62 # include <openssl/e_os2.h>
65 # error DH is disabled.
68 # ifndef OPENSSL_NO_BIO
69 # include <openssl/bio.h>
71 # include <openssl/ossl_typ.h>
72 # ifndef OPENSSL_NO_DEPRECATED
73 # include <openssl/bn.h>
76 # ifndef OPENSSL_DH_MAX_MODULUS_BITS
77 # define OPENSSL_DH_MAX_MODULUS_BITS 10000
80 # define DH_FLAG_CACHE_MONT_P 0x01
90 # define DH_FLAG_NO_EXP_CONSTTIME 0x02
99 # define DH_FLAG_FIPS_METHOD 0x0400
107 # define DH_FLAG_NON_FIPS_ALLOW 0x0400
120 int (*generate_key) (DH *dh);
121 int (*compute_key) (
unsigned char *key,
const BIGNUM *pub_key, DH *dh);
123 int (*bn_mod_exp) (
const DH *dh, BIGNUM *r,
const BIGNUM *a,
124 const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
126 int (*init) (DH *dh);
127 int (*finish) (DH *dh);
131 int (*generate_params) (DH *dh,
int prime_len,
int generator,
148 BN_MONT_CTX *method_mont_p;
156 CRYPTO_EX_DATA ex_data;
157 const DH_METHOD *meth;
161 # define DH_GENERATOR_2 2
163 # define DH_GENERATOR_5 5
166 # define DH_CHECK_P_NOT_PRIME 0x01
167 # define DH_CHECK_P_NOT_SAFE_PRIME 0x02
168 # define DH_UNABLE_TO_CHECK_GENERATOR 0x04
169 # define DH_NOT_SUITABLE_GENERATOR 0x08
170 # define DH_CHECK_Q_NOT_PRIME 0x10
171 # define DH_CHECK_INVALID_Q_VALUE 0x20
172 # define DH_CHECK_INVALID_J_VALUE 0x40
175 # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
176 # define DH_CHECK_PUBKEY_TOO_LARGE 0x02
182 # define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
184 # define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
185 (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
186 # define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
187 (unsigned char *)(x))
188 # define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
189 # define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
191 DH *DHparams_dup(DH *);
193 const DH_METHOD *DH_OpenSSL(
void);
195 void DH_set_default_method(
const DH_METHOD *meth);
196 const DH_METHOD *DH_get_default_method(
void);
197 int DH_set_method(DH *dh,
const DH_METHOD *meth);
198 DH *DH_new_method(ENGINE *engine);
201 void DH_free(DH *dh);
202 int DH_up_ref(DH *dh);
203 int DH_size(
const DH *dh);
204 int DH_get_ex_new_index(
long argl,
void *argp, CRYPTO_EX_new *new_func,
205 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
206 int DH_set_ex_data(DH *d,
int idx,
void *arg);
207 void *DH_get_ex_data(DH *d,
int idx);
210 # ifndef OPENSSL_NO_DEPRECATED
211 DH *DH_generate_parameters(
int prime_len,
int generator,
212 void (*callback) (
int,
int,
void *),
void *cb_arg);
216 int DH_generate_parameters_ex(DH *dh,
int prime_len,
int generator,
219 int DH_check(
const DH *dh,
int *codes);
220 int DH_check_pub_key(
const DH *dh,
const BIGNUM *pub_key,
int *codes);
221 int DH_generate_key(DH *dh);
222 int DH_compute_key(
unsigned char *key,
const BIGNUM *pub_key, DH *dh);
223 int DH_compute_key_padded(
unsigned char *key,
const BIGNUM *pub_key, DH *dh);
224 DH *d2i_DHparams(DH **a,
const unsigned char **pp,
long length);
225 int i2d_DHparams(
const DH *a,
unsigned char **pp);
226 DH *d2i_DHxparams(DH **a,
const unsigned char **pp,
long length);
227 int i2d_DHxparams(
const DH *a,
unsigned char **pp);
228 # ifndef OPENSSL_NO_FP_API
229 int DHparams_print_fp(FILE *fp,
const DH *x);
231 # ifndef OPENSSL_NO_BIO
232 int DHparams_print(BIO *bp,
const DH *x);
234 int DHparams_print(
char *bp,
const DH *x);
238 DH *DH_get_1024_160(
void);
239 DH *DH_get_2048_224(
void);
240 DH *DH_get_2048_256(
void);
243 int DH_KDF_X9_42(
unsigned char *out,
size_t outlen,
244 const unsigned char *Z,
size_t Zlen,
245 ASN1_OBJECT *key_oid,
246 const unsigned char *ukm,
size_t ukmlen,
const EVP_MD *md);
248 # define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
249 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
250 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
252 # define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
253 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
254 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
256 # define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
257 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
258 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
260 # define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
261 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
262 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
264 # define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
265 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
266 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
268 # define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
