annotate dh_sys.c @ 164:cd1143579f00 libtomcrypt LTC_DB_0.44

mpi.c isn't needed if we're using libtommath seperately
author Matt Johnston <matt@ucc.asn.au>
date Sun, 02 Jan 2005 17:19:46 +0000
parents 5d99163f7e32
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 *
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 * LibTomCrypt is a library that provides various cryptographic
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 * algorithms in a highly modular and flexible manner.
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 *
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 * The library is free for all purposes without any express
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 * guarantee it works.
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 *
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * Tom St Denis, [email protected], http://libtomcrypt.org
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 int dh_encrypt_key(const unsigned char *inkey, unsigned long keylen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 unsigned char *out, unsigned long *len,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 prng_state *prng, int wprng, int hash,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 dh_key *key)
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
16 unsigned char *pub_expt, *dh_shared, *skey;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 dh_key pubkey;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 unsigned long x, y, z, hashsize, pubkeysize;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 int err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 _ARGCHK(inkey != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 _ARGCHK(out != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 _ARGCHK(len != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24 _ARGCHK(key != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 /* check that wprng/hash are not invalid */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 if ((err = hash_is_valid(hash)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 if (keylen > hash_descriptor[hash].hashsize) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 return CRYPT_INVALID_HASH;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
37 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
39 /* allocate memory */
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
40 pub_expt = XMALLOC(DH_BUF_SIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
41 dh_shared = XMALLOC(DH_BUF_SIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
42 skey = XMALLOC(MAXBLOCKSIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
43 if (pub_expt == NULL || dh_shared == NULL || skey == NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
44 if (pub_expt != NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
45 XFREE(pub_expt);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
46 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
47 if (dh_shared != NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
48 XFREE(dh_shared);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
49 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
50 if (skey != NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
51 XFREE(skey);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
52 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
53 return CRYPT_MEM;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
56 /* make a random key and export the public copy */
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
57 if ((err = dh_make_key(prng, wprng, dh_get_size(key), &pubkey)) != CRYPT_OK) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
58 goto __ERR;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
59 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
60
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
61 pubkeysize = DH_BUF_SIZE;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62 if ((err = dh_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
63 dh_free(&pubkey);
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
64 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67 /* now check if the out buffer is big enough */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 if (*len < (1 + 4 + 4 + PACKET_SIZE + pubkeysize + keylen)) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69 dh_free(&pubkey);
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
70 err = CRYPT_BUFFER_OVERFLOW;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
71 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74 /* make random key */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
75 hashsize = hash_descriptor[hash].hashsize;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
77 x = DH_BUF_SIZE;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
78 if ((err = dh_shared_secret(&pubkey, key, dh_shared, &x)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 dh_free(&pubkey);
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
80 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82 dh_free(&pubkey);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
84 z = MAXBLOCKSIZE;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85 if ((err = hash_memory(hash, dh_shared, x, skey, &z)) != CRYPT_OK) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
86 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
87 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
88
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
89 /* store header */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_ENC_KEY);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
91
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
92 /* output header */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 y = PACKET_SIZE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
95 /* size of hash name and the name itself */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
96 out[y++] = hash_descriptor[hash].ID;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
98 /* length of DH pubkey and the key itself */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
99 STORE32L(pubkeysize, out+y);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100 y += 4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101 for (x = 0; x < pubkeysize; x++, y++) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
102 out[y] = pub_expt[x];
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
103 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
104
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
105 /* Store the encrypted key */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106 STORE32L(keylen, out+y);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
107 y += 4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
109 for (x = 0; x < keylen; x++, y++) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
110 out[y] = skey[x] ^ inkey[x];
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112 *len = y;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
114 err = CRYPT_OK;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
115 __ERR:
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116 #ifdef CLEAN_STACK
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
117 /* clean up */
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
118 zeromem(pub_expt, DH_BUF_SIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
119 zeromem(dh_shared, DH_BUF_SIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
120 zeromem(skey, MAXBLOCKSIZE);
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
121 #endif
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
122 XFREE(skey);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
123 XFREE(dh_shared);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
124 XFREE(pub_expt);
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
125
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
126 return err;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
127 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
129 int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
130 unsigned char *outkey, unsigned long *keylen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
131 dh_key *key)
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132 {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
133 unsigned char *shared_secret, *skey;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
134 unsigned long x, y, z,hashsize, keysize;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
135 int hash, err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
136 dh_key pubkey;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138 _ARGCHK(in != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
139 _ARGCHK(outkey != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
140 _ARGCHK(keylen != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
