summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dh
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/dh')
-rw-r--r--src/lib/libcrypto/dh/Makefile131
-rw-r--r--src/lib/libcrypto/dh/dh.h223
-rw-r--r--src/lib/libcrypto/dh/dh1024.pem5
-rw-r--r--src/lib/libcrypto/dh/dh192.pem3
-rw-r--r--src/lib/libcrypto/dh/dh2048.pem16
-rw-r--r--src/lib/libcrypto/dh/dh4096.pem14
-rw-r--r--src/lib/libcrypto/dh/dh512.pem4
-rw-r--r--src/lib/libcrypto/dh/dh_asn1.c87
-rw-r--r--src/lib/libcrypto/dh/dh_check.c146
-rw-r--r--src/lib/libcrypto/dh/dh_err.c106
-rw-r--r--src/lib/libcrypto/dh/dh_gen.c175
-rw-r--r--src/lib/libcrypto/dh/dh_key.c266
-rw-r--r--src/lib/libcrypto/dh/dh_lib.c247
-rw-r--r--src/lib/libcrypto/dh/dhtest.c216
-rw-r--r--src/lib/libcrypto/dh/example50
-rw-r--r--src/lib/libcrypto/dh/generate65
-rw-r--r--src/lib/libcrypto/dh/p1024.c92
-rw-r--r--src/lib/libcrypto/dh/p192.c80
-rw-r--r--src/lib/libcrypto/dh/p512.c85
19 files changed, 2011 insertions, 0 deletions
diff --git a/src/lib/libcrypto/dh/Makefile b/src/lib/libcrypto/dh/Makefile
new file mode 100644
index 0000000000..352678b94a
--- /dev/null
+++ b/src/lib/libcrypto/dh/Makefile
@@ -0,0 +1,131 @@
1#
2# OpenSSL/crypto/dh/Makefile
3#
4
5DIR= dh
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKEDEPPROG= makedepend
14MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
15MAKEFILE= Makefile
16AR= ar r
17
18CFLAGS= $(INCLUDES) $(CFLAG)
19
20GENERAL=Makefile
21TEST= dhtest.c
22APPS=
23
24LIB=$(TOP)/libcrypto.a
25LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
26LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
27
28SRC= $(LIBSRC)
29
30EXHEADER= dh.h
31HEADER= $(EXHEADER)
32
33ALL= $(GENERAL) $(SRC) $(HEADER)
34
35top:
36 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
37
38all: lib
39
40lib: $(LIBOBJ)
41 $(AR) $(LIB) $(LIBOBJ)
42 $(RANLIB) $(LIB) || echo Never mind.
43 @touch lib
44
45files:
46 $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
47
48links:
49 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
50 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
51 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
52
53install:
54 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
55 do \
56 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
57 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
58 done;
59
60tags:
61 ctags $(SRC)
62
63tests:
64
65lint:
66 lint -DLINT $(INCLUDES) $(SRC)>fluff
67
68depend:
69 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
70
71dclean:
72 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
73 mv -f Makefile.new $(MAKEFILE)
74
75clean:
76 rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
77
78# DO NOT DELETE THIS LINE -- make depend depends on it.
79
80dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
81dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
82dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
83dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
84dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
85dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
86dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
87dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
88dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
89dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
90dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
91dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
92dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
93dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
94dh_check.o: ../../include/openssl/opensslconf.h
95dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
96dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
97dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
98dh_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
99dh_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
100dh_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
101dh_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
102dh_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
103dh_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
104dh_err.o: ../../include/openssl/symhacks.h dh_err.c
105dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
106dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
107dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
108dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
109dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
110dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
111dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
112dh_gen.o: ../cryptlib.h dh_gen.c
113dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
114dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
115dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
116dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
117dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
118dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
119dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
120dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
121dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
122dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
123dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
124dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
125dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
126dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
127dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
128dh_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
129dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
130dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
131dh_lib.o: ../cryptlib.h dh_lib.c
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
new file mode 100644
index 0000000000..582b34329f
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh.h
@@ -0,0 +1,223 @@
1/* crypto/dh/dh.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_DH_H
60#define HEADER_DH_H
61
62#ifdef OPENSSL_NO_DH
63#error DH is disabled.
64#endif
65
66#ifndef OPENSSL_NO_BIO
67#include <openssl/bio.h>
68#endif
69#include <openssl/bn.h>
70#include <openssl/crypto.h>
71#include <openssl/ossl_typ.h>
72
73#define OPENSSL_DH_MAX_MODULUS_BITS 10000
74
75#define DH_FLAG_CACHE_MONT_P 0x01
76#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
77 * implementation now uses constant time
78 * modular exponentiation for secret exponents
79 * by default. This flag causes the
80 * faster variable sliding window method to
81 * be used for all exponents.
