Tor
0.4.7.0-alpha-dev
|
Implement Tor's Z_p diffie-hellman stuff for OpenSSL. More...
#include "lib/crypt_ops/compat_openssl.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_hkdf.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/log/log.h"
#include "lib/log/util_bug.h"
#include <openssl/dh.h>
#include <openssl/bn.h>
#include <string.h>
Go to the source code of this file.
Data Structures | |
struct | crypto_dh_t |
Macros | |
#define | DH_PRIVATE_KEY_BITS 320 |
Functions | |
static int | tor_check_dh_key (int severity, const BIGNUM *bn) |
static DH * | new_openssl_dh_from_params (BIGNUM *p, BIGNUM *g) |
static BIGNUM * | bignum_from_hex (const char *hex) |
static void | crypto_set_dh_generator (void) |
void | crypto_dh_init_openssl (void) |
DH * | crypto_dh_new_openssl_tls (void) |
crypto_dh_t * | crypto_dh_new (int dh_type) |
crypto_dh_t * | crypto_dh_dup (const crypto_dh_t *dh) |
int | crypto_dh_get_bytes (crypto_dh_t *dh) |
int | crypto_dh_generate_public (crypto_dh_t *dh) |
int | crypto_dh_get_public (crypto_dh_t *dh, char *pubkey, size_t pubkey_len) |
ssize_t | crypto_dh_handshake (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, unsigned char *secret_out, size_t secret_bytes_out) |
void | crypto_dh_free_ (crypto_dh_t *dh) |
void | crypto_dh_free_all_openssl (void) |
Variables | |
static BIGNUM * | dh_param_p = NULL |
static BIGNUM * | dh_param_p_tls = NULL |
static BIGNUM * | dh_param_g = NULL |
Implement Tor's Z_p diffie-hellman stuff for OpenSSL.
Definition in file crypto_dh_openssl.c.
#define DH_PRIVATE_KEY_BITS 320 |
Number of bits to use when choosing the x or y value in a Diffie-Hellman handshake. Since we exponentiate by this value, choosing a smaller one lets our handshake go faster.
Definition at line 168 of file crypto_dh_openssl.c.
|
static |
Helper: convert hex to a bignum, and return it. Assert that the operation was successful.
Definition at line 110 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl().
crypto_dh_t* crypto_dh_dup | ( | const crypto_dh_t * | dh | ) |
Return a copy of dh, sharing its internal state.
Definition at line 254 of file crypto_dh_openssl.c.
void crypto_dh_free_ | ( | crypto_dh_t * | dh | ) |
Free a DH key exchange object.
Definition at line 456 of file crypto_dh_openssl.c.
int crypto_dh_generate_public | ( | crypto_dh_t * | dh | ) |
Generate <x,g^x> for our part of the key exchange. Return 0 on success, -1 on failure.
Definition at line 277 of file crypto_dh_openssl.c.
Referenced by crypto_dh_get_public().
int crypto_dh_get_bytes | ( | crypto_dh_t * | dh | ) |
Return the length of the DH key in dh, in bytes.
Definition at line 267 of file crypto_dh_openssl.c.
Referenced by crypto_dh_compute_secret(), and onion_skin_TAP_client_handshake().
int crypto_dh_get_public | ( | crypto_dh_t * | dh, |
char * | pubkey, | ||
size_t | pubkey_len | ||
) |
Generate g^x as necessary, and write the g^x for the key exchange as a pubkey_len-byte value into pubkey. Return 0 on success, -1 on failure. pubkey_len must be >= DH1024_KEY_LEN.
Definition at line 323 of file crypto_dh_openssl.c.
ssize_t crypto_dh_handshake | ( | int | severity, |
crypto_dh_t * | dh, | ||
const char * | pubkey, | ||
size_t | pubkey_len, | ||
unsigned char * | secret_out, | ||
size_t | secret_bytes_out | ||
) |
Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate g^xy as a big-endian integer in secret_out. Return the number of bytes generated on success, or -1 on failure.
This function MUST validate that g^y is actually in the group.
Definition at line 409 of file crypto_dh_openssl.c.
void crypto_dh_init_openssl | ( | void | ) |
Initialize our DH parameters. Idempotent.
Definition at line 144 of file crypto_dh_openssl.c.
crypto_dh_t* crypto_dh_new | ( | int | dh_type | ) |
Allocate and return a new DH object for a key exchange. Returns NULL on failure.
Definition at line 183 of file crypto_dh_openssl.c.
DH* crypto_dh_new_openssl_tls | ( | void | ) |
Used by tortls.c: Get the DH* for use with TLS.
Definition at line 173 of file crypto_dh_openssl.c.
|
static |
Set the global Diffie-Hellman generator, used for both TLS and internal DH stuff.
Definition at line 125 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl().
|
static |
Create and return a new openssl DH from a given prime and generator.
Definition at line 209 of file crypto_dh_openssl.c.
Referenced by crypto_dh_new_openssl_tls().
|
static |
Check for bad Diffie-Hellman public keys (g^x). Return 0 if the key is okay (in the subgroup [2,p-2]), or -1 if it's bad. See http://www.cl.cam.ac.uk/ftp/users/rja14/psandqs.ps.gz for some tips.
Definition at line 370 of file crypto_dh_openssl.c.
Referenced by crypto_dh_generate_public().
|
static |
Shared G parameter for our DH key exchanges.
Definition at line 46 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl(), crypto_dh_new_openssl_tls(), and crypto_set_dh_generator().
|
static |
Shared P parameter for our circuit-crypto DH key exchanges.
Definition at line 42 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl().
|
static |
Shared P parameter for our TLS DH key exchanges.
Definition at line 44 of file crypto_dh_openssl.c.
Referenced by crypto_dh_init_openssl(), and crypto_dh_new_openssl_tls().