diff options
author | Matt Johnston <matt@ucc.asn.au> | 2007-02-03 08:20:30 +0000 |
---|---|---|
committer | Matt Johnston <matt@ucc.asn.au> | 2007-02-03 08:20:30 +0000 |
commit | c5fd7dd5548f28e32d846e39d17e5c4de4e769af (patch) | |
tree | 81b522e272facfb27ff614936b4988bf6569ef2d /libtomcrypt/src/pk/dsa | |
parent | 5092e30605dfc5c45990d91cf606990e5c768255 (diff) | |
parent | 4a5208512ba02f735acbf7e948ed02353583581e (diff) |
merge of '1250b8af44b62d8f4fe0f8d9fc7e7a1cc34e7e1c'
and '7f8670ac3bb975f40967f3979d09d2199b7e90c8'
--HG--
extra : convert_revision : 6b61c50f4cf888bea302ac8fcf5dbb573b443251
Diffstat (limited to 'libtomcrypt/src/pk/dsa')
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_decrypt_key.c | 139 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_encrypt_key.c | 135 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_export.c | 24 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_free.c | 10 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_import.c | 33 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_make_key.c | 69 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_shared_secret.c | 72 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_sign_hash.c | 63 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_verify_hash.c | 52 | ||||
-rw-r--r-- | libtomcrypt/src/pk/dsa/dsa_verify_key.c | 50 |
10 files changed, 489 insertions, 158 deletions
diff --git a/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c b/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c new file mode 100644 index 0000000..5cbedc6 --- /dev/null +++ b/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c @@ -0,0 +1,139 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file dsa_decrypt_key.c + DSA Crypto, Tom St Denis +*/ + +#ifdef MDSA + +/** + Decrypt an DSA encrypted key + @param in The ciphertext + @param inlen The length of the ciphertext (octets) + @param out [out] The plaintext + @param outlen [in/out] The max size and resulting size of the plaintext + @param key The corresponding private DSA key + @return CRYPT_OK if successful +*/ +int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + dsa_key *key) +{ + unsigned char *skey, *expt; + void *g_pub; + unsigned long x, y, hashOID[32]; + int hash, err; + ltc_asn1_list decode[3]; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(key != NULL); + + /* right key type? */ + if (key->type != PK_PRIVATE) { + return CRYPT_PK_NOT_PRIVATE; + } + + /* decode to find out hash */ + LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); + + if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { + return err; + } + + hash = find_hash_oid(hashOID, decode[0].size); + if (hash_is_valid(hash) != CRYPT_OK) { + return CRYPT_INVALID_PACKET; + } + + /* we now have the hash! */ + + if ((err = mp_init(&g_pub)) != CRYPT_OK) { + return err; + } + + /* allocate memory */ + expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1); + skey = XMALLOC(MAXBLOCKSIZE); + if (expt == NULL || skey == NULL) { + if (expt != NULL) { + XFREE(expt); + } + if (skey != NULL) { + XFREE(skey); + } + mp_clear(g_pub); + return CRYPT_MEM; + } + + LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER, g_pub, 1UL); + LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); + + /* read the structure in now */ + if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* make shared key */ + x = mp_unsigned_bin_size(key->p) + 1; + if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + + y = MIN(mp_unsigned_bin_size(key->p) + 1, MAXBLOCKSIZE); + if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* ensure the hash of the shared secret is