static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { RSA_PKEY_CTX *dctx, *sctx; if (!pkey_rsa_init(dst)) return 0; sctx = src->data; dctx = dst->data; dctx->nbits = sctx->nbits; if (sctx->pub_exp) { dctx->pub_exp = BN_dup(sctx->pub_exp); if (!dctx->pub_exp) return 0; } dctx->pad_mode = sctx->pad_mode; dctx->md = sctx->md; dctx->mgf1md = sctx->mgf1md; if (sctx->oaep_label) { if (dctx->oaep_label) OPENSSL_free(dctx->oaep_label); dctx->oaep_label = BUF_memdup(sctx->oaep_label, sctx->oaep_labellen); if (!dctx->oaep_label) return 0; dctx->oaep_labellen = sctx->oaep_labellen; } return 1; }
int dupKeys(paillierKeys *out, const paillierKeys *in) { out->n2 = BN_dup(in->n2); out->n = BN_dup(in->n); out->pub.g = BN_dup(in->pub.g); out->pub.n = out->n; out->pub.n2 = out->n2; out->priv.lamda = BN_dup(in->priv.lamda); out->priv.mu = BN_dup(in->priv.mu); out->priv.n = out->n; out->priv.n2 = out->n2; return 0; }
void PSPAKE_Message_generate(PSPAKE_Message *message, PSPAKE_CTX *ctx) { BIGNUM *t1 = BN_new(); BIGNUM *t2 = BN_new(); /* just for debugging */ static int cnt = 0; cnt++; /* r belongs to [0, q) */ BN_rand_range(ctx->r, ctx->q); /* t1 = g^r mod q */ BN_mod_exp(t1, ctx->g, ctx->r, ctx->q, ctx->ctx); /* t2 = h^secret mod q */ BN_mod_exp(t2, ctx->h, ctx->secret, ctx->q, ctx->ctx); /* ctx->y = t1 * t2 mod q */ BN_mod_mul(ctx->y, t1, t2, ctx->q, ctx->ctx); /* message->y = ctx->y */ message->y = BN_dup(ctx->y); /* print the random number r generated (just for debugging) */ if (cnt == 1) { print_bn("alice's r", ctx->r); } else { print_bn("bob's r", ctx->r); } }
bool MakePrime(RsaParams params, const BIGNUM* value, BIGNUM** delta_ret, BN_CTX* ctx) { BIGNUM* tmp = BN_dup(value); CHECK_CALL(tmp); // Find a delta such that // p = value + delta // is prime const int delta_max = RsaParams_GetDeltaMax(params); bool is_even = !BN_is_odd(tmp); if(is_even) { CHECK_CALL(BN_add_word(tmp, 1)); } if(!RsaPrime(*delta_ret, tmp, ctx)) return false; if(is_even) { CHECK_CALL(BN_add_word(*delta_ret, 1)); } // printf("%llu %d\n", BN_get_word(*delta_ret), delta_max); if(BN_get_word(*delta_ret) > delta_max) return false; BN_clear_free(tmp); return true; }
int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) { if (key->priv_key) BN_clear_free(key->priv_key); key->priv_key = BN_dup(priv_key); return (key->priv_key == NULL) ? 0 : 1; }
int ec_GFp_mont_group_copy(EC_GROUP * dest, const EC_GROUP * src) { BN_MONT_CTX_free(dest->field_data1); dest->field_data1 = NULL; BN_clear_free(dest->field_data2); dest->field_data2 = NULL; if (!ec_GFp_simple_group_copy(dest, src)) return 0; if (src->field_data1 != NULL) { dest->field_data1 = BN_MONT_CTX_new(); if (dest->field_data1 == NULL) return 0; if (!BN_MONT_CTX_copy(dest->field_data1, src->field_data1)) goto err; } if (src->field_data2 != NULL) { dest->field_data2 = BN_dup(src->field_data2); if (dest->field_data2 == NULL) goto err; } return 1; err: if (dest->field_data1 != NULL) { BN_MONT_CTX_free(dest->field_data1); dest->field_data1 = NULL; } return 0; }
static void YAK_CTX_init(YAK_CTX *ctx, const char *name, const char *peer_name, const BIGNUM *p, const EC_POINT *g, const BIGNUM *q, const BIGNUM *secret) { ctx->p.name = OPENSSL_strdup(name); ctx->p.peer_name = OPENSSL_strdup(peer_name); ctx->p.p = BN_dup(p); ctx->p.g = BN_dup(g); ctx->p.q = BN_dup(q); ctx->secret = BN_dup(secret); ctx->xa = BN_new(); ctx->key = BN_new(); ctx->ctx = BN_CTX_new(); }
