ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-06-26 18:17:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge libtomcrypt v1.18.2

Browse Source
This commit is contained in:
Matt Johnston
2020-06-10 23:16:13 +08:00
parent 615885be01
commit 4b305c5721
45 changed files with 388 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libtomcrypt/src/ciphers/aes/aes_tab.c
View File

@@ -94,7 +94,7 @@ static const ulong32 TE0[256] = {
0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL,
};
#ifndef PELI_TAB
#if !defined(PELI_TAB) && defined(LTC_SMALL_CODE)
static const ulong32 Te4[256] = {
0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL,
0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL,
@@ -1017,11 +1017,13 @@ static const ulong32 Tks3[] = {
#endif /* SMALL CODE */
#ifndef PELI_TAB
static const ulong32 rcon[] = {
0x01000000UL, 0x02000000UL, 0x04000000UL, 0x08000000UL,
0x10000000UL, 0x20000000UL, 0x40000000UL, 0x80000000UL,
0x1B000000UL, 0x36000000UL, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
};
#endif
#endif /* __LTC_AES_TAB_C__ */

9
libtomcrypt/src/ciphers/des.c
View File

@@ -38,7 +38,7 @@ const struct ltc_cipher_descriptor des3_desc =
{
"3des",
14,
24, 24, 8, 16,
16, 24, 8, 16,
&des3_setup,
&des3_ecb_encrypt,
&des3_ecb_decrypt,
@@ -2080,8 +2080,11 @@ int des_keysize(int *keysize)
int des3_keysize(int *keysize)
{
LTC_ARGCHK(keysize != NULL);
if(*keysize < 24) {
return CRYPT_INVALID_KEYSIZE;
if (*keysize < 16)
return CRYPT_INVALID_KEYSIZE;
if (*keysize < 24) {
*keysize = 16;
return CRYPT_OK;
}
*keysize = 24;
return CRYPT_OK;

2
libtomcrypt/src/encauth/ccm/ccm_memory.c
View File

@@ -52,7 +52,7 @@ int ccm_memory(int cipher,
int err;
unsigned long len, L, x, y, z, CTRlen;
#ifdef LTC_FAST
LTC_FAST_TYPE fastMask = ~0; /* initialize fastMask at all zeroes */
LTC_FAST_TYPE fastMask = ~(LTC_FAST_TYPE)0; /* initialize fastMask at all zeroes */
#endif
unsigned char mask = 0xff; /* initialize mask at all zeroes */

7
libtomcrypt/src/headers/tomcrypt.h
View File

@@ -27,14 +27,15 @@ extern "C" {
/* version */
#define CRYPT 0x0118
#define SCRYPT "1.18.1"
#define SCRYPT "1.18.2"
/* max size of either a cipher/hash block or symmetric key [largest of the two] */
#define MAXBLOCKSIZE 128
#ifndef TAB_SIZE
/* descriptor table size */
/* Dropbear change - this should be smaller, saves some size */
#define TAB_SIZE 5
#define TAB_SIZE 32
#endif
/* error codes [will be expanded in future releases] */
enum {

7
libtomcrypt/src/headers/tomcrypt_custom.h
View File

@@ -480,6 +480,13 @@
#endif
#endif
#if defined(LTC_DER)
#ifndef LTC_DER_MAX_RECURSION
/* Maximum recursion limit when processing nested ASN.1 types. */
#define LTC_DER_MAX_RECURSION 30
#endif
#endif
#if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_MKAT)
/* Include the MPI functionality? (required by the PK algorithms) */
#define LTC_MPI

3
libtomcrypt/src/headers/tomcrypt_dropbear.h
View File

@@ -10,6 +10,9 @@
#define LTC_SMALL_CODE
#endif
/* Fewer entries needed */
#define TAB_SIZE 5
#if DROPBEAR_BLOWFISH
#define LTC_BLOWFISH
#endif

