From 658d110d4a20a48ab1cda334be4a1a294d4723f7 Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Wed, 26 May 2010 10:27:32 -0500 Subject: [PATCH] add tfm dh (and some missing files) --- lib/hcrypto/Makefile.am | 3 ++ lib/hcrypto/dh-tfm.c | 34 +++++++------ lib/hcrypto/dh.h | 2 + lib/hcrypto/engine.c | 4 +- lib/hcrypto/libhcrypto-exports.def | 1 + lib/hcrypto/rsa-tfm.c | 59 +++++----------------- lib/hcrypto/tomsfastmath/src/headers/tfm.h | 5 ++ lib/hcrypto/version-script.map | 1 + 8 files changed, 46 insertions(+), 63 deletions(-) diff --git a/lib/hcrypto/Makefile.am b/lib/hcrypto/Makefile.am index f94c242d8..9a5d08dc0 100644 --- a/lib/hcrypto/Makefile.am +++ b/lib/hcrypto/Makefile.am @@ -107,6 +107,7 @@ libhcrypto_la_SOURCES = \ dh.c \ dh.h \ dh-imath.c \ + dh-tfm.c \ dsa.c \ dsa.h \ doxygen.c \ @@ -171,6 +172,7 @@ tfmsource = \ tomsfastmath/src/addsub/fp_submod.c \ tomsfastmath/src/addsub/s_fp_add.c \ tomsfastmath/src/addsub/s_fp_sub.c \ + tomsfastmath/src/bin/fp_init_multi.c \ tomsfastmath/src/bin/fp_radix_size.c \ tomsfastmath/src/bin/fp_read_radix.c \ tomsfastmath/src/bin/fp_read_signed_bin.c \ @@ -221,6 +223,7 @@ tfmsource = \ tomsfastmath/src/mul/fp_mul_comba_small_set.c \ tomsfastmath/src/mul/fp_mul_d.c \ tomsfastmath/src/mul/fp_mulmod.c \ + tomsfastmath/src/numtheory/fp_find_prime.c \ tomsfastmath/src/numtheory/fp_gcd.c \ tomsfastmath/src/numtheory/fp_invmod.c \ tomsfastmath/src/numtheory/fp_isprime.c \ diff --git a/lib/hcrypto/dh-tfm.c b/lib/hcrypto/dh-tfm.c index 61305698e..f0fee9f14 100644 --- a/lib/hcrypto/dh-tfm.c +++ b/lib/hcrypto/dh-tfm.c @@ -82,7 +82,7 @@ mpz2BN(fp_int *s) #define DH_NUM_TRIES 10 static int -dh_generate_key(DH *dh) +tfm_dh_generate_key(DH *dh) { fp_int pub, priv_key, g, p; int have_private_key = (dh->priv_key != NULL); @@ -122,7 +122,7 @@ dh_generate_key(DH *dh) fp_zero(&priv_key); fp_zero(&g); fp_zero(&p); - if (res != FP_YES) + if (res != 0) continue; dh->pub_key = mpz2BN(&pub); @@ -152,10 +152,11 @@ dh_generate_key(DH *dh) } static int -dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh) +tfm_dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh) { fp_int s, priv_key, p, peer_pub; size_t size = 0; + int ret; if (dh->pub_key == NULL || dh->g == NULL || dh->priv_key == NULL) return -1; @@ -181,12 +182,15 @@ dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh) fp_init(&s); - fp_exptmod(&peer_pub, &priv_key, &p, &s); + ret = fp_exptmod(&peer_pub, &priv_key, &p, &s); fp_zero(&p); fp_zero(&peer_pub); fp_zero(&priv_key); + if (ret != 0) + return -1; + size = fp_unsigned_bin_size(&s); fp_to_unsigned_bin(&s, shared); fp_zero(&s); @@ -195,20 +199,20 @@ dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh) } static int -dh_generate_params(DH *dh, int a, int b, BN_GENCB *callback) +tfm_dh_generate_params(DH *dh, int a, int b, BN_GENCB *callback) { /* groups should already be known, we don't care about this */ return 0; } static int -dh_init(DH *dh) +tfm_dh_init(DH *dh) { return 1; } static int -dh_finish(DH *dh) +tfm_dh_finish(DH *dh) { return 1; } @@ -218,16 +222,16 @@ dh_finish(DH *dh) * */ -const DH_METHOD _hc_dh_imath_method = { - "hcrypto imath