82 */
83
84#ifdef __cplusplus
85extern "C" {
86#endif
87
88typedef struct dh_st DH;
89
90typedef struct dh_method {
91 const char *name;
92 /* Methods here */
93 int (*generate_key)(DH *dh);
94 int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
95 int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
96 const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
97 BN_MONT_CTX *m_ctx); /* Can be null */
98
99 int (*init)(DH *dh);
100 int (*finish)(DH *dh);
101 int flags;
102 char *app_data;
103} DH_METHOD;
104
105struct dh_st
106 {
107 /* This first argument is used to pick up errors when
108 * a DH is passed instead of a EVP_PKEY */
109 int pad;
110 int version;
111 BIGNUM *p;
112 BIGNUM *g;
113 int length; /* optional */
114 BIGNUM *pub_key; /* g^x */
115 BIGNUM *priv_key; /* x */
116
117 int flags;
118 char *method_mont_p;
119 /* Place holders if we want to do X9.42 DH */
120 BIGNUM *q;
121 BIGNUM *j;
122 unsigned char *seed;
123 int seedlen;
124 BIGNUM *counter;
125
126 int references;
127 CRYPTO_EX_DATA ex_data;
128 const DH_METHOD *meth;
129 ENGINE *engine;
130 };
131
132#define DH_GENERATOR_2 2
133/* #define DH_GENERATOR_3 3 */
134#define DH_GENERATOR_5 5
135
136/* DH_check error codes */
137#define DH_CHECK_P_NOT_PRIME 0x01
138#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
139#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
140#define DH_NOT_SUITABLE_GENERATOR 0x08
141
142/* DH_check_pub_key error codes */
143#define DH_CHECK_PUBKEY_TOO_SMALL 0x01
144#define DH_CHECK_PUBKEY_TOO_LARGE 0x02
145
146/* primes p where (p-1)/2 is prime too are called "safe"; we define
147 this for backward compatibility: */
148#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
149
150#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
151 (char *(*)())d2i_DHparams,(char *)(x))
152#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
153 (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
154#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
155 (unsigned char *)(x))
156#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
157 (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
158#ifdef __cplusplus
159#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
160 (unsigned char *)(x))
161#else
162#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
163 (unsigned char *)(x))
164#endif
165
166const DH_METHOD *DH_OpenSSL(void);
167
168void DH_set_default_method(const DH_METHOD *meth);
169const DH_METHOD *DH_get_default_method(void);
170int DH_set_method(DH *dh, const DH_METHOD *meth);
171DH *DH_new_method(ENGINE *engine);
172
173DH * DH_new(void);
174void DH_free(DH *dh);
175int DH_up_ref(DH *dh);
176int DH_size(const DH *dh);
177int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
178 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
179int DH_set_ex_data(DH *d, int idx, void *arg);
180void *DH_get_ex_data(DH *d, int idx);
181DH * DH_generate_parameters(int prime_len,int generator,
182 void (*callback)(int,int,void *),void *cb_arg);
183int DH_check(const DH *dh,int *codes);
184int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
185int DH_generate_key(DH *dh);
186int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
187DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
188int i2d_DHparams(const DH *a,unsigned char **pp);
189#ifndef OPENSSL_NO_FP_API
190int DHparams_print_fp(FILE *fp, const DH *x);
191#endif
192#ifndef OPENSSL_NO_BIO
193int DHparams_print(BIO *bp, const DH *x);
194#else
195int DHparams_print(char *bp, const DH *x);
196#endif
197
198/* BEGIN ERROR CODES */
199/* The following lines are auto generated by the script mkerr.pl. Any changes
200 * made after this point may be overwritten when the script is next run.
201 */
202void ERR_load_DH_strings(void);
203
204/* Error codes for the DH functions. */
205
206/* Function codes. */
207#define DH_F_DHPARAMS_PRINT 100
208#define DH_F_DHPARAMS_PRINT_FP 101
209#define DH_F_DH_COMPUTE_KEY 102
210#define DH_F_DH_GENERATE_KEY 103
211#define DH_F_DH_GENERATE_PARAMETERS 104
212#define DH_F_DH_NEW_METHOD 105
213
214/* Reason codes. */
215#define DH_R_BAD_GENERATOR 101
216#define DH_R_NO_PRIVATE_VALUE 100
217#define DH_R_INVALID_PUBKEY 102
218#define DH_R_MODULUS_TOO_LARGE 103
219
220#ifdef __cplusplus
221}
222#endif
223#endif
diff --git a/src/lib/libcrypto/dh/dh1024.pem b/src/lib/libcrypto/dh/dh1024.pem
new file mode 100644
index 0000000000..81d43f6a3e
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
1-----BEGIN DH PARAMETERS-----
2MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
3/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
4/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
5-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh192.pem b/src/lib/libcrypto/dh/dh192.pem
new file mode 100644
index 0000000000..521c07271d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh192.pem
@@ -0,0 +1,3 @@
1-----BEGIN DH PARAMETERS-----
2MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
3-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh2048.pem b/src/lib/libcrypto/dh/dh2048.pem
new file mode 100644
index 0000000000..295460f508
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
1-----BEGIN DH PARAMETERS-----
2MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
3AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
4z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
5pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
6aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
7Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
8-----END DH PARAMETERS-----
9-----BEGIN DH PARAMETERS-----
10MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
118ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
12SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
13gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
14yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
15a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