BIGNUM * OpenSSLCryptoBase64::b642BN(char * b64in, unsigned int len) { if (len > 1024) return NULL; int bufLen; unsigned char buf[1024]; EVP_ENCODE_CTX m_dctx; EVP_DecodeInit(&m_dctx); int rc = EVP_DecodeUpdate(&m_dctx, buf, &bufLen, (unsigned char *) b64in, len); if (rc < 0) { throw XSECCryptoException(XSECCryptoException::Base64Error, "OpenSSL:Base64 - Error during Base64 Decode of BIGNUMS"); } int finalLen; EVP_DecodeFinal(&m_dctx, &buf[bufLen], &finalLen); bufLen += finalLen; // Now translate to a bignum return BN_dup(BN_bin2bn(buf, bufLen, NULL)); }
ERL_NIF_TERM dh_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (OthersPublicKey, MyPrivateKey, DHParams=[P,G]) */ BIGNUM *other_pub_key = NULL, *dh_p = NULL, *dh_g = NULL; DH *dh_priv = DH_new(); /* Check the arguments and get my private key (dh_priv), the peer's public key (other_pub_key), the parameters p & q */ { BIGNUM *dummy_pub_key = NULL, *priv_key = NULL; ERL_NIF_TERM head, tail; if (!get_bn_from_bin(env, argv[0], &other_pub_key) || !get_bn_from_bin(env, argv[1], &priv_key) || !enif_get_list_cell(env, argv[2], &head, &tail) || !get_bn_from_bin(env, head, &dh_p) || !enif_get_list_cell(env, tail, &head, &tail) || !get_bn_from_bin(env, head, &dh_g) || !enif_is_empty_list(env, tail) /* Note: DH_set0_key() does not allow setting only the * private key, although DH_compute_key() does not use the * public key. Work around this limitation by setting * the public key to a copy of the private key. */ || !(dummy_pub_key = BN_dup(priv_key)) || !DH_set0_key(dh_priv, dummy_pub_key, priv_key) || !DH_set0_pqg(dh_priv, dh_p, NULL, dh_g) ) { if (dh_p) BN_free(dh_p); if (dh_g) BN_free(dh_g); if (other_pub_key) BN_free(other_pub_key); if (dummy_pub_key) BN_free(dummy_pub_key); if (priv_key) BN_free(priv_key); return enif_make_badarg(env); } } { ErlNifBinary ret_bin; int size; enif_alloc_binary(DH_size(dh_priv), &ret_bin); size = DH_compute_key(ret_bin.data, other_pub_key, dh_priv); BN_free(other_pub_key); DH_free(dh_priv); if (size<=0) { enif_release_binary(&ret_bin); return atom_error; } if (size != ret_bin.size) enif_realloc_binary(&ret_bin, size); return enif_make_binary(env, &ret_bin); } }
int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src) { BN_MONT_CTX_free(dest->mont); dest->mont = NULL; BN_clear_free(dest->one); dest->one = NULL; if (!ec_GFp_simple_group_copy(dest, src)) { return 0; } if (src->mont != NULL) { dest->mont = BN_MONT_CTX_new(); if (dest->mont == NULL) { return 0; } if (!BN_MONT_CTX_copy(dest->mont, src->mont)) { goto err; } } if (src->one != NULL) { dest->one = BN_dup(src->one); if (dest->one == NULL) { goto err; } } return 1; err: BN_MONT_CTX_free(dest->mont); dest->mont = NULL; return 0; }
static int gost_set_priv_key(EVP_PKEY *pkey,BIGNUM *priv) { switch (EVP_PKEY_base_id(pkey)) { case NID_id_GostR3410_94: { DSA *dsa = (DSA*)EVP_PKEY_get0(pkey); if (!dsa) { dsa = DSA_new(); EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),dsa); } dsa->priv_key = BN_dup(priv); if (!EVP_PKEY_missing_parameters(pkey)) gost94_compute_public(dsa); break; } case NID_id_GostR3410_2001: { EC_KEY *ec = (EC_KEY*)EVP_PKEY_get0(pkey); if (!ec) { ec = EC_KEY_new(); EVP_PKEY_assign(pkey,EVP_PKEY_base_id(pkey),ec); } if (!EC_KEY_set_private_key(ec,priv)) return 0; if (!EVP_PKEY_missing_parameters(pkey)) gost2001_compute_public(ec); break; } } return 1; }
