Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: 0d2f9d1286
Branches Tags
ydb
/
contrib
/
python
/
cryptography
/
py3
/
_cffi_src
/
openssl
/
dh.py

dh.py 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166 
  1. # This file is dual licensed under the terms of the Apache License, Version
    2. 

  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
    3. 

  3. # for complete details.
    4. 

  4. 

  5. from __future__ import absolute_import, division, print_function
    6. 

  6. 

  7. INCLUDES = """
    8. 

  8. #include <openssl/dh.h>
    9. 

  9. """
    10. 

  10. 

  11. TYPES = """
    12. 

  12. typedef ... DH;
    13. 

  13. 

  14. const long DH_NOT_SUITABLE_GENERATOR;
    15. 

  15. """
    16. 

  16. 

  17. FUNCTIONS = """
    18. 

  18. DH *DH_new(void);
    19. 

  19. void DH_free(DH *);
    20. 

  20. int DH_size(const DH *);
    21. 

  21. int DH_generate_key(DH *);
    22. 

  22. int DH_compute_key(unsigned char *, const BIGNUM *, DH *);
    23. 

  23. DH *DHparams_dup(DH *);
    24. 

  24. 

  25. /* added in 1.1.0 when the DH struct was opaqued */
    26. 

  26. void DH_get0_pqg(const DH *, const BIGNUM **, const BIGNUM **,
    27. 

  27.                  const BIGNUM **);
    28. 

  28. int DH_set0_pqg(DH *, BIGNUM *, BIGNUM *, BIGNUM *);
    29. 

  29. void DH_get0_key(const DH *, const BIGNUM **, const BIGNUM **);
    30. 

  30. int DH_set0_key(DH *, BIGNUM *, BIGNUM *);
    31. 

  31. 

  32. int Cryptography_DH_check(const DH *, int *);
    33. 

  33. int DH_generate_parameters_ex(DH *, int, int, BN_GENCB *);
    34. 

  34. DH *d2i_DHparams_bio(BIO *, DH **);
    35. 

  35. int i2d_DHparams_bio(BIO *, DH *);
    36. 

  36. DH *Cryptography_d2i_DHxparams_bio(BIO *bp, DH **x);
    37. 

  37. int Cryptography_i2d_DHxparams_bio(BIO *bp, DH *x);
    38. 

  38. """
    39. 

  39. 

  40. CUSTOMIZATIONS = """
    41. 

  41. #if CRYPTOGRAPHY_IS_LIBRESSL
    42. 

  42. #ifndef DH_CHECK_Q_NOT_PRIME
    43. 

  43. #define DH_CHECK_Q_NOT_PRIME            0x10
    44. 

  44. #endif
    45. 

  45. 

  46. #ifndef DH_CHECK_INVALID_Q_VALUE
    47. 

  47. #define DH_CHECK_INVALID_Q_VALUE        0x20
    48. 

  48. #endif
    49. 

  49. 

  50. #ifndef DH_CHECK_INVALID_J_VALUE
    51. 

  51. #define DH_CHECK_INVALID_J_VALUE        0x40
    52. 

  52. #endif
    53. 

  53. 

  54. /* DH_check implementation taken from OpenSSL 1.1.0pre6 */
    55. 

  55. 

  56. /*-
    57. 

  57.  * Check that p is a safe prime and
    58. 

  58.  * if g is 2, 3 or 5, check that it is a suitable generator
    59. 

  59.  * where
    60. 

  60.  * for 2, p mod 24 == 11
    61. 

  61.  * for 3, p mod 12 == 5
    62. 

  62.  * for 5, p mod 10 == 3 or 7
    63. 

  63.  * should hold.
    64. 

  64.  */
    65. 

  65. 

  66. int Cryptography_DH_check(const DH *dh, int *ret)
    67. 

  67. {
    68. 

  68.     int ok = 0, r;
    69. 

  69.     BN_CTX *ctx = NULL;
    70. 

  70.     BN_ULONG l;
    71. 

  71.     BIGNUM *t1 = NULL, *t2 = NULL;
    72. 

  72. 

  73.     *ret = 0;
    74. 

  74.     ctx = BN_CTX_new();
    75. 

  75.     if (ctx == NULL)
    76. 

  76.         goto err;
    77. 

  77.     BN_CTX_start(ctx);
    78. 

  78.     t1 = BN_CTX_get(ctx);
    79. 

  79.     if (t1 == NULL)
    80. 

  80.         goto err;
    81. 

  81.     t2 = BN_CTX_get(ctx);
    82. 

  82.     if (t2 == NULL)
    83. 

  83.         goto err;
    84. 

  84. 

