Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
LSH
lsh
Commits
71f5756f
Commit
71f5756f
authored
Feb 06, 2016
by
Niels Möller
Browse files
Update for nettle-3.
parent
70434af4
Changes
11
Hide whitespace changes
Inline
Side-by-side
ChangeLog
View file @
71f5756f
2016-02-06 Niels Möller <nisse@lysator.liu.se>
Nettle-3 update.
* lsh_string.h: nettle_crypt_func --> nettle_cipher_func.
* src/crypto.c: nettle_crypt_func --> nettle_cipher_func.
(make_cast128_cbc_instance): No key_size argument to
cast128_set_key.
* src/dsa.c: Update to new DSA interface.
* src/lsh-keygen.c (dsa_sha1_generate_key)
(dsa_sha256_generate_key): Update to new DSA interface.
* src/dummy.c: unsigned --> size_t.
* src/randomness.h: unsigned --> size_t.
* src/unix_random.c: unsigned --> size_t.
* src/testsuite/testutils.c: unsigned --> size_t.
* src/lsh_string.c: unsigned --> size_t, nettle_crypt_func -->
nettle_cipher_func,
2014-10-06 Niels Möller <nisse@lysator.liu.se>
* src/testsuite/tcpconnect.c (main): Ignore ECONNRESET failure of
...
...
src/crypto.c
View file @
71f5756f
...
...
@@ -119,7 +119,7 @@ do_aes_cbc_encrypt(struct crypto_instance *s,
lsh_string_cbc_encrypt
(
dst
,
di
,
src
,
si
,
length
,
AES_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
aes_encrypt
,
(
nettle_c
ipher
_func
*
)
aes_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -133,7 +133,7 @@ do_aes_cbc_decrypt(struct crypto_instance *s,
lsh_string_cbc_decrypt
(
dst
,
di
,
src
,
si
,
length
,
AES_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
aes_decrypt
,
(
nettle_c
ipher
_func
*
)
aes_decrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -185,7 +185,7 @@ do_aes_ctr_crypt(struct crypto_instance *s,
lsh_string_ctr_crypt
(
dst
,
di
,
src
,
si
,
length
,
AES_BLOCK_SIZE
,
self
->
ctx
.
ctr
,
(
nettle_c
rypt
_func
*
)
aes_encrypt
,
(
nettle_c
ipher
_func
*
)
aes_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -230,7 +230,7 @@ do_des3_encrypt(struct crypto_instance *s,
lsh_string_cbc_encrypt
(
dst
,
di
,
src
,
si
,
length
,
DES3_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
des3_encrypt
,
(
nettle_c
ipher
_func
*
)
des3_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -244,7 +244,7 @@ do_des3_decrypt(struct crypto_instance *s,
lsh_string_cbc_decrypt
(
dst
,
di
,
src
,
si
,
length
,
DES3_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
des3_decrypt
,
(
nettle_c
ipher
_func
*
)
des3_decrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -294,7 +294,7 @@ do_des3_ctr_crypt(struct crypto_instance *s,
lsh_string_ctr_crypt
(
dst
,
di
,
src
,
si
,
length
,
DES3_BLOCK_SIZE
,
self
->
ctx
.
ctr
,
(
nettle_c
rypt
_func
*
)
des3_encrypt
,
(
nettle_c
ipher
_func
*
)
des3_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -337,7 +337,7 @@ do_cast128_encrypt(struct crypto_instance *s,
lsh_string_cbc_encrypt
(
dst
,
di
,
src
,
si
,
length
,
CAST128_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
cast128_encrypt
,
(
nettle_c
ipher
_func
*
)
cast128_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -351,12 +351,12 @@ do_cast128_decrypt(struct crypto_instance *s,
lsh_string_cbc_decrypt
(
dst
,
di
,
src
,
si
,
length
,
CAST128_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
cast128_decrypt
,
(
nettle_c
ipher
_func
*
)
cast128_decrypt
,
&
self
->
ctx
.
ctx
);
}
static
struct
crypto_instance
*
make_cast128_cbc_instance
(
struct
crypto_algorithm
*
algorithm
,
int
mode
,
make_cast128_cbc_instance
(
struct
crypto_algorithm
*
algorithm
UNUSED
,
int
mode
,
const
uint8_t
*
key
,
const
uint8_t
*
iv
)
{
NEW
(
cast128_instance
,
self
);
...
