diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-07 10:40:37 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-07 10:41:04 +0200 |
| commit | 115f165b6e3bb74f45e13a65c5f4f82f28664a2c (patch) | |
| tree | ec55b63c736b5bef6061202c8bd31b08796fa2dc /libtomcrypt/pk | |
| parent | 58a20b797e5a987fc8f7c5bea3be24d754908bf5 (diff) | |
| download | cryptodev-linux-115f165b6e3bb74f45e13a65c5f4f82f28664a2c.tar.gz cryptodev-linux-115f165b6e3bb74f45e13a65c5f4f82f28664a2c.tar.xz cryptodev-linux-115f165b6e3bb74f45e13a65c5f4f82f28664a2c.zip | |
Added a modified libtomcrypt with DSA and RSA algorithms.
Diffstat (limited to 'libtomcrypt/pk')
50 files changed, 183 insertions, 3224 deletions
diff --git a/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c b/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c index 328280d..d7b13cf 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c +++ b/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c @@ -25,7 +25,7 @@ @param num The first mp_int to decode @return CRYPT_OK if successful */ -int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) +int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int_t num) { unsigned long x, y, z; int err; @@ -87,16 +87,16 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num) /* see if it's negative */ if (in[x] & 0x80) { - void *tmp; + mp_int tmp; if (mp_init(&tmp) != CRYPT_OK) { return CRYPT_MEM; } - if (mp_2expt(tmp, mp_count_bits(num)) != CRYPT_OK || mp_sub(num, tmp, num) != CRYPT_OK) { - mp_clear(tmp); + if (mp_2expt(&tmp, mp_count_bits(num)) != CRYPT_OK || mp_sub(num, &tmp, num) != CRYPT_OK) { + mp_clear(&tmp); return CRYPT_MEM; } - mp_clear(tmp); + mp_clear(&tmp); } return CRYPT_OK; diff --git a/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c b/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c index c1d0612..830446a 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c +++ b/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c @@ -26,7 +26,7 @@ @param outlen [in/out] The max size and resulting size of the DER encoded integers @return CRYPT_OK if successful */ -int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) +int der_encode_integer(mp_int_t num, unsigned char *out, unsigned long *outlen) { unsigned long tmplen, y; int err, leading_zero; @@ -96,7 +96,7 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) return err; } } else if (mp_iszero(num) != LTC_MP_YES) { - void *tmp; + mp_int tmp; /* negative */ if (mp_init(&tmp) != CRYPT_OK) { @@ -107,15 +107,15 @@ int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen) y = mp_count_bits(num); y = y + (8 - (y & 7)); if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) y -= 8; - if (mp_2expt(tmp, y) != CRYPT_OK || mp_add(tmp, num, tmp) != CRYPT_OK) { - mp_clear(tmp); + if (mp_2expt(&tmp, y) != CRYPT_OK || mp_add(&tmp, num, &tmp) != CRYPT_OK) { + mp_clear(&tmp); return CRYPT_MEM; } - if ((err = mp_to_unsigned_bin(tmp, out)) != CRYPT_OK) { - mp_clear(tmp); + if ((err = mp_to_unsigned_bin(&tmp, out)) != CRYPT_OK) { + mp_clear(&tmp); return err; } - mp_clear(tmp); + mp_clear(&tmp); } /* we good */ diff --git a/libtomcrypt/pk/asn1/der/integer/der_length_integer.c b/libtomcrypt/pk/asn1/der/integer/der_length_integer.c index 9320b03..40addd5 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_length_integer.c +++ b/libtomcrypt/pk/asn1/der/integer/der_length_integer.c @@ -23,7 +23,7 @@ @param outlen [out] The length of the DER encoding for the given integer @return CRYPT_OK if successful */ -int der_length_integer(void *num, unsigned long *outlen) +int der_length_integer(mp_int_t num, unsigned long *outlen) { unsigned long z, len; int leading_zero; diff --git a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c index 607d5eb..2e72dbd 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -122,17 +122,24 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc /* init field */ l->type = LTC_ASN1_INTEGER; l->size = 1; - if ((err = mp_init(&l->data)) != CRYPT_OK) { + + l->data = XMALLOC(sizeof(mp_int)); + if (l->data == NULL) { + err = CRYPT_MEM; + goto error; + } + + if ((err = mp_init((mp_int_t)l->data)) != CRYPT_OK) { goto error; } /* decode field */ - if ((err = der_decode_integer(in, *inlen, l->data)) != CRYPT_OK) { + if ((err = der_decode_integer(in, *inlen, (mp_int_t)l->data)) != CRYPT_OK) { goto error; } /* calc length of object */ - if ((err = der_length_integer(l->data, &len)) != CRYPT_OK) { + if ((err = der_length_integer((mp_int_t)l->data, &len)) != CRYPT_OK) { goto error; } break; diff --git a/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c b/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c index a6769b3..a0e0d2d 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c +++ b/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c @@ -47,13 +47,13 @@ void der_sequence_free(ltc_asn1_list *in) case LTC_ASN1_SET: case LTC_ASN1_SETOF: case LTC_ASN1_SEQUENCE: break; - case LTC_ASN1_INTEGER : if (in->data != NULL) { mp_clear(in->data); } break; + case LTC_ASN1_INTEGER : if (in->data != NULL) { mp_clear(in->data); XFREE(in->data); } break; default : if (in->data != NULL) { XFREE(in->data); } } /* move to next and free current */ l = in->next; - free(in); + XFREE(in); in = l; } } diff --git a/libtomcrypt/pk/dsa/dsa_decrypt_key.c b/libtomcrypt/pk/dsa/dsa_decrypt_key.c deleted file mode 100644 index 0e193a6..0000000 --- a/libtomcrypt/pk/dsa/dsa_decrypt_key.c +++ /dev/null @@ -1,139 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file dsa_decrypt_key.c - DSA Crypto, Tom St Denis -*/ - -#ifdef LTC_MDSA - -/** - Decrypt an DSA encrypted key - @param in The ciphertext - @param inlen The length of the ciphertext (octets) - @param out [out] The plaintext - @param outlen [in/out] The max size and resulting size of the plaintext - @param key The corresponding private DSA key - @return CRYPT_OK if successful -*/ -int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - dsa_key *key) -{ - unsigned char *skey, *expt; - void *g_pub; - unsigned long x, y, hashOID[32]; - int hash, err; - ltc_asn1_list decode[3]; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* right key type? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* decode to find out hash */ - LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); - - if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { - return err; - } - - hash = find_hash_oid(hashOID, decode[0].size); - if (hash_is_valid(hash) != CRYPT_OK) { - return CRYPT_INVALID_PACKET; - } - - /* we now have the hash! */ - - if ((err = mp_init(&g_pub)) != CRYPT_OK) { - return err; - } - - /* allocate memory */ - expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1); - skey = XMALLOC(MAXBLOCKSIZE); - if (expt == NULL || skey == NULL) { - if (expt != NULL) { - XFREE(expt); - } - if (skey != NULL) { - XFREE(skey); - } - mp_clear(g_pub); - return CRYPT_MEM; - } - - LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER, g_pub, 1UL); - LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); - - /* read the structure in now */ - if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* make shared key */ - x = mp_unsigned_bin_size(key->p) + 1; - if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - - y = MIN(mp_unsigned_bin_size(key->p) + 1, MAXBLOCKSIZE); - if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* ensure the hash of the shared secret is at least as big as the encrypt itself */ - if (decode[2].size > y) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* avoid buffer overflow */ - if (*outlen < decode[2].size) { - *outlen = decode[2].size; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* Decrypt the key */ - for (x = 0; x < decode[2].size; x++) { - out[x] = expt[x] ^ skey[x]; - } - *outlen = x; - - err = CRYPT_OK; -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(expt, mp_unsigned_bin_size(key->p) + 1); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(expt); - XFREE(skey); - - mp_clear(g_pub); - - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/dsa/dsa_encrypt_key.c b/libtomcrypt/pk/dsa/dsa_encrypt_key.c deleted file mode 100644 index e369f62..0000000 --- a/libtomcrypt/pk/dsa/dsa_encrypt_key.c +++ /dev/null @@ -1,125 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file dsa_encrypt_key.c - DSA Crypto, Tom St Denis -*/ - -#ifdef LTC_MDSA - -/** - Encrypt a symmetric key with DSA - @param in The symmetric key you want to encrypt - @param inlen The length of the key to encrypt (octets) - @param out [out] The destination for the ciphertext - @param outlen [in/out] The max size and resulting size of the ciphertext - @param hash The index of the hash you want to use - @param key The DSA key you want to encrypt to - @return CRYPT_OK if successful -*/ -int dsa_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - int hash, - dsa_key *key) -{ - unsigned char *expt, *skey; - void *g_pub, *g_priv; - unsigned long x, y; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - if (inlen > hash_descriptor[hash].hashsize) { - return CRYPT_INVALID_HASH; - } - - /* make a random key and export the public copy */ - if ((err = mp_init_multi(&g_pub, &g_priv, NULL)) != CRYPT_OK) { - return err; - } - - expt = XMALLOC(mp_unsigned_bin_size(key->p) + 1); - skey = XMALLOC(MAXBLOCKSIZE); - if (expt == NULL || skey == NULL) { - if (expt != NULL) { - XFREE(expt); - } - if (skey != NULL) { - XFREE(skey); - } - mp_clear_multi(g_pub, g_priv, NULL); - return CRYPT_MEM; - } - - /* make a random x, g^x pair */ - x = mp_unsigned_bin_size(key->q); - get_random_bytes( expt, x); - - /* load x */ - if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* compute y */ - if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* make random key */ - x = mp_unsigned_bin_size(key->p) + 1; - if ((err = dsa_shared_secret(g_priv, key->y, key, expt, &x)) != CRYPT_OK) { - goto LBL_ERR; - } - - y = MAXBLOCKSIZE; - if ((err = hash_memory(hash, expt, x, skey, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* Encrypt key */ - for (x = 0; x < inlen; x++) { - skey[x] ^= in[x]; - } - - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID, - LTC_ASN1_INTEGER, 1UL, g_pub, - LTC_ASN1_OCTET_STRING, inlen, skey, - LTC_ASN1_EOL, 0UL, NULL); - -LBL_ERR: -#ifdef LTC_CLEAN_STACK - /* clean up */ - zeromem(expt, mp_unsigned_bin_size(key->p) + 1); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(skey); - XFREE(expt); - - mp_clear_multi(g_pub, g_priv, NULL); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c,v $ */ -/* $Revision: 1.9 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/dsa/dsa_free.c b/libtomcrypt/pk/dsa/dsa_free.c index a589d16..37a330d 100644 --- a/libtomcrypt/pk/dsa/dsa_free.c +++ b/libtomcrypt/pk/dsa/dsa_free.c @@ -24,7 +24,7 @@ void dsa_free(dsa_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); + mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL); } #endif diff --git a/libtomcrypt/pk/dsa/dsa_import.c b/libtomcrypt/pk/dsa/dsa_import.c index 6f6db8c..f6c07f1 100644 --- a/libtomcrypt/pk/dsa/dsa_import.c +++ b/libtomcrypt/pk/dsa/dsa_import.c @@ -31,7 +31,6 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) { @@ -69,17 +68,17 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key) } key->type = PK_PUBLIC; } - key->qord = mp_unsigned_bin_size(key->q); + key->qord = mp_unsigned_bin_size(&key->q); if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 || - (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) { + (unsigned long)key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= LTC_MDSA_DELTA) { err = CRYPT_INVALID_PACKET; goto error; } return CRYPT_OK; error: - mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL); + mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_make_key.c b/libtomcrypt/pk/dsa/dsa_make_key.c index ee33be0..7a6b516 100644 --- a/libtomcrypt/pk/dsa/dsa_make_key.c +++ b/libtomcrypt/pk/dsa/dsa_make_key.c @@ -26,12 +26,11 @@ */ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) { - void *tmp, *tmp2; + mp_int tmp, tmp2; int err, res; unsigned char *buf; LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); /* check size */ if (group_size >= LTC_MDSA_MAX_GROUP || group_size <= 15 || @@ -52,10 +51,10 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) } /* make our prime q */ - if ((err = rand_prime(key->q, group_size)) != CRYPT_OK) { goto error; } + if ((err = rand_prime(&key->q, group_size)) != CRYPT_OK) { goto error; } /* double q */ - if ((err = mp_add(key->q, key->q, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_add(&key->q, &key->q, &tmp)) != CRYPT_OK) { goto error; } /* now make a random string and multply it against q */ get_random_bytes(buf+1, modulus_size - group_size); @@ -66,30 +65,30 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) /* force even */ buf[modulus_size - group_size - 1] &= ~1; - if ((err = mp_read_unsigned_bin(tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; } - if ((err = mp_mul(key->q, tmp2, key->p)) != CRYPT_OK) { goto error; } - if ((err = mp_add_d(key->p, 1, key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(&key->q, &tmp2, &key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(&key->p, 1, &key->p)) != CRYPT_OK) { goto error; } /* now loop until p is prime */ for (;;) { - if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { goto error; } + if ((err = mp_prime_is_prime(&key->p, 8, &res)) != CRYPT_OK) { goto error; } if (res == LTC_MP_YES) break; /* add 2q to p and 2 to tmp2 */ - if ((err = mp_add(tmp, key->p, key->p)) != CRYPT_OK) { goto error; } - if ((err = mp_add_d(tmp2, 2, tmp2)) != CRYPT_OK) { goto error; } + if ((err = mp_add(&tmp, &key->p, &key->p)) != CRYPT_OK) { goto error; } + if ((err = mp_add_d(&tmp2, 2, &tmp2)) != CRYPT_OK) { goto error; } } /* now p = (q * tmp2) + 1 is prime, find a value g for which g^tmp2 != 1 */ - mp_set(key->g, 1); + mp_set(&key->g, 1); do { - if ((err = mp_add_d(key->g, 1, key->g)) != CRYPT_OK) { goto error; } - if ((err = mp_exptmod(key->g, tmp2, key->p, tmp)) != CRYPT_OK) { goto error; } - } while (mp_cmp_d(tmp, 1) == LTC_MP_EQ); + if ((err = mp_add_d(&key->g, 1, &key->g)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->g, &tmp2, &key->p, &tmp)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(&tmp, 1) == LTC_MP_EQ); /* at this point tmp generates a group of order q mod p */ - mp_exch(tmp, key->g); + mp_exch(&tmp, &key->g); /* so now we have our DH structure, generator g, order q, modulus p Now we need a random exponent [mod q] and it's power g^x mod p @@ -97,9 +96,9 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) do { get_random_bytes(buf, group_size); - if ((err = mp_read_unsigned_bin(key->x, buf, group_size)) != CRYPT_OK) { goto error; } - } while (mp_cmp_d(key->x, 1) != LTC_MP_GT); - if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&key->x, buf, group_size)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(&key->x, 1) != LTC_MP_GT); + if ((err = mp_exptmod(&key->g, &key->x, &key->p, &key->y)) != CRYPT_OK) { goto error; } key->type = PK_PRIVATE; key->qord = group_size; @@ -111,9 +110,9 @@ int dsa_make_key(int group_size, int modulus_size, dsa_key *key) err = CRYPT_OK; goto done; error: - mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL); + mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL); done: - mp_clear_multi(tmp, tmp2, NULL); + mp_clear_multi(&tmp, &tmp2, NULL); XFREE(buf); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_shared_secret.c b/libtomcrypt/pk/dsa/dsa_shared_secret.c deleted file mode 100644 index ba7170f..0000000 --- a/libtomcrypt/pk/dsa/dsa_shared_secret.c +++ /dev/null @@ -1,72 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ -#include "tomcrypt.h" - -/** - @file dsa_shared_secret.c - DSA Crypto, Tom St Denis -*/ - -#ifdef LTC_MDSA - -/** - Create a DSA shared secret between two keys - @param private_key The private DSA key (the exponent) - @param base The base of the exponentiation (allows this to be used for both encrypt and decrypt) - @param public_key The public key - @param out [out] Destination of the shared secret - @param outlen [in/out] The max size and resulting size of the shared secret - @return CRYPT_OK if successful -*/ -int dsa_shared_secret(void *private_key, void *base, - dsa_key *public_key, - unsigned char *out, unsigned long *outlen) -{ - unsigned long x; - void *res; - int err; - - LTC_ARGCHK(private_key != NULL); - LTC_ARGCHK(public_key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* make new point */ - if ((err = mp_init(&res)) != CRYPT_OK) { - return err; - } - - if ((err = mp_exptmod(base, private_key, public_key->p, res)) != CRYPT_OK) { - mp_clear(res); - return err; - } - - x = (unsigned long)mp_unsigned_bin_size(res); - if (*outlen < x) { - *outlen = x; - err = CRYPT_BUFFER_OVERFLOW; - goto done; - } - zeromem(out, x); - if ((err = mp_to_unsigned_bin(res, out + (x - mp_unsigned_bin_size(res)))) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; - *outlen = x; -done: - mp_clear(res); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_shared_secret.c,v $ */ -/* $Revision: 1.9 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/dsa/dsa_sign_hash.c b/libtomcrypt/pk/dsa/dsa_sign_hash.c index d24bdab..0b542a4 100644 --- a/libtomcrypt/pk/dsa/dsa_sign_hash.c +++ b/libtomcrypt/pk/dsa/dsa_sign_hash.c @@ -27,10 +27,10 @@ @return CRYPT_OK if successful */ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, - void *r, void *s, + mp_int_t r, mp_int_t s, dsa_key *key) { - void *k, *kinv, *tmp; + mp_int k, kinv, tmp; unsigned char *buf; int err; @@ -63,35 +63,35 @@ retry: get_random_bytes(buf, key->qord); /* read k */ - if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&k, buf, key->qord)) != CRYPT_OK) { goto error; } /* k > 1 ? */ - if (mp_cmp_d(k, 1) != LTC_MP_GT) { goto retry; } + if (mp_cmp_d(&k, 1) != LTC_MP_GT) { goto retry; } /* test gcd */ - if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; } - } while (mp_cmp_d(tmp, 1) != LTC_MP_EQ); + if ((err = mp_gcd(&k, &key->q, &tmp)) != CRYPT_OK) { goto error; } + } while (mp_cmp_d(&tmp, 1) != LTC_MP_EQ); /* now find 1/k mod q */ - if ((err = mp_invmod(k, key->q, kinv)) != CRYPT_OK) { goto error; } + if ((err = mp_invmod(&k, &key->q, &kinv)) != CRYPT_OK) { goto error; } /* now find r = g^k mod p mod q */ - if ((err = mp_exptmod(key->g, k, key->p, r)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(r, key->q, r)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(r, &key->q, r)) != CRYPT_OK) { goto error; } if (mp_iszero(r) == LTC_MP_YES) { goto retry; } /* now find s = (in + xr)/k mod q */ - if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } - if ((err = mp_mul(key->x, r, s)) != CRYPT_OK) { goto error; } - if ((err = mp_add(s, tmp, s)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(&key->x, r, s)) != CRYPT_OK) { goto error; } + if ((err = mp_add(s, &tmp, s)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(s, &kinv, &key->q, s)) != CRYPT_OK) { goto error; } if (mp_iszero(s) == LTC_MP_YES) { goto retry; } err = CRYPT_OK; error: - mp_clear_multi(k, kinv, tmp, NULL); + mp_clear_multi(&k, &kinv, &tmp, NULL); ERRBUF: #ifdef LTC_CLEAN_STACK zeromem(buf, LTC_MDSA_MAX_GROUP); @@ -113,7 +113,7 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, dsa_key *key) { - void *r, *s; + mp_int r, s; int err; LTC_ARGCHK(in != NULL); @@ -125,17 +125,17 @@ int dsa_sign_hash(const unsigned char *in, unsigned long inlen, return CRYPT_MEM; } - if ((err = dsa_sign_hash_raw(in, inlen, r, s, key)) != CRYPT_OK) { + if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, key)) != CRYPT_OK) { goto error; } err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + LTC_ASN1_INTEGER, 1UL, &r, + LTC_ASN1_INTEGER, 1UL, &s, LTC_ASN1_EOL, 0UL, NULL); error: - mp_clear_multi(r, s, NULL); + mp_clear_multi(&r, &s, NULL); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_verify_hash.c b/libtomcrypt/pk/dsa/dsa_verify_hash.c index 9014823..3a82d1b 100644 --- a/libtomcrypt/pk/dsa/dsa_verify_hash.c +++ b/libtomcrypt/pk/dsa/dsa_verify_hash.c @@ -28,11 +28,11 @@ @param key The corresponding public DH key @return CRYPT_OK if successful (even if the signature is invalid) */ -int dsa_verify_hash_raw( void *r, void *s, +int dsa_verify_hash_raw( mp_int_t r, mp_int_t s, const unsigned char *hash, unsigned long hashlen, int *stat, dsa_key *key) { - void *w, *v, *u1, *u2; + mp_int w, v, u1, u2; int err; LTC_ARGCHK(r != NULL); @@ -49,35 +49,35 @@ int dsa_verify_hash_raw( void *r, void *s, } /* neither r or s can be null or >q*/ - if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) { + if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, &key->q) != LTC_MP_LT || mp_cmp(s, &key->q) != LTC_MP_LT) { err = CRYPT_INVALID_PACKET; goto error; } /* w = 1/s mod q */ - if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; } + if ((err = mp_invmod(s, &key->q, &w)) != CRYPT_OK) { goto error; } /* u1 = m * w mod q */ - if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != CRYPT_OK) { goto error; } /* u2 = r*w mod q */ - if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(r, &w, &key->q, &u2)) != CRYPT_OK) { goto error; } /* v = g^u1 * y^u2 mod p mod q */ - if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; } - if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(v, key->q, v)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != CRYPT_OK) { goto error; } + if ((err = mp_mod(&v, &key->q, &v)) != CRYPT_OK) { goto error; } /* if r = v then we're set */ - if (mp_cmp(r, v) == LTC_MP_EQ) { + if (mp_cmp(r, &v) == LTC_MP_EQ) { *stat = 1; } err = CRYPT_OK; error: - mp_clear_multi(w, v, u1, u2, NULL); + mp_clear_multi(&w, &v, &u1, &u2, NULL); return err; } @@ -96,7 +96,7 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, int *stat, dsa_key *key) { int err; - void *r, *s; + mp_int r, s; if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { return CRYPT_MEM; @@ -104,17 +104,17 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, /* decode the sequence */ if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, + LTC_ASN1_INTEGER, 1UL, &r, + LTC_ASN1_INTEGER, 1UL, &s, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { goto LBL_ERR; } /* do the op */ - err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key); + err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key); LBL_ERR: - mp_clear_multi(r, s, NULL); + mp_clear_multi(&r, &s, NULL); return err; } diff --git a/libtomcrypt/pk/dsa/dsa_verify_key.c b/libtomcrypt/pk/dsa/dsa_verify_key.c index e80ced5..71635d2 100644 --- a/libtomcrypt/pk/dsa/dsa_verify_key.c +++ b/libtomcrypt/pk/dsa/dsa_verify_key.c @@ -25,7 +25,7 @@ */ int dsa_verify_key(dsa_key *key, int *stat) { - void *tmp, *tmp2; + mp_int tmp, tmp2; int res, err; LTC_ARGCHK(key != NULL); @@ -35,14 +35,14 @@ int dsa_verify_key(dsa_key *key, int *stat) *stat = 0; /* first make sure key->q and key->p are prime */ - if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(&key->q, 8, &res)) != CRYPT_OK) { return err; } if (res == 0) { return CRYPT_OK; } - if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { + if ((err = mp_prime_is_prime(&key->p, 8, &res)) != CRYPT_OK) { return err; } if (res == 0) { @@ -50,38 +50,38 @@ int dsa_verify_key(dsa_key *key, int *stat) } /* now make sure that g is not -1, 0 or 1 and <p */ - if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) { + if (mp_cmp_d(&key->g, 0) == LTC_MP_EQ || mp_cmp_d(&key->g, 1) == LTC_MP_EQ) { return CRYPT_OK; } if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) { + if ((err = mp_sub_d(&key->p, 1, &tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp(&tmp, &key->g) == LTC_MP_EQ || mp_cmp(&key->g, &key->p) != LTC_MP_LT) { err = CRYPT_OK; goto error; } /* 1 < y < p-1 */ - if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) { + if (!(mp_cmp_d(&key->y, 1) == LTC_MP_GT && mp_cmp(&key->y, &tmp) == LTC_MP_LT)) { err = CRYPT_OK; goto error; } /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */ - if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK) { goto error; } - if (mp_iszero(tmp2) != LTC_MP_YES) { + if ((err = mp_div(&tmp, &key->q, &tmp, &tmp2)) != CRYPT_OK) { goto error; } + if (mp_iszero(&tmp2) != LTC_MP_YES) { err = CRYPT_OK; goto error; } - if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { + if ((err = mp_exptmod(&key->g, &key->q, &key->p, &tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(&tmp, 1) != LTC_MP_EQ) { err = CRYPT_OK; goto error; } /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */ - if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } - if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { + if ((err = mp_exptmod(&key->y, &key->q, &key->p, &tmp)) != CRYPT_OK) { goto error; } + if (mp_cmp_d(&tmp, 1) != LTC_MP_EQ) { err = CRYPT_OK; goto error; } @@ -90,7 +90,7 @@ int dsa_verify_key(dsa_key *key, int *stat) err = CRYPT_OK; *stat = 1; error: - mp_clear_multi(tmp, tmp2, NULL); + mp_clear_multi(&tmp, &tmp2, NULL); return err; } #endif diff --git a/libtomcrypt/pk/ecc/ecc.c b/libtomcrypt/pk/ecc/ecc.c deleted file mode 100644 index 60fef9a..0000000 --- a/libtomcrypt/pk/ecc/ecc.c +++ /dev/null @@ -1,127 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/* This holds the key settings. ***MUST*** be organized by size from smallest to largest. */ -const ltc_ecc_set_type ltc_ecc_sets[] = { -#ifdef ECC112 -{ - 14, - "SECP112R1", - "DB7C2ABF62E35E668076BEAD208B", - "659EF8BA043916EEDE8911702B22", - "DB7C2ABF62E35E7628DFAC6561C5", - "09487239995A5EE76B55F9C2F098", - "A89CE5AF8724C0A23E0E0FF77500" -}, -#endif -#ifdef ECC128 -{ - 16, - "SECP128R1", - "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", - "E87579C11079F43DD824993C2CEE5ED3", - "FFFFFFFE0000000075A30D1B9038A115", - "161FF7528B899B2D0C28607CA52C5B86", - "CF5AC8395BAFEB13C02DA292DDED7A83", -}, -#endif -#ifdef ECC160 -{ - 20, - "SECP160R1", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", - "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", - "0100000000000000000001F4C8F927AED3CA752257", - "4A96B5688EF573284664698968C38BB913CBFC82", - "23A628553168947D59DCC912042351377AC5FB32", -}, -#endif -#ifdef ECC192 -{ - 24, - "ECC-192", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", - "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", - "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", - "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", - "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811", -}, -#endif -#ifdef ECC224 -{ - 28, - "ECC-224", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", - "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", - "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", - "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", -}, -#endif -#ifdef ECC256 -{ - 32, - "ECC-256", - "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", - "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", - "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", - "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", - "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", -}, -#endif -#ifdef ECC384 -{ - 48, - "ECC-384", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", - "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", - "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", - "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", -}, -#endif -#ifdef ECC521 -{ - 66, - "ECC-521", - "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", - "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", - "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", - "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", - "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", -}, -#endif -{ - 0, - NULL, NULL, NULL, NULL, NULL, NULL -} -}; - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc.c,v $ */ -/* $Revision: 1.40 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_ansi_x963_export.c b/libtomcrypt/pk/ecc/ecc_ansi_x963_export.c deleted file mode 100644 index e0ef8fa..0000000 --- a/libtomcrypt/pk/ecc/ecc_ansi_x963_export.c +++ /dev/null @@ -1,72 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_ansi_x963_export.