More size_tification.

[openssl.git] / crypto / dh / dh.h

diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 312340e9f3e37e82b33998418fa881a0e6af236b..c3f297e2beb0bc7d8dd9d64d2f95ed6e26b6bbe2 100644 (file)
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -73,7 +73,18 @@
 #include <openssl/bn.h>
 #endif
        
-#define DH_FLAG_CACHE_MONT_P   0x01
+#ifndef OPENSSL_DH_MAX_MODULUS_BITS
+# define OPENSSL_DH_MAX_MODULUS_BITS   10000
+#endif
+
+#define DH_FLAG_CACHE_MONT_P     0x01
+#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
+                                       * implementation now uses constant time
+                                       * modular exponentiation for secret exponents
+                                       * by default. This flag causes the
+                                       * faster variable sliding window method to
+                                       * be used for all exponents.
+                                       */
 
 #ifdef  __cplusplus
 extern "C" {
@@ -114,7 +125,7 @@ struct dh_st
        BIGNUM *priv_key;       /* x */
 
        int flags;
-       char *method_mont_p;
+       BN_MONT_CTX *method_mont_p;
        /* Place holders if we want to do X9.42 DH */
        BIGNUM *q;
        BIGNUM *j;
@@ -138,25 +149,21 @@ struct dh_st
 #define DH_UNABLE_TO_CHECK_GENERATOR   0x04
 #define DH_NOT_SUITABLE_GENERATOR      0x08
 
+/* DH_check_pub_key error codes */
+#define DH_CHECK_PUBKEY_TOO_SMALL      0x01
+#define DH_CHECK_PUBKEY_TOO_LARGE      0x02
+
 /* primes p where (p-1)/2 is prime too are called "safe"; we define
    this for backward compatibility: */
 #define DH_CHECK_P_NOT_STRONG_PRIME    DH_CHECK_P_NOT_SAFE_PRIME
 
-#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
-               (char *(*)())d2i_DHparams,(char *)(x))
+#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
 #define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
                (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
 #define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
                (unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
-               (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
-#ifdef  __cplusplus
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
-               (unsigned char *)(x))
-#else
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
-               (unsigned char *)(x))
-#endif
+#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
+#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
 
 const DH_METHOD *DH_OpenSSL(void);
 
@@ -184,9 +191,10 @@ DH *       DH_generate_parameters(int prime_len,int generator,
 int    DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
 
 int    DH_check(const DH *dh,int *codes);
+int    DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
 int    DH_generate_key(DH *dh);
 int    DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-DH *   d2i_DHparams(DH **a,const unsigned char **pp, long length);
+DH *   d2i_DHparams(DH **a,const unsigned char **pp, size_t length);
 int    i2d_DHparams(const DH *a,unsigned char **pp);
 #ifndef OPENSSL_NO_FP_API
 int    DHparams_print_fp(FILE *fp, const DH *x);
@@ -197,6 +205,18 @@ int        DHparams_print(BIO *bp, const DH *x);
 int    DHparams_print(char *bp, const DH *x);
 #endif
 
+#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+       EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                       EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+       EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                       EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+#define        EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN     (EVP_PKEY_ALG_CTRL + 1)
+#define        EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR     (EVP_PKEY_ALG_CTRL + 2)
+               
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -206,16 +226,32 @@ void ERR_load_DH_strings(void);
 /* Error codes for the DH functions. */
 
 /* Function codes. */
-#define DH_F_DHPARAMS_PRINT                             100
+#define DH_F_COMPUTE_KEY                                102
 #define DH_F_DHPARAMS_PRINT_FP                          101
-#define DH_F_DH_COMPUTE_KEY                             102
-#define DH_F_DH_GENERATE_KEY                            103
-#define DH_F_DH_GENERATE_PARAMETERS                     104
+#define DH_F_DH_BUILTIN_GENPARAMS                       106
 #define DH_F_DH_NEW_METHOD                              105
+#define DH_F_DH_PARAM_DECODE                            107
+#define DH_F_DH_PRIV_DECODE                             110
+#define DH_F_DH_PRIV_ENCODE                             111
+#define DH_F_DH_PUB_DECODE                              108
+#define DH_F_DH_PUB_ENCODE                              109
+#define DH_F_DO_DH_PRINT                                100
+#define DH_F_GENERATE_KEY                               103
+#define DH_F_GENERATE_PARAMETERS                        104
+#define DH_F_PKEY_DH_DERIVE                             112
+#define DH_F_PKEY_DH_KEYGEN                             113
 
 /* Reason codes. */
 #define DH_R_BAD_GENERATOR                              101
+#define DH_R_BN_DECODE_ERROR                            109
+#define DH_R_BN_ERROR                                   106
+#define DH_R_DECODE_ERROR                               104
+#define DH_R_INVALID_PUBKEY                             102
+#define DH_R_KEYS_NOT_SET                               108
+#define DH_R_MODULUS_TOO_LARGE                          103
+#define DH_R_NO_PARAMETERS_SET                          107
 #define DH_R_NO_PRIVATE_VALUE                           100
+#define DH_R_PARAMETER_ENCODING_ERROR                   105
 
 #ifdef  __cplusplus
 }