16-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh4096.pem b/src/lib/libcrypto/dh/dh4096.pem
new file mode 100644
index 0000000000..390943a21d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
1-----BEGIN DH PARAMETERS-----
2MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
3vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
4TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
5bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
6rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
7EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
8bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
9W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
10ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
11NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
12jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
13-----END DH PARAMETERS-----
14
diff --git a/src/lib/libcrypto/dh/dh512.pem b/src/lib/libcrypto/dh/dh512.pem
new file mode 100644
index 0000000000..0a4d863ebe
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh512.pem
@@ -0,0 +1,4 @@
1-----BEGIN DH PARAMETERS-----
2MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
3a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
4-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh_asn1.c b/src/lib/libcrypto/dh/dh_asn1.c
new file mode 100644
index 0000000000..769b5b68c5
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_asn1.c
@@ -0,0 +1,87 @@
1/* dh_asn1.c */
2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#include <openssl/objects.h>
64#include <openssl/asn1t.h>
65
66/* Override the default free and new methods */
67static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
68{
69 if(operation == ASN1_OP_NEW_PRE) {
70 *pval = (ASN1_VALUE *)DH_new();
71 if(*pval) return 2;
72 return 0;
73 } else if(operation == ASN1_OP_FREE_PRE) {
74 DH_free((DH *)*pval);
75 *pval = NULL;
76 return 2;
77 }
78 return 1;
79}
80
81ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
82 ASN1_SIMPLE(DH, p, BIGNUM),
83 ASN1_SIMPLE(DH, g, BIGNUM),
84 ASN1_OPT(DH, length, ZLONG),
85} ASN1_SEQUENCE_END_cb(DH, DHparams)
86
87IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c
new file mode 100644
index 0000000000..17debff62d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_check.c
@@ -0,0 +1,146 @@
1/* crypto/dh/dh_check.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* Check that p is a safe prime and
65 * if g is 2, 3 or 5, check that is is a suitable generator
66 * where
67 * for 2, p mod 24 == 11
68 * for 3, p mod 12 == 5
69 * for 5, p mod 10 == 3 or 7
70 * should hold.
71 */
72
73#ifndef OPENSSL_FIPS
74
75int DH_check(const DH *dh, int *ret)
76 {
77 int ok=0;
78 BN_CTX *ctx=NULL;
79 BN_ULONG l;
80 BIGNUM *q=NULL;
81
82 *ret=0;
83 ctx=BN_CTX_new();
84 if (ctx == NULL) goto err;
85 q=BN_new();
86 if (q == NULL) goto err;
87
88 if (BN_is_word(dh->g,DH_GENERATOR_2))
89 {
90 l=BN_mod_word(dh->p,24);
91 if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
92 }
93#if 0
94 else if (BN_is_word(dh->g,DH_GENERATOR_3))
95 {
96 l=BN_mod_word(dh->p,12);
97 if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
98 }
99#endif
100 else if (BN_is_word(dh->g,DH_GENERATOR_5))
101 {
102 l=BN_mod_word(dh->p,10);
103 if ((l != 3) && (l != 7))
104 *ret|=DH_NOT_SUITABLE_GENERATOR;
105 }
106 else
107 *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
108
109 if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
110 *ret|=DH_CHECK_P_NOT_PRIME;
111 else
112 {
113 if (!BN_rshift1(q,dh->p)) goto err;
114 if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
115 *ret|=DH_CHECK_P_NOT_SAFE_PRIME;
116 }
117 ok=1;
118err:
119 if (ctx != NULL) BN_CTX_free(ctx);
120 if (q != NULL) BN_free(q);
121 return(ok);
122 }
123
124int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
125 {
126 int ok=0;
127 BIGNUM *q=NULL;
128
129 *ret=0;
130 q=BN_new();
131 if (q == NULL) goto err;
132 BN_set_word(q,1);
133 if (BN_cmp(pub_key,q) <= 0)
134 *ret|=DH_CHECK_PUBKEY_TOO_SMALL;
135 BN_copy(q,dh->p);
136 BN_sub_word(q,1);
137 if (BN_cmp(pub_key,q) >= 0)
138 *ret|=DH_CHECK_PUBKEY_TOO_LARGE;
139
140 ok = 1;
141err:
142 if (q != NULL) BN_free(q);
143 return(ok);
144 }
145
146#endif
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
new file mode 100644
index 0000000000..611067ef4a
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -0,0 +1,106 @@
1/* crypto/dh/dh_err.c */
2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62#include <openssl/err.h>
63#include <openssl/dh.h>
64
65/* BEGIN ERROR CODES */
66#ifndef OPENSSL_NO_ERR
67
68#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
69#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
70
71static ERR_STRING_DATA DH_str_functs[]=
72 {
73{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
74{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
75{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
76{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
77{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
78{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
79{0,NULL}
80 };
81
82static ERR_STRING_DATA DH_str_reasons[]=
83 {
84{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
85{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
86{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
87{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
88{0,NULL}
89 };
90
91#endif
92
93void ERR_load_DH_strings(void)
94 {
95 static int init=1;
96
97 if (init)
98 {
99 init=0;
100#ifndef OPENSSL_NO_ERR
101 ERR_load_strings(0,DH_str_functs);
102 ERR_load_strings(0,DH_str_reasons);
103#endif
104
105 }
106 }
diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c
new file mode 100644
index 0000000000..23777f5a16
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_gen.c
@@ -0,0 +1,175 @@
1/* crypto/dh/dh_gen.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63
64/* We generate DH parameters as follows
65 * find a prime q which is prime_len/2 bits long.