141 _ARGCHK(key != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
142
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
143 /* right key type? */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
144 if (key->type != PK_PRIVATE) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145 return CRYPT_PK_NOT_PRIVATE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
146 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
147
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
148 /* allocate ram */
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
149 shared_secret = XMALLOC(DH_BUF_SIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
150 skey = XMALLOC(MAXBLOCKSIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
151 if (shared_secret == NULL || skey == NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
152 if (shared_secret != NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
153 XFREE(shared_secret);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
154 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
155 if (skey != NULL) {
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
156 XFREE(skey);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
157 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
158 return CRYPT_MEM;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
159 }
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
160
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
161 /* check if initial header should fit */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
162 if (inlen < PACKET_SIZE+1+4+4) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
163 err = CRYPT_INVALID_PACKET;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
164 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
165 } else {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
166 inlen -= PACKET_SIZE+1+4+4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
167 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
168
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
169 /* is header correct? */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170 if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_ENC_KEY)) != CRYPT_OK) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
171 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
172 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
173
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
174 /* now lets get the hash name */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
175 y = PACKET_SIZE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
176 hash = find_hash_id(in[y++]);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
177 if (hash == -1) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
178 err = CRYPT_INVALID_HASH;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
179 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
180 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182 /* common values */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183 hashsize = hash_descriptor[hash].hashsize;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
184
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
185 /* get public key */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186 LOAD32L(x, in+y);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
188 /* now check if the imported key will fit */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
189 if (inlen < x) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
190 err = CRYPT_INVALID_PACKET;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
191 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
192 } else {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
193 inlen -= x;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 y += 4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
197 if ((err = dh_import(in+y, x, &pubkey)) != CRYPT_OK) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
198 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
199 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
200 y += x;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
201
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
202 /* make shared key */
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
203 x = DH_BUF_SIZE;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204 if ((err = dh_shared_secret(key, &pubkey, shared_secret, &x)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
205 dh_free(&pubkey);
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
206 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
207 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
208 dh_free(&pubkey);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
209
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
210 z = MAXBLOCKSIZE;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
211 if ((err = hash_memory(hash, shared_secret, x, skey, &z)) != CRYPT_OK) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
212 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
213 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
214
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
215 /* load in the encrypted key */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
216 LOAD32L(keysize, in+y);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
217
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
218 /* will the outkey fit as part of the input */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
219 if (inlen < keysize) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
220 err = CRYPT_INVALID_PACKET;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
221 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222 } else {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
223 inlen -= keysize;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
224 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
225
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
226 if (keysize > *keylen) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
227 err = CRYPT_BUFFER_OVERFLOW;
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
228 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
229 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
230 y += 4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
231
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
232 *keylen = keysize;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
233
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
234 for (x = 0; x < keysize; x++, y++) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
235 outkey[x] = skey[x] ^ in[y];
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
236 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
237
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
238 err = CRYPT_OK;
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
239 __ERR:
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
240 #ifdef CLEAN_STACK
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
241 zeromem(shared_secret, DH_BUF_SIZE);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
242 zeromem(skey, MAXBLOCKSIZE);
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
243 #endif
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
244
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
245 XFREE(skey);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
246 XFREE(shared_secret);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
247
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
248 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
249 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
250
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
251 /* perform an ElGamal Signature of a hash
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
252 *
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
253 * The math works as follows. x is the private key, M is the message to sign
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
254
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
255 1. pick a random k
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
256 2. compute a = g^k mod p
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
257 3. compute b = (M - xa)/k mod p
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
258 4. Send (a,b)
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
259
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
260 Now to verify with y=g^x mod p, a and b
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
261
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
262 1. compute y^a * a^b = g^(xa) * g^(k*(M-xa)/k)
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
263 = g^(xa + (M - xa))
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
264 = g^M [all mod p]
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
265
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
266 2. Compare against g^M mod p [based on input hash].
