ltc 1.18.0
Karel Miko
6 years ago
254 | 254 | RETVAL = newSVpvn((char*)out, out_len); |
255 | 255 | } |
256 | 256 | else if (strnEQ(type, "public_compressed", 17)) { |
257 | rv = ecc_export_raw(out, &out_len, PK_PUBLIC_COMPRESSED, &self->key); | |
257 | rv = ecc_export_raw(out, &out_len, PK_PUBLIC|PK_COMPRESSED, &self->key); | |
258 | 258 | if (rv != CRYPT_OK) croak("FATAL: ecc_export_raw(public_compressed) failed: %s", error_to_string(rv)); |
259 | 259 | RETVAL = newSVpvn((char*)out, out_len); |
260 | 260 | } |
26 | 26 | |
27 | 27 | /* version */ |
28 | 28 | #define CRYPT 0x0118 |
29 | #define SCRYPT "1.18.0-rc3" | |
29 | #define SCRYPT "1.18.0" | |
30 | 30 | |
31 | 31 | /* max size of either a cipher/hash block or symmetric key [largest of the two] */ |
32 | 32 | #define MAXBLOCKSIZE 128 |
67 | 67 | CRYPT_OVERFLOW, /* An overflow of a value was detected/prevented */ |
68 | 68 | |
69 | 69 | CRYPT_UNUSED1, /* UNUSED1 */ |
70 | CRYPT_UNUSED2, /* UNUSED2 */ | |
70 | ||
71 | CRYPT_INPUT_TOO_LONG, /* The input was longer than expected. */ | |
71 | 72 | |
72 | 73 | CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */ |
73 | 74 |
218 | 218 | #endif |
219 | 219 | #endif |
220 | 220 | |
221 | #if defined(ENDIAN_64BITWORD) && !defined(_MSC_VER) | |
222 | typedef unsigned long long ltc_mp_digit; | |
223 | #else | |
224 | typedef unsigned long ltc_mp_digit; | |
225 | #endif | |
226 | ||
227 | /* No asm is a quick way to disable anything "not portable" */ | |
228 | #ifdef LTC_NO_ASM | |
229 | #define ENDIAN_NEUTRAL | |
230 | #undef ENDIAN_32BITWORD | |
231 | #undef ENDIAN_64BITWORD | |
232 | #undef LTC_FAST | |
233 | #define LTC_NO_ROLC | |
234 | #define LTC_NO_BSWAP | |
235 | #endif | |
236 | ||
221 | 237 | /* No LTC_FAST if: explicitly disabled OR non-gcc/non-clang compiler OR old gcc OR using -ansi -std=c99 */ |
222 | 238 | #if defined(LTC_NO_FAST) || (__GNUC__ < 4) || defined(__STRICT_ANSI__) |
223 | 239 | #undef LTC_FAST |
232 | 248 | #endif |
233 | 249 | #endif |
234 | 250 | |
235 | #ifdef ENDIAN_64BITWORD | |
236 | typedef ulong64 ltc_mp_digit; | |
237 | #else | |
238 | typedef ulong32 ltc_mp_digit; | |
239 | #endif | |
240 | ||
241 | /* No asm is a quick way to disable anything "not portable" */ | |
242 | #ifdef LTC_NO_ASM | |
243 | #define ENDIAN_NEUTRAL | |
244 | #undef ENDIAN_32BITWORD | |
245 | #undef ENDIAN_64BITWORD | |
246 | #undef LTC_FAST | |
247 | #undef LTC_FAST_TYPE | |
248 | #define LTC_NO_ROLC | |
249 | #define LTC_NO_BSWAP | |
250 | #endif | |
251 | ||
252 | 251 | #if !defined(ENDIAN_NEUTRAL) && (defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) && !(defined(ENDIAN_32BITWORD) || defined(ENDIAN_64BITWORD)) |
253 | #error You must specify a word size as well as endianess in tomcrypt_cfg.h | |
252 | #error You must specify a word size as well as endianess in tomcrypt_cfg.h | |
254 | 253 | #endif |
255 | 254 | |
256 | 255 | #if !(defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) |
258 | 257 | #endif |
