/*实现openssl 提供的默认的DH_METHOD,实现了根据密钥参数生成DH公私
钥,以及根据DH 公钥(一方)以及DH 私钥(另一方)来生成一个共享密钥,用于密
钥交换*/
#include
#include "cryptlib.h"
#include
#include //实现了伪随机数生成,支持用户自定义随机数生成
#include
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); //r=a^p % m
static int dh_init(DH *dh);
static int dh_finish(DH *dh);
int DH_generate_key(DH *dh) //生成公私钥
{
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
&& !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
return 0;
}
#endif
return dh->meth->generate_key(dh); //生成公私钥,存放于dh结构体的公私钥属性中
}
//根据对方公钥和己方DH 密钥来生成共享密钥的函数
int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
&& !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
return 0;