Implement Diffie-Hellman computations in crypto backends. (#149)

Not all backends feature the low level API needed to compute a Diffie-Hellman secret, but some of them directly implement Diffie-Hellman support with opaque private data. The later approach is now generalized and backends are responsible for all Diffie Hellman computations. As a side effect, procedures/macros _libssh2_bn_rand and _libssh2_bn_mod_exp are no longer needed outside the backends.
2025-11-20 02:42:09 +03:00 · 2016-11-27 19:39:00 +01:00
parent 5abceec571
commit f7daf3185a
10 changed files with 215 additions and 96 deletions
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -203,7 +203,7 @@ _libssh2_mbedtls_bignum_init(void)
    return bignum;
 }

-int
+static int
 _libssh2_mbedtls_bignum_random(_libssh2_bn *bn, int bits, int top, int bottom)
 {
    size_t len;
@@ -603,4 +603,43 @@ void _libssh2_init_aes_ctr(void)
 {
    /* no implementation */
 }
+
+
+/*******************************************************************/
+/*
+ * mbedTLS backend: Diffie-Hellman functions
+ */
+
+void
+_libssh2_dh_init(_libssh2_dh_ctx *dhctx)
+{
+    *dhctx = _libssh2_mbedtls_bignum_init();    /* Random from client */
+}
+
+int
+_libssh2_dh_key_pair(_libssh2_dh_ctx *dhctx, _libssh2_bn *public,
+                     _libssh2_bn *g, _libssh2_bn *p, int group_order)
+{
+    /* Generate x and e */
+    _libssh2_mbedtls_bignum_random(*dhctx, group_order * 8 - 1, 0, -1);
+    mbedtls_mpi_exp_mod(public, g, *dhctx, p, NULL);
+    return 0;
+}
+
+int
+_libssh2_dh_secret(_libssh2_dh_ctx *dhctx, _libssh2_bn *secret,
+                   _libssh2_bn *f, _libssh2_bn *p)
+{
+    /* Compute the shared secret */
+    mbedtls_mpi_exp_mod(secret, f, *dhctx, p, NULL);
+    return 0;
+}
+
+void
+_libssh2_dh_dtor(_libssh2_dh_ctx *dhctx)
+{
+    mbedtls_mpi_free(*dhctx);
+    *dhctx = NULL;
+}
+
 #endif /* LIBSSH2_MBEDTLS */