1 files changed, 12 insertions, 44 deletions
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c
index 8041f61ab..f577e0f7a 100644
--- a/src/util/crypto_kdf.c
+++ b/src/util/crypto_kdf.c
@@ -32,17 +32,7 @@
 #define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-kdf", __VA_ARGS__)
-/**
- * @brief Derive key
- * @param result buffer for the derived key, allocated by caller
- * @param out_len desired length of the derived key
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param argp va_list of void * & size_t pairs for context chunks
- * @return #GNUNET_YES on success
- */
 enum GNUNET_GenericReturnValue
 GNUNET_CRYPTO_kdf_v (void *result,
                     size_t out_len,
@@ -75,17 +65,6 @@ GNUNET_CRYPTO_kdf_v (void *result,
 }
-/**
- * @brief Derive key
- * @param result buffer for the derived key, allocated by caller
- * @param out_len desired length of the derived key
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param ... void * & size_t pairs for context chunks
- * @return #GNUNET_YES on success
- */
 enum GNUNET_GenericReturnValue
 GNUNET_CRYPTO_kdf (void *result,
                   size_t out_len,
@@ -111,18 +90,6 @@ GNUNET_CRYPTO_kdf (void *result,
 }
-/**
- * Deterministically generate a pseudo-random number uniformly from the
- * integers modulo a libgcrypt mpi.
- *
- * @param[out] r MPI value set to the FDH
- * @param n MPI to work modulo
- * @param xts salt
- * @param xts_len length of @a xts
- * @param skm source key material
- * @param skm_len length of @a skm
- * @param ctx context string
- */
 void
 GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
                           gcry_mpi_t n,
@@ -137,33 +104,34 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
  nbits = gcry_mpi_get_nbits (n);
  /* GNUNET_assert (nbits > 512); */
  ctr = 0;
  while (1)
  {
    /* Ain't clear if n is always divisible by 8 */
-    uint8_t buf[ (nbits - 1) / 8 + 1 ];
+    size_t bsize = (nbits - 1) / 8 + 1;
+    uint8_t buf[bsize];
    uint16_t ctr_nbo = htons (ctr);
-    memset (buf, 0, sizeof (buf));
    rc = GNUNET_CRYPTO_kdf (buf,
-                            sizeof(buf),
+                            bsize,
                            xts, xts_len,
                            skm, skm_len,
                            ctx, strlen (ctx),
                            &ctr_nbo, sizeof(ctr_nbo),
                            NULL, 0);
    GNUNET_assert (GNUNET_YES == rc);
    rc = gcry_mpi_scan (r,
                        GCRYMPI_FMT_USG,
                        (const unsigned char *) buf,
-                        sizeof(buf),
+                        bsize,
                        &rsize);
-    GNUNET_assert (0 == rc);  /* Allocation error? */
+    GNUNET_assert (GPG_ERR_NO_ERROR == rc);  /* Allocation error? */
-    GNUNET_assert (rsize == sizeof (buf));
+    GNUNET_assert (rsize == bsize);
-    gcry_mpi_clear_highbit (*r, nbits);
+    gcry_mpi_clear_highbit (*r,
-    GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits));
+                            nbits);
+    GNUNET_assert (0 ==
+                   gcry_mpi_test_bit (*r,
+                                      nbits));
    ++ctr;
    /* We reject this FDH if either *r > n and retry with another ctr */
    if (0 > gcry_mpi_cmp (*r, n))

diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c index 8041f61ab..f577e0f7a 100644 --- a/src/util/crypto_kdf.c +++ b/src/util/crypto_kdf.c
@@ -32,17 +32,7 @@
32		32
33	#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-kdf", __VA_ARGS__)	33	#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-kdf", __VA_ARGS__)
34		34
35	/**	35
36	* @brief Derive key
37	* @param result buffer for the derived key, allocated by caller
38	* @param out_len desired length of the derived key
39	* @param xts salt
40	* @param xts_len length of @a xts
41	* @param skm source key material
42	* @param skm_len length of @a skm
43	* @param argp va_list of void * & size_t pairs for context chunks
44	* @return #GNUNET_YES on success
45	*/
46	enum GNUNET_GenericReturnValue	36	enum GNUNET_GenericReturnValue
47	GNUNET_CRYPTO_kdf_v (void *result,	37	GNUNET_CRYPTO_kdf_v (void *result,
48	size_t out_len,	38	size_t out_len,
@@ -75,17 +65,6 @@ GNUNET_CRYPTO_kdf_v (void *result,
75	}	65	}
76		66
77		67
78	/**
79	* @brief Derive key
80	* @param result buffer for the derived key, allocated by caller
81	* @param out_len desired length of the derived key
82	* @param xts salt
83	* @param xts_len length of @a xts
84	* @param skm source key material
85	* @param skm_len length of @a skm
86	* @param ... void * & size_t pairs for context chunks
87	* @return #GNUNET_YES on success
88	*/
89	enum GNUNET_GenericReturnValue	68	enum GNUNET_GenericReturnValue
90	GNUNET_CRYPTO_kdf (void *result,	69	GNUNET_CRYPTO_kdf (void *result,
91	size_t out_len,	70	size_t out_len,
@@ -111,18 +90,6 @@ GNUNET_CRYPTO_kdf (void *result,
111	}	90	}
112		91
113		92
114	/**
115	* Deterministically generate a pseudo-random number uniformly from the
116	* integers modulo a libgcrypt mpi.
