summaryrefslogtreecommitdiffhomepage
path: root/libtomcrypt/src/pk/dsa
diff options
context:
space:
mode:
authorMatt Johnston <matt@ucc.asn.au>2008-09-14 06:47:51 +0000
committerMatt Johnston <matt@ucc.asn.au>2008-09-14 06:47:51 +0000
commit1c72a35ddb79eede31657a450b8ba35aed24c79e (patch)
treee6f6ae8bac919e2696678d7a680dce410a1ea91a /libtomcrypt/src/pk/dsa
parentcdbe853595d1ba06be4127d86c60a9bc2e9e3545 (diff)
parent460bf4382257a262fda862f66d6fe97c749f5bb7 (diff)
propagate from branch 'au.asn.ucc.matt.dropbear' (head f21045c791002d81fc6b8dde6537ea481e513eb2)
to branch 'au.asn.ucc.matt.dropbear.dbclient-netcat-alike' (head d1f69334581dc4c35f9ca16aa5355074c9dd315d) --HG-- branch : dbclient-netcat-alike extra : convert_revision : 22bbe895accc3995b48f07b556e45d546ff1ce5d
Diffstat (limited to 'libtomcrypt/src/pk/dsa')
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_decrypt_key.c139
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_encrypt_key.c135
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_export.c24
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_free.c10
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_import.c33
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_make_key.c69
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_shared_secret.c72
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_sign_hash.c63
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_verify_hash.c52
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_verify_key.c50
10 files changed, 489 insertions, 158 deletions
diff --git a/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c b/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c
new file mode 100644
index 0000000..5cbedc6
--- /dev/null
+++ b/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c
@@ -0,0 +1,139 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+ @file dsa_decrypt_key.c
+ DSA Crypto, Tom St Denis
+*/
+
+#ifdef MDSA
+
+/**
+ Decrypt an DSA encrypted key
+ @param in The ciphertext
+ @param inlen The length of the ciphertext (octets)
+ @param out [out] The plaintext
+ @param outlen [in/out] The max size and resulting size of the plaintext
+ @param key The corresponding private DSA key
+ @return CRYPT_OK if successful
+*/
+int dsa_decrypt_key(const unsigned char *in, unsigned long inlen,
+ unsigned char *out, unsigned long *outlen,
+ dsa_key *key)
+{
+ unsigned char *skey, *expt;
+ void *g_pub;
+ unsigned long x, y, hashOID[32];
+ int hash, err;
+ ltc_asn1_list decode[3];
+
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(outlen != NULL);
+ LTC_ARGCHK(key != NULL);
+
+ /* right key type? */
+ if (key->type != PK_PRIVATE) {
+ return CRYPT_PK_NOT_PRIVATE;
+ }
+
+ /* decode to find out hash */
+ LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0]));
+
+ if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) {
+ return err;
+ }
+
+ hash = find_hash_oid(hashOID, decode[0].size);
+ if (hash_is_valid(hash) != CRYPT_OK) {
+ return CRYPT_INVALID_PACKET;
+ }
+
+ /* we now have the hash! */
+
+ if ((err = mp_init(&g_pub)) != CRYPT_OK) {
+ return err;
+ }
+
+ /* allocate memory */
+ expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1);
+ skey = XMALLOC(MAXBLOCKSIZE);
+ if (expt == NULL || skey == NULL) {
+ if (expt != NULL) {
+ XFREE(expt);
+ }
+ if (skey != NULL) {
+ XFREE(skey);
+ }
+ mp_clear(g_pub);
+ return CRYPT_MEM;
+ }
+
+ LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER, g_pub, 1UL);
+ LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE);
+
+ /* read the structure in now */
+ if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ /* make shared key */
+ x = mp_unsigned_bin_size(key->p) + 1;
+ if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ y = MIN(mp_unsigned_bin_size(key->p) + 1, MAXBLOCKSIZE);