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** ECC X9.63 (Sec. 4.3.6) uncompressed export - @param key Key to export - @param out [out] destination of export - @param outlen [in/out] Length of destination and final output size - Return CRYPT_OK on success -*/ -int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen) -{ - unsigned char buf[ECC_BUF_SIZE]; - unsigned long numlen; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - numlen = key->dp->size; - - if (*outlen < (1 + 2*numlen)) { - *outlen = 1 + 2*numlen; - return CRYPT_BUFFER_OVERFLOW; - } - - /* store byte 0x04 */ - out[0] = 0x04; - - /* pad and store x */ - zeromem(buf, sizeof(buf)); - mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - mp_unsigned_bin_size(key->pubkey.x))); - XMEMCPY(out+1, buf, numlen); - - /* pad and store y */ - zeromem(buf, sizeof(buf)); - mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - mp_unsigned_bin_size(key->pubkey.y))); - XMEMCPY(out+1+numlen, buf, numlen); - - *outlen = 1 + 2*numlen; - return CRYPT_OK; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_ansi_x963_export.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ecc_ansi_x963_import.c b/libtomcrypt/pk/ecc/ecc_ansi_x963_import.c deleted file mode 100644 index bfe4fa1..0000000 --- a/libtomcrypt/pk/ecc/ecc_ansi_x963_import.c +++ /dev/null @@ -1,104 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_ansi_x963_import.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** Import an ANSI X9.63 format public key - @param in The input data to read - @param inlen The length of the input data - @param key [out] destination to store imported key \ -*/ -int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key) -{ - return ecc_ansi_x963_import_ex(in, inlen, key, NULL); -} - -int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp) -{ - int x, err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - - /* must be odd */ - if ((inlen & 1) == 0) { - return CRYPT_INVALID_ARG; - } - - /* init key */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* check for 4, 6 or 7 */ - if (in[0] != 4 && in[0] != 6 && in[0] != 7) { - err = CRYPT_INVALID_PACKET; - goto error; - } - - /* read data */ - if ((err = mp_read_unsigned_bin(key->pubkey.x, (unsigned char *)in+1, (inlen-1)>>1)) != CRYPT_OK) { - goto error; - } - - if ((err = mp_read_unsigned_bin(key->pubkey.y, (unsigned char *)in+1+((inlen-1)>>1), (inlen-1)>>1)) != CRYPT_OK) { - goto error; - } - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto error; } - - if (dp == NULL) { - /* determine the idx */ - for (x = 0; ltc_ecc_sets[x].size != 0; x++) { - if ((unsigned)ltc_ecc_sets[x].size >= ((inlen-1)>>1)) { - break; - } - } - if (ltc_ecc_sets[x].size == 0) { - err = CRYPT_INVALID_PACKET; - goto error; - } - /* set the idx */ - key->idx = x; - key->dp = <c_ecc_sets[x]; - } else { - if (((inlen-1)>>1) != (unsigned long) dp->size) { - err = CRYPT_INVALID_PACKET; - goto error; - } - key->idx = -1; - key->dp = dp; - } - key->type = PK_PUBLIC; - - /* we're done */ - return CRYPT_OK; -error: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_ansi_x963_import.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ecc_decrypt_key.c b/libtomcrypt/pk/ecc/ecc_decrypt_key.c deleted file mode 100644 index 76c74e6..0000000 --- a/libtomcrypt/pk/ecc/ecc_decrypt_key.c +++ /dev/null @@ -1,150 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_decrypt_key.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Decrypt an ECC encrypted key - @param in The ciphertext - @param inlen The length of the ciphertext (octets) - @param out [out] The plaintext - @param outlen [in/out] The max size and resulting size of the plaintext - @param key The corresponding private ECC key - @return CRYPT_OK if successful -*/ -int ecc_decrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - ecc_key *key) -{ - unsigned char *ecc_shared, *skey, *pub_expt; - unsigned long x, y, hashOID[32]; - int hash, err; - ecc_key pubkey; - ltc_asn1_list decode[3]; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* right key type? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* decode to find out hash */ - LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); - - if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { - return err; - } - - hash = find_hash_oid(hashOID, decode[0].size); - if (hash_is_valid(hash) != CRYPT_OK) { - return CRYPT_INVALID_PACKET; - } - - /* we now have the hash! */ - - /* allocate memory */ - pub_expt = XMALLOC(ECC_BUF_SIZE); - ecc_shared = XMALLOC(ECC_BUF_SIZE); - skey = XMALLOC(MAXBLOCKSIZE); - if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) { - if (pub_expt != NULL) { - XFREE(pub_expt); - } - if (ecc_shared != NULL) { - XFREE(ecc_shared); - } - if (skey != NULL) { - XFREE(skey); - } - return CRYPT_MEM; - } - LTC_SET_ASN1(decode, 1, LTC_ASN1_OCTET_STRING, pub_expt, ECC_BUF_SIZE); - LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); - - /* read the structure in now */ - if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* import ECC key from packet */ - if ((err = ecc_import(decode[1].data, decode[1].size, &pubkey)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* make shared key */ - x = ECC_BUF_SIZE; - if ((err = ecc_shared_secret(key, &pubkey, ecc_shared, &x)) != CRYPT_OK) { - ecc_free(&pubkey); - goto LBL_ERR; - } - ecc_free(&pubkey); - - y = MIN(ECC_BUF_SIZE, MAXBLOCKSIZE); - if ((err = hash_memory(hash, ecc_shared, x, ecc_shared, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* ensure the hash of the shared secret is at least as big as the encrypt itself */ - if (decode[2].size > y) { - err = CRYPT_INVALID_PACKET; - goto LBL_ERR; - } - - /* avoid buffer overflow */ - if (*outlen < decode[2].size) { - *outlen = decode[2].size; - err = CRYPT_BUFFER_OVERFLOW; - goto LBL_ERR; - } - - /* Decrypt the key */ - for (x = 0; x < decode[2].size; x++) { - out[x] = skey[x] ^ ecc_shared[x]; - } - *outlen = x; - - err = CRYPT_OK; -LBL_ERR: -#ifdef LTC_CLEAN_STACK - zeromem(pub_expt, ECC_BUF_SIZE); - zeromem(ecc_shared, ECC_BUF_SIZE); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(pub_expt); - XFREE(ecc_shared); - XFREE(skey); - - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_decrypt_key.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_encrypt_key.c b/libtomcrypt/pk/ecc/ecc_encrypt_key.c deleted file mode 100644 index c55794c..0000000 --- a/libtomcrypt/pk/ecc/ecc_encrypt_key.c +++ /dev/null @@ -1,128 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_encrypt_key.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Encrypt a symmetric key with ECC - @param in The symmetric key you want to encrypt - @param inlen The length of the key to encrypt (octets) - @param out [out] The destination for the ciphertext - @param outlen [in/out] The max size and resulting size of the ciphertext - @param hash The index of the hash you want to use - @param key The ECC key you want to encrypt to - @return CRYPT_OK if successful -*/ -int ecc_encrypt_key(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - int hash, ecc_key *key) -{ - unsigned char *pub_expt, *ecc_shared, *skey; - ecc_key pubkey; - unsigned long x, y, pubkeysize; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - if ((err = hash_is_valid(hash)) != CRYPT_OK) { - return err; - } - - if (inlen > hash_descriptor[hash].hashsize) { - return CRYPT_INVALID_HASH; - } - - /* make a random key and export the public copy */ - if ((err = ecc_make_key_ex(&pubkey, key->dp)) != CRYPT_OK) { - return err; - } - - pub_expt = XMALLOC(ECC_BUF_SIZE); - ecc_shared = XMALLOC(ECC_BUF_SIZE); - skey = XMALLOC(MAXBLOCKSIZE); - if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) { - if (pub_expt != NULL) { - XFREE(pub_expt); - } - if (ecc_shared != NULL) { - XFREE(ecc_shared); - } - if (skey != NULL) { - XFREE(skey); - } - ecc_free(&pubkey); - return CRYPT_MEM; - } - - pubkeysize = ECC_BUF_SIZE; - if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) { - ecc_free(&pubkey); - goto LBL_ERR; - } - - /* make random key */ - x = ECC_BUF_SIZE; - if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) { - ecc_free(&pubkey); - goto LBL_ERR; - } - ecc_free(&pubkey); - y = MAXBLOCKSIZE; - if ((err = hash_memory(hash, ecc_shared, x, skey, &y)) != CRYPT_OK) { - goto LBL_ERR; - } - - /* Encrypt key */ - for (x = 0; x < inlen; x++) { - skey[x] ^= in[x]; - } - - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash].OIDlen, hash_descriptor[hash].OID, - LTC_ASN1_OCTET_STRING, pubkeysize, pub_expt, - LTC_ASN1_OCTET_STRING, inlen, skey, - LTC_ASN1_EOL, 0UL, NULL); - -LBL_ERR: -#ifdef LTC_CLEAN_STACK - /* clean up */ - zeromem(pub_expt, ECC_BUF_SIZE); - zeromem(ecc_shared, ECC_BUF_SIZE); - zeromem(skey, MAXBLOCKSIZE); -#endif - - XFREE(skey); - XFREE(ecc_shared); - XFREE(pub_expt); - - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_encrypt_key.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_export.c b/libtomcrypt/pk/ecc/ecc_export.c deleted file mode 100644 index 7d0fd24..0000000 --- a/libtomcrypt/pk/ecc/ecc_export.c +++ /dev/null @@ -1,82 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_export.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Export an ECC key as a binary packet - @param out [out] Destination for the key - @param outlen [in/out] Max size and resulting size of the exported key - @param type The type of key you want to export (PK_PRIVATE or PK_PUBLIC) - @param key The key to export - @return CRYPT_OK if successful -*/ -int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) -{ - int err; - unsigned char flags[1]; - unsigned long key_size; - - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* type valid? */ - if (key->type != PK_PRIVATE && type == PK_PRIVATE) { - return CRYPT_PK_TYPE_MISMATCH; - } - - if (ltc_ecc_is_valid_idx(key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - - /* we store the NIST byte size */ - key_size = key->dp->size; - - if (type == PK_PRIVATE) { - flags[0] = 1; - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_INTEGER, 1UL, key->k, - LTC_ASN1_EOL, 0UL, NULL); - } else { - flags[0] = 0; - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_EOL, 0UL, NULL); - } - - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_export.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_free.c b/libtomcrypt/pk/ecc/ecc_free.c deleted file mode 100644 index bfd233d..0000000 --- a/libtomcrypt/pk/ecc/ecc_free.c +++ /dev/null @@ -1,40 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_free.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Free an ECC key from memory - @param key The key you wish to free -*/ -void ecc_free(ecc_key *key) -{ - LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_free.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_get_size.c b/libtomcrypt/pk/ecc/ecc_get_size.c deleted file mode 100644 index db2779a..0000000 --- a/libtomcrypt/pk/ecc/ecc_get_size.c +++ /dev/null @@ -1,44 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_get_size.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Get the size of an ECC key - @param key The key to get the size of - @return The size (octets) of the key or INT_MAX on error -*/ -int ecc_get_size(ecc_key *key) -{ - LTC_ARGCHK(key != NULL); - if (ltc_ecc_is_valid_idx(key->idx)) - return key->dp->size; - else - return INT_MAX; /* large value known to cause it to fail when passed to ecc_make_key() */ -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_get_size.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_import.c b/libtomcrypt/pk/ecc/ecc_import.c deleted file mode 100644 index e843a33..0000000 --- a/libtomcrypt/pk/ecc/ecc_import.c +++ /dev/null @@ -1,172 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_import.