libtomcrypt update
Karel Miko
5 years ago
57 | 57 | ltc/misc/hkdf/hkdf.o ltc/misc/padding/padding_depad.o ltc/misc/padding/padding_pad.o \ |
58 | 58 | ltc/misc/pbes/pbes.o ltc/misc/pbes/pbes1.o ltc/misc/pbes/pbes2.o ltc/misc/pkcs12/pkcs12_kdf.o \ |
59 | 59 | ltc/misc/pkcs12/pkcs12_utf8_to_utf16.o ltc/misc/pkcs5/pkcs_5_1.o ltc/misc/pkcs5/pkcs_5_2.o \ |
60 | ltc/misc/ssh/ssh_decode_sequence_multi.o ltc/misc/ssh/ssh_encode_sequence_multi.o \ | |
60 | 61 | ltc/modes/cbc/cbc_decrypt.o ltc/modes/cbc/cbc_done.o ltc/modes/cbc/cbc_encrypt.o \ |
61 | 62 | ltc/modes/cbc/cbc_getiv.o ltc/modes/cbc/cbc_setiv.o ltc/modes/cbc/cbc_start.o ltc/modes/cfb/cfb_decrypt.o \ |
62 | 63 | ltc/modes/cfb/cfb_done.o ltc/modes/cfb/cfb_encrypt.o ltc/modes/cfb/cfb_getiv.o ltc/modes/cfb/cfb_setiv.o \ |
109 | 110 | ltc/pk/ecc/ecc_import_openssl.o ltc/pk/ecc/ecc_import_pkcs8.o ltc/pk/ecc/ecc_import_x509.o \ |
110 | 111 | ltc/pk/ecc/ecc_make_key.o ltc/pk/ecc/ecc_recover_key.o ltc/pk/ecc/ecc_set_curve.o \ |
111 | 112 | ltc/pk/ecc/ecc_set_curve_internal.o ltc/pk/ecc/ecc_set_key.o ltc/pk/ecc/ecc_shared_secret.o \ |
112 | ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o \ | |
113 | ltc/pk/ecc/ltc_ecc_import_point.o ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o \ | |
114 | ltc/pk/ecc/ltc_ecc_map.o ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o \ | |
115 | ltc/pk/ecc/ltc_ecc_mulmod_timing.o ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o \ | |
116 | ltc/pk/ecc/ltc_ecc_projective_dbl_point.o ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/pkcs1/pkcs_1_i2osp.o \ | |
117 | ltc/pk/pkcs1/pkcs_1_mgf1.o ltc/pk/pkcs1/pkcs_1_oaep_decode.o ltc/pk/pkcs1/pkcs_1_oaep_encode.o \ | |
118 | ltc/pk/pkcs1/pkcs_1_os2ip.o ltc/pk/pkcs1/pkcs_1_pss_decode.o ltc/pk/pkcs1/pkcs_1_pss_encode.o \ | |
119 | ltc/pk/pkcs1/pkcs_1_v1_5_decode.o ltc/pk/pkcs1/pkcs_1_v1_5_encode.o ltc/pk/rsa/rsa_decrypt_key.o \ | |
120 | ltc/pk/rsa/rsa_encrypt_key.o ltc/pk/rsa/rsa_export.o ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o \ | |
121 | ltc/pk/rsa/rsa_get_size.o ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o \ | |
113 | ltc/pk/ecc/ecc_sign_hash.o ltc/pk/ecc/ecc_sizes.o ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.o \ | |
114 | ltc/pk/ecc/ecc_verify_hash.o ltc/pk/ecc/ltc_ecc_export_point.o ltc/pk/ecc/ltc_ecc_import_point.o \ | |
115 | ltc/pk/ecc/ltc_ecc_is_point.o ltc/pk/ecc/ltc_ecc_is_point_at_infinity.o ltc/pk/ecc/ltc_ecc_map.o \ | |
116 | ltc/pk/ecc/ltc_ecc_mul2add.o ltc/pk/ecc/ltc_ecc_mulmod.o ltc/pk/ecc/ltc_ecc_mulmod_timing.o \ | |
117 | ltc/pk/ecc/ltc_ecc_points.o ltc/pk/ecc/ltc_ecc_projective_add_point.o ltc/pk/ecc/ltc_ecc_projective_dbl_point.o \ | |
118 | ltc/pk/ecc/ltc_ecc_verify_key.o ltc/pk/pkcs1/pkcs_1_i2osp.o ltc/pk/pkcs1/pkcs_1_mgf1.o \ | |
119 | ltc/pk/pkcs1/pkcs_1_oaep_decode.o ltc/pk/pkcs1/pkcs_1_oaep_encode.o ltc/pk/pkcs1/pkcs_1_os2ip.o \ | |
120 | ltc/pk/pkcs1/pkcs_1_pss_decode.o ltc/pk/pkcs1/pkcs_1_pss_encode.o ltc/pk/pkcs1/pkcs_1_v1_5_decode.o \ | |
121 | ltc/pk/pkcs1/pkcs_1_v1_5_encode.o ltc/pk/rsa/rsa_decrypt_key.o ltc/pk/rsa/rsa_encrypt_key.o \ | |
122 | ltc/pk/rsa/rsa_export.o ltc/pk/rsa/rsa_exptmod.o ltc/pk/rsa/rsa_free.o ltc/pk/rsa/rsa_get_size.o \ | |
123 | ltc/pk/rsa/rsa_import.o ltc/pk/rsa/rsa_import_pkcs8.o ltc/pk/rsa/rsa_import_x509.o \ | |
122 | 124 | ltc/pk/rsa/rsa_make_key.o ltc/pk/rsa/rsa_set.o ltc/pk/rsa/rsa_sign_hash.o ltc/pk/rsa/rsa_sign_saltlen_get.o \ |
123 | 125 | ltc/pk/rsa/rsa_verify_hash.o ltc/prngs/chacha20.o ltc/prngs/fortuna.o ltc/prngs/rc4.o \ |
124 | 126 | ltc/prngs/rng_get_bytes.o ltc/prngs/rng_make_prng.o ltc/prngs/sober128.o ltc/prngs/sprng.o \ |
61 | 61 | ltc/misc/crypt/crypt_unregister_prng.obj ltc/misc/hkdf/hkdf.obj ltc/misc/padding/padding_depad.obj \ |
62 | 62 | ltc/misc/padding/padding_pad.obj ltc/misc/pbes/pbes.obj ltc/misc/pbes/pbes1.obj ltc/misc/pbes/pbes2.obj \ |
63 | 63 | ltc/misc/pkcs12/pkcs12_kdf.obj ltc/misc/pkcs12/pkcs12_utf8_to_utf16.obj ltc/misc/pkcs5/pkcs_5_1.obj \ |
64 | ltc/misc/pkcs5/pkcs_5_2.obj ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj \ | |
65 | ltc/modes/cbc/cbc_encrypt.obj ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj \ | |
66 | ltc/modes/cbc/cbc_start.obj ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj \ | |
67 | ltc/modes/cfb/cfb_encrypt.obj ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj \ | |
68 | ltc/modes/cfb/cfb_start.obj ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj \ | |
69 | ltc/modes/ctr/ctr_encrypt.obj ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj \ | |
70 | ltc/modes/ctr/ctr_start.obj ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj \ | |
71 | ltc/modes/ecb/ecb_encrypt.obj ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj \ | |
72 | ltc/modes/ofb/ofb_done.obj ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj \ | |
73 | ltc/modes/ofb/ofb_setiv.obj ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj \ | |
74 | ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_encode_bit_string.obj \ | |
75 | ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj ltc/pk/asn1/der/bit/der_length_bit_string.obj \ | |
76 | ltc/pk/asn1/der/boolean/der_decode_boolean.obj ltc/pk/asn1/der/boolean/der_encode_boolean.obj \ | |
77 | ltc/pk/asn1/der/boolean/der_length_boolean.obj ltc/pk/asn1/der/choice/der_decode_choice.obj \ | |
78 | ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj \ | |
79 | ltc/pk/asn1/der/custom_type/der_length_custom_type.obj ltc/pk/asn1/der/general/der_asn1_maps.obj \ | |
80 | ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj ltc/pk/asn1/der/general/der_decode_asn1_length.obj \ | |
81 | ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj ltc/pk/asn1/der/general/der_encode_asn1_length.obj \ | |
82 | ltc/pk/asn1/der/general/der_length_asn1_identifier.obj ltc/pk/asn1/der/general/der_length_asn1_length.obj \ | |
83 | ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj \ | |
84 | ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj \ | |
85 | ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj ltc/pk/asn1/der/ia5/der_length_ia5_string.obj \ | |
86 | ltc/pk/asn1/der/integer/der_decode_integer.obj ltc/pk/asn1/der/integer/der_encode_integer.obj \ | |
87 | ltc/pk/asn1/der/integer/der_length_integer.obj ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj \ | |
88 | ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj \ | |
89 | ltc/pk/asn1/der/octet/der_decode_octet_string.obj ltc/pk/asn1/der/octet/der_encode_octet_string.obj \ | |
90 | ltc/pk/asn1/der/octet/der_length_octet_string.obj ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj \ | |
91 | ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj ltc/pk/asn1/der/printable_string/der_length_printable_string.obj \ | |
92 | ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj \ | |
93 | ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj \ | |
94 | ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj ltc/pk/asn1/der/sequence/der_length_sequence.obj \ | |
95 | ltc/pk/asn1/der/sequence/der_sequence_free.obj ltc/pk/asn1/der/sequence/der_sequence_shrink.obj \ | |
96 | ltc/pk/asn1/der/set/der_encode_set.obj ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ | |
64 | ltc/misc/pkcs5/pkcs_5_2.obj ltc/misc/ssh/ssh_decode_sequence_multi.obj ltc/misc/ssh/ssh_encode_sequence_multi.obj \ | |
65 | ltc/modes/cbc/cbc_decrypt.obj ltc/modes/cbc/cbc_done.obj ltc/modes/cbc/cbc_encrypt.obj \ | |
66 | ltc/modes/cbc/cbc_getiv.obj ltc/modes/cbc/cbc_setiv.obj ltc/modes/cbc/cbc_start.obj \ | |
67 | ltc/modes/cfb/cfb_decrypt.obj ltc/modes/cfb/cfb_done.obj ltc/modes/cfb/cfb_encrypt.obj \ | |
68 | ltc/modes/cfb/cfb_getiv.obj ltc/modes/cfb/cfb_setiv.obj ltc/modes/cfb/cfb_start.obj \ | |
69 | ltc/modes/ctr/ctr_decrypt.obj ltc/modes/ctr/ctr_done.obj ltc/modes/ctr/ctr_encrypt.obj \ | |
70 | ltc/modes/ctr/ctr_getiv.obj ltc/modes/ctr/ctr_setiv.obj ltc/modes/ctr/ctr_start.obj \ | |
71 | ltc/modes/ecb/ecb_decrypt.obj ltc/modes/ecb/ecb_done.obj ltc/modes/ecb/ecb_encrypt.obj \ | |
72 | ltc/modes/ecb/ecb_start.obj ltc/modes/ofb/ofb_decrypt.obj ltc/modes/ofb/ofb_done.obj \ | |
73 | ltc/modes/ofb/ofb_encrypt.obj ltc/modes/ofb/ofb_getiv.obj ltc/modes/ofb/ofb_setiv.obj \ | |
74 | ltc/modes/ofb/ofb_start.obj ltc/pk/asn1/der/bit/der_decode_bit_string.obj ltc/pk/asn1/der/bit/der_decode_raw_bit_string.obj \ | |
75 | ltc/pk/asn1/der/bit/der_encode_bit_string.obj ltc/pk/asn1/der/bit/der_encode_raw_bit_string.obj \ | |
76 | ltc/pk/asn1/der/bit/der_length_bit_string.obj ltc/pk/asn1/der/boolean/der_decode_boolean.obj \ | |
77 | ltc/pk/asn1/der/boolean/der_encode_boolean.obj ltc/pk/asn1/der/boolean/der_length_boolean.obj \ | |
78 | ltc/pk/asn1/der/choice/der_decode_choice.obj ltc/pk/asn1/der/custom_type/der_decode_custom_type.obj \ | |
79 | ltc/pk/asn1/der/custom_type/der_encode_custom_type.obj ltc/pk/asn1/der/custom_type/der_length_custom_type.obj \ | |
80 | ltc/pk/asn1/der/general/der_asn1_maps.obj ltc/pk/asn1/der/general/der_decode_asn1_identifier.obj \ | |
81 | ltc/pk/asn1/der/general/der_decode_asn1_length.obj ltc/pk/asn1/der/general/der_encode_asn1_identifier.obj \ | |
82 | ltc/pk/asn1/der/general/der_encode_asn1_length.obj ltc/pk/asn1/der/general/der_length_asn1_identifier.obj \ | |
83 | ltc/pk/asn1/der/general/der_length_asn1_length.obj ltc/pk/asn1/der/generalizedtime/der_decode_generalizedtime.obj \ | |
84 | ltc/pk/asn1/der/generalizedtime/der_encode_generalizedtime.obj ltc/pk/asn1/der/generalizedtime/der_length_generalizedtime.obj \ | |
85 | ltc/pk/asn1/der/ia5/der_decode_ia5_string.obj ltc/pk/asn1/der/ia5/der_encode_ia5_string.obj \ | |
86 | ltc/pk/asn1/der/ia5/der_length_ia5_string.obj ltc/pk/asn1/der/integer/der_decode_integer.obj \ | |
