oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add tfm dh (and some missing files)

Browse Source
This commit is contained in:
Love Hornquist Astrand
2010-05-26 10:27:32 -05:00
parent b09eac50ee
commit 658d110d4a
8 changed files with 46 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/hcrypto/Makefile.am
View File

@@ -107,6 +107,7 @@ libhcrypto_la_SOURCES = \
dh.c \ dh.c \
dh.h \ dh.h \
dh-imath.c \ dh-imath.c \
dh-tfm.c \
dsa.c \ dsa.c \
dsa.h \ dsa.h \
doxygen.c \ doxygen.c \
@@ -171,6 +172,7 @@ tfmsource = \
tomsfastmath/src/addsub/fp_submod.c \ tomsfastmath/src/addsub/fp_submod.c \
tomsfastmath/src/addsub/s_fp_add.c \ tomsfastmath/src/addsub/s_fp_add.c \
tomsfastmath/src/addsub/s_fp_sub.c \ tomsfastmath/src/addsub/s_fp_sub.c \
tomsfastmath/src/bin/fp_init_multi.c \
tomsfastmath/src/bin/fp_radix_size.c \ tomsfastmath/src/bin/fp_radix_size.c \
tomsfastmath/src/bin/fp_read_radix.c \ tomsfastmath/src/bin/fp_read_radix.c \
tomsfastmath/src/bin/fp_read_signed_bin.c \ tomsfastmath/src/bin/fp_read_signed_bin.c \
@@ -221,6 +223,7 @@ tfmsource = \
tomsfastmath/src/mul/fp_mul_comba_small_set.c \ tomsfastmath/src/mul/fp_mul_comba_small_set.c \
tomsfastmath/src/mul/fp_mul_d.c \ tomsfastmath/src/mul/fp_mul_d.c \
tomsfastmath/src/mul/fp_mulmod.c \ tomsfastmath/src/mul/fp_mulmod.c \
tomsfastmath/src/numtheory/fp_find_prime.c \
tomsfastmath/src/numtheory/fp_gcd.c \ tomsfastmath/src/numtheory/fp_gcd.c \
tomsfastmath/src/numtheory/fp_invmod.c \ tomsfastmath/src/numtheory/fp_invmod.c \
tomsfastmath/src/numtheory/fp_isprime.c \ tomsfastmath/src/numtheory/fp_isprime.c \

34
lib/hcrypto/dh-tfm.c
View File

@@ -82,7 +82,7 @@ mpz2BN(fp_int *s)
#define DH_NUM_TRIES 10 #define DH_NUM_TRIES 10
static int static int
dh_generate_key(DH *dh) tfm_dh_generate_key(DH *dh)
{ {
fp_int pub, priv_key, g, p; fp_int pub, priv_key, g, p;
int have_private_key = (dh->priv_key != NULL); int have_private_key = (dh->priv_key != NULL);
@@ -122,7 +122,7 @@ dh_generate_key(DH *dh)
fp_zero(&priv_key); fp_zero(&priv_key);
fp_zero(&g); fp_zero(&g);
fp_zero(&p); fp_zero(&p);
if (res != FP_YES) if (res != 0)
continue; continue;
dh->pub_key = mpz2BN(&pub); dh->pub_key = mpz2BN(&pub);
@@ -152,10 +152,11 @@ dh_generate_key(DH *dh)
} }
static int static int
dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh) tfm_dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh)
{ {
fp_int s, priv_key, p, peer_pub; fp_int s, priv_key, p, peer_pub;
size_t size = 0; size_t size = 0;
int ret;
if (dh->pub_key == NULL || dh->g == NULL || dh->priv_key == NULL) if (dh->pub_key == NULL || dh->g == NULL || dh->priv_key == NULL)
return -1; return -1;
@@ -181,12 +182,15 @@ dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh)
fp_init(&s); fp_init(&s);
fp_exptmod(&peer_pub, &priv_key, &p, &s); ret = fp_exptmod(&peer_pub, &priv_key, &p, &s);
fp_zero(&p); fp_zero(&p);
fp_zero(&peer_pub); fp_zero(&peer_pub);
fp_zero(&priv_key); fp_zero(&priv_key);
if (ret != 0)
return -1;
size = fp_unsigned_bin_size(&s); size = fp_unsigned_bin_size(&s);
fp_to_unsigned_bin(&s, shared); fp_to_unsigned_bin(&s, shared);
fp_zero(&s); fp_zero(&s);
@@ -195,20 +199,20 @@ dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh)
} }
static int static int
dh_generate_params(DH *dh, int a, int b, BN_GENCB *callback) tfm_dh_generate_params(DH *dh, int a, int b, BN_GENCB *callback)
{ {
/* groups should already be known, we don't care about this */ /* groups should already be known, we don't care about this */
return 0; return 0;
} }
static int static int
dh_init(DH *dh) tfm_dh_init(DH *dh)
{ {
return 1; return 1;
} }
static int static int
dh_finish(DH *dh) tfm_dh_finish(DH *dh)
{ {
return 1; return 1;
} }
@@ -218,16 +222,16 @@ dh_finish(DH *dh)
* *
*/ */
const DH_METHOD _hc_dh_imath_method = { const DH_METHOD _hc_dh_tfm_method = {
"hcrypto imath DH", "hcrypto tfm DH",
dh_generate_key, tfm_dh_generate_key,
dh_compute_key, tfm_dh_compute_key,
NULL, NULL,
dh_init, tfm_dh_init,
dh_finish, tfm_dh_finish,
0, 0,
NULL, NULL,
dh_generate_params tfm_dh_generate_params
}; };
/** /**
@@ -241,5 +245,5 @@ const DH_METHOD _hc_dh_imath_method = {
const DH_METHOD * const DH_METHOD *
DH_tfm_method(void) DH_tfm_method(void)
{ {
return &_hc_dh_imath_method; return &_hc_dh_tfm_method;
} }

