diff options
author | Ralf S. Engelschall <rse@openssl.org> | 1998-12-21 10:52:47 +0000 |
---|---|---|
committer | Ralf S. Engelschall <rse@openssl.org> | 1998-12-21 10:52:47 +0000 |
commit | d02b48c63a58ea4367a0e905979f140b7d090f86 (patch) | |
tree | 504f62ed3d84799f785b9cd9fab255a21b0e1b0e /crypto/dh |
Import of old SSLeay release: SSLeay 0.8.1b
Diffstat (limited to 'crypto/dh')
-rw-r--r-- | crypto/dh/Makefile.ssl | 84 | ||||
-rw-r--r-- | crypto/dh/dh.err | 12 | ||||
-rw-r--r-- | crypto/dh/dh.h | 162 | ||||
-rw-r--r-- | crypto/dh/dh1024.pem | 5 | ||||
-rw-r--r-- | crypto/dh/dh192.pem | 3 | ||||
-rw-r--r-- | crypto/dh/dh2048.pem | 16 | ||||
-rw-r--r-- | crypto/dh/dh4096.pem | 14 | ||||
-rw-r--r-- | crypto/dh/dh512.pem | 4 | ||||
-rw-r--r-- | crypto/dh/dh_check.c | 120 | ||||
-rw-r--r-- | crypto/dh/dh_err.c | 90 | ||||
-rw-r--r-- | crypto/dh/dh_gen.c | 149 | ||||
-rw-r--r-- | crypto/dh/dh_key.c | 142 | ||||
-rw-r--r-- | crypto/dh/dh_lib.c | 100 | ||||
-rw-r--r-- | crypto/dh/dhtest.c | 187 | ||||
-rw-r--r-- | crypto/dh/example | 50 | ||||
-rw-r--r-- | crypto/dh/generate | 65 | ||||
-rw-r--r-- | crypto/dh/p1024.c | 92 | ||||
-rw-r--r-- | crypto/dh/p192.c | 80 | ||||
-rw-r--r-- | crypto/dh/p512.c | 85 |
19 files changed, 1460 insertions, 0 deletions
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl new file mode 100644 index 0000000000..7e0c1e1049 --- /dev/null +++ b/crypto/dh/Makefile.ssl @@ -0,0 +1,84 @@ +# +# SSLeay/crypto/dh/Makefile +# + +DIR= dh +TOP= ../.. +CC= cc +INCLUDES= -I.. -I../../include +CFLAG=-g +INSTALLTOP=/usr/local/ssl +MAKE= make -f Makefile.ssl +MAKEDEPEND= makedepend -f Makefile.ssl +MAKEFILE= Makefile.ssl +AR= ar r + +CFLAGS= $(INCLUDES) $(CFLAG) + +ERR=dh +ERRC=dh_err +GENERAL=Makefile +TEST= dhtest.c +APPS= + +LIB=$(TOP)/libcrypto.a +LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c $(ERRC).c +LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o $(ERRC).o + +SRC= $(LIBSRC) + +EXHEADER= dh.h +HEADER= $(EXHEADER) + +ALL= $(GENERAL) $(SRC) $(HEADER) + +top: + (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) + +all: lib + +lib: $(LIBOBJ) + $(AR) $(LIB) $(LIBOBJ) + sh $(TOP)/util/ranlib.sh $(LIB) + @touch lib + +files: + perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO + +links: + /bin/rm -f Makefile + $(TOP)/util/point.sh Makefile.ssl Makefile ; + $(TOP)/util/mklink.sh ../../include $(EXHEADER) + $(TOP)/util/mklink.sh ../../test $(TEST) + $(TOP)/util/mklink.sh ../../apps $(APPS) + +install: + @for i in $(EXHEADER) ; \ + do \ + (cp $$i $(INSTALLTOP)/include/$$i; \ + chmod 644 $(INSTALLTOP)/include/$$i ); \ + done; + +tags: + ctags $(SRC) + +tests: + +lint: + lint -DLINT $(INCLUDES) $(SRC)>fluff + +depend: + $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC) + +dclean: + perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new + mv -f Makefile.new $(MAKEFILE) + +clean: + /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff + +errors: + perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h + perl ../err/err_genc.pl $(ERR).h $(ERRC).c + +# DO NOT DELETE THIS LINE -- make depend depends on it. diff --git a/crypto/dh/dh.err b/crypto/dh/dh.err new file mode 100644 index 0000000000..a4fe746985 --- /dev/null +++ b/crypto/dh/dh.err @@ -0,0 +1,12 @@ +/* Error codes for the DH functions. */ + +/* Function codes. */ +#define DH_F_DHPARAMS_PRINT 100 +#define DH_F_DHPARAMS_PRINT_FP 101 +#define DH_F_DH_COMPUTE_KEY 102 +#define DH_F_DH_GENERATE_KEY 103 +#define DH_F_DH_GENERATE_PARAMETERS 104 +#define DH_F_DH_NEW 105 + +/* Reason codes. */ +#define DH_R_NO_PRIVATE_VALUE 100 diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h new file mode 100644 index 0000000000..44978028b7 --- /dev/null +++ b/crypto/dh/dh.h @@ -0,0 +1,162 @@ +/* crypto/dh/dh.