summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/Makefile131
-rw-r--r--src/lib/libcrypto/dh/Makefile.ssl133
-rw-r--r--src/lib/libcrypto/dh/dh.h17
-rw-r--r--src/lib/libcrypto/dh/dh1024.pem5
-rw-r--r--src/lib/libcrypto/dh/dh192.pem3
-rw-r--r--src/lib/libcrypto/dh/dh2048.pem16
-rw-r--r--src/lib/libcrypto/dh/dh4096.pem14
-rw-r--r--src/lib/libcrypto/dh/dh512.pem4
-rw-r--r--src/lib/libcrypto/dh/dh_check.c22
-rw-r--r--src/lib/libcrypto/dh/dh_err.c27
-rw-r--r--src/lib/libcrypto/dh/dh_key.c70
-rw-r--r--src/lib/libcrypto/dh/dhtest.c212
-rw-r--r--src/lib/libcrypto/dh/example50
-rw-r--r--src/lib/libcrypto/dh/generate65
-rw-r--r--src/lib/libcrypto/dh/p1024.c92
-rw-r--r--src/lib/libcrypto/dh/p192.c80
-rw-r--r--src/lib/libcrypto/dh/p512.c85
17 files changed, 956 insertions, 70 deletions
diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile
new file mode 100644
index 0000000000..352678b94a
--- /dev/null
+++ b/src/lib/libcrypto/dh/Makefile
@@ -0,0 +1,131 @@
1#
2# OpenSSL/crypto/dh/Makefile
3#
4
5DIR= dh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST= dhtest.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
26LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
27
28SRC= $(LIBSRC)
29
30EXHEADER= dh.h
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 $(AR) $(LIB) $(LIBOBJ)
42 $(RANLIB) $(LIB) || echo Never mind.
43 @touch lib
44
45files:
46 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
47
48links:
49 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
50 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
51 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
52
53install:
54 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
55 do \
56 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
57 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
58 done;
59
60tags:
61 ctags $(SRC)
62
63tests:
64
65lint:
66 lint -DLINT $(INCLUDES) $(SRC)>fluff
67
68depend:
69 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
70
71dclean:
72 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
73 mv -f Makefile.new $(MAKEFILE)
74
75clean:
76 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
77
78# DO NOT DELETE THIS LINE -- make depend depends on it.
79
80dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
81dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
82dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
83dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
84dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
86dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
87dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
88dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
89dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
90dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
91dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
92dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
93dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
94dh_check.o: ../../include/openssl/opensslconf.h
95dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
96dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
97dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
98dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
99dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
100dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
101dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
102dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
103dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
104dh_err.o: ../../include/openssl/symhacks.h dh_err.c
105dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
106dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
108dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
109dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
110dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
111dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
112dh_gen.o: ../cryptlib.h dh_gen.c
113dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
114dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
115dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
116dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
117dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
118dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
119dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
120dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
121dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
122dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
123dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
124dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
125dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
126dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
127dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
128dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
129dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
130dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
131dh_lib.o: ../cryptlib.h dh_lib.c
diff --git a/src/lib/libcrypto/dh/Makefile.ssl b/src/lib/libcrypto/dh/Makefile.ssl
new file mode 100644
index 0000000000..e05fc01a12
--- /dev/null
+++ b/src/lib/libcrypto/dh/Makefile.ssl
@@ -0,0 +1,133 @@
1#
2# SSLeay/crypto/dh/Makefile
3#
4
5DIR= dh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile
22TEST= dhtest.c
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
27LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
28
29SRC= $(LIBSRC)
30
31EXHEADER= dh.h
32HEADER= $(EXHEADER)
33
34ALL= $(GENERAL) $(SRC) $(HEADER)
35
36top:
37 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
38
39all: lib
40
41lib: $(LIBOBJ)
42 $(AR) $(LIB) $(LIBOBJ)
43 $(RANLIB) $(LIB) || echo Never mind.