66 * p=(2*q)+1 or (p-1)/2 = q
67 * For this case, g is a generator if
68 * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
69 * Since the factors of p-1 are q and 2, we just need to check
70 * g^2 mod p != 1 and g^q mod p != 1.
71 *
72 * Having said all that,
73 * there is another special case method for the generators 2, 3 and 5.
74 * for 2, p mod 24 == 11
75 * for 3, p mod 12 == 5 <<<<< does not work for safe primes.
76 * for 5, p mod 10 == 3 or 7
77 *
78 * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
79 * special generators and for answering some of my questions.
80 *
81 * I've implemented the second simple method :-).
82 * Since DH should be using a safe prime (both p and q are prime),
83 * this generator function can take a very very long time to run.
84 */
85/* Actually there is no reason to insist that 'generator' be a generator.
86 * It's just as OK (and in some sense better) to use a generator of the
87 * order-q subgroup.
88 */
89
90#ifndef OPENSSL_FIPS
91
92DH *DH_generate_parameters(int prime_len, int generator,
93 void (*callback)(int,int,void *), void *cb_arg)
94 {
95 BIGNUM *p=NULL,*t1,*t2;
96 DH *ret=NULL;
97 int g,ok= -1;
98 BN_CTX *ctx=NULL;
99
100 ret=DH_new();
101 if (ret == NULL) goto err;
102 ctx=BN_CTX_new();
103 if (ctx == NULL) goto err;
104 BN_CTX_start(ctx);
105 t1 = BN_CTX_get(ctx);
106 t2 = BN_CTX_get(ctx);
107 if (t1 == NULL || t2 == NULL) goto err;
108
109 if (generator <= 1)
110 {
111 DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR);
112 goto err;
113 }
114 if (generator == DH_GENERATOR_2)
115 {
116 if (!BN_set_word(t1,24)) goto err;
117 if (!BN_set_word(t2,11)) goto err;
118 g=2;
119 }
120#if 0 /* does not work for safe primes */
121 else if (generator == DH_GENERATOR_3)
122 {
123 if (!BN_set_word(t1,12)) goto err;
124 if (!BN_set_word(t2,5)) goto err;
125 g=3;
126 }
127#endif
128 else if (generator == DH_GENERATOR_5)
129 {
130 if (!BN_set_word(t1,10)) goto err;
131 if (!BN_set_word(t2,3)) goto err;
132 /* BN_set_word(t3,7); just have to miss
133 * out on these ones :-( */
134 g=5;
135 }
136 else
137 {
138 /* in the general case, don't worry if 'generator' is a
139 * generator or not: since we are using safe primes,
140 * it will generate either an order-q or an order-2q group,
141 * which both is OK */
142 if (!BN_set_word(t1,2)) goto err;
143 if (!BN_set_word(t2,1)) goto err;
144 g=generator;
145 }
146
147 p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
148 if (p == NULL) goto err;
149 if (callback != NULL) callback(3,0,cb_arg);
150 ret->p=p;
151 ret->g=BN_new();
152 if (ret->g == NULL) goto err;
153 if (!BN_set_word(ret->g,g)) goto err;
154 ok=1;
155err:
156 if (ok == -1)
157 {
158 DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
159 ok=0;
160 }
161
162 if (ctx != NULL)
163 {
164 BN_CTX_end(ctx);
165 BN_CTX_free(ctx);
166 }
167 if (!ok && (ret != NULL))
168 {
169 DH_free(ret);
170 ret=NULL;
171 }
172 return(ret);
173 }
174
175#endif
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
new file mode 100644
index 0000000000..74de589204
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -0,0 +1,266 @@
1/* crypto/dh/dh_key.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/rand.h>
63#include <openssl/dh.h>
64
65#ifndef OPENSSL_FIPS
66
67static int generate_key(DH *dh);
68static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
69static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
70 const BIGNUM *a, const BIGNUM *p,
71 const BIGNUM *m, BN_CTX *ctx,
72 BN_MONT_CTX *m_ctx);
73static int dh_init(DH *dh);
74static int dh_finish(DH *dh);
75
76int DH_generate_key(DH *dh)
77 {
78 return dh->meth->generate_key(dh);
79 }
80
81int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
82 {
83 return dh->meth->compute_key(key, pub_key, dh);
84 }
85
86static DH_METHOD dh_ossl = {
87"OpenSSL DH Method",
88generate_key,
89compute_key,
90dh_bn_mod_exp,
91dh_init,
92dh_finish,
930,
94NULL
95};
96
97const DH_METHOD *DH_OpenSSL(void)
98{
99 return &dh_ossl;
100}
101
102static int generate_key(DH *dh)
103 {
104 int ok=0;
105 int generate_new_key=0;
106 unsigned l;
107 BN_CTX *ctx;
108 BN_MONT_CTX *mont=NULL;
109 BIGNUM *pub_key=NULL,*priv_key=NULL;
110
111 ctx = BN_CTX_new();
112 if (ctx == NULL) goto err;
113
114 if (dh->priv_key == NULL)
115 {
116 priv_key=BN_new();
117 if (priv_key == NULL) goto err;
118 generate_new_key=1;
119 }
120 else
121 priv_key=dh->priv_key;
122
123 if (dh->pub_key == NULL)
124 {
125 pub_key=BN_new();
