Commit 8bab0227 authored by Niels Möller's avatar Niels Möller
Browse files

(zn_range, zn_invert, zn_mul, zn_exp, zn_exp_ui, zn_add, zn_sub):

Non-static functions replaces the GROUP_COMBINE etc methods.

(abstract_group): Deleted class and
methods.
(zn_group): Declare class here, and plain functions for using it.
Replaced all uses of struct abstract_group with const struct
zn_group.
Use const for all dh_method pointers.

Rev: src/client_keyexchange.c:1.68
Rev: src/client_keyexchange.h:1.19
Rev: src/dh_exchange.c:1.19
Rev: src/server_keyexchange.c:1.58
Rev: src/server_keyexchange.h:1.13
Rev: src/srp-gen.c:1.22
Rev: src/srp.h:1.8
Rev: src/srp_exchange.c:1.21
parent f496f9a5
......@@ -46,7 +46,7 @@
(name dh_client_exchange)
(super keyexchange_algorithm)
(vars
(dh object dh_method)))
(dh const object dh_method)))
*/
/* Handler for the kex_dh_reply message */
......@@ -154,7 +154,7 @@ do_init_client_dh(struct keyexchange_algorithm *c,
struct keyexchange_algorithm *
make_dh_client(struct dh_method *dh)
make_dh_client(const struct dh_method *dh)
{
NEW(dh_client_exchange, self);
......@@ -301,7 +301,7 @@ make_srp_reply_handler(struct srp_client_instance *srp)
(name srp_client_exchange)
(super keyexchange_algorithm)
(vars
(dh object dh_method)
(dh const object dh_method)
(tty object interact)
(name string)))
*/
......@@ -333,14 +333,11 @@ do_init_client_srp(struct keyexchange_algorithm *s,
}
struct keyexchange_algorithm *
make_srp_client(struct dh_method *dh, struct interact *tty,
make_srp_client(const struct dh_method *dh, struct interact *tty,
struct lsh_string *name)
{
NEW(srp_client_exchange, self);
assert(dh->G->add);
assert(dh->G->subtract);
self->super.init = do_init_client_srp;
self->dh = dh;
self->tty = tty;
......
......@@ -31,10 +31,10 @@
#include "publickey_crypto.h"
struct keyexchange_algorithm *
make_dh_client(struct dh_method *dh);
make_dh_client(const struct dh_method *dh);
struct keyexchange_algorithm *
make_srp_client(struct dh_method *dh,
make_srp_client(const struct dh_method *dh,
struct interact *tty, struct lsh_string *name);
#endif /* LSH_CLIENT_KEYEXCHANGE_H_INCLUDED */
......@@ -41,7 +41,7 @@
#include "xalloc.h"
void
init_dh_instance(struct dh_method *m,
init_dh_instance(const struct dh_method *m,
struct dh_instance *self,
struct ssh_connection *c)
{
......@@ -75,7 +75,7 @@ init_dh_instance(struct dh_method *m,
}
struct dh_method *
make_dh(struct abstract_group *G,
make_dh(const struct zn_group *G,
const struct hash_algorithm *H,
struct randomness *r)
{
......@@ -99,19 +99,19 @@ make_dh1(struct randomness *r)
/* R is set to a random, secret, exponent, and V set to is g^r */
void
dh_generate_secret(struct dh_method *self,
dh_generate_secret(const struct dh_method *self,
mpz_t r, mpz_t v)
{
mpz_t tmp;
/* Generate a random number, 1 < x <= p-1 = O(G) */
/* Generate a random number, 1 < x < O(G) = (p-1)/2 */
mpz_init_set(tmp, self->G->order);
mpz_sub_ui(tmp, tmp, 1);
nettle_mpz_random(r, self->random, lsh_random, tmp);
mpz_add_ui(r, r, 1);
mpz_clear(tmp);
GROUP_POWER(self->G, v, self->G->generator, r);
zn_exp(self->G, v, self->G->generator, r);
}
struct lsh_string *
......@@ -135,13 +135,13 @@ dh_process_client_msg(struct dh_instance *self,
&& (msg_number == SSH_MSG_KEXDH_INIT)
&& parse_bignum(&buffer, self->e, 0)
&& (mpz_cmp_ui(self->e, 1) > 0)
&& GROUP_RANGE(self->method->G, self->e)
&& zn_range(self->method->G, self->e)
&& parse_eod(&buffer) ))
return 0;
mpz_init(tmp);
GROUP_POWER(self->method->G, tmp, self->e, self->secret);
zn_exp(self->method->G, tmp, self->e, self->secret);
self->K = ssh_format("%ln", tmp);
mpz_clear(tmp);
......@@ -216,7 +216,7 @@ dh_process_server_msg(struct dh_instance *self,
/* FIXME: Pass a more restrictive limit to parse_bignum. */
&& (parse_bignum(&buffer, self->f, 0))
&& (mpz_cmp_ui(self->f, 1) > 0)
&& GROUP_RANGE(self->method->G, self->f)
&& zn_range(self->method->G, self->f)
&& (s = parse_string_copy(&buffer))
&& parse_eod(&buffer)))
{
......@@ -227,7 +227,7 @@ dh_process_server_msg(struct dh_instance *self,
mpz_init(tmp);
GROUP_POWER(self->method->G, tmp, self->f, self->secret);
zn_exp(self->method->G, tmp, self->f, self->secret);
self->K = ssh_format("%ln", tmp);
mpz_clear(tmp);
......
......@@ -334,7 +334,7 @@ make_srp_init_handler(struct srp_server_instance *srp)
(name srp_server_exchange)
(super keyexchange_algorithm)
(vars
(dh object dh_method)
(dh const object dh_method)
(db object user_db)))
*/
......@@ -362,14 +362,11 @@ do_init_server_srp(struct keyexchange_algorithm *s,
}
struct keyexchange_algorithm *
make_srp_server(struct dh_method *dh,
make_srp_server(const struct dh_method *dh,
struct user_db *db)
{
NEW(srp_server_exchange, self);
assert(dh->G->add);
assert(dh->G->subtract);
self->super.init = do_init_server_srp;
self->dh = dh;
self->db = db;
......
......@@ -35,7 +35,7 @@ struct keyexchange_algorithm *
make_dh_server(struct dh_method *dh);
struct keyexchange_algorithm *
make_srp_server(struct dh_method *dh,
make_srp_server(const struct dh_method *dh,
struct user_db *db);
#endif /* LSH_SERVER_KEYEXCHANGE_H_INCLUDED */
......@@ -71,7 +71,7 @@ const char *argp_program_bug_address = BUG_ADDRESS;
(tty object interact)
(e object exception_handler)
(G object abstract_group)
(G const object zn_group)
(H const object hash_algorithm)
(file string)
......
......@@ -48,7 +48,7 @@ make_srp_entry(const struct lsh_string *name,
/* Consumes the salt */
struct lsh_string *
srp_make_verifier(struct abstract_group *G,
srp_make_verifier(const struct zn_group *G,
const struct hash_algorithm *H,
struct lsh_string *salt,
struct lsh_string *name,
......
......@@ -97,7 +97,7 @@ make_srp_entry(const struct lsh_string *name,
/* Consumes the salt */
struct lsh_string *
srp_make_verifier(struct abstract_group *G,
srp_make_verifier(const struct zn_group *G,
const struct hash_algorithm *H,
struct lsh_string *salt,
struct lsh_string *name,
......@@ -109,7 +109,7 @@ srp_make_verifier(struct abstract_group *G,
mpz_init(x);
srp_hash_password(x, H, salt, name, passwd);
GROUP_POWER(G, x, G->generator, x);
zn_exp(G, x, G->generator, x);
expr = lsh_string_format_sexp(0, "(srp-verifier ssh-ring1%s%b)",
STRING_LD(salt),
......@@ -192,7 +192,7 @@ srp_process_init_msg(struct dh_instance *self, struct lsh_string *packet)
/* FIXME: Pass a more restrictive limit to parse_bignum. */
&& parse_bignum(&buffer, self->e, 0)
&& (mpz_cmp_ui(self->e, 1) > 0)
&& GROUP_RANGE(self->method->G, self->e)
&& zn_range(self->method->G, self->e)
&& parse_eod(&buffer) )
{
debug("srp_process_init_msg: e = %xn\n", self->e);
......@@ -237,7 +237,7 @@ srp_make_reply_msg(struct dh_instance *dh, struct srp_entry *entry)
debug("srp_make_reply_msg: f - v = %xn\n", dh->f);
if (!GROUP_ADD(dh->method->G, dh->f, dh->f, entry->verifier))
if (!zn_add(dh->method->G, dh->f, dh->f, entry->verifier))
{
werror("srp_exchange.c: Found cleartext password by mistake!\n");
continue;
......@@ -253,9 +253,9 @@ srp_make_reply_msg(struct dh_instance *dh, struct srp_entry *entry)
/* Compute (e v^u) ^ b */
mpz_init(tmp);
GROUP_SMALL_POWER(dh->method->G, tmp, entry->verifier, u);
GROUP_COMBINE(dh->method->G, tmp, dh->e, tmp);
GROUP_POWER(dh->method->G, tmp, tmp, dh->secret);
zn_exp_ui(dh->method->G, tmp, entry->verifier, u);
zn_mul(dh->method->G, tmp, dh->e, tmp);
zn_exp(dh->method->G, tmp, tmp, dh->secret);
debug("srp_make_reply_msg: K = %xn\n", tmp);
......@@ -287,7 +287,7 @@ srp_process_reply_msg(struct dh_instance *dh, struct lsh_string *packet)
/* FIXME: Pass a more restrictive limit to parse_bignum. */
&& parse_bignum(&buffer, dh->f, 0)
&& (mpz_cmp_ui(dh->f, 1) > 0)
&& GROUP_RANGE(dh->method->G, dh->f)
&& zn_range(dh->method->G, dh->f)
&& parse_eod(&buffer))
{
debug("srp_process_reply_msg: f = %xn\n", dh->f);
......@@ -328,11 +328,11 @@ srp_make_client_proof(struct dh_instance *dh,
mpz_init(v);
/* Compute the verifier */
GROUP_POWER(dh->method->G, v, dh->method->G->generator, x);
zn_exp(dh->method->G, v, dh->method->G->generator, x);
debug("srp_make_client_proof: v = %xn\n", v);
if (!GROUP_SUBTRACT(dh->method->G, v, dh->f, v))
if (!zn_sub(dh->method->G, v, dh->f, v))
{
mpz_clear(v);
return NULL;
......@@ -346,7 +346,7 @@ srp_make_client_proof(struct dh_instance *dh,
mpz_mul_ui(tmp, x, u);
mpz_add(tmp, tmp, dh->secret);
GROUP_POWER(dh->method->G, v, v, tmp);
zn_exp(dh->method->G, v, v, tmp);
debug("srp_make_client_proof: K = %xn\n", v);
dh->K = ssh_format("%ln", v);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment