENERATOR_2 2
143/* #define DH_GENERATOR_3 3 */
144#define DH_GENERATOR_5 5
145
146/* DH_check error codes */
147#define DH_CHECK_P_NOT_PRIME 0x01
148#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
149#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
150#define DH_NOT_SUITABLE_GENERATOR 0x08
151
152/* DH_check_pub_key error codes */
153#define DH_CHECK_PUBKEY_TOO_SMALL 0x01
154#define DH_CHECK_PUBKEY_TOO_LARGE 0x02
155
156/* primes p where (p-1)/2 is prime too are called "safe"; we define
157 this for backward compatibility: */
158#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
159
160#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
161 (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
162#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
163 (unsigned char *)(x))
164#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
165#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
166
167DH *DHparams_dup(DH *);
168
169const DH_METHOD *DH_OpenSSL(void);
170
171void DH_set_default_method(const DH_METHOD *meth);
172const DH_METHOD *DH_get_default_method(void);
173int DH_set_method(DH *dh, const DH_METHOD *meth);
174DH *DH_new_method(ENGINE *engine);
175
176DH * DH_new(void);
177void DH_free(DH *dh);
178int DH_up_ref(DH *dh);
179int DH_size(const DH *dh);
180int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
181 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
182int DH_set_ex_data(DH *d, int idx, void *arg);
183void *DH_get_ex_data(DH *d, int idx);
184
185/* Deprecated version */
186#ifndef OPENSSL_NO_DEPRECATED
187DH * DH_generate_parameters(int prime_len,int generator,
188 void (*callback)(int,int,void *),void *cb_arg);
189#endif /* !defined(OPENSSL_NO_DEPRECATED) */
190
191/* New version */
192int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
193
194int DH_check(const DH *dh,int *codes);
195int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
196int DH_generate_key(DH *dh);
197int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
198DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
199int i2d_DHparams(const DH *a,unsigned char **pp);
200#ifndef OPENSSL_NO_FP_API
201int DHparams_print_fp(FILE *fp, const DH *x);
202#endif
203#ifndef OPENSSL_NO_BIO
204int DHparams_print(BIO *bp, const DH *x);
205#else
206int DHparams_print(char *bp, const DH *x);
207#endif
208
209#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
210 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
211 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
212
213#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
214 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
215 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
216
217#define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
218#define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
219
220
221/* BEGIN ERROR CODES */
222/* The following lines are auto generated by the script mkerr.pl. Any changes
223 * made after this point may be overwritten when the script is next run.
224 */
225void ERR_load_DH_strings(void);
226
227/* Error codes for the DH functions. */
228
229/* Function codes. */
230#define DH_F_COMPUTE_KEY 102
231#define DH_F_DHPARAMS_PRINT_FP 101
232#define DH_F_DH_BUILTIN_GENPARAMS 106
233#define DH_F_DH_NEW_METHOD 105
234#define DH_F_DH_PARAM_DECODE 107
235#define DH_F_DH_PRIV_DECODE 110
236#define DH_F_DH_PRIV_ENCODE 111
237#define DH_F_DH_PUB_DECODE 108
238#define DH_F_DH_PUB_ENCODE 109
239#define DH_F_DO_DH_PRINT 100
240#define DH_F_GENERATE_KEY 103
241#define DH_F_GENERATE_PARAMETERS 104
242#define DH_F_PKEY_DH_DERIVE 112
243#define DH_F_PKEY_DH_KEYGEN 113
244
245/* Reason codes. */
246#define DH_R_BAD_GENERATOR 101
247#define DH_R_BN_DECODE_ERROR 109
248#define DH_R_BN_ERROR 106
249#define DH_R_DECODE_ERROR 104
250#define DH_R_INVALID_PUBKEY 102
251#define DH_R_KEYS_NOT_SET 108
252#define DH_R_MODULUS_TOO_LARGE 103
253#define DH_R_NO_PARAMETERS_SET 107
254#define DH_R_NO_PRIVATE_VALUE 100
255#define DH_R_PARAMETER_ENCODING_ERROR 105
256
257#ifdef __cplusplus
258}
259#endif
260#endif
diff --git a/src/lib/libcrypto/dh/dh1024.pem b/src/lib/libcrypto/dh/dh1024.pem
deleted file mode 100644
index 81d43f6a3e..0000000000
--- a/src/lib/libcrypto/dh/dh1024.pem
+++ /dev/null
@@ -1,5 +0,0 @@
1-----BEGIN DH PARAMETERS-----
2MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
3/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
4/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
5-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh192.pem b/src/lib/libcrypto/dh/dh192.pem
deleted file mode 100644
index 521c07271d..0000000000
--- a/src/lib/libcrypto/dh/dh192.pem
+++ /dev/null
@@ -1,3 +0,0 @@
1-----BEGIN DH PARAMETERS-----
2MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
3-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh2048.pem b/src/lib/libcrypto/dh/dh2048.pem
deleted file mode 100644
index 295460f508..0000000000
--- a/src/lib/libcrypto/dh/dh2048.pem
+++ /dev/null
@@ -1,16 +0,0 @@
1-----BEGIN DH PARAMETERS-----
2MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
3AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
4z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
5pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
6aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
7Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
8-----END DH PARAMETERS-----
9-----BEGIN DH PARAMETERS-----
10MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
118ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
12SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
13gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
14yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
15a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
16-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh4096.pem b/src/lib/libcrypto/dh/dh4096.pem
deleted file mode 100644
index 390943a21d..0000000000
--- a/src/lib/libcrypto/dh/dh4096.pem
+++ /dev/null
@@ -1,14 +0,0 @@
1-----BEGIN DH PARAMETERS-----
2MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
3vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
4TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
5bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
6rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
7EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
8bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
9W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
10ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
11NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
12jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
13-----END DH PARAMETERS-----
14
diff --git a/src/lib/libcrypto/dh/dh512.pem b/src/lib/libcrypto/dh/dh512.pem
deleted file mode 100644
index 0a4d863ebe..0000000000
--- a/src/lib/libcrypto/dh/dh512.pem
+++ /dev/null
@@ -1,4 +0,0 @@
1-----BEGIN DH PARAMETERS-----
2MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
3a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
4-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh_ameth.c b/src/lib/libcrypto/dh/dh_ameth.c
deleted file mode 100644
index 377caf96c9..0000000000
--- a/src/lib/libcrypto/dh/dh_ameth.c
+++ /dev/null
@@ -1,500 +0,0 @@
1/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2 * project 2006.
3 */
4/* ====================================================================
5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. All advertising materials mentioning features or use of this
20 * software must display the following acknowledgment:
21 * "This product includes software developed by the OpenSSL Project
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23 *
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25 * endorse or promote products derived from this software without
26 * prior written permission. For written permission, please contact
27 * licensing@OpenSSL.org.
28 *
29 * 5. Products derived from this software may not be called "OpenSSL"
30 * nor may "OpenSSL" appear in their names without prior written
31 * permission of the OpenSSL Project.