at least as big as the encrypt itself */ + if (decode[2].size > y) { + err = CRYPT_INVALID_PACKET; + goto LBL_ERR; + } + + /* avoid buffer overflow */ + if (*outlen < decode[2].size) { + *outlen = decode[2].size; + err = CRYPT_BUFFER_OVERFLOW; + goto LBL_ERR; + } + + /* Decrypt the key */ + for (x = 0; x < decode[2].size; x++) { + out[x] = expt[x] ^ skey[x]; + } + *outlen = x; + + err = CRYPT_OK; +LBL_ERR: +#ifdef LTC_CLEAN_STACK + zeromem(expt, mp_unsigned_bin_size(key->p) + 1); + zeromem(skey, MAXBLOCKSIZE); +#endif + + XFREE(expt); + XFREE(skey); + + mp_clear(g_pub); + + return err; +} + +#endif + +/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c,v $ */ +/* $Revision: 1.9 $ */ +/* $Date: 2006/12/04 03:18:43 $ */ + diff --git a/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c b/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c new file mode 100644 index 0000000..cefa4de --- /dev/null +++ b/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c @@ -0,0 +1,135 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file dsa_encrypt_key.c + DSA Crypto, Tom St Denis +*/ + +#ifdef MDSA + +/** + Encrypt a symmetric key with DSA + @param in The symmetric key you want to encrypt + @param inlen The length of the key to encrypt (octets) + @param out [out] The destination for the ciphertext + @param outlen [in/out] The max size and resulting size of the ciphertext + @param prng An active PRNG state + @param wprng The index of the PRNG you wish to use + @param hash The index of the hash you want to use + @param key The DSA key you want to encrypt to + @return CRYPT_OK if successful +*/ +int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, + unsigned char *out, unsigned long *outlen, + prng_state *prng, int wprng, int hash, + dsa_key *key) +{ + unsigned char *expt, *skey; + void *g_pub, *g_priv; + unsigned long x, y; + int err; + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + LTC_ARGCHK(key != NULL); + + /* check that wprng/cipher/hash are not invalid */ + if ((err = prng_is_valid(wprng)) != CRYPT_OK) { + return err; + } + + if ((err = hash_is_valid(hash)) != CRYPT_OK) { + return err; + } + + if (inlen > hash_descriptor[hash].hashsize) { + return CRYPT_INVALID_HASH; + } + + /* make a random key and export the public copy */ + if ((err = mp_init_multi(&g_pub, &g_priv, NULL)) != CRYPT_OK) { + return err; + } + + expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1); + skey = XMALLOC(MAXBLOCKSIZE); + if (expt == NULL || skey == NULL) { + if (expt != NULL) { + XFREE(expt); + } + if (skey != NULL) { + XFREE(skey); + } + mp_clear_multi(g_pub, g_priv, NULL); + return CRYPT_MEM; + } + + /* make a random x, g^x pair */ + x = mp_unsigned_bin_size(key->q); + if (prng_descriptor[wprng].read(expt, x, prng) != x) { + err = CRYPT_ERROR_READPRNG; + goto LBL_ERR; + } + + /* load x */ + if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* compute y */ + if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* make random key */ + x = mp_unsigned_bin_size(key->p) + 1; + if ((err = dsa_shared_secret(g_priv, key->y, key, expt, &x)) != CRYPT_OK) { + goto LBL_ERR; + } + + y = MAXBLOCKSIZE; + if ((err = hash_memory(hash, expt, x, skey, &y)) != CRYPT_OK) { + goto LBL_ERR; + } + + /* Encrypt key */ + for (x = 0; x < inlen; x++) { + skey[x] ^= in[x]; + } + + err = der_encode_sequence_multi(out, outlen, + LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID, + LTC_ASN1_INTEGER, 1UL, g_pub, + LTC_ASN1_OCTET_STRING, inlen, skey, + LTC_ASN1_EOL, 0UL, NULL); + +LBL_ERR: +#ifdef LTC_CLEAN_STACK + /* clean up */ + zeromem(expt, mp_unsigned_bin_size(key->p) + 1); + zeromem(skey, MAXBLOCKSIZE); +#endif + + XFREE(skey); + XFREE(expt); + + mp_clear_multi(g_pub, g_priv, NULL); + return err; +} + +#endif +/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c,v $ */ +/* $Revision: 1.7 $ */ +/* $Date: 2006/12/04 03:18:43 $ */ + diff --git a/libtomcrypt/src/pk/dsa/dsa_export.c b/libtomcrypt/src/pk/dsa/dsa_export.c index 5a093d9..d882779 100644 --- a/libtomcrypt/src/pk/dsa/dsa_export.c +++ b/libtomcrypt/src/pk/dsa/dsa_export.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -47,19 +47,19 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key if (type == PK_PRIVATE) { return der_encode_sequence_multi(out, outlen, LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, &key->g, - LTC_ASN1_INTEGER, 1UL, &key->p, - LTC_ASN1_INTEGER, 1UL, &key->q, - LTC_ASN1_INTEGER, 1UL, &key->y, - LTC_ASN1_INTEGER, 1UL, &key->x, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->y, + LTC_ASN1_INTEGER, 1UL, key->x, LTC_ASN1_EOL, 0UL, NULL); } else { return der_encode_sequence_multi(out, outlen, LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, &key->g, - LTC_ASN1_INTEGER, 1UL, &key->p, - LTC_ASN1_INTEGER, 1UL, &key->q, - LTC_ASN1_INTEGER, 1UL, &key->y, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->y, LTC_ASN1_EOL, 0UL, NULL); } } @@ -68,5 +68,5 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_export.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2005/06/03 19:24:31 $ */ +/* $Revision: 1.8 $ */ +/* $Date: 2006/03/31 14:15:35 $ */ diff --git a/libtomcrypt/src/pk/dsa/dsa_free.c b/libtomcrypt/src/pk/dsa/dsa_free.c index 9157acb..92a1eb7 100644 --- a/libtomcrypt/src/pk/dsa/dsa_free.c +++ b/libtomcrypt/src/pk/dsa/dsa_free.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -23,12 +23,12 @@ */ void dsa_free(dsa_key *key) { - LTC_ARGCHK(key != NULL); - mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL); + LTC_ARGCHKVD(key != NULL); + mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); } #endif /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_free.c,v $ */ -/* $Revision: 1.3 $ */ -/* $Date: 2005/05/05 14:35:59 $ */ +/* $Revision: 1.6 $ */ +/* $Date: 2006/06/09 01:38:13 $ */ diff --git a/libtomcrypt/src/pk/dsa/dsa_import.c b/libtomcrypt/src/pk/dsa/dsa_import.c index e81bac8..bb2272a 100644 --- a/libtomcrypt/src/pk/dsa/dsa_import.c +++ b/libtomcrypt/src/pk/dsa/dsa_import.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -31,9 +31,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ - if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != MP_OKAY) { + if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) { return CRYPT_MEM; } @@ -47,11 +48,11 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) if (flags[0] == 1) { if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, &key->g, - LTC_ASN1_INTEGER, 1UL, &key->p, - LTC_ASN1_INTEGER, 1UL, &key->q, - LTC_ASN1_INTEGER, 1UL, &key->y, - LTC_ASN1_INTEGER, 1UL, &key->x, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->y, + LTC_ASN1_INTEGER, 1UL, key->x, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto error; } @@ -59,31 +60,31 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } else { if ((err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_INTEGER, 1UL, &key->g, - LTC_ASN1_INTEGER, 1UL, &key->p, - LTC_ASN1_INTEGER, 1UL, &key->q, - LTC_ASN1_INTEGER, 1UL, &key->y, + LTC_ASN1_INTEGER, 1UL, key->g, + LTC_ASN1_INTEGER, 1UL, key->p, + LTC_ASN1_INTEGER, 1UL, key->q, + LTC_ASN1_INTEGER, 1UL, key->y, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto error; } key->type = PK_PUBLIC; } - key->qord = mp_unsigned_bin_size(&key->q); + key->qord = mp_unsigned_bin_size(key->q); if (key->qord >= MDSA_MAX_GROUP || key->qord <= 15 || - key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= MDSA_DELTA) { + (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= MDSA_DELTA) { err = CRYPT_INVALID_PACKET; goto error; } return CRYPT_OK; error: - mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); + mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL); return err; } #endif /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_import.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2005/06/08 23:31:17 $ */ +/* $Revision: 1.12 $ */ +/* $Date: 2006/03/31 14:15:35 $ */ diff --git a/libtomcrypt/src/pk/dsa/dsa_make_key.c b/libtomcrypt/src/pk/dsa/dsa_make_key.c index 02f69e0..293e814 100644 --- a/libtomcrypt/src/pk/dsa/dsa_make_key.c +++ b/libtomcrypt/src/pk/dsa/dsa_make_key.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -28,11 +28,12 @@ */ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key) { - mp_int tmp, tmp2; + void *tmp, *tmp2; int err, res; unsigned char *buf; LTC_ARGCHK(key != NULL); + LTC_ARGCHK(ltc_mp.name != NULL); /* check prng */ if ((err = prng_is_valid(wprng)) != CRYPT_OK) { @@ -52,21 +53,21 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, } /* init mp_ints */ - if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != MP_OKAY) { - err = mpi_to_ltc_error(err); - goto LBL_ERR; + if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != CRYPT_OK) { + XFREE(buf); + return err; } /* make our prime q */ - if ((err = rand_prime(&key->q, group_size*8, prng, wprng)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = rand_prime(key->q, group_size, prng, wprng)) != CRYPT_OK) { goto error; } /* double q */ - if ((err = mp_mul_2(&key->q, &tmp)) != MP_OKAY) { goto error; } + if ((err = mp_add(key->q, key->q, tmp)) != CRYPT_OK) { goto error; } /* now make a random string and multply it against q */ if (prng_descriptor[wprng].read(buf+1, modulus_size - group_size, prng) != (unsigned long)(modulus_size - group_size)) { err = CRYPT_ERROR_READPRNG; - goto LBL_ERR; + goto error; } /* force magnitude */ @@ -75,30 +76,30 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, /* force even */ buf[modulus_size - group_size - 1] &= ~1; - if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size)) != MP_OKAY) { goto error; } - if ((err = mp_mul(&key->q, &tmp2, &key->p)) != MP_OKAY) { goto error; } - if ((err = mp_add_d(&key->p, 1, &key->p)) != MP_OKAY) { goto error; } + if ((err = mp_read_unsigned_bin(tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(key->q, tmp2, key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(key->p, 1, key->p)) != CRYPT_OK) { goto error; } /* now loop until p is prime */ for (;;) { - if ((err = is_prime(&key->p, &res)) != CRYPT_OK) { goto LBL_ERR; } - if (res == MP_YES) break; + if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { goto error; } + if (res == LTC_MP_YES) break; /* add 2q to p and 2 to tmp2 */ - if ((err = mp_add(&tmp, &key->p, &key->p)) != MP_OKAY) { goto error; } - if ((err = mp_add_d(&tmp2, 2, &tmp2)) != MP_OKAY) { goto error; } + if ((err = mp_add(tmp, key->p, key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(tmp2, 2, tmp2)) != CRYPT_OK) { goto error; } } /* now p = (q * tmp2) + 1 is prime, find a value g for which g^tmp2 != 1 */ - mp_set(&key->g, 1); + mp_set(key->g, 1); do { - if ((err = mp_add_d(&key->g, 1, &key->g)) != MP_OKAY) { goto error; } - if ((err = mp_exptmod(&key->g, &tmp2, &key->p, &tmp)) != MP_OKAY) { goto error; } - } while (mp_cmp_d(&tmp, 1) == MP_EQ); + if ((err = mp_add_d(key->g, 1, key->g)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(key->g, tmp2, key->p, tmp)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(tmp, 1) == LTC_MP_EQ); /* at this point tmp generates a group of order q mod p */ - mp_exch(&tmp, &key->g); + mp_exch(tmp, key->g); /* so now we have our DH structure, generator g, order q, modulus p Now we need a random exponent [mod q] and it's power g^x mod p @@ -106,22 +107,15 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, do { if (prng_descriptor[wprng].read(buf, group_size, prng) != (unsigned long)group_size) { err = CRYPT_ERROR_READPRNG; - goto LBL_ERR; + goto error; } - if ((err = mp_read_unsigned_bin(&key->x, buf, group_size)) != MP_OKAY) { goto error; } - } while (mp_cmp_d(&key->x, 1) != MP_GT); - if ((err = mp_exptmod(&key->g, &key->x, &key->p, &key->y)) != MP_OKAY) { goto error; } - + if ((err = mp_read_unsigned_bin(key->x, buf, group_size)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(key->x, 1) != LTC_MP_GT); + if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto error; } + key->type = PK_PRIVATE; key->qord = group_size; - /* shrink the ram required */ - if ((err = mp_shrink(&key->g)) != MP_OKAY) { goto error; } - if ((err = mp_shrink(&key->p)) != MP_OKAY) { goto error; } - if ((err = mp_shrink(&key->q)) != MP_OKAY) { goto error; } - if ((err = mp_shrink(&key->x)) != MP_OKAY) { goto error; } - if ((err = mp_shrink(&key->y)) != MP_OKAY) { goto error; } - #ifdef LTC_CLEAN_STACK zeromem(buf, MDSA_DELTA); #endif @@ -129,12 +123,9 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, err = CRYPT_OK; goto done; error: - err = mpi_to_ltc_error(err); -LBL_ERR: - mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL); + mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); done: - mp_clear_multi(&tmp, &tmp2, NULL); - + mp_clear_multi(tmp, tmp2, NULL); XFREE(buf); return err; } @@ -142,5 +133,5 @@ done: #endif /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_make_key.c,v $ */ -/* $Revision: 1.4 $ */ -/* $Date: 2005/06/11 05:45:35 $ */ +/* $Revision: 1.10 $ */ +/* $Date: 2006/12/04 03:18:43 $ */ diff --git a/libtomcrypt/src/pk/dsa/dsa_shared_secret.c b/libtomcrypt/src/pk/dsa/dsa_shared_secret.c new file mode 100644 index 0000000..570d637 --- /dev/null +++ b/libtomcrypt/src/pk/dsa/dsa_shared_secret.c @@ -0,0 +1,72 @@ +/* LibTomCrypt, modular cryptographic library -- Tom St Denis + * + * LibTomCrypt is a library that provides various cryptographic + * algorithms in a highly modular and flexible manner. + * + * The library is free for all purposes without any express + * guarantee it works. + * + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com + */ +#include "tomcrypt.h" + +/** + @file dsa_shared_secret.c + DSA Crypto, Tom St Denis +*/ + +#ifdef MDSA + +/** + Create a DSA shared secret between two keys + @param private_key The private DSA key (the exponent) + @param base The base of the exponentiation (allows this to be used for both encrypt and decrypt) + @param public_key The public key + @param out [out] Destination of the shared secret + @param outlen [in/out] The max size and resulting size of the shared secret + @return CRYPT_OK if successful +*/ +int dsa_shared_secret(void *private_key, void *base, + dsa_key *public_key, + unsigned char *out, unsigned long *outlen) +{ + unsigned long x; + void *res; + int err; + + LTC_ARGCHK(private_key != NULL); + LTC_ARGCHK(public_key != NULL); + LTC_ARGCHK(out != NULL); + LTC_ARGCHK(outlen != NULL); + + /* make new point */ + if ((err = mp_init(&res)) != CRYPT_OK) { + return err; + } + + if ((err = mp_exptmod(base, private_key, public_key->p, res)) != CRYPT_OK) { + mp_clear(res); + return err; + } + + x = (unsigned long)mp_unsigned_bin_size(res); + if (*outlen < x) { + *outlen = x; + err = CRYPT_BUFFER_OVERFLOW; + goto done; + } + zeromem(out, x); + if ((err = mp_to_unsigned_bin(res, out + (x - mp_unsigned_bin_size(res)))) != CRYPT_OK) { goto done; } + + err = CRYPT_OK; + *outlen = x; +done: + mp_clear(res); + return err; +} + +#endif +/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_shared_secret.c,v $ */ +/* $Revision: 1.7 $ */ +/* $Date: 2006/12/04 03:18:43 $ */ + diff --git a/libtomcrypt/src/pk/dsa/dsa_sign_hash.c b/libtomcrypt/src/pk/dsa/dsa_sign_hash.c index 48d29a2..f84dd28 100644 --- a/libtomcrypt/src/pk/dsa/dsa_sign_hash.c +++ b/libtomcrypt/src/pk/dsa/dsa_sign_hash.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -29,10 +29,10 @@ @return CRYPT_OK if successful */ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, - mp_int *r, mp_int *s, + void *r, void *s, prng_state *prng, int wprng, dsa_key *key) { - mp_int k, kinv, tmp; + void *k, *kinv, *tmp; unsigned char *buf; int err; @@ -59,7 +59,7 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, } /* Init our temps */ - if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != MP_OKAY) { goto error; } + if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != CRYPT_OK) { goto ERRBUF; } retry: @@ -67,43 +67,40 @@ retry: /* gen random k */ if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) { err = CRYPT_ERROR_READPRNG; - goto LBL_ERR; + goto error; } /* read k */ - if ((err = mp_read_unsigned_bin(&k, buf, key->qord)) != MP_OKAY) { goto error; } + if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; } /* k > 1 ? */ - if (mp_cmp_d(&k, 1) != MP_GT) { goto retry; } + if (mp_cmp_d(k, 1) != LTC_MP_GT) { goto retry; } /* test gcd */ - if ((err = mp_gcd(&k, &key->q, &tmp)) != MP_OKAY) { goto error; } - } while (mp_cmp_d(&tmp, 1) != MP_EQ); + if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(tmp, 1) != LTC_MP_EQ); /* now find 1/k mod q */ - if ((err = mp_invmod(&k, &key->q, &kinv)) != MP_OKAY) { goto error; } + if ((err = mp_invmod(k, key->q, kinv)) != CRYPT_OK) { goto error; } /* now find r = g^k mod p mod q */ - if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != MP_OKAY) { goto error; } - if ((err = mp_mod(r, &key->q, r)) != MP_OKAY) { goto error; } + if ((err = mp_exptmod(key->g, k, key->p, r)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(r, key->q, r)) != CRYPT_OK) { goto error; } - if (mp_iszero(r) == MP_YES) { goto retry; } + if (mp_iszero(r) == LTC_MP_YES) { goto retry; } /* now find s = (in + xr)/k mod q */ - if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != MP_OKAY) { goto error; } - if ((err = mp_mul(&key->x, r, s)) != MP_OKAY) { goto error; } - if ((err = mp_add(s, &tmp, s)) != MP_OKAY) { goto error; } - if ((err = mp_mulmod(s, &kinv, &key->q, s)) != MP_OKAY) { goto error; } + if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(key->x, r, s)) != CRYPT_OK) { goto error; } + if ((err = mp_add(s, tmp, s)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK) { goto error; } - if (mp_iszero(s) == MP_YES) { goto retry; } + if (mp_iszero(s) == LTC_MP_YES) { goto retry; } err = CRYPT_OK; - goto LBL_ERR; - error: - err = mpi_to_ltc_error(err); -LBL_ERR: - mp_clear_multi(&k, &kinv, &tmp, NULL); + mp_clear_multi(k, kinv, tmp, NULL); +ERRBUF: #ifdef LTC_CLEAN_STACK zeromem(buf, MDSA_MAX_GROUP); #endif @@ -126,7 +123,7 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, prng_state *prng, int wprng, dsa_key *key) { - mp_int r, s; + void *r, *s; int err; LTC_ARGCHK(in != NULL); @@ -134,26 +131,26 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, LTC_ARGCHK(outlen != NULL); LTC_ARGCHK(key != NULL); - if (mp_init_multi(&r, &s, NULL) != MP_OKAY) { + if (mp_init_multi(&r, &s, NULL) != CRYPT_OK) { return CRYPT_MEM; } - if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, prng, wprng, key)) != CRYPT_OK) { - goto LBL_ERR; + if ((err = dsa_sign_hash_raw(in, inlen, r, s, prng, wprng, key)) != CRYPT_OK) { + goto error; } err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, &r, - LTC_ASN1_INTEGER, 1UL, &s, + LTC_ASN1_INTEGER, 1UL, r, + LTC_ASN1_INTEGER, 1UL, s, LTC_ASN1_EOL, 0UL, NULL); -LBL_ERR: - mp_clear_multi(&r, &s, NULL); +error: + mp_clear_multi(r, s, NULL); return err; } #endif /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_sign_hash.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2005/05/15 21:48:59 $ */ +/* $Revision: 1.12 $ */ +/* $Date: 2006/12/04 22:27:56 $ */ diff --git a/libtomcrypt/src/pk/dsa/dsa_verify_hash.c b/libtomcrypt/src/pk/dsa/dsa_verify_hash.c index 11e5c33..0e8ff22 100644 --- a/libtomcrypt/src/pk/dsa/dsa_verify_hash.c +++ b/libtomcrypt/src/pk/dsa/dsa_verify_hash.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -28,11 +28,11 @@ @param key The corresponding public DH key @return CRYPT_OK if successful (even if the signature is invalid) */ -int dsa_verify_hash_raw( mp_int *r, mp_int *s, +int dsa_verify_hash_raw( void *r, void *s, const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { - mp_int w, v, u1, u2; + void *w, *v, *u1, *u2; int err; LTC_ARGCHK(r != NULL); @@ -44,42 +44,40 @@ int dsa_verify_hash_raw( mp_int *r, mp_int *s, *stat = 0; /* init our variables */ - if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != MP_OKAY) { - return mpi_to_ltc_error(err); + if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != CRYPT_OK) { + return err; } /* neither r or s can be null or >q*/ - if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) { + if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) { err = CRYPT_INVALID_PACKET; - goto done; + goto error; } /* w = 1/s mod q */ - if ((err = mp_invmod(s, &key->q, &w)) != MP_OKAY) { goto error; } + if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; } /* u1 = m * w mod q */ - if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY) { goto error; } - if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY) { goto error; } + if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; } /* u2 = r*w mod q */ - if ((err = mp_mulmod(r, &w, &key->q, &u2)) != MP_OKAY) { goto error; } + if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } /* v = g^u1 * y^u2 mod p mod q */ - if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY) { goto error; } - if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY) { goto error; } - if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY) { goto error; } - if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY) { goto error; } + if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(v, key->q, v)) != CRYPT_OK) { goto error; } /* if r = v then we're set */ - if (mp_cmp(r, &v) == MP_EQ) { + if (mp_cmp(r, v) == LTC_MP_EQ) { *stat = 1; } err = CRYPT_OK; - goto done; - -error : err = mpi_to_ltc_error(err); -done : mp_clear_multi(&w, &v, &u1, &u2, NULL); +error: + mp_clear_multi(w, v, u1, u2, NULL); return err; } @@ -98,7 +96,7 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, int *stat, dsa_key *key) { int err; - mp_int r, s; + void *r, *s; if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { return CRYPT_MEM; @@ -106,17 +104,17 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, /* decode the sequence */ if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, &r, - LTC_ASN1_INTEGER, 1UL, &s, + LTC_ASN1_INTEGER, 