Headers for crypto_dh.c. More...

#include "orconfig.h"
#include "lib/cc/torint.h"
#include "lib/defs/dh_sizes.h"

Macros
#define	DH_TYPE_CIRCUIT 1

#define	DH_TYPE_REND 2

#define	DH_TYPE_TLS 3

#define	crypto_dh_free(dh) FREE_AND_NULL(crypto_dh_t, crypto_dh_free_, (dh))

Functions
void	crypto_dh_init (void)

crypto_dh_t *	crypto_dh_new (int dh_type)

crypto_dh_t *	crypto_dh_dup (const crypto_dh_t *dh)

int	crypto_dh_get_bytes (crypto_dh_t *dh)

int	crypto_dh_generate_public (crypto_dh_t *dh)

int	crypto_dh_get_public (crypto_dh_t dh, char pubkey_out, size_t pubkey_out_len)

ssize_t	crypto_dh_compute_secret (int severity, crypto_dh_t dh, const char pubkey, size_t pubkey_len, char *secret_out, size_t secret_out_len)

void	crypto_dh_free_ (crypto_dh_t *dh)

ssize_t	crypto_dh_handshake (int severity, crypto_dh_t dh, const char pubkey, size_t pubkey_len, unsigned char *secret_out, size_t secret_bytes_out)

void	crypto_dh_free_all (void)

struct dh_st *	crypto_dh_new_openssl_tls (void)

Variables
const unsigned	DH_GENERATOR

const char	TLS_DH_PRIME []

const char	OAKLEY_PRIME_2 []

Detailed Description

Headers for crypto_dh.c.

Definition in file crypto_dh.h.

Function Documentation

◆ crypto_dh_compute_secret()

ssize_t crypto_dh_compute_secret	(	int	severity,
		crypto_dh_t *	dh,
		const char *	pubkey,
		size_t	pubkey_len,
		char *	secret_out,
		size_t	secret_bytes_out
	)

Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate secret_bytes_out bytes of shared key material and write them to secret_out. Return the number of bytes generated on success, or -1 on failure.

(We generate key material by computing SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ... where || is concatenation.)

Definition at line 79 of file crypto_dh.c.

◆ crypto_dh_dup()

crypto_dh_t* crypto_dh_dup ( const crypto_dh_t * dh )

Return a copy of dh, sharing its internal state.

Definition at line 81 of file crypto_dh_nss.c.

◆ crypto_dh_free_()

void crypto_dh_free_ ( crypto_dh_t * dh )

Free a DH key exchange object.

Definition at line 141 of file crypto_dh_nss.c.

◆ crypto_dh_generate_public()

int crypto_dh_generate_public ( crypto_dh_t * dh )

Generate <x,g^x> for our part of the key exchange. Return 0 on success, -1 on failure.

Definition at line 100 of file crypto_dh_nss.c.

Referenced by crypto_dh_get_public().

◆ crypto_dh_get_bytes()

int crypto_dh_get_bytes ( crypto_dh_t * dh )

Return the length of the DH key in dh, in bytes.

Definition at line 93 of file crypto_dh_nss.c.

Referenced by crypto_dh_compute_secret(), and onion_skin_TAP_client_handshake().

◆ crypto_dh_get_public()

int crypto_dh_get_public	(	crypto_dh_t *	dh,
		char *	pubkey,
		size_t	pubkey_len
	)

Generate g^x as necessary, and write the g^x for the key exchange as a pubkey_len-byte value into pubkey. Return 0 on success, -1 on failure. pubkey_len must be >= DH1024_KEY_LEN.

Definition at line 116 of file crypto_dh_nss.c.

◆ crypto_dh_handshake()

ssize_t crypto_dh_handshake	(	int	severity,
		crypto_dh_t *	dh,
		const char *	pubkey,
		size_t	pubkey_len,
		unsigned char *	secret_out,
		size_t	secret_bytes_out
	)

Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate g^xy as a big-endian integer in secret_out. Return the number of bytes generated on success, or -1 on failure.

This function MUST validate that g^y is actually in the group.

Definition at line 153 of file crypto_dh_nss.c.

◆ crypto_dh_new()

crypto_dh_t* crypto_dh_new ( int dh_type )

Allocate and return a new DH object for a key exchange. Returns NULL on failure.

Definition at line 73 of file crypto_dh_nss.c.

◆ crypto_dh_new_openssl_tls()

struct dh_st* crypto_dh_new_openssl_tls ( void )

Used by tortls.c: Get the DH* for use with TLS.

Definition at line 173 of file crypto_dh_openssl.c.

Variable Documentation

◆ DH_GENERATOR

const unsigned DH_GENERATOR

extern

Our DH 'g' parameter

Definition at line 23 of file crypto_dh.c.

Referenced by crypto_set_dh_generator().

◆ OAKLEY_PRIME_2

const char OAKLEY_PRIME_2[]

extern

This is from rfc2409, section 6.2. It's a safe prime, and supposedly it equals: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.

Definition at line 39 of file crypto_dh.c.

Referenced by crypto_dh_init_openssl().

◆ TLS_DH_PRIME

const char TLS_DH_PRIME[]

extern

This is the 1024-bit safe prime that Apache uses for its DH stuff; see modules/ssl/ssl_engine_dh.c; Apache also uses a generator of 2 with this prime.

Definition at line 28 of file crypto_dh.c.

Referenced by crypto_dh_init_openssl().

Macros

Functions

Variables

Detailed Description

Function Documentation

◆ crypto_dh_compute_secret()

◆ crypto_dh_dup()

◆ crypto_dh_free_()

◆ crypto_dh_generate_public()

◆ crypto_dh_get_bytes()

◆ crypto_dh_get_public()

◆ crypto_dh_handshake()

◆ crypto_dh_new()

◆ crypto_dh_new_openssl_tls()

Variable Documentation

◆ DH_GENERATOR

◆ OAKLEY_PRIME_2

◆ TLS_DH_PRIME