summaryrefslogtreecommitdiff
path: root/lib/pk.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pk.c')
-rw-r--r--lib/pk.c152
1 files changed, 69 insertions, 83 deletions
diff --git a/lib/pk.c b/lib/pk.c
index 753cecd187..400d499892 100644
--- a/lib/pk.c
+++ b/lib/pk.c
@@ -58,8 +58,7 @@
**/
int
gnutls_encode_rs_value(gnutls_datum_t * sig_value,
- const gnutls_datum_t * r,
- const gnutls_datum_t * s)
+ const gnutls_datum_t * r, const gnutls_datum_t * s)
{
return _gnutls_encode_ber_rs_raw(sig_value, r, s);
}
@@ -69,8 +68,7 @@ gnutls_encode_rs_value(gnutls_datum_t * sig_value,
*/
int
_gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
- const gnutls_datum_t * r,
- const gnutls_datum_t * s)
+ const gnutls_datum_t * r, const gnutls_datum_t * s)
{
asn1_node sig;
int result, ret;
@@ -85,7 +83,7 @@ _gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
}
if (s->data[0] >= 0x80 || r->data[0] >= 0x80) {
- tmp = gnutls_malloc(MAX(r->size, s->size)+1);
+ tmp = gnutls_malloc(MAX(r->size, s->size) + 1);
if (tmp == NULL) {
ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
goto cleanup;
@@ -96,7 +94,7 @@ _gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
assert(tmp);
tmp[0] = 0;
memcpy(&tmp[1], r->data, r->size);
- result = asn1_write_value(sig, "r", tmp, 1+r->size);
+ result = asn1_write_value(sig, "r", tmp, 1 + r->size);
} else {
result = asn1_write_value(sig, "r", r->data, r->size);
}
@@ -107,12 +105,11 @@ _gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
goto cleanup;
}
-
if (s->data[0] >= 0x80) {
assert(tmp);
tmp[0] = 0;
memcpy(&tmp[1], s->data, s->size);
- result = asn1_write_value(sig, "s", tmp, 1+s->size);
+ result = asn1_write_value(sig, "s", tmp, 1 + s->size);
} else {
result = asn1_write_value(sig, "s", s->data, s->size);
}
@@ -136,8 +133,7 @@ _gnutls_encode_ber_rs_raw(gnutls_datum_t * sig_value,
return ret;
}
-int
-_gnutls_encode_ber_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s)
+int _gnutls_encode_ber_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s)
{
asn1_node sig;
int result;
@@ -173,7 +169,6 @@ _gnutls_encode_ber_rs(gnutls_datum_t * sig_value, bigint_t r, bigint_t s)
return 0;
}
-
/* decodes the Dss-Sig-Value structure
*/
int
@@ -194,8 +189,7 @@ _gnutls_decode_ber_rs(const gnutls_datum_t * sig_value, bigint_t * r,
/* rfc3279 doesn't specify whether Dss-Sig-Value is encoded
* as DER or BER. As such we do not restrict to the DER subset. */
result =
- asn1_der_decoding(&sig, sig_value->data, sig_value->size,
- NULL);
+ asn1_der_decoding(&sig, sig_value->data, sig_value->size, NULL);
if (result != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(&sig);
@@ -242,8 +236,8 @@ _gnutls_decode_ber_rs(const gnutls_datum_t * sig_value, bigint_t * r,
* Since: 3.6.0
*
**/
-int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
- gnutls_datum_t *s)
+int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r,
+ gnutls_datum_t * s)
{
return _gnutls_decode_ber_rs_raw(sig_value, r, s);
}
@@ -252,8 +246,8 @@ int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
* to be exported for FIPS140 CAVS testing.