+ if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ /* ensure the hash of the shared secret is at least as big as the encrypt itself */
+ if (decode[2].size > y) {
+ err = CRYPT_INVALID_PACKET;
+ goto LBL_ERR;
+ }
+
+ /* avoid buffer overflow */
+ if (*outlen < decode[2].size) {
+ *outlen = decode[2].size;
+ err = CRYPT_BUFFER_OVERFLOW;
+ goto LBL_ERR;
+ }
+
+ /* Decrypt the key */
+ for (x = 0; x < decode[2].size; x++) {
+ out[x] = expt[x] ^ skey[x];
+ }
+ *outlen = x;
+
+ err = CRYPT_OK;
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+ zeromem(expt, mp_unsigned_bin_size(key->p) + 1);
+ zeromem(skey, MAXBLOCKSIZE);
+#endif
+
+ XFREE(expt);
+ XFREE(skey);
+
+ mp_clear(g_pub);
+
+ return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
+
diff --git a/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c b/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c
new file mode 100644
index 0000000..cefa4de
--- /dev/null
+++ b/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c
@@ -0,0 +1,135 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+ @file dsa_encrypt_key.c
+ DSA Crypto, Tom St Denis
+*/
+
+#ifdef MDSA
+
+/**
+ Encrypt a symmetric key with DSA
+ @param in The symmetric key you want to encrypt
+ @param inlen The length of the key to encrypt (octets)
+ @param out [out] The destination for the ciphertext
+ @param outlen [in/out] The max size and resulting size of the ciphertext
+ @param prng An active PRNG state
+ @param wprng The index of the PRNG you wish to use
+ @param hash The index of the hash you want to use
+ @param key The DSA key you want to encrypt to
+ @return CRYPT_OK if successful
+*/
+int dsa_encrypt_key(const unsigned char *in, unsigned long inlen,
+ unsigned char *out, unsigned long *outlen,
+ prng_state *prng, int wprng, int hash,
+ dsa_key *key)
+{
+ unsigned char *expt, *skey;
+ void *g_pub, *g_priv;
+ unsigned long x, y;
+ int err;
+
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(outlen != NULL);
+ LTC_ARGCHK(key != NULL);
+
+ /* check that wprng/cipher/hash are not invalid */
+ if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+ return err;
+ }
+
+ if ((err = hash_is_valid(hash)) != CRYPT_OK) {
+ return err;
+ }
+
+ if (inlen > hash_descriptor[hash].hashsize) {
+ return CRYPT_INVALID_HASH;
+ }
+
+ /* make a random key and export the public copy */
+ if ((err = mp_init_multi(&g_pub, &g_priv, NULL)) != CRYPT_OK) {
+ return err;
+ }
+
+ expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1);
+ skey = XMALLOC(MAXBLOCKSIZE);
+ if (expt == NULL || skey == NULL) {
+ if (expt != NULL) {
+ XFREE(expt);
+ }
+ if (skey != NULL) {
+ XFREE(skey);
+ }
+ mp_clear_multi(g_pub, g_priv, NULL);
+ return CRYPT_MEM;
+ }
+
+ /* make a random x, g^x pair */
+ x = mp_unsigned_bin_size(key->q);
+ if (prng_descriptor[wprng].read(expt, x, prng) != x) {
+ err = CRYPT_ERROR_READPRNG;
+ goto LBL_ERR;
+ }
+
+ /* load x */
+ if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ /* compute y */
+ if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ /* make random key */
+ x = mp_unsigned_bin_size(key->p) + 1;
+ if ((err = dsa_shared_secret(g_priv, key->y, key, expt, &x)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ y = MAXBLOCKSIZE;
+ if ((err = hash_memory(hash, expt, x, skey, &y)) != CRYPT_OK) {
+ goto LBL_ERR;
+ }
+
+ /* Encrypt key */
+ for (x = 0; x < inlen; x++) {
+ skey[x] ^= in[x];
+ }
+
+ err = der_encode_sequence_multi(out, outlen,
+ LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID,
+ LTC_ASN1_INTEGER, 1UL, g_pub,
+ LTC_ASN1_OCTET_STRING, inlen, skey,
+ LTC_ASN1_EOL, 0UL, NULL);
+
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+ /* clean up */