DH", - dh_generate_key, - dh_compute_key, +const DH_METHOD _hc_dh_tfm_method = { + "hcrypto tfm DH", + tfm_dh_generate_key, + tfm_dh_compute_key, NULL, - dh_init, - dh_finish, + tfm_dh_init, + tfm_dh_finish, 0, NULL, - dh_generate_params + tfm_dh_generate_params }; /** @@ -241,5 +245,5 @@ const DH_METHOD _hc_dh_imath_method = { const DH_METHOD * DH_tfm_method(void) { - return &_hc_dh_imath_method; + return &_hc_dh_tfm_method; } diff --git a/lib/hcrypto/dh.h b/lib/hcrypto/dh.h index 2522bfe39..87a201753 100644 --- a/lib/hcrypto/dh.h +++ b/lib/hcrypto/dh.h @@ -41,6 +41,7 @@ /* symbol renaming */ #define DH_null_method hc_DH_null_method #define DH_imath_method hc_DH_imath_method +#define DH_tfm_method hc_DH_tfm_method #define DH_new hc_DH_new #define DH_new_method hc_DH_new_method #define DH_free hc_DH_free @@ -114,6 +115,7 @@ struct DH { */ const DH_METHOD *DH_null_method(void); +const DH_METHOD *DH_tfm_method(void); const DH_METHOD *DH_imath_method(void); DH * DH_new(void); diff --git a/lib/hcrypto/engine.c b/lib/hcrypto/engine.c index 8066d59cf..ea3603b95 100644 --- a/lib/hcrypto/engine.c +++ b/lib/hcrypto/engine.c @@ -222,8 +222,8 @@ ENGINE_load_builtin_engines(void) ENGINE_set_id(engine, "builtin"); ENGINE_set_name(engine, "Heimdal crypto builtin engine version " PACKAGE_VERSION); - ENGINE_set_RSA(engine, RSA_imath_method()); - ENGINE_set_DH(engine, DH_imath_method()); + ENGINE_set_RSA(engine, RSA_tfm_method()); + ENGINE_set_DH(engine, DH_tfm_method()); ret = add_engine(engine); if (ret != 1) diff --git a/lib/hcrypto/libhcrypto-exports.def b/lib/hcrypto/libhcrypto-exports.def index e649efc9c..904d0f1a3 100644 --- a/lib/hcrypto/libhcrypto-exports.def +++ b/lib/hcrypto/libhcrypto-exports.def @@ -66,6 +66,7 @@ EXPORTS hc_DH_get_default_method hc_DH_get_ex_data hc_DH_imath_method + hc_DH_tfm_method ; hc_DH_gmp_method hc_DH_new hc_DH_new_method diff --git a/lib/hcrypto/rsa-tfm.c b/lib/hcrypto/rsa-tfm.c index a479ec673..cc69df534 100644 --- a/lib/hcrypto/rsa-tfm.c +++ b/lib/hcrypto/rsa-tfm.c @@ -87,9 +87,7 @@ tfm_rsa_private_calculate(fp_int * in, fp_int * p, fp_int * q, fp_mul(&u, q, &u); fp_add(&u, &vq, out); - fp_zero(&vp); - fp_zero(&vq); - fp_zero(&u); + fp_zero_multi(&vp, &vq, &u, NULL); return 0; } @@ -120,8 +118,7 @@ tfm_rsa_public_encrypt(int flen, const unsigned char* from, p = p0 = malloc(size - 1); if (p0 == NULL) { - fp_zero(&e); - fp_zero(&n); + fp_zero_multi(&e, &n, NULL); return -3; } @@ -129,8 +126,7 @@ tfm_rsa_public_encrypt(int flen, const unsigned char* from, *p++ = 2; if (RAND_bytes(p, padlen) != 1) { - fp_zero(&e); - fp_zero(&n); + fp_zero_multi(&e, &n, NULL); free(p0); return -4; } @@ -151,9 +147,7 @@ tfm_rsa_public_encrypt(int flen, const unsigned char* from, res = fp_exptmod(&dec, &e, &n, &enc); - fp_zero(&dec); - fp_zero(&e); - fp_zero(&n); + fp_zero_multi(&dec, &e, &n, NULL); if (res != 0) return -4; @@ -191,8 +185,7 @@ tfm_rsa_public_decrypt(int flen, const unsigned char* from, #if 0 /* Check that the exponent is larger then 3 */ if (mp_int_compare_value(&e, 3) <= 0) { - fp_zero(&n); - fp_zero(&e); + fp_zero_multi(&e, &n, NULL); return -3; } #endif @@ -201,16 +194,13 @@ tfm_rsa_public_decrypt(int