Coverage Report

Created: 2025-03-06 07:58

/src/gnutls/lib/nettle/int/dsa-fips.h
Line
Count
Source (jump to first uncovered line)
1
/* dsa.h
2
 *
3
 * The DSA publickey algorithm.
4
 */
5
6
/* Copyright (C) 2013 Red Hat
7
 *  
8
 * The gnutls library is free software; you can redistribute it and/or modify
9
 * it under the terms of the GNU Lesser General Public License as published by
10
 * the Free Software Foundation; either version 2.1 of the License, or (at your
11
 * option) any later version.
12
 * 
13
 * The nettle library is distributed in the hope that it will be useful, but
14
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
16
 * License for more details.
17
 * 
18
 * You should have received a copy of the GNU Lesser General Public License
19
 * along with the nettle library.  If not, see <https://www.gnu.org/licenses/>.
20
 */
21
22
#ifndef GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
23
#define GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
24
25
#include <nettle/bignum.h> /* includes gmp.h */
26
#include <nettle/dsa.h>
27
#include <nettle/sha2.h>
28
#include "fips.h"
29
30
0
#define div_ceil(x, y) ((x + (y) - 1) / (y))
31
32
struct dss_params_validation_seeds {
33
  unsigned seed_length; /* first seed */
34
  uint8_t seed[MAX_PVP_SEED_SIZE + 1];
35
36
  unsigned pseed_length;
37
  uint8_t pseed[MAX_PVP_SEED_SIZE + 1];
38
  unsigned qseed_length;
39
  uint8_t qseed[MAX_PVP_SEED_SIZE + 1];
40
  unsigned pgen_counter;
41
  unsigned qgen_counter;
42
};
43
44
int st_provable_prime(mpz_t p, unsigned *prime_seed_length, void *prime_seed,
45
          unsigned *prime_gen_counter, unsigned bits,
46
          unsigned seed_length, const void *seed,
47
          void *progress_ctx, nettle_progress_func *progress);
48
49
int dsa_generate_dss_pqg(struct dsa_params *params,
50
       struct dss_params_validation_seeds *cert,
51
       unsigned index, void *random_ctx,
52
       nettle_random_func *random, void *progress_ctx,
53
       nettle_progress_func *progress,
54
       unsigned p_bits /* = L */, unsigned q_bits /* = N */);
55
56
int _dsa_generate_dss_pqg(struct dsa_params *params,
57
        struct dss_params_validation_seeds *cert,
58
        unsigned index, unsigned seed_size, void *seed,
59
        void *progress_ctx, nettle_progress_func *progress,
60
        unsigned p_bits /* = L */, unsigned q_bits /* = N */);
61
62
int dsa_generate_dss_keypair(struct dsa_params *params, mpz_t y, mpz_t x,
63
           void *random_ctx, nettle_random_func *random,
64
           void *progress_ctx,
65
           nettle_progress_func *progress);
66
67
int dsa_validate_dss_pqg(struct dsa_params *pub,
68
       struct dss_params_validation_seeds *cert,
69
       unsigned index);
70
71
int _dsa_validate_dss_pq(struct dsa_params *pub,
72
       struct dss_params_validation_seeds *cert);
73
74
int _dsa_validate_dss_g(struct dsa_params *pub, unsigned domain_seed_size,
75
      const uint8_t *domain_seed, unsigned index);
76
77
unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits,
78
           unsigned generate);
79
80
/* The following low-level functions can be used for DH key exchange as well 
81
 */
82
int _dsa_generate_dss_pq(struct dsa_params *pub,
83
       struct dss_params_validation_seeds *cert,
84
       unsigned seed_length, void *seed, void *progress_ctx,
85
       nettle_progress_func *progress, unsigned p_bits,
86
       unsigned q_bits);
87
88
int _dsa_generate_dss_g(struct dsa_params *pub, unsigned domain_seed_size,
89
      const uint8_t *domain_seed, void *progress_ctx,
90
      nettle_progress_func *progress, unsigned index);
91
92
void _dsa_generate_dss_xy(struct dsa_params *pub, mpz_t y, mpz_t x,
93
        void *random_ctx, nettle_random_func *random);
94
95
0
#define DIGEST_SIZE SHA384_DIGEST_SIZE
96
inline static void hash(uint8_t digest[DIGEST_SIZE], unsigned length,
97
      void *data)
98
0
{
99
0
  struct sha384_ctx ctx;
100
101
0
  sha384_init(&ctx);
102
0
  sha384_update(&ctx, length, data);
103
0
  sha384_digest(&ctx, DIGEST_SIZE, digest);
104
105
0
  return;
106
0
}
Unexecuted instantiation: pk.c:hash
Unexecuted instantiation: rsa-keygen-fips186.c:hash
Unexecuted instantiation: dsa-keygen-fips186.c:hash
Unexecuted instantiation: dsa-validate.c:hash
Unexecuted instantiation: provable-prime.c:hash
107
108
unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal);
109
110
#endif /* GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H */