3 #define mp_init(a) ltc_mp.init(a)
4 #define mp_init_multi ltc_init_multi
5 #define mp_clear(a) ltc_mp.deinit(a)
6 #define mp_clear_multi ltc_deinit_multi
7 #define mp_count_bits(a) ltc_mp.count_bits(a)
8 #define mp_read_radix(a, b, c) ltc_mp.read_radix(a, b, c)
9 #define mp_unsigned_bin_size(a) ltc_mp.unsigned_size(a)
10 #define mp_to_unsigned_bin(a, b) ltc_mp.unsigned_write(a, b)
11 #define mp_read_unsigned_bin(a, b, c) ltc_mp.unsigned_read(a, b, c)
12 #define mp_exptmod(a, b, c, d) ltc_mp.exptmod(a, b, c, d)
13 #define mp_add(a, b, c) ltc_mp.add(a, b, c)
14 #define mp_mul(a, b, c) ltc_mp.mul(a, b, c)
15 #define mp_cmp(a, b) ltc_mp.compare(a, b)
16 #define mp_cmp_d(a, b) ltc_mp.compare_d(a, b)
17 #define mp_sqr(a, b) ltc_mp.sqr(a, b)
18 #define mp_mod(a, b, c) ltc_mp.mpdiv(a, b, NULL, c)
19 #define mp_sub(a, b, c) ltc_mp.sub(a, b, c)
20 #define mp_set(a, b) ltc_mp.set_int(a, b)
22 struct DHKey ffdhe2048 = {
27 "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B423861285C97FFFFFFFFFFFFFFFF",
29 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"
32 struct DHKey ffdhe3072 = {
37 "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF",
39 "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"
42 struct DHKey ffdhe4096 = {
47 "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6AFFFFFFFFFFFFFFFF",
49 "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"
52 struct DHKey ffdhe6144 = {
57 "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD9020BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA63BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3ACDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477A52471F7A9A96910B855322EDB6340D8A00EF092350511E30ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538CD72B03746AE77F5E62292C311562A846505DC82DB854338AE49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B045B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF",
59 "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"
62 struct DHKey ffdhe8192 = {
67 "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF97D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD65612433F51F5F066ED0856365553DED1AF3B557135E7F57C935984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE73530ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FBB96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB190B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F619172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD733BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C023861B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91CAEFE130985139270B4130C93BC437944F4FD4452E2D74DD364F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0DABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB7930E9E4E58857B6AC7D5F42D69F6D187763CF1D5503400487F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832A907600A918130C46DC778F971AD0038092999A333CB8B7A1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD9020BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA63BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3ACDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477A52471F7A9A96910B855322EDB6340D8A00EF092350511E30ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538CD72B03746AE77F5E62292C311562A846505DC82DB854338AE49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B045B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C8381E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665CB2C0F1CC01BD70229388839D2AF05E454504AC78B7582822846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA4571EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88CD68C8BB7C5C6424CFFFFFFFFFFFFFFFF",
69 "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"
72 struct ECCCurveParameters secp192r1 = {
76 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", /* P */
77 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", /* A */
78 "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", /* B */
79 "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", /* Gx */
80 "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811", /* Gy */
81 "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831" /* order (n) */
86 struct ECCCurveParameters secp224r1 = {
90 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* P */
91 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", /* A */
92 "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", /* B */
93 "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", /* Gx */
94 "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", /* Gy */
95 "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D" /* order (n) */
99 struct ECCCurveParameters secp224k1 = {
103 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", /* P */
104 "00000000000000000000000000000000000000000000000000000000", /* A */