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -static int is_point(ecc_key *key) -{ - void *prime, *b, *t1, *t2; - int err; - - if ((err = mp_init_multi(&prime, &b, &t1, &t2, NULL)) != CRYPT_OK) { - return err; - } - - /* load prime and b */ - if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK) { goto error; } - - /* compute y^2 */ - if ((err = mp_sqr(key->pubkey.y, t1)) != CRYPT_OK) { goto error; } - - /* compute x^3 */ - if ((err = mp_sqr(key->pubkey.x, t2)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK) { goto error; } - if ((err = mp_mul(key->pubkey.x, t2, t2)) != CRYPT_OK) { goto error; } - - /* compute y^2 - x^3 */ - if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK) { goto error; } - - /* compute y^2 - x^3 + 3x */ - if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } - if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } - if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK) { goto error; } - if ((err = mp_mod(t1, prime, t1)) != CRYPT_OK) { goto error; } - while (mp_cmp_d(t1, 0) == LTC_MP_LT) { - if ((err = mp_add(t1, prime, t1)) != CRYPT_OK) { goto error; } - } - while (mp_cmp(t1, prime) != LTC_MP_LT) { - if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK) { goto error; } - } - - /* compare to b */ - if (mp_cmp(t1, b) != LTC_MP_EQ) { - err = CRYPT_INVALID_PACKET; - } else { - err = CRYPT_OK; - } - -error: - mp_clear_multi(prime, b, t1, t2, NULL); - return err; -} - -/** - Import an ECC key from a binary packet - @param in The packet to import - @param inlen The length of the packet - @param key [out] The destination of the import - @return CRYPT_OK if successful, upon error all allocated memory will be freed -*/ -int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key) -{ - return ecc_import_ex(in, inlen, key, NULL); -} - -/** - Import an ECC key from a binary packet, using user supplied domain params rather than one of the NIST ones - @param in The packet to import - @param inlen The length of the packet - @param key [out] The destination of the import - @param dp pointer to user supplied params; must be the same as the params used when exporting - @return CRYPT_OK if successful, upon error all allocated memory will be freed -*/ -int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp) -{ - unsigned long key_size; - unsigned char flags[1]; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - - /* init key */ - if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* find out what type of key it is */ - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, &flags, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; - } - - - if (flags[0] == 1) { - /* private key */ - key->type = PK_PRIVATE; - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_INTEGER, 1UL, key->k, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; - } - } else { - /* public key */ - key->type = PK_PUBLIC; - if ((err = der_decode_sequence_multi(in, inlen, - LTC_ASN1_BIT_STRING, 1UL, flags, - LTC_ASN1_SHORT_INTEGER, 1UL, &key_size, - LTC_ASN1_INTEGER, 1UL, key->pubkey.x, - LTC_ASN1_INTEGER, 1UL, key->pubkey.y, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto done; - } - } - - if (dp == NULL) { - /* find the idx */ - for (key->idx = 0; ltc_ecc_sets[key->idx].size && (unsigned long)ltc_ecc_sets[key->idx].size != key_size; ++key->idx); - if (ltc_ecc_sets[key->idx].size == 0) { - err = CRYPT_INVALID_PACKET; - goto done; - } - key->dp = <c_ecc_sets[key->idx]; - } else { - key->idx = -1; - key->dp = dp; - } - /* set z */ - if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto done; } - - /* is it a point on the curve? */ - if ((err = is_point(key)) != CRYPT_OK) { - goto done; - } - - /* we're good */ - return CRYPT_OK; -done: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); - return err; -} -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_import.c,v $ */ -/* $Revision: 1.13 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_make_key.c b/libtomcrypt/pk/ecc/ecc_make_key.c deleted file mode 100644 index 06bb457..0000000 --- a/libtomcrypt/pk/ecc/ecc_make_key.c +++ /dev/null @@ -1,120 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_make_key.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Make a new ECC key - @param keysize The keysize for the new key (in octets from 20 to 65 bytes) - @param key [out] Destination of the newly created key - @return CRYPT_OK if successful, upon error all allocated memory will be freed -*/ -int ecc_make_key(int keysize, ecc_key *key) -{ - int x, err; - - /* find key size */ - for (x = 0; (keysize > ltc_ecc_sets[x].size) && (ltc_ecc_sets[x].size != 0); x++); - keysize = ltc_ecc_sets[x].size; - - if (keysize > ECC_MAXSIZE || ltc_ecc_sets[x].size == 0) { - return CRYPT_INVALID_KEYSIZE; - } - err = ecc_make_key_ex(key, <c_ecc_sets[x]); - key->idx = x; - return err; -} - -int ecc_make_key_ex(ecc_key *key, const ltc_ecc_set_type *dp) -{ - int err; - ecc_point *base; - void *prime, *order; - unsigned char *buf; - int keysize; - - LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); - LTC_ARGCHK(dp != NULL); - - key->idx = -1; - key->dp = dp; - keysize = dp->size; - - /* allocate ram */ - base = NULL; - buf = XMALLOC(ECC_MAXSIZE); - if (buf == NULL) { - return CRYPT_MEM; - } - - /* make up random string */ - get_random_bytes(buf, (unsigned long)keysize); - - /* setup the key variables */ - if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, &order, NULL)) != CRYPT_OK) { - goto ERR_BUF; - } - base = ltc_ecc_new_point(); - if (base == NULL) { - err = CRYPT_MEM; - goto errkey; - } - - /* read in the specs for this key */ - if ((err = mp_read_radix(prime, (char *)key->dp->prime, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(order, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(base->x, (char *)key->dp->Gx, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_radix(base->y, (char *)key->dp->Gy, 16)) != CRYPT_OK) { goto errkey; } - if ((err = mp_set(base->z, 1)) != CRYPT_OK) { goto errkey; } - if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)buf, keysize)) != CRYPT_OK) { goto errkey; } - - /* the key should be smaller than the order of base point */ - if (mp_cmp(key->k, order) != LTC_MP_LT) { - if((err = mp_mod(key->k, order, key->k)) != CRYPT_OK) { goto errkey; } - } - /* make the public key */ - if ((err = ltc_mp.ecc_ptmul(key->k, base, &key->pubkey, prime, 1)) != CRYPT_OK) { goto errkey; } - key->type = PK_PRIVATE; - - /* free up ram */ - err = CRYPT_OK; - goto cleanup; -errkey: - mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL); -cleanup: - ltc_ecc_del_point(base); - mp_clear_multi(prime, order, NULL); -ERR_BUF: -#ifdef LTC_CLEAN_STACK - zeromem(buf, ECC_MAXSIZE); -#endif - XFREE(buf); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_make_key.c,v $ */ -/* $Revision: 1.13 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_shared_secret.c b/libtomcrypt/pk/ecc/ecc_shared_secret.c deleted file mode 100644 index 9ac6ca2..0000000 --- a/libtomcrypt/pk/ecc/ecc_shared_secret.c +++ /dev/null @@ -1,95 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_shared_secret.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Create an ECC shared secret between two keys - @param private_key The private ECC key - @param public_key The public key - @param out [out] Destination of the shared secret (Conforms to EC-DH from ANSI X9.63) - @param outlen [in/out] The max size and resulting size of the shared secret - @return CRYPT_OK if successful -*/ -int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, - unsigned char *out, unsigned long *outlen) -{ - unsigned long x; - ecc_point *result; - void *prime; - int err; - - LTC_ARGCHK(private_key != NULL); - LTC_ARGCHK(public_key != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - - /* type valid? */ - if (private_key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) { - return CRYPT_INVALID_ARG; - } - - if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) { - return CRYPT_PK_TYPE_MISMATCH; - } - - /* make new point */ - result = ltc_ecc_new_point(); - if (result == NULL) { - return CRYPT_MEM; - } - - if ((err = mp_init(&prime)) != CRYPT_OK) { - ltc_ecc_del_point(result); - return err; - } - - if ((err = mp_read_radix(prime, (char *)private_key->dp->prime, 16)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, prime, 1)) != CRYPT_OK) { goto done; } - - x = (unsigned long)mp_unsigned_bin_size(prime); - if (*outlen < x) { - *outlen = x; - err = CRYPT_BUFFER_OVERFLOW; - goto done; - } - zeromem(out, x); - if ((err = mp_to_unsigned_bin(result->x, out + (x - mp_unsigned_bin_size(result->x)))) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; - *outlen = x; -done: - mp_clear(prime); - ltc_ecc_del_point(result); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_shared_secret.c,v $ */ -/* $Revision: 1.10 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_sign_hash.c b/libtomcrypt/pk/ecc/ecc_sign_hash.c deleted file mode 100644 index 90fa743..0000000 --- a/libtomcrypt/pk/ecc/ecc_sign_hash.c +++ /dev/null @@ -1,108 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_sign_hash.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Sign a message digest - @param in The message digest to sign - @param inlen The length of the digest - @param out [out] The destination for the signature - @param outlen [in/out] The max size and resulting size of the signature - @param key A private ECC key - @return CRYPT_OK if successful -*/ -int ecc_sign_hash(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen, - ecc_key *key) -{ - ecc_key pubkey; - void *r, *s, *e, *p; - int err; - - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); - LTC_ARGCHK(outlen != NULL); - LTC_ARGCHK(key != NULL); - - /* is this a private key? */ - if (key->type != PK_PRIVATE) { - return CRYPT_PK_NOT_PRIVATE; - } - - /* is the IDX valid ? */ - if (ltc_ecc_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } - - /* get the hash and load it as a bignum into 'e' */ - /* init the bignums */ - if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) { - return err; - } - if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto errnokey; } - if ((err = mp_read_unsigned_bin(e, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto errnokey; } - - /* make up a key and export the public copy */ - for (;;) { - if ((err = ecc_make_key_ex(&pubkey, key->dp)) != CRYPT_OK) { - goto errnokey; - } - - /* find r = x1 mod n */ - if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK) { goto error; } - - if (mp_iszero(r) == LTC_MP_YES) { - ecc_free(&pubkey); - } else { - /* find s = (e + xr)/k */ - if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK) { goto error; } /* k = 1/k */ - if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK) { goto error; } /* s = xr */ - if ((err = mp_add(e, s, s)) != CRYPT_OK) { goto error; } /* s = e + xr */ - if ((err = mp_mod(s, p, s)) != CRYPT_OK) { goto error; } /* s = e + xr */ - if ((err = mp_mulmod(s, pubkey.k, p, s)) != CRYPT_OK) { goto error; } /* s = (e + xr)/k */ - ecc_free(&pubkey); - if (mp_iszero(s) == LTC_MP_NO) { - break; - } - } - } - - /* store as SEQUENCE { r, s -- integer } */ - err = der_encode_sequence_multi(out, outlen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, - LTC_ASN1_EOL, 0UL, NULL); - goto errnokey; -error: - ecc_free(&pubkey); -errnokey: - mp_clear_multi(r, s, p, e, NULL); - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sign_hash.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_sizes.c b/libtomcrypt/pk/ecc/ecc_sizes.c deleted file mode 100644 index 19eca52..0000000 --- a/libtomcrypt/pk/ecc/ecc_sizes.c +++ /dev/null @@ -1,48 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_sizes.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -void ecc_sizes(int *low, int *high) -{ - int i; - LTC_ARGCHKVD(low != NULL); - LTC_ARGCHKVD(high != NULL); - - *low = INT_MAX; - *high = 0; - for (i = 0; ltc_ecc_sets[i].size != 0; i++) { - if (ltc_ecc_sets[i].size < *low) { - *low = ltc_ecc_sets[i].size; - } - if (ltc_ecc_sets[i].size > *high) { - *high = ltc_ecc_sets[i].size; - } - } -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sizes.c,v $ */ -/* $Revision: 1.6 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_test.c b/libtomcrypt/pk/ecc/ecc_test.c deleted file mode 100644 index aa685e8..0000000 --- a/libtomcrypt/pk/ecc/ecc_test.c +++ /dev/null @@ -1,95 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_test.