62 # include <openssl/e_os2.h>
65 # error DH is disabled.
68 # ifndef OPENSSL_NO_BIO
69 # include <openssl/bio.h>
71 # include <openssl/ossl_typ.h>
72 # ifndef OPENSSL_NO_DEPRECATED
73 # include <openssl/bn.h>
76 # ifndef OPENSSL_DH_MAX_MODULUS_BITS
77 # define OPENSSL_DH_MAX_MODULUS_BITS 10000
80 # define DH_FLAG_CACHE_MONT_P 0x01
90 # define DH_FLAG_NO_EXP_CONSTTIME 0x02
99 # define DH_FLAG_FIPS_METHOD 0x0400
107 # define DH_FLAG_NON_FIPS_ALLOW 0x0400
120 int (*generate_key) (
DH *dh);
121 int (*compute_key) (
unsigned char *key,
const BIGNUM *pub_key,
DH *dh);
126 int (*init) (
DH *dh);
127 int (*finish) (
DH *dh);
131 int (*generate_params) (
DH *dh,
int prime_len,
int generator,
161 # define DH_GENERATOR_2 2
163 # define DH_GENERATOR_5 5
166 # define DH_CHECK_P_NOT_PRIME 0x01
167 # define DH_CHECK_P_NOT_SAFE_PRIME 0x02
168 # define DH_UNABLE_TO_CHECK_GENERATOR 0x04
169 # define DH_NOT_SUITABLE_GENERATOR 0x08
170 # define DH_CHECK_Q_NOT_PRIME 0x10
171 # define DH_CHECK_INVALID_Q_VALUE 0x20
172 # define DH_CHECK_INVALID_J_VALUE 0x40
175 # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
176 # define DH_CHECK_PUBKEY_TOO_LARGE 0x02
177 # define DH_CHECK_PUBKEY_INVALID 0x04
183 # define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
185 # define d2i_DHparams_fp(fp,x) \
186 (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
187 (char *(*)())d2i_DHparams, \
189 (unsigned char **)(x))
190 # define i2d_DHparams_fp(fp,x) \
191 ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
192 # define d2i_DHparams_bio(bp,x) \
193 ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
194 # define i2d_DHparams_bio(bp,x) \
195 ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
197 # define d2i_DHxparams_fp(fp,x) \
198 (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
199 (char *(*)())d2i_DHxparams, \
201 (unsigned char **)(x))
202 # define i2d_DHxparams_fp(fp,x) \
203 ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
204 # define d2i_DHxparams_bio(bp,x) \
205 ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
206 # define i2d_DHxparams_bio(bp,x) \
207 ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
209 DH *DHparams_dup(
DH *);
213 void DH_set_default_method(
const DH_METHOD *meth);
214 const DH_METHOD *DH_get_default_method(
void);
216 DH *DH_new_method(ENGINE *engine);
219 void DH_free(
DH *dh);
220 int DH_up_ref(
DH *dh);
221 int DH_size(
const DH *dh);
222 int DH_get_ex_new_index(
long argl,
void *argp, CRYPTO_EX_new *new_func,
223 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
224 int DH_set_ex_data(
DH *d,
int idx,
void *arg);
225 void *DH_get_ex_data(
DH *d,
int idx);
228 # ifndef OPENSSL_NO_DEPRECATED
229 DH *DH_generate_parameters(
int prime_len,
int generator,
230 void (*callback) (
int,
int,
void *),
void *cb_arg);
234 int DH_generate_parameters_ex(
DH *dh,
int prime_len,
int generator,
237 int DH_check(
const DH *dh,
int *codes);
238 int DH_check_pub_key(
const DH *dh,
const BIGNUM *pub_key,
int *codes);
239 int DH_generate_key(
DH *dh);
240 int DH_compute_key(
unsigned char *key,
const BIGNUM *pub_key,
DH *dh);
241 int DH_compute_key_padded(
unsigned char *key,
const BIGNUM *pub_key,
DH *dh);
242 DH *d2i_DHparams(
DH **a,
const unsigned char **pp,
long length);
243 int i2d_DHparams(
const DH *a,
unsigned char **pp);
244 DH *d2i_DHxparams(
DH **a,
const unsigned char **pp,
long length);
245 int i2d_DHxparams(
const DH *a,
unsigned char **pp);
246 # ifndef OPENSSL_NO_FP_API
247 int DHparams_print_fp(FILE *fp,
const DH *x);
249 # ifndef OPENSSL_NO_BIO
250 int DHparams_print(
BIO *bp,
const DH *x);
252 int DHparams_print(
char *bp,
const DH *x);
256 DH *DH_get_1024_160(
void);
257 DH *DH_get_2048_224(
void);
258 DH *DH_get_2048_256(
void);
260 # ifndef OPENSSL_NO_CMS
262 int DH_KDF_X9_42(
unsigned char *out,
size_t outlen,
263 const unsigned char *Z,
size_t Zlen,
265 const unsigned char *ukm,
size_t ukmlen,
const EVP_MD *md);
268 # define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
269 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
270 EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
272 # define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
273 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
274 EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
276 # define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
277 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
278 EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
280 # define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
281 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
282 EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
284 # define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