//old BIGNUM *Egcd(const BIGNUM *n, const BIGNUM *m, BIGNUM *x, BIGNUM *y) { //print_bn("n", n); //print_bn("m", m); BIGNUM *value = BN_new(); BIGNUM *temp = BN_new(); BIGNUM *t1 = BN_new(); BIGNUM *t2 = BN_new(); BIGNUM *new_m = BN_new(); BN_CTX *ctx = BN_CTX_new(); if (BN_is_zero(m)) { BN_set_word(x, 1); BN_set_word(y, 0); value = BN_dup(n); //print_bn("x", x); //print_bn("y", y); return value; } BN_mod(new_m, n, m, ctx); //printf("called once\n"); value = BN_dup(Egcd(m, new_m, x, y)); print_bn("n", n); print_bn("m", m); print_bn("old_x", x); print_bn("old_y", y); temp = BN_dup(x); x = BN_dup(y); /* y = temp - (n/m) * y */ BN_div(t1, NULL, n, m, ctx); BN_mul(t2, t1, y, ctx); BN_sub(y, temp, t2); print_bn("x", x); print_bn("y", y); return value; }
static DH *get_standard_parameters(const struct standard_parameters *params, const ENGINE *engine) { DH *dh = DH_new(); if (!dh) { return NULL; } dh->p = BN_dup(¶ms->p); dh->q = BN_dup(¶ms->q); dh->g = BN_dup(¶ms->g); if (!dh->p || !dh->q || !dh->g) { DH_free(dh); return NULL; } return dh; }
static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { BIGNUM *a; if ((a = BN_dup(from->pkey.dh->p)) == NULL) return 0; BN_free(to->pkey.dh->p); to->pkey.dh->p = a; if ((a = BN_dup(from->pkey.dh->g)) == NULL) return 0; BN_free(to->pkey.dh->g); to->pkey.dh->g = a; return 1; }
int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { if (to->type != from->type) { EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES); goto err; } if (EVP_PKEY_missing_parameters(from)) { EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS); goto err; } #ifndef OPENSSL_NO_DSA if (to->type == EVP_PKEY_DSA) { BIGNUM *a; if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err; if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p); to->pkey.dsa->p=a; if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err; if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q); to->pkey.dsa->q=a; if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err; if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g); to->pkey.dsa->g=a; } #endif #ifndef OPENSSL_NO_EC if (to->type == EVP_PKEY_EC) { EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec)); if (group == NULL) goto err; if (EC_KEY_set_group(to->pkey.ec, group) == 0) goto err; EC_GROUP_free(group); } #endif return(1); err: return(0); }
static SRP_user_pwd *srp_user_pwd_dup(SRP_user_pwd *src) { SRP_user_pwd *ret; if (src == NULL) return NULL; if ((ret = SRP_user_pwd_new()) == NULL) return NULL; SRP_user_pwd_set_gN(ret, src->g, src->N); if (!SRP_user_pwd_set_ids(ret, src->id, src->info) || !SRP_user_pwd_set_sv_BN(ret, BN_dup(src->s), BN_dup(src->v))) { SRP_user_pwd_free(ret); return NULL; } return ret; }
int tls_ctx_use_external_private_key (struct tls_root_ctx *ctx, X509 *cert) { RSA *rsa = NULL; RSA *pub_rsa; RSA_METHOD *rsa_meth; ASSERT (NULL != ctx); ASSERT (NULL != cert); /* allocate custom RSA method object */ ALLOC_OBJ_CLEAR (rsa_meth, RSA_METHOD); rsa_meth->name = "OpenVPN external private key RSA Method"; rsa_meth->rsa_pub_enc = rsa_pub_enc; rsa_meth->rsa_pub_dec = rsa_pub_dec; rsa_meth->rsa_priv_enc = rsa_priv_enc; rsa_meth->rsa_priv_dec = rsa_priv_dec; rsa_meth->init = NULL; rsa_meth->finish = rsa_finish; rsa_meth->flags = RSA_METHOD_FLAG_NO_CHECK; rsa_meth->app_data = NULL; /* allocate RSA object */ rsa = RSA_new(); if (rsa == NULL) { SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE); goto err; } /* get the public key */ ASSERT(cert->cert_info->key->pkey); /* NULL before SSL_CTX_use_certificate() is called */ pub_rsa = cert->cert_info->key->pkey->pkey.rsa; /* initialize RSA object */ rsa->n = BN_dup(pub_rsa->n); rsa->flags |= RSA_FLAG_EXT_PKEY; if (!RSA_set_method(rsa, rsa_meth)) goto err; /* bind our custom RSA object to ssl_ctx */ if (!SSL_CTX_use_RSAPrivateKey(ctx->ctx, rsa)) goto err; RSA_free(rsa); /* doesn't necessarily free, just decrements refcount */ return 1; err: if (rsa) RSA_free(rsa); else { if (rsa_meth) free(rsa_meth); } msg (M_SSLERR, "Cannot enable SSL external private key capability"); return 0; }
Result<RSA> RSA::from_pem(Slice pem) { init_crypto(); auto *bio = BIO_new_mem_buf(const_cast<void *>(static_cast<const void *>(pem.ubegin())), narrow_cast<int32>(pem.size())); if (bio == nullptr) { return Status::Error("Cannot create BIO"); } SCOPE_EXIT { BIO_free(bio); }; auto *rsa = RSA_new(); if (rsa == nullptr) { return Status::Error("Cannot create RSA"); } SCOPE_EXIT { RSA_free(rsa); }; if (!PEM_read_bio_RSAPublicKey(bio, &rsa, nullptr, nullptr)) { return Status::Error("Error while reading rsa pubkey"); } if (RSA_size(rsa) != 256) { return Status::Error("RSA_size != 256"); } const BIGNUM *n_num; const BIGNUM *e_num; #if OPENSSL_VERSION_NUMBER < 0x10100000L n_num = rsa->n; e_num = rsa->e; #else RSA_get0_key(rsa, &n_num, &e_num, nullptr); #endif auto n = static_cast<void *>(BN_dup(n_num)); auto e = static_cast<void *>(BN_dup(e_num)); if (n == nullptr || e == nullptr) { return Status::Error("Cannot dup BIGNUM"); } return RSA(BigNum::from_raw(n), BigNum::from_raw(e)); }
static void test_seckey(const __ops_seckey_t *seckey) { RSA *test = RSA_new(); test->n = BN_dup(seckey->pubkey.key.rsa.n); test->e = BN_dup(seckey->pubkey.key.rsa.e); test->d = BN_dup(seckey->key.rsa.d); test->p = BN_dup(seckey->key.rsa.p); test->q = BN_dup(seckey->key.rsa.q); if (RSA_check_key(test) != 1) { (void) fprintf(stderr, "test_seckey: RSA_check_key failed\n"); } RSA_free(test); }
QUADRATIC *QD_dup(QUADRATIC *a) { QUADRATIC *b = NULL; int code; code = LIBLESS_ERROR; TRY(b = (QUADRATIC *)malloc(sizeof(QUADRATIC)), return NULL); TRY(b->x = BN_dup(a->x), goto end); TRY(b->y = BN_dup(a->y), goto end); code = LIBLESS_OK; end: if (code != LIBLESS_OK) { QD_free(b); b = NULL; } return b; }
int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) { if (key->meth->set_private != NULL && key->meth->set_private(key, priv_key) == 0) return 0; BN_clear_free(key->priv_key); key->priv_key = BN_dup(priv_key); return (key->priv_key == NULL) ? 0 : 1; }
