- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
This commit is contained in:
parent
880ac7eb95
commit
a3d195c41f
31 changed files with 232 additions and 119 deletions
|
@ -29,6 +29,9 @@ Changes
|
|||
trade-off
|
||||
* Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size
|
||||
management (Closes ticket #44)
|
||||
* Changed the used random function pointer to more flexible format. Renamed
|
||||
havege_rand() to havege_random() to prevent mistakes. Lots of changes as
|
||||
a consequence in library code and programs
|
||||
|
||||
Bugfix
|
||||
* Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes
|
||||
|
|
|
@ -539,7 +539,9 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
|
|||
* \return 0 if successful,
|
||||
* 1 if memory allocation failed
|
||||
*/
|
||||
int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng );
|
||||
int mpi_fill_random( mpi *X, size_t size,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Greatest common divisor: G = gcd(A, B)
|
||||
|
@ -578,7 +580,9 @@ int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N );
|
|||
* 1 if memory allocation failed,
|
||||
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
|
||||
*/
|
||||
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
|
||||
int mpi_is_prime( mpi *X,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Prime number generation
|
||||
|
@ -594,7 +598,8 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
|
|||
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
|
||||
*/
|
||||
int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
|
||||
int (*f_rng)(void *), void *p_rng );
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
|
|
|
@ -90,7 +90,8 @@ int dhm_read_params( dhm_context *ctx,
|
|||
*/
|
||||
int dhm_make_params( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t *olen,
|
||||
int (*f_rng)(void *), void *p_rng );
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Import the peer's public value G^Y
|
||||
|
@ -118,7 +119,8 @@ int dhm_read_public( dhm_context *ctx,
|
|||
*/
|
||||
int dhm_make_public( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t olen,
|
||||
int (*f_rng)(void *), void *p_rng );
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Derive and export the shared secret (G^Y)^X mod P
|
||||
|
|
|
@ -27,6 +27,8 @@
|
|||
#ifndef POLARSSL_HAVEGE_H
|
||||
#define POLARSSL_HAVEGE_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#define COLLECT_SIZE 1024
|
||||
|
||||
/**
|
||||
|
@ -55,10 +57,12 @@ void havege_init( havege_state *hs );
|
|||
* \brief HAVEGE rand function
|
||||
*
|
||||
* \param p_rng A HAVEGE state
|
||||
* \param output Buffer to fill
|
||||
* \param len Length of buffer
|
||||
*
|
||||
* \return A random int
|
||||
*/
|
||||
int havege_rand( void *p_rng );
|
||||
int havege_random( void *p_rng, unsigned char *output, size_t len );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
|
|
@ -186,7 +186,7 @@ void rsa_init( rsa_context *ctx,
|
|||
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
|
||||
*/
|
||||
int rsa_gen_key( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
unsigned int nbits, int exponent );
|
||||
|
||||
|
@ -261,7 +261,7 @@ int rsa_private( rsa_context *ctx,
|
|||
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
|
||||
*/
|
||||
int rsa_pkcs1_encrypt( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode, size_t ilen,
|
||||
const unsigned char *input,
|
||||
|
@ -314,7 +314,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
|
|||
* keep both hashes the same.