flen, const unsigned char* from, fp_read_unsigned_bin(&s, rk_UNCONST(from), flen); if (fp_cmp(&s, &n) >= 0) { - fp_zero(&n); - fp_zero(&e); + fp_zero_multi(&e, &n, NULL); return -4; } res = fp_exptmod(&s, &e, &n, &us); - fp_zero(&s); - fp_zero(&n); - fp_zero(&e); + fp_zero_multi(&s, &e, &n, NULL); if (res != 0) return -5; @@ -292,11 +282,7 @@ tfm_rsa_private_encrypt(int flen, const unsigned char* from, res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out); - fp_zero(&p); - fp_zero(&q); - fp_zero(&dmp1); - fp_zero(&dmq1); - fp_zero(&iqmp); + fp_zero_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL); if (res != 0) { size = -4; @@ -323,10 +309,7 @@ tfm_rsa_private_encrypt(int flen, const unsigned char* from, } out: - fp_zero(&e); - fp_zero(&n); - fp_zero(&in); - fp_zero(&out); + fp_zero_multi(&e, &n, &in, &out, NULL); return size; } @@ -371,11 +354,7 @@ tfm_rsa_private_decrypt(int flen, const unsigned char* from, res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out); - fp_zero(&p); - fp_zero(&q); - fp_zero(&dmp1); - fp_zero(&dmq1); - fp_zero(&iqmp); + fp_zero_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL); if (res != 0) { size = -3; @@ -423,10 +402,7 @@ tfm_rsa_private_decrypt(int flen, const unsigned char* from, memmove(to, ptr, size); out: - fp_zero(&e); - fp_zero(&n); - fp_zero(&in); - fp_zero(&out); + fp_zero_multi(&e, &n, &in, &out, NULL); return size; } @@ -553,17 +529,8 @@ tfm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb) ret = 1; out: - fp_zero(&el); - fp_zero(&p); - fp_zero(&q); - fp_zero(&n); - fp_zero(&d); - fp_zero(&dmp1); - fp_zero(&dmq1); - fp_zero(&iqmp); - fp_zero(&t1); - fp_zero(&t2); - fp_zero(&t3); + fp_zero_multi(&el, &p, &q, &n, &d, &dmp1, + &dmq1, &iqmp, &t1, &t2, &t3, NULL); return ret; } diff --git a/lib/hcrypto/tomsfastmath/src/headers/tfm.h b/lib/hcrypto/tomsfastmath/src/headers/tfm.h index 97115a265..6bd259f52 100644 --- a/lib/hcrypto/tomsfastmath/src/headers/tfm.h +++ b/lib/hcrypto/tomsfastmath/src/headers/tfm.h @@ -301,7 +301,9 @@ const char *fp_ident(void); /* initialize [or zero] an fp int */ #define fp_init(a) (void)memset((a), 0, sizeof(fp_int)) +void fp_init_multi(fp_int *a, ...); #define fp_zero(a) fp_init(a) +#define fp_zero_multi fp_init_multi /* zero/even/odd ? */ #define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO) @@ -425,6 +427,9 @@ void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result); /* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime */ int fp_isprime(fp_int *a); +/* given a, find a prime a that same and larger, that is a fp_isprime think is a prime */ +int fp_find_prime(fp_int *a); + /* Primality generation flags */ #define TFM_PRIME_BBS 0x0001 /* BBS style prime */ #define TFM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */ diff --git a/lib/hcrypto/version-script.map b/lib/hcrypto/version-script.map index ad0e01086..089eb5eb6 100644 --- a/lib/hcrypto/version-script.map +++ b/lib/hcrypto/version-script.map @@ -69,6 +69,7 @@ HEIMDAL_CRYPTO_1.0 { hc_DH_get_default_method; hc_DH_get_ex_data; hc_DH_imath_method; + hc_DH_tfm_method; hc_DH_gmp_method; hc_DH_new; hc_DH_new_method;