Tor
0.4.7.0-alpha-dev
|
Headers for crypto_dh.c. More...
Go to the source code of this file.
Macros | |
#define | DH_TYPE_CIRCUIT 1 |
#define | DH_TYPE_REND 2 |
#define | DH_TYPE_TLS 3 |
#define | crypto_dh_free(dh) FREE_AND_NULL(crypto_dh_t, crypto_dh_free_, (dh)) |
Functions | |
void | crypto_dh_init (void) |
crypto_dh_t * | crypto_dh_new (int dh_type) |
crypto_dh_t * | crypto_dh_dup (const crypto_dh_t *dh) |
int | crypto_dh_get_bytes (crypto_dh_t *dh) |
int | crypto_dh_generate_public (crypto_dh_t *dh) |
int | crypto_dh_get_public (crypto_dh_t *dh, char *pubkey_out, size_t pubkey_out_len) |
ssize_t | crypto_dh_compute_secret (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, char *secret_out, size_t secret_out_len) |
void | crypto_dh_free_ (crypto_dh_t *dh) |
ssize_t | crypto_dh_handshake (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, unsigned char *secret_out, size_t secret_bytes_out) |
void | crypto_dh_free_all (void) |
struct dh_st * | crypto_dh_new_openssl_tls (void) |
Variables | |
const unsigned | DH_GENERATOR |
const char | TLS_DH_PRIME [] |
const char | OAKLEY_PRIME_2 [] |
Headers for crypto_dh.c.
Definition in file crypto_dh.h.
ssize_t crypto_dh_compute_secret | ( | int | severity, |
crypto_dh_t * | dh, | ||
const char * | pubkey, | ||
size_t | pubkey_len, | ||
char * | secret_out, | ||
size_t | secret_bytes_out | ||
) |
Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate secret_bytes_out bytes of shared key material and write them to secret_out. Return the number of bytes generated on success, or -1 on failure.
(We generate key material by computing SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ... where || is concatenation.)
Definition at line 79 of file crypto_dh.c.
crypto_dh_t* crypto_dh_dup | ( | const crypto_dh_t * | dh | ) |
Return a copy of dh, sharing its internal state.
Definition at line 81 of file crypto_dh_nss.c.
void crypto_dh_free_ | ( | crypto_dh_t * | dh | ) |
Free a DH key exchange object.
Definition at line 141 of file crypto_dh_nss.c.
int crypto_dh_generate_public | ( | crypto_dh_t * | dh | ) |
Generate <x,g^x> for our part of the key exchange. Return 0 on success, -1 on failure.
Definition at line 100 of file crypto_dh_nss.c.
Referenced by crypto_dh_get_public().
int crypto_dh_get_bytes | ( | crypto_dh_t * | dh | ) |
Return the length of the DH key in dh, in bytes.
Definition at line 93 of file crypto_dh_nss.c.
Referenced by crypto_dh_compute_secret(), and onion_skin_TAP_client_handshake().
int crypto_dh_get_public | ( | crypto_dh_t * | dh, |
char * | pubkey, | ||
size_t | pubkey_len | ||
) |
Generate g^x as necessary, and write the g^x for the key exchange as a pubkey_len-byte value into pubkey. Return 0 on success, -1 on failure. pubkey_len must be >= DH1024_KEY_LEN.
Definition at line 116 of file crypto_dh_nss.c.
ssize_t crypto_dh_handshake | ( | int | severity, |
crypto_dh_t * | dh, | ||
const char * | pubkey, | ||
size_t | pubkey_len, | ||
unsigned char * | secret_out, | ||
size_t | secret_bytes_out | ||
) |
Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate g^xy as a big-endian integer in secret_out. Return the number of bytes generated on success, or -1 on failure.
This function MUST validate that g^y is actually in the group.
Definition at line 153 of file crypto_dh_nss.c.
crypto_dh_t* crypto_dh_new | ( | int | dh_type | ) |
Allocate and return a new DH object for a key exchange. Returns NULL on failure.
Definition at line 73 of file crypto_dh_nss.c.
struct dh_st* crypto_dh_new_openssl_tls | ( | void | ) |
Used by tortls.c: Get the DH* for use with TLS.
Definition at line 173 of file crypto_dh_openssl.c.
|
extern |
Our DH 'g' parameter
Definition at line 23 of file crypto_dh.c.
Referenced by crypto_set_dh_generator().
|
extern |
This is from rfc2409, section 6.2. It's a safe prime, and supposedly it equals: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
Definition at line 39 of file crypto_dh.c.
Referenced by crypto_dh_init_openssl().
|
extern |
This is the 1024-bit safe prime that Apache uses for its DH stuff; see modules/ssl/ssl_engine_dh.c; Apache also uses a generator of 2 with this prime.
Definition at line 28 of file crypto_dh.c.
Referenced by crypto_dh_init_openssl().