diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/pq/pq_result_helper.c | 6 | ||||
| -rw-r--r-- | src/util/crypto_kdf.c | 9 | ||||
| -rw-r--r-- | src/util/crypto_rsa.c | 20 |
3 files changed, 24 insertions, 11 deletions
diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c index 2c11f5202..f3d246c36 100644 --- a/src/pq/pq_result_helper.c +++ b/src/pq/pq_result_helper.c | |||
| @@ -1086,6 +1086,12 @@ extract_uint64 (void *cls, | |||
| 1086 | fnum)) | 1086 | fnum)) |
| 1087 | { | 1087 | { |
| 1088 | GNUNET_break (0); | 1088 | GNUNET_break (0); |
| 1089 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 1090 | "Got length %u for field `%s'\n", | ||
| 1091 | PQgetlength (result, | ||
| 1092 | row, | ||
| 1093 | fnum), | ||
| 1094 | fname); | ||
| 1089 | return GNUNET_SYSERR; | 1095 | return GNUNET_SYSERR; |
| 1090 | } | 1096 | } |
| 1091 | res = (uint64_t *) PQgetvalue (result, | 1097 | res = (uint64_t *) PQgetvalue (result, |
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c index 0dc734549..8041f61ab 100644 --- a/src/util/crypto_kdf.c +++ b/src/util/crypto_kdf.c | |||
| @@ -43,7 +43,7 @@ | |||
| 43 | * @param argp va_list of void * & size_t pairs for context chunks | 43 | * @param argp va_list of void * & size_t pairs for context chunks |
| 44 | * @return #GNUNET_YES on success | 44 | * @return #GNUNET_YES on success |
| 45 | */ | 45 | */ |
| 46 | int | 46 | enum GNUNET_GenericReturnValue |
| 47 | GNUNET_CRYPTO_kdf_v (void *result, | 47 | GNUNET_CRYPTO_kdf_v (void *result, |
| 48 | size_t out_len, | 48 | size_t out_len, |
| 49 | const void *xts, | 49 | const void *xts, |
| @@ -62,7 +62,7 @@ GNUNET_CRYPTO_kdf_v (void *result, | |||
| 62 | * hash function." | 62 | * hash function." |
| 63 | * | 63 | * |
| 64 | * http://eprint.iacr.org/2010/264 | 64 | * http://eprint.iacr.org/2010/264 |
| 65 | */// | 65 | */ |
| 66 | return GNUNET_CRYPTO_hkdf_v (result, | 66 | return GNUNET_CRYPTO_hkdf_v (result, |
| 67 | out_len, | 67 | out_len, |
| 68 | GCRY_MD_SHA512, | 68 | GCRY_MD_SHA512, |
| @@ -86,7 +86,7 @@ GNUNET_CRYPTO_kdf_v (void *result, | |||
| 86 | * @param ... void * & size_t pairs for context chunks | 86 | * @param ... void * & size_t pairs for context chunks |
| 87 | * @return #GNUNET_YES on success | 87 | * @return #GNUNET_YES on success |
| 88 | */ | 88 | */ |
| 89 | int | 89 | enum GNUNET_GenericReturnValue |
| 90 | GNUNET_CRYPTO_kdf (void *result, | 90 | GNUNET_CRYPTO_kdf (void *result, |
| 91 | size_t out_len, | 91 | size_t out_len, |
| 92 | const void *xts, | 92 | const void *xts, |
| @@ -145,6 +145,7 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, | |||
| 145 | uint8_t buf[ (nbits - 1) / 8 + 1 ]; | 145 | uint8_t buf[ (nbits - 1) / 8 + 1 ]; |
| 146 | uint16_t ctr_nbo = htons (ctr); | 146 | uint16_t ctr_nbo = htons (ctr); |
| 147 | 147 | ||
| 148 | memset (buf, 0, sizeof (buf)); | ||
| 148 | rc = GNUNET_CRYPTO_kdf (buf, | 149 | rc = GNUNET_CRYPTO_kdf (buf, |
| 149 | sizeof(buf), | 150 | sizeof(buf), |
