/* */ #include "LibgmpDHKeyExchange.h" #include #include "DlAbortEx.h" #include "fmt.h" #include "a2gmp.h" #include "util.h" namespace aria2 { namespace { void handleError(int err) { throw DL_ABORT_EX (fmt("Exception in libgmp routine(DHKeyExchange class): code%d", err)); } } // namespace DHKeyExchange::DHKeyExchange() : keyLength_(0) { mpz_init(prime_); mpz_init(generator_); mpz_init(privateKey_); mpz_init(publicKey_); } DHKeyExchange::~DHKeyExchange() { mpz_clear(prime_); mpz_clear(generator_); mpz_clear(privateKey_); mpz_clear(publicKey_); } void DHKeyExchange::init (const unsigned char* prime, size_t primeBits, const unsigned char* generator, size_t privateKeyBits) { if(mpz_set_str(prime_, reinterpret_cast(prime), 16) == -1) { handleError(-1); } if(mpz_set_str (generator_, reinterpret_cast(generator), 16) == -1) { handleError(-1); } mpz_urandomb(privateKey_, global::gmpRandstate, privateKeyBits); keyLength_ = (primeBits+7)/8; } void DHKeyExchange::generatePublicKey() { mpz_powm(publicKey_, generator_, privateKey_, prime_); } size_t DHKeyExchange::getPublicKey(unsigned char* out, size_t outLength) const { if(outLength < keyLength_) { throw DL_ABORT_EX (fmt("Insufficient buffer for public key. expect:%lu, actual:%lu", static_cast(keyLength_), static_cast(outLength))); } memset(out, 0, outLength); size_t publicKeyBytes = (mpz_sizeinbase(publicKey_, 2)+7)/8; size_t offset = keyLength_-publicKeyBytes; size_t nwritten; mpz_export(out+offset, &nwritten, 1, 1, 1, 0, publicKey_); return nwritten; } void DHKeyExchange::generateNonce(unsigned char* out, size_t outLength) const { util::generateRandomData(out, outLength); } size_t DHKeyExchange::computeSecret (unsigned char* out, size_t outLength, const unsigned char* peerPublicKeyData, size_t peerPublicKeyLength) const { if(outLength < keyLength_) { throw DL_ABORT_EX (fmt("Insufficient buffer for secret. expect:%lu, actual:%lu", static_cast(keyLength_), static_cast(outLength))); } mpz_t peerPublicKey; mpz_init(peerPublicKey); mpz_import(peerPublicKey, peerPublicKeyLength, 1, 1, 1, 0, peerPublicKeyData); mpz_t secret; mpz_init(secret); mpz_powm(secret, peerPublicKey, privateKey_, prime_); mpz_clear(peerPublicKey); memset(out, 0, outLength); size_t secretBytes = (mpz_sizeinbase(secret, 2)+7)/8; size_t offset = keyLength_-secretBytes; size_t nwritten; mpz_export(out+offset, &nwritten, 1, 1, 1, 0, secret); mpz_clear(secret); return nwritten; } } // namespace aria2