diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/pq/pq_result_helper.c | 6 | ||||
-rw-r--r-- | src/util/crypto_kdf.c | 9 | ||||
-rw-r--r-- | src/util/crypto_rsa.c | 20 |
3 files changed, 24 insertions, 11 deletions
diff --git a/src/pq/pq_result_helper.c b/src/pq/pq_result_helper.c index 2c11f5202..f3d246c36 100644 --- a/src/pq/pq_result_helper.c +++ b/src/pq/pq_result_helper.c | |||
@@ -1086,6 +1086,12 @@ extract_uint64 (void *cls, | |||
1086 | fnum)) | 1086 | fnum)) |
1087 | { | 1087 | { |
1088 | GNUNET_break (0); | 1088 | GNUNET_break (0); |
1089 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1090 | "Got length %u for field `%s'\n", | ||
1091 | PQgetlength (result, | ||
1092 | row, | ||
1093 | fnum), | ||
1094 | fname); | ||
1089 | return GNUNET_SYSERR; | 1095 | return GNUNET_SYSERR; |
1090 | } | 1096 | } |
1091 | res = (uint64_t *) PQgetvalue (result, | 1097 | res = (uint64_t *) PQgetvalue (result, |
diff --git a/src/util/crypto_kdf.c b/src/util/crypto_kdf.c index 0dc734549..8041f61ab 100644 --- a/src/util/crypto_kdf.c +++ b/src/util/crypto_kdf.c | |||
@@ -43,7 +43,7 @@ | |||
43 | * @param argp va_list of void * & size_t pairs for context chunks | 43 | * @param argp va_list of void * & size_t pairs for context chunks |
44 | * @return #GNUNET_YES on success | 44 | * @return #GNUNET_YES on success |
45 | */ | 45 | */ |
46 | int | 46 | enum GNUNET_GenericReturnValue |
47 | GNUNET_CRYPTO_kdf_v (void *result, | 47 | GNUNET_CRYPTO_kdf_v (void *result, |
48 | size_t out_len, | 48 | size_t out_len, |
49 | const void *xts, | 49 | const void *xts, |
@@ -62,7 +62,7 @@ GNUNET_CRYPTO_kdf_v (void *result, | |||
62 | * hash function." | 62 | * hash function." |
63 | * | 63 | * |
64 | * http://eprint.iacr.org/2010/264 | 64 | * http://eprint.iacr.org/2010/264 |
65 | */// | 65 | */ |
66 | return GNUNET_CRYPTO_hkdf_v (result, | 66 | return GNUNET_CRYPTO_hkdf_v (result, |
67 | out_len, | 67 | out_len, |
68 | GCRY_MD_SHA512, | 68 | GCRY_MD_SHA512, |
@@ -86,7 +86,7 @@ GNUNET_CRYPTO_kdf_v (void *result, | |||
86 | * @param ... void * & size_t pairs for context chunks | 86 | * @param ... void * & size_t pairs for context chunks |
87 | * @return #GNUNET_YES on success | 87 | * @return #GNUNET_YES on success |
88 | */ | 88 | */ |
89 | int | 89 | enum GNUNET_GenericReturnValue |
90 | GNUNET_CRYPTO_kdf (void *result, | 90 | GNUNET_CRYPTO_kdf (void *result, |
91 | size_t out_len, | 91 | size_t out_len, |
92 | const void *xts, | 92 | const void *xts, |
@@ -145,6 +145,7 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, | |||
145 | uint8_t buf[ (nbits - 1) / 8 + 1 ]; | 145 | uint8_t buf[ (nbits - 1) / 8 + 1 ]; |
146 | uint16_t ctr_nbo = htons (ctr); | 146 | uint16_t ctr_nbo = htons (ctr); |
147 | 147 | ||
148 | memset (buf, 0, sizeof (buf)); | ||
148 | rc = GNUNET_CRYPTO_kdf (buf, | 149 | rc = GNUNET_CRYPTO_kdf (buf, |
149 | sizeof(buf), | 150 | sizeof(buf), |
150 | xts, xts_len, | 151 | xts, xts_len, |
@@ -160,7 +161,7 @@ GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, | |||
160 | sizeof(buf), | 161 | sizeof(buf), |
161 | &rsize); | 162 | &rsize); |
162 | GNUNET_assert (0 == rc); /* Allocation error? */ | 163 | GNUNET_assert (0 == rc); /* Allocation error? */ |
163 | 164 | GNUNET_assert (rsize == sizeof (buf)); | |
164 | gcry_mpi_clear_highbit (*r, nbits); | 165 | gcry_mpi_clear_highbit (*r, nbits); |
165 | GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits)); | 166 | GNUNET_assert (0 == gcry_mpi_test_bit (*r, nbits)); |
166 | ++ctr; | 167 | ++ctr; |
diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 43e6eedac..610e5febc 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c | |||
@@ -497,7 +497,8 @@ GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, | |||
497 | * @return True if gcd(r,n) = 1, False means RSA key is malicious | 497 | * @return True if gcd(r,n) = 1, False means RSA key is malicious |
498 | */ | 498 | */ |
499 | static int | 499 | static int |
500 | rsa_gcd_validate (gcry_mpi_t r, gcry_mpi_t n) | 500 | rsa_gcd_validate (gcry_mpi_t r, |
501 | gcry_mpi_t n) | ||
501 | { | 502 | { |
502 | gcry_mpi_t g; | 503 | gcry_mpi_t g; |
503 | int t; | 504 | int t; |
@@ -525,24 +526,29 @@ rsa_blinding_key_derive (const struct GNUNET_CRYPTO_RsaPublicKey *pkey, | |||
525 | gcry_mpi_t n; | 526 | gcry_mpi_t n; |
526 | 527 | ||
527 | blind = GNUNET_new (struct RsaBlindingKey); | 528 | blind = GNUNET_new (struct RsaBlindingKey); |
528 | GNUNET_assert (NULL != blind); | ||
529 | 529 | ||
530 | /* Extract the composite n from the RSA public key */ | 530 | /* Extract the composite n from the RSA public key */ |
531 | GNUNET_assert (0 == key_from_sexp (&n, pkey->sexp, "rsa", "n")); | 531 | GNUNET_assert (0 == |
532 | key_from_sexp (&n, | ||
533 | pkey->sexp, | ||
534 | "rsa", | ||
535 | "n")); | ||
532 | /* Assert that it at least looks like an RSA key */ | 536 | /* Assert that it at least looks like an RSA key */ |
533 | GNUNET_assert (0 == gcry_mpi_get_flag (n, GCRYMPI_FLAG_OPAQUE)); | 537 | GNUNET_assert (0 == |
534 | 538 | gcry_mpi_get_flag (n, | |
539 | GCRYMPI_FLAG_OPAQUE)); | ||
535 | GNUNET_CRYPTO_kdf_mod_mpi (&blind->r, | 540 | GNUNET_CRYPTO_kdf_mod_mpi (&blind->r, |
536 | n, | 541 | n, |
537 | xts, strlen (xts), | 542 | xts, strlen (xts), |
538 | bks, sizeof(*bks), | 543 | bks, sizeof(*bks), |
539 | "Blinding KDF"); | 544 | "Blinding KDF"); |
540 | if (0 == rsa_gcd_validate (blind->r, n)) | 545 | if (0 == rsa_gcd_validate (blind->r, |
546 | n)) | ||
541 | { | 547 | { |
548 | gcry_mpi_release (blind->r); | ||
542 | GNUNET_free (blind); | 549 | GNUNET_free (blind); |
543 | blind = NULL; | 550 | blind = NULL; |
544 | } | 551 | } |
545 | |||
546 | gcry_mpi_release (n); | 552 | gcry_mpi_release (n); |
547 | return blind; | 553 | return blind; |
548 | } | 554 | } |