16
libtomcrypt/src/headers/tomcrypt_pk.h
View File

@@ -667,16 +667,16 @@ int der_printable_value_decode(int v);
/* UTF-8 */
#if (defined(SIZE_MAX) || __STDC_VERSION__ >= 199901L || defined(WCHAR_MAX) || defined(__WCHAR_MAX__) || defined(_WCHAR_T) || defined(_WCHAR_T_DEFINED) || defined (__WCHAR_TYPE__)) && !defined(LTC_NO_WCHAR)
#include <wchar.h>
#if defined(__WCHAR_MAX__)
#define LTC_WCHAR_MAX __WCHAR_MAX__
#elif defined(WCHAR_MAX)
#define LTC_WCHAR_MAX WCHAR_MAX
#endif
#if defined(__WCHAR_MAX__)
#define LTC_WCHAR_MAX __WCHAR_MAX__
#else
#include <wchar.h>
#define LTC_WCHAR_MAX WCHAR_MAX
#endif
/* please note that it might happen that LTC_WCHAR_MAX is undefined */
#else
typedef ulong32 wchar_t;
#define LTC_WCHAR_MAX 0xFFFFFFFF
typedef ulong32 wchar_t;
#define LTC_WCHAR_MAX 0xFFFFFFFF
#endif
int der_encode_utf8_string(const wchar_t *in, unsigned long inlen,

5
libtomcrypt/src/mac/blake2/blake2bmac_file.c
View File

@@ -23,6 +23,11 @@
int blake2bmac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(fname);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(mac);
LTC_UNUSED_PARAM(maclen);
return CRYPT_NOP;
#else
blake2bmac_state st;

5
libtomcrypt/src/mac/blake2/blake2smac_file.c
View File

@@ -23,6 +23,11 @@
int blake2smac_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(fname);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(mac);
LTC_UNUSED_PARAM(maclen);
return CRYPT_NOP;
#else
blake2smac_state st;

6
libtomcrypt/src/mac/f9/f9_file.c
View File

@@ -31,6 +31,12 @@ int f9_file(int cipher,
unsigned char *out, unsigned long *outlen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(cipher);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(fname);
LTC_UNUSED_PARAM(out);
LTC_UNUSED_PARAM(outlen);
return CRYPT_NOP;
#else
size_t x;

7
libtomcrypt/src/mac/hmac/hmac_file.c
View File

@@ -30,7 +30,12 @@ int hmac_file(int hash, const char *fname,
unsigned char *out, unsigned long *outlen)
{
#ifdef LTC_NO_FILE
(void)hash; (void)fname; (void)key; (void)keylen; (void)out; (void)outlen;
LTC_UNUSED_PARAM(hash);
LTC_UNUSED_PARAM(fname);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(out);
LTC_UNUSED_PARAM(outlen);
return CRYPT_NOP;
#else
hmac_state hmac;

6
libtomcrypt/src/mac/omac/omac_file.c
View File

@@ -31,6 +31,12 @@ int omac_file(int cipher,
unsigned char *out, unsigned long *outlen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(cipher);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(filename);
LTC_UNUSED_PARAM(out);
LTC_UNUSED_PARAM(outlen);
return CRYPT_NOP;
#else
size_t x;

6
libtomcrypt/src/mac/pmac/pmac_file.c
View File

@@ -31,6 +31,12 @@ int pmac_file(int cipher,
unsigned char *out, unsigned long *outlen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(cipher);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(filename);
LTC_UNUSED_PARAM(out);
LTC_UNUSED_PARAM(outlen);
return CRYPT_NOP;
#else
size_t x;

5
libtomcrypt/src/mac/poly1305/poly1305_file.c
View File

@@ -28,6 +28,11 @@
int poly1305_file(const char *fname, const unsigned char *key, unsigned long keylen, unsigned char *mac, unsigned long *maclen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(fname);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(mac);
LTC_UNUSED_PARAM(maclen);
return CRYPT_NOP;
#else
poly1305_state st;