...
@@ -366,7 +366,7 @@ make_cast128_cbc_instance(struct crypto_algorithm *algorithm, int mode,
?
do_cast128_encrypt
:
do_cast128_decrypt
);
cast128_set_key
(
&
self
->
ctx
.
ctx
,
algorithm
->
key_size
,
key
);
cast128_set_key
(
&
self
->
ctx
.
ctx
,
key
);
CBC_SET_IV
(
&
self
->
ctx
,
iv
);
return
(
&
self
->
super
);
...
...
@@ -397,7 +397,7 @@ do_twofish_encrypt(struct crypto_instance *s,
lsh_string_cbc_encrypt
(
dst
,
di
,
src
,
si
,
length
,
TWOFISH_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
twofish_encrypt
,
(
nettle_c
ipher
_func
*
)
twofish_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -411,7 +411,7 @@ do_twofish_decrypt(struct crypto_instance *s,
lsh_string_cbc_decrypt
(
dst
,
di
,
src
,
si
,
length
,
TWOFISH_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
twofish_decrypt
,
(
nettle_c
ipher
_func
*
)
twofish_decrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -456,7 +456,7 @@ do_blowfish_encrypt(struct crypto_instance *s,
lsh_string_cbc_encrypt
(
dst
,
di
,
src
,
si
,
length
,
BLOWFISH_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
blowfish_encrypt
,
(
nettle_c
ipher
_func
*
)
blowfish_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -470,7 +470,7 @@ do_blowfish_decrypt(struct crypto_instance *s,
lsh_string_cbc_decrypt
(
dst
,
di
,
src
,
si
,
length
,
BLOWFISH_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
blowfish_decrypt
,
(
nettle_c
ipher
_func
*
)
blowfish_decrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -522,7 +522,7 @@ do_serpent_encrypt(struct crypto_instance *s,
lsh_string_cbc_encrypt
(
dst
,
di
,
src
,
si
,
length
,
SERPENT_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
serpent_encrypt
,
(
nettle_c
ipher
_func
*
)
serpent_encrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
@@ -536,7 +536,7 @@ do_serpent_decrypt(struct crypto_instance *s,
lsh_string_cbc_decrypt
(
dst
,
di
,
src
,
si
,
length
,
SERPENT_BLOCK_SIZE
,
self
->
ctx
.
iv
,
(
nettle_c
rypt
_func
*
)
serpent_decrypt
,
(
nettle_c
ipher
_func
*
)
serpent_decrypt
,
&
self
->
ctx
.
ctx
);
}
...
...
src/dsa.c
View file @
71f5756f
...
...
@@ -64,8 +64,9 @@
(name dsa_verifier)
(super verifier)
(vars
(key indirect-special "struct dsa_public_key"
#f dsa_public_key_clear)))
(params indirect-special "struct dsa_params"
#f dsa_params_clear)
(key bignum)))
*/
/* GABA:
...
...
@@ -74,8 +75,7 @@
(super signer)
(vars
(verifier object dsa_verifier)
(key indirect-special "struct dsa_private_key"
#f dsa_private_key_clear)))
(key bignum)))
*/
static
int
...
...
@@ -87,6 +87,7 @@ do_dsa_verify(struct verifier *c, int algorithm,
{
CAST
(
dsa_verifier
,
self
,
c
);
struct
sha1_ctx
hash
;
uint8_t
digest
[
SHA1_DIGEST_SIZE
];
struct
simple_buffer
buffer
;
...
...
