diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-20 08:01:09 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-21 10:18:49 +0100 |
commit | d765d0d8290a9c5ddc2a57f595e3430af0156341 (patch) | |
tree | ef2e7c5ad7f5405ce9bc54ab8c7858843a9ef21d | |
parent | 3a2695c318b20847e5488bf16df257f406d56f69 (diff) | |
download | gnutls-d765d0d8290a9c5ddc2a57f595e3430af0156341.tar.gz |
nettle/pk: use the appropriate level of randomness for each operation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/nettle/pk.c | 50 |
1 files changed, 36 insertions, 14 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 7a29d4cc9a..ac0ab60328 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -52,7 +52,29 @@ static inline const struct ecc_curve *get_supported_nist_curve(int curve); -static void rnd_func(void *_ctx, size_t length, uint8_t * data) +static void rnd_key_func(void *_ctx, size_t length, uint8_t * data) +{ + if (gnutls_rnd(GNUTLS_RND_KEY, data, length) < 0) { +#ifdef ENABLE_FIPS140 + _gnutls_switch_lib_state(LIB_STATE_ERROR); +#else + abort(); +#endif + } +} + +static void rnd_tmpkey_func(void *_ctx, size_t length, uint8_t * data) +{ + if (gnutls_rnd(GNUTLS_RND_RANDOM, data, length) < 0) { +#ifdef ENABLE_FIPS140 + _gnutls_switch_lib_state(LIB_STATE_ERROR); +#else + abort(); +#endif + } +} + +static void rnd_nonce_func(void *_ctx, size_t length, uint8_t * data) { if (gnutls_rnd(GNUTLS_RND_RANDOM, data, length) < 0) { #ifdef ENABLE_FIPS140 @@ -353,7 +375,7 @@ _wrap_nettle_pk_encrypt(gnutls_pk_algorithm_t algo, } ret = - rsa_encrypt(&pub, NULL, rnd_func, + rsa_encrypt(&pub, NULL, rnd_tmpkey_func, plaintext->size, plaintext->data, p); if (ret == 0) { @@ -437,7 +459,7 @@ _wrap_nettle_pk_decrypt(gnutls_pk_algorithm_t algo, } ret = - rsa_decrypt_tr(&pub, &priv, NULL, rnd_func, + rsa_decrypt_tr(&pub, &priv, NULL, rnd_nonce_func, &length, plaintext->data, TOMPZ(c)); _gnutls_mpi_release(&c); @@ -513,7 +535,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo, hash_len = vdata->size; } - ecdsa_sign(&priv, NULL, rnd_func, hash_len, + ecdsa_sign(&priv, NULL, rnd_tmpkey_func, hash_len, vdata->data, &sig); ret = @@ -555,7 +577,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo, } ret = - dsa_sign(&pub, TOMPZ(priv), NULL, rnd_func, + dsa_sign(&pub, TOMPZ(priv), NULL, rnd_tmpkey_func, hash_len, vdata->data, &sig); if (ret == 0) { gnutls_assert(); @@ -591,7 +613,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo, mpz_init(s); ret = - rsa_pkcs1_sign_tr(&pub, &priv, NULL, rnd_func, + rsa_pkcs1_sign_tr(&pub, &priv, NULL, rnd_tmpkey_func, vdata->size, vdata->data, s); if (ret == 0) { gnutls_assert(); @@ -853,7 +875,7 @@ wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo, } else { ret = dsa_generate_dss_pqg(&pub, &cert, - index, NULL, rnd_func, + index, NULL, rnd_key_func, NULL, NULL, level, q_bits); } if (ret != 1) { @@ -878,7 +900,7 @@ wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo, if (q_bits < 160) q_bits = 160; - ret = dsa_generate_params(&pub, NULL, rnd_func, + ret = dsa_generate_params(&pub, NULL, rnd_key_func, NULL, NULL, level, q_bits); if (ret != 1) { gnutls_assert(); @@ -1295,7 +1317,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, ret = dsa_generate_dss_keypair(&pub, y, x, - NULL, rnd_func, + NULL, rnd_key_func, NULL, NULL); if (ret != 1) { gnutls_assert(); @@ -1352,13 +1374,13 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, if (have_q) { mpz_set(r, pub.q); mpz_sub_ui(r, r, 2); - nettle_mpz_random(x, NULL, rnd_func, r); + nettle_mpz_random(x, NULL, rnd_tmpkey_func, r); mpz_add_ui(x, x, 1); } else { unsigned size = mpz_sizeinbase(pub.p, 2); if (level == 0) level = MIN(size, DH_EXPONENT_SIZE(size)); - nettle_mpz_random_size(x, NULL, rnd_func, level); + nettle_mpz_random_size(x, NULL, rnd_tmpkey_func, level); if (level >= size) mpz_mod(x, x, pub.p); @@ -1423,14 +1445,14 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, params->seed_size = sizeof(params->seed); ret = rsa_generate_fips186_4_keypair(&pub, &priv, NULL, - rnd_func, NULL, NULL, + rnd_key_func, NULL, NULL, ¶ms->seed_size, params->seed, level); } } else { ret = rsa_generate_keypair(&pub, &priv, NULL, - rnd_func, NULL, NULL, + rnd_key_func, NULL, NULL, level, 0); } if (ret != 1) { @@ -1487,7 +1509,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, ecc_scalar_init(&key, curve); ecc_point_init(&pub, curve); - ecdsa_generate_keypair(&pub, &key, NULL, rnd_func); + ecdsa_generate_keypair(&pub, &key, NULL, rnd_key_func); ret = _gnutls_mpi_init_multi(¶ms->params[ECC_X], ¶ms->params[ECC_Y], ¶ms->params[ECC_K], NULL); |