87 | ltc/pk/asn1/der/integer/der_encode_integer.obj ltc/pk/asn1/der/integer/der_length_integer.obj \ | |
88 | ltc/pk/asn1/der/object_identifier/der_decode_object_identifier.obj ltc/pk/asn1/der/object_identifier/der_encode_object_identifier.obj \ | |
89 | ltc/pk/asn1/der/object_identifier/der_length_object_identifier.obj ltc/pk/asn1/der/octet/der_decode_octet_string.obj \ | |
90 | ltc/pk/asn1/der/octet/der_encode_octet_string.obj ltc/pk/asn1/der/octet/der_length_octet_string.obj \ | |
91 | ltc/pk/asn1/der/printable_string/der_decode_printable_string.obj ltc/pk/asn1/der/printable_string/der_encode_printable_string.obj \ | |
92 | ltc/pk/asn1/der/printable_string/der_length_printable_string.obj ltc/pk/asn1/der/sequence/der_decode_sequence_ex.obj \ | |
93 | ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.obj ltc/pk/asn1/der/sequence/der_decode_sequence_multi.obj \ | |
94 | ltc/pk/asn1/der/sequence/der_encode_sequence_ex.obj ltc/pk/asn1/der/sequence/der_encode_sequence_multi.obj \ | |
95 | ltc/pk/asn1/der/sequence/der_length_sequence.obj ltc/pk/asn1/der/sequence/der_sequence_free.obj \ | |
96 | ltc/pk/asn1/der/sequence/der_sequence_shrink.obj ltc/pk/asn1/der/set/der_encode_set.obj \ | |
97 | ltc/pk/asn1/der/set/der_encode_setof.obj ltc/pk/asn1/der/short_integer/der_decode_short_integer.obj \ | |
97 | 98 | ltc/pk/asn1/der/short_integer/der_encode_short_integer.obj ltc/pk/asn1/der/short_integer/der_length_short_integer.obj \ |
98 | 99 | ltc/pk/asn1/der/teletex_string/der_decode_teletex_string.obj ltc/pk/asn1/der/teletex_string/der_length_teletex_string.obj \ |
99 | 100 | ltc/pk/asn1/der/utctime/der_decode_utctime.obj ltc/pk/asn1/der/utctime/der_encode_utctime.obj \ |
116 | 117 | ltc/pk/ecc/ecc_import_pkcs8.obj ltc/pk/ecc/ecc_import_x509.obj ltc/pk/ecc/ecc_make_key.obj \ |
117 | 118 | ltc/pk/ecc/ecc_recover_key.obj ltc/pk/ecc/ecc_set_curve.obj ltc/pk/ecc/ecc_set_curve_internal.obj \ |
118 | 119 | ltc/pk/ecc/ecc_set_key.obj ltc/pk/ecc/ecc_shared_secret.obj ltc/pk/ecc/ecc_sign_hash.obj \ |
119 | ltc/pk/ecc/ecc_sizes.obj ltc/pk/ecc/ecc_verify_hash.obj ltc/pk/ecc/ltc_ecc_export_point.obj \ | |
120 | ltc/pk/ecc/ltc_ecc_import_point.obj ltc/pk/ecc/ltc_ecc_is_point.obj ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj \ | |
121 | ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj ltc/pk/ecc/ltc_ecc_mulmod.obj \ | |
122 | ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj ltc/pk/ecc/ltc_ecc_projective_add_point.obj \ | |
123 | ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/pkcs1/pkcs_1_i2osp.obj \ | |
124 | ltc/pk/pkcs1/pkcs_1_mgf1.obj ltc/pk/pkcs1/pkcs_1_oaep_decode.obj ltc/pk/pkcs1/pkcs_1_oaep_encode.obj \ | |
125 | ltc/pk/pkcs1/pkcs_1_os2ip.obj ltc/pk/pkcs1/pkcs_1_pss_decode.obj ltc/pk/pkcs1/pkcs_1_pss_encode.obj \ | |
126 | ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj ltc/pk/rsa/rsa_decrypt_key.obj \ | |
127 | ltc/pk/rsa/rsa_encrypt_key.obj ltc/pk/rsa/rsa_export.obj ltc/pk/rsa/rsa_exptmod.obj \ | |
128 | ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj ltc/pk/rsa/rsa_import.obj ltc/pk/rsa/rsa_import_pkcs8.obj \ | |
129 | ltc/pk/rsa/rsa_import_x509.obj ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj \ | |
130 | ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj ltc/pk/rsa/rsa_verify_hash.obj \ | |
131 | ltc/prngs/chacha20.obj ltc/prngs/fortuna.obj ltc/prngs/rc4.obj ltc/prngs/rng_get_bytes.obj \ | |
132 | ltc/prngs/rng_make_prng.obj ltc/prngs/sober128.obj ltc/prngs/sprng.obj ltc/prngs/yarrow.obj \ | |
133 | ltc/stream/chacha/chacha_crypt.obj ltc/stream/chacha/chacha_done.obj ltc/stream/chacha/chacha_ivctr32.obj \ | |
134 | ltc/stream/chacha/chacha_ivctr64.obj ltc/stream/chacha/chacha_keystream.obj ltc/stream/chacha/chacha_memory.obj \ | |
135 | ltc/stream/chacha/chacha_setup.obj ltc/stream/rabbit/rabbit.obj ltc/stream/rabbit/rabbit_memory.obj \ | |
136 | ltc/stream/rc4/rc4_stream.obj ltc/stream/rc4/rc4_stream_memory.obj ltc/stream/salsa20/salsa20_crypt.obj \ | |
137 | ltc/stream/salsa20/salsa20_done.obj ltc/stream/salsa20/salsa20_ivctr64.obj ltc/stream/salsa20/salsa20_keystream.obj \ | |
138 | ltc/stream/salsa20/salsa20_memory.obj ltc/stream/salsa20/salsa20_setup.obj ltc/stream/salsa20/xsalsa20_memory.obj \ | |
139 | ltc/stream/salsa20/xsalsa20_setup.obj ltc/stream/sober128/sober128_stream.obj ltc/stream/sober128/sober128_stream_memory.obj \ | |
140 | ltc/stream/sosemanuk/sosemanuk.obj ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj \ | |
141 | ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj \ | |
142 | ltm/bn_fast_s_mp_mul_high_digs.obj ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj \ | |
143 | ltm/bn_mp_add.obj ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj \ | |
144 | ltm/bn_mp_clear.obj ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj \ | |
145 | ltm/bn_mp_cmp_mag.obj ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj \ | |
146 | ltm/bn_mp_div.obj ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj \ | |
120 | ltc/pk/ecc/ecc_sizes.obj ltc/pk/ecc/ecc_ssh_ecdsa_encode_name.obj ltc/pk/ecc/ecc_verify_hash.obj \ | |
121 | ltc/pk/ecc/ltc_ecc_export_point.obj ltc/pk/ecc/ltc_ecc_import_point.obj ltc/pk/ecc/ltc_ecc_is_point.obj \ | |
122 | ltc/pk/ecc/ltc_ecc_is_point_at_infinity.obj ltc/pk/ecc/ltc_ecc_map.obj ltc/pk/ecc/ltc_ecc_mul2add.obj \ | |
123 | ltc/pk/ecc/ltc_ecc_mulmod.obj ltc/pk/ecc/ltc_ecc_mulmod_timing.obj ltc/pk/ecc/ltc_ecc_points.obj \ | |
124 | ltc/pk/ecc/ltc_ecc_projective_add_point.obj ltc/pk/ecc/ltc_ecc_projective_dbl_point.obj \ | |
125 | ltc/pk/ecc/ltc_ecc_verify_key.obj ltc/pk/pkcs1/pkcs_1_i2osp.obj ltc/pk/pkcs1/pkcs_1_mgf1.obj \ | |
126 | ltc/pk/pkcs1/pkcs_1_oaep_decode.obj ltc/pk/pkcs1/pkcs_1_oaep_encode.obj ltc/pk/pkcs1/pkcs_1_os2ip.obj \ | |
127 | ltc/pk/pkcs1/pkcs_1_pss_decode.obj ltc/pk/pkcs1/pkcs_1_pss_encode.obj ltc/pk/pkcs1/pkcs_1_v1_5_decode.obj \ | |
128 | ltc/pk/pkcs1/pkcs_1_v1_5_encode.obj ltc/pk/rsa/rsa_decrypt_key.obj ltc/pk/rsa/rsa_encrypt_key.obj \ | |
129 | ltc/pk/rsa/rsa_export.obj ltc/pk/rsa/rsa_exptmod.obj ltc/pk/rsa/rsa_free.obj ltc/pk/rsa/rsa_get_size.obj \ | |
130 | ltc/pk/rsa/rsa_import.obj ltc/pk/rsa/rsa_import_pkcs8.obj ltc/pk/rsa/rsa_import_x509.obj \ | |
131 | ltc/pk/rsa/rsa_make_key.obj ltc/pk/rsa/rsa_set.obj ltc/pk/rsa/rsa_sign_hash.obj ltc/pk/rsa/rsa_sign_saltlen_get.obj \ | |
132 | ltc/pk/rsa/rsa_verify_hash.obj ltc/prngs/chacha20.obj ltc/prngs/fortuna.obj ltc/prngs/rc4.obj \ | |
133 | ltc/prngs/rng_get_bytes.obj ltc/prngs/rng_make_prng.obj ltc/prngs/sober128.obj ltc/prngs/sprng.obj \ | |
134 | ltc/prngs/yarrow.obj ltc/stream/chacha/chacha_crypt.obj ltc/stream/chacha/chacha_done.obj \ | |
135 | ltc/stream/chacha/chacha_ivctr32.obj ltc/stream/chacha/chacha_ivctr64.obj ltc/stream/chacha/chacha_keystream.obj \ | |
136 | ltc/stream/chacha/chacha_memory.obj ltc/stream/chacha/chacha_setup.obj ltc/stream/rabbit/rabbit.obj \ | |
137 | ltc/stream/rabbit/rabbit_memory.obj ltc/stream/rc4/rc4_stream.obj ltc/stream/rc4/rc4_stream_memory.obj \ | |
138 | ltc/stream/salsa20/salsa20_crypt.obj ltc/stream/salsa20/salsa20_done.obj ltc/stream/salsa20/salsa20_ivctr64.obj \ | |
139 | ltc/stream/salsa20/salsa20_keystream.obj ltc/stream/salsa20/salsa20_memory.obj ltc/stream/salsa20/salsa20_setup.obj \ | |
140 | ltc/stream/salsa20/xsalsa20_memory.obj ltc/stream/salsa20/xsalsa20_setup.obj ltc/stream/sober128/sober128_stream.obj \ | |
141 | ltc/stream/sober128/sober128_stream_memory.obj ltc/stream/sosemanuk/sosemanuk.obj \ | |
142 | ltc/stream/sosemanuk/sosemanuk_memory.obj ltm/bncore.obj ltm/bn_error.obj ltm/bn_fast_mp_invmod.obj \ | |
143 | ltm/bn_fast_mp_montgomery_reduce.obj ltm/bn_fast_s_mp_mul_digs.obj ltm/bn_fast_s_mp_mul_high_digs.obj \ | |
144 | ltm/bn_fast_s_mp_sqr.obj ltm/bn_mp_2expt.obj ltm/bn_mp_abs.obj ltm/bn_mp_add.obj \ | |
145 | ltm/bn_mp_addmod.obj ltm/bn_mp_add_d.obj ltm/bn_mp_and.obj ltm/bn_mp_clamp.obj ltm/bn_mp_clear.obj \ | |
146 | ltm/bn_mp_clear_multi.obj ltm/bn_mp_cmp.obj ltm/bn_mp_cmp_d.obj ltm/bn_mp_cmp_mag.obj \ | |
147 | ltm/bn_mp_cnt_lsb.obj ltm/bn_mp_copy.obj ltm/bn_mp_count_bits.obj ltm/bn_mp_div.obj \ | |
148 | ltm/bn_mp_div_2.obj ltm/bn_mp_div_2d.obj ltm/bn_mp_div_3.obj ltm/bn_mp_div_d.obj \ | |
147 | 149 | ltm/bn_mp_dr_is_modulus.obj ltm/bn_mp_dr_reduce.obj ltm/bn_mp_dr_setup.obj ltm/bn_mp_exch.obj \ |
148 | 150 | ltm/bn_mp_export.obj ltm/bn_mp_exptmod.obj ltm/bn_mp_exptmod_fast.obj ltm/bn_mp_expt_d.obj \ |
149 | 151 | ltm/bn_mp_expt_d_ex.obj ltm/bn_mp_exteuclid.obj ltm/bn_mp_fread.obj ltm/bn_mp_fwrite.obj \ |
42 | 42 | #define XMEM_NEQ mem_neq |
43 | 43 | #endif |
44 | 44 | #ifndef XSTRCMP |
45 | #define XSTRCMP strcmp | |
45 | #define XSTRCMP strcmp | |
46 | #endif | |
47 | #ifndef XSTRNCPY | |
48 | #define XSTRNCPY strncpy | |
46 | 49 | #endif |
47 | 50 | |
48 | 51 | #ifndef XCLOCK |
55 | 58 | |
56 | 59 | #if ( defined(malloc) || defined(realloc) || defined(calloc) || defined(free) || \ |
57 | 60 | defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \ |
58 | defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES) | |
61 | defined(strncpy) || defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES) | |
59 | 62 | #define LTC_NO_PROTOTYPES |
60 | 63 | #endif |
61 | 64 | |
492 | 495 | #define LTC_ADLER32 |
493 | 496 | |
494 | 497 | #define LTC_CRC32 |
498 | ||
499 | #define LTC_SSH | |
495 | 500 | |
496 | 501 | #define LTC_PADDING |
497 | 502 |
153 | 153 | int padding_depad(const unsigned char *data, unsigned long *length, unsigned long mode); |
154 | 154 | #endif /* LTC_PADDING */ |
155 | 155 | |
156 | #ifdef LTC_SSH | |
157 | typedef enum ssh_data_type_ { | |
158 | LTC_SSHDATA_BYTE, | |
159 | LTC_SSHDATA_BOOLEAN, | |
160 | LTC_SSHDATA_UINT32, | |
161 | LTC_SSHDATA_UINT64, | |
162 | LTC_SSHDATA_STRING, | |
163 | LTC_SSHDATA_MPINT, | |
164 | LTC_SSHDATA_NAMELIST, | |