@@ -148,8 +149,8 @@ do_dsa_verify(struct verifier *c, int algorithm,
sha1_init
(
&
hash
);
sha1_update
(
&
hash
,
length
,
msg
);
res
=
dsa_
sha1_
verify
(
&
self
->
key
,
&
hash
,
&
sv
);
sha1_digest
(
&
hash
,
sizeof
(
digest
),
digest
);
res
=
dsa_verify
(
&
self
->
params
,
self
->
key
,
sizeof
(
digest
),
digest
,
&
sv
);
fail:
dsa_signature_clear
(
&
sv
);
...
...
@@ -164,8 +165,8 @@ do_dsa_public_key(struct verifier *s)
CAST
(
dsa_verifier
,
self
,
s
);
return
ssh_format
(
"%a%n%n%n%n"
,
ATOM_SSH_DSS
,
self
->
key
.
p
,
self
->
key
.
q
,
self
->
key
.
g
,
self
->
key
.
y
);
self
->
params
.
p
,
self
->
params
.
q
,
self
->
params
.
g
,
self
->
key
);
}
/* FIXME: Should maybe switch to the name "dsa-sha1". Not sure what we
...
...
@@ -179,16 +180,16 @@ do_dsa_public_spki_key(struct verifier *s, int transport)
return
lsh_string_format_sexp
(
transport
,
"(%0s(%0s(%0s%b)(%0s%b)(%0s%b)(%0s%b)))"
,
"public-key"
,
"dsa"
,
"p"
,
self
->
key
.
p
,
"q"
,
self
->
key
.
q
,
"g"
,
self
->
key
.
g
,
"y"
,
self
->
key
.
y
);
"p"
,
self
->
params
.
p
,
"q"
,
self
->
params
.
q
,
"g"
,
self
->
params
.
g
,
"y"
,
self
->
key
);
}
static
void
init_dsa_verifier
(
struct
dsa_verifier
*
self
)
{
dsa_p
ublic_key
_init
(
&
self
->
key
);
dsa_p
arams
_init
(
&
self
->
params
);
self
->
super
.
verify
=
do_dsa_verify
;
self
->
super
.
public_spki_key
=
do_dsa_public_spki_key
;
...
...
@@ -204,18 +205,18 @@ parse_ssh_dss_public(struct simple_buffer *buffer)
NEW
(
dsa_verifier
,
res
);
init_dsa_verifier
(
res
);
if
(
parse_bignum
(
buffer
,
res
->
key
.
p
,
DSA_SHA1_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
p
)
==
1
)
&&
parse_bignum
(
buffer
,
res
->
key
.
q
,
DSA_SHA1_Q_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
q
)
==
1
)
&&
mpz_sizeinbase
(
res
->
key
.
q
,
2
)
==
DSA_SHA1_Q_BITS
&&
(
mpz_cmp
(
res
->
key
.
q
,
res
->
key
.
p
)
<
0
)
/* q < p */
&&
parse_bignum
(
buffer
,
res
->
key
.
g
,
DSA_SHA1_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
g
)
==
1
)
&&
(
mpz_cmp
(
res
->
key
.
g
,
res
->
key
.
p
)
<
0
)
/* g < p */
&&
parse_bignum
(
buffer
,
res
->
key
.
y
,
DSA_SHA1_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
y
)
==
1
)
&&
(
mpz_cmp
(
res
->
key
.
y
,
res
->
key
.
p
)
<
0
)
/* y < p */
if
(
parse_bignum
(
buffer
,
res
->
params
.
p
,
DSA_SHA1_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
params
.
p
)
==
1
)
&&
parse_bignum
(
buffer
,
res
->
params
.
q
,
DSA_SHA1_Q_OCTETS
)
&&
(
mpz_sgn
(
res
->
params
.
q
)
==
1
)
&&
mpz_sizeinbase
(
res
->
params
.
q
,
2
)
==
DSA_SHA1_Q_BITS
&&
(
mpz_cmp
(
res
->
params
.
q
,
res
->
params
.
