diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-05 09:25:12 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-05 09:25:12 +0000 |
commit | cc2209a5dec0495db04394bfc42106202ae24d4a (patch) | |
tree | 928a428bd83a59c174ea9f226360f7fd1b64ff60 | |
parent | e1e7c035a0d0a6c13f58b9b8901dccd0c7b01a7b (diff) | |
download | gnutls-cc2209a5dec0495db04394bfc42106202ae24d4a.tar.gz |
some minor fixes and cleanups.
-rw-r--r-- | doc/TODO | 3 | ||||
-rw-r--r-- | doc/tex/ciphers.tex | 8 | ||||
-rw-r--r-- | lib/gnutls_dh_primes.c | 27 | ||||
-rw-r--r-- | lib/gnutls_mpi.c | 4 | ||||
-rw-r--r-- | src/prime.c | 16 |
5 files changed, 47 insertions, 11 deletions
@@ -11,6 +11,9 @@ Current list: * Add gnutls_openpgp_key_get_key_usage(). * Use subkeys with the 0x20 flag in openpgp keys (if present), instead of the main key. +* Add function to extract the signers of an openpgp key. Should + be similar to gnutls_x509_crt_get_dn_oid(). +* Add function to verify an openpgp key against a plain key. * Add support for generating and handling DSA keys * Add support for extracting CRL distribution points. * Add support for generating CRLs. diff --git a/doc/tex/ciphers.tex b/doc/tex/ciphers.tex index 3e2f6f66e0..0cb46e9916 100644 --- a/doc/tex/ciphers.tex +++ b/doc/tex/ciphers.tex @@ -47,10 +47,14 @@ supported in TLS. \begin{tabular}{|l|p{9cm}|} \hline -MAC\_MD5 & MD5 is a hash algorithm by Ron Rivest. Outputs 128 bits of data. +MAC\_MD5 & MD5 is a cryptographic hash algorithm designed by Ron Rivest. Outputs 128 bits of data. \\ \hline -MAC\_SHA & SHA is a hash algorithm by NSA. Outputs 160 bits of data. +MAC\_SHA & SHA is a cryptographic hash algorithm designed by NSA. Outputs 160 bits of data. +\\ +\hline +MAC\_RMD160 & RIPEMD is a cryptographic hash algorithm developed in the framework +of the EU project RIPE. Outputs 160 bits of data. \\ \hline \end{tabular} diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c index 08c86f3ab1..58d5c9bc1f 100644 --- a/lib/gnutls_dh_primes.c +++ b/lib/gnutls_dh_primes.c @@ -86,9 +86,13 @@ int _gnutls_dh_generate_prime(GNUTLS_MPI * ret_g, GNUTLS_MPI * ret_n, /* Calculate the size of a prime factor of (prime-1)/2. * This is a bad emulation of Michael Wiener's table */ - qbits = 120 + (((bits / 256) - 1) * 20); - if (qbits & 1) /* better have an even number */ - qbits++; + if (bits < 256) qbits = bits/2; + else { + qbits = 120 + (((bits / 256) - 1) * 20); + } + + if (qbits & 1) /* better have an even number */ + qbits++; /* find a prime number of size bits. */ @@ -122,7 +126,7 @@ int _gnutls_dh_generate_prime(GNUTLS_MPI * ret_g, GNUTLS_MPI * ret_n, result = GNUTLS_E_INTERNAL_ERROR; goto cleanup; } - + gcry_prime_release_factors (factors); factors = NULL; if (ret_g) @@ -244,11 +248,13 @@ void gnutls_dh_params_deinit(gnutls_dh_params dh_params) **/ int gnutls_dh_params_generate2(gnutls_dh_params params, unsigned int bits) { +int ret; - if (_gnutls_dh_generate_prime(¶ms->_generator, - ¶ms->_prime, bits) < 0) { + ret = _gnutls_dh_generate_prime(¶ms->_generator, + ¶ms->_prime, bits); + if (ret < 0) { gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + return ret; } return 0; @@ -531,6 +537,13 @@ int gnutls_dh_params_export_raw(gnutls_dh_params params, size_t size; + if (params->_generator == NULL || + params->_prime == NULL) + { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + size = 0; _gnutls_mpi_print(NULL, &size, params->_generator); diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c index 337f396c94..8dede95446 100644 --- a/lib/gnutls_mpi.c +++ b/lib/gnutls_mpi.c @@ -75,6 +75,8 @@ int _gnutls_mpi_print( void *buffer, size_t *nbytes, const GNUTLS_MPI a ) { int ret; + if (nbytes == NULL || a == NULL) return GNUTLS_E_INVALID_REQUEST; + ret = gcry_mpi_print( GCRYMPI_FMT_USG, buffer, *nbytes, nbytes, a); if (!ret) return ret; @@ -86,6 +88,8 @@ int _gnutls_mpi_print_lz( void *buffer, size_t *nbytes, const GNUTLS_MPI a ) { int ret; + if (nbytes == NULL || a == NULL) return GNUTLS_E_INVALID_REQUEST; + ret = gcry_mpi_print( GCRYMPI_FMT_STD, buffer, *nbytes, nbytes, a); if (!ret) return ret; diff --git a/src/prime.c b/src/prime.c index b035af261e..72edcdf85c 100644 --- a/src/prime.c +++ b/src/prime.c @@ -38,6 +38,7 @@ static int cparams = 0; int generate_prime(int bits) { unsigned int i; + int ret; gnutls_dh_params dh_params; gnutls_datum p, g; @@ -45,8 +46,19 @@ int generate_prime(int bits) fprintf(stderr, "Generating DH parameters..."); - gnutls_dh_params_generate2( dh_params, bits); - gnutls_dh_params_export_raw( dh_params, &p, &g, NULL); + ret = gnutls_dh_params_generate2( dh_params, bits); + if (ret < 0) { + fprintf(stderr, "Error generating parameters: %s\n", + gnutls_strerror(ret)); + exit(1); + } + + ret = gnutls_dh_params_export_raw( dh_params, &p, &g, NULL); + if (ret < 0) { + fprintf(stderr, "Error exporting parameters: %s\n", + gnutls_strerror(ret)); + exit(1); + } if (cparams) { |