*/
int
-_gnutls_decode_ber_rs_raw(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
- gnutls_datum_t *s)
+_gnutls_decode_ber_rs_raw(const gnutls_datum_t * sig_value, gnutls_datum_t * r,
+ gnutls_datum_t * s)
{
asn1_node sig;
int result;
@@ -269,8 +263,7 @@ _gnutls_decode_ber_rs_raw(const gnutls_datum_t * sig_value, gnutls_datum_t *r,
/* rfc3279 doesn't specify whether Dss-Sig-Value is encoded
* as DER or BER. As such we do not restrict to the DER subset. */
result =
- asn1_der_decoding(&sig, sig_value->data, sig_value->size,
- NULL);
+ asn1_der_decoding(&sig, sig_value->data, sig_value->size, NULL);
if (result != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(&sig);
@@ -369,7 +362,9 @@ _gnutls_decode_gost_rs(const gnutls_datum_t * sig_value, bigint_t * r,
*
* Since: 3.6.0
*/
-int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, const gnutls_datum_t *s)
+int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value,
+ const gnutls_datum_t * r,
+ const gnutls_datum_t * s)
{
uint8_t *data;
size_t intsize = r->size;
@@ -412,7 +407,8 @@ int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t
*
* Since: 3.6.0
*/
-int gnutls_decode_gost_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, gnutls_datum_t * s)
+int gnutls_decode_gost_rs_value(const gnutls_datum_t * sig_value,
+ gnutls_datum_t * r, gnutls_datum_t * s)
{
int ret;
unsigned halfsize = sig_value->size >> 1;
@@ -465,8 +461,7 @@ gnutls_gost_paramset_t _gnutls_gost_paramset_default(gnutls_pk_algorithm_t pk)
{
if (pk == GNUTLS_PK_GOST_01)
return GNUTLS_GOST_PARAMSET_CP_A;
- else if (pk == GNUTLS_PK_GOST_12_256 ||
- pk == GNUTLS_PK_GOST_12_512)
+ else if (pk == GNUTLS_PK_GOST_12_256 || pk == GNUTLS_PK_GOST_12_512)
return GNUTLS_GOST_PARAMSET_TC26_Z;
else
return gnutls_assert_val(GNUTLS_GOST_PARAMSET_UNKNOWN);
@@ -500,12 +495,14 @@ int _gnutls_pk_params_copy(gnutls_pk_params_st * dst,
dst->params_nr++;
}
- if (_gnutls_set_datum(&dst->raw_priv, src->raw_priv.data, src->raw_priv.size) < 0) {
+ if (_gnutls_set_datum
+ (&dst->raw_priv, src->raw_priv.data, src->raw_priv.size) < 0) {
gnutls_assert();
goto fail;
}
- if (_gnutls_set_datum(&dst->raw_pub, src->raw_pub.data, src->raw_pub.size) < 0) {
+ if (_gnutls_set_datum
+ (&dst->raw_pub, src->raw_pub.data, src->raw_pub.size) < 0) {
gnutls_assert();
goto fail;
}
@@ -520,7 +517,7 @@ int _gnutls_pk_params_copy(gnutls_pk_params_st * dst,
return 0;
-fail:
+ fail:
for (j = 0; j < i; j++)
_gnutls_mpi_release(&dst->params[j]);
return GNUTLS_E_MEMORY_ERROR;
@@ -559,7 +556,7 @@ void gnutls_pk_params_clear(gnutls_pk_params_st * p)
}
int
-_gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
+_gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st * me,
unsigned salt_size)
{
unsigned digest_size;
@@ -591,8 +588,7 @@ _gnutls_find_rsa_pss_salt_size(unsigned bits, const mac_entry_st *me,
*/
int
encode_ber_digest_info(const mac_entry_st * e,
- const gnutls_datum_t * digest,
- gnutls_datum_t * output)
+ const gnutls_datum_t * digest, gnutls_datum_t * output)
{
asn1_node dinfo = NULL;
int result;
@@ -611,8 +607,7 @@ encode_ber_digest_info(const mac_entry_st * e,
algo = _gnutls_x509_mac_to_oid(e);
if (algo == NULL) {
gnutls_assert();
- _gnutls_debug_log("Hash algorithm: %d has no OID\n",
- e->id);
+ _gnutls_debug_log("Hash algorithm: %d has no OID\n", e->id);
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
}
@@ -623,8 +618,7 @@ encode_ber_digest_info(const mac_entry_st * e,
return _gnutls_asn2err(result);
}
- result =
- asn1_write_value(dinfo, "digestAlgorithm.algorithm", algo, 1);