p
)
<
0
)
/* q < p */
&&
parse_bignum
(
buffer
,
res
->
params
.
g
,
DSA_SHA1_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
params
.
g
)
==
1
)
&&
(
mpz_cmp
(
res
->
params
.
g
,
res
->
params
.
p
)
<
0
)
/* g < p */
&&
parse_bignum
(
buffer
,
res
->
key
,
DSA_SHA1_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
)
==
1
)
&&
(
mpz_cmp
(
res
->
key
,
res
->
params
.
p
)
<
0
)
/* y < p */
&&
parse_eod
(
buffer
))
return
&
res
->
super
;
...
...
@@ -249,6 +250,7 @@ do_dsa_sign(struct signer *c,
CAST
(
dsa_signer
,
self
,
c
);
struct
dsa_signature
sv
;
struct
sha1_ctx
hash
;
uint8_t
digest
[
SHA1_DIGEST_SIZE
];
struct
lsh_string
*
signature
;
trace
(
"do_dsa_sign: Signing according to %a
\n
"
,
algorithm
);
...
...
@@ -256,9 +258,10 @@ do_dsa_sign(struct signer *c,
dsa_signature_init
(
&
sv
);
sha1_init
(
&
hash
);
sha1_update
(
&
hash
,
msg_length
,
msg
);
sha1_digest
(
&
hash
,
sizeof
(
digest
),
digest
);
if
(
dsa_
sha1_
sign
(
&
self
->
verifier
->
key
,
&
self
->
key
,
NULL
,
lsh_random
,
&
hash
,
&
sv
))
if
(
dsa_sign
(
&
self
->
verifier
->
params
,
self
->
key
,
NULL
,
lsh_random
,
sizeof
(
digest
),
digest
,
&
sv
))
/* Build signature */
switch
(
algorithm
)
{
...
...
@@ -310,7 +313,7 @@ make_dsa_verifier(struct signature_algorithm *self UNUSED,
NEW
(
dsa_verifier
,
res
);
init_dsa_verifier
(
res
);
if
(
dsa_keypair_from_sexp_alist
(
&
res
->
key
,
NULL
,
if
(
dsa_keypair_from_sexp_alist
(
&
res
->
params
,
res
->
key
,
NULL
,
DSA_SHA1_MAX_BITS
,
DSA_SHA1_Q_BITS
,
i
))
return
&
res
->
super
;
...
...
@@ -328,9 +331,7 @@ make_dsa_signer(struct signature_algorithm *self UNUSED,
init_dsa_verifier
(
verifier
);
dsa_private_key_init
(
&
res
->
key
);
if
(
dsa_keypair_from_sexp_alist
(
&
verifier
->
key
,
&
res
->
key
,
if
(
dsa_keypair_from_sexp_alist
(
&
verifier
->
params
,
verifier
->
key
,
res
->
key
,
DSA_SHA1_MAX_BITS
,
DSA_SHA1_Q_BITS
,
i
))
{
...
...
@@ -375,6 +376,7 @@ do_dsa_sha256_verify(struct verifier *c, int algorithm,
{
CAST
(
dsa_verifier
,
self
,
c
);
struct
sha256_ctx
hash
;
uint8_t
digest
[
SHA256_DIGEST_SIZE
];
struct
simple_buffer
buffer
;
...
...
@@ -411,8 +413,9 @@ do_dsa_sha256_verify(struct verifier *c, int algorithm,
sha256_init
(
&
hash
);
sha256_update
(
&
hash
,
length
,
msg
);
sha256_digest
(
&
hash
,
sizeof
(
digest
),
digest
);
res
=
dsa_
sha256_
verify
(
&
self
->
key
,
&
hash
,
&
sv
);
res
=
dsa_verify
(
&
self
->
params
,
self
->
key
,
sizeof
(
digest
),
digest
,
&
sv
);
fail:
dsa_signature_clear
(
&
sv
);
...
...
