OpenSSL
1.0.1c
Main Page
Classes
Files
File List
File Members
All
Classes
Files
Functions
Variables
Typedefs
Enumerations
Enumerator
Macros
crypto
dh
dh_check.c
Go to the documentation of this file.
1
/* crypto/dh/dh_check.c */
2
/* Copyright (C) 1995-1998 Eric Young (
[email protected]
)
3
* All rights reserved.
4
*
5
* This package is an SSL implementation written
6
* by Eric Young (
[email protected]
).
7
* The implementation was written so as to conform with Netscapes SSL.
8
*
9
* This library is free for commercial and non-commercial use as long as
10
* the following conditions are aheared to. The following conditions
11
* apply to all code found in this distribution, be it the RC4, RSA,
12
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13
* included with this distribution is covered by the same copyright terms
14
* except that the holder is Tim Hudson (
[email protected]
).
15
*
16
* Copyright remains Eric Young's, and as such any Copyright notices in
17
* the code are not to be removed.
18
* If this package is used in a product, Eric Young should be given attribution
19
* as the author of the parts of the library used.
20
* This can be in the form of a textual message at program startup or
21
* in documentation (online or textual) provided with the package.
22
*
23
* Redistribution and use in source and binary forms, with or without
24
* modification, are permitted provided that the following conditions
25
* are met:
26
* 1. Redistributions of source code must retain the copyright
27
* notice, this list of conditions and the following disclaimer.
28
* 2. Redistributions in binary form must reproduce the above copyright
29
* notice, this list of conditions and the following disclaimer in the
30
* documentation and/or other materials provided with the distribution.
31
* 3. All advertising materials mentioning features or use of this software
32
* must display the following acknowledgement:
33
* "This product includes cryptographic software written by
34
* Eric Young (
[email protected]
)"
35
* The word 'cryptographic' can be left out if the rouines from the library
36
* being used are not cryptographic related :-).
37
* 4. If you include any Windows specific code (or a derivative thereof) from
38
* the apps directory (application code) you must include an acknowledgement:
39
* "This product includes software written by Tim Hudson (
[email protected]
)"
40
*
41
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
* SUCH DAMAGE.
52
*
53
* The licence and distribution terms for any publically available version or
54
* derivative of this code cannot be changed. i.e. this code cannot simply be
55
* copied and put under another distribution licence
56
* [including the GNU Public Licence.]
57
*/
58
59
#include <stdio.h>
60
#include "
cryptlib.h
"
61
#include <
openssl/bn.h
>
62
#include <
openssl/dh.h
>
63
64
/* Check that p is a safe prime and
65
* if g is 2, 3 or 5, check that it is a suitable generator
66
* where
67
* for 2, p mod 24 == 11
68
* for 3, p mod 12 == 5
69
* for 5, p mod 10 == 3 or 7
70
* should hold.
71
*/
72
73
int
DH_check
(
const
DH
*dh,
int
*ret)
74
{
75
int
ok=0;
76
BN_CTX
*ctx=NULL;
77
BN_ULONG l;
78
BIGNUM
*
q
=NULL;
79
80
*ret=0;
81
ctx=
BN_CTX_new
();
82
if
(ctx == NULL)
goto
err;
83
q=
BN_new
();
84
if
(q == NULL)
goto
err;
85
86
if
(
BN_is_word
(dh->
g
,
DH_GENERATOR_2
))
87
{
88
l=
BN_mod_word
(dh->
p
,24);
89
if
(l != 11) *ret|=
DH_NOT_SUITABLE_GENERATOR
;
90
}
91
#if 0
92
else
if
(
BN_is_word
(dh->
g
,DH_GENERATOR_3))
93
{
94
l=
BN_mod_word
(dh->
p
,12);
95
if
(l != 5) *ret|=
DH_NOT_SUITABLE_GENERATOR
;
96
}
97
#endif
98
else
if
(
BN_is_word
(dh->
g
,
DH_GENERATOR_5
))
99
{
100
l=
BN_mod_word
(dh->
p
,10);
101
if
((l != 3) && (l != 7))
102
*ret|=
DH_NOT_SUITABLE_GENERATOR
;
103
}
104
else
105
*ret|=
DH_UNABLE_TO_CHECK_GENERATOR
;
106
107
if
(!
BN_is_prime_ex
(dh->
p
,
BN_prime_checks
,ctx,NULL))
108
*ret|=
DH_CHECK_P_NOT_PRIME
;
109
else
110
{
111
if
(!
BN_rshift1
(q,dh->
p
))
goto
err;
112
if
(!
BN_is_prime_ex
(q,
BN_prime_checks
,ctx,NULL))
113
*ret|=
DH_CHECK_P_NOT_SAFE_PRIME
;
114
}
115
ok=1;
116
err:
117
if
(ctx != NULL)
BN_CTX_free
(ctx);
118
if
(q != NULL)
BN_free
(q);
119
return
(ok);
120
}
121
122
int
DH_check_pub_key
(
const
DH
*dh,
const
BIGNUM
*pub_key,
int
*ret)
123
{
124
int
ok=0;
125
BIGNUM
*
q
=NULL;
126
127
*ret=0;
128
q=
BN_new
();
129
if
(q == NULL)
goto
err;
130
BN_set_word
(q,1);
131
if
(
BN_cmp
(pub_key,q)<=0)
132
*ret|=
DH_CHECK_PUBKEY_TOO_SMALL
;
133
BN_copy
(q,dh->
p
);
134
BN_sub_word
(q,1);
135
if
(
BN_cmp
(pub_key,q)>=0)
136
*ret|=
DH_CHECK_PUBKEY_TOO_LARGE
;
137
138
ok = 1;
139
err:
140
if
(q != NULL)
BN_free
(q);
141
return
(ok);
142
}
Generated on Thu Jan 10 2013 09:53:35 for OpenSSL by
1.8.2