44 @touch lib
45
46files:
47 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
48
49links:
50 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
51 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
52 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
53 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
54
55install:
56 @for i in $(EXHEADER) ; \
57 do \
58 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
59 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
60 done;
61
62tags:
63 ctags $(SRC)
64
65tests:
66
67lint:
68 lint -DLINT $(INCLUDES) $(SRC)>fluff
69
70depend:
71 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
72
73dclean:
74 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
75 mv -f Makefile.new $(MAKEFILE)
76
77clean:
78 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
79
80# DO NOT DELETE THIS LINE -- make depend depends on it.
81
82dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
83dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
84dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
85dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
86dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
87dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
88dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
89dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
90dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
91dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
92dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
93dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
94dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
95dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
96dh_check.o: ../../include/openssl/opensslconf.h
97dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
98dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
99dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
100dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
101dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
102dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
103dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
104dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
105dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
106dh_err.o: ../../include/openssl/symhacks.h dh_err.c
107dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
108dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
109dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
110dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
111dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
112dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
113dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
114dh_gen.o: ../cryptlib.h dh_gen.c
115dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
116dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
117dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
118dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
119dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
120dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
121dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
122dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
123dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
124dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
125dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
126dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
127dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
128dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
129dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
130dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
131dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
132dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
133dh_lib.o: ../cryptlib.h dh_lib.c
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 92c7481e10..0aff7fe21f 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -70,14 +70,7 @@
70#include <openssl/crypto.h> 70#include <openssl/crypto.h>
71#include <openssl/ossl_typ.h> 71#include <openssl/ossl_typ.h>
72 72
73#define DH_FLAG_CACHE_MONT_P 0x01 73#define DH_FLAG_CACHE_MONT_P 0x01
74#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
75 * implementation now uses constant time
76 * modular exponentiation for secret exponents
77 * by default. This flag causes the
78 * faster variable sliding window method to
79 * be used for all exponents.
80 */
81 74
82#ifdef __cplusplus 75#ifdef __cplusplus
83extern "C" { 76extern "C" {
@@ -108,7 +101,7 @@ struct dh_st
108 int version; 101 int version;
109 BIGNUM *p; 102 BIGNUM *p;
110 BIGNUM *g; 103 BIGNUM *g;
111 long length; /* optional */ 104 int length; /* optional */
112 BIGNUM *pub_key; /* g^x */ 105 BIGNUM *pub_key; /* g^x */
113 BIGNUM *priv_key; /* x */ 106 BIGNUM *priv_key; /* x */
114 107
@@ -137,6 +130,10 @@ struct dh_st
137#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 130#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
138#define DH_NOT_SUITABLE_GENERATOR 0x08 131#define DH_NOT_SUITABLE_GENERATOR 0x08
139 132
133/* DH_check_pub_key error codes */
134#define DH_CHECK_PUBKEY_TOO_SMALL 0x01
135#define DH_CHECK_PUBKEY_TOO_LARGE 0x02
136
140/* primes p where (p-1)/2 is prime too are called "safe"; we define 137/* primes p where (p-1)/2 is prime too are called "safe"; we define
141 this for backward compatibility: */ 138 this for backward compatibility: */