259 | 258 | |
260 | 259 | #if (defined(ENDIAN_32BITWORD) && defined(ENDIAN_64BITWORD)) |
261 | #error Cannot be 32 and 64 bit words... | |
260 | #error Cannot be 32 and 64 bit words... | |
262 | 261 | #endif |
263 | 262 | |
264 | 263 | /* gcc 4.3 and up has a bswap builtin; detect it by gcc version. |
61 | 61 | |
62 | 62 | /* shortcut to disable automatic inclusion */ |
63 | 63 | #if defined LTC_NOTHING && !defined LTC_EASY |
64 | #define LTC_NO_MATH | |
65 | 64 | #define LTC_NO_CIPHERS |
66 | 65 | #define LTC_NO_MODES |
67 | 66 | #define LTC_NO_HASHES |
423 | 422 | /* Enable ECC timing resistant version by default */ |
424 | 423 | #define LTC_ECC_TIMING_RESISTANT |
425 | 424 | #endif |
426 | ||
427 | /* define these PK sizes out of LTC_NO_PK | |
428 | * to have them always defined | |
429 | */ | |
430 | #if defined(LTC_MRSA) | |
431 | /* Min and Max RSA key sizes (in bits) */ | |
432 | #ifndef MIN_RSA_SIZE | |
433 | #define MIN_RSA_SIZE 1024 | |
434 | #endif | |
435 | #ifndef MAX_RSA_SIZE | |
436 | #define MAX_RSA_SIZE 4096 | |
437 | #endif | |
438 | #endif | |
439 | ||
440 | /* in cases where you want ASN.1/DER functionality, but no | |
441 | * RSA, you can define this externally if 1024 is not enough | |
442 | */ | |
443 | #if defined(LTC_MRSA) | |
444 | #define LTC_DER_MAX_PUBKEY_SIZE MAX_RSA_SIZE | |
445 | #elif !defined(LTC_DER_MAX_PUBKEY_SIZE) | |
446 | /* this includes DSA */ | |
447 | #define LTC_DER_MAX_PUBKEY_SIZE 1024 | |
448 | #endif | |
449 | ||
450 | 425 | |
451 | 426 | /* PKCS #1 (RSA) and #5 (Password Handling) stuff */ |
452 | 427 | #ifndef LTC_NO_PKCS |
25 | 25 | |
26 | 26 | #ifndef LTC_MILLER_RABIN_REPS |
27 | 27 | /* Number of rounds of the Miller-Rabin test |
28 | * "Reasonable values of reps are between 15 and 50." c.f. gmp doc of mpz_probab_prime_p() */ | |
29 | #define LTC_MILLER_RABIN_REPS 35 | |
28 | * "Reasonable values of reps are between 15 and 50." c.f. gmp doc of mpz_probab_prime_p() | |
29 | * As of https://security.stackexchange.com/a/4546 we should use 40 rounds */ | |
30 | #define LTC_MILLER_RABIN_REPS 40 | |
30 | 31 | #endif |
31 | 32 | |
32 | 33 | int radix_to_bin(const void *in, int radix, void *out, unsigned long *len); |
77 | 77 | #ifdef TFM_DESC |
78 | 78 | void init_TFM(void); |
79 | 79 | #endif |
80 | /* *** use of GMP is untested *** | |
81 | 80 | #ifdef GMP_DESC |
82 | 81 | void init_GMP(void); |
83 | 82 | #endif |
84 | */ | |
85 | 83 | |
86 | 84 | #ifdef LTC_ADLER32 |
87 | 85 | typedef struct adler32_state_s |
10 | 10 | |
11 | 11 | enum { |
12 | 12 | PK_PUBLIC=0, |
13 | PK_PRIVATE=1, | |
14 | PK_PUBLIC_COMPRESSED=2, /* used only when exporting public ECC key */ | |
15 | PK_CURVEOID=4 /* used only when exporting public ECC key */ | |
13 | PK_PRIVATE=1 | |
16 | 14 | }; |
17 | 15 | |
18 | 16 | /* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */ |
19 | 17 | #define PK_STD 0x1000 |
18 | /* Indicates compressed public ECC key */ | |
19 | #define PK_COMPRESSED 0x2000 | |
20 | /* Indicates ECC key with the curve specified by OID */ | |
21 | #define PK_CURVEOID 0x4000 | |
20 | 22 | |
21 | 23 | int rand_prime(void *N, long len, prng_state *prng, int wprng); |
22 | 24 |
398 | 398 | #if defined(LTC_DER) |
399 | 399 | " DER " |
400 | 400 | #endif |
401 | #if defined(LTC_DER_MAX_PUBKEY_SIZE) | |
402 | " " NAME_VALUE(LTC_DER_MAX_PUBKEY_SIZE) " " | |
403 | #endif | |
404 | 401 | #if defined(LTC_PKCS_1) |
405 | 402 | " PKCS#1 " |
406 | 403 | #endif |
47 | 47 | _C_STRINGIFY(CRYPT_PK_INVALID_TYPE), |
48 | 48 | _C_STRINGIFY(CRYPT_OVERFLOW), |
49 | 49 | _C_STRINGIFY(CRYPT_UNUSED1), |
50 | _C_STRINGIFY(CRYPT_UNUSED2), | |
50 | _C_STRINGIFY(CRYPT_INPUT_TOO_LONG), | |
51 | 51 | _C_STRINGIFY(CRYPT_PK_INVALID_SIZE), |
52 | 52 | _C_STRINGIFY(CRYPT_INVALID_PRIME_SIZE), |
53 | 53 | _C_STRINGIFY(CRYPT_PK_INVALID_PADDING), |
76 | 76 | |
77 | 77 | #ifdef LTC_MRSA |
78 | 78 | {"LTC_MRSA", 1}, |
79 | _C_STRINGIFY(MIN_RSA_SIZE), | |
80 | _C_STRINGIFY(MAX_RSA_SIZE), | |
81 | 79 | #else |
82 | 80 | {"LTC_MRSA", 0}, |
83 | 81 | #endif |
106 | 104 | {"LTC_MDSA", 0}, |
107 | 105 | #endif |
108 | 106 | |
109 | #ifdef LTC_DER_MAX_PUBKEY_SIZE | |
110 | _C_STRINGIFY(LTC_DER_MAX_PUBKEY_SIZE), | |
111 | #endif | |
112 | 107 | #ifdef LTC_MILLER_RABIN_REPS |
113 | 108 | _C_STRINGIFY(LTC_MILLER_RABIN_REPS), |
114 | 109 | #endif |
152 | 147 | _C_STRINGIFY(LTC_GCM_MODE_TEXT), |
153 | 148 | #endif |
154 | 149 | |
150 | _C_STRINGIFY(LTC_MP_LT), | |
151 | _C_STRINGIFY(LTC_MP_EQ), | |
152 | _C_STRINGIFY(LTC_MP_GT), | |
153 | ||
155 | 154 | _C_STRINGIFY(LTC_MP_NO), |
156 | 155 | _C_STRINGIFY(LTC_MP_YES), |
157 | 156 |
272 | 272 | _SZ_STRINGIFY_T(crc32_state), |
273 | 273 | #endif |
274 | 274 | |
275 | _SZ_STRINGIFY_T(ltc_mp_digit), | |
276 | _SZ_STRINGIFY_T(ltc_math_descriptor) | |
275 | 277 | |
276 | 278 | }; |
277 | 279 |
46 | 46 | "An overflow of a value was detected/prevented.", |
47 | 47 | |
48 | 48 | "UNUSED1.", |
49 | "UNUSED2.", | |
49 | ||
50 | "The input was longer than expected.", | |
50 | 51 | |
51 | 52 | "Invalid sized parameter.", |
52 | 53 |
16 | 16 | #ifdef LTC_DER |
17 | 17 | |
18 | 18 | #define SETBIT(v, n) (v=((unsigned char)(v) | (1U << (unsigned char)(n)))) |
19 | #define CLRBIT(v, n) (v=((unsigned char)(v) & ~(1U << (unsigned char)(n)))) | |
19 | 20 | |
20 | 21 | /** |
21 | 22 | Store a BIT STRING |
83 | 84 | |
84 | 85 | /* decode/store the bits */ |
85 | 86 | for (y = 0; y < blen; y++) { |
86 | if (in[x] & (1 << (7 - (y & 7)))) { | |
87 | SETBIT(out[y/8], 7-(y%8)); | |
88 | } | |
89 | if ((y & 7) == 7) { | |
90 | ++x; | |
91 | } | |
87 | if (in[x] & (1 << (7 - (y & 7)))) { | |
88 | SETBIT(out[y/8], 7-(y%8)); | |
89 | } else { | |
90 | CLRBIT(out[y/8], 7-(y%8)); | |
91 | } | |
92 | if ((y & 7) == 7) { | |
93 | ++x; | |
94 | } | |
92 | 95 | } |
93 | 96 | |
94 | 97 | /* we done */ |
20 | 20 | /** |
21 | 21 | Store a BIT STRING |
22 | 22 | @param in The array of bits to store (8 per char) |
23 | @param inlen The number of bits tostore | |