  85.     if (dh->q) {
    86. 

  86.         if (BN_cmp(dh->g, BN_value_one()) <= 0)
    87. 

  87.             *ret |= DH_NOT_SUITABLE_GENERATOR;
    88. 

  88.         else if (BN_cmp(dh->g, dh->p) >= 0)
    89. 

  89.             *ret |= DH_NOT_SUITABLE_GENERATOR;
    90. 

  90.         else {
    91. 

  91.             /* Check g^q == 1 mod p */
    92. 

  92.             if (!BN_mod_exp(t1, dh->g, dh->q, dh->p, ctx))
    93. 

  93.                 goto err;
    94. 

  94.             if (!BN_is_one(t1))
    95. 

  95.                 *ret |= DH_NOT_SUITABLE_GENERATOR;
    96. 

  96.         }
    97. 

  97.         r = BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL);
    98. 

  98.         if (r < 0)
    99. 

  99.             goto err;
    100. 

  100.         if (!r)
    101. 

  101.             *ret |= DH_CHECK_Q_NOT_PRIME;
    102. 

  102.         /* Check p == 1 mod q  i.e. q divides p - 1 */
    103. 

  103.         if (!BN_div(t1, t2, dh->p, dh->q, ctx))
    104. 

  104.             goto err;
    105. 

  105.         if (!BN_is_one(t2))
    106. 

  106.             *ret |= DH_CHECK_INVALID_Q_VALUE;
    107. 

  107.         if (dh->j && BN_cmp(dh->j, t1))
    108. 

  108.             *ret |= DH_CHECK_INVALID_J_VALUE;
    109. 

  109. 

  110.     } else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
    111. 

  111.         l = BN_mod_word(dh->p, 24);
    112. 

  112.         if (l == (BN_ULONG)-1)
    113. 

  113.             goto err;
    114. 

  114.         if (l != 11)
    115. 

  115.             *ret |= DH_NOT_SUITABLE_GENERATOR;
    116. 

  116.     } else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
    117. 

  117.         l = BN_mod_word(dh->p, 10);
    118. 

  118.         if (l == (BN_ULONG)-1)
    119. 

  119.             goto err;
    120. 

  120.         if ((l != 3) && (l != 7))
    121. 

  121.             *ret |= DH_NOT_SUITABLE_GENERATOR;
    122. 

  122.     } else
    123. 

  123.         *ret |= DH_UNABLE_TO_CHECK_GENERATOR;
    124. 

  124. 

  125.     r = BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL);
    126. 

  126.     if (r < 0)
    127. 

  127.         goto err;
    128. 

  128.     if (!r)
    129. 

  129.         *ret |= DH_CHECK_P_NOT_PRIME;
    130. 

  130.     else if (!dh->q) {
    131. 

  131.         if (!BN_rshift1(t1, dh->p))
    132. 

  132.             goto err;
    133. 

  133.         r = BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL);
    134. 

  134.         if (r < 0)
    135. 

  135.             goto err;
    136. 

  136.         if (!r)
    137. 

  137.             *ret |= DH_CHECK_P_NOT_SAFE_PRIME;
    138. 

  138.     }
    139. 

  139.     ok = 1;
    140. 

  140.  err:
    141. 

  141.     if (ctx != NULL) {
    142. 

  142.         BN_CTX_end(ctx);
    143. 

  143.         BN_CTX_free(ctx);
    144. 

  144.     }
    145. 

  145.     return (ok);
    146. 

  146. }
    147. 

  147. #else
    148. 

  148. int Cryptography_DH_check(const DH *dh, int *ret) {
    149. 

  149.     return DH_check(dh, ret);
    150. 

  150. }
    151. 

  151. #endif
    152. 

  152. 

  153. /* These functions were added in OpenSSL 1.1.0f commit d0c50e80a8 */
    154. 

  154. /* Define our own to simplify support across all versions. */
    155. 

  155. #if defined(EVP_PKEY_DHX) && EVP_PKEY_DHX != -1
    156. 

  156. DH *Cryptography_d2i_DHxparams_bio(BIO *bp, DH **x) {
    157. 

  157.     return ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x);
    158. 

  158. }
    159. 

  159. int Cryptography_i2d_DHxparams_bio(BIO *bp, DH *x) {
    160. 

  160.     return ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x);
    161. 

  161. }
    162. 

  162. #else
    163. 

  163. DH *(*Cryptography_d2i_DHxparams_bio)(BIO *bp, DH **x) = NULL;
    164. 

  164. int (*Cryptography_i2d_DHxparams_bio)(BIO *bp, DH *x) = NULL;
    165. 

  165. #endif
    166. 

  166. """
    167.