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
267 3. If result of #2 == result of #1 then signature valid
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
268 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
269 int dh_sign_hash(const unsigned char *in, unsigned long inlen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
270 unsigned char *out, unsigned long *outlen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
271 prng_state *prng, int wprng, dh_key *key)
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
272 {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
273 mp_int a, b, k, m, g, p, p1, tmp;
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
274 unsigned char *buf;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
275 unsigned long x, y;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
276 int err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
277
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
278 _ARGCHK(in != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
279 _ARGCHK(out != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
280 _ARGCHK(outlen != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
281 _ARGCHK(key != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
282
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
283 /* check parameters */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
284 if (key->type != PK_PRIVATE) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
285 return CRYPT_PK_NOT_PRIVATE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
286 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
287
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
288 if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
289 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
290 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
291
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
292 /* is the IDX valid ? */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
293 if (is_valid_idx(key->idx) != 1) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
294 return CRYPT_PK_INVALID_TYPE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
295 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
296
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
297 /* allocate ram for buf */
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
298 buf = XMALLOC(520);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
299
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
300 /* make up a random value k,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
301 * since the order of the group is prime
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
302 * we need not check if gcd(k, r) is 1
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
303 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
304 if (prng_descriptor[wprng].read(buf, sets[key->idx].size, prng) !=
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
305 (unsigned long)(sets[key->idx].size)) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
306 err = CRYPT_ERROR_READPRNG;
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
307 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
308 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
309
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
310 /* init bignums */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
311 if ((err = mp_init_multi(&a, &b, &k, &m, &p, &g, &p1, &tmp, NULL)) != MP_OKAY) {
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
312 err = mpi_to_ltc_error(err);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
313 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
314 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
315
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
316 /* load k and m */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
317 if ((err = mp_read_unsigned_bin(&m, (unsigned char *)in, inlen)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
318 #ifdef FAST_PK
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
319 if ((err = mp_read_unsigned_bin(&k, buf, MIN(32,sets[key->idx].size))) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
320 #else
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
321 if ((err = mp_read_unsigned_bin(&k, buf, sets[key->idx].size)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
322 #endif
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
323
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
324 /* load g, p and p1 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
325 if ((err = mp_read_radix(&g, sets[key->idx].base, 64)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
326 if ((err = mp_read_radix(&p, sets[key->idx].prime, 64)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
327 if ((err = mp_sub_d(&p, 1, &p1)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
328 if ((err = mp_div_2(&p1, &p1)) != MP_OKAY) { goto error; } /* p1 = (p-1)/2 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
329
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
330 /* now get a = g^k mod p */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
331 if ((err = mp_exptmod(&g, &k, &p, &a)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
332
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
333 /* now find M = xa + kb mod p1 or just b = (M - xa)/k mod p1 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
334 if ((err = mp_invmod(&k, &p1, &k)) != MP_OKAY) { goto error; } /* k = 1/k mod p1 */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
335 if ((err = mp_mulmod(&a, &key->x, &p1, &tmp)) != MP_OKAY) { goto error; } /* tmp = xa */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
336 if ((err = mp_submod(&m, &tmp, &p1, &tmp)) != MP_OKAY) { goto error; } /* tmp = M - xa */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
337 if ((err = mp_mulmod(&k, &tmp, &p1, &b)) != MP_OKAY) { goto error; } /* b = (M - xa)/k */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
338
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
339 /* check for overflow */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
340 if ((unsigned long)(PACKET_SIZE + 4 + 4 + mp_unsigned_bin_size(&a) + mp_unsigned_bin_size(&b)) > *outlen) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
341 err = CRYPT_BUFFER_OVERFLOW;
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
342 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
343 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
344
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
345 /* store header */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
346 y = PACKET_SIZE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
347
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
348 /* now store them both (a,b) */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
349 x = (unsigned long)mp_unsigned_bin_size(&a);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
350 STORE32L(x, out+y); y += 4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
351 if ((err = mp_to_unsigned_bin(&a, out+y)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
352 y += x;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
353
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
354 x = (unsigned long)mp_unsigned_bin_size(&b);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
355 STORE32L(x, out+y); y += 4;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
356 if ((err = mp_to_unsigned_bin(&b, out+y)) != MP_OKAY) { goto error; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
