1/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */
2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
--- 9 unchanged lines hidden (view full) ---
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "includes.h"
27
28#include <sys/param.h>
29
30#include <openssl/bn.h>
31#include <openssl/dh.h>
32
33#include <stdarg.h>
34#include <stdio.h>
35#include <stdlib.h>
36#include <string.h>
37
38#include "dh.h"
39#include "pathnames.h"
40#include "log.h"
41#include "misc.h"
42
43static int
44parse_prime(int linenum, char *line, struct dhgroup *dhg)
45{
46 char *cp, *arg;
47 char *strsize, *gen, *prime;
48 const char *errstr = NULL;
49
50 cp = line;
51 if ((arg = strdelim(&cp)) == NULL)
52 return 0;
53 /* Ignore leading whitespace */
54 if (*arg == '\0')
55 arg = strdelim(&cp);
56 if (!arg || !*arg || *arg == '#')
57 return 0;
58
59 /* time */
60 if (cp == NULL || *arg == '\0')
--- 4 unchanged lines hidden (view full) ---
65 arg = strsep(&cp, " "); /* tests */
66 if (cp == NULL || *arg == '\0')
67 goto fail;
68 arg = strsep(&cp, " "); /* tries */
69 if (cp == NULL || *arg == '\0')
70 goto fail;
71 strsize = strsep(&cp, " "); /* size */
72 if (cp == NULL || *strsize == '\0' ||
73 (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
74 errstr)
75 goto fail;
76 /* The whole group is one bit larger */
77 dhg->size++;
78 gen = strsep(&cp, " "); /* gen */
79 if (cp == NULL || *gen == '\0')
80 goto fail;
81 prime = strsep(&cp, " "); /* prime */
82 if (cp != NULL || *prime == '\0')
--- 94 unchanged lines hidden (view full) ---
177/* diffie-hellman-groupN-sha1 */
178
179int
180dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
181{
182 int i;
183 int n = BN_num_bits(dh_pub);
184 int bits_set = 0;
185 BIGNUM *tmp;
186
187 if (dh_pub->neg) {
188 logit("invalid public DH value: negativ");
189 return 0;
190 }
191 if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */
192 logit("invalid public DH value: <= 1");
193 return 0;
194 }
195
196 if ((tmp = BN_new()) == NULL)
197 return (-1);
198 if (!BN_sub(tmp, dh->p, BN_value_one()) ||
199 BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */
200 BN_clear_free(tmp);
201 logit("invalid public DH value: >= p-1");
202 return 0;
203 }
204 BN_clear_free(tmp);
205
206 for (i = 0; i <= n; i++)
207 if (BN_is_bit_set(dh_pub, i))
208 bits_set++;
209 debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
210
211 /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
212 if (bits_set > 1)
213 return 1;
214
215 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
216 return 0;
217}
218
219void
220dh_gen_key(DH *dh, int need)
221{
222 int i, bits_set, tries = 0;
--- 109 unchanged lines hidden ---
2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
--- 9 unchanged lines hidden (view full) ---
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "includes.h"
27
28#include <sys/param.h>
29
30#include <openssl/bn.h>
31#include <openssl/dh.h>
32
33#include <stdarg.h>
34#include <stdio.h>
35#include <stdlib.h>
36#include <string.h>
37
38#include "dh.h"
39#include "pathnames.h"
40#include "log.h"
41#include "misc.h"
42
43static int
44parse_prime(int linenum, char *line, struct dhgroup *dhg)
45{
46 char *cp, *arg;
47 char *strsize, *gen, *prime;
48 const char *errstr = NULL;
49
50 cp = line;
51 if ((arg = strdelim(&cp)) == NULL)
52 return 0;
53 /* Ignore leading whitespace */
54 if (*arg == '\0')
55 arg = strdelim(&cp);
56 if (!arg || !*arg || *arg == '#')
57 return 0;
58
59 /* time */
60 if (cp == NULL || *arg == '\0')
--- 4 unchanged lines hidden (view full) ---
65 arg = strsep(&cp, " "); /* tests */
66 if (cp == NULL || *arg == '\0')
67 goto fail;
68 arg = strsep(&cp, " "); /* tries */
69 if (cp == NULL || *arg == '\0')
70 goto fail;
71 strsize = strsep(&cp, " "); /* size */
72 if (cp == NULL || *strsize == '\0' ||
73 (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
74 errstr)
75 goto fail;
76 /* The whole group is one bit larger */
77 dhg->size++;
78 gen = strsep(&cp, " "); /* gen */
79 if (cp == NULL || *gen == '\0')
80 goto fail;
81 prime = strsep(&cp, " "); /* prime */
82 if (cp != NULL || *prime == '\0')
--- 94 unchanged lines hidden (view full) ---
177/* diffie-hellman-groupN-sha1 */
178
179int
180dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
181{
182 int i;
183 int n = BN_num_bits(dh_pub);
184 int bits_set = 0;
185 BIGNUM *tmp;
186
187 if (dh_pub->neg) {
188 logit("invalid public DH value: negativ");
189 return 0;
190 }
191 if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */
192 logit("invalid public DH value: <= 1");
193 return 0;
194 }
195
196 if ((tmp = BN_new()) == NULL)
197 return (-1);
198 if (!BN_sub(tmp, dh->p, BN_value_one()) ||
199 BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */
200 BN_clear_free(tmp);
201 logit("invalid public DH value: >= p-1");
202 return 0;
203 }
204 BN_clear_free(tmp);
205
206 for (i = 0; i <= n; i++)
207 if (BN_is_bit_set(dh_pub, i))
208 bits_set++;
209 debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
210
211 /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
212 if (bits_set > 1)
213 return 1;
214
215 logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
216 return 0;
217}
218
219void
220dh_gen_key(DH *dh, int need)
221{
222 int i, bits_set, tries = 0;
--- 109 unchanged lines hidden ---