142#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME 139#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
@@ -175,6 +172,7 @@ void *DH_get_ex_data(DH *d, int idx);
175DH * DH_generate_parameters(int prime_len,int generator, 172DH * DH_generate_parameters(int prime_len,int generator,
176 void (*callback)(int,int,void *),void *cb_arg); 173 void (*callback)(int,int,void *),void *cb_arg);
177int DH_check(const DH *dh,int *codes); 174int DH_check(const DH *dh,int *codes);
175int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
178int DH_generate_key(DH *dh); 176int DH_generate_key(DH *dh);
179int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh); 177int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
180DH * d2i_DHparams(DH **a,const unsigned char **pp, long length); 178DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
@@ -207,6 +205,7 @@ void ERR_load_DH_strings(void);
207/* Reason codes. */ 205/* Reason codes. */
208#define DH_R_BAD_GENERATOR 101 206#define DH_R_BAD_GENERATOR 101
209#define DH_R_NO_PRIVATE_VALUE 100 207#define DH_R_NO_PRIVATE_VALUE 100
208#define DH_R_INVALID_PUBKEY 102
210 209
211#ifdef __cplusplus 210#ifdef __cplusplus
212} 211}
diff --git a/src/lib/libcrypto/dh/dh1024.pem b/src/lib/libcrypto/dh/dh1024.pem
new file mode 100644
index 0000000000..81d43f6a3e
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
1-----BEGIN DH PARAMETERS-----
2MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
3/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
4/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
5-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh192.pem b/src/lib/libcrypto/dh/dh192.pem
new file mode 100644
index 0000000000..521c07271d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh192.pem
@@ -0,0 +1,3 @@
1-----BEGIN DH PARAMETERS-----
2MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
3-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh2048.pem b/src/lib/libcrypto/dh/dh2048.pem
new file mode 100644
index 0000000000..295460f508
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
1-----BEGIN DH PARAMETERS-----
2MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
3AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
4z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
5pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
6aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
7Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
8-----END DH PARAMETERS-----
9-----BEGIN DH PARAMETERS-----
10MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
118ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
12SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
13gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
14yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
15a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
16-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh4096.pem b/src/lib/libcrypto/dh/dh4096.pem
new file mode 100644
index 0000000000..390943a21d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
1-----BEGIN DH PARAMETERS-----
2MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
3vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
4TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
5bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
6rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
7EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
8bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
9W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
10ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
11NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
12jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
13-----END DH PARAMETERS-----
14
diff --git a/src/lib/libcrypto/dh/dh512.pem b/src/lib/libcrypto/dh/dh512.pem
new file mode 100644
index 0000000000..0a4d863ebe
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh512.pem
@@ -0,0 +1,4 @@
1-----BEGIN DH PARAMETERS-----
2MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
3a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
4-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
index a7e9920efb..17debff62d 100644
--- a/src/lib/libcrypto/dh/dh_check.c
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -121,4 +121,26 @@ err:
121 return(ok); 121 return(ok);
122 } 122 }
123 123
124int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
125 {
126 int ok=0;
127 BIGNUM *q=NULL;
128
129 *ret=0;
130 q=BN_new();
131 if (q == NULL) goto err;
132 BN_set_word(q,1);
133 if (BN_cmp(pub_key,q) <= 0)
134 *ret|=DH_CHECK_PUBKEY_TOO_SMALL;
135 BN_copy(q,dh->p);
136 BN_sub_word(q,1);
137 if (BN_cmp(pub_key,q) >= 0)
138 *ret|=DH_CHECK_PUBKEY_TOO_LARGE;
139
140 ok = 1;
141err:
142 if (q != NULL) BN_free(q);
143 return(ok);
144 }
145
124#endif 146#endif
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
index 83ccb41221..914b8a9c53 100644
--- a/src/lib/libcrypto/dh/dh_err.c
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,6 +1,6 @@
1/* crypto/dh/dh_err.c */ 1/* crypto/dh/dh_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -64,25 +64,22 @@
64 64
65/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR 66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
70
71static ERR_STRING_DATA DH_str_functs[]= 67static ERR_STRING_DATA DH_str_functs[]=
72 { 68 {
73{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, 69{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, 70{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
