Commit 6a65143c authored by Magnus Holmgren's avatar Magnus Holmgren Committed by Niels Möller

Adapt to nettle-2.1.

parent 37771c5b
2013-03-30 Niels Mller <nisse@lysator.liu.se>
From Magnus Holmgren's debian patches. Adapt to nettle-2.1.
* src/crypto.c (make_des3_cbc_instance): Adapted to new des interface.
* src/dsa.c (do_dsa_verify): Adapted to new DSA interface.
(parse_ssh_dss_public): Likewise.
(do_dsa_sign): Likewise.
(make_dsa_verifier): Likewise.
(make_dsa_signer): Likewise.
* src/lsh-keygen.c (dsa_generate_key): Likewise.
From Magnus Holmgren's debian patches. Adapt to nettle-2.0.
* src/lsh-make-seed.c (main): Updated to new yarrow interface,
sith no seed_file data inside the context.
......
......@@ -251,10 +251,6 @@ make_des3_cbc_instance(struct crypto_algorithm *algorithm UNUSED,
const uint8_t *key, const uint8_t *iv)
{
NEW(des3_instance, self);
uint8_t pkey[DES3_KEY_SIZE];
/* Fix odd parity */
des_fix_parity(DES3_KEY_SIZE, pkey, key);
self->super.block_size = DES3_BLOCK_SIZE;
self->super.crypt = ( (mode == CRYPTO_ENCRYPT)
......@@ -263,19 +259,13 @@ make_des3_cbc_instance(struct crypto_algorithm *algorithm UNUSED,
CBC_SET_IV(&self->ctx, iv);
if (des3_set_key(&self->ctx.ctx, pkey))
if (des3_set_key(&self->ctx.ctx, key))
return(&self->super);
switch(self->ctx.ctx.status)
else
{
case DES_BAD_PARITY:
fatal("Internal error! Bad parity in make_des3_instance.\n");
case DES_WEAK_KEY:
werror("Detected weak DES key.\n");
KILL(self);
return NULL;
default:
fatal("Internal error!\n");
}
}
......
......@@ -118,7 +118,7 @@ do_dsa_verify(struct verifier *c, int algorithm,
&& (atom == ATOM_SSH_DSS)
&& parse_string(&buffer, &buf_length, &buf)
&& !(buf_length % 2)
&& (buf_length <= (2 * DSA_Q_OCTETS))
&& (buf_length <= (2 * DSA_SHA1_Q_OCTETS))
&& parse_eod(&buffer)))
goto fail;
......@@ -143,8 +143,8 @@ do_dsa_verify(struct verifier *c, int algorithm,
if (! (sexp_iterator_first(&i, signature_length, signature_data)
&& sexp_iterator_enter_list(&i)
&& sexp_iterator_assoc(&i, 2, names, values)
&& nettle_mpz_set_sexp(sv.r, DSA_Q_BITS, &values[0])
&& nettle_mpz_set_sexp(sv.s, DSA_Q_BITS, &values[1])) )
&& nettle_mpz_set_sexp(sv.r, DSA_SHA1_Q_BITS, &values[0])
&& nettle_mpz_set_sexp(sv.s, DSA_SHA1_Q_BITS, &values[1])) )
goto fail;
break;
......@@ -156,7 +156,7 @@ do_dsa_verify(struct verifier *c, int algorithm,
sha1_init(&hash);
sha1_update(&hash, length, msg);
res = dsa_verify(&self->key, &hash, &sv);
res = dsa_sha1_verify(&self->key, &hash, &sv);
fail:
dsa_signature_clear(&sv);
......@@ -212,7 +212,7 @@ parse_ssh_dss_public(struct simple_buffer *buffer)
if (parse_bignum(buffer, res->key.p, DSA_MAX_OCTETS)
&& (mpz_sgn(res->key.p) == 1)
&& parse_bignum(buffer, res->key.q, DSA_Q_OCTETS)
&& parse_bignum(buffer, res->key.q, DSA_SHA1_Q_OCTETS)
&& (mpz_sgn(res->key.q) == 1)
&& (mpz_cmp(res->key.q, res->key.p) < 0) /* q < p */
&& parse_bignum(buffer, res->key.g, DSA_MAX_OCTETS)
......@@ -269,7 +269,7 @@ do_dsa_sign(struct signer *c,
dsa_signature_init(&sv);
sha1_init(&hash);
sha1_update(&hash, msg_length, msg);
dsa_sign(&self->verifier->key, &self->key,
dsa_sha1_sign(&self->verifier->key, &self->key,
self->random, lsh_random, &hash, &sv);
debug("do_dsa_sign: r = %xn, s = %xn\n", sv.r, sv.s);
......@@ -323,7 +323,7 @@ make_dsa_verifier(struct signature_algorithm *self UNUSED,
NEW(dsa_verifier, res);
init_dsa_verifier(res);
if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, i))
if (dsa_keypair_from_sexp_alist(&res->key, NULL, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
return &res->super;
KILL(res);
......@@ -342,7 +342,7 @@ make_dsa_signer(struct signature_algorithm *c,
dsa_private_key_init(&res->key);
if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, i))
if (dsa_keypair_from_sexp_alist(&verifier->key, &res->key, DSA_MAX_BITS, DSA_SHA1_Q_BITS, i))
{
res->random = self->random;
res->verifier = verifier;
......
......@@ -217,7 +217,7 @@ dsa_generate_key(struct randomness *r, unsigned level)
if (dsa_generate_keypair(&public, &private,
r, lsh_random,
NULL, progress,
512 + 64 * level))
512 + 64 * level, DSA_SHA1_Q_BITS))
{
key =
lsh_string_format_sexp(0,
......
2013-03-30 Niels Mller <nisse@lysator.liu.se>
From Magnus Holmgren's debian patches. Adapt to nettle-2.1.
* verify.c (spki_verify_dsa): Adapted to new DSA interface.
* testsuite/Makefile.am (LDADD): Added -lhogweed.
* tools/Makefile.am (LDADD): Likewise.
......
......@@ -75,11 +75,11 @@ spki_verify_dsa(const uint8_t *digest,
dsa_signature_init(&rs);
res = (dsa_keypair_from_sexp_alist(&dsa, NULL,
RSA_KEYSIZE_LIMIT, &key->sexp)
RSA_KEYSIZE_LIMIT, DSA_SHA1_Q_BITS, &key->sexp)
&& spki_parse_type(key)
&& dsa_signature_from_sexp(&rs, &signature->sexp)
&& dsa_signature_from_sexp(&rs, &signature->sexp, DSA_SHA1_Q_BITS)
&& spki_parse_type(signature)
&& dsa_verify_digest(&dsa, digest, &rs));
&& dsa_sha1_verify_digest(&dsa, digest, &rs));
dsa_signature_clear(&rs);
dsa_public_key_clear(&dsa);
......
......@@ -14,7 +14,7 @@ spawn_lshd
for seed in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ; do
werror "Trying seed $seed"
../nettle/tools/nettle-lfib-stream $seed \
nettle-lfib-stream $seed \
| ./tcpconnect $INTERFACE $PORT > /dev/null \
|| die "Connect failed"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment