LTKCPP-- LLRP Toolkit C Plus Plus Library
dh.h
00001 /* crypto/dh/dh.h */
00002 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
00003  * All rights reserved.
00004  *
00005  * This package is an SSL implementation written
00006  * by Eric Young (eay@cryptsoft.com).
00007  * The implementation was written so as to conform with Netscapes SSL.
00008  *
00009  * This library is free for commercial and non-commercial use as long as
00010  * the following conditions are aheared to.  The following conditions
00011  * apply to all code found in this distribution, be it the RC4, RSA,
00012  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
00013  * included with this distribution is covered by the same copyright terms
00014  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
00015  *
00016  * Copyright remains Eric Young's, and as such any Copyright notices in
00017  * the code are not to be removed.
00018  * If this package is used in a product, Eric Young should be given attribution
00019  * as the author of the parts of the library used.
00020  * This can be in the form of a textual message at program startup or
00021  * in documentation (online or textual) provided with the package.
00022  *
00023  * Redistribution and use in source and binary forms, with or without
00024  * modification, are permitted provided that the following conditions
00025  * are met:
00026  * 1. Redistributions of source code must retain the copyright
00027  *    notice, this list of conditions and the following disclaimer.
00028  * 2. Redistributions in binary form must reproduce the above copyright
00029  *    notice, this list of conditions and the following disclaimer in the
00030  *    documentation and/or other materials provided with the distribution.
00031  * 3. All advertising materials mentioning features or use of this software
00032  *    must display the following acknowledgement:
00033  *    "This product includes cryptographic software written by
00034  *     Eric Young (eay@cryptsoft.com)"
00035  *    The word 'cryptographic' can be left out if the rouines from the library
00036  *    being used are not cryptographic related :-).
00037  * 4. If you include any Windows specific code (or a derivative thereof) from
00038  *    the apps directory (application code) you must include an acknowledgement:
00039  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
00040  *
00041  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
00042  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00043  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00044  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
00045  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
00046  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
00047  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
00048  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
00049  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
00050  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
00051  * SUCH DAMAGE.
00052  *
00053  * The licence and distribution terms for any publically available version or
00054  * derivative of this code cannot be changed.  i.e. this code cannot simply be
00055  * copied and put under another distribution licence
00056  * [including the GNU Public Licence.]
00057  */
00058 
00059 #ifndef HEADER_DH_H
00060 # define HEADER_DH_H
00061 
00062 # include <openssl/e_os2.h>
00063 
00064 # ifdef OPENSSL_NO_DH
00065 #  error DH is disabled.
00066 # endif
00067 
00068 # ifndef OPENSSL_NO_BIO
00069 #  include <openssl/bio.h>
00070 # endif
00071 # include <openssl/ossl_typ.h>
00072 # ifndef OPENSSL_NO_DEPRECATED
00073 #  include <openssl/bn.h>
00074 # endif
00075 
00076 # ifndef OPENSSL_DH_MAX_MODULUS_BITS
00077 #  define OPENSSL_DH_MAX_MODULUS_BITS    10000
00078 # endif
00079 
00080 # define DH_FLAG_CACHE_MONT_P     0x01
00081 
00082 /*
00083  * new with 0.9.7h; the built-in DH
00084  * implementation now uses constant time
00085  * modular exponentiation for secret exponents
00086  * by default. This flag causes the
00087  * faster variable sliding window method to
00088  * be used for all exponents.
00089  */
00090 # define DH_FLAG_NO_EXP_CONSTTIME 0x02
00091 
00092 /*
00093  * If this flag is set the DH method is FIPS compliant and can be used in
00094  * FIPS mode. This is set in the validated module method. If an application
00095  * sets this flag in its own methods it is its reposibility to ensure the
00096  * result is compliant.
00097  */
00098 
00099 # define DH_FLAG_FIPS_METHOD                     0x0400
00100 
00101 /*
00102  * If this flag is set the operations normally disabled in FIPS mode are
00103  * permitted it is then the applications responsibility to ensure that the
00104  * usage is compliant.
00105  */
00106 
00107 # define DH_FLAG_NON_FIPS_ALLOW                  0x0400
00108 
00109 #ifdef  __cplusplus
00110 extern "C" {
00111 #endif
00112 
00113 /* Already defined in ossl_typ.h */
00114 /* typedef struct dh_st DH; */
00115 /* typedef struct dh_method DH_METHOD; */
00116 
00117 struct dh_method {
00118     const char *name;
00119     /* Methods here */
00120     int (*generate_key) (DH *dh);
00121     int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
00122     /* Can be null */
00123     int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
00124                        const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
00125                        BN_MONT_CTX *m_ctx);
00126     int (*init) (DH *dh);
00127     int (*finish) (DH *dh);
00128     int flags;
00129     char *app_data;
00130     /* If this is non-NULL, it will be used to generate parameters */
00131     int (*generate_params) (DH *dh, int prime_len, int generator,
00132                             BN_GENCB *cb);
00133 };
00134 
00135 struct dh_st {
00136     /*
00137      * This first argument is used to pick up errors when a DH is passed
00138      * instead of a EVP_PKEY
00139      */
00140     int pad;
00141     int version;
00142     BIGNUM *p;
00143     BIGNUM *g;
00144     long length;                /* optional */
00145     BIGNUM *pub_key;            /* g^x */
00146     BIGNUM *priv_key;           /* x */
00147     int flags;
00148     BN_MONT_CTX *method_mont_p;
00149     /* Place holders if we want to do X9.42 DH */
00150     BIGNUM *q;
00151     BIGNUM *j;
00152     unsigned char *seed;
00153     int seedlen;
00154     BIGNUM *counter;
00155     int references;
00156     CRYPTO_EX_DATA ex_data;
00157     const DH_METHOD *meth;
00158     ENGINE *engine;
00159 };
00160 
00161 # define DH_GENERATOR_2          2
00162 /* #define DH_GENERATOR_3       3 */
00163 # define DH_GENERATOR_5          5
00164 
00165 /* DH_check error codes */
00166 # define DH_CHECK_P_NOT_PRIME            0x01
00167 # define DH_CHECK_P_NOT_SAFE_PRIME       0x02
00168 # define DH_UNABLE_TO_CHECK_GENERATOR    0x04
00169 # define DH_NOT_SUITABLE_GENERATOR       0x08
00170 # define DH_CHECK_Q_NOT_PRIME            0x10
00171 # define DH_CHECK_INVALID_Q_VALUE        0x20
00172 # define DH_CHECK_INVALID_J_VALUE        0x40
00173 
00174 /* DH_check_pub_key error codes */
00175 # define DH_CHECK_PUBKEY_TOO_SMALL       0x01
00176 # define DH_CHECK_PUBKEY_TOO_LARGE       0x02
00177 
00178 /*
00179  * primes p where (p-1)/2 is prime too are called "safe"; we define this for
00180  * backward compatibility:
00181  */
00182 # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
00183 
00184 # define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
00185                 (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
00186 # define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
00187                 (unsigned char *)(x))
00188 # define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
00189 # define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
00190 
00191 DH *DHparams_dup(DH *);
00192 
00193 const DH_METHOD *DH_OpenSSL(void);
00194 
00195 void DH_set_default_method(const DH_METHOD *meth);
00196 const DH_METHOD *DH_get_default_method(void);
00197 int DH_set_method(DH *dh, const DH_METHOD *meth);
00198 DH *DH_new_method(ENGINE *engine);
00199 
00200 DH *DH_new(void);
00201 void DH_free(DH *dh);
00202 int DH_up_ref(DH *dh);
00203 int DH_size(const DH *dh);
00204 int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
00205                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
00206 int DH_set_ex_data(DH *d, int idx, void *arg);
00207 void *DH_get_ex_data(DH *d, int idx);
00208 
00209 /* Deprecated version */
00210 # ifndef OPENSSL_NO_DEPRECATED
00211 DH *DH_generate_parameters(int prime_len, int generator,
00212                            void (*callback) (int, int, void *), void *cb_arg);
00213 # endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
00214 
00215 /* New version */
00216 int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
00217                               BN_GENCB *cb);
00218 
00219 int DH_check(const DH *dh, int *codes);
00220 int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
00221 int DH_generate_key(DH *dh);
00222 int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
00223 int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
00224 DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
00225 int i2d_DHparams(const DH *a, unsigned char **pp);
00226 DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
