Implement Tor's Z_p diffie-hellman stuff for OpenSSL. More...
#include "lib/crypt_ops/compat_openssl.h"#include "lib/crypt_ops/crypto_dh.h"#include "lib/crypt_ops/crypto_digest.h"#include "lib/crypt_ops/crypto_hkdf.h"#include "lib/crypt_ops/crypto_util.h"#include "lib/log/log.h"#include "lib/log/util_bug.h"#include <openssl/dh.h>#include <openssl/bn.h>#include <string.h>Go to the source code of this file.
Data Structures | |
| struct | crypto_dh_t |
Macros | |
| #define | DH_PRIVATE_KEY_BITS 320 |
Functions | |
| static int | tor_check_dh_key (int severity, const BIGNUM *bn, const BIGNUM *dh_p) |
| static DH * | new_openssl_dh_from_params (BIGNUM *p, BIGNUM *g) |
| static BIGNUM * | bignum_from_hex (const char *hex) |
| static void | crypto_set_dh_generator (void) |
| void | crypto_dh_init_openssl (void) |
| DH * | crypto_dh_new_openssl_tls (void) |
| crypto_dh_t * | crypto_dh_new (int dh_type) |
| crypto_dh_t * | crypto_dh_dup (const crypto_dh_t *dh) |
| int | crypto_dh_get_bytes (crypto_dh_t *dh) |
| int | crypto_dh_generate_public (crypto_dh_t *dh) |
| int | crypto_dh_get_public (crypto_dh_t *dh, char *pubkey, size_t pubkey_len) |
| ssize_t | crypto_dh_handshake (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, unsigned char *secret_out, size_t secret_bytes_out) |
| void | crypto_dh_free_ (crypto_dh_t *dh) |
| void | crypto_dh_free_all_openssl (void) |
Variables | |
| static BIGNUM * | dh_param_p = NULL |
| static BIGNUM * | dh_param_p_tls = NULL |
| static BIGNUM * | dh_param_g = NULL |
Detailed Description
Implement Tor's Z_p diffie-hellman stuff for OpenSSL.
Definition in file crypto_dh_openssl.c.
Macro Definition Documentation
◆ DH_PRIVATE_KEY_BITS
| #define DH_PRIVATE_KEY_BITS 320 |
Number of bits to use when choosing the x or y value in a Diffie-Hellman handshake. Since we exponentiate by this value, choosing a smaller one lets our handshake go faster.
Definition at line 163 of file crypto_dh_openssl.c.
Referenced by new_openssl_dh_from_params().
Function Documentation
◆ bignum_from_hex()
|
static |
Helper: convert hex to a bignum, and return it. Assert that the operation was successful.
Definition at line 105 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl().
◆ crypto_dh_dup()
| crypto_dh_t * crypto_dh_dup | ( | const crypto_dh_t * | dh | ) |
Return a copy of dh, sharing its internal state.
Definition at line 242 of file crypto_dh_openssl.c.
Referenced by crypto_dh_dup().
◆ crypto_dh_free_()
| void crypto_dh_free_ | ( | crypto_dh_t * | dh | ) |
Free a DH key exchange object.
Definition at line 418 of file crypto_dh_openssl.c.
Referenced by crypto_dh_free_().
◆ crypto_dh_free_all_openssl()
| void crypto_dh_free_all_openssl | ( | void | ) |
Definition at line 429 of file crypto_dh_openssl.c.
◆ crypto_dh_generate_public()
| int crypto_dh_generate_public | ( | crypto_dh_t * | dh | ) |
Generate <x,g^x> for our part of the key exchange. Return 0 on success, -1 on failure.
Definition at line 265 of file crypto_dh_openssl.c.
Referenced by crypto_dh_generate_public(), crypto_dh_get_public(), and crypto_dh_get_public().
◆ crypto_dh_get_bytes()
| int crypto_dh_get_bytes | ( | crypto_dh_t * | dh | ) |
Return the length of the DH key in dh, in bytes.
Definition at line 255 of file crypto_dh_openssl.c.
Referenced by crypto_dh_compute_secret(), crypto_dh_get_bytes(), and crypto_dh_handshake().
◆ crypto_dh_get_public()
| int crypto_dh_get_public | ( | crypto_dh_t * | dh, |
| char * | pubkey, | ||
| size_t | pubkey_len ) |
Generate g^x as necessary, and write the g^x for the key exchange as a pubkey_len-byte value into pubkey. Return 0 on success, -1 on failure. pubkey_len must be >= DH1024_KEY_LEN.
Definition at line 295 of file crypto_dh_openssl.c.
Referenced by crypto_dh_get_public().
◆ crypto_dh_handshake()
| ssize_t crypto_dh_handshake | ( | int | severity, |
| crypto_dh_t * | dh, | ||
| const char * | pubkey, | ||
| size_t | pubkey_len, | ||
| unsigned char * | secret_out, | ||
| size_t | secret_bytes_out ) |
Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate g^xy as a big-endian integer in secret_out. Return the number of bytes generated on success, or -1 on failure.
This function MUST validate that g^y is actually in the group.
Definition at line 371 of file crypto_dh_openssl.c.
Referenced by crypto_dh_compute_secret(), and crypto_dh_handshake().
◆ crypto_dh_init_openssl()
| void crypto_dh_init_openssl | ( | void | ) |
Initialize our DH parameters. Idempotent.
Definition at line 139 of file crypto_dh_openssl.c.
◆ crypto_dh_new()
| crypto_dh_t * crypto_dh_new | ( | int | dh_type | ) |
Allocate and return a new DH object for a key exchange. Returns NULL on failure.
Definition at line 178 of file crypto_dh_openssl.c.
Referenced by crypto_dh_dup(), and crypto_dh_new().
◆ crypto_dh_new_openssl_tls()
| DH * crypto_dh_new_openssl_tls | ( | void | ) |
Used by tortls.c: Get the DH* for use with TLS.
Definition at line 168 of file crypto_dh_openssl.c.
◆ crypto_set_dh_generator()
|
static |
Set the global Diffie-Hellman generator, used for both TLS and internal DH stuff.
Definition at line 120 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl().
◆ new_openssl_dh_from_params()
|
static |
Create and return a new openssl DH from a given prime and generator.
Definition at line 204 of file crypto_dh_openssl.c.
Referenced by crypto_dh_new(), and crypto_dh_new_openssl_tls().
◆ tor_check_dh_key()
|
static |
Check for bad Diffie-Hellman public keys (g^x). Return 0 if the key is okay (in the subgroup [2,p-2]), or -1 if it's bad. See http://www.cl.cam.ac.uk/ftp/users/rja14/psandqs.ps.gz for some tips.
Definition at line 334 of file crypto_dh_openssl.c.
Referenced by crypto_dh_generate_public(), and crypto_dh_handshake().
Variable Documentation
◆ dh_param_g
|
static |
Shared G parameter for our DH key exchanges.
Definition at line 47 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl(), crypto_dh_new(), crypto_dh_new_openssl_tls(), and crypto_set_dh_generator().
◆ dh_param_p
|
static |
Shared P parameter for our circuit-crypto DH key exchanges.
Definition at line 43 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl(), and crypto_dh_new().
◆ dh_param_p_tls
|
static |
Shared P parameter for our TLS DH key exchanges.
Definition at line 45 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl(), crypto_dh_new(), and crypto_dh_new_openssl_tls().
Generated by
1.12.0