Commit 53bcd6b4 authored by Nikos Mavrogiannopoulos's avatar Nikos Mavrogiannopoulos Committed by Niels Möller
Browse files

Define and use new TMP_GMP_ALLOC macro.

parent 6c0f9c0f
2013-12-15 Nikos Mavrogiannopoulos <nmav@redhat.com>
Introduced TMP_GMP_ALLOC macro for temporary allocations of
potentially large data, e.g, sized as an RSA key.
* gmp-glue.h (TMP_GMP_DECL, TMP_GMP_ALLOC, TMP_GMP_FREE): New
macros.
* gmp-glue.c (gmp_alloc, gmp_free): New functions.
* bignum-next-prime.c (nettle_next_prime): Use TMP_GMP_ALLOC.
* bignum-random.c (nettle_mpz_random_size): Likewise.
* pkcs1-decrypt.c (pkcs1_decrypt): Likewise.
* pkcs1-encrypt.c (pkcs1_encrypt): Likewise.
* pkcs1-rsa-digest.c (pkcs1_rsa_digest_encode): Likewise.
* pkcs1-rsa-sha512.c (pkcs1_rsa_sha512_encode)
(pkcs1_rsa_sha512_encode_digest): Likewise.
* pkcs1-rsa-sha256.c (pkcs1_rsa_sha256_encode)
(pkcs1_rsa_sha256_encode_digest): Likewise.
* pkcs1-rsa-sha1.c (pkcs1_rsa_sha1_encode)
(pkcs1_rsa_sha1_encode_digest): Likewise.
* pkcs1-rsa-md5.c (pkcs1_rsa_md5_encode)
(pkcs1_rsa_md5_encode_digest): Likewise.
2013-12-14 Niels Möller <nisse@lysator.liu.se> 2013-12-14 Niels Möller <nisse@lysator.liu.se>
* x86_64/gcm-hash8.asm: Use .short rather than .hword, for * x86_64/gcm-hash8.asm: Use .short rather than .hword, for
......
...@@ -31,8 +31,7 @@ ...@@ -31,8 +31,7 @@
#include <stdlib.h> #include <stdlib.h>
#include "bignum.h" #include "bignum.h"
#include "gmp-glue.h"
#include "nettle-internal.h"
/* From gmp.h */ /* From gmp.h */
/* Test for gcc >= maj.min, as per __GNUC_PREREQ in glibc */ /* Test for gcc >= maj.min, as per __GNUC_PREREQ in glibc */
...@@ -77,9 +76,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, ...@@ -77,9 +76,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit,
void *progress_ctx, nettle_progress_func *progress) void *progress_ctx, nettle_progress_func *progress)
{ {
mpz_t tmp; mpz_t tmp;
TMP_DECL(moduli, unsigned, NUMBER_OF_PRIMES);
unsigned difference; unsigned difference;
TMP_GMP_DECL(moduli, unsigned);
if (prime_limit > NUMBER_OF_PRIMES) if (prime_limit > NUMBER_OF_PRIMES)
prime_limit = NUMBER_OF_PRIMES; prime_limit = NUMBER_OF_PRIMES;
...@@ -112,7 +110,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, ...@@ -112,7 +110,8 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit,
between the 5760 odd numbers in this interval that have no factor between the 5760 odd numbers in this interval that have no factor
in common with 15015. in common with 15015.
*/ */
TMP_ALLOC(moduli, prime_limit); TMP_GMP_ALLOC(moduli, prime_limit);
{ {
unsigned i; unsigned i;
for (i = 0; i < prime_limit; i++) for (i = 0; i < prime_limit; i++)
...@@ -159,4 +158,5 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit, ...@@ -159,4 +158,5 @@ nettle_next_prime(mpz_t p, mpz_t n, unsigned count, unsigned prime_limit,
#endif #endif
} }
mpz_clear(tmp); mpz_clear(tmp);
TMP_GMP_FREE(moduli);
} }
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
#include <stdlib.h> #include <stdlib.h>
#include "bignum.h" #include "bignum.h"
#include "nettle-internal.h" #include "gmp-glue.h"
void void
nettle_mpz_random_size(mpz_t x, nettle_mpz_random_size(mpz_t x,
...@@ -38,15 +38,17 @@ nettle_mpz_random_size(mpz_t x, ...@@ -38,15 +38,17 @@ nettle_mpz_random_size(mpz_t x,
unsigned bits) unsigned bits)
{ {
unsigned length = (bits + 7) / 8; unsigned length = (bits + 7) / 8;
TMP_DECL(data, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(data, uint8_t);
TMP_ALLOC(data, length);
random(ctx, length, data); TMP_GMP_ALLOC(data, length);
random(ctx, length, data);
nettle_mpz_set_str_256_u(x, length, data); nettle_mpz_set_str_256_u(x, length, data);
if (bits % 8) if (bits % 8)
mpz_fdiv_r_2exp(x, x, bits); mpz_fdiv_r_2exp(x, x, bits);
TMP_GMP_FREE(data);
} }
/* Returns a random number x, 0 <= x < n */ /* Returns a random number x, 0 <= x < n */
......
...@@ -3,7 +3,8 @@ ...@@ -3,7 +3,8 @@
/* nettle, low-level cryptographics library /* nettle, low-level cryptographics library
* *
* Copyright (C) 2013 Niels Möller * Copyright (C) 2013 Niels Möller
* * Copyright (C) 2013 Red Hat
*
* The nettle library is free software; you can redistribute it and/or modify * The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by * it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your * the Free Software Foundation; either version 2.1 of the License, or (at your
...@@ -239,3 +240,25 @@ gmp_free_limbs (mp_limb_t *p, mp_size_t n) ...@@ -239,3 +240,25 @@ gmp_free_limbs (mp_limb_t *p, mp_size_t n)
free_func (p, (size_t) n * sizeof(mp_limb_t)); free_func (p, (size_t) n * sizeof(mp_limb_t));
} }
void *
gmp_alloc(size_t n)
{
void *(*alloc_func)(size_t);
assert (n > 0);
mp_get_memory_functions(&alloc_func, NULL, NULL);
return alloc_func (n);
}
void
gmp_free(void *p, size_t n)
{
void (*free_func)(void *, size_t);
assert (n > 0);
assert (p != 0);
mp_get_memory_functions (NULL, NULL, &free_func);
free_func (p, (size_t) n);
}
...@@ -3,7 +3,8 @@ ...@@ -3,7 +3,8 @@
/* nettle, low-level cryptographics library /* nettle, low-level cryptographics library
* *
* Copyright (C) 2013 Niels Möller * Copyright (C) 2013 Niels Möller
* * Copyright (C) 2013 Red Hat
*
* The nettle library is free software; you can redistribute it and/or modify * The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by * it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your * the Free Software Foundation; either version 2.1 of the License, or (at your
...@@ -65,6 +66,17 @@ ...@@ -65,6 +66,17 @@
#define mpn_set_base256 _nettle_mpn_set_base256 #define mpn_set_base256 _nettle_mpn_set_base256
#define gmp_alloc_limbs _nettle_gmp_alloc_limbs #define gmp_alloc_limbs _nettle_gmp_alloc_limbs
#define gmp_free_limbs _nettle_gmp_free_limbs #define gmp_free_limbs _nettle_gmp_free_limbs
#define gmp_free _nettle_gmp_free
#define gmp_alloc _nettle_gmp_alloc
#define TMP_GMP_DECL(name, type) type *name; \
size_t tmp_##name##_size
#define TMP_GMP_ALLOC(name, size) do { \
tmp_##name##_size = (size); \
(name) = gmp_alloc(sizeof (*name) * (size)); \
} while (0)
#define TMP_GMP_FREE(name) (gmp_free(name, tmp_##name##_size))
/* Use only in-place operations, so we can fall back to addmul_1/submul_1 */ /* Use only in-place operations, so we can fall back to addmul_1/submul_1 */
#ifdef mpn_cnd_add_n #ifdef mpn_cnd_add_n
...@@ -155,5 +167,7 @@ gmp_alloc_limbs (mp_size_t n); ...@@ -155,5 +167,7 @@ gmp_alloc_limbs (mp_size_t n);
void void
gmp_free_limbs (mp_limb_t *p, mp_size_t n); gmp_free_limbs (mp_limb_t *p, mp_size_t n);
void *gmp_alloc(size_t n);
void gmp_free(void *p, size_t n);
#endif /* NETTLE_GMP_GLUE_H_INCLUDED */ #endif /* NETTLE_GMP_GLUE_H_INCLUDED */
...@@ -31,42 +31,58 @@ ...@@ -31,42 +31,58 @@
#include "pkcs1.h" #include "pkcs1.h"
#include "bignum.h" #include "bignum.h"
#include "nettle-internal.h" #include "gmp-glue.h"
int int
pkcs1_decrypt (size_t key_size, pkcs1_decrypt (size_t key_size,
const mpz_t m, const mpz_t m,
size_t *length, uint8_t *message) size_t *length, uint8_t *message)
{ {
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
uint8_t *terminator; uint8_t *terminator;
size_t padding; size_t padding;
size_t message_length; size_t message_length;
int ret;
TMP_ALLOC(em, key_size); TMP_GMP_ALLOC(em, key_size);
nettle_mpz_get_str_256(key_size, em, m); nettle_mpz_get_str_256(key_size, em, m);
/* Check format */ /* Check format */
if (em[0] || em[1] != 2) if (em[0] || em[1] != 2)
return 0; {
ret = 0;
goto cleanup;
}
terminator = memchr(em + 2, 0, key_size - 2); terminator = memchr(em + 2, 0, key_size - 2);
if (!terminator) if (!terminator)
return 0; {
ret = 0;
goto cleanup;
}
padding = terminator - (em + 2); padding = terminator - (em + 2);
if (padding < 8) if (padding < 8)
return 0; {