Handle<ScopedEVP_PKEY> JwkEc::To(int &key_type) { LOG_FUNC(); LOG_INFO("Check key_type"); if (!(key_type == NODESSL_KT_PRIVATE || key_type == NODESSL_KT_PUBLIC)) { THROW_ERROR("Wrong value of key_type"); } LOG_INFO("import EC from JWK"); ScopedEC_KEY ec_key(EC_KEY_new()); LOG_INFO("set public key"); ScopedEC_GROUP group(EC_GROUP_new_by_curve_name(this->crv)); if (group.isEmpty()) { THROW_OPENSSL("EC_GROUP_new_by_curve_name"); } EC_KEY_set_group(ec_key.Get(), group.Get()); ScopedBIGNUM x(BN_dup(this->x.Get())); ScopedBIGNUM y(BN_dup(this->y.Get())); if (EC_KEY_set_public_key_affine_coordinates(ec_key.Get(), x.Get(), y.Get()) != 1) { THROW_OPENSSL("EC_KEY_set_public_key_affine_coordinates"); } x.unref(); y.unref(); if (key_type == NODESSL_KT_PRIVATE) { LOG_INFO("set private key"); ScopedBIGNUM d(BN_dup(this->d.Get())); if (EC_KEY_set_private_key(ec_key.Get(), d.Get()) != 1) { THROW_OPENSSL("EC_KEY_set_private_key"); } d.unref(); } LOG_INFO("set internal key"); Handle<ScopedEVP_PKEY> new_key(new ScopedEVP_PKEY(EVP_PKEY_new())); EVP_PKEY_assign_EC_KEY(new_key->Get(), ec_key.Get()); ec_key.unref(); return new_key; }
DH *tr_create_matching_dh (unsigned char *priv_key, size_t keylen, DH *in_dh) { DH *dh = NULL; int dh_err = 0; if (!in_dh) return NULL; if (NULL == (dh = DH_new())) { tr_crit("tr_create_matching_dh: unable to allocate new DH structure."); return NULL; } if ((NULL == (dh->g = BN_dup(in_dh->g))) || (NULL == (dh->p = BN_dup(in_dh->p)))) { DH_free(dh); tr_debug("tr_create_matching_dh: Invalid dh parameter values, can't be duped."); return NULL; } /* TBD -- share code with previous function */ if ((priv_key) && (keylen > 0)) dh->priv_key = BN_bin2bn(priv_key, keylen, NULL); DH_generate_key(dh); /* generates the public key */ DH_check(dh, &dh_err); if (0 != dh_err) { tr_warning("Warning: dh_check failed with %d", dh_err); if (dh_err & DH_CHECK_P_NOT_PRIME) tr_warning(": p value is not prime"); else if (dh_err & DH_CHECK_P_NOT_SAFE_PRIME) tr_warning(": p value is not a safe prime"); else if (dh_err & DH_UNABLE_TO_CHECK_GENERATOR) tr_warning(": unable to check the generator value"); else if (dh_err & DH_NOT_SUITABLE_GENERATOR) tr_warning(": the g value is not a generator"); else tr_warning("unhandled error %i", dh_err); } return(dh); }
/* OpenSSL sadly wants to ASN1 encode the resulting bignums so we use this * function to skip that. Returns > 0 on success */ int HsOpenSSL_dsa_sign(DSA *dsa, const unsigned char *ddata, int dlen, const BIGNUM **r, const BIGNUM **s) { #if OPENSSL_VERSION_NUMBER >= 0x10100000L DSA_SIG *const sig = DSA_do_sign(ddata, dlen, dsa); if (!sig) return 0; DSA_SIG_get0(sig, r, s); *r = BN_dup(*r); *s = BN_dup(*s); DSA_SIG_free(sig); return 1; #else DSA_SIG *const sig = dsa->meth->dsa_do_sign(ddata, dlen, dsa); if (!sig) return 0; *r = sig->r; *s = sig->s; free(sig); return 1; #endif }
BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { BN_BLINDING *ret = NULL; ret = (BN_BLINDING*) OPENSSL_malloc(sizeof(BN_BLINDING)); if (ret == NULL) { OPENSSL_PUT_ERROR(RSA, BN_BLINDING_new, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(BN_BLINDING)); if (A != NULL) { ret->A = BN_dup(A); if (ret->A == NULL) { goto err; } } if (Ai != NULL) { ret->Ai = BN_dup(Ai); if (ret->Ai == NULL) { goto err; } } /* save a copy of mod in the BN_BLINDING structure */ ret->mod = BN_dup(mod); if (ret->mod == NULL) { goto err; } if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) { BN_set_flags(ret->mod, BN_FLG_CONSTTIME); } /* Set the counter to the special value -1 * to indicate that this is never-used fresh blinding * that does not need updating before first use. */ ret->counter = -1; return ret; err: if (ret != NULL) { BN_BLINDING_free(ret); } return NULL; }
BIGNUM * DH_get_q(const DH *dh, BN_CTX *ctx) { BIGNUM *q_new = NULL, *bn = NULL; int i; const BIGNUM *p, *q; check(dh, "Invalid arguments"); DH_get0_pqg(dh, &p, &q, NULL); if (!q) { q_new = BN_new(); bn = BN_dup(p); /* DH primes should be strong, based on a Sophie Germain prime q * p=(2*q)+1 or (p-1)/2=q */ if (!q_new || !bn || !BN_sub_word(bn, 1) || !BN_rshift1(q_new, bn)) { goto err; } } else { q_new = BN_dup(q); } /* q should always be prime */ i = BN_is_prime_ex(q_new, BN_prime_checks, ctx, NULL); if (i <= 0) { if (i == 0) log_err("Unable to get Sophie Germain prime"); goto err; } return q_new; err: if (bn) BN_clear_free(bn); if (q_new) BN_clear_free(q_new); return NULL; }
/** https://core.telegram.org/api/end-to-end says: "Both clients in a secret chat creation are to check that g, g_a and g_b are greater than one and smaller than p-1. Recommented checking that g_a and g_b are between 2^{2048-64} and p - 2^{2048-64} as well." */ qint32 CryptoUtils::checkCalculatedParams(const BIGNUM *gAOrB, const BIGNUM *g, const BIGNUM *p) { ASSERT(gAOrB); ASSERT(g); ASSERT(p); // 1) gAOrB and g greater than one and smaller than p-1 BIGNUM one; BN_init(&one); Utils::ensure(BN_one(&one)); BIGNUM *pMinusOne = BN_dup(p); Utils::ensure(BN_sub_word(pMinusOne, 1)); // check params greater than one if (BN_cmp(gAOrB, &one) <= 0) return -1; if (BN_cmp(g, &one) <= 0) return -1; // check params <= p-1 if (BN_cmp(gAOrB, pMinusOne) >= 0) return -1; if (BN_cmp(g, pMinusOne) >= 0) return -1; // 2) gAOrB between 2^{2048-64} and p - 2^{2048-64} quint64 expWord = 2048 - 64; BIGNUM exp; BN_init(&exp); Utils::ensure(BN_set_word(&exp, expWord)); BIGNUM base; BN_init(&base); Utils::ensure(BN_set_word(&base, 2)); // lowLimit = base ^ exp BIGNUM lowLimit; BN_init(&lowLimit); Utils::ensure(BN_exp(&lowLimit, &base, &exp, BN_ctx)); // highLimit = p - lowLimit BIGNUM highLimit; BN_init(&highLimit); BN_sub(&highLimit, p, &lowLimit); if (BN_cmp(gAOrB, &lowLimit) < 0) return -1; if (BN_cmp(gAOrB, &highLimit) > 0) return -1; BN_free(&one); BN_free(pMinusOne); BN_free(&exp); BN_free(&lowLimit); BN_free(&highLimit); delete g; delete gAOrB; delete p; return 0; }
struct number * dup_number(const struct number *a) { struct number *n; n = bmalloc(sizeof(*n)); n->scale = a->scale; n->number = BN_dup(a->number); bn_checkp(n->number); return n; }
/* If the server just has the raw password, make up a verifier entry on the fly */ int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp) { SRP_gN *GN = SRP_get_default_gN(grp); if(GN == NULL) return -1; s->srp_ctx.N = BN_dup(GN->N); s->srp_ctx.g = BN_dup(GN->g); if(s->srp_ctx.v != NULL) { BN_clear_free(s->srp_ctx.v); s->srp_ctx.v = NULL; } if(s->srp_ctx.s != NULL) { BN_clear_free(s->srp_ctx.s); s->srp_ctx.s = NULL; } if(!SRP_create_verifier_BN(user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g)) return -1; return 1; }
static int dup_bn_into(BIGNUM **out, BIGNUM *src) { BIGNUM *a; a = BN_dup(src); if (a == NULL) { return 0; } BN_free(*out); *out = a; return 1; }