@@ -427,8 +430,8 @@ do_dsa_sha256_public_key(struct verifier *s)
CAST
(
dsa_verifier
,
self
,
s
);
return
ssh_format
(
"%a%n%n%n%n"
,
ATOM_SSH_DSA
,
self
->
key
.
p
,
self
->
key
.
q
,
self
->
key
.
g
,
self
->
key
.
y
);
self
->
params
.
p
,
self
->
params
.
q
,
self
->
params
.
g
,
self
->
key
);
}
static
struct
lsh_string
*
...
...
@@ -439,23 +442,23 @@ do_dsa_sha256_public_spki_key(struct verifier *s, int transport)
return
lsh_string_format_sexp
(
transport
,
"(%0s(%0s(%0s%b)(%0s%b)(%0s%b)(%0s%b)))"
,
"public-key"
,
"dsa-sha256"
,
"p"
,
self
->
key
.
p
,
"q"
,
self
->
key
.
q
,
"g"
,
self
->
key
.
g
,
"y"
,
self
->
key
.
y
);
"p"
,
self
->
params
.
p
,
"q"
,
self
->
params
.
q
,
"g"
,
self
->
params
.
g
,
"y"
,
self
->
key
);
}
static
void
init_dsa_sha256_verifier
(
struct
dsa_verifier
*
self
)
{
dsa_p
ublic_key
_init
(
&
self
->
key
);
dsa_p
arams
_init
(
&
self
->
params
);
self
->
super
.
verify
=
do_dsa_sha256_verify
;
self
->
super
.
public_spki_key
=
do_dsa_sha256_public_spki_key
;
self
->
super
.
public_key
=
do_dsa_sha256_public_key
;
}
/* FIXME: Duplicated code with plain ssh_dss. */
/* Alternative constructor using a key of type ssh-dsa-sha256, when
* the atom "ssh-dss" is already read from the buffer. */
struct
verifier
*
...
...
@@ -464,18 +467,18 @@ parse_ssh_dsa_sha256_public(struct simple_buffer *buffer)
NEW
(
dsa_verifier
,
res
);
init_dsa_verifier
(
res
);
if
(
parse_bignum
(
buffer
,
res
->
key
.
p
,
DSA_SHA256_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
p
)
==
1
)
&&
parse_bignum
(
buffer
,
res
->
key
.
q
,
DSA_SHA256_Q_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
q
)
==
1
)
&&
mpz_sizeinbase
(
res
->
key
.
q
,
2
)
==
DSA_SHA256_Q_BITS
&&
(
mpz_cmp
(
res
->
key
.
q
,
res
->
key
.
p
)
<
0
)
/* q < p */
&&
parse_bignum
(
buffer
,
res
->
key
.
g
,
DSA_SHA256_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
g
)
==
1
)
&&
(
mpz_cmp
(
res
->
key
.
g
,
res
->
key
.
p
)
<
0
)
/* g < p */
&&
parse_bignum
(
buffer
,
res
->
key
.
y
,
DSA_SHA256_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
.
y
)
==
1
)
&&
(
mpz_cmp
(
res
->
key
.
y
,
res
->
key
.
p
)
<
0
)
/* y < p */
if
(
parse_bignum
(
buffer
,
res
->
params
.
p
,
DSA_SHA256_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
params
.
p
)
==
1
)
&&
parse_bignum
(
buffer
,
res
->
params
.
q
,
DSA_SHA256_Q_OCTETS
)
&&
(
mpz_sgn
(
res
->
params
.
q
)
==
1
)
&&
mpz_sizeinbase
(
res
->
params
.
q
,
2
)
==
DSA_SHA256_Q_BITS
&&
(
mpz_cmp
(
res
->
params
.
q
,
res
->
params
.
p
)
<
0
)
/* q < p */
&&
parse_bignum
(
buffer
,
res
->
params
.
g
,
DSA_SHA256_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
params
.
g
)
==
1
)
&&
(
mpz_cmp
(
res
->
params
.
g
,
res
->
params
.
p
)
<
0
)
/* g < p */
&&
parse_bignum
(
buffer
,
res
->
key
,
DSA_SHA256_MAX_OCTETS
)
&&
(
mpz_sgn
(
res
->
key
)
==
1
)
&&
(
mpz_cmp
(
res
->
key
,
res
->
params
.
p
)
<
0
)
/* y < p */
&&
parse_eod
(
buffer
))
return
&
res
->
super
;
...
