gnutls_dh_primes.c

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2000, 2001, 2003, 2004, 2005 Free Software Foundation
00003  *
00004  * Author: Nikos Mavrogiannopoulos
00005  *
00006  * This file is part of GNUTLS.
00007  *
00008  * The GNUTLS library is free software; you can redistribute it and/or
00009  * modify it under the terms of the GNU Lesser General Public License
00010  * as published by the Free Software Foundation; either version 2.1 of
00011  * the License, or (at your option) any later version.
00012  *
00013  * This library is distributed in the hope that it will be useful, but
00014  * WITHOUT ANY WARRANTY; without even the implied warranty of
00015  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00016  * Lesser General Public License for more details.
00017  *
00018  * You should have received a copy of the GNU Lesser General Public
00019  * License along with this library; if not, write to the Free Software
00020  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
00021  * USA
00022  *
00023  */
00024 
00025 #include <gnutls_int.h>
00026 #include <gnutls_errors.h>
00027 #include <gnutls_datum.h>
00028 #include <x509_b64.h>           /* for PKCS3 PEM decoding */
00029 #include <gnutls_global.h>
00030 #include <gnutls_dh.h>
00031 #include "debug.h"
00032 /* x509 */
00033 #include "mpi.h"
00034 
00035 
00036 /* returns the prime and the generator of DH params.
00037  */
00038 const mpi_t *
00039 MHD_gtls_dh_params_to_mpi (MHD_gtls_dh_params_t dh_primes)
00040 {
00041   if (dh_primes == NULL || dh_primes->params[1] == NULL
00042       || dh_primes->params[0] == NULL)
00043     {
00044       return NULL;
00045     }
00046 
00047   return dh_primes->params;
00048 }
00049 
00050 int
00051 MHD_gtls_dh_generate_prime (mpi_t * ret_g, mpi_t * ret_n, unsigned int bits)
00052 {
00053   mpi_t g = NULL, prime = NULL;
00054   gcry_error_t err;
00055   int result, times = 0, qbits;
00056   mpi_t *factors = NULL;
00057 
00058   /* Calculate the size of a prime factor of (prime-1)/2.
00059    * This is an emulation of the values in "Selecting Cryptographic Key Sizes" paper.
00060    */
00061   if (bits < 256)
00062     qbits = bits / 2;
00063   else
00064     {
00065       qbits = (bits / 40) + 105;
00066     }
00067 
00068   if (qbits & 1)                /* better have an even number */
00069     qbits++;
00070 
00071   /* find a prime number of size bits.
00072    */
00073   do
00074     {
00075 
00076       if (times)
00077         {
00078           MHD_gtls_mpi_release (&prime);
00079           gcry_prime_release_factors (factors);
00080         }
00081 
00082       err = gcry_prime_generate (&prime, bits, qbits, &factors, NULL, NULL,
00083                                  GCRY_STRONG_RANDOM,
00084                                  GCRY_PRIME_FLAG_SPECIAL_FACTOR);
00085 
00086       if (err != 0)
00087         {
00088           MHD_gnutls_assert ();
00089           result = GNUTLS_E_INTERNAL_ERROR;
00090           goto cleanup;
00091         }
00092 
00093       err = gcry_prime_check (prime, 0);
00094 
00095       times++;
00096     }
00097   while (err != 0 && times < 10);
00098 
00099   if (err != 0)
00100     {
00101       MHD_gnutls_assert ();
00102       result = GNUTLS_E_INTERNAL_ERROR;
00103       goto cleanup;
00104     }
00105 
00106   /* generate the group generator.
00107    */
00108   err = gcry_prime_group_generator (&g, prime, factors, NULL);
00109   if (err != 0)
00110     {
00111       MHD_gnutls_assert ();
00112       result = GNUTLS_E_INTERNAL_ERROR;
00113       goto cleanup;
00114     }
00115 
00116   gcry_prime_release_factors (factors);
00117   factors = NULL;
00118 
00119   if (ret_g)
00120     *ret_g = g;
00121   else
00122     MHD_gtls_mpi_release (&g);
00123   if (ret_n)
00124     *ret_n = prime;
00125   else
00126     MHD_gtls_mpi_release (&prime);
00127 
00128   return 0;
00129 
00130 cleanup:gcry_prime_release_factors (factors);
00131   MHD_gtls_mpi_release (&g);
00132   MHD_gtls_mpi_release (&prime);
00133 
00134   return result;
00135 
00136 }
00137 
00138 /* Replaces the prime in the static DH parameters, with a randomly
00139  * generated one.
00140  */
00148 int
00149 MHD__gnutls_dh_params_init (MHD_gtls_dh_params_t * dh_params)
00150 {
00151 
00152   (*dh_params) = MHD_gnutls_calloc (1, sizeof (MHD_gtls_dh_params_st));
00153   if (*dh_params == NULL)
00154     {
00155       MHD_gnutls_assert ();
00156       return GNUTLS_E_MEMORY_ERROR;
00157     }
00158 
00159   return 0;
00160 
00161 }
00162 
00170 void
00171 MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params)
00172 {
00173   if (dh_params == NULL)
00174     return;
00175 
00176   MHD_gtls_mpi_release (&dh_params->params[0]);
00177   MHD_gtls_mpi_release (&dh_params->params[1]);
00178 
00179   MHD_gnutls_free (dh_params);
00180 
00181 }
00182 
00199 int
00200 MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params,
00201                                  unsigned int bits)
00202 {
00203   int ret;
00204 
00205   ret =
00206     MHD_gtls_dh_generate_prime (&params->params[1], &params->params[0], bits);
00207   if (ret < 0)
00208     {
00209       MHD_gnutls_assert ();
00210       return ret;
00211     }
00212 
00213   return 0;
00214 }

Generated on Fri Feb 27 18:32:19 2009 for GNU libmicrohttpd by  doxygen 1.5.7.1