2
lib/hcrypto/dh.h
View File

@@ -41,6 +41,7 @@
/* symbol renaming */ /* symbol renaming */
#define DH_null_method hc_DH_null_method #define DH_null_method hc_DH_null_method
#define DH_imath_method hc_DH_imath_method #define DH_imath_method hc_DH_imath_method
#define DH_tfm_method hc_DH_tfm_method
#define DH_new hc_DH_new #define DH_new hc_DH_new
#define DH_new_method hc_DH_new_method #define DH_new_method hc_DH_new_method
#define DH_free hc_DH_free #define DH_free hc_DH_free
@@ -114,6 +115,7 @@ struct DH {
*/ */
const DH_METHOD *DH_null_method(void); const DH_METHOD *DH_null_method(void);
const DH_METHOD *DH_tfm_method(void);
const DH_METHOD *DH_imath_method(void); const DH_METHOD *DH_imath_method(void);
DH * DH_new(void); DH * DH_new(void);

4
lib/hcrypto/engine.c
View File

@@ -222,8 +222,8 @@ ENGINE_load_builtin_engines(void)
ENGINE_set_id(engine, "builtin"); ENGINE_set_id(engine, "builtin");
ENGINE_set_name(engine, ENGINE_set_name(engine,
"Heimdal crypto builtin engine version " PACKAGE_VERSION); "Heimdal crypto builtin engine version " PACKAGE_VERSION);
ENGINE_set_RSA(engine, RSA_imath_method()); ENGINE_set_RSA(engine, RSA_tfm_method());
ENGINE_set_DH(engine, DH_imath_method()); ENGINE_set_DH(engine, DH_tfm_method());
ret = add_engine(engine); ret = add_engine(engine);
if (ret != 1) if (ret != 1)

1
lib/hcrypto/libhcrypto-exports.def
View File

@@ -66,6 +66,7 @@ EXPORTS
hc_DH_get_default_method hc_DH_get_default_method
hc_DH_get_ex_data hc_DH_get_ex_data
hc_DH_imath_method hc_DH_imath_method
hc_DH_tfm_method
; hc_DH_gmp_method ; hc_DH_gmp_method
hc_DH_new hc_DH_new
hc_DH_new_method hc_DH_new_method