23 | @param inlen The number of bits to store | |
24 | 24 | @param out [out] The destination for the DER encoded BIT STRING |
25 | 25 | @param outlen [in/out] The max size and resulting size of the DER BIT STRING |
26 | 26 | @return CRYPT_OK if successful |
67 | 67 | |
68 | 68 | /* store the bits in big endian format */ |
69 | 69 | for (y = buf = 0; y < inlen; y++) { |
70 | buf |= (getbit(in[y/8],7-y%8)?1:0) << (7 - (y & 7)); | |
71 | if ((y & 7) == 7) { | |
72 | out[x++] = buf; | |
73 | buf = 0; | |
74 | } | |
70 | buf |= (getbit(in[y/8],7-y%8)?1:0) << (7 - (y & 7)); | |
71 | if ((y & 7) == 7) { | |
72 | out[x++] = buf; | |
73 | buf = 0; | |
74 | } | |
75 | 75 | } |
76 | 76 | /* store last byte */ |
77 | 77 | if (inlen & 7) { |
327 | 327 | if (inlen == 0) { |
328 | 328 | err = CRYPT_OK; |
329 | 329 | } else { |
330 | err = CRYPT_PK_INVALID_SIZE; | |
330 | err = CRYPT_INPUT_TOO_LONG; | |
331 | 331 | } |
332 | 332 | |
333 | 333 | LBL_ERR: |
66 | 66 | } |
67 | 67 | |
68 | 68 | /* see if the OpenSSL DER format RSA public key will work */ |
69 | tmpbuf = XCALLOC(1, LTC_DER_MAX_PUBKEY_SIZE*8); | |
69 | tmpbuf = XCALLOC(1, inlen); | |
70 | 70 | if (tmpbuf == NULL) { |
71 | 71 | err = CRYPT_MEM; |
72 | 72 | goto LBL_ERR; |
80 | 80 | * in a **BIT** string ... so we have to extract it then proceed to convert bit to octet |
81 | 81 | */ |
82 | 82 | LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2); |
83 | LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, LTC_DER_MAX_PUBKEY_SIZE*8); | |
83 | LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, inlen*8U); | |
84 | 84 | |
85 | 85 | err=der_decode_sequence(in, inlen, subject_pubkey, 2UL); |
86 | 86 | if (err != CRYPT_OK) { |
57 | 57 | |
58 | 58 | return der_encode_sequence_multi(out, outlen, |
59 | 59 | LTC_ASN1_SEQUENCE, (unsigned long)sizeof(alg_id)/sizeof(alg_id[0]), alg_id, |
60 | LTC_ASN1_RAW_BIT_STRING, (unsigned long)(public_key_len*8), public_key, | |
60 | LTC_ASN1_RAW_BIT_STRING, public_key_len*8U, public_key, | |
61 | 61 | LTC_ASN1_EOL, 0UL, NULL); |
62 | 62 | |
63 | 63 | } |
36 | 36 | LTC_ASN1_SHORT_INTEGER, 1UL, &version, |
37 | 37 | LTC_ASN1_BIT_STRING, 1UL, &flags, |
38 | 38 | LTC_ASN1_EOL, 0UL, NULL); |
39 | if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) { | |
39 | if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { | |
40 | 40 | goto error; |
41 | 41 | } |
42 | 42 | |
57 | 57 | goto error; |
58 | 58 | } |
59 | 59 | } |
60 | else { | |
60 | else if (flags[0] == 0) { | |
61 | 61 | key->type = PK_PUBLIC; |
62 | 62 | if ((err = der_decode_sequence_multi(in, inlen, |
63 | 63 | LTC_ASN1_SHORT_INTEGER, 1UL, &version, |
68 | 68 | LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { |
69 | 69 | goto error; |
70 | 70 | } |
71 | mp_clear(key->x); | |
72 | key->x = NULL; | |
71 | } | |
72 | else { | |
73 | err = CRYPT_INVALID_PACKET; | |
74 | goto error; | |
73 | 75 | } |
74 | 76 | } |
75 | 77 | else { |
29 | 29 | { |
30 | 30 | unsigned char *skey, *expt; |