+ zeromem(expt, mp_unsigned_bin_size(key->p) + 1);
+ zeromem(skey, MAXBLOCKSIZE);
+#endif
+
+ XFREE(skey);
+ XFREE(expt);
+
+ mp_clear_multi(g_pub, g_priv, NULL);
+ return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
+
diff --git a/libtomcrypt/src/pk/dsa/dsa_export.c b/libtomcrypt/src/pk/dsa/dsa_export.c
index 5a093d9..d882779 100644
--- a/libtomcrypt/src/pk/dsa/dsa_export.c
+++ b/libtomcrypt/src/pk/dsa/dsa_export.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -47,19 +47,19 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
if (type == PK_PRIVATE) {
return der_encode_sequence_multi(out, outlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, &key->g,
- LTC_ASN1_INTEGER, 1UL, &key->p,
- LTC_ASN1_INTEGER, 1UL, &key->q,
- LTC_ASN1_INTEGER, 1UL, &key->y,
- LTC_ASN1_INTEGER, 1UL, &key->x,
+ LTC_ASN1_INTEGER, 1UL, key->g,
+ LTC_ASN1_INTEGER, 1UL, key->p,
+ LTC_ASN1_INTEGER, 1UL, key->q,
+ LTC_ASN1_INTEGER, 1UL, key->y,
+ LTC_ASN1_INTEGER, 1UL, key->x,
LTC_ASN1_EOL, 0UL, NULL);
} else {
return der_encode_sequence_multi(out, outlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, &key->g,
- LTC_ASN1_INTEGER, 1UL, &key->p,
- LTC_ASN1_INTEGER, 1UL, &key->q,
- LTC_ASN1_INTEGER, 1UL, &key->y,
+ LTC_ASN1_INTEGER, 1UL, key->g,
+ LTC_ASN1_INTEGER, 1UL, key->p,
+ LTC_ASN1_INTEGER, 1UL, key->q,
+ LTC_ASN1_INTEGER, 1UL, key->y,
LTC_ASN1_EOL, 0UL, NULL);
}
}
@@ -68,5 +68,5 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_export.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/06/03 19:24:31 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_free.c b/libtomcrypt/src/pk/dsa/dsa_free.c
index 9157acb..92a1eb7 100644
--- a/libtomcrypt/src/pk/dsa/dsa_free.c
+++ b/libtomcrypt/src/pk/dsa/dsa_free.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -23,12 +23,12 @@
*/
void dsa_free(dsa_key *key)
{
- LTC_ARGCHK(key != NULL);
- mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL);
+ LTC_ARGCHKVD(key != NULL);
+ mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
}
#endif
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_free.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/09 01:38:13 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_import.c b/libtomcrypt/src/pk/dsa/dsa_import.c
index e81bac8..bb2272a 100644
--- a/libtomcrypt/src/pk/dsa/dsa_import.c
+++ b/libtomcrypt/src/pk/dsa/dsa_import.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -31,9 +31,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
/* init key */
- if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != MP_OKAY) {
+ if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) {
return CRYPT_MEM;
}
@@ -47,11 +48,11 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
if (flags[0] == 1) {
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, &key->g,
- LTC_ASN1_INTEGER, 1UL, &key->p,
- LTC_ASN1_INTEGER, 1UL, &key->q,
- LTC_ASN1_INTEGER, 1UL, &key->y,
- LTC_ASN1_INTEGER, 1UL, &key->x,
+ LTC_ASN1_INTEGER, 1UL, key->g,
+ LTC_ASN1_INTEGER, 1UL, key->p,
+ LTC_ASN1_INTEGER, 1UL, key->q,
+ LTC_ASN1_INTEGER, 1UL, key->y,
+ LTC_ASN1_INTEGER, 1UL, key->x,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto error;
}
@@ -59,31 +60,31 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
} else {
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, &key->g,
- LTC_ASN1_INTEGER, 1UL, &key->p,
- LTC_ASN1_INTEGER, 1UL, &key->q,
- LTC_ASN1_INTEGER, 1UL, &key->y,
+ LTC_ASN1_INTEGER, 1UL, key->g,
+ LTC_ASN1_INTEGER, 1UL, key->p,
+ LTC_ASN1_INTEGER, 1UL, key->q,
+ LTC_ASN1_INTEGER, 1UL, key->y,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto error;
}
key->type = PK_PUBLIC;
}
- key->qord = mp_unsigned_bin_size(&key->q);
+ key->qord = mp_unsigned_bin_size(key->q);
if (key->qord >= MDSA_MAX_GROUP || key->qord <= 15 ||
