Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(50)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mozilla/security/nss/lib/freebl/dh.c

Issue 10961060: Update NSS to NSS 3.14 Beta 1. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Add the NSS snapshot timestamp to README.chromium and nss-checkout.sh Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mozilla/security/nss/lib/freebl/blapit.h ('k') | mozilla/security/nss/lib/freebl/drbg.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 4
5 /* 5 /*
6 * Diffie-Hellman parameter generation, key generation, and secret derivation. 6 * Diffie-Hellman parameter generation, key generation, and secret derivation.
7 * KEA secret generation and verification. 7 * KEA secret generation and verification.
8 * 8 *
9 * $Id: dh.c,v 1.12 2012/06/14 18:55:10 wtc%google.com Exp $ 9 * $Id: dh.c,v 1.12 2012/06/14 18:55:10 wtc%google.com Exp $
10 */ 10 */
11 #ifdef FREEBL_NO_DEPEND 11 #ifdef FREEBL_NO_DEPEND
12 #include "stubs.h" 12 #include "stubs.h"
13 #endif 13 #endif
14 14
15 #include "prerr.h" 15 #include "prerr.h"
16 #include "secerr.h" 16 #include "secerr.h"
17 17
18 #include "blapi.h" 18 #include "blapi.h"
19 #include "secitem.h" 19 #include "secitem.h"
20 #include "mpi.h" 20 #include "mpi.h"
21 #include "mpprime.h" 21 #include "mpprime.h"
22 #include "secmpi.h" 22 #include "secmpi.h"
23 23
24 #define DH_SECRET_KEY_LEN 20
25 #define KEA_DERIVED_SECRET_LEN 128 24 #define KEA_DERIVED_SECRET_LEN 128
26 25
26 /* Lengths are in bytes. */
27 static unsigned int
28 dh_GetSecretKeyLen(unsigned int primeLen)
29 {
30 /* Based on Table 2 in NIST SP 800-57. */
31 if (primeLen >= 1920) { /* 15360 bits */
32 return 64; /* 512 bits */
33 }
34 if (primeLen >= 960) { /* 7680 bits */
35 return 48; /* 384 bits */
36 }
37 if (primeLen >= 384) { /* 3072 bits */
38 return 32; /* 256 bits */
39 }
40 if (primeLen >= 256) { /* 2048 bits */
41 return 28; /* 224 bits */
42 }
43 return 20; /* 160 bits */
44 }
45
27 SECStatus 46 SECStatus
28 DH_GenParam(int primeLen, DHParams **params) 47 DH_GenParam(int primeLen, DHParams **params)
29 { 48 {
30 PRArenaPool *arena; 49 PRArenaPool *arena;
31 DHParams *dhparams; 50 DHParams *dhparams;
32 unsigned char *pb = NULL; 51 unsigned char *pb = NULL;
33 unsigned char *ab = NULL; 52 unsigned char *ab = NULL;
34 unsigned long counter = 0; 53 unsigned long counter = 0;
35 mp_int p, q, a, h, psub1, test; 54 mp_int p, q, a, h, psub1, test;
36 mp_err err = MP_OKAY; 55 mp_err err = MP_OKAY;
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after
147 CHECK_MPI_OK( mp_init(&xa) ); 166 CHECK_MPI_OK( mp_init(&xa) );
148 CHECK_MPI_OK( mp_init(&p) ); 167 CHECK_MPI_OK( mp_init(&p) );
149 CHECK_MPI_OK( mp_init(&Ya) ); 168 CHECK_MPI_OK( mp_init(&Ya) );
150 /* Set private key's p */ 169 /* Set private key's p */
151 CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->prime, &params->prime) ); 170 CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->prime, &params->prime) );
152 SECITEM_TO_MPINT(key->prime, &p); 171 SECITEM_TO_MPINT(key->prime, &p);
153 /* Set private key's g */ 172 /* Set private key's g */
154 CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->base, &params->base) ); 173 CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->base, &params->base) );
155 SECITEM_TO_MPINT(key->base, &g); 174 SECITEM_TO_MPINT(key->base, &g);
156 /* Generate private key xa */ 175 /* Generate private key xa */
157 SECITEM_AllocItem(arena, &key->privateValue, DH_SECRET_KEY_LEN); 176 SECITEM_AllocItem(arena, &key->privateValue,
177 dh_GetSecretKeyLen(params->prime.len));
158 RNG_GenerateGlobalRandomBytes(key->privateValue.data, 178 RNG_GenerateGlobalRandomBytes(key->privateValue.data,
159 key->privateValue.len); 179 key->privateValue.len);
160 SECITEM_TO_MPINT( key->privateValue, &xa ); 180 SECITEM_TO_MPINT( key->privateValue, &xa );
161 /* xa < p */ 181 /* xa < p */
162 CHECK_MPI_OK( mp_mod(&xa, &p, &xa) ); 182 CHECK_MPI_OK( mp_mod(&xa, &p, &xa) );
163 /* Compute public key Ya = g ** xa mod p */ 183 /* Compute public key Ya = g ** xa mod p */
164 CHECK_MPI_OK( mp_exptmod(&g, &xa, &p, &Ya) ); 184 CHECK_MPI_OK( mp_exptmod(&g, &xa, &p, &Ya) );
165 MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena); 185 MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena);
166 *privKey = key; 186 *privKey = key;
167 cleanup: 187 cleanup:
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after
364 mp_clear(&p); 384 mp_clear(&p);
365 mp_clear(&q); 385 mp_clear(&q);
366 mp_clear(&y); 386 mp_clear(&y);
367 mp_clear(&r); 387 mp_clear(&r);
368 if (err) { 388 if (err) {
369 MP_TO_SEC_ERROR(err); 389 MP_TO_SEC_ERROR(err);
370 return PR_FALSE; 390 return PR_FALSE;
371 } 391 }
372 return (cmp == 0) ? PR_TRUE : PR_FALSE; 392 return (cmp == 0) ? PR_TRUE : PR_FALSE;
373 } 393 }
OLDNEW
« no previous file with comments | « mozilla/security/nss/lib/freebl/blapit.h ('k') | mozilla/security/nss/lib/freebl/drbg.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698