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_DH_H +#define HEADER_DH_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef HEADER_BN_H +#define BIGNUM char +#endif + +typedef struct dh_st + { + /* This first argument is used to pick up errors when + * a DH is passed instead of a EVP_PKEY */ + int pad; + int version; + BIGNUM *p; + BIGNUM *g; + int length; /* optional */ + BIGNUM *pub_key; /* y */ + BIGNUM *priv_key; /* x */ + } DH; + +#define DH_GENERATOR_2 2 +/* #define DH_GENERATOR_3 3 */ +#define DH_GENERATOR_5 5 + +/* DH_check error codes */ +#define DH_CHECK_P_NOT_PRIME 0x01 +#define DH_CHECK_P_NOT_STRONG_PRIME 0x02 +#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 +#define DH_NOT_SUITABLE_GENERATOR 0x08 + +#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ + (char *(*)())d2i_DHparams,(char *)(x)) +#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ + (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) +#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ + (unsigned char *)(x)) +#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \ + (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x)) +#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \ + (unsigned char *)(x)) + +#ifndef NOPROTO +DH * DH_new(void); +void DH_free(DH *dh); +int DH_size(DH *dh); +DH * DH_generate_parameters(int prime_len,int generator, + void (*callback)(int,int)); +int DH_check(DH *dh,int *codes); +int DH_generate_key(DH *dh); +int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); +DH * d2i_DHparams(DH **a,unsigned char **pp, long length); +int i2d_DHparams(DH *a,unsigned char **pp); +#ifndef WIN16 +int DHparams_print_fp(FILE *fp, DH *x); +#endif +#ifdef HEADER_BIO_H +int DHparams_print(BIO *bp, DH *x); +#else +int DHparams_print(char *bp, DH *x); +#endif +void ERR_load_DH_strings(void ); + +#else + +DH * DH_new(); +void DH_free(); +int DH_size(); +DH * DH_generate_parameters(); +int DH_check(); +int DH_generate_key(); +int DH_compute_key(); +DH * d2i_DHparams(); +int i2d_DHparams(); +#ifndef WIN16 +int DHparams_print_fp(); +#endif +int DHparams_print(); +void ERR_load_DH_strings(); + +#endif + +/* BEGIN ERROR CODES */ +/* Error codes for the DH functions. */ + +/* Function codes. */ +#define DH_F_DHPARAMS_PRINT 100 +#define DH_F_DHPARAMS_PRINT_FP 101 +#define DH_F_DH_COMPUTE_KEY 102 +#define DH_F_DH_GENERATE_KEY 103 +#define DH_F_DH_GENERATE_PARAMETERS 104 +#define DH_F_DH_NEW 105 + +/* Reason codes. */ +#define DH_R_NO_PRIVATE_VALUE 100 + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/crypto/dh/dh1024.pem b/crypto/dh/dh1024.pem new file mode 100644 index 0000000000..81d43f6a3e --- /dev/null +++ b/crypto/dh/dh1024.pem @@ -0,0 +1,5 @@ +-----BEGIN DH PARAMETERS----- +MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq +/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx +/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC +-----END DH PARAMETERS----- diff --git a/crypto/dh/dh192.pem b/crypto/dh/dh192.pem new file mode 100644 index 0000000000..521c07271d --- /dev/null +++ b/crypto/dh/dh192.pem @@ -0,0 +1,3 @@ +-----BEGIN DH PARAMETERS----- +MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM= +-----END DH PARAMETERS----- diff --git a/crypto/dh/dh2048.pem b/crypto/dh/dh2048.pem new file mode 100644 index 0000000000..295460f508 --- /dev/null +++ b/crypto/dh/dh2048.pem @@ -0,0 +1,16 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o +AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh +z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo +pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW +aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA +Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg== +-----END DH PARAMETERS----- +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5 +8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F +SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt +gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok +yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N +a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg== +-----END DH