Tor  0.4.7.0-alpha-dev
Macros | Functions | Variables
crypto_dh.h File Reference

Headers for crypto_dh.c. More...

#include "orconfig.h"
#include "lib/cc/torint.h"
#include "lib/defs/dh_sizes.h"

Go to the source code of this file.

Macros

#define DH_TYPE_CIRCUIT   1
 
#define DH_TYPE_REND   2
 
#define DH_TYPE_TLS   3
 
#define crypto_dh_free(dh)   FREE_AND_NULL(crypto_dh_t, crypto_dh_free_, (dh))
 

Functions

void crypto_dh_init (void)
 
crypto_dh_tcrypto_dh_new (int dh_type)
 
crypto_dh_tcrypto_dh_dup (const crypto_dh_t *dh)
 
int crypto_dh_get_bytes (crypto_dh_t *dh)
 
int crypto_dh_generate_public (crypto_dh_t *dh)
 
int crypto_dh_get_public (crypto_dh_t *dh, char *pubkey_out, size_t pubkey_out_len)
 
ssize_t crypto_dh_compute_secret (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, char *secret_out, size_t secret_out_len)
 
void crypto_dh_free_ (crypto_dh_t *dh)
 
ssize_t crypto_dh_handshake (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, unsigned char *secret_out, size_t secret_bytes_out)
 
void crypto_dh_free_all (void)
 
struct dh_st * crypto_dh_new_openssl_tls (void)
 

Variables

const unsigned DH_GENERATOR
 
const char TLS_DH_PRIME []
 
const char OAKLEY_PRIME_2 []
 

Detailed Description

Headers for crypto_dh.c.

Definition in file crypto_dh.h.

Function Documentation

◆ crypto_dh_compute_secret()

ssize_t crypto_dh_compute_secret ( int  severity,
crypto_dh_t dh,
const char *  pubkey,
size_t  pubkey_len,
char *  secret_out,
size_t  secret_bytes_out 
)

Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate secret_bytes_out bytes of shared key material and write them to secret_out. Return the number of bytes generated on success, or -1 on failure.

(We generate key material by computing SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ... where || is concatenation.)

Definition at line 79 of file crypto_dh.c.

◆ crypto_dh_dup()

crypto_dh_t* crypto_dh_dup ( const crypto_dh_t dh)

Return a copy of dh, sharing its internal state.

Definition at line 81 of file crypto_dh_nss.c.

◆ crypto_dh_free_()

void crypto_dh_free_ ( crypto_dh_t dh)

Free a DH key exchange object.

Definition at line 141 of file crypto_dh_nss.c.

◆ crypto_dh_generate_public()

int crypto_dh_generate_public ( crypto_dh_t dh)

Generate <x,g^x> for our part of the key exchange. Return 0 on success, -1 on failure.

Definition at line 100 of file crypto_dh_nss.c.

Referenced by crypto_dh_get_public().

◆ crypto_dh_get_bytes()

int crypto_dh_get_bytes ( crypto_dh_t dh)

Return the length of the DH key in dh, in bytes.

Definition at line 93 of file crypto_dh_nss.c.

Referenced by crypto_dh_compute_secret(), and onion_skin_TAP_client_handshake().

◆ crypto_dh_get_public()

int crypto_dh_get_public ( crypto_dh_t dh,
char *  pubkey,
size_t  pubkey_len 
)

Generate g^x as necessary, and write the g^x for the key exchange as a pubkey_len-byte value into pubkey. Return 0 on success, -1 on failure. pubkey_len must be >= DH1024_KEY_LEN.

Definition at line 116 of file crypto_dh_nss.c.

◆ crypto_dh_handshake()

ssize_t crypto_dh_handshake ( int  severity,
crypto_dh_t dh,
const char *  pubkey,
size_t  pubkey_len,
unsigned char *  secret_out,
size_t  secret_bytes_out 
)

Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate g^xy as a big-endian integer in secret_out. Return the number of bytes generated on success, or -1 on failure.

This function MUST validate that g^y is actually in the group.

Definition at line 153 of file crypto_dh_nss.c.

◆ crypto_dh_new()

crypto_dh_t* crypto_dh_new ( int  dh_type)

Allocate and return a new DH object for a key exchange. Returns NULL on failure.

Definition at line 73 of file crypto_dh_nss.c.

◆ crypto_dh_new_openssl_tls()

struct dh_st* crypto_dh_new_openssl_tls ( void  )

Used by tortls.c: Get the DH* for use with TLS.

Definition at line 173 of file crypto_dh_openssl.c.

Variable Documentation

◆ DH_GENERATOR

const unsigned DH_GENERATOR
extern

Our DH 'g' parameter

Definition at line 23 of file crypto_dh.c.

Referenced by crypto_set_dh_generator().

◆ OAKLEY_PRIME_2

const char OAKLEY_PRIME_2[]
extern

This is from rfc2409, section 6.2. It's a safe prime, and supposedly it equals: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.

Definition at line 39 of file crypto_dh.c.

Referenced by crypto_dh_init_openssl().

◆ TLS_DH_PRIME

const char TLS_DH_PRIME[]
extern

This is the 1024-bit safe prime that Apache uses for its DH stuff; see modules/ssl/ssl_engine_dh.c; Apache also uses a generator of 2 with this prime.

Definition at line 28 of file crypto_dh.c.

Referenced by crypto_dh_init_openssl().