]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* crypto/dh/dh_lib.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 8 | * |
d02b48c6 RE |
9 | * This library is free for commercial and non-commercial use as long as |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 15 | * |
d02b48c6 RE |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 22 | * |
d02b48c6 RE |
23 | * Redistribution and use in source and binary forms, with or without |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
0f113f3e | 37 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
38 | * the apps directory (application code) you must include an acknowledgement: |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 40 | * |
d02b48c6 RE |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
0f113f3e | 52 | * |
d02b48c6 RE |
53 | * The licence and distribution terms for any publically available version or |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
60 | #include "cryptlib.h" | |
ec577822 BM |
61 | #include <openssl/bn.h> |
62 | #include <openssl/dh.h> | |
0b13e9f0 | 63 | #ifndef OPENSSL_NO_ENGINE |
0f113f3e | 64 | # include <openssl/engine.h> |
0b13e9f0 | 65 | #endif |
d02b48c6 | 66 | |
0f113f3e | 67 | const char DH_version[] = "Diffie-Hellman" OPENSSL_VERSION_PTEXT; |
d02b48c6 | 68 | |
3a644582 | 69 | static const DH_METHOD *default_DH_method = NULL; |
13066cee | 70 | |
cb78486d | 71 | void DH_set_default_method(const DH_METHOD *meth) |
0f113f3e MC |
72 | { |
73 | default_DH_method = meth; | |
74 | } | |
13066cee | 75 | |
cb78486d | 76 | const DH_METHOD *DH_get_default_method(void) |
0f113f3e MC |
77 | { |
78 | if (!default_DH_method) | |
79 | default_DH_method = DH_OpenSSL(); | |
80 | return default_DH_method; | |
81 | } | |
13066cee | 82 | |
cb78486d | 83 | int DH_set_method(DH *dh, const DH_METHOD *meth) |
0f113f3e MC |
84 | { |
85 | /* | |
86 | * NB: The caller is specifically setting a method, so it's not up to us | |
87 | * to deal with which ENGINE it comes from. | |
88 | */ | |
89 | const DH_METHOD *mtmp; | |
90 | mtmp = dh->meth; | |
91 | if (mtmp->finish) | |
92 | mtmp->finish(dh); | |
0b13e9f0 | 93 | #ifndef OPENSSL_NO_ENGINE |
0f113f3e MC |
94 | if (dh->engine) { |
95 | ENGINE_finish(dh->engine); | |
96 | dh->engine = NULL; | |
97 | } | |
0b13e9f0 | 98 | #endif |
0f113f3e MC |
99 | dh->meth = meth; |
100 | if (meth->init) | |
101 | meth->init(dh); | |
102 | return 1; | |
103 | } | |
13066cee | 104 | |
6b691a5c | 105 | DH *DH_new(void) |
0f113f3e MC |
106 | { |
107 | return DH_new_method(NULL); | |
108 | } | |
13066cee | 109 | |
5270e702 | 110 | DH *DH_new_method(ENGINE *engine) |
0f113f3e MC |
111 | { |
112 | DH *ret; | |
13066cee | 113 | |
0f113f3e MC |
114 | ret = (DH *)OPENSSL_malloc(sizeof(DH)); |
115 | if (ret == NULL) { | |
116 | DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE); | |
117 | return (NULL); | |
118 | } | |
0c9de428 | 119 | |
0f113f3e | 120 | ret->meth = DH_get_default_method(); |
0b13e9f0 | 121 | #ifndef OPENSSL_NO_ENGINE |
0f113f3e MC |
122 | if (engine) { |
123 | if (!ENGINE_init(engine)) { | |
124 | DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB); | |
125 | OPENSSL_free(ret); | |
126 | return NULL; | |
127 | } | |
128 | ret->engine = engine; | |
129 | } else | |
130 | ret->engine = ENGINE_get_default_DH(); | |
131 | if (ret->engine) { | |
132 | ret->meth = ENGINE_get_DH(ret->engine); | |
133 | if (!ret->meth) { | |
134 | DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB); | |
135 | ENGINE_finish(ret->engine); | |
136 | OPENSSL_free(ret); | |
137 | return NULL; | |
138 | } | |
139 | } | |
0b13e9f0 | 140 | #endif |
cb78486d | 141 | |
0f113f3e MC |
142 | ret->pad = 0; |
143 | ret->version = 0; | |
144 | ret->p = NULL; | |
145 | ret->g = NULL; | |
146 | ret->length = 0; | |