32 *
33 * 6. Redistributions of any form whatsoever must retain the following
34 * acknowledgment:
35 * "This product includes software developed by the OpenSSL Project
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37 *
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 * ====================================================================
51 *
52 * This product includes cryptographic software written by Eric Young
53 * (eay@cryptsoft.com). This product includes software written by Tim
54 * Hudson (tjh@cryptsoft.com).
55 *
56 */
57
58#include <stdio.h>
59#include "cryptlib.h"
60#include <openssl/x509.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/bn.h>
64#include "asn1_locl.h"
65
66static void int_dh_free(EVP_PKEY *pkey)
67 {
68 DH_free(pkey->pkey.dh);
69 }
70
71static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
72 {
73 const unsigned char *p, *pm;
74 int pklen, pmlen;
75 int ptype;
76 void *pval;
77 ASN1_STRING *pstr;
78 X509_ALGOR *palg;
79 ASN1_INTEGER *public_key = NULL;
80
81 DH *dh = NULL;
82
83 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
84 return 0;
85 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
86
87 if (ptype != V_ASN1_SEQUENCE)
88 {
89 DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
90 goto err;
91 }
92
93 pstr = pval;
94 pm = pstr->data;
95 pmlen = pstr->length;
96
97 if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
98 {
99 DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
100 goto err;
101 }
102
103 if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
104 {
105 DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
106 goto err;
107 }
108
109 /* We have parameters now set public key */
110 if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
111 {
112 DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
113 goto err;
114 }
115
116 ASN1_INTEGER_free(public_key);
117 EVP_PKEY_assign_DH(pkey, dh);
118 return 1;
119
120 err:
121 if (public_key)
122 ASN1_INTEGER_free(public_key);
123 if (dh)
124 DH_free(dh);
125 return 0;
126
127 }
128
129static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
130 {
131 DH *dh;
132 void *pval = NULL;
133 int ptype;
134 unsigned char *penc = NULL;
135 int penclen;
136 ASN1_STRING *str;
137 ASN1_INTEGER *pub_key = NULL;
138
139 dh=pkey->pkey.dh;
140
141 str = ASN1_STRING_new();
142 str->length = i2d_DHparams(dh, &str->data);
143 if (str->length <= 0)
144 {
145 DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
146 goto err;
147 }
148 pval = str;
149 ptype = V_ASN1_SEQUENCE;
150
151 pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
152 if (!pub_key)
153 goto err;
154
155 penclen = i2d_ASN1_INTEGER(pub_key, &penc);
156
157 ASN1_INTEGER_free(pub_key);
158
159 if (penclen <= 0)
160 {
161 DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
162 goto err;
163 }
164
165 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH),
166 ptype, pval, penc, penclen))
167 return 1;
168
169 err:
170 if (penc)
171 OPENSSL_free(penc);
172 if (pval)
173 ASN1_STRING_free(pval);
174
175 return 0;
176 }
177
178
179/* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
180 * that the AlgorithmIdentifier contains the paramaters, the private key
181 * is explcitly included and the pubkey must be recalculated.
182 */
183
184static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
185 {
186 const unsigned char *p, *pm;
187 int pklen, pmlen;
188 int ptype;
189 void *pval;
190 ASN1_STRING *pstr;
191 X509_ALGOR *palg;
192 ASN1_INTEGER *privkey = NULL;
193
194 DH *dh = NULL;
195
196 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
197 return 0;
198
199 X509_ALGOR_get0(NULL, &ptype, &pval, palg);
200
201 if (ptype != V_ASN1_SEQUENCE)
202 goto decerr;
203
204 if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
205 goto decerr;
206
207
208 pstr = pval;
209 pm = pstr->data;
210 pmlen = pstr->length;
211 if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
212 goto decerr;
213 /* We have parameters now set private key */
214 if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
215 {
216 DHerr(DH_F_DH_PRIV_DECODE,DH_R_BN_ERROR);
217 goto dherr;
218 }
219 /* Calculate public key */
220 if (!DH_generate_key(dh))
221 goto dherr;
222
223 EVP_PKEY_assign_DH(pkey, dh);
224
225 ASN1_INTEGER_free(privkey);
226
227 return 1;
228
229 decerr:
230 DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
231 dherr:
232 DH_free(dh);
233 return 0;
234 }
235
236static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
237{
238 ASN1_STRING *params = NULL;
239 ASN1_INTEGER *prkey = NULL;
240 unsigned char *dp = NULL;
241 int dplen;
242
243 params = ASN1_STRING_new();
244
245 if (!params)
246 {
247 DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
248 goto err;
249 }
250
251 params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
252 if (params->length <= 0)
253 {
254 DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
255 goto err;
256 }
257 params->type = V_ASN1_SEQUENCE;
258
259 /* Get private key into integer */
260 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
261
262 if (!prkey)
263 {
264 DHerr(DH_F_DH_PRIV_ENCODE,DH_R_BN_ERROR);
265 goto err;
266 }
267
268 dplen = i2d_ASN1_INTEGER(prkey, &dp);
269
270 ASN1_INTEGER_free(prkey);
271
272 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
273 V_ASN1_SEQUENCE, params, dp, dplen))
274 goto err;
275
276 return 1;
277
278err:
279 if (dp != NULL)
280 OPENSSL_free(dp);
281 if (params != NULL)
282 ASN1_STRING_free(params);
283 if (prkey != NULL)
284 ASN1_INTEGER_free(prkey);
285 return 0;
286}
287
288
289static void update_buflen(const BIGNUM *b, size_t *pbuflen)
290 {
291 size_t i;
292 if (!b)
293 return;
294 if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
295 *pbuflen = i;
296 }
297
298static int dh_param_decode(EVP_PKEY *pkey,
