33 #if defined(POLARSSL_DHM_C)
38 static void polarssl_zeroize(
void *v,
size_t n ) {
39 volatile unsigned char *p = v;
while( n-- ) *p++ = 0;
45 static int dhm_read_bignum(
mpi *X,
47 const unsigned char *end )
54 n = ( (*p)[0] << 8 ) | (*p)[1];
57 if( (
int)( end - *p ) < n )
77 static int dhm_check_range(
const mpi *param,
const mpi *P )
103 const unsigned char *end )
109 if( ( ret = dhm_read_bignum( &ctx->
P, p, end ) ) != 0 ||
110 ( ret = dhm_read_bignum( &ctx->
G, p, end ) ) != 0 ||
111 ( ret = dhm_read_bignum( &ctx->
GY, p, end ) ) != 0 )
114 if( ( ret = dhm_check_range( &ctx->
GY, &ctx->
P ) ) != 0 )
129 unsigned char *output,
size_t *olen,
130 int (*f_rng)(
void *,
unsigned char *,
size_t),
153 while( dhm_check_range( &ctx->
X, &ctx->
P ) != 0 );
159 &ctx->
P , &ctx->
RP ) );
161 if( ( ret = dhm_check_range( &ctx->
GX, &ctx->
P ) ) != 0 )
167 #define DHM_MPI_EXPORT(X,n) \
168 MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \
169 *p++ = (unsigned char)( n >> 8 ); \
170 *p++ = (unsigned char)( n ); p += n;
177 DHM_MPI_EXPORT( &ctx->
P , n1 );
178 DHM_MPI_EXPORT( &ctx->
G , n2 );
179 DHM_MPI_EXPORT( &ctx->
GX, n3 );
197 const unsigned char *input,
size_t ilen )
201 if( ctx == NULL || ilen < 1 || ilen > ctx->
len )
214 unsigned char *output,
size_t olen,
215 int (*f_rng)(
void *,
unsigned char *,
size_t),
220 if( ctx == NULL || olen < 1 || olen > ctx->
len )
239 while( dhm_check_range( &ctx->
X, &ctx->
P ) != 0 );
242 &ctx->
P , &ctx->
RP ) );
244 if( ( ret = dhm_check_range( &ctx->
GX, &ctx->
P ) ) != 0 )
261 unsigned char *output,
size_t *olen )
265 if( ctx == NULL || *olen < ctx->len )
269 &ctx->
P, &ctx->
RP ) );
271 if( ( ret = dhm_check_range( &ctx->
GY, &ctx->
P ) ) != 0 )
298 #if defined(POLARSSL_SELF_TEST)
int mpi_cmp_int(const mpi *X, t_sint z)
Compare signed values.
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED
Making of the public value failed.
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED
Making of the DHM parameters failed.
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED
Calculation of the DHM secret failed.
int mpi_fill_random(mpi *X, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Fill an MPI X with size bytes of random.
int dhm_self_test(int verbose)
Checkup routine.
Configuration options (set of defines)
int mpi_lset(mpi *X, t_sint z)
Set value from integer.
void mpi_init(mpi *X)
Initialize one MPI.
int mpi_cmp_mpi(const mpi *X, const mpi *Y)
Compare signed values.
int mpi_shift_r(mpi *X, size_t count)
Right-shift: X >>= count.
int dhm_read_params(dhm_context *ctx, unsigned char **p, const unsigned char *end)
Parse the ServerKeyExchange parameters.
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED
Reading of the public values failed.
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED
Reading of the DHM parameters failed.
void mpi_free(mpi *X)
Unallocate one MPI.
Diffie-Hellman-Merkle key exchange.
int mpi_exp_mod(mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR)
Sliding-window exponentiation: X = A^E mod N.
int mpi_read_binary(mpi *X, const unsigned char *buf, size_t buflen)
Import X from unsigned binary data, big endian.
int dhm_calc_secret(dhm_context *ctx, unsigned char *output, size_t *olen)
Derive and export the shared secret (G^Y)^X mod P.
int dhm_make_public(dhm_context *ctx, int x_size, unsigned char *output, size_t olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Create own private value X and export G^X.
size_t mpi_size(const mpi *X)
Return the total size in bytes.
int mpi_write_binary(const mpi *X, unsigned char *buf, size_t buflen)
Export X into unsigned binary data, big endian.
void dhm_free(dhm_context *ctx)
Free the components of a DHM key.
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA
Bad input parameters to function.
int mpi_sub_int(mpi *X, const mpi *A, t_sint b)
Signed substraction: X = A - b.
int dhm_make_params(dhm_context *ctx, int x_size, unsigned char *output, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Setup and write the ServerKeyExchange parameters.
int dhm_read_public(dhm_context *ctx, const unsigned char *input, size_t ilen)
Import the peer's public value G^Y.