55
53
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
57
55
if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 )
58
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED | ret );
56
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret );
128
126
* Setup and write the ServerKeyExchange parameters
130
128
int dhm_make_params( dhm_context *ctx, int x_size,
131
unsigned char *output, int *olen,
132
int (*f_rng)(void *), void *p_rng )
129
unsigned char *output, size_t *olen,
130
int (*f_rng)(void *, unsigned char *, size_t),
134
int i, ret, n, n1, n2, n3;
135
135
unsigned char *p;
138
138
* Generate X as large as possible ( < P )
140
n = x_size / sizeof( t_int ) + 1;
141
MPI_CHK( mpi_grow( &ctx->X, n ) );
142
MPI_CHK( mpi_lset( &ctx->X, 0 ) );
140
n = x_size / sizeof( t_uint ) + 1;
144
p = (unsigned char *) ctx->X.p;
145
for( i = 0; i < x_size; i++ )
146
*p++ = (unsigned char) f_rng( p_rng );
142
mpi_fill_random( &ctx->X, n, f_rng, p_rng );
148
144
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
149
145
mpi_shift_r( &ctx->X, 1 );
190
186
* Import the peer's public value G^Y
192
188
int dhm_read_public( dhm_context *ctx,
193
const unsigned char *input, int ilen )
189
const unsigned char *input, size_t ilen )
198
194
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
200
196
if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
201
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED | ret );
197
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret );
207
203
* Create own private value X and export G^X
209
205
int dhm_make_public( dhm_context *ctx, int x_size,
210
unsigned char *output, int olen,
211
int (*f_rng)(void *), void *p_rng )
206
unsigned char *output, size_t olen,
207
int (*f_rng)(void *, unsigned char *, size_t),
216
212
if( ctx == NULL || olen < 1 || olen > ctx->len )
217
213
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
220
216
* generate X and calculate GX = G^X mod P
222
n = x_size / sizeof( t_int ) + 1;
223
MPI_CHK( mpi_grow( &ctx->X, n ) );
224
MPI_CHK( mpi_lset( &ctx->X, 0 ) );
218
n = x_size / sizeof( t_uint ) + 1;
226
p = (unsigned char *) ctx->X.p;
227
for( i = 0; i < x_size; i++ )
228
*p++ = (unsigned char) f_rng( p_rng );
220
mpi_fill_random( &ctx->X, n, f_rng, p_rng );
230
222
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
231
223
mpi_shift_r( &ctx->X, 1 );
250
242
* Derive and export the shared secret (G^Y)^X mod P
252
244
int dhm_calc_secret( dhm_context *ctx,
253
unsigned char *output, int *olen )
245
unsigned char *output, size_t *olen )
281
273
void dhm_free( dhm_context *ctx )
283
mpi_free( &ctx->RP, &ctx->K, &ctx->GY,
284
&ctx->GX, &ctx->X, &ctx->G,
275
mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY );
276
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
288
280
#if defined(POLARSSL_SELF_TEST)