diff options
Diffstat (limited to 'src/ltc/misc')
-rw-r--r-- | src/ltc/misc/base64/base64_encode.c | 65 | ||||
-rw-r--r-- | src/ltc/misc/bcrypt/bcrypt.c | 2 | ||||
-rw-r--r-- | src/ltc/misc/crypt/crypt.c | 3 | ||||
-rw-r--r-- | src/ltc/misc/crypt/crypt_register_all_ciphers.c | 1 | ||||
-rw-r--r-- | src/ltc/misc/padding/padding_depad.c | 6 | ||||
-rw-r--r-- | src/ltc/misc/padding/padding_pad.c | 11 | ||||
-rw-r--r-- | src/ltc/misc/pkcs12/pkcs12_kdf.c | 2 | ||||
-rw-r--r-- | src/ltc/misc/ssh/ssh_encode_sequence_multi.c | 2 |
8 files changed, 77 insertions, 15 deletions
diff --git a/src/ltc/misc/base64/base64_encode.c b/src/ltc/misc/base64/base64_encode.c index ad512d83..ef8aee90 100644 --- a/src/ltc/misc/base64/base64_encode.c +++ b/src/ltc/misc/base64/base64_encode.c @@ -21,23 +21,45 @@ static const char * const codes_base64url = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; #endif /* LTC_BASE64_URL */ -static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen, - char *out, unsigned long *outlen, - const char *codes, int pad) +enum mode { + nopad = 0, + pad = 1, + lf = 2, + cr = 4, + ssh = 8, + crlf = lf | cr, +}; + +static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + const char *codes, unsigned int mode) { - unsigned long i, len2, leven; + unsigned long i, len2, leven, linelen; char *p; - LTC_ARGCHK(in != NULL); - LTC_ARGCHK(out != NULL); LTC_ARGCHK(outlen != NULL); + linelen = (mode & ssh) ? 72 : 64; + /* valid output size ? */ len2 = 4 * ((inlen + 2) / 3); + if ((mode & crlf) == lf) { + len2 += len2 / linelen; + } else if ((mode & crlf) == crlf) { + len2 += (len2 / linelen) * 2; + } if (*outlen < len2 + 1) { *outlen = len2 + 1; return CRYPT_BUFFER_OVERFLOW; } + + LTC_ARGCHK(in != NULL); + LTC_ARGCHK(out != NULL); + + if ((void*)in == out) { + return CRYPT_INVALID_ARG; + } + p = out; leven = 3*(inlen / 3); for (i = 0; i < leven; i += 3) { @@ -46,6 +68,10 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle *p++ = codes[(((in[1] & 0xf) << 2) + (in[2] >> 6)) & 0x3F]; *p++ = codes[in[2] & 0x3F]; in += 3; + if ((p - out) % linelen == 0) { + if (mode & cr) *p++ = '\r'; + if (mode & lf) *p++ = '\n'; + } } /* Pad it if necessary... */ if (i < inlen) { @@ -54,7 +80,7 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle *p++ = codes[(a >> 2) & 0x3F]; *p++ = codes[(((a & 3) << 4) + (b >> 4)) & 0x3F]; - if (pad) { + if (mode & pad) { *p++ = (i+1 < inlen) ? codes[(((b & 0xf) << 2)) & 0x3F] : '='; *p++ = '='; } @@ -83,7 +109,26 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle int base64_encode(const unsigned char *in, unsigned long inlen, char *out, unsigned long *outlen) { - return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, 1); + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, pad); +} + +/** + base64 Encode a buffer for PEM output + (NUL terminated with line-break at 64 chars) + @param in The input buffer to encode + @param inlen The length of the input buffer + @param out [out] The destination of the base64 encoded data + @param outlen [in/out] The max size and resulting size + @param flags \ref base64_pem_flags + @return CRYPT_OK if successful +*/ +int base64_encode_pem(const unsigned char *in, unsigned long inlen, + char *out, unsigned long *outlen, + unsigned int flags) +{ + int use_crlf = flags & BASE64_PEM_CRLF ? pad | crlf : pad | lf; + int ssh_style = flags & BASE64_PEM_SSH ? ssh : 0; + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, ssh_style | use_crlf); } #endif /* LTC_BASE64 */ @@ -100,13 +145,13 @@ int base64_encode(const unsigned char *in, unsigned long inlen, int base64url_encode(const unsigned char *in, unsigned long inlen, char *out, unsigned long *outlen) { - return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0); + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, nopad); } int base64url_strict_encode(const unsigned char *in, unsigned long inlen, char *out, unsigned long *outlen) { - return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1); + return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, pad); } #endif /* LTC_BASE64_URL */ diff --git a/src/ltc/misc/bcrypt/bcrypt.c b/src/ltc/misc/bcrypt/bcrypt.c index e1974f6a..1bebdffa 100644 --- a/src/ltc/misc/bcrypt/bcrypt.c +++ b/src/ltc/misc/bcrypt/bcrypt.c @@ -139,7 +139,7 @@ int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len, if ((err = hash_memory_multi(hash_idx, buf[0], &x, salt, salt_len, blkbuf, 4uL, - NULL, 0)) != CRYPT_OK) { + LTC_NULL)) != CRYPT_OK) { goto LBL_ERR; } y = MAXBLOCKSIZE; diff --git a/src/ltc/misc/crypt/crypt.c b/src/ltc/misc/crypt/crypt.c index 14576fa7..460cd59d 100644 --- a/src/ltc/misc/crypt/crypt.c +++ b/src/ltc/misc/crypt/crypt.c @@ -416,6 +416,9 @@ const char *crypt_build_settings = #if defined(LTC_ADLER32) " ADLER32 " #endif +#if defined(LTC_AES_NI) && defined(LTC_AMD64_SSE4_1) + " AES-NI " +#endif #if defined(LTC_BASE64) " BASE64 " #endif diff --git a/src/ltc/misc/crypt/crypt_register_all_ciphers.c b/src/ltc/misc/crypt/crypt_register_all_ciphers.c index bb2b873e..bfed2e68 100644 --- a/src/ltc/misc/crypt/crypt_register_all_ciphers.c +++ b/src/ltc/misc/crypt/crypt_register_all_ciphers.c @@ -16,6 +16,7 @@ int register_all_ciphers(void) { #ifdef LTC_RIJNDAEL + /* `aesni_desc` is explicitely not registered, since it's handled from within the `aes_desc` */ #ifdef ENCRYPT_ONLY /* alternative would be * register_cipher(&rijndael_enc_desc); diff --git a/src/ltc/misc/padding/padding_depad.c b/src/ltc/misc/padding/padding_depad.c index 7489de12..e3f71511 100644 --- a/src/ltc/misc/padding/padding_depad.c +++ b/src/ltc/misc/padding/padding_depad.c @@ -53,6 +53,12 @@ int padding_depad(const unsigned char *data, unsigned long *length, unsigned lon /* nop */ break; #endif + case LTC_PAD_SSH: + pad = 0x1; + for (n = unpadded_length; n < padded_length; ++n) { + if (data[n] != pad++) return CRYPT_INVALID_PACKET; + } + break; case LTC_PAD_ONE_AND_ZERO: while (unpadded_length > 0 && data[unpadded_length - 1] != 0x80) { if (data[unpadded_length - 1] != 0x0) return CRYPT_INVALID_PACKET; diff --git a/src/ltc/misc/padding/padding_pad.c b/src/ltc/misc/padding/padding_pad.c index 8a775b3d..7d8bbbad 100644 --- a/src/ltc/misc/padding/padding_pad.c +++ b/src/ltc/misc/padding/padding_pad.c @@ -32,6 +32,7 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode) case LTC_PAD_PKCS7: case LTC_PAD_ONE_AND_ZERO: case LTC_PAD_ZERO_ALWAYS: + case LTC_PAD_SSH: t = 1; break; #ifdef LTC_RNG_GET_BYTES @@ -78,10 +79,10 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode) */ int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode) { - unsigned long l; + unsigned long l, n; enum padding_type type; int err; - unsigned char diff; + unsigned char diff, pad; LTC_ARGCHK(data != NULL); LTC_ARGCHK(padded_length != NULL); @@ -125,6 +126,12 @@ int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded XMEMSET(&data[length], 0, diff-1); data[l-1] = diff; break; + case LTC_PAD_SSH: + pad = 0x1; + for (n = length; n < l; ++n) { + data[n] = pad++; + } + break; case LTC_PAD_ONE_AND_ZERO: XMEMSET(&data[length + 1], 0, diff); data[length] = 0x80; diff --git a/src/ltc/misc/pkcs12/pkcs12_kdf.c b/src/ltc/misc/pkcs12/pkcs12_kdf.c index 6bbdd168..1739af73 100644 --- a/src/ltc/misc/pkcs12/pkcs12_kdf.c +++ b/src/ltc/misc/pkcs12/pkcs12_kdf.c @@ -39,7 +39,7 @@ int pkcs12_kdf( int hash_id, for (i = 0; i < c; i++) { Alen = sizeof(A); - err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */ + err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, LTC_NULL); /* A = HASH(D || I) */ if (err != CRYPT_OK) goto DONE; for (j = 1; j < iterations; j++) { err = hash_memory(hash_id, A, Alen, A, &Alen); /* A = HASH(A) */ diff --git a/src/ltc/misc/ssh/ssh_encode_sequence_multi.c b/src/ltc/misc/ssh/ssh_encode_sequence_multi.c index d2be6897..4bec5e12 100644 --- a/src/ltc/misc/ssh/ssh_encode_sequence_multi.c +++ b/src/ltc/misc/ssh/ssh_encode_sequence_multi.c @@ -134,7 +134,7 @@ int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) STORE32H(size, out); out += 4; } - if ((err = mp_to_unsigned_bin(vdata, out)) != CRYPT_OK) { + if (mp_to_unsigned_bin(vdata, out) != CRYPT_OK) { err = CRYPT_ERROR; goto error; } |