openssl开源程序dh算法解析之dh_check.c
来源:互联网 发布:语文阅读软件下载 编辑:程序博客网 时间:2024/05/21 01:28
/*检查dh自身参数,dh公钥大小是否合适*/#include <stdio.h>#include "cryptlib.h"#include <openssl/bn.h> //自定义OpenSSL 实现大数管理的结构及其函数#include <openssl/dh.h>/*- * Check that p is a safe prime and * if g is 2, 3 or 5, check that it is a suitable generator * where * for 2, p mod 24 == 11 * for 3, p mod 12 == 5 * for 5, p mod 10 == 3 or 7 * should hold. */int DH_check(const DH *dh, int *ret) //检查dh参数大小是否合适{ int ok = 0; //ctx为一个上下文相关的结构,可以用BN_CTX_new与BN_CTX_free来创建与释放它 BN_CTX *ctx = NULL; BN_ULONG l; BIGNUM *t1 = NULL, *t2 = NULL; *ret = 0; ctx = BN_CTX_new(); //A BN_CTX instance ctx is created with BN_CTX_new() if (ctx == NULL) goto err; BN_CTX_start(ctx); //BN_CTX_start() to get a new stack frame first // By calling BN_CTX_get(ctx), OpenSSL looks for an unused bignum t1 = BN_CTX_get(ctx); if (t1 == NULL) goto err; t2 = BN_CTX_get(ctx); if (t2 == NULL) goto err; if (dh->q) { if (BN_cmp(dh->g, BN_value_one()) <= 0) //dh->g小于BN_value_one() *ret |= DH_NOT_SUITABLE_GENERATOR; else if (BN_cmp(dh->g, dh->p) >= 0) //dh->g大于dh->p *ret |= DH_NOT_SUITABLE_GENERATOR; else { /* Check g^q == 1 mod p */ if (!BN_mod_exp(t1, dh->g, dh->q, dh->p, ctx)) goto err; if (!BN_is_one(t1)) //判断t1是不是1 *ret |= DH_NOT_SUITABLE_GENERATOR; } if (!BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL)) //q是否为素数 *ret |= DH_CHECK_Q_NOT_PRIME; /* Check p == 1 mod q i.e. q divides p - 1 */ if (!BN_div(t1, t2, dh->p, dh->q, ctx)) goto err; if (!BN_is_one(t2)) *ret |= DH_CHECK_INVALID_Q_VALUE; if (dh->j && BN_cmp(dh->j, t1)) *ret |= DH_CHECK_INVALID_J_VALUE; } else if (BN_is_word(dh->g, DH_GENERATOR_2)) {//判断dh->g是不是值DH_GENERATOR_2 l = BN_mod_word(dh->p, 24); //dh->p mod 24,返回余数 if (l != 11) //下面是基于Miller-Rabin测试的小素数测试 *ret |= DH_NOT_SUITABLE_GENERATOR; }#if 0 else if (BN_is_word(dh->g, DH_GENERATOR_3)) { l = BN_mod_word(dh->p, 12); if (l != 5) *ret |= DH_NOT_SUITABLE_GENERATOR; }#endif else if (BN_is_word(dh->g, DH_GENERATOR_5)) { l = BN_mod_word(dh->p, 10); if ((l != 3) && (l != 7)) *ret |= DH_NOT_SUITABLE_GENERATOR; } else *ret |= DH_UNABLE_TO_CHECK_GENERATOR; if (!BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL)) *ret |= DH_CHECK_P_NOT_PRIME; else if (!dh->q) { if (!BN_rshift1(t1, dh->p)) goto err; if (!BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL)) *ret |= DH_CHECK_P_NOT_SAFE_PRIME; } ok = 1; err: if (ctx != NULL) { BN_CTX_end(ctx); BN_CTX_free(ctx); } return (ok);}//检查公钥大小是否合适int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) { int ok = 0; BIGNUM *q = NULL; *ret = 0; q = BN_new(); if (q == NULL) goto err; BN_set_word(q, 1); if (BN_cmp(pub_key, q) <= 0) *ret |= DH_CHECK_PUBKEY_TOO_SMALL; BN_copy(q, dh->p); BN_sub_word(q, 1); //q=q-1 if (BN_cmp(pub_key, q) >= 0) //BN_new()<pub_key <dh->p *ret |= DH_CHECK_PUBKEY_TOO_LARGE; ok = 1; err: if (q != NULL) BN_free(q); return (ok);}
0 0
- openssl开源程序dh算法解析之dh_check.c
- openssl开源程序dh算法解析之dh_ameth.c
- openssl开源程序dh算法解析之dh_gen.c
- openssl开源程序dh算法解析之dh_key.c
- openssl开源程序dh算法解析之p1024.c
- 《openssl 编程》之 DH
- openssl中dh算法实现
- openssl中dh算法Demo
- openssl中dh算法Demo
- OpenCSP开源程序解析之OPENCSP_Alg.cpp
- OpenCSP开源程序解析之OPENCSP_AuthUI.cpp
- OpenCSP开源程序解析之OPENCSP_Hash.cpp
- OpenCSP开源程序解析之OPENCSP_Key.cpp
- OpenCSP开源程序解析之OPENCSP_Keyset.cpp
- OpenCSP开源程序解析之OPENCSP_Main.cpp
- OpenCSP开源程序解析之OPENCSP_Mutex.cpp
- openssl DH密钥协商
- DH算法
- 伪静态
- 计算机网络(8)网络层
- Android:防止过快点击造成多次事件
- 黑马程序员——Java基础---反射
- leetcode Jump Game II 题解
- openssl开源程序dh算法解析之dh_check.c
- 第7章第2题
- Pascal's Triangle
- Android之内存泄漏调试学习与总结
- 存储过程和函数的区别
- 2015年5月信息系统项目管理师综合知识真题详解 1-10题
- Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future:
- android:onKeyDown
- Rmysql的安装及乱码解决