crypto: Implement new crypto API functions for DH

author Jouni Malinen <j@w1.fi>

Sun, 24 Dec 2017 15:25:39 +0000 (17:25 +0200)

committer Jouni Malinen <j@w1.fi>

Sun, 24 Dec 2017 15:36:04 +0000 (17:36 +0200)
author Jouni Malinen <j@w1.fi>
Sun, 24 Dec 2017 15:25:39 +0000 (17:25 +0200)
committer Jouni Malinen <j@w1.fi>
Sun, 24 Dec 2017 15:36:04 +0000 (17:36 +0200)
diff --git a/src/crypto/crypto_gnutls.c b/src/crypto/crypto_gnutls.c

index 31a580e658c64ede223864d717d898d37122a918..e6e8e119fea6319923c57bb000b7d7033074b6f1 100644 (file)
--- a/src/crypto/crypto_gnutls.c
+++ b/src/crypto/crypto_gnutls.c
@@ -154,6 +154,42 @@ void aes_decrypt_deinit(void *ctx)
  }
  
  
+int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
+                  u8 *pubkey)
+{
+       size_t pubkey_len, pad;
+
+       if (os_get_random(privkey, prime_len) < 0)
+               return -1;
+       if (os_memcmp(privkey, prime, prime_len) > 0) {
+               /* Make sure private value is smaller than prime */
+               privkey[0] = 0;
+       }
+
+       pubkey_len = prime_len;
+       if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len,
+                          pubkey, &pubkey_len) < 0)
+               return -1;
+       if (pubkey_len < prime_len) {
+               pad = prime_len - pubkey_len;
+               os_memmove(pubkey + pad, pubkey, pubkey_len);
+               os_memset(pubkey, 0, pad);
+       }
+
+       return 0;
+}
+
+
+int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
+                           const u8 *privkey, size_t privkey_len,
+                           const u8 *pubkey, size_t pubkey_len,
+                           u8 *secret, size_t *len)
+{
+       return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
+                             prime, prime_len, secret, len);
+}
+
+
  int crypto_mod_exp(const u8 *base, size_t base_len,
                    const u8 *power, size_t power_len,
                    const u8 *modulus, size_t modulus_len,
diff --git a/src/crypto/crypto_internal-modexp.c b/src/crypto/crypto_internal-modexp.c

index 9dcabb95bdd2a403e7f71f06ed9a3005e9d0d059..92581ac676d31883a58951d5681940ce7823c1a0 100644 (file)
--- a/src/crypto/crypto_internal-modexp.c
+++ b/src/crypto/crypto_internal-modexp.c
@@ -13,6 +13,42 @@
  #include "crypto.h"
  
  
+int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
+                  u8 *pubkey)
+{
+       size_t pubkey_len, pad;
+
+       if (os_get_random(privkey, prime_len) < 0)
+               return -1;
+       if (os_memcmp(privkey, prime, prime_len) > 0) {
+               /* Make sure private value is smaller than prime */
+               privkey[0] = 0;
+       }
+
+       pubkey_len = prime_len;
+       if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len,
+                          pubkey, &pubkey_len) < 0)
+               return -1;
+       if (pubkey_len < prime_len) {
+               pad = prime_len - pubkey_len;
+               os_memmove(pubkey + pad, pubkey, pubkey_len);
+               os_memset(pubkey, 0, pad);
+       }
+
+       return 0;
+}
+
+
+int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
+                           const u8 *privkey, size_t privkey_len,
+                           const u8 *pubkey, size_t pubkey_len,
+                           u8 *secret, size_t *len)
+{
+       return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
+                             prime, prime_len, secret, len);
+}
+
+
  int crypto_mod_exp(const u8 *base, size_t base_len,
                    const u8 *power, size_t power_len,
                    const u8 *modulus, size_t modulus_len,
diff --git a/src/crypto/crypto_libtomcrypt.c b/src/crypto/crypto_libtomcrypt.c

index b80ad576cc6ce193ab7ebd04edf00c58644d71d5..259f99500bcd3b69823efd0b5d12b7e97a6a08c2 100644 (file)
--- a/src/crypto/crypto_libtomcrypt.c
+++ b/src/crypto/crypto_libtomcrypt.c
@@ -694,6 +694,42 @@ void crypto_global_deinit(void)
  
