dropbear: pkcs_1_pss_encode.c comparison

comparison pkcs_1_pss_encode.c @ 143:5d99163f7e32 libtomcrypt-orig

import of libtomcrypt 0.99

author	Matt Johnston <matt@ucc.asn.au>
date	Sun, 19 Dec 2004 11:34:45 +0000
parents	6362d3854bb4
children

comparison

equal deleted inserted replaced

-:6362d3854bb4
+:5d99163f7e32
 unsigned long saltlen,  prng_state   *prng,
 int           prng_idx, int           hash_idx,
 unsigned long modulus_bitlen,
 unsigned char *out,     unsigned long *outlen)
 {
-unsigned char DB[1024], mask[sizeof(DB)], salt[sizeof(DB)], hash[sizeof(DB)];
+unsigned char *DB, *mask, *salt, *hash;
 unsigned long x, y, hLen, modulus_len;
 int           err;
 hash_state    md;
 _ARGCHK(msghash != NULL);
 }
 hLen        = hash_descriptor[hash_idx].hashsize;
 modulus_len = (modulus_bitlen>>3) + (modulus_bitlen & 7 ? 1 : 0);
+/* allocate ram for DB/mask/salt/hash of size modulus_len */
+DB   = XMALLOC(modulus_len);
+mask = XMALLOC(modulus_len);
+salt = XMALLOC(modulus_len);
+hash = XMALLOC(modulus_len);
+if (DB == NULL || mask == NULL || salt == NULL || hash == NULL) {
+if (DB != NULL) {
+XFREE(DB);
+}
+if (mask != NULL) {
+XFREE(mask);
+}
+if (salt != NULL) {
+XFREE(salt);
+}
+if (hash != NULL) {
+XFREE(hash);
+}
+return CRYPT_MEM;
+}
 /* check sizes */
-if ((saltlen > sizeof(salt)) || (modulus_len > sizeof(DB)) || (modulus_len < hLen + saltlen + 2)) {
+if ((saltlen > modulus_len) || (modulus_len < hLen + saltlen + 2)) {
-return CRYPT_INVALID_ARG;
+err = CRYPT_INVALID_ARG;
+goto __ERR;
 }
 /* generate random salt */
 if (saltlen > 0) {
 if (prng_descriptor[prng_idx].read(salt, saltlen, prng) != saltlen) {
-return CRYPT_ERROR_READPRNG;
+err = CRYPT_ERROR_READPRNG;
+goto __ERR;
 }
 }
 /* M = (eight) 0x00 || msghash || salt, hash = H(M) */
-hash_descriptor[hash_idx].init(&md);
+if ((err = hash_descriptor[hash_idx].init(&md)) != CRYPT_OK) {
+goto __ERR;
+}
 zeromem(DB, 8);
 if ((err = hash_descriptor[hash_idx].process(&md, DB, 8)) != CRYPT_OK) {
-return err;
+goto __ERR;
 }
 if ((err = hash_descriptor[hash_idx].process(&md, msghash, msghashlen)) != CRYPT_OK) {
-return err;
+goto __ERR;
 }
 if ((err = hash_descriptor[hash_idx].process(&md, salt, saltlen)) != CRYPT_OK) {
-return err;
+goto __ERR;
 }
 if ((err = hash_descriptor[hash_idx].done(&md, hash)) != CRYPT_OK) {
-return err;
+goto __ERR;
 }
 /* generate DB = PS || 0x01 || salt, PS == modulus_len - saltlen - hLen - 2 zero bytes */
 for (x = 0; x < (modulus_len - saltlen - hLen - 2); x++) {
 DB[x] = 0x00;
 DB[x++] = salt[y];
 }
 /* generate mask of length modulus_len - hLen - 1 from hash */
 if ((err = pkcs_1_mgf1(hash, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
-return err;
+goto __ERR;
 }
 /* xor against DB */
 for (y = 0; y < (modulus_len - hLen - 1); y++) {
 DB[y] ^= mask[y];
 }
 /* output is DB || hash || 0xBC */
 if (*outlen < modulus_len) {
-return CRYPT_BUFFER_OVERFLOW;
+err = CRYPT_BUFFER_OVERFLOW;
+goto __ERR;
 }
 /* DB */
 for (y = x = 0; x < modulus_len - hLen - 1; x++) {
 out[y++] = DB[x];
 /* now clear the 8*modulus_len - modulus_bitlen most significant bits */
 out[0] &= 0xFF >> ((modulus_len<<3) - (modulus_bitlen-1));
 /* store output size */
 *outlen = modulus_len;
+err = CRYPT_OK;
+__ERR:
 #ifdef CLEAN_STACK
-zeromem(DB,   sizeof(DB));
+zeromem(DB,   modulus_len);
-zeromem(mask, sizeof(mask));
+zeromem(mask, modulus_len);
-zeromem(salt, sizeof(salt));
+zeromem(salt, modulus_len);
-zeromem(hash, sizeof(hash));
+zeromem(hash, modulus_len);
 #endif
-return CRYPT_OK;
+XFREE(hash);
+XFREE(salt);
+XFREE(mask);
+XFREE(DB);
+return err;
 }
 #endif /* PKCS_1 */

Mercurial > dropbear

comparison pkcs_1_pss_encode.c @ 143:5d99163f7e32 libtomcrypt-orig