PARAMETERS----- diff --git a/crypto/dh/dh4096.pem b/crypto/dh/dh4096.pem new file mode 100644 index 0000000000..390943a21d --- /dev/null +++ b/crypto/dh/dh4096.pem @@ -0,0 +1,14 @@ +-----BEGIN DH PARAMETERS----- +MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7 +vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H +TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF +bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1 +rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE +EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9 +bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3 +W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH +ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb +NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR +jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI= +-----END DH PARAMETERS----- + diff --git a/crypto/dh/dh512.pem b/crypto/dh/dh512.pem new file mode 100644 index 0000000000..0a4d863ebe --- /dev/null +++ b/crypto/dh/dh512.pem @@ -0,0 +1,4 @@ +-----BEGIN DH PARAMETERS----- +MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn +a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC +-----END DH PARAMETERS----- diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c new file mode 100644 index 0000000000..8da8dc8393 --- /dev/null +++ b/crypto/dh/dh_check.c @@ -0,0 +1,120 @@ +/* crypto/dh/dh_check.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" +#include "bn.h" +#include "dh.h" + +/* Check that p is a strong prime and + * if g is 2, 3 or 5, check that is is a suitable generator + * where + * for 2, p mod 24 == 11 + * for 3, p mod 12 == 5 + * for 5, p mod 10 == 3 or 7 + * should hold. + */ + +int DH_check(dh,ret) +DH *dh; +int *ret; + { + int ok=0; + BN_CTX *ctx=NULL; + BN_ULONG l; + BIGNUM *q=NULL; + + *ret=0; + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + q=BN_new(); + if (q == NULL) goto err; + + if (BN_is_word(dh->g,DH_GENERATOR_2)) + { + l=BN_mod_word(dh->p,24); + if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; + } +/* else if (BN_is_word(dh->g,DH_GENERATOR_3)) + { + l=BN_mod_word(dh->p,12); + if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; + }*/ + else if (BN_is_word(dh->g,DH_GENERATOR_5)) + { + l=BN_mod_word(dh->p,10); + if ((l != 3) && (l != 7)) + *ret|=DH_NOT_SUITABLE_GENERATOR; + } + else + *ret|=DH_UNABLE_TO_CHECK_GENERATOR; + + if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx)) + *ret|=DH_CHECK_P_NOT_PRIME; + else + { + if (!BN_rshift1(q,dh->p)) goto err; + if (!BN_is_prime(q,BN_prime_checks,NULL,ctx)) + *ret|=DH_CHECK_P_NOT_STRONG_PRIME; + } + ok=1; +err: + if (ctx != NULL) BN_CTX_free(ctx); + if (q != NULL) BN_free(q); + return(ok); + } diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c new file mode 100644 index 0000000000..1950f43f62 --- /dev/null +++ b/crypto/dh/dh_err.c @@ -0,0 +1,90 @@ +/* lib/dh/dh_err.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +#include <stdio.h> +#include "err.h" +#include "dh.h" + +/* BEGIN ERROR CODES */ +static ERR_STRING_DATA DH_str_functs[]= + { +{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"}, +{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"}, +{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"}, +{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"}, +{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"}, +{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"}, +{0,NULL}, + }; + +static ERR_STRING_DATA DH_str_reasons[]= + { +{DH_R_NO_PRIVATE_VALUE ,"no private value"}, +{0,NULL}, + }; + +void ERR_load_DH_strings() + { + static int init=1; + + if (init) + { + init=0; + ERR_load_strings(ERR_LIB_DH,DH_str_functs); + ERR_load_strings(ERR_LIB_DH,DH_str_reasons); + } + } diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c new file mode 100644 index 0000000000..ff4f18e1e0 --- /dev/null +++ b/crypto/dh/dh_gen.c @@ -0,0 +1,149 @@ +/* crypto/dh/dh_gen.