1 /* Copyright 2022 The BoringSSL Authors 2 * 3 * Permission to use, copy, modify, and/or distribute this software for any 4 * purpose with or without fee is hereby granted, provided that the above 5 * copyright notice and this permission notice appear in all copies. 6 * 7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14 15 #ifndef OPENSSL_HEADER_CRYPTO_FIPSMODULE_DH_INTERNAL_H 16 #define OPENSSL_HEADER_CRYPTO_FIPSMODULE_DH_INTERNAL_H 17 18 #include <openssl/base.h> 19 20 #include <openssl/thread.h> 21 22 #include "../../internal.h" 23 24 #if defined(__cplusplus) 25 extern "C" { 26 #endif 27 28 29 struct dh_st { 30 BIGNUM *p; 31 BIGNUM *g; 32 BIGNUM *q; 33 BIGNUM *pub_key; // g^x mod p 34 BIGNUM *priv_key; // x 35 36 // priv_length contains the length, in bits, of the private value. If zero, 37 // the private value will be the same length as |p|. 38 unsigned priv_length; 39 40 CRYPTO_MUTEX method_mont_p_lock; 41 BN_MONT_CTX *method_mont_p; 42 43 int flags; 44 CRYPTO_refcount_t references; 45 }; 46 47 // dh_check_params_fast checks basic invariants on |dh|'s domain parameters. It 48 // does not check that |dh| forms a valid group, only that the sizes are within 49 // DoS bounds. 50 int dh_check_params_fast(const DH *dh); 51 52 // dh_compute_key_padded_no_self_test does the same as |DH_compute_key_padded|, 53 // but doesn't try to run the self-test first. This is for use in the self tests 54 // themselves, to prevent an infinite loop. 55 int dh_compute_key_padded_no_self_test(unsigned char *out, 56 const BIGNUM *peers_key, DH *dh); 57 58 59 #if defined(__cplusplus) 60 } 61 #endif 62 63 #endif // OPENSSL_HEADER_CRYPTO_FIPSMODULE_DH_INTERNAL_H 64