Commit 21ee1904 authored by Niels Möller's avatar Niels Möller

(TMP_DECL, TMP_ALLOC): New macros. When alloca is unavailable, they

work by allocating a fix amount of stack and imposing a hard limit on
what can be allocated. Updated all users of alloca.

Rev: src/nettle/bignum-random.c:1.4
Rev: src/nettle/cbc.c:1.8
Rev: src/nettle/dsa-keygen.c:1.7
Rev: src/nettle/hmac.c:1.6
Rev: src/nettle/pkcs1-rsa-md5.c:1.3
Rev: src/nettle/pkcs1-rsa-sha1.c:1.3
Rev: src/nettle/rsa-decrypt.c:1.5
Rev: src/nettle/rsa-encrypt.c:1.8
Rev: src/nettle/sexp.c:1.15
parent dcd5b982
......@@ -32,6 +32,7 @@
#include <stdlib.h>
#include "bignum.h"
#include "nettle-internal.h"
void
nettle_mpz_random_size(mpz_t x,
......@@ -39,7 +40,8 @@ nettle_mpz_random_size(mpz_t x,
unsigned bits)
{
unsigned length = (bits + 7) / 8;
uint8_t *data = alloca(length);
TMP_DECL(data, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
TMP_ALLOC(data, length);
random(ctx, length, data);
......@@ -49,6 +51,7 @@ nettle_mpz_random_size(mpz_t x,
mpz_fdiv_r_2exp(x, x, bits);
}
/* Returns a random number x, 0 <= x < n */
void
nettle_mpz_random(mpz_t x,
void *ctx, nettle_random_func random,
......
......@@ -34,6 +34,7 @@
#include "cbc.h"
#include "memxor.h"
#include "nettle-internal.h"
void
cbc_encrypt(void *ctx, void (*f)(void *ctx,
......@@ -106,33 +107,31 @@ cbc_decrypt(void *ctx, void (*f)(void *ctx,
*
* NOTE: We assume that block_size <= CBC_BUFFER_LIMIT. */
uint8_t *buffer;
unsigned buffer_size;
if (length <= CBC_BUFFER_LIMIT)
buffer = alloca(length);
buffer_size = length;
else
{
/* The buffer size must be an integral number of blocks. */
unsigned buffer_size
= CBC_BUFFER_LIMIT - (CBC_BUFFER_LIMIT % block_size);
buffer = alloca(buffer_size);
for ( ; length >= buffer_size;
length -= buffer_size, dst += buffer_size, src += buffer_size)
{
memcpy(buffer, src, buffer_size);
cbc_decrypt_internal(ctx, f, block_size, iv,
buffer_size, dst, buffer);
}
if (!length)
return;
}
/* Now, we have at most CBC_BUFFER_LIMIT octets left */
memcpy(buffer, src, length);
cbc_decrypt_internal(ctx, f, block_size, iv,
length, dst, buffer);
buffer_size
= CBC_BUFFER_LIMIT - (CBC_BUFFER_LIMIT % block_size);
{
TMP_DECL(buffer, uint8_t, CBC_BUFFER_LIMIT);
TMP_ALLOC(buffer, buffer_size);
for ( ; length > buffer_size;
length -= buffer_size, dst += buffer_size, src += buffer_size)
{
memcpy(buffer, src, buffer_size);
cbc_decrypt_internal(ctx, f, block_size, iv,
buffer_size, dst, buffer);
}
/* Now, we have at most CBC_BUFFER_LIMIT octets left */
memcpy(buffer, src, length);
cbc_decrypt_internal(ctx, f, block_size, iv,
length, dst, buffer);
}
}
}
......
......@@ -35,6 +35,7 @@
#include "bignum.h"
#include "memxor.h"
#include "nettle-internal.h"
/* The (slow) NIST method of generating DSA primes. Algorithm 4.56 of
* Handbook of Applied Cryptography. */
......@@ -118,8 +119,10 @@ dsa_nist_gen(mpz_t p, mpz_t q,
progress(progress_ctx, '\n');
{
/* Official maximum key size: L = 1024 => n = 6 */
TMP_DECL(buffer, uint8_t, (6 + 1) * SHA1_DIGEST_SIZE);
unsigned size = (n+1) * SHA1_DIGEST_SIZE;
uint8_t *buffer = alloca(size);
TMP_ALLOC(buffer, size);
unsigned i, j;
for (i = 0, j = 2; i<4096; i++, j+= n+1)
......
......@@ -33,6 +33,7 @@
#include "hmac.h"
#include "memxor.h"
#include "nettle-internal.h"
#define IPAD 0x36
#define OPAD 0x5c
......@@ -42,7 +43,8 @@ hmac_set_key(void *outer, void *inner, void *state,
const struct nettle_hash *hash,
unsigned key_length, const uint8_t *key)
{
uint8_t *pad = alloca(hash->block_size);
TMP_DECL(pad, uint8_t, NETTLE_MAX_HASH_BLOCK_SIZE);
TMP_ALLOC(pad, hash->block_size);
hash->init(outer);
hash->init(inner);
......@@ -52,7 +54,8 @@ hmac_set_key(void *outer, void *inner, void *state,
/* Reduce key to the algorithm's hash size. Use the area pointed
* to by state for the temporary state. */
uint8_t *digest = alloca(hash->digest_size);
TMP_DECL(digest, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