75{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, 71{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
76{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, 72{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
77{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"}, 73{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
78{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, 74{ERR_PACK(0,DH_F_DH_NEW_METHOD,0), "DH_new_method"},
79{0,NULL} 75{0,NULL}
80 }; 76 };
81 77
82static ERR_STRING_DATA DH_str_reasons[]= 78static ERR_STRING_DATA DH_str_reasons[]=
83 { 79 {
84{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, 80{DH_R_BAD_GENERATOR ,"bad generator"},
85{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, 81{DH_R_NO_PRIVATE_VALUE ,"no private value"},
82{DH_R_INVALID_PUBKEY ,"invalid public key"},
86{0,NULL} 83{0,NULL}
87 }; 84 };
88 85
@@ -96,8 +93,8 @@ void ERR_load_DH_strings(void)
96 { 93 {
97 init=0; 94 init=0;
98#ifndef OPENSSL_NO_ERR 95#ifndef OPENSSL_NO_ERR
99 ERR_load_strings(0,DH_str_functs); 96 ERR_load_strings(ERR_LIB_DH,DH_str_functs);
100 ERR_load_strings(0,DH_str_reasons); 97 ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
101#endif 98#endif
102 99
103 } 100 }
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index 3a39f7c8ca..648766a6ec 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -105,7 +105,7 @@ static int generate_key(DH *dh)
105 int generate_new_key=0; 105 int generate_new_key=0;
106 unsigned l; 106 unsigned l;
107 BN_CTX *ctx; 107 BN_CTX *ctx;
108 BN_MONT_CTX *mont=NULL; 108 BN_MONT_CTX *mont;
109 BIGNUM *pub_key=NULL,*priv_key=NULL; 109 BIGNUM *pub_key=NULL,*priv_key=NULL;
110 110
111 ctx = BN_CTX_new(); 111 ctx = BN_CTX_new();
@@ -128,37 +128,21 @@ static int generate_key(DH *dh)
128 else 128 else
129 pub_key=dh->pub_key; 129 pub_key=dh->pub_key;
130 130
131 131 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
132 if (dh->flags & DH_FLAG_CACHE_MONT_P)
133 { 132 {
134 mont = BN_MONT_CTX_set_locked( 133 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
135 (BN_MONT_CTX **)&dh->method_mont_p, 134 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
136 CRYPTO_LOCK_DH, dh->p, ctx); 135 dh->p,ctx)) goto err;
137 if (!mont)
138 goto err;
139 } 136 }
137 mont=(BN_MONT_CTX *)dh->method_mont_p;
140 138
141 if (generate_new_key) 139 if (generate_new_key)
142 { 140 {
143 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ 141 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
144 if (!BN_rand(priv_key, l, 0, 0)) goto err; 142 if (!BN_rand(priv_key, l, 0, 0)) goto err;
145 } 143 }
146 144 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
147 { 145 goto err;
148 BIGNUM local_prk;
149 BIGNUM *prk;
150
151 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
152 {
153 BN_init(&local_prk);
154 prk = &local_prk;
155 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
156 }
157 else
158 prk = priv_key;
159
160 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
161 }
162 146
163 dh->pub_key=pub_key; 147 dh->pub_key=pub_key;
164 dh->priv_key=priv_key; 148 dh->priv_key=priv_key;
@@ -176,9 +160,10 @@ err:
176static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) 160static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
177 { 161 {
178 BN_CTX *ctx; 162 BN_CTX *ctx;
179 BN_MONT_CTX *mont=NULL; 163 BN_MONT_CTX *mont;
180 BIGNUM *tmp; 164 BIGNUM *tmp;
181 int ret= -1; 165 int ret= -1;
166 int check_result;
182 167
183 ctx = BN_CTX_new(); 168 ctx = BN_CTX_new();
184 if (ctx == NULL) goto err; 169 if (ctx == NULL) goto err;
@@ -190,21 +175,20 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
190 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); 175 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
191 goto err; 176 goto err;
192 } 177 }
193 178 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
194 if (dh->flags & DH_FLAG_CACHE_MONT_P)
195 { 179 {
196 mont = BN_MONT_CTX_set_locked( 180 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
197 (BN_MONT_CTX **)&dh->method_mont_p, 181 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
198 CRYPTO_LOCK_DH, dh->p, ctx); 182 dh->p,ctx)) goto err;
199 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
200 {
201 /* XXX */
202 BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
203 }
204 if (!mont)
205 goto err;
206 } 183 }
207 184
185 mont=(BN_MONT_CTX *)dh->method_mont_p;
186
187 if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
188 {
189 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
190 goto err;
191 }
208 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) 192 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
209 { 193 {
210 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); 194 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
@@ -213,11 +197,8 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
213 197
214 ret=BN_bn2bin(tmp,key); 198 ret=BN_bn2bin(tmp,key);
215err: 199err:
216 if (ctx != NULL) 200 BN_CTX_end(ctx);
217 { 201 BN_CTX_free(ctx);
218 BN_CTX_end(ctx);
219 BN_CTX_free(ctx);
220 }
221 return(ret); 202 return(ret);
222 } 203 }
223 204
@@ -226,10 +207,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
226 const BIGNUM *m, BN_CTX *ctx, 207 const BIGNUM *m, BN_CTX *ctx,
227 BN_MONT_CTX *m_ctx) 208 BN_MONT_CTX *m_ctx)
228 { 209 {
229 /* If a is only one word long and constant time is false, use the faster 210 if (a->top == 1)
230 * exponenentiation function.
