// Checks that (p,g) is acceptable pair for DH int tglmp_check_DH_params (struct tgl_state *TLS, TGLC_bn *p, int g) { if (g < 2 || g > 7) { return -1; } if (TGLC_bn_num_bits (p) != 2048) { return -1; } TGLC_bn *t = TGLC_bn_new (); TGLC_bn *dh_g = TGLC_bn_new (); ensure (TGLC_bn_set_word (dh_g, 4 * g)); ensure (TGLC_bn_mod (t, p, dh_g, TLS->TGLC_bn_ctx)); int x = TGLC_bn_get_word (t); assert (x >= 0 && x < 4 * g); TGLC_bn_free (dh_g); int res = 0; switch (g) { case 2: if (x != 7) { res = -1; } break; case 3: if (x % 3 != 2) { res = -1; } break; case 4: break; case 5: if (x % 5 != 1 && x % 5 != 4) { res = -1; } break; case 6: if (x != 19 && x != 23) { res = -1; } break; case 7: if (x % 7 != 3 && x % 7 != 5 && x % 7 != 6) { res = -1; } break; } if (res < 0 || !check_prime (TLS, p)) { TGLC_bn_free (t); return -1; } TGLC_bn *b = TGLC_bn_new (); ensure (TGLC_bn_set_word (b, 2)); ensure (TGLC_bn_div (t, 0, p, b, TLS->TGLC_bn_ctx)); if (!check_prime (TLS, t)) { res = -1; } TGLC_bn_free (b); TGLC_bn_free (t); return res; }
void bl_do_set_dh_params (struct tgl_state *TLS, int root, unsigned char prime[], int version) /* {{{ */ { if (TLS->encr_prime) { tfree (TLS->encr_prime, 256); TGLC_bn_free (TLS->encr_prime_bn); } TLS->encr_root = root; TLS->encr_prime = talloc (256); memcpy (TLS->encr_prime, prime, 256); TLS->encr_prime_bn = TGLC_bn_new (); TGLC_bn_bin2bn ((void *)TLS->encr_prime, 256, TLS->encr_prime_bn); TLS->encr_param_version = version; assert (tglmp_check_DH_params (TLS, TLS->encr_prime_bn, TLS->encr_root) >= 0); }
// checks that g_a is acceptable for DH int tglmp_check_g_a (struct tgl_state *TLS, TGLC_bn *p, TGLC_bn *g_a) { if (TGLC_bn_num_bytes (g_a) > 256) { return -1; } if (TGLC_bn_num_bits (g_a) < 2048 - 64) { return -1; } if (TGLC_bn_cmp (p, g_a) <= 0) { return -1; } TGLC_bn *dif = TGLC_bn_new (); TGLC_bn_sub (dif, p, g_a); if (TGLC_bn_num_bits (dif) < 2048 - 64) { TGLC_bn_free (dif); return -1; } TGLC_bn_free (dif); return 0; }