| 150 | xts, xts_len, | 151 | xts, xts_len, |
| @@ -160,7 +161,7 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, | |||
| 160 | sizeof(buf), | 161 | sizeof(buf), |
| 161 | &rsize); | 162 | &rsize); |
| 162 | GNUNET_assert (0 == rc); /* Allocation error? */ | 163 | GNUNET_assert (0 == rc); /* Allocation error? */ |
| 163 | 164 | GNUNET_assert (rsize == sizeof (buf)); | |
| 164 | gcry_mpi_clear_highbit (*r, nbits); | 165 | gcry_mpi_clear_highbit (*r, nbits); |
| 165 | GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits)); | 166 | GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits)); |
| 166 | ++ctr; | 167 | ++ctr; |
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 43e6eedac..610e5febc 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
| @@ -497,7 +497,8 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, | |||
| 497 | * @return True if gcd(r,n) = 1, False means RSA key is malicious | 497 | * @return True if gcd(r,n) = 1, False means RSA key is malicious |
| 498 | */ | 498 | */ |
| 499 | static int | 499 | static int |
| 500 | rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n) | 500 | rsa_gcd_validate (gcry_mpi_t r, |
| 501 | gcry_mpi_t n) | ||
| 501 | { | 502 | { |
| 502 | gcry_mpi_t g; | 503 | gcry_mpi_t g; |
| 503 | int t; | 504 | int t; |
| @@ -525,24 +526,29 @@ rsa_blinding_key_derive (const struct GNUNET_CRYPTO_RsaPublicKey *pkey, | |||
| 525 | gcry_mpi_t n; | 526 | gcry_mpi_t n; |
| 526 | 527 | ||
| 527 | blind = GNUNET_new (struct RsaBlindingKey); | 528 | blind = GNUNET_new (struct RsaBlindingKey); |
| 528 | GNUNET_assert (NULL != blind); | ||
| 529 | 529 | ||
| 530 | /* Extract the composite n from the RSA public key */ | 530 | /* Extract the composite n from the RSA public key */ |
| 531 | GNUNET_assert (0 == key_from_sexp (&n, pkey->sexp, "rsa", "n")); | 531 | GNUNET_assert (0 == |
| 532 | key_from_sexp (&n, | ||
| 533 | pkey->sexp, | ||
| 534 | "rsa", | ||
| 535 | "n")); | ||
| 532 | /* Assert that it at least looks like an RSA key */ | 536 | /* Assert that it at least looks like an RSA key */ |
| 533 | GNUNET_assert (0 == gcry_mpi_get_flag (n, GCRYMPI_FLAG_OPAQUE)); | 537 | GNUNET_assert (0 == |
| 534 | 538 | gcry_mpi_get_flag (n, | |
| 539 | GCRYMPI_FLAG_OPAQUE)); | ||
| 535 | GNUNET_CRYPTO_kdf_mod_mpi (&blind->r, | 540 | GNUNET_CRYPTO_kdf_mod_mpi (&blind->r, |
| 536 | n, | 541 | n, |
| 537 | xts, strlen (xts), | 542 | xts, strlen (xts), |
| 538 | bks, sizeof(*bks), | 543 | bks, sizeof(*bks), |
| 539 | "Blinding KDF"); | 544 | "Blinding KDF"); |
| 540 | if (0 == rsa_gcd_validate (blind->r, n)) | 545 | if (0 == rsa_gcd_validate (blind->r, |
| 546 | n)) | ||
| 541 | { | 547 | { |
| 548 | gcry_mpi_release (blind->r); | ||
| 542 | GNUNET_free (blind); | 549 | GNUNET_free (blind); |
| 543 | blind = NULL; | 550 | blind = NULL; |
| 544 | } | 551 | } |
| 545 | |||
| 546 | gcry_mpi_release (n); | 552 | gcry_mpi_release (n); |
| 547 | return blind; | 553 | return blind; |
| 548 | } | 554 | } |