/src/gnutls/lib/nettle/int/dsa-fips.h

Source (jump to first uncovered line)
/* dsa.h
 *
 * The DSA publickey algorithm.
 */

/* Copyright (C) 2013 Red Hat
 *  
 * The gnutls library is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation; either version 2.1 of the License, or (at your
 * option) any later version.
 * 
 * The nettle library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
 * License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public License
 * along with the nettle library.  If not, see <https://www.gnu.org/licenses/>.
 */

#ifndef GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
#define GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H

#include <nettle/bignum.h> /* includes gmp.h */
#include <nettle/dsa.h>
#include <nettle/sha2.h>
#include "fips.h"

#define div_ceil(x, y) ((x + (y) - 1) / (y))

struct dss_params_validation_seeds {
  unsigned seed_length; /* first seed */
  uint8_t seed[MAX_PVP_SEED_SIZE + 1];

  unsigned pseed_length;
  uint8_t pseed[MAX_PVP_SEED_SIZE + 1];
  unsigned qseed_length;
  uint8_t qseed[MAX_PVP_SEED_SIZE + 1];
  unsigned pgen_counter;
  unsigned qgen_counter;
};

int st_provable_prime(mpz_t p, unsigned *prime_seed_length, void *prime_seed,
          unsigned *prime_gen_counter, unsigned bits,
          unsigned seed_length, const void *seed,
          void *progress_ctx, nettle_progress_func *progress);

int dsa_generate_dss_pqg(struct dsa_params *params,
       struct dss_params_validation_seeds *cert,
       unsigned index, void *random_ctx,
       nettle_random_func *random, void *progress_ctx,
       nettle_progress_func *progress,
       unsigned p_bits /* = L */, unsigned q_bits /* = N */);

int _dsa_generate_dss_pqg(struct dsa_params *params,
        struct dss_params_validation_seeds *cert,
        unsigned index, unsigned seed_size, void *seed,
        void *progress_ctx, nettle_progress_func *progress,
        unsigned p_bits /* = L */, unsigned q_bits /* = N */);

int dsa_generate_dss_keypair(struct dsa_params *params, mpz_t y, mpz_t x,
           void *random_ctx, nettle_random_func *random,
           void *progress_ctx,
           nettle_progress_func *progress);

int dsa_validate_dss_pqg(struct dsa_params *pub,
       struct dss_params_validation_seeds *cert,
       unsigned index);

int _dsa_validate_dss_pq(struct dsa_params *pub,
       struct dss_params_validation_seeds *cert);

int _dsa_validate_dss_g(struct dsa_params *pub, unsigned domain_seed_size,
      const uint8_t *domain_seed, unsigned index);

unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits,
           unsigned generate);

/* The following low-level functions can be used for DH key exchange as well 
 */
int _dsa_generate_dss_pq(struct dsa_params *pub,
       struct dss_params_validation_seeds *cert,
       unsigned seed_length, void *seed, void *progress_ctx,
       nettle_progress_func *progress, unsigned p_bits,
       unsigned q_bits);

int _dsa_generate_dss_g(struct dsa_params *pub, unsigned domain_seed_size,
      const uint8_t *domain_seed, void *progress_ctx,
      nettle_progress_func *progress, unsigned index);

void _dsa_generate_dss_xy(struct dsa_params *pub, mpz_t y, mpz_t x,
        void *random_ctx, nettle_random_func *random);

#define DIGEST_SIZE SHA384_DIGEST_SIZE
inline static void hash(uint8_t digest[DIGEST_SIZE], unsigned length,
      void *data)
{
  struct sha384_ctx ctx;

  sha384_init(&ctx);
  sha384_update(&ctx, length, data);
  sha384_digest(&ctx, DIGEST_SIZE, digest);

  return;
}

unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal);

