Commit 8b63ecfc authored by Brian Wellington's avatar Brian Wellington
Browse files

Added OpenSSL Diffie-Hellman code

parent 916f55f0
......@@ -39,9 +39,10 @@ LIBS = @LIBS@
OBJS = bn_add.@O@ bn_asm.@O@ bn_comba.@O@ bn_div.@O@ \
bn_err.@O@ bn_exp.@O@ bn_exp2.@O@ bn_gcd.@O@ \
bn_lib.@O@ bn_mont.@O@ bn_mul.@O@ \
bn_prime.@O@ bn_rand.@O@ bn_recp.@O@ \
bn_prime.@O@ bn_print.@O@ bn_rand.@O@ bn_recp.@O@ \
bn_shift.@O@ bn_sqr.@O@ bn_word.@O@ buffer.@O@ \
cryptlib.@O@ dsa_asn1.@O@ dsa_err.@O@ dsa_gen.@O@ \
cryptlib.@O@ dh_err.@O@ dh_gen.@O@ dh_key.@O@ \
dh_lib.@O@ dsa_asn1.@O@ dsa_err.@O@ dsa_gen.@O@ \
dsa_key.@O@ dsa_lib.@O@ dsa_sign.@O@ dsa_vrf.@O@ \
err.@O@ lhash.@O@ md_rand.@O@ md5_dgst.@O@ mem.@O@ \
rand_lib.@O@ sha1_one.@O@ sha1dgst.@O@ stack.@O@ \
......@@ -50,9 +51,10 @@ OBJS = bn_add.@O@ bn_asm.@O@ bn_comba.@O@ bn_div.@O@ \
SRCS = bn_add.c bn_asm.c bn_comba.c bn_div.c \
bn_err.c bn_exp.c bn_exp2.c bn_gcd.c \
bn_lib.c bn_mont.c bn_mul.c \
bn_prime.c bn_rand.c bn_recp.c \
bn_prime.c bn_print.c bn_rand.c bn_recp.c \
bn_shift.c bn_sqr.c bn_word.c buffer.c \
cryptlib.c dsa_asn1.c dsa_err.c dsa_gen.c \
cryptlib.c dh_err.c dh_gen.c dh_key.c dh_lib.c \
dsa_asn1.c dsa_err.c dsa_gen.c \
dsa_key.c dsa_lib.c dsa_sign.c dsa_vrf.c \
err.c lhash.c md_rand.c md5_dgst.c mem.c \
rand_lib.c sha1_one.c sha1dgst.c stack.c \
......
......@@ -233,6 +233,7 @@ extern "C" {
/* BEW */
#define OPENSSL_EXTERN extern
#define NO_BIO
OPENSSL_EXTERN int bn_limit_bits;
OPENSSL_EXTERN int bn_limit_num; /* (1<<bn_limit_bits) */
......
/* crypto/bn/bn_print.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <ctype.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
#include "bn_lcl.h"
static const char *Hex="0123456789ABCDEF";
/* Must 'Free' the returned data */
char *BN_bn2hex(const BIGNUM *a)
{
int i,j,v,z=0;
char *buf;
char *p;
buf=(char *)Malloc(a->top*BN_BYTES*2+2);
if (buf == NULL)
{
BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
goto err;
}
p=buf;
if (a->neg) *(p++)='-';
if (a->top == 0) *(p++)='0';
for (i=a->top-1; i >=0; i--)
{
for (j=BN_BITS2-8; j >= 0; j-=8)
{
/* strip leading zeros */
v=((int)(a->d[i]>>(long)j))&0xff;
if (z || (v != 0))
{
*(p++)=Hex[v>>4];
*(p++)=Hex[v&0x0f];
z=1;
}
}
}
*p='\0';
err:
return(buf);
}
#if 0
/* Must 'Free' the returned data */
char *BN_bn2dec(const BIGNUM *a)
{
int i=0,num;
char *buf=NULL;
char *p;
BIGNUM *t=NULL;
BN_ULONG *bn_data=NULL,*lp;
i=BN_num_bits(a)*3;
num=(i/10+i/1000+3)+1;
bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
buf=(char *)Malloc(num+3);
if ((buf == NULL) || (bn_data == NULL))
{
BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
goto err;
}
if ((t=BN_dup(a)) == NULL) goto err;
p=buf;
lp=bn_data;
if (t->neg) *(p++)='-';
if (t->top == 0)
{
*(p++)='0';
*(p++)='\0';
}
else
{
i=0;
while (!BN_is_zero(t))
{
*lp=BN_div_word(t,BN_DEC_CONV);
lp++;
}
lp--;
/* We now have a series of blocks, BN_DEC_NUM chars
* in length, where the last one needs trucation.
