Hannes Tschofenig
/
aes-gcm-test-program
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
dhm.h
Go to the documentation of this file.
00001 /** 00002 * \file dhm.h 00003 * 00004 * \brief Diffie-Hellman-Merkle key exchange 00005 * 00006 * Copyright (C) 2006-2013, Brainspark B.V. 00007 * 00008 * This file is part of PolarSSL (http://www.polarssl.org) 00009 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> 00010 * 00011 * All rights reserved. 00012 * 00013 * This program is free software; you can redistribute it and/or modify 00014 * it under the terms of the GNU General Public License as published by 00015 * the Free Software Foundation; either version 2 of the License, or 00016 * (at your option) any later version. 00017 * 00018 * This program is distributed in the hope that it will be useful, 00019 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00020 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00021 * GNU General Public License for more details. 00022 * 00023 * You should have received a copy of the GNU General Public License along 00024 * with this program; if not, write to the Free Software Foundation, Inc., 00025 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 00026 */ 00027 #ifndef POLARSSL_DHM_H 00028 #define POLARSSL_DHM_H 00029 00030 #include "bignum.h" 00031 00032 /* 00033 * DHM Error codes 00034 */ 00035 #define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ 00036 #define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ 00037 #define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ 00038 #define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ 00039 #define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ 00040 #define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ 00041 #define POLARSSL_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ 00042 #define POLARSSL_ERR_DHM_MALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ 00043 #define POLARSSL_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */ 00044 00045 /** 00046 * RFC 3526 defines a number of standardized Diffie-Hellman groups 00047 * for IKE. 00048 * RFC 5114 defines a number of standardized Diffie-Hellman groups 00049 * that can be used. 00050 * 00051 * Some are included here for convenience. 00052 * 00053 * Included are: 00054 * RFC 3526 3. 2048-bit MODP Group 00055 * RFC 3526 4. 3072-bit MODP Group 00056 * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup 00057 * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup 00058 */ 00059 #define POLARSSL_DHM_RFC3526_MODP_2048_P \ 00060 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 00061 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 00062 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 00063 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ 00064 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ 00065 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ 00066 "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ 00067 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ 00068 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ 00069 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ 00070 "15728E5A8AACAA68FFFFFFFFFFFFFFFF" 00071 00072 #define POLARSSL_DHM_RFC3526_MODP_2048_G "02" 00073 00074 #define POLARSSL_DHM_RFC3526_MODP_3072_P \ 00075 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ 00076 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ 00077 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ 00078 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ 00079 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ 00080 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ 00081 "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ 00082 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ 00083 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ 00084 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ 00085 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ 00086 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ 00087 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ 00088 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ 00089 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ 00090 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" 00091 00092 #define POLARSSL_DHM_RFC3526_MODP_3072_G "02" 00093 00094 #define POLARSSL_DHM_RFC5114_MODP_1024_P \ 00095 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \ 00096 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \ 00097 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \ 00098 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" \ 00099 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \ 00100 "DF1FB2BC2E4A4371" 00101 00102 #define POLARSSL_DHM_RFC5114_MODP_1024_G \ 00103 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \ 00104 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \ 00105 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \ 00106 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" \ 00107 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \ 00108 "855E6EEB22B3B2E5" 00109 00110 #define POLARSSL_DHM_RFC5114_MODP_2048_P \ 00111 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ 00112 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ 00113 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ 00114 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \ 00115 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \ 00116 "B3BF8A317091883681286130BC8985DB1602E714415D9330" \ 00117 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \ 00118 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ 00119 