299 const unsigned char **pder, int derlen)
300 {
301 DH *dh;
302 if (!(dh = d2i_DHparams(NULL, pder, derlen)))
303 {
304 DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
305 return 0;
306 }
307 EVP_PKEY_assign_DH(pkey, dh);
308 return 1;
309 }
310
311static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
312 {
313 return i2d_DHparams(pkey->pkey.dh, pder);
314 }
315
316static int do_dh_print(BIO *bp, const DH *x, int indent,
317 ASN1_PCTX *ctx, int ptype)
318 {
319 unsigned char *m=NULL;
320 int reason=ERR_R_BUF_LIB,ret=0;
321 size_t buf_len=0;
322
323 const char *ktype = NULL;
324
325 BIGNUM *priv_key, *pub_key;
326
327 if (ptype == 2)
328 priv_key = x->priv_key;
329 else
330 priv_key = NULL;
331
332 if (ptype > 0)
333 pub_key = x->pub_key;
334 else
335 pub_key = NULL;
336
337 update_buflen(x->p, &buf_len);
338
339 if (buf_len == 0)
340 {
341 reason = ERR_R_PASSED_NULL_PARAMETER;
342 goto err;
343 }
344
345 update_buflen(x->g, &buf_len);
346 update_buflen(pub_key, &buf_len);
347 update_buflen(priv_key, &buf_len);
348
349 if (ptype == 2)
350 ktype = "PKCS#3 DH Private-Key";
351 else if (ptype == 1)
352 ktype = "PKCS#3 DH Public-Key";
353 else
354 ktype = "PKCS#3 DH Parameters";
355
356 m= OPENSSL_malloc(buf_len+10);
357 if (m == NULL)
358 {
359 reason=ERR_R_MALLOC_FAILURE;
360 goto err;
361 }
362
363 BIO_indent(bp, indent, 128);
364 if (BIO_printf(bp,"%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
365 goto err;
366 indent += 4;
367
368 if (!ASN1_bn_print(bp,"private-key:",priv_key,m,indent)) goto err;
369 if (!ASN1_bn_print(bp,"public-key:",pub_key,m,indent)) goto err;
370
371 if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err;
372 if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err;
373 if (x->length != 0)
374 {
375 BIO_indent(bp, indent, 128);
376 if (BIO_printf(bp,"recommended-private-length: %d bits\n",
377 (int)x->length) <= 0) goto err;
378 }
379
380
381 ret=1;
382 if (0)
383 {
384err:
385 DHerr(DH_F_DO_DH_PRINT,reason);
386 }
387 if (m != NULL) OPENSSL_free(m);
388 return(ret);
389 }
390
391static int int_dh_size(const EVP_PKEY *pkey)
392 {
393 return(DH_size(pkey->pkey.dh));
394 }
395
396static int dh_bits(const EVP_PKEY *pkey)
397 {
398 return BN_num_bits(pkey->pkey.dh->p);
399 }
400
401static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
402 {
403 if ( BN_cmp(a->pkey.dh->p,b->pkey.dh->p) ||
404 BN_cmp(a->pkey.dh->g,b->pkey.dh->g))
405 return 0;
406 else
407 return 1;
408 }
409
410static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
411 {
412 BIGNUM *a;
413
414 if ((a=BN_dup(from->pkey.dh->p)) == NULL)
415 return 0;
416 if (to->pkey.dh->p != NULL)
417 BN_free(to->pkey.dh->p);
418 to->pkey.dh->p=a;
419
420 if ((a=BN_dup(from->pkey.dh->g)) == NULL)
421 return 0;
422 if (to->pkey.dh->g != NULL)
423 BN_free(to->pkey.dh->g);
424 to->pkey.dh->g=a;
425
426 return 1;
427 }
428
429static int dh_missing_parameters(const EVP_PKEY *a)
430 {
431 if (!a->pkey.dh->p || !a->pkey.dh->g)
432 return 1;
433 return 0;
434 }
435
436static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
437 {
438 if (dh_cmp_parameters(a, b) == 0)
439 return 0;
440 if (BN_cmp(b->pkey.dh->pub_key,a->pkey.dh->pub_key) != 0)
441 return 0;
442 else
443 return 1;
444 }
445
446static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
447 ASN1_PCTX *ctx)
448 {
449 return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
450 }
451
452static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
453 ASN1_PCTX *ctx)
454 {
455 return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
456 }
457
458static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
459 ASN1_PCTX *ctx)
460 {
461 return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
462 }
463
464int DHparams_print(BIO *bp, const DH *x)
465 {
466 return do_dh_print(bp, x, 4, NULL, 0);
467 }
468
469const EVP_PKEY_ASN1_METHOD dh_asn1_meth =
470 {
471 EVP_PKEY_DH,
472 EVP_PKEY_DH,
473 0,
474
475 "DH",
476 "OpenSSL PKCS#3 DH method",
477
478 dh_pub_decode,
479 dh_pub_encode,
480 dh_pub_cmp,
481 dh_public_print,
482
483 dh_priv_decode,
484 dh_priv_encode,
485 dh_private_print,
486
487 int_dh_size,
488 dh_bits,
489
490 dh_param_decode,
491 dh_param_encode,
492 dh_missing_parameters,
493 dh_copy_parameters,
494 dh_cmp_parameters,
495 dh_param_print,
496
497 int_dh_free,
498 0
499 };
500
diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c
deleted file mode 100644
index 0b4357d605..0000000000
--- a/src/lib/libcrypto/dh/dh_asn1.c
+++ /dev/null
@@ -1,93 +0,0 @@
1/* dh_asn1.c */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#include <openssl/objects.h>
64#include <openssl/asn1t.h>
65
66/* Override the default free and new methods */
67static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
68 void *exarg)
69{
70 if(operation == ASN1_OP_NEW_PRE) {
71 *pval = (ASN1_VALUE *)DH_new();
72 if(*pval) return 2;
73 return 0;
74 } else if(operation == ASN1_OP_FREE_PRE) {
75 DH_free((DH *)*pval);
76 *pval = NULL;
77 return 2;
78 }
79 return 1;
80}
81
82ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
83 ASN1_SIMPLE(DH, p, BIGNUM),
84 ASN1_SIMPLE(DH, g, BIGNUM),
85 ASN1_OPT(DH, length, ZLONG),
86} ASN1_SEQUENCE_END_cb(DH, DHparams)
87
88IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
89
90DH *DHparams_dup(DH *dh)
91 {
92 return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh);
93 }
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
deleted file mode 100644
index 066898174e..0000000000
--- a/src/lib/libcrypto/dh/dh_check.c
+++ /dev/null
@@ -1,142 +0,0 @@
1/* crypto/dh/dh_check.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* Check that p is a safe prime and
65 * if g is 2, 3 or 5, check that it is a suitable generator
66 * where
67 * for 2, p mod 24 == 11
68 * for 3, p mod 12 == 5
69 * for 5, p mod 10 == 3 or 7
70 * should hold.
71 */
72
73int DH_check(const DH *dh, int *ret)
74 {
75 int ok=0;
76 BN_CTX *ctx=NULL;
77 BN_ULONG l;
78 BIGNUM *q=NULL;
79
80 *ret=0;
81 ctx=BN_CTX_new();
82 if (ctx == NULL) goto err;
83 q=BN_new();
84 if (q == NULL) goto err;
85
86 if (BN_is_word(dh->g,DH_GENERATOR_2))
87 {
88 l=BN_mod_word(dh->p,24);
89 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
90 }
91#if 0
92 else if (BN_is_word(dh->g,DH_GENERATOR_3))
93 {
94 l=BN_mod_word(dh->p,12);
95 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
96 }
97#endif
98 else if (BN_is_word(dh->g,DH_GENERATOR_5))
99 {
100 l=BN_mod_word(dh->p,10);
101 if ((l != 3) && (l != 7))
102 *ret|=DH_NOT_SUITABLE_GENERATOR;
103 }
104 else
105 *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
106
107 if (!BN_is_prime_ex(dh->p,BN_prime_checks,ctx,NULL))
108 *ret|=DH_CHECK_P_NOT_PRIME;
109 else
110 {
111 if (!BN_rshift1(q,dh->p)) goto err;
112 if (!BN_is_prime_ex(q,BN_prime_checks,ctx,NULL))
113 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
114 }
115 ok=1;
116err:
117 if (ctx != NULL) BN_CTX_free(ctx);
118 if (q != NULL) BN_free(q);
119 return(ok);
120 }
121
122int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
123 {
124 int ok=0;
125 BIGNUM *q=NULL;
126
127 *ret=0;
128 q=BN_new();
129 if (q == NULL) goto err;
130 BN_set_word(q,1);
131 if (BN_cmp(pub_key,q)<=0)
132 *ret|=DH_CHECK_PUBKEY_TOO_SMALL;
133 BN_copy(q,dh->p);
134 BN_sub_word(q,1);
135 if (BN_cmp(pub_key,q)>=0)
136 *ret|=DH_CHECK_PUBKEY_TOO_LARGE;
137
138 ok = 1;
139err:
140 if (q != NULL) BN_free(q);
141 return(ok);
142 }
diff --git a/src/lib/libcrypto/dh/dh_depr.c b/src/lib/libcrypto/dh/dh_depr.c
deleted file mode 100644
index acc05f252c..0000000000
--- a/src/lib/libcrypto/dh/dh_depr.c
+++ /dev/null
@@ -1,83 +0,0 @@
1/* crypto/dh/dh_depr.c */
2/* ====================================================================
3 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@openssl.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56
57/* This file contains deprecated functions as wrappers to the new ones */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64static void *dummy=&dummy;
65
66#ifndef OPENSSL_NO_DEPRECATED
67DH *DH_generate_parameters(int prime_len, int generator,
68 void (*callback)(int,int,void *), void *cb_arg)
69 {
70 BN_GENCB cb;
71 DH *ret=NULL;
72
73 if((ret=DH_new()) == NULL)
74 return NULL;
75
76 BN_GENCB_set_old(&cb, callback, cb_arg);
77
78 if(DH_generate_parameters_ex(ret, prime_len, generator, &cb))
79 return ret;
80 DH_free(ret);
81 return NULL;
82 }
83#endif
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
deleted file mode 100644
index d5cf0c22a3..0000000000
--- a/src/lib/libcrypto/dh/dh_err.c
+++ /dev/null
@@ -1,117 +0,0 @@
1/* crypto/dh/dh_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dh.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
70
71static ERR_STRING_DATA DH_str_functs[]=
72 {
73{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
75{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
76{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
77{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
78{ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
79{ERR_FUNC(DH_F_DH_PRIV_ENCODE), "DH_PRIV_ENCODE"},
80{ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"},
81{ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"},
82{ERR_FUNC(DH_F_DO_DH_PRINT), "DO_DH_PRINT"},
83{ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
84{ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
85{ERR_FUNC(DH_F_PKEY_DH_DERIVE), "PKEY_DH_DERIVE"},
86{ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "PKEY_DH_KEYGEN"},
87{0,NULL}
88 };
89
90static ERR_STRING_DATA DH_str_reasons[]=
91 {
92{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
93{ERR_REASON(DH_R_BN_DECODE_ERROR) ,"bn decode error"},
94{ERR_REASON(DH_R_BN_ERROR) ,"bn error"},
95{ERR_REASON(DH_R_DECODE_ERROR) ,"decode error"},
96{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
97{ERR_REASON(DH_R_KEYS_NOT_SET) ,"keys not set"},
98{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
99{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"},
100{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
101{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
102{0,NULL}
103 };
104
105#endif
106
107void ERR_load_DH_strings(void)
108 {
109#ifndef OPENSSL_NO_ERR
110
111 if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
112 {
113 ERR_load_strings(0,DH_str_functs);
114 ERR_load_strings(0,DH_str_reasons);
115 }
116#endif
117 }
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
deleted file mode 100644
index cfd5b11868..0000000000
--- a/src/lib/libcrypto/dh/dh_gen.c
+++ /dev/null
@@ -1,175 +0,0 @@
1/* crypto/dh/dh_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* NB: These functions have been upgraded - the previous prototypes are in
60 * dh_depr.c as wrappers to these ones.
61 * - Geoff
62 */
63
64#include <stdio.h>
65#include "cryptlib.h"
66#include <openssl/bn.h>
67#include <openssl/dh.h>
68
69static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
70
71int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
72 {
73 if(ret->meth->generate_params)
74 return ret->meth->generate_params(ret, prime_len, generator, cb);
75 return dh_builtin_genparams(ret, prime_len, generator, cb);
76 }
77
78/* We generate DH parameters as follows
79 * find a prime q which is prime_len/2 bits long.
80 * p=(2*q)+1 or (p-1)/2 = q
81 * For this case, g is a generator if
82 * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
83 * Since the factors of p-1 are q and 2, we just need to check
84 * g^2 mod p != 1 and g^q mod p != 1.
85 *
86 * Having said all that,
87 * there is another special case method for the generators 2, 3 and 5.
88 * for 2, p mod 24 == 11
89 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
90 * for 5, p mod 10 == 3 or 7
91 *
92 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
93 * special generators and for answering some of my questions.
94 *
95 * I've implemented the second simple method :-).
96 * Since DH should be using a safe prime (both p and q are prime),
97 * this generator function can take a very very long time to run.
98 */
99/* Actually there is no reason to insist that 'generator' be a generator.
100 * It's just as OK (and in some sense better) to use a generator of the
101 * order-q subgroup.
102 */
103static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
104 {
105 BIGNUM *t1,*t2;
106 int g,ok= -1;
107 BN_CTX *ctx=NULL;
108
109 ctx=BN_CTX_new();
110 if (ctx == NULL) goto err;
111 BN_CTX_start(ctx);
112 t1 = BN_CTX_get(ctx);
113 t2 = BN_CTX_get(ctx);
114 if (t1 == NULL || t2 == NULL) goto err;
115
116 /* Make sure 'ret' has the necessary elements */
117 if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err;
118 if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err;
119
120 if (generator <= 1)
121 {
122 DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR);
123 goto err;
124 }
125 if (generator == DH_GENERATOR_2)
126 {
127 if (!BN_set_word(t1,24)) goto err;
128 if (!BN_set_word(t2,11)) goto err;
129 g=2;
130 }
131#if 0 /* does not work for safe primes */
132 else if (generator == DH_GENERATOR_3)
133 {
134 if (!BN_set_word(t1,12)) goto err;
135 if (!BN_set_word(t2,5)) goto err;
136 g=3;
137 }
138#endif
139 else if (generator == DH_GENERATOR_5)
140 {
141 if (!BN_set_word(t1,10)) goto err;
142 if (!BN_set_word(t2,3)) goto err;
143 /* BN_set_word(t3,7); just have to miss
144 * out on these ones :-( */
145 g=5;
146 }
147 else
148 {
149 /* in the general case, don't worry if 'generator' is a
150 * generator or not: since we are using safe primes,
151 * it will generate either an order-q or an order-2q group,
152 * which both is OK */
153 if (!BN_set_word(t1,2)) goto err;
154 if (!BN_set_word(t2,1)) goto err;
155 g=generator;
156 }
157
158 if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err;
159 if(!BN_GENCB_call(cb, 3, 0)) goto err;
160 if (!BN_set_word(ret->g,g)) goto err;
161 ok=1;
162err:
163 if (ok == -1)
164 {
165 DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB);
166 ok=0;
167 }
168
169 if (ctx != NULL)
170 {
171 BN_CTX_end(ctx);
172 BN_CTX_free(ctx);
173 }
174 return ok;
175 }
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
deleted file mode 100644
index e7db440342..0000000000
--- a/src/lib/libcrypto/dh/dh_key.c
+++ /dev/null
@@ -1,263 +0,0 @@
1/* crypto/dh/dh_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rand.h>
63#include <openssl/dh.h>
64
65static int generate_key(DH *dh);
66static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
67static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
68 const BIGNUM *a, const BIGNUM *p,
69 const BIGNUM *m, BN_CTX *ctx,
70 BN_MONT_CTX *m_ctx);
71static int dh_init(DH *dh);
72static int dh_finish(DH *dh);
73
74int DH_generate_key(DH *dh)
75 {
76 return dh->meth->generate_key(dh);
77 }
78
79int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
80 {
81 return dh->meth->compute_key(key, pub_key, dh);
82 }
83
84static DH_METHOD dh_ossl = {
85"OpenSSL DH Method",
86generate_key,
87compute_key,
88dh_bn_mod_exp,
89dh_init,
90dh_finish,
910,
92NULL,
93NULL
94};
95
96const DH_METHOD *DH_OpenSSL(void)
97{
98 return &dh_ossl;
99}
100
101static int generate_key(DH *dh)
102 {
103 int ok=0;
104 int generate_new_key=0;
105 unsigned l;
106 BN_CTX *ctx;
107 BN_MONT_CTX *mont=NULL;
108 BIGNUM *pub_key=NULL,*priv_key=NULL;
109
110 ctx = BN_CTX_new();
111 if (ctx == NULL) goto err;
112
113 if (dh->priv_key == NULL)
114 {
115 priv_key=BN_new();
116 if (priv_key == NULL) goto err;
117 generate_new_key=1;
118 }
119 else
120 priv_key=dh->priv_key;
121
122 if (dh->pub_key == NULL)
123 {
124 pub_key=BN_new();
125 if (pub_key == NULL) goto err;
126 }
127 else
128 pub_key=dh->pub_key;
129
130
131 if (dh->flags & DH_FLAG_CACHE_MONT_P)
132 {
133 mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
134 CRYPTO_LOCK_DH, dh->p, ctx);
135 if (!mont)
136 goto err;
137 }
138
139 if (generate_new_key)
140 {
141 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
142 if (!BN_rand(priv_key, l, 0, 0)) goto err;
143 }
144
145 {
146 BIGNUM local_prk;
147 BIGNUM *prk;
148
149 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
150 {
151 BN_init(&local_prk);
152 prk = &local_prk;
153 BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
154 }
155 else
156 prk = priv_key;
157
158 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
159 }
160
161 dh->pub_key=pub_key;
162 dh->priv_key=priv_key;
163 ok=1;
164err:
165 if (ok != 1)
166 DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB);
167
168 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
169 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
170 BN_CTX_free(ctx);
171 return(ok);
172 }
173
174static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
175 {
176 BN_CTX *ctx=NULL;
177 BN_MONT_CTX *mont=NULL;
178 BIGNUM *tmp;
179 int ret= -1;
180 int check_result;
181
182 if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
183 {
184 DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
185 goto err;
186 }
187
188 ctx = BN_CTX_new();
189 if (ctx == NULL) goto err;
190 BN_CTX_start(ctx);
191 tmp = BN_CTX_get(ctx);
192
193 if (dh->priv_key == NULL)
194 {
195 DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
196 goto err;
197 }
198
199 if (dh->flags & DH_FLAG_CACHE_MONT_P)
200 {
201 mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
202 CRYPTO_LOCK_DH, dh->p, ctx);
203 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
204 {
205 /* XXX */
206 BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
207 }
208 if (!mont)
209 goto err;
210 }
211
212 if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
213 {
214 DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
215 goto err;
216 }
217
218 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
219 {
220 DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
221 goto err;
222 }
223
224 ret=BN_bn2bin(tmp,key);
225err:
226 if (ctx != NULL)
227 {
228 BN_CTX_end(ctx);
229 BN_CTX_free(ctx);
230 }
231 return(ret);
232 }
233
234static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
235 const BIGNUM *a, const BIGNUM *p,
236 const BIGNUM *m, BN_CTX *ctx,
237 BN_MONT_CTX *m_ctx)
238 {
239 /* If a is only one word long and constant time is false, use the faster
240 * exponenentiation function.
241 */
242 if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
243 {
244 BN_ULONG A = a->d[0];
245 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
246 }
247 else
248 return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
249 }
250
251
252static int dh_init(DH *dh)
253 {
254 dh->flags |= DH_FLAG_CACHE_MONT_P;
255 return(1);
256 }
257
258static int dh_finish(DH *dh)
259 {
260 if(dh->method_mont_p)
261 BN_MONT_CTX_free(dh->method_mont_p);
262 return(1);
263 }
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
deleted file mode 100644
index 7aef080e7a..0000000000
--- a/src/lib/libcrypto/dh/dh_lib.c
+++ /dev/null
@@ -1,247 +0,0 @@
1/* crypto/dh/dh_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#ifndef OPENSSL_NO_ENGINE
64#include <openssl/engine.h>
65#endif
66
67const char DH_version[]="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
68
69static const DH_METHOD *default_DH_method = NULL;
70
71void DH_set_default_method(const DH_METHOD *meth)
72 {
73 default_DH_method = meth;
74 }
75
76const DH_METHOD *DH_get_default_method(void)
77 {
78 if(!default_DH_method)
79 default_DH_method = DH_OpenSSL();
80 return default_DH_method;
81 }
82
83int DH_set_method(DH *dh, const DH_METHOD *meth)
84 {
85 /* NB: The caller is specifically setting a method, so it's not up to us
86 * to deal with which ENGINE it comes from. */
87 const DH_METHOD *mtmp;
88 mtmp = dh->meth;
89 if (mtmp->finish) mtmp->finish(dh);
90#ifndef OPENSSL_NO_ENGINE
91 if (dh->engine)
92 {
93 ENGINE_finish(dh->engine);
94 dh->engine = NULL;
95 }
96#endif
97 dh->meth = meth;
98 if (meth->init) meth->init(dh);
99 return 1;
100 }
101
102DH *DH_new(void)
103 {
104 return DH_new_method(NULL);
105 }
106
107DH *DH_new_method(ENGINE *engine)
108 {
109 DH *ret;
110
111 ret=(DH *)OPENSSL_malloc(sizeof(DH));
112 if (ret == NULL)
113 {
114 DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE);
115 return(NULL);
116 }
117
118 ret->meth = DH_get_default_method();
119#ifndef OPENSSL_NO_ENGINE
120 if (engine)
121 {
122 if (!ENGINE_init(engine))
123 {
124 DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
125 OPENSSL_free(ret);
126 return NULL;
127 }
128 ret->engine = engine;
129 }
130 else
131 ret->engine = ENGINE_get_default_DH();
132 if(ret->engine)
133 {
134 ret->meth = ENGINE_get_DH(ret->engine);
135 if(!ret->meth)
136 {
137 DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB);
138 ENGINE_finish(ret->engine);
139 OPENSSL_free(ret);
140 return NULL;
141 }
142 }
143#endif
144
145 ret->pad=0;
146 ret->version=0;
147 ret->p=NULL;
148 ret->g=NULL;
149 ret->length=0;
150 ret->pub_key=NULL;
151 ret->priv_key=NULL;
152 ret->q=NULL;
153 ret->j=NULL;
154 ret->seed = NULL;
155 ret->seedlen = 0;
156 ret->counter = NULL;
157 ret->method_mont_p=NULL;
158 ret->references = 1;
159 ret->flags=ret->meth->flags;
160 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
161 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
162 {
163#ifndef OPENSSL_NO_ENGINE
164 if (ret->engine)
165 ENGINE_finish(ret->engine);
166#endif
167 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
168 OPENSSL_free(ret);
169 ret=NULL;
170 }
171 return(ret);
172 }
173
174void DH_free(DH *r)
175 {
176 int i;
177 if(r == NULL) return;
178 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
179#ifdef REF_PRINT
180 REF_PRINT("DH",r);
181#endif
182 if (i > 0) return;
183#ifdef REF_CHECK
184 if (i < 0)
185 {
186 fprintf(stderr,"DH_free, bad reference count\n");
187 abort();
188 }
189#endif
190
191 if (r->meth->finish)
192 r->meth->finish(r);
193#ifndef OPENSSL_NO_ENGINE
194 if (r->engine)
195 ENGINE_finish(r->engine);
196#endif
197
198 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
199
200 if (r->p != NULL) BN_clear_free(r->p);
201 if (r->g != NULL) BN_clear_free(r->g);
202 if (r->q != NULL) BN_clear_free(r->q);
203 if (r->j != NULL) BN_clear_free(r->j);
204 if (r->seed) OPENSSL_free(r->seed);
205 if (r->counter != NULL) BN_clear_free(r->counter);
206 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
207 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
208 OPENSSL_free(r);
209 }
210
211int DH_up_ref(DH *r)
212 {
213 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
214#ifdef REF_PRINT
215 REF_PRINT("DH",r);
216#endif
217#ifdef REF_CHECK
218 if (i < 2)
219 {
220 fprintf(stderr, "DH_up, bad reference count\n");
221 abort();
222 }
223#endif
224 return ((i > 1) ? 1 : 0);
225 }
226
227int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
228 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
229 {
230 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
231 new_func, dup_func, free_func);
232 }
233
234int DH_set_ex_data(DH *d, int idx, void *arg)
235 {
236 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
237 }
238
239void *DH_get_ex_data(DH *d, int idx)
240 {
241 return(CRYPTO_get_ex_data(&d->ex_data,idx));
242 }
243
244int DH_size(const DH *dh)
245 {
246 return(BN_num_bytes(dh->p));
247 }
diff --git a/src/lib/libcrypto/dh/dh_pmeth.c b/src/lib/libcrypto/dh/dh_pmeth.c
deleted file mode 100644
index 5ae72b7d4c..0000000000
--- a/src/lib/libcrypto/dh/dh_pmeth.c
+++ /dev/null
@@ -1,254 +0,0 @@
1/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2 * project 2006.
3 */
4/* ====================================================================
5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. All advertising materials mentioning features or use of this
20 * software must display the following acknowledgment:
21 * "This product includes software developed by the OpenSSL Project
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23 *
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25 * endorse or promote products derived from this software without
26 * prior written permission. For written permission, please contact
27 * licensing@OpenSSL.org.
28 *
29 * 5. Products derived from this software may not be called "OpenSSL"
30 * nor may "OpenSSL" appear in their names without prior written
31 * permission of the OpenSSL Project.
32 *
33 * 6. Redistributions of any form whatsoever must retain the following
34 * acknowledgment:
35 * "This product includes software developed by the OpenSSL Project
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37 *
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 * ====================================================================
51 *
52 * This product includes cryptographic software written by Eric Young
53 * (eay@cryptsoft.com). This product includes software written by Tim
54 * Hudson (tjh@cryptsoft.com).
55 *
56 */
57
58#include <stdio.h>
59#include "cryptlib.h"
60#include <openssl/asn1t.h>
61#include <openssl/x509.h>
62#include <openssl/evp.h>
63#include <openssl/dh.h>
64#include <openssl/bn.h>
65#include "evp_locl.h"
66
67/* DH pkey context structure */
68
69typedef struct
70 {
71 /* Parameter gen parameters */
72 int prime_len;
73 int generator;
74 int use_dsa;
75 /* Keygen callback info */
76 int gentmp[2];
77 /* message digest */
78 } DH_PKEY_CTX;
79
80static int pkey_dh_init(EVP_PKEY_CTX *ctx)
81 {
82 DH_PKEY_CTX *dctx;
83 dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
84 if (!dctx)
85 return 0;
86 dctx->prime_len = 1024;
87 dctx->generator = 2;
88 dctx->use_dsa = 0;
89
90 ctx->data = dctx;
91 ctx->keygen_info = dctx->gentmp;
92 ctx->keygen_info_count = 2;
93
94 return 1;
95 }
96
97static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
98 {
99 DH_PKEY_CTX *dctx, *sctx;
100 if (!pkey_dh_init(dst))
101 return 0;
102 sctx = src->data;
103 dctx = dst->data;
104 dctx->prime_len = sctx->prime_len;
105 dctx->generator = sctx->generator;
106 dctx->use_dsa = sctx->use_dsa;
107 return 1;
108 }
109
110static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
111 {
112 DH_PKEY_CTX *dctx = ctx->data;
113 if (dctx)
114 OPENSSL_free(dctx);
115 }
116
117static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
118 {
119 DH_PKEY_CTX *dctx = ctx->data;
120 switch (type)
121 {
122 case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
123 if (p1 < 256)
124 return -2;
125 dctx->prime_len = p1;
126 return 1;
127
128 case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
129 dctx->generator = p1;
130 return 1;
131
132 case EVP_PKEY_CTRL_PEER_KEY:
133 /* Default behaviour is OK */
134 return 1;
135
136 default:
137 return -2;
138
139 }
140 }
141
142
143static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
144 const char *type, const char *value)
145 {
146 if (!strcmp(type, "dh_paramgen_prime_len"))
147 {
148 int len;
149 len = atoi(value);
150 return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
151 }
152 if (!strcmp(type, "dh_paramgen_generator"))
153 {
154 int len;
155 len = atoi(value);
156 return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
157 }
158 return -2;
159 }
160
161static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
162 {
163 DH *dh = NULL;
164 DH_PKEY_CTX *dctx = ctx->data;
165 BN_GENCB *pcb, cb;
166 int ret;
167 if (ctx->pkey_gencb)
168 {
169 pcb = &cb;
170 evp_pkey_set_cb_translate(pcb, ctx);
171 }
172 else
173 pcb = NULL;
174 dh = DH_new();
175 if (!dh)
176 return 0;
177 ret = DH_generate_parameters_ex(dh,
178 dctx->prime_len, dctx->generator, pcb);
179 if (ret)
180 EVP_PKEY_assign_DH(pkey, dh);
181 else
182 DH_free(dh);
183 return ret;
184 }
185
186static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
187 {
188 DH *dh = NULL;
189 if (ctx->pkey == NULL)
190 {
191 DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET);
192 return 0;
193 }
194 dh = DH_new();
195 if (!dh)
196 return 0;
197 EVP_PKEY_assign_DH(pkey, dh);
198 /* Note: if error return, pkey is freed by parent routine */
199 if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
200 return 0;
201 return DH_generate_key(pkey->pkey.dh);
202 }
203
204static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
205 {
206 int ret;
207 if (!ctx->pkey || !ctx->peerkey)
208 {
209 DHerr(DH_F_PKEY_DH_DERIVE, DH_R_KEYS_NOT_SET);
210 return 0;
211 }
212 ret = DH_compute_key(key, ctx->peerkey->pkey.dh->pub_key,
213 ctx->pkey->pkey.dh);
214 if (ret < 0)
215 return ret;
216 *keylen = ret;
217 return 1;
218 }
219
220const EVP_PKEY_METHOD dh_pkey_meth =
221 {
222 EVP_PKEY_DH,
223 EVP_PKEY_FLAG_AUTOARGLEN,
224 pkey_dh_init,
225 pkey_dh_copy,
226 pkey_dh_cleanup,
227
228 0,
229 pkey_dh_paramgen,
230
231 0,
232 pkey_dh_keygen,
233
234 0,
235 0,
236
237 0,
238 0,
239
240 0,0,
241
242 0,0,0,0,
243
244 0,0,
245
246 0,0,
247
248 0,
249 pkey_dh_derive,
250
251 pkey_dh_ctrl,
252 pkey_dh_ctrl_str
253
254 };
diff --git a/src/lib/libcrypto/dh/dh_prn.c b/src/lib/libcrypto/dh/dh_prn.c
deleted file mode 100644
index ae58c2ac87..0000000000
--- a/src/lib/libcrypto/dh/dh_prn.c
+++ /dev/null
@@ -1,80 +0,0 @@
1/* crypto/asn1/t_pkey.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/evp.h>
62#include <openssl/dh.h>
63
64#ifndef OPENSSL_NO_FP_API
65int DHparams_print_fp(FILE *fp, const DH *x)
66 {
67 BIO *b;
68 int ret;
69
70 if ((b=BIO_new(BIO_s_file())) == NULL)
71 {
72 DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
73 return(0);
74 }
75 BIO_set_fp(b,fp,BIO_NOCLOSE);
76 ret=DHparams_print(b, x);
77 BIO_free(b);
78 return(ret);
79 }
80#endif
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
deleted file mode 100644
index 882f5c310a..0000000000
--- a/src/lib/libcrypto/dh/dhtest.c
+++ /dev/null
@@ -1,226 +0,0 @@
1/* crypto/dh/dhtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59/* Until the key-gen callbacks are modified to use newer prototypes, we allow
60 * deprecated functions for openssl-internal code */
61#ifdef OPENSSL_NO_DEPRECATED
62#undef OPENSSL_NO_DEPRECATED
63#endif
64
65#include <stdio.h>
66#include <stdlib.h>
67#include <string.h>
68
69#include "../e_os.h"
70
71#include <openssl/crypto.h>
72#include <openssl/bio.h>
73#include <openssl/bn.h>
74#include <openssl/rand.h>
75#include <openssl/err.h>
76
77#ifdef OPENSSL_NO_DH
78int main(int argc, char *argv[])
79{
80 printf("No DH support\n");
81 return(0);
82}
83#else
84#include <openssl/dh.h>
85
86#ifdef OPENSSL_SYS_WIN16
87#define MS_CALLBACK _far _loadds
88#else
89#define MS_CALLBACK
90#endif
91
92static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg);
93
94static const char rnd_seed[] = "string to make the random number generator think it has entropy";
95
96int main(int argc, char *argv[])
97 {
98 BN_GENCB _cb;
99 DH *a;
100 DH *b=NULL;
101 char buf[12];
102 unsigned char *abuf=NULL,*bbuf=NULL;
103 int i,alen,blen,aout,bout,ret=1;
104 BIO *out;
105
106 CRYPTO_malloc_debug_init();
107 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
108 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
109
110#ifdef OPENSSL_SYS_WIN32
111 CRYPTO_malloc_init();
112#endif
113
114 RAND_seed(rnd_seed, sizeof rnd_seed);
115
116 out=BIO_new(BIO_s_file());
117 if (out == NULL) EXIT(1);
118 BIO_set_fp(out,stdout,BIO_NOCLOSE);
119
120 BN_GENCB_set(&_cb, &cb, out);
121 if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
122 DH_GENERATOR_5, &_cb))
123 goto err;
124
125 if (!DH_check(a, &i)) goto err;
126 if (i & DH_CHECK_P_NOT_PRIME)
127 BIO_puts(out, "p value is not prime\n");
128 if (i & DH_CHECK_P_NOT_SAFE_PRIME)
129 BIO_puts(out, "p value is not a safe prime\n");
130 if (i & DH_UNABLE_TO_CHECK_GENERATOR)
131 BIO_puts(out, "unable to check the generator value\n");
132 if (i & DH_NOT_SUITABLE_GENERATOR)
133 BIO_puts(out, "the g value is not a generator\n");
134
135 BIO_puts(out,"\np =");
136 BN_print(out,a->p);
137 BIO_puts(out,"\ng =");
138 BN_print(out,a->g);
139 BIO_puts(out,"\n");
140
141 b=DH_new();
142 if (b == NULL) goto err;
143
144 b->p=BN_dup(a->p);
145 b->g=BN_dup(a->g);
146 if ((b->p == NULL) || (b->g == NULL)) goto err;
147
148 /* Set a to run with normal modexp and b to use constant time */
149 a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
150 b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
151
152 if (!DH_generate_key(a)) goto err;
153 BIO_puts(out,"pri 1=");
154 BN_print(out,a->priv_key);
155 BIO_puts(out,"\npub 1=");
156 BN_print(out,a->pub_key);
157 BIO_puts(out,"\n");
158
159 if (!DH_generate_key(b)) goto err;
160 BIO_puts(out,"pri 2=");
161 BN_print(out,b->priv_key);
162 BIO_puts(out,"\npub 2=");
163 BN_print(out,b->pub_key);
164 BIO_puts(out,"\n");
165
166 alen=DH_size(a);
167 abuf=(unsigned char *)OPENSSL_malloc(alen);
168 aout=DH_compute_key(abuf,b->pub_key,a);
169
170 BIO_puts(out,"key1 =");
171 for (i=0; i<aout; i++)
172 {
173 sprintf(buf,"%02X",abuf[i]);
174 BIO_puts(out,buf);
175 }
176 BIO_puts(out,"\n");
177
178 blen=DH_size(b);
179 bbuf=(unsigned char *)OPENSSL_malloc(blen);
180 bout=DH_compute_key(bbuf,a->pub_key,b);
181
182 BIO_puts(out,"key2 =");
183 for (i=0; i<bout; i++)
184 {
185 sprintf(buf,"%02X",bbuf[i]);
186 BIO_puts(out,buf);
187 }
188 BIO_puts(out,"\n");
189 if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
190 {
191 fprintf(stderr,"Error in DH routines\n");
192 ret=1;
193 }
194 else
195 ret=0;
196err:
197 ERR_print_errors_fp(stderr);
198
199 if (abuf != NULL) OPENSSL_free(abuf);
200 if (bbuf != NULL) OPENSSL_free(bbuf);
201 if(b != NULL) DH_free(b);
202 if(a != NULL) DH_free(a);
203 BIO_free(out);
204#ifdef OPENSSL_SYS_NETWARE
205 if (ret) printf("ERROR: %d\n", ret);
206#endif
207 EXIT(ret);
208 return(ret);
209 }
210
211static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg)
212 {
213 char c='*';
214
215 if (p == 0) c='.';
216 if (p == 1) c='+';
217 if (p == 2) c='*';
218 if (p == 3) c='\n';
219 BIO_write(arg->arg,&c,1);
220 (void)BIO_flush(arg->arg);
221#ifdef LINT
222 p=n;
223#endif
224 return 1;
225 }
226#endif
diff --git a/src/lib/libcrypto/dh/example b/src/lib/libcrypto/dh/example
deleted file mode 100644
index 16a33d2910..0000000000
--- a/src/lib/libcrypto/dh/example
+++ /dev/null
@@ -1,50 +0,0 @@
1From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
2Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
3 (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
4Received: by minbne.mincom.oz.au id AA19958
5 (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
6Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
7 Wed, 27 Sep 1995 19:13:05 +1000
8Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
9 Wed, 27 Sep 1995 04:48:46 -0400
10Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
11Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
12Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
13 by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
14 for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
15Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
16 id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
17Date: Mon, 25 Sep 1995 17:50:51 -0700
18From: Phil Karn <karn@qualcomm.com>
19Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
20To: cypherpunks@toad.com, ipsec-dev@eit.com
21Subject: Primality verification needed
22Sender: owner-cypherpunks@toad.com
23Precedence: bulk
24Status: RO
25X-Status:
26
27Hi. I've generated a 2047-bit "strong" prime number that I would like to
28use with Diffie-Hellman key exchange. I assert that not only is this number
29'p' prime, but so is (p-1)/2.