6
libtomcrypt/src/mac/xcbc/xcbc_file.c
View File

@@ -31,6 +31,12 @@ int xcbc_file(int cipher,
unsigned char *out, unsigned long *outlen)
{
#ifdef LTC_NO_FILE
LTC_UNUSED_PARAM(cipher);
LTC_UNUSED_PARAM(key);
LTC_UNUSED_PARAM(keylen);
LTC_UNUSED_PARAM(filename);
LTC_UNUSED_PARAM(out);
LTC_UNUSED_PARAM(outlen);
return CRYPT_NOP;
#else
size_t x;

1
libtomcrypt/src/math/multi.c
View File

@@ -67,7 +67,6 @@ void ltc_cleanup_multi(void **a, ...)
cur = va_arg(args, void**);
}
va_end(args);
return;
}
#endif

2
libtomcrypt/src/math/rand_bn.c
View File

@@ -8,7 +8,7 @@
*/
#include "tomcrypt.h"
#ifdef LTC_MDSA
#if defined(LTC_MDSA) || defined(LTC_MECC)
/**
Generate a random number N with given bitlength (note: MSB can be 0)
*/

1
libtomcrypt/src/misc/crypt/crypt.c
View File

@@ -399,6 +399,7 @@ const char *crypt_build_settings =
#endif
#if defined(LTC_DER)
" DER "
" " NAME_VALUE(LTC_DER_MAX_RECURSION) " "
#endif
#if defined(LTC_PKCS_1)
" PKCS#1 "

29
libtomcrypt/src/misc/crypt/crypt_constants.c
View File

@@ -111,6 +111,7 @@ static const crypt_constant _crypt_constants[] = {
#ifdef LTC_DER
/* DER handling */
{"LTC_DER", 1},
_C_STRINGIFY(LTC_ASN1_EOL),
_C_STRINGIFY(LTC_ASN1_BOOLEAN),
_C_STRINGIFY(LTC_ASN1_INTEGER),
@@ -132,6 +133,9 @@ static const crypt_constant _crypt_constants[] = {
_C_STRINGIFY(LTC_ASN1_CONSTRUCTED),
_C_STRINGIFY(LTC_ASN1_CONTEXT_SPECIFIC),
_C_STRINGIFY(LTC_ASN1_GENERALIZEDTIME),
_C_STRINGIFY(LTC_DER_MAX_RECURSION),
#else
{"LTC_DER", 0},
#endif
#ifdef LTC_CTR_MODE
@@ -248,20 +252,16 @@ int crypt_get_constant(const char* namein, int *valueout) {
int crypt_list_all_constants(char *names_list, unsigned int *names_list_size) {
int i;
unsigned int total_len = 0;
char number[32], *ptr;
char *ptr;
int number_len;
int count = sizeof(_crypt_constants) / sizeof(_crypt_constants[0]);
/* calculate amount of memory required for the list */
for (i=0; i<count; i++) {
total_len += (unsigned int)strlen(_crypt_constants[i].name) + 1;
/* the above +1 is for the commas */
number_len = snprintf(number, sizeof(number), "%d", _crypt_constants[i].value);
if ((number_len < 0) ||
((unsigned int)number_len >= sizeof(number)))
number_len = snprintf(NULL, 0, "%s,%d\n", _crypt_constants[i].name, _crypt_constants[i].value);
if (number_len < 0)
return -1;
total_len += number_len + 1;
/* this last +1 is for newlines (and ending NULL) */
total_len += number_len;
}
if (names_list == NULL) {
@@ -273,16 +273,11 @@ int crypt_list_all_constants(char *names_list, unsigned int *names_list_size) {
/* build the names list */
ptr = names_list;
for (i=0; i<count; i++) {
strcpy(ptr, _crypt_constants[i].name);
ptr += strlen(_crypt_constants[i].name);
strcpy(ptr, ",");
ptr += 1;
number_len = snprintf(number, sizeof(number), "%d", _crypt_constants[i].value);
strcpy(ptr, number);
number_len = snprintf(ptr, total_len, "%s,%d\n", _crypt_constants[i].name, _crypt_constants[i].value);
if (number_len < 0) return -1;
if ((unsigned int)number_len > total_len) return -1;
total_len -= number_len;
ptr += number_len;
strcpy(ptr, "\n");
ptr += 1;
}
/* to remove the trailing new-line */
ptr -= 1;

