/src/gnutls/lib/nettle/int/dsa-fips.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* dsa.h |
2 | | * |
3 | | * The DSA publickey algorithm. |
4 | | */ |
5 | | |
6 | | /* Copyright (C) 2013 Red Hat |
7 | | * |
8 | | * The gnutls library is free software; you can redistribute it and/or modify |
9 | | * it under the terms of the GNU Lesser General Public License as published by |
10 | | * the Free Software Foundation; either version 2.1 of the License, or (at your |
11 | | * option) any later version. |
12 | | * |
13 | | * The nettle library is distributed in the hope that it will be useful, but |
14 | | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
15 | | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
16 | | * License for more details. |
17 | | * |
18 | | * You should have received a copy of the GNU Lesser General Public License |
19 | | * along with the nettle library. If not, see <https://www.gnu.org/licenses/>. |
20 | | */ |
21 | | |
22 | | #ifndef GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H |
23 | | # define GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H |
24 | | |
25 | | # include <nettle/bignum.h> /* includes gmp.h */ |
26 | | # include <nettle/dsa.h> |
27 | | # include <nettle/sha2.h> |
28 | | # include <fips.h> |
29 | | |
30 | 0 | # define div_ceil(x,y) ((x+(y)-1)/(y)) |
31 | | |
32 | | struct dss_params_validation_seeds { |
33 | | unsigned seed_length; /* first seed */ |
34 | | uint8_t seed[MAX_PVP_SEED_SIZE + 1]; |
35 | | |
36 | | unsigned pseed_length; |
37 | | uint8_t pseed[MAX_PVP_SEED_SIZE + 1]; |
38 | | unsigned qseed_length; |
39 | | uint8_t qseed[MAX_PVP_SEED_SIZE + 1]; |
40 | | unsigned pgen_counter; |
41 | | unsigned qgen_counter; |
42 | | }; |
43 | | |
44 | | int |
45 | | st_provable_prime(mpz_t p, |
46 | | unsigned *prime_seed_length, void *prime_seed, |
47 | | unsigned *prime_gen_counter, |
48 | | unsigned bits, |
49 | | unsigned seed_length, const void *seed, |
50 | | void *progress_ctx, nettle_progress_func * progress); |
51 | | |
52 | | int |
53 | | dsa_generate_dss_pqg(struct dsa_params *params, |
54 | | struct dss_params_validation_seeds *cert, |
55 | | unsigned index, |
56 | | void *random_ctx, nettle_random_func * random, |
57 | | void *progress_ctx, nettle_progress_func * progress, |
58 | | unsigned p_bits /* = L */ , unsigned q_bits /* = N */ ); |
59 | | |
60 | | int |
61 | | _dsa_generate_dss_pqg(struct dsa_params *params, |
62 | | struct dss_params_validation_seeds *cert, |
63 | | unsigned index, |
64 | | unsigned seed_size, void *seed, |
65 | | void *progress_ctx, nettle_progress_func * progress, |
66 | | unsigned p_bits /* = L */ , unsigned q_bits /* = N */ ); |
67 | | |
68 | | int |
69 | | dsa_generate_dss_keypair(struct dsa_params *params, |
70 | | mpz_t y, |
71 | | mpz_t x, |
72 | | void *random_ctx, nettle_random_func * random, |
73 | | void *progress_ctx, nettle_progress_func * progress); |
74 | | |
75 | | int |
76 | | dsa_validate_dss_pqg(struct dsa_params *pub, |
77 | | struct dss_params_validation_seeds *cert, unsigned index); |
78 | | |
79 | | int |
80 | | _dsa_validate_dss_pq(struct dsa_params *pub, |
81 | | struct dss_params_validation_seeds *cert); |
82 | | |
83 | | int |
84 | | _dsa_validate_dss_g(struct dsa_params *pub, |
85 | | unsigned domain_seed_size, const uint8_t * domain_seed, |
86 | | unsigned index); |
87 | | |
88 | | unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits, |
89 | | unsigned generate); |
90 | | |
91 | | /* The following low-level functions can be used for DH key exchange as well |
92 | | */ |
93 | | int |
94 | | _dsa_generate_dss_pq(struct dsa_params *pub, |
95 | | struct dss_params_validation_seeds *cert, |
96 | | unsigned seed_length, void *seed, |
97 | | void *progress_ctx, nettle_progress_func * progress, |
98 | | unsigned p_bits, unsigned q_bits); |
99 | | |
100 | | int |
101 | | _dsa_generate_dss_g(struct dsa_params *pub, |
102 | | unsigned domain_seed_size, const uint8_t * domain_seed, |
103 | | void *progress_ctx, nettle_progress_func * progress, |
104 | | unsigned index); |
105 | | |
106 | | void |
107 | | _dsa_generate_dss_xy(struct dsa_params *pub, |
108 | | mpz_t y, |
109 | | mpz_t x, void *random_ctx, nettle_random_func * random); |
110 | | |
111 | 0 | # define DIGEST_SIZE SHA384_DIGEST_SIZE |
112 | | inline static void |
113 | | hash(uint8_t digest[DIGEST_SIZE], unsigned length, void *data) |
114 | 0 | { |
115 | 0 | struct sha384_ctx ctx; |
116 | |
|
117 | 0 | sha384_init(&ctx); |
118 | 0 | sha384_update(&ctx, length, data); |
119 | 0 | sha384_digest(&ctx, DIGEST_SIZE, digest); |
120 | |
|
121 | 0 | return; |
122 | 0 | } Unexecuted instantiation: pk.c:hash Unexecuted instantiation: rsa-keygen-fips186.c:hash Unexecuted instantiation: dsa-keygen-fips186.c:hash Unexecuted instantiation: dsa-validate.c:hash Unexecuted instantiation: provable-prime.c:hash |
123 | | |
124 | | unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal); |
125 | | |
126 | | #endif /* GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H */ |