diff options
| -rw-r--r-- | lib/auth/srp.c | 10 | ||||
| -rw-r--r-- | lib/crypto-backend.h | 5 | ||||
| -rw-r--r-- | lib/gnutls_mpi.c | 5 | ||||
| -rw-r--r-- | lib/gnutls_mpi.h | 2 | ||||
| -rw-r--r-- | lib/gnutls_pk.c | 12 | ||||
| -rw-r--r-- | lib/nettle/mpi.c | 58 | ||||
| -rw-r--r-- | lib/nettle/pk.c | 39 | ||||
| -rw-r--r-- | tests/mpi.c | 19 |
8 files changed, 77 insertions, 73 deletions
diff --git a/lib/auth/srp.c b/lib/auth/srp.c index 7e579e5cc0..c142081aa9 100644 --- a/lib/auth/srp.c +++ b/lib/auth/srp.c @@ -738,7 +738,12 @@ group_check_g_n(gnutls_session_t session, bigint_t g, bigint_t n) /* q = q/2, remember that q is divisible by 2 (prime - 1) */ - _gnutls_mpi_set_ui(two, 2); + ret = _gnutls_mpi_set_ui(two, 2); + if (ret < 0) { + gnutls_assert(); + goto error; + } + _gnutls_mpi_div(q, q, two); if (_gnutls_prime_check(q) != 0) { @@ -746,7 +751,8 @@ group_check_g_n(gnutls_session_t session, bigint_t g, bigint_t n) */ _gnutls_mpi_log("no prime Q: ", q); gnutls_assert(); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + goto error; } /* We also check whether g is a generator, diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h index ff798b581c..32c7c3980b 100644 --- a/lib/crypto-backend.h +++ b/lib/crypto-backend.h @@ -116,9 +116,10 @@ typedef struct gnutls_crypto_bigint { /* r = a % b */ int (*bigint_modm) (bigint_t r, const bigint_t a, const bigint_t b); /* a = b -> ret == a */ - bigint_t (*bigint_set) (bigint_t a, const bigint_t b); + int (*bigint_set) (bigint_t a, const bigint_t b); + bigint_t (*bigint_copy) (const bigint_t a); /* a = b -> ret == a */ - bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b); + int (*bigint_set_ui) (bigint_t a, unsigned long b); unsigned int (*bigint_get_nbits) (const bigint_t a); /* w = b ^ e mod m */ bigint_t(*bigint_powm) (bigint_t w, const bigint_t b, diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c index 44dbc9d5e0..fc059da303 100644 --- a/lib/gnutls_mpi.c +++ b/lib/gnutls_mpi.c @@ -87,7 +87,10 @@ _gnutls_mpi_random_modp(bigint_t r, bigint_t p, } if (r != NULL) { - _gnutls_mpi_set(r, tmp); + ret = _gnutls_mpi_set(r, tmp); + if (ret < 0) + goto cleanup; + _gnutls_mpi_release(&tmp); return r; } diff --git a/lib/gnutls_mpi.h b/lib/gnutls_mpi.h index 3d59e464f9..63b2581d40 100644 --- a/lib/gnutls_mpi.h +++ b/lib/gnutls_mpi.h @@ -58,7 +58,7 @@ bigint_t _gnutls_mpi_random_modp(bigint_t, bigint_t p, #define _gnutls_mpi_print(x,y,z) _gnutls_mpi_ops.bigint_print(x,y,z,GNUTLS_MPI_FORMAT_USG) #define _gnutls_mpi_print_lz(x,y,z) _gnutls_mpi_ops.bigint_print(x,y,z,GNUTLS_MPI_FORMAT_STD) #define _gnutls_mpi_print_pgp(x,y,z) _gnutls_mpi_ops.bigint_print(x,y,z,GNUTLS_MPI_FORMAT_PGP) -#define _gnutls_mpi_copy( a) _gnutls_mpi_set( NULL, a) +#define _gnutls_mpi_copy _gnutls_mpi_ops.bigint_copy inline static void _gnutls_mpi_release(bigint_t * x) diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 8e7a5702cb..236e4f7d42 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -178,16 +178,20 @@ int _gnutls_pk_params_copy(gnutls_pk_params_st * dst, dst->algo = src->algo; for (i = 0; i < src->params_nr; i++) { - dst->params[i] = _gnutls_mpi_set(NULL, src->params[i]); + dst->params[i] = _gnutls_mpi_copy(src->params[i]); if (dst->params[i] == NULL) { - for (j = 0; j < i; j++) - _gnutls_mpi_release(&dst->params[j]); - return GNUTLS_E_MEMORY_ERROR; + goto fail; } + dst->params_nr++; } return 0; + +fail: + for (j = 0; j < i; j++) + _gnutls_mpi_release(&dst->params[j]); + return GNUTLS_E_MEMORY_ERROR; } void gnutls_pk_params_init(gnutls_pk_params_st * p) diff --git a/lib/nettle/mpi.c b/lib/nettle/mpi.c index 8cac69b363..5d2818ebdd 100644 --- a/lib/nettle/mpi.c +++ b/lib/nettle/mpi.c @@ -93,32 +93,27 @@ static int wrap_nettle_mpi_init_multi(bigint_t *w, ...) { va_list args; bigint_t *next; - mpz_t *r; + int ret; bigint_t* last_failed = NULL; - r = gnutls_malloc(sizeof(*r)); - if (r == NULL) { + ret = wrap_nettle_mpi_init(w); + if (ret < 0) { gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + return ret; } - mpz_init(*r); - *w = r; - va_start(args, w); do { next = va_arg(args, bigint_t*); if (next != NULL) { - r = gnutls_malloc(sizeof(*r)); - if (r == NULL) { + ret = wrap_nettle_mpi_init(next); + if (ret < 0) { gnutls_assert(); va_end(args); last_failed = next; goto fail; } - mpz_init(*r); - *next = r; } } while(next != 0); @@ -206,40 +201,32 @@ static int wrap_nettle_mpi_cmp_ui(const bigint_t u, unsigned long v) return mpz_cmp_ui(*i1, v); } -static bigint_t wrap_nettle_mpi_set(bigint_t w, const bigint_t u) +static int wrap_nettle_mpi_set(bigint_t w, const bigint_t u) { - mpz_t *i1, *i2 = u; - int ret; - - if (w == NULL) { - ret = wrap_nettle_mpi_init(&w); - if (ret < 0) - return NULL; - } + mpz_set(TOMPZ(w), TOMPZ(u)); - i1 = w; - - mpz_set(*i1, *i2); - - return i1; + return 0; } -static bigint_t wrap_nettle_mpi_set_ui(bigint_t w, unsigned long u) +static bigint_t wrap_nettle_mpi_copy(const bigint_t u) { - mpz_t *i1; int ret; + bigint_t w; - if (w == NULL) { - ret = wrap_nettle_mpi_init(&w); - if (ret < 0) - return NULL; - } + ret = wrap_nettle_mpi_init(&w); + if (ret < 0) + return NULL; - i1 = w; + mpz_set(TOMPZ(w), u); - mpz_set_ui(*i1, u); + return w; +} - return i1; +static int wrap_nettle_mpi_set_ui(bigint_t w, unsigned long u) +{ + mpz_set_ui(TOMPZ(w), u); + + return 0; } static unsigned int wrap_nettle_mpi_get_nbits(bigint_t a) @@ -474,6 +461,7 @@ gnutls_crypto_bigint_st _gnutls_mpi_ops = { .bigint_cmp = wrap_nettle_mpi_cmp, .bigint_cmp_ui = wrap_nettle_mpi_cmp_ui, .bigint_modm = wrap_nettle_mpi_modm, + .bigint_copy = wrap_nettle_mpi_copy, .bigint_set = wrap_nettle_mpi_set, .bigint_set_ui = wrap_nettle_mpi_set_ui, .bigint_get_nbits = wrap_nettle_mpi_get_nbits, diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 515380b421..59b5486b26 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -829,18 +829,19 @@ wrap_nettle_pk_generate_params(gnutls_pk_algorithm_t algo, params->params_nr = 0; - ret = _gnutls_mpi_init_multi(¶ms->params[0], ¶ms->params[1], - ¶ms->params[2], NULL); + ret = _gnutls_mpi_init_multi(¶ms->params[DSA_P], ¶ms->params[DSA_Q], + ¶ms->params[DSA_G], NULL); if (ret < 0) { gnutls_assert(); goto dsa_fail; } params->params_nr = 3; + mpz_set(TOMPZ(params->params[DSA_P]), pub.p); + mpz_set(TOMPZ(params->params[DSA_Q]), pub.q); + mpz_set(TOMPZ(params->params[DSA_G]), pub.g); + ret = 0; - _gnutls_mpi_set(params->params[0], pub.p); - _gnutls_mpi_set(params->params[1], pub.q); - _gnutls_mpi_set(params->params[2], pub.g); dsa_fail: dsa_private_key_clear(&priv); @@ -916,8 +917,8 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, goto dsa_fail; } - _gnutls_mpi_set(params->params[DSA_Y], pub.y); - _gnutls_mpi_set(params->params[DSA_X], priv.x); + mpz_set(TOMPZ(params->params[DSA_Y]), pub.y); + mpz_set(TOMPZ(params->params[DSA_X]), pub.x); params->params_nr += 2; dsa_fail: @@ -986,8 +987,8 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, goto dh_fail; } - _gnutls_mpi_set(params->params[DSA_Y], y); - _gnutls_mpi_set(params->params[DSA_X], x); + mpz_set(TOMPZ(params->params[DSA_Y]), y); + mpz_set(TOMPZ(params->params[DSA_X]), x); params->params_nr += 2; ret = 0; @@ -1010,7 +1011,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, rsa_public_key_init(&pub); rsa_private_key_init(&priv); - _gnutls_mpi_set_ui(&pub.e, 65537); + mpz_set_ui(pub.e, 65537); ret = rsa_generate_keypair(&pub, &priv, NULL, @@ -1032,16 +1033,16 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, params->params_nr++; } - ret = 0; + mpz_set(TOMPZ(params->params[0]), pub.n); + mpz_set(TOMPZ(params->params[1]), pub.e); + mpz_set(TOMPZ(params->params[2]), priv.d); + mpz_set(TOMPZ(params->params[3]), priv.p); + mpz_set(TOMPZ(params->params[4]), priv.q); + mpz_set(TOMPZ(params->params[5]), priv.c); + mpz_set(TOMPZ(params->params[6]), priv.a); + mpz_set(TOMPZ(params->params[7]), priv.b); - _gnutls_mpi_set(params->params[0], pub.n); - _gnutls_mpi_set(params->params[1], pub.e); - _gnutls_mpi_set(params->params[2], priv.d); - _gnutls_mpi_set(params->params[3], priv.p); - _gnutls_mpi_set(params->params[4], priv.q); - _gnutls_mpi_set(params->params[5], priv.c); - _gnutls_mpi_set(params->params[6], priv.a); - _gnutls_mpi_set(params->params[7], priv.b); + ret = 0; rsa_fail: rsa_private_key_clear(&priv); diff --git a/tests/mpi.c b/tests/mpi.c index af59140145..58aa527815 100644 --- a/tests/mpi.c +++ b/tests/mpi.c @@ -40,6 +40,7 @@ static void tls_log_func(int level, const char *str) void doit(void) { bigint_t n1, n2, n3, n4; + int ret; global_init(); @@ -47,24 +48,24 @@ void doit(void) if (debug) gnutls_global_set_log_level(99); - n1 = _gnutls_mpi_new(1000); - if (n1 == NULL) + ret = _gnutls_mpi_init_multi(&n1, &n2, &n3, NULL); + if (ret < 0) fail("mpi_new failed\n"); - n2 = _gnutls_mpi_set_ui(NULL, 2); - if (n2 == NULL) + ret = _gnutls_mpi_set_ui(n2, 2); + if (ret < 0) fail("mpi_set_ui failed\n"); - n3 = _gnutls_mpi_set_ui(NULL, 5); - if (n3 == NULL) + ret = _gnutls_mpi_set_ui(n3, 5); + if (ret < 0) fail("mpi_set_ui failed\n"); - n1 = _gnutls_mpi_set_ui(n1, 12498924); - if (n3 == NULL) + ret = _gnutls_mpi_set_ui(n1, 12498924); + if (ret < 0) fail("mpi_set_ui failed\n"); n4 = _gnutls_mpi_addm(NULL, n1, n3, n2); - if (n4 == NULL) + if (n4 == 0) fail("mpi_set_ui failed\n"); if (_gnutls_mpi_cmp_ui(n4, 0) != 0 |