59
lib/hcrypto/rsa-tfm.c
View File

@@ -87,9 +87,7 @@ tfm_rsa_private_calculate(fp_int * in, fp_int * p, fp_int * q,
fp_mul(&u, q, &u); fp_mul(&u, q, &u);
fp_add(&u, &vq, out); fp_add(&u, &vq, out);
fp_zero(&vp); fp_zero_multi(&vp, &vq, &u, NULL);
fp_zero(&vq);
fp_zero(&u);
return 0; return 0;
} }
@@ -120,8 +118,7 @@ tfm_rsa_public_encrypt(int flen, const unsigned char* from,
p = p0 = malloc(size - 1); p = p0 = malloc(size - 1);
if (p0 == NULL) { if (p0 == NULL) {
fp_zero(&e); fp_zero_multi(&e, &n, NULL);
fp_zero(&n);
return -3; return -3;
} }
@@ -129,8 +126,7 @@ tfm_rsa_public_encrypt(int flen, const unsigned char* from,
*p++ = 2; *p++ = 2;
if (RAND_bytes(p, padlen) != 1) { if (RAND_bytes(p, padlen) != 1) {
fp_zero(&e); fp_zero_multi(&e, &n, NULL);
fp_zero(&n);
free(p0); free(p0);
return -4; return -4;
} }
@@ -151,9 +147,7 @@ tfm_rsa_public_encrypt(int flen, const unsigned char* from,
res = fp_exptmod(&dec, &e, &n, &enc); res = fp_exptmod(&dec, &e, &n, &enc);
fp_zero(&dec); fp_zero_multi(&dec, &e, &n, NULL);
fp_zero(&e);
fp_zero(&n);
if (res != 0) if (res != 0)
return -4; return -4;
@@ -191,8 +185,7 @@ tfm_rsa_public_decrypt(int flen, const unsigned char* from,
#if 0 #if 0
/* Check that the exponent is larger then 3 */ /* Check that the exponent is larger then 3 */
if (mp_int_compare_value(&e, 3) <= 0) { if (mp_int_compare_value(&e, 3) <= 0) {
fp_zero(&n); fp_zero_multi(&e, &n, NULL);
fp_zero(&e);
return -3; return -3;
} }
#endif #endif
@@ -201,16 +194,13 @@ tfm_rsa_public_decrypt(int flen, const unsigned char* from,
fp_read_unsigned_bin(&s, rk_UNCONST(from), flen); fp_read_unsigned_bin(&s, rk_UNCONST(from), flen);
if (fp_cmp(&s, &n) >= 0) { if (fp_cmp(&s, &n) >= 0) {
fp_zero(&n); fp_zero_multi(&e, &n, NULL);
fp_zero(&e);
return -4; return -4;
} }
res = fp_exptmod(&s, &e, &n, &us); res = fp_exptmod(&s, &e, &n, &us);
fp_zero(&s); fp_zero_multi(&s, &e, &n, NULL);
fp_zero(&n);
fp_zero(&e);
if (res != 0) if (res != 0)
return -5; return -5;
@@ -292,11 +282,7 @@ tfm_rsa_private_encrypt(int flen, const unsigned char* from,
res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out); res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out);
fp_zero(&p); fp_zero_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL);
fp_zero(&q);
fp_zero(&dmp1);
fp_zero(&dmq1);
fp_zero(&iqmp);
if (res != 0) { if (res != 0) {
size = -4; size = -4;
@@ -323,10 +309,7 @@ tfm_rsa_private_encrypt(int flen, const unsigned char* from,
} }
out: out:
fp_zero(&e); fp_zero_multi(&e, &n, &in, &out, NULL);
fp_zero(&n);
fp_zero(&in);
fp_zero(&out);
return size; return size;
} }
@@ -371,11 +354,7 @@ tfm_rsa_private_decrypt(int flen, const unsigned char* from,
res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out); res = tfm_rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out);
fp_zero(&p); fp_zero_multi(&p, &q, &dmp1, &dmq1, &iqmp, NULL);
fp_zero(&q);
fp_zero(&dmp1);
fp_zero(&dmq1);
fp_zero(&iqmp);
if (res != 0) { if (res != 0) {
size = -3; size = -3;
@@ -423,10 +402,7 @@ tfm_rsa_private_decrypt(int flen, const unsigned char* from,
memmove(to, ptr, size); memmove(to, ptr, size);
out: out:
fp_zero(&e); fp_zero_multi(&e, &n, &in, &out, NULL);
fp_zero(&n);
fp_zero(&in);
fp_zero(&out);
return size; return size;
} }
@@ -553,17 +529,8 @@ tfm_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
ret = 1; ret = 1;
out: out:
fp_zero(&el); fp_zero_multi(&el, &p, &q, &n, &d, &dmp1,
fp_zero(&p); &dmq1, &iqmp, &t1, &t2, &t3, NULL);
fp_zero(&q);
fp_zero(&n);
fp_zero(&d);
fp_zero(&dmp1);
fp_zero(&dmq1);
fp_zero(&iqmp);
fp_zero(&t1);
fp_zero(&t2);
fp_zero(&t3);
return ret; return ret;
} }

5
lib/hcrypto/tomsfastmath/src/headers/tfm.h
View File

@@ -301,7 +301,9 @@ const char *fp_ident(void);
/* initialize [or zero] an fp int */ /* initialize [or zero] an fp int */
#define fp_init(a) (void)memset((a), 0, sizeof(fp_int)) #define fp_init(a) (void)memset((a), 0, sizeof(fp_int))
void fp_init_multi(fp_int *a, ...);
#define fp_zero(a) fp_init(a) #define fp_zero(a) fp_init(a)
#define fp_zero_multi fp_init_multi
/* zero/even/odd ? */ /* zero/even/odd ? */
#define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO) #define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO)
@@ -425,6 +427,9 @@ void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result);
/* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime */ /* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime */
int fp_isprime(fp_int *a); int fp_isprime(fp_int *a);
/* given a, find a prime a that same and larger, that is a fp_isprime think is a prime */
int fp_find_prime(fp_int *a);
/* Primality generation flags */ /* Primality generation flags */
#define TFM_PRIME_BBS 0x0001 /* BBS style prime */ #define TFM_PRIME_BBS 0x0001 /* BBS style prime */
#define TFM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */ #define TFM_PRIME_SAFE 0x0002 /* Safe prime (p-1)/2 == prime */

1
lib/hcrypto/version-script.map
View File

@@ -69,6 +69,7 @@ HEIMDAL_CRYPTO_1.0 {
hc_DH_get_default_method; hc_DH_get_default_method;
hc_DH_get_ex_data; hc_DH_get_ex_data;
hc_DH_imath_method; hc_DH_imath_method;
hc_DH_tfm_method;
hc_DH_gmp_method; hc_DH_gmp_method;
hc_DH_new; hc_DH_new;
hc_DH_new_method; hc_DH_new_method;