* The blocks need to be reversed in order. */
sprintf(p,BN_DEC_FMT1,*lp);
while (*p) p++;
while (lp != bn_data)
{
lp--;
sprintf(p,BN_DEC_FMT2,*lp);
while (*p) p++;
}
}
err:
if (bn_data != NULL) Free(bn_data);
if (t != NULL) BN_free(t);
return(buf);
}
#endif
int BN_hex2bn(BIGNUM **bn, const char *a)
{
BIGNUM *ret=NULL;
BN_ULONG l=0;
int neg=0,h,m,i,j,k,c;
int num;
if ((a == NULL) || (*a == '\0')) return(0);
if (*a == '-') { neg=1; a++; }
for (i=0; isxdigit((unsigned char) a[i]); i++)
;
num=i+neg;
if (bn == NULL) return(num);
/* a is the start of the hex digets, and it is 'i' long */
if (*bn == NULL)
{
if ((ret=BN_new()) == NULL) return(0);
}
else
{
ret= *bn;
BN_zero(ret);
}
/* i is the number of hex digests; */
if (bn_expand(ret,i*4) == NULL) goto err;
j=i; /* least significate 'hex' */
m=0;
h=0;
while (j > 0)
{
m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
l=0;
for (;;)
{
c=a[j-m];
if ((c >= '0') && (c <= '9')) k=c-'0';
else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
else k=0; /* paranoia */
l=(l<<4)|k;
if (--m <= 0)
{
ret->d[h++]=l;
break;
}
}
j-=(BN_BYTES*2);
}
ret->top=h;
bn_fix_top(ret);
ret->neg=neg;
*bn=ret;
return(num);
err:
if (*bn == NULL) BN_free(ret);
return(0);
}
#if 0
int BN_dec2bn(BIGNUM **bn, const char *a)
{
BIGNUM *ret=NULL;
BN_ULONG l=0;
int neg=0,i,j;
int num;
if ((a == NULL) || (*a == '\0')) return(0);
if (*a == '-') { neg=1; a++; }
for (i=0; isdigit((unsigned char) a[i]); i++)
;
num=i+neg;
if (bn == NULL) return(num);
/* a is the start of the digets, and it is 'i' long.
