summaryrefslogtreecommitdiff
path: root/libtomcrypt/src/pk
diff options
context:
space:
mode:
Diffstat (limited to 'libtomcrypt/src/pk')
-rw-r--r--libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c15
-rw-r--r--libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c2
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_export.c2
-rw-r--r--libtomcrypt/src/pk/dsa/dsa_generate_pqg.c4
-rw-r--r--libtomcrypt/src/pk/ecc/ecc_sign_hash.c53
-rw-r--r--libtomcrypt/src/pk/ecc/ecc_verify_hash.c16
-rw-r--r--libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c10
-rw-r--r--libtomcrypt/src/pk/rsa/rsa_export.c2
-rw-r--r--libtomcrypt/src/pk/rsa/rsa_import_pkcs8.c2
9 files changed, 60 insertions, 46 deletions
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
index 142ef95..cb93e8f 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
@@ -79,8 +79,8 @@ static int _new_element(ltc_asn1_list **l)
*/
int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out)
{
- ltc_asn1_list *l;
- unsigned long err, type, len, totlen, data_offset;
+ ltc_asn1_list *l, *t;
+ unsigned long err, type, len, totlen, data_offset, len_len;
void *realloc_tmp;
LTC_ARGCHK(in != NULL);
@@ -407,6 +407,17 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc
l->child->parent = l;
}
+ t = l;
+ len_len = 0;
+ while((t != NULL) && (t->child != NULL)) {
+ len_len++;
+ t = t->child;
+ }
+ if (len_len > LTC_DER_MAX_RECURSION) {
+ err = CRYPT_ERROR;
+ goto error;
+ }
+
break;
case 0x80: /* Context-specific */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
index 6826181..d2d0811 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
@@ -80,7 +80,7 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
}
if ((alg_id[0].size != oid.OIDlen) ||
- XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) {
+ XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0])) != 0) {
/* OID mismatch */
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
diff --git a/libtomcrypt/src/pk/dsa/dsa_export.c b/libtomcrypt/src/pk/dsa/dsa_export.c
index 1f6bb5a..f3a9f59 100644
--- a/libtomcrypt/src/pk/dsa/dsa_export.c
+++ b/libtomcrypt/src/pk/dsa/dsa_export.c
@@ -69,7 +69,7 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
}
} else {
if (std) {
- unsigned long tmplen = (mp_count_bits(key->y) / 8) + 8;
+ unsigned long tmplen = (unsigned long)(mp_count_bits(key->y) / 8) + 8;
unsigned char* tmp = XMALLOC(tmplen);
ltc_asn1_list int_list[3];
diff --git a/libtomcrypt/src/pk/dsa/dsa_generate_pqg.c b/libtomcrypt/src/pk/dsa/dsa_generate_pqg.c
index 91c7ef7..8c5f558 100644
--- a/libtomcrypt/src/pk/dsa/dsa_generate_pqg.c
+++ b/libtomcrypt/src/pk/dsa/dsa_generate_pqg.c
@@ -72,8 +72,8 @@ static int _dsa_make_params(prng_state *prng, int wprng, int group_size, int mod
*/
seedbytes = group_size;
- L = modulus_size * 8;
- N = group_size * 8;
+ L = (unsigned long)modulus_size * 8;
+ N = (unsigned long)group_size * 8;
/* XXX-TODO no Lucas test */
#ifdef LTC_MPI_HAS_LUCAS_TEST
diff --git a/libtomcrypt/src/pk/ecc/ecc_sign_hash.c b/libtomcrypt/src/pk/ecc/ecc_sign_hash.c
index d285dac..ec6677c 100644
--- a/libtomcrypt/src/pk/ecc/ecc_sign_hash.c
+++ b/libtomcrypt/src/pk/ecc/ecc_sign_hash.c
@@ -14,14 +14,14 @@
/**
@file ecc_sign_hash.c
ECC Crypto, Tom St Denis
-*/
+*/
static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
- unsigned char *out, unsigned long *outlen,
+ unsigned char *out, unsigned long *outlen,