357 y += x;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
358
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
359 /* check if size too big */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
360 if (*outlen < y) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
361 err = CRYPT_BUFFER_OVERFLOW;
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
362 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
363 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
364
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
365 /* store header */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
366 packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_SIGNED);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
367 *outlen = y;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
368
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
369 err = CRYPT_OK;
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
370 goto __ERR;
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
371 error:
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
372 err = mpi_to_ltc_error(err);
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
373 __ERR:
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
374 mp_clear_multi(&tmp, &p1, &g, &p, &m, &k, &b, &a, NULL);
143
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
375
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
376 XFREE(buf);
5d99163f7e32 import of libtomcrypt 0.99
Matt Johnston <matt@ucc.asn.au>
parents: 3
diff changeset
377
3
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
378 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
379 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
380
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
381
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
382 /* verify the signature in sig of the given hash */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
383 int dh_verify_hash(const unsigned char *sig, unsigned long siglen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
384 const unsigned char *hash, unsigned long hashlen,
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
385 int *stat, dh_key *key)
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
386 {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
387 mp_int a, b, p, g, m, tmp;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
388 unsigned long x, y;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
389 int err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
390
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
391 _ARGCHK(sig != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
392 _ARGCHK(hash != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
393 _ARGCHK(stat != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
394 _ARGCHK(key != NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
395
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
396 /* default to invalid */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
397 *stat = 0;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
398
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
399 /* check initial input length */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
400 if (siglen < PACKET_SIZE+4+4) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
401 return CRYPT_INVALID_PACKET;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
402 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
403
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
404 /* header ok? */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
405 if ((err = packet_valid_header((unsigned char *)sig, PACKET_SECT_DH, PACKET_SUB_SIGNED)) != CRYPT_OK) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
406 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
407 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
408
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
409 /* get hash out of packet */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
410 y = PACKET_SIZE;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
411
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
412 /* init all bignums */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
413 if ((err = mp_init_multi(&a, &p, &b, &g, &m, &tmp, NULL)) != MP_OKAY) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
414 return mpi_to_ltc_error(err);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
415 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
416
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
417 /* load a and b */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
418 INPUT_BIGNUM(&a, sig, x, y, siglen);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
419 INPUT_BIGNUM(&b, sig, x, y, siglen);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
420
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
421 /* load p and g */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
422 if ((err = mp_read_radix(&p, sets[key->idx].prime, 64)) != MP_OKAY) { goto error1; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
423 if ((err = mp_read_radix(&g, sets[key->idx].base, 64)) != MP_OKAY) { goto error1; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
424
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
425 /* load m */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
426 if ((err = mp_read_unsigned_bin(&m, (unsigned char *)hash, hashlen)) != MP_OKAY) { goto error1; }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
427
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
428 /* find g^m mod p */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
429 if ((err = mp_exptmod(&g, &m, &p, &m)) != MP_OKAY) { goto error1; } /* m = g^m mod p */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
430
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
431 /* find y^a * a^b */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
432 if ((err = mp_exptmod(&key->y, &a, &p, &tmp)) != MP_OKAY) { goto error1; } /* tmp = y^a mod p */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
433 if ((err = mp_exptmod(&a, &b, &p, &a)) != MP_OKAY) { goto error1; } /* a = a^b mod p */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
434 if ((err = mp_mulmod(&a, &tmp, &p, &a)) != MP_OKAY) { goto error1; } /* a = y^a * a^b mod p */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
435
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
436 /* y^a * a^b == g^m ??? */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
437 if (mp_cmp(&a, &m) == 0) {
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
438 *stat = 1;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
439 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
440
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
441 /* clean up */
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
442 err = CRYPT_OK;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
443 goto done;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
444 error1:
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
445 err = mpi_to_ltc_error(err);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
446 error:
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
447 done:
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
448 mp_clear_multi(&tmp, &m, &g, &p, &b, &a, NULL);
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
449 return err;
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
450 }
7faae8f46238 Branch renaming
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
451