...
@@ -499,6 +502,7 @@ do_dsa_sha256_sign(struct signer *c,
CAST
(
dsa_signer
,
self
,
c
);
struct
dsa_signature
sv
;
struct
sha256_ctx
hash
;
uint8_t
digest
[
SHA256_DIGEST_SIZE
];
struct
lsh_string
*
signature
;
trace
(
"do_dsa_sign: Signing according to %a
\n
"
,
algorithm
);
...
...
@@ -506,9 +510,10 @@ do_dsa_sha256_sign(struct signer *c,
dsa_signature_init
(
&
sv
);
sha256_init
(
&
hash
);
sha256_update
(
&
hash
,
msg_length
,
msg
);
sha256_digest
(
&
hash
,
sizeof
(
digest
),
digest
);
if
(
dsa_
sha256_
sign
(
&
self
->
verifier
->
key
,
&
self
->
key
,
NULL
,
lsh_random
,
&
hash
,
&
sv
))
if
(
dsa_sign
(
&
self
->
verifier
->
params
,
self
->
key
,
NULL
,
lsh_random
,
sizeof
(
digest
),
digest
,
&
sv
))
/* Build signature */
switch
(
algorithm
)
{
...
...
@@ -554,7 +559,7 @@ make_dsa_sha256_verifier(struct signature_algorithm *self UNUSED,
NEW
(
dsa_verifier
,
res
);
init_dsa_sha256_verifier
(
res
);
if
(
dsa_keypair_from_sexp_alist
(
&
res
->
key
,
NULL
,
if
(
dsa_keypair_from_sexp_alist
(
&
res
->
params
,
res
->
key
,
NULL
,
DSA_SHA256_MAX_BITS
,
DSA_SHA256_Q_BITS
,
i
))
return
&
res
->
super
;
...
...
@@ -572,9 +577,7 @@ make_dsa_sha256_signer(struct signature_algorithm *self UNUSED,
init_dsa_verifier
(
verifier
);
dsa_private_key_init
(
&
res
->
key
);
if
(
dsa_keypair_from_sexp_alist
(
&
verifier
->
key
,
&
res
->
key
,
if
(
dsa_keypair_from_sexp_alist
(
&
verifier
->
params
,
verifier
->
key
,
res
->
key
,
DSA_SHA256_MAX_BITS
,
DSA_SHA256_Q_BITS
,
i
))
{
...
...
src/dummy.c
View file @
71f5756f
...
...
@@ -76,12 +76,12 @@ hmac_digest(const void *outer UNUSED, const void *inner UNUSED, void *state UNUS
unsigned
length
UNUSED
,
uint8_t
*
digest
UNUSED
)
{
abort
();
}
unsigned
size_t
sexp_vformat
(
struct
nettle_buffer
*
buffer
UNUSED
,
const
char
*
format
UNUSED
,
va_list
args
UNUSED
)
{
abort
();
}
unsigned
size_t
sexp_transport_vformat
(
struct
nettle_buffer
*
buffer
UNUSED
,
const
char
*
format
UNUSED
,
va_list
args
UNUSED
)
{
abort
();
}
...
...
src/lsh-keygen.c
View file @
71f5756f
...
...