|
||||
*/
|
||||
int rsa_pkcs1_sign( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
int hash_id,
|
||||
|
|
|
@ -232,7 +232,7 @@ struct _ssl_context
|
|||
/*
|
||||
* Callbacks (RNG, debug, I/O, verification)
|
||||
*/
|
||||
int (*f_rng)(void *);
|
||||
int (*f_rng)(void *, unsigned char *, size_t);
|
||||
void (*f_dbg)(void *, int, const char *);
|
||||
int (*f_recv)(void *, unsigned char *, size_t);
|
||||
int (*f_send)(void *, const unsigned char *, size_t);
|
||||
|
@ -438,7 +438,7 @@ void ssl_set_verify( ssl_context *ssl,
|
|||
* \param p_rng RNG parameter
|
||||
*/
|
||||
void ssl_set_rng( ssl_context *ssl,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
|
|
|
@ -1608,18 +1608,16 @@ cleanup:
|
|||
return( ret );
|
||||
}
|
||||
|
||||
int mpi_fill_random( mpi *X, size_t size, int (*f_rng)(void *), void *p_rng )
|
||||
int mpi_fill_random( mpi *X, size_t size,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
size_t k;
|
||||
unsigned char *p;
|
||||
|
||||
MPI_CHK( mpi_grow( X, size ) );
|
||||
MPI_CHK( mpi_lset( X, 0 ) );
|
||||
|
||||
p = (unsigned char *) X->p;
|
||||
for( k = 0; k < X->n * ciL; k++ )
|
||||
*p++ = (unsigned char) f_rng( p_rng );
|
||||
MPI_CHK( f_rng( p_rng, (unsigned char *) X->p, X->n * ciL ) );
|
||||
|
||||
cleanup:
|
||||
return( ret );
|
||||
|
@ -1750,7 +1748,9 @@ static const int small_prime[] =
|
|||
/*
|
||||
* Miller-Rabin primality test (HAC 4.24)
|
||||
*/
|
||||
int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng )
|
||||
int mpi_is_prime( mpi *X,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret, xs;
|
||||
size_t i, j, n, s;
|
||||
|
@ -1809,7 +1809,7 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng )
|
|||
/*
|
||||
* pick a random A, 1 < A < |X| - 1
|
||||
*/
|
||||
mpi_fill_random( &A, X->n, f_rng, p_rng );
|
||||
MPI_CHK( mpi_fill_random( &A, X->n, f_rng, p_rng ) );
|
||||
|
||||
if( mpi_cmp_mpi( &A, &W ) >= 0 )
|
||||
{
|
||||
|
@ -1867,7 +1867,8 @@ cleanup:
|
|||
* Prime number generation
|
||||
*/
|
||||
int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
|
||||
int (*f_rng)(void *), void *p_rng )
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
size_t k, n;
|
||||
|
@ -1880,7 +1881,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
|
|||
|
||||
n = BITS_TO_LIMBS( nbits );
|
||||
|
||||
mpi_fill_random( X, n, f_rng, p_rng );
|
||||
MPI_CHK( mpi_fill_random( X, n, f_rng, p_rng ) );
|
||||
|
||||
k = mpi_msb( X );
|
||||
if( k < nbits ) MPI_CHK( mpi_shift_l( X, nbits - k ) );
|
||||
|
|
|
@ -127,7 +127,8 @@ int dhm_read_params( dhm_context *ctx,
|
|||
*/
|
||||
int dhm_make_params( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t *olen,
|
||||
int (*f_rng)(void *), void *p_rng )
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret, n;
|
||||
size_t n1, n2, n3;
|
||||
|
@ -203,7 +204,8 @@ int dhm_read_public( dhm_context *ctx,
|
|||
*/
|
||||
int dhm_make_public( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t olen,
|
||||
int (*f_rng)(void *), void *p_rng )
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret, n;
|
||||
|
||||
|
|
|
@ -200,18 +200,32 @@ void havege_init( havege_state *hs )
|
|||
/*
|
||||
* HAVEGE rand function
|
||||
*/
|
||||
int havege_rand( void *p_rng )
|
||||
int havege_random( void *p_rng, unsigned char *buf, size_t len )
|
||||
{
|
||||
int ret;
|
||||
int val;
|
||||
size_t use_len;
|
||||
havege_state *hs = (havege_state *) p_rng;
|
||||
unsigned char *p = buf;
|
||||
|
||||
if( hs->offset[1] >= COLLECT_SIZE )
|
||||
havege_fill( hs );
|
||||
while( len > 0 )
|
||||
{
|
||||
use_len = len;
|
||||
if( use_len > sizeof(int) )
|
||||
use_len = sizeof(int);
|
||||
|
||||
ret = hs->pool[hs->offset[0]++];
|
||||
ret ^= hs->pool[hs->offset[1]++];
|
||||
if( hs->offset[1] >= COLLECT_SIZE )
|
||||
havege_fill( hs );
|
||||
|
||||
return( ret );
|
||||
val = hs->pool[hs->offset[0]++];
|
||||
val ^= hs->pool[hs->offset[1]++];
|
||||
|
||||
memcpy( p, &val, use_len );
|
||||
|
||||
len -= use_len;
|
||||
p += use_len;
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif
|
||||
|
|
|
@ -58,9 +58,9 @@ void rsa_init( rsa_context *ctx,
|
|||
* Generate an RSA keypair
|
||||
*/
|
||||
int rsa_gen_key( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
void *p_rng,
|
||||
unsigned int nbits, int exponent )
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
unsigned int nbits, int exponent )
|
||||
{
|
||||
int ret;
|
||||
mpi P1, Q1, H, G;
|
||||
|
@ -356,16 +356,16 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_
|
|||
* Add the message padding, then do an RSA operation
|
||||
*/
|
||||
int rsa_pkcs1_encrypt( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode, size_t ilen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output )
|
||||
{
|
||||
size_t nb_pad, olen;
|
||||
size_t nb_pad, olen, ret;
|
||||
unsigned char *p = output;
|
||||
#if defined(POLARSSL_PKCS1_V21)
|
||||
unsigned int i, hlen;
|
||||
unsigned int hlen;
|
||||
const md_info_t *md_info;
|
||||
md_context_t md_ctx;
|
||||
#endif
|
||||
|
@ -392,13 +392,13 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
|
|||
int rng_dl = 100;
|
||||
|
||||
do {
|
||||
*p = (unsigned char) f_rng( p_rng );
|
||||
} while( *p == 0 && --rng_dl );
|
||||
ret = f_rng( p_rng, p, 1 );
|
||||
} while( *p == 0 && --rng_dl && ret == 0 );
|
||||
|
||||
// Check if RNG failed to generate data
|
||||
//
|
||||
if( rng_dl == 0 )
|
||||
return POLARSSL_ERR_RSA_RNG_FAILED;
|
||||
if( rng_dl == 0 || ret != 0)
|
||||
return POLARSSL_ERR_RSA_RNG_FAILED + ret;
|
||||
|
||||
p++;
|
||||
}
|
||||
|
@ -427,8 +427,10 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
|
|||
|
||||
// Generate a random octet string seed
|
||||
//
|
||||
for( i = 0; i < hlen; ++i )
|
||||
*p++ = (unsigned char) f_rng( p_rng );
|
||||
if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 )
|
||||
return( POLARSSL_ERR_RSA_RNG_FAILED + ret );
|
||||
|
||||
p += hlen;
|
||||
|
||||
// Construct DB
|
||||
//
|
||||
|
@ -578,7 +580,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
|
|||
* Do an RSA operation to sign the message digest
|
||||
*/
|
||||
int rsa_pkcs1_sign( rsa_context *ctx,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng,
|
||||
int mode,
|
||||
int hash_id,
|
||||
|
@ -590,7 +592,7 @@ int rsa_pkcs1_sign( rsa_context *ctx,
|
|||
unsigned char *p = sig;
|
||||
#if defined(POLARSSL_PKCS1_V21)
|
||||
unsigned char salt[POLARSSL_MD_MAX_SIZE];
|
||||
unsigned int i, slen, hlen, offset = 0;
|
||||
unsigned int slen, hlen, offset = 0, ret;
|
||||
size_t msb;
|
||||
const md_info_t *md_info;
|
||||
md_context_t md_ctx;
|
||||
|
@ -757,8 +759,8 @@ int rsa_pkcs1_sign( rsa_context *ctx,
|
|||
|
||||
// Generate salt of length slen
|
||||
//
|
||||
for( i = 0; i < slen; ++i )
|
||||
salt[i] = (unsigned char) f_rng( p_rng );
|
||||
if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 )
|
||||
return( POLARSSL_ERR_RSA_RNG_FAILED + ret );
|
||||
|
||||
// Note: EMSA-PSS encoding is over the length of N - 1 bits
|
||||
//
|
||||
|
@ -1080,12 +1082,17 @@ void rsa_free( rsa_context *ctx )
|
|||
#define RSA_PT "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \
|
||||
"\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD"
|
||||
|
||||