165 | LTC_SSHDATA_EOL | |
166 | } ssh_data_type; | |
167 | ||
168 | /* VA list handy helpers with tuples of <type, data> */ | |
169 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...); | |
170 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...); | |
171 | #endif /* LTC_SSH */ | |
172 | ||
156 | 173 | int compare_testvector(const void* is, const unsigned long is_len, const void* should, const unsigned long should_len, const char* what, int which); |
157 | 174 | |
158 | 175 | /* ref: $Format:%D$ */ |
250 | 250 | /* raw R, S values */ |
251 | 251 | LTC_ECCSIG_RFC7518 = 0x1, |
252 | 252 | /* raw R, S, V (+27) values */ |
253 | LTC_ECCSIG_ETH27 = 0x2 | |
253 | LTC_ECCSIG_ETH27 = 0x2, | |
254 | /* SSH + ECDSA signature format defined by RFC5656 */ | |
255 | LTC_ECCSIG_RFC5656 = 0x3, | |
254 | 256 | } ecc_signature_type; |
255 | 257 | |
256 | 258 | /** the ECC params provided */ |
225 | 225 | int ecc_set_curve_by_size(int size, ecc_key *key); |
226 | 226 | int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key); |
227 | 227 | |
228 | #ifdef LTC_SSH | |
229 | int ecc_ssh_ecdsa_encode_name(char *buffer, unsigned long *buflen, const ecc_key *key); | |
230 | #endif | |
231 | ||
228 | 232 | /* low level functions */ |
229 | 233 | ecc_point *ltc_ecc_new_point(void); |
230 | 234 | void ltc_ecc_del_point(ecc_point *p); |
451 | 451 | " PBES1 " |
452 | 452 | " PBES2 " |
453 | 453 | #endif |
454 | #if defined(LTC_SSH) | |
455 | " SSH " | |
456 | #endif | |
454 | 457 | #if defined(LTC_DEVRANDOM) |
455 | 458 | " LTC_DEVRANDOM " |
456 | 459 | #endif |
19 | 19 | */ |
20 | 20 | int pbes_decrypt(const pbes_arg *arg, unsigned char *dec_data, unsigned long *dec_size) |
21 | 21 | { |
22 | int err, hid = -1, cid = -1; | |
22 | int err, hid, cid; | |
23 | 23 | unsigned char k[32], *iv; |
24 | 24 | unsigned long klen, keylen, dlen; |
25 | 25 | long diff; |
30 | 30 | if (*outlen < 32) return CRYPT_INVALID_ARG; |
31 | 31 | pw = XMALLOC(pwlen + 2); |
32 | 32 | if (pw == NULL) return CRYPT_MEM; |
33 | if ((err = pkcs12_utf8_to_utf16(password, password_len, pw, &pwlen) != CRYPT_OK)) goto LBL_ERROR; | |
33 | if ((err = pkcs12_utf8_to_utf16(password, password_len, pw, &pwlen)) != CRYPT_OK) goto LBL_ERROR; | |
34 | 34 | pw[pwlen++] = 0; |
35 | 35 | pw[pwlen++] = 0; |
36 | 36 | /* derive KEY */ |
9 | 9 | |
10 | 10 | #ifdef LTC_PBES |
11 | 11 | |
12 | static const char *_oid_pbes2 = "1.2.840.113549.1.5.13"; | |
13 | static const char *_oid_pbkdf2 = "1.2.840.113549.1.5.12"; | |
12 | static const char * const _oid_pbes2 = "1.2.840.113549.1.5.13"; | |
13 | static const char * const _oid_pbkdf2 = "1.2.840.113549.1.5.12"; | |
14 | 14 | |
15 | 15 | typedef struct { |
16 | 16 | const char *oid; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | #include <stdarg.h> | |
10 | ||
11 | /** | |
12 | @file ssh_decode_sequence_multi.c | |
13 | SSH data type representation as per RFC4251, Russ Williams | |
14 | */ | |
15 | ||
16 | #ifdef LTC_SSH | |
17 | ||
18 | /** | |
19 | Decode a SSH sequence using a VA list | |
20 | @param in Data to decode | |
21 | @param inlen Length of buffer to decode | |
22 | @remark <...> is of the form <type, data> (int, void*) except for string <type, data, size> | |
23 | @return CRYPT_OK on success | |
24 | */ | |
25 | int ssh_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...) | |
26 | { | |
27 | int err; | |
28 | va_list args; | |
29 | ssh_data_type type; | |
30 | void *vdata; | |
31 | unsigned char *cdata; | |
32 | char *sdata; | |
33 | ulong32 *u32data; | |
34 | ulong64 *u64data; | |
35 | unsigned long size, bufsize; | |
36 | ||
37 | LTC_ARGCHK(in != NULL); | |
38 | ||
39 | /* Decode values from buffer */ | |
40 | va_start(args, inlen); | |
41 | while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) { | |
42 | /* Size of length field */ | |
43 | if (type == LTC_SSHDATA_STRING || | |
44 | type == LTC_SSHDATA_NAMELIST || | |
45 | type == LTC_SSHDATA_MPINT) | |
46 | { | |
47 | /* Check we'll not read too far */ | |
48 | if (inlen < 4) { | |
49 | err = CRYPT_BUFFER_OVERFLOW; | |
50 | goto error; | |
51 | } | |
52 | } | |
53 | ||
54 | /* Calculate (or read) length of data */ | |
55 | size = (unsigned long)-1; | |
56 | switch (type) { | |
57 | case LTC_SSHDATA_BYTE: | |
58 | case LTC_SSHDATA_BOOLEAN: | |
59 | size = 1; | |
60 | break; | |
61 | case LTC_SSHDATA_UINT32: | |
62 | size = 4; | |
63 | break; | |
64 | case LTC_SSHDATA_UINT64: | |
65 | size = 8; | |
66 | break; | |
67 | case LTC_SSHDATA_STRING: | |
68 | case LTC_SSHDATA_NAMELIST: | |
69 | case LTC_SSHDATA_MPINT: | |
70 | LOAD32H(size, in); | |
71 | in += 4; | |
72 | inlen -= 4; | |
73 | break; | |
74 | ||
75 | case LTC_SSHDATA_EOL: | |
76 | /* Should never get here */ | |
77 | err = CRYPT_INVALID_ARG; | |
78 | goto error; | |
79 | } | |
80 | ||
81 | /* Check we'll not read too far */ | |
82 | if (inlen < size) { | |
83 | err = CRYPT_BUFFER_OVERFLOW; | |
84 | goto error; | |
85 | } else { | |
86 | inlen -= size; | |
87 | } | |
88 | ||
89 | /* Read data */ | |
90 | switch (type) { | |
91 | case LTC_SSHDATA_BYTE: | |
92 | cdata = va_arg(args, unsigned char*); | |
93 | *cdata = *in++; | |
94 | break; | |
95 | case LTC_SSHDATA_BOOLEAN: | |
96 | cdata = va_arg(args, unsigned char*); | |
97 | /* | |
98 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be | |
99 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. | |
100 | */ | |
101 | *cdata = (*in++)?1:0; | |
102 | break; | |
103 | case LTC_SSHDATA_UINT32: | |
104 | u32data = va_arg(args, ulong32*); | |
105 | LOAD32H(*u32data, in); | |
106 | in += 4; | |
107 | break; | |
108 | case LTC_SSHDATA_UINT64: | |
109 | u64data = va_arg(args, ulong64*); | |
110 | LOAD64H(*u64data, in); | |
111 | in += 8; | |
112 | break; | |
113 | case LTC_SSHDATA_STRING: | |
114 | case LTC_SSHDATA_NAMELIST: | |
115 | sdata = va_arg(args, char*); | |
116 | bufsize = va_arg(args, unsigned long); | |
117 | if (size >= bufsize) { | |
118 | err = CRYPT_BUFFER_OVERFLOW; | |
119 | goto error; | |
120 | } | |
121 | if (size > 0) { | |
122 | XSTRNCPY(sdata, (const char *)in, size); | |
123 | sdata[size] = '\0'; /* strncpy doesn't NUL-terminate */ | |
124 | } else { | |
125 | *sdata = '\0'; | |
126 | } | |
127 | in += size; | |
128 | break; | |
129 | case LTC_SSHDATA_MPINT: | |
130 | vdata = va_arg(args, void*); | |
131 | if (size == 0) { | |
132 | if ((err = mp_set(vdata, 0)) != CRYPT_OK) { goto error; } | |
133 | } else if ((in[0] & 0x80) != 0) { | |
134 | /* Negative number - not supported */ | |
135 | err = CRYPT_INVALID_PACKET; | |
136 | goto error; | |
137 | } else { | |
138 | if ((err = mp_read_unsigned_bin(vdata, (unsigned char *)in, size)) != CRYPT_OK) { goto error; } | |
139 | } | |
140 | in += size; | |
141 | break; | |
142 | ||
143 | case LTC_SSHDATA_EOL: | |
144 | /* Should never get here */ | |
145 | err = CRYPT_INVALID_ARG; | |
146 | goto error; | |
147 | } | |
148 | } | |
149 | err = CRYPT_OK; | |
150 | ||
151 | error: | |
152 | va_end(args); | |
153 | return err; | |
154 | } | |
155 | ||
156 | #endif | |
157 | ||
158 | /* ref: $Format:%D$ */ | |
159 | /* git commit: $Format:%H$ */ | |
160 | /* commit time: $Format:%ai$ */ |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | #include <stdarg.h> | |
10 | ||
11 | /** | |
12 | @file ssh_encode_sequence_multi.c | |
13 | SSH data type representation as per RFC4251, Russ Williams | |
14 | */ | |
15 | ||
16 | #ifdef LTC_SSH | |
17 | ||
18 | /** | |
19 | Encode a SSH sequence using a VA list | |
20 | @param out [out] Destination for data | |
21 | @param outlen [in/out] Length of buffer and resulting length of output | |
22 | @remark <...> is of the form <type, data> (int, void*) | |
23 | @return CRYPT_OK on success | |
24 | */ | |
25 | int ssh_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) | |
26 | { | |
27 | int err; | |
28 | va_list args; | |
29 | unsigned long size; | |
30 | ssh_data_type type; | |
31 | void *vdata; | |
32 | const char *sdata; | |
33 | int idata; | |
34 | ulong32 u32data; | |
35 | ulong64 u64data; | |
36 | ||
37 | LTC_ARGCHK(out != NULL); | |
38 | LTC_ARGCHK(outlen != NULL); | |
39 | ||
40 | /* Check values and calculate output size */ | |
41 | size = 0; | |
42 | va_start(args, outlen); | |
43 | while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) { | |
44 | switch (type) { | |
45 | case LTC_SSHDATA_BYTE: | |
46 | case LTC_SSHDATA_BOOLEAN: /* Both stored as 1 byte */ | |
47 | LTC_UNUSED_PARAM( va_arg(args, int) ); | |
48 | size++; | |
49 | break; | |
50 | case LTC_SSHDATA_UINT32: | |
51 | LTC_UNUSED_PARAM( va_arg(args, ulong32) ); | |
52 | size += 4; | |
53 | break; | |
54 | case LTC_SSHDATA_UINT64: | |
55 | LTC_UNUSED_PARAM( va_arg(args, ulong64) ); | |
56 | size += 8; | |
57 | break; | |
58 | case LTC_SSHDATA_STRING: | |
59 | case LTC_SSHDATA_NAMELIST: | |
60 | sdata = va_arg(args, char*); | |
61 | size += 4; | |
62 | size += strlen(sdata); | |
63 | break; | |
64 | case LTC_SSHDATA_MPINT: | |
65 | vdata = va_arg(args, void*); | |
66 | /* Calculate size */ | |
67 | size += 4; | |
68 | if (mp_iszero(vdata) != LTC_MP_YES) { | |
69 | size += mp_unsigned_bin_size(vdata); | |
70 | if ((mp_count_bits(vdata) & 7) == 0) size++; /* Zero padding if high bit set */ | |
71 | } | |
72 | break; | |
73 | ||
74 | case LTC_SSHDATA_EOL: /* Should never get here */ | |
75 | err = CRYPT_INVALID_ARG; | |
76 | goto error; | |
77 | } | |
78 | } | |
79 | va_end(args); | |
80 | ||
81 | /* Check we have sufficient space */ | |
82 | if (*outlen < size) { | |
83 | *outlen = size; | |
84 | err = CRYPT_BUFFER_OVERFLOW; | |
85 | goto errornoargs; | |
86 | } | |
87 | *outlen = size; | |
88 | ||
89 | /* Encode values into buffer */ | |
90 | va_start(args, outlen); | |
91 | while ((type = (ssh_data_type)va_arg(args, int)) != LTC_SSHDATA_EOL) { | |
92 | switch (type) { | |
93 | case LTC_SSHDATA_BYTE: | |
94 | idata = va_arg(args, int); | |
95 | ||
96 | *out++ = (unsigned char)(idata & 255); | |
97 | break; | |
98 | case LTC_SSHDATA_BOOLEAN: | |
99 | idata = va_arg(args, int); | |
100 | ||
101 | /* | |
102 | The value 0 represents FALSE, and the value 1 represents TRUE. All non-zero values MUST be | |
103 | interpreted as TRUE; however, applications MUST NOT store values other than 0 and 1. | |
104 | */ | |
105 | *out++ = (idata)?1:0; | |
106 | break; | |
107 | case LTC_SSHDATA_UINT32: | |
108 | u32data = va_arg(args, ulong32); | |
109 | STORE32H(u32data, out); | |
110 | out += 4; | |
111 | break; | |
112 | case LTC_SSHDATA_UINT64: | |
113 | u64data = va_arg(args, ulong64); | |
114 | STORE64H(u64data, out); | |
115 | out += 8; | |
116 | break; | |
117 | case LTC_SSHDATA_STRING: | |
118 | case LTC_SSHDATA_NAMELIST: | |
119 | sdata = va_arg(args, char*); | |
120 | size = strlen(sdata); | |
121 | STORE32H(size, out); | |
122 | out += 4; | |
123 | XSTRNCPY((char *)out, sdata, size); | |
124 | out += size; | |
125 | break; | |
126 | case LTC_SSHDATA_MPINT: | |
127 | vdata = va_arg(args, void*); | |
128 | if (mp_iszero(vdata) == LTC_MP_YES) { | |
129 | STORE32H(0, out); | |
130 | out += 4; | |
131 | } else { | |
132 | size = mp_unsigned_bin_size(vdata); | |
133 | if ((mp_count_bits(vdata) & 7) == 0) { | |
134 | /* Zero padding if high bit set */ | |
135 | STORE32H(size+1, out); | |
136 | out += 4; | |
137 | *out++ = 0; | |
138 | } else { | |
139 | STORE32H(size, out); | |
140 | out += 4; | |
141 | } | |
142 | if ((err = mp_to_unsigned_bin(vdata, out)) != CRYPT_OK) { | |
143 | err = CRYPT_ERROR; | |
144 | goto error; | |
145 | } | |
146 | out += size; | |
147 | } | |
148 | break; | |
149 | ||
150 | case LTC_SSHDATA_EOL: /* Should never get here */ | |
151 | err = CRYPT_INVALID_ARG; | |
152 | goto error; | |
153 | } | |
154 | } | |
155 | err = CRYPT_OK; | |
156 | ||
157 | error: | |
158 | va_end(args); | |
159 | errornoargs: | |
160 | return err; | |
161 | } | |
162 | ||
163 | #endif | |
164 | ||
165 | /* ref: $Format:%D$ */ | |
166 | /* git commit: $Format:%H$ */ | |
167 | /* commit time: $Format:%ai$ */ |
91 | 91 | } |
92 | 92 | else if (sigformat == LTC_ECCSIG_ETH27) { |
93 | 93 | /* Ethereum (v,r,s) format */ |
94 | if (key->dp.oidlen != 5 || key->dp.oid[0] != 1 || key->dp.oid[1] != 3 || | |
95 | key->dp.oid[2] != 132 || key->dp.oid[3] != 0 || key->dp.oid[4] != 10) { | |
94 | if (pk_oid_cmp_with_ulong("1.3.132.0.10", key->dp.oid, key->dp.oidlen) != CRYPT_OK) { | |
96 | 95 | /* Only valid for secp256k1 - OID 1.3.132.0.10 */ |
97 | 96 | err = CRYPT_ERROR; goto error; |
98 | 97 | } |
111 | 110 | if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig, 32)) != CRYPT_OK) { goto error; } |
112 | 111 | if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+32, 32)) != CRYPT_OK) { goto error; } |
113 | 112 | } |
113 | #ifdef LTC_SSH | |
114 | else if (sigformat == LTC_ECCSIG_RFC5656) { | |
115 | char name[64], name2[64]; | |
116 | unsigned long namelen = sizeof(name2); | |
117 | ||
118 | /* Decode as SSH data sequence, per RFC4251 */ | |
119 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
120 | LTC_SSHDATA_STRING, name, 64, | |
121 | LTC_SSHDATA_MPINT, r, | |
122 | LTC_SSHDATA_MPINT, s, | |
123 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } | |
124 | ||
125 | ||
126 | /* Check curve matches identifier string */ | |
127 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
128 | if (XSTRCMP(name,name2) != 0) { | |
129 | err = CRYPT_INVALID_ARG; | |
130 | goto error; | |
131 | } | |
132 | } | |
133 | #endif | |
114 | 134 | else { |
115 | 135 | /* Unknown signature format */ |
116 | 136 | err = CRYPT_ERROR; |
140 | 140 | } |
141 | 141 | else if (sigformat == LTC_ECCSIG_ETH27) { |
142 | 142 | /* Ethereum (v,r,s) format */ |
143 | if (key->dp.oidlen != 5 || key->dp.oid[0] != 1 || key->dp.oid[1] != 3 || | |
144 | key->dp.oid[2] != 132 || key->dp.oid[3] != 0 || key->dp.oid[4] != 10) { | |
143 | if (pk_oid_cmp_with_ulong("1.3.132.0.10", key->dp.oid, key->dp.oidlen) != CRYPT_OK) { | |
145 | 144 | /* Only valid for secp256k1 - OID 1.3.132.0.10 */ |
146 | 145 | err = CRYPT_ERROR; goto errnokey; |
147 | 146 | } |
155 | 154 | *outlen = 65; |
156 | 155 | err = CRYPT_OK; |
157 | 156 | } |
157 | #ifdef LTC_SSH | |
158 | else if (sigformat == LTC_ECCSIG_RFC5656) { | |
159 | /* Get identifier string */ | |
160 | char name[64]; | |
161 | unsigned long namelen = sizeof(name); | |
162 | if ((err = ecc_ssh_ecdsa_encode_name(name, &namelen, key)) != CRYPT_OK) { goto errnokey; } | |
163 | ||
164 | /* Store as SSH data sequence, per RFC4251 */ | |
165 | err = ssh_encode_sequence_multi(out, outlen, | |
166 | LTC_SSHDATA_STRING, name, | |
167 | LTC_SSHDATA_MPINT, r, | |
168 | LTC_SSHDATA_MPINT, s, | |
169 | LTC_SSHDATA_EOL, NULL); | |
170 | } | |
171 | #endif | |
158 | 172 | else { |
159 | 173 | /* Unknown signature format */ |
160 | 174 | err = CRYPT_ERROR; |
0 | /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
1 | * | |
2 | * LibTomCrypt is a library that provides various cryptographic | |
3 | * algorithms in a highly modular and flexible manner. | |
4 | * | |
5 | * The library is free for all purposes without any express | |
6 | * guarantee it works. | |
7 | */ | |
8 | #include "tomcrypt_private.h" | |
9 | ||
10 | /** | |
11 | @file ecc_ssh_ecdsa_encode_name.c | |
12 | Curve/OID to SSH+ECDSA name string mapping per RFC5656 | |
13 | Russ Williams | |
14 | */ | |
15 | ||
16 | /** | |
17 | Curve/OID to SSH+ECDSA name string mapping | |
18 | @param buffer [out] The destination for the name | |
19 | @param buflen [in/out] The max size and resulting size (including terminator) of the name | |
20 | @param key A public or private ECC key | |
21 | @return CRYPT_OK if successful | |
22 | */ | |
23 | int ecc_ssh_ecdsa_encode_name(char *buffer, unsigned long *buflen, const ecc_key *key) | |
24 | { | |
25 | char oidstr[64]; | |
26 | unsigned long oidlen = sizeof(oidstr); | |
27 | unsigned long size = 0; | |
28 | int err; | |
29 | ||
30 | LTC_ARGCHK(buffer != NULL); | |
31 | LTC_ARGCHK(buflen != NULL); | |
32 | LTC_ARGCHK(key != NULL); | |
33 | ||
34 | /* Get the OID of the curve */ | |
35 | if ((err = ecc_get_oid_str(oidstr, &oidlen, key)) != CRYPT_OK) goto error; | |
36 | ||
37 | /* Check for three named curves: nistp256, nistp384, nistp521 */ | |
38 | if (XSTRCMP("1.2.840.10045.3.1.7", oidstr) == 0) { | |
39 | /* nistp256 - secp256r1 - OID 1.2.840.10045.3.1.7 */ | |
40 | size = snprintf(buffer, *buflen, "ecdsa-sha2-nistp256"); | |
41 | } | |
42 | else if (XSTRCMP("1.3.132.0.34", oidstr) == 0) { | |
43 | /* nistp384 - secp384r1 - OID 1.3.132.0.34 */ | |
44 | size = snprintf(buffer, *buflen, "ecdsa-sha2-nistp384"); | |
45 | } | |
46 | else if (XSTRCMP("1.3.132.0.35", oidstr) == 0) { | |
47 | /* nistp521 - secp521r1 - OID 1.3.132.0.35 */ | |
48 | size = snprintf(buffer, *buflen, "ecdsa-sha2-nistp521"); | |
49 | } else { | |
50 | /* Otherwise we use the OID... */ | |
51 | size = snprintf(buffer, *buflen, "ecdsa-sha2-%s", oidstr); | |
52 | } | |
53 | ||
54 | /* snprintf returns size that would have been written, but limits to buflen-1 chars plus terminator */ | |
55 | if (size >= *buflen) { | |
56 | err = CRYPT_BUFFER_OVERFLOW; | |
57 | } else { | |
58 | err = CRYPT_OK; | |
59 | } | |
60 | *buflen = size + 1; /* the string length + NUL byte */ | |
61 | ||
62 | error: | |
63 | return err; | |
64 | } | |
65 | ||
66 | ||
67 | /* ref: $Format:%D$ */ | |
68 | /* git commit: $Format:%H$ */ | |
69 | /* commit time: $Format:%ai$ */ |
75 | 75 | } |
76 | 76 | else if (sigformat == LTC_ECCSIG_RFC7518) { |
77 | 77 | /* RFC7518 format - raw (r,s) */ |
78 | if ((siglen % 2) == 1) { | |
78 | i = mp_unsigned_bin_size(key->dp.order); | |
79 | if (siglen != (2 * i)) { | |
79 | 80 | err = CRYPT_INVALID_PACKET; |
80 | 81 | goto error; |
81 | 82 | } |
82 | i = siglen / 2; | |
83 | 83 | if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig, i)) != CRYPT_OK) { goto error; } |
84 | 84 | if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+i, i)) != CRYPT_OK) { goto error; } |
85 | 85 | } |
86 | 86 | else if (sigformat == LTC_ECCSIG_ETH27) { |
87 | 87 | /* Ethereum (v,r,s) format */ |
88 | if (key->dp.oidlen != 5 || key->dp.oid[0] != 1 || key->dp.oid[1] != 3 || | |
89 | key->dp.oid[2] != 132 || key->dp.oid[3] != 0 || key->dp.oid[4] != 10) { | |
88 | if (pk_oid_cmp_with_ulong("1.3.132.0.10", key->dp.oid, key->dp.oidlen) != CRYPT_OK) { | |
90 | 89 | /* Only valid for secp256k1 - OID 1.3.132.0.10 */ |
91 | 90 | err = CRYPT_ERROR; goto error; |
92 | 91 | } |
97 | 96 | if ((err = mp_read_unsigned_bin(r, (unsigned char *)sig, 32)) != CRYPT_OK) { goto error; } |
98 | 97 | if ((err = mp_read_unsigned_bin(s, (unsigned char *)sig+32, 32)) != CRYPT_OK) { goto error; } |
99 | 98 | } |
99 | #ifdef LTC_SSH | |
100 | else if (sigformat == LTC_ECCSIG_RFC5656) { | |
101 | char name[64], name2[64]; | |
102 | unsigned long namelen = sizeof(name2); | |
103 | ||
104 | /* Decode as SSH data sequence, per RFC4251 */ | |
105 | if ((err = ssh_decode_sequence_multi(sig, siglen, | |
106 | LTC_SSHDATA_STRING, name, 64, | |
107 | LTC_SSHDATA_MPINT, r, | |
108 | LTC_SSHDATA_MPINT, s, | |
109 | LTC_SSHDATA_EOL, NULL)) != CRYPT_OK) { goto error; } | |
110 | ||
111 | ||
112 | /* Check curve matches identifier string */ | |
113 | if ((err = ecc_ssh_ecdsa_encode_name(name2, &namelen, key)) != CRYPT_OK) { goto error; } | |
114 | if (XSTRCMP(name,name2) != 0) { | |
115 | err = CRYPT_INVALID_ARG; | |
116 | goto error; | |
117 | } | |
118 | } | |
119 | #endif | |
100 | 120 | else { |
101 | 121 | /* Unknown signature format */ |
102 | 122 | err = CRYPT_ERROR; |