- key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= MDSA_DELTA) {
+ (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= MDSA_DELTA) {
err = CRYPT_INVALID_PACKET;
goto error;
}
return CRYPT_OK;
error:
- mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
+ mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL);
return err;
}
#endif
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_import.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/06/08 23:31:17 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_make_key.c b/libtomcrypt/src/pk/dsa/dsa_make_key.c
index 02f69e0..293e814 100644
--- a/libtomcrypt/src/pk/dsa/dsa_make_key.c
+++ b/libtomcrypt/src/pk/dsa/dsa_make_key.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -28,11 +28,12 @@
*/
int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
{
- mp_int tmp, tmp2;
+ void *tmp, *tmp2;
int err, res;
unsigned char *buf;
LTC_ARGCHK(key != NULL);
+ LTC_ARGCHK(ltc_mp.name != NULL);
/* check prng */
if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
@@ -52,21 +53,21 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
}
/* init mp_ints */
- if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != MP_OKAY) {
- err = mpi_to_ltc_error(err);
- goto LBL_ERR;
+ if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != CRYPT_OK) {
+ XFREE(buf);
+ return err;
}
/* make our prime q */
- if ((err = rand_prime(&key->q, group_size*8, prng, wprng)) != CRYPT_OK) { goto LBL_ERR; }
+ if ((err = rand_prime(key->q, group_size, prng, wprng)) != CRYPT_OK) { goto error; }
/* double q */
- if ((err = mp_mul_2(&key->q, &tmp)) != MP_OKAY) { goto error; }
+ if ((err = mp_add(key->q, key->q, tmp)) != CRYPT_OK) { goto error; }
/* now make a random string and multply it against q */
if (prng_descriptor[wprng].read(buf+1, modulus_size - group_size, prng) != (unsigned long)(modulus_size - group_size)) {
err = CRYPT_ERROR_READPRNG;
- goto LBL_ERR;
+ goto error;
}
/* force magnitude */
@@ -75,30 +76,30 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
/* force even */
buf[modulus_size - group_size - 1] &= ~1;
- if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size)) != MP_OKAY) { goto error; }
- if ((err = mp_mul(&key->q, &tmp2, &key->p)) != MP_OKAY) { goto error; }
- if ((err = mp_add_d(&key->p, 1, &key->p)) != MP_OKAY) { goto error; }
+ if ((err = mp_read_unsigned_bin(tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mul(key->q, tmp2, key->p)) != CRYPT_OK) { goto error; }
+ if ((err = mp_add_d(key->p, 1, key->p)) != CRYPT_OK) { goto error; }
/* now loop until p is prime */
for (;;) {
- if ((err = is_prime(&key->p, &res)) != CRYPT_OK) { goto LBL_ERR; }
- if (res == MP_YES) break;
+ if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { goto error; }
+ if (res == LTC_MP_YES) break;
/* add 2q to p and 2 to tmp2 */
- if ((err = mp_add(&tmp, &key->p, &key->p)) != MP_OKAY) { goto error; }
- if ((err = mp_add_d(&tmp2, 2, &tmp2)) != MP_OKAY) { goto error; }
+ if ((err = mp_add(tmp, key->p, key->p)) != CRYPT_OK) { goto error; }
+ if ((err = mp_add_d(tmp2, 2, tmp2)) != CRYPT_OK) { goto error; }
}
/* now p = (q * tmp2) + 1 is prime, find a value g for which g^tmp2 != 1 */
- mp_set(&key->g, 1);
+ mp_set(key->g, 1);
do {
- if ((err = mp_add_d(&key->g, 1, &key->g)) != MP_OKAY) { goto error; }
- if ((err = mp_exptmod(&key->g, &tmp2, &key->p, &tmp)) != MP_OKAY) { goto error; }
- } while (mp_cmp_d(&tmp, 1) == MP_EQ);
+ if ((err = mp_add_d(key->g, 1, key->g)) != CRYPT_OK) { goto error; }
+ if ((err = mp_exptmod(key->g, tmp2, key->p, tmp)) != CRYPT_OK) { goto error; }
+ } while (mp_cmp_d(tmp, 1) == LTC_MP_EQ);
/* at this point tmp generates a group of order q mod p */
- mp_exch(&tmp, &key->g);
