Mercurial > dropbear
view libtomcrypt/src/mac/f9/f9_file.c @ 1855:35d504d59c05
Implement server-side support for sk-ecdsa U2F-backed keys (#142)
* Implement server-side support for sk-ecdsa U2F-backed keys
* Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys
* Fix one more potential out-of-bounds read
* Check if nistp256 curve is used in sk-ecdsa-sha2- key
It's the only allowed curve per PROTOCOL.u2f specification
* Implement server-side support for sk-ed25519 FIDO2-backed keys
* Keys with type sk-* make no sense as host keys, so they should be
disabled
* fix typo
* Make sk-ecdsa call buf_ecdsa_verify
This reduces code duplication, the SK code just handles the
different message format.
* Reduce sk specific code
The application id can be stored in signkey, then we don't need
to call sk-specific functions from svr-authpubkey
* Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled
* Proper cleanup of sk_app
Co-authored-by: Matt Johnston <[email protected]>
author | egor-duda <egor-duda@users.noreply.github.com> |
---|---|
date | Sat, 22 Jan 2022 16:53:04 +0300 |
parents | e9dba7abd939 |
children |
line wrap: on
line source
/* LibTomCrypt, modular cryptographic library -- Tom St Denis * * LibTomCrypt is a library that provides various cryptographic * algorithms in a highly modular and flexible manner. * * The library is free for all purposes without any express * guarantee it works. */ #include "tomcrypt.h" /** @file f9_file.c f9 support, process a file, Tom St Denis */ #ifdef LTC_F9_MODE /** f9 a file @param cipher The index of the cipher desired @param key The secret key @param keylen The length of the secret key (octets) @param fname The name of the file you wish to f9 @param out [out] Where the authentication tag is to be stored @param outlen [in/out] The max size and resulting size of the authentication tag @return CRYPT_OK if successful, CRYPT_NOP if file support has been disabled */ int f9_file(int cipher, const unsigned char *key, unsigned long keylen, const char *fname, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE LTC_UNUSED_PARAM(cipher); LTC_UNUSED_PARAM(key); LTC_UNUSED_PARAM(keylen); LTC_UNUSED_PARAM(fname); LTC_UNUSED_PARAM(out); LTC_UNUSED_PARAM(outlen); return CRYPT_NOP; #else size_t x; int err; f9_state f9; FILE *in; unsigned char *buf; LTC_ARGCHK(key != NULL); LTC_ARGCHK(fname != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); if ((buf = XMALLOC(LTC_FILE_READ_BUFSIZE)) == NULL) { return CRYPT_MEM; } if ((err = f9_init(&f9, cipher, key, keylen)) != CRYPT_OK) { goto LBL_ERR; } in = fopen(fname, "rb"); if (in == NULL) { err = CRYPT_FILE_NOTFOUND; goto LBL_ERR; } do { x = fread(buf, 1, LTC_FILE_READ_BUFSIZE, in); if ((err = f9_process(&f9, buf, (unsigned long)x)) != CRYPT_OK) { fclose(in); goto LBL_CLEANBUF; } } while (x == LTC_FILE_READ_BUFSIZE); if (fclose(in) != 0) { err = CRYPT_ERROR; goto LBL_CLEANBUF; } err = f9_done(&f9, out, outlen); LBL_CLEANBUF: zeromem(buf, LTC_FILE_READ_BUFSIZE); LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(&f9, sizeof(f9_state)); #endif XFREE(buf); return err; #endif } #endif /* ref: $Format:%D$ */ /* git commit: $Format:%H$ */ /* commit time: $Format:%ai$ */