[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-119-g520827b
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-119-g520827b |
|
Date: |
Sun, 23 May 2010 19:22:10 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=520827b6f8a49ee9351bb12f63160a773ad46997
The branch, new has been updated
via 520827b6f8a49ee9351bb12f63160a773ad46997 (commit)
via cf87a7deefc96c09e17a4a80d45e4c0462c4c335 (commit)
from dcca9af0ed19e13a8de63202a21a3027e16e80e9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 520827b6f8a49ee9351bb12f63160a773ad46997
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun May 23 21:19:48 2010 +0200
Common code for calculation of RSA exp1 and exp2. Also update the openpgp
code to calculate those values.
commit cf87a7deefc96c09e17a4a80d45e4c0462c4c335
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun May 23 20:54:25 2010 +0200
More fixes.
-----------------------------------------------------------------------
Summary of changes:
lib/auth_dh_common.c | 2 +
lib/gcrypt/pk.c | 20 ++----
lib/gnutls_dh_primes.c | 5 +-
lib/gnutls_pk.c | 36 ++++++++++
lib/gnutls_pk.h | 2 +
lib/opencdk/pubkey.c | 2 +-
lib/openpgp/privkey.c | 16 ++++-
lib/x509/privkey.c | 179 +++++++++++++++++++++++++-----------------------
8 files changed, 156 insertions(+), 106 deletions(-)
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index 178572c..bee2595 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -367,6 +367,8 @@ _gnutls_dh_common_print_server_kx (gnutls_session_t session,
* have been pessimist and might have returned initially
* more data */
ret = n_g + n_p + n_X + 6;
+ if (psk != 0)
+ ret += 2;
return ret;
}
diff --git a/lib/gcrypt/pk.c b/lib/gcrypt/pk.c
index 593c6e6..fcc5e2a 100644
--- a/lib/gcrypt/pk.c
+++ b/lib/gcrypt/pk.c
@@ -741,21 +741,13 @@ _rsa_generate_params (bigint_t * resarr, int *resarr_len,
int bits)
goto cleanup;
}
- /* [6] = d % p-1, [7] = d % q-1 */
- _gnutls_mpi_sub_ui(tmp, resarr[3]/*p*/, 1);
- resarr[6] = _gnutls_mpi_mod(resarr[2]/*d*/, tmp);
-
- _gnutls_mpi_sub_ui(tmp, resarr[4]/*q*/, 1);
- resarr[7] = _gnutls_mpi_mod(resarr[2]/*d*/, tmp);
-
- _gnutls_mpi_release(&tmp);
-
- if (resarr[6] == NULL || resarr[7] == NULL)
+ ret = _gnutls_calc_rsa_exp(resarr, 2 + *resarr_len);
+ if (ret < 0)
{
- gnutls_assert();
- ret= GNUTLS_E_MEMORY_ERROR;
- goto cleanup;
- }
+ gnutls_assert();
+ ret= GNUTLS_E_MEMORY_ERROR;
+ goto cleanup;
+ }
(*resarr_len)+=2;
diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c
index c47237c..5bc53bf 100644
--- a/lib/gnutls_dh_primes.c
+++ b/lib/gnutls_dh_primes.c
@@ -355,11 +355,12 @@ gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params,
}
p_data = &all_data[0];
- g_data = &all_data[p_size];
-
_gnutls_mpi_print_lz (params->params[0], p_data, &p_size);
+
+ g_data = &all_data[p_size];
_gnutls_mpi_print_lz (params->params[1], g_data, &g_size);
+
/* Ok. Now we have the data. Create the asn1 structures
*/
diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c
index 77d1434..38d5058 100644
--- a/lib/gnutls_pk.c
+++ b/lib/gnutls_pk.c
@@ -609,3 +609,39 @@ gnutls_pk_params_release (gnutls_pk_params_st * p)
_gnutls_mpi_release (&p->params[i]);
}
}
+
+int _gnutls_calc_rsa_exp(bigint_t* params, unsigned int params_size)
+{
+int ret;
+bigint_t tmp = _gnutls_mpi_alloc_like(params[0]);
+
+ if (params_size < RSA_PRIVATE_PARAMS)
+ {
+ gnutls_assert();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ if (tmp == NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ /* [6] = d % p-1, [7] = d % q-1 */
+ _gnutls_mpi_sub_ui(tmp, params[3], 1);
+ params[6] = _gnutls_mpi_mod(params[2]/*d*/, tmp);
+
+ _gnutls_mpi_sub_ui(tmp, params[4], 1);
+ params[7] = _gnutls_mpi_mod(params[2]/*d*/, tmp);
+
+ _gnutls_mpi_release(&tmp);
+
+ if (params[7] == NULL || params[6] == NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ return 0;