TMP_ALLOC(digest, hash->digest_size);
hash->init(state);
hash->update(state, key_length, key);
......@@ -90,7 +93,8 @@ hmac_digest(const void *outer, const void *inner, void *state,
const struct nettle_hash *hash,
unsigned length, uint8_t *dst)
{
uint8_t *digest = alloca(hash->digest_size);
TMP_DECL(digest, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
TMP_ALLOC(digest, hash->digest_size);
hash->digest(state, hash->digest_size, digest);
......
......@@ -38,6 +38,8 @@
#include "bignum.h"
#include "pkcs1.h"
#include "nettle-internal.h"
/* From pkcs-1v2
*
* md5 OBJECT IDENTIFIER ::=
......@@ -64,7 +66,8 @@ md5_prefix[] =
void
pkcs1_rsa_md5_encode(mpz_t m, unsigned length, struct md5_ctx *hash)
{
uint8_t *em = alloca(length);
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
TMP_ALLOC(em, length);
assert(length >= MD5_DIGEST_SIZE);
pkcs1_signature_prefix(length - MD5_DIGEST_SIZE, em,
......@@ -78,7 +81,8 @@ pkcs1_rsa_md5_encode(mpz_t m, unsigned length, struct md5_ctx *hash)
void
pkcs1_rsa_md5_encode_digest(mpz_t m, unsigned length, const uint8_t *digest)
{
uint8_t *em = alloca(length);
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
TMP_ALLOC(em, length);
assert(length >= MD5_DIGEST_SIZE);
pkcs1_signature_prefix(length - MD5_DIGEST_SIZE, em,
......
......@@ -38,6 +38,8 @@
#include "bignum.h"
#include "pkcs1.h"
#include "nettle-internal.h"
/* From pkcs-1v2
*
* id-sha1 OBJECT IDENTIFIER ::=
......@@ -64,7 +66,8 @@ sha1_prefix[] =
void
pkcs1_rsa_sha1_encode(mpz_t m, unsigned length, struct sha1_ctx *hash)
{
uint8_t *em = alloca(length);
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
TMP_ALLOC(em, length);
assert(length >= SHA1_DIGEST_SIZE);
pkcs1_signature_prefix(length - SHA1_DIGEST_SIZE, em,
......@@ -78,7 +81,8 @@ pkcs1_rsa_sha1_encode(mpz_t m, unsigned length, struct sha1_ctx *hash)
void
pkcs1_rsa_sha1_encode_digest(mpz_t m, unsigned length, const uint8_t *digest)
{
uint8_t *em = alloca(length);
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
TMP_ALLOC(em, length);
assert(length >= SHA1_DIGEST_SIZE);
pkcs1_signature_prefix(length - SHA1_DIGEST_SIZE, em,
......
......@@ -36,13 +36,14 @@
#include "rsa.h"
#include "bignum.h"
#include "nettle-internal.h"
int
rsa_decrypt(const struct rsa_private_key *key,
unsigned *length, uint8_t *message,
const mpz_t gibberish)
{
uint8_t *em;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
uint8_t *terminator;
unsigned padding;
unsigned message_length;
......@@ -52,7 +53,7 @@ rsa_decrypt(const struct rsa_private_key *key,
mpz_init(m);
rsa_compute_root(key, m, gibberish);
em = alloca(key->size);
TMP_ALLOC(em, key->size);
nettle_mpz_get_str_256(key->size, em, m);
mpz_clear(m);
......
......@@ -36,6 +36,7 @@
#include "rsa.h"
#include "bignum.h"
#include "nettle-internal.h"
int
rsa_encrypt(const struct rsa_public_key *key,
......@@ -44,7 +45,7 @@ rsa_encrypt(const struct rsa_public_key *key,
unsigned length, const uint8_t *message,
mpz_t gibbberish)
{
uint8_t *em;
TMP_DECL(em, uint8_t, NETTLE_MAX_BIGNUM_BITS / 8);
unsigned padding;
unsigned i;
......@@ -64,7 +65,7 @@ rsa_encrypt(const struct rsa_public_key *key,
padding = key->size - length - 3;
assert(padding >= 8);
em = alloca(key->size - 1);
TMP_ALLOC(em, key->size - 1);
em[0] = 2;
random(random_ctx, padding, em + 1);
......
......@@ -33,6 +33,7 @@
#include "sexp.h"
#include "macros.h"
#include "nettle-internal.h"
/* Initializes the iterator, but one has to call next to get to the
* first element. */
......@@ -324,11 +325,11 @@ sexp_iterator_assoc(struct sexp_iterator *iterator,
const uint8_t **keys,
struct sexp_iterator *values)
{
int *found;
TMP_DECL(found, int, NETTLE_MAX_SEXP_ASSOC);
unsigned nfound;
unsigned i;
found = alloca(nkeys * sizeof(*found));
TMP_ALLOC(found, nkeys);
for (i = 0; i<nkeys; i++)
found[i] = 0;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment