dh.c revision 1.11 
1/* $OpenBSD: dh.c,v 1.11 2006/05/04 14:37:51 djm Exp $	 */
2/* $EOM: dh.c,v 1.5 1999/04/17 23:20:22 niklas Exp $	 */
3
4/*
5 * Copyright (c) 1998 Niels Provos.  All rights reserved.
6 * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/*
30 * This code was written under funding by Ericsson Radio Systems.
31 */
32
33#include <sys/param.h>
34
35#include "math_group.h"
36#include "dh.h"
37#include "log.h"
38
39/*
40 * Returns the length of our exchange value.
41 */
42
43int
44dh_getlen(struct group *group)
45{
46	return group->getlen(group);
47}
48
49/*
50 * Creates the exchange value we are offering to the other party.
51 * Each time this function is called a new value is created, that
52 * means the application has to save the exchange value itself,
53 * dh_create_exchange should only be called once.
54 */
55int
56dh_create_exchange(struct group *group, u_int8_t *buf)
57{
58	if (group->setrandom(group, group->c))
59		return -1;
60	if (group->operation(group, group->a, group->gen, group->c))
61		return -1;
62	if (group->validate_public(group, group->a))
63		return -1;
64	group->getraw(group, group->a, buf);
65	return 0;
66}
67
68/*
69 * Creates the Diffie-Hellman shared secret in 'secret', where 'exchange'
70 * is the exchange value offered by the other party. No length verification
71 * is done for the value, the application has to do that.
72 */
73int
74dh_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange)
75{
76	if (group->setraw(group, group->b, exchange, group->getlen(group)))
77		return -1;
78	if (group->operation(group, group->a, group->b, group->c))
79		return -1;
80	if (group->validate_public(group, group->a))
81		return -1;
82	group->getraw(group, group->a, secret);
83	return 0;
84}
85