31 | 31 | void *g_pub; |
32 | unsigned long x, y, hashOID[32]; | |
32 | unsigned long x, y; | |
33 | unsigned long hashOID[32] = { 0 }; | |
33 | 34 | int hash, err; |
34 | 35 | ltc_asn1_list decode[3]; |
35 | 36 | |
46 | 47 | /* decode to find out hash */ |
47 | 48 | LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); |
48 | 49 | err = der_decode_sequence(in, inlen, decode, 1); |
49 | if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) { | |
50 | if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { | |
50 | 51 | return err; |
51 | 52 | } |
52 | 53 |
41 | 41 | err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, |
42 | 42 | LTC_ASN1_EOL, 0UL, NULL); |
43 | 43 | |
44 | if (err == CRYPT_OK || err == CRYPT_PK_INVALID_SIZE) { | |
44 | if (err == CRYPT_OK || err == CRYPT_INPUT_TOO_LONG) { | |
45 | 45 | /* private key */ |
46 | if (flags[0]) { | |
46 | if (flags[0] == 1) { | |
47 | 47 | if ((err = der_decode_sequence_multi(in, inlen, |
48 | 48 | LTC_ASN1_BIT_STRING, 1UL, flags, |
49 | 49 | LTC_ASN1_INTEGER, 1UL, key->g, |
58 | 58 | goto LBL_OK; |
59 | 59 | } |
60 | 60 | /* public key */ |
61 | else { | |
61 | else if (flags[0] == 0) { | |
62 | 62 | if ((err = der_decode_sequence_multi(in, inlen, |
63 | 63 | LTC_ASN1_BIT_STRING, 1UL, flags, |
64 | 64 | LTC_ASN1_INTEGER, 1UL, key->g, |
70 | 70 | } |
71 | 71 | key->type = PK_PUBLIC; |
72 | 72 | goto LBL_OK; |
73 | } | |
74 | else { | |
75 | err = CRYPT_INVALID_PACKET; | |
76 | goto LBL_ERR; | |
73 | 77 | } |
74 | 78 | } |
75 | 79 | /* get key type */ |
85 | 89 | key->type = PK_PRIVATE; |
86 | 90 | } else { /* public */ |
87 | 91 | ltc_asn1_list params[3]; |
88 | unsigned long tmpbuf_len = LTC_DER_MAX_PUBKEY_SIZE*8; | |
92 | unsigned long tmpbuf_len = inlen; | |
89 | 93 | |
90 | 94 | LTC_SET_ASN1(params, 0, LTC_ASN1_INTEGER, key->p, 1UL); |
91 | 95 | LTC_SET_ASN1(params, 1, LTC_ASN1_INTEGER, key->q, 1UL); |
50 | 50 | /* decode to find out hash */ |
51 | 51 | LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); |
52 | 52 | err = der_decode_sequence(in, inlen, decode, 1); |
53 | if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) { | |
53 | if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { | |
54 | 54 | return err; |
55 | 55 | } |
56 | 56 |
81 | 81 | } |
82 | 82 | |
83 | 83 | pubkeysize = ECC_BUF_SIZE; |
84 | if ((err = ecc_export_raw(pub_expt, &pubkeysize, PK_PUBLIC_COMPRESSED, &pubkey)) != CRYPT_OK) { | |
84 | if ((err = ecc_export_raw(pub_expt, &pubkeysize, PK_PUBLIC|PK_COMPRESSED, &pubkey)) != CRYPT_OK) { | |
85 | 85 | ecc_free(&pubkey); |
86 | 86 | goto LBL_ERR; |
87 | 87 | } |
18 | 18 | /** Export raw public or private key (public keys = ANS X9.63 compressed or uncompressed; private keys = raw bytes) |
19 | 19 | @param out [out] destination of export |
20 | 20 | @param outlen [in/out] Length of destination and final output size |
21 | @param type PK_PRIVATE, PK_PUBLIC or PK_PUBLIC_COMPRESSED | |
21 | @param type PK_PRIVATE, PK_PUBLIC or PK_PUBLIC|PK_COMPRESSED | |