  #ifdef CONFIG_MODEXP
  
+int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
+                  u8 *pubkey)
+{
+       size_t pubkey_len, pad;
+
+       if (os_get_random(privkey, prime_len) < 0)
+               return -1;
+       if (os_memcmp(privkey, prime, prime_len) > 0) {
+               /* Make sure private value is smaller than prime */
+               privkey[0] = 0;
+       }
+
+       pubkey_len = prime_len;
+       if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len,
+                          pubkey, &pubkey_len) < 0)
+               return -1;
+       if (pubkey_len < prime_len) {
+               pad = prime_len - pubkey_len;
+               os_memmove(pubkey + pad, pubkey, pubkey_len);
+               os_memset(pubkey, 0, pad);
+       }
+
+       return 0;
+}
+
+
+int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
+                           const u8 *privkey, size_t privkey_len,
+                           const u8 *pubkey, size_t pubkey_len,
+                           u8 *secret, size_t *len)
+{
+       return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
+                             prime, prime_len, secret, len);
+}
+
+
  int crypto_mod_exp(const u8 *base, size_t base_len,
                    const u8 *power, size_t power_len,
                    const u8 *modulus, size_t modulus_len,
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c

index 4a908c29a72b77eeb44e8d12aee01ada6f707fa8..b63b35e9f29a3a9eb2f028391a0bc10e05f5d0f1 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -486,6 +486,42 @@ int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len)
  }
  
  
+int crypto_dh_init(u8 generator, const u8 *prime, size_t prime_len, u8 *privkey,
+                  u8 *pubkey)
+{
+       size_t pubkey_len, pad;
+
+       if (os_get_random(privkey, prime_len) < 0)
+               return -1;
+       if (os_memcmp(privkey, prime, prime_len) > 0) {
+               /* Make sure private value is smaller than prime */
+               privkey[0] = 0;
+       }
+
+       pubkey_len = prime_len;
+       if (crypto_mod_exp(&generator, 1, privkey, prime_len, prime, prime_len,
+                          pubkey, &pubkey_len) < 0)
+               return -1;
+       if (pubkey_len < prime_len) {
+               pad = prime_len - pubkey_len;
+               os_memmove(pubkey + pad, pubkey, pubkey_len);
+               os_memset(pubkey, 0, pad);
+       }
+
+       return 0;
+}
+
+
+int crypto_dh_derive_secret(u8 generator, const u8 *prime, size_t prime_len,
+                           const u8 *privkey, size_t privkey_len,
+                           const u8 *pubkey, size_t pubkey_len,
+                           u8 *secret, size_t *len)
+{
+       return crypto_mod_exp(pubkey, pubkey_len, privkey, privkey_len,
+                             prime, prime_len, secret, len);
+}
+
+
  int crypto_mod_exp(const u8 *base, size_t base_len,
                    const u8 *power, size_t power_len,
                    const u8 *modulus, size_t modulus_len,
author	Jouni Malinen <j@w1.fi>
	Sun, 24 Dec 2017 15:25:39 +0000 (17:25 +0200)
committer	Jouni Malinen <j@w1.fi>
	Sun, 24 Dec 2017 15:36:04 +0000 (17:36 +0200)
src/crypto/crypto_gnutls.c		patch \| blob \| blame \| history
src/crypto/crypto_internal-modexp.c		patch \| blob \| blame \| history
src/crypto/crypto_libtomcrypt.c		patch \| blob \| blame \| history
src/crypto/crypto_openssl.c		patch \| blob \| blame \| history