prng_state *prng, int wprng, ecc_key *key, int sigformat)
{
ecc_key pubkey;
- void *r, *s, *e, *p;
+ void *r, *s, *e, *p, *b;
int err, max_iterations = LTC_PK_MAX_RETRIES;
unsigned long pbits, pbytes, i, shift_right;
unsigned char ch, buf[MAXBLOCKSIZE];
@@ -35,21 +35,21 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
if (key->type != PK_PRIVATE) {
return CRYPT_PK_NOT_PRIVATE;
}
-
+
/* is the IDX valid ? */
if (ltc_ecc_is_valid_idx(key->idx) != 1) {
return CRYPT_PK_INVALID_TYPE;
}
-
+
if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
return err;
}
/* init the bignums */
- if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) {
+ if ((err = mp_init_multi(&r, &s, &p, &e, &b, NULL)) != CRYPT_OK) {
return err;
}
- if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; }
+ if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; }
/* get the hash and load it as a bignum into 'e' */
pbits = mp_count_bits(p);
@@ -77,21 +77,24 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
}
/* find r = x1 mod n */
- if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; }
+ if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; }
if (mp_iszero(r) == LTC_MP_YES) {
ecc_free(&pubkey);
- } else {
- /* find s = (e + xr)/k */
- if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/k */
- if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */
- if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e + xr */
- if ((err = mp_mod(s, p, s)) != CRYPT_OK) { goto error; } /* s = e + xr */
- if ((err = mp_mulmod(s, pubkey.k, p, s)) != CRYPT_OK) { goto error; } /* s = (e + xr)/k */
- ecc_free(&pubkey);
- if (mp_iszero(s) == LTC_MP_NO) {
- break;
- }
+ } else {
+ if ((err = rand_bn_upto(b, p, prng, wprng)) != CRYPT_OK) { goto error; } /* b = blinding value */
+ /* find s = (e + xr)/k */
+ if ((err = mp_mulmod(pubkey.k, b, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = kb */
+ if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/kb */
+ if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */
+ if ((err = mp_mulmod(pubkey.k, s, p, s)) != CRYPT_OK) { goto error; } /* s = xr/kb */
+ if ((err = mp_mulmod(pubkey.k, e, p, e)) != CRYPT_OK) { goto error; } /* e = e/kb */
+ if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e/kb + xr/kb */
+ if ((err = mp_mulmod(s, b, p, s)) != CRYPT_OK) { goto error; } /* s = b(e/kb + xr/kb) = (e + xr)/k */
+ ecc_free(&pubkey);
+ if (mp_iszero(s) == LTC_MP_NO) {
+ break;
+ }
}
} while (--max_iterations > 0);
@@ -112,17 +115,17 @@ static int _ecc_sign_hash(const unsigned char *in, unsigned long inlen,
}
else {
/* store as ASN.1 SEQUENCE { r, s -- integer } */
- err = der_encode_sequence_multi(out, outlen,
- LTC_ASN1_INTEGER, 1UL, r,
- LTC_ASN1_INTEGER, 1UL, s,
- LTC_ASN1_EOL, 0UL, NULL);
+ err = der_encode_sequence_multi(out, outlen,
+ LTC_ASN1_INTEGER, 1UL, r,
+ LTC_ASN1_INTEGER, 1UL, s,
+ LTC_ASN1_EOL, 0UL, NULL);
}
goto errnokey;
error:
ecc_free(&pubkey);
errnokey:
- mp_clear_multi(r, s, p, e, NULL);
- return err;
+ mp_clear_multi(r, s, p, e, b, NULL);
+ return err;
}
/**
diff --git a/libtomcrypt/src/pk/ecc/ecc_verify_hash.c b/libtomcrypt/src/pk/ecc/ecc_verify_hash.c
index 7aa5f52..bc4f84f 100644
--- a/libtomcrypt/src/pk/ecc/ecc_verify_hash.c
+++ b/libtomcrypt/src/pk/ecc/ecc_verify_hash.c
@@ -14,10 +14,10 @@
/**
@file ecc_verify_hash.c
ECC Crypto, Tom St Denis
-*/
+*/