static int myrand( void *rng_state )
|
||||
static int myrand( void *rng_state, unsigned char *output, size_t len )
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if( rng_state != NULL )
|
||||
rng_state = NULL;
|
||||
|
||||
return( rand() );
|
||||
for( i = 0; i < len; ++i )
|
||||
output[i] = rand();
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
@ -81,8 +81,10 @@ static int ssl_write_client_hello( ssl_context *ssl )
|
|||
|
||||
SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) );
|
||||
|
||||
for( i = 28; i > 0; i-- )
|
||||
*p++ = (unsigned char) ssl->f_rng( ssl->p_rng );
|
||||
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
p += 28;
|
||||
|
||||
memcpy( ssl->randbytes, buf + 6, 32 );
|
||||
|
||||
|
@ -583,8 +585,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
|||
ssl->premaster[1] = (unsigned char) ssl->max_minor_ver;
|
||||
ssl->pmslen = 48;
|
||||
|
||||
for( i = 2; i < ssl->pmslen; i++ )
|
||||
ssl->premaster[i] = (unsigned char) ssl->f_rng( ssl->p_rng );
|
||||
ret = ssl->f_rng( ssl->p_rng, ssl->premaster + 2, ssl->pmslen - 2 );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
i = 4;
|
||||
n = ssl->peer_cert->rsa.len;
|
||||
|
|
|
@ -359,7 +359,7 @@ have_ciphersuite:
|
|||
static int ssl_write_server_hello( ssl_context *ssl )
|
||||
{
|
||||
time_t t;
|
||||
int ret, i, n;
|
||||
int ret, n;
|
||||
unsigned char *buf, *p;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> write server hello" ) );
|
||||
|
@ -388,8 +388,10 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
|||
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) );
|
||||
|
||||
for( i = 28; i > 0; i-- )
|
||||
*p++ = (unsigned char) ssl->f_rng( ssl->p_rng );
|
||||
if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
p += 28;
|
||||
|
||||
memcpy( ssl->randbytes + 32, buf + 6, 32 );
|
||||
|
||||
|
@ -413,9 +415,8 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
|||
ssl->resume = 0;
|
||||
ssl->state++;
|
||||
|
||||
for( i = 0; i < n; i++ )
|
||||
ssl->session->id[i] =
|
||||
(unsigned char) ssl->f_rng( ssl->p_rng );
|
||||
if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session->id, n ) ) != 0 )
|
||||
return( ret );
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -823,8 +824,9 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
|||
*/
|
||||
ssl->pmslen = 48;
|
||||
|
||||
for( i = 0; i < ssl->pmslen; i++ )
|
||||
ssl->premaster[i] = (unsigned char) ssl->f_rng( ssl->p_rng );
|
||||
ret = ssl->f_rng( ssl->p_rng, ssl->premaster, ssl->pmslen );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -578,8 +578,9 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
|||
/*
|
||||
* Generate IV
|
||||
*/
|
||||
for( i = 0; i < ssl->ivlen; i++ )
|
||||
ssl->iv_enc[i] = ssl->f_rng( ssl->p_rng );
|
||||
int ret = ssl->f_rng( ssl->p_rng, ssl->iv_enc, ssl->ivlen );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
/*
|
||||
* Shift message for ivlen bytes and prepend IV
|
||||
|
@ -1796,7 +1797,7 @@ void ssl_set_verify( ssl_context *ssl,
|
|||
}
|
||||
|
||||
void ssl_set_rng( ssl_context *ssl,
|
||||
int (*f_rng)(void *),
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
ssl->f_rng = f_rng;
|
||||
|
|
|
@ -207,7 +207,7 @@ int main( int argc, char *argv[] )
|
|||
|
||||
n = dhm.len;
|
||||
if( ( ret = dhm_make_public( &dhm, 256, buf, n,
|
||||
havege_rand, &hs ) ) != 0 )
|
||||
havege_random, &hs ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! dhm_make_public returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
|
|
@ -80,7 +80,7 @@ int main( int argc, char *argv[] )
|
|||
* This can take a long time...
|
||||
*/
|
||||
if( ( ret = mpi_gen_prime( &P, DH_P_SIZE, 1,
|
||||
havege_rand, &hs ) ) != 0 )
|
||||
havege_random, &hs ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! mpi_gen_prime returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
@ -101,7 +101,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = mpi_is_prime( &Q, havege_rand, &hs ) ) != 0 )
|
||||
if( ( ret = mpi_is_prime( &Q, havege_random, &hs ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! mpi_is_prime returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
|
|
@ -172,7 +172,7 @@ int main( int argc, char *argv[] )
|
|||
memset( buf, 0, sizeof( buf ) );
|
||||
|
||||
if( ( ret = dhm_make_params( &dhm, 256, buf, &n,
|
||||
havege_rand, &hs ) ) != 0 )
|
||||
havege_random, &hs ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! dhm_make_params returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
|
|
@ -110,7 +110,7 @@ int main( int argc, char *argv[] )
|
|||
printf( "\n . Generating the RSA encrypted value" );
|
||||
fflush( stdout );
|
||||
|
||||
if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_rand, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 )
|
||||
if( ( ret = rsa_pkcs1_encrypt( &rsa, havege_random, &hs, RSA_PUBLIC, strlen( argv[1] ), input, buf ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! rsa_pkcs1_encrypt returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
|
|
@ -74,7 +74,7 @@ int main( int argc, char *argv[] )
|
|||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
|
||||
if( ( ret = rsa_gen_key( &rsa, havege_rand, &hs, KEY_SIZE, EXPONENT ) ) != 0 )
|
||||
if( ( ret = rsa_gen_key( &rsa, havege_random, &hs, KEY_SIZE, EXPONENT ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! rsa_gen_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
|
|
|
@ -105,7 +105,7 @@ int main( int argc, char *argv[] )
|
|||
goto exit;
|
||||
}
|
||||
|
||||
if( ( ret = rsa_pkcs1_sign( &rsa, havege_rand, &hs, RSA_PRIVATE, SIG_RSA_SHA1,
|
||||
if( ( ret = rsa_pkcs1_sign( &rsa, havege_random, &hs, RSA_PRIVATE, SIG_RSA_SHA1,
|
||||
20, hash, buf ) ) != 0 )
|
||||
{
|
||||
printf( " failed\n ! rsa_pkcs1_sign returned %d\n\n", ret );
|
||||
|
|
|
@ -44,7 +44,7 @@ int main( int argc, char *argv[] )
|
|||
{
|
||||
FILE *f;
|
||||
time_t t;
|
||||
int i, j, k;
|
||||
int i, k;
|
||||
havege_state hs;
|
||||
unsigned char buf[1024];
|
||||
|
||||
|
@ -66,8 +66,12 @@ int main( int argc, char *argv[] )
|
|||
|
||||
for( i = 0, k = 768; i < k; i++ )
|
||||
{
|
||||
for( j = 0; j < (int) sizeof( buf ); j++ )
|
||||
buf[j] = havege_rand( &hs );
|
||||
if( havege_random( &hs, buf, sizeof( buf ) ) != 0 )
|
||||
{
|
||||
printf( "Failed to get random from source.\n" );
|
||||
fclose( f );
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
fwrite( buf, sizeof( buf ), 1, f );
|
||||
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
#include "polarssl/net.h"
|
||||
#include "polarssl/ssl.h"
|
||||
#include "polarssl/havege.h"
|
||||
#include "polarssl/error.h"
|
||||
|
||||
#define SERVER_PORT 4433
|
||||
#define SERVER_NAME "localhost"
|
||||
|
@ -116,7 +117,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||
net_send, &server_fd );
|
||||
|
@ -183,6 +184,15 @@ int main( int argc, char *argv[] )
|
|||
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
error_strerror( ret, error_buf, 100 );
|
||||
printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
net_close( server_fd );
|
||||
ssl_free( &ssl );
|
||||
|
||||
|
|
|
@ -38,6 +38,7 @@
|
|||
#include "polarssl/havege.h"
|
||||
#include "polarssl/certs.h"
|
||||
#include "polarssl/x509.h"
|
||||
#include "polarssl/error.h"
|
||||
|
||||
#define DFL_SERVER_NAME "localhost"
|
||||
#define DFL_SERVER_PORT 4433
|
||||
|
@ -328,7 +329,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||
net_send, &server_fd );
|
||||
|
@ -452,6 +453,15 @@ int main( int argc, char *argv[] )
|
|||
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
error_strerror( ret, error_buf, 100 );
|
||||
printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( server_fd )
|
||||
net_close( server_fd );
|
||||
x509_free( &clicert );
|
||||
|
|
|
@ -333,7 +333,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio( &ssl, net_recv, &client_fd,
|
||||
net_send, &client_fd );
|
||||
|
|
|
@ -581,7 +581,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_OPTIONAL );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||
net_send, &server_fd );
|
||||
|
|
|
@ -42,6 +42,7 @@
|
|||
#include "polarssl/x509.h"
|
||||
#include "polarssl/ssl.h"
|
||||
#include "polarssl/net.h"
|
||||
#include "polarssl/error.h"
|
||||
|
||||
#define HTTP_RESPONSE \
|
||||
"HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
|
||||
|
@ -261,7 +262,6 @@ int main( int argc, char *argv[] )
|
|||
printf( " . Setting up the RNG and SSL data...." );
|
||||
fflush( stdout );
|
||||
|
||||
memset( &ssl, 0, sizeof( ssl ) );
|
||||
havege_init( &hs );
|
||||
|
||||
if( ( ret = ssl_init( &ssl ) ) != 0 )
|
||||
|
@ -273,7 +273,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
|
||||
ssl_set_scb( &ssl, my_get_session,
|
||||
|
@ -291,6 +291,15 @@ int main( int argc, char *argv[] )
|
|||
printf( " ok\n" );
|
||||
|
||||
reset:
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
error_strerror( ret, error_buf, 100 );
|
||||
printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
if( client_fd != -1 )
|
||||
net_close( client_fd );
|
||||
|
||||
|
@ -422,10 +431,20 @@ reset:
|
|||
printf( " %d bytes written\n\n%s\n", len, (char *) buf );
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
ret = 0;
|
||||
goto reset;
|
||||
|
||||
exit:
|
||||
|
||||
#ifdef POLARSSL_ERROR_C
|
||||
if( ret != 0 )
|
||||
{
|
||||
char error_buf[100];
|
||||
error_strerror( ret, error_buf, 100 );
|
||||
printf("Last error was: %d - %s\n\n", ret, error_buf );
|
||||
}
|
||||
#endif
|
||||
|
||||
net_close( client_fd );
|
||||
x509_free( &srvcert );
|
||||
rsa_free( &rsa );
|
||||
|
|
|
@ -47,12 +47,27 @@
|
|||
|
||||
#define BUFSIZE 1024
|
||||
|
||||
static int myrand( void *rng_state )
|
||||
static int myrand( void *rng_state, unsigned char *output, size_t len )
|
||||
{
|
||||
size_t use_len;
|
||||
int rnd;
|
||||
|
||||
if( rng_state != NULL )
|
||||
rng_state = NULL;
|
||||
|
||||
return( rand() );
|
||||
while( len > 0 )
|
||||
{
|
||||
use_len = len;
|
||||
if( use_len > sizeof(int) )
|
||||
use_len = sizeof(int);
|
||||
|
||||
rnd = rand();
|
||||
memcpy( output, &rnd, use_len );
|
||||
output += use_len;
|
||||
len -= use_len;
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
unsigned char buf[BUFSIZE];
|
||||
|
|
|
@ -257,7 +257,7 @@ static int ssl_test( struct options *opt )
|
|||
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, opt );
|
||||
ssl_set_bio( &ssl, net_recv, &client_fd,
|
||||
net_send, &client_fd );
|
||||
|
|
|
@ -250,7 +250,7 @@ int main( int argc, char *argv[] )
|
|||
ssl_set_endpoint( &ssl, SSL_IS_CLIENT );
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
|
||||
ssl_set_rng( &ssl, havege_rand, &hs );
|
||||
ssl_set_rng( &ssl, havege_random, &hs );
|
||||
ssl_set_dbg( &ssl, my_debug, stdout );
|
||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||
net_send, &server_fd );
|
||||
|
|
|
@ -97,12 +97,17 @@ void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
|
|||
*
|
||||
* rng_state shall be NULL.
|
||||
*/
|
||||
static int rnd_std_rand( void *rng_state )
|
||||
static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
|
||||
{
|
||||
size_t i;
|
||||
|
||||
if( rng_state != NULL )
|
||||
rng_state = NULL;
|
||||
|
||||
return( rand() );
|
||||
for( i = 0; i < len; ++i )
|
||||
output[i] = rand();
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -110,19 +115,20 @@ static int rnd_std_rand( void *rng_state )
|
|||
*
|
||||
* rng_state shall be NULL.
|
||||
*/
|
||||
static int rnd_zero_rand( void *rng_state )
|
||||
static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
|
||||
{
|
||||
if( rng_state != NULL )
|
||||
rng_state = NULL;
|
||||
|
||||
memset( output, 0, len );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
typedef struct
|
||||
{
|
||||
unsigned char *buf;
|
||||
int length;
|
||||
int per_call;
|
||||
size_t length;
|
||||
} rnd_buf_info;
|
||||
|
||||
/**
|
||||
|
@ -136,34 +142,29 @@ typedef struct
|
|||
*
|
||||
* After the buffer is empty it will return rand();
|
||||
*/
|
||||
static int rnd_buffer_rand( void *rng_state )
|
||||
static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
|
||||
{
|
||||
rnd_buf_info *info = (rnd_buf_info *) rng_state;
|
||||
int res;
|
||||
size_t use_len;
|
||||
|
||||
if( rng_state == NULL )
|
||||
return( rand() );
|
||||
return( rnd_std_rand( NULL, output, len ) );
|
||||
|
||||
if( info->per_call > 4 )
|
||||
info->per_call = 4;
|
||||
else if( info->per_call < 1 )
|
||||
info->per_call = 1;
|
||||
use_len = len;
|
||||
if( len > info->length )
|
||||
use_len = info->length;
|
||||
|
||||
res = rand();
|
||||
|
||||
if( info->length >= info->per_call )
|
||||
if( use_len )
|
||||
{
|
||||
memcpy( &res, info->buf, info->per_call );
|
||||
info->buf += info->per_call;
|
||||
info->length -= info->per_call;
|
||||
}
|
||||
else if( info->length > 0 )
|
||||
{
|
||||
memcpy( &res, info->buf, info->length );
|
||||
info->length = 0;
|
||||
memcpy( output, info->buf, use_len );
|
||||
info->buf += use_len;
|
||||
info->length -= use_len;
|
||||
}
|
||||
|
||||
return( res );
|
||||
if( len - use_len > 0 )
|
||||
return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -187,21 +188,33 @@ typedef struct
|
|||
*
|
||||
* rng_state shall be a pointer to a rnd_pseudo_info structure.
|
||||
*/
|
||||
static int rnd_pseudo_rand( void *rng_state )
|
||||
static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
|
||||
{
|
||||
rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
|
||||
uint32_t i, *k, sum = 0, delta=0x9E3779B9;
|
||||
uint32_t i, *k, sum, delta=0x9E3779B9;
|
||||
|
||||
if( rng_state == NULL )
|
||||
return( rand() );
|
||||
return( rnd_std_rand( NULL, output, len ) );
|
||||
|
||||
k = info->key;
|
||||
for( i = 0; i < 32; i++ )
|
||||
|
||||
while( len > 0 )
|
||||
{
|
||||
info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
|
||||
sum += delta;
|
||||
info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
|
||||
size_t use_len = len;
|
||||
sum = 0;
|
||||
|
||||
use_len = 1;
|
||||
|
||||
for( i = 0; i < 32; i++ )
|
||||
{
|
||||
info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
|
||||
sum += delta;
|
||||
info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
|
||||
}
|
||||
|
||||
memcpy( output, &info->v0, use_len );
|
||||
len -= use_len;
|
||||
}
|
||||
|
||||
return( info->v0 );
|
||||
return( 0 );
|
||||
}
|
||||
|
|
|
@ -26,7 +26,6 @@ pkcs1_rsaes_oaep_encrypt:mod:radix_N:input_N:radix_E:input_E:hash:message_hex_st
|
|||
|
||||
info.length = unhexify( rnd_buf, {seed} );
|
||||
info.buf = rnd_buf;
|
||||
info.per_call = 1;
|
||||
|
||||
rsa_init( &ctx, RSA_PKCS_V21, {hash} );
|
||||
memset( message_str, 0x00, 1000 );
|
||||
|
@ -114,7 +113,6 @@ pkcs1_rsassa_pss_sign:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_
|
|||
|
||||
info.length = unhexify( rnd_buf, {salt} );
|
||||
info.buf = rnd_buf;
|
||||
info.per_call = 1;
|
||||
|
||||
mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G );
|
||||
rsa_init( &ctx, RSA_PKCS_V21, {hash} );
|
||||
|
|
|
@ -514,7 +514,7 @@ rsa_gen_key:nrbits:exponent:result
|
|||
havege_init( &hs );
|
||||
rsa_init( &ctx, 0, 0 );
|
||||
|
||||
TEST_ASSERT( rsa_gen_key( &ctx, havege_rand, &hs, {nrbits}, {exponent} ) == {result} );
|
||||
TEST_ASSERT( rsa_gen_key( &ctx, havege_random, &hs, {nrbits}, {exponent} ) == {result} );
|
||||
if( {result} == 0 )
|
||||
{
|
||||
TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
|
||||
|
|
Loading…
Reference in a new issue