30
31I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
321.3.2 to test this number. This function uses the Miller-Rabin primality test.
33However, to increase my confidence that this number really is a strong prime,
34I'd like to ask others to confirm it with other tests. Here's the number in hex:
35
3672a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
37fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
38a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
39fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
403d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
41ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
4256a05180c3bec7ddd5ef6fe76b1f717b
43
44The generator, g, for this prime is 2.
45
46Thanks!
47
48Phil Karn
49
50
diff --git a/src/lib/libcrypto/dh/generate b/src/lib/libcrypto/dh/generate
deleted file mode 100644
index 5d407231df..0000000000
--- a/src/lib/libcrypto/dh/generate
+++ /dev/null
@@ -1,65 +0,0 @@
1From: stewarts@ix.netcom.com (Bill Stewart)
2Newsgroups: sci.crypt
3Subject: Re: Diffie-Hellman key exchange
4Date: Wed, 11 Oct 1995 23:08:28 GMT
5Organization: Freelance Information Architect
6Lines: 32
7Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
8References: <458rhn$76m$1@mhadf.production.compuserve.com>
9NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
10X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
11X-Newsreader: Forte Free Agent 1.0.82
12
13Kent Briggs <72124.3234@CompuServe.COM> wrote:
14
15>I have a copy of the 1976 IEEE article describing the
16>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
17>looking for sources that give examples of secure a,q pairs and
18>possible some source code that I could examine.
19
20q should be prime, and ideally should be a "strong prime",
21which means it's of the form 2n+1 where n is also prime.
22q also needs to be long enough to prevent the attacks LaMacchia and
23Odlyzko described (some variant on a factoring attack which generates
24a large pile of simultaneous equations and then solves them);
25long enough is about the same size as factoring, so 512 bits may not
26be secure enough for most applications. (The 192 bits used by
27"secure NFS" was certainly not long enough.)
28
29a should be a generator for q, which means it needs to be
30relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
31work.
32
33....
34
35Date: Tue, 26 Sep 1995 13:52:36 MST
36From: "Richard Schroeppel" <rcs@cs.arizona.edu>
37To: karn
38Cc: ho@cs.arizona.edu
39Subject: random large primes
40
41Since your prime is really random, proving it is hard.
42My personal limit on rigorously proved primes is ~350 digits.
43If you really want a proof, we should talk to Francois Morain,
44or the Australian group.
45
46If you want 2 to be a generator (mod P), then you need it
47to be a non-square. If (P-1)/2 is also prime, then
48non-square == primitive-root for bases << P.
49
50In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
51If you want this, you should restrict your sieve accordingly.
52
533 is a generator iff P = 5 (mod 12).
54
555 is a generator iff P = 3 or 7 (mod 10).
56
572 is perfectly usable as a base even if it's a non-generator, since
58it still covers half the space of possible residues. And an
59eavesdropper can always determine the low-bit of your exponent for
60a generator anyway.
61
62Rich rcs@cs.arizona.edu
63
64
65
diff --git a/src/lib/libcrypto/dh/p1024.c b/src/lib/libcrypto/dh/p1024.c
deleted file mode 100644
index 368ceca4eb..0000000000
--- a/src/lib/libcrypto/dh/p1024.c
+++ /dev/null
@@ -1,92 +0,0 @@
1/* crypto/dh/p1024.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
66 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
67 0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
68 0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
69 0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
70 0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
71 0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
72 0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
73 0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
74 0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
75 0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
76 0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
77 0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
78 0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
79 0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
80 0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
81 };
82
83main()
84 {
85 DH *dh;
86
87 dh=DH_new();
88 dh->p=BN_bin2bn(data,sizeof(data),NULL);
89 dh->g=BN_new();
90 BN_set_word(dh->g,2);
91 PEM_write_DHparams(stdout,dh);
92 }
diff --git a/src/lib/libcrypto/dh/p192.c b/src/lib/libcrypto/dh/p192.c
deleted file mode 100644
index 7bdf40410e..0000000000
--- a/src/lib/libcrypto/dh/p192.c
+++ /dev/null
@@ -1,80 +0,0 @@
1/* crypto/dh/p192.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={
660xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
670xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
680xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
69 };
70
71main()
72 {
73 DH *dh;
74
75 dh=DH_new();
76 dh->p=BN_bin2bn(data,sizeof(data),NULL);
77 dh->g=BN_new();
78 BN_set_word(dh->g,3);
79 PEM_write_DHparams(stdout,dh);
80 }
diff --git a/src/lib/libcrypto/dh/p512.c b/src/lib/libcrypto/dh/p512.c
deleted file mode 100644
index a9b6aa83f0..0000000000
--- a/src/lib/libcrypto/dh/p512.c
+++ /dev/null
@@ -1,85 +0,0 @@
1/* crypto/dh/p512.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={
660xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
670xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
680xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
690xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
700x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
710xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
720xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
730xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
74 };
75
76main()
77 {
78 DH *dh;
79
80 dh=DH_new();
81 dh->p=BN_bin2bn(data,sizeof(data),NULL);
82 dh->g=BN_new();
83 BN_set_word(dh->g,2);
84 PEM_write_DHparams(stdout,dh);
85 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-16 11:19:35 +0000