24
libtomcrypt/src/misc/crypt/crypt_sizes.c
View File

@@ -307,19 +307,16 @@ int crypt_get_size(const char* namein, unsigned int *sizeout) {
int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size) {
int i;
unsigned int total_len = 0;
char number[32], *ptr;
char *ptr;
int number_len;
int count = sizeof(_crypt_sizes) / sizeof(_crypt_sizes[0]);
/* calculate amount of memory required for the list */
for (i=0; i<count; i++) {
total_len += (unsigned int)strlen(_crypt_sizes[i].name) + 1;
/* the above +1 is for the commas */
number_len = snprintf(number, sizeof(number), "%u", _crypt_sizes[i].size);
if ((number_len < 0) ||
((unsigned int)number_len >= sizeof(number)))
number_len = snprintf(NULL, 0, "%s,%u\n", _crypt_sizes[i].name, _crypt_sizes[i].size);
if (number_len < 0)
return -1;
total_len += (unsigned int)strlen(number) + 1;
total_len += number_len;
/* this last +1 is for newlines (and ending NULL) */
}
@@ -332,16 +329,11 @@ int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size) {
/* build the names list */
ptr = names_list;
for (i=0; i<count; i++) {
strcpy(ptr, _crypt_sizes[i].name);
ptr += strlen(_crypt_sizes[i].name);
strcpy(ptr, ",");
ptr += 1;
number_len = snprintf(number, sizeof(number), "%u", _crypt_sizes[i].size);
strcpy(ptr, number);
number_len = snprintf(ptr, total_len, "%s,%u\n", _crypt_sizes[i].name, _crypt_sizes[i].size);
if (number_len < 0) return -1;
if ((unsigned int)number_len > total_len) return -1;
total_len -= number_len;
ptr += number_len;
strcpy(ptr, "\n");
ptr += 1;
}
/* to remove the trailing new-line */
ptr -= 1;

