removed superfluous get_other_public_value in diffie_hellman_t interface
[strongswan.git] / src / libstrongswan / plugins / openssl / openssl_diffie_hellman.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2008 Martin Willi
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * $Id$
17 */
18
19 #include <openssl/dh.h>
20
21 #include "openssl_diffie_hellman.h"
22
23 #include <debug.h>
24
25 typedef struct modulus_entry_t modulus_entry_t;
26
27 /**
28 * Entry of the modulus list.
29 */
30 struct modulus_entry_t {
31 /**
32 * Group number as it is defined in file transform_substructure.h.
33 */
34 diffie_hellman_group_t group;
35
36 /**
37 * Pointer to the function to get the modulus.
38 */
39 BIGNUM *(*get_prime)(BIGNUM *bn);
40
41 /*
42 * Optimum length of exponent in bits.
43 */
44 long opt_exponent_len;
45
46 /*
47 * Generator value.
48 */
49 u_int16_t generator;
50 };
51
52 /**
53 * All supported modulus values - optimum exponent size according to RFC 3526.
54 */
55 static modulus_entry_t modulus_entries[] = {
56 {MODP_768_BIT, get_rfc2409_prime_768, 256, 2},
57 {MODP_1024_BIT, get_rfc2409_prime_1024, 256, 2},
58 {MODP_1536_BIT, get_rfc3526_prime_1536, 256, 2},
59 {MODP_2048_BIT, get_rfc3526_prime_2048, 384, 2},
60 {MODP_3072_BIT, get_rfc3526_prime_3072, 384, 2},
61 {MODP_4096_BIT, get_rfc3526_prime_4096, 512, 2},
62 {MODP_6144_BIT, get_rfc3526_prime_6144, 512, 2},
63 {MODP_8192_BIT, get_rfc3526_prime_8192, 512, 2},
64 };
65
66 typedef struct private_openssl_diffie_hellman_t private_openssl_diffie_hellman_t;
67
68 /**
69 * Private data of an openssl_diffie_hellman_t object.
70 */
71 struct private_openssl_diffie_hellman_t {
72 /**
73 * Public openssl_diffie_hellman_t interface.
74 */
75 openssl_diffie_hellman_t public;
76
77 /**
78 * Diffie Hellman group number.
79 */
80 u_int16_t group;
81
82 /**
83 * Diffie Hellman object
84 */
85 DH *dh;
86
87 /**
88 * Other public value
89 */
90 BIGNUM *pub_key;
91
92 /**
93 * Shared secret
94 */
95 chunk_t shared_secret;
96
97 /**
98 * True if shared secret is computed
99 */
100 bool computed;
101 };
102
103 /**
104 * Implementation of openssl_diffie_hellman_t.get_my_public_value.
105 */
106 static void get_my_public_value(private_openssl_diffie_hellman_t *this,
107 chunk_t *value)
108 {
109 *value = chunk_alloc(DH_size(this->dh));
110 memset(value->ptr, 0, value->len);
111 BN_bn2bin(this->dh->pub_key,
112 value->ptr + value->len - BN_num_bytes(this->dh->pub_key));
113 }
114
115 /**
116 * Implementation of openssl_diffie_hellman_t.get_shared_secret.
117 */
118 static status_t get_shared_secret(private_openssl_diffie_hellman_t *this,
119 chunk_t *secret)
120 {
121 if (!this->computed)
122 {
123 return FAILED;
124 }
125 /* shared secret should requires a len according the DH group */
126 *secret = chunk_alloc(DH_size(this->dh));
127 memset(secret->ptr, 0, secret->len);
128 memcpy(secret->ptr + secret->len - this->shared_secret.len,
129 this->shared_secret.ptr, this->shared_secret.len);
130
131 return SUCCESS;
132 }
133
134
135 /**
136 * Implementation of openssl_diffie_hellman_t.set_other_public_value.
137 */
138 static void set_other_public_value(private_openssl_diffie_hellman_t *this,
139 chunk_t value)
140 {
141 int len;
142
143 BN_bin2bn(value.ptr, value.len, this->pub_key);
144 chunk_clear(&this->shared_secret);
145 this->shared_secret.ptr = malloc(DH_size(this->dh));
146 memset(this->shared_secret.ptr, 0xFF, this->shared_secret.len);
147 len = DH_compute_key(this->shared_secret.ptr, this->pub_key, this->dh);
148 if (len < 0)
149 {
150 DBG1("DH shared secret computation failed");
151 return;
152 }
153 this->shared_secret.len = len;
154 this->computed = TRUE;
155 }
156
157 /**
158 * Implementation of openssl_diffie_hellman_t.get_dh_group.
159 */
160 static diffie_hellman_group_t get_dh_group(private_openssl_diffie_hellman_t *this)
161 {
162 return this->group;
163 }
164
165 /**
166 * Lookup the modulus in modulo table
167 */
168 static status_t set_modulus(private_openssl_diffie_hellman_t *this)
169 {
170 int i;
171 bool ansi_x9_42;
172
173 ansi_x9_42 = lib->settings->get_bool(lib->settings,
174 "charon.dh_exponent_ansi_x9_42", TRUE);
175
176 for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++)
177 {
178 if (modulus_entries[i].group == this->group)
179 {
180 this->dh->p = modulus_entries[i].get_prime(NULL);
181 this->dh->g = BN_new();
182 BN_set_word(this->dh->g, modulus_entries[i].generator);
183 if (!ansi_x9_42)
184 {
185 this->dh->length = modulus_entries[i].opt_exponent_len;
186 }
187 return SUCCESS;
188 }
189 }
190 return NOT_FOUND;
191 }
192
193 /**
194 * Implementation of openssl_diffie_hellman_t.destroy.
195 */
196 static void destroy(private_openssl_diffie_hellman_t *this)
197 {
198 BN_clear_free(this->pub_key);
199 DH_free(this->dh);
200 chunk_clear(&this->shared_secret);
201 free(this);
202 }
203
204 /*
205 * Described in header.
206 */
207 openssl_diffie_hellman_t *openssl_diffie_hellman_create(diffie_hellman_group_t group)
208 {
209 private_openssl_diffie_hellman_t *this = malloc_thing(private_openssl_diffie_hellman_t);
210
211 this->public.dh.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret;
212 this->public.dh.set_other_public_value = (void (*)(diffie_hellman_t *, chunk_t )) set_other_public_value;
213 this->public.dh.get_my_public_value = (void (*)(diffie_hellman_t *, chunk_t *)) get_my_public_value;
214 this->public.dh.get_dh_group = (diffie_hellman_group_t (*)(diffie_hellman_t *)) get_dh_group;
215 this->public.dh.destroy = (void (*)(diffie_hellman_t *)) destroy;
216
217 this->dh = DH_new();
218 if (!this->dh)
219 {
220 free(this);
221 return NULL;
222 }
223
224 this->group = group;
225 this->computed = FALSE;
226 this->pub_key = BN_new();
227 this->shared_secret = chunk_empty;
228
229 /* find a modulus according to group */
230 if (set_modulus(this) != SUCCESS)
231 {
232 destroy(this);
233 return NULL;
234 }
235
236 /* generate my public and private values */
237 if (!DH_generate_key(this->dh))
238 {
239 destroy(this);
240 return NULL;
241 }
242 DBG2("size of DH secret exponent: %d bits", BN_num_bits(this->dh->priv_key));
243
244 return &this->public;
245 }