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Perform on the ECC system - @return CRYPT_OK if successful -*/ -int ecc_test(void) -{ - void *modulus, *order; - ecc_point *G, *GG; - int i, err, primality; - - if ((err = mp_init_multi(&modulus, &order, NULL)) != CRYPT_OK) { - return err; - } - - G = ltc_ecc_new_point(); - GG = ltc_ecc_new_point(); - if (G == NULL || GG == NULL) { - mp_clear_multi(modulus, order, NULL); - ltc_ecc_del_point(G); - ltc_ecc_del_point(GG); - return CRYPT_MEM; - } - - for (i = 0; ltc_ecc_sets[i].size; i++) { - #if 0 - printf("Testing %d\n", ltc_ecc_sets[i].size); - #endif - if ((err = mp_read_radix(modulus, (char *)ltc_ecc_sets[i].prime, 16)) != CRYPT_OK) { goto done; } - if ((err = mp_read_radix(order, (char *)ltc_ecc_sets[i].order, 16)) != CRYPT_OK) { goto done; } - - /* is prime actually prime? */ - if ((err = mp_prime_is_prime(modulus, 8, &primality)) != CRYPT_OK) { goto done; } - if (primality == 0) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - - /* is order prime ? */ - if ((err = mp_prime_is_prime(order, 8, &primality)) != CRYPT_OK) { goto done; } - if (primality == 0) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - - if ((err = mp_read_radix(G->x, (char *)ltc_ecc_sets[i].Gx, 16)) != CRYPT_OK) { goto done; } - if ((err = mp_read_radix(G->y, (char *)ltc_ecc_sets[i].Gy, 16)) != CRYPT_OK) { goto done; } - mp_set(G->z, 1); - - /* then we should have G == (order + 1)G */ - if ((err = mp_add_d(order, 1, order)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptmul(order, G, GG, modulus, 1)) != CRYPT_OK) { goto done; } - if (mp_cmp(G->x, GG->x) != LTC_MP_EQ || mp_cmp(G->y, GG->y) != LTC_MP_EQ) { - err = CRYPT_FAIL_TESTVECTOR; - goto done; - } - } - err = CRYPT_OK; -done: - ltc_ecc_del_point(GG); - ltc_ecc_del_point(G); - mp_clear_multi(order, modulus, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_test.c,v $ */ -/* $Revision: 1.12 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ecc_verify_hash.c b/libtomcrypt/pk/ecc/ecc_verify_hash.c deleted file mode 100644 index a5780b3..0000000 --- a/libtomcrypt/pk/ecc/ecc_verify_hash.c +++ /dev/null @@ -1,165 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ecc_verify_hash.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/* verify - * - * w = s^-1 mod n - * u1 = xw - * u2 = rw - * X = u1*G + u2*Q - * v = X_x1 mod n - * accept if v == r - */ - -/** - Verify an ECC signature - @param sig The signature to verify - @param siglen The length of the signature (octets) - @param hash The hash (message digest) that was signed - @param hashlen The length of the hash (octets) - @param stat Result of signature, 1==valid, 0==invalid - @param key The corresponding public ECC key - @return CRYPT_OK if successful (even if the signature is not valid) -*/ -int ecc_verify_hash(const unsigned char *sig, unsigned long siglen, - const unsigned char *hash, unsigned long hashlen, - int *stat, ecc_key *key) -{ - ecc_point *mG, *mQ; - void *r, *s, *v, *w, *u1, *u2, *e, *p, *m; - void *mp; - int err; - - LTC_ARGCHK(sig != NULL); - LTC_ARGCHK(hash != NULL); - LTC_ARGCHK(stat != NULL); - LTC_ARGCHK(key != NULL); - - /* default to invalid signature */ - *stat = 0; - mp = NULL; - - /* is the IDX valid ? */ - if (ltc_ecc_is_valid_idx(key->idx) != 1) { - return CRYPT_PK_INVALID_TYPE; - } - - /* allocate ints */ - if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL)) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* allocate points */ - mG = ltc_ecc_new_point(); - mQ = ltc_ecc_new_point(); - if (mQ == NULL || mG == NULL) { - err = CRYPT_MEM; - goto error; - } - - /* parse header */ - if ((err = der_decode_sequence_multi(sig, siglen, - LTC_ASN1_INTEGER, 1UL, r, - LTC_ASN1_INTEGER, 1UL, s, - LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - goto error; - } - - /* get the order */ - if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK) { goto error; } - - /* get the modulus */ - if ((err = mp_read_radix(m, (char *)key->dp->prime, 16)) != CRYPT_OK) { goto error; } - - /* check for zero */ - if (mp_iszero(r) || mp_iszero(s) || mp_cmp(r, p) != LTC_MP_LT || mp_cmp(s, p) != LTC_MP_LT) { - err = CRYPT_INVALID_PACKET; - goto error; - } - - /* read hash */ - if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, (int)hashlen)) != CRYPT_OK) { goto error; } - - /* w = s^-1 mod n */ - if ((err = mp_invmod(s, p, w)) != CRYPT_OK) { goto error; } - - /* u1 = ew */ - if ((err = mp_mulmod(e, w, p, u1)) != CRYPT_OK) { goto error; } - - /* u2 = rw */ - if ((err = mp_mulmod(r, w, p, u2)) != CRYPT_OK) { goto error; } - - /* find mG and mQ */ - if ((err = mp_read_radix(mG->x, (char *)key->dp->Gx, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(mG->y, (char *)key->dp->Gy, 16)) != CRYPT_OK) { goto error; } - if ((err = mp_set(mG->z, 1)) != CRYPT_OK) { goto error; } - - if ((err = mp_copy(key->pubkey.x, mQ->x)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.y, mQ->y)) != CRYPT_OK) { goto error; } - if ((err = mp_copy(key->pubkey.z, mQ->z)) != CRYPT_OK) { goto error; } - - /* compute u1*mG + u2*mQ = mG */ - if (ltc_mp.ecc_mul2add == NULL) { - if ((err = ltc_mp.ecc_ptmul(u1, mG, mG, m, 0)) != CRYPT_OK) { goto error; } - if ((err = ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0)) != CRYPT_OK) { goto error; } - - /* find the montgomery mp */ - if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK) { goto error; } - - /* add them */ - if ((err = ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp)) != CRYPT_OK) { goto error; } - - /* reduce */ - if ((err = ltc_mp.ecc_map(mG, m, mp)) != CRYPT_OK) { goto error; } - } else { - /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */ - if ((err = ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m)) != CRYPT_OK) { goto error; } - } - - /* v = X_x1 mod n */ - if ((err = mp_mod(mG->x, p, v)) != CRYPT_OK) { goto error; } - - /* does v == r */ - if (mp_cmp(v, r) == LTC_MP_EQ) { - *stat = 1; - } - - /* clear up and return */ - err = CRYPT_OK; -error: - ltc_ecc_del_point(mG); - ltc_ecc_del_point(mQ); - mp_clear_multi(r, s, v, w, u1, u2, p, e, m, NULL); - if (mp != NULL) { - mp_montgomery_free(mp); - } - return err; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_verify_hash.c,v $ */ -/* $Revision: 1.14 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_is_valid_idx.c b/libtomcrypt/pk/ecc/ltc_ecc_is_valid_idx.c deleted file mode 100644 index acda0de..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_is_valid_idx.c +++ /dev/null @@ -1,46 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_is_valid_idx.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** Returns whether an ECC idx is valid or not - @param n The idx number to check - @return 1 if valid, 0 if not -*/ -int ltc_ecc_is_valid_idx(int n) -{ - int x; - - for (x = 0; ltc_ecc_sets[x].size != 0; x++); - /* -1 is a valid index --- indicating that the domain params were supplied by the user */ - if ((n >= -1) && (n < x)) { - return 1; - } - return 0; -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_is_valid_idx.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_map.c b/libtomcrypt/pk/ecc/ltc_ecc_map.c deleted file mode 100644 index aa25fc9..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_map.c +++ /dev/null @@ -1,76 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_map.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Map a projective jacbobian point back to affine space - @param P [in/out] The point to map - @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success -*/ -int ltc_ecc_map(ecc_point *P, void *modulus, void *mp) -{ - void *t1, *t2; - int err; - - LTC_ARGCHK(P != NULL); - LTC_ARGCHK(modulus != NULL); - LTC_ARGCHK(mp != NULL); - - if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { - return CRYPT_MEM; - } - - /* first map z back to normal */ - if ((err = mp_montgomery_reduce(P->z, modulus, mp)) != CRYPT_OK) { goto done; } - - /* get 1/z */ - if ((err = mp_invmod(P->z, modulus, t1)) != CRYPT_OK) { goto done; } - - /* get 1/z^2 and 1/z^3 */ - if ((err = mp_sqr(t1, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_mod(t2, modulus, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_mul(t1, t2, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_mod(t1, modulus, t1)) != CRYPT_OK) { goto done; } - - /* multiply against x/y */ - if ((err = mp_mul(P->x, t2, P->x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(P->x, modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = mp_mul(P->y, t1, P->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(P->y, modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = mp_set(P->z, 1)) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; -done: - mp_clear_multi(t1, t2, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_map.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_mul2add.c b/libtomcrypt/pk/ecc/ltc_ecc_mul2add.c deleted file mode 100644 index 3c58f5d..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_mul2add.c +++ /dev/null @@ -1,207 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_mul2add.c - ECC Crypto, Shamir's Trick, Tom St Denis -*/ - -#ifdef LTC_MECC - -#ifdef LTC_ECC_SHAMIR - -/** Computes kA*A + kB*B = C using Shamir's Trick - @param A First point to multiply - @param kA What to multiple A by - @param B Second point to multiply - @param kB What to multiple B by - @param C [out] Destination point (can overlap with A or B - @param modulus Modulus for curve - @return CRYPT_OK on success -*/ -int ltc_ecc_mul2add(ecc_point *A, void *kA, - ecc_point *B, void *kB, - ecc_point *C, - void *modulus) -{ - ecc_point *precomp[16]; - unsigned bitbufA, bitbufB, lenA, lenB, len, x, y, nA, nB, nibble; - unsigned char *tA, *tB; - int err, first; - void *mp, *mu; - - /* argchks */ - LTC_ARGCHK(A != NULL); - LTC_ARGCHK(B != NULL); - LTC_ARGCHK(C != NULL); - LTC_ARGCHK(kA != NULL); - LTC_ARGCHK(kB != NULL); - LTC_ARGCHK(modulus != NULL); - - /* allocate memory */ - tA = XCALLOC(1, ECC_BUF_SIZE); - if (tA == NULL) { - return CRYPT_MEM; - } - tB = XCALLOC(1, ECC_BUF_SIZE); - if (tB == NULL) { - XFREE(tA); - return CRYPT_MEM; - } - - /* get sizes */ - lenA = mp_unsigned_bin_size(kA); - lenB = mp_unsigned_bin_size(kB); - len = MAX(lenA, lenB); - - /* sanity check */ - if ((lenA > ECC_BUF_SIZE) || (lenB > ECC_BUF_SIZE)) { - err = CRYPT_INVALID_ARG; - goto ERR_T; - } - - /* extract and justify kA */ - mp_to_unsigned_bin(kA, (len - lenA) + tA); - - /* extract and justify kB */ - mp_to_unsigned_bin(kB, (len - lenB) + tB); - - /* allocate the table */ - for (x = 0; x < 16; x++) { - precomp[x] = ltc_ecc_new_point(); - if (precomp[x] == NULL) { - for (y = 0; y < x; ++y) { - ltc_ecc_del_point(precomp[y]); - } - err = CRYPT_MEM; - goto ERR_T; - } - } - - /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - goto ERR_P; - } - if ((err = mp_init(&mu)) != CRYPT_OK) { - goto ERR_MP; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - goto ERR_MU; - } - - /* copy ones ... */ - if ((err = mp_mulmod(A->x, mu, modulus, precomp[1]->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(A->y, mu, modulus, precomp[1]->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(A->z, mu, modulus, precomp[1]->z)) != CRYPT_OK) { goto ERR_MU; } - - if ((err = mp_mulmod(B->x, mu, modulus, precomp[1<<2]->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(B->y, mu, modulus, precomp[1<<2]->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_mulmod(B->z, mu, modulus, precomp[1<<2]->z)) != CRYPT_OK) { goto ERR_MU; } - - /* precomp [i,0](A + B) table */ - if ((err = ltc_mp.ecc_ptdbl(precomp[1], precomp[2], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - if ((err = ltc_mp.ecc_ptadd(precomp[1], precomp[2], precomp[3], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - - /* precomp [0,i](A + B) table */ - if ((err = ltc_mp.ecc_ptdbl(precomp[1<<2], precomp[2<<2], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - if ((err = ltc_mp.ecc_ptadd(precomp[1<<2], precomp[2<<2], precomp[3<<2], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - - /* precomp [i,j](A + B) table (i != 0, j != 0) */ - for (x = 1; x < 4; x++) { - for (y = 1; y < 4; y++) { - if ((err = ltc_mp.ecc_ptadd(precomp[x], precomp[(y<<2)], precomp[x+(y<<2)], modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - } - } - - nibble = 3; - first = 1; - bitbufA = tA[0]; - bitbufB = tB[0]; - - /* for every byte of the multiplicands */ - for (x = -1;; ) { - /* grab a nibble */ - if (++nibble == 4) { - ++x; if (x == len) break; - bitbufA = tA[x]; - bitbufB = tB[x]; - nibble = 0; - } - - /* extract two bits from both, shift/update */ - nA = (bitbufA >> 6) & 0x03; - nB = (bitbufB >> 6) & 0x03; - bitbufA = (bitbufA << 2) & 0xFF; - bitbufB = (bitbufB << 2) & 0xFF; - - /* if both zero, if first, continue */ - if ((nA == 0) && (nB == 0) && (first == 1)) { - continue; - } - - /* double twice, only if this isn't the first */ - if (first == 0) { - /* double twice */ - if ((err = ltc_mp.ecc_ptdbl(C, C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - if ((err = ltc_mp.ecc_ptdbl(C, C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - } - - /* if not both zero */ - if ((nA != 0) || (nB != 0)) { - if (first == 1) { - /* if first, copy from table */ - first = 0; - if ((err = mp_copy(precomp[nA + (nB<<2)]->x, C->x)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_copy(precomp[nA + (nB<<2)]->y, C->y)) != CRYPT_OK) { goto ERR_MU; } - if ((err = mp_copy(precomp[nA + (nB<<2)]->z, C->z)) != CRYPT_OK) { goto ERR_MU; } - } else { - /* if not first, add from table */ - if ((err = ltc_mp.ecc_ptadd(C, precomp[nA + (nB<<2)], C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; } - } - } - } - - /* reduce to affine */ - err = ltc_ecc_map(C, modulus, mp); - - /* clean up */ -ERR_MU: - mp_clear(mu); -ERR_MP: - mp_montgomery_free(mp); -ERR_P: - for (x = 0; x < 16; x++) { - ltc_ecc_del_point(precomp[x]); - } -ERR_T: -#ifdef LTC_CLEAN_STACK - zeromem(tA, ECC_BUF_SIZE); - zeromem(tB, ECC_BUF_SIZE); -#endif - XFREE(tA); - XFREE(tB); - - return err; -} - -#endif -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mul2add.c,v $ */ -/* $Revision: 1.8 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ltc_ecc_mulmod.c b/libtomcrypt/pk/ecc/ltc_ecc_mulmod.c deleted file mode 100644 index 4d16fb4..