93
libtomcrypt/src/modes/ctr/ctr_encrypt.c
View File

@@ -17,47 +17,17 @@
#ifdef LTC_CTR_MODE
/**
CTR encrypt
CTR encrypt software implementation
@param pt Plaintext
@param ct [out] Ciphertext
@param len Length of plaintext (octets)
@param ctr CTR state
@return CRYPT_OK if successful
*/
int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr)
static int _ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr)
{
int x, err;
LTC_ARGCHK(pt != NULL);
LTC_ARGCHK(ct != NULL);
LTC_ARGCHK(ctr != NULL);
if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) {
return err;
}
/* is blocklen/padlen valid? */
if (ctr->blocklen < 1 || ctr->blocklen > (int)sizeof(ctr->ctr) ||
ctr->padlen < 0 || ctr->padlen > (int)sizeof(ctr->pad)) {
return CRYPT_INVALID_ARG;
}
#ifdef LTC_FAST
if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) {
return CRYPT_INVALID_ARG;
}
#endif
/* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */
if ((ctr->padlen == ctr->blocklen) && cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL && (len >= (unsigned long)ctr->blocklen)) {
if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) {
return err;
}
pt += (len / ctr->blocklen) * ctr->blocklen;
ct += (len / ctr->blocklen) * ctr->blocklen;
len %= ctr->blocklen;
}
while (len) {
/* is the pad empty? */
if (ctr->padlen == ctr->blocklen) {
@@ -87,7 +57,7 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
ctr->padlen = 0;
}
#ifdef LTC_FAST
if (ctr->padlen == 0 && len >= (unsigned long)ctr->blocklen) {
if ((ctr->padlen == 0) && (len >= (unsigned long)ctr->blocklen)) {
for (x = 0; x < ctr->blocklen; x += sizeof(LTC_FAST_TYPE)) {
*(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ct + x)) = *(LTC_FAST_TYPE_PTR_CAST((unsigned char *)pt + x)) ^
*(LTC_FAST_TYPE_PTR_CAST((unsigned char *)ctr->pad + x));
@@ -105,6 +75,63 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
return CRYPT_OK;
}
/**
CTR encrypt
@param pt Plaintext
@param ct [out] Ciphertext
@param len Length of plaintext (octets)
@param ctr CTR state
@return CRYPT_OK if successful
*/
int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CTR *ctr)
{
int err, fr;
LTC_ARGCHK(pt != NULL);
LTC_ARGCHK(ct != NULL);
LTC_ARGCHK(ctr != NULL);
if ((err = cipher_is_valid(ctr->cipher)) != CRYPT_OK) {
return err;
}
/* is blocklen/padlen valid? */
if ((ctr->blocklen < 1) || (ctr->blocklen > (int)sizeof(ctr->ctr)) ||
(ctr->padlen < 0) || (ctr->padlen > (int)sizeof(ctr->pad))) {
return CRYPT_INVALID_ARG;
}
#ifdef LTC_FAST
if (ctr->blocklen % sizeof(LTC_FAST_TYPE)) {
return CRYPT_INVALID_ARG;
}
#endif
/* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */
if ((cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL) && (len >= (unsigned long)ctr->blocklen)) {
if (ctr->padlen < ctr->blocklen) {
fr = ctr->blocklen - ctr->padlen;
if ((err = _ctr_encrypt(pt, ct, fr, ctr)) != CRYPT_OK) {
return err;
}
pt += fr;
ct += fr;
len -= fr;
}
if (len >= (unsigned long)ctr->blocklen) {
if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) {
return err;
}
pt += (len / ctr->blocklen) * ctr->blocklen;
ct += (len / ctr->blocklen) * ctr->blocklen;
len %= ctr->blocklen;
}
}
return _ctr_encrypt(pt, ct, len, ctr);
}
#endif
/* ref: $Format:%D$ */

15
libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
View File

@@ -79,8 +79,8 @@ static int _new_element(ltc_asn1_list **l)
*/
int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out)
{
ltc_asn1_list *l;
unsigned long err, type, len, totlen, data_offset;
ltc_asn1_list *l, *t;
unsigned long err, type, len, totlen, data_offset, len_len;
void *realloc_tmp;
LTC_ARGCHK(in != NULL);
@@ -407,6 +407,17 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc
l->child->parent = l;
}
t = l;
len_len = 0;
while((t != NULL) && (t->child != NULL)) {
len_len++;
t = t->child;
}
if (len_len > LTC_DER_MAX_RECURSION) {
err = CRYPT_ERROR;
goto error;
}
break;
case 0x80: /* Context-specific */

2
libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
View File

@@ -80,7 +80,7 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
}
if ((alg_id[0].size != oid.OIDlen) ||
XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) {
XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0])) != 0) {
/* OID mismatch */
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;

2
libtomcrypt/src/pk/dsa/dsa_export.c
View File

@@ -69,7 +69,7 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
}
} else {
if (std) {
unsigned long tmplen = (mp_count_bits(key->y) / 8) + 8;
unsigned long tmplen = (unsigned long)(mp_count_bits(key->y) / 8) + 8;
unsigned char* tmp = XMALLOC(tmplen);
ltc_asn1_list int_list[3];

4
libtomcrypt/src/pk/dsa/dsa_generate_pqg.c
View File

@@ -72,8 +72,8 @@ static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int mod
*/
seedbytes = group_size;
L = modulus_size * 8;
N = group_size * 8;
L = (unsigned long)modulus_size * 8;
N = (unsigned long)group_size * 8;
/* XXX-TODO no Lucas test */
#ifdef LTC_MPI_HAS_LUCAS_TEST