* We chop it into BN_DEC_NUM digets at a time */
if (*bn == NULL)
{
if ((ret=BN_new()) == NULL) return(0);
}
else
{
ret= *bn;
BN_zero(ret);
}
/* i is the number of digests, a bit of an over expand; */
if (bn_expand(ret,i*4) == NULL) goto err;
j=BN_DEC_NUM-(i%BN_DEC_NUM);
if (j == BN_DEC_NUM) j=0;
l=0;
while (*a)
{
l*=10;
l+= *a-'0';
a++;
if (++j == BN_DEC_NUM)
{
BN_mul_word(ret,BN_DEC_CONV);
BN_add_word(ret,l);
l=0;
j=0;
}
}
ret->neg=neg;
bn_fix_top(ret);
*bn=ret;
return(num);
err:
if (*bn == NULL) BN_free(ret);
return(0);
}
#endif
#ifndef NO_BIO
#ifndef NO_FP_API
int BN_print_fp(FILE *fp, BIGNUM *a)
{
BIO *b;
int ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
return(0);
BIO_set_fp(b,fp,BIO_NOCLOSE);
ret=BN_print(b,a);
BIO_free(b);
return(ret);
}
#endif
int BN_print(BIO *bp, const BIGNUM *a)
{
int i,j,v,z=0;
int ret=0;
if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
for (i=a->top-1; i >=0; i--)
{
for (j=BN_BITS2-4; j >= 0; j-=4)
{
/* strip leading zeros */
v=((int)(a->d[i]>>(long)j))&0x0f;
if (z || (v != 0))
{
if (BIO_write(bp,&(Hex[v]),1) != 1)
goto end;
z=1;
}
}
}
ret=1;
end:
return(ret);
}
#endif
/* crypto/dh/dh_err.c */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* NOTE: this file was auto generated by the mkerr.pl script: any changes
* made to it will be overwritten when the script next updates this file.
*/
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/dh.h>
/* BEGIN ERROR CODES */
#ifndef NO_ERR
static ERR_STRING_DATA DH_str_functs[]=
{
{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"},
{0,NULL}
};
static ERR_STRING_DATA DH_str_reasons[]=
{
{DH_R_NO_PRIVATE_VALUE ,"no private value"},
{0,NULL}
};
#endif
void ERR_load_DH_strings(void)
{
static int init=1;
if (init)
{
init=0;
#ifndef NO_ERR
ERR_load_strings(ERR_LIB_DH,DH_str_functs);
ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
#endif
}
}
/* crypto/dh/dh_gen.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/dh.h>
/* We generate DH parameters as follows
* find a prime q which is prime_len/2 bits long.
* p=(2*q)+1 or (p-1)/2 = q
* For this case, g is a generator if
* g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
* Since the factors of p-1 are q and 2, we just need to check
* g^2 mod p != 1 and g^q mod p != 1.
*
* Having said all that,
* there is another special case method for the generators 2, 3 and 5.
* for 2, p mod 24 == 11
* for 3, p mod 12 == 5 <<<<< does not work for strong primes.
* for 5, p mod 10 == 3 or 7
*
* Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
* special generators and for answering some of my questions.
*
* I've implemented the second simple method :-).
* Since DH should be using a strong prime (both p and q are prime),
* this generator function can take a very very long time to run.
*/
DH *DH_generate_parameters(int prime_len, int generator,
void (*callback)(int,int,void *), void *cb_arg)
{
BIGNUM *p=NULL,*t1,*t2;
DH *ret=NULL;
int g,ok= -1;
BN_CTX *ctx=NULL;
ret=DH_new();
if (ret == NULL) goto err;
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
t1= &(ctx->bn[0]);
t2= &(ctx->bn[1]);
ctx->tos=2;
if (generator == DH_GENERATOR_2)
{
BN_set_word(t1,24);
BN_set_word(t2,11);
g=2;
}
#ifdef undef /* does not work for strong primes */
else if (generator == DH_GENERATOR_3)
{
BN_set_word(t1,12);
BN_set_word(t2,5);
g=3;
}
#endif
else if (generator == DH_GENERATOR_5)
{
BN_set_word(t1,10);
BN_set_word(t2,3);
/* BN_set_word(t3,7); just have to miss
* out on these ones :-( */
g=5;
}
else
g=generator;
p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg);
if (p == NULL) goto err;
if (callback != NULL) callback(3,0,cb_arg);
ret->p=p;
ret->g=BN_new();
if (!BN_set_word(ret->g,g)) goto err;
ok=1;
err:
if (ok == -1)
{
DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
ok=0;
}
if (ctx != NULL) BN_CTX_free(ctx);
if (!ok && (ret != NULL))
{
DH_free(ret);
ret=NULL;
}
return(ret);
}
/* crypto/dh/dh_key.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*