117	*
118	* @param[out] r MPI value set to the FDH
119	* @param n MPI to work modulo
120	* @param xts salt
121	* @param xts_len length of @a xts
122	* @param skm source key material
123	* @param skm_len length of @a skm
124	* @param ctx context string
125	*/
126	void	93	void
127	GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,	94	GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
128	gcry_mpi_t n,	95	gcry_mpi_t n,
@@ -137,33 +104,34 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
137		104
138	nbits = gcry_mpi_get_nbits (n);	105	nbits = gcry_mpi_get_nbits (n);
139	/* GNUNET_assert (nbits > 512); */	106	/* GNUNET_assert (nbits > 512); */
140
141	ctr = 0;	107	ctr = 0;
142	while (1)	108	while (1)
143	{	109	{
144	/* Ain't clear if n is always divisible by 8 */	110	/* Ain't clear if n is always divisible by 8 */
145	uint8_t buf[ (nbits - 1) / 8 + 1 ];	111	size_t bsize = (nbits - 1) / 8 + 1;
		112	uint8_t buf[bsize];
146	uint16_t ctr_nbo = htons (ctr);	113	uint16_t ctr_nbo = htons (ctr);
147		114
148	memset (buf, 0, sizeof (buf));
149	rc = GNUNET_CRYPTO_kdf (buf,	115	rc = GNUNET_CRYPTO_kdf (buf,
150	sizeof(buf),	116	bsize,
151	xts, xts_len,	117	xts, xts_len,
152	skm, skm_len,	118	skm, skm_len,
153	ctx, strlen (ctx),	119	ctx, strlen (ctx),
154	&ctr_nbo, sizeof(ctr_nbo),	120	&ctr_nbo, sizeof(ctr_nbo),
155	NULL, 0);	121	NULL, 0);
156	GNUNET_assert (GNUNET_YES == rc);	122	GNUNET_assert (GNUNET_YES == rc);
157
158	rc = gcry_mpi_scan (r,	123	rc = gcry_mpi_scan (r,
159	GCRYMPI_FMT_USG,	124	GCRYMPI_FMT_USG,
160	(const unsigned char *) buf,	125	(const unsigned char *) buf,
161	sizeof(buf),	126	bsize,
162	&rsize);	127	&rsize);
163	GNUNET_assert (0 == rc); /* Allocation error? */	128	GNUNET_assert (GPG_ERR_NO_ERROR == rc); /* Allocation error? */
164	GNUNET_assert (rsize == sizeof (buf));	129	GNUNET_assert (rsize == bsize);
165	gcry_mpi_clear_highbit (*r, nbits);	130	gcry_mpi_clear_highbit (*r,
166	GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits));	131	nbits);
		132	GNUNET_assert (0 ==
		133	gcry_mpi_test_bit (*r,
		134	nbits));
167	++ctr;	135	++ctr;
168	/* We reject this FDH if either r > n and retry with another ctr /	136	/* We reject this FDH if either r > n and retry with another ctr /
169	if (0 > gcry_mpi_cmp (*r, n))	137	if (0 > gcry_mpi_cmp (*r, n))