00227 int i2d_DHxparams(const DH *a, unsigned char **pp);
00228 # ifndef OPENSSL_NO_FP_API
00229 int DHparams_print_fp(FILE *fp, const DH *x);
00230 # endif
00231 # ifndef OPENSSL_NO_BIO
00232 int DHparams_print(BIO *bp, const DH *x);
00233 # else
00234 int DHparams_print(char *bp, const DH *x);
00235 # endif
00236 
00237 /* RFC 5114 parameters */
00238 DH *DH_get_1024_160(void);
00239 DH *DH_get_2048_224(void);
00240 DH *DH_get_2048_256(void);
00241 
00242 /* RFC2631 KDF */
00243 int DH_KDF_X9_42(unsigned char *out, size_t outlen,
00244                  const unsigned char *Z, size_t Zlen,
00245                  ASN1_OBJECT *key_oid,
00246                  const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
00247 
00248 # define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
00249         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
00250                         EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
00251 
00252 # define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
00253         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
00254                         EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
00255 
00256 # define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
00257         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
00258                         EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
00259 
00260 # define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
00261         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
00262                         EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
00263 
00264 # define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
00265         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
00266                         EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
00267 
00268 # define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
00269         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
00270                         EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
00271 
00272 # define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
00273         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00274                                 EVP_PKEY_OP_DERIVE, \
00275                                 EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
00276 
00277 # define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
00278         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00279                                 EVP_PKEY_OP_DERIVE, \
00280                                 EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
00281 
00282 # define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
00283         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00284                                 EVP_PKEY_OP_DERIVE, \
00285                                 EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
00286 
00287 # define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
00288         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00289                                 EVP_PKEY_OP_DERIVE, \
00290                                 EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
00291 
00292 # define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
00293         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00294                                 EVP_PKEY_OP_DERIVE, \
00295                                 EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
00296 
00297 # define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
00298         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00299                                 EVP_PKEY_OP_DERIVE, \
00300                                 EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
00301 
00302 # define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
00303         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00304                                 EVP_PKEY_OP_DERIVE, \
00305                                 EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
00306 
00307 # define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
00308         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00309                                 EVP_PKEY_OP_DERIVE, \
00310                         EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
00311 
00312 # define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
00313         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00314                                 EVP_PKEY_OP_DERIVE, \
