diff options
Diffstat (limited to 'src/ltc/pk/ecc/ecc_import_pkcs8.c')
-rw-r--r-- | src/ltc/pk/ecc/ecc_import_pkcs8.c | 121 |
1 files changed, 6 insertions, 115 deletions
diff --git a/src/ltc/pk/ecc/ecc_import_pkcs8.c b/src/ltc/pk/ecc/ecc_import_pkcs8.c index 323db2aa..e606699b 100644 --- a/src/ltc/pk/ecc/ecc_import_pkcs8.c +++ b/src/ltc/pk/ecc/ecc_import_pkcs8.c @@ -54,115 +54,6 @@ static const oid_st oid_list[] = { { { 0 }, 0 }, }; -static int _simple_utf8_to_utf16(const unsigned char *in, unsigned long inlen, - unsigned char *out, unsigned long *outlen) { - unsigned long len = 0; - const unsigned char* in_end = in + inlen; - const ulong32 offset[6] = { - 0x00000000UL, 0x00003080UL, 0x000E2080UL, - 0x03C82080UL, 0xFA082080UL, 0x82082080UL - }; - int err = CRYPT_ERROR; - - while (in < in_end) { - ulong32 ch = 0; - unsigned short extra = 0; /* 0 */ - if (*in >= 192) extra++; /* 1 */ - if (*in >= 224) extra++; /* 2 */ - if (*in >= 240) extra++; /* 3 */ - if (*in >= 248) extra++; /* 4 */ - if (*in >= 252) extra++; /* 5 */ - if (in + extra >= in_end) goto ERROR; - switch (extra) { - case 5: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ - case 4: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ - case 3: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ - case 2: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ - case 1: ch += *in++; ch <<= 6; - /* FALLTHROUGH */ - case 0: ch += *in++; - } - ch -= offset[extra]; - if (ch > 0xFFFF) goto ERROR; - if (*outlen >= len + 2) { - out[len] = (unsigned short)((ch >> 8) & 0xFF); - out[len + 1] = (unsigned char)(ch & 0xFF); - } - len += 2; - } - - err = len > *outlen ? CRYPT_BUFFER_OVERFLOW : CRYPT_OK; - *outlen = len; -ERROR: - return err; -} - -static int _kdf_pkcs12(int hash_id, const unsigned char *pw, unsigned long pwlen, - const unsigned char *salt, unsigned long saltlen, - unsigned int iterations, unsigned char purpose, - unsigned char *out, unsigned long outlen) -{ - unsigned long u = hash_descriptor[hash_id].hashsize; - unsigned long v = hash_descriptor[hash_id].blocksize; - unsigned long c = (outlen + u - 1) / u; - unsigned long Slen = ((saltlen + v - 1) / v) * v; - unsigned long Plen = ((pwlen + v - 1) / v) * v; - unsigned long k = (Plen + Slen) / v; - unsigned long Alen, keylen = 0; - unsigned int tmp, i, j, n; - unsigned char ch; - unsigned char D[MAXBLOCKSIZE], A[MAXBLOCKSIZE], B[MAXBLOCKSIZE]; - unsigned char *I = NULL, *key = NULL; - int err = CRYPT_ERROR; - - key = XMALLOC(u * c); - I = XMALLOC(Plen + Slen); - if (key == NULL || I == NULL) goto DONE; - zeromem(key, u * c); - - for (i = 0; i < v; i++) D[i] = purpose; /* D - diversifier */ - for (i = 0; i < Slen; i++) I[i] = salt[i % saltlen]; - for (i = 0; i < Plen; i++) I[Slen + i] = pw[i % pwlen]; /* I = Salt || Pass */ - - for (i = 0; i < c; i++) { - Alen = u; /* hash size */ - err = hash_memory_multi(hash_id, A, &Alen, D, v, I, Slen + Plen, NULL); /* A = HASH(D || I) */ - if (err != CRYPT_OK) goto DONE; - for (j = 1; j < iterations; j++) { - err = hash_memory(hash_id, A, Alen, A, &Alen); /* A = HASH(A) */ - if (err != CRYPT_OK) goto DONE; - } - /* fill buffer B with A */ - for (j = 0; j < v; j++) B[j] = A[j % Alen]; - /* B += 1 */ - for (j = v; j > 0; j--) { - if (++B[j - 1] != 0) break; - } - /* I_n += B */ - for (n = 0; n < k; n++) { - ch = 0; - for (j = v; j > 0; j--) { - tmp = I[n * v + j - 1] + B[j - 1] + ch; - ch = (unsigned char)((tmp >> 8) & 0xFF); - I[n * v + j - 1] = (unsigned char)(tmp & 0xFF); - } - } - /* store derived key block */ - for (j = 0; j < Alen; j++) key[keylen++] = A[j]; - } - - for (i = 0; i < outlen; i++) out[i] = key[i]; - err = CRYPT_OK; -DONE: - if (I) XFREE(I); - if (key) XFREE(key); - return err; -} - static int _oid_to_id(const unsigned long *oid, unsigned long oid_size) { int i, j; @@ -216,13 +107,13 @@ static int _pbes1_decrypt(const unsigned char *enc_data, unsigned long enc_size, pwlen = pass_size * 2; pw = XMALLOC(pwlen + 2); if (pw == NULL) goto LBL_ERROR; - if ((err = _simple_utf8_to_utf16(pass, pass_size, pw, &pwlen) != CRYPT_OK)) goto LBL_ERROR; + if ((err = pkcs12_utf8_to_utf16(pass, pass_size, pw, &pwlen) != CRYPT_OK)) goto LBL_ERROR; pw[pwlen++] = 0; pw[pwlen++] = 0; /* derive KEY */ - if ((err = _kdf_pkcs12(hid, pw, pwlen, salt, salt_size, iterations, 1, key_iv, keylen)) != CRYPT_OK) goto LBL_ERROR; + if ((err = pkcs12_kdf(hid, pw, pwlen, salt, salt_size, iterations, 1, key_iv, keylen)) != CRYPT_OK) goto LBL_ERROR; /* derive IV */ - if ((err = _kdf_pkcs12(hid, pw, pwlen, salt, salt_size, iterations, 2, key_iv+24, blklen)) != CRYPT_OK) goto LBL_ERROR; + if ((err = pkcs12_kdf(hid, pw, pwlen, salt, salt_size, iterations, 2, key_iv+24, blklen)) != CRYPT_OK) goto LBL_ERROR; } else { if ((err = pkcs_5_alg1(pass, pass_size, salt, iterations, hid, key_iv, &len)) != CRYPT_OK) goto LBL_ERROR; @@ -515,8 +406,8 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, ltc_asn1_list *loid = lseq->child->next; len = sizeof(OID); if ((err = pk_oid_num_to_str(loid->data, loid->size, OID, &len)) != CRYPT_OK) { goto LBL_DONE; } - if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; } - if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto LBL_DONE; } + if ((err = ecc_find_curve(OID, &curve)) != CRYPT_OK) { goto LBL_DONE; } + if ((err = ecc_set_curve(curve, key)) != CRYPT_OK) { goto LBL_DONE; } } else if (LTC_ASN1_IS_TYPE(lseq->child->next, LTC_ASN1_SEQUENCE)) { /* CASE 2: explicit curve parameters (AKA long variant): @@ -567,7 +458,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, if ((err = ltc_ecc_import_point(lg->data, lg->size, lprime->data, a, b, gx, gy)) != CRYPT_OK) { goto LBL_DONE; } - if ((err = ecc_set_dp_from_mpis(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { + if ((err = ecc_set_curve_from_mpis(a, b, lprime->data, lorder->data, gx, gy, cofactor, key)) != CRYPT_OK) { goto LBL_DONE; } } |