285 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
286 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
288 # define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
289 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
290 EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
292 # define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
293 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
294 EVP_PKEY_OP_DERIVE, \
295 EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
297 # define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
298 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
299 EVP_PKEY_OP_DERIVE, \
300 EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
302 # define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
303 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
304 EVP_PKEY_OP_DERIVE, \
305 EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
307 # define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
308 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
309 EVP_PKEY_OP_DERIVE, \
310 EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
312 # define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
313 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
314 EVP_PKEY_OP_DERIVE, \
315 EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
317 # define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
318 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
319 EVP_PKEY_OP_DERIVE, \
320 EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
322 # define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
323 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
324 EVP_PKEY_OP_DERIVE, \
325 EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
327 # define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
328 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
329 EVP_PKEY_OP_DERIVE, \
330 EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
332 # define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
333 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
334 EVP_PKEY_OP_DERIVE, \
335 EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
337 # define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
338 EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
339 EVP_PKEY_OP_DERIVE, \
340 EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
342 # define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
343 # define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
344 # define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
345 # define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
346 # define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
347 # define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
348 # define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
349 # define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
350 # define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
351 # define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
352 # define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
353 # define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
354 # define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
355 # define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
358 # define EVP_PKEY_DH_KDF_NONE 1
359 # define EVP_PKEY_DH_KDF_X9_42 2
366 void ERR_load_DH_strings(
void);
371 # define DH_F_COMPUTE_KEY 102
372 # define DH_F_DHPARAMS_PRINT_FP 101
373 # define DH_F_DH_BUILTIN_GENPARAMS 106
374 # define DH_F_DH_CMS_DECRYPT 117
375 # define DH_F_DH_CMS_SET_PEERKEY 118
376 # define DH_F_DH_CMS_SET_SHARED_INFO 119
377 # define DH_F_DH_COMPUTE_KEY 114
378 # define DH_F_DH_GENERATE_KEY 115
379 # define DH_F_DH_GENERATE_PARAMETERS_EX 116
380 # define DH_F_DH_NEW_METHOD 105
381 # define DH_F_DH_PARAM_DECODE 107
382 # define DH_F_DH_PRIV_DECODE 110
383 # define DH_F_DH_PRIV_ENCODE 111
384 # define DH_F_DH_PUB_DECODE 108
385 # define DH_F_DH_PUB_ENCODE 109
386 # define DH_F_DO_DH_PRINT 100
387 # define DH_F_GENERATE_KEY 103
388 # define DH_F_GENERATE_PARAMETERS 104
389 # define DH_F_PKEY_DH_DERIVE 112
390 # define DH_F_PKEY_DH_KEYGEN 113
393 # define DH_R_BAD_GENERATOR 101
394 # define DH_R_BN_DECODE_ERROR 109
395 # define DH_R_BN_ERROR 106
396 # define DH_R_DECODE_ERROR 104
397 # define DH_R_INVALID_PUBKEY 102
398 # define DH_R_KDF_PARAMETER_ERROR 112
399 # define DH_R_KEYS_NOT_SET 108
400 # define DH_R_KEY_SIZE_TOO_SMALL 110
401 # define DH_R_MODULUS_TOO_LARGE 103
402 # define DH_R_NON_FIPS_METHOD 111
403 # define DH_R_NO_PARAMETERS_SET 107
404 # define DH_R_NO_PRIVATE_VALUE 100
405 # define DH_R_PARAMETER_ENCODING_ERROR 105
406 # define DH_R_PEER_KEY_ERROR 113
407 # define DH_R_SHARED_INFO_ERROR 114