+}
+
diff --git a/lib/gnutls_pk.h b/lib/gnutls_pk.h
index 4fc9785..826c0e2 100644
--- a/lib/gnutls_pk.h
+++ b/lib/gnutls_pk.h
@@ -77,4 +77,6 @@ int
_gnutls_decode_ber_rs (const gnutls_datum_t * sig_value, bigint_t * r,
bigint_t * s);
+int _gnutls_calc_rsa_exp(bigint_t* params, unsigned int params_size);
+
#endif /* GNUTLS_PK_H */
diff --git a/lib/opencdk/pubkey.c b/lib/opencdk/pubkey.c
index d9f66f2..12d9408 100644
--- a/lib/opencdk/pubkey.c
+++ b/lib/opencdk/pubkey.c
@@ -193,7 +193,7 @@ cdk_pk_get_nskey (int algo)
int ret;
if (is_RSA (algo))
- ret = RSA_PRIVATE_PARAMS;
+ ret = RSA_PRIVATE_PARAMS-2; /* we don't have exp1 and exp2 */
else if (is_DSA (algo))
ret = DSA_PRIVATE_PARAMS;
else if (is_ELG (algo))
diff --git a/lib/openpgp/privkey.c b/lib/openpgp/privkey.c
index bc4c635..4bec39b 100644
--- a/lib/openpgp/privkey.c
+++ b/lib/openpgp/privkey.c
@@ -708,7 +708,7 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t
pkey,
switch (pk_algorithm)
{
case GNUTLS_PK_RSA:
- local_params = RSA_PRIVATE_PARAMS;
+ local_params = RSA_PRIVATE_PARAMS-2;
break;
case GNUTLS_PK_DSA:
local_params = DSA_PRIVATE_PARAMS;
@@ -726,7 +726,6 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t
pkey,
*params_size = local_params;
-
for (i = 0; i < local_params; i++)
{
result = _gnutls_read_pgp_mpi (pkt, 1, i, ¶ms[i]);
@@ -737,6 +736,19 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t
pkey,
}
}
+ if (pk_algorithm==GNUTLS_PK_RSA)
+ {
+ /* on RSA we need to calculate exp1 and exp2 */
+ result = _gnutls_calc_rsa_exp(params, RSA_PRIVATE_PARAMS);
+ if (result < 0)
+ {
+ gnutls_assert();
+ i = *params_size;
+ goto error;
+ }
+ *params_size = RSA_PRIVATE_PARAMS;
+ }
+
return 0;
error:
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 6d47a65..f2dc648 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -588,32 +588,18 @@ gnutls_x509_privkey_import_rsa_raw2
(gnutls_x509_privkey_t key,
return GNUTLS_E_MPI_SCAN_FAILED;
}
}
- else /* calculate e1 and e2 */
+ else
{
- bigint_t tmp = _gnutls_mpi_alloc_like(key->params[0]);
- if (tmp == NULL)
- {
- gnutls_assert ();
- FREE_RSA_PRIVATE_PARAMS;
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- /* [6] = d % p-1, [7] = d % q-1 */
- _gnutls_mpi_sub_ui(tmp, key->params[3], 1);
- key->params[6] = _gnutls_mpi_mod(key->params[2]/*d*/, tmp);
-
- _gnutls_mpi_sub_ui(tmp, key->params[4], 1);
- key->params[7] = _gnutls_mpi_mod(key->params[2]/*d*/, tmp);
-
- _gnutls_mpi_release(&tmp);
-
- if (key->params[7] == NULL || key->params[6] == NULL)
- {
- gnutls_assert ();
- FREE_RSA_PRIVATE_PARAMS;
- return GNUTLS_E_MEMORY_ERROR;
- }
+ /* calculate exp1 and exp2 */
+ ret = _gnutls_calc_rsa_exp(key->params, key->params_size);
+ if (ret < 0)
+ {
+ gnutls_assert();
+ FREE_RSA_PRIVATE_PARAMS;
+ return ret;
+ }
}
+
if (!key->crippled)
@@ -1077,20 +1063,18 @@ static int
_gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t * params)
{
int result, i;
- size_t size[8], total;
- opaque *m_data, *pube_data, *prie_data;
- opaque *p1_data, *p2_data, *u_data, *exp1_data, *exp2_data;
- opaque *all_data = NULL, *p;
opaque null = '\0';
gnutls_pk_params_st pk_params;
+ gnutls_datum_t m, e, d, p, q, u, exp1, exp2;
- /* Read all the sizes */
- total = 0;
- for (i = 0; i < RSA_PRIVATE_PARAMS; i++)
- {
- _gnutls_mpi_print_lz (params[i], NULL, &size[i]);
- total += size[i];
- }
+ memset(&m, 0, sizeof(m));
+ memset(&p, 0, sizeof(e));
+ memset(&q, 0, sizeof(d));
+ memset(&p, 0, sizeof(p));
+ memset(&q, 0, sizeof(q));
+ memset(&u, 0, sizeof(u));
+ memset(&exp1, 0, sizeof(exp1));
+ memset(&exp2, 0, sizeof(exp2));
result = _gnutls_pk_params_copy (&pk_params, params, RSA_PRIVATE_PARAMS);
if (result < 0)
@@ -1106,49 +1090,63 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
goto cleanup;
}
- /* Encoding phase.
- * allocate data enough to hold everything
- */
- all_data = gnutls_secure_malloc (total);
- if (all_data == NULL)
+ /* retrieve as data */
+
+ result = _gnutls_mpi_dprint_lz( pk_params.params[0], &m);
+ if (result < 0)
{
- gnutls_assert ();
- result = GNUTLS_E_MEMORY_ERROR;
+ gnutls_assert();
goto cleanup;
}
- p = all_data;
- m_data = p;
- p += size[0];
-
- pube_data = p;
- p += size[1];
-
- prie_data = p;
- p += size[2];
-
- p1_data = p;
- p += size[3];
-
- p2_data = p;
- p += size[4];
-
- u_data = p;
- p += size[5];
-
- exp1_data = p;
- p += size[6];
-
- exp2_data = p;
+ result = _gnutls_mpi_dprint_lz( pk_params.params[1], &e);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
- _gnutls_mpi_print_lz (pk_params.params[0], m_data, &size[0]);
- _gnutls_mpi_print_lz (pk_params.params[1], pube_data, &size[1]);
- _gnutls_mpi_print_lz (pk_params.params[2], prie_data, &size[2]);
- _gnutls_mpi_print_lz (pk_params.params[3], p1_data, &size[3]);
- _gnutls_mpi_print_lz (pk_params.params[4], p2_data, &size[4]);
- _gnutls_mpi_print_lz (pk_params.params[5], u_data, &size[5]);
- _gnutls_mpi_print_lz (pk_params.params[6], exp1_data, &size[6]);
- _gnutls_mpi_print_lz (pk_params.params[7], exp2_data, &size[7]);
+ result = _gnutls_mpi_dprint_lz( pk_params.params[2], &d);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ result = _gnutls_mpi_dprint_lz( pk_params.params[3], &p);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ result = _gnutls_mpi_dprint_lz( pk_params.params[4], &q);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ result = _gnutls_mpi_dprint_lz( pk_params.params[5], &u);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ result = _gnutls_mpi_dprint_lz( pk_params.params[6], &exp1);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
+
+ result = _gnutls_mpi_dprint_lz( pk_params.params[7], &exp2);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
/* Ok. Now we have the data. Create the asn1 structures
*/
@@ -1172,7 +1170,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
/* Write PRIME
*/
if ((result = asn1_write_value (*c2, "modulus",
- m_data, size[0])) != ASN1_SUCCESS)
+ m.data, m.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1180,7 +1178,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "publicExponent",
- pube_data, size[1])) != ASN1_SUCCESS)
+ e.data, e.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1188,7 +1186,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "privateExponent",
- prie_data, size[2])) != ASN1_SUCCESS)
+ d.data, d.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1196,7 +1194,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "prime1",
- p1_data, size[3])) != ASN1_SUCCESS)
+ p.data, p.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1204,7 +1202,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "prime2",
- p2_data, size[4])) != ASN1_SUCCESS)
+ q.data, q.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1212,7 +1210,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "coefficient",
- u_data, size[5])) != ASN1_SUCCESS)
+ u.data, u.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1221,7 +1219,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "exponent1",
- exp1_data, size[6])) != ASN1_SUCCESS)
+ exp1.data, exp1.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
@@ -1229,16 +1227,13 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
}
if ((result = asn1_write_value (*c2, "exponent2",
- exp2_data, size[7])) != ASN1_SUCCESS)
+ exp2.data, exp2.size)) != ASN1_SUCCESS)
{
gnutls_assert ();
result = _gnutls_asn2err (result);
goto cleanup;
}
- gnutls_pk_params_release (&pk_params);
- gnutls_free (all_data);
-
if ((result = asn1_write_value (*c2, "otherPrimeInfos",
NULL, 0)) != ASN1_SUCCESS)
{
@@ -1254,12 +1249,22 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
goto cleanup;
}
- return 0;
+ result = 0;
cleanup:
+ if (result != 0)
+ asn1_delete_structure (c2);
+
gnutls_pk_params_release (&pk_params);
- asn1_delete_structure (c2);
- gnutls_free (all_data);
+
+ _gnutls_free_datum(&m);
+ _gnutls_free_datum(&d);
+ _gnutls_free_datum(&e);
+ _gnutls_free_datum(&p);
+ _gnutls_free_datum(&q);
+ _gnutls_free_datum(&u);
+ _gnutls_free_datum(&exp1);
+ _gnutls_free_datum(&exp2);
return result;
}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, new, updated. gnutls_2_9_10-119-g520827b,
Nikos Mavrogiannopoulos <=