00315                                 EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
00316 
00317 # define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
00318         EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
00319                                 EVP_PKEY_OP_DERIVE, \
00320                                 EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
00321 
00322 # define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN     (EVP_PKEY_ALG_CTRL + 1)
00323 # define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR     (EVP_PKEY_ALG_CTRL + 2)
00324 # define EVP_PKEY_CTRL_DH_RFC5114                (EVP_PKEY_ALG_CTRL + 3)
00325 # define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN  (EVP_PKEY_ALG_CTRL + 4)
00326 # define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE          (EVP_PKEY_ALG_CTRL + 5)
00327 # define EVP_PKEY_CTRL_DH_KDF_TYPE               (EVP_PKEY_ALG_CTRL + 6)
00328 # define EVP_PKEY_CTRL_DH_KDF_MD                 (EVP_PKEY_ALG_CTRL + 7)
00329 # define EVP_PKEY_CTRL_GET_DH_KDF_MD             (EVP_PKEY_ALG_CTRL + 8)
00330 # define EVP_PKEY_CTRL_DH_KDF_OUTLEN             (EVP_PKEY_ALG_CTRL + 9)
00331 # define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN         (EVP_PKEY_ALG_CTRL + 10)
00332 # define EVP_PKEY_CTRL_DH_KDF_UKM                (EVP_PKEY_ALG_CTRL + 11)
00333 # define EVP_PKEY_CTRL_GET_DH_KDF_UKM            (EVP_PKEY_ALG_CTRL + 12)
00334 # define EVP_PKEY_CTRL_DH_KDF_OID                (EVP_PKEY_ALG_CTRL + 13)
00335 # define EVP_PKEY_CTRL_GET_DH_KDF_OID            (EVP_PKEY_ALG_CTRL + 14)
00336 
00337 /* KDF types */
00338 # define EVP_PKEY_DH_KDF_NONE                            1
00339 # define EVP_PKEY_DH_KDF_X9_42                           2
00340 
00341 /* BEGIN ERROR CODES */
00342 /*
00343  * The following lines are auto generated by the script mkerr.pl. Any changes
00344  * made after this point may be overwritten when the script is next run.
00345  */
00346 void ERR_load_DH_strings(void);
00347 
00348 /* Error codes for the DH functions. */
00349 
00350 /* Function codes. */
00351 # define DH_F_COMPUTE_KEY                                 102
00352 # define DH_F_DHPARAMS_PRINT_FP                           101
00353 # define DH_F_DH_BUILTIN_GENPARAMS                        106
00354 # define DH_F_DH_CMS_DECRYPT                              117
00355 # define DH_F_DH_CMS_SET_PEERKEY                          118
00356 # define DH_F_DH_CMS_SET_SHARED_INFO                      119
00357 # define DH_F_DH_COMPUTE_KEY                              114
00358 # define DH_F_DH_GENERATE_KEY                             115
00359 # define DH_F_DH_GENERATE_PARAMETERS_EX                   116
00360 # define DH_F_DH_NEW_METHOD                               105
00361 # define DH_F_DH_PARAM_DECODE                             107
00362 # define DH_F_DH_PRIV_DECODE                              110
00363 # define DH_F_DH_PRIV_ENCODE                              111
00364 # define DH_F_DH_PUB_DECODE                               108
00365 # define DH_F_DH_PUB_ENCODE                               109
00366 # define DH_F_DO_DH_PRINT                                 100
00367 # define DH_F_GENERATE_KEY                                103
00368 # define DH_F_GENERATE_PARAMETERS                         104
00369 # define DH_F_PKEY_DH_DERIVE                              112
00370 # define DH_F_PKEY_DH_KEYGEN                              113
00371 
00372 /* Reason codes. */
00373 # define DH_R_BAD_GENERATOR                               101
00374 # define DH_R_BN_DECODE_ERROR                             109
00375 # define DH_R_BN_ERROR                                    106
00376 # define DH_R_DECODE_ERROR                                104
00377 # define DH_R_INVALID_PUBKEY                              102
00378 # define DH_R_KDF_PARAMETER_ERROR                         112
00379 # define DH_R_KEYS_NOT_SET                                108
00380 # define DH_R_KEY_SIZE_TOO_SMALL                          110
00381 # define DH_R_MODULUS_TOO_LARGE                           103
00382 # define DH_R_NON_FIPS_METHOD                             111
00383 # define DH_R_NO_PARAMETERS_SET                           107
00384 # define DH_R_NO_PRIVATE_VALUE                            100
00385 # define DH_R_PARAMETER_ENCODING_ERROR                    105
00386 # define DH_R_PEER_KEY_ERROR                              113
00387 # define DH_R_SHARED_INFO_ERROR                           114
00388 
00389 #ifdef  __cplusplus
00390 }
00391 #endif
00392 #endif