@@ -476,54 +476,64 @@ progress(void *ctx UNUSED, int c)
static
struct
lsh_string
*
dsa_sha1_generate_key
(
unsigned
bits
)
{
struct
dsa_public_key
public
;
struct
dsa_private_key
private
;
struct
dsa_params
params
;
struct
lsh_string
*
key
=
NULL
;
dsa_public_key_init
(
&
public
);
dsa_private_key_init
(
&
private
);
dsa_params_init
(
&
params
);
if
(
dsa_generate_
keypair
(
&
public
,
&
private
,
NULL
,
lsh_random
,
NULL
,
progress
,
bits
,
160
))
if
(
dsa_generate_
params
(
&
params
,
NULL
,
lsh_random
,
NULL
,
progress
,
bits
,
160
))
{
mpz_t
public
;
mpz_t
private
;
mpz_init
(
public
);
mpz_init
(
private
);
dsa_generate_keypair
(
&
params
,
public
,
private
,
NULL
,
lsh_random
);
key
=
lsh_string_format_sexp
(
0
,
"(private-key(dsa(p%b)(q%b)(g%b)(y%b)(x%b)))"
,
public
.
p
,
public
.
q
,
public
.
g
,
public
.
y
,
private
.
x
);
params
.
p
,
params
.
q
,
params
.
g
,
public
,
private
);
mpz_clear
(
public
);
mpz_clear
(
private
);
}
dsa_public_key_clear
(
&
public
);
dsa_private_key_clear
(
&
private
);
dsa_params_clear
(
&
params
);
return
key
;
}
static
struct
lsh_string
*
dsa_sha256_generate_key
(
unsigned
bits
)
{
struct
dsa_public_key
public
;
struct
dsa_private_key
private
;
struct
dsa_params
params
;
struct
lsh_string
*
key
=
NULL
;
dsa_public_key_init
(
&
public
);
dsa_private_key_init
(
&
private
);
dsa_params_init
(
&
params
);
if
(
dsa_generate_
keypair
(
&
public
,
&
private
,
NULL
,
lsh_random
,
NULL
,
progress
,
bits
,
256
))
if
(
dsa_generate_
params
(
&
params
,
NULL
,
lsh_random
,
NULL
,
progress
,
bits
,
256
))
{
mpz_t
public
;
mpz_t
private
;
mpz_init
(
public
);
mpz_init
(
private
);
dsa_generate_keypair
(
&
params
,
public
,
private
,
NULL
,
lsh_random
);
key
=
lsh_string_format_sexp
(
0
,
"(private-key(dsa-sha256(p%b)(q%b)(g%b)(y%b)(x%b)))"
,
public
.
p
,
public
.
q
,
public
.
g
,
public
.
y
,
private
.
x
);
params
.
p
,
params
.
q
,
params
.
g
,
public
,
private
);
mpz_clear
(
public
);
mpz_clear
(
private
);
}
dsa_public_key_clear
(
&
public
);
dsa_private_key_clear
(
&
private
);
dsa_params_clear
(
&
params
);
return
key
;
}
...
...
src/lsh_string.c
View file @
71f5756f
...
...
@@ -458,7 +458,7 @@ lsh_string_cbc_encrypt(struct lsh_string *dst, uint32_t di,
const
struct
lsh_string
*
src
,
uint32_t
si
,
uint32_t
length
,
uint32_t
block_size
,
uint8_t
*
iv
,
nettle_c
rypt
_func
f
,
void
*
ctx
)
nettle_c
ipher
_func
f
,
void
*
ctx
)
{
ASSERT_ROOM
(
dst
,
di
,
length
);
ASSERT_ROOM
(
src
,
si
,
length
);
...
...
@@ -476,7 +476,7 @@ lsh_string_cbc_decrypt(struct lsh_string *dst, uint32_t di,
const
struct
lsh_string
*
src
,
uint32_t
si
,
uint32_t
length
,
uint32_t
block_size
,
uint8_t
*
iv
,
nettle_c
rypt
_func
f
,
void
*
ctx
)
nettle_c
ipher
_func
f
,
void
*
ctx
)
{
ASSERT_ROOM
(
dst
,
di
,
length
);
ASSERT_ROOM
(
src
,
si
,
length
);
...
...