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" +#include "bn.h" +#include "dh.h" + +/* We generate DH parameters as follows + * find a prime q which is prime_len/2 bits long. + * p=(2*q)+1 or (p-1)/2 = q + * For this case, g is a generator if + * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. + * Since the factors of p-1 are q and 2, we just need to check + * g^2 mod p != 1 and g^q mod p != 1. + * + * Having said all that, + * there is another special case method for the generators 2, 3 and 5. + * for 2, p mod 24 == 11 + * for 3, p mod 12 == 5 <<<<< does not work for strong primes. + * for 5, p mod 10 == 3 or 7 + * + * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the + * special generators and for answering some of my questions. + * + * I've implemented the second simple method :-). + * Since DH should be using a strong prime (both p and q are prime), + * this generator function can take a very very long time to run. + */ + +DH *DH_generate_parameters(prime_len,generator,callback) +int prime_len; +int generator; +void (*callback)(P_I_I); + { + BIGNUM *p=NULL,*t1,*t2; + DH *ret=NULL; + int g,ok= -1; + BN_CTX *ctx=NULL; + + ret=DH_new(); + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + t1=ctx->bn[0]; + t2=ctx->bn[1]; + ctx->tos=2; + + if (generator == DH_GENERATOR_2) + { + BN_set_word(t1,24); + BN_set_word(t2,11); + g=2; + } +#ifdef undef /* does not work for strong primes */ + else if (generator == DH_GENERATOR_3) + { + BN_set_word(t1,12); + BN_set_word(t2,5); + g=3; + } +#endif + else if (generator == DH_GENERATOR_5) + { + BN_set_word(t1,10); + BN_set_word(t2,3); + /* BN_set_word(t3,7); just have to miss + * out on these ones :-( */ + g=5; + } + else + g=generator; + + p=BN_generate_prime(prime_len,1,t1,t2,callback); + if (p == NULL) goto err; + if (callback != NULL) callback(3,0); + ret->p=p; + ret->g=BN_new(); + if (!BN_set_word(ret->g,g)) goto err; + ok=1; +err: + if (ok == -1) + { + DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); + ok=0; + } + + if (ctx != NULL) BN_CTX_free(ctx); + if (!ok && (ret != NULL)) + { + DH_free(ret); + ret=NULL; + } + return(ret); + } diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c new file mode 100644 index 0000000000..12f47c4574 --- /dev/null +++ b/crypto/dh/dh_key.c @@ -0,0 +1,142 @@ +/* crypto/dh/dh_key.c */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include "cryptlib.h" +#include "bn.h" +#include "rand.h" +#include "dh.h" + +int DH_generate_key(dh) +DH *dh; + { + int ok=0; + unsigned int i; + BN_CTX *ctx=NULL; + BIGNUM *pub_key=NULL,*priv_key=NULL; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + + if (dh->priv_key == NULL) + { + i=dh->length; + if (i == 0) + { + /* Make the number p-1 bits long */ + i=BN_num_bits(dh->p)-1; + } + priv_key=BN_new(); + if (priv_key == NULL) goto err; + if (!BN_rand(priv_key,i,0,0)) goto err; + } + else + priv_key=dh->priv_key; + + if (dh->pub_key == NULL) + { + pub_key=BN_new(); + if (pub_key == NULL) goto err; + } + else + pub_key=dh->pub_key; + + if (!BN_mod_exp(pub_key,dh->g,priv_key,dh->p,ctx)) goto err; + + dh->pub_key=pub_key; + dh->priv_key=priv_key; + ok=1; +err: + if (ok != 1) + DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); + + if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); + if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); + if (ctx != NULL) BN_CTX_free(ctx); + return(ok); + } + +int DH_compute_key(key,pub_key,dh) +unsigned char *key; +BIGNUM *pub_key; +DH *dh; + { + BN_CTX *ctx; + BIGNUM *tmp; + int ret= -1; + + ctx=BN_CTX_new(); + if (ctx == NULL) goto err; + tmp=ctx->bn[ctx->tos++]; + + if (dh->priv_key == NULL) + { + DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); + goto err; + } + if (!BN_mod_exp(tmp,pub_key,dh->priv_key,dh->p,ctx)) + { + DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); + goto err; + } + + ret=BN_bn2bin(tmp,key); +err: + if (ctx != NULL) BN_CTX_free(ctx); + return(ret); + } |