summaryrefslogtreecommitdiff
path: root/src/ltc/misc
diff options
context:
space:
mode:
Diffstat (limited to 'src/ltc/misc')
-rw-r--r--src/ltc/misc/base64/base64_encode.c65
-rw-r--r--src/ltc/misc/bcrypt/bcrypt.c2
-rw-r--r--src/ltc/misc/crypt/crypt.c3
-rw-r--r--src/ltc/misc/crypt/crypt_register_all_ciphers.c1
-rw-r--r--src/ltc/misc/padding/padding_depad.c6
-rw-r--r--src/ltc/misc/padding/padding_pad.c11
-rw-r--r--src/ltc/misc/pkcs12/pkcs12_kdf.c2
-rw-r--r--src/ltc/misc/ssh/ssh_encode_sequence_multi.c2
8 files changed, 77 insertions, 15 deletions
diff --git a/src/ltc/misc/base64/base64_encode.c b/src/ltc/misc/base64/base64_encode.c
index ad512d83..ef8aee90 100644
--- a/src/ltc/misc/base64/base64_encode.c
+++ b/src/ltc/misc/base64/base64_encode.c
@@ -21,23 +21,45 @@ static const char * const codes_base64url =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
#endif /* LTC_BASE64_URL */
-static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen,
- char *out, unsigned long *outlen,
- const char *codes, int pad)
+enum mode {
+ nopad = 0,
+ pad = 1,
+ lf = 2,
+ cr = 4,
+ ssh = 8,
+ crlf = lf | cr,
+};
+
+static int s_base64_encode_internal(const unsigned char *in, unsigned long inlen,
+ char *out, unsigned long *outlen,
+ const char *codes, unsigned int mode)
{
- unsigned long i, len2, leven;
+ unsigned long i, len2, leven, linelen;
char *p;
- LTC_ARGCHK(in != NULL);
- LTC_ARGCHK(out != NULL);
LTC_ARGCHK(outlen != NULL);
+ linelen = (mode & ssh) ? 72 : 64;
+
/* valid output size ? */
len2 = 4 * ((inlen + 2) / 3);
+ if ((mode & crlf) == lf) {
+ len2 += len2 / linelen;
+ } else if ((mode & crlf) == crlf) {
+ len2 += (len2 / linelen) * 2;
+ }
if (*outlen < len2 + 1) {
*outlen = len2 + 1;
return CRYPT_BUFFER_OVERFLOW;
}
+
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(out != NULL);
+
+ if ((void*)in == out) {
+ return CRYPT_INVALID_ARG;
+ }
+
p = out;
leven = 3*(inlen / 3);
for (i = 0; i < leven; i += 3) {
@@ -46,6 +68,10 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle
*p++ = codes[(((in[1] & 0xf) << 2) + (in[2] >> 6)) & 0x3F];
*p++ = codes[in[2] & 0x3F];
in += 3;
+ if ((p - out) % linelen == 0) {
+ if (mode & cr) *p++ = '\r';
+ if (mode & lf) *p++ = '\n';
+ }
}
/* Pad it if necessary... */
if (i < inlen) {
@@ -54,7 +80,7 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle
*p++ = codes[(a >> 2) & 0x3F];
*p++ = codes[(((a & 3) << 4) + (b >> 4)) & 0x3F];
- if (pad) {
+ if (mode & pad) {
*p++ = (i+1 < inlen) ? codes[(((b & 0xf) << 2)) & 0x3F] : '=';
*p++ = '=';
}
@@ -83,7 +109,26 @@ static int s_base64_encode_internal(const unsigned char *in, unsigned long inle
int base64_encode(const unsigned char *in, unsigned long inlen,
char *out, unsigned long *outlen)
{
- return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, 1);
+ return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, pad);
+}
+
+/**
+ base64 Encode a buffer for PEM output
+ (NUL terminated with line-break at 64 chars)
+ @param in The input buffer to encode
+ @param inlen The length of the input buffer
+ @param out [out] The destination of the base64 encoded data
+ @param outlen [in/out] The max size and resulting size
+ @param flags \ref base64_pem_flags
+ @return CRYPT_OK if successful
+*/
+int base64_encode_pem(const unsigned char *in, unsigned long inlen,
+ char *out, unsigned long *outlen,
+ unsigned int flags)
+{
+ int use_crlf = flags & BASE64_PEM_CRLF ? pad | crlf : pad | lf;
+ int ssh_style = flags & BASE64_PEM_SSH ? ssh : 0;
+ return s_base64_encode_internal(in, inlen, out, outlen, codes_base64, ssh_style | use_crlf);
}
#endif /* LTC_BASE64 */
@@ -100,13 +145,13 @@ int base64_encode(const unsigned char *in, unsigned long inlen,
int base64url_encode(const unsigned char *in, unsigned long inlen,
char *out, unsigned long *outlen)
{
- return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 0);
+ return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, nopad);
}
int base64url_strict_encode(const unsigned char *in, unsigned long inlen,
char *out, unsigned long *outlen)
{
- return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, 1);
+ return s_base64_encode_internal(in, inlen, out, outlen, codes_base64url, pad);
}
#endif /* LTC_BASE64_URL */