126 if (pub_key == NULL) goto err;
127 }
128 else
129 pub_key=dh->pub_key;
130
131
132 if (dh->flags & DH_FLAG_CACHE_MONT_P)
133 {
134 mont = BN_MONT_CTX_set_locked(
135 (BN_MONT_CTX **)&dh->method_mont_p,
136 CRYPTO_LOCK_DH, dh->p, ctx);
137 if (!mont)
138 goto err;
139 }
140
141 if (generate_new_key)
142 {
143 l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
144 if (!BN_rand(priv_key, l, 0, 0)) goto err;
145 }
146
147 {
148 BIGNUM local_prk;
149 BIGNUM *prk;
150
151 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
152 {
153 BN_init(&local_prk);
154 prk = &local_prk;
155 BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
156 }
157 else
158 prk = priv_key;
159
160 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
161 }
162
163 dh->pub_key=pub_key;
164 dh->priv_key=priv_key;
165 ok=1;
166err:
167 if (ok != 1)
168 DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
169
170 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
171 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
172 BN_CTX_free(ctx);
173 return(ok);
174 }
175
176static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
177 {
178 BN_CTX *ctx;
179 BN_MONT_CTX *mont=NULL;
180 BIGNUM *tmp;
181 int ret= -1;
182 int check_result;
183
184 if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
185 {
186 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
187 return -1;
188 }
189
190 ctx = BN_CTX_new();
191 if (ctx == NULL) goto err;
192 BN_CTX_start(ctx);
193 tmp = BN_CTX_get(ctx);
194
195 if (dh->priv_key == NULL)
196 {
197 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
198 goto err;
199 }
200
201 if (dh->flags & DH_FLAG_CACHE_MONT_P)
202 {
203 mont = BN_MONT_CTX_set_locked(
204 (BN_MONT_CTX **)&dh->method_mont_p,
205 CRYPTO_LOCK_DH, dh->p, ctx);
206 if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
207 {
208 /* XXX */
209 BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
210 }
211 if (!mont)
212 goto err;
213 }
214 if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
215 {
216 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
217 goto err;
218 }
219 if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
220 {
221 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
222 goto err;
223 }
224
225 ret=BN_bn2bin(tmp,key);
226err:
227 if (ctx != NULL)
228 {
229 BN_CTX_end(ctx);
230 BN_CTX_free(ctx);
231 }
232 return(ret);
233 }
234
235static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
236 const BIGNUM *a, const BIGNUM *p,
237 const BIGNUM *m, BN_CTX *ctx,
238 BN_MONT_CTX *m_ctx)
239 {
240 /* If a is only one word long and constant time is false, use the faster
241 * exponenentiation function.
242 */
243 if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
244 {
245 BN_ULONG A = a->d[0];
246 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
247 }
248 else
249 return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
250 }
251
252
253static int dh_init(DH *dh)
254 {
255 dh->flags |= DH_FLAG_CACHE_MONT_P;
256 return(1);
257 }
258
259static int dh_finish(DH *dh)
260 {
261 if(dh->method_mont_p)
262 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
263 return(1);
264 }
265
266#endif
diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c
new file mode 100644
index 0000000000..09965ee2ea
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh_lib.c
@@ -0,0 +1,247 @@
1/* crypto/dh/dh_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include <openssl/bn.h>
62#include <openssl/dh.h>
63#ifndef OPENSSL_NO_ENGINE
64#include <openssl/engine.h>
65#endif
66
67const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT;
68
69static const DH_METHOD *default_DH_method = NULL;
70
71void DH_set_default_method(const DH_METHOD *meth)
72 {
73 default_DH_method = meth;
74 }
75
76const DH_METHOD *DH_get_default_method(void)
77 {
78 if(!default_DH_method)
79 default_DH_method = DH_OpenSSL();
80 return default_DH_method;
81 }
82
83int DH_set_method(DH *dh, const DH_METHOD *meth)
84 {
85 /* NB: The caller is specifically setting a method, so it's not up to us
86 * to deal with which ENGINE it comes from. */
87 const DH_METHOD *mtmp;
88 mtmp = dh->meth;
89 if (mtmp->finish) mtmp->finish(dh);
90#ifndef OPENSSL_NO_ENGINE
91 if (dh->engine)
92 {
93 ENGINE_finish(dh->engine);
94 dh->engine = NULL;
95 }
96#endif
97 dh->meth = meth;
98 if (meth->init) meth->init(dh);
99 return 1;
100 }
101
102DH *DH_new(void)
103 {
104 return DH_new_method(NULL);
105 }
106
107DH *DH_new_method(ENGINE *engine)
