heimdal  7.7.0
About: Heimdal is a free implementation of Kerberos 5 (a system for authenticating users and services on a network).
  Fossies Dox: heimdal-7.7.0.tar.gz  ("inofficial" and yet experimental doxygen-generated source code documentation)  

Diffie-Hellman functions

See the DH - Diffie-Hellman key exchange for description and examples. More...

Functions

const DH_METHODDH_ltm_method (void)
 
DHDH_new (void)
 
DHDH_new_method (ENGINE *engine)
 
void DH_free (DH *dh)
 
int DH_up_ref (DH *dh)
 
int DH_size (const DH *dh)
 
int DH_set_ex_data (DH *dh, int idx, void *data)
 
voidDH_get_ex_data (DH *dh, int idx)
 
int DH_generate_parameters_ex (DH *dh, int prime_len, int generator, BN_GENCB *cb)
 
int DH_check_pubkey (const DH *dh, const BIGNUM *pub_key, int *codes)
 
int DH_generate_key (DH *dh)
 
int DH_compute_key (unsigned char *shared_key, const BIGNUM *peer_pub_key, DH *dh)
 
int DH_set_method (DH *dh, const DH_METHOD *method)
 
const DH_METHODDH_null_method (void)
 
void DH_set_default_method (const DH_METHOD *meth)
 
const DH_METHODDH_get_default_method (void)
 

Detailed Description

See the DH - Diffie-Hellman key exchange for description and examples.

Function Documentation

◆ DH_check_pubkey()

int DH_check_pubkey ( const DH dh,
const BIGNUM pub_key,
int *  codes 
)

Check that the public key is sane.

Parameters
dhthe local peer DH parameters.
pub_keythe remote peer public key parameters.
codesreturn that the failures of the pub_key are.
Returns
1 on success, 0 on failure and *codes is set the the combined fail check for the public key

Checks that the function performs are:

  • pub_key is not negative
  • pub_key > 1 and pub_key < p - 1, to avoid small subgroups attack.
  • if g == 2, pub_key have more then one bit set, if bits set is 1, log_2(pub_key) is trival

Definition at line 257 of file dh.c.

References BIGNUM, BN_cmp(), BN_free(), BN_is_bit_set(), BN_is_negative(), BN_new(), BN_num_bits(), BN_set_word(), BN_uadd(), codes, DH_CHECK_PUBKEY_TOO_LARGE, DH_CHECK_PUBKEY_TOO_SMALL, gen-map::i, n, and ret.

Referenced by DH_compute_key(), and ltm_dh_generate_key().

◆ DH_compute_key()

int DH_compute_key ( unsigned char *  shared_key,
const BIGNUM peer_pub_key,
DH dh 
)

Complute the shared secret key.

Parameters
shared_keythe resulting shared key, need to be at least DH_size() large.
peer_pub_keythe peer's public key.
dhthe dh key pair.
Returns
1 on success.

Checks that the pubkey passed in is valid using DH_check_pubkey().

Definition at line 359 of file dh.c.

References codes, and DH_check_pubkey().

Referenced by check_prime(), and dh_test().

◆ DH_free()

void DH_free ( DH dh)

Free a DH object and release related resources, like ENGINE, that the object was using.

Parameters
dhobject to be freed.

Definition at line 125 of file dh.c.

References ENGINE_finish(), and free_if.

Referenced by _krb5_get_init_creds_opt_free_pkinit(), check_prime(), and main().

◆ DH_generate_key()

int DH_generate_key ( DH dh)

Generate a new DH private-public key pair. The dh parameter must be allocted first with DH_new(). dh->p and dp->g must be set.

Parameters
dhdh parameter.
Returns
1 on success.

Definition at line 340 of file dh.c.

Referenced by check_prime(), and main().

◆ DH_generate_parameters_ex()

int DH_generate_parameters_ex ( DH dh,
int  prime_len,
int  generator,
BN_GENCB cb 
)

Generate DH parameters for the DH object give parameters.

Parameters
dhThe DH object to generate parameters for.
prime_lenlength of the prime
generatorgenerator, g
cbCallback parameters to show progress, can be NULL.
Returns
the maximum size in bytes of the out data.

Definition at line 236 of file dh.c.

◆ DH_get_default_method()

const DH_METHOD* DH_get_default_method ( void  )

Return the default DH implementation.

Returns
pointer to a DH_METHOD.

Definition at line 485 of file dh.c.

References dh_default_method.

Referenced by DH_new_method(), and info().

◆ DH_get_ex_data()

void* DH_get_ex_data ( DH dh,
int  idx 
)

Get the data for index idx in the DH object.

Parameters
dhDH object.
idxindex to get the data for.
Returns
the object store in index idx

Definition at line 217 of file dh.c.

◆ DH_ltm_method()

const DH_METHOD* DH_ltm_method ( void  )

DH implementation using libtommath.

Returns
the DH_METHOD for the DH implementation using libtommath.

Definition at line 236 of file dh-ltm.c.

References _hc_dh_ltm_method.

Referenced by ENGINE_load_builtin_engines().

◆ DH_new()

DH* DH_new ( void  )

Create a new DH object using DH_new_method(NULL), see DH_new_method().

Returns
a newly allocated DH object.

Definition at line 64 of file dh.c.

References DH_new_method().

◆ DH_new_method()

DH* DH_new_method ( ENGINE engine)

Create a new DH object from the given engine, if the NULL is used, the default engine is used. Free the DH object with DH_free().

Parameters
engineThe engine to use to allocate the DH object.
Returns
a newly allocated DH object.

Definition at line 81 of file dh.c.

References DH, DH_get_default_method(), ENGINE_finish(), ENGINE_get_default_DH(), ENGINE_get_DH(), and ENGINE_up_ref().

Referenced by check_prime(), DH_new(), and main().

◆ DH_null_method()

const DH_METHOD* DH_null_method ( void  )

Return the dummy DH implementation.

Returns
pointer to a DH_METHOD.

Definition at line 457 of file dh.c.

References dh_null_method.

◆ DH_set_default_method()

void DH_set_default_method ( const DH_METHOD meth)

Set the default DH implementation.

Parameters
methpointer to a DH_METHOD.

Definition at line 471 of file dh.c.

References dh_default_method.

◆ DH_set_ex_data()

int DH_set_ex_data ( DH dh,
int  idx,
void data 
)

Set the data index idx in the DH object to data.

Parameters
dhDH object.
idxindex to set the data for.
datadata to store for the index idx.
Returns
1 on success.

Definition at line 199 of file dh.c.

References data.

◆ DH_set_method()

int DH_set_method ( DH dh,
const DH_METHOD method 
)

Set a new method for the DH keypair.

Parameters
dhdh parameter.
methodthe new method for the DH parameter.
Returns
1 on success.

Definition at line 387 of file dh.c.

References ENGINE_finish().

◆ DH_size()

int DH_size ( const DH dh)

The maximum output size of the DH_compute_key() function.

Parameters
dhThe DH object to get the size from.
Returns
the maximum size in bytes of the out data.

Definition at line 181 of file dh.c.

References BN_num_bytes().

Referenced by check_prime(), and dh_test().

◆ DH_up_ref()

int DH_up_ref ( DH dh)

Add a reference to the DH object. The object should be free with DH_free() to drop the reference.

Parameters
dhthe object to increase the reference count too.
Returns
the updated reference count, can't safely be used except for debug printing.

Definition at line 165 of file dh.c.