+ mp_exch(tmp, key->g);
/* so now we have our DH structure, generator g, order q, modulus p
Now we need a random exponent [mod q] and it's power g^x mod p
@@ -106,22 +107,15 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
do {
if (prng_descriptor[wprng].read(buf, group_size, prng) != (unsigned long)group_size) {
err = CRYPT_ERROR_READPRNG;
- goto LBL_ERR;
+ goto error;
}
- if ((err = mp_read_unsigned_bin(&key->x, buf, group_size)) != MP_OKAY) { goto error; }
- } while (mp_cmp_d(&key->x, 1) != MP_GT);
- if ((err = mp_exptmod(&key->g, &key->x, &key->p, &key->y)) != MP_OKAY) { goto error; }
-
+ if ((err = mp_read_unsigned_bin(key->x, buf, group_size)) != CRYPT_OK) { goto error; }
+ } while (mp_cmp_d(key->x, 1) != LTC_MP_GT);
+ if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto error; }
+
key->type = PK_PRIVATE;
key->qord = group_size;
- /* shrink the ram required */
- if ((err = mp_shrink(&key->g)) != MP_OKAY) { goto error; }
- if ((err = mp_shrink(&key->p)) != MP_OKAY) { goto error; }
- if ((err = mp_shrink(&key->q)) != MP_OKAY) { goto error; }
- if ((err = mp_shrink(&key->x)) != MP_OKAY) { goto error; }
- if ((err = mp_shrink(&key->y)) != MP_OKAY) { goto error; }
-
#ifdef LTC_CLEAN_STACK
zeromem(buf, MDSA_DELTA);
#endif
@@ -129,12 +123,9 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
err = CRYPT_OK;
goto done;
error:
- err = mpi_to_ltc_error(err);
-LBL_ERR:
- mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL);
+ mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
done:
- mp_clear_multi(&tmp, &tmp2, NULL);
-
+ mp_clear_multi(tmp, tmp2, NULL);
XFREE(buf);
return err;
}
@@ -142,5 +133,5 @@ done:
#endif
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_make_key.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/11 05:45:35 $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_shared_secret.c b/libtomcrypt/src/pk/dsa/dsa_shared_secret.c
new file mode 100644
index 0000000..570d637
--- /dev/null
+++ b/libtomcrypt/src/pk/dsa/dsa_shared_secret.c
@@ -0,0 +1,72 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+ @file dsa_shared_secret.c
+ DSA Crypto, Tom St Denis
+*/
+
+#ifdef MDSA
+
+/**
+ Create a DSA shared secret between two keys
+ @param private_key The private DSA key (the exponent)
+ @param base The base of the exponentiation (allows this to be used for both encrypt and decrypt)
+ @param public_key The public key
+ @param out [out] Destination of the shared secret
+ @param outlen [in/out] The max size and resulting size of the shared secret
+ @return CRYPT_OK if successful
+*/
+int dsa_shared_secret(void *private_key, void *base,
+ dsa_key *public_key,
+ unsigned char *out, unsigned long *outlen)
+{
+ unsigned long x;
+ void *res;
+ int err;
+
+ LTC_ARGCHK(private_key != NULL);
+ LTC_ARGCHK(public_key != NULL);
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(outlen != NULL);
+
+ /* make new point */
+ if ((err = mp_init(&res)) != CRYPT_OK) {
+ return err;
+ }
+
+ if ((err = mp_exptmod(base, private_key, public_key->p, res)) != CRYPT_OK) {
+ mp_clear(res);
+ return err;
+ }
+
+ x = (unsigned long)mp_unsigned_bin_size(res);
+ if (*outlen < x) {
+ *outlen = x;
+ err = CRYPT_BUFFER_OVERFLOW;
+ goto done;
+ }
+ zeromem(out, x);
+ if ((err = mp_to_unsigned_bin(res, out + (x - mp_unsigned_bin_size(res)))) != CRYPT_OK) { goto done; }
+
+ err = CRYPT_OK;
+ *outlen = x;
+done:
+ mp_clear(res);
+ return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_shared_secret.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
+
diff --git a/libtomcrypt/src/pk/dsa/dsa_sign_hash.c b/libtomcrypt/src/pk/dsa/dsa_sign_hash.c
index 48d29a2..f84dd28 100644
--- a/libtomcrypt/src/pk/dsa/dsa_sign_hash.c