105 "00000000000000000000000000000000000000000000000000000005", /* B */
106 "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", /* Gx */
107 "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", /* Gy */
109 "0000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7",
113 struct ECCCurveParameters secp256r1 = {
117 "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", /* P */
118 "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", /* A */
119 "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", /* B */
120 "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", /* Gx */
121 "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", /* Gy */
122 "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
126 struct ECCCurveParameters secp256k1 = {
130 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", /* P */
131 "0000000000000000000000000000000000000000000000000000000000000000", /* A */
132 "0000000000000000000000000000000000000000000000000000000000000007", /* B */
133 "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", /* Gx */
134 "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", /* Gy */
136 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
140 struct ECCCurveParameters secp384r1 = {
144 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
145 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
146 "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
147 "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
148 "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
149 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
153 struct ECCCurveParameters secp521r1 = {
157 "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
158 "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
159 "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
160 "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
161 "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
162 "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
168 struct ECCCurveParameters curve25519 = {
172 "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED",
173 "0000000000000000000000000000000000000000000000000000000000076D06",
174 "0000000000000000000000000000000000000000000000000000000000000000",
175 "0000000000000000000000000000000000000000000000000000000000000009",
176 "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9",
177 "1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED",
181 struct ECCCurveParameters *const tls_ecc_default_curve = &secp256r1;
183 static void init_curve(struct ECCCurveParameters *curve) {
184 curve->dp.size = curve->size;
185 curve->dp.name = (char *) curve->name;
186 curve->dp.B = (char *) curve->B;
187 curve->dp.prime = (char *) curve->P;
188 curve->dp.Gx = (char *) curve->Gx;
189 curve->dp.Gy = (char *) curve->Gy;
190 curve->dp.order = (char *) curve->order;
193 void tls_ecc_init_curves() {
194 init_curve(&secp192r1);
195 init_curve(&secp224r1);
196 init_curve(&secp224k1);
197 init_curve(&secp256r1);
198 init_curve(&secp256k1);
199 init_curve(&secp384r1);
200 init_curve(&secp521r1);
204 static int l_dh_shared_secret(struct DHKey *private_key, struct DHKey *public_key,
206 unsigned long *outlen) {
211 if ((!private_key) || (!public_key) || (!out) || (!outlen))
212 return TLS_GENERIC_ERROR;
214 /* compute y^x mod p */
215 if ((err = mp_init(&tmp)) != CRYPT_OK)
219 mp_exptmod(public_key->y, private_key->x, private_key->p,
225 x = (unsigned long) mp_unsigned_bin_size(tmp);
227 err = CRYPT_BUFFER_OVERFLOW;
232 if ((err = mp_to_unsigned_bin(tmp, out)) != CRYPT_OK) {
242 unsigned char *tls_decrypt_dhe(struct TLSContext *context, const unsigned char
243 *buffer, unsigned int len, unsigned int *size, int clear_key) {
245 if ((!len) || (!context) || (!context->dhe)) {
246 DEBUG_PRINT("No private DHE key set\n");
250 unsigned long out_size = len;
254 DEBUG_PRINT("ERROR CREATING Yc\n");
257 if (mp_read_unsigned_bin(Yc, (unsigned char *) buffer, len)) {
258 DEBUG_PRINT("ERROR LOADING DHE Yc\n");
263 unsigned char *out = malloc(len);
264 struct DHKey client_key;
265 memset(&client_key, 0, sizeof client_key);
267 client_key.p = context->dhe->p;
268 client_key.g = context->dhe->g;
271 /* TODO use dh_shared_secret from tomcrypt */
272 int err = l_dh_shared_secret(context->dhe, &client_key, out, &out_size);
273 /* don't delete p and g */
276 tls_dh_clear_key(&client_key);
277 /* not needing the dhe key anymore */
280 tls_dhe_free(context);
284 DEBUG_PRINT("DHE DECRYPT ERROR %i\n", err);
288 DEBUG_PRINT("OUT_SIZE: %lu\n", out_size);
289 DEBUG_DUMP_HEX_LABEL("DHE", out, out_size);
290 *size = (unsigned int) out_size;
294 unsigned char *tls_decrypt_ecc_dhe(struct TLSContext *context, const unsigned
295 char *buffer, unsigned int len, unsigned int *size, int
298 if (!len || !context || !context->ecc_dhe) {
299 DEBUG_PRINT("No private ECC DHE key set\n");