231 */
232 if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
233 { 211 {
234 BN_ULONG A = a->d[0]; 212 BN_ULONG A = a->d[0];
235 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); 213 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
new file mode 100644
index 0000000000..d75077f9fa
--- /dev/null
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -0,0 +1,212 @@
1/* crypto/dh/dhtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include "../e_os.h"
64
65#include <openssl/crypto.h>
66#include <openssl/bio.h>
67#include <openssl/bn.h>
68#include <openssl/rand.h>
69#include <openssl/err.h>
70
71#ifdef OPENSSL_NO_DH
72int main(int argc, char *argv[])
73{
74 printf("No DH support\n");
75 return(0);
76}
77#else
78#include <openssl/dh.h>
79
80#ifdef OPENSSL_SYS_WIN16
81#define MS_CALLBACK _far _loadds
82#else
83#define MS_CALLBACK
84#endif
85
86static void MS_CALLBACK cb(int p, int n, void *arg);
87
88static const char rnd_seed[] = "string to make the random number generator think it has entropy";
89
90int main(int argc, char *argv[])
91 {
92 DH *a;
93 DH *b=NULL;
94 char buf[12];
95 unsigned char *abuf=NULL,*bbuf=NULL;
96 int i,alen,blen,aout,bout,ret=1;
97 BIO *out;
98
99 CRYPTO_malloc_debug_init();
100 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
101 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
102
103#ifdef OPENSSL_SYS_WIN32
104 CRYPTO_malloc_init();
105#endif
106
107 RAND_seed(rnd_seed, sizeof rnd_seed);
108
109 out=BIO_new(BIO_s_file());
110 if (out == NULL) EXIT(1);
111 BIO_set_fp(out,stdout,BIO_NOCLOSE);
112
113 a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out);
114 if (a == NULL) goto err;
115
116 if (!DH_check(a, &i)) goto err;
117 if (i & DH_CHECK_P_NOT_PRIME)
118 BIO_puts(out, "p value is not prime\n");
119 if (i & DH_CHECK_P_NOT_SAFE_PRIME)
120 BIO_puts(out, "p value is not a safe prime\n");
121 if (i & DH_UNABLE_TO_CHECK_GENERATOR)
122 BIO_puts(out, "unable to check the generator value\n");
123 if (i & DH_NOT_SUITABLE_GENERATOR)
124 BIO_puts(out, "the g value is not a generator\n");
125
126 BIO_puts(out,"\np =");
127 BN_print(out,a->p);
128 BIO_puts(out,"\ng =");
129 BN_print(out,a->g);
130 BIO_puts(out,"\n");
131
132 b=DH_new();
133 if (b == NULL) goto err;
134
135 b->p=BN_dup(a->p);
136 b->g=BN_dup(a->g);
137 if ((b->p == NULL) || (b->g == NULL)) goto err;
138
139 if (!DH_generate_key(a)) goto err;
140 BIO_puts(out,"pri 1=");
141 BN_print(out,a->priv_key);
142 BIO_puts(out,"\npub 1=");
143 BN_print(out,a->pub_key);
144 BIO_puts(out,"\n");
145
146 if (!DH_generate_key(b)) goto err;
147 BIO_puts(out,"pri 2=");
148 BN_print(out,b->priv_key);
149 BIO_puts(out,"\npub 2=");
150 BN_print(out,b->pub_key);
151 BIO_puts(out,"\n");
152
153 alen=DH_size(a);
154 abuf=(unsigned char *)OPENSSL_malloc(alen);
155 aout=DH_compute_key(abuf,b->pub_key,a);
156
157 BIO_puts(out,"key1 =");
158 for (i=0; i<aout; i++)
159 {
160 sprintf(buf,"%02X",abuf[i]);
161 BIO_puts(out,buf);
162 }
163 BIO_puts(out,"\n");
164
165 blen=DH_size(b);
166 bbuf=(unsigned char *)OPENSSL_malloc(blen);
167 bout=DH_compute_key(bbuf,a->pub_key,b);
168
169 BIO_puts(out,"key2 =");
170 for (i=0; i<bout; i++)
171 {
172 sprintf(buf,"%02X",bbuf[i]);
173 BIO_puts(out,buf);
174 }
175 BIO_puts(out,"\n");
176 if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
177 {
178 fprintf(stderr,"Error in DH routines\n");
179 ret=1;
180 }
181 else
182 ret=0;
183err:
184 ERR_print_errors_fp(stderr);
185
186 if (abuf != NULL) OPENSSL_free(abuf);
187 if (bbuf != NULL) OPENSSL_free(bbuf);
188 if(b != NULL) DH_free(b);
189 if(a != NULL) DH_free(a);
190 BIO_free(out);
191 CRYPTO_cleanup_all_ex_data();