+++ b/libtomcrypt/src/pk/dsa/dsa_sign_hash.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -29,10 +29,10 @@
@return CRYPT_OK if successful
*/
int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
- mp_int *r, mp_int *s,
+ void *r, void *s,
prng_state *prng, int wprng, dsa_key *key)
{
- mp_int k, kinv, tmp;
+ void *k, *kinv, *tmp;
unsigned char *buf;
int err;
@@ -59,7 +59,7 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
}
/* Init our temps */
- if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != MP_OKAY) { goto error; }
+ if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != CRYPT_OK) { goto ERRBUF; }
retry:
@@ -67,43 +67,40 @@ retry:
/* gen random k */
if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) {
err = CRYPT_ERROR_READPRNG;
- goto LBL_ERR;
+ goto error;
}
/* read k */
- if ((err = mp_read_unsigned_bin(&k, buf, key->qord)) != MP_OKAY) { goto error; }
+ if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; }
/* k > 1 ? */
- if (mp_cmp_d(&k, 1) != MP_GT) { goto retry; }
+ if (mp_cmp_d(k, 1) != LTC_MP_GT) { goto retry; }
/* test gcd */
- if ((err = mp_gcd(&k, &key->q, &tmp)) != MP_OKAY) { goto error; }
- } while (mp_cmp_d(&tmp, 1) != MP_EQ);
+ if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; }
+ } while (mp_cmp_d(tmp, 1) != LTC_MP_EQ);
/* now find 1/k mod q */
- if ((err = mp_invmod(&k, &key->q, &kinv)) != MP_OKAY) { goto error; }
+ if ((err = mp_invmod(k, key->q, kinv)) != CRYPT_OK) { goto error; }
/* now find r = g^k mod p mod q */
- if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != MP_OKAY) { goto error; }
- if ((err = mp_mod(r, &key->q, r)) != MP_OKAY) { goto error; }
+ if ((err = mp_exptmod(key->g, k, key->p, r)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mod(r, key->q, r)) != CRYPT_OK) { goto error; }
- if (mp_iszero(r) == MP_YES) { goto retry; }
+ if (mp_iszero(r) == LTC_MP_YES) { goto retry; }
/* now find s = (in + xr)/k mod q */
- if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != MP_OKAY) { goto error; }
- if ((err = mp_mul(&key->x, r, s)) != MP_OKAY) { goto error; }
- if ((err = mp_add(s, &tmp, s)) != MP_OKAY) { goto error; }
- if ((err = mp_mulmod(s, &kinv, &key->q, s)) != MP_OKAY) { goto error; }
+ if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mul(key->x, r, s)) != CRYPT_OK) { goto error; }
+ if ((err = mp_add(s, tmp, s)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK) { goto error; }
- if (mp_iszero(s) == MP_YES) { goto retry; }
+ if (mp_iszero(s) == LTC_MP_YES) { goto retry; }
err = CRYPT_OK;
- goto LBL_ERR;
-
error:
- err = mpi_to_ltc_error(err);
-LBL_ERR:
- mp_clear_multi(&k, &kinv, &tmp, NULL);
+ mp_clear_multi(k, kinv, tmp, NULL);
+ERRBUF:
#ifdef LTC_CLEAN_STACK
zeromem(buf, MDSA_MAX_GROUP);
#endif
@@ -126,7 +123,7 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, dsa_key *key)
{
- mp_int r, s;
+ void *r, *s;
int err;
LTC_ARGCHK(in != NULL);
@@ -134,26 +131,26 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen,
LTC_ARGCHK(outlen != NULL);
LTC_ARGCHK(key != NULL);
- if (mp_init_multi(&r, &s, NULL) != MP_OKAY) {
+ if (mp_init_multi(&r, &s, NULL) != CRYPT_OK) {
return CRYPT_MEM;
}
- if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, prng, wprng, key)) != CRYPT_OK) {
- goto LBL_ERR;
+ if ((err = dsa_sign_hash_raw(in, inlen, r, s, prng, wprng, key)) != CRYPT_OK) {
+ goto error;
}
err = der_encode_sequence_multi(out, outlen,
- LTC_ASN1_INTEGER, 1UL, &r,
- LTC_ASN1_INTEGER, 1UL, &s,
+ LTC_ASN1_INTEGER, 1UL, r,
+ LTC_ASN1_INTEGER, 1UL, s,
LTC_ASN1_EOL, 0UL, NULL);
-LBL_ERR:
- mp_clear_multi(&r, &s, NULL);
+error:
+ mp_clear_multi(r, s, NULL);
return err;
}
#endif