ret = 0;
goto cleanup;
}
message_length = key_size - 3 - padding; message_length = key_size - 3 - padding;
if (*length < message_length) if (*length < message_length)
return 0; {
ret = 0;
goto cleanup;
}
memcpy(message, terminator + 1, message_length); memcpy(message, terminator + 1, message_length);
*length = message_length; *length = message_length;
return 1; ret = 1;
cleanup:
TMP_GMP_FREE(em);
return ret;
} }
...@@ -34,7 +34,7 @@ ...@@ -34,7 +34,7 @@
#include "pkcs1.h" #include "pkcs1.h"
#include "bignum.h" #include "bignum.h"
#include "nettle-internal.h" #include "gmp-glue.h"
int int
pkcs1_encrypt (size_t key_size, pkcs1_encrypt (size_t key_size,
...@@ -43,7 +43,7 @@ pkcs1_encrypt (size_t key_size, ...@@ -43,7 +43,7 @@ pkcs1_encrypt (size_t key_size,
size_t length, const uint8_t *message, size_t length, const uint8_t *message,
mpz_t m) mpz_t m)
{ {
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
size_t padding; size_t padding;
size_t i; size_t i;
...@@ -63,7 +63,7 @@ pkcs1_encrypt (size_t key_size, ...@@ -63,7 +63,7 @@ pkcs1_encrypt (size_t key_size,
padding = key_size - length - 3; padding = key_size - length - 3;
assert(padding >= 8); assert(padding >= 8);
TMP_ALLOC(em, key_size - 1); TMP_GMP_ALLOC(em, key_size - 1);
em[0] = 2; em[0] = 2;
random(random_ctx, padding, em + 1); random(random_ctx, padding, em + 1);
...@@ -77,5 +77,7 @@ pkcs1_encrypt (size_t key_size, ...@@ -77,5 +77,7 @@ pkcs1_encrypt (size_t key_size,
memcpy(em + padding + 2, message, length); memcpy(em + padding + 2, message, length);
nettle_mpz_set_str_256_u(m, key_size - 1, em); nettle_mpz_set_str_256_u(m, key_size - 1, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
...@@ -29,21 +29,27 @@ ...@@ -29,21 +29,27 @@
#include "pkcs1.h" #include "pkcs1.h"
#include "bignum.h" #include "bignum.h"
#include "gmp-glue.h"
#include "nettle-internal.h" #include "nettle-internal.h"
int int
pkcs1_rsa_digest_encode(mpz_t m, size_t key_size, pkcs1_rsa_digest_encode(mpz_t m, size_t key_size,
size_t di_length, const uint8_t *digest_info) size_t di_length, const uint8_t *digest_info)
{ {
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);
if (_pkcs1_signature_prefix(key_size, em, if (_pkcs1_signature_prefix(key_size, em,
di_length, digest_info, 0)) di_length, digest_info, 0))
{ {
nettle_mpz_set_str_256_u(m, key_size, em); nettle_mpz_set_str_256_u(m, key_size, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
else else
return 0; {
TMP_GMP_FREE(em);
return 0;
}
} }
...@@ -36,7 +36,7 @@ ...@@ -36,7 +36,7 @@
#include "bignum.h" #include "bignum.h"
#include "pkcs1.h" #include "pkcs1.h"
#include "nettle-internal.h" #include "gmp-glue.h"
/* From pkcs-1v2 /* From pkcs-1v2
* *
...@@ -65,8 +65,9 @@ int ...@@ -65,8 +65,9 @@ int
pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash) pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash)
{ {
uint8_t *p; uint8_t *p;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);
p = _pkcs1_signature_prefix(key_size, em, p = _pkcs1_signature_prefix(key_size, em,
sizeof(md5_prefix), sizeof(md5_prefix),
...@@ -76,18 +77,23 @@ pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash) ...@@ -76,18 +77,23 @@ pkcs1_rsa_md5_encode(mpz_t m, size_t key_size, struct md5_ctx *hash)
{ {
md5_digest(hash, MD5_DIGEST_SIZE, p); md5_digest(hash, MD5_DIGEST_SIZE, p);
nettle_mpz_set_str_256_u(m, key_size, em); nettle_mpz_set_str_256_u(m, key_size, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
else else
return 0; {
TMP_GMP_FREE(em);
return 0;
}
} }
int int
pkcs1_rsa_md5_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) pkcs1_rsa_md5_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest)
{ {
uint8_t *p; uint8_t *p;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);
p = _pkcs1_signature_prefix(key_size, em, p = _pkcs1_signature_prefix(key_size, em,
sizeof(md5_prefix), sizeof(md5_prefix),