static int _ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
- const unsigned char *hash, unsigned long hashlen,
+ const unsigned char *hash, unsigned long hashlen,
int *stat, ecc_key *key, int sigformat)
{
ecc_point *mG, *mQ;
@@ -66,9 +66,9 @@ static int _ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
}
else {
/* ASN.1 format */
- if ((err = der_decode_sequence_multi(sig, siglen,
- LTC_ASN1_INTEGER, 1UL, r,
- LTC_ASN1_INTEGER, 1UL, s,
+ if ((err = der_decode_sequence_multi(sig, siglen,
+ LTC_ASN1_INTEGER, 1UL, r,
+ LTC_ASN1_INTEGER, 1UL, s,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto error; }
}
@@ -125,13 +125,13 @@ static int _ecc_verify_hash(const unsigned char *sig, unsigned long siglen,
if (ltc_mp.ecc_mul2add == NULL) {
if ((err = ltc_mp.ecc_ptmul(u1, mG, mG, m, 0)) != CRYPT_OK) { goto error; }
if ((err = ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0)) != CRYPT_OK) { goto error; }
-
+
/* find the montgomery mp */
if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; }
/* add them */
if ((err = ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp)) != CRYPT_OK) { goto error; }
-
+
/* reduce */
if ((err = ltc_mp.ecc_map(mG, m, mp)) != CRYPT_OK) { goto error; }
} else {
@@ -153,7 +153,7 @@ error:
ltc_ecc_del_point(mG);
ltc_ecc_del_point(mQ);
mp_clear_multi(r, s, v, w, u1, u2, p, e, m, NULL);
- if (mp != NULL) {
+ if (mp != NULL) {
mp_montgomery_free(mp);
}
return err;
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c
index ca5c9d9..ab26ede 100644
--- a/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c
@@ -17,7 +17,7 @@
/**
@file ltc_ecc_mulmod_timing.c
ECC Crypto, Tom St Denis
-*/
+*/
#ifdef LTC_MECC
@@ -59,8 +59,8 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
return err;
}
- /* alloc ram for window temps */
- for (i = 0; i < 3; i++) {
+ /* alloc ram for window temps */
+ for (i = 0; i < 3; i++) {
M[i] = ltc_ecc_new_point();
if (M[i] == NULL) {
for (j = 0; j < i; j++) {
@@ -70,7 +70,7 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
mp_montgomery_free(mp);
return CRYPT_MEM;
}
- }
+ }
/* make a copy of G incase R==G */
tG = ltc_ecc_new_point();
@@ -82,7 +82,7 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; }
mp_clear(mu);
mu = NULL;
-
+
/* calc the M tab */
/* M[0] == G */
if ((err = mp_copy(tG->x, M[0]->x)) != CRYPT_OK) { goto done; }
diff --git a/libtomcrypt/src/pk/rsa/rsa_export.c b/libtomcrypt/src/pk/rsa/rsa_export.c
index a9885de..efd61d6 100644
--- a/libtomcrypt/src/pk/rsa/rsa_export.c
+++ b/libtomcrypt/src/pk/rsa/rsa_export.c
@@ -58,7 +58,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
unsigned char* tmp = NULL;
if (type & PK_STD) {
- tmplen = (mp_count_bits(key->N)/8)*2+8;
+ tmplen = (unsigned long)(mp_count_bits(key->N) / 8) * 2 + 8;
tmp = XMALLOC(tmplen);
ptmplen = &tmplen;
if (tmp == NULL) {
diff --git a/libtomcrypt/src/pk/rsa/rsa_import_pkcs8.c b/libtomcrypt/src/pk/rsa/rsa_import_pkcs8.c
index 8e15e06..0546eb0 100644
--- a/libtomcrypt/src/pk/rsa/rsa_import_pkcs8.c
+++ b/libtomcrypt/src/pk/rsa/rsa_import_pkcs8.c
@@ -114,7 +114,7 @@ int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen,
/* check alg oid */
if ((alg_seq[0].size != rsaoid.OIDlen) ||
- XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0]))) {
+ XMEMCMP(rsaoid.OID, alg_seq[0].data, rsaoid.OIDlen * sizeof(rsaoid.OID[0])) != 0) {
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
}
View Lorry Controller Status