X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/ba6e6b64033b1f9de49feccb5c9cd438354481f7..0f00dc4c8eb47e67bc0f148c2dd109f73a451e0a:/dh-gen.c?ds=sidebyside diff --git a/dh-gen.c b/dh-gen.c deleted file mode 100644 index a1b61a1..0000000 --- a/dh-gen.c +++ /dev/null @@ -1,163 +0,0 @@ -/* -*-c-*- - * - * $Id: dh-gen.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ - * - * Generate Diffie-Hellman parameters - * - * (c) 1999 Straylight/Edgeware - */ - -/*----- Licensing notice --------------------------------------------------* - * - * This file is part of Catacomb. - * - * Catacomb is free software; you can redistribute it and/or modify - * it under the terms of the GNU Library General Public License as - * published by the Free Software Foundation; either version 2 of the - * License, or (at your option) any later version. - * - * Catacomb is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Library General Public License for more details. - * - * You should have received a copy of the GNU Library General Public - * License along with Catacomb; if not, write to the Free - * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, - * MA 02111-1307, USA. - */ - -/*----- Header files ------------------------------------------------------*/ - -#include - -#include "dh.h" -#include "grand.h" -#include "mp.h" -#include "mpmont.h" -#include "mprand.h" -#include "pfilt.h" -#include "pgen.h" -#include "prim.h" -#include "rabin.h" - -/*----- Main code ---------------------------------------------------------*/ - -/* --- @dh_gen@ --- * - * - * Arguments: @dh_param *dp@ = pointer to output parameter block - * @unsigned ql@ = length of %$q$% in bits, or zero - * @unsigned pl@ = length of %$p$% in bits - * @unsigned steps@ = number of steps to go - * @grand *r@ = random number source - * @pgen_proc *event@ = event handler function - * @void *ectx@ = argument for the event handler - * - * Returns: @PGEN_DONE@ if it worked, @PGEN_ABORT@ if it didn't. - * - * Use: Generates Diffie-Hellman parameters. - * - * The parameters are a prime %$q$%, relatively small, and a - * large prime %$p = kq + 1$% for some %$k$%, together with a - * generator %$g$% of the cyclic subgroup of order %$q$%. These - * are actually the same as the DSA parameter set, but the - * generation algorithm is different. Also, if @ql@ is zero, - * this algorithm forces %$k = 2$%, and chooses %$g = 4$%. Make - * sure you have something interesting to do if you choose this - * option. - */ - -int dh_gen(dh_param *dp, unsigned ql, unsigned pl, unsigned steps, grand *r, - pgen_proc *event, void *ectx) -{ - /* --- If @ql@ is zero, do the time consuming safe-prime thing --- */ - - if (!ql) { - pgen_simulprime sp[2]; - pgen_simulctx ss; - - mp *m = mprand(MP_NEW, pl - 1, r, 1); - ss.step = MP_TWO; - sp[0].mul = MP_ONE; sp[0].add = MP_ZERO; sp[0].f = 0; - sp[1].mul = MP_TWO; sp[1].add = MP_ONE; sp[1].f = PGENF_KEEP; - ss.v = sp; ss.n = N(sp); - dp->q = pgen("p", MP_NEW, m, event, ectx, steps, pgen_simulstep, &ss, - rabin_iters(pl), pgen_simultest, &ss); - mp_drop(m); - if (!dp->q) { - mp_drop(sp[1].u.x); - return (PGEN_ABORT); - } - dp->p = sp[1].u.x; - dp->g = MP_FOUR; - return (PGEN_DONE); - } - - /* --- Otherwise the job is much simpler --- * - * - * But doesn't look it... - */ - - else { - pgen_filterctx c; - pgen_jumpctx j; - rabin rb; - prim_ctx p; - int i; - mp *m = MP_NEW; - mp *x, *y; - - /* --- Generate @q@ first --- */ - - c.step = 2; - m = mprand(MP_NEW, ql, r, 1); - dp->q = pgen("q", MP_NEW, m, event, ectx, steps, pgen_filter, &c, - rabin_iters(ql), pgen_test, &rb); - if (!dp->q) - goto fail_q; - - /* --- Now pick a suitable @p@ --- */ - - m = mp_lsl(m, dp->q, 1); - x = mprand(MP_NEW, pl, r, 0); - y = MP_NEW; mp_div(0, &y, x, m); - x = mp_sub(x, x, y); - x = mp_add(x, x, MP_ONE); - mp_drop(y); - pfilt_create(&c.f, m); - j.j = &c.f; - dp->p = pgen("p", MP_NEW, x, event, ectx, steps, pgen_jump, &j, - rabin_iters(pl), pgen_test, &rb); - pfilt_destroy(&c.f); - mp_drop(x); - if (!dp->p) - goto fail_p; - - /* --- And finally a suitable @g@ --- */ - - mpmont_create(&p.mm, dp->p); - mp_div(&m, 0, dp->p, dp->q); - i = 0; - p.exp = m; - p.n = 0; - dp->g = pgen("g", MP_NEW, MP_NEW, event, ectx, 0, prim_step, &i, - 1, prim_test, &p); - mpmont_destroy(&p.mm); - if (!dp->g) - goto fail_g; - mp_drop(m); - return (PGEN_DONE); - - /* --- Tidy up --- */ - - fail_g: - mp_drop(dp->q); - fail_q: - mp_drop(dp->p); - fail_p: - mp_drop(m); - return (PGEN_ABORT); - } -} - -/*----- That's all, folks -------------------------------------------------*/