147 | ret->pub_key = NULL; | |
148 | ret->priv_key = NULL; | |
149 | ret->q = NULL; | |
150 | ret->j = NULL; | |
151 | ret->seed = NULL; | |
152 | ret->seedlen = 0; | |
153 | ret->counter = NULL; | |
154 | ret->method_mont_p = NULL; | |
155 | ret->references = 1; | |
156 | ret->flags = ret->meth->flags; | |
157 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); | |
158 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { | |
0b13e9f0 | 159 | #ifndef OPENSSL_NO_ENGINE |
0f113f3e MC |
160 | if (ret->engine) |
161 | ENGINE_finish(ret->engine); | |
0b13e9f0 | 162 | #endif |
0f113f3e MC |
163 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); |
164 | OPENSSL_free(ret); | |
165 | ret = NULL; | |
166 | } | |
167 | return (ret); | |
168 | } | |
d02b48c6 | 169 | |
6b691a5c | 170 | void DH_free(DH *r) |
0f113f3e MC |
171 | { |
172 | int i; | |
173 | if (r == NULL) | |
174 | return; | |
175 | i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); | |
13066cee | 176 | #ifdef REF_PRINT |
0f113f3e | 177 | REF_PRINT("DH", r); |
13066cee | 178 | #endif |
0f113f3e MC |
179 | if (i > 0) |
180 | return; | |
13066cee | 181 | #ifdef REF_CHECK |
0f113f3e MC |
182 | if (i < 0) { |
183 | fprintf(stderr, "DH_free, bad reference count\n"); | |
184 | abort(); | |
185 | } | |
13066cee DSH |
186 | #endif |
187 | ||
0f113f3e MC |
188 | if (r->meth->finish) |
189 | r->meth->finish(r); | |
0b13e9f0 | 190 | #ifndef OPENSSL_NO_ENGINE |
0f113f3e MC |
191 | if (r->engine) |
192 | ENGINE_finish(r->engine); | |
0b13e9f0 | 193 | #endif |
ac8b4ee0 | 194 | |
0f113f3e | 195 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); |
d50f1bdf | 196 | |
0f113f3e MC |
197 | if (r->p != NULL) |
198 | BN_clear_free(r->p); | |
199 | if (r->g != NULL) | |
200 | BN_clear_free(r->g); | |
201 | if (r->q != NULL) | |
202 | BN_clear_free(r->q); | |
203 | if (r->j != NULL) | |
204 | BN_clear_free(r->j); | |
205 | if (r->seed) | |
206 | OPENSSL_free(r->seed); | |
207 | if (r->counter != NULL) | |
208 | BN_clear_free(r->counter); | |
209 | if (r->pub_key != NULL) | |
210 | BN_clear_free(r->pub_key); | |
211 | if (r->priv_key != NULL) | |
212 | BN_clear_free(r->priv_key); | |
213 | OPENSSL_free(r); | |
214 | } | |
d02b48c6 | 215 | |
dc2a33d6 | 216 | int DH_up_ref(DH *r) |
0f113f3e MC |
217 | { |
218 | int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH); | |
5cbc2e8b | 219 | #ifdef REF_PRINT |
0f113f3e | 220 | REF_PRINT("DH", r); |
5cbc2e8b GT |
221 | #endif |
222 | #ifdef REF_CHECK | |
0f113f3e MC |
223 | if (i < 2) { |
224 | fprintf(stderr, "DH_up, bad reference count\n"); | |
225 | abort(); | |
226 | } | |
5cbc2e8b | 227 | #endif |
0f113f3e MC |
228 | return ((i > 1) ? 1 : 0); |
229 | } | |
5cbc2e8b | 230 | |
dd9d233e | 231 | int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
0f113f3e MC |
232 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
233 | { | |
234 | return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp, | |
235 | new_func, dup_func, free_func); | |
236 | } | |
13066cee | 237 | |
dd9d233e | 238 | int DH_set_ex_data(DH *d, int idx, void *arg) |
0f113f3e MC |
239 | { |
240 | return (CRYPTO_set_ex_data(&d->ex_data, idx, arg)); | |
241 | } | |
13066cee | 242 | |
dd9d233e | 243 | void *DH_get_ex_data(DH *d, int idx) |
0f113f3e MC |
244 | { |
245 | return (CRYPTO_get_ex_data(&d->ex_data, idx)); | |
246 | } | |
13066cee | 247 | |
f971ccb2 | 248 | int DH_size(const DH *dh) |
0f113f3e MC |
249 | { |
250 | return (BN_num_bytes(dh->p)); | |
251 | } | |
2514fa79 DSH |
252 | |
253 | int DH_security_bits(const DH *dh) | |
0f113f3e MC |
254 | { |
255 | int N; | |
256 | if (dh->q) | |
257 | N = BN_num_bits(dh->q); | |
258 | else if (dh->length) | |
259 | N = dh->length; | |
260 | else | |
261 | N = -1; | |
262 | return BN_security_bits(BN_num_bits(dh->p), N); | |
263 | } |