/src/gnutls/lib/nettle/int/dsa-fips.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* dsa.h |
2 | | * |
3 | | * The DSA publickey algorithm. |
4 | | */ |
5 | | |
6 | | /* Copyright (C) 2013 Red Hat |
7 | | * |
8 | | * The gnutls library is free software; you can redistribute it and/or modify |
9 | | * it under the terms of the GNU Lesser General Public License as published by |
10 | | * the Free Software Foundation; either version 2.1 of the License, or (at your |
11 | | * option) any later version. |
12 | | * |
13 | | * The nettle library is distributed in the hope that it will be useful, but |
14 | | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY |
15 | | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public |
16 | | * License for more details. |
17 | | * |
18 | | * You should have received a copy of the GNU Lesser General Public License |
19 | | * along with the nettle library. If not, see <https://www.gnu.org/licenses/>. |
20 | | */ |
21 | | |
22 | | #ifndef GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H |
23 | | #define GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H |
24 | | |
25 | | #include <nettle/bignum.h> /* includes gmp.h */ |
26 | | #include <nettle/dsa.h> |
27 | | #include <nettle/sha2.h> |
28 | | #include "fips.h" |
29 | | |
30 | 0 | #define div_ceil(x, y) ((x + (y) - 1) / (y)) |
31 | | |
32 | | struct dss_params_validation_seeds { |
33 | | unsigned seed_length; /* first seed */ |
34 | | uint8_t seed[MAX_PVP_SEED_SIZE + 1]; |
35 | | |
36 | | unsigned pseed_length; |
37 | | uint8_t pseed[MAX_PVP_SEED_SIZE + 1]; |
38 | | unsigned qseed_length; |
39 | | uint8_t qseed[MAX_PVP_SEED_SIZE + 1]; |
40 | | unsigned pgen_counter; |
41 | | unsigned qgen_counter; |
42 | | }; |
43 | | |
44 | | int st_provable_prime(mpz_t p, unsigned *prime_seed_length, void *prime_seed, |
45 | | unsigned *prime_gen_counter, unsigned bits, |
46 | | unsigned seed_length, const void *seed, |
47 | | void *progress_ctx, nettle_progress_func *progress); |
48 | | |
49 | | int dsa_generate_dss_pqg(struct dsa_params *params, |
50 | | struct dss_params_validation_seeds *cert, |
51 | | unsigned index, void *random_ctx, |
52 | | nettle_random_func *random, void *progress_ctx, |
53 | | nettle_progress_func *progress, |
54 | | unsigned p_bits /* = L */, unsigned q_bits /* = N */); |
55 | | |
56 | | int _dsa_generate_dss_pqg(struct dsa_params *params, |
57 | | struct dss_params_validation_seeds *cert, |
58 | | unsigned index, unsigned seed_size, void *seed, |
59 | | void *progress_ctx, nettle_progress_func *progress, |
60 | | unsigned p_bits /* = L */, unsigned q_bits /* = N */); |
61 | | |
62 | | int dsa_generate_dss_keypair(struct dsa_params *params, mpz_t y, mpz_t x, |
63 | | void *random_ctx, nettle_random_func *random, |
64 | | void *progress_ctx, |
65 | | nettle_progress_func *progress); |
66 | | |
67 | | int dsa_validate_dss_pqg(struct dsa_params *pub, |
68 | | struct dss_params_validation_seeds *cert, |
69 | | unsigned index); |
70 | | |
71 | | int _dsa_validate_dss_pq(struct dsa_params *pub, |
72 | | struct dss_params_validation_seeds *cert); |
73 | | |
74 | | int _dsa_validate_dss_g(struct dsa_params *pub, unsigned domain_seed_size, |
75 | | const uint8_t *domain_seed, unsigned index); |
76 | | |
77 | | unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits, |
78 | | unsigned generate); |
79 | | |
80 | | /* The following low-level functions can be used for DH key exchange as well |
81 | | */ |
82 | | int _dsa_generate_dss_pq(struct dsa_params *pub, |
83 | | struct dss_params_validation_seeds *cert, |
84 | | unsigned seed_length, void *seed, void *progress_ctx, |
85 | | nettle_progress_func *progress, unsigned p_bits, |
86 | | unsigned q_bits); |
87 | | |
88 | | int _dsa_generate_dss_g(struct dsa_params *pub, unsigned domain_seed_size, |
89 | | const uint8_t *domain_seed, void *progress_ctx, |
90 | | nettle_progress_func *progress, unsigned index); |
91 | | |
92 | | void _dsa_generate_dss_xy(struct dsa_params *pub, mpz_t y, mpz_t x, |
93 | | void *random_ctx, nettle_random_func *random); |
94 | | |
95 | 0 | #define DIGEST_SIZE SHA384_DIGEST_SIZE |
96 | | inline static void hash(uint8_t digest[DIGEST_SIZE], unsigned length, |
97 | | void *data) |
98 | 0 | { |
99 | 0 | struct sha384_ctx ctx; |
100 | |
|
101 | 0 | sha384_init(&ctx); |
102 | 0 | sha384_update(&ctx, length, data); |
103 | 0 | sha384_digest(&ctx, DIGEST_SIZE, digest); |
104 | |
|
105 | 0 | return; |
106 | 0 | } Unexecuted instantiation: pk.c:hash Unexecuted instantiation: rsa-keygen-fips186.c:hash Unexecuted instantiation: dsa-keygen-fips186.c:hash Unexecuted instantiation: dsa-validate.c:hash Unexecuted instantiation: provable-prime.c:hash |
107 | | |
108 | | unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal); |
109 | | |
110 | | #endif /* GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H */ |