192 ERR_remove_state(0);
193 CRYPTO_mem_leaks_fp(stderr);
194 EXIT(ret);
195 return(ret);
196 }
197
198static void MS_CALLBACK cb(int p, int n, void *arg)
199 {
200 char c='*';
201
202 if (p == 0) c='.';
203 if (p == 1) c='+';
204 if (p == 2) c='*';
205 if (p == 3) c='\n';
206 BIO_write((BIO *)arg,&c,1);
207 (void)BIO_flush((BIO *)arg);
208#ifdef LINT
209 p=n;
210#endif
211 }
212#endif
diff --git a/src/lib/libcrypto/dh/example b/src/lib/libcrypto/dh/example
new file mode 100644
index 0000000000..16a33d2910
--- /dev/null
+++ b/src/lib/libcrypto/dh/example
@@ -0,0 +1,50 @@
1From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
2Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
3 (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
4Received: by minbne.mincom.oz.au id AA19958
5 (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
6Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
7 Wed, 27 Sep 1995 19:13:05 +1000
8Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
9 Wed, 27 Sep 1995 04:48:46 -0400
10Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
11Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
12Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
13 by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
14 for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
15Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
16 id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
17Date: Mon, 25 Sep 1995 17:50:51 -0700
18From: Phil Karn <karn@qualcomm.com>
19Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
20To: cypherpunks@toad.com, ipsec-dev@eit.com
21Subject: Primality verification needed
22Sender: owner-cypherpunks@toad.com
23Precedence: bulk
24Status: RO
25X-Status:
26
27Hi. I've generated a 2047-bit "strong" prime number that I would like to
28use with Diffie-Hellman key exchange. I assert that not only is this number
29'p' prime, but so is (p-1)/2.
30
31I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
321.3.2 to test this number. This function uses the Miller-Rabin primality test.
33However, to increase my confidence that this number really is a strong prime,
34I'd like to ask others to confirm it with other tests. Here's the number in hex:
35
3672a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
37fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
38a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
39fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
403d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
41ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
4256a05180c3bec7ddd5ef6fe76b1f717b
43
44The generator, g, for this prime is 2.
45
46Thanks!
47
48Phil Karn
49
50
diff --git a/src/lib/libcrypto/dh/generate b/src/lib/libcrypto/dh/generate
new file mode 100644
index 0000000000..5d407231df
--- /dev/null
+++ b/src/lib/libcrypto/dh/generate
@@ -0,0 +1,65 @@
1From: stewarts@ix.netcom.com (Bill Stewart)
2Newsgroups: sci.crypt
3Subject: Re: Diffie-Hellman key exchange
4Date: Wed, 11 Oct 1995 23:08:28 GMT
5Organization: Freelance Information Architect
6Lines: 32
7Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
8References: <458rhn$76m$1@mhadf.production.compuserve.com>
9NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
10X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
11X-Newsreader: Forte Free Agent 1.0.82
12
13Kent Briggs <72124.3234@CompuServe.COM> wrote:
14
15>I have a copy of the 1976 IEEE article describing the
16>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
17>looking for sources that give examples of secure a,q pairs and
18>possible some source code that I could examine.
19
20q should be prime, and ideally should be a "strong prime",
21which means it's of the form 2n+1 where n is also prime.
22q also needs to be long enough to prevent the attacks LaMacchia and
23Odlyzko described (some variant on a factoring attack which generates
24a large pile of simultaneous equations and then solves them);
25long enough is about the same size as factoring, so 512 bits may not
26be secure enough for most applications. (The 192 bits used by
27"secure NFS" was certainly not long enough.)
28
29a should be a generator for q, which means it needs to be
30relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
31work.
32
33....
34
35Date: Tue, 26 Sep 1995 13:52:36 MST
36From: "Richard Schroeppel" <rcs@cs.arizona.edu>
37To: karn
38Cc: ho@cs.arizona.edu
39Subject: random large primes
40
41Since your prime is really random, proving it is hard.
42My personal limit on rigorously proved primes is ~350 digits.
43If you really want a proof, we should talk to Francois Morain,
44or the Australian group.
45
46If you want 2 to be a generator (mod P), then you need it
47to be a non-square. If (P-1)/2 is also prime, then
48non-square == primitive-root for bases << P.
49
50In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
51If you want this, you should restrict your sieve accordingly.
52
533 is a generator iff P = 5 (mod 12).
54
555 is a generator iff P = 3 or 7 (mod 10).
56
572 is perfectly usable as a base even if it's a non-generator, since
58it still covers half the space of possible residues. And an
59eavesdropper can always determine the low-bit of your exponent for
60a generator anyway.
61
62Rich rcs@cs.arizona.edu
63
64
65
diff --git a/src/lib/libcrypto/dh/p1024.c b/src/lib/libcrypto/dh/p1024.c
new file mode 100644
index 0000000000..368ceca4eb
--- /dev/null
+++ b/src/lib/libcrypto/dh/p1024.c
@@ -0,0 +1,92 @@
1/* crypto/dh/p1024.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
66 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
67 0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
68 0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
69 0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
70 0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
71 0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
72 0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
73 0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
74 0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
75 0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
76 0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
77 0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
78 0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
79 0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
80 0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
81 };
82
83main()
84 {
85 DH *dh;
86
87 dh=DH_new();
88 dh->p=BN_bin2bn(data,sizeof(data),NULL);
89 dh->g=BN_new();
90 BN_set_word(dh->g,2);
91 PEM_write_DHparams(stdout,dh);
92 }
diff --git a/src/lib/libcrypto/dh/p192.c b/src/lib/libcrypto/dh/p192.c
new file mode 100644
index 0000000000..7bdf40410e
--- /dev/null
+++ b/src/lib/libcrypto/dh/p192.c
@@ -0,0 +1,80 @@
1/* crypto/dh/p192.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={
660xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
670xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
680xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
69 };
70
71main()
72 {
73 DH *dh;
74
75 dh=DH_new();
76 dh->p=BN_bin2bn(data,sizeof(data),NULL);
77 dh->g=BN_new();
78 BN_set_word(dh->g,3);
79 PEM_write_DHparams(stdout,dh);
80 }
diff --git a/src/lib/libcrypto/dh/p512.c b/src/lib/libcrypto/dh/p512.c
new file mode 100644
index 0000000000..a9b6aa83f0
--- /dev/null
+++ b/src/lib/libcrypto/dh/p512.c
@@ -0,0 +1,85 @@
1/* crypto/dh/p512.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={
660xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
670xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
680xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
690xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
700x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
710xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
720xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
730xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
74 };
75
76main()
77 {
78 DH *dh;
79
80 dh=DH_new();
81 dh->p=BN_bin2bn(data,sizeof(data),NULL);
82 dh->g=BN_new();
83 BN_set_word(dh->g,2);
84 PEM_write_DHparams(stdout,dh);
85 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 07:09:24 +0000