1UL, r, + LTC_ASN1_INTEGER, 1UL, s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } /* do the op */ - err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key); + err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key); LBL_ERR: - mp_clear_multi(&r, &s, NULL); + mp_clear_multi(r, s, NULL); return err; } @@ -124,5 +122,5 @@ LBL_ERR: /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */ -/* $Revision: 1.8 $ */ -/* $Date: 2005/05/15 21:48:59 $ */ +/* $Revision: 1.13 $ */ +/* $Date: 2006/12/04 03:18:43 $ */ diff --git a/libtomcrypt/src/pk/dsa/dsa_verify_key.c b/libtomcrypt/src/pk/dsa/dsa_verify_key.c index b7be103..27054d6 100644 --- a/libtomcrypt/src/pk/dsa/dsa_verify_key.c +++ b/libtomcrypt/src/pk/dsa/dsa_verify_key.c @@ -6,7 +6,7 @@ * The library is free for all purposes without any express * guarantee it works. * - * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org + * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com */ #include "tomcrypt.h" @@ -25,7 +25,7 @@ */ int dsa_verify_key(dsa_key *key, int *stat) { - mp_int tmp, tmp2; + void *tmp, *tmp2; int res, err; LTC_ARGCHK(key != NULL); @@ -35,15 +35,14 @@ int dsa_verify_key(dsa_key *key, int *stat) *stat = 0; /* first make sure key->q and key->p are prime */ - if ((err = is_prime(&key->q, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) { return err; } if (res == 0) { return CRYPT_OK; } - - if ((err = is_prime(&key->p, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { return err; } if (res == 0) { @@ -51,52 +50,51 @@ int dsa_verify_key(dsa_key *key, int *stat) } /* now make sure that g is not -1, 0 or 1 and <p */ - if (mp_cmp_d(&key->g, 0) == MP_EQ || mp_cmp_d(&key->g, 1) == MP_EQ) { + if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) { return CRYPT_OK; } - if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != MP_OKAY) { goto error; } - if ((err = mp_sub_d(&key->p, 1, &tmp)) != MP_OKAY) { goto error; } - if (mp_cmp(&tmp, &key->g) == MP_EQ || mp_cmp(&key->g, &key->p) != MP_LT) { + if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK) { return err; } + if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) { err = CRYPT_OK; - goto done; + goto error; } /* 1 < y < p-1 */ - if (!(mp_cmp_d(&key->y, 1) == MP_GT && mp_cmp(&key->y, &tmp) == MP_LT)) { + if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) { err = CRYPT_OK; - goto done; + goto error; } /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */ - if ((err = mp_div(&tmp, &key->q, &tmp, &tmp2)) != MP_OKAY) { goto error; } - if (mp_iszero(&tmp2) != MP_YES) { + if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK) { goto error; } + if (mp_iszero(tmp2) != LTC_MP_YES) { err = CRYPT_OK; - goto done; + goto error; } - if ((err = mp_exptmod(&key->g, &key->q, &key->p, &tmp)) != MP_OKAY) { goto error; } - if (mp_cmp_d(&tmp, 1) != MP_EQ) { + if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { err = CRYPT_OK; - goto done; + goto error; } /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */ - if ((err = mp_exptmod(&key->y, &key->q, &key->p, &tmp)) != MP_OKAY) { goto error; } - if (mp_cmp_d(&tmp, 1) != MP_EQ) { + if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { err = CRYPT_OK; - goto done; + goto error; } /* at this point we are out of tests ;-( */ err = CRYPT_OK; *stat = 1; - goto done; -error: err = mpi_to_ltc_error(err); -done : mp_clear_multi(&tmp, &tmp2, NULL); +error: + mp_clear_multi(tmp, tmp2, NULL); return err; } #endif /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */ -/* $Revision: 1.3 $ */ -/* $Date: 2005/05/05 14:35:59 $ */ +/* $Revision: 1.6 $ */ +/* $Date: 2006/12/04 03:18:43 $ */ |