...@@ -97,8 +103,12 @@ pkcs1_rsa_md5_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) ...@@ -97,8 +103,12 @@ pkcs1_rsa_md5_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest)
{ {
memcpy(p, digest, MD5_DIGEST_SIZE); memcpy(p, digest, MD5_DIGEST_SIZE);
nettle_mpz_set_str_256_u(m, key_size, em); nettle_mpz_set_str_256_u(m, key_size, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
else else
return 0; {
TMP_GMP_FREE(em);
return 0;
}
} }
...@@ -36,7 +36,7 @@ ...@@ -36,7 +36,7 @@
#include "bignum.h" #include "bignum.h"
#include "pkcs1.h" #include "pkcs1.h"
#include "nettle-internal.h" #include "gmp-glue.h"
/* From pkcs-1v2 /* From pkcs-1v2
* *
...@@ -65,8 +65,9 @@ int ...@@ -65,8 +65,9 @@ int
pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash) pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash)
{ {
uint8_t *p; uint8_t *p;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);
p = _pkcs1_signature_prefix(key_size, em, p = _pkcs1_signature_prefix(key_size, em,
sizeof(sha1_prefix), sizeof(sha1_prefix),
...@@ -76,18 +77,23 @@ pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash) ...@@ -76,18 +77,23 @@ pkcs1_rsa_sha1_encode(mpz_t m, size_t key_size, struct sha1_ctx *hash)
{ {
sha1_digest(hash, SHA1_DIGEST_SIZE, p); sha1_digest(hash, SHA1_DIGEST_SIZE, p);
nettle_mpz_set_str_256_u(m, key_size, em); nettle_mpz_set_str_256_u(m, key_size, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
else else
return 0; {
TMP_GMP_FREE(em);
return 0;
}
} }
int int
pkcs1_rsa_sha1_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) pkcs1_rsa_sha1_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest)
{ {
uint8_t *p; uint8_t *p;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);
p = _pkcs1_signature_prefix(key_size, em, p = _pkcs1_signature_prefix(key_size, em,
sizeof(sha1_prefix), sizeof(sha1_prefix),
...@@ -97,8 +103,12 @@ pkcs1_rsa_sha1_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) ...@@ -97,8 +103,12 @@ pkcs1_rsa_sha1_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest)
{ {
memcpy(p, digest, SHA1_DIGEST_SIZE); memcpy(p, digest, SHA1_DIGEST_SIZE);
nettle_mpz_set_str_256_u(m, key_size, em); nettle_mpz_set_str_256_u(m, key_size, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
else else
return 0; {
TMP_GMP_FREE(em);
return 0;
}
} }
...@@ -36,7 +36,7 @@ ...@@ -36,7 +36,7 @@
#include "bignum.h" #include "bignum.h"
#include "pkcs1.h" #include "pkcs1.h"
#include "nettle-internal.h" #include "gmp-glue.h"
/* From RFC 3447, Public-Key Cryptography Standards (PKCS) #1: RSA /* From RFC 3447, Public-Key Cryptography Standards (PKCS) #1: RSA
* Cryptography Specifications Version 2.1. * Cryptography Specifications Version 2.1.
...@@ -63,8 +63,9 @@ int ...@@ -63,8 +63,9 @@ int
pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash) pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash)
{ {
uint8_t *p; uint8_t *p;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);
p = _pkcs1_signature_prefix(key_size, em, p = _pkcs1_signature_prefix(key_size, em,
sizeof(sha256_prefix), sizeof(sha256_prefix),
...@@ -74,18 +75,23 @@ pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash) ...@@ -74,18 +75,23 @@ pkcs1_rsa_sha256_encode(mpz_t m, size_t key_size, struct sha256_ctx *hash)
{ {
sha256_digest(hash, SHA256_DIGEST_SIZE, p); sha256_digest(hash, SHA256_DIGEST_SIZE, p);
nettle_mpz_set_str_256_u(m, key_size, em); nettle_mpz_set_str_256_u(m, key_size, em);
TMP_GMP_FREE(em);
return 1; return 1;
} }
else else
return 0; {
TMP_GMP_FREE(em);
return 0;
}
} }
int int
pkcs1_rsa_sha256_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest) pkcs1_rsa_sha256_encode_digest(mpz_t m, size_t key_size, const uint8_t *digest)
{ {
uint8_t *p; uint8_t *p;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_SIZE); TMP_GMP_DECL(em, uint8_t);
TMP_ALLOC(em, key_size);
TMP_GMP_ALLOC(em, key_size);