]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_apple_csp/open_ssl/dh/dh_key.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-59306.101.1.tar.gz
[apple/security.git] / OSX / libsecurity_apple_csp / open_ssl / dh / dh_key.c
1 /*
2 * Copyright (c) 2000-2002,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18 /* crypto/dh/dh_key.c */
19 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
20 * All rights reserved.
21 *
22 * This package is an SSL implementation written
23 * by Eric Young (eay@cryptsoft.com).
24 * The implementation was written so as to conform with Netscapes SSL.
25 *
26 * This library is free for commercial and non-commercial use as long as
27 * the following conditions are aheared to. The following conditions
28 * apply to all code found in this distribution, be it the RC4, RSA,
29 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
30 * included with this distribution is covered by the same copyright terms
31 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
32 *
33 * Copyright remains Eric Young's, and as such any Copyright notices in
34 * the code are not to be removed.
35 * If this package is used in a product, Eric Young should be given attribution
36 * as the author of the parts of the library used.
37 * This can be in the form of a textual message at program startup or
38 * in documentation (online or textual) provided with the package.
39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 * 1. Redistributions of source code must retain the copyright
44 * notice, this list of conditions and the following disclaimer.
45 * 2. Redistributions in binary form must reproduce the above copyright
46 * notice, this list of conditions and the following disclaimer in the
47 * documentation and/or other materials provided with the distribution.
48 * 3. All advertising materials mentioning features or use of this software
49 * must display the following acknowledgement:
50 * "This product includes cryptographic software written by
51 * Eric Young (eay@cryptsoft.com)"
52 * The word 'cryptographic' can be left out if the rouines from the library
53 * being used are not cryptographic related :-).
54 * 4. If you include any Windows specific code (or a derivative thereof) from
55 * the apps directory (application code) you must include an acknowledgement:
56 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
57 *
58 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
59 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
60 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
61 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
62 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
63 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
64 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
65 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
66 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
67 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
68 * SUCH DAMAGE.
69 *
70 * The licence and distribution terms for any publically available version or
71 * derivative of this code cannot be changed. i.e. this code cannot simply be
72 * copied and put under another distribution licence
73 * [including the GNU Public Licence.]
74 */
75
76 #include <stdio.h>
77 #include "cryptlib.h"
78 #include <openssl/bn_legacy.h>
79 #include <openssl/rand.h>
80 #include <openssl/dh_legacy.h>
81
82 static int generate_key(DH *dh);
83 static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
84 static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
85 const BIGNUM *m, BN_CTX *ctx,
86 BN_MONT_CTX *m_ctx);
87 static int dh_init(DH *dh);
88 static int dh_finish(DH *dh);
89
90 int DH_generate_key(DH *dh)
91 {
92 return dh->meth->generate_key(dh);
93 }
94
95 int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
96 {
97 return dh->meth->compute_key(key, pub_key, dh);
98 }
99
100 static DH_METHOD dh_ossl = {
101 "OpenSSL DH Method",
102 generate_key,
103 compute_key,
104 dh_bn_mod_exp,
105 dh_init,
106 dh_finish,
107 0,
108 NULL
109 };
110
111 DH_METHOD *DH_OpenSSL(void)
112 {
113 return &dh_ossl;
114 }
115
116 static int generate_key(DH *dh)
117 {
118 int ok=0;
119 BN_CTX ctx;
120 BN_MONT_CTX *mont;
121 BIGNUM *pub_key=NULL,*priv_key=NULL;
122
123 BN_CTX_init(&ctx);
124
125 if (dh->priv_key == NULL)
126 {
127 priv_key=BN_new();
128 if (priv_key == NULL) goto err;
129 do
130 if (!BN_rand_range(priv_key, dh->p)) goto err;
131 while (BN_is_zero(priv_key));
132 }
133 else
134 priv_key=dh->priv_key;
135
136 if (dh->pub_key == NULL)
137 {
138 pub_key=BN_new();
139 if (pub_key == NULL) goto err;
140 }
141 else
142 pub_key=dh->pub_key;
143
144 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
145 {
146 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
147 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
148 dh->p,&ctx)) goto err;
149 }
150 mont=(BN_MONT_CTX *)dh->method_mont_p;
151
152 if (!dh->meth->bn_mod_exp(dh, pub_key,dh->g,priv_key,dh->p,&ctx,mont))
153 goto err;
154
155 dh->pub_key=pub_key;
156 dh->priv_key=priv_key;
157 ok=1;
158 err:
159 if (ok != 1)
160 DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
161
162 if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
163 if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
164 BN_CTX_free(&ctx);
165 return(ok);
166 }
167
168 static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh)
169 {
170 BN_CTX ctx;
171 BN_MONT_CTX *mont;
172 BIGNUM *tmp;
173 int ret= -1;
174
175 BN_CTX_init(&ctx);
176 BN_CTX_start(&ctx);
177 tmp = BN_CTX_get(&ctx);
178
179 if (dh->priv_key == NULL)
180 {
181 DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
182 goto err;
183 }
184 if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
185 {
186 if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
187 if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
188 dh->p,&ctx)) goto err;
189 }
190
191 mont=(BN_MONT_CTX *)dh->method_mont_p;
192 if (!dh->meth->bn_mod_exp(dh, tmp,pub_key,dh->priv_key,dh->p,&ctx,mont))
193 {
194 DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
195 goto err;
196 }
197
198 ret=BN_bn2bin(tmp,key);
199 err:
200 BN_CTX_end(&ctx);
201 BN_CTX_free(&ctx);
202 return(ret);
203 }
204
205 static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
206 const BIGNUM *m, BN_CTX *ctx,
207 BN_MONT_CTX *m_ctx)
208 {
209 if (a->top == 1)
210 {
211 BN_ULONG A = a->d[0];
212 return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
213 }
214 else
215 return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx);
216 }
217
218
219 static int dh_init(DH *dh)
220 {
221 dh->flags |= DH_FLAG_CACHE_MONT_P;
222 return(1);
223 }
224
225 static int dh_finish(DH *dh)
226 {
227 if(dh->method_mont_p)
228 BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
229 return(1);
230 }
mirror of Security