108 {
109 DH *ret;
110
111 ret=(DH *)OPENSSL_malloc(sizeof(DH));
112 if (ret == NULL)
113 {
114 DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE);
115 return(NULL);
116 }
117
118 ret->meth = DH_get_default_method();
119#ifndef OPENSSL_NO_ENGINE
120 if (engine)
121 {
122 if (!ENGINE_init(engine))
123 {
124 DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
125 OPENSSL_free(ret);
126 return NULL;
127 }
128 ret->engine = engine;
129 }
130 else
131 ret->engine = ENGINE_get_default_DH();
132 if(ret->engine)
133 {
134 ret->meth = ENGINE_get_DH(ret->engine);
135 if(!ret->meth)
136 {
137 DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB);
138 ENGINE_finish(ret->engine);
139 OPENSSL_free(ret);
140 return NULL;
141 }
142 }
143#endif
144
145 ret->pad=0;
146 ret->version=0;
147 ret->p=NULL;
148 ret->g=NULL;
149 ret->length=0;
150 ret->pub_key=NULL;
151 ret->priv_key=NULL;
152 ret->q=NULL;
153 ret->j=NULL;
154 ret->seed = NULL;
155 ret->seedlen = 0;
156 ret->counter = NULL;
157 ret->method_mont_p=NULL;
158 ret->references = 1;
159 ret->flags=ret->meth->flags;
160 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
161 if ((ret->meth->init != NULL) && !ret->meth->init(ret))
162 {
163#ifndef OPENSSL_NO_ENGINE
164 if (ret->engine)
165 ENGINE_finish(ret->engine);
166#endif
167 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
168 OPENSSL_free(ret);
169 ret=NULL;
170 }
171 return(ret);
172 }
173
174void DH_free(DH *r)
175 {
176 int i;
177 if(r == NULL) return;
178 i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
179#ifdef REF_PRINT
180 REF_PRINT("DH",r);
181#endif
182 if (i > 0) return;
183#ifdef REF_CHECK
184 if (i < 0)
185 {
186 fprintf(stderr,"DH_free, bad reference count\n");
187 abort();
188 }
189#endif
190
191 if (r->meth->finish)
192 r->meth->finish(r);
193#ifndef OPENSSL_NO_ENGINE
194 if (r->engine)
195 ENGINE_finish(r->engine);
196#endif
197
198 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
199
200 if (r->p != NULL) BN_clear_free(r->p);
201 if (r->g != NULL) BN_clear_free(r->g);
202 if (r->q != NULL) BN_clear_free(r->q);
203 if (r->j != NULL) BN_clear_free(r->j);
204 if (r->seed) OPENSSL_free(r->seed);
205 if (r->counter != NULL) BN_clear_free(r->counter);
206 if (r->pub_key != NULL) BN_clear_free(r->pub_key);
207 if (r->priv_key != NULL) BN_clear_free(r->priv_key);
208 OPENSSL_free(r);
209 }
210
211int DH_up_ref(DH *r)
212 {
213 int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
214#ifdef REF_PRINT
215 REF_PRINT("DH",r);
216#endif
217#ifdef REF_CHECK
218 if (i < 2)
219 {
220 fprintf(stderr, "DH_up, bad reference count\n");
221 abort();
222 }
223#endif
224 return ((i > 1) ? 1 : 0);
225 }
226
227int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
228 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
229 {
230 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
231 new_func, dup_func, free_func);
232 }
233
234int DH_set_ex_data(DH *d, int idx, void *arg)
235 {
236 return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
237 }
238
239void *DH_get_ex_data(DH *d, int idx)
240 {
241 return(CRYPTO_get_ex_data(&d->ex_data,idx));
242 }
243
244int DH_size(const DH *dh)
245 {
246 return(BN_num_bytes(dh->p));
247 }
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
new file mode 100644
index 0000000000..b76dede771
--- /dev/null
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -0,0 +1,216 @@
1/* crypto/dh/dhtest.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include "../e_os.h"
64
65#include <openssl/crypto.h>
66#include <openssl/bio.h>
67#include <openssl/bn.h>
68#include <openssl/rand.h>
69#include <openssl/err.h>
70
71#ifdef OPENSSL_NO_DH
72int main(int argc, char *argv[])
73{
74 printf("No DH support\n");
75 return(0);
76}
77#else
78#include <openssl/dh.h>
79
80#ifdef OPENSSL_SYS_WIN16
81#define MS_CALLBACK _far _loadds
82#else
83#define MS_CALLBACK
84#endif
85
86static void MS_CALLBACK cb(int p, int n, void *arg);
87
88static const char rnd_seed[] = "string to make the random number generator think it has entropy";
89
90int main(int argc, char *argv[])
91 {
92 DH *a;
93 DH *b=NULL;
94 char buf[12];
95 unsigned char *abuf=NULL,*bbuf=NULL;
96 int i,alen,blen,aout,bout,ret=1;
97 BIO *out;
98
99 CRYPTO_malloc_debug_init();
100 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
101 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
102
103#ifdef OPENSSL_SYS_WIN32
104 CRYPTO_malloc_init();
105#endif
106