diff --git a/src/ltc/misc/bcrypt/bcrypt.c b/src/ltc/misc/bcrypt/bcrypt.c
index e1974f6a..1bebdffa 100644
--- a/src/ltc/misc/bcrypt/bcrypt.c
+++ b/src/ltc/misc/bcrypt/bcrypt.c
@@ -139,7 +139,7 @@ int bcrypt_pbkdf_openbsd(const void *secret, unsigned long secret_len,
if ((err = hash_memory_multi(hash_idx, buf[0], &x,
salt, salt_len,
blkbuf, 4uL,
- NULL, 0)) != CRYPT_OK) {
+ LTC_NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
y = MAXBLOCKSIZE;
diff --git a/src/ltc/misc/crypt/crypt.c b/src/ltc/misc/crypt/crypt.c
index 14576fa7..460cd59d 100644
--- a/src/ltc/misc/crypt/crypt.c
+++ b/src/ltc/misc/crypt/crypt.c
@@ -416,6 +416,9 @@ const char *crypt_build_settings =
#if defined(LTC_ADLER32)
" ADLER32 "
#endif
+#if defined(LTC_AES_NI) && defined(LTC_AMD64_SSE4_1)
+ " AES-NI "
+#endif
#if defined(LTC_BASE64)
" BASE64 "
#endif
diff --git a/src/ltc/misc/crypt/crypt_register_all_ciphers.c b/src/ltc/misc/crypt/crypt_register_all_ciphers.c
index bb2b873e..bfed2e68 100644
--- a/src/ltc/misc/crypt/crypt_register_all_ciphers.c
+++ b/src/ltc/misc/crypt/crypt_register_all_ciphers.c
@@ -16,6 +16,7 @@
int register_all_ciphers(void)
{
#ifdef LTC_RIJNDAEL
+ /* `aesni_desc` is explicitely not registered, since it's handled from within the `aes_desc` */
#ifdef ENCRYPT_ONLY
/* alternative would be
* register_cipher(&rijndael_enc_desc);
diff --git a/src/ltc/misc/padding/padding_depad.c b/src/ltc/misc/padding/padding_depad.c
index 7489de12..e3f71511 100644
--- a/src/ltc/misc/padding/padding_depad.c
+++ b/src/ltc/misc/padding/padding_depad.c
@@ -53,6 +53,12 @@ int padding_depad(const unsigned char *data, unsigned long *length, unsigned lon
/* nop */
break;
#endif
+ case LTC_PAD_SSH:
+ pad = 0x1;
+ for (n = unpadded_length; n < padded_length; ++n) {
+ if (data[n] != pad++) return CRYPT_INVALID_PACKET;
+ }
+ break;
case LTC_PAD_ONE_AND_ZERO:
while (unpadded_length > 0 && data[unpadded_length - 1] != 0x80) {
if (data[unpadded_length - 1] != 0x0) return CRYPT_INVALID_PACKET;
diff --git a/src/ltc/misc/padding/padding_pad.c b/src/ltc/misc/padding/padding_pad.c
index 8a775b3d..7d8bbbad 100644
--- a/src/ltc/misc/padding/padding_pad.c
+++ b/src/ltc/misc/padding/padding_pad.c
@@ -32,6 +32,7 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode)
case LTC_PAD_PKCS7:
case LTC_PAD_ONE_AND_ZERO:
case LTC_PAD_ZERO_ALWAYS:
+ case LTC_PAD_SSH:
t = 1;
break;
#ifdef LTC_RNG_GET_BYTES
@@ -78,10 +79,10 @@ static int s_padding_padded_length(unsigned long *length, unsigned long mode)
*/
int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded_length, unsigned long mode)
{
- unsigned long l;
+ unsigned long l, n;
enum padding_type type;
int err;
- unsigned char diff;
+ unsigned char diff, pad;
LTC_ARGCHK(data != NULL);
LTC_ARGCHK(padded_length != NULL);
@@ -125,6 +126,12 @@ int padding_pad(unsigned char *data, unsigned long length, unsigned long* padded
XMEMSET(&data[length], 0, diff-1);
data[l-1] = diff;
break;
+ case LTC_PAD_SSH:
+ pad = 0x1;
+ for (n = length; n < l; ++n) {
+ data[n] = pad++;
+ }
+ break;
case LTC_PAD_ONE_AND_ZERO:
XMEMSET(&data[length + 1], 0, diff);
data[length] = 0x80;
diff --git a/src/ltc/misc/pkcs12/pkcs12_kdf.c b/src/ltc/misc/pkcs12/pkcs12_kdf.c
index 6bbdd168..1739af73 100644
--- a/src/ltc/misc/pkcs12/pkcs12_kdf.c
+++ b/src/ltc/misc/pkcs12/pkcs12_kdf.c
@@ -39,7 +39,7 @@ int pkcs12_kdf( int hash_id,
for (i = 0; i < c; i++) {
Alen = sizeof(A);
- err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */
+ err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, LTC_NULL); /* A = HASH(D || I) */
if (err != CRYPT_OK) goto DONE;
for (j = 1; j < iterations; j++) {
err = hash_memory(hash_id, A, Alen, A, &Alen); /* A = HASH(A) */
diff --git a/src/ltc/misc/ssh/ssh_encode_sequence_multi.c b/src/ltc/misc/ssh/ssh_encode_sequence_multi.c
index d2be6897..4bec5e12 100644
--- a/src/ltc/misc/ssh/ssh_encode_sequence_multi.c
+++ b/src/ltc/misc/ssh/ssh_encode_sequence_multi.c
@@ -134,7 +134,7 @@ int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
STORE32H(size, out);
out += 4;
}
- if ((err = mp_to_unsigned_bin(vdata, out)) != CRYPT_OK) {
+ if (mp_to_unsigned_bin(vdata, out) != CRYPT_OK) {
err = CRYPT_ERROR;
goto error;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 10:09:40 +0000