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_mulmod.c +++ /dev/null @@ -1,222 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_mulmod.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC -#ifndef LTC_ECC_TIMING_RESISTANT - -/* size of sliding window, don't change this! */ -#define WINSIZE 4 - -/** - Perform a point multiplication - @param k The scalar to multiply by - @param G The base point - @param R [out] Destination for kG - @param modulus The modulus of the field the ECC curve is in - @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) - @return CRYPT_OK on success -*/ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) -{ - ecc_point *tG, *M[8]; - int i, j, err; - void *mu, *mp; - unsigned long buf; - int first, bitbuf, bitcpy, bitcnt, mode, digidx; - - LTC_ARGCHK(k != NULL); - LTC_ARGCHK(G != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - - /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - return err; - } - if ((err = mp_init(&mu)) != CRYPT_OK) { - mp_montgomery_free(mp); - return err; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - mp_montgomery_free(mp); - mp_clear(mu); - return err; - } - - /* alloc ram for window temps */ - for (i = 0; i < 8; i++) { - M[i] = ltc_ecc_new_point(); - if (M[i] == NULL) { - for (j = 0; j < i; j++) { - ltc_ecc_del_point(M[j]); - } - mp_montgomery_free(mp); - mp_clear(mu); - return CRYPT_MEM; - } - } - - /* make a copy of G incase R==G */ - tG = ltc_ecc_new_point(); - if (tG == NULL) { err = CRYPT_MEM; goto done; } - - /* tG = G and convert to montgomery */ - if (mp_cmp_d(mu, 1) == LTC_MP_EQ) { - if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK) { goto done; } - } else { - if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; } - } - mp_clear(mu); - mu = NULL; - - /* calc the M tab, which holds kG for k==8..15 */ - /* M[0] == 8G */ - if ((err = ltc_mp.ecc_ptdbl(tG, M[0], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK) { goto done; } - - /* now find (8+k)G for k=1..7 */ - for (j = 9; j < 16; j++) { - if ((err = ltc_mp.ecc_ptadd(M[j-9], tG, M[j-8], modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* setup sliding window */ - mode = 0; - bitcnt = 1; - buf = 0; - digidx = mp_get_digit_count(k) - 1; - bitcpy = bitbuf = 0; - first = 1; - - /* perform ops */ - for (;;) { - /* grab next digit as required */ - if (--bitcnt == 0) { - if (digidx == -1) { - break; - } - buf = mp_get_digit(k, digidx); - bitcnt = (int) ltc_mp.bits_per_digit; - --digidx; - } - - /* grab the next msb from the ltiplicand */ - i = (buf >> (ltc_mp.bits_per_digit - 1)) & 1; - buf <<= 1; - - /* skip leading zero bits */ - if (mode == 0 && i == 0) { - continue; - } - - /* if the bit is zero and mode == 1 then we double */ - if (mode == 1 && i == 0) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { goto done; } - continue; - } - - /* else we add it to the window */ - bitbuf |= (i << (WINSIZE - ++bitcpy)); - mode = 2; - - if (bitcpy == WINSIZE) { - /* if this is the first window we do a simple copy */ - if (first == 1) { - /* R = kG [k = first window] */ - if ((err = mp_copy(M[bitbuf-8]->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[bitbuf-8]->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[bitbuf-8]->z, R->z)) != CRYPT_OK) { goto done; } - first = 0; - } else { - /* normal window */ - /* ok window is filled so double as required and add */ - /* double first */ - for (j = 0; j < WINSIZE; j++) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranteed */ - if ((err = ltc_mp.ecc_ptadd(R, M[bitbuf-8], R, modulus, mp)) != CRYPT_OK) { goto done; } - } - /* empty window and reset */ - bitcpy = bitbuf = 0; - mode = 1; - } - } - - /* if bits remain then double/add */ - if (mode == 2 && bitcpy > 0) { - /* double then add */ - for (j = 0; j < bitcpy; j++) { - /* only double if we have had at least one add first */ - if (first == 0) { - if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) { goto done; } - } - - bitbuf <<= 1; - if ((bitbuf & (1 << WINSIZE)) != 0) { - if (first == 1){ - /* first add, so copy */ - if ((err = mp_copy(tG->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->z, R->z)) != CRYPT_OK) { goto done; } - first = 0; - } else { - /* then add */ - if ((err = ltc_mp.ecc_ptadd(R, tG, R, modulus, mp)) != CRYPT_OK) { goto done; } - } - } - } - } - - /* map R back from projective space */ - if (map) { - err = ltc_ecc_map(R, modulus, mp); - } else { - err = CRYPT_OK; - } -done: - if (mu != NULL) { - mp_clear(mu); - } - mp_montgomery_free(mp); - ltc_ecc_del_point(tG); - for (i = 0; i < 8; i++) { - ltc_ecc_del_point(M[i]); - } - return err; -} - -#endif - -#undef WINSIZE - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c,v $ */ -/* $Revision: 1.26 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ diff --git a/libtomcrypt/pk/ecc/ltc_ecc_mulmod_timing.c b/libtomcrypt/pk/ecc/ltc_ecc_mulmod_timing.c deleted file mode 100644 index aa0e233..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_mulmod_timing.c +++ /dev/null @@ -1,167 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_mulmod_timing.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -#ifdef LTC_ECC_TIMING_RESISTANT - -/** - Perform a point multiplication (timing resistant) - @param k The scalar to multiply by - @param G The base point - @param R [out] Destination for kG - @param modulus The modulus of the field the ECC curve is in - @param map Boolean whether to map back to affine or not (1==map, 0 == leave in projective) - @return CRYPT_OK on success -*/ -int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) -{ - ecc_point *tG, *M[3]; - int i, j, err; - void *mu, *mp; - unsigned long buf; - int first, bitbuf, bitcpy, bitcnt, mode, digidx; - - LTC_ARGCHK(k != NULL); - LTC_ARGCHK(G != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - - /* init montgomery reduction */ - if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { - return err; - } - if ((err = mp_init(&mu)) != CRYPT_OK) { - mp_montgomery_free(mp); - return err; - } - if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) { - mp_clear(mu); - mp_montgomery_free(mp); - return err; - } - - /* alloc ram for window temps */ - for (i = 0; i < 3; i++) { - M[i] = ltc_ecc_new_point(); - if (M[i] == NULL) { - for (j = 0; j < i; j++) { - ltc_ecc_del_point(M[j]); - } - mp_clear(mu); - mp_montgomery_free(mp); - return CRYPT_MEM; - } - } - - /* make a copy of G incase R==G */ - tG = ltc_ecc_new_point(); - if (tG == NULL) { err = CRYPT_MEM; goto done; } - - /* tG = G and convert to montgomery */ - if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK) { goto done; } - if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK) { goto done; } - mp_clear(mu); - mu = NULL; - - /* calc the M tab */ - /* M[0] == G */ - if ((err = mp_copy(tG->x, M[0]->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->y, M[0]->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(tG->z, M[0]->z)) != CRYPT_OK) { goto done; } - /* M[1] == 2G */ - if ((err = ltc_mp.ecc_ptdbl(tG, M[1], modulus, mp)) != CRYPT_OK) { goto done; } - - /* setup sliding window */ - mode = 0; - bitcnt = 1; - buf = 0; - digidx = mp_get_digit_count(k) - 1; - bitcpy = bitbuf = 0; - first = 1; - - /* perform ops */ - for (;;) { - /* grab next digit as required */ - if (--bitcnt == 0) { - if (digidx == -1) { - break; - } - buf = mp_get_digit(k, digidx); - bitcnt = (int) MP_DIGIT_BIT; - --digidx; - } - - /* grab the next msb from the ltiplicand */ - i = (buf >> (MP_DIGIT_BIT - 1)) & 1; - buf <<= 1; - - if (mode == 0 && i == 0) { - /* dummy operations */ - if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - continue; - } - - if (mode == 0 && i == 1) { - mode = 1; - /* dummy operations */ - if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[1], M[2], modulus, mp)) != CRYPT_OK) { goto done; } - continue; - } - - if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[i^1], modulus, mp)) != CRYPT_OK) { goto done; } - if ((err = ltc_mp.ecc_ptdbl(M[i], M[i], modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* copy result out */ - if ((err = mp_copy(M[0]->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[0]->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(M[0]->z, R->z)) != CRYPT_OK) { goto done; } - - /* map R back from projective space */ - if (map) { - err = ltc_ecc_map(R, modulus, mp); - } else { - err = CRYPT_OK; - } -done: - if (mu != NULL) { - mp_clear(mu); - } - mp_montgomery_free(mp); - ltc_ecc_del_point(tG); - for (i = 0; i < 3; i++) { - ltc_ecc_del_point(M[i]); - } - return err; -} - -#endif -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c,v $ */ -/* $Revision: 1.13 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_points.c b/libtomcrypt/pk/ecc/ltc_ecc_points.c deleted file mode 100644 index f29508a..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_points.c +++ /dev/null @@ -1,60 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_points.c - ECC Crypto, Tom St Denis -*/ - -#ifdef LTC_MECC - -/** - Allocate a new ECC point - @return A newly allocated point or NULL on error -*/ -ecc_point *ltc_ecc_new_point(void) -{ - ecc_point *p; - p = XCALLOC(1, sizeof(*p)); - if (p == NULL) { - return NULL; - } - if (mp_init_multi(&p->x, &p->y, &p->z, NULL) != CRYPT_OK) { - XFREE(p); - return NULL; - } - return p; -} - -/** Free an ECC point from memory - @param p The point to free -*/ -void ltc_ecc_del_point(ecc_point *p) -{ - /* prevents free'ing null arguments */ - if (p != NULL) { - mp_clear_multi(p->x, p->y, p->z, NULL); /* note: p->z may be NULL but that's ok with this function anyways */ - XFREE(p); - } -} - -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_points.c,v $ */ -/* $Revision: 1.7 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_projective_add_point.c b/libtomcrypt/pk/ecc/ltc_ecc_projective_add_point.c deleted file mode 100644 index 7df54aa..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_projective_add_point.c +++ /dev/null @@ -1,196 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_projective_add_point.c - ECC Crypto, Tom St Denis -*/ - -#if defined(LTC_MECC) && (!defined(LTC_MECC_ACCEL) || defined(LTM_LTC_DESC)) - -/** - Add two ECC points - @param P The point to add - @param Q The point to add - @param R [out] The destination of the double - @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success -*/ -int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp) -{ - void *t1, *t2, *x, *y, *z; - int err; - - LTC_ARGCHK(P != NULL); - LTC_ARGCHK(Q != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - LTC_ARGCHK(mp != NULL); - - if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != CRYPT_OK) { - return err; - } - - /* should we dbl instead? */ - if ((err = mp_sub(modulus, Q->y, t1)) != CRYPT_OK) { goto done; } - - if ( (mp_cmp(P->x, Q->x) == LTC_MP_EQ) && - (Q->z != NULL && mp_cmp(P->z, Q->z) == LTC_MP_EQ) && - (mp_cmp(P->y, Q->y) == LTC_MP_EQ || mp_cmp(P->y, t1) == LTC_MP_EQ)) { - mp_clear_multi(t1, t2, x, y, z, NULL); - return ltc_ecc_projective_dbl_point(P, R, modulus, mp); - } - - if ((err = mp_copy(P->x, x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->y, y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->z, z)) != CRYPT_OK) { goto done; } - - /* if Z is one then these are no-operations */ - if (Q->z != NULL) { - /* T1 = Z' * Z' */ - if ((err = mp_sqr(Q->z, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X * T1 */ - if ((err = mp_mul(t1, x, x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = Z' * T1 */ - if ((err = mp_mul(Q->z, t1, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* Y = Y * T1 */ - if ((err = mp_mul(t1, y, y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(y, modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* T1 = Z*Z */ - if ((err = mp_sqr(z, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = X' * T1 */ - if ((err = mp_mul(Q->x, t1, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = Z * T1 */ - if ((err = mp_mul(z, t1, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = Y' * T1 */ - if ((err = mp_mul(Q->y, t1, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - - /* Y = Y - T1 */ - if ((err = mp_sub(y, t1, y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(y, 0) == LTC_MP_LT) { - if ((err = mp_add(y, modulus, y)) != CRYPT_OK) { goto done; } - } - /* T1 = 2T1 */ - if ((err = mp_add(t1, t1, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* T1 = Y + T1 */ - if ((err = mp_add(t1, y, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* X = X - T2 */ - if ((err = mp_sub(x, t2, x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(x, 0) == LTC_MP_LT) { - if ((err = mp_add(x, modulus, x)) != CRYPT_OK) { goto done; } - } - /* T2 = 2T2 */ - if ((err = mp_add(t2, t2, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp(t2, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T2 = X + T2 */ - if ((err = mp_add(t2, x, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp(t2, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - - /* if