17
libtomcrypt/src/pk/ecc/ecc_sign_hash.c
View File

@@ -21,7 +21,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
prng_state *prng, int wprng, ecc_key *key, int sigformat)
{
ecc_key pubkey;
void *r, *s, *e, *p;
void *r, *s, *e, *p, *b;
int err, max_iterations = LTC_PK_MAX_RETRIES;
unsigned long pbits, pbytes, i, shift_right;
unsigned char ch, buf[MAXBLOCKSIZE];
@@ -46,7 +46,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
}
/* init the bignums */
if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) {
if ((err = mp_init_multi(&r, &s, &p, &e, &b, NULL)) != CRYPT_OK) {
return err;
}
if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; }
@@ -82,12 +82,15 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
if (mp_iszero(r) == LTC_MP_YES) {
ecc_free(&pubkey);
} else {
if ((err = rand_bn_upto(b, p, prng, wprng)) != CRYPT_OK) { goto error; } /* b = blinding value */
/* find s = (e + xr)/k */
if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/k */
if ((err = mp_mulmod(pubkey.k, b, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = kb */
if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/kb */
if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */
if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e + xr */
if ((err = mp_mod(s, p, s)) != CRYPT_OK) { goto error; } /* s = e + xr */
if ((err = mp_mulmod(s, pubkey.k, p, s)) != CRYPT_OK) { goto error; } /* s = (e + xr)/k */
if ((err = mp_mulmod(pubkey.k, s, p, s)) != CRYPT_OK) { goto error; } /* s = xr/kb */
if ((err = mp_mulmod(pubkey.k, e, p, e)) != CRYPT_OK) { goto error; } /* e = e/kb */
if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e/kb + xr/kb */
if ((err = mp_mulmod(s, b, p, s)) != CRYPT_OK) { goto error; } /* s = b(e/kb + xr/kb) = (e + xr)/k */
ecc_free(&pubkey);
if (mp_iszero(s) == LTC_MP_NO) {
break;
@@ -121,7 +124,7 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
error:
ecc_free(&pubkey);
errnokey:
mp_clear_multi(r, s, p, e, NULL);
mp_clear_multi(r, s, p, e, b, NULL);
return err;
}

2
libtomcrypt/src/pk/rsa/rsa_export.c
View File

@@ -58,7 +58,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
unsigned char* tmp = NULL;
if (type & PK_STD) {
tmplen = (mp_count_bits(key->N)/8)*2+8;
tmplen = (unsigned long)(mp_count_bits(key->N) / 8) * 2 + 8;
tmp = XMALLOC(tmplen);
ptmplen = &tmplen;
if (tmp == NULL) {

2
libtomcrypt/src/pk/rsa/rsa_import_pkcs8.c
View File

@@ -114,7 +114,7 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen,
/* check alg oid */
if ((alg_seq[0].size != rsaoid.OIDlen) ||
XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0]))) {
XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0])) != 0) {
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
}