22 | 22 | @param key Key to export |
23 | 23 | Return CRYPT_OK on success |
24 | 24 | */ |
26 | 26 | int ecc_export_raw(unsigned char *out, unsigned long *outlen, int type, ecc_key *key) |
27 | 27 | { |
28 | 28 | unsigned long size, ksize; |
29 | int err; | |
29 | int err, compressed; | |
30 | 30 | |
31 | 31 | LTC_ARGCHK(key != NULL); |
32 | 32 | LTC_ARGCHK(out != NULL); |
37 | 37 | } |
38 | 38 | size = key->dp->size; |
39 | 39 | |
40 | if (type == PK_PUBLIC_COMPRESSED) { | |
40 | compressed = type & PK_COMPRESSED; | |
41 | type &= ~PK_COMPRESSED; | |
42 | ||
43 | if (type == PK_PUBLIC && compressed) { | |
41 | 44 | if ((err = ltc_ecc_export_point(out, outlen, key->pubkey.x, key->pubkey.y, size, 1)) != CRYPT_OK) return err; |
42 | 45 | } |
43 | 46 | else if (type == PK_PUBLIC) { |
56 | 56 | /* find out what type of key it is */ |
57 | 57 | err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, |
58 | 58 | LTC_ASN1_EOL, 0UL, NULL); |
59 | if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) { | |
59 | if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { | |
60 | 60 | goto done; |
61 | 61 | } |
62 | ||
62 | 63 | |
63 | 64 | if (flags[0] == 1) { |
64 | 65 | /* private key */ |
72 | 73 | LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { |
73 | 74 | goto done; |
74 | 75 | } |
75 | } else { | |
76 | } else if (flags[0] == 0) { | |
76 | 77 | /* public key */ |
77 | 78 | key->type = PK_PUBLIC; |
78 | 79 | if ((err = der_decode_sequence_multi(in, inlen, |
84 | 85 | goto done; |
85 | 86 | } |
86 | 87 | } |
88 | else { | |
89 | err = CRYPT_INVALID_PACKET; | |
90 | goto done; | |
91 | } | |
87 | 92 | |
88 | 93 | if (dp == NULL) { |
89 | /* BEWARE: Here we are looking up the curve params by keysize (neither curve name nor curve oid), | |
90 | * which might be ambiguous (there can more than one curve for given keysize). | |
91 | * Thus the chosen curve depends on order of items in ltc_ecc_sets[] - see ecc.c file. | |
92 | */ | |
93 | 94 | /* find the idx */ |
94 | 95 | for (key->idx = 0; ltc_ecc_sets[key->idx].size && (unsigned long)ltc_ecc_sets[key->idx].size != key_size; ++key->idx); |
95 | 96 | if (ltc_ecc_sets[key->idx].size == 0) { |
39 | 39 | } |
40 | 40 | |
41 | 41 | /* see if the OpenSSL DER format RSA public key will work */ |
42 | tmpbuf_len = MAX_RSA_SIZE * 8; | |
42 | tmpbuf_len = inlen; | |
43 | 43 | tmpbuf = XCALLOC(1, tmpbuf_len); |
44 | 44 | if (tmpbuf == NULL) { |
45 | 45 | err = CRYPT_MEM; |
68 | 68 | err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N, |
69 | 69 | LTC_ASN1_EOL, 0UL, NULL); |
70 | 70 | |
71 | if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) { | |
71 | if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) { | |
72 | 72 | goto LBL_ERR; |
73 | 73 | } |
74 | 74 |
38 | 38 | return err; |
39 | 39 | } |
40 | 40 | |
41 | tmpbuf_len = MAX_RSA_SIZE * 8; | |
41 | tmpbuf_len = inlen; | |
42 | 42 | tmpbuf = XCALLOC(1, tmpbuf_len); |
43 | 43 | if (tmpbuf == NULL) { |
44 | 44 | err = CRYPT_MEM; |