Mercurial > dropbear
comparison libtomcrypt/src/pk/dsa/dsa_decrypt_key.c @ 1511:5916af64acd4 fuzz
merge from main
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sat, 17 Feb 2018 19:29:51 +0800 |
| parents | 6dba84798cd5 |
| children |
comparison
equal
deleted
inserted
replaced
| 1457:32f990cc96b1 | 1511:5916af64acd4 |
|---|---|
| 3 * LibTomCrypt is a library that provides various cryptographic | 3 * LibTomCrypt is a library that provides various cryptographic |
| 4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
| 5 * | 5 * |
| 6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
| 7 * guarantee it works. | 7 * guarantee it works. |
| 8 * | |
| 9 * Tom St Denis, [email protected], http://libtom.org | |
| 10 */ | 8 */ |
| 11 #include "tomcrypt.h" | 9 #include "tomcrypt.h" |
| 12 | 10 |
| 13 /** | 11 /** |
| 14 @file dsa_decrypt_key.c | 12 @file dsa_decrypt_key.c |
| 15 DSA Crypto, Tom St Denis | 13 DSA Crypto, Tom St Denis |
| 16 */ | 14 */ |
| 17 | 15 |
| 18 #ifdef LTC_MDSA | 16 #ifdef LTC_MDSA |
| 19 | 17 |
| 20 /** | 18 /** |
| 21 Decrypt an DSA encrypted key | 19 Decrypt an DSA encrypted key |
| 25 @param outlen [in/out] The max size and resulting size of the plaintext | 23 @param outlen [in/out] The max size and resulting size of the plaintext |
| 26 @param key The corresponding private DSA key | 24 @param key The corresponding private DSA key |
| 27 @return CRYPT_OK if successful | 25 @return CRYPT_OK if successful |
| 28 */ | 26 */ |
| 29 int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, | 27 int dsa_decrypt_key(const unsigned char *in, unsigned long inlen, |
| 30 unsigned char *out, unsigned long *outlen, | 28 unsigned char *out, unsigned long *outlen, |
| 31 dsa_key *key) | 29 dsa_key *key) |
| 32 { | 30 { |
| 33 unsigned char *skey, *expt; | 31 unsigned char *skey, *expt; |
| 34 void *g_pub; | 32 void *g_pub; |
| 35 unsigned long x, y, hashOID[32]; | 33 unsigned long x, y; |
| 34 unsigned long hashOID[32] = { 0 }; | |
| 36 int hash, err; | 35 int hash, err; |
| 37 ltc_asn1_list decode[3]; | 36 ltc_asn1_list decode[3]; |
| 38 | 37 |
| 39 LTC_ARGCHK(in != NULL); | 38 LTC_ARGCHK(in != NULL); |
| 40 LTC_ARGCHK(out != NULL); | 39 LTC_ARGCHK(out != NULL); |
| 43 | 42 |
| 44 /* right key type? */ | 43 /* right key type? */ |
| 45 if (key->type != PK_PRIVATE) { | 44 if (key->type != PK_PRIVATE) { |
| 46 return CRYPT_PK_NOT_PRIVATE; | 45 return CRYPT_PK_NOT_PRIVATE; |
| 47 } | 46 } |
| 48 | 47 |
| 49 /* decode to find out hash */ | 48 /* decode to find out hash */ |
| 50 LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); | 49 LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); |
| 51 | 50 err = der_decode_sequence(in, inlen, decode, 1); |
| 52 if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { | 51 if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { |
| 53 return err; | 52 return err; |
| 54 } | 53 } |
| 55 | 54 |
| 56 hash = find_hash_oid(hashOID, decode[0].size); | 55 hash = find_hash_oid(hashOID, decode[0].size); |
| 57 if (hash_is_valid(hash) != CRYPT_OK) { | 56 if (hash_is_valid(hash) != CRYPT_OK) { |
| 58 return CRYPT_INVALID_PACKET; | 57 return CRYPT_INVALID_PACKET; |
| 59 } | 58 } |
| 60 | 59 |
| 61 /* we now have the hash! */ | 60 /* we now have the hash! */ |
| 62 | 61 |
| 63 if ((err = mp_init(&g_pub)) != CRYPT_OK) { | 62 if ((err = mp_init(&g_pub)) != CRYPT_OK) { |
| 64 return err; | 63 return err; |
| 65 } | 64 } |
| 66 | 65 |
| 67 /* allocate memory */ | 66 /* allocate memory */ |
| 75 XFREE(skey); | 74 XFREE(skey); |
| 76 } | 75 } |
| 77 mp_clear(g_pub); | 76 mp_clear(g_pub); |
| 78 return CRYPT_MEM; | 77 return CRYPT_MEM; |
| 79 } | 78 } |
| 80 | 79 |
| 81 LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER, g_pub, 1UL); | 80 LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER, g_pub, 1UL); |
| 82 LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); | 81 LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING, skey, MAXBLOCKSIZE); |
| 83 | 82 |
| 84 /* read the structure in now */ | 83 /* read the structure in now */ |
| 85 if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { | 84 if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) { |
| 90 x = mp_unsigned_bin_size(key->p) + 1; | 89 x = mp_unsigned_bin_size(key->p) + 1; |
| 91 if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) { | 90 if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) { |
| 92 goto LBL_ERR; | 91 goto LBL_ERR; |
| 93 } | 92 } |
| 94 | 93 |
| 95 y = MIN(mp_unsigned_bin_size(key->p) + 1, MAXBLOCKSIZE); | 94 y = mp_unsigned_bin_size(key->p) + 1; |
| 95 y = MIN(y, MAXBLOCKSIZE); | |
| 96 if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) { | 96 if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) { |
| 97 goto LBL_ERR; | 97 goto LBL_ERR; |
| 98 } | 98 } |
| 99 | 99 |
| 100 /* ensure the hash of the shared secret is at least as big as the encrypt itself */ | 100 /* ensure the hash of the shared secret is at least as big as the encrypt itself */ |
| 123 zeromem(skey, MAXBLOCKSIZE); | 123 zeromem(skey, MAXBLOCKSIZE); |
| 124 #endif | 124 #endif |
| 125 | 125 |
| 126 XFREE(expt); | 126 XFREE(expt); |
| 127 XFREE(skey); | 127 XFREE(skey); |
| 128 | 128 |
| 129 mp_clear(g_pub); | 129 mp_clear(g_pub); |
| 130 | 130 |
| 131 return err; | 131 return err; |
| 132 } | 132 } |
| 133 | 133 |
| 134 #endif | 134 #endif |
| 135 | 135 |
| 136 /* $Source$ */ | 136 /* ref: $Format:%D$ */ |
| 137 /* $Revision$ */ | 137 /* git commit: $Format:%H$ */ |
| 138 /* $Date$ */ | 138 /* commit time: $Format:%ai$ */ |
| 139 | 139 |