diff options
| -rw-r--r-- | ChangeLog | 21 | ||||
| -rw-r--r-- | bignum-next-prime.c | 10 | ||||
| -rw-r--r-- | bignum-random.c | 10 | ||||
| -rw-r--r-- | gmp-glue.c | 25 | ||||
| -rw-r--r-- | gmp-glue.h | 16 | ||||
| -rw-r--r-- | pkcs1-decrypt.c | 32 | ||||
| -rw-r--r-- | pkcs1-encrypt.c | 8 | ||||
| -rw-r--r-- | pkcs1-rsa-digest.c | 12 | ||||
| -rw-r--r-- | pkcs1-rsa-md5.c | 24 | ||||
| -rw-r--r-- | pkcs1-rsa-sha1.c | 24 | ||||
| -rw-r--r-- | pkcs1-rsa-sha256.c | 24 | ||||
| -rw-r--r-- | pkcs1-rsa-sha512.c | 24 |
12 files changed, 177 insertions, 53 deletions
@@ -1,3 +1,24 @@ +2013-12-15 Nikos Mavrogiannopoulos <nmav@redhat.com> + + Introduced TMP_GMP_ALLOC macro for temporary allocations of + potentially large data, e.g, sized as an RSA key. + * gmp-glue.h (TMP_GMP_DECL, TMP_GMP_ALLOC, TMP_GMP_FREE): New + macros. + * gmp-glue.c (gmp_alloc, gmp_free): New functions. + * bignum-next-prime.c (nettle_next_prime): Use TMP_GMP_ALLOC. + * bignum-random.c (nettle_mpz_random_size): Likewise. + * pkcs1-decrypt.c (pkcs1_decrypt): Likewise. + * pkcs1-encrypt.c (pkcs1_encrypt): Likewise. + * pkcs1-rsa-digest.c (pkcs1_rsa_digest_encode): Likewise. + * pkcs1-rsa-sha512.c (pkcs1_rsa_sha512_encode) + (pkcs1_rsa_sha512_encode_digest): Likewise. + * pkcs1-rsa-sha256.c (pkcs1_rsa_sha256_encode) + (pkcs1_rsa_sha256_encode_digest): Likewise. + * pkcs1-rsa-sha1.c (pkcs1_rsa_sha1_encode) + (pkcs1_rsa_sha1_encode_digest): Likewise. + * pkcs1-rsa-md5.c (pkcs1_rsa_md5_encode) + (pkcs1_rsa_md5_encode_digest): Likewise. + 2013-12-14 Niels Möller <nisse@lysator.liu.se> * x86_64/gcm-hash8.asm: Use .short rather than .hword, for diff --git a/bignum-next-prime.c b/bignum-next-prime.c index 58a4df8b..6358fb11 100644 --- a/bignum-next-prime.c +++ b/bignum-next-prime.c @@ -31,8 +31,7 @@ #include <stdlib.h> #include "bignum.h" - -#include "nettle-internal.h" +#include "gmp-glue.h" /* From gmp.h */ /* Test for gcc >= maj.min, as per __GNUC_PREREQ in glibc */ @@ -77,9 +76,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, void *progress_ctx, nettle_progress_func *progress) { mpz_t tmp; - TMP_DECL(moduli, unsigned, NUMBER_OF_PRIMES); - unsigned difference; + TMP_GMP_DECL(moduli, unsigned); if (prime_limit > NUMBER_OF_PRIMES) prime_limit = NUMBER_OF_PRIMES; @@ -112,7 +110,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, between the 5760 odd numbers in this interval that have no factor in common with 15015. */ - TMP_ALLOC(moduli, prime_limit); + TMP_GMP_ALLOC(moduli, prime_limit); + { unsigned i; for (i = 0; i < prime_limit; i++) @@ -159,4 +158,5 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, #endif } mpz_clear(tmp); + TMP_GMP_FREE(moduli); } diff --git a/bignum-random.c b/bignum-random.c index f305f040..16877363 100644 --- a/bignum-random.c +++ b/bignum-random.c @@ -30,7 +30,7 @@ #include <stdlib.h> #include "bignum.h" -#include "nettle-internal.h" +#include "gmp-glue.h" void nettle_mpz_random_size(mpz_t x, @@ -38,15 +38,17 @@ nettle_mpz_random_size(mpz_t x, unsigned bits) { unsigned length = (bits + 7) / 8; - TMP_DECL(data, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(data, length); + TMP_GMP_DECL(data, uint8_t); - random(ctx, length, data); + TMP_GMP_ALLOC(data, length); + random(ctx, length, data); nettle_mpz_set_str_256_u(x, length, data); if (bits % 8) mpz_fdiv_r_2exp(x, x, bits); + + TMP_GMP_FREE(data); } /* Returns a random number x, 0 <= x < n */ @@ -3,7 +3,8 @@ /* nettle, low-level cryptographics library * * Copyright (C) 2013 Niels Möller - * + * Copyright (C) 2013 Red Hat + * * The nettle library is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by * the Free Software Foundation; either version 2.1 of the License, or (at your @@ -239,3 +240,25 @@ gmp_free_limbs (mp_limb_t *p, mp_size_t n) free_func (p, (size_t) n * sizeof(mp_limb_t)); } + +void * +gmp_alloc(size_t n) +{ + void *(*alloc_func)(size_t); + assert (n > 0); + + mp_get_memory_functions(&alloc_func, NULL, NULL); + + return alloc_func (n); +} + +void +gmp_free(void *p, size_t n) +{ + void (*free_func)(void *, size_t); + assert (n > 0); + assert (p != 0); + mp_get_memory_functions (NULL, NULL, &free_func); + + free_func (p, (size_t) n); +} @@ -3,7 +3,8 @@ /* nettle, low-level cryptographics library * * Copyright (C) 2013 Niels Möller - * + * Copyright (C) 2013 Red Hat + * * The nettle library is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by * the Free Software Foundation; either version 2.1 of the License, or (at your @@ -65,6 +66,17 @@ #define mpn_set_base256 _nettle_mpn_set_base256 #define gmp_alloc_limbs _nettle_gmp_alloc_limbs #define gmp_free_limbs _nettle_gmp_free_limbs +#define gmp_free _nettle_gmp_free +#define gmp_alloc _nettle_gmp_alloc + +#define TMP_GMP_DECL(name, type) type *name; \ + size_t tmp_##name##_size +#define TMP_GMP_ALLOC(name, size) do { \ + tmp_##name##_size = (size); \ + (name) = gmp_alloc(sizeof (*name) * (size)); \ + } while (0) +#define TMP_GMP_FREE(name) (gmp_free(name, tmp_##name##_size)) + /* Use only in-place operations, so we can fall back to addmul_1/submul_1 */ #ifdef mpn_cnd_add_n @@ -155,5 +167,7 @@ gmp_alloc_limbs (mp_size_t n); void gmp_free_limbs (mp_limb_t *p, mp_size_t n); +void *gmp_alloc(size_t n); +void gmp_free(void *p, size_t n); #endif /* NETTLE_GMP_GLUE_H_INCLUDED */ diff --git a/pkcs1-decrypt.c b/pkcs1-decrypt.c index 02d37288..b92d92c9 100644 --- a/pkcs1-decrypt.c +++ b/pkcs1-decrypt.c @@ -31,42 +31,58 @@ #include "pkcs1.h" #include "bignum.h" -#include "nettle-internal.h" +#include "gmp-glue.h" int pkcs1_decrypt (size_t key_size, const mpz_t m, size_t *length, uint8_t *message) { - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); + TMP_GMP_DECL(em, uint8_t); uint8_t *terminator; size_t padding; size_t message_length; + int ret; - TMP_ALLOC(em, key_size); + TMP_GMP_ALLOC(em, key_size); nettle_mpz_get_str_256(key_size, em, m); /* Check format */ if (em[0] || em[1] != 2) - return 0; + { + ret = 0; + goto cleanup; + } terminator = memchr(em + 2, 0, key_size - 2); if (!terminator) - return 0; + { + ret = 0; + goto cleanup; + } padding = terminator - (em + 2); if (padding < 8) - return 0; + { + ret = 0; + goto cleanup; + } message_length = key_size - 3 - padding; if (*length < message_length) - return 0; + { + ret = 0; + goto cleanup; + } memcpy(message, terminator + 1, message_length); *length = message_length; - return 1; + ret = 1; +cleanup: + TMP_GMP_FREE(em); + return ret; } diff --git a/pkcs1-encrypt.c b/pkcs1-encrypt.c index 69ef5bcf..86fb7b85 100644 --- a/pkcs1-encrypt.c +++ b/pkcs1-encrypt.c @@ -34,7 +34,7 @@ #include "pkcs1.h" #include "bignum.h" -#include "nettle-internal.h" +#include "gmp-glue.h" int pkcs1_encrypt (size_t key_size, @@ -43,7 +43,7 @@ pkcs1_encrypt (size_t key_size, size_t length, const uint8_t *message, mpz_t m) { - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); + TMP_GMP_DECL(em, uint8_t); size_t padding; size_t i; @@ -63,7 +63,7 @@ pkcs1_encrypt (size_t key_size, padding = key_size - length - 3; assert(padding >= 8); - TMP_ALLOC(em, key_size - 1); + TMP_GMP_ALLOC(em, key_size - 1); em[0] = 2; random(random_ctx, padding, em + 1); @@ -77,5 +77,7 @@ pkcs1_encrypt (size_t key_size, memcpy(em + padding + 2, message, length); nettle_mpz_set_str_256_u(m, key_size - 1, em); + + TMP_GMP_FREE(em); return 1; } diff --git a/pkcs1-rsa-digest.c b/pkcs1-rsa-digest.c index debfb289..674ed9b6 100644 --- a/pkcs1-rsa-digest.c +++ b/pkcs1-rsa-digest.c @@ -29,21 +29,27 @@ #include "pkcs1.h" #include "bignum.h" +#include "gmp-glue.h" #include "nettle-internal.h" int pkcs1_rsa_digest_encode(mpz_t m, size_t key_size, size_t di_length, const uint8_t *digest_info) { - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); if (_pkcs1_signature_prefix(key_size, em, di_length, digest_info, 0)) { nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } diff --git a/pkcs1-rsa-md5.c b/pkcs1-rsa-md5.c index b118b4f3..d48a57d1 100644 --- a/pkcs1-rsa-md5.c +++ b/pkcs1-rsa-md5.c @@ -36,7 +36,7 @@ #include "bignum.h" #include "pkcs1.h" -#include "nettle-internal.h" +#include "gmp-glue.h" /* From pkcs-1v2 * @@ -65,8 +65,9 @@ int pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(md5_prefix), @@ -76,18 +77,23 @@ pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash) { md5_digest(hash, MD5_DIGEST_SIZE, p); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } int pkcs1_rsa_md5_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(md5_prefix), @@ -97,8 +103,12 @@ pkcs1_rsa_md5_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { memcpy(p, digest, MD5_DIGEST_SIZE); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } diff --git a/pkcs1-rsa-sha1.c b/pkcs1-rsa-sha1.c index 781d75d9..c46b1b82 100644 --- a/pkcs1-rsa-sha1.c +++ b/pkcs1-rsa-sha1.c @@ -36,7 +36,7 @@ #include "bignum.h" #include "pkcs1.h" -#include "nettle-internal.h" +#include "gmp-glue.h" /* From pkcs-1v2 * @@ -65,8 +65,9 @@ int pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(sha1_prefix), @@ -76,18 +77,23 @@ pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash) { sha1_digest(hash, SHA1_DIGEST_SIZE, p); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } int pkcs1_rsa_sha1_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(sha1_prefix), @@ -97,8 +103,12 @@ pkcs1_rsa_sha1_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { memcpy(p, digest, SHA1_DIGEST_SIZE); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } diff --git a/pkcs1-rsa-sha256.c b/pkcs1-rsa-sha256.c index a4d5bb1e..d41336f7 100644 --- a/pkcs1-rsa-sha256.c +++ b/pkcs1-rsa-sha256.c @@ -36,7 +36,7 @@ #include "bignum.h" #include "pkcs1.h" -#include "nettle-internal.h" +#include "gmp-glue.h" /* From RFC 3447, Public-Key Cryptography Standards (PKCS) #1: RSA * Cryptography Specifications Version 2.1. @@ -63,8 +63,9 @@ int pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(sha256_prefix), @@ -74,18 +75,23 @@ pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash) { sha256_digest(hash, SHA256_DIGEST_SIZE, p); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } int pkcs1_rsa_sha256_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(sha256_prefix), @@ -95,8 +101,12 @@ pkcs1_rsa_sha256_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { memcpy(p, digest, SHA256_DIGEST_SIZE); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } diff --git a/pkcs1-rsa-sha512.c b/pkcs1-rsa-sha512.c index 03acb690..0a67c108 100644 --- a/pkcs1-rsa-sha512.c +++ b/pkcs1-rsa-sha512.c @@ -36,7 +36,7 @@ #include "bignum.h" #include "pkcs1.h" -#include "nettle-internal.h" +#include "gmp-glue.h" /* From RFC 3447, Public-Key Cryptography Standards (PKCS) #1: RSA * Cryptography Specifications Version 2.1. @@ -63,8 +63,9 @@ int pkcs1_rsa_sha512_encode(mpz_t m, size_t key_size, struct sha512_ctx *hash) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(sha512_prefix), @@ -74,18 +75,23 @@ pkcs1_rsa_sha512_encode(mpz_t m, size_t key_size, struct sha512_ctx *hash) { sha512_digest(hash, SHA512_DIGEST_SIZE, p); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } int pkcs1_rsa_sha512_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { uint8_t *p; - TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); - TMP_ALLOC(em, key_size); + TMP_GMP_DECL(em, uint8_t); + + TMP_GMP_ALLOC(em, key_size); p = _pkcs1_signature_prefix(key_size, em, sizeof(sha512_prefix), @@ -95,8 +101,12 @@ pkcs1_rsa_sha512_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) { memcpy(p, digest, SHA512_DIGEST_SIZE); nettle_mpz_set_str_256_u(m, key_size, em); + TMP_GMP_FREE(em); return 1; } else - return 0; + { + TMP_GMP_FREE(em); + return 0; + } } |