Z' != 1 */ - if (Q->z != NULL) { - /* Z = Z * Z' */ - if ((err = mp_mul(z, Q->z, z)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK) { goto done; } - } - - /* Z = Z * X */ - if ((err = mp_mul(z, x, z)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK) { goto done; } - - /* T1 = T1 * X */ - if ((err = mp_mul(t1, x, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X * X */ - if ((err = mp_sqr(x, x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = T2 * x */ - if ((err = mp_mul(t2, x, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = T1 * X */ - if ((err = mp_mul(t1, x, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - - /* X = Y*Y */ - if ((err = mp_sqr(y, x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X - T2 */ - if ((err = mp_sub(x, t2, x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(x, 0) == LTC_MP_LT) { - if ((err = mp_add(x, modulus, x)) != CRYPT_OK) { goto done; } - } - - /* T2 = T2 - X */ - if ((err = mp_sub(t2, x, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(t2, 0) == LTC_MP_LT) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T2 = T2 - X */ - if ((err = mp_sub(t2, x, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(t2, 0) == LTC_MP_LT) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T2 = T2 * Y */ - if ((err = mp_mul(t2, y, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* Y = T2 - T1 */ - if ((err = mp_sub(t2, t1, y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(y, 0) == LTC_MP_LT) { - if ((err = mp_add(y, modulus, y)) != CRYPT_OK) { goto done; } - } - /* Y = Y/2 */ - if (mp_isodd(y)) { - if ((err = mp_add(y, modulus, y)) != CRYPT_OK) { goto done; } - } - if ((err = mp_div_2(y, y)) != CRYPT_OK) { goto done; } - - if ((err = mp_copy(x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(z, R->z)) != CRYPT_OK) { goto done; } - - err = CRYPT_OK; -done: - mp_clear_multi(t1, t2, x, y, z, NULL); - return err; -} - -#endif - -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_add_point.c,v $ */ -/* $Revision: 1.16 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/ecc/ltc_ecc_projective_dbl_point.c b/libtomcrypt/pk/ecc/ltc_ecc_projective_dbl_point.c deleted file mode 100644 index 531ce13..0000000 --- a/libtomcrypt/pk/ecc/ltc_ecc_projective_dbl_point.c +++ /dev/null @@ -1,147 +0,0 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis - * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. - * - * The library is free for all purposes without any express - * guarantee it works. - * - * Tom St Denis, tomstdenis@gmail.com, http://libtom.org - */ - -/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b - * - * All curves taken from NIST recommendation paper of July 1999 - * Available at http://csrc.nist.gov/cryptval/dss.htm - */ -#include "tomcrypt.h" - -/** - @file ltc_ecc_projective_dbl_point.c - ECC Crypto, Tom St Denis -*/ - -#if defined(LTC_MECC) && (!defined(LTC_MECC_ACCEL) || defined(LTM_LTC_DESC)) - -/** - Double an ECC point - @param P The point to double - @param R [out] The destination of the double - @param modulus The modulus of the field the ECC curve is in - @param mp The "b" value from montgomery_setup() - @return CRYPT_OK on success -*/ -int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp) -{ - void *t1, *t2; - int err; - - LTC_ARGCHK(P != NULL); - LTC_ARGCHK(R != NULL); - LTC_ARGCHK(modulus != NULL); - LTC_ARGCHK(mp != NULL); - - if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) { - return err; - } - - if (P != R) { - if ((err = mp_copy(P->x, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_copy(P->z, R->z)) != CRYPT_OK) { goto done; } - } - - /* t1 = Z * Z */ - if ((err = mp_sqr(R->z, t1)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK) { goto done; } - /* Z = Y * Z */ - if ((err = mp_mul(R->z, R->y, R->z)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->z, modulus, mp)) != CRYPT_OK) { goto done; } - /* Z = 2Z */ - if ((err = mp_add(R->z, R->z, R->z)) != CRYPT_OK) { goto done; } - if (mp_cmp(R->z, modulus) != LTC_MP_LT) { - if ((err = mp_sub(R->z, modulus, R->z)) != CRYPT_OK) { goto done; } - } - - /* T2 = X - T1 */ - if ((err = mp_sub(R->x, t1, t2)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(t2, 0) == LTC_MP_LT) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - /* T1 = X + T1 */ - if ((err = mp_add(t1, R->x, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* T2 = T1 * T2 */ - if ((err = mp_mul(t1, t2, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T1 = 2T2 */ - if ((err = mp_add(t2, t2, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - /* T1 = T1 + T2 */ - if ((err = mp_add(t1, t2, t1)) != CRYPT_OK) { goto done; } - if (mp_cmp(t1, modulus) != LTC_MP_LT) { - if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK) { goto done; } - } - - /* Y = 2Y */ - if ((err = mp_add(R->y, R->y, R->y)) != CRYPT_OK) { goto done; } - if (mp_cmp(R->y, modulus) != LTC_MP_LT) { - if ((err = mp_sub(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } - } - /* Y = Y * Y */ - if ((err = mp_sqr(R->y, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = Y * Y */ - if ((err = mp_sqr(R->y, t2)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK) { goto done; } - /* T2 = T2/2 */ - if (mp_isodd(t2)) { - if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK) { goto done; } - } - if ((err = mp_div_2(t2, t2)) != CRYPT_OK) { goto done; } - /* Y = Y * X */ - if ((err = mp_mul(R->y, R->x, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } - - /* X = T1 * T1 */ - if ((err = mp_sqr(t1, R->x)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->x, modulus, mp)) != CRYPT_OK) { goto done; } - /* X = X - Y */ - if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->x, 0) == LTC_MP_LT) { - if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK) { goto done; } - } - /* X = X - Y */ - if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->x, 0) == LTC_MP_LT) { - if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK) { goto done; } - } - - /* Y = Y - X */ - if ((err = mp_sub(R->y, R->x, R->y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->y, 0) == LTC_MP_LT) { - if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } - } - /* Y = Y * T1 */ - if ((err = mp_mul(R->y, t1, R->y)) != CRYPT_OK) { goto done; } - if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK) { goto done; } - /* Y = Y - T2 */ - if ((err = mp_sub(R->y, t2, R->y)) != CRYPT_OK) { goto done; } - if (mp_cmp_d(R->y, 0) == LTC_MP_LT) { - if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK) { goto done; } - } - - err = CRYPT_OK; -done: - mp_clear_multi(t1, t2, NULL); - return err; -} -#endif -/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c,v $ */ -/* $Revision: 1.11 $ */ -/* $Date: 2007/05/12 14:32:35 $ */ - diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c b/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c index 1ae57bb..01fe231 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_mgf1.c @@ -33,7 +34,6 @@ int pkcs_1_mgf1(int hash_idx, unsigned long hLen, x; ulong32 counter; int err; - hash_state *md; unsigned char *buf; LTC_ARGCHK(seed != NULL); @@ -45,18 +45,11 @@ int pkcs_1_mgf1(int hash_idx, } /* get hash output size */ - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); /* allocate memory */ - md = XMALLOC(sizeof(hash_state)); buf = XMALLOC(hLen); - if (md == NULL || buf == NULL) { - if (md != NULL) { - XFREE(md); - } - if (buf != NULL) { - XFREE(buf); - } + if (buf == NULL) { return CRYPT_MEM; } @@ -68,17 +61,8 @@ int pkcs_1_mgf1(int hash_idx, STORE32H(counter, buf); ++counter; - /* get hash of seed || counter */ - if ((err = hash_descriptor[hash_idx].init(md)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(md, seed, seedlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(md, buf, 4)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].done(md, buf)) != CRYPT_OK) { + err = hash_memory_multi(hash_idx, buf, &hLen, seed, seedlen, buf, (unsigned long) 4, NULL, 0); + if (err != CRYPT_OK) { goto LBL_ERR; } @@ -92,11 +76,9 @@ int pkcs_1_mgf1(int hash_idx, LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(buf, hLen); - zeromem(md, sizeof(hash_state)); #endif XFREE(buf); - XFREE(md); return err; } diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c index cbed794..4114c56 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_oaep_decode.c @@ -52,7 +53,8 @@ int pkcs_1_oaep_decode(const unsigned char *msg, unsigned long msglen, if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) { return err; } - hLen = hash_descriptor[hash_idx].hashsize; + + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); /* test hash/message size */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c index 795a71f..ccee5cf 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_oaep_encode.c @@ -47,7 +48,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg, unsigned long msglen, return err; } - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); /* test message size */ diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c b/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c index 7ca284c..5a26654 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_pss_decode.c @@ -37,7 +38,6 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, unsigned char *DB, *mask, *salt, *hash; unsigned long x, y, hLen, modulus_len; int err; - hash_state md; LTC_ARGCHK(msghash != NULL); LTC_ARGCHK(res != NULL); @@ -50,7 +50,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, return err; } - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0); /* check sizes */ @@ -131,20 +131,8 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen, } /* M = (eight) 0x00 || msghash || salt, mask = H(M) */ - if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) { - goto LBL_ERR; - } - zeromem(mask, 8); - if ((err = hash_descriptor[hash_idx].process(&md, mask, 8)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, DB+x, saltlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].done(&md, mask)) != CRYPT_OK) { + err = hash_memory_multi(hash_idx, mask, &hLen, mask, 8, msghash, (unsigned long)msghashlen, DB+x, (unsigned long)saltlen, NULL, 0); + if (err != CRYPT_OK) { goto LBL_ERR; } diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c b/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c index 7eaa307..382820d 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c +++ b/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c @@ -9,6 +9,7 @@ * Tom St Denis, tomstdenis@gmail.com, http://libtom.org */ #include "tomcrypt.h" +#include <ncr_int.h> /** @file pkcs_1_pss_encode.c @@ -36,7 +37,6 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, unsigned char *DB, *mask, *salt, *hash; unsigned long x, y, hLen, modulus_len; int err; - hash_state md; LTC_ARGCHK(msghash != NULL); LTC_ARGCHK(out != NULL); @@ -47,7 +47,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, return err; } - hLen = hash_descriptor[hash_idx].hashsize; + hLen = _ncr_algo_digest_size(hash_idx); modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0); /* check sizes */ @@ -83,20 +83,8 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen, } /* M = (eight) 0x00 || msghash || salt, hash = H(M) */ - if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) { - goto LBL_ERR; - } - zeromem(DB, 8); - if ((err = hash_descriptor[hash_idx].process(&md, DB, 8)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].process(&md, salt, saltlen)) != CRYPT_OK) { - goto LBL_ERR; - } - if ((err = hash_descriptor[hash_idx].done(&md, hash)) != CRYPT_OK) { + err = hash_memory_multi(hash_idx, hash, &hLen, DB, 8, msghash, (unsigned long)msghashlen, salt, (unsigned long)saltlen, NULL, 0); + if (err != CRYPT_OK) { goto LBL_ERR; } diff --git a/libtomcrypt/pk/rsa/rsa_decrypt_key.c b/libtomcrypt/pk/rsa/rsa_decrypt_key.c index f3b8c48..52885e8 100644 --- a/libtomcrypt/pk/rsa/rsa_decrypt_key.c +++ b/libtomcrypt/pk/rsa/rsa_decrypt_key.c @@ -64,10 +64,10 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); + modulus_bitlen = mp_count_bits( (&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); + modulus_bytelen = mp_unsigned_bin_size( (&key->N)); if (modulus_bytelen != inlen) { return CRYPT_INVALID_PACKET; } @@ -80,7 +80,7 @@ int rsa_decrypt_key_ex(const unsigned char *in, unsigned long inlen, /* rsa decode the packet */ x = inlen; - if ((err = ltc_mp.rsa_me(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) { + if ((err = rsa_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) { XFREE(tmp); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_encrypt_key.c b/libtomcrypt/pk/rsa/rsa_encrypt_key.c index daa328a..d59699c 100644 --- a/libtomcrypt/pk/rsa/rsa_encrypt_key.c +++ b/libtomcrypt/pk/rsa/rsa_encrypt_key.c @@ -57,10 +57,10 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); + modulus_bitlen = mp_count_bits( (&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); + modulus_bytelen = mp_unsigned_bin_size( (&key->N)); if (modulus_bytelen > *outlen) { *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; @@ -85,7 +85,7 @@ int rsa_encrypt_key_ex(const unsigned char *in, unsigned long inlen, } /* rsa exptmod the OAEP or LTC_PKCS #1 v1.5 pad */ - return ltc_mp.rsa_me(out, x, out, outlen, PK_PUBLIC, key); + return rsa_exptmod(out, x, out, outlen, PK_PUBLIC, key); } #endif /* LTC_MRSA */ diff --git a/libtomcrypt/pk/rsa/rsa_exptmod.c b/libtomcrypt/pk/rsa/rsa_exptmod.c index 7237790..3c55e30 100644 --- a/libtomcrypt/pk/rsa/rsa_exptmod.c +++ b/libtomcrypt/pk/rsa/rsa_exptmod.c @@ -31,7 +31,7 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, unsigned char *out, unsigned long *outlen, int which, rsa_key *key) { - void *tmp, *tmpa, *tmpb; + mp_int tmp, tmpa, tmpb; unsigned long x; int err; @@ -52,10 +52,10 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* init and copy into tmp */ if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != CRYPT_OK) { return err; } - if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK) { goto error; } /* sanity check on the input */ - if (mp_cmp(key->N, tmp) == LTC_MP_LT) { + if (mp_cmp(&key->N, &tmp) == LTC_MP_LT) { err = CRYPT_PK_INVALID_SIZE; goto error; } @@ -63,25 +63,25 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* are we using the private exponent and is the key optimized? */ if (which == PK_PRIVATE) { /* tmpa = tmp^dP mod p */ - if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&tmp, &key->dP, &key->p, &tmpa)) != CRYPT_OK) { goto error; } /* tmpb = tmp^dQ mod q */ - if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb)) != CRYPT_OK) { goto error; } /* tmp = (tmpa - tmpb) * qInv (mod p) */ - if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != CRYPT_OK) { goto error; } /* tmp = tmpb + q * tmp */ - if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK) { goto error; } - if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_mul(&tmp, &key->q, &tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_add(&tmp, &tmpb, &tmp)) != CRYPT_OK) { goto error; } } else { /* exptmod it */ - if ((err = mp_exptmod(tmp, key->e, key->N, tmp)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != CRYPT_OK) { goto error; } } /* read it back */ - x = (unsigned long)mp_unsigned_bin_size(key->N); + x = (unsigned long)mp_unsigned_bin_size(&key->N); if (x > *outlen) { *outlen = x; err = CRYPT_BUFFER_OVERFLOW; @@ -89,7 +89,7 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, } /* this should never happen ... */ - if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) { + if (mp_unsigned_bin_size(&tmp) > mp_unsigned_bin_size(&key->N)) { err = CRYPT_ERROR; goto error; } @@ -97,12 +97,12 @@ int rsa_exptmod(const unsigned char *in, unsigned long inlen, /* convert it */ zeromem(out, x); - if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK) { goto error; } + if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != CRYPT_OK) { goto error; } /* clean up and return */ err = CRYPT_OK; error: - mp_clear_multi(tmp, tmpa, tmpb, NULL); + mp_clear_multi(&tmp, &tmpa, &tmpb, NULL); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_free.c b/libtomcrypt/pk/rsa/rsa_free.c index 31ae29f..d38b266 100644 --- a/libtomcrypt/pk/rsa/rsa_free.c +++ b/libtomcrypt/pk/rsa/rsa_free.c @@ -24,7 +24,7 @@ void rsa_free(rsa_key *key) { LTC_ARGCHKVD(key != NULL); - mp_clear_multi(key->e, key->d, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); + mp_clear_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); } #endif diff --git a/libtomcrypt/pk/rsa/rsa_import.c b/libtomcrypt/pk/rsa/rsa_import.c index 110dd28..2f6d40e 100644 --- a/libtomcrypt/pk/rsa/rsa_import.c +++ b/libtomcrypt/pk/rsa/rsa_import.c @@ -27,7 +27,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) { int err; - void *zero; + mp_int zero; unsigned char *tmpbuf; unsigned long t, x, y, z, tmpoid[16]; ltc_asn1_list ssl_pubkey_hashoid[2]; @@ -35,7 +35,6 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) LTC_ARGCHK(in != NULL); LTC_ARGCHK(key != NULL); - LTC_ARGCHK(ltc_mp.name != NULL); /* init key */ if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, @@ -94,7 +93,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) goto LBL_ERR; } - if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) { + if (mp_cmp_d(&key->N, 0) == LTC_MP_EQ) { if ((err = mp_init(&zero)) != CRYPT_OK) { goto LBL_ERR; } @@ -110,12 +109,12 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) LTC_ASN1_INTEGER, 1UL, key->dQ, LTC_ASN1_INTEGER, 1UL, key->qP, LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { - mp_clear(zero); + mp_clear(&zero); goto LBL_ERR; } - mp_clear(zero); + mp_clear(&zero); key->type = PK_PRIVATE; - } else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) { + } else if (mp_cmp_d(&key->N, 1) == LTC_MP_EQ) { /* we don't support multi-prime RSA */ err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; @@ -131,7 +130,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) } return CRYPT_OK; LBL_ERR: - mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); + mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_make_key.c b/libtomcrypt/pk/rsa/rsa_make_key.c index bed3e4d..915c832 100644 --- a/libtomcrypt/pk/rsa/rsa_make_key.c +++ b/libtomcrypt/pk/rsa/rsa_make_key.c @@ -26,10 +26,9 @@ */ int rsa_make_key(int size, long e, rsa_key *key) { - void *p, *q, *tmp1, *tmp2, *tmp3; + mp_int p, q, tmp1, tmp2, tmp3; int err; - LTC_ARGCHK(ltc_mp.name != NULL); LTC_ARGCHK(key != NULL); if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) { @@ -45,46 +44,46 @@ int rsa_make_key(int size, long e, rsa_key *key) } /* make primes p and q (optimization provided by Wayne Scott) */ - if ((err = mp_set_int(tmp3, e)) != CRYPT_OK) { goto errkey; } /* tmp3 = e */ + if ((err = mp_set_int(&tmp3, e)) != CRYPT_OK) { goto errkey; } /* tmp3 = e */ /* make prime "p" */ do { - if ((err = rand_prime( p, size/2)) != CRYPT_OK) { goto errkey; } - if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ - if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(p-1, e) */ - } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides p-1 */ + if ((err = rand_prime( &p, size/2)) != CRYPT_OK) { goto errkey; } + if ((err = mp_sub_d( &p, 1, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = p-1 */ + if ((err = mp_gcd( &tmp1, &tmp3, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(p-1, e) */ + } while (mp_cmp_d( &tmp2, 1) != 0); /* while e divides p-1 */ /* make prime "q" */ do { - if ((err = rand_prime( q, size/2)) != CRYPT_OK) { goto errkey; } - if ((err = mp_sub_d( q, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ - if ((err = mp_gcd( tmp1, tmp3, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(q-1, e) */ - } while (mp_cmp_d( tmp2, 1) != 0); /* while e divides q-1 */ + if ((err = rand_prime( &q, size/2)) != CRYPT_OK) { goto errkey; } + if ((err = mp_sub_d( &q, 1, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ + if ((err = mp_gcd( &tmp1, &tmp3, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = gcd(q-1, e) */ + } while (mp_cmp_d( &tmp2, 1) != 0); /* while e divides q-1 */ /* tmp1 = lcm(p-1, q-1) */ - if ((err = mp_sub_d( p, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ + if ((err = mp_sub_d( &p, 1, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ /* tmp1 = q-1 (previous do/while loop) */ - if ((err = mp_lcm( tmp1, tmp2, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = lcm(p-1, q-1) */ + if ((err = mp_lcm( &tmp1, &tmp2, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = lcm(p-1, q-1) */ /* make key */ if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { goto errkey; } - if ((err = mp_set_int( key->e, e)) != CRYPT_OK) { goto errkey; } /* key->e = e */ - if ((err = mp_invmod( key->e, tmp1, key->d)) != CRYPT_OK) { goto errkey; } /* key->d = 1/e mod lcm(p-1,q-1) */ - if ((err = mp_mul( p, q, key->N)) != CRYPT_OK) { goto errkey; } /* key->N = pq */ + if ((err = mp_set_int( &key->e, e)) != CRYPT_OK) { goto errkey; } /* key->e = e */ + if ((err = mp_invmod( &key->e, &tmp1, &key->d)) != CRYPT_OK) { goto errkey; } /* key->d = 1/e mod lcm(p-1,q-1) */ + if ((err = mp_mul( &p, &q, &key->N)) != CRYPT_OK) { goto errkey; } /* key->N = pq */ /* optimize for CRT now */ /* find d mod q-1 and d mod p-1 */ - if ((err = mp_sub_d( p, 1, tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ - if ((err = mp_sub_d( q, 1, tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ - if ((err = mp_mod( key->d, tmp1, key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ - if ((err = mp_mod( key->d, tmp2, key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ - if ((err = mp_invmod( q, p, key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ + if ((err = mp_sub_d( &p, 1, &tmp1)) != CRYPT_OK) { goto errkey; } /* tmp1 = q-1 */ + if ((err = mp_sub_d( &q, 1, &tmp2)) != CRYPT_OK) { goto errkey; } /* tmp2 = p-1 */ + if ((err = mp_mod( &key->d, &tmp1, &key->dP)) != CRYPT_OK) { goto errkey; } /* dP = d mod p-1 */ + if ((err = mp_mod( &key->d, &tmp2, &key->dQ)) != CRYPT_OK) { goto errkey; } /* dQ = d mod q-1 */ + if ((err = mp_invmod( &q, &p, &key->qP)) != CRYPT_OK) { goto errkey; } /* qP = 1/q mod p */ - if ((err = mp_copy( p, key->p)) != CRYPT_OK) { goto errkey; } - if ((err = mp_copy( q, key->q)) != CRYPT_OK) { goto errkey; } + if ((err = mp_copy( &p, &key->p)) != CRYPT_OK) { goto errkey; } + if ((err = mp_copy( &q, &key->q)) != CRYPT_OK) { goto errkey; } /* set key type (in this case it's CRT optimized) */ key->type = PK_PRIVATE; @@ -93,9 +92,9 @@ int rsa_make_key(int size, long e, rsa_key *key) err = CRYPT_OK; goto cleanup; errkey: - mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL); + mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL); cleanup: - mp_clear_multi(tmp3, tmp2, tmp1, p, q, NULL); + mp_clear_multi(&tmp3, &tmp2, &tmp1, &p, &q, NULL); return err; } diff --git a/libtomcrypt/pk/rsa/rsa_sign_hash.c b/libtomcrypt/pk/rsa/rsa_sign_hash.c index 180da01..1298d46 100644 --- a/libtomcrypt/pk/rsa/rsa_sign_hash.c +++ b/libtomcrypt/pk/rsa/rsa_sign_hash.c @@ -55,10 +55,10 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits((key->N)); + modulus_bitlen = mp_count_bits((&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size((key->N)); + modulus_bytelen = mp_unsigned_bin_size((&key->N)); if (modulus_bytelen > *outlen) { *outlen = modulus_bytelen; return CRYPT_BUFFER_OVERFLOW; @@ -75,9 +75,10 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, /* LTC_PKCS #1 v1.5 pad the hash */ unsigned char *tmpin; ltc_asn1_list digestinfo[2], siginfo[2]; + oid_st st; /* not all hashes have OIDs... so sad */ - if (hash_descriptor[hash_idx].OIDlen == 0) { + if (hash_get_oid(hash_idx, &st) != CRYPT_OK) { return CRYPT_INVALID_ARG; } @@ -89,13 +90,13 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, hash OCTET STRING } */ - LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash_idx].OID, hash_descriptor[hash_idx].OIDlen); + LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, st.OID, st.OIDlen); LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL, NULL, 0); LTC_SET_ASN1(siginfo, 0, LTC_ASN1_SEQUENCE, digestinfo, 2); LTC_SET_ASN1(siginfo, 1, LTC_ASN1_OCTET_STRING, in, inlen); /* allocate memory for the encoding */ - y = mp_unsigned_bin_size(key->N); + y = mp_unsigned_bin_size(&key->N); tmpin = XMALLOC(y); if (tmpin == NULL) { return CRYPT_MEM; @@ -108,7 +109,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, x = *outlen; if ((err = pkcs_1_v1_5_encode(tmpin, y, LTC_LTC_PKCS_1_EMSA, - modulus_bitlen, NULL, 0, + modulus_bitlen, out, &x)) != CRYPT_OK) { XFREE(tmpin); return err; @@ -117,7 +118,7 @@ int rsa_sign_hash_ex(const unsigned char *in, unsigned long inlen, } /* RSA encode it */ - return ltc_mp.rsa_me(out, x, out, outlen, PK_PRIVATE, key); + return rsa_exptmod(out, x, out, outlen, PK_PRIVATE, key); } #endif /* LTC_MRSA */ diff --git a/libtomcrypt/pk/rsa/rsa_verify_hash.c b/libtomcrypt/pk/rsa/rsa_verify_hash.c index d453819..773ea7d 100644 --- a/libtomcrypt/pk/rsa/rsa_verify_hash.c +++ b/libtomcrypt/pk/rsa/rsa_verify_hash.c @@ -63,10 +63,10 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, } /* get modulus len in bits */ - modulus_bitlen = mp_count_bits( (key->N)); + modulus_bitlen = mp_count_bits( (&key->N)); /* outlen must be at least the size of the modulus */ - modulus_bytelen = mp_unsigned_bin_size( (key->N)); + modulus_bytelen = mp_unsigned_bin_size( (&key->N)); if (modulus_bytelen != siglen) { return CRYPT_INVALID_PACKET; } @@ -79,7 +79,7 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, /* RSA decode it */ x = siglen; - if ((err = ltc_mp.rsa_me(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) { + if ((err = rsa_exptmod(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) { XFREE(tmpbuf); return err; } @@ -99,9 +99,10 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, unsigned long outlen, loid[16]; int decoded; ltc_asn1_list digestinfo[2], siginfo[2]; + oid_st st; /* not all hashes have OIDs... so sad */ - if (hash_descriptor[hash_idx].OIDlen == 0) { + if (hash_get_oid(hash_idx, &st) != CRYPT_OK) { err = CRYPT_INVALID_ARG; goto bail_2; } @@ -139,8 +140,8 @@ int rsa_verify_hash_ex(const unsigned char *sig, unsigned long siglen, } /* test OID */ - if ((digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) && - (XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) && + if ((digestinfo[0].size == st.OIDlen) && + (XMEMCMP(digestinfo[0].data, st.OID, sizeof(unsigned long) * st.OIDlen) == 0) && (siginfo[1].size == hashlen) && (XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) { *stat = 1; |