107 RAND_seed(rnd_seed, sizeof rnd_seed);
108
109 out=BIO_new(BIO_s_file());
110 if (out == NULL) EXIT(1);
111 BIO_set_fp(out,stdout,BIO_NOCLOSE);
112
113 a=DH_generate_parameters(64,DH_GENERATOR_5,cb,out);
114 if (a == NULL) goto err;
115
116 if (!DH_check(a, &i)) goto err;
117 if (i & DH_CHECK_P_NOT_PRIME)
118 BIO_puts(out, "p value is not prime\n");
119 if (i & DH_CHECK_P_NOT_SAFE_PRIME)
120 BIO_puts(out, "p value is not a safe prime\n");
121 if (i & DH_UNABLE_TO_CHECK_GENERATOR)
122 BIO_puts(out, "unable to check the generator value\n");
123 if (i & DH_NOT_SUITABLE_GENERATOR)
124 BIO_puts(out, "the g value is not a generator\n");
125
126 BIO_puts(out,"\np =");
127 BN_print(out,a->p);
128 BIO_puts(out,"\ng =");
129 BN_print(out,a->g);
130 BIO_puts(out,"\n");
131
132 b=DH_new();
133 if (b == NULL) goto err;
134
135 b->p=BN_dup(a->p);
136 b->g=BN_dup(a->g);
137 if ((b->p == NULL) || (b->g == NULL)) goto err;
138
139 /* Set a to run with normal modexp and b to use constant time */
140 a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
141 b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
142
143 if (!DH_generate_key(a)) goto err;
144 BIO_puts(out,"pri 1=");
145 BN_print(out,a->priv_key);
146 BIO_puts(out,"\npub 1=");
147 BN_print(out,a->pub_key);
148 BIO_puts(out,"\n");
149
150 if (!DH_generate_key(b)) goto err;
151 BIO_puts(out,"pri 2=");
152 BN_print(out,b->priv_key);
153 BIO_puts(out,"\npub 2=");
154 BN_print(out,b->pub_key);
155 BIO_puts(out,"\n");
156
157 alen=DH_size(a);
158 abuf=(unsigned char *)OPENSSL_malloc(alen);
159 aout=DH_compute_key(abuf,b->pub_key,a);
160
161 BIO_puts(out,"key1 =");
162 for (i=0; i<aout; i++)
163 {
164 sprintf(buf,"%02X",abuf[i]);
165 BIO_puts(out,buf);
166 }
167 BIO_puts(out,"\n");
168
169 blen=DH_size(b);
170 bbuf=(unsigned char *)OPENSSL_malloc(blen);
171 bout=DH_compute_key(bbuf,a->pub_key,b);
172
173 BIO_puts(out,"key2 =");
174 for (i=0; i<bout; i++)
175 {
176 sprintf(buf,"%02X",bbuf[i]);
177 BIO_puts(out,buf);
178 }
179 BIO_puts(out,"\n");
180 if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
181 {
182 fprintf(stderr,"Error in DH routines\n");
183 ret=1;
184 }
185 else
186 ret=0;
187err:
188 ERR_print_errors_fp(stderr);
189
190 if (abuf != NULL) OPENSSL_free(abuf);
191 if (bbuf != NULL) OPENSSL_free(bbuf);
192 if(b != NULL) DH_free(b);
193 if(a != NULL) DH_free(a);
194 BIO_free(out);
195 CRYPTO_cleanup_all_ex_data();
196 ERR_remove_state(0);
197 CRYPTO_mem_leaks_fp(stderr);
198 EXIT(ret);
199 return(ret);
200 }
201
202static void MS_CALLBACK cb(int p, int n, void *arg)
203 {
204 char c='*';
205
206 if (p == 0) c='.';
207 if (p == 1) c='+';
208 if (p == 2) c='*';
209 if (p == 3) c='\n';
210 BIO_write((BIO *)arg,&c,1);
211 (void)BIO_flush((BIO *)arg);
212#ifdef LINT
213 p=n;
214#endif
215 }
216#endif
diff --git a/src/lib/libcrypto/dh/example b/src/lib/libcrypto/dh/example
new file mode 100644
index 0000000000..16a33d2910
--- /dev/null
+++ b/src/lib/libcrypto/dh/example
@@ -0,0 +1,50 @@
1From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
2Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
3 (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
4Received: by minbne.mincom.oz.au id AA19958
5 (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
6Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
7 Wed, 27 Sep 1995 19:13:05 +1000
8Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
9 Wed, 27 Sep 1995 04:48:46 -0400
10Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
11Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
12Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
13 by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
14 for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
15Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
16 id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
17Date: Mon, 25 Sep 1995 17:50:51 -0700
18From: Phil Karn <karn@qualcomm.com>
19Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
20To: cypherpunks@toad.com, ipsec-dev@eit.com
21Subject: Primality verification needed
22Sender: owner-cypherpunks@toad.com
23Precedence: bulk
24Status: RO
25X-Status:
26
27Hi. I've generated a 2047-bit "strong" prime number that I would like to
28use with Diffie-Hellman key exchange. I assert that not only is this number
29'p' prime, but so is (p-1)/2.
30
31I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
321.3.2 to test this number. This function uses the Miller-Rabin primality test.
33However, to increase my confidence that this number really is a strong prime,
34I'd like to ask others to confirm it with other tests. Here's the number in hex:
35
3672a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
37fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
38a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
39fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
403d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
41ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
4256a05180c3bec7ddd5ef6fe76b1f717b
43
44The generator, g, for this prime is 2.
45
46Thanks!
47
48Phil Karn
49
50
diff --git a/src/lib/libcrypto/dh/generate b/src/lib/libcrypto/dh/generate
new file mode 100644
index 0000000000..5d407231df
--- /dev/null
+++ b/src/lib/libcrypto/dh/generate
@@ -0,0 +1,65 @@
1From: stewarts@ix.netcom.com (Bill Stewart)
2Newsgroups: sci.crypt
3Subject: Re: Diffie-Hellman key exchange
4Date: Wed, 11 Oct 1995 23:08:28 GMT
5Organization: Freelance Information Architect
6Lines: 32
7Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
8References: <458rhn$76m$1@mhadf.production.compuserve.com>
9NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
10X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
11X-Newsreader: Forte Free Agent 1.0.82
12
13Kent Briggs <72124.3234@CompuServe.COM> wrote:
14
15>I have a copy of the 1976 IEEE article describing the
16>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
17>looking for sources that give examples of secure a,q pairs and
18>possible some source code that I could examine.
19
20q should be prime, and ideally should be a "strong prime",
21which means it's of the form 2n+1 where n is also prime.
22q also needs to be long enough to prevent the attacks LaMacchia and
23Odlyzko described (some variant on a factoring attack which generates
24a large pile of simultaneous equations and then solves them);
25long enough is about the same size as factoring, so 512 bits may not
26be secure enough for most applications. (The 192 bits used by
27"secure NFS" was certainly not long enough.)
28
29a should be a generator for q, which means it needs to be
30relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
31work.
32
33....
34
35Date: Tue, 26 Sep 1995 13:52:36 MST
36From: "Richard Schroeppel" <rcs@cs.arizona.edu>
37To: karn
38Cc: ho@cs.arizona.edu
39Subject: random large primes
40
41Since your prime is really random, proving it is hard.
42My personal limit on rigorously proved primes is ~350 digits.
43If you really want a proof, we should talk to Francois Morain,
44or the Australian group.
45
46If you want 2 to be a generator (mod P), then you need it
47to be a non-square. If (P-1)/2 is also prime, then
48non-square == primitive-root for bases << P.
49
50In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
51If you want this, you should restrict your sieve accordingly.
52
533 is a generator iff P = 5 (mod 12).
54
555 is a generator iff P = 3 or 7 (mod 10).
56
572 is perfectly usable as a base even if it's a non-generator, since
58it still covers half the space of possible residues. And an
59eavesdropper can always determine the low-bit of your exponent for
60a generator anyway.
61
62Rich rcs@cs.arizona.edu
63
64
65
diff --git a/src/lib/libcrypto/dh/p1024.c b/src/lib/libcrypto/dh/p1024.c
new file mode 100644
index 0000000000..368ceca4eb
--- /dev/null
+++ b/src/lib/libcrypto/dh/p1024.c
@@ -0,0 +1,92 @@
1/* crypto/dh/p1024.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
66 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
67 0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
68 0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
69 0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
70 0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
71 0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
72 0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
73 0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
74 0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
75 0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
76 0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
77 0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
78 0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
79 0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
80 0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
81 };
82
83main()
84 {
85 DH *dh;
86
87 dh=DH_new();
88 dh->p=BN_bin2bn(data,sizeof(data),NULL);
89 dh->g=BN_new();
90 BN_set_word(dh->g,2);
91 PEM_write_DHparams(stdout,dh);
92 }
diff --git a/src/lib/libcrypto/dh/p192.c b/src/lib/libcrypto/dh/p192.c
new file mode 100644
index 0000000000..7bdf40410e
--- /dev/null
+++ b/src/lib/libcrypto/dh/p192.c
@@ -0,0 +1,80 @@
1/* crypto/dh/p192.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={
660xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
670xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
680xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
69 };
70
71main()
72 {
73 DH *dh;
74
75 dh=DH_new();
76 dh->p=BN_bin2bn(data,sizeof(data),NULL);
77 dh->g=BN_new();
78 BN_set_word(dh->g,3);
79 PEM_write_DHparams(stdout,dh);
80 }
diff --git a/src/lib/libcrypto/dh/p512.c b/src/lib/libcrypto/dh/p512.c
new file mode 100644
index 0000000000..a9b6aa83f0
--- /dev/null
+++ b/src/lib/libcrypto/dh/p512.c
@@ -0,0 +1,85 @@
1/* crypto/dh/p512.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <openssl/bn.h>
61#include <openssl/asn1.h>
62#include <openssl/dh.h>
63#include <openssl/pem.h>
64
65unsigned char data[]={
660xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
670xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
680xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
690xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
700x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
710xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
720xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
730xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
74 };
75
76main()
77 {
78 DH *dh;
79
80 dh=DH_new();
81 dh->p=BN_bin2bn(data,sizeof(data),NULL);
82 dh->g=BN_new();
83 BN_set_word(dh->g,2);
84 PEM_write_DHparams(stdout,dh);
85 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 09:44:35 +0000