+ result = asn1_write_value(dinfo, "digestAlgorithm.algorithm", algo, 1);
if (result != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(&dinfo);
@@ -644,8 +638,7 @@ encode_ber_digest_info(const mac_entry_st * e,
return _gnutls_asn2err(result);
}
- result =
- asn1_write_value(dinfo, "digest", digest->data, digest->size);
+ result = asn1_write_value(dinfo, "digest", digest->data, digest->size);
if (result != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(&dinfo);
@@ -667,8 +660,7 @@ encode_ber_digest_info(const mac_entry_st * e,
return GNUTLS_E_MEMORY_ERROR;
}
- result =
- asn1_der_coding(dinfo, "", tmp_output, &tmp_output_size, NULL);
+ result = asn1_der_coding(dinfo, "", tmp_output, &tmp_output_size, NULL);
if (result != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(&dinfo);
@@ -708,7 +700,7 @@ gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash,
if (unlikely(e == NULL))
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
- return encode_ber_digest_info(e , digest, output);
+ return encode_ber_digest_info(e, digest, output);
}
/**
@@ -729,8 +721,8 @@ gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash,
**/
int
gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
- gnutls_digest_algorithm_t * hash,
- unsigned char * digest, unsigned int *digest_size)
+ gnutls_digest_algorithm_t * hash,
+ unsigned char *digest, unsigned int *digest_size)
{
asn1_node dinfo = NULL;
int result;
@@ -754,8 +746,7 @@ gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
}
len = sizeof(str) - 1;
- result =
- asn1_read_value(dinfo, "digestAlgorithm.algorithm", str, &len);
+ result = asn1_read_value(dinfo, "digestAlgorithm.algorithm", str, &len);
if (result != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(&dinfo);
@@ -775,8 +766,7 @@ gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
len = sizeof(str) - 1;
result =
- asn1_read_value(dinfo, "digestAlgorithm.parameters", str,
- &len);
+ asn1_read_value(dinfo, "digestAlgorithm.parameters", str, &len);
/* To avoid permitting garbage in the parameters field, either the
parameters field is not present, or it contains 0x05 0x00. */
if (!(result == ASN1_ELEMENT_NOT_FOUND ||
@@ -804,13 +794,12 @@ gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
}
int
-_gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params,
- gnutls_datum_t * m, gnutls_datum_t * e,
- gnutls_datum_t * d, gnutls_datum_t * p,
- gnutls_datum_t * q, gnutls_datum_t * u,
- gnutls_datum_t * e1,
- gnutls_datum_t * e2,
- unsigned int flags)
+_gnutls_params_get_rsa_raw(const gnutls_pk_params_st * params,
+ gnutls_datum_t * m, gnutls_datum_t * e,
+ gnutls_datum_t * d, gnutls_datum_t * p,
+ gnutls_datum_t * q, gnutls_datum_t * u,
+ gnutls_datum_t * e1,
+ gnutls_datum_t * e2, unsigned int flags)
{
int ret;
mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
@@ -919,7 +908,7 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params,
return 0;
- error:
+ error:
_gnutls_free_datum(m);
_gnutls_free_datum(d);
_gnutls_free_datum(e);
@@ -932,10 +921,10 @@ _gnutls_params_get_rsa_raw(const gnutls_pk_params_st* params,
}
int
-_gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params,
- gnutls_datum_t * p, gnutls_datum_t * q,
- gnutls_datum_t * g, gnutls_datum_t * y,
- gnutls_datum_t * x, unsigned int flags)
+_gnutls_params_get_dsa_raw(const gnutls_pk_params_st * params,
+ gnutls_datum_t * p, gnutls_datum_t * q,
+ gnutls_datum_t * g, gnutls_datum_t * y,
+ gnutls_datum_t * x, unsigned int flags)
{
int ret;
mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
@@ -972,7 +961,6 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params,
}
}
-
/* G */
if (g) {
ret = dprint(params->params[2], g);
@@ -984,7 +972,6 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params,
}
}
-
/* Y */
if (y) {
ret = dprint(params->params[3], y);
@@ -1013,12 +1000,11 @@ _gnutls_params_get_dsa_raw(const gnutls_pk_params_st* params,
return 0;
}
-int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
- gnutls_ecc_curve_t * curve,
- gnutls_datum_t * x,
- gnutls_datum_t * y,
- gnutls_datum_t * k,
- unsigned int flags)
+int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st * params,
+ gnutls_ecc_curve_t * curve,
+ gnutls_datum_t * x,
+ gnutls_datum_t * y,
+ gnutls_datum_t * k, unsigned int flags)
{
int ret;
mpi_dprint_func dprint = _gnutls_mpi_dprint_lz;
@@ -1039,7 +1025,9 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
if (_curve_is_eddsa(e) || _curve_is_modern_ecdh(e)) {
if (x) {
- ret = _gnutls_set_datum(x, params->raw_pub.data, params->raw_pub.size);
+ ret =
+ _gnutls_set_datum(x, params->raw_pub.data,
+ params->raw_pub.size);
if (ret < 0) {
return gnutls_assert_val(ret);
}
@@ -1051,7 +1039,9 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
}
if (k) {
- ret = _gnutls_set_datum(k, params->raw_priv.data, params->raw_priv.size);
+ ret =
+ _gnutls_set_datum(k, params->raw_priv.data,
+ params->raw_priv.size);
if (ret < 0) {
_gnutls_free_datum(x);
return gnutls_assert_val(ret);
@@ -1083,7 +1073,6 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
}
}
-
/* K */
if (k) {
ret = dprint(params->params[ECC_K], k);
@@ -1099,14 +1088,13 @@ int _gnutls_params_get_ecc_raw(const gnutls_pk_params_st* params,
}
-int _gnutls_params_get_gost_raw(const gnutls_pk_params_st* params,
- gnutls_ecc_curve_t * curve,
- gnutls_digest_algorithm_t * digest,
- gnutls_gost_paramset_t * paramset,
- gnutls_datum_t * x,
- gnutls_datum_t * y,
- gnutls_datum_t * k,
- unsigned int flags)
+int _gnutls_params_get_gost_raw(const gnutls_pk_params_st * params,
+ gnutls_ecc_curve_t * curve,
+ gnutls_digest_algorithm_t * digest,
+ gnutls_gost_paramset_t * paramset,
+ gnutls_datum_t * x,
+ gnutls_datum_t * y,
+ gnutls_datum_t * k, unsigned int flags)
{
int ret;
mpi_dprint_func dprint = _gnutls_mpi_dprint_le;
@@ -1144,7 +1132,6 @@ int _gnutls_params_get_gost_raw(const gnutls_pk_params_st* params,
}
}
-
/* K */
if (k) {
ret = dprint(params->params[GOST_K], k);
@@ -1175,8 +1162,8 @@ pk_hash_data(gnutls_pk_algorithm_t pk, const mac_entry_st * hash,
}
ret =
- _gnutls_hash_fast((gnutls_digest_algorithm_t)hash->id, data->data, data->size,
- digest->data);
+ _gnutls_hash_fast((gnutls_digest_algorithm_t) hash->id, data->data,
+ data->size, digest->data);
if (ret < 0) {
gnutls_assert();
goto cleanup;
@@ -1184,12 +1171,11 @@ pk_hash_data(gnutls_pk_algorithm_t pk, const mac_entry_st * hash,
return 0;
- cleanup:
+ cleanup:
gnutls_free(digest->data);
return ret;
}
-
/*
* This function will do RSA PKCS #1 1.5 encoding
* on the given digest. The given digest must be allocated
@@ -1215,14 +1201,14 @@ pk_prepare_hash(gnutls_pk_algorithm_t pk,
case GNUTLS_MAC_SHA224:
break;
default:
- _gnutls_switch_fips_state(GNUTLS_FIPS140_OP_NOT_APPROVED);
+ _gnutls_switch_fips_state
+ (GNUTLS_FIPS140_OP_NOT_APPROVED);
}
/* Encode the digest as a DigestInfo
*/
if ((ret =
- encode_ber_digest_info(hash, &old_digest,
- digest)) != 0) {
+ encode_ber_digest_info(hash, &old_digest, digest)) != 0) {
gnutls_assert();
return ret;
}
View Lorry Controller Status