2 * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2008, 2010 Free
3 * Software Foundation, Inc.
5 * Author: Nikos Mavrogiannopoulos
7 * This file is part of GnuTLS.
9 * The GnuTLS is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 2.1 of
12 * the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
26 #include <gnutls_int.h>
27 #include <gnutls_errors.h>
28 #include <gnutls_dh.h>
36 your_key = Y ^ x mod p;
37 his_key = X ^ y mod p;
39 // generate our secret and the public value (X) for it
40 X = gnutls_calc_dh_secret(&x, g, p);
41 // now we can calculate the shared secret
42 key = gnutls_calc_dh_key(Y, x, g, p);
43 _gnutls_mpi_release(x);
44 _gnutls_mpi_release(g);
47 #define MAX_BITS 18000
49 /* returns the public value (X), and the secret (ret_x).
52 gnutls_calc_dh_secret (bigint_t * ret_x, bigint_t g, bigint_t prime)
55 int x_size = _gnutls_mpi_get_nbits (prime) - 1;
56 /* The size of the secret key is less than
60 if (x_size > MAX_BITS || x_size <= 0)
66 x = _gnutls_mpi_randomize (NULL, x_size, GNUTLS_RND_RANDOM);
73 e = _gnutls_mpi_alloc_like (prime);
80 _gnutls_mpi_release (&x);
84 _gnutls_mpi_powm (e, g, x, prime);
89 _gnutls_mpi_release (&x);
95 gnutls_calc_dh_key (bigint_t f, bigint_t x, bigint_t prime)
100 ff = _gnutls_mpi_mod(f, prime);
101 _gnutls_mpi_add_ui(ff, ff, 1);
103 /* check if f==0,1,p-1.
104 * or (ff=f+1) equivalently ff==1,2,p */
105 if ((_gnutls_mpi_cmp_ui(ff, 2) == 0) || (_gnutls_mpi_cmp_ui(ff, 1) == 0) ||
106 (_gnutls_mpi_cmp(ff,prime) == 0))
113 bits = _gnutls_mpi_get_nbits (prime);
114 if (bits <= 0 || bits > MAX_BITS)
121 k = _gnutls_mpi_alloc_like (prime);
129 _gnutls_mpi_powm (k, f, x, prime);
134 _gnutls_mpi_release (&ff);
140 * _gnutls_get_dh_params - Returns the DH parameters pointer
141 * @dh_params: is an DH parameters structure, or NULL.
142 * @func: is a callback function to receive the parameters or NULL.
143 * @session: a gnutls session.
145 * This function will return the dh parameters pointer.
148 _gnutls_get_dh_params (gnutls_dh_params_t dh_params,
149 gnutls_params_function * func,
150 gnutls_session_t session)
152 gnutls_params_st params;
155 /* if cached return the cached */
156 if (session->internals.params.dh_params)
157 return session->internals.params.dh_params;
161 session->internals.params.dh_params = dh_params;
165 ret = func (session, GNUTLS_PARAMS_DH, ¶ms);
166 if (ret == 0 && params.type == GNUTLS_PARAMS_DH)
168 session->internals.params.dh_params = params.params.dh;
169 session->internals.params.free_dh_params = params.deinit;
173 return session->internals.params.dh_params;