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ 00120 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ 00121 "CF9DE5384E71B81C0AC4DFFE0C10E64F" 00122 00123 #define POLARSSL_DHM_RFC5114_MODP_2048_G \ 00124 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\ 00125 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\ 00126 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\ 00127 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\ 00128 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\ 00129 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"\ 00130 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\ 00131 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\ 00132 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\ 00133 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\ 00134 "81BC087F2A7065B384B890D3191F2BFA" 00135 00136 #ifdef __cplusplus 00137 extern "C" { 00138 #endif 00139 00140 /** 00141 * \brief DHM context structure 00142 */ 00143 typedef struct 00144 { 00145 size_t len ; /*!< size(P) in chars */ 00146 mpi P ; /*!< prime modulus */ 00147 mpi G ; /*!< generator */ 00148 mpi X ; /*!< secret value */ 00149 mpi GX ; /*!< self = G^X mod P */ 00150 mpi GY ; /*!< peer = G^Y mod P */ 00151 mpi K ; /*!< key = GY^X mod P */ 00152 mpi RP ; /*!< cached R^2 mod P */ 00153 mpi Vi ; /*!< blinding value */ 00154 mpi Vf ; /*!< un-blinding value */ 00155 mpi pX ; /*!< previous X */ 00156 } 00157 dhm_context; 00158 00159 /** 00160 * \brief Parse the ServerKeyExchange parameters 00161 * 00162 * \param ctx DHM context 00163 * \param p &(start of input buffer) 00164 * \param end end of buffer 00165 * 00166 * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code 00167 */ 00168 int dhm_read_params( dhm_context *ctx, 00169 unsigned char **p, 00170 const unsigned char *end ); 00171 00172 /** 00173 * \brief Setup and write the ServerKeyExchange parameters 00174 * 00175 * \param ctx DHM context 00176 * \param x_size private value size in bytes 00177 * \param output destination buffer 00178 * \param olen number of chars written 00179 * \param f_rng RNG function 00180 * \param p_rng RNG parameter 00181 * 00182 * \note This function assumes that ctx->P and ctx->G 00183 * have already been properly set (for example 00184 * using mpi_read_string or mpi_read_binary). 00185 * 00186 * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code 00187 */ 00188 int dhm_make_params( dhm_context *ctx, int x_size, 00189 unsigned char *output, size_t *olen, 00190 int (*f_rng)(void *, unsigned char *, size_t), 00191 void *p_rng ); 00192 00193 /** 00194 * \brief Import the peer's public value G^Y 00195 * 00196 * \param ctx DHM context 00197 * \param input input buffer 00198 * \param ilen size of buffer 00199 * 00200 * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code 00201 */ 00202 int dhm_read_public( dhm_context *ctx, 00203 const unsigned char *input, size_t ilen ); 00204 00205 /** 00206 * \brief Create own private value X and export G^X 00207 * 00208 * \param ctx DHM context 00209 * \param x_size private value size in bytes 00210 * \param output destination buffer 00211 * \param olen must be equal to ctx->P.len 00212 * \param f_rng RNG function 00213 * \param p_rng RNG parameter 00214 * 00215 * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code 00216 */ 00217 int dhm_make_public( dhm_context *ctx, int x_size, 00218 unsigned char *output, size_t olen, 00219 int (*f_rng)(void *, unsigned char *, size_t), 00220 void *p_rng ); 00221 00222 /** 00223 * \brief Derive and export the shared secret (G^Y)^X mod P 00224 * 00225 * \param ctx DHM context 00226 * \param output destination buffer 00227 * \param olen number of chars written 00228 * \param f_rng RNG function, for blinding purposes 00229 * \param p_rng RNG parameter 00230 * 00231 * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code 00232 * 00233 * \note If non-NULL, f_rng is used to blind the input as 00234 * countermeasure against timing attacks. Blinding is 00235 * automatically used if and only if our secret value X is 00236 * re-used and costs nothing otherwise, so it is recommended 00237 * to always pass a non-NULL f_rng argument. 00238 */ 00239 int dhm_calc_secret( dhm_context *ctx, 00240 unsigned char *output, size_t *olen, 00241 int (*f_rng)(void *, unsigned char *, size_t), 00242 void *p_rng ); 00243 00244 /** 00245 * \brief Free the components of a DHM key 00246 */ 00247 void dhm_free( dhm_context *ctx ); 00248 00249 #if defined(POLARSSL_ASN1_PARSE_C) 00250 /** \ingroup x509_module */ 00251 /** 00252 * \brief Parse DHM parameters 00253 * 00254 * \param dhm DHM context to be initialized 00255 * \param dhmin input buffer 00256 * \param dhminlen size of the buffer 00257 * 00258 * \return 0 if successful, or a specific DHM or PEM error code 00259 */ 00260 int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, 00261 size_t dhminlen ); 00262 00263 #if defined(POLARSSL_FS_IO) 00264 /** \ingroup x509_module */ 00265 /** 00266 * \brief Load and parse DHM parameters 00267 * 00268 * \param dhm DHM context to be initialized 00269 * \param path filename to read the DHM Parameters from 00270 * 00271 * \return 0 if successful, or a specific DHM or PEM error code 00272 */ 00273 int dhm_parse_dhmfile( dhm_context *dhm, const char *path ); 00274 #endif /* POLARSSL_FS_IO */ 00275 #endif /* POLARSSL_ASN1_PARSE_C */ 00276 00277 /** 00278 * \brief Checkup routine 00279 * 00280 * \return 0 if successful, or 1 if the test failed 00281 */ 00282 int dhm_self_test( int verbose ); 00283 00284 #ifdef __cplusplus 00285 } 00286 #endif 00287 00288 #endif /* dhm.h */ 00289 00290
Generated on Tue Jul 12 2022 19:40:15 by
1.7.2