diff options
| author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2016-10-27 18:58:12 +0300 |
|---|---|---|
| committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-11-07 18:41:28 +0300 |
| commit | e9f9d34e276804b2cb721c95032d2aa5c96577b9 (patch) | |
| tree | 1411f29d512bbe894bddd8b8f7a1cd96991bc2c4 /lib | |
| parent | f0da4adf6c729d06ed4f7c5c0fd019570fc42275 (diff) | |
| download | gnutls-e9f9d34e276804b2cb721c95032d2aa5c96577b9.tar.gz | |
_gnutls_pk_derive: add argument for nonce
GOST VKO key derivation needs another opaque argument (called UKM).
Add an argument to _gnutls_pk_derive to accomodate that keying material.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/crypto-backend.h | 1 | ||||
| -rw-r--r-- | lib/nettle/pk.c | 10 | ||||
| -rw-r--r-- | lib/pk.h | 5 |
3 files changed, 14 insertions, 2 deletions
diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h index 33eca6031c..a3c52d4da8 100644 --- a/lib/crypto-backend.h +++ b/lib/crypto-backend.h @@ -397,6 +397,7 @@ typedef struct gnutls_crypto_pk { int (*derive) (gnutls_pk_algorithm_t, gnutls_datum_t * out, const gnutls_pk_params_st * priv, const gnutls_pk_params_st * pub, + const gnutls_datum_t *nonce, unsigned int flags); int (*curve_exists) (gnutls_ecc_curve_t); /* true/false */ diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index b6bb735566..bfa6ae4372 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -242,6 +242,7 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, gnutls_datum_t * out, const gnutls_pk_params_st * priv, const gnutls_pk_params_st * pub, + const gnutls_datum_t * nonce, unsigned int flags) { int ret; @@ -252,6 +253,9 @@ static int _wrap_nettle_pk_derive(gnutls_pk_algorithm_t algo, bigint_t k = NULL, ff = NULL, r = NULL; unsigned int bits; + if (nonce != NULL) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + f = pub->params[DH_Y]; x = priv->params[DH_X]; q = priv->params[DH_Q]; @@ -343,6 +347,9 @@ dh_cleanup: out->data = NULL; + if (nonce != NULL) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + curve = get_supported_nist_curve(priv->curve); if (curve == NULL) return @@ -384,6 +391,9 @@ dh_cleanup: { unsigned size = gnutls_ecc_curve_get_size(priv->curve); + if (nonce != NULL) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + /* The point is in pub, while the private part (scalar) in priv. */ if (size == 0 || priv->raw_priv.size != size) @@ -33,8 +33,9 @@ extern gnutls_crypto_pk_st _gnutls_pk_ops; #define _gnutls_pk_verify( algo, data, sig, params, sign_params) _gnutls_pk_ops.verify( algo, data, sig, params, sign_params) #define _gnutls_pk_verify_priv_params( algo, params) _gnutls_pk_ops.verify_priv_params( algo, params) #define _gnutls_pk_verify_pub_params( algo, params) _gnutls_pk_ops.verify_pub_params( algo, params) -#define _gnutls_pk_derive( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv, 0) -#define _gnutls_pk_derive_tls13( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv, PK_DERIVE_TLS13) +#define _gnutls_pk_derive( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv, NULL, 0) +#define _gnutls_pk_derive_nonce( algo, out, pub, priv, nonce) _gnutls_pk_ops.derive( algo, out, pub, priv, nonce, 0) +#define _gnutls_pk_derive_tls13( algo, out, pub, priv) _gnutls_pk_ops.derive( algo, out, pub, priv, NULL, PK_DERIVE_TLS13) #define _gnutls_pk_generate_keys( algo, bits, params, temporal) _gnutls_pk_ops.generate_keys( algo, bits, params, temporal) #define _gnutls_pk_generate_params( algo, bits, priv) _gnutls_pk_ops.generate_params( algo, bits, priv) #define _gnutls_pk_hash_algorithm( pk, sig, params, hash) _gnutls_pk_ops.hash_algorithm(pk, sig, params, hash) |