#endif /* GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H */

Line	Count	Source (jump to first uncovered line)
1		/* dsa.h
2		*
3		* The DSA publickey algorithm.
4		*/
5
6		/* Copyright (C) 2013 Red Hat
7		*
8		* The gnutls library is free software; you can redistribute it and/or modify
9		* it under the terms of the GNU Lesser General Public License as published by
10		* the Free Software Foundation; either version 2.1 of the License, or (at your
11		* option) any later version.
12		*
13		* The nettle library is distributed in the hope that it will be useful, but
14		* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15		* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
16		* License for more details.
17		*
18		* You should have received a copy of the GNU Lesser General Public License
19		* along with the nettle library. If not, see <https://www.gnu.org/licenses/>.
20		*/
21
22		#ifndef GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
23		#define GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H
24
25		#include <nettle/bignum.h> /* includes gmp.h */
26		#include <nettle/dsa.h>
27		#include <nettle/sha2.h>
28		#include "fips.h"
29
30	0	#define div_ceil(x, y) ((x + (y) - 1) / (y))
31
32		struct dss_params_validation_seeds {
33		unsigned seed_length; /* first seed */
34		uint8_t seed[MAX_PVP_SEED_SIZE + 1];
35
36		unsigned pseed_length;
37		uint8_t pseed[MAX_PVP_SEED_SIZE + 1];
38		unsigned qseed_length;
39		uint8_t qseed[MAX_PVP_SEED_SIZE + 1];
40		unsigned pgen_counter;
41		unsigned qgen_counter;
42		};
43
44		int st_provable_prime(mpz_t p, unsigned prime_seed_length, void prime_seed,
45		unsigned *prime_gen_counter, unsigned bits,
46		unsigned seed_length, const void *seed,
47		void progress_ctx, nettle_progress_func progress);
48
49		int dsa_generate_dss_pqg(struct dsa_params *params,
50		struct dss_params_validation_seeds *cert,
51		unsigned index, void *random_ctx,
52		nettle_random_func random, void progress_ctx,
53		nettle_progress_func *progress,
54		unsigned p_bits /* = L /, unsigned q_bits / = N */);
55
56		int _dsa_generate_dss_pqg(struct dsa_params *params,
57		struct dss_params_validation_seeds *cert,
58		unsigned index, unsigned seed_size, void *seed,
59		void progress_ctx, nettle_progress_func progress,
60		unsigned p_bits /* = L /, unsigned q_bits / = N */);
61
62		int dsa_generate_dss_keypair(struct dsa_params *params, mpz_t y, mpz_t x,
63		void random_ctx, nettle_random_func random,
64		void *progress_ctx,
65		nettle_progress_func *progress);
66
67		int dsa_validate_dss_pqg(struct dsa_params *pub,
68		struct dss_params_validation_seeds *cert,
69		unsigned index);
70
71		int _dsa_validate_dss_pq(struct dsa_params *pub,
72		struct dss_params_validation_seeds *cert);
73
74		int _dsa_validate_dss_g(struct dsa_params *pub, unsigned domain_seed_size,
75		const uint8_t *domain_seed, unsigned index);
76
77		unsigned _dsa_check_qp_sizes(unsigned q_bits, unsigned p_bits,
78		unsigned generate);
79
80		/* The following low-level functions can be used for DH key exchange as well
81		*/
82		int _dsa_generate_dss_pq(struct dsa_params *pub,
83		struct dss_params_validation_seeds *cert,
84		unsigned seed_length, void seed, void progress_ctx,
85		nettle_progress_func *progress, unsigned p_bits,
86		unsigned q_bits);
87
88		int _dsa_generate_dss_g(struct dsa_params *pub, unsigned domain_seed_size,
89		const uint8_t domain_seed, void progress_ctx,
90		nettle_progress_func *progress, unsigned index);
91
92		void _dsa_generate_dss_xy(struct dsa_params *pub, mpz_t y, mpz_t x,
93		void random_ctx, nettle_random_func random);
94
95	0	#define DIGEST_SIZE SHA384_DIGEST_SIZE
96		inline static void hash(uint8_t digest[DIGEST_SIZE], unsigned length,
97		void *data)
98	0	{
99	0	struct sha384_ctx ctx;
100
101	0	sha384_init(&ctx);
102	0	sha384_update(&ctx, length, data);
103	0	sha384_digest(&ctx, DIGEST_SIZE, digest);
104
105	0	return;
106	0	} Unexecuted instantiation: pk.c:hash Unexecuted instantiation: rsa-keygen-fips186.c:hash Unexecuted instantiation: dsa-keygen-fips186.c:hash Unexecuted instantiation: dsa-validate.c:hash Unexecuted instantiation: provable-prime.c:hash
107
108		unsigned mpz_seed_sizeinbase_256_u(mpz_t s, unsigned nominal);
109
110		#endif /* GNUTLS_LIB_NETTLE_INT_DSA_FIPS_H */

Coverage Report

Created: 2025-03-06 07:58