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_sign_hash.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/05/15 21:48:59 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/12/04 22:27:56 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_verify_hash.c b/libtomcrypt/src/pk/dsa/dsa_verify_hash.c
index 11e5c33..0e8ff22 100644
--- a/libtomcrypt/src/pk/dsa/dsa_verify_hash.c
+++ b/libtomcrypt/src/pk/dsa/dsa_verify_hash.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -28,11 +28,11 @@
@param key The corresponding public DH key
@return CRYPT_OK if successful (even if the signature is invalid)
*/
-int dsa_verify_hash_raw( mp_int *r, mp_int *s,
+int dsa_verify_hash_raw( void *r, void *s,
const unsigned char *hash, unsigned long hashlen,
int *stat, dsa_key *key)
{
- mp_int w, v, u1, u2;
+ void *w, *v, *u1, *u2;
int err;
LTC_ARGCHK(r != NULL);
@@ -44,42 +44,40 @@ int dsa_verify_hash_raw( mp_int *r, mp_int *s,
*stat = 0;
/* init our variables */
- if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != MP_OKAY) {
- return mpi_to_ltc_error(err);
+ if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != CRYPT_OK) {
+ return err;
}
/* neither r or s can be null or >q*/
- if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
+ if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) {
err = CRYPT_INVALID_PACKET;
- goto done;
+ goto error;
}
/* w = 1/s mod q */
- if ((err = mp_invmod(s, &key->q, &w)) != MP_OKAY) { goto error; }
+ if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; }
/* u1 = m * w mod q */
- if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY) { goto error; }
- if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY) { goto error; }
+ if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; }
/* u2 = r*w mod q */
- if ((err = mp_mulmod(r, &w, &key->q, &u2)) != MP_OKAY) { goto error; }
+ if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; }
/* v = g^u1 * y^u2 mod p mod q */
- if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY) { goto error; }
- if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY) { goto error; }
- if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY) { goto error; }
- if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY) { goto error; }
+ if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; }
+ if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mod(v, key->q, v)) != CRYPT_OK) { goto error; }
/* if r = v then we're set */
- if (mp_cmp(r, &v) == MP_EQ) {
+ if (mp_cmp(r, v) == LTC_MP_EQ) {
*stat = 1;
}
err = CRYPT_OK;
- goto done;
-
-error : err = mpi_to_ltc_error(err);
-done : mp_clear_multi(&w, &v, &u1, &u2, NULL);
+error:
+ mp_clear_multi(w, v, u1, u2, NULL);
return err;
}
@@ -98,7 +96,7 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
int *stat, dsa_key *key)
{
int err;
- mp_int r, s;
+ void *r, *s;
if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) {
return CRYPT_MEM;
@@ -106,17 +104,17 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
/* decode the sequence */
if ((err = der_decode_sequence_multi(sig, siglen,
- LTC_ASN1_INTEGER, 1UL, &r,
- LTC_ASN1_INTEGER, 1UL, &s,
+ LTC_ASN1_INTEGER, 1UL, r,
+ LTC_ASN1_INTEGER, 1UL, s,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
/* do the op */
- err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key);
+ err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key);
LBL_ERR:
- mp_clear_multi(&r, &s, NULL);
+ mp_clear_multi(r, s, NULL);
return err;
}
@@ -124,5 +122,5 @@ LBL_ERR:
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/15 21:48:59 $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_verify_key.c b/libtomcrypt/src/pk/dsa/dsa_verify_key.c
index b7be103..27054d6 100644
--- a/libtomcrypt/src/pk/dsa/dsa_verify_key.c
+++ b/libtomcrypt/src/pk/dsa/dsa_verify_key.c
@@ -6,7 +6,7 @@
* The library is free for all purposes without any express
* guarantee it works.