303 const struct ECCCurveParameters *curve;
304 if (context->curve) {
305 curve = context->curve;
307 curve = tls_ecc_default_curve;
310 ltc_ecc_set_type *dp = (ltc_ecc_set_type *) & curve->dp;
313 memset(&client_key, 0, sizeof(client_key));
314 if (ecc_ansi_x963_import_ex(buffer, len, &client_key, dp)) {
315 DEBUG_PRINT("Error importing ECC DHE key\n");
318 unsigned char *out = malloc(len);
319 unsigned long out_size = len;
321 int err = ecc_shared_secret(context->ecc_dhe, &client_key, out,
323 ecc_free(&client_key);
325 tls_ecc_dhe_free(context);
328 DEBUG_PRINT("ECC DHE DECRYPT ERROR %i\n", err);
332 DEBUG_PRINT("OUT_SIZE: %lu\n", out_size);
333 DEBUG_DUMP_HEX_LABEL("ECC DHE", out, out_size);
334 *size = (unsigned int) out_size;
338 const struct ECCCurveParameters *tls_set_curve(struct TLSContext *context, const struct
339 ECCCurveParameters *curve) {
340 if (!context->is_server)
342 const struct ECCCurveParameters *old_curve = context->curve;
343 context->curve = curve;
347 void tls_dhe_free(struct TLSContext *context) {
349 tls_dh_clear_key(context->dhe);
355 void tls_dhe_create(struct TLSContext *context) {
356 tls_dhe_free(context);
357 context->dhe = malloc(sizeof(struct DHKey));
359 memset(context->dhe, 0, sizeof(struct DHKey));
362 void tls_ecc_dhe_free(struct TLSContext *context) {
363 if (context->ecc_dhe) {
364 ecc_free(context->ecc_dhe);
365 free(context->ecc_dhe);
366 context->ecc_dhe = NULL;
370 void tls_ecc_dhe_create(struct TLSContext *context) {
371 tls_ecc_dhe_free(context);
372 context->ecc_dhe = malloc(sizeof(ecc_key));
373 memset(context->ecc_dhe, 0, sizeof(ecc_key));
376 int tls_set_default_dhe_pg(struct TLSContext *context,
377 const char *p_hex_str, const char *g_hex_str) {
378 if (!context || context->is_child || !context->is_server || !p_hex_str
382 free(context->default_dhe_p);
383 free(context->default_dhe_g);
385 context->default_dhe_p = NULL;
386 context->default_dhe_g = NULL;
388 int p_len = strlen(p_hex_str);
389 int g_len = strlen(g_hex_str);
390 if (p_len <= 0 || g_len <= 0) {
393 context->default_dhe_p = malloc(p_len + 1);
394 if (!context->default_dhe_p) {
397 context->default_dhe_g = malloc(g_len + 1);
398 if (!context->default_dhe_g) {
402 memcpy(context->default_dhe_p, p_hex_str, p_len);
403 context->default_dhe_p[p_len] = 0;
405 memcpy(context->default_dhe_g, g_hex_str, g_len);
406 context->default_dhe_g[g_len] = 0;
410 int tls_dh_export_Y(unsigned char *Ybuf, unsigned long *Ylen,
414 if (Ybuf == NULL || Ylen == NULL || key == NULL) {
415 return TLS_GENERIC_ERROR;
418 len = mp_unsigned_bin_size(key->y);
420 return TLS_GENERIC_ERROR;
427 int tls_dh_export_pqY(unsigned char *pbuf, unsigned long *plen,
428 unsigned char *gbuf, unsigned long *glen,
429 unsigned char *Ybuf, unsigned long *Ylen,
434 if (pbuf == NULL || plen == NULL || gbuf == NULL || glen == NULL ||
435 Ybuf == NULL || Ylen == NULL || key == NULL) {
436 return TLS_GENERIC_ERROR;
439 len = mp_unsigned_bin_size(key->y);
441 return TLS_GENERIC_ERROR;
444 if ((err = mp_to_unsigned_bin(key->y, Ybuf)) != CRYPT_OK) {
450 len = mp_unsigned_bin_size(key->p);
452 return TLS_GENERIC_ERROR;
455 if ((err = mp_to_unsigned_bin(key->p, pbuf)) != CRYPT_OK) {
461 len = mp_unsigned_bin_size(key->g);
463 return TLS_GENERIC_ERROR;
466 if ((err = mp_to_unsigned_bin(key->g, gbuf)) != CRYPT_OK)
474 void tls_dh_clear_key(struct DHKey *key) {
475 mp_clear_multi(key->g, key->p, key->x, key->y, NULL);
482 int tls_dh_make_key(int keysize, struct DHKey *key, const char *pbuf,
483 const char *gbuf, int pbuf_len, int gbuf_len)
488 return TLS_GENERIC_ERROR;
491 static prng_state prng;
492 int wprng = find_prng("sprng");
493 if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
497 buf = malloc(keysize);
499 return TLS_NO_MEMORY;
502 if (rng_make_prng(keysize, wprng, &prng, NULL) != CRYPT_OK) {
504 return TLS_GENERIC_ERROR;
507 if (prng_descriptor[wprng].read(buf, keysize, &prng) != (unsigned long)
510 return TLS_GENERIC_ERROR;
513 if ((err = mp_init_multi(&key->g, &key->p, &key->x, &key->y, NULL)) !=
517 return TLS_GENERIC_ERROR;
521 if ((err = mp_read_radix(key->g, gbuf, 16)) != CRYPT_OK) {
523 tls_dh_clear_key(key);
524 return TLS_GENERIC_ERROR;
527 if ((err = mp_read_unsigned_bin(key->g, (unsigned char *) gbuf,
528 gbuf_len)) != CRYPT_OK) {
530 tls_dh_clear_key(key);
531 return TLS_GENERIC_ERROR;
536 if ((err = mp_read_radix(key->p, pbuf, 16)) != CRYPT_OK) {
538 tls_dh_clear_key(key);
539 return TLS_GENERIC_ERROR;
542 if ((err = mp_read_unsigned_bin(key->p, (unsigned char *) pbuf,
543 pbuf_len)) != CRYPT_OK) {
545 tls_dh_clear_key(key);
546 return TLS_GENERIC_ERROR;
550 if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) {
552 tls_dh_clear_key(key);
553 return TLS_GENERIC_ERROR;
556 if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) {
558 tls_dh_clear_key(key);
559 return TLS_GENERIC_ERROR;