24 static int dh_initialized = 0;
25 static SECKEYDHParams tls_dh_param, circuit_dh_param;
28 static unsigned char dh_generator_data[1];
31 crypto_dh_init_nss(
void)
38 sizeof(tls_dh_prime_data),
42 sizeof(circuit_dh_prime_data),
47 tls_dh_param.prime.data = tls_dh_prime_data;
49 tls_dh_param.base.data = dh_generator_data;
50 tls_dh_param.base.len = 1;
52 circuit_dh_param.prime.data = circuit_dh_prime_data;
54 circuit_dh_param.base.data = dh_generator_data;
55 circuit_dh_param.base.len = 1;
61 crypto_dh_free_all_nss(
void)
68 SECKEYPrivateKey *seckey;
69 SECKEYPublicKey *pubkey;
86 r->seckey = SECKEY_CopyPrivateKey(dh->seckey);
88 r->pubkey = SECKEY_CopyPublicKey(dh->pubkey);
104 if (dh->dh_type == DH_TYPE_TLS)
107 p = &circuit_dh_param;
109 dh->seckey = SECKEY_CreateDHPrivateKey(p, &dh->pubkey, NULL);
110 if (!dh->seckey || !dh->pubkey)
117 size_t pubkey_out_len)
126 const SECItem *item = &dh->pubkey->u.dh.publicValue;
128 if (item->len > pubkey_out_len)
132 memset(pubkey_out, 0, pubkey_out_len);
133 memcpy(pubkey_out + pubkey_out_len - item->len,
146 SECKEY_DestroyPrivateKey(dh->seckey);
148 SECKEY_DestroyPublicKey(dh->pubkey);
154 const char *pubkey,
size_t pubkey_len,
155 unsigned char *secret_out,
156 size_t secret_bytes_out)
161 if (!dh->pubkey || !dh->seckey)
166 SECKEYPublicKey peer_key;
167 memset(&peer_key, 0,
sizeof(peer_key));
168 peer_key.keyType = dhKey;
169 peer_key.pkcs11ID = CK_INVALID_HANDLE;
171 if (dh->dh_type == DH_TYPE_TLS)
172 peer_key.u.dh.prime.data = tls_dh_prime_data;
174 peer_key.u.dh.prime.data = circuit_dh_prime_data;
176 peer_key.u.dh.base.data = dh_generator_data;
177 peer_key.u.dh.base.len = 1;
178 peer_key.u.dh.publicValue.data = (
unsigned char *)pubkey;
179 peer_key.u.dh.publicValue.len = (int) pubkey_len;
181 PK11SymKey *sym = PK11_PubDerive(dh->seckey, &peer_key,
182 PR_FALSE, NULL, NULL, CKM_DH_PKCS_DERIVE,
183 CKM_GENERIC_SECRET_KEY_GEN ,
184 CKA_DERIVE, 0, NULL);
186 crypto_nss_log_errors(severity,
"deriving a DH shared secret");
190 SECStatus s = PK11_ExtractKeyValue(sym);
191 if (s != SECSuccess) {
192 crypto_nss_log_errors(severity,
"extracting a DH shared secret");
193 PK11_FreeSymKey(sym);
197 SECItem *result = PK11_GetKeyData(sym);
199 if (BUG(result->len > secret_bytes_out)) {
200 PK11_FreeSymKey(sym);
204 ssize_t len = result->len;
205 memcpy(secret_out, result->data, len);
206 PK11_FreeSymKey(sym);
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
const char OAKLEY_PRIME_2[]
const char TLS_DH_PRIME[]
const unsigned DH_GENERATOR
int crypto_dh_generate_public(crypto_dh_t *dh)
crypto_dh_t * crypto_dh_dup(const crypto_dh_t *dh)
void crypto_dh_free_(crypto_dh_t *dh)
int crypto_dh_get_bytes(crypto_dh_t *dh)
crypto_dh_t * crypto_dh_new(int dh_type)
ssize_t crypto_dh_handshake(int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, unsigned char *secret_out, size_t secret_bytes_out)
int crypto_dh_get_public(crypto_dh_t *dh, char *pubkey_out, size_t pubkey_out_len)
Headers for crypto_nss_mgt.c.
Headers for util_malloc.c.
Macros to manage assertions, fatal and non-fatal.