72
libtomcrypt/src/prngs/fortuna.c
View File

@@ -66,9 +66,9 @@ static int _fortuna_reseed(prng_state *prng)
{
unsigned char tmp[MAXBLOCKSIZE];
hash_state md;
ulong64 reset_cnt;
int err, x;
++prng->fortuna.reset_cnt;
/* new K == LTC_SHA256(K || s) where s == LTC_SHA256(P0) || LTC_SHA256(P1) ... */
sha256_init(&md);
@@ -77,8 +77,10 @@ static int _fortuna_reseed(prng_state *prng)
return err;
}
reset_cnt = prng->fortuna.reset_cnt + 1;
for (x = 0; x < LTC_FORTUNA_POOLS; x++) {
if (x == 0 || ((prng->fortuna.reset_cnt >> (x-1)) & 1) == 0) {
if (x == 0 || ((reset_cnt >> (x-1)) & 1) == 0) {
/* terminate this hash */
if ((err = sha256_done(&prng->fortuna.pool[x], tmp)) != CRYPT_OK) {
sha256_done(&md, tmp);
@@ -108,9 +110,10 @@ static int _fortuna_reseed(prng_state *prng)
}
_fortuna_update_iv(prng);
/* reset pool len */
/* reset/update internals */
prng->fortuna.pool0_len = 0;
prng->fortuna.wd = 0;
prng->fortuna.reset_cnt = reset_cnt;
#ifdef LTC_CLEAN_STACK
@@ -121,6 +124,46 @@ static int _fortuna_reseed(prng_state *prng)
return CRYPT_OK;
}
/**
"Update Seed File"-compliant update of K
@param in The PRNG state
@param inlen Size of the state
@param prng The PRNG to import
@return CRYPT_OK if successful
*/
static int _fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng)
{
int err;
unsigned char tmp[MAXBLOCKSIZE];
hash_state md;
LTC_MUTEX_LOCK(&prng->lock);
/* new K = LTC_SHA256(K || in) */
sha256_init(&md);
if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) {
sha256_done(&md, tmp);
goto LBL_UNLOCK;
}
if ((err = sha256_process(&md, in, inlen)) != CRYPT_OK) {
sha256_done(&md, tmp);
goto LBL_UNLOCK;
}
/* finish key */
if ((err = sha256_done(&md, prng->fortuna.K)) != CRYPT_OK) {
goto LBL_UNLOCK;
}
_fortuna_update_iv(prng);
LBL_UNLOCK:
LTC_MUTEX_UNLOCK(&prng->lock);
#ifdef LTC_CLEAN_STACK
zeromem(&md, sizeof(md));
#endif
return err;
}
/**
Start the PRNG
@param prng [out] The PRNG state to initialize
@@ -245,12 +288,17 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state
}
/* do we have to reseed? */
if (++prng->fortuna.wd == LTC_FORTUNA_WD || prng->fortuna.pool0_len >= 64) {
if ((++prng->fortuna.wd == LTC_FORTUNA_WD) && (prng->fortuna.pool0_len >= 64)) {
if (_fortuna_reseed(prng) != CRYPT_OK) {
goto LBL_UNLOCK;
}
}
/* ensure that one reseed happened before allowing to read */
if (prng->fortuna.reset_cnt == 0) {
goto LBL_UNLOCK;
}
/* now generate the blocks required */
tlen = outlen;
@@ -404,10 +452,10 @@ LBL_UNLOCK:
*/
int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng)
{
int err, x;
int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(prng != NULL);
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(prng != NULL);
if (inlen < (unsigned long)fortuna_desc.export_size) {
return CRYPT_INVALID_ARG;
@@ -416,12 +464,12 @@ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prn
if ((err = fortuna_start(prng)) != CRYPT_OK) {
return err;
}
for (x = 0; x < LTC_FORTUNA_POOLS; x++) {
if ((err = fortuna_add_entropy(in+x*32, 32, prng)) != CRYPT_OK) {
return err;
}
if ((err = _fortuna_update_seed(in, inlen, prng)) != CRYPT_OK) {
return err;
}
return CRYPT_OK;
return err;
}
/**

2
libtomcrypt/src/prngs/sober128.c
View File

@@ -189,7 +189,7 @@ int sober128_import(const unsigned char *in, unsigned long inlen, prng_state *pr
if (inlen < (unsigned long)sober128_desc.export_size) return CRYPT_INVALID_ARG;
if ((err = sober128_start(prng)) != CRYPT_OK) return err;
if ((err = sober128_add_entropy(in, sober128_desc.export_size, prng)) != CRYPT_OK) return err;
if ((err = sober128_add_entropy(in, inlen, prng)) != CRYPT_OK) return err;
return CRYPT_OK;
}