*
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
*/
#include "tomcrypt.h"
@@ -25,7 +25,7 @@
*/
int dsa_verify_key(dsa_key *key, int *stat)
{
- mp_int tmp, tmp2;
+ void *tmp, *tmp2;
int res, err;
LTC_ARGCHK(key != NULL);
@@ -35,15 +35,14 @@ int dsa_verify_key(dsa_key *key, int *stat)
*stat = 0;
/* first make sure key->q and key->p are prime */
- if ((err = is_prime(&key->q, &res)) != CRYPT_OK) {
+ if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) {
return err;
}
if (res == 0) {
return CRYPT_OK;
}
-
- if ((err = is_prime(&key->p, &res)) != CRYPT_OK) {
+ if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) {
return err;
}
if (res == 0) {
@@ -51,52 +50,51 @@ int dsa_verify_key(dsa_key *key, int *stat)
}
/* now make sure that g is not -1, 0 or 1 and <p */
- if (mp_cmp_d(&key->g, 0) == MP_EQ || mp_cmp_d(&key->g, 1) == MP_EQ) {
+ if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) {
return CRYPT_OK;
}
- if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != MP_OKAY) { goto error; }
- if ((err = mp_sub_d(&key->p, 1, &tmp)) != MP_OKAY) { goto error; }
- if (mp_cmp(&tmp, &key->g) == MP_EQ || mp_cmp(&key->g, &key->p) != MP_LT) {
+ if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK) { return err; }
+ if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { goto error; }
+ if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) {
err = CRYPT_OK;
- goto done;
+ goto error;
}
/* 1 < y < p-1 */
- if (!(mp_cmp_d(&key->y, 1) == MP_GT && mp_cmp(&key->y, &tmp) == MP_LT)) {
+ if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) {
err = CRYPT_OK;
- goto done;
+ goto error;
}
/* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */
- if ((err = mp_div(&tmp, &key->q, &tmp, &tmp2)) != MP_OKAY) { goto error; }
- if (mp_iszero(&tmp2) != MP_YES) {
+ if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK) { goto error; }
+ if (mp_iszero(tmp2) != LTC_MP_YES) {
err = CRYPT_OK;
- goto done;
+ goto error;
}
- if ((err = mp_exptmod(&key->g, &key->q, &key->p, &tmp)) != MP_OKAY) { goto error; }
- if (mp_cmp_d(&tmp, 1) != MP_EQ) {
+ if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK) { goto error; }
+ if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) {
err = CRYPT_OK;
- goto done;
+ goto error;
}
/* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */
- if ((err = mp_exptmod(&key->y, &key->q, &key->p, &tmp)) != MP_OKAY) { goto error; }
- if (mp_cmp_d(&tmp, 1) != MP_EQ) {
+ if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { goto error; }
+ if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) {
err = CRYPT_OK;
- goto done;
+ goto error;
}
/* at this point we are out of tests ;-( */
err = CRYPT_OK;
*stat = 1;
- goto done;
-error: err = mpi_to_ltc_error(err);
-done : mp_clear_multi(&tmp, &tmp2, NULL);
+error:
+ mp_clear_multi(tmp, tmp2, NULL);
return err;
}
#endif
/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 16:47:46 +0000