Tor 0.4.9.0-alpha-dev
Functions | Variables
crypto_dh.c File Reference

Block of functions related with DH utilities and operations. over Z_p. We aren't using this for any new crypto – EC is more efficient. More...

#include "lib/crypt_ops/compat_openssl.h"
#include "lib/crypt_ops/crypto_dh.h"
#include "lib/crypt_ops/crypto_digest.h"
#include "lib/crypt_ops/crypto_hkdf.h"
#include "lib/crypt_ops/crypto_util.h"
#include "lib/log/log.h"
#include "lib/log/util_bug.h"

Go to the source code of this file.

Functions

void crypto_dh_init (void)
 
void crypto_dh_free_all (void)
 
ssize_t crypto_dh_compute_secret (int severity, crypto_dh_t *dh, const char *pubkey, size_t pubkey_len, char *secret_out, size_t secret_bytes_out)
 

Variables

const unsigned DH_GENERATOR = 2
 
const char TLS_DH_PRIME []
 
const char OAKLEY_PRIME_2 []
 

Detailed Description

Block of functions related with DH utilities and operations. over Z_p. We aren't using this for any new crypto – EC is more efficient.

Definition in file crypto_dh.c.

Function Documentation

◆ crypto_dh_compute_secret()

ssize_t crypto_dh_compute_secret ( int  severity,
crypto_dh_t dh,
const char *  pubkey,
size_t  pubkey_len,
char *  secret_out,
size_t  secret_bytes_out 
)

Given a DH key exchange object, and our peer's value of g^y (as a pubkey_len-byte value in pubkey) generate secret_bytes_out bytes of shared key material and write them to secret_out. Return the number of bytes generated on success, or -1 on failure.

(We generate key material by computing SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ... where || is concatenation.)

Definition at line 79 of file crypto_dh.c.

◆ crypto_dh_free_all()

void crypto_dh_free_all ( void  )

Definition at line 58 of file crypto_dh.c.

◆ crypto_dh_init()

void crypto_dh_init ( void  )

Definition at line 47 of file crypto_dh.c.

Variable Documentation

◆ DH_GENERATOR

const unsigned DH_GENERATOR = 2

Our DH 'g' parameter

Definition at line 23 of file crypto_dh.c.

Referenced by crypto_set_dh_generator().

◆ OAKLEY_PRIME_2

const char OAKLEY_PRIME_2[]
Initial value:
=
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
"8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
"302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
"A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
"49286651ECE65381FFFFFFFFFFFFFFFF"

This is from rfc2409, section 6.2. It's a safe prime, and supposedly it equals: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.

Definition at line 39 of file crypto_dh.c.

Referenced by crypto_dh_init_openssl().

◆ TLS_DH_PRIME

const char TLS_DH_PRIME[]
Initial value:
=
"D67DE440CBBBDC1936D693D34AFD0AD50C84D239A45F520BB88174CB98"
"BCE951849F912E639C72FB13B4B4D7177E16D55AC179BA420B2A29FE324A"
"467A635E81FF5901377BEDDCFD33168A461AAD3B72DAE8860078045B07A7"
"DBCA7874087D1510EA9FCC9DDD330507DD62DB88AEAA747DE0F4D6E2BD68"
"B0E7393E0F24218EB3"

This is the 1024-bit safe prime that Apache uses for its DH stuff; see modules/ssl/ssl_engine_dh.c; Apache also uses a generator of 2 with this prime.

Definition at line 28 of file crypto_dh.c.

Referenced by crypto_dh_init_openssl().

Generated by doxygen 1.9.4