@@ -494,7 +494,7 @@ lsh_string_ctr_crypt(struct lsh_string *dst, uint32_t di,
const
struct
lsh_string
*
src
,
uint32_t
si
,
uint32_t
length
,
uint32_t
block_size
,
uint8_t
*
iv
,
nettle_c
rypt
_func
f
,
void
*
ctx
)
nettle_c
ipher
_func
f
,
void
*
ctx
)
{
ASSERT_ROOM
(
dst
,
di
,
length
);
ASSERT_ROOM
(
src
,
si
,
length
);
...
...
@@ -545,7 +545,7 @@ lsh_string_format_sexp(int transport, const char *format, ...)
unsigned
length
;
struct
nettle_buffer
buffer
;
unsigned
(
*
vformat
)(
struct
nettle_buffer
*
,
const
char
*
,
va_list
)
size_t
(
*
vformat
)(
struct
nettle_buffer
*
,
const
char
*
,
va_list
)
=
transport
?
sexp_transport_vformat
:
sexp_vformat
;
va_start
(
args
,
format
);
...
...
@@ -570,7 +570,7 @@ int
lsh_string_base64_decode
(
struct
lsh_string
*
s
)
{
struct
base64_decode_ctx
ctx
;
uint32
_t
done
=
s
->
length
;
size
_t
done
=
s
->
length
;
base64_decode_init
(
&
ctx
);
...
...
src/lsh_string.h
View file @
71f5756f
...
...
@@ -141,21 +141,21 @@ lsh_string_cbc_encrypt(struct lsh_string *dst, uint32_t di,
const
struct
lsh_string
*
src
,
uint32_t
si
,
uint32_t
length
,
uint32_t
block_size
,
uint8_t
*
iv
,
nettle_c
rypt
_func
f
,
void
*
ctx
);
nettle_c
ipher
_func
f
,
void
*
ctx
);
void
lsh_string_cbc_decrypt
(
struct
lsh_string
*
dst
,
uint32_t
di
,
const
struct
lsh_string
*
src
,
uint32_t
si
,
uint32_t
length
,
uint32_t
block_size
,
uint8_t
*
iv
,
nettle_c
rypt
_func
f
,
void
*
ctx
);
nettle_c
ipher
_func
f
,
void
*
ctx
);
void
lsh_string_ctr_crypt
(
struct
lsh_string
*
dst
,
uint32_t
di
,
const
struct
lsh_string
*
src
,
uint32_t
si
,
uint32_t
length
,
uint32_t
block_size
,
uint8_t
*
iv
,
nettle_c
rypt
_func
f
,
void
*
ctx
);
nettle_c
ipher
_func
f
,
void
*
ctx
);
void
lsh_string_write_hash
(
struct
lsh_string
*
s
,
uint32_t
start
,
...
...
src/randomness.h
View file @
71f5756f
...
...
@@ -62,6 +62,6 @@ random_init_system(void);
/* Randomness function matching nettle's expectations. */
void
lsh_random
(
void
*
ctx
,
unsigned
length
,
uint8_t
*
data
);
lsh_random
(
void
*
ctx
,
size_t
length
,
uint8_t
*
data
);
#endif
/* LSH_RANDOMNESS_H_INCLUDED */
src/sexp.c
View file @
71f5756f
...
...
@@ -97,7 +97,7 @@ lsh_sexp_to_string(struct sexp_iterator *i, struct lsh_string **display)
struct
lsh_string
*
lsh_sexp_copy
(
struct
sexp_iterator
*
i
)
{
unsigned
length
;
size_t
length
;
const
uint8_t
*
subexpr
=
sexp_iterator_subexpr
(
i
,
&
length
);
return
subexpr
?
ssh_format
(
"%ls"
,
length
,
subexpr
)
:
NULL
;
...
...
src/testsuite/testutils.c
View file @
71f5756f
...
...
@@ -176,7 +176,7 @@ random_generate(uint32_t length, uint8_t *dst)
}
void