269 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
270 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
272 # define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
273 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
274 EVP_PKEY_OP_DERIVE, \
275 EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
277 # define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
278 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
279 EVP_PKEY_OP_DERIVE, \
280 EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
282 # define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
283 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
284 EVP_PKEY_OP_DERIVE, \
285 EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
287 # define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
288 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
289 EVP_PKEY_OP_DERIVE, \
290 EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
292 # define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
293 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
294 EVP_PKEY_OP_DERIVE, \
295 EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
297 # define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
298 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
299 EVP_PKEY_OP_DERIVE, \
300 EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
302 # define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
303 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
304 EVP_PKEY_OP_DERIVE, \
305 EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
307 # define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
308 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
309 EVP_PKEY_OP_DERIVE, \
310 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
312 # define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
313 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
314 EVP_PKEY_OP_DERIVE, \
315 EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
317 # define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
318 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
319 EVP_PKEY_OP_DERIVE, \
320 EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
322 # define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
323 # define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
324 # define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
325 # define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
326 # define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
327 # define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
328 # define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
329 # define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
330 # define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
331 # define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
332 # define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
333 # define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
334 # define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
335 # define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
338 # define EVP_PKEY_DH_KDF_NONE 1
339 # define EVP_PKEY_DH_KDF_X9_42 2
346 void ERR_load_DH_strings(
void);
351 # define DH_F_COMPUTE_KEY 102
352 # define DH_F_DHPARAMS_PRINT_FP 101
353 # define DH_F_DH_BUILTIN_GENPARAMS 106
354 # define DH_F_DH_CMS_DECRYPT 117
355 # define DH_F_DH_CMS_SET_PEERKEY 118
356 # define DH_F_DH_CMS_SET_SHARED_INFO 119
357 # define DH_F_DH_COMPUTE_KEY 114
358 # define DH_F_DH_GENERATE_KEY 115
359 # define DH_F_DH_GENERATE_PARAMETERS_EX 116
360 # define DH_F_DH_NEW_METHOD 105
361 # define DH_F_DH_PARAM_DECODE 107
362 # define DH_F_DH_PRIV_DECODE 110
363 # define DH_F_DH_PRIV_ENCODE 111
364 # define DH_F_DH_PUB_DECODE 108
365 # define DH_F_DH_PUB_ENCODE 109
366 # define DH_F_DO_DH_PRINT 100
367 # define DH_F_GENERATE_KEY 103
368 # define DH_F_GENERATE_PARAMETERS 104
369 # define DH_F_PKEY_DH_DERIVE 112
370 # define DH_F_PKEY_DH_KEYGEN 113
373 # define DH_R_BAD_GENERATOR 101
374 # define DH_R_BN_DECODE_ERROR 109
375 # define DH_R_BN_ERROR 106
376 # define DH_R_DECODE_ERROR 104
377 # define DH_R_INVALID_PUBKEY 102
378 # define DH_R_KDF_PARAMETER_ERROR 112
379 # define DH_R_KEYS_NOT_SET 108
380 # define DH_R_KEY_SIZE_TOO_SMALL 110
381 # define DH_R_MODULUS_TOO_LARGE 103
382 # define DH_R_NON_FIPS_METHOD 111
383 # define DH_R_NO_PARAMETERS_SET 107
384 # define DH_R_NO_PRIVATE_VALUE 100
385 # define DH_R_PARAMETER_ENCODING_ERROR 105
